0000000002000000000000000d0000001000000012000000170000001600000015000000ffffffffffffffffffffffffffffffffffffffff01000000000000000000000000000000140000000100000000000000ffffffffffffffffffffffffffffffffffffffff010000000000000000000000000000008501000006000000010000000100000001000000040000004000000040000000fc0f", 0xa6, 0x200000}, {&(0x7f0000010b00)="000000000000000000000000000000000000000000000000000000002964039d0100030000000003000000003e", 0x2d, 0x200fe0}, {&(0x7f0000010c00)="000000000000000000000000000000000000000000000000000000060017000000010c80", 0x24, 0x2011e0}, {&(0x7f0000011600)="00000000000000000000000000000000000000000000000000000001000000004379d52700000000001000000000000002000000000000000d0000001000000012000000170000001600000015000000ffffffffffffffffffffffffffffffffffffffff01000000000000000000000000000000140000000100000000000000ffffffffffffffffffffffffffffffffffffffff010000000000000000000000000000008501000006000000010000000100000001000000040000004000000040000000fc0f", 0xc6, 0x204fe0}, {&(0x7f0000011700)="000000000000000000000000000000000000000000000000000000002964039d", 0x20, 0x205fe0}, {&(0x7f0000012100)="ed4100005cf90100535f010002000000001000000000000002", 0x19, 0x3e00000}, {&(0x7f0000012300)="00000000000000000300000003", 0xd, 0x3e00fe0}], 0x10014, &(0x7f00000015c0)=ANY=[]) syz_mount_image$afs(0x0, &(0x7f0000000600)='./file0\x00', 0x0, 0x0, &(0x7f0000000a00), 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x410081, 0x0) pwritev(r0, &(0x7f00000014c0)=[{&(0x7f0000000080)="d69f22713f08dc", 0xffffff30}], 0x1, 0x2, 0x20) syz_mount_image$gfs2(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) pipe(0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0xff67) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5029}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x3, 0x3e00, 0xffe0) mkdirat(0xffffffffffffffff, 0x0, 0x0) 10:44:18 executing program 4: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x35, 0x0, 0x4) 10:44:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:18 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSSOFTCAR(r1, 0x4b32, &(0x7f0000000000)) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000040)) 10:44:18 executing program 1: r0 = openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/raw/rawctl\x00', 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(r0, 0xac00, 0xfffffffffffffffe) 10:44:18 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x100, 0x100000000}, 0x0, 0x3ff, 0x0, 0x5, 0x8001, 0x6, 0x5}, r0, 0x0, 0xffffffffffffffff, 0x0) [ 553.138039][T12776] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 553.146496][T12776] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 553.302870][T12776] F2FS-fs (loop5): invalid crc_offset: 0 10:44:19 executing program 4: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) 10:44:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:19 executing program 1: ioctl$RAW_CHAR_CTRL_SETBIND(0xffffffffffffffff, 0xac00, 0xfffffffffffffffe) 10:44:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil}) 10:44:19 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newnexthop={0x34, 0x68, 0x3, 0x0, 0x0, {}, [@NHA_GROUP={0x1c, 0x2, [{0x1}, {0x2}, {}]}]}, 0x34}}, 0x0) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={0x0, 0x4e74}, 0x8) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) [ 554.204384][T10579] Bluetooth: hci3: command 0x0406 tx timeout 10:44:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x40000108}]}) 10:44:20 executing program 5: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000200)='ns/mnt\x00') pwritev(r0, 0x0, 0x0, 0x0, 0x0) 10:44:20 executing program 1: ioctl$RAW_CHAR_CTRL_SETBIND(0xffffffffffffffff, 0xac00, 0xfffffffffffffffe) 10:44:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:20 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc05c5340, &(0x7f00000001c0)) 10:44:20 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$VIDIOC_G_PRIORITY(0xffffffffffffffff, 0x80045643, 0x3) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:20 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x3e, 0x0, &(0x7f0000000040)) 10:44:20 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) 10:44:20 executing program 1: ioctl$RAW_CHAR_CTRL_SETBIND(0xffffffffffffffff, 0xac00, 0xfffffffffffffffe) 10:44:21 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffe}, 0x1c) r1 = socket$inet6(0xa, 0x2, 0x88) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r1, r2, 0x0, 0xa808) ioctl$vim2m_VIDIOC_TRY_FMT(r2, 0xc0cc5640, &(0x7f0000000200)={0x2, @win={{0x7, 0x7, 0x5, 0x2}, 0x9, 0x81, &(0x7f00000000c0)={{0x2, 0x7, 0x4, 0x8}, &(0x7f0000000080)={{0x2a, 0x2, 0xffff, 0xffff}, &(0x7f0000000040)={{0x1f, 0x6, 0x1ff, 0xc4}}}}, 0x8, &(0x7f0000000100)="ccb329bc3a3ea2df12f7c3da402c21c841b630ea4b633850b5fda26e24466f0f686b44f7ce148d86de3b4be424c5bb55d8f48fb9cf7e303a9ea7dc26c28f71c5ba1d5125826eb36cc05dafef0ed0c122a84c9a3af2b2ea19eb061066ce27ff3b48d6312bd0b58a634a3ca3088510e6f42d0685677f382346bb51905fbea85c93d85b72b5d874a39ef39de7fe0d6c9f32960f70e94934b5df30206a70b6e1f1898f0eed17673d978152a97db4b302da481972cc6e27c7654b442102fe6a13f5b91c2db28477", 0x3}}) munlockall() setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:21 executing program 5: socketpair(0x0, 0x40000, 0x0, 0x0) 10:44:21 executing program 4: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x3, 0x0, 0x3) 10:44:21 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0) 10:44:21 executing program 4: socketpair(0x22, 0x0, 0x1, &(0x7f0000000140)) 10:44:21 executing program 1: r0 = openat$char_raw_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(r0, 0xac00, 0xfffffffffffffffe) 10:44:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:22 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8923, &(0x7f0000000300)={'bond_slave_0\x00', @ifru_data=0x0}) 10:44:22 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = openat$proc_capi20(0xffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x8000, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000100)=[@timestamp, @mss={0x2, 0x10000}, @timestamp, @mss, @timestamp], 0x5) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) setsockopt$nfc_llcp_NFC_LLCP_RW(0xffffffffffffffff, 0x118, 0x0, &(0x7f0000000080)=0x6e4, 0x4) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r3) r4 = request_key(&(0x7f0000000140)='big_key\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)='/proc/capi/capi20\x00', 0xffffffffffffffff) keyctl$get_persistent(0x16, r3, r4) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)) 10:44:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x14, 0x0, 0x201, 0x0, 0x0, {0x9}}, 0x14}}, 0x0) 10:44:22 executing program 1: r0 = openat$char_raw_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(r0, 0xac00, 0xfffffffffffffffe) 10:44:22 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 10:44:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:22 executing program 5: r0 = socket(0x29, 0x5, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x8906, 0x0) 10:44:23 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="3400000068000300000000000000cc000000000000000000001c00020001000000000000000200003600"/53], 0x34}}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x3ff}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000200)={r2, 0x23, "3a19f319535d115dde18114947b2e38607c26110c0d5050c4e091a5158e28cbc4d3434"}, &(0x7f0000000240)=0x2b) ptrace$getregset(0x4204, 0x0, 0x3, &(0x7f0000000140)={&(0x7f0000000040)=""/245, 0xf5}) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040)='SEG6\x00') sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_HMACKEYID={0x8}]}, 0x24}}, 0x0) 10:44:23 executing program 1: r0 = openat$char_raw_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(r0, 0xac00, 0xfffffffffffffffe) 10:44:23 executing program 4: r0 = socket(0x10, 0x80002, 0x0) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, 0x12, 0x29, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x0) 10:44:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) [ 557.910273][T12903] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 557.988456][T12903] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. 10:44:23 executing program 5: r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qrtr-tun\x00', 0x109102) write$qrtrtun(r0, &(0x7f0000000580)='*', 0x1) 10:44:23 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x100, 0x0) r1 = socket$inet6(0xa, 0x2, 0x88) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r1, r2, 0x0, 0xa808) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f00000000c0)=r2, 0x1) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x400000b7}]}) 10:44:23 executing program 1: openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/raw/rawctl\x00', 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(0xffffffffffffffff, 0xac00, 0xfffffffffffffffe) 10:44:23 executing program 4: syz_open_dev$usbfs(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x80000001, 0x0) 10:44:24 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:24 executing program 5: r0 = syz_open_dev$sg(&(0x7f00000005c0)='/dev/sg#\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r0, 0x5386, &(0x7f00000006c0)) 10:44:24 executing program 1: openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/raw/rawctl\x00', 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(0xffffffffffffffff, 0xac00, 0xfffffffffffffffe) 10:44:24 executing program 2: getitimer(0x0, &(0x7f0000000440)) 10:44:24 executing program 4: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000200)='ns/mnt\x00') pwritev(r0, 0x0, 0x5e0af8e, 0x0, 0x0) 10:44:24 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f0000000040)={r0, 0x7, 0x751, 0x7}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) syz_open_dev$ptys(0xc, 0x3, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x75, &(0x7f0000000080)={r4}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={r4, 0x0, &(0x7f0000000080)}, &(0x7f0000000100)=0xc) lsetxattr$security_capability(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='security.capability\x00', &(0x7f00000001c0)=@v1={0x1000000, [{0x4, 0x8}]}, 0xc, 0x0) 10:44:24 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:25 executing program 5: prctl$PR_SET_NAME(0x27, &(0x7f0000000040)='*$\xa3}(/({\x80.-\xc4(\x00') 10:44:25 executing program 2: setrlimit(0x7, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000ed1000)={0x5, 0x7, 0x3, 0x8000000007}, 0x40) 10:44:25 executing program 1: openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/raw/rawctl\x00', 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(0xffffffffffffffff, 0xac00, 0xfffffffffffffffe) 10:44:25 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001200190d"], 0x20}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername(r2, &(0x7f0000005f00)=@can={0x1d, 0x0}, &(0x7f0000005f80)=0x80) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="bc00000010008105fc8fd8c1bf54ea0000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000500012800b000100697036746e6c00004000028008000100", @ANYRES32=r3], 0xbc}}, 0x0) recvmsg(r0, &(0x7f0000001640)={0x0, 0x0, 0x0}, 0x0) 10:44:25 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:25 executing program 0: r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc24f, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x80, 0x0, 0x1, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x3, 0x1, 0x3, 0xb6, {0x9, 0x21, 0x0, 0x1f, 0x1, {0x22, 0x6df}}, {{{0x9, 0x5, 0x81, 0x3, 0x3e7, 0x1, 0x80, 0x3f}}}}}]}}]}}, &(0x7f0000000140)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x201, 0xf9, 0x6, 0x8, 0x10, 0x1f}, 0x5, &(0x7f00000000c0)={0x5, 0xf, 0x5}, 0x1, [{0x24, &(0x7f0000000100)=@string={0x24, 0x3, "bf386f697d4a1fe046946b52fdc7841afa2a553a48ee6e8a53758430907226ff6d82"}}]}) syz_usb_ep_write(r0, 0x7, 0x3a, &(0x7f0000000180)="96a6c6af3b0820210b626a0201439834d472440cbc58e6eb18fb36ec32c66c09e7e8d3525a0399e63a8eaf013ae925ab853e81f731da5208ce53") r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x206b41, 0x0) signalfd(r0, &(0x7f00000001c0), 0x8) 10:44:25 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0x40505330, &(0x7f00000001c0)={{0xf}}) [ 560.330493][T12967] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'. [ 560.340218][T12967] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.4'. 10:44:25 executing program 1: r0 = socket(0x2, 0x1, 0x0) setsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x22, 0x0, 0x0) 10:44:26 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) [ 560.634192][ T9163] usb 1-1: new high-speed USB device number 2 using dummy_hcd 10:44:26 executing program 5: r0 = syz_io_uring_setup(0x3c91, &(0x7f0000000000), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000080)) mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x40010, r0, 0x10000000) 10:44:26 executing program 4: semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f0000000080)=""/86) 10:44:26 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000180)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x2, @pix_mp}) 10:44:26 executing program 1: r0 = socket(0x2, 0x1, 0x0) setsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x19, 0x0, 0x0) [ 560.998177][ T9163] usb 1-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 561.011345][ T9163] usb 1-1: config 1 interface 0 has no altsetting 0 [ 561.225671][ T9163] usb 1-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.40 [ 561.235034][ T9163] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 561.243118][ T9163] usb 1-1: Product: syz [ 561.247862][ T9163] usb 1-1: Manufacturer: syz [ 561.252548][ T9163] usb 1-1: SerialNumber: syz 10:44:26 executing program 4: syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000440), 0x180, &(0x7f0000000500)) 10:44:26 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) [ 561.400074][ T9163] usbip-host 1-1: 1-1 is not in match_busid table... skip! 10:44:26 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000580)='fuse\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4001}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30) read$FUSE(r0, &(0x7f0000000a80)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_WRITE(r0, &(0x7f0000000000)={0x18, 0x0, r1}, 0x18) [ 562.049983][T13004] ISOFS: Unable to identify CD-ROM format. [ 562.328794][T13004] ISOFS: Unable to identify CD-ROM format. 10:44:28 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) io_setup(0xfffffff7, &(0x7f0000000080)=0x0) io_pgetevents(r1, 0x7, 0x2, &(0x7f00000000c0)=[{}, {}], &(0x7f0000000100), &(0x7f0000000180)={&(0x7f0000000140)={[0x2, 0x2e]}, 0x8}) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000040)={0x6f, 0xa3e}) socket$isdn(0x22, 0x3, 0x21) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:28 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400), 0x24, 0x0) syz_mount_image$iso9660(0x0, &(0x7f0000000580)='./file0/file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:44:28 executing program 1: add_key$fscrypt_provisioning(&(0x7f0000000000)='fscrypt-provisioning\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff9) 10:44:28 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4040ae79, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil}) 10:44:28 executing program 4: r0 = socket(0xa, 0x5, 0x0) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0xfc00, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x3a}}}, 0x20) sendto$l2tp6(r0, &(0x7f0000000080)="de", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x20) [ 563.288290][ T9163] usb 1-1: USB disconnect, device number 2 10:44:29 executing program 1: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) mmap$fb(&(0x7f0000ffb000/0x1000)=nil, 0xfffffffffffff000, 0x0, 0x10, r0, 0x0) 10:44:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:29 executing program 4: r0 = socket(0x2, 0x1, 0x0) setsockopt$MISDN_TIME_STAMP(r0, 0x0, 0xa, 0x0, 0x0) 10:44:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:29 executing program 2: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, 0x0) inotify_init1(0x180800) 10:44:29 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x6) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:29 executing program 1: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x3c, 0x0, 0x4) 10:44:29 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xa, 0x84, 0xec2, 0x80000000000006, 0x0, 0x1}, 0x40) bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2c) 10:44:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:30 executing program 2: r0 = socket(0x1, 0x1, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x8937, &(0x7f0000000200)={'ip_vti0\x00', 0x0}) 10:44:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:30 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/seq\x00', 0x400c01) poll(&(0x7f0000000100)=[{r1}], 0x1, 0x0) r2 = pkey_alloc(0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newnexthop={0x34, 0x68, 0x3, 0x0, 0x0, {}, [@NHA_GROUP={0x1c, 0x2, [{0x1}, {0x2}, {}]}]}, 0x34}}, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000000140), &(0x7f0000000180)=0x4) pkey_free(r2) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/seq\x00', 0x1) poll(&(0x7f0000000100)=[{r4}], 0x1, 0x0) splice(r1, &(0x7f0000000040)=0x1f, r4, &(0x7f0000000080)=0x4, 0x400, 0x8) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:30 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) 10:44:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:30 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @in={0x2, 0x0, @multicast1=0xe0000008}, @ipx={0x4, 0x0, 0x0, "cacfe2dfd2c6"}, @in={0x2, 0x0, @multicast2=0xe0000008}}) 10:44:30 executing program 1: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f00000000c0)={{0x2, 0xffffffffffffffff}}) 10:44:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:31 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e20, 0x808000, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xfa}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)="5c89f0c7f356068dc5c937faccfb5a4344ec97410683cb741dcebda7255ccbc55376ce0e9fa7cc4e90409ad25f4aaeead48f9b408ed584bffd0a4d752d77605d49fa52b9c9b57bc7560947f6926b42d822c83bfe43bd14aa227354fbc50b05ff2638ec38543c04", 0x67, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x800}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) openat$rtc(0xffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x41c040, 0x0) 10:44:31 executing program 4: r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={0x0, @in={0x2, 0x0, @broadcast}, @phonet, @l2={0x1f, 0x0, @fixed}, 0xfff}) 10:44:31 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:31 executing program 2: unshare(0x20000400) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, 0x0, 0x0) 10:44:31 executing program 1: bpf$MAP_CREATE(0x9, &(0x7f0000000000)={0x0, 0x0, 0x25, 0x0, 0x0, 0x0}, 0x2c) 10:44:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:31 executing program 4: r0 = socket(0x1d, 0x2, 0x7) getsockopt$inet_mreqn(r0, 0x0, 0x0, 0x0, 0x0) 10:44:31 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback, 0x94}, 0x1c) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080)='NLBL_CALIPSO\x00') setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:31 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:32 executing program 2: socketpair(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @private2, 0x1}}) 10:44:32 executing program 1: r0 = socket(0xa, 0x5, 0x0) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0xfc00, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x3a}}}, 0x20) sendto$l2tp6(r0, &(0x7f0000000080)="9e", 0x1, 0x4000044, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x2}, 0x20) 10:44:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:32 executing program 4: r0 = socket(0x10, 0x80002, 0x6) sendmsg$nl_route_sched(r0, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002940)={&(0x7f00000001c0)=@newtaction={0x14, 0x30, 0x53b}, 0x14}}, 0x0) 10:44:32 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x52d6}, &(0x7f0000000080)=0x8) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000100)=0xfffffffffffffffe) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x75, &(0x7f0000000080)={r3}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000000c0)={r3, @in={{0x2, 0x4e24, @rand_addr=0x64010102}}}, 0x84) sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x3, 0x2, 0x401, 0x0, 0x0, {0xc}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x88}, 0x4000000) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x3, @loopback}, 0x1c) prctl$PR_CAPBSET_READ(0x17, 0x26) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000480)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000440)={&(0x7f0000001100)=ANY=[@ANYBLOB="40120000280000022bbd7000fddbdf2516000000241219803de16b810cdcf74259cc5caa96d83911edc1704ada616b49f98345bc01b01f1340a1c952b1c3b23aab3a41407e30460248e68326fe1efcd4ad337f03b473463badbe1eeb9e15fdc0f4d3bb13a9a4e647f94d49b154724295aceb9b31531e9a08c309ec37853dc0d1fbd2ec33be61699dfb7922f7f5e2f735932c6c6b049882f11779df1460829f12a2c101978c1e68296eadd881e2547dc48d269c1d568b09b92be15f3ce2cef6e48fe3ecc93f8cda494a448275d78c23c25b99180f3a6397dbd5c5014aa1baf680d1c783a3588a403e846c1077c368accc6dcb044bd3c206aa7da09ad0b2907b5c041b173be4c27b16e020b56bbc13185398426b5bbe4a7c3631ca6391ac6ede2dc0f6fec48aeda2f356aedc96a4c2fa2797a488fe9f50414db83e3702b7dfed2fb1564cb17da02606d644a79c8c1ab0c845c3f4bf94805a64f766899468240ed6f755b88d6a5aad7b216946b44091327262cbe89fd7e19abed4225fef4d14703737b69d7f6513e37313f216286b97da2ca4a10913c58fb811834d04c046b605378939595ebae6bd25e3465e93a7a85fb956a23878917db15749d4a2cd7baeca8303b2a22c3be1eea7038c404ff044a2589062864d9fce0e7d9e343815cf90505fe79635a69da95d1026b809cef35c0ef1657b0ded03714a8c552503213cb15820688a4dee6f7749c4e466ed979862bca8fc1bfe954b8daec714e4e82419c723fc1fc5688bbd856f0677ed4f5141e25e004af92d48fc052748929a87005f88ee46248083af48a4cd05370e0b432c8489307d73784366cd6a70863397c48af6dbae76a363479d6ce3a394a0d207cf2b31ca4bc62e87fd61890e0deddc083a05f98c9951e498358da9e9d15a2d38e7d6b0c007dd3624d7a550d4a6d81aaad5e70c5cac12df10a149d86d793608ecfc7f950c7904a8c4f8431f887b647363fb898072dec762abbc16377a6749fcd6214c0be39105532769fcb2ea79efbffeb15ae29dd2b25a7c2f9604d2a39dc765823b94e8e2d8adaf85b20ae0b0395acbd08ae82c5a8eeabbc584539f0a19b329be5907e42922b62f4dab5a17bac8f5d18461a1488345654217c0653aebd740823c28018794fb9b2d8c07262afcf7be16d5e43ae941887e995973c890f45f085304aa5cb04dcffe234919575d819313275a68694bac945399f9d28a7d88d9cbd92fe6b5252bacd52eab2e195182c160c80694b51e6d3e1cdd6394054b093484819139a44acde60a23d0374588d6010b8485995351e60db37bcc73316a846e1ede9e947c8cb6110a459936b2fc7c502d5da48ae9f0b9f526110aad84b0baedc63e4b9a61610c9d9b840aab644ceb9e81b374a1b21fc70419453e926849c4a6946108c4207156e435a780efdcbbd7db2701bfe0f57aa507bcf30e195ab240698ffd04481b66ddb1d8be5d9300016a8d1c652ddfe12000cc4ef1103c525da4fb18e61526b932ab0a920411253e046e23ec10128d88e81dc9a138d7ea184de206c6b273e3d69f644e76820ba4ff1db5f78045045ccbc43b9bbd6e9b93dd3cc46e2bab8916116567aa299f27a7999e6270fde5a053e2d4eb933792b31a34903fd113a2aa6495ff189b8718e38bdc97e59134e40a807fc9cb509553c89d3d7c96e24438080ecad1c45e51194936e3b81e1b32a8d47a43f3301a58a7b27cda469d4e57fd88d65434b6e77c237293bb919e97f600444526fab3f036d112b39435a618d769892461b9fcfd29f0eb8e660e22df5069491420cd8435f4d7f1585d56f1dfc7238055ec6f7f4eccb4372da1d517b3cc8b8784bafa2d405d94d5950e674b66633eb239c3722653f4b8edc326cc4c63f9c941f7c38ce40586c29b16f8e2a136896e4ba6756bc1cb7926eae1cbc9873cd1963c5b10302e4e093b065e43093768213e9e0b41f5e6f1cb0b1af6ab9805b93faf0c2b5f94aacced40608ce28476a3f33a0ea2da77d086c1c49ada443187fde8e886e54dd6889735e08cab1bd1f6eee4398e6630cd99ca74df6c20fbbe10aa099ea1725a766518f84becd3b46c916af5628e89a06e9f054803d6cbcd5c07fe175e913ef5c273d2c5e0b878dec4c62319883ae890f4e1be140609583c6b37b29c5c03dd7547c7b078f5641df9eb7d40bdeffec6a1d7de8f7b8d0da355daa61e3d6cae6a45a564a55fd661bcde5cc3ddf21825e8e6c797c9c5674039e2f906cc19d8df64588a763f99324b570deb72e1c5028e61691a701aac06b277d1cfbdc937484f41211b737dbe874044940b32173ad6de58c1eee2070d67cf0760ad9754ce4e1e7f2c41c135e3db486c534f931ea055d5c65d0a9e3dd1ff669e9051a862b305c7978bf74172bf98afb32827384db05bcc5c84b225fe1940858bc9d1c97733e8955a2b6c6956381073495cbf2d3b5593b5b2d7c1218fb71ff3857217dd8f4f96b5715e8b02d798fb1e0b5c0c2d1aa0c1c2263e0d5dfaeba86c9410c455fb072308b9b25b457711dca446d5d34d7beaa56bcdae39a618cac12b48d59707b0e9916a41b9d2f136372d09e7e9f228fe1cc642029ffb8de1c9d2691d4e7cf3bade365e4ce39ab7cd9bd71bd46f8812dd35a3fc411e55879f3085c0b2642fcac34b0e16af2fee4f64f29e5f10cdc2af85edb89d3bb0a0693f32f6b4e11aabbfffa2c15a9953ef2e3f9be2fddd6fab14fb928087e1f25295b5eed09f6e39a0b38ce7e14c9952420f24006c155e81328731d1ffab3d024cc2ba98a9797a7caf640ae3edb6dc8db3002f3a209fc895003aeab6d2f4d64f125d346252061ee262796ceb62be1546828e0fcf17abd50ae8bad0ca5e388fe82f11c39c33d6633ce30a150326a710fdc7a593db7754886607b23934968939874b25ba577efd9f05e67d571a8b17c54414519e63b695dfb46701fc12771b0ab059d837c512cd52c2814b48e1159f0c42181fee41c458ccd4a4305740a63baf3a38807288e506009494a2b99de17087b34ad4b8870d7dcbf1ff41b5ea74e1edf19b23e3e11546c91594b2923ede88b117c8aa4060ebb9f3a7db1cdfd675782dd372e4e06b68922fe83a90185aac81788e7543b6b3c35dbc2bb2e3e62e3ffbbf7a2040cc5875ca8141d9ee0e86afc69ee0c24578ca70ba0e960928ff762c550839d452201810484010aabf5a6e758019c1c0291c1fe5c05f0e36b53c26b24b6ed591f5c48729a1d05b4be6fe8a7531ba71d0832cc222c5bfd361021d5a2f7ee622caf0b5a5f0a25dcacac7595f3221d2ead03eef8665a309be573c08f791f65193c8e97a95b2317035591856e4720c91011fd44345230db9fb2e165b0c3710a6304ad2d249863b6aa978ea052b8e222554a5062eac2ffdd1c1c0dc7851a59159191d8b8d8a7844b4f9fbe72ba81372fdb4349ec2de6ef6109c7fb1010e319867e875158dda18b954cbc3b08c68e953aed0cfb30336f308c2b4a8ec8bdc246fcd86a52572a403274f5a8ac2b1a8dec4e978185bf16dc2b4fc77f5ba09b945ae68603b5c9968f9b056f193e697ab8a27e789c1b54473adc63611af19f8fa220267fa0e5a7c5f2f0ac0cb2395376faee41c6d80cff8104ae43a7ad5c663adef7f15a828ac11dfc351ffe07229981e941935b816a13fc7022405b0d1e9a9bcd89f0d35a8e5847114747320692c46f1b161c000000000aaa775cda30bbc5539ef8710b8a930d10aebb6e9304fb67c62bf70453dba83591d6f4092e8a618efeca8e53db16c6a4a43fece618757a091df52a2a4d134273ce762b37fc2f3d32b1c9952cfaab96b63d5acc1b891e7c79216ae3eda800863565133e58df9fc1bf132a3988ee751423ce83df39c5657628a6c4dab23175b5eac8021ce194f9c40ad258accb6849bfb3d06b48bca902a88f8e742f7c6300a7bbd8422ec57310d73bd0d24b8fa5a6da221ad05dcae70385c73a57c9a91dd3ec40d3fbdeb3573af0ac3766b6d5e3dae4d286edacb251369e34c12738d5fd7eda0778199d2e80908729fc5739d53090a37b9500f4334af6f2b581f3cf161cd5ec5046a317483a9d6a653f93c203752a490e0fb4b78d1198a0a47ca6baaf9e03cd5f3f4d0aa8a4a336d10ace0a5920f2d6f284ac0cd0b5daf0077220d7bcf0def5bf1afe6078cb9c45f9722d6a4356cbaafbdee18d3e9d8db49b79d292a54ef7ffdb087e365bce7a842d4ca26546e2552daaddd8d9d8e06e301467f55c8ed33ed7fee6be60eb55d33cfb42ffea7c440a3e9e825c5d6c81537c7e8c0988780ea225dd9abfdc42849412b972a80a9e03b469856d53d76b81be299dba660d289ca0d71d814b5c791575dc33897154a213602b06911670c46c03561b3a23a54e577999fbaea22d7431bce729d92c0dbee9a3487097131efc37cefa01e2aec5b2614bf4faa67164654e3c967267a21a4ec6f27da253474f13fa73f0d1501de598db8219da12adf85f3a7dfedb736498052218d4db4b745d08afc74cb8ca5c5165da9b06d372b6ec57ddc4659bc4fc11bb078f274cd06245a27f6e50a504884965302c58c596564e577f5953082a72539e3fd1f51079b3ecd950c9d24a5933a6b9229a8acf71c1e2085351ed3edee6592795a9e37c2ec3a48960cfdc4ae07d2a278f968dfd04bd84498bbe863e48113673239558633866db5550f11d44145695b29e89f9ce98abbcb70b436d4cc7e3feeb9da0c49591608521ee8b9e730854338617c95af308be0815ce200e3863d6ef1d88172d6a66e76ed676ea3c75adf89860cf816f10b2b5e8921d0efadad42e3e7b594b6e0fcaf44c4b78c403c0da314b2822a34351ae220aa64efb10284806f3d963c05490b7bf605995c8b2c002ac4a95840c204cf4e892dd9936f14900042181f68e06abd466ea275ec089f78f94122e80f3ef7defe7aa704fd9c38048c69bce9f892a588a5dd36ff01ffddfbee511f191fd31345d846c818c97aaed08539cd7bbf98d1f6b8e9297d353595f5fb6a359f69b690e7a9f3c6015a6c94e784ab080f33a925cee81ec11d7404a0010dac6756b136060d17eb2a9cfd52e59e689ad8807cc24d79772749d153b67c5421472c22a75afab53f24beaf51b86d172f2c087805667dd4f561a89693aae8a31ec4efdbfbdf4c81a3339e37a9993af2da886ac252916dc649a216a4046acb540e156cb1c3058ff5b177d51b155078d43fed36e985da9e4681ee666b9a5065a5bfd455b42fdcc0342e52392067cf28bec106b2448cc7cb76013d4ca9c9338e3e7d5b692ddfb78ad1d48dc2863e542e199a9d2d9210ea632b53f0ba4f430bb23ae3e6f7740a9533cf682ad1dddfefb614456ea340a66d87ca8aa8d1c58c940654969c96772c2dcffc647d6706c48ff2e5b7171aae92dd83960c041bbde665bcdd6c1bfe0ad5c0038a33ce96b6b3a4874727468f6576023ea24ce481363a22f778d9d42c012828ba699897ad7fef27a46bb9b3c187c1df1de7ef88bbcbad166674ead2a501e0e436c9ac3afa637ff68e6ab686f728308112d2ee5888ae487ddb805b35b25262ef7bf7821512cbdad8364a93fdcf47be0c5fa5fe0495bed5fd81fe175a4fb37e340b2926034b496c7dd7a214b0add62705822faa1bbaa8c32e2a07484813ab5a7dd3f6d48a5f1d9976e1d0216411fde3c0b33a1598454fc77b61d22e4c1f57c64604454bfe55aa00468f32a9207c337a54a0afc56dc42d680befe1d9eec6e402ab3cd554b8826435a0250697afbbff5796ea166b07f3530f6308eb26d9ff2aec89bb8211b408195a1f6a49462804f69c7a49a86869ce98b590a075984660af39894717e815fc4ab1e9f37db1a74fec9afa1e7253c115e3b5851da0d5ee522a3d52c7c7dab689153741fdeb1ff2e1d9ab06b31fe86e576e6720f79c161edda85f378f29be19f586002d1c441a34b62e15af69f21fcbe66682572d5791c01f76a10c0061000800000000000000ac001200b57387256249526342fe20048fb20a653dc8441d98eb2f648764caefe68e16d40372b565b2ebb45aa03f5083bf6436a532648d8634b269f0fb66eb4e07fed5ac0f3b89ce02ff8e2bfd90cab1e78c3353abcd213d13a0614b98c3dfa26200dc9bb6e268bea32e8e32a83d7ca289536b101450b50f72cb034c240c594d303e9c0f8bd04ab2d33947ad876ca5e5e43c86061cc054d2bfb9da88dfb73d8919481e7b1969f783f0bbc8d99ce408c0e9d4cbf573707af41f69071efcb699ae91e7ed7e240a13ee671ee3a68453aa9dd9db0e404f2fa9f8a6f5184736de56cf18018acd4bd68d26c2e60a5347e156bea0b027858760fdddb8ff82d021b3394fc5b53c863219d582bfd77d5e2bbc29c846767eebf89ae01d7e7c3a41056c55b8bfc632aab60a3cbdae5eecb5d5d4e16217b36947aa8957213e68de0e17b4d93e8eb3897ffcd66dd209fffeb5d4fcb2926b33eabca75159279712f9fa388dd07fc4f5c873bdfac27994010774febf5b6a1c7e57e97d55ad0910abefa9ab32561995010dc8750492b43f036eac7117642c7f101f9767afb8774d7ed4ab0800220009000000"], 0x1240}, 0x1, 0x0, 0x0, 0x10}, 0x4000880) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000068000300000000000000000000000000000000001c0002000100000000000000a14c95f3ac03000000540000000000005d640cf1f6d9d9e0048e0382768e4e7d123d743f8a756c4f61a37852041a231effbc037ea79f42d03d9ea6b73efaf09aa0708a710b7d0b7fc44b9b844961cb0b206927bb90ebabc5de59b86e48dc1944007777faf193ee2065f4f5facb76053f24dd836ac29098720fff8e6a20bd4a6b6160b58f51d6ac04548a8c08c7a8155273f63750ad320000000000000000"], 0x34}}, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(0xffffffffffffffff, r5, 0x0, 0xa808) ioctl$DRM_IOCTL_MARK_BUFS(r5, 0x40186417, &(0x7f00000004c0)={0x9, 0x401, 0x6, 0xcaf, 0xf, 0x80000000}) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000180)=0x7, 0x4) 10:44:32 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:32 executing program 2: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x1d, &(0x7f00000000c0), 0x4) 10:44:32 executing program 1: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000400)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f00000002c0)={{}, {}, [], {}, [{0x8, 0x0, 0xee00}]}, 0x2c, 0x0) 10:44:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:33 executing program 4: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x4e, 0x0, 0x4) 10:44:33 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, [], 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x4, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2100, 0x0) 10:44:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:33 executing program 1: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x1, 0x0, 0x0, &(0x7f0000000000)) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x11, 0x0, r2, 0x1, 0x40, 0x6, @dev}, 0x14) 10:44:33 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, 0x0, 0x0) 10:44:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:34 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x7d, 0x0, &(0x7f0000000040)) 10:44:34 executing program 4: ioperm(0x0, 0x7, 0xcd) r0 = syz_io_uring_setup(0x36cf, &(0x7f0000000080), &(0x7f0000000000/0x3000)=nil, &(0x7f0000ee7000/0x3000)=nil, &(0x7f0000000180), &(0x7f0000000000)) flistxattr(r0, 0x0, 0x0) 10:44:34 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:34 executing program 0: bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback, 0x200000}, 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(0xffffffffffffffff, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:35 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f00000002c0)='/dev/video#\x00', 0x8288, 0x2) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000340)={0x0, 0x2, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "f482c247"}}) 10:44:35 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x18, &(0x7f0000000000), &(0x7f0000000080)=0x10) 10:44:35 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:35 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback, 0x40}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0x8004ae98, 0x0) 10:44:36 executing program 4: ioperm(0x0, 0x7, 0xcd) modify_ldt$write(0x1, &(0x7f0000000040), 0x10) 10:44:36 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:36 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = accept4(r0, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000180)=0x80, 0x80800) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x1ff}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000002140)=ANY=[@ANYRES32=r3, @ANYBLOB="09000010012ce57976ce190cc82b313bae05dcebf7eda2fbb363bcb334cfe061ef2a1efea81bc21891143191049cf0a537ab86a1b86616f355b62dd3950a414d29730c3e601f1d0a4481e3b79f0fb1d25eb0078391d8fdbbc882acdfb2e7b958832f3192845a43ef49e2a9ff690960b488054acea89ac7cbf2157b78d086427f3353d095b9dccc691c53a020d14c34fd9597cecc660a9117f3fe965fdcf8d43cf401296dc77c23aa713555c6229026d15ab0116fd329338c45c460b0ef74cd37e06a07f2ed4a623bb7d2f8c267d75227b965327c4636bfaef026d8543892c765d2d55893248638b5974adc602464e6e736b6b69930c74907306b5930ff9dcf573a8e09baf248c68130448522cd799170e8143e983033c589fabd5edfc5869dd5543e5a76d528b05335574a914b9e7b0286164becfa6eef5a0cf42f2944202a08fe337a4cd2adde2ca99098b76203c5fdb9e699d44e33b3327c168d79bf9841ffda3ea374357dd046467ebcd7508ae5117c96c11ba95041c891fd3d8733dd6b545d8590803aeb7164acf9284bdda8387252ff91de38d982a37f39e27198b5159c14fd09cc231ad88ef045de04bc518b9ca43f89bd13eca88e026a16090ee35f799755a55de37402f2c47548818cb7e7b92892d3a5b29847680e2d22f5f6a8e3570243016edde384659c7ae16cfa92946c13587bcc341188418d9c78654da267751627983819a2b3c0956b3f6da7dd10ff4662b19a88c89307d08fabb31a7d75ddb6d52cb2c15ee2a58950ae30ce239573342785546c9558cf2bdd1c123eed6a638ae98e825533c8df114cc759558d9d9603afdb0ee1cd5bc64c3c945a4b7bc4d6600f439b0133ad2a01952356a4f0d4f004b7299a61d87883aa0331f1a630ecd43b9b9569376c68d3ddc28f42232383a2ffe42649e651dfc71ad9cdbd561ef662e65e3df2fd56e3c62462f181814a87734c1c819aa521d6a1109d2491eb75a90ecbd5d10d1857dcf270ab6a7f136e98e87fe1244ef8aa40f40740ed1908cf361b0cf8288d827f0263bbaf4df3412ba679eed11067786efb776332d9bd65cecf886e3dc6434858bcf977e3639bf57373c12528976c624d2ff985f61c2fe27515f1694d549fe5eb034adac851128b6da52f42e95173e9810dd2cc61a5e7c3958968488dbaaadaa405001a073d407724d5a01a4083bf499e3bf84b6a7cc6f724e4d7250d69ce56a84e8c0ad15e62d3dcebaceb9ea873cec7bda7e75f74e8dd42c5282f5f2dffc3122caddbf4947c90223272eb868790d827c675c80decd3624e2c81d57a31f8f6c47d8857b29130c11b1caf4980338c25b1885fddb2dbb01ac34961b2f090b61775681c1fcd74751bd08626a58cf17a5d59206defad339d5d7ec3f56d10615e3a6a0fecee308bcac14041891a9ed760660423819d9e21e6a857c7bb77f79e338251fdebbd4236950ff16a73c7f7fada30f0e6be638dec717e54ed0a17cb857ae16440f46ece78a8e6ca2e3d833cf207382c531277fcbe48bb6ec4a87343572f566de6a94caece9f7a57029cc1c45aefbb62e6d78c936c8ae2de99ecc8b2789c61fc5fd0648ad823a308242a39d7a7f296eab01f1bb68579df49baa28217516ad2b06c46f89690430b73b5fa50b5b399951be2578bf707d26afa85bc5c7908ddc3a006d7c18f674160ffe42f31b18813c5528acac5eb0cdcab86f17cbe8c1b34c0d2db89f5000980a0eeb34e18dc8af28f8ff8121f50be1ba507a5c1c13bf628e7c62dfd307fef57c1e021c2da935947b0193129c6bbeee2e9b8a328e85890d5b74aca47e38e20a2302fca14d7f891435558f20e88e2d3220bb9003649990412320ce35769ce0d00e0163d6ceb3b197d25215847345ce780781de53b35abc974873a900fc1c5ef007362e8b27983abd09d52e54adb266c346d4adf70d98808a247775c5dbbf02e61fd56a0bf145f1fdaea90f5e5c781baba98b9f98d778d768ddd99358ae86dc910e68479fc8bd48b3aebdf8338a89d7d53d895dcfe880a5f8e3edf0bfc5fc8377ef73f9b9ffcdf38527bfe9951423e565e6645d70a3c9b7fdfbb14df949b234de0b99733dd1b6600eafb7d7ac2e96ae8e6c26617e2ad45db4e05bb3dd407b3cc4f3dd77a904849cbce4fad3bf60b1c5252a5ed62f63d0b8c500b2ea188dc57ebaffd0567eca91be4b68640aaa7f9bf3e3a667a917d0468afa9b9be7411dbfd57eef292e0a5c23a14626c5279d3059d6b6b7ea30caa7d4d9a54e7340d4678c027a9c1baa600d90d0c3078aabb2daee2ac98573a1d5faa17b72d219a3da28c11bc7b25d7bda767d46238932d35c0eba761adb6eb60b78a99da003f2a8564b34029a185c7f67cca6a95aeba30abac86a6b6847faa2cec40e303e1a8d288d0e7763cf8aadb329dc2e2f91af124b79890cc531a5c912c6452757c9a4edbcffedc1a61fa668a6f10e1e48d15c96b33fb4b219d2d297339b5f56dd0d39b68c3735879adf4597861679760df7169e713c8cb0e863749c294d60a50278e6f5685fd86725db3518a1d93a8c51e51a296f86774e9339736ef822579c450a58961ca9fa7033fdf291ac8a9598f5b3e39b2d093619a18fcf69854a2e1b963fb289950aa52f4f42c4ba066e63ed6954a6d185ed30266a2106165e28f596ae2c47a42f19fbcce85ddc8224ef5573c5b0d8514a8c6845f33c834250d07406be6944477859f8ef9a742c4f3574cf2a417ff229772b9c09ac0a2be6b022c2894de1ce94a406d7276a629e7675da570ecb3a1348d1c64f653aba942894c0c26ca8541924d827288be2d5071fc5041c37150662b44c0967f97d5fab35f18e79e58726aaffef61b69143284b1a270c58a80a7bcb21ea16b10d6cc86893577e972f7ee1e5175e47291038d7d77e56291b542a3a28d09a8c73bdcd0c4f828945a2f27a4d966822b948bc2c9ed2e69cc9e8c7aaf4b220424b30990e9024641fd76ef35dd60f97686d8472ee956d470289cebac88b3a864905bc6a5479a19ad97a3f2ca26a0790fa13a2bed16a016c8528baa3e20680524eaeb5efa09eb57599f535d06e514cbfa2584c3db4e265a14cbd04154ce52e7be4a8a3df96426e6d19ed49a8df8fe342fdeea7ae743825c656bdb3935c457c6a578ee4f1e0ffe6404c707bd2719d43c712fa976b3ced1800030b3e08803196fc80d6d1aea6be43bd2b4dadb9e729091b0a973d6a9385bc1a9dce25233072c9b5bab7cc21f99b12fde8fb1a88d62508e3bee88e24ccf7661bbd33acc6c11e043080e743ee41eea0ea349b40731dcf27e5c0785e29dd6364e6839763fbd3c6e45997d76b528eff361681fc10b5d4d4ab4e6777d2db785437ba7a894d6cfa647480c3f51e7cd663318684632ed123bf70a2d6116cd2358982437413f69101bc937717615235e844c8f99eecc50fae3aacacfc492ee9eda33052003f9e3b9451ec79c8d871fdcd744beaeb6ac8aa54ff6ec38689c7f3125afc64db7dcab2fd865179203e0511df8a4e73ef4c5461bfa3f9ab84434bdd5fbd720b3f91f4418349fe8e437b408aa7b03f78e07711fc61d4790f4679c67c22d30d8931ea77ef29e9527036a690e974bf6c6c4d60576304ff076dcc81df3684880198c83ff9d5b2f96ddaba0e5dc8ef51100adc7fa0552ada42dc57b97336c358fe65fe50d26579807363ff3861cb7978a966650d7ceb127eb6c3bb4e68ae8aca195d12da941b21a006955528754f93d0e79f3911a8bc5edf7bd2d7ed154744bdd187bf9fc7590b5c800b2f59cf29ee851c1b99171660de9824b620601d8ed4cb3b65b377b46ff4605aeef83ce23d8a120740296f22ec01a3e954d74d4b60932abb5e74aa2591258f85b7c942e41c6cc3f5dff0faaa6d1d05174b8cd2ece68bd0e6d3aca9f036684ff6484a4a32ec6c05331bf065726292dff990e69fb8f57d0d518c25e49c5ed190505da7ea495cbe913017768b93476f1d2c406eee451521aa75c32a00f3b3b871695eecb183c0266ad85e1944126b7306b070d541698aa5f76123161a883086b1c6c3b3396819f5071619b39c0ab99e729b8e0b3ca2f551259347248a20bd6ddc34718b87605239adc7f2583d537a302a93c57dd35d423709eca4c2d5d869da53000cba2bdb5735e5981622f002d528234240838d739c9d436b9fb2fd12ea37b2f1bc9d9bb29c7e0ad1bd51c42d8944afbec256db085a81b1dc71c976dc1d408624bd59f5ba21c3c4b14fb1a38b5940a6225bc9362529a5ff1779f9d5abac29a07c3eacef18d52b54ca85b061a9ae6104ece2816934208f9c67434b9e9106b48f49b279688d7679b8f83cf6fe8ee15e4053d6e77fdd6bb7bb060b95314e80cdc0865c8e63f0149f702e550f7e62b357a21ceda2288ed38da87607e00d85a5b56194f3fc15dc014ae570519a2816ea04ffc10d4d79a59aecf29058042b8b2492e0f2c2249c1617b4cd91e0a78bfd25bc6539f0f36abdf4ea4b369022420316639e054dc3dbac3ca35714c924732af3441d3f67c62d529eb0245b9666f5658c55ab973188e558fd1536b9d09d3fe82568ee86ad0af63a4d668767f487f5df5f394b3503eadc1a9c2b7941058372332afccc590c9a6f4cfedfa55c60df890c86b5d0b151b5985003aeb20aa09100367a444e66ac9eca6deda066ba7dfd64c1ae1ebbe3d51f63a6be4296ec90a27e7aa2aa9de4210fc4c9109135177ce72c9fb460d3f82d19cb9c3a3fbd80e5163fae5b85e50c132f7b4a8be58643cb0f0fa4caf34dea6727d514fae8c0c4667d62602875af028b93a50b491eac71a6462676e88a655d78e796d6642c2d1a06e39762fa31cf3151a079a137c22a80bbe1ab3fa5a715b426b2773ae46fb2995fe444ad861d141eda9f2d664234147a2ae3bca3b1b50ae0e2912e4757a5c63e0f3261bef40ef129926e2beaaa12b87dde6abded46019d6012247b5873eb3e79b021eb601f89cd00b2e7382e51a6182e13eb6bec1d8e0cc9132875c672e477bb7f60e25e24b9f81134df2934fd571a51cdada3ea6e3d360af4385156ebf872140c321afe164dcd8e4aa017ce28701f08b6177e9bcb28df4b3e16b9e69ce54274d9106275d05a933fc1534ef5322947278abab1dbd80c0213b902385075d0b00bf42cb8ae05dfe0207bd05c05a49750040ff51e7914b7cf617be4212b850216d96894c517d538ee3c34e8b4f29e1f2228af48221830bac81bcfc5a08e40a7e08f902a445e8757c3f3664f315ab89cd5ca895d69ea52f7b2180ae06b3ea137a4660442faa6a8b186082e6c46b9345a462e423abd9651e4f1b34e3e8443af67b499255a57e399bb4b9e537ce26042cf21ceac0234f1c3ad8f1ac48e8374c1a8bae14287165f203abd648f408b048697300e2274c66eb3c051399a2a38165a3400eaeefd95d9435cc3d305fa729ecd736066ac02116a375182c16926cab3e991c1249c285aa9988781dbe5ad53b8b63231a354521cf93ba10be4e559b34293f433e7c88af13c102672aea2737025f0dc8b2df968fe56bcc1c3c54fef771a483b73f0a68e7fc123b29be07130ad41bcba1983c085348988a9210b560084ff325ba0073eeef68dae15b6db3b3b003c73c6fbbb8e9fdf0f41c5423b2b3b643c3389514c37ebcd926001fa3dabbffba44d4da94aac3ac9d3210e0efeffb532aae551644d01d9adb7c811165363b7efcc05c9f8607ac09a0d9aaf7f6240daa7c6d0055871a2f0bfbb1ee7bc69a9f1e4d5b8d612d5c4ff3ac8143b1ba005bd87e2aa5cd54f309433ca6da4e9e25bab22b71475072132e6a3df51ea63e5f60eae3ac19fc50c7ec4972a01f6dbf55096636fcd8ca8ef9499767f890aebd1c"], 0x1008) ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000240)={'veth1_to_batadv\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000068000300000000000000000000000000000000001c0002000100ef00000000000200"/52], 0x34}}, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000080)={'mangle\x00', 0x4, [{}, {}, {}, {}]}, 0x64) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000980)={0x20, r5, 0x7, 0x0, 0x0, {0xb}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}}, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f00000008c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000880)={&(0x7f0000001100)={0x524, r5, 0x100, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x174, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_NODE_ID={0xc9, 0x3, "8352897f24d648b8ca87ac837aa9829900a72b40c8a10d6bdf7cc1470c976940e13b4514cd25b254d6ef3b2ea5dbdd218369920d306fe2e20268d5f196dbb7cce5b13efb206b4e589a0dcff7301b546b7bce7a1a925c1c90d3fe18a13c7036a9aa1996856a4dbae3cd85952a7148b230200f39c3101a849132a83b2eb0b8708411fd4874208bd3fb2027c52eecbd8cc081f1cf1ef72406e177ea21d0c7fc077d0993ef1b95c76fcce7d6d002cbcc75799212f7805e16c7daadd0656f6a028aa0b839abfdde"}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "3d3fb873485f38dbd8917ad9e8d3e65134589acadeb30d3cd2faac46f7dfdddd9f78"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "13a543782d78d92622b4808c0b52e289b7fc3fc529"}}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x40}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x200}]}, @TIPC_NLA_BEARER={0xb8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'vlan0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3f}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x6, @private2={0xfc, 0x2, [], 0x1}, 0x6}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x3d9, @mcast2, 0x800}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7, @remote, 0x8000}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0x64010102}}}}]}, @TIPC_NLA_LINK={0xb4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffff9d}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9c9e}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}]}]}, @TIPC_NLA_BEARER={0x60, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @private=0xa010100}}, {0x14, 0x2, @in={0x2, 0x4e24, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ip6gre0\x00'}}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x401}]}, @TIPC_NLA_SOCK={0x50, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2f}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xffffffff}]}, @TIPC_NLA_NODE={0x13c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8c}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_KEY={0x46, 0x4, {'gcm(aes)\x00', 0x1e, "60846b6f2ed1eaabca274c5a7c311f3d483af50f38b7842f0e31180b99bc"}}, @TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "926f0e904081d0d892ceb8be8e678e19692a6458a10dea"}}, @TIPC_NLA_NODE_KEY={0x4b, 0x4, {'gcm(aes)\x00', 0x23, "3bbb61da46185c2460c4f27871ee56ccd99de4d718c84e88467608a7b0a96539cc0b46"}}, @TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "865a3bd4fbe8078f41bb9d86b2f97fc34393b2893d3286aa89b9"}}]}]}, 0x524}, 0x1, 0x0, 0x0, 0x42810}, 0x4) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) r6 = socket(0x10, 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000900)='net/ip6_tables_names\x00') sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newnexthop={0x34, 0x68, 0x3, 0x0, 0x0, {}, [@NHA_GROUP={0x1c, 0x2, [{0x1}, {0x2}, {}]}]}, 0x34}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'}) 10:44:36 executing program 4: r0 = socket(0x29, 0x5, 0x0) bind$nfc_llcp(r0, 0x0, 0x0) 10:44:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:36 executing program 1: r0 = socket$can_j1939(0x1d, 0x2, 0x7) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) bind$can_j1939(r0, &(0x7f0000000000)={0x1d, r2, 0x0, {0x0, 0x0, 0x4}}, 0x18) 10:44:36 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x400000f1}]}) 10:44:37 executing program 4: unshare(0x4000400) syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') 10:44:37 executing program 1: r0 = openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/raw/rawctl\x00', 0x0, 0x0) ioctl$RAW_CHAR_CTRL_SETBIND(r0, 0xc0189436, 0xfffffffffffffffe) 10:44:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:37 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, 0x0) 10:44:38 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r0, &(0x7f0000000080)={0x11, 0x10, 0xfa00, {0x0}}, 0x18) 10:44:38 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x20000000, @loopback, 0x1000}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:38 executing program 1: socket(0x2, 0x0, 0x8001) 10:44:38 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, 0x0) 10:44:38 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_SET_PROPBIT(r0, 0x5451, 0x0) 10:44:39 executing program 4: r0 = fsopen(&(0x7f0000000000)='ext3\x00', 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x0, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000100)='./file0\x00', r1) 10:44:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:39 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:39 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) openat$userio(0xffffff9c, &(0x7f0000000040)='/dev/userio\x00', 0x2f4942, 0x0) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000068000300000000000000001000000000000000001c0002000100000000000c000200"/52], 0x34}}, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000080)="911708252f8e10750c6d8efc0f67f334", 0x10) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:39 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000000)={0x0, 0x80000001}, 0x8) 10:44:39 executing program 4: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @default, @netrom={'nr', 0x0}, 0x0, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, 0x0, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}) 10:44:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, 0x0) 10:44:40 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:40 executing program 1: r0 = socket$can_j1939(0x1d, 0x2, 0x7) getpeername$packet(r0, 0x0, 0x0) 10:44:40 executing program 4: openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0xe519ff5e3f16fe1b, 0x0) 10:44:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)) 10:44:40 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) r1 = openat$proc_capi20(0xffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x30d082, 0x0) ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f0000000080)={0xe6, 0x20, 0x1ff, 0x80, 0x7, 0x0, 0x22, "d6a7c0ca7b29ba846a4f93baad8737fcc8add226", "be5c0b97e977ebeb6d014bd086dcc4198cc97428"}) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) r2 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0xffffff7f, 0x80100) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r2, 0x800455d1, &(0x7f0000000100)) 10:44:41 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:41 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x2}]}}}]}, 0x3c}}, 0x0) 10:44:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:41 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x14, 0x0, &(0x7f0000000040)) 10:44:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)) 10:44:41 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f0000000040)=0x1, 0x4) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6(0xa, 0x2, 0x88) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r1, r2, 0x0, 0xa808) ioctl$RTC_EPOCH_SET(r2, 0x4004700e, 0x8001) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:41 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:41 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:42 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)) 10:44:42 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {}, [{0x2, 0x3}, {}, {}], {}, [{}, {}, {}, {}]}, 0x5c, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {}, [{}, {}, {}], {}, [{}, {}, {}, {}]}, 0x5c, 0x0) 10:44:42 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000040)={{{@in=@multicast1, @in6=@private1={0xfc, 0x1, [], 0x1}, 0x4e25, 0x0, 0x4e24, 0x7, 0xb, 0x80, 0x20, 0x73, 0x0, 0xee01}, {0x3, 0xff, 0x3, 0xffffffff00000000, 0xfffffffffffffffc, 0x1, 0xfb8e, 0x2}, {0x7, 0x1, 0x4, 0x271}, 0x800, 0x6e6bb2, 0x2, 0x1, 0x3, 0x1}, {{@in=@empty, 0x4d6, 0x3c}, 0x2, @in=@empty, 0x3507, 0x4, 0x3, 0xff, 0x9, 0x200, 0x1}}, 0xe4) modify_ldt$write2(0x11, &(0x7f00000002c0)={0xb26d, 0x20001000, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x10) r1 = openat$vcsa(0xffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0x101000, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000340)=0x3) ioctl$RTC_PLL_SET(r1, 0x401c7012, &(0x7f0000000300)={0xfff, 0x4, 0x6, 0x6, 0x2, 0x7, 0x4fa1}) getsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000180)=""/120, &(0x7f0000000200)=0x78) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) getsockopt$PNPIPE_INITSTATE(r1, 0x113, 0x4, &(0x7f0000000240), &(0x7f0000000280)=0x4) 10:44:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)) 10:44:42 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:42 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:42 executing program 1: bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0xf, 0x4, 0x0, 0x2002, 0x0, 0xffffffffffffffff, 0x0, [0x2, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) 10:44:42 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {}, [{0x2, 0x3}, {}, {}], {}, [{}, {}, {}, {}]}, 0x5c, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {}, [{}, {}, {}], {}, [{}, {}, {}, {}]}, 0x5c, 0x0) 10:44:43 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) read$FUSE(0xffffffffffffffff, &(0x7f0000001100)={0x2020, 0x0, 0x0, 0x0}, 0x2020) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0x4}}, [@filter_kind_options=@f_flower={{0xb, 0x1, 'flower\x00'}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8847}, @TCA_FLOWER_KEY_MPLS_TTL={0x5}]}}]}, 0x44}}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000003140)=@polexpire={0x1220, 0x1b, 0x300, 0x70bd2c, 0x25dfdbff, {{{@in=@empty, @in=@private=0xa010102, 0x4e23, 0xe9, 0x4e23, 0x1f, 0xa, 0x20, 0xa0, 0x6, 0x0, r2}, {0xe91, 0x5, 0x0, 0x1, 0x8, 0x101, 0xffffffffffffff81, 0xfffffffffffffff8}, {0x3ff, 0x81, 0x7, 0x41}, 0x6, 0x6e6bbd, 0x0, 0x0, 0x2, 0x1}}, [@sa={0xe0, 0x6, {{@in=@broadcast, @in6=@loopback, 0x4e23, 0x4, 0x4e23, 0x0, 0x2, 0x20, 0x20, 0x87, 0x0, 0xee01}, {@in6=@private1, 0x4d3, 0xff}, @in=@rand_addr=0x64010100, {0x5, 0x1, 0x9, 0x2, 0xffffffffffffff6c, 0xf, 0x69c, 0x2}, {0x1f, 0xff, 0x9, 0x6}, {0x0, 0x800, 0xda4}, 0x70bd25, 0x34ff, 0xa, 0x1, 0x6, 0x81}}, @algo_comp={0x1048, 0x3, {{'lzjh\x00'}, 0x8000, "5a760777977032a5e3c043fbb57896797c52d2ccb1e43492c036dd238e6c2bf84953c97141a021601389912e9dc3958f9c62d6b544a185d8b8b0acc52dd0c7b8dec5f2ba124bcdb3b01131845d50b36e8a71da24a65eb2e335d7a3945e5c24025720891a95874b66af9b220a59c6a9bf909866faa9e234c24691fe06c157fbc7d35c07b363cf27e41143100ca6755198c598a6a9b93b590159304e3bf518081342fe5ee32634ce654656db894bb2dc6688e82cdba9e4f21896331ea2ace6a928750a0423f804f557111d18399958b34501078bed58ad20ddee4de11c90039eb31389ff6328c1a5455448b7a883b25c6c5a03390979923588bba52b5a26f06b1473099c77727daec63cc92cd5c9d92905a36226b49ff946224c11497fb1f0cac5fea1952dd8ae55610285880b840cf769dfeee12f929a3e6a8637393472fe2056ee114e6b5517af0a47591692bc8f2b58cc752e33a310a4ec05a171ae66f9d561b2b748d737e18d7446df9ae20d149f269d37329c17d363c484aaf7887f553dc8bca4d2d8e249ad7d775f8a47b77e283164f9699926242291175d7e83aa405ff85170d1f24d3cb8eef3a583316c5ad594779a71ccdbcab6467b9a6d46fffa4a890a206fa69295627c546cba83e61bfc998cb1a2427460e69ad0c6b7e1d9b34919fc970ab4ef8fb7d837fc3335566028c5999e7c5cacba1b5068ee05da894d5cc51a97cd3abd68130afd94f04684445caba38f4f36f32694fcacbb9032ab4b8f73e543e2074069385e4d52b8a31c5eed2faafd3879fe2cdc9948b4cdaca68e4f37d90ed556cc21a6e771e2b75f5531d2c156b875c59a1dfa8996b6bfd41b139a85cfd4ecc5a3d5b688ad489c2726fd7252b48484fabb6b734dab2403294f380ce97a66a8733d3833774e15d9944b15e4d92b925a17796821652e2325b8177e3606f757b37be4f3d8d2a248e1dcd35daee9692c957750ff20edc69639e18d915c2cb401b50654273066e29da5c70ca9b9db21711a1988c658a80d52737cdbe2e3cff5946406129b45f7dde0d25e562a4c0fb1a240c4f0489010098637294d5e736ac4f882a2907a2062a64478518d65b3e5ae4773761faf80a93d1b379c2d2d6dd2b6a7b3483ae87ea519c5f52a8b5e91907b70303ab4614727ac2f6e48a6ba1101b8a961603aa37131e1ff5c505f02fbaa3a13184fe802aa628c9c3cdd4fc04546caf22fe74348e43752c28c89ad45183de7f5888cbfe9f8029af6c74e17f0c371f349b15da811cd76d33330873546a2ecd75b963b0d7ba2baaf884a4b936c6bd2eb7afeaf2f297369bf44b5e14742d7027b258a578c89e0dd7313f748d5a9bf61a1b203cc58de7466cd617946f62db8fa64e69dccdab8ebb411d926241c4a717580f449fd633644cf0898992afa041347c95e2d8b2a342c5c555b647d9fb5229e7f83948e01a83783b68cb7a48323f2eb0535c45d6d47c19bfd148a784bd8eebe051eed050c812bd516f89f1db729c6f98359ea28a821834e6bd1a6ceddd4778d2885251fc96c397e24e064c4a9ce80aba034050d1b56f3da1fe6dae69dbcc81642084ed5b7fb0ca7f67ce3c122ab6ce8d61a29220ed74590f3e3f537d43cb8fe80cafcc9f6f84846555299e4ac04206d6e2cc2b08a85ab162ba0e0d616847d7cfbacb1625db462149c66e79f7c662dc18b603f99cd29b209207e19d1f4e1c8a6d768eb2e2d42118d25103a1d4547fb73e626acbf38cc2c1f8bd08ac87f021632600c5adb040e303acaea6e723901249d08da0bc366859c72f22d50b1a8300a0a9f7dda117f0307cfa4373738db4d9f8ccb14fae58d2195fd1af06e4536e04fa6ecbb3c19849dada339a2dc972104b41030203876cc642a382789747aff9bf9bc8ee85ffcc4ed18602e3e2ffcf929e3292f684916685a7d42045c09b2231c3944a322d796883bb89a1e9838674b51a1775db57e6d8438a449c32e1810ef8f7d23908962630b8c7d5e56e80d809565cd336fb104b12a3d1ff575c49b3f9fbe06d816cf8cfd54fcb68c1688f03fd9112fb88f13fc9a640717eeb1d9433660c2adf8b4bb4883e2b16005ccac07c6160d1faf9b60f5aa172645ac83ed5f510e08b8efbd978454d10643ff53bc58bf0f22efed8df7486857a7c8dfc3153502dfa5d40f17078a3aedd9ee5bb7a80e97f37f33863029d5679b60e07be39c7f0ce19aaf403ecfe153c30288635f93376472eedab38d8a8717d27052bf7d60c6f8e1937a34047a1e9bac113333d0c1b36e7e13e3c31bbb748a31f14a6dbc92bbceb21bc863adc4f64abea0de33cebb008dd515083f7a688044dd49d7b5afa91083403a10a7954bbb8befb00dbb41624bd03ab689017c7bb10b858fdae930fcb7ea540df2f5b995d0ce1e63bb43d5da88440e2069a60c1cdda75348d6d673f06e8efba22771c0dee8b39571af0d6b949a66e2ccab8313dddd565b274253e8c1e4dc03cf0c9f7a9829eba2606c9bff1dd20b562e76271b80480ed97c1d6e9f33926f448d9eea9a3f5aa51cbabb6446aab4b1680c665f7057a057639fe20fd9d0790379bb250aef1b5702aaaded068c1db9c554dc0e9567ea8e1a20ef221333e95cb66788203bc0e8668c2502ab1da9ecd300fa0630830e103d84204983266021725c9e891e8241f5cdf48d38c0efa5f4ca961c51a89377a7aa846c549ef8233d01366d25bcf5fab78105e28bed11578b403188f44b40c7cdc288ef1ae83544b6dd4b6c347217eadc7775f99def09285ff9b0143837225e03ab39299ba5c0a0df8dac6147650cc9e4b265e30be3f56eab58bae09d1985273f4c6dec3abb723b84a489f560f03b0c7641e9e3d885983cf5417a41d0037b507e4a5328c256e25f9a5d72c95c078df7a77d9c0a900833f690736c8173462efd96d9bfad33a96c3d8ae1157415051b1ab8da8209c4a5afbbe1979010996bc16ae5c66f28ef5971f4eb6fc8ce0dcccb2ceb3f5f2163ef75d08ca86cd85676ae320850bd33ede26e32dfeeb2a6ce15478a994a2a5d0fa43bce6fb966dbd2104eac165c69546eb3a38b2401ac31cb92e66259fb6d87f4b7fd8c5aa2732448d84a7f81ce5475354a6b721e8422c502284fbae6696f99234db9f6f8245c5e4ff78dd35f66a866430bac9ce32eabccdc9be4e6554d6ada07ce747ca06c62c16986e074492890afbbc1929e7f2f99f4f044afd1e2ca3b1df9f5fcd58755de3f7e626cb6bd81c678bec2b694f3e0968734c6bc10214d68b6e4062cbce8df6b92330313a9d44fd1e5e1677b24651f6e0ea8e5070ce54a6f305c411400d8f0c3e21f9918f8f80e35a94b188d70a0bd9a5f1c38e55994d169d0958a588ec6f6c6f74534e74b75f919dc3ed18fa863fbedfa774010ee8cad6c77ef522918e79157bf0c2e859f2af1aeca401e7e0c4872322101dd006a0319061642743fc144ea55893f61f9d1f0741b5da908ebe6e91109fc45839832e50df3572152f457451f7e28f585375ff86a89b81d49aeda6954c3e57dd13983a153f4e12632b0a1677a4bfd746f138c90dab9bf78fff2b17dd7da877e5e8097f64e0a1b9dcd181ddfb0b78d3f310c7c936bba56062e3ab3b2d3c112b2964c492e337a6468c8ea158da4f4cfbf5625c0bb5b76035ca4a60b499440b2f83fccf85c3a33ddc8d7d6277c1fff0c272e0c47585336a9ebcf7d98a561e623d25aa58f3ae2f10e2fe35483b21aff6b63988964a3e7f92b2777e9f3eb39c022fed22b8fc91204aae472c8201bcf7c6140a53ea7c84c5aa0205b90b3f9fd056cc427483d79acfa7370efda5fa3d883cb8cc248e5307342f66fb4692b300db963550a8ee41050957e4d1fd8788f55ea6072f3b6a182a341e13a8f85d345f7c54c3d3d10d1aa23c8995c58181d93cf3096f6cb7d4fe00aa86295cabdd5a213ac17905bd16d87fe61ae77768c4d53f0fc2360c8de02664ac44066083f36a10176bab68fecf2e60304dea3c02532d70e32100a4069abb0d799be6f1564ce443970d16aa33d7a0d26357ed2d0214678ac56aa38d8b41620ece9ef9e5a7655561513f050d6ffef129471309fe8a405ed84a164853f116310005bb0d0e578486349a2343120a8abb10b9ede315333d1d257ccf426127c00df9af7e51160962d3f8ade254647b124f1377cb7e2345c68a4bddf2406dd20414caf56458bfd607a1d3e38a004711bdcb79944d781c8432f22f604fe983d5603de2a2cd450dcc73b747d4f61a183e1434eef1a303363a86d659cb7d27ac3dc3ac259ee08b7da656090c6f03273f7358169e720ebd7d58b02c0f89deb78892cc2e1a35c0bb6625d755e5ded41a7f9fbc4105aa2e5925a5f84561f296b3feeefe45c70bb2127529a8f869bf4afe244c30bffa4b9c0f020b6cc489037e4417e2fce55c7e5ae7ec5829e1e5334d408b970ab642b0886bcb67755060ea353215c53935accea775fd99b56d8af9753fbd28840978b65c378bafb06ec5818618b57e06406280ffa83d85f7d661209c433f20ad83a1277bfbde788134c3f960654528e0a7728e167865fcd01ca8ae0b17fab6c5a233ebd8629df8113941da99c388dd5bfc4b1c56b4e6bbb2f69e21902d1c3cc1f15e2d4114618fce30bf1de9006df2aa98fa98f3a8cc417a26a6a097cfac30156e7bccc5ef8923a093913927df4bbdd66f5abdd909f4100bc107a5bf2f6066e3d137622aa2a8edbedcb49be5f345d9a7d67513bdc75182ea57c1b6c67a94fbf9a082509187a40702e5eb731ea7b6093a316a8074e8baef658e0f5a7c73f12ebb7cdb6765c240a12d58f1a77959de7bbd6f6296b6f8ffbed19577cc85ae20d4f3a965eaa8e37840b73640bbfa193657e38183149d4d9dc8840405c2a8304c8d2ee8b3ca6e1caa41fd82abcbc429de8082bc52402151a333ddf29602fe7dc5442a09ee85880502a65bb856cef66f1910f7d5b7eee8d6ba227e55d3651dbbce13887ca628ff7be823d8d8635d63f154dc4abb90dc8e572dc463c6ee91724d7b8031ce10b60716fe82cbc5f498f0f5a1a044d053e02575c590c584771b396ef109794003a825f58e27122b21478f32f4c094c673f4a7286f2ca4f6a1baa5fe316a1e96d81826f3f1d85944133ede72b868a82f3f62dc1f3e0a000f44fe9a5e2b1e2fd8b3693df2316b0b6517de020506cd5cc5b2ac12cbf827f71337c5b1e8f98abcb31980ffec9ee80433981e80848d2f2acaa5280d2e0d214920f59bba2e557707dddd1f23af58fa9d1d077406b01349727b670ea24a74c423d2b5e91c5fb0d936d56ceabbecc928943edccb4514430e79c6d8960b75aec813e6a1cc0ea397ad2a709c042664867a9133d7597dc329d463fafda5c12cf1dffa3a08ffa0a321f25ffbe31cc85cdfaf0927b05ef6b7765c27b44c273e7d13ceaf74640fb0fbbc675288cc2c42c37dd6ca176f10dec24c5cf5b45c5a5d0cb1411da05cc174ab7fc6b1f2f3b51918b83d5d54148abb13f0ebf3093fcbc0e3457bfeffe4bb0e8ab2cdc723fbf5426532de9d91487cdde60bf18d8a869c7322024d2c030ac6fd726bfa9e8427ed4ebbb9a6f4bbaf2dc907b2916131d6d748416f893fc5ea5e89158086cfad1b36afa125100724a4144360279fb8625e51f7de8ebe889c6783e807eedec64dd2ccc0f2fb922d257a2f42eacb7e48997c23d3abab9abe0bfb527975f946a7efb1718983c665fe6492abe5450b7b2ead853951c43d0a7e97067f99ca5048bd17b56bc27b7eef529605dd297f33b4beb23c046e7b90ad919f3abedccbfb906"}}, @policy_type={0xa, 0x10, {0x1}}, @replay_thresh={0x8, 0xb, 0xff}, @extra_flags={0x8, 0x18, 0x7}, @offload={0xc, 0x1c, {r5, 0x1}}, @etimer_thresh={0x8, 0xc, 0x9}, @tfcpad={0x8}, @XFRMA_SET_MARK={0x8, 0x1d, 0x9}]}, 0x1220}, 0x1, 0x0, 0x0, 0x90}, 0x8c0) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:43 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:43 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) [ 577.999639][T13432] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 10:44:43 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x8980, &(0x7f0000000000)={@remote={[], 0x1}, 0x0, 'lo\x00'}) [ 578.203693][T13432] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 10:44:43 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {}, [{0x2, 0x3}, {}, {}], {}, [{}, {}, {}, {}]}, 0x5c, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {}, [{}, {}, {}], {}, [{}, {}, {}, {}]}, 0x5c, 0x0) 10:44:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:44 executing program 1: bpf$MAP_CREATE(0x21, 0x0, 0x0) 10:44:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:44 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0xb, &(0x7f0000000000), &(0x7f0000000080)=0x10) 10:44:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:45 executing program 1: r0 = timerfd_create(0x7, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000100)={{}, {0x77359400}}, 0x0) 10:44:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:45 executing program 4: r0 = socket(0xa, 0x2, 0x0) bind$l2tp(r0, 0x0, 0x1700) [ 579.794021][ T26] Bluetooth: hci4: command 0x0406 tx timeout 10:44:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:45 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000080)}) bpf$MAP_CREATE(0x0, &(0x7f0000000040), 0x8e) 10:44:45 executing program 1: r0 = timerfd_create(0x7, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000100)={{}, {0x77359400}}, 0x0) 10:44:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:45 executing program 4: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x5, 0x0, 0x3) 10:44:46 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:46 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc9bf8c118a549f77, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 10:44:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:46 executing program 1: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x0, 0x0) perf_event_open$cgroup(0x0, r0, 0x8, 0xffffffffffffffff, 0x9) 10:44:46 executing program 4: bpf$MAP_CREATE(0x15, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) 10:44:46 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) r1 = syz_mount_image$afs(&(0x7f0000000040)='afs\x00', &(0x7f0000000080)='./file0\x00', 0x5, 0x6, &(0x7f0000000440)=[{&(0x7f00000000c0)="53f261a7d0c03ba0d54ec3939a43e877539ddfab091036c373b9e303f99ee011bbc3ac7b1b8ad35ac89d127dac771693c2b849a37772ad4b1f3346edac", 0x3d, 0x8}, {&(0x7f0000000100)="4e83e67081d5fed5c0868de67e6959e6efdf0f06f4819c999b40b889c38fb56cc62f711c43a13d367709ecb239366fabc3ba58e7b1c776d856c759cfb3d8d5785b03c61440f0a95ede56123a082dfd599e3f79d41847edb0f7fb5b16b07885357040491541f23d4b55a3ed60b2706a883740a9a122accc779baadf66cd51109831a2b63ba9617b2f0c54978cf04e", 0x8e, 0xfffffff7}, {&(0x7f00000001c0), 0x0, 0x400}, {&(0x7f0000000200)="818f6d471c7fd03d07428b175233e7f5de2edf22f644bc30b5019567cc900b8f08ed4962c3b24362ba72152fa5dfaff883b0947b19605914141d28c101049c583e6dc117a2e0069c7b19b06abfdce9c3b87d0a527f8d3676595c3cb9a21282ebe9a0b3f9af529bf10e7cabdd0a2fcd2407798dd11907f2415e4e809537ba8624ec0afeed298d8550774fd7cd10076b6c3702fb2362c47935e15ff28840caf58d0d63f263605690960b580d34b0624a594f7c021b206a90c440907ccf470651ee8b", 0xc1, 0x20}, {&(0x7f0000000300)="16a38dbae61f286f1a9b7fa9007a9787ecca25", 0x13, 0x2}, {&(0x7f0000000340)="ef26a79653854c9414e3279991317c47edc039e268cda41ae769f867f920910d8ad0c7e520709dfb55290913d139466602d55d005461ec510e3659ff4577fa631e38cff33ea83f1491e30969cc3ca351d2668425c99bbdd2bde175dd44d958bdad341dcbebdfe17e205f53b9b51c6dd12b93723c7681cfe5234951cc30048af69af463e789ee040020965fcff5a56996d6e60b79868a23e831fd9174f4c7b42da667ca85dca137f7e8d499322efc40c161e3708949152fe889d3b3e787c2d656ecffd6f7e2", 0xc5, 0xeb5}], 0x2000001, &(0x7f00000004c0)=ANY=[@ANYBLOB='dyn,autocell,flock=striappraise,\x00']) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = dup3(r3, r4, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000680)={0x0, 0x5, 0x30, 0x7, 0x7fffffff}, &(0x7f00000006c0)=0x18) r7 = dup2(r2, r5) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81e8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r3, 0x5000943f, &(0x7f0000002400)={{r7}, r8, 0x10, @unused=[0x9, 0xfffffffffffff1ff, 0x8, 0x1], @subvolid=0x80000000}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c09425, &(0x7f0000000500)={"1c432cb0a699b6868b718a50ec143c91", 0x0, 0x0, {0x7, 0x80000000}, {0x10000, 0x9}, 0x1, [0x0, 0x400, 0x400, 0x1, 0x4, 0x7fff, 0x1, 0x69, 0x1, 0x1, 0x401, 0x3f, 0x7, 0xa1d, 0x6, 0x2]}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c09425, &(0x7f00000005c0)={"634db15f37dd6be282512895cba804cc", r8, r9, {0x2, 0x7}, {0x101, 0x10000}, 0x400, [0x10001, 0x1000, 0x9, 0xf68, 0x8, 0x1, 0x0, 0xe26, 0x1, 0x5afeae52, 0x5, 0x6, 0x3, 0x8, 0x1, 0x1]}) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:46 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:47 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x12, &(0x7f0000000000), &(0x7f0000000080)=0x10) 10:44:47 executing program 1: r0 = socket(0x10, 0x80002, 0x4) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x140f, 0x29}, 0x10}}, 0x0) 10:44:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4000009f}]}) 10:44:47 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newnexthop={0x34, 0x68, 0x3, 0x0, 0x0, {}, [@NHA_GROUP={0x1c, 0x2, [{0x1}, {0x2}, {}]}]}, 0x34}}, 0x0) ioctl$SIOCAX25GETINFOOLD(r1, 0x89e9, &(0x7f00000000c0)) r2 = socket$isdn(0x22, 0x3, 0x2) getsockopt$IP_SET_OP_GET_BYNAME(r2, 0x1, 0x53, &(0x7f0000000040)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000080)=0x28) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:47 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:47 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) [ 582.243550][T13536] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=5135 sclass=netlink_tcpdiag_socket pid=13536 comm=syz-executor.1 10:44:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x345}]}) 10:44:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4d0, 0x0, 0x400000000000000}]}) 10:44:48 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f00000036c0)={0x1328, 0x0, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x119c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "f8010aef03d52fe49639a3cb769fd3a2817cc319a668bd27100b1bd1a4"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ID={0xe1, 0x3, "910be3e1eee2c8cc887d6606466a3875d6fa562cb3d3b0e5f790c2b4b3775bd8ec1a753b7b3f8cfd9ea2ec8300144b609d7f8a3ccd3293512c4175aa126f2de1cb775cd8d504bfd76670825417ccac1e8b498777c0e76709fcac8bacacc6ace00da5d644f8f1d093f691be6a57cada2bae895b50a74b3c556024a24245725b01a6ce5da350a94157f2e3df4e72f5cec656714bf2ef35ab0f7456052c363638f2cbe4a79eef561a06272937dbb717ad4d3aa4176bd8cd45b09f01e3bd3b8ef56c0d2e946e19756b1df0bfa26acd74be3daa1d072ca8e1a695c1a3d6e1aa"}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "3282991855f1ae0a4ea34a4b38c5a3ab5e6d55344f40b81b29cad3"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_ID={0x1004, 0x3, "b0c2a568930112c3df8b63472c340a52d3c25885a94af4396c6a47de64328a622e144dcfb88f46495b3bd7ca0a1df8d629a7f0a28ebdec4319d6adc6ea84696f24276867b58641ee9ada45dc4588e740fe9e76ce170cebbac3d4ca0c0991efb59237c603a0ff81b738b961332db78bcf282800eeee19dfd362d4ef96ab8f278a4995b445c44eb9275288f2d20d3d9eb0b891d9d3ff9af09e06a73dace43a824d01bab5416f49bf561a130b25683a3840d5d8bee0e605d038992665b024b9d35218150f96e1da71afc770b86405f94d474a28d9eced9f76d4942055f5d87fef89618343fdbdc0b1d3f0cf199c6e676ea9a2e29d98cb96fe0767caaa88eb2517541e558b196e536a39d2c559bd19b372ee42011eb003121f967f572b36b3cde25aff42bf2247c3948e5a8c85a8a2e8329a7f93ee45d0c37e4a1f8b206d03ade96f75fc4a711e52d693abd7febdd106560d505ba6f48b12cbb1e4299f9b4d2319f223e08d5897e3956920ca1b34457e67ea0bbfeb9ab386f7127aed6cd88e05a4a64563a43f7aebb881c0e6d403e20c2ca7148662e7d9157afb9cfc9a6200ef08150c9067dd93d70161215abe095803c5ccd5797b9da978466ce1c7c0d2d14847dd171ad0b0b179fb61f7047e2f8b50685cae68bc5bd3373b95510ab52abf069f1ba5ee78832e459259b4e3934bc39fd561d4537378a9cd3408d81c064fd56032525140d1f4b3d2be273e4382c135395fbc6b892e585e1ff36c1c8f01e8b286c1a182b01b941c2002df38ea249ff5f177ff612beba1c9dd8537653b37080c4146c719c51420b53194329727a0818ccdad9efa045b84aee65a46fe74fe23d3300207cff6c339f69ed6ab3d4771ccd05875edb47b6536a38c1d01d368a88067cfe096fe598fa429facf524e52b876f687dccd4d350632fd672ed1586dadbf884b7c50ce7ced176d1b0414d5e2d9e0ebe82f07b4835f7eea7e92c436eb66c89b48b858039b7c1c9c2b307f2542faed895d176f061708bec9904d5e36e69a29beb2dab2f262ae80a98d5e8d1e44ddc3685db658ac7ec1781e1fe39800f18f788646ecd71c8995e2c268234f1ce4426e8a0da1082a1020b8f9830b584ea3f3a67b098b77d17b1f0f33d0cebbddd5f306e1ffce0bc95c9d093392f597008edffd1ee47ad883a529a9617ab075077ed7a66f7aebe8a9b65de0b7b439fcfd41af8ba6a421cbf3851dcad719202c0c583117d7461e4408eea6c74b15345502687e2499b2b27530749dadfa371a778e58114b699a696029ed9e5f68a844efdd6ec0bb24e0f652c997a72584d3fadaa9562a7fc5df59cdac7571792a39cde83e757e270305da52e741dbf7627fe7b28e5120ac470333c417ee3530a2933dab6c921b88f32e035cd3aa5783aa81120d450bea7d36eb59ee38544a87962488fb8ab8a7ddb27073c3e8145c55501f8004f3bffbe87b4c12c25197263e5b08d40517dcb614b7d1ebb822fac0d232f5e4025cccd37ef7e46539e08ed6f3466e6620c59200b30d801b73fa42e0cb4ec6eba97a93d9a39cf4464f2cf61ed277968389910dcdac06a1cc3c287bab11b276db773f7f03e4c406608d5422de7ceaca853dbc0d40e49e98e7a1f52482c2e74ef56d3f2708731510b214a11b15668a7f6f80b2c6611d8daf6282263e0e5491fcdbdb167eef4c89d17ef056251c550bdf1af94fa77afeafc8e629c370ae681800e40a30af424e7f79f28fce4d787e837f81bb1b37d1887b2799311ea6935f2a72e68bfd2509120fcffb5192d9dd54ead9536b7af2cb73c9b33c286b266cb8a39b395edd649892c5e1772746489246d3e2e4b6f05987963134a4165dceb4c3698c88f94811ca4071cf41f1cf2ab98a637f541be8f7f69231d296579c8e0f8080a5fc8465a3566811c3d9c8f2bcbafeeb325feb9b0a0b5fe989cc62d9c1d9e03a9be69f6ed37c57baa8aaf64c4933a494bdcf291b33267fed507e32087432114db8856212b01421e46da4b0fe932db654dce5f5fb1e25275890e935b9cac577e13bf476fe8a6cd09778970b39841ec608cbf8d81dc50996f1ab9d727674f0f36f2c0c265181bf5144cd0cef176937fa7e4d56e773aed4db0031ee22036bfa72b59ef70f142c823a23e588c31fbc06fb086e61c4f9bde02df30621c5e939fe6227e5b3fdc2a57191522280e89edda096f1708477d35b8b9c97a0345f682240f5c6bb9573071105ce9964f9bc0593fe5657a737f58b639abd6e752c159c27ad630c768c9926d3752c7d8bc1cface716a5a409a1863c0d8108d88587c2dc4e110a1e6b3652ab97f287abfc4b1dfa000035e90fa0fd7c25e83329a560ccf10c1b669a79c02cf6eeb21d63538a5fc0df677980b3d94bf5136321a2ffe09ef2de5f7b7c40865f88d4c1c21b9fe0152cd89d3c0e65c48684cc37737264b4c087e495d13ce442385721aace9c5138f29555f1dabef46ac83491655dea2c6f0213992c1e4873ba950e7b22eaecb346903e19d285f2241fa9d6754a0fea8568ae012e1098f7e34a7842e90a6aff72f778eb058f0a4142df03a43ca32159394b43584c45b897d67ab42715aa0a158a2f02ace1a1c4754776b0aad99a81f63396176298f229c83e32341a9576a98d6ac7beee7a7b983c60e1078cf2463ee0b9b42cf5189fba41de677fead59f46ea50adce0a6f95e5ed022127ab322d24bb5013a9ebaec469c17208e80e466559036b9730f7ab967ee5ee94a923ec81e3effaab27edcf5fe71f7c383eee4b7b75e57bc8d35baddc4aaddb2c22699434ab4ce801b9d606b9d8d8f404325a0024f21b1c5b010abb89298f0c0d5e6c7da0971e1b834167c7673f9343577d7848b34acb8fdd6d96414f81fb2d68b5b434a37b7ad6e8ff5a0390b4c0e79b1d344246e2878290a23220f41963f0bb683d4c7ffb159de56eeddbf9fe374e683184638ee8ef662863ad8f47c306edbdee63fbf1aa3c04ad336ea65356636c578add2d14bd667ff6b5d46993fb982a032cf2fbc269b0af2fb0f8eddda37ef05da3acfe83996160a1520a96af912ac6553adb767137e71faf16f14b645ba082752939b100c788b50c183ce9051c10f967944ca903d4cf2f803457a40ea3f47288bb7c9919fe6fb0c9570e047504f1c003744c6f5454fa6d3da5216cb8fab5e42dd7b95c1be0a89805fcbad73ba2e778f1805742344d977ce94d0d252123a24f38044d1e9b04eba97a4320ce40e7f36c8f4c90dc69564aac2ed04bf5bcccc1828df18a76f6be1a5aeb15d8f8409e19846d1fea6cb6b8463c421886c7f131fda6291389e81a1c4d4e8f7ac3dfb6b7f3a1169dc2eac179155e693cfcdaae9037c083cc6a85e5de5d8294eb4d412b467b82162d00273cfe43cf2df7e4e5018bdee2a24516fc65c2dca7271ab588f71fe55df301e0501fdcd2aca4fa9f504f4668a57b7d50858186c217215cf7920fd9a316322002d433f7fa1ecc6fb12f12cd5b432e8129c353913f96ee6eaed33d4b03d67a15adc3d7f9b824ddbf70adbeb6e25840ee4aebb63fa4a73b4814b751a5fdd70cd909e780d730bc41f0ab7e40fd14f06100c6bd9c37b92face0f8a4a4061237f85cf0ce028bfe96d0681380b660632bab7d980b514fd1127f897d283f6aa8eda5f786be2242a61c14c21b91d018931eb6c81f0e5ed1d5a13d4cd310f1803d0b0495902a7f3938d18ff7412a1e49fa4a1e8fe576348c08f2cbff7d4c5baabe9f7638000d0060b44682eeefddf6eb2d169f4a704609c480d4716018d9fe657c994be09296f77b5fc11515f6ae862e6d4d8e78656e390e43fb0f5289e71355342594de794230bd8a6f4a90024ae97246faa10f4d17919a76f1d4a0d8452aabf85e70207dec2d03406e46e65c8b76bb3b607a2613305c38595a76e855203fe97c38931b64bb239d5e54bd2d937913f1287200468b0aaf098c3dd47edab09b51f67c84aea9ca926b6639630485064799799bf274f509cd713cc8edde6d8885a72067a0f7eded5f4cbc0fb7a1f53622f54fd5c45f54a19fcbdaac18ce995734b891849f0e0a535cf64dbfee4b72f43493cf760f51b32c2e6be2b215afc6821111b68a97ae6b4fcc7f3936c217f43a181c2d4b9100aef7cc1bbb9f5b5ae72f7c10709b3689b726ff5001c3ecf828090afc0ba5acd4c8acb345c9ef3bd8f4ac667acf83eb516327e84e6cac380c2c38774a15b7f2fe645f208e401e5a97d22e9164f45c28a1378a15d569a4e9b885dad0098d9aa4871ce2ae09aa6889fc6e53aa5b192e625a77320d2fe5fd541638a467a78ff8b6e3a1e542e6b480b0b4bfa352b6085a93031abe01a92859ad86aded7ef69524feae72fc5cd10254a812d7c2514b6ff3b09f38cd0285951a875e8c2c3e68006155eae3a32d04f3f758cc5847dc1fcc5bafce46d579d0871b9dc44cda5449a8f38566cba68b1526faa0e7f017fb46cbc8d20020b5b82c01b21b28307de3753c620730babd9e9e91b8c0403f34a4c10ad24317bfd1397337cf6277ecb8480f2e2763569815f8d4f13f10bf08198a4807103b3dfe48e6eb1658e67d0313f660c4ee12d0c898b4f04038abb65987e235ea8cf0f30c65bfd4d5c20d4975c81abe7b94a798e7404f96a9da04019184404da2d97a361d145d0ecac07d80abf58217a9a8a7c7c9b041502bf54fdefd4cf99bcd23d62f26d2a3cd55ff11b3ffa81599b0aa6ae01aac59789bfcf985cbd898765406447b9b9f009c3f493b049e4d7e8dabe91ac3d094055ce00c02dc7ecb15bba0937db9a607418b59b125eb456b390492cda13bd8f5de050d5c9a7774e82c4ac52da22f315e12f14f89fe25ed38b075e2bd3dc709ed27f4f4ef9088b0b52503dcdd5af41d19095aae4959b6766229f497ce3197b95e9c131f4f9dfbce2070da94cd356eaaf40c4694e08a82b43dad5abe1762ee6a2db3c89e2b08ac001524adeb5b9c7d209517ed270350a0f072a410817c8c9fead8807a74301df579f2d88b59b21e5ebfe690505995d22d0b9c804bf34fad43e2d05926fd0699712d116f529b94fa0aeeb1ffaefd63017c1675970f53bf213b8e4660e3ecb097e3e2900d0af5d94ba16a3081c21c84b57f609ce12611f88d615d4aa9aa04c945aa5848a898bc0d4391f6ddc4eb5a34233b81e573a4b356771e9ee9edf60c0966e48e9821415e26d1bcfada9f065fbae24765f3dec16fc3db142b8d2f1446f79cd6e83f832068925c75950c73bd0f7c4d1db4ef1d256531c73e984a1efd520615b2fd5282f64f469d786c332f242fbc14ead6226918cd1a3301153509324134c87a99af847822911782a42259b57bb9533829e38a610ff28b563bbf33a8a5e7438fd49533aee2c4944c70234cb749d6a809adc20206b2bd08b774b8bb828f6954da4795e5875c2e8dac8cc9bc6f7fe4839c8524723440ad64c2a2a3a240e6a8195a03f9ab829b43b32da04e1a35a5fafa0dabfd4f889f9c7133e1b9c72a9c21864703a0e984ff8c2eab76bb58736b814af1a0da60514063d50d42372eefe0aa1221877a8140c88a869df041b643f61dbd658ca431d2ebc906eb6853523a035940ad20fe6a32c8b43e77b42c296f5d82fc3a2367cc2e0983562d0a9a6853c91158cce9caabbeb8e2eb6e46dad677af77f15a1d375715c4f182756d4b393d80c93488d2026d2e457049645f272659bc405ab5b34a2466365f592070cb174ea40c4103ed4fe7673f6ae7a9704419e1f2ff9db9f1fe89ca7d145c4eab0d376b07e7d276291d9c97d4e72bb2ab80fe4f631aec08"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x40}]}, @TIPC_NLA_SOCK={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8000}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x200}]}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8001}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1f}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1000}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x400}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8a93}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x81}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7f}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8d20}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}]}, @TIPC_NLA_LINK={0x6c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}]}, @TIPC_NLA_LINK={0x44, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xe43}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10009}]}]}]}, 0x1328}, 0x1, 0x0, 0x0, 0x4001}, 0x4080) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:48 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$security_ima(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='security.ima\x00', &(0x7f0000000240)=@ng, 0x2, 0x0) 10:44:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:48 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001200190d"], 0x20}}, 0x0) recvmsg(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000000100)=""/164, 0xa4}, {&(0x7f00000002c0)=""/241, 0xf1}, {&(0x7f00000003c0)=""/197, 0xc5}, {&(0x7f0000001500)=""/183, 0xb7}], 0x5}, 0x0) 10:44:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:44:48 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000000)=0x81) 10:44:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x12, 0x0, 0x3}]}) 10:44:49 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6(0xa, 0x2, 0x88) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r1, r2, 0x0, 0xa808) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000040)=0xadba) r3 = openat$ipvs(0xffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f00000000c0)) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) openat$autofs(0xffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x8000, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:49 executing program 3: bpf$MAP_CREATE(0xe, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) 10:44:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:44:49 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:50 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @in={0x2, 0x0, @multicast1=0xe0000008}, @ipx={0x4, 0x0, 0x0, "cacfe2dfd2c6"}, @in={0x2, 0x0, @multicast2}, 0x6}) 10:44:50 executing program 3: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400), 0x24, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {}, [{}, {}, {}], {}, [{}, {}, {}, {}]}, 0x5c, 0x0) 10:44:50 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f00000000c0)={r0, 0x9, 0x2, 0x8}) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x9, @private1, 0x5}, 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0xfffffffe, @mcast2, 0x6}, @in6={0xa, 0x4e20, 0x30, @mcast2, 0xeb2}, @in={0x2, 0x4e23, @empty}, @in6={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, [], 0x1}, 0xff}, @in={0x2, 0x4e22, @loopback}], 0x74) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x6}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:44:50 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:50 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETISPACE(r0, 0x8010500d, 0x0) 10:44:50 executing program 3: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {}, [{}, {}, {}], {}, [{}, {}, {}, {}]}, 0x5c, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400), 0x24, 0x0) 10:44:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:51 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) futex(&(0x7f0000000040), 0x3, 0x0, &(0x7f0000000080), &(0x7f00000000c0)=0x2, 0x0) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x7f, 0x0, 0x3, 0x0, 0x4, 0x1f, 0xb2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:44:51 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:51 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0xe, 0x0, &(0x7f0000000040)=0x700) 10:44:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x277, 0x0, 0x2}]}) 10:44:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:44:51 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:51 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x1c, r3, 0x331, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) r5 = openat$thread_pidfd(0xffffff9c, &(0x7f0000000040)='/proc/thread-self\x00', 0x20000, 0x0) fcntl$getown(r5, 0x9) 10:44:52 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, 0x0, &(0x7f0000000140)) 10:44:52 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x1}, 0x14}}, 0x0) 10:44:52 executing program 1: ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) 10:44:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:44:52 executing program 0: r0 = socket(0x10, 0x3, 0x0) socket$tipc(0x1e, 0x5, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newnexthop={0x34, 0x68, 0x3, 0x0, 0x0, {}, [@NHA_GROUP={0x1c, 0x2, [{0x1}, {0x2}, {}]}]}, 0x34}}, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @private=0xa010102}], 0x10) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000080)={0x0, 0x4, 0xfff, 0x40}, &(0x7f00000001c0)=0x10) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) rseq(&(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x5, 0x4, 0x5a, 0x3}, 0x1}, 0x20, 0x1, 0x0) 10:44:53 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, 0x0) 10:44:53 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x18, 0x0, &(0x7f0000000040)) 10:44:53 executing program 1: ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:44:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:53 executing program 0: r0 = openat$mice(0xffffff9c, &(0x7f00000000c0)='/dev/input/mice\x00', 0x482603) ioctl$SIOCX25SCAUSEDIAG(r0, 0x89ec, &(0x7f0000000100)={0x20, 0x20}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ptrace$getsig(0x4202, 0xffffffffffffffff, 0x7, &(0x7f0000000040)) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:53 executing program 3: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4) 10:44:53 executing program 1: ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:53 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xa, 0x84, 0xec2, 0x80000000000006, 0x0, 0x1}, 0x40) bpf$MAP_CREATE(0x15, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2c) 10:44:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:44:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:54 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$CHAR_RAW_BSZGET(0xffffffffffffffff, 0x80041270, &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:54 executing program 3: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/ipc\x00') mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) 10:44:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:44:54 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:44:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:55 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000040)={0xfffffffc, 0x10000, 0x5, 0x0, 0x6}, 0x14) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:55 executing program 4: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x16, 0x0, 0x4) 10:44:55 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x1, 0x88002) write$nbd(r0, &(0x7f0000000080)={0x67446698, 0x0, 0x0, 0x0, 0x0, "bc9b0b1a817394f5"}, 0x18) read$char_usb(r0, &(0x7f0000000080)=""/249, 0xf9) 10:44:55 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:44:55 executing program 4: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x100}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x6, 0x5}, r0, 0x8, 0xffffffffffffffff, 0x0) 10:44:55 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xd40ee47a465b857b, 0x1}, 0x40) 10:44:56 executing program 3: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000003640)={'ip6_vti0\x00', &(0x7f00000035c0)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @loopback}}) 10:44:56 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @mcast2, 0x8000}, 0x1c) pipe(&(0x7f0000000040)) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0), 0x0, 0x102, 0x0) 10:44:56 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:44:56 executing program 4: r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCADDRT(r0, 0x8940, 0x0) 10:44:56 executing program 5: r0 = socket(0xa, 0x1, 0x0) bind$can_j1939(r0, 0x0, 0x0) 10:44:56 executing program 3: r0 = syz_open_dev$sndmidi(&(0x7f0000653fee)='/dev/snd/midiC#D#\x00', 0x200, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000080)={0x1, 0x200, 0x8397}) 10:44:56 executing program 1: openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:56 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmsg$NFNL_MSG_ACCT_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x1, 0x7, 0x5, 0x0, 0x0, {0xc, 0x0, 0x3}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xdec4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20008000}, 0x40) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x2}, 0xe) recvmmsg(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0) 10:44:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:44:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d02}]}) 10:44:57 executing program 5: shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0x5000) shmctl$SHM_INFO(0x0, 0xe, 0x0) 10:44:57 executing program 3: socket(0xa, 0x0, 0xe3f9) 10:44:57 executing program 1: openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:57 executing program 5: r0 = socket(0xa, 0x2, 0x0) getsockopt$inet_mreqn(r0, 0x88, 0x65, 0x0, &(0x7f0000000780)) 10:44:57 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x101, 0x0, 0x10001}) 10:44:57 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000200)=0xfff) 10:44:58 executing program 1: openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc0bc5351, &(0x7f00000001c0)={{0x0, 0x8}}) 10:44:58 executing program 3: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x408c4) 10:44:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:58 executing program 0: r0 = socket(0x29, 0x80002, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x119, 0x484, 0x0, 0x0) 10:44:58 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x7a, 0x0, &(0x7f0000000040)) 10:44:58 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, 0x0) 10:44:58 executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) 10:44:59 executing program 0: r0 = socket(0xa, 0x6, 0x0) connect$l2tp6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x1}, 0x20) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1}, 0x30) 10:44:59 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, 0x0) 10:44:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:44:59 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x83, &(0x7f0000000000), &(0x7f0000000080)=0x10) [ 594.137413][ T27] audit: type=1400 audit(1601462699.559:25): avc: denied { node_bind } for pid=13862 comm="syz-executor.0" saddr=ff01::1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 [ 594.228879][ T27] audit: type=1400 audit(1601462699.589:26): avc: denied { name_connect } for pid=13862 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 10:45:00 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f00000001c0)={@local}) 10:45:00 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000240)='/dev/video#\x00', 0x2000000006, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000040)={0x2, @pix_mp}) 10:45:00 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, 0x0) 10:45:00 executing program 0: syz_mount_image$iso9660(&(0x7f0000000140)='iso9660\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x40000, &(0x7f0000001700)) 10:45:00 executing program 2: r0 = socket(0x2a, 0x2, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) 10:45:00 executing program 5: openat$bsg(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bsg\x00', 0x19d640, 0x0) 10:45:00 executing program 3: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000300)={'ip6gre0\x00', 0x0}) 10:45:00 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)) 10:45:00 executing program 0: r0 = socket$l2tp(0x2, 0x2, 0x73) recvmmsg(r0, &(0x7f00000016c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x123, 0x0) 10:45:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x79}]}) 10:45:00 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x23, 0x2a, 0x901}, 0x24}}, 0x0) 10:45:00 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socket$kcm(0xa, 0x3, 0x88) syz_open_dev$vim2m(&(0x7f0000000080)='/dev/video#\x00', 0x0, 0x2) syz_open_dev$vim2m(&(0x7f0000000080)='/dev/video#\x00', 0x9136, 0x2) pselect6(0x40, &(0x7f0000000140), 0x0, &(0x7f00000001c0)={0x7f}, &(0x7f0000000240), 0x0) 10:45:01 executing program 3: r0 = socket(0x2b, 0x1, 0x0) getsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, 0x0, &(0x7f0000000040)) 10:45:01 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:01 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)) 10:45:01 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) read$FUSE(r0, 0x0, 0x0) 10:45:01 executing program 5: r0 = socket(0x2, 0x1, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x8953, 0x0) 10:45:01 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x2c}}, 0x0) 10:45:02 executing program 3: r0 = socket(0x2, 0x5, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000000100)) 10:45:02 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:02 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r0, &(0x7f00000004c0)={&(0x7f0000000000)={0xa, 0x4e24, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}, 0x1c, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}, 0x0) 10:45:02 executing program 4: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) ioctl$UI_ABS_SETUP(r0, 0x4004556a, 0x0) 10:45:02 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)) 10:45:02 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r0, 0x107, 0x12, 0x0, &(0x7f0000000080)) [ 597.137698][T13927] input: syz1 as /devices/virtual/input/input5 [ 597.213191][T13931] input: syz1 as /devices/virtual/input/input6 10:45:02 executing program 3: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/ipc\x00') ioctl$FIDEDUPERANGE(r0, 0xb701, 0x0) 10:45:02 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:02 executing program 2: r0 = socket(0xa, 0x3, 0xfb) bind$can_j1939(r0, 0x0, 0x17) 10:45:03 executing program 4: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'veth1_to_batadv\x00', &(0x7f0000000080)=@ethtool_gstrings}) 10:45:03 executing program 1: r0 = socket(0x2, 0x2, 0x0) setsockopt$MISDN_TIME_STAMP(r0, 0x11, 0x7, 0x0, 0x0) 10:45:03 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000040)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x0, @pix_mp}) 10:45:03 executing program 3: r0 = socket(0x10, 0x3, 0x0) bind$x25(r0, &(0x7f0000000000)={0x9, @remote={[], 0x2}}, 0x12) 10:45:03 executing program 2: socket$inet_sctp(0x2, 0xa, 0x84) 10:45:03 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0x4004ae8b, 0x0) 10:45:03 executing program 1: r0 = socket(0xa, 0x1, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x5, 0x0, 0x4) 10:45:03 executing program 5: r0 = syz_io_uring_setup(0x6ea8, &(0x7f0000001300), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000001380), &(0x7f00000013c0)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x2) [ 598.503400][T13960] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET) 10:45:04 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)={0x20, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6}]}]}, 0x20}}, 0x0) 10:45:04 executing program 2: socketpair(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @private2}}) 10:45:04 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:04 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) io_setup(0x7, &(0x7f0000000000)=0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) io_submit(r1, 0x2, &(0x7f0000000380)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x2, 0x5, 0x0, r2, 0x0}]) 10:45:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x1a0}]}) 10:45:04 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="130000000000000000000100000008"], 0x38}}, 0x0) 10:45:04 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x24, &(0x7f0000000000), &(0x7f0000000080)=0x10) 10:45:04 executing program 2: syz_mount_image$iso9660(0x0, &(0x7f0000000580)='./file0/file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:45:05 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:05 executing program 1: r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qrtr-tun\x00', 0x109102) read$qrtrtun(r0, 0x0, 0x0) [ 599.645368][T13997] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 599.725845][T14003] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. 10:45:05 executing program 5: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000f00)={'ip6tnl0\x00', 0x0}) 10:45:05 executing program 3: r0 = socket(0xa, 0x1, 0x0) bind$netrom(r0, &(0x7f0000000440)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @bcast, @default, @null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) 10:45:05 executing program 4: ioperm(0x0, 0x5, 0x2000000000000cd) fdatasync(0xffffffffffffffff) 10:45:05 executing program 2: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0xfffffffffffffffe, 0x4) 10:45:05 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:06 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x0, 0x0) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x9) 10:45:06 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x561}]}) 10:45:06 executing program 5: bpf$MAP_UPDATE_ELEM(0x9, &(0x7f00000003c0)={0xffffffffffffffff, &(0x7f0000000400), 0x0}, 0x20) 10:45:06 executing program 4: semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000000)={{0x1, 0xee00, 0x0, 0xee00, 0xee00}}) 10:45:06 executing program 0: ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:06 executing program 1: r0 = socket(0x2, 0x3, 0xfd) bind$can_j1939(r0, 0x0, 0x0) 10:45:06 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x2, 0x0, &(0x7f0000000040)) 10:45:06 executing program 2: r0 = syz_io_uring_setup(0x6ea8, &(0x7f0000001300), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000001380), &(0x7f00000013c0)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x5, 0x0, 0x0) 10:45:06 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x13, &(0x7f0000000000), &(0x7f0000000080)=0x10) 10:45:06 executing program 5: pkey_mprotect(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) socketpair(0x0, 0x0, 0x0, &(0x7f0000000040)) 10:45:07 executing program 0: ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:07 executing program 1: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000280)='/proc/capi/capi20\x00', 0x0, 0x0) mmap$fb(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x10, r0, 0x0) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fb0\x00', 0x0, 0x0) mmap$fb(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x10, r1, 0x0) 10:45:07 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000000)={{0x7}}) 10:45:07 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000300)='/dev/video#\x00', 0x3, 0x2) ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000340)) 10:45:07 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x0) ioctl$UI_SET_FFBIT(r0, 0x40305828, 0x4ad000) 10:45:07 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x73, 0x0, &(0x7f0000000040)) 10:45:08 executing program 0: ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:08 executing program 1: bpf$MAP_CREATE(0x14, &(0x7f0000000000)={0x0, 0x0, 0x77fffb, 0x0, 0x0, 0x0}, 0x2c) 10:45:08 executing program 4: socket$can_j1939(0x1d, 0x2, 0x7) socket$can_j1939(0x1d, 0x2, 0x7) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@bridge_newneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @link_local}]}, 0x28}}, 0x0) 10:45:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4020aeb2, &(0x7f0000000040)={0x0, r2}) 10:45:08 executing program 2: r0 = socket(0xa, 0x2, 0x0) connect$l2tp(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x9}}, 0x10) connect$l2tp(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) 10:45:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4008ae6a, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil}) 10:45:09 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:09 executing program 1: r0 = socket(0x1, 0x1, 0x0) ioctl$SIOCSIFMTU(r0, 0x8914, &(0x7f0000000080)={'bridge_slave_0\x00'}) 10:45:09 executing program 4: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x32, 0x0, 0x4) 10:45:09 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040)='SEG6\x00') sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000c000001000400040004000500050002000000080003"], 0x30}}, 0x0) 10:45:09 executing program 3: sched_setaffinity(0x0, 0x0, 0xfffffffffffffffe) 10:45:09 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:09 executing program 5: r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCADDRT(r0, 0x890b, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x1, 0x0) ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000000c0)=0x1) 10:45:10 executing program 4: openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000580)='fuse\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4001}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) select(0x40, &(0x7f0000000500), &(0x7f0000000540)={0x20}, 0x0, &(0x7f0000000600)) [ 604.679117][T14104] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 604.749620][T14106] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 10:45:10 executing program 2: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x6, 0x400000, 0x4) 10:45:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[], 0x33fe0}}, 0x0) 10:45:10 executing program 5: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x0, 0x0) mmap$fb(&(0x7f0000ffb000/0x1000)=nil, 0x7fffdf004000, 0x0, 0x4011, r0, 0x0) 10:45:10 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:10 executing program 1: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x0, 0x0) write$ppp(r0, 0x0, 0x0) 10:45:11 executing program 3: openat$full(0xffffffffffffff9c, 0x0, 0x418800, 0x0) 10:45:11 executing program 5: prctl$PR_SET_NAME(0x21, &(0x7f0000000040)='*$\xa3}(/({\x80.-\xc4(\x00') 10:45:11 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, 0x0, &(0x7f0000000040)) 10:45:11 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:11 executing program 4: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) recvmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2100, 0x0) 10:45:11 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, 0x0, 0x0) 10:45:11 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000040)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0xb420, 0x1, 0x0, "45aed12fda3e8b302aa7b8b53b32e11f7711deefaf718c2ae9945ba0cb360847"}) 10:45:12 executing program 5: prctl$PR_SET_NAME(0x21, 0x0) 10:45:12 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x122, 0x0, 0x400000000000000}]}) 10:45:12 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x11, 0x0, &(0x7f0000000040)=0x700) 10:45:12 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_SET_PROPBIT(r0, 0x2, 0x960000) 10:45:12 executing program 3: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x4, 0xa4ffffff, 0x4) 10:45:12 executing program 5: prctl$PR_CAPBSET_DROP(0x59616d61, 0x0) 10:45:12 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:13 executing program 2: ioperm(0x0, 0x7, 0xcd) r0 = syz_io_uring_setup(0x36cf, &(0x7f0000000080), &(0x7f0000000000/0x3000)=nil, &(0x7f0000ee7000/0x3000)=nil, &(0x7f0000000180), &(0x7f0000000000)) fdatasync(r0) 10:45:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:13 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000040)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_QBUF(r0, 0x400448c9, &(0x7f0000000200)={0x0, 0x0, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "18b85b6f"}, 0x0, 0x0, @fd}) 10:45:13 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffffd}]}) set_tid_address(0x0) 10:45:13 executing program 5: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x89ea, &(0x7f0000000000)={@remote={[], 0x1}, 0x0, 'lo\x00'}) 10:45:13 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:13 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000653fee)='/dev/snd/midiC#D#\x00', 0x200, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r0, 0x80045700, &(0x7f0000000040)) 10:45:13 executing program 1: r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x0, 0x0) read$rfkill(r0, 0x0, 0x0) 10:45:14 executing program 5: prctl$PR_SET_NAME(0x34, &(0x7f0000000040)='*$\xa3}(/({\x80.-\xc4(\x00') 10:45:14 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:14 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x18, 0x0, &(0x7f0000000040)) 10:45:14 executing program 5: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x8, &(0x7f00000000c0), 0x4) 10:45:14 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x1, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 'syz0\x00', 0x0}) 10:45:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x400000b7, 0x0, 0x2}]}) 10:45:15 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:15 executing program 1: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x0, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309) 10:45:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x186, 0x0, 0x2}]}) 10:45:15 executing program 2: socket$can_j1939(0x1d, 0x2, 0x7) socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r2 = socket$packet(0x11, 0x2, 0x300) sendto$packet(r2, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) 10:45:16 executing program 1: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000200)='ns/time\x00') ioctl$FIDEDUPERANGE(r0, 0x5460, &(0x7f0000004740)) 10:45:16 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, 0x0, 0x0) 10:45:16 executing program 5: r0 = socket(0xa, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000340)={{0x3, @bcast}, [@default, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) 10:45:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0xc0000100}]}) 10:45:16 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x9, 0x0, &(0x7f0000000040)=0x9b) 10:45:16 executing program 5: socketpair(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'veth0_to_bridge\x00', &(0x7f0000000140)=@ethtool_dump}) 10:45:16 executing program 1: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$packet_int(r0, 0x107, 0x0, 0x0, 0x0) 10:45:16 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, 0x0, 0x0) 10:45:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:16 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @random="711e69f0a71a"}, 0x14) 10:45:17 executing program 3: r0 = socket(0x2, 0x80a, 0x0) bind$can_j1939(r0, 0x0, 0x0) 10:45:17 executing program 5: bpf$MAP_CREATE(0x12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x2c) 10:45:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:17 executing program 1: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan1\x00'}) 10:45:17 executing program 2: r0 = socket(0xa, 0x6, 0x0) connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x1d}}}, 0x20) 10:45:17 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, 0x0, 0x0) 10:45:17 executing program 3: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) read$FUSE(r0, &(0x7f000000a2c0)={0x2020}, 0xfffffffffffffea2) 10:45:18 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socket$kcm(0xa, 0x3, 0x88) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000140), 0x0, &(0x7f00000001c0)={0x7f}, 0x0, 0x0) 10:45:18 executing program 1: lsetxattr$system_posix_acl(0x0, 0x0, &(0x7f0000000400)={{}, {}, [], {}, [{0x8, 0x1}]}, 0x2c, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x25}, 0x0) 10:45:18 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:18 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4602, &(0x7f0000000240)) 10:45:18 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) 10:45:18 executing program 3: socketpair(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x8980, 0x0) 10:45:18 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc02c5341, &(0x7f00000001c0)) 10:45:18 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0xc0000080}]}) 10:45:19 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) 10:45:19 executing program 3: socketpair(0x26, 0x0, 0x0, &(0x7f0000000080)) 10:45:19 executing program 1: r0 = socket(0xa, 0x2, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x29, 0x48, 0x0, 0x4) 10:45:19 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername(r1, &(0x7f0000005f00)=@can={0x1d, 0x0}, &(0x7f0000005f80)=0x80) sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x3c, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc}]}]}, 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="bc00000010008105fc8fd8c1bf54ea0000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000500012800b000100697036746e6c00004000028008000100", @ANYRES32=r2], 0xbc}}, 0x0) 10:45:19 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:19 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) 10:45:19 executing program 2: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mISDNtimer\x00', 0x0, 0x0) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000000)) 10:45:19 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000040), 0x4) [ 614.636663][T14344] netlink: 'syz-executor.5': attribute type 4 has an invalid length. [ 614.645385][T14344] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.5'. [ 614.654958][T14344] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.5'. 10:45:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d02}]}) 10:45:20 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) [ 614.846560][T14349] netlink: 'syz-executor.5': attribute type 4 has an invalid length. [ 614.854910][T14349] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.5'. [ 614.864580][T14349] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.5'. 10:45:20 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) 10:45:20 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000001300)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001200)=[@rights={{0x10}}], 0x10}], 0x1, 0x0) 10:45:20 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000100)=[@in={0x2, 0x0, @dev}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c) 10:45:20 executing program 5: socket(0x15, 0x5, 0xbf) 10:45:20 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:20 executing program 1: r0 = socket(0x29, 0x5, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x8912, &(0x7f0000000140)) 10:45:21 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) [ 615.638835][T10570] Bluetooth: hci5: command 0x0406 tx timeout 10:45:21 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x33fe0}}, 0x0) 10:45:21 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d03}]}) 10:45:21 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, @in={0x2, 0x0, @local}, @isdn, @nfc}) 10:45:21 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000002c0)=[@in6={0xa, 0x0, 0x0, @dev, 0x40003}], 0x1c) 10:45:21 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) 10:45:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:22 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f00000001c0)) 10:45:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0x41a0ae8d, 0x0) 10:45:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48, 0x0, 0x2}]}) 10:45:22 executing program 5: socketpair(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r0, 0x12, 0x2, 0x0, 0x0) 10:45:22 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:22 executing program 3: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) bpf$MAP_CREATE(0x0, &(0x7f0000000240)={0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [], r1}, 0x40) 10:45:22 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x1d, 0x0, &(0x7f0000000040)=0x9b) 10:45:22 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000400)={'batadv_slave_0\x00', &(0x7f00000003c0)=@ethtool_sfeatures}) 10:45:22 executing program 5: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000200)) 10:45:23 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:23 executing program 3: sched_setattr(0x0, &(0x7f0000000000)={0xb42c6fea05b4d74d}, 0x0) 10:45:23 executing program 1: r0 = socket(0x29, 0x5, 0x0) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x50}}, 0x0) sendto$l2tp6(r0, &(0x7f0000000140)='9', 0x1, 0x0, 0x0, 0x0) 10:45:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x25}, 0x0) 10:45:23 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:23 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:23 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_SET_PROPBIT(r0, 0xc06855c8, 0x0) 10:45:23 executing program 3: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018000000000200000002000000060000000a0000000e000000100000030000000100000002", 0x69, 0x400}, {&(0x7f0000010a00)="4379d52700000000001000000000000002000000000000000d0000001000000012000000170000001600000015000000ffffffffffffffffffffffffffffffffffffffff01000000000000000000000000000000140000000100000000000000ffffffffffffffffffffffffffffffffffffffff010000000000000000000000000000008501000006000000010000000100000001000000040000004000000040000000fc0f", 0xa6, 0x200000}, {&(0x7f0000010b00)="000000000000000000000000000000000000000000000000000000002964039d0100030000000003000000003e", 0x2d, 0x200fe0}, {&(0x7f0000010c00)="000000000000000000000000000000000000000000000000000000060017000000010c80", 0x24, 0x2011e0}, {&(0x7f0000011600)="00000000000000000000000000000000000000000000000000000001000000004379d52700000000001000000000000002000000000000000d0000001000000012000000170000001600000015000000ffffffffffffffffffffffffffffffffffffffff01000000000000000000000000000000140000000100000000000000ffffffffffffffffffffffffffffffffffffffff010000000000000000000000000000008501000006000000010000000100000001000000040000004000000040000000fc0f", 0xc6, 0x204fe0}, {&(0x7f0000011700)="000000000000000000000000000000000000000000000000000000002964039d", 0x20, 0x205fe0}, {&(0x7f0000012100)="ed4100005cf90100535f010002000000001000000000000002", 0x19, 0x3e00000}, {&(0x7f0000012300)="00000000000000000300000003", 0xd, 0x3e00fe0}], 0x0, &(0x7f00000015c0)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x410081, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5029, 0xffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x3, 0x3e00, 0xffe0) 10:45:24 executing program 1: r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCADDRT(r0, 0xc0189436, 0x0) 10:45:24 executing program 2: r0 = socket(0x2a, 0x2, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x5411, &(0x7f0000002200)) 10:45:24 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) [ 618.959873][T14449] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 618.968143][T14449] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock 10:45:24 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:24 executing program 5: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=ANY=[@ANYBLOB='x\x00\x00\x00$ \v'], 0x78}}, 0x0) [ 619.138013][T14449] F2FS-fs (loop3): invalid crc_offset: 0 10:45:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d06}]}) [ 619.529119][T14465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8228 sclass=netlink_route_socket pid=14465 comm=syz-executor.5 10:45:25 executing program 2: openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) epoll_create1(0x0) socket$kcm(0xa, 0x3, 0x88) pselect6(0x40, &(0x7f0000000140), 0x0, &(0x7f00000001c0)={0x7f}, &(0x7f0000000240), 0x0) 10:45:25 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:25 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:25 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, &(0x7f00000002c0)) 10:45:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x1d9, 0x0, 0x2}]}) 10:45:26 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCDELRT(r0, 0x890c, 0x0) 10:45:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:26 executing program 2: r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) r3 = pidfd_getfd(r2, r0, 0x0) getsockname$packet(r3, 0x0, &(0x7f0000000240)) 10:45:26 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8100}}}, 0x24}}, 0x0) 10:45:26 executing program 5: syz_mount_image$iso9660(0x0, &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='trusted.overlay.nlink\x00', 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400), 0x24, 0x0) 10:45:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x641}]}) 10:45:26 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1}}, 0x24}}, 0x0) 10:45:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:26 executing program 2: prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='//selinux\x00\x00\x01\x10') r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x901c41, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000040), 0xfe80) dup3(r2, r3, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r1}) 10:45:26 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000280), 0xa5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) 10:45:26 executing program 3: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) r2 = dup3(r1, r0, 0x0) getsockopt$IP_SET_OP_GET_BYINDEX(r2, 0x1, 0xe, 0x0, &(0x7f0000000000)) 10:45:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x641}]}) [ 621.631699][ T27] audit: type=1800 audit(1601462727.049:27): pid=14526 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.2" name="cgroup.stat" dev="sda1" ino=16130 res=0 errno=0 10:45:27 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1}}, 0x24}}, 0x0) 10:45:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) [ 621.751639][T14530] sock: process `syz-executor.3' is using obsolete getsockopt SO_BSDCOMPAT 10:45:27 executing program 2: r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet(0x2, 0x3, 0x5) setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="ed"], 0x1) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000140)={0x0, @local, @local}, &(0x7f0000000000)=0xc) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000000340)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0) [ 621.851756][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 621.911747][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 10:45:27 executing program 3: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) dup3(r1, r0, 0x0) sendmsg$sock(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc_llcp={0x27, 0x1, 0x0, 0x0, 0x0, 0x0, "b2f97d88049b73dafda7426ea05f98bc6461ef36eaa5345f32d2222a675bb1c46b1788fc4857fc33c829ab2893f2373163f6eece45af1af80ee4f9c4b4fe81"}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="f0e6cd16c98924ce01c00632752b91", 0xf}], 0x1}, 0x0) 10:45:27 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000480)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x2000021c) clone(0x3502001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) connect$inet6(r0, 0x0, 0x0) 10:45:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:27 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@deltclass={0x24, 0x2a, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r1}}, 0x24}}, 0x0) 10:45:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x641}]}) 10:45:28 executing program 2: 10:45:28 executing program 3: 10:45:29 executing program 0: 10:45:29 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x641}]}) 10:45:29 executing program 2: 10:45:29 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x48880) sendmmsg$inet6(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 10:45:29 executing program 0: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x2e, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x7}, @local, @val={@void}, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @private}, {0x12, 0x0, 0x0, @dev}}}}}, 0x0) 10:45:30 executing program 5: 10:45:30 executing program 2: 10:45:30 executing program 1: 10:45:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x48}]}) 10:45:30 executing program 3: 10:45:30 executing program 0: 10:45:30 executing program 1: 10:45:30 executing program 2: 10:45:30 executing program 0: 10:45:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:45:31 executing program 3: 10:45:31 executing program 5: 10:45:31 executing program 1: 10:45:31 executing program 2: 10:45:31 executing program 0: 10:45:31 executing program 3: 10:45:31 executing program 5: 10:45:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:45:32 executing program 1: 10:45:32 executing program 2: 10:45:32 executing program 0: 10:45:32 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x80005) splice(r0, 0x0, r1, 0x0, 0x62ce9f1, 0x0) 10:45:32 executing program 5: 10:45:32 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, 0x0) 10:45:32 executing program 2: 10:45:32 executing program 1: 10:45:32 executing program 0: 10:45:32 executing program 5: 10:45:32 executing program 3: 10:45:33 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:45:33 executing program 2: 10:45:33 executing program 5: 10:45:33 executing program 1: 10:45:33 executing program 3: 10:45:33 executing program 0: 10:45:33 executing program 2: 10:45:33 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:45:33 executing program 5: 10:45:34 executing program 1: 10:45:34 executing program 3: 10:45:34 executing program 0: 10:45:34 executing program 2: 10:45:34 executing program 5: 10:45:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)) 10:45:34 executing program 1: 10:45:34 executing program 0: 10:45:34 executing program 3: 10:45:35 executing program 2: 10:45:35 executing program 5: 10:45:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:45:35 executing program 1: 10:45:35 executing program 0: 10:45:35 executing program 3: 10:45:36 executing program 2: 10:45:36 executing program 3: 10:45:36 executing program 5: 10:45:36 executing program 1: 10:45:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:45:36 executing program 0: 10:45:36 executing program 2: 10:45:37 executing program 3: 10:45:37 executing program 5: 10:45:37 executing program 1: 10:45:37 executing program 0: 10:45:37 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{}]}) 10:45:37 executing program 2: 10:45:37 executing program 3: 10:45:37 executing program 5: 10:45:37 executing program 1: 10:45:37 executing program 0: 10:45:38 executing program 4: 10:45:38 executing program 3: 10:45:38 executing program 2: 10:45:38 executing program 1: 10:45:38 executing program 5: 10:45:38 executing program 0: 10:45:38 executing program 4: 10:45:38 executing program 2: 10:45:38 executing program 1: 10:45:38 executing program 3: 10:45:39 executing program 5: 10:45:39 executing program 0: 10:45:39 executing program 4: 10:45:39 executing program 3: 10:45:39 executing program 1: 10:45:39 executing program 2: 10:45:39 executing program 5: 10:45:39 executing program 0: 10:45:39 executing program 4: 10:45:40 executing program 1: 10:45:40 executing program 3: 10:45:40 executing program 2: 10:45:40 executing program 5: 10:45:40 executing program 0: 10:45:40 executing program 4: 10:45:40 executing program 1: 10:45:40 executing program 5: 10:45:40 executing program 3: 10:45:40 executing program 2: 10:45:40 executing program 0: 10:45:41 executing program 4: 10:45:41 executing program 1: 10:45:41 executing program 5: 10:45:41 executing program 3: 10:45:41 executing program 2: 10:45:41 executing program 0: 10:45:41 executing program 4: 10:45:41 executing program 1: 10:45:41 executing program 2: 10:45:42 executing program 5: 10:45:42 executing program 0: 10:45:42 executing program 3: 10:45:42 executing program 4: 10:45:42 executing program 1: 10:45:42 executing program 2: 10:45:42 executing program 3: 10:45:42 executing program 0: 10:45:42 executing program 5: 10:45:42 executing program 4: 10:45:42 executing program 1: 10:45:43 executing program 3: 10:45:43 executing program 0: 10:45:43 executing program 2: 10:45:43 executing program 5: 10:45:43 executing program 1: 10:45:43 executing program 4: 10:45:43 executing program 0: 10:45:43 executing program 3: 10:45:43 executing program 2: 10:45:44 executing program 5: 10:45:44 executing program 1: 10:45:44 executing program 4: 10:45:44 executing program 0: 10:45:44 executing program 3: 10:45:44 executing program 2: 10:45:44 executing program 5: 10:45:44 executing program 1: 10:45:44 executing program 4: 10:45:45 executing program 3: 10:45:45 executing program 0: 10:45:45 executing program 2: 10:45:45 executing program 5: 10:45:45 executing program 1: 10:45:45 executing program 4: 10:45:45 executing program 3: 10:45:45 executing program 0: 10:45:45 executing program 2: 10:45:45 executing program 1: 10:45:45 executing program 5: 10:45:46 executing program 4: 10:45:46 executing program 3: 10:45:46 executing program 0: 10:45:46 executing program 2: 10:45:46 executing program 5: 10:45:46 executing program 1: 10:45:46 executing program 4: 10:45:46 executing program 3: 10:45:46 executing program 0: 10:45:46 executing program 2: 10:45:47 executing program 4: 10:45:47 executing program 5: 10:45:47 executing program 1: 10:45:47 executing program 3: 10:45:47 executing program 0: 10:45:47 executing program 2: 10:45:47 executing program 5: 10:45:47 executing program 1: 10:45:47 executing program 4: 10:45:48 executing program 0: 10:45:48 executing program 3: 10:45:48 executing program 2: 10:45:48 executing program 4: 10:45:48 executing program 5: 10:45:48 executing program 1: 10:45:48 executing program 0: 10:45:48 executing program 3: 10:45:49 executing program 2: 10:45:49 executing program 4: 10:45:49 executing program 0: 10:45:49 executing program 5: 10:45:49 executing program 1: 10:45:49 executing program 3: 10:45:49 executing program 2: 10:45:49 executing program 4: 10:45:49 executing program 5: 10:45:49 executing program 1: 10:45:50 executing program 3: 10:45:50 executing program 0: 10:45:50 executing program 2: 10:45:50 executing program 1: 10:45:50 executing program 4: 10:45:50 executing program 5: 10:45:50 executing program 3: 10:45:50 executing program 0: 10:45:51 executing program 1: 10:45:51 executing program 2: 10:45:51 executing program 4: 10:45:51 executing program 5: 10:45:51 executing program 0: 10:45:51 executing program 3: 10:45:51 executing program 4: 10:45:51 executing program 1: 10:45:51 executing program 5: 10:45:51 executing program 2: 10:45:51 executing program 0: 10:45:51 executing program 3: 10:45:52 executing program 4: 10:45:52 executing program 1: 10:45:52 executing program 5: 10:45:52 executing program 2: 10:45:52 executing program 0: 10:45:52 executing program 3: 10:45:52 executing program 4: 10:45:52 executing program 1: 10:45:53 executing program 5: 10:45:53 executing program 0: 10:45:53 executing program 2: 10:45:53 executing program 3: 10:45:53 executing program 4: 10:45:53 executing program 1: 10:45:53 executing program 5: 10:45:53 executing program 0: 10:45:53 executing program 2: 10:45:53 executing program 3: 10:45:53 executing program 4: 10:45:54 executing program 1: 10:45:54 executing program 0: 10:45:54 executing program 5: 10:45:54 executing program 2: 10:45:54 executing program 3: 10:45:54 executing program 4: 10:45:54 executing program 1: 10:45:54 executing program 5: 10:45:54 executing program 0: 10:45:55 executing program 4: 10:45:55 executing program 2: 10:45:55 executing program 0: 10:45:55 executing program 1: 10:45:55 executing program 3: 10:45:55 executing program 5: 10:45:56 executing program 1: 10:45:56 executing program 4: 10:45:56 executing program 2: 10:45:56 executing program 3: 10:45:56 executing program 0: 10:45:56 executing program 5: 10:45:56 executing program 0: 10:45:56 executing program 4: 10:45:56 executing program 1: 10:45:57 executing program 2: 10:45:57 executing program 3: 10:45:57 executing program 5: 10:45:57 executing program 1: 10:45:57 executing program 0: 10:45:57 executing program 4: 10:45:57 executing program 3: 10:45:57 executing program 2: 10:45:57 executing program 5: 10:45:58 executing program 1: 10:45:58 executing program 0: 10:45:58 executing program 4: 10:45:58 executing program 2: 10:45:58 executing program 5: 10:45:58 executing program 3: 10:45:58 executing program 1: 10:45:58 executing program 0: 10:45:58 executing program 4: 10:45:58 executing program 5: 10:45:58 executing program 2: 10:45:58 executing program 3: 10:45:59 executing program 1: 10:45:59 executing program 0: 10:45:59 executing program 4: 10:45:59 executing program 2: 10:45:59 executing program 5: 10:45:59 executing program 3: 10:45:59 executing program 4: 10:45:59 executing program 0: 10:45:59 executing program 1: 10:45:59 executing program 2: 10:46:00 executing program 5: 10:46:00 executing program 3: 10:46:00 executing program 4: 10:46:00 executing program 0: 10:46:00 executing program 1: 10:46:00 executing program 2: 10:46:00 executing program 5: 10:46:00 executing program 3: 10:46:00 executing program 4: 10:46:00 executing program 1: 10:46:00 executing program 2: 10:46:01 executing program 0: 10:46:01 executing program 3: 10:46:01 executing program 5: 10:46:01 executing program 4: 10:46:01 executing program 0: 10:46:01 executing program 1: 10:46:01 executing program 2: 10:46:01 executing program 5: 10:46:01 executing program 3: 10:46:01 executing program 4: 10:46:02 executing program 1: 10:46:02 executing program 0: 10:46:02 executing program 2: 10:46:02 executing program 3: 10:46:02 executing program 4: 10:46:02 executing program 5: 10:46:02 executing program 1: 10:46:02 executing program 0: 10:46:02 executing program 2: 10:46:03 executing program 4: 10:46:03 executing program 3: 10:46:03 executing program 5: 10:46:03 executing program 1: 10:46:03 executing program 0: 10:46:03 executing program 2: 10:46:03 executing program 4: 10:46:03 executing program 3: 10:46:03 executing program 5: 10:46:03 executing program 1: 10:46:03 executing program 0: 10:46:04 executing program 2: 10:46:04 executing program 4: 10:46:04 executing program 3: 10:46:04 executing program 5: 10:46:04 executing program 1: 10:46:04 executing program 0: 10:46:04 executing program 2: 10:46:04 executing program 4: 10:46:04 executing program 3: 10:46:05 executing program 5: 10:46:05 executing program 0: 10:46:05 executing program 1: 10:46:05 executing program 2: 10:46:05 executing program 4: 10:46:05 executing program 3: 10:46:05 executing program 5: 10:46:05 executing program 0: 10:46:05 executing program 1: 10:46:06 executing program 2: 10:46:06 executing program 4: 10:46:06 executing program 3: 10:46:06 executing program 0: 10:46:06 executing program 5: 10:46:06 executing program 1: 10:46:06 executing program 2: 10:46:06 executing program 4: 10:46:06 executing program 3: 10:46:06 executing program 0: 10:46:07 executing program 5: 10:46:07 executing program 1: 10:46:07 executing program 4: 10:46:07 executing program 2: 10:46:07 executing program 3: 10:46:07 executing program 5: 10:46:07 executing program 0: 10:46:07 executing program 1: 10:46:07 executing program 4: 10:46:07 executing program 2: 10:46:08 executing program 3: 10:46:08 executing program 5: 10:46:08 executing program 0: 10:46:08 executing program 1: 10:46:08 executing program 4: 10:46:08 executing program 2: 10:46:08 executing program 3: 10:46:08 executing program 5: 10:46:08 executing program 0: 10:46:08 executing program 1: 10:46:09 executing program 4: 10:46:09 executing program 2: 10:46:09 executing program 3: 10:46:09 executing program 5: 10:46:09 executing program 4: 10:46:09 executing program 0: 10:46:09 executing program 1: 10:46:09 executing program 2: 10:46:09 executing program 3: 10:46:10 executing program 5: 10:46:10 executing program 4: 10:46:10 executing program 0: 10:46:10 executing program 1: 10:46:10 executing program 3: 10:46:10 executing program 2: 10:46:10 executing program 5: 10:46:10 executing program 4: 10:46:10 executing program 1: 10:46:10 executing program 0: 10:46:10 executing program 3: 10:46:11 executing program 2: 10:46:11 executing program 5: 10:46:11 executing program 4: 10:46:11 executing program 1: 10:46:11 executing program 0: 10:46:11 executing program 3: 10:46:11 executing program 2: 10:46:11 executing program 4: 10:46:11 executing program 5: 10:46:11 executing program 1: 10:46:11 executing program 0: 10:46:12 executing program 2: 10:46:12 executing program 3: 10:46:12 executing program 4: 10:46:12 executing program 5: 10:46:12 executing program 1: 10:46:12 executing program 0: 10:46:12 executing program 2: 10:46:12 executing program 3: 10:46:12 executing program 4: 10:46:13 executing program 5: 10:46:13 executing program 1: 10:46:13 executing program 0: 10:46:13 executing program 4: 10:46:13 executing program 2: 10:46:13 executing program 3: 10:46:14 executing program 0: 10:46:14 executing program 5: 10:46:14 executing program 1: 10:46:14 executing program 4: 10:46:14 executing program 0: 10:46:14 executing program 2: 10:46:14 executing program 1: 10:46:14 executing program 5: 10:46:14 executing program 3: 10:46:15 executing program 4: 10:46:15 executing program 2: 10:46:15 executing program 0: 10:46:15 executing program 5: 10:46:15 executing program 3: 10:46:15 executing program 1: 10:46:15 executing program 4: 10:46:15 executing program 5: 10:46:15 executing program 2: 10:46:16 executing program 3: 10:46:16 executing program 1: 10:46:16 executing program 0: 10:46:16 executing program 4: 10:46:16 executing program 2: 10:46:16 executing program 5: 10:46:16 executing program 3: 10:46:16 executing program 0: 10:46:16 executing program 1: 10:46:16 executing program 4: 10:46:17 executing program 5: 10:46:17 executing program 2: 10:46:17 executing program 3: 10:46:17 executing program 1: 10:46:17 executing program 0: 10:46:17 executing program 4: 10:46:17 executing program 5: 10:46:17 executing program 2: 10:46:17 executing program 0: 10:46:17 executing program 3: 10:46:17 executing program 1: 10:46:18 executing program 5: 10:46:18 executing program 4: 10:46:18 executing program 2: 10:46:18 executing program 3: 10:46:18 executing program 0: 10:46:18 executing program 1: 10:46:18 executing program 4: 10:46:18 executing program 2: 10:46:18 executing program 3: 10:46:18 executing program 5: 10:46:19 executing program 0: 10:46:19 executing program 1: 10:46:19 executing program 4: 10:46:19 executing program 0: 10:46:19 executing program 3: 10:46:19 executing program 2: 10:46:19 executing program 1: 10:46:19 executing program 5: 10:46:20 executing program 4: 10:46:20 executing program 1: 10:46:20 executing program 2: 10:46:20 executing program 0: 10:46:20 executing program 5: 10:46:20 executing program 3: 10:46:20 executing program 4: 10:46:20 executing program 2: 10:46:20 executing program 1: 10:46:20 executing program 5: 10:46:20 executing program 0: 10:46:20 executing program 3: 10:46:21 executing program 4: 10:46:21 executing program 2: 10:46:21 executing program 1: 10:46:21 executing program 0: 10:46:21 executing program 5: 10:46:21 executing program 3: 10:46:21 executing program 4: 10:46:21 executing program 2: 10:46:22 executing program 1: 10:46:22 executing program 5: 10:46:22 executing program 0: 10:46:22 executing program 3: 10:46:22 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4) sendmmsg(r0, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000002000)="8cb6f813069afedb99fbbd23c40c27d06292ca2b6f840cf41c6142a990468d6e81945c19a0a5f832c03139532b0b6bb449f3a4263a30b80ef754dd113f0ba3a2bc8fcd68998ea7d434ce735cce43680feaf6a597c6fcd2385aec350bb5096e65f2f423b9b8b09a614133bef221818764f58dc1ee08f36001589b1a21f5bd678425c571ba6285b888f130043bf8739c733c39ac99a38f7d43689c1a735e84d53644846c05e2175fbb05a045321548759bb1c882a15b5605275d74eb41b232e78a655175068506f2fbcb8f235f6f0879f2a42d35eecaf2c80747cd8adc1bb0ef0d65e89d9b3dfd322e39557ddbb3b57ea12f8b586a727072e29968f8754230c9885c0c17be8d7be15358dbfe2c4962d2e3c0b8fc55517e8498dd243769c2326d0757c2e761d1aa61559351f8cb2366501bb82657a23d19640cd4a0fc1e4419710ed5d11e563c7244e4b926659cafd37770f05160a230c0335c9ae02e53bf516fd0ad72cc0bfc9226ed41689687ad9a1523fcd53fb5feaa5ed39139011caa9b9fb337a7c154deb0ad27e24ade44f6ce48d1eda78af29ccaa1bc02fe7f426ed13b602f6acde4803168d43e051573357f4e42b083a401890ec4e0277fc1d35a4df8879a4c042e594d0becee6b9db41f4d52f12544a8c6be05eb33d6bc4b1004c2e25927866c2565f294aab4b9d44b385261a0f684ede3285afc4003254342718b41bc0d38d69889d2b764cb2b1a46af3ba528f68efc4873bfc004f13f765d6eb68f913f42679fefec2f8b2d98b87e3b86d072f36f388a3ee83730bb9fdc276bc759c1de8b6af1f5cb73bd835884302af9efc560304f2f2b37b725eb950514b0f4a80426e864663c2e9ccc575804f35fe721d163789d3b900886434f831127ce3b0997b758eedf5af6dd1e04cb8c2d281550e9a7dbcdfc8496bea57cc05c1d4f99710461bb102381439fd58b765a4e85d6e02557d40294e05269c3c17410cb7ca4e44137d33d5cb1236f0514e571e355e2b1ed15", 0x2d1}], 0x1}}], 0x1, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 10:46:22 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/schedstat\x00', 0x0, 0x0) r3 = dup2(r0, r2) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB="66696c746572000000000000000000000000f5ffffff000000010001001a00000e000000040000009002000000070000c800000060010000c8000000c8000080f8010000f8010000f8010000f8010000f8010000040000000000009cdfffe37e237e85dcb5823777276fb1c900000001006a39ce4bb9fa4a0400000000000000efffffffffffffff0000000000000400e2a883d30000000000030000000000000002000000000000000000001d200000000e000000000000a000c800000000000019000800000080df0000000000000030006164647274797065000000001f00000000200000000000800000000000007a3c0000000000090000000000000000280052454a4543540000800000cfdcf6e80000df1c0009000000ecff0100000000060000000000f812b61b4aa20c1abb004a0000000400006772653000000000000004000000000000000000000000000000000000000000000091000000000000000000e884c354afa8a803279c0004001b000000000000000000000000000070009800000022b800000000000000000000000000100000280052454a45435400000000e0ff1bff7d000000fcffffbfff7fffffffffff00b6122a913c23374e00000000000000000000000000070000000040affe4a8da7fec0ffff17ff00000000ff000100000000000000000000ff030000000000000000000000000000000000000000000000000000000100000000000000010000007000980000000008540280a90000000000000000000000042800534554000000000000000000000000000000000000000000000000000801000004170000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000001c6900b2b0ad83346782a700000028000000ff00000000009d000000a60000400005ed0020000000000000000000feffffff"], 0x1) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10) connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r4, &(0x7f0000007fc0), 0x4000000000002b8, 0x0) 10:46:22 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='reno\x00', 0x5) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window, @mss, @window, @window], 0x20000000000000e4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000200), 0x88) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0xfffffffffffffed3) 10:46:22 executing program 1: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000001380)='./file0\x00', 0x0) ioctl$FICLONE(r0, 0x40049409, r0) 10:46:22 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x70, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000000)="120000001a00e5ff007b00000000008000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000004000)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 10:46:22 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) 10:46:23 executing program 1: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000001380)='./file0\x00', 0x0) ioctl$FICLONE(r0, 0x40049409, r0) 10:46:23 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="c40000000b06010100eb0000010bfdff1d000400070001000600f2ff9b000780180001808000000000000000ff0000000000020000001c0006000465000000000c00090000000020000014aa140017007665746800008000616e000000008000050007008800000014001700767863616e3100000000001b020100000900120000007a32000000000c001a4072dcf77b001980000c00148008200140ee040000000000000006028aab86000000001a000000322a3d9cbf3d0900020073797a30"], 0x1}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2c6) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) splice(r0, 0x0, r4, 0x0, 0x883713, 0x0) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_setup(0x0, 0x0) io_submit(0x0, 0x0, 0x0) io_getevents(0x0, 0x6, 0x0, 0x0, 0x0) pipe(0x0) socket$inet_udp(0x2, 0x2, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) [ 678.198826][T15231] device syz_tun entered promiscuous mode 10:46:24 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000000c0)={r3, 0x1, 0x6}, 0x10) 10:46:24 executing program 1: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000001380)='./file0\x00', 0x0) ioctl$FICLONE(r0, 0x40049409, r0) 10:46:24 executing program 0: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) renameat2(r0, &(0x7f00000004c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) dup(0xffffffffffffffff) ioctl$sock_SIOCBRADDBR(0xffffffffffffffff, 0x89a0, 0x0) [ 678.868888][T15228] device syz_tun left promiscuous mode [ 678.954396][T15240] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 679.239270][ T27] audit: type=1326 audit(1601462784.666:28): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.268061][ T27] audit: type=1326 audit(1601462784.666:29): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.294970][ T27] audit: type=1326 audit(1601462784.666:30): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.296696][T15247] device syz_tun entered promiscuous mode [ 679.320344][ T27] audit: type=1326 audit(1601462784.666:31): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.350935][ T27] audit: type=1326 audit(1601462784.666:32): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.375828][ T27] audit: type=1326 audit(1601462784.666:33): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.400753][ T27] audit: type=1326 audit(1601462784.666:34): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.425525][ T27] audit: type=1326 audit(1601462784.666:35): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.450772][ T27] audit: type=1326 audit(1601462784.676:36): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.475038][ T27] audit: type=1326 audit(1601462784.676:37): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15245 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 679.618266][T15245] device syz_tun left promiscuous mode [ 679.673534][T15251] device syz_tun entered promiscuous mode [ 679.705974][T15245] device syz_tun left promiscuous mode 10:46:25 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') dup(r0) 10:46:25 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x48, 0x20004000, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) close(r0) openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0) [ 680.332728][T15261] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 10:46:26 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x70, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000000)="120000001a00e5ff007b00000000008000a1", 0x12, 0x0, 0x0, 0x0) 10:46:26 executing program 1: r0 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000080)={0x100000011, @multicast2, 0x0, 0x200, 'rr\x00'}, 0x2c) 10:46:26 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) r4 = memfd_create(&(0x7f00000002c0)='\x03\x92e\xc2\xc2\xc0\xf6\x04\x00\x00\x00\x97j\x12\x049\xdch\xe5\xe9\x93\xa5?[\xa2\x81\xee\xe2\xf3\x8a\f\xf5Y5\x97\x91\x85\xdd\xa9g\x96\xef\xa4rL\xcfKUP\xdf\xceo\xb6\xd6s\xef\xde\xdd\x82$_7\x18\xe6\xdeRKG\xa6\x89t\x0f\xcfI\x9aC\xe8\x81\xb0\xff\ff\x83\xcd\xe2\x1d\xb8\\v\xc0\xad\xad\x8b\xbb\xe90-v}\x03\x1e9\xc8*\xb6#\xad\xe4\x97\xd5s\x153\x06\xcb%&\x01\xc5Dl\x80\xbe\x87\xcaC\x84\xd6K\xb0\xdf\xaf+\xd5t\b\xa2M', 0x0) pwrite64(r4, &(0x7f000003bfff)='/', 0x1, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r4, 0x0) lseek(r4, 0x0, 0x2) sendfile(r4, r4, &(0x7f00000001c0), 0x7f8) 10:46:26 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000000c0)={r3, 0x1, 0x6}, 0x10) 10:46:26 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') dup(r0) 10:46:26 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x48, 0x20004000, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) close(r0) openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0) [ 681.104659][T15276] device syz_tun entered promiscuous mode [ 681.163189][T15270] device syz_tun left promiscuous mode 10:46:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x101, 0x0, 0xf0ffff, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}, 0x1, 0xdd473aaf32000000}, 0x0) 10:46:26 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') dup(r0) 10:46:26 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80b6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f0000272000)) 10:46:26 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000000c0)={r3, 0x1, 0x6}, 0x10) 10:46:27 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/consoles\x00', 0x0, 0x0) r2 = dup2(r0, r1) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000480)=ANY=[@ANYBLOB="66696c746572000000000000010000000000f5ffffff000000010001001a00000e000000040000009002000000070000c800000060010000c8000000c8000080f8010000f8010000f8010000f8010000f8010000040000000000009cdfffe37e237e85dcb5823777276fb1c900000001006a39ce4bb9fa4a0400000000000000efffffffffffffff0000000000000400bfa883d30000000000030000000000000002000000000000000000001d200000000e000000000000a000c800000000000019000800000080df0000000000000030006164647274797065000000000002000000200000000000800000000000007a3c0000000000000000000000000000280052454a4543540000800000cfdcf6e80000df1c0009000000ecff0100000000060000000000f812b61b4aa20c1abb004a0000000400006772653000000000000004000000000000000000000000000000000000000000000091000000000000000000e884c354afa8a803279c0004001b000000000000000000000000000070009800000022b800000000000000000000000000100000280052454a45435400000000e0ff1bff7d000000fcffffbfff7fffffffffff00b6122a913c23000000000000000000000000000000070000000040affe4a8da7fec0ffff17ff00000000ff00010000000000e729d0340000000000000000000000000000000000000000000000000000000000000100000000000000010000007000980000000008540280a90000000000000000000000042800534554000000000000000000000000000000000000000000000000000801000004170000057600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000001c6900b2b0b783346782a700000028000000ff00000000009d000000a60000400005ed0020000000000000000000feffffff"], 0x1) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r5, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10) connect$inet(r5, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r5, &(0x7f0000007fc0), 0x4000000000002b8, 0x0) 10:46:27 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/sem\x00', 0x0, 0x0) r1 = socket(0x2, 0x1, 0x0) r2 = dup2(r1, r0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c746572000000000000000000000000f5ffffff000000010001001a00000e000000040000009002000000070000c800000060010000c8000000c8000080f8010000f8010000f8010000f8010000f8010000040000000000009cdfffe37e230185dcb5823777276fb1c900000001006a39ce4bb9fa4a0400000000000000efffffffffffffff0000000000000400e2a883d30000000000030000000000000002000000000000000000001d200000000e000000000000a000c800000000000019000800000080df0000000000000030006164647274797065000000000002000000200000000000800000000000007a3c0000000000000000000000000000280052454a4543540000800000cfdcf6e80000df1c0009000000ecff0100000000060000000000f812b61b4aa20c1abb004a0000000400006772653000000000000004000000000000000000000000000000000000000000000091000000000400000000e884c354afa8a803279c0004000c000000000000000000000000000070009800000022b800000000000000000000000000100000280052454a45435400000000e0ff1bff7d000000fcffffbfff7fffffffffff00b6122a913c23374e00000000000000000000000000070000000040affe4a8da7fec0ffff17ff00000000ff00010000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000010000007000980000000008d42500000000000000000000000000042800534554000000000000000000000000000000000000000000000000000801000004000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000001c6900b2b0ad83346782a700000028000000ff00000000009d000000a60000400005ed0020000000000000000000feffffff"], 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r3, &(0x7f0000007fc0), 0x4000000000002b8, 0x0) 10:46:27 executing program 5: r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0) fcntl$setlease(r0, 0x400, 0x0) [ 682.115236][T15293] device syz_tun entered promiscuous mode 10:46:27 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') dup(r0) [ 682.167861][T15292] device syz_tun left promiscuous mode 10:46:27 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) bind$packet(r1, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb, 0x1, 'bridge\x00'}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc}]}}}]}, 0x40}}, 0x0) 10:46:28 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000000c0)={r3, 0x1, 0x6}, 0x10) 10:46:28 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x75f, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendfile(r2, r0, 0x0, 0x24002da8) 10:46:28 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r2, 0x0) syz_emit_ethernet(0x96, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60083e7200600600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="80"], 0x0) 10:46:28 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000002dc0)=@filter={'filter\x00', 0xe, 0x4, 0x370, 0x0, 0x1f0, 0x0, 0x98, 0x178, 0x240, 0x2d8, 0x2d8, 0x2d8, 0x240, 0x4, 0x0, {[{{@ip={@rand_addr, @private, 0x0, 0x0, 'syzkaller1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00'}}, {{@uncond, 0x0, 0x128, 0x158, 0x0, {}, [@common=@unspec=@conntrack1={{0xb8, 'conntrack\x00'}, {{@ipv6=@empty, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv6=@dev, [], @ipv4=@broadcast, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0x0, 0xa0, 0xe8, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast1, 'wg1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000140)='veth1_to_team\x00', 0x10) connect$inet(r1, &(0x7f0000000180)={0x2, 0x1000, @multicast2}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x400000000000030, 0x0) [ 683.232625][T15311] device syz_tun entered promiscuous mode [ 683.291394][T15308] device syz_tun left promiscuous mode 10:46:29 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) 10:46:29 executing program 5: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) [ 684.247661][ T27] kauditd_printk_skb: 203 callbacks suppressed [ 684.247797][ T27] audit: type=1326 audit(1601462789.676:241): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.350485][T15326] device syz_tun entered promiscuous mode [ 684.410950][T15325] device syz_tun left promiscuous mode [ 684.477210][ T27] audit: type=1326 audit(1601462789.706:242): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.501580][ T27] audit: type=1326 audit(1601462789.706:243): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.525956][ T27] audit: type=1326 audit(1601462789.716:244): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.550415][ T27] audit: type=1326 audit(1601462789.716:245): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.574906][ T27] audit: type=1326 audit(1601462789.736:246): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.599249][ T27] audit: type=1326 audit(1601462789.736:247): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.623625][ T27] audit: type=1326 audit(1601462789.736:248): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.648098][ T27] audit: type=1326 audit(1601462789.746:249): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 684.672606][ T27] audit: type=1326 audit(1601462789.746:250): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15325 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:46:31 executing program 2: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="c40000000406010100000000000000da760013000500010006"], 0x1}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xff99) splice(r0, 0x0, r2, 0x0, 0x4000000080010008, 0x0) 10:46:31 executing program 1: r0 = socket(0x400000000010, 0x802, 0x0) write(r0, &(0x7f0000000000)="2400000021002551071c0165ff00fc020200000000100f000ee1000c08000b0000000000", 0x24) 10:46:31 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:31 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000002500)={{{@in6=@ipv4={[], [], @dev}, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in6=@loopback}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 10:46:31 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 10:46:31 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, 0x0, 0x7, 0x101, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x20, 0x3, 0x7, 0x5, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 10:46:31 executing program 3: prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:31 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, 0x0, 0x7, 0x101, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x20, 0x3, 0x7, 0x5, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 10:46:31 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) [ 686.260788][T15348] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.2'. 10:46:31 executing program 2: r0 = eventfd2(0x0, 0x0) sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) io_setup(0x9, &(0x7f0000000340)=0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket(0x10, 0x80002, 0x0) io_submit(r1, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) 10:46:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000000706030000f600000400bb034e9900000500010006"], 0x1c}}, 0x0) 10:46:32 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, 0x0, 0x7, 0x101, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x20, 0x3, 0x7, 0x5, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 10:46:32 executing program 3: prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:32 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 10:46:32 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6900) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) mknod(&(0x7f0000000540)='./file0\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) renameat(r2, &(0x7f0000001840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000018c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') [ 688.650700][T15356] not chained 10000 origins [ 688.655260][T15356] CPU: 0 PID: 15356 Comm: syz-executor.0 Not tainted 5.9.0-rc4-syzkaller #0 [ 688.663944][T15356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.674009][T15356] Call Trace: [ 688.677356][T15356] dump_stack+0x21c/0x280 [ 688.681777][T15356] kmsan_internal_chain_origin+0x6f/0x130 [ 688.687574][T15356] ? ip_do_fragment+0x3b50/0x3b50 [ 688.692901][T15356] ? kmsan_get_metadata+0x116/0x180 [ 688.698121][T15356] ? kmsan_set_origin_checked+0x95/0xf0 [ 688.703686][T15356] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 688.709859][T15356] ? _copy_from_user+0x201/0x310 [ 688.714830][T15356] ? kmsan_get_metadata+0x116/0x180 [ 688.720053][T15356] __msan_chain_origin+0x50/0x90 [ 688.725101][T15356] __get_compat_msghdr+0x6db/0x9d0 [ 688.730248][T15356] get_compat_msghdr+0x108/0x2b0 [ 688.735276][T15356] __sys_sendmmsg+0x755/0xf70 [ 688.739995][T15356] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 688.745901][T15356] ? __msan_poison_alloca+0xf0/0x120 [ 688.751260][T15356] ? ktime_get_ts64+0x79f/0x8d0 [ 688.756138][T15356] ? kmsan_copy_to_user+0x81/0x90 [ 688.761172][T15356] ? _copy_to_user+0x1bf/0x260 [ 688.765960][T15356] ? kmsan_get_metadata+0x116/0x180 [ 688.771177][T15356] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 688.776995][T15356] ? kmsan_get_metadata+0x116/0x180 [ 688.782230][T15356] ? kmsan_get_metadata+0x116/0x180 [ 688.787529][T15356] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 688.792945][T15356] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 688.798536][T15356] __do_fast_syscall_32+0x129/0x180 [ 688.804019][T15356] do_fast_syscall_32+0x6a/0xc0 [ 688.814021][T15356] do_SYSENTER_32+0x73/0x90 [ 688.818639][T15356] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 688.824976][T15356] RIP: 0023:0xf7f7f549 [ 688.829083][T15356] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 688.848699][T15356] RSP: 002b:00000000f55370cc EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 688.857130][T15356] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020007fc0 [ 688.865116][T15356] RDX: 000000000800001d RSI: 0000000000000000 RDI: 0000000000000000 [ 688.873102][T15356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 688.881092][T15356] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 688.889102][T15356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 688.897350][T15356] Uninit was stored to memory at: [ 688.902392][T15356] kmsan_internal_chain_origin+0xad/0x130 [ 688.908131][T15356] __msan_chain_origin+0x50/0x90 [ 688.913080][T15356] __get_compat_msghdr+0x6db/0x9d0 [ 688.918226][T15356] get_compat_msghdr+0x108/0x2b0 [ 688.923169][T15356] __sys_sendmmsg+0x755/0xf70 [ 688.927852][T15356] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 688.933247][T15356] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 688.938806][T15356] __do_fast_syscall_32+0x129/0x180 [ 688.944011][T15356] do_fast_syscall_32+0x6a/0xc0 [ 688.948870][T15356] do_SYSENTER_32+0x73/0x90 [ 688.953387][T15356] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 688.959703][T15356] [ 688.962023][T15356] Uninit was stored to memory at: [ 688.967056][T15356] kmsan_internal_chain_origin+0xad/0x130 [ 688.972784][T15356] __msan_chain_origin+0x50/0x90 [ 688.977728][T15356] __get_compat_msghdr+0x6db/0x9d0 [ 688.982842][T15356] get_compat_msghdr+0x108/0x2b0 [ 688.987785][T15356] __sys_sendmmsg+0x755/0xf70 [ 688.992467][T15356] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 688.997842][T15356] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 689.003393][T15356] __do_fast_syscall_32+0x129/0x180 [ 689.008622][T15356] do_fast_syscall_32+0x6a/0xc0 [ 689.013480][T15356] do_SYSENTER_32+0x73/0x90 [ 689.018001][T15356] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 689.024340][T15356] [ 689.026666][T15356] Uninit was stored to memory at: [ 689.031710][T15356] kmsan_internal_chain_origin+0xad/0x130 [ 689.037440][T15356] __msan_chain_origin+0x50/0x90 [ 689.042385][T15356] __get_compat_msghdr+0x6db/0x9d0 [ 689.047511][T15356] get_compat_msghdr+0x108/0x2b0 [ 689.052459][T15356] __sys_sendmmsg+0x755/0xf70 [ 689.057172][T15356] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 689.062568][T15356] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 689.068129][T15356] __do_fast_syscall_32+0x129/0x180 [ 689.073333][T15356] do_fast_syscall_32+0x6a/0xc0 [ 689.078190][T15356] do_SYSENTER_32+0x73/0x90 [ 689.083918][T15356] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 689.090239][T15356] [ 689.092567][T15356] Uninit was stored to memory at: [ 689.097604][T15356] kmsan_internal_chain_origin+0xad/0x130 [ 689.103329][T15356] __msan_chain_origin+0x50/0x90 [ 689.108272][T15356] __get_compat_msghdr+0x6db/0x9d0 [ 689.113394][T15356] get_compat_msghdr+0x108/0x2b0 [ 689.118342][T15356] __sys_sendmmsg+0x755/0xf70 [ 689.123058][T15356] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 689.128439][T15356] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 689.133995][T15356] __do_fast_syscall_32+0x129/0x180 [ 689.139210][T15356] do_fast_syscall_32+0x6a/0xc0 [ 689.144066][T15356] do_SYSENTER_32+0x73/0x90 [ 689.148580][T15356] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 689.154897][T15356] [ 689.157256][T15356] Uninit was stored to memory at: [ 689.162292][T15356] kmsan_internal_chain_origin+0xad/0x130 [ 689.168024][T15356] __msan_chain_origin+0x50/0x90 [ 689.172966][T15356] __get_compat_msghdr+0x6db/0x9d0 [ 689.178084][T15356] get_compat_msghdr+0x108/0x2b0 [ 689.183030][T15356] __sys_sendmmsg+0x755/0xf70 [ 689.187901][T15356] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 689.193719][T15356] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 689.199365][T15356] __do_fast_syscall_32+0x129/0x180 [ 689.204581][T15356] do_fast_syscall_32+0x6a/0xc0 [ 689.209442][T15356] do_SYSENTER_32+0x73/0x90 [ 689.213992][T15356] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 689.220432][T15356] [ 689.222756][T15356] Uninit was stored to memory at: [ 689.227791][T15356] kmsan_internal_chain_origin+0xad/0x130 [ 689.233543][T15356] __msan_chain_origin+0x50/0x90 [ 689.238488][T15356] __get_compat_msghdr+0x6db/0x9d0 [ 689.243601][T15356] get_compat_msghdr+0x108/0x2b0 [ 689.248540][T15356] __sys_sendmmsg+0x755/0xf70 [ 689.253228][T15356] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 689.258658][T15356] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 689.264232][T15356] __do_fast_syscall_32+0x129/0x180 [ 689.269436][T15356] do_fast_syscall_32+0x6a/0xc0 [ 689.274391][T15356] do_SYSENTER_32+0x73/0x90 [ 689.278904][T15356] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 689.285219][T15356] [ 689.287559][T15356] Uninit was stored to memory at: [ 689.292611][T15356] kmsan_internal_chain_origin+0xad/0x130 [ 689.298338][T15356] __msan_chain_origin+0x50/0x90 [ 689.303302][T15356] __get_compat_msghdr+0x6db/0x9d0 [ 689.308419][T15356] get_compat_msghdr+0x108/0x2b0 [ 689.313361][T15356] __sys_sendmmsg+0x755/0xf70 [ 689.318088][T15356] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 689.323553][T15356] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 689.329125][T15356] __do_fast_syscall_32+0x129/0x180 [ 689.334331][T15356] do_fast_syscall_32+0x6a/0xc0 [ 689.339298][T15356] do_SYSENTER_32+0x73/0x90 [ 689.343812][T15356] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 689.350133][T15356] [ 689.352456][T15356] Local variable ----msg_sys@__sys_sendmmsg created at: [ 689.359414][T15356] __sys_sendmmsg+0xbb/0xf70 [ 689.364005][T15356] __sys_sendmmsg+0xbb/0xf70 10:46:35 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000002dc0)=@filter={'filter\x00', 0xe, 0x4, 0x370, 0x0, 0x1f0, 0x0, 0x98, 0x178, 0x240, 0x2d8, 0x2d8, 0x2d8, 0x240, 0x4, 0x0, {[{{@ip={@rand_addr, @private, 0x0, 0x0, 'syzkaller1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00'}}, {{@uncond, 0x0, 0x128, 0x158, 0x0, {}, [@common=@unspec=@conntrack1={{0xb8, 'conntrack\x00'}, {{@ipv6=@empty, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv6=@dev, [], @ipv4=@broadcast, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0x0, 0xa0, 0xe8, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast1, 'wg1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000140)='veth1_to_team\x00', 0x10) connect$inet(r1, &(0x7f0000000180)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x400000000000030, 0x0) 10:46:35 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r4, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:35 executing program 3: prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x2c, 0xa, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x2c}}, 0x0) 10:46:35 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={r2, 0x1, 0x6}, 0x10) 10:46:35 executing program 1: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='reno\x00', 0x5) [ 690.075105][ T27] kauditd_printk_skb: 58 callbacks suppressed [ 690.075173][ T27] audit: type=1326 audit(1601462795.497:309): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 690.106166][ T27] audit: type=1326 audit(1601462795.497:310): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 690.131229][ T27] audit: type=1326 audit(1601462795.497:311): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 690.157112][ T27] audit: type=1326 audit(1601462795.537:312): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 690.181779][ T27] audit: type=1326 audit(1601462795.537:313): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 690.206594][ T27] audit: type=1326 audit(1601462795.537:314): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 690.230951][ T27] audit: type=1326 audit(1601462795.537:315): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 690.257958][ T27] audit: type=1326 audit(1601462795.537:316): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 690.282281][ T27] audit: type=1326 audit(1601462795.537:317): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:46:35 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r4, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0xf0ffff, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}, 0x1, 0xdd473aaf32000000}, 0x0) [ 690.306470][ T27] audit: type=1326 audit(1601462795.537:318): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15388 comm=32A8C0074C4097056C4839EFB3AB5A exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:46:35 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:35 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={r2, 0x1, 0x6}, 0x10) 10:46:36 executing program 1: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000000406ffffffffffdd8250ab00e0ffffff050004e5000400000900020073797a3000f200000500010006"], 0x54}}, 0x0) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x447fe7, 0x0) 10:46:36 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x75f, 0x103382) pwritev(r0, &(0x7f00000023c0)=[{&(0x7f0000000080)='p', 0x1}], 0x1, 0x0, 0x0) [ 691.100097][T15415] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 10:46:36 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000000306010100000000000002a00000000005000100060000000900020073797a30"], 0x28}}, 0x0) 10:46:36 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r4, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:36 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:36 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={r2, 0x1, 0x6}, 0x10) 10:46:37 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:37 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020200030c000000000000000000000002000900200000006b062b5b00000000030006000000000002000000e0030001000000000000000002000100000000000000000d00000000030005000000000002"], 0x60}}, 0x0) 10:46:37 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000200)=@nat={'nat\x00', 0x1b, 0x5, 0x318, 0x0, 0x1e8, 0x140, 0x1e8, 0x0, 0x280, 0x280, 0x280, 0x280, 0x280, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x11, @local, @rand_addr, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x0, 0x1}}}, {{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x9, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @icmp_id, @icmp_id}}}}, {{@ip={@multicast1, @empty, 0x0, 0x0, 'ip6gre0\x00', 'veth1\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x9}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x378) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @random="bc67e327c935", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @dev, @multicast2}, @echo}}}}, 0x0) 10:46:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r4, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:37 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000640)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x200]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) readv(r0, &(0x7f00000004c0)=[{&(0x7f00000023c0)=""/4096, 0x18}], 0x43) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup3(r2, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$uinput_user_dev(r0, &(0x7f0000000ac0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c) 10:46:37 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000180)={r2, 0x1, 0x6}, 0x10) 10:46:37 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:38 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/wireless\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x1ef, 0x0, 0x0) [ 692.575484][T15442] input: syz1 as /devices/virtual/input/input8 [ 692.773434][T15448] device syz_tun entered promiscuous mode [ 692.823027][T15444] device syz_tun left promiscuous mode 10:46:38 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) shutdown(r1, 0x1) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:38 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000640)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x200]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) readv(r0, &(0x7f00000004c0)=[{&(0x7f00000023c0)=""/4096, 0x18}], 0x43) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup3(r2, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$uinput_user_dev(r0, &(0x7f0000000ac0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c) 10:46:38 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:38 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:38 executing program 2: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0) dup(0xffffffffffffffff) dup(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x89a1, &(0x7f0000000300)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0x3}) ioctl$sock_inet6_SIOCADDRT(r0, 0x89a0, &(0x7f0000000440)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @mcast1, @loopback}) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x1800, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10811, r1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, 0x0) ftruncate(0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x4) sendmsg$AUDIT_DEL_RULE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x48c}, 0x1, 0x0, 0x0, 0x40880}, 0x0) 10:46:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000193c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xcc, 0xcc, 0x7, [@struct={0x0, 0x9, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}]}, @union, @struct={0x0, 0x5, 0x0, 0x4, 0x0, 0x0, [{}, {}, {}, {}, {}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x0, 0xeb}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0x19000}], 0x3, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 693.646623][T15478] input: syz1 as /devices/virtual/input/input10 10:46:39 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) shutdown(r1, 0x1) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 693.843444][T15482] device syz_tun entered promiscuous mode [ 693.903284][T15476] device syz_tun left promiscuous mode 10:46:39 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:39 executing program 1: clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000140)='\x00\x04\x00\x00', 0x0) write$binfmt_elf32(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c466000002ed8e4f96765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300000000000000500004e9bad7ff070000a897ff080011000000090000f8ffffffffffffff03"], 0xd8) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$P9_RFSYNC(r2, 0x0, 0x0) 10:46:39 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:39 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) capget(&(0x7f0000000000)={0x20080522, 0xffffffffffffffff}, 0x0) 10:46:39 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) shutdown(r1, 0x1) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:39 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) clone(0x10002103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='mounts\x00') preadv(r4, &(0x7f00000017c0), 0x375, 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsa\x00', 0x101102, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x541c, &(0x7f00000000c0)) [ 694.581520][T15504] ERROR: Domain ' /sbin/init /usr/sbin/sshd /usr/sbin/sshd /bin/bash /root/syz-fuzzer /root/syz-executor.1 proc:/self/fd/3' not defined. [ 694.650871][T15503] device syz_tun entered promiscuous mode [ 694.689517][T15501] device syz_tun left promiscuous mode 10:46:40 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, 0x0}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:40 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:40 executing program 1: r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000440)=@abs={0x1}, 0x6e) 10:46:40 executing program 2: r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3e) fcntl$setsig(r1, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r2}], 0x1, 0xfffffffffffffff8) dup2(r1, r2) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000000)=0x101, 0x4) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x14) 10:46:40 executing program 0: r0 = socket$inet6(0xa, 0x401000000001, 0x0) close(r0) r1 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = open(&(0x7f0000000100)='./bus\x00', 0x11250c2, 0x0) r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r3, 0x208200) sendfile(r0, r2, 0x0, 0x8000fffffffe) [ 695.284546][T15523] device syz_tun entered promiscuous mode [ 695.312042][T15521] device syz_tun left promiscuous mode 10:46:40 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r4, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:40 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, 0x0}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:41 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) [ 695.651432][ T27] kauditd_printk_skb: 90 callbacks suppressed [ 695.651490][ T27] audit: type=1800 audit(1601462801.078:409): pid=15529 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16374 res=0 errno=0 10:46:41 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x75, &(0x7f0000000580)="5cf249b9740c8684445afd26b76af2f3c921bf3c0f339e57f4f21016a5b60a00088024c30e478947d190ad000000000000000000000064bfa6186165224897ba4ecb40aa071d905814c90761600032a3b88a1f000000970e85a63c9a4b0d8b9aad010000000000000002a7bef7fdffff9f8b01647a"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 10:46:41 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_LOCK(0x0, 0xb) shmctl$SHM_UNLOCK(0x0, 0xc) 10:46:41 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="bc00000010008105fc8fd8c1bf54ea0000000000", @ANYRES16=r1], 0xbc}}, 0x0) 10:46:41 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r4, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 696.093579][T15539] device syz_tun entered promiscuous mode [ 696.128884][T15536] device syz_tun left promiscuous mode 10:46:41 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, 0x0}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:41 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f0000000100)='2\xa8\xc0\aL@\x97\x05lH9\xef\xb3\xabZ\xde\xf2\'i\xb7\xae\xcd\xc41\x8a{E\x85\f\xf1\xe4\x1f\xca~\xbd\xec\xe5\xa2\x93\x89\xdc\xafk\x8a(\x1c >\xd8^\xe4\a\x9c/E\xce~\f\xd68\xb9\xf8\x8do1za\x19\xa1\xb6]\x98\x8a\xaf\x01\x04\xc30\xec\xfa\xb0\xe6\t\xc1\xa86\xaf\xd7\x15\xa9+\xfdm\xa8\r\x00\xcf\xd7\x00\x00\x00\x00\'\xcd\xd1\r\x8c\x11\x8a\x87p\xfba\x00\x9fc\x9c\xc9\x11n\xe8\xc7Uy\xe0\x9e\xe6\xaa\b\x1b\x89\xeeZ\x19\xf2\xc1\x84\xa0\xc2\x87\x94\x8e\xed\xad\x98\x00\x00\x00\xd3LG') r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:41 executing program 2: [ 696.424721][T15552] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.0'. [ 696.502171][T15553] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.0'. [ 696.653942][T15557] device syz_tun entered promiscuous mode [ 696.703570][T15555] device syz_tun left promiscuous mode 10:46:42 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r4, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:42 executing program 0: 10:46:42 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, &(0x7f00000000c0)}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:42 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:42 executing program 2: [ 697.436793][T15568] device syz_tun entered promiscuous mode [ 697.581603][ T27] audit: type=1326 audit(1601462803.008:410): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15565 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 697.614386][T15565] device syz_tun left promiscuous mode [ 697.690060][ T27] audit: type=1326 audit(1601462803.038:411): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15565 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 697.715726][ T27] audit: type=1326 audit(1601462803.038:412): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15565 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:46:44 executing program 1: 10:46:44 executing program 0: 10:46:44 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r3, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:44 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, &(0x7f00000000c0)}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:44 executing program 2: 10:46:44 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) [ 699.301159][ T27] audit: type=1326 audit(1601462804.728:413): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15583 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 699.324642][ T27] audit: type=1326 audit(1601462804.728:414): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15583 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:46:44 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, &(0x7f00000000c0)}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') [ 699.347843][ T27] audit: type=1326 audit(1601462804.728:415): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15583 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 699.388958][T15588] device syz_tun entered promiscuous mode 10:46:44 executing program 0: [ 699.464478][T15583] device syz_tun left promiscuous mode 10:46:44 executing program 2: [ 699.581725][ T27] audit: type=1326 audit(1601462804.808:416): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15583 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 699.605568][ T27] audit: type=1326 audit(1601462804.808:417): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15583 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 699.628675][ T27] audit: type=1326 audit(1601462804.808:418): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15583 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:46:45 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) socket$inet_icmp_raw(0x2, 0x3, 0x1) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:45 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:45 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:45 executing program 1: [ 700.112400][T15597] device syz_tun entered promiscuous mode [ 700.128183][T15595] device syz_tun left promiscuous mode 10:46:45 executing program 2: 10:46:45 executing program 0: 10:46:45 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:45 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:46 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') [ 700.681575][T15606] device syz_tun entered promiscuous mode [ 700.698660][T15604] device syz_tun left promiscuous mode 10:46:46 executing program 1: 10:46:46 executing program 0: 10:46:46 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:46 executing program 2: 10:46:46 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:46 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') [ 701.431566][T15617] device syz_tun entered promiscuous mode 10:46:46 executing program 1: [ 701.479688][T15614] device syz_tun left promiscuous mode 10:46:47 executing program 0: 10:46:47 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:47 executing program 2: 10:46:47 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 702.048226][T15625] device syz_tun entered promiscuous mode 10:46:47 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:47 executing program 0: [ 702.119697][T15624] device syz_tun left promiscuous mode 10:46:47 executing program 1: 10:46:47 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:47 executing program 2: 10:46:47 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:48 executing program 1: 10:46:48 executing program 0: [ 702.772868][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 702.772930][ T27] audit: type=1326 audit(1601462808.199:429): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15631 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=265 compat=1 ip=0xf7f30549 code=0x0 [ 702.913955][T15640] device syz_tun entered promiscuous mode [ 702.940862][T15637] device syz_tun left promiscuous mode 10:46:48 executing program 2: 10:46:48 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:48 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:48 executing program 1: 10:46:48 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') 10:46:48 executing program 0: [ 703.581849][T15649] device syz_tun entered promiscuous mode [ 703.606521][T15647] device syz_tun left promiscuous mode 10:46:49 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(0xffffffffffffffff, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:49 executing program 2: 10:46:49 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, 0x0}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:49 executing program 1: [ 703.973706][ T27] audit: type=1326 audit(1601462809.399:430): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15652 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=265 compat=1 ip=0xf7f30549 code=0x0 10:46:49 executing program 0: [ 704.332889][T15660] device syz_tun entered promiscuous mode [ 704.352616][T15659] device syz_tun left promiscuous mode 10:46:49 executing program 2: 10:46:49 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(0xffffffffffffffff, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:49 executing program 1: 10:46:50 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, 0x0}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:50 executing program 0: 10:46:50 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6}]}) prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='\x00') [ 704.926210][T15667] device syz_tun entered promiscuous mode [ 704.955305][T15666] device syz_tun left promiscuous mode 10:46:50 executing program 2: 10:46:50 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, 0x0}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:50 executing program 1: 10:46:50 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(0xffffffffffffffff, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:50 executing program 0: [ 705.606464][T15677] device syz_tun entered promiscuous mode [ 705.649070][T15674] device syz_tun left promiscuous mode [ 705.674793][ T27] audit: type=1326 audit(1601462811.099:431): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15672 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=265 compat=1 ip=0xf7f30549 code=0x0 10:46:51 executing program 2: 10:46:51 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, &(0x7f00000000c0)}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:51 executing program 1: 10:46:51 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:51 executing program 0: [ 706.329518][T15684] device syz_tun entered promiscuous mode [ 706.363190][T15683] device syz_tun left promiscuous mode 10:46:51 executing program 2: 10:46:51 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, 0x0) 10:46:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, &(0x7f00000000c0)}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:52 executing program 1: 10:46:52 executing program 0: [ 706.908400][T15694] device syz_tun entered promiscuous mode 10:46:52 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 706.948596][T15690] device syz_tun left promiscuous mode [ 707.015547][ T27] audit: type=1326 audit(1601462812.439:432): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15689 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f30549 code=0x7ffc0000 [ 707.040172][ T27] audit: type=1326 audit(1601462812.449:433): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15689 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30549 code=0x7ffc0000 [ 707.063804][ T27] audit: type=1326 audit(1601462812.449:434): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15689 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30549 code=0x7ffc0000 10:46:52 executing program 2: 10:46:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x0, &(0x7f00000000c0)}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:52 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, 0x0) 10:46:52 executing program 0: 10:46:52 executing program 1: [ 707.638261][T15704] device syz_tun entered promiscuous mode [ 707.700571][T15701] device syz_tun left promiscuous mode [ 707.841591][ T27] audit: type=1326 audit(1601462813.269:435): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15702 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f30549 code=0x7ffc0000 10:46:53 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:53 executing program 2: 10:46:53 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) [ 708.080121][ T27] audit: type=1326 audit(1601462813.309:436): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15702 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30549 code=0x7ffc0000 [ 708.103536][ T27] audit: type=1326 audit(1601462813.309:437): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15702 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30549 code=0x7ffc0000 10:46:53 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) prctl$PR_SET_NAME(0xf, 0x0) 10:46:53 executing program 0: 10:46:53 executing program 1: [ 708.543523][T15716] device syz_tun entered promiscuous mode [ 708.589182][ T27] audit: type=1326 audit(1601462814.019:438): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15713 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f30549 code=0x7ffc0000 [ 708.612515][ T27] audit: type=1326 audit(1601462814.029:439): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15713 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30549 code=0x7ffc0000 [ 708.635695][ T27] audit: type=1326 audit(1601462814.029:440): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15713 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30549 code=0x7ffc0000 [ 708.664381][T15712] device syz_tun left promiscuous mode 10:46:54 executing program 2: 10:46:54 executing program 5: close(0xffffffffffffffff) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r0, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) 10:46:54 executing program 3: 10:46:54 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, 0x0, 0x0, &(0x7f0000000540)=""/46, 0x2e}, 0x5}, {{0x0, 0x0, &(0x7f00000003c0)=[{0x0}], 0x1}}], 0x4, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000, 0x2000002}, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 10:46:54 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 709.348020][T15726] device syz_tun entered promiscuous mode [ 709.385655][T15723] device syz_tun left promiscuous mode 10:46:54 executing program 2: 10:46:54 executing program 3: 10:46:55 executing program 5: close(0xffffffffffffffff) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r0, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) 10:46:55 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:55 executing program 1: 10:46:55 executing program 2: [ 710.070426][T15741] device syz_tun entered promiscuous mode [ 710.084348][T15739] device syz_tun left promiscuous mode 10:46:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000001500)=""/4096, 0x1000}], 0x1, &(0x7f0000000340)=""/27, 0x1b}, 0xdd7}], 0x3, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000, 0x2000002}, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 10:46:55 executing program 5: close(0xffffffffffffffff) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r0, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) 10:46:55 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:56 executing program 2: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, 0x0, 0x0, &(0x7f0000000540)=""/46, 0x2e}, 0x5}, {{0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000340)=""/27, 0x1b}, 0xdd7}], 0x4, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000, 0x2000002}, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 10:46:56 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000050000000c000000bf0000000f00000001000000000000000000000000200000002000002000000029c4645f29c4645f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1800}], 0x0, &(0x7f0000000500)) 10:46:56 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000010000000000c000000bf0000000f00000001000000000000000000000000200000002000002000000029c4645f29c4645f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000500)) [ 710.913947][ T27] audit: type=1326 audit(1601462816.339:441): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15747 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x0 [ 711.151929][T15759] EXT4-fs (loop1): bad geometry: first data block 1 is beyond end of filesystem (0) 10:46:56 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 711.340006][T15759] EXT4-fs (loop1): bad geometry: first data block 1 is beyond end of filesystem (0) 10:46:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, 0x0, 0x0, &(0x7f0000000540)=""/46, 0x2e}, 0x5}, {{0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000340)=""/27, 0x1b}, 0xdd7}], 0x4, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000}, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 10:46:56 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) writev(r3, &(0x7f0000000080)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r3, &(0x7f0000000ec0)=ANY=[], 0xa) close(r4) socket(0x10, 0x2, 0x6) writev(r3, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c010000100013070000000000000000e0000001000000000000000000000000ff01000000000000000000000000000100000000000000000000040000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="f0000000000000000000ffff7f0000010000000032000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000d20000000000000048000200656362286369706865725f6e756c6c29000000fffffff7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000240017"], 0x4}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0xfef0) splice(r2, 0x0, r4, 0x0, 0x80000001, 0x0) 10:46:57 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:46:57 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, 0x0, 0x0, &(0x7f0000000540)=""/46, 0x2e}, 0x5}, {{0x0, 0x0, &(0x7f00000003c0)}, 0xdd7}], 0x4, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000}, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 10:46:57 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:57 executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='workqueue_queue_work\x00'}, 0x10) write$cgroup_type(r0, &(0x7f0000000000)='threaded\x00', 0x248800) [ 712.126595][ T27] audit: type=1326 audit(1601462817.559:442): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15782 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x0 [ 712.158746][T15788] device syz_tun entered promiscuous mode 10:46:57 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, 0x0, 0x0, &(0x7f0000000540)=""/46, 0x2e}, 0x5}, {{0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000340)=""/27, 0x1b}, 0xdd7}], 0x4, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000, 0x2000002}, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 10:46:57 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 712.846879][T15782] device syz_tun left promiscuous mode 10:46:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, 0x0, 0x0, &(0x7f0000000540)=""/46, 0x2e}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/27, 0x1b}, 0xdd7}], 0x4, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000}, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 10:46:58 executing program 3: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket(0x1e, 0x1, 0x0) sendmsg(r1, &(0x7f0000001dc0)={&(0x7f0000000080)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x80, 0x0}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x101}, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7, 0x8000000}, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x44042, 0x0) ftruncate(r3, 0x2008002) sendfile(r0, r3, 0x0, 0x200fff) recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0xffffffffffffff03, &(0x7f0000001e00)=[{&(0x7f0000000d00)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) 10:46:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x0, 0xffffffff}}]}, 0x28}}, 0x0) 10:46:58 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:46:58 executing program 5: socketpair$unix(0x1, 0x2, 0x0, 0x0) close(0xffffffffffffffff) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r0, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) 10:46:59 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x38, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe, 0x1, 'wireguard\x00'}, {0x4}}}]}, 0x38}}, 0x0) [ 713.642406][T15815] device syz_tun entered promiscuous mode [ 713.672709][ T27] audit: type=1800 audit(1601462819.100:443): pid=15816 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=15793 res=0 errno=0 [ 713.811320][ T27] audit: type=1326 audit(1601462819.170:444): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15809 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x0 10:46:59 executing program 1: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x22, 0x0, 0x0, 0x0, 0xa}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, &(0x7f0000000300)=""/250, 0x22, 0xfa, 0x8}, 0x20) 10:46:59 executing program 5: socketpair$unix(0x1, 0x2, 0x0, 0x0) close(0xffffffffffffffff) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r0, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) 10:46:59 executing program 1: creat(&(0x7f0000000140)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000000c0)='fuse\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x8000}}, 0x50) syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000006340)="550213a07196529afe0c0440192d7e6b690b2971077c794178f51d5e3ccb8213c2ab2c2f9eeeaac3d26a2f97d4f45f2a79306cb35d2773c4877c1510919c87833403a04e443f0f338e5651891573291dea98a917f4f62456553ef1e4c2ff39f3b6bfa857c2fde23f3bc356a09b1ce900401bba2326ffdbd94f33d8de2e2e88332b80cd5fef8a5482b44a6e9ff53976da78235538407a23561df1fcb2aa25e96496e60b50e63f955b575f6ea992ec1120ef5d703a365589739a47991ed90db8f5bc075ebc30f1ae98d2dd9424afb051063d9f8b29b3891c4a15a7ebb498efd4ad84a1432bcfd862661ff920704ec2481ea567b9accfd0089aa576182565159cb218bc81fee7abf14cf7fd7ad2fbc9f84b66ad2ee9e72efe6de57459a0d8ab7de571be5409f07b18e19573dcabc67e9577aefeb5d076c8b331244dd8f7a4be820a55a59b007298911dbce2d9243184d8db00cc124833f82d55562ad21f64dd300a0a0abeaf8ed2cbd4e373cbc6b40510b77e9742b208a6b6b2166a9b640c6013a905e7f5966613c40b14183adba502a66538f4d146d80e1e38bcfa430b6ab8f23772c41fc291a01817fc447cd8920886669c439c31639781c8a1750182979dc91939a93f2e8df8823a83d4c00a109da1b99aac9f5400b0a18187cd936c69efea3c5959e34ef5ab1b4a230750e4a121540f88d01f97690c18ea599525db59dcdf9915ef90dbc390555742f68c333611731945467777315115fd08343175c16195186d91c317e64a2a557ceb44c930c144aa8f3a1600d064d2fbc841226ec4fdeae163c62a293851c9aa54715cf3caa3bb22012ab2244821077a83b4c7f6aa67752edd136d84df86932c625b6beb4de2499915337bc62c071343ca01d207913718d363abc6e1a0b36a891d46016f586c8b8cda719a52bddad74b872928cb772d86db68d9431686e742ad8e0d83597e94d6dcd01bdb14b8b5f76e56ed293fd7ccfc3d25459b5e2e45d6bc8cf7159d9f819d0935f3cd662e68d1d16d5bb2ee3998d0cc8fdf553356ccf56c89a5e0ca635faf9224c81902393b1fbafb098a86ebf6942106d6ff686f4ac73fb7c86bfccef7852ac6304c04ef9fdc156540ef072f20a403a869dfe9e8db9c58e1261367d2b8f9ba76a002953ffc679fddb9046fc94bd365e5d932cbf2f5e9b271300d1b90481d72f9fa41eb6e206c96c1096756d4de822999d0396eff77fe86c2bfa2b3dbdb0cfd54b3ddf378a0bbfc4397cac8ba586a3d6b4144e8a9b7a7ac998626afc7d1197c3ca954e48fd7f63ea52edb77e03176720deb4ef7942e604e5a4f500887a77b22760eb33d98d7612ce737af9ee0e78fcb69e7838adae221b4de45e8837bd468f7a405e5f8ed26275b22feb32ba3f12a893479f273e5eaa73658f1dffe09c10baee49dfd8df0501000d74198173d277f7123c4e131fe7db8f74d0390f0222f92c5859d57c709e54b4ad6549185357837b4b7beb28687c35fe62502e1a9a1dbc0f803580a6170b56e08c2d0104fc12c9b47b022bc4cb8474d4b40fe0e13f89a6b6acff2f11d24871ac50c4d10a63080d8f8368a4f982e65ad9fcdd37d809b1b55fa5aeae6377634a973482354ba216d9e24e39edd327063e4852c05db7458f56e6a0dd01440b0ead91570967008128dfc43b48e73fe380033e90848e9fd780be49aba2ff3c97b49f556f8c2c57ee69a15ff01fda1df9ff4434d7aca8049b3146255f870fac754dbb42945165ebbe7279b4998576f6e16332896b48e893f06148b7d470f513efa0f1272ae8578ba66e2042134cbdfaa1cfdd36a7f6c1874e858029429d9bb4f87eca7f7cf1900cd1667caf0f4cb74135301fae9e958f29bba29459de2208f84f4e2764e1fbed3aee309e74fd8598c602d6522f7aea29b73af70bebf10c924f588d7024855cb84f9098cbc7141ce5a6168ecc6d28e774adf9eb6aa9f28838e3e380b7b12dfbcdaaca0401efe633ad4ce12138d8a995b8b27721a2815c5e6331d2fd803c13e3175a5c02c5b5344409b06369a9d4b457db201512f00f53df67ae21fa597f5f3709ebedcfb347d6bf49df34179d0b7169a75a15af29869b2def01a7f5af087e444933ba11d51ce973d59a47efb884daf6cc5258d00a3d7f3ed3cfe450c72cdc5900569717c8699689607e66c5b5d6dc2ff8dff62e2047b30e80877827d2abba12e0af85b77246c7bad649631a9a0853cb79c7ba27f5f6ef5dac4613a7b5d1de79d83958ce4b37a17d593756f9c19cf3fffbcdc70eeb8cbecd6e77cb03e66fa3846bad89a2fe1e284f1fb227340cf4f4ce5bca6289c52410e98966446b4369d261ffc8057d56b625ddb09160298f1a015c1657c88603822566d9b4483801b4f5baaab4c530e61d9378132ec647d2444c04c446d3f2b972a46355ec08e505fa9995624e281292736808c8fa947cc4564c870f03ad931f58f68512c1327eaed18db6a55960ef8177b089011617e64df1d8dc0b9eb3010885f9eab7e098e5711f9e41f74d7b28943586666eb74ff79f67a16ae8d7e75561741c85c5f822f61b2552f877e739a77e20678d2c7a86cc6caa5852278be0cbecc1ddd7674b872e5d2e69c9a7383a33dc8f8c56548da95621211ac70dd89aa1862fa8969138e84810ec854b7b923bf7510ed97cb80037a84a8e66650bba2319dc30bbc3f40820e1b389f684db2d30ef28c470d82acea65419d20f518bbb6a99d734e82ed60fef979e6115fe870498670af117be3cec9aaa577caf1f61d5bbd12ce72a35b77bbc366c6790f44464efafb9cd8f9a097c6ac5423ed20e335c3992cc950b90fcbc7b4c3df2521a31d917af73058c93c1f3e26b47487736691c8b1370ddc613bad413982261e4e036579188b64cd9f39b1b4a32ca356769621c507b37f814ee0480b1a966ee9ebb56d6979a9d38236664fa1fcff19c8f0a429d86632e195e569ec47035c4eafe9185d19dc5e8c635a361af2b4fa33815361c000844615bce501648ee70730d7a1b1da4f0630b1ca90904f80e9e1efd1c8e1b61b05c4f040d5a0430381a53f4a1570491719560a3fb920d6722cafa0755605c955526e618221d1e4e766c35e84bd79ae479b5d178b241662cf9a124825101cc5e1373f3c9ce7625f7f08119fb011acceb88a9ff553639e7eeafc93b6135ecceb6eea4c3dab709005dd7be2f1490d1d648c99058f272bc325ce5fa663f4e68720a5f2b31986c66580a2be4204cf311fb3e5d61310445e942712bf5dc7e66a9370a5a4afb6aa03fefa3f0503d53cad9b79a3ef2ee9000edd8990d75ffa3759dbf0469b6e393bd3627a768bea18f533453b38d17dade925f7ca6babe27adc6fa3048d2a65bd2b0fd840a94ac5f317a1c839738ac89e7b22d1766308dd8247862f304fa51d727a27f0137fe19b371e5946555093e7ca69139c48afca4b4ac46c8d2f56d5e673e8b52dd94857fe953d10ca886c921b6626e869ac794a78d40bf49a025860fd57a0f437a4e650a9db9cddc93f8556482cd3676866d903b0f70601cc4eff564eaab292a4208d0534321e60119ffa6177934a2d1d7a6a1f1803e762c8d30e2a0d5311148bc21e4745b7c3dd57d0a616a2c49569942f2b48360df6c54f7a70f8a585b3a0d54feb7986d7d72ab0e16ba14187af4b9ac5a69428f1f61fe25e13cfb97ea30fd9a43e53b6841cdb766d6b3dcbc70277f2a0a12bff718b5bc50dec6fde5a0e24d23904edd201c8dfd51c1d198e325d65c18ce4d5ed1c6aaec28d40260949ed5c6bdc90f976c76dfdf399a9f9789fa9e176910f7ffb6427c3821fbc83747cb0d2ffe34b0b18fb34ddcaa70bb4624acd1ecf208e428b7fe89ed0cb0db2a7d74b284cf893807b4f76bdcfe9088912c8e83144b78ec8407aa37e94e5454946890174aa6be77e42fa0d764ae36855608d63d269164c3ca6a989232967f168c3f9b41c1204e02d7e9dc06010106f6b41987728775a5c31906bc7dfa33808e5523eacf7c914373ce8e61ea29407040feef8e9511fc04b7f2f9936a3161fccb7deecf83f507840898672fe13846ff8185ee0aa6734a704e4b7ab6ba3fb1c601e57528d68f8955fe42fcfa2ab0faae4008023b8a34ce4f861b5b86b5b507ac1cccf38355c5f0191e8ab29c90627657d6e100957cae6fbb3f0f4ae2049ed3a341732b4730b5bed1dfa97f0976dfebaf03a305da2a79d6b8f2e86f46bd7e257d170728d5aa55f786b5436a221b0d74355d55123fa1c9faf017103c3d6a6ed1e8e26fb8defd944c49929ff5ed4ead4e5782d14b09c9ebd593533c907679aa6a0b94fc8494291acb16e4bd2e4b953ac96f90ccee9e11ec88b4f590289915a6368716dc3e28dafcc5eab060d2c48911f288e501226a5145ea217e834eee7ebf0945e53baa08b8d72acc67fb14dfa47421081434b291a15babb97588c6ed5c7e79299056c70f5362953ef499b7a88c373a23302e3ecbc229824de95f12595f12580a3898533c48ef2385d7f398ce31c3dbb1c02547e84d0210595bad9a149ac653a3537edb419316f244f6a75108997b6597700df352b66acfc191c6b234c5c7beb2acf943f8274e0a159612f4ed440f3ff715fa2cff21b32444e5871a050e33e17695f1e3e7f65f82fa8783870c0c93f961807c6a56e666a5443948e2721570a9068ecaac4839c8209654e2efde43141b1551c9a966812b13bf4f9cbba828a1eb948a1e41a122e175c0ccaa9794660446cf18335ab13d1675a26eb81b1abdc776472d5da139a507f452159e3416532cf59eabfe01e72f4a4bfe86d293a7124ae3478443d00452c1a9be915f54ccee5d857fddb9ee4986c9186857fb4635a2bfb7b8885418fe48536cf60c67c10c729f92a8f91826e85e34e3eb78c186f2ff93b0972fbef4cbed448618e1c2cd7b5cd1b5d529317981b4ed973080615e0b385b41778cf536d9e24fb0ce048ec0dce5b075febaaf34de2cf59d9030e1a9ba924bbb5cb4098d82c511cc42cf9823ba77849bc867a6876096561ac209c2659baae0374ae4abb39b0ca54874eda8425942012fbca984a4c6c21071137eb4399d4c6891222c8aaf43cc78b1c8f2a9cec6b5acd748f9ac4de37b1dd18cd0f8d7f20337fd392ed10258457950184264a559b80c1ef92868676b258a9b579ea604adc0bd388a8b30822af1fa5120aba51e38e1dbaa840472e1f1f0eb86af5ec9f87a7324e49c4c0bd2b9365cb3d8c92acfdf479548acc9aace7a342284eb895b564fbb8bd577d4a310dfcf78f15be69da13b6710abc4cbe240a62798fdfba1b8a019f9c5fb462bf040cce44a1c8bda3819ea42627e71a5bbb0f8f3648daa2d26e81fff4dbaae971deb7dbd407b7583c9afdb7e7dfd7b81fbf1ca84d57b27e059acce70cb27ef3742e81a77889b01795adb0f070077b758d80e7a05dc66da4b9fed081100c3ccb5fd8ccc14dc36173673917dac8c6fa72c5989d0f6e0bd97501cbedd0a97137d3add8444330e1859005804e485fc997da58927f8cefabd995124e6baca61029dc3c4b091234610e04a7e8457c1dbd28a542497035615a990cd675d36eadd703492562404d366ac4359e66e5e8ec9e40cdf96cd1fdfbc0f2280d4358d96bdec660a6ae473723884aa79bd61b96ca11a7175d68a401a0b77882e7a44b3765a582018abe6a367d1478f5b06859e777f35d8f01a39c7960cb26477207dbc9a0a2af6d5beba095c606a9a11ee236aaf91e6b3b6be0639b2a13bf4471acc9f7f2f052d2a86c7ef0f0afe6ceabdc4f99036a05120b0c49cf80ec92b62c766035a5887f4bc8fa1e0c9c69a7b690c7cc2c8870f8e7beacba9b1a27c66f8d02e33c957d923b0a9dc4ef2b3237d2f83c72651966f8b13b24e1aaa5dd0122b75e3afc4cd478e296924349e077fab31a38e38cbea1dbc22689b82a1a4698fa4841bc0c0530dff14f368537c07eeac4a9c2e02e3b21669d0e039af22a4f38d4c21d861968bf312ede1ff02893fc44197363dfd89b5b704de61d609fe1d9013508e5b2276953ba5b1f8018c3a7b3c233d4cb3269f10ee6ca2fa9de79efe709659538108b36c1b71e4d2c3602459d57b8f46ffb541e2a6f4a19438fe3bd14be3e5682ddef68519cb56d79dd5b2b40d1281e84623b01af3c11f7b2cef780d06a0158ac7becf9b7cdc51618db8e7148a93637ca1a875d8ca2db07d78a5554760b792412c7c108335969c676888fa2d180030a8bbaca1c6c36b1fa26461146ddb13c6dc4247f18985a6cdfbdcb5a3455f497cf674fab04c84906627d32a0104d1cb3b1ebb9f398fb6c3a9af34a05ed7bb900335f1b84d2ffa2a589ec46f44399f4eb8f96928aa073f414765347cad3b0e03d551166e5e2ff9a89c15dabe0d46c925767df0f85e9c438ad99f0309400efdda91d4e61d0e592f8fda490b6791e41c098a9a839e040f5580b2d70f714e3b41ca8cb7a21fc2a778eb18a1e2a32c237c665fc4c496732e58b16f8607ab26b07bc59147218a8011068fa1d117b7e13a3c2b8cc6abcc8e184b0c7d061e94c0cf8c61b6ab194f3df5747ce68b3923b5998901c3d1294ba2a0df9fdc7a76c505bfd172a5c5bbcc0df736ec54a2a11b3a26115f1afd382adba6e3fde1e781737c12dab5c19bc5d27e91eab6579298d4b46c60c200d309df433841311008089ce0ab703ad7b7e17426391e22be7548e642cb4eb4703179cb102643aad424ddb72267b6cec2702fcacf19825303858fdeca7d5d3979c900db3ba5be2301c04a78c58ce20ac8f4a6bce27c4865f36511a4adb99ea25ebda5a6701c58347342ac876f80805695b8ad67501a793670fc76221641b89dfc5519389bc5ba56cd17b47bd2e075139c8db24e4c3a332723358ff5b8c6d3dc53fc79982fbbb6b887b36d52232d6d79684fed3add6c84fe070aedbd833165e5b547a3dcbb4977595fa9fb6d7d8b151858c3967b3e599571340568a2a651a3c6dad3a4a24127c28db3f27853cf3738a3476120f845df7803690ec6f97072b2e040995a957dfb6e3c27d55b7ff94f0fc44eb27b7fb81d5601ae88bd6de44163128bf423f1f76bdfaa9a170e43136acb8f5d3bde2b81e381635d4895f224fd8b7d9b04c8115454b0505ee03b332419c6ca3ffec3b127b036144ad4ea5b7d97482d298493e04c994ff2152815607c695991e85065f2c66a36a0c347a1e0b10ecf39500ed1476e9f6bb09ba569236d24459def02c37768956e567ca7c5c1c2ac05fb818d8610da9fb50cb6263edff4b6a165a13a1977f14f3b9101831b0f364f26e803ebede14a32fd37c5067c2be8c50be29d6757767424248ffb425d1780f9f164dd1d5a1999870af4f73bb09f632227351e0c5e24c357b7646edbaa599e0b62c569e32dbf0080dbf509879397c90ce4799b59e8888ae27844c760f901197250d395780e2e1087bd327c155dc31dc5b408e847b031f93e48345d3b32387934c9e68c9556b9d275d1634adecc0204ffb35d1960e736a34f0b07e2e7c4ffaf84ebc7ad39de16f968e1462c5371db06fdd21fe51b08ca295acbfe676e1e683bcb2dc9d3522b86191a151ac590fec45867cd81b97fd9a060e0e26f362b842390ba6dcf66ffedff1d26b87016b7108b4eb4a6dee0384a789d2305b871d7caec898358f01346d089844973aed3ae0a7a8fc6a5cc90a1533e0bb3696e243b28927da1630837a6aff33c2e8af1a7bfbe2ff8060d8df29f6b9643dcbe2e2a8721795636fe7b3187a48dd08a003f27dc2ddd76fb84db15572e0b2b857ed2ffe73526d92ee2a9b13f2693d2023bc7feb2ce769c2e8aa9973be33c77b5f8e147d4c7f414b18c9edc8cfa0169cbcc0c26d59f016fa1e80157bd8dac895a794a7211d83c84c7e003e663f65532018b22ed3e67be4eaf592a8a18b986245f6a8fded9b1562c6a106e04190cf0260905561565a131c3074a7af5a18dad69aa7d62636b9313c1d3e5689671912df51131315f715ea84d57849dce2ab105af433b034501128e2286e1d05384289711dd151ad097484755d32531508949a6e3caea36e6858ecb895f0ff5cb71f8b1cd677405139d5e95c6c34f421b0b1e0898aa74f7a96d7170dc0df19f1b88a0463608d964446967262ff7acafa54b0f95cd0c1b01c232db641cade388b6f348784e18cd33e97c132dfbd501700108b59ac80692371a4bca4f608d9357c6e1458cb372aaf02cf8742b164bf69aab3aa1bd6911202ae7d13f2d1cc27741e4856c9e2d654f72c205a9914969317b5dcefc8137aa564283d64f71209f82fe928836da1de181d6a52c9cdf1be072f8b5c44b063e7e3d629157ae1a768cfdc7105c6b50234b1dc8412f6d98038520fed97db8347cf02924291460fe3d392f21d7ac31aa6e90995756b6dc198c04a6c6eb6c5e41e1eddb8c78feff740273acf8938c0f52c108e5bfd7e559d73346e0b97595125992bfd6aa2097c0ff502482a641f8fa3b2f411a9bbeb9f8c03582ecd1d756013d793bb15b4c1f45f0a988f7bff685c493df30bafebfdcbd6b2ac26a743a0a21443ba776f17f021e80df5eed4926b10be1c952f839f6c87bc2457e1b95f73287895961a0d5874e61da6214b738124fc872376940480705aeb628919d8c9912909823ac384f6a072c72c03c12e2aa8462ce83737244f5525cebafbb491a2a75b4ae8006c2c9bb7d20b190987f5f85afd5b4c1fa8a643820590dcc5e9e55749df8e4aaac858fea295be26fe3891762cfc2fa45f823066280d2afad8653b94a813265f9d9107831181cf8839c72aadff85c745af743e0f22a30c28b4cfea2aa1139790d3e7b491b6b092bbb18bf773b06c3077ad3f1261b8f401e56d4c250c0f30e997e6a546f9cd1482b4717534065ffed131a8e4691e28456abc3ceca5849302cb85eb977a1743e9836ba2ab835f622cbfebbafac8a8edd97e5441ea0f84434b9949c4e5a91a7684947c0370d271e9788bd8222d5f53eee7491d20eb46c7321d5858e427b028ad279cb540c1a547fd18adea0e0d011cb7d251857c1ac23fb502f2ae515aa8c90bfa1bd693313100b6ff278212b06efb23fa836fd97331a9a276d3ec5f2256245674d65d043a072dae13c2649ea2f578583caa55b916ee6d65f510a94ac3ab6eca201f34f2074e631715b40478bafc594cde728d8f695287f2afe8af28859d5389034a75f89140eff05615cc41b06cc6879030cb0dc1788e4f34b3007a4081a4a8c8d8d47860699fd029d7d2a17c1ab2678fac43fedde3eacb441df00e61acf90d208591f70c75dd44892edc144795f86de15db7d9ae43dcb088c6eae8259dd224fdce809d6b4e2f13e6fe8e5b6da195ba0287ecabd18d48d1fd4f1e9438e120484df2e1ad9ceaae247b5b4c639413aef383d948dce80446ea125b67627d25f23e9fdf477351ac2d4f741e88dcd5f91550c71e72b84c90a5282f94bd9d1f08e3e240a0a4bb4cf556a52a994a8064a2c77e41d66077dc039957b795fc28239896eb2068ad16e84196b491dd47e16e12009398db1be984aaf6bf62fdb471a456b32c58f77c158461ac844dfb0858cfc81f591ae0105edde98acf7ea1c09599ae0e5c45b62f039e37a48b7ed91282aba6aab1d2c2b039b3f411b2f6897464a8ff2c333717e60a298be2709389cc644c70ce9c1a483a61e13617f0dc1902c3c8d84ca8ff9c0f43d022f448e100732afb8655c726e33ccdc2785d5ffd7ee533a1676ea93cb7f962dfd8ec47a32ef703fd560965b20a2fcd52207db1ef0046e4ddab569776ee7cf45f476772aafd16622b2613ccbcf4213183d5f079e9bee36d86ef709ae54422e38abe7a1db408b7ebfc72f6ca2b5dc19001142773fd827e72318c4fee1af716211d2401b104a2a40a2a3f4f683da6e5c8d827f798a73d2fa189371efaaf6f6e4c1a8460f6e6e51064dfa079adafc7d1f0472d042258395b2aaff31e943078e44a660b979e91e240628a12074a069b7045f20c9c9a9b2823d52d1a71cbd107b5b888170c2766fb012f60024c0aa6c5a7505cb17d925943b25101a0f9d2e78f40cca2d1266e06a85ab32f8f60dcd9caaad0bb5f7129fce17ab4ab9f2f1d9ffa5b9c3662498737d020614e54cffe567fb6d746c9a33065933c59b0f66429eb43013b43306506e0cb158d79d61938f52ec82a373bf7f03995e63b00fe4b109b3d918c7fb3e9d777771a510e1ba97321d2eff470d390776cd39cefcc1cba44bc0d0a5d7ab038a2cf4ae61285df7fd2c863d3ff26640f140d6c05222f1c7def48851a367405776cb72f19049b9f87e6192227bbddbfad8f8aa4822f6dc383b94e54821de59ed22ebca2babfcc7672606b90efc14eff624f338d0b63fb20fe28b3b3b1588788c12e77e20992e82eae0aa6ecf03a627fd66f251b6ca686142ea50223db2cb10936cb8e619b811a21f914b3f8ed1db52da0a40fc63df4623eeba59309ce490860eaf0020e63265a565102e050340f9148144011ab34c8617a8806153c8ae062293937ba31f789c97e937e7226a5e2715a214120e38fdd66c67e19d40471994d2b84d9f0acbfe2c255c671f3d70a5305dd13e7555dabbbb87cc4e62b1b34cfcc5d1b34a664d79a46d6826d4eebdb5d7df86128a3152ec3bedc77f6c1445732468ed7b91123cf314843e939e369b69d0c657f612a9a9c9ff40c396d2a3c05b27a57dd6198428f7fa2638eae170fe584310c11d0b13a15ec4c1b658d5782b20de550b166f2d89835a34a893cce987b8a807e21686ca78493c906285d7915390bbec275bd5535804b46ffc2de6cd313235ab52b8e04e98b4a7539b6298c974254284dcb32875029c8066988f141034fc156a5fa861826e49140cc2222099608bd279e6f7b3b12db95caae852eccbd8ce691e0bb937a6c83f929c3517a0eb2f247b397c828ea7a97be6cc6a357e47fd52df8be5581ba6b606b81f173656c4f7440b54e644ab775befa10887a1b66e1f27b98708e80c7e2bd8791ab006db14f261e8ee3ff42f3b8a3a899d8146d24896f8f6e3e7e104ef85fcf2f9453847774f63650f63cf6d944ebaabb9d7f5b3f1a3175860acf493534325b9b5da74bbc226c5f346aafe11a974d9accccee2df02a81d971f564bed3f7fac752203ad2c1e8cff090f8ead99885ac203351ec4280a1d016ca6c520061d864ed0fcab91033eff1f8c12de4e831bfa957c1e89921b97c5891538b9dffbf93b424e905923ca5f25bd64a17d3726922b9cdbfeed6c80ff9d06a3cfd0e9497a7b961aaf9538852a8e93eefc8ab49f416ee9d1b22d70472fcd0a774543cd8ef286ef9fc586c3661b3c8dd8de3af588f1d91bbc1d3f354b5a05f0689ca8e75f5ec3e1f75988f9058f0c154a4d2a748b2bf6b8705242a739356329878b0251f2683960a6e18f1e9719623bcbaf3176fbc0dda2125f506475c81c8fb1364de92538400a4278083aa7673e9fdd3a13e75ae0ccf78321dcaf637977fea58969252f6485a0c7644c2b072485dc76748ae76e2a229430b3b5a1d3b7785dc560f5914733425a02c6cbf177e85544b6ea8cdeb42f05707519d79d01f18742305d3fd952246abf5732675f000", 0x2000, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x10}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000008380)="1d3fc0588fbd1ee18d3d558a5847e5909b75ddf492b38ddca57fa90202c1981d37139db16dff89af93eba795c940c2869e89d66dacb9e0aed49166803315f8c1e3a428d3394e202f8983f2a7a557b15c11e2ae42e2f07ac634034c2c6d63fe5505d3cc16fb48a8119d815c5d5391518b847b1334f3d717d9ab5a4c85a58da58c7438e79be665e1b196897bdb462a2266798fb036d83bb993d48bfcb2774216931c85a4fece4b93b635c3f1e651560fcd6ce0b182aaf777cfa0bbbcb6e5e9f4d450fcb95559468684612a5bc1582e273fe8bd58088cf411e97f9b671a81d18e865c2d899716fa59c45d7034afa7ce30b800091bd01ca3df0e083e1457885eba6730a6c70601bba70b2323d6b669898290f43afd84c333ad8c4c3960f70d0e47eb8511071b4e2c6ce2b12332632052cb4367a98593bd39bfdf76d228925d3e7208fcd42d701881c3cad1cf204669e4c598c7ae544bdcabac797503bc1896d36bd0be9edb543d5428cb04daadc0b4e54144fe8a86e1e372cd773a00a3e759fee51aa7cdfedb8c2c13ed709add3235e70c1dff10cc5d473f6c1ea92354c8bb991be1c39f4fa739824cefb41621e8a6cc475599ad2a86f2cd5ffc85684346bd6aec793b06141ed44a4eea375dedfff21d720c725562ae759c5f4737c34d8f1183e6254016f5d54a90114ce910b4c214f35721edbab6b9ef69c89fb3f770915511ea31622c453c53f646b205a0c383cadc845ef9769e99dd58f242b24e98d8d74622f4b7a2b42eeec0881b435404805f177865eeb3263ac63038270dc90b418407cbd984de98df8a449ed3466bbcf6c4b140aa4c0fbcfd4d88e1534e17218c87c32fe2d88807e308fb8c3ab6ca8d145f7c6406459b926e07cb30ce4baddbb0824c0378589b3cf3e16c216163e2966d271b8484a47d3baa946cdae77fd61a10472da8efc228e405ab686ff5a29ccbf91f6cf62dc371e23198b34880f200428f4ca5214c2966c426ce9bdffd7ee2c597d80ff570f44f3a07f5eb24fa4483e2938c98a9e64459f04913564df5d1b29f93b934e95fb4f04dce100324e5d7e6c22b042b8773a792b88405831ffd63a5dec2e764df571214aeef33cbc6e66dc157a86dbeb1d55bb3cbf8e063dd536d0e0ff006ff850ab20fab4023ffaa07b6ab6f8651ee9ed593774a3c3520f595984278b30fb4c0cce3a0afb4836952a7115ac345557f1871511415bdb9f593057624cd8a150954241cd60dca17b688d97416c29b23a767e9184db7e19a74aee2f17d11fb024d906a22dd2ffa2da04c97348b74f4ab99248059d1ee542c5837acb69f1c83f50dc66f9e1674c1b157e1e4f95eb462cc8b3db4cb9fc52086c17f4d5a9fc1f7748dea1fd7af47a7989c1219fd22c91e95bd299d3ef22bc73409d9949422b6177a99b6a9f610b737887f75f718257b5b2dd515acff039886505cf2d8fcf9cf69f74b812121d219ab526480a565a6ec9c2dd4de1b5d2632833a81b5fd445bc049c5dfcb242abe6141943fab1417ba9d2174ed25c521a8e5f6d1354c93176b6d847aa9108b8f49313aa6fdc0a88d08d3cec4f9e623f829dc03aac91c5847d5de8d21dade12e7efadf216ac3746530ffda5d038fd0bc7d105fb8b9fd1cb2e789622b39c0d559c3f887e11d29cbbabfdbe9603ce261549babcba3ecc739203f08238a5ec44719015cf3bdc0eac85c3d72ca34725f09ef8a5fa7cbc3d9197ae877314de309182505e0dcdebb78fcafb35504344770642bb13a22914b9fe76fb948ff03a1a42cd1a799dc0330ff0586aae32fe45238978d2db16629ff8751893e41e9ac72303d91de135313999dde4d93e881b0f1998ab87e5f8e7463261fe872b3ec4ab2344d26a982e286e5e7bfa8126ef4de16fc6107e1b077598e1347cc7b74d57565d4cd9b66e76f6faf51b247ada9672af011db71d48ce36bdc6fa234e6ccbba32a450f837a7180fce70b08a199e7e4c4bd3af39c6b3e78d56f300a45463ff04a55542b01b721229fb35a788769dffe8105171a0cde67cbd9f066834fd24b0ce4ac39a0ab5f96e3f24917385ecc635d7b8be5d9585a5d389316f1323a9916241ad9b490c7505701133451705ad712296bc4519aacf073fa7419a9a81470c315390d4e22820eb0dd0c9605132016f883b8a5e9b9b9e08cdca196abba7f78732280b0b93278f469cc7ba81dc6e764746ea2604d8ce78e301bcf2b9e638849a36fca9f9386f5acf8d9084594c5f20504ad382d4c083c5965f633248f20f1c373e6ae69719bd21355290f50ed84da142127b2c6b0a4cdd4ef4c753edce171d49438ebd31223e8a36f3219a3d6c60ca3a08f88f10bfae1e6a2a5391846ef4e6dae8442b17f7d9f727f47bcd0208185ff18474f1ca1b64580069e35e47c9bff3e421799220dc01eafe2122ba5faff63cd0f275c831e7933391fc180840e9bb5acb5357b196d045853398e93569b56732a637327aaba610de7a00fcb10410457e4493d532c99bb6e95786517add55467f06a23521b7e92be2dca54c9c3df2542384a82d27cfd02bb16e44a9d8c5f07f7e232b794dfbaa8bcd89c359054c188bf5ea5c251bb787282d86b0ec738283e16ed5dd7a74b03cf483fdf8a14a82cf47f4b04185edc4a2dbfd6356927322a15dbe4f35848e6f10eb983797f2886a266b31c0ddda9e2f45282d137f2e6031d2a756a56552a756dcaa24821e3a54fc3cf38c08feb31cd4e32a464d9399b10d7eef1bd627cab3f22775f4ff9d8d5d017ed0d0ad49dad13ea4d1d2cff663d9796b43998956d17bafd8fa49b934dee9b583fe62088b251919291e3b4ca1cb89b9cb035ad8179f2b60d096f96dc1efdd350e09ca32abdd88bc5bc283f0a3fb32588c87e37e2da427a469689c65152558e312536a2fd5edf9bcc19f25501cc9de0fc3df1a595b61ec856455d184f77619ebe89911e165d81597081f903e9bf69e1d51c6fc1880186a356157306c2ef2860d04cbeea0286e4f56d85cdf91cdc2029bb5d1b77debcce4886041e3ca2d6ffd2ec999e5f177418f21979f3135ff517364d99db378ab03df76febd0b2fcf72e7476956428ca20e4be0c63779b112a393a05c5d44d6dc8088dc57a9c0a5b0c5e2a41d9a265a400e62ccaf48aa478f929b354f2013e3287546dc8a811fc7964a50a790888ddc1814039eee62313ddbcf1c55154e386b011b36d8c74888669f334ff7adb1dd421d43b6223ac8beeee98ef1e54e6dfb4fa69ca8a321b3c2edd30143fc17806b04f8bfc403a55467be88cf8507d94f245ca59d1ee050f4312169250ac8ca1eab6eb00df7bccaea896a6e2cdfce521a404913df83bca8e699913b4cfaaf62d00b90eeb3e106eb4aafb7bda8d0dc5383d191d54a253982bb3885dd6afff5f0d85560ab129bb4b411af28740534edae48bc106ac43c3aac6528f48e059d8cf0cf870f9dc6bb669f2b43bc1b42f46a28d82c200717be88d4493572535d2663e7500d865bca452bb7540d163823e78302dbea5cdece7e72b84880423a18fdc1a080e0f0bdc7a58b04b8959ff6f67b224fe72ef22fbf6adf4812e550772fcc5949a157371f1def1a020d951c005140cde6c887040cd035dd972fc75b7b469070b61e1a442a78db4c74f482b950ac7aae40b009c2d6736e9dfeef0e9c9d718409063c57b082beb648fe8b41d3ecf3ded5cb24f7c20edb6ec753c4574a594b62edd81d4deb269b9cde7e2cd63d8d6da58736454e383415574b6f88b0c4dc158be230beb2a67fce06e7d8a70c554ebc79c2d40a31b1c19797000a8596a79e8ef11d87bf2922e8805c455a3da4c4ea2c22ef52ece8082708fc1dbed09872afa250f8351778548e576e97e4b3da023455f8db349fcdf8523f52a56c9b1f3a863652b11ce7cc619d6eef1611e97d7f94ad7dd65f54f88cf49d3ea4490fe76411dd3de5799174d1017b9f3017c2c3f8f30bcf28b68d7833b7a8fa46c3c3b346e1e2f55d680d22c7136f9de526427657ee167cdf90c90142ba705465ce94bb1803a1540b36cd8d22d6d9115c002f2ce96bbac79a573ea858cbb8977d9087f1e0063cea8c86a9671405c4fea89012b241d94a31b15ad36cf388ce3ebe924019aa3ed069bd07a24a46f7f818fda0d6463893621d6531541a57449eaf57dc09c9767a598444e07f79e2beb85362ea93ef04d37e5c4438c8093c026b3c042bf3cfdf11e5db84c05d7cd6bb090ee7686d87551a807fa47c07a84e9fb490f0531d38b86c344ae8b48aff790bedf407b71cc49440bb2300f9d9f73726daa89c7b3ade0b84323a6da6e7639652b004ddd08dcc03a7064866bda6b17ce8c003737a4c3416551a6fb779c414d4fdfcd3b29bd0daeb69c965f8395269019691e1552da684b06febd81d5f71b9bf095ffc581e6333b10f7fc4a3f365c0bce141b95a6fe580a4183713103cae76c776bbd29a8b26a3f2314609d1540eae73e43ba296d7576e2d8769bae7cf7518966b631bb3b215fa6a56b97ea96e116421ba669617ecae72e3aa186b23a289059c16fae6aee21ddcb669592e5068d84287be2d80a72642de4950366b346285b42fd89f49ba3002315c4cb76c12ca0f96b0eb13547e701831646ba663b0622eae281da69c699860728775e6f71ef3e63cc010a2eefe8d4dc3622232d8abc022fbdfb7821f02da20ffc938a7228d5a8eef8a9e4fcdc2ae68ff7ba6f8ff7e7e36fa40d35658e727554f696c4df6a45647bd661450a2404dba0b6021bc7a82df05b4076f86a7f33faa26195eedc2377158fdae5c4704456805c8458f4d643e356736c2378172d11c33dd73b0e760ca9eb5e12d707001955d3e6c85d427a472de77d6c1e28220c8d84eae5c4403484bb0d1b7d207c0c9ea476d2efd0babc5b577fb333bfbccc396471997de9d71b3c2624be1d155ad787635d4fee3f253e5b5f9cfec484cbdd510bad883b79381e8c608ce793cfe175ddcfb49ac6f2cb67474b415568ea90411f455b651c5c6890c94047d86f2c6ccfd787361d6ede1fa2ad89e6dc9fa796405d8927c5197e17e771173ca5ffe4af4864bf6a9ff10ae142ce2ebd664ab94ad37352f36be1afb259c7b8627849af46447ac05600ebc9eb636aa2e56c0c8540857595c114e4c1c45bd735bd73ddbe21823232e1db6ab4b985a681ed4ef505e6025d4d234086f4bd8b422e4e7e31e823bf5ec1d514a328e1f9ed98eb289de2a44229c66382ad64e3a1fddc548786c52c4d74e6e5dfe1e471c20a8bd6a90c1320318e74e7a1f3d7dd04eb81b37b8157db526327bc7bdaf16b181ef71d813588c2747039cd9c62f2afb253ac3a743d083ee53ad6828060b214e69b73b2064e5a01aca0ff1f5b30329ab5fe285193711f4401bfda2c89afbde31adaf1e0a1a9dedac7ae09650183f460f4a93b0e1f48728fa0c2b1b70c5a2ce4cb3d99627f9389d94aeb64e27054cc71b26f7f281874fbfe82ba74e609a2ac05ed5ffaa344fa14091cddf0c77e883a295d529916a16d06b4207e4a72074707ff4f17e9657b6f55d021bfd432de6ee526d26b4f70e5f8da02c23d43cd2b0ae674a573258df27b775db221d416cbab68084c3f5214b199e2fcd84705772984c92c8bcffe37950e8f3fab716f994765d0b09549201bb19ed09364880ed17bfaf8be10e842051f9f096ef864266593b6d97767b20a5530683c88dbda542095e9b57ce6e04b19a682652a4b72cfb17844a0f6a9a1a89f3f26ba56a05117d20f3bfaeee61d7deb85532ddb7d662163aa6386c91f40ffa00db6f4a6523b0b494330a932bc544629c294044fd0ac6049f285923b613bba81064f84ffa71a900fa9732023c8fdb0c480f3154d0dd815e9f2661b3ccf3da7c3127156e3e094041e365c97dcc6e74965a659034701b9961f9b755eff6066448f65601e9e44e12a7423d94027e4f118b5cb9f33bd762520afaecacd404c6dd59dd791c1bbc87277d5028596cb62ff14be1146ea78626e182a5beb492503b18d620543301161de533af3fc1f666727366f10c784e2f0a1bb5f5860b873f03f26b03707c2b8cdca494b08cc98c365009d22f3231c7eb2a24dd6cdfacd577ac334c2a07bbea2af22689fa35cc663013588419b5256fbd52538c9c5e708ffda77c0e97ced2e703ea5229d4eabdeaee8165e80d5867969269c0897bc45d06b96589eba66dad2f98aa72ee0aaa4aa88d6e4fdb0df504131909629eb4fec1de621e14f5445903716fce8049f89a0493607b11e596ce14c2e81ea0905922abd9c8601f558be28d8a409c360a279b86a2a3d09d8c422ef396979b9c3aac8e05b02975419213ac78dc677eb0b3a524ac0baa037012a97fbaade89b939f66d3cbee41e0c05c62b27fb0ae6bce02f7163da983ced2708c16b2351c1460131a9e922f1c1b6981c67faca4710346ed65a4ee56de725bd193bae5574ea91e104f660c4d502b7155eccd61fe4c5b819676b8727492768fad9d13fab5a240ebbb005741d5bbc215139e07be5bb73e3f6b4c4be9519e81c7cd088864c16e4650ac64418133650e26b9ef9020f55438acc9e7161b2c74bd172354ccc051e6c4a6897354bab543a7f742ce799a6e182b86839173acb03f39fdcd4a7637bb48d2e4baf031079687707612c006197ae598d335c463b6d79e0cc3bb7ecc278b9407a0d53381bf3cb65e78adf03a7dee07409b97d2df91413f04828aa2440049b9e8dc4fd907d879fe8480a239beedf8b729dd76042f50985db6761ac1f2e7f0cc48ccc7ba4d0634b0e816c8c68eff96832fbba350afa1107f2da7c53bb9ba8407c30e41da1278f31cbbcc394aafd6a1df76276e39a8d3c27c417753695a74e7252ddd27542b4bc2b0ab4cb001d01411d288749bfbc24ea8472e2906201655ee65d3f435f158d3295590eccb3e84b3f09e12db00382dceb8846fe155eb20580c20781619a894ec92d9a80a422a10b7ea440c4ea0bf3fbbebc89b2c11f7f3e858c16cb823e10203a957bc48959b1d5e3aa69afbb8a5ad1bf617ed59836a289dace4a5224ef9226a6f3d27f869292bfbbf3607f5aa807d294caa053a85a2f54d97f76adf509593bdf46054fac6e4a6b66f173a31d5eade9a38f5106a16704e80d61658ba3799b00919f87c0b02fc4f7c288c0252f46240efa9044d7458f6b92497321f696831565fca86c1c0bb72b4952102b777b466861d22f78dce75b8055dbe3d73168d41059715a23c9ed906e80b2353f32fd43e92d5ce90821bd9c6b4063125339b8f3a8df16ac4b1b0ef85cdbbc6f2acc15ad9e0aeb19bb0617f8623dc029abc232a67447b1ee4f6c4ce234c1ea467a20e8cd21a097f096855a75525c55a2b30c74ff8011476addeafcb18b64ea09600d7056fca53a12a1f89501d00dfcc81f74760fa26e081043ea648148b1ef1e4906e0a65154fde2c554b4c36e97de184dc9169ff3a326cf4a14708fe3c6466c37eed71c44143fd2d5e22443d1b61fe42fcf52207f17422a96b222a1c8ac8656fe98d7f9b5088a725bb3889ce24da112f2cd88575217ca6087cfa659374a82cd7cdb63b47c3979fcf094b62ff72fd4f0adf0750bb3e001ca7772f0733a5fd15e81aea1abd929df4cb195760cceed8d76b20bae92244c685b6a74be268c64a8960e1d6ec3edb9e70986b77eba84051c28900ee9b6c52d4cb6d67eaac2f5cc5bb79c12a5cd23a06f8605b492e28983443d245c963b81ddcba2a561957786a3698e2a0ccc21146a95ca4d7e4cfe16da4b4738a36c95d42f4a83217ebc7d5d1f17ddf5cf87f8ec8de65f0e69491686c973e69faaa179e52a828863797755deed4c1eed27d51a8ba25fb0821b33ffce69425d27ca2ce73c7eb9bb976f3be629c5608993eb49acf22e78c1002ef8d53ba36ad0b913887a105c0c5cf1d2561b5c9e3101925d758039f6d27ab42029d5ae10ca096b71e4cce05b7f8f3cad02f08b6e2148a3cb5f12f5577f52d118ea055b47b136da35283cbc6ab9570d61b54af491665d9bd141c2a11eecad22b00429b8c5d7ca9c94907429da625315826e99f3e61537a00b554228975cb593bdca2b28c1b022e8f4e6b61694fa934fe35501633bb8736021a08f58deb6d3d462fe00b7e9b5ccb7e2f065003b16d0e54c66a9c9d33966135e410aa0bf48f59949771ebb1d38b3902865fc309e7c25bb5b4b7de8611ffe178877c31a8d1b191dbdeed9a2348fff1b6217553bd30d3d9b7eccbf64b872b26aa811199c76915ba43c610bf4169d8ffe09eafc1b0a4eccbb64a031872ab1b3e7a9b9d9cf1e3ed1a1b6a5b4a32ab67edab8fd693360c62c9f34b00dabe47cf1e8428e28d1202e556160f0d4b6ab524107f5ebce2a4782061503cab2a1e1aebfdfa22edd4536dd051a860e9788a5a4691b243893ea6b8f647cd9094b643b9354a600591cbda3d762e7dba265b9c8e6c338151709322a51d4389431047afa1031d18aa0bfeff5d1bc28c5e013eef0a26a7f1eb3c4dbb12a215882897a65608fc3da16a6de1ee7349d9853f6faaed5fbd974fd051627ed762f74341c6ceb06d4d4d635f599aca02471ea5e3dd5012cae344abdc3f990e62fc07aa325757d1bb2ba0bd7833bbfd1ad4aabe86cd389afffab65c73df538d6f9b2da50b9ce1b1be4835f85f2d77a01594d35f48b370b0b11516e8913aef45196a24b290c7491ef39a3a6afd3790b93214837c3247e76ee41a4bc1539caa78adbc5b49d471a9a1724e62c5192ddfca31882350dd906560cb257c3582c4f294193dee760a15b35c9b746c690a4728acce6339496aeb75c2e350ec68acd49683d23140feadc2dc3eb118a8e87281c60a18d22fd12998c4c3c30fa76f9c76d1a994cef1dde10e4b5554e4e4bb0d164e3b85e5ce16cac42403d3b2c687a9ac0b8813a5a2ff6fdfae0c41d9bd4da4f2dad84a309ed3e6f353e9b29cdc9bcfc0c2ea73364554f5f9100b9a01e55fb3d1cd857c9f42378a3ed6f32d87a9cfc4c8366d6a28297128226b6c31612f9b6c1deb481dc930c417f64eb53cf74abc5723375e6370498817273981af928e9d64c2e2c1f7aa46039f2bea921ee5505cdf50f5c18d0bcb6f4729936e9a0ac4cdd2ed63138e68ff225a93b21279722f0174dbdd83b7fc3f6e54f602107c099f18d31fb5d682345858d154475ec38820fb3f9e7d340e9757854944aabd9202d4154b3ae6996828474f0cf82d9162c29706a455253e2b7a236b7c54b7deaec10ac95d71c93f7ae57751c75a98a59be69628454cbc0632ccb25faa8108de381e12cb18758648ff42225d26cb7c3c78745b0fbd371480f58dbae1e32da2f5edd0b487a6cdc0200536c3a45533e91b3241f2d19b008de02891276acf3194deef6b28133da6b7aab644ae69e0d310cb29c9b100eccf9cc2aa140d718ae5a7bb03895ba915f2ed39a681152c6567390465f33d6addfed145bdff55795af7fda6bebea3c98f9b4d0f9538c9513d80c39369506638ac267bd2afbb0d0abe3c44715bae6a8f2fec7bf3178a5c8821c5a6b32692f13153c364ce41a6e6e9201b733bf8fef31d33d058af4891138acd31b38ed8dec427b1f5b29455c4721bc1b69a9fe0c588b134831f57c64fca00fce1b582042bf68c8d4f05e27c685c81677ab6331a084fa16f6df88a6a6c161d4a2043ec2e2586bfa0aff858793f41cf2003092e55205ccd9084422d53245ee37aa8f16604944051fd787754eef613a5b2a0893e0016fd00e7ea3b13c6f6a7f22ef4346790b5f2d2c0482eca4f59441d488edf51a5e71655f2c6a7e6f348e8f364ddce5a57e0252a6ad7dc6170ecd50b267673d3054b53f03bab834de4ff37dfb731ea2a2d678e6791c508b838bfa9f274a8ecf5f499ebd356976e989cdf7f25010cf28169a56ac2b2664bde64611273af5b475546b43056f436845c7987a986150bae9121485ad36d2991e5bb14015bb360a04d989dab9615140841fc55e6cdaf73c914120fc6fd8c1106d75305bd1ff6fff2318ba444caab42268716d5c12dd5afd97abc3a048f3feda20622c1f16061f4ded6ee023bd1fa87496081c08f4dc84d946cf0ed270122b6c36da77690db383187a0270e5e9dc2c7b7f13a6548dbff4a462424973e424ca4f16ee07956527336d26d86a3810b4747912d0d72b66ae8c5cb58c500f6d48c07479d74ad29cb2107d3bc2a0c67ccf82af7e19734902b3f1092a515f71deff0c98babdf0c6a06104c0fd996567bcb0d4970bffce62889c6847316bea599d7a2f35a19adaa500a0aa8c8f50bc44f80b4a0a0f2607a8e78dbe95fac49831e0d54c57b415bce00047d12b16c50c511e96ebb39271d85653edc76f3099effd558bd90e7b8fd0a5fa50af4e424c37c9ef5e907051e61b08ddfe49cb318c37dd5978d0f11672efdbee14949ebd178af583860979deb98354bbe911582b6b4b22aedc7ad1b9e25f4dc500362ec7531789e5b84420d8abc72778dbdedb38ccc1e9aebedc8aa345a96e6af55b57e612d7438aeb0442f5bdaf696a072b72300930c6321bb3f9f0a6d4e42d66df2f3207822cd8758cf349ac1d291a474136dd7506a5d65446f7fe6d8abd942ccc84e93bb12f705d92cdc51a287ff98fb45b4a08f89283b133c14bf1840037118a5d518fdd4fa8c9e49d94d61959db5e8d90220d531efba57910110de3585b4ee4ebd64f89c745ab9d713604092aeb735683dded3de2da3af777371e6c678dae6c86ce8a28ad22cf02c2884987c2f61b2fc764eca2e3f515c35e6697f74243d3a2cf2f9cdf3d3c9cd116b8aeed884d3ecf7da0c1ad282c561f17d59ff9991ff1e31631b5360493f01cfee17f40cc18cc4cc77ff85f8762b6c8b19618f7a916d8caf1e3f3010e8452e1350c0091cc4bc5e2e303a9c3103789c534b511dcc56f895508d1103cede5da804a021cbfc9b0a23025ee40d9f23f03e1c3cdc1152adc9d5fbb394e6ae07202cfc61ba4b2186d88d13ed722afa5543aaca9bbccbf8d972cfceb33a4410947082a56a2132cfabec36e3fe9b18f3a88793e5e64dfa8b61bebcbb952d2c3dfde8e54f7399446e61c4c481f4d25c168b65234483f36daa99bf034542d3354ea93bed1f3770570f503e5e59de2a8d3c61751f4a45d52ee887390a7bf2821219aef4f1fc2746e30decff269ad83b7dec01278f4952c759efdd02e59e642ad22cbcf1819a199ade65d76d75123b011a29b807cfe988eb2153b1cb81a9f13a7b23ee5f3372a97b111d59760a3fc8e2bd06a775553f7b7ebec7fd0e054a00a9eaf46a6310393ee387698ae80d180742c42ebba50ac3a3c615a84d9f6d1077905dacfaa7324ba6f94e88df6ab6898780b2809af5e8d630bc5132d1dc8e0b741ae663a90588d92676b261994c2af2cf4747a8314fb022b0d76f74a518de290376bde67b0156c880a8208b2fd5d22992e6978aa2425865354c441eb12d8c1214afe5531b64920096257a6c439504b8e6d15c5e8abd7701df50b15b8068e43472dcff88c800bef997a76bcb9e6f120d9bc7b302d40685f30c067c68c2db4ee3ffd1d7f146baffa2a9935a07a6136a237d3808ffd06c69f40cff61573fbe36e2fade8bed56a833f86d", 0x2000, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 714.086183][T15825] BPF:No data r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x185d42, 0x0) write$FUSE_STATFS(r2, &(0x7f0000000200)={0x60}, 0x60) 10:46:59 executing program 0: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, 0x0, 0x0, &(0x7f0000000540)=""/46, 0x2e}, 0x5}, {{0x0, 0x0, &(0x7f00000003c0)}, 0xdd7}], 0x3, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000, 0x2000002}, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) [ 714.360520][T15809] device syz_tun left promiscuous mode [ 714.367207][ T27] audit: type=1800 audit(1601462819.790:445): pid=15832 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=15793 res=0 errno=0 10:47:00 executing program 2: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket(0x1e, 0x1, 0x0) sendmsg(r1, &(0x7f0000001dc0)={&(0x7f0000000080)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x80, 0x0}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) r2 = getpid() sched_setattr(r2, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x44042, 0x0) ftruncate(r3, 0x2008002) sendfile(r0, r3, 0x0, 0x200fff) recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 714.567494][ T27] audit: type=1800 audit(1601462819.920:446): pid=15838 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="fuse" ino=1 res=0 errno=0 10:47:00 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg(r0, &(0x7f0000000f80)=[{{&(0x7f0000000040)=@in6={0xa, 0x4e23, 0x0, @mcast1, 0x2}, 0x80, 0x0}}], 0x1, 0x0) 10:47:00 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:47:00 executing program 5: socketpair$unix(0x1, 0x2, 0x0, 0x0) close(0xffffffffffffffff) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r0, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) [ 714.992118][ T27] audit: type=1800 audit(1601462820.420:447): pid=15846 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=15939 res=0 errno=0 [ 715.330711][ T27] audit: type=1326 audit(1601462820.760:448): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15847 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 715.354035][ T27] audit: type=1326 audit(1601462820.760:449): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15847 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 715.377077][ T27] audit: type=1326 audit(1601462820.760:450): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15847 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:01 executing program 1: r0 = timerfd_create(0x8, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000480)={{}, {0x77359400}}, 0x0) 10:47:01 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8000}, 0x4) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfdb8, 0x4008080, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 10:47:01 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) [ 715.956838][ T27] audit: type=1800 audit(1601462821.180:451): pid=15849 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=15939 res=0 errno=0 10:47:01 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x22, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x0]}}, &(0x7f0000000300)=""/250, 0x1b, 0xfa, 0x8}, 0x20) 10:47:01 executing program 2: dup2(0xffffffffffffffff, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xa, [@struct={0x8, 0x1, 0x0, 0xf, 0x0, 0x74d7b3be, [{0x1, 0x0, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f0000000300)=""/250, 0x3a, 0xfa, 0x8}, 0x20) 10:47:01 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(0xffffffffffffffff) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) [ 716.293074][ T27] audit: type=1326 audit(1601462821.720:452): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15864 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:01 executing program 1: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x22, 0x0, 0x0, 0x0, 0xa}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f0000000300)=""/250, 0x22, 0xfa, 0x8}, 0x20) [ 716.465305][T15872] BPF:btf_header not found [ 716.486604][T15873] BPF:btf_header not found 10:47:01 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x4, 0xc, 0xc, 0x4, [@struct={0x8, 0x0, 0x0, 0xf}]}, {0x0, [0x0, 0x0]}}, &(0x7f0000000300)=""/250, 0x28, 0xfa, 0x8}, 0x20) [ 716.507777][T15875] BPF: type_id=1 offset=0 size=2 [ 716.513196][T15875] BPF: [ 716.516024][T15875] BPF:Not a VAR kind member [ 716.520621][T15875] BPF: [ 716.520621][T15875] [ 716.568895][T15877] BPF: type_id=1 offset=0 size=2 [ 716.574214][T15877] BPF: [ 716.577046][T15877] BPF:Not a VAR kind member [ 716.581600][T15877] BPF: [ 716.581600][T15877] 10:47:02 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:47:02 executing program 2: gettid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000100)='./file1\x00', 0x1c3042, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x20000000}) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0x0) dup(0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000003c0), 0xffff) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000080)) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2d, 0x0, &(0x7f0000000080)) pipe2(&(0x7f0000004d40), 0x84000) bind$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file1\x00'}, 0x6e) syz_mount_image$tmpfs(&(0x7f0000004d80)='tmpfs\x00', &(0x7f0000004dc0)='./file1/../file0\x00', 0x0, 0x0, &(0x7f0000004e80), 0x41020, &(0x7f0000000200)=ANY=[@ANYBLOB="687567653d616c776179732c6e725f0900000065733d356d2c00295919254ed149cf9c46a778b59b28498d255a795f8bbad841b89c6ca49905be29d391446f67f9a5b0b5fadcb89f93cc3ecbde4848d603fb7d205603b4861a600c5e27d98f"]) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mq_unlink(&(0x7f0000000040)='}/}!@!\x8d,\xfc}*-\xe1\x00') ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000380)={0x2, 0x5a, &(0x7f0000000300)="0aebf9c9eb4b71bbdb9f2f5f7a119548066d05761d76ddf11c965c39a8054edbd6382e2f2a026b25ba37589f8f4abef3850d0d426e6160c2849e86fc5411ce8ed691a26318a1225b68d4da37d1f3d40f4991e8605d6255be8c34"}) [ 716.816929][T15881] BPF:Unsupported btf_header 10:47:02 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x802, 0x9, 0x500}, 0x40) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000002, 0x11, r0, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil) [ 716.847009][T15882] BPF:Unsupported btf_header 10:47:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 716.879337][T15885] BPF:Unsupported section found [ 716.891884][T15886] BPF:Unsupported section found 10:47:02 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(0xffffffffffffffff) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:04 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x802, 0x9, 0x500}, 0x40) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000002, 0x11, r0, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil) 10:47:04 executing program 3: perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000100)='./file1\x00', 0x1c3042, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x20000000}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffff) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2d, 0x0, &(0x7f0000000080)) 10:47:04 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:47:04 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={0x0, 0xd0}}, 0x0) 10:47:04 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(0xffffffffffffffff) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:04 executing program 0: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 719.410313][ T27] kauditd_printk_skb: 12 callbacks suppressed [ 719.410376][ T27] audit: type=1326 audit(1601462824.840:465): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15919 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 719.649697][ T27] audit: type=1326 audit(1601462824.910:466): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15919 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 719.673019][ T27] audit: type=1326 audit(1601462824.920:467): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15919 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:05 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:05 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:47:05 executing program 1: r0 = socket$inet6(0xa, 0x401000000001, 0x0) close(r0) syz_open_procfs(0x0, &(0x7f0000000340)='sched\x00') r1 = open(&(0x7f0000000400)='./bus\x00', 0x1145042, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x208200) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffa) 10:47:06 executing program 3: socket(0x0, 0x0, 0x0) socket(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setrlimit(0xd, &(0x7f0000000100)={0x1ff, 0x3ff}) [ 720.767108][ T27] audit: type=1326 audit(1601462826.200:468): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15950 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 720.790443][ T27] audit: type=1326 audit(1601462826.210:469): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15950 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 720.813564][ T27] audit: type=1326 audit(1601462826.210:470): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15950 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 720.836606][ T27] audit: type=1326 audit(1601462826.240:471): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15950 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 720.861657][ T27] audit: type=1326 audit(1601462826.240:472): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15950 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 720.885381][ T27] audit: type=1326 audit(1601462826.240:473): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15950 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 720.908419][ T27] audit: type=1326 audit(1601462826.240:474): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15950 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:06 executing program 0: socket$inet6(0xa, 0x0, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x169a01) ioctl$LOOP_SET_STATUS64(r0, 0x127f, &(0x7f00000001c0)={0xa00, 0x60000, 0x6000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, "b4700382000000a9d205dbb3dff500fffe7f3bf7f4b83d586c6513e4f21200000000000040010000804d000060554f9f5bb5d991883500", "d31e99c600575a02b8ad7e545b0000000b870100f5ff0008c19881dabb1d650504400000006f00008f699682431483812a4f9665080000008fe1abd1a74719a4", "1dd1000000000000000d9700"}) 10:47:06 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:47:07 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:07 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0x0, &(0x7f000051f000/0x4000)=nil) r0 = open(&(0x7f0000000200)='./file0\x00', 0x14100, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x802, 0x9, 0x500}, 0x40) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000002, 0x11, r1, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil) setsockopt$inet_udp_int(r0, 0x11, 0x0, 0x0, 0x0) 10:47:08 executing program 3: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000180)) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x0, &(0x7f00007fc000/0x600000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000000280)) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8982, &(0x7f00000000c0)={0x6, 'veth0_to_batadv\x00', {0x3}}) getsockopt$inet_udp_int(r1, 0x11, 0xb, &(0x7f00000000c0), &(0x7f0000000280)=0x4) 10:47:08 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={0x0, 0xd0}}, 0x0) 10:47:08 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x169a01) ioctl$LOOP_SET_STATUS64(r0, 0x127f, &(0x7f00000001c0)={0xa00, 0x60000, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4700382000000a9d205dbb3dff500fffe7f3bf7f4b83d586c6513e4f21200000000000040010000804d000060554f9f5bb5d991883500", "d31e99c600575a02b8ad7e545b0000000b870100f5ff0008c19881dabb1d650504400000006f00008f699682431483812a4f9665080000008fe1abd1a74719a4", "1dd1000000000000000d9700"}) writev(0xffffffffffffffff, 0x0, 0x0) 10:47:08 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 10:47:08 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={0x0, 0xd0}}, 0x0) 10:47:08 executing program 0: socket(0x0, 0x80002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000) setrlimit(0xd, &(0x7f0000000100)={0x1ff, 0x3ff}) 10:47:09 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:09 executing program 2: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) r2 = openat$vga_arbiter(0xffffff9c, 0x0, 0x200802, 0x0) fsetxattr(r2, &(0x7f0000000080)=@random={'osx.', ':-\x06\x00'}, 0x0, 0x0, 0x2) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) recvmmsg(r1, &(0x7f0000005540)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f4}, 0x80}], 0x1, 0x100, 0x0) mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) sendto$inet(r1, &(0x7f00000006c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ef922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecfa0b1a7511bf746bec66ba76b699d3a483904811c5709efa01fa13e4ddc813f76684d3d1529fea5d78b38267db0082270f62b41b50981b0313b668585ad32e8977c5f7c2dc112136b8f7392223205ad86f4a9de1cddb", 0x98, 0x11, 0x0, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000000)) 10:47:09 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 10:47:09 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={0x0, 0xd0}}, 0x0) 10:47:10 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x125f, 0x0) 10:47:10 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={0x0, 0xd0}}, 0x0) [ 725.189982][ T27] kauditd_printk_skb: 13 callbacks suppressed [ 725.190046][ T27] audit: type=1326 audit(1601462830.621:488): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16020 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 725.653781][ T27] audit: type=1326 audit(1601462830.701:489): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16020 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 725.679855][ T27] audit: type=1326 audit(1601462830.701:490): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16020 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:12 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) fdatasync(r0) 10:47:12 executing program 2: perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xba}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x169a01) ioctl$LOOP_SET_STATUS64(r0, 0x127f, &(0x7f00000001c0)={0xa00, 0x60000, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4700382000000a9d205dbb3dff500fffe7f3bf7f4b83d586c6513e4f21200000000000040010000804d000060554f9f5bb5d991883500", "d31e99c600575a02b8ad7e545b0000000b870100f5ff0008c19881dabb1d650504400000006f00008f699682431483812a4f9665080000008fe1abd1a74719a4", "1dd1000000000000000d9700"}) 10:47:12 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:12 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 10:47:12 executing program 0: r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000100)='./file1\x00', 0x1c3042, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x402c5828, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x20000000}) r3 = openat(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000000)={0x2, 'veth1_vlan\x00', 0x2}, 0x18) dup(0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000) sendfile(r3, 0xffffffffffffffff, &(0x7f00000003c0)=0x400, 0xffff) r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000080)) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2d, 0x0, &(0x7f0000000080)) pipe2(&(0x7f0000004d40), 0x84000) bind$unix(r4, &(0x7f0000000180)=@file={0x0, './file1\x00'}, 0x6e) syz_mount_image$tmpfs(&(0x7f0000004d80)='tmpfs\x00', &(0x7f0000004dc0)='./file1/../file0\x00', 0x85, 0x0, &(0x7f0000004e80), 0x41020, &(0x7f0000000200)=ANY=[@ANYBLOB="687567653d616c776179732c6e725f0900000065733d356d2c00295919254ed149cf9c46a778b59b28498d255a795f8bbad841b89c6ca49905be29d391446f67f9a5b0b5fadcb89f93cc3ecbde4848d603fb7d205603b4861a600c5e27d98fe2b6f3fcdf885f26c7b8bd88008e3060d0472b7d9f37438772cfaf8aa312cd228c7685a6d59d1e456b2af81a56900a43259ef6afda502d02a4b623df5e48172d5c8a04b3587efa1a65e0fa48778fef25ac6aec7535cc876e25a840fba09b5d4356e9358fc1e9357bb84f1de56920d473fe5f21a993374be4bd"]) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mq_unlink(&(0x7f0000000040)='}/}!@!\x8d,\xfc}*-\xe1\x00') ioctl$EVIOCSMASK(r2, 0x40104593, &(0x7f0000000380)={0x2, 0x5b, &(0x7f0000000300)="0aebf9c9eb4b71bbdb9f2f5f7a119548066d05761d76ddf11c965c39a8054edbd6382e2f2a026b25ba37589f8f4abef3850d0d426e6160c2849e86fc5411ce8ed691a26318a1225b68d4da37d1f3d40f4991e8605d6255be8c34c7"}) 10:47:12 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) [ 727.758586][ T27] audit: type=1326 audit(1601462833.161:491): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16041 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 727.782478][ T27] audit: type=1326 audit(1601462833.171:492): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16041 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:13 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) 10:47:13 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:47:13 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:13 executing program 0: ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x0, 0x0, 0x34) sendfile(0xffffffffffffffff, r1, 0x0, 0xfcf) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) io_destroy(0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_NMI(r3, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 10:47:14 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) 10:47:14 executing program 3: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x4ffe4, 0x0) [ 728.679097][ T27] audit: type=1326 audit(1601462834.111:493): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:14 executing program 2: perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0xc10812ff, 0x0) [ 728.831005][ T27] audit: type=1326 audit(1601462834.141:494): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 728.856496][ T27] audit: type=1326 audit(1601462834.141:495): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 728.880199][ T27] audit: type=1326 audit(1601462834.151:496): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 728.903173][ T27] audit: type=1326 audit(1601462834.151:497): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:14 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:47:14 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) 10:47:14 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:15 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0xc485, 0x0, &(0x7f00000003c0)) prctl$PR_SET_MM(0x23, 0x5, &(0x7f000051f000/0x4000)=nil) mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil) mlockall(0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000200)='./file0\x00', 0x14100, 0x100) openat$cgroup_procs(r0, 0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x802, 0x9, 0x500}, 0x40) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000002, 0x11, r1, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil) setsockopt$inet_udp_int(r0, 0x11, 0x0, 0x0, 0x0) 10:47:15 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6}, 0x10) 10:47:15 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0, 0x0) ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000040)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='attr/current\x00') preadv(r0, &(0x7f0000000480), 0x1e1, 0x0, 0x0) 10:47:16 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, 0x0, 0x0) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:16 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:16 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) [ 730.845825][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 730.845887][ T27] audit: type=1326 audit(1601462836.281:512): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16115 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 730.900876][ T27] audit: type=1326 audit(1601462836.331:513): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16115 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 730.924132][ T27] audit: type=1326 audit(1601462836.331:514): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16115 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 730.947369][ T27] audit: type=1326 audit(1601462836.331:515): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16115 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 730.970374][ T27] audit: type=1326 audit(1601462836.331:516): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16115 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 730.995589][ T27] audit: type=1326 audit(1601462836.331:517): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16115 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 731.019127][ T27] audit: type=1326 audit(1601462836.331:518): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16115 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 731.042086][ T27] audit: type=1326 audit(1601462836.331:519): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16115 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:16 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0x0) 10:47:16 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, 0x0, 0x0) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:16 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0xc485, 0x0, &(0x7f00000003c0)) prctl$PR_SET_MM(0x23, 0x5, &(0x7f000051f000/0x4000)=nil) mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil) mlockall(0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000200)='./file0\x00', 0x14100, 0x100) openat$cgroup_procs(r0, 0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x802, 0x9, 0x500}, 0x40) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000002, 0x11, r1, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil) setsockopt$inet_udp_int(r0, 0x11, 0x0, 0x0, 0x0) 10:47:17 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:17 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:17 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') syz_genetlink_get_family_id$batadv(0x0) [ 732.303355][ T27] audit: type=1326 audit(1601462837.741:520): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16134 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 732.452552][ T27] audit: type=1326 audit(1601462837.781:521): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16134 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:17 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, 0x0, 0x0) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:18 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0x0) 10:47:18 executing program 2: perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000640)=0x0) timer_settime(r2, 0x0, 0x0, 0x0) 10:47:18 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:18 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') syz_genetlink_get_family_id$batadv(0x0) 10:47:18 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:18 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(0xffffffffffffffff, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:18 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0x0) 10:47:19 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f00000004c0)='batadv\x00') syz_genetlink_get_family_id$batadv(0x0) 10:47:19 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:19 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:19 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(0xffffffffffffffff, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:19 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:19 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 10:47:19 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x4, 0x0, 0x0, 0xe73}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r1 = creat(&(0x7f0000000140)='./file0\x00', 0x0) fallocate(r1, 0x0, 0x40000, 0x4) fallocate(r0, 0x0, 0x0, 0x10fffe) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x3f000000, r1}) 10:47:20 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:20 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:20 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:20 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 10:47:20 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(0xffffffffffffffff, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:20 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:20 executing program 2: r0 = socket(0x10, 0x803, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000340)='/dev/sg#\x00', 0x0, 0x5) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff824f400005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)="53000000fcffffff770000004100040000009600000000000000a4000000000000000000", 0xffffffe5}], 0x2) ppoll(&(0x7f0000000080)=[{r0, 0xd540}, {r1}], 0x2, 0x0, 0x0, 0x0) 10:47:20 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:21 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6}, 0x10) 10:47:21 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:21 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x0) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:21 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) [ 736.239763][ T27] kauditd_printk_skb: 32 callbacks suppressed [ 736.239827][ T27] audit: type=1326 audit(1601462841.671:554): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.272728][ T27] audit: type=1326 audit(1601462841.671:555): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.295811][ T27] audit: type=1326 audit(1601462841.681:556): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.319072][ T27] audit: type=1326 audit(1601462841.681:557): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.342128][ T27] audit: type=1326 audit(1601462841.681:558): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.365535][ T27] audit: type=1326 audit(1601462841.681:559): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.389335][ T27] audit: type=1326 audit(1601462841.681:560): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.413171][ T27] audit: type=1326 audit(1601462841.681:561): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.436185][ T27] audit: type=1326 audit(1601462841.681:562): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f02549 code=0x7ffc0000 [ 736.459351][ T27] audit: type=1326 audit(1601462841.681:563): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16221 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02549 code=0x7ffc0000 10:47:22 executing program 2: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x80e85411, 0x0) 10:47:22 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:22 executing program 4: 10:47:22 executing program 2: 10:47:22 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x0) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:22 executing program 3: setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:23 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:23 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:23 executing program 4: 10:47:23 executing program 3: setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:23 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x0) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:23 executing program 2: 10:47:23 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:24 executing program 4: 10:47:24 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:24 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x0, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:24 executing program 3: setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:24 executing program 2: 10:47:24 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:24 executing program 4: 10:47:24 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x0, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:25 executing program 2: 10:47:25 executing program 3: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:25 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:25 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:25 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x0, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:25 executing program 4: 10:47:26 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:26 executing program 2: 10:47:26 executing program 3: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:26 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:26 executing program 4: 10:47:26 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, 0x0) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:26 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:26 executing program 2: 10:47:27 executing program 4: 10:47:27 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, 0x0) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:27 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:27 executing program 3: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:27 executing program 2: 10:47:27 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:27 executing program 4: 10:47:28 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, 0x0) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:28 executing program 4: 10:47:28 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:28 executing program 2: 10:47:28 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:28 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:29 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:29 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000000)=0x4) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:29 executing program 4: 10:47:29 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:29 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:29 executing program 2: 10:47:29 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:29 executing program 4: 10:47:29 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:30 executing program 0: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:30 executing program 2: 10:47:30 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:30 executing program 4: 10:47:30 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:30 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x12f}]) 10:47:30 executing program 2: 10:47:30 executing program 0: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:30 executing program 4: 10:47:31 executing program 4: 10:47:31 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:31 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:31 executing program 2: 10:47:31 executing program 0: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:31 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x0, 0x0) 10:47:31 executing program 4: 10:47:31 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:31 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:32 executing program 2: 10:47:32 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:32 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x0, 0x0) 10:47:32 executing program 4: 10:47:32 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:32 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:33 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x0, 0x0) 10:47:33 executing program 2: 10:47:33 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:33 executing program 4: 10:47:33 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:33 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:33 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:33 executing program 2: 10:47:33 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x0, &(0x7f0000000040)) 10:47:33 executing program 4: 10:47:34 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:34 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:34 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740), 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:34 executing program 2: 10:47:34 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x0, &(0x7f0000000040)) 10:47:34 executing program 4: 10:47:35 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:35 executing program 2: 10:47:35 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:35 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740), 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:35 executing program 4: 10:47:35 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x0, &(0x7f0000000040)) 10:47:35 executing program 2: 10:47:35 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:35 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:36 executing program 4: 10:47:36 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740), 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:36 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1, &(0x7f0000000040)=[0x0]) 10:47:36 executing program 2: 10:47:36 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:36 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:36 executing program 4: 10:47:36 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:36 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:37 executing program 2: 10:47:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1, &(0x7f0000000040)=[0x0]) 10:47:37 executing program 4: 10:47:37 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:37 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:37 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:37 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:37 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, [], 0x1c}, 0xd}, 0x1c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sendto$inet6(r0, &(0x7f0000000200)='\n', 0xfffffdef, 0x46812, 0x0, 0x1f4) 10:47:37 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001a0000000c0001"], 0x20}}, 0x0) 10:47:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1, &(0x7f0000000040)=[0x0]) 10:47:37 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:38 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:39 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001a0000000c0001"], 0x20}}, 0x0) 10:47:39 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:39 executing program 2: bpf$MAP_CREATE(0xc00000000000000, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [0x31, 0x6c, 0x4a, 0x400100]}, 0x40) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0xb, 0x8, 0xec, 0x5, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={r0, &(0x7f00000002c0)}, 0x20) 10:47:39 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:40 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x12f}]) 10:47:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000b80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000000)=0x14) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0xfffffec6) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), 0x3) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:47:44 executing program 1: exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:44 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:44 executing program 4: ioperm(0x0, 0xd0, 0x7) prctl$PR_SET_PDEATHSIG(0x22, 0x0) 10:47:44 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:44 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x12f}]) 10:47:44 executing program 2: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/urandom\x00', 0x841, 0x0) write$binfmt_aout(r0, &(0x7f0000000300), 0x20) 10:47:44 executing program 1: exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:44 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x18}, [@ldst={0x7, 0x3, 0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x40) 10:47:44 executing program 2: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0x79d7, 0x1, &(0x7f0000000300)=[{&(0x7f0000000680)="040005090000000066617400040409000200027400f82c09", 0x18}], 0x2008080, &(0x7f0000000080)=ANY=[]) 10:47:45 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:45 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="0004"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:45 executing program 1: exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:45 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x109, &(0x7f0000000180)="c4c691019919da078a0098d1e0a593b040f762910000000000000022adf96f7bee0e6333b5cacd893169b618322ff6602022511253508b5a4496728c2a46e1bc340e29b9ab9b7136283e350808ffdb2dc4a74110b68fe4cc30094b1adacdcfac32957dc8bb44e202c4b1bc83d8e68fcb409b4b0764a6cf395689c0666688ff99f911f4ca43dfa97168fad72b0cd3e8bd3e1a0cad036b7f1f9cd1c094f7e71b63bfb2362e10597be447b5540635ab1f9922316d48d8fc31257cfca1ad6be828f8bfe19b23860f0506da2d1c8140738ddafa201c9107b1d64dca85e67534fd84402dc7e28e417406f03b49d2b74945e6eaaabdf9d8a22957787a0a25616e552143d2ead4a66ecb3b5647"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x40) 10:47:45 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="0004"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:45 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:45 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x12f}]) 10:47:46 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:46 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="0004"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:46 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3da, 0x0, 0x0) 10:47:46 executing program 4: socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f00000004c0)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc50xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) 10:47:47 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:47 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:47 executing program 2: syz_open_dev$sg(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x79) r1 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x1) keyctl$chown(0x4, 0x0, 0x0, 0x0) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000380)) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) process_vm_readv(0x0, &(0x7f0000000380), 0x0, 0x0, 0x0, 0x0) sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, 0x0, 0x0) ioprio_set$pid(0x0, r0, 0x0) 10:47:47 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, 0x0, 0x0, 0x0, 0x0) 10:47:48 executing program 1: perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:48 executing program 4: bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0xe, 0x4, 0x8, 0x4, 0x4, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) 10:47:48 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) 10:47:48 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @private1}, 0x1c, 0x0}, 0x0) [ 762.748954][T16621] hub 9-0:1.0: USB hub found [ 762.755382][T16621] hub 9-0:1.0: 8 ports detected 10:47:48 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, 0x0, 0x0, 0x0, 0x0) 10:47:48 executing program 2: set_mempolicy(0x3, &(0x7f0000000040)=0xe4e, 0x6) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)) 10:47:48 executing program 1: perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:48 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) read$alg(r1, &(0x7f0000000100)=""/14, 0xe) sendmmsg$inet6(r1, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000000c0)="e6", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)='&', 0x1}], 0x1}}], 0x4000070, 0x8000) 10:47:48 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, 0x0, 0x0) 10:47:49 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) 10:47:49 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x80000000000007b, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, 0x0, 0x0, 0x0, 0x0) 10:47:49 executing program 2: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000880)='/dev/loop#\x00', 0x0, 0x0) ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000040)={[0xd000, 0x0, 0x0, 0x1000], 0xe46a, 0xb4}) setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4}, 0xc) pwritev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f00000008c0)}], 0x1, 0x0, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000440)={0x0, {}, 0x0, {}, 0xfffffffe, 0x0, 0x16, 0x19, "408b0301dcb8a402cc02a52532785aec11a63f6832927e2a8932b66ca63aa002e00751470e814ab516c15286fd2042040000000200", "b89b67ed7f1d20d113f405d53b1b4549a3fcb55be159afa1c02188b895618eab"}) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ttyS3\x00', 0x28001, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000580)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0x20, 0x0, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x24004000) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f0000001fc0)=""/234, &(0x7f00000020c0)=0xea) 10:47:49 executing program 1: perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:49 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, 0x0, 0x0) 10:47:49 executing program 5: r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000180)) 10:47:50 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x2, 0x3, 0x340, 0x0, 0x1f8, 0x1f8, 0x1f8, 0x0, 0x2d0, 0x1f8, 0x2d0, 0x2d0, 0x2d0, 0x3, 0x0, {[{{@uncond=[0x2], 0x0, 0x1c8, 0x1f8, 0x0, {}, [@common=@inet=@hashlimit3={{0x158, 'hashlimit\x00'}, {'veth0_to_hsr\x00'}}]}, @common=@inet=@SET2={0x30, 'SET\x00'}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "dae7bbe9998a260a8f00a30e54d356de8911e05d607ed2184b8a7d2f9d2e"}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3a0) 10:47:50 executing program 4: r0 = syz_io_uring_setup(0x15a3, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00'}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x4}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 10:47:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100)='SEG6\x00') sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {0x1, 0x0, 0x3}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_HMACKEYID={0x8}]}, 0x24}, 0x1, 0x6c}, 0x0) 10:47:50 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:50 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, 0x0, 0x0) 10:47:50 executing program 0: r0 = eventfd2(0x0, 0x0) poll(&(0x7f0000000000)=[{r0, 0x1011}, {r0, 0x50db}], 0x2, 0xffff) writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000040)="9ec17d0312d12b27", 0x7ffff000}], 0x1) semget$private(0x0, 0x0, 0x0) 10:47:50 executing program 5: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) sendto$inet(r0, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x7a1d, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/155, 0x9b}], 0x1, 0x0, 0x15000000}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000640)=""/198, 0x1c7f65}], 0x1}}], 0x2, 0x0, 0x0) 10:47:51 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:51 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1a, &(0x7f0000000200)=[{&(0x7f0000010000)="ed797e4f8552627383e3e8bd94f93266a9865926fc25edc5cf0279bbc6da70978ae5b4014ad84168867201e7db0b90b5000001000000000001000000000000005f42485266535f4d05000000000000000090d001000000000010500100000000000000000000000000000000000000000000000800000000008000000000000006000000000000000100000000000000001000000010000000100000001000008100000005000000000000000000000000000000000000000000000045010000000000000300000000010000000000000000000008000000000000800500000000001000000010000000100000000000000000000000000000000000000000000000000000000000000000fcb59327a7f74902bb9eeb47ff814c508ae5b4014ad84168867201e7db0b90b5", 0x12b, 0x10000}, {&(0x7f0000010200)="0000000000000000000000ffffffffffffffff", 0x13, 0x10220}, {&(0x7f0000010300)="00000000000000000000000001000000000000e4000050010000000000008000000000000200000000000000000001000000000022000000000000000000010000000100001000000200010001000000000000000000500100000000fcb59327a7f74902bb9eeb47ff814c5001000000000000000000d00100000000fcb59327a7f74902bb9eeb47ff814c5000000001000000000022000000000000000000010000000100001000000200010001000000000000000000500100000000fcb59327a7f74902bb9eeb47ff814c5001000000000000000000d00100000000fcb59327a7f74902bb9eeb47ff814c50", 0xed, 0x10320}, {&(0x7f0000010400)="00000000000000000000000090d001000000000500000000000000001050010000000005000000000000000070d0010000000005000000000000000000d0010000000004000000000000000080d0010000000005000000000000000040d0010000000004000000000000000000000800000000008000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000020000000000000000801000000000000200000000000000006010000000000002000000000000000040100000000000010000000000000000701000000000000200000000000000005010000000000001000000000000000000000800000000006000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030500000000000030000000000000000001000000000000300000000000000002050000000000003000000000000000040500000000000030000000000000000105000000000000300000000000000005010000000000001000000000000000000000800000000006000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010d001000000000400000000000000000050010000000004000000000000000020d0010000000004000000000000000000d0010000000004000000000000000030d0010000000004000000000000000040d0010000000004000000000000000000000800000000008000000000000001", 0x274, 0x10b20}, {&(0x7f0000013600)="000000000000000000000000000000000002000000000200000000000000000001000000000024000000000000000000010000000100001000000200010001000000000000000000500200000000fcb59327a7f74902bb9eeb47ff814c5001000000000000000000500400000000fcb59327a7f74902bb9eeb47ff814c5000008000000000000200000000000000000001000000000022000000000000000000010000000100001000000200010001000000000000000000500100000000fcb59327a7f74902bb9eeb47ff814c5001000000000000000000d00100000000fcb59327a7f74902bb9eeb47ff814c5000008000000000000200000000000000000001000000000001000000000000000000010000000100001000000100010001000000000000000000d00000000000fcb59327a7f74902bb9eeb47ff814c5000008000000000000200000000000000000001000000000004000000000000000000010000000100001000000100010001000000000000000000500000000000fcb59327a7f74902bb9eeb47ff814c5000004000000000000200000000000000000001000000000002000000000000000010000000100000001000000100000001000000000000000000100000000000fcb59327a7f74902bb9eeb47ff814c50010000000000000000000008000000000000400600000000001000000010000000100000000000000000000000000000000000000000000000000000000000000000fcb59327a7f74902bb9eeb47ff814c508ae5b4014ad84168867201e7db0b90b5e4ddd8a1d9179bd54f8eb160128d1e1c1298f4adadd4c3336b60e9619dc8ea608ae5b4014ad84168867201e7db0b90b50010500100000000010000000000000101a2aca44e544e5aa6dc887ce69fb9d00500000000000000030000000000000004000000000100000000000000d80100000000000000390f0000620000000001000000000000e40000d00000000000e90e0000500000000001000000000000e40000500100000000790e0000700000000001000000000000e40000d00100000000090e0000700000000001000000000000e40000d00100000000090e0000700000000001000000000000e40000d00100000000b90d000070", 0x338, 0x1500dc0}, {&(0x7f0000013a00)="000000000000000000000000000000000002000000000200000000000000000001000000000024000000000000000000010000000100001000000200010001000000000000000000500200000000fcb59327a7f74902bb9eeb47ff814c5000000002000000000200000000000000000001000000000024000000000000000000010000000100001000000200010001000000000000000000500200000000fcb59327a7f74902bb9eeb47ff814c5000000002000000000200000000000000000001000000000024000000000000000000010000000100001000000200010001000000000000000000500200000000fcb59327a7f74902bb9eeb47ff814c5001000000000000000000500400000000fcb59327a7f74902bb9eeb47ff814c5000008000000000000200000000000000000001000000000022000000000000000000010000000100001000000200010001000000000000000000500100000000fcb59327a7f74902bb9eeb47ff814c5001000000000000000000d00100000000fcb59327a7f74902bb9eeb47ff814c5000008000000000000200000000000000000001000000000001000000000000000000010000000100001000000100010001000000000000000000d00000000000fcb59327a7f74902bb9eeb47ff814c50010000000000000000000008000000000000800500000000001000000010000000100000000000000000000000000000000000000000000000000000000000000000fcb59327a7f74902bb9eeb47ff814c508ae5b4014ad84168867201e7db0b90b5", 0x240, 0x1501dc0}, {&(0x7f0000014500)="960ef920f3152138f1ff93aa3e45e95c9577558f9a2fc3a2c79efcde6a19a40e8ae5b4014ad84168867201e7db0b90b50000d00100000000010000000000000101a2aca44e544e5aa6dc887ce69fb9d00400000000000000050000000000000002000000000001000000000000010000000000000000fb0e0000a000000000010000000000000c0001000000000000ef0e00000c", 0x94, 0x2500000}, {&(0x7f0000014600)="0000000000000000000000000000000000000000000000000000000002002e2e03000000000000000000000000000000000000000000000000100000000000000000000000000000010000000000000000000000ed41000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006a315f5f00000000000000006a315f5f00000000000000006a315f5f00000000000000006a315f5f", 0xb8, 0x2500f40}, {&(0x7f0000015a00)="00000000000000000000000000000000030000000000000000010000000000000000d00100000000000000020000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000d00100000000000000020000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000500100000000000080000000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000500100000000000080000000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000d00000000000000080000000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000500000000000000080000000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000100000000000000040000000000001a2aca44e544e5aa6dc887ce69fb9d0bd0a94d528e3dcfd370c47cef7ac7781ed5a881dc4efd1eac286bdf7a5efe6dc8ae5b4014ad84168867201e7db0b90b50040d00100000000010000000000000101a2aca44e544e5aa6dc887ce69fb9d0040000000000000007", 0x1b9, 0x2503ea0}, {&(0x7f0000015d00)="0000000000000000000000000000000000000000000000000000000002002e2e04000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000ed41000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006a315f5f00000000000000006a315f5f00000000000000006a315f5f000000000000000000000000000000000000000067b8ba5645df071d19c5cfb43d18aab2b66d065b9c205449d98e91d2496f57678ae5b4014ad84168867201e7db0b90b50060d00100000000010000000000000101a2aca44e544e5aa6dc887ce69fb9d004000000000000000900000000000000010000000009af3fbe4f644eedfb88000edd72596194930f000008", 0x13b, 0x2505f40}, {&(0x7f0000015f00)="0000000000000000000000000000000000000000000000000500000000000000ebca007d01bcba478db62870dcb2c54744e68af1df228b7d4bd1ae3e07f3acf88ae5b4014ad84168867201e7db0b90b50070d00100000000010000000000000101a2aca44e544e5aa6dc887ce69fb9d0050000000000000002000000000000000b000000000000d00000000000c00000800000000000830f0000180000000000500100000000c000008000000000006b0f0000180000000010500100000000a900000000000000004a0f0000210000000000d00100000000a90000000000000000290f0000210000000000d00100000000c00000000200000000110f0000180000000040d00100000000a90000000000000000f00e0000210000000050d00100000000a90000000000000000cf0e0000210000000060d00100000000a90000000000000000ae0e0000210000000070d00100000000a900000000000000008d0e0000210000000080d00100000000a900000000000000006c0e0000210000000090d00100000000a900000000000000004b0e0000210000000060d00100000000a900000000000000004b0e0000210000000060d00100000000a90000000000000000330e0000210000000000500000000000c00000800000000000f30e000018", 0x1e0, 0x2506fe0}, {&(0x7f0000016100)="010000000000000004000000000000000200000000000000010000000000000004000000000000000200000000000000010000000000000005000000000000000200000000000000b00100000000000000010000000000000005000000000000000200000000000000b00400000000000000010000000000000005000000000000000200000000000000b00200000000000000010000000000000004000000000000000200000000000000b00900000000000000010000000000000004000000000000000200000000000000b0f7ffffffffffffff010000000000000004000000000000000200000000000000b00700000000000000007000000000000000010000000000002400000000000000010000000000000004000000000000000200000000000000b00500000000000000010000000000000005000000000000000200000000000000b003000000000000000010000000000000000100000000000022000000000000000000000000000000000100000000000001000000000000008f2794f9a0b41350deb46e8a2e83d8ce1d321d0b9cb0fc57603be9ee571c485a8ae5b4014ad84168867201e7db0b90b50080d00100000000010000000000000101a2aca44e544e5aa6dc887ce69fb9d00500000000000000040000000000000005000000000100000000000000cc0000d000000000006b0f0000300000000100000000000000cc00005001000000003b0f0000300000000100000000000000cc0000d001000000000b0f0000300000000100000000000000cc0000500200000000db0e0000300000000100000000000000cc0000500400000000ab0e0000300000000100000000000000cc0000500400000000ab0e0000300000000100000000000000cc00005004000000007b0e000030", 0x291, 0x2507e80}, {&(0x7f0000016400)="00000000000000000000000000000000030000000000000000010000000000000000d00100000000000000020000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000d00100000000000000020000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000d00100000000000000020000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000d00100000000000000020000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000500100000000000080000000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000500100000000000080000000000001a2aca44e544e5aa6dc887ce69fb9d0030000000000000000010000000000000000d00000000000000080000000000001a2aca44e544e5aa6dc887ce69fb9d0171a204a293d6efc66c5e13925bd7d862f893d90cbdb59529c1c6214d06b4f7d8ae5b4014ad84168867201e7db0b90b50090d00100000000010000000000000101a2aca44e544e5aa6dc887ce69fb9d0050000000000000001000000000000000a000000000200000000000000840000000000000000e40d0000b701000004000000000000008400000000000000002d0c0000b701000005000000000000000c06000000000000001c0c0000110000000500000000000000840000000000000000650a0000b70100000600000000000000010000000000000000c5090000a000000006000000000000000c0600000000000000b90900000c000000060000000000000054d2c2bf8d0000000094090000250000000700000000000000840000000000000000dd070000b7010000090000000000000084000000000000000026060000b7010000f7ffffffffffffff8400000000000000006f040000b701", 0x2bd, 0x2508ea0}, {&(0x7f0000016700)="0000000000000000000000000000000000000000040000000000000000010000000000000050d001000000000000000000000000001000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000004", 0x64, 0x2509560}, {&(0x7f0000016800)="0000000000000000000000040000000000000000000000000000000060d001000000000000000000000000001000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000004", 0x5b, 0x2509720}, {&(0x7f0000016900)="000001000000000000000000000000000000030000000000000000100000000000000000000000000000010000000000000000000000ed41", 0x38, 0x2509840}, {&(0x7f0000016a00)="0000040000000000000000000000000000000040d001000000000000000000000000001000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000004", 0x52, 0x25098e0}, {&(0x7f0000016b00)="00000000000000000000000000000000000000000000000000050000000000000084ffffffffffffffff0000000000000000000007000264656661756c74000000000000000002002e2e03000000000000000000000000000000000000000000000000100000000000000000000000000000010000000000000000000000ed41000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006a315f5f00000000000000006a315f5f00000000000000006a315f5f00000000000000006a315f5f000000000000000001000000000000000000000000000000030000000000000000100000000000000000000000000000010000000000000000000000ed41", 0x120, 0x25099e0}, {&(0x7f0000016d00)="00000000000000000000040000000000000000010000000000000000d0010000000000000000000000000010000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000040000000000000009af3fbe4f644eed88000edd72596194", 0x71, 0x2509b60}, {&(0x7f0000016e00)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j1__\x00\x00\x00\x00\x00\x00\x00\x00j1__', 0x21, 0x2509c00}, {&(0x7f0000016f00)="000000000000000000070064656661756c7401000000000000000000000000000000030000000000000000100000000000000000000000000000010000000000000000000000ed41", 0x48, 0x2509c80}, {&(0x7f0000017000)="000000000000000000000000000000000000050000000000000000000000000000000080d001000000000000000000000000001000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000005", 0x62, 0x2509d20}, {&(0x7f0000017100)="00000000000000000001000000000000000000000000000000030000000000000000100000000000000000000000000000010000000000000000000000ed41", 0x3f, 0x2509e40}, {&(0x7f0000017200)="000000000000000000050000000000000000000000000000000070d001000000000000000000000000001000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000005", 0x59, 0x2509ee0}, {&(0x7f0000019100)="2aa14ac35f235766f53b211dd750a86f073edc1c80c4bdaabc4fac120197bfbf8ae5b4014ad84168867201e7db0b90b50050d00100000000010000000000000101a2aca44e544e5aa6dc887ce69fb9d00400000000000000f7ffffffffffffff02000000000001000000000000010000000000000000fb0e0000a000000000010000000000000c0001000000000000ef0e00000c", 0x94, 0x4505000}, {&(0x7f0000019200)="0000000000000000000000000000000000000000000000000000000002002e2e04000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000ed41000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006a315f5f00000000000000006a315f5f00000000000000006a315f5f", 0xac, 0x4505f40}], 0x0, &(0x7f0000000040)={[{@nossd='nossd'}]}) 10:47:51 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0}, 0x0) 10:47:52 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x1000000010, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000680001000000000000000000000000000000000004000b"], 0x1c}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 10:47:53 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002e80)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r0) sendmsg$netlink(r3, &(0x7f0000028fc8)={0x0, 0x0, &(0x7f0000019000)=[{&(0x7f00000001c0)=ANY=[], 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="14"], 0x14}, 0x0) recvmmsg(r1, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x0, 0x0) 10:47:53 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x2}}], 0x18}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000340)={0x2, &(0x7f0000000080)=[{0x25, 0x0, 0x0, 0x90ffffff}, {0x6}]}) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) [ 769.397024][T16721] not chained 20000 origins [ 769.401586][T16721] CPU: 1 PID: 16721 Comm: syz-executor.0 Not tainted 5.9.0-rc4-syzkaller #0 [ 769.410254][T16721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 769.420425][T16721] Call Trace: [ 769.423720][T16721] dump_stack+0x21c/0x280 [ 769.428072][T16721] kmsan_internal_chain_origin+0x6f/0x130 [ 769.433793][T16721] ? kmsan_get_metadata+0x116/0x180 [ 769.439076][T16721] ? kmsan_set_origin_checked+0x95/0xf0 [ 769.444642][T16721] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 769.450710][T16721] ? kmsan_get_metadata+0x116/0x180 [ 769.455902][T16721] ? kmsan_set_origin_checked+0x95/0xf0 [ 769.461455][T16721] ? kmsan_get_metadata+0x116/0x180 [ 769.466669][T16721] ? kmsan_set_origin_checked+0x95/0xf0 [ 769.472214][T16721] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 769.478309][T16721] ? _copy_from_user+0x201/0x310 [ 769.483263][T16721] ? kmsan_get_metadata+0x116/0x180 [ 769.488467][T16721] __msan_chain_origin+0x50/0x90 [ 769.493421][T16721] __get_compat_msghdr+0x6db/0x9d0 [ 769.498556][T16721] get_compat_msghdr+0x108/0x2b0 [ 769.503514][T16721] __sys_sendmmsg+0x755/0xf70 [ 769.508306][T16721] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 769.514196][T16721] ? __msan_poison_alloca+0xf0/0x120 [ 769.519474][T16721] ? ktime_get_ts64+0x79f/0x8d0 [ 769.524325][T16721] ? _copy_to_user+0x1bf/0x260 [ 769.529111][T16721] ? kmsan_get_metadata+0x116/0x180 [ 769.534325][T16721] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 769.540328][T16721] ? kmsan_get_metadata+0x116/0x180 [ 769.545571][T16721] ? kmsan_get_metadata+0x116/0x180 [ 769.550772][T16721] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 769.556152][T16721] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 769.561699][T16721] __do_fast_syscall_32+0x129/0x180 [ 769.566900][T16721] do_fast_syscall_32+0x6a/0xc0 [ 769.571802][T16721] do_SYSENTER_32+0x73/0x90 [ 769.576333][T16721] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 769.582648][T16721] RIP: 0023:0xf7f7f549 [ 769.586713][T16721] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 769.606498][T16721] RSP: 002b:00000000f55370cc EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 769.614992][T16721] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000200 [ 769.623069][T16721] RDX: 00000000675dec16 RSI: 0000000000000000 RDI: 0000000000000000 [ 769.631043][T16721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 769.639004][T16721] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 769.646983][T16721] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 769.654977][T16721] Uninit was stored to memory at: [ 769.659999][T16721] kmsan_internal_chain_origin+0xad/0x130 [ 769.665710][T16721] __msan_chain_origin+0x50/0x90 [ 769.670643][T16721] __get_compat_msghdr+0x6db/0x9d0 [ 769.675744][T16721] get_compat_msghdr+0x108/0x2b0 [ 769.680700][T16721] __sys_sendmmsg+0x755/0xf70 [ 769.685370][T16721] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 769.690735][T16721] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 769.696294][T16721] __do_fast_syscall_32+0x129/0x180 [ 769.701614][T16721] do_fast_syscall_32+0x6a/0xc0 [ 769.706463][T16721] do_SYSENTER_32+0x73/0x90 [ 769.710972][T16721] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 769.717281][T16721] [ 769.719598][T16721] Uninit was stored to memory at: [ 769.724619][T16721] kmsan_internal_chain_origin+0xad/0x130 [ 769.730329][T16721] __msan_chain_origin+0x50/0x90 [ 769.735726][T16721] __get_compat_msghdr+0x6db/0x9d0 [ 769.740869][T16721] get_compat_msghdr+0x108/0x2b0 [ 769.745803][T16721] __sys_sendmmsg+0x755/0xf70 [ 769.750473][T16721] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 769.755840][T16721] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 769.761391][T16721] __do_fast_syscall_32+0x129/0x180 [ 769.766582][T16721] do_fast_syscall_32+0x6a/0xc0 [ 769.771427][T16721] do_SYSENTER_32+0x73/0x90 [ 769.775922][T16721] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 769.782232][T16721] [ 769.785327][T16721] Uninit was stored to memory at: [ 769.790360][T16721] kmsan_internal_chain_origin+0xad/0x130 [ 769.796074][T16721] __msan_chain_origin+0x50/0x90 [ 769.801003][T16721] __get_compat_msghdr+0x6db/0x9d0 [ 769.806105][T16721] get_compat_msghdr+0x108/0x2b0 [ 769.811075][T16721] __sys_sendmmsg+0x755/0xf70 [ 769.815937][T16721] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 769.821305][T16721] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 769.826842][T16721] __do_fast_syscall_32+0x129/0x180 [ 769.832034][T16721] do_fast_syscall_32+0x6a/0xc0 [ 769.836878][T16721] do_SYSENTER_32+0x73/0x90 [ 769.841375][T16721] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 769.847679][T16721] [ 769.849993][T16721] Uninit was stored to memory at: [ 769.855009][T16721] kmsan_internal_chain_origin+0xad/0x130 [ 769.860736][T16721] __msan_chain_origin+0x50/0x90 [ 769.865670][T16721] __get_compat_msghdr+0x6db/0x9d0 [ 769.870791][T16721] get_compat_msghdr+0x108/0x2b0 [ 769.875726][T16721] __sys_sendmmsg+0x755/0xf70 [ 769.880393][T16721] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 769.885757][T16721] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 769.891296][T16721] __do_fast_syscall_32+0x129/0x180 [ 769.896485][T16721] do_fast_syscall_32+0x6a/0xc0 [ 769.901417][T16721] do_SYSENTER_32+0x73/0x90 [ 769.905917][T16721] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 769.912937][T16721] [ 769.915272][T16721] Uninit was stored to memory at: [ 769.920294][T16721] kmsan_internal_chain_origin+0xad/0x130 [ 769.926008][T16721] __msan_chain_origin+0x50/0x90 [ 769.933891][T16721] __get_compat_msghdr+0x6db/0x9d0 [ 769.938992][T16721] get_compat_msghdr+0x108/0x2b0 [ 769.943936][T16721] __sys_sendmmsg+0x755/0xf70 [ 769.948603][T16721] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 769.953966][T16721] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 769.959507][T16721] __do_fast_syscall_32+0x129/0x180 [ 769.964698][T16721] do_fast_syscall_32+0x6a/0xc0 [ 769.969540][T16721] do_SYSENTER_32+0x73/0x90 [ 769.974049][T16721] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 769.980358][T16721] [ 769.982671][T16721] Uninit was stored to memory at: [ 769.988831][T16721] kmsan_internal_chain_origin+0xad/0x130 [ 769.994553][T16721] __msan_chain_origin+0x50/0x90 [ 769.999485][T16721] __get_compat_msghdr+0x6db/0x9d0 [ 770.004589][T16721] get_compat_msghdr+0x108/0x2b0 [ 770.009516][T16721] __sys_sendmmsg+0x755/0xf70 [ 770.014187][T16721] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 770.019550][T16721] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 770.025089][T16721] __do_fast_syscall_32+0x129/0x180 [ 770.030281][T16721] do_fast_syscall_32+0x6a/0xc0 [ 770.035124][T16721] do_SYSENTER_32+0x73/0x90 [ 770.039624][T16721] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 770.045937][T16721] [ 770.048262][T16721] Uninit was stored to memory at: [ 770.053281][T16721] kmsan_internal_chain_origin+0xad/0x130 [ 770.058992][T16721] __msan_chain_origin+0x50/0x90 [ 770.063921][T16721] __get_compat_msghdr+0x6db/0x9d0 [ 770.069043][T16721] get_compat_msghdr+0x108/0x2b0 [ 770.073969][T16721] __sys_sendmmsg+0x755/0xf70 [ 770.078641][T16721] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 770.084008][T16721] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 770.089551][T16721] __do_fast_syscall_32+0x129/0x180 [ 770.094740][T16721] do_fast_syscall_32+0x6a/0xc0 [ 770.099581][T16721] do_SYSENTER_32+0x73/0x90 [ 770.104076][T16721] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 770.110399][T16721] [ 770.112717][T16721] Local variable ----msg_sys@__sys_sendmmsg created at: [ 770.119654][T16721] __sys_sendmmsg+0xbb/0xf70 [ 770.124288][T16721] __sys_sendmmsg+0xbb/0xf70 [ 770.816433][T16718] not chained 30000 origins [ 770.821003][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 770.829724][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 770.839784][T16718] Call Trace: [ 770.843093][T16718] dump_stack+0x21c/0x280 [ 770.847444][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 770.853197][T16718] ? kmsan_get_metadata+0x116/0x180 [ 770.858409][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 770.863975][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 770.870089][T16718] ? _copy_from_user+0x201/0x310 [ 770.875066][T16718] ? kmsan_get_metadata+0x116/0x180 [ 770.880286][T16718] __msan_chain_origin+0x50/0x90 [ 770.885236][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 770.890371][T16718] get_compat_msghdr+0x108/0x2b0 [ 770.895373][T16718] do_recvmmsg+0xdbb/0x22b0 [ 770.899892][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 770.905729][T16718] ? kmsan_get_metadata+0x116/0x180 [ 770.910948][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 770.916597][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 770.921895][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 770.926918][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 770.931713][T16718] __sys_recvmmsg+0x5dd/0x610 [ 770.936412][T16718] ? kmsan_get_metadata+0x116/0x180 [ 770.941635][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 770.947720][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 770.953897][T16718] __do_fast_syscall_32+0x129/0x180 [ 770.959158][T16718] do_fast_syscall_32+0x6a/0xc0 [ 770.964026][T16718] do_SYSENTER_32+0x73/0x90 [ 770.968552][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 770.974891][T16718] RIP: 0023:0xf7f82549 [ 770.978974][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 770.998693][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 771.007127][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 771.015112][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 771.023105][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 771.031336][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 771.040164][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 771.048159][T16718] Uninit was stored to memory at: [ 771.053206][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 771.059614][T16718] __msan_chain_origin+0x50/0x90 [ 771.064634][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 771.069764][T16718] get_compat_msghdr+0x108/0x2b0 [ 771.074952][T16718] do_recvmmsg+0xdbb/0x22b0 [ 771.079453][T16718] __sys_recvmmsg+0x5dd/0x610 [ 771.084127][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 771.090880][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 771.097025][T16718] __do_fast_syscall_32+0x129/0x180 [ 771.102218][T16718] do_fast_syscall_32+0x6a/0xc0 [ 771.107094][T16718] do_SYSENTER_32+0x73/0x90 [ 771.111608][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 771.117930][T16718] [ 771.120263][T16718] Uninit was stored to memory at: [ 771.125284][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 771.130996][T16718] __msan_chain_origin+0x50/0x90 [ 771.135925][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 771.141146][T16718] get_compat_msghdr+0x108/0x2b0 [ 771.146087][T16718] do_recvmmsg+0xdbb/0x22b0 [ 771.150578][T16718] __sys_recvmmsg+0x5dd/0x610 [ 771.155247][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 771.161306][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 771.167571][T16718] __do_fast_syscall_32+0x129/0x180 [ 771.172762][T16718] do_fast_syscall_32+0x6a/0xc0 [ 771.177618][T16718] do_SYSENTER_32+0x73/0x90 [ 771.182126][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 771.189388][T16718] [ 771.191706][T16718] Uninit was stored to memory at: [ 771.196724][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 771.202441][T16718] __msan_chain_origin+0x50/0x90 [ 771.207369][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 771.212487][T16718] get_compat_msghdr+0x108/0x2b0 [ 771.217422][T16718] do_recvmmsg+0xdbb/0x22b0 [ 771.221913][T16718] __sys_recvmmsg+0x5dd/0x610 [ 771.226581][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 771.232814][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 771.239057][T16718] __do_fast_syscall_32+0x129/0x180 [ 771.244247][T16718] do_fast_syscall_32+0x6a/0xc0 [ 771.249088][T16718] do_SYSENTER_32+0x73/0x90 [ 771.253583][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 771.259888][T16718] [ 771.262200][T16718] Uninit was stored to memory at: [ 771.267234][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 771.273035][T16718] __msan_chain_origin+0x50/0x90 [ 771.277968][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 771.283067][T16718] get_compat_msghdr+0x108/0x2b0 [ 771.288010][T16718] do_recvmmsg+0xdbb/0x22b0 [ 771.292605][T16718] __sys_recvmmsg+0x5dd/0x610 [ 771.297277][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 771.303351][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 771.309494][T16718] __do_fast_syscall_32+0x129/0x180 [ 771.314701][T16718] do_fast_syscall_32+0x6a/0xc0 [ 771.319541][T16718] do_SYSENTER_32+0x73/0x90 [ 771.324037][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 771.330429][T16718] [ 771.332743][T16718] Uninit was stored to memory at: [ 771.339868][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 771.345696][T16718] __msan_chain_origin+0x50/0x90 [ 771.350631][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 771.355746][T16718] get_compat_msghdr+0x108/0x2b0 [ 771.360689][T16718] do_recvmmsg+0xdbb/0x22b0 [ 771.365198][T16718] __sys_recvmmsg+0x5dd/0x610 [ 771.369881][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 771.375943][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 771.382099][T16718] __do_fast_syscall_32+0x129/0x180 [ 771.387307][T16718] do_fast_syscall_32+0x6a/0xc0 [ 771.392150][T16718] do_SYSENTER_32+0x73/0x90 [ 771.396646][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 771.402954][T16718] [ 771.405296][T16718] Uninit was stored to memory at: [ 771.410316][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 771.416025][T16718] __msan_chain_origin+0x50/0x90 [ 771.420975][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 771.426143][T16718] get_compat_msghdr+0x108/0x2b0 [ 771.431078][T16718] do_recvmmsg+0xdbb/0x22b0 [ 771.435578][T16718] __sys_recvmmsg+0x5dd/0x610 [ 771.440261][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 771.446407][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 771.452554][T16718] __do_fast_syscall_32+0x129/0x180 [ 771.457744][T16718] do_fast_syscall_32+0x6a/0xc0 [ 771.462588][T16718] do_SYSENTER_32+0x73/0x90 [ 771.467085][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 771.473404][T16718] [ 771.475726][T16718] Uninit was stored to memory at: [ 771.480768][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 771.486490][T16718] __msan_chain_origin+0x50/0x90 [ 771.491427][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 771.496706][T16718] get_compat_msghdr+0x108/0x2b0 [ 771.501632][T16718] do_recvmmsg+0xdbb/0x22b0 [ 771.506135][T16718] __sys_recvmmsg+0x5dd/0x610 [ 771.510859][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 771.516929][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 771.523097][T16718] __do_fast_syscall_32+0x129/0x180 [ 771.528293][T16718] do_fast_syscall_32+0x6a/0xc0 [ 771.533156][T16718] do_SYSENTER_32+0x73/0x90 [ 771.537657][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 771.544076][T16718] [ 771.546417][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 771.553093][T16718] do_recvmmsg+0xbf/0x22b0 [ 771.557502][T16718] do_recvmmsg+0xbf/0x22b0 10:47:56 executing program 4: r0 = syz_io_uring_setup(0x15a3, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00'}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x4}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 10:47:56 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:56 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0}, 0x0) 10:47:56 executing program 5: unshare(0x40000000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xffffffffffffffff, 0x8031, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) socket(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, r1, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000001000)={0x0, 0x208000, 0x800}, 0x18) 10:47:56 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) setresuid(0x0, 0xee01, 0xffffffffffffffff) ioctl$TCXONC(r0, 0x4b3c, 0x0) [ 771.666651][T16731] IPVS: ftp: loaded support on port[0] = 21 10:47:57 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:57 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0}, 0x0) 10:47:58 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:47:58 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:47:58 executing program 0: socket$unix(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) gettid() sendmmsg$unix(r0, &(0x7f0000001700)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001680)=[@rights={{0x10}}, @rights={{0x10}}], 0x20}], 0x1, 0x0) [ 773.964127][T16718] not chained 40000 origins [ 773.968694][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 773.977368][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 773.987432][T16718] Call Trace: [ 773.990739][T16718] dump_stack+0x21c/0x280 [ 773.995094][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 774.000855][T16718] ? kmsan_get_metadata+0x116/0x180 [ 774.006088][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 774.011652][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 774.017745][T16718] ? _copy_from_user+0x201/0x310 [ 774.022697][T16718] ? kmsan_get_metadata+0x116/0x180 [ 774.027927][T16718] __msan_chain_origin+0x50/0x90 [ 774.032869][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 774.038010][T16718] get_compat_msghdr+0x108/0x2b0 [ 774.042948][T16718] do_recvmmsg+0xdbb/0x22b0 [ 774.047464][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 774.053298][T16718] ? kmsan_get_metadata+0x116/0x180 [ 774.058491][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 774.064136][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 774.069413][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 774.074167][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 774.078940][T16718] __sys_recvmmsg+0x5dd/0x610 [ 774.083618][T16718] ? kmsan_get_metadata+0x116/0x180 [ 774.088838][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 774.094918][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 774.101101][T16718] __do_fast_syscall_32+0x129/0x180 [ 774.106299][T16718] do_fast_syscall_32+0x6a/0xc0 [ 774.111155][T16718] do_SYSENTER_32+0x73/0x90 [ 774.115654][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 774.121969][T16718] RIP: 0023:0xf7f82549 [ 774.126045][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 774.145652][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 774.154058][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 774.163674][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 774.171636][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 774.179600][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 774.187560][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 774.195531][T16718] Uninit was stored to memory at: [ 774.200552][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 774.206263][T16718] __msan_chain_origin+0x50/0x90 [ 774.211193][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 774.216295][T16718] get_compat_msghdr+0x108/0x2b0 [ 774.221227][T16718] do_recvmmsg+0xdbb/0x22b0 [ 774.225722][T16718] __sys_recvmmsg+0x5dd/0x610 [ 774.230421][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 774.236490][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 774.242663][T16718] __do_fast_syscall_32+0x129/0x180 [ 774.247871][T16718] do_fast_syscall_32+0x6a/0xc0 [ 774.252811][T16718] do_SYSENTER_32+0x73/0x90 [ 774.257309][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 774.263709][T16718] [ 774.266021][T16718] Uninit was stored to memory at: [ 774.271048][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 774.276758][T16718] __msan_chain_origin+0x50/0x90 [ 774.281689][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 774.286791][T16718] get_compat_msghdr+0x108/0x2b0 [ 774.291719][T16718] do_recvmmsg+0xdbb/0x22b0 [ 774.296212][T16718] __sys_recvmmsg+0x5dd/0x610 [ 774.300881][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 774.306958][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 774.313101][T16718] __do_fast_syscall_32+0x129/0x180 [ 774.318288][T16718] do_fast_syscall_32+0x6a/0xc0 [ 774.323155][T16718] do_SYSENTER_32+0x73/0x90 [ 774.327652][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 774.333960][T16718] [ 774.336275][T16718] Uninit was stored to memory at: [ 774.341312][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 774.347031][T16718] __msan_chain_origin+0x50/0x90 [ 774.351989][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 774.357099][T16718] get_compat_msghdr+0x108/0x2b0 [ 774.362032][T16718] do_recvmmsg+0xdbb/0x22b0 [ 774.366526][T16718] __sys_recvmmsg+0x5dd/0x610 [ 774.371195][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 774.377259][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 774.385073][T16718] __do_fast_syscall_32+0x129/0x180 [ 774.390262][T16718] do_fast_syscall_32+0x6a/0xc0 [ 774.395107][T16718] do_SYSENTER_32+0x73/0x90 [ 774.399617][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 774.405925][T16718] [ 774.408351][T16718] Uninit was stored to memory at: [ 774.413372][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 774.419101][T16718] __msan_chain_origin+0x50/0x90 [ 774.424039][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 774.429154][T16718] get_compat_msghdr+0x108/0x2b0 [ 774.434091][T16718] do_recvmmsg+0xdbb/0x22b0 [ 774.438582][T16718] __sys_recvmmsg+0x5dd/0x610 [ 774.443337][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 774.450352][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 774.456514][T16718] __do_fast_syscall_32+0x129/0x180 [ 774.461722][T16718] do_fast_syscall_32+0x6a/0xc0 [ 774.466566][T16718] do_SYSENTER_32+0x73/0x90 [ 774.471084][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 774.477390][T16718] [ 774.479702][T16718] Uninit was stored to memory at: [ 774.484719][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 774.490431][T16718] __msan_chain_origin+0x50/0x90 [ 774.495358][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 774.500461][T16718] get_compat_msghdr+0x108/0x2b0 [ 774.505386][T16718] do_recvmmsg+0xdbb/0x22b0 [ 774.509888][T16718] __sys_recvmmsg+0x5dd/0x610 [ 774.514571][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 774.520635][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 774.526939][T16718] __do_fast_syscall_32+0x129/0x180 [ 774.532140][T16718] do_fast_syscall_32+0x6a/0xc0 [ 774.537012][T16718] do_SYSENTER_32+0x73/0x90 [ 774.541540][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 774.548641][T16718] [ 774.550970][T16718] Uninit was stored to memory at: [ 774.556168][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 774.561968][T16718] __msan_chain_origin+0x50/0x90 [ 774.566900][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 774.572023][T16718] get_compat_msghdr+0x108/0x2b0 [ 774.576955][T16718] do_recvmmsg+0xdbb/0x22b0 [ 774.581450][T16718] __sys_recvmmsg+0x5dd/0x610 [ 774.586120][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 774.592284][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 774.598430][T16718] __do_fast_syscall_32+0x129/0x180 [ 774.604421][T16718] do_fast_syscall_32+0x6a/0xc0 [ 774.609272][T16718] do_SYSENTER_32+0x73/0x90 [ 774.613901][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 774.620212][T16718] [ 774.622525][T16718] Uninit was stored to memory at: [ 774.627563][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 774.633273][T16718] __msan_chain_origin+0x50/0x90 [ 774.638221][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 774.643323][T16718] get_compat_msghdr+0x108/0x2b0 [ 774.648253][T16718] do_recvmmsg+0xdbb/0x22b0 [ 774.652766][T16718] __sys_recvmmsg+0x5dd/0x610 [ 774.657436][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 774.663496][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 774.669665][T16718] __do_fast_syscall_32+0x129/0x180 [ 774.674872][T16718] do_fast_syscall_32+0x6a/0xc0 [ 774.679732][T16718] do_SYSENTER_32+0x73/0x90 [ 774.684234][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 774.690545][T16718] [ 774.692863][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 774.699548][T16718] do_recvmmsg+0xbf/0x22b0 [ 774.703953][T16718] do_recvmmsg+0xbf/0x22b0 [ 774.996533][T16718] not chained 50000 origins [ 775.001123][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 775.009793][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 775.019853][T16718] Call Trace: [ 775.023156][T16718] dump_stack+0x21c/0x280 [ 775.027498][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 775.033248][T16718] ? kmsan_get_metadata+0x116/0x180 [ 775.038456][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 775.044017][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 775.050095][T16718] ? _copy_from_user+0x201/0x310 [ 775.055130][T16718] ? kmsan_get_metadata+0x116/0x180 [ 775.060340][T16718] __msan_chain_origin+0x50/0x90 [ 775.065288][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 775.070423][T16718] get_compat_msghdr+0x108/0x2b0 [ 775.075375][T16718] do_recvmmsg+0xdbb/0x22b0 [ 775.079892][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 775.085735][T16718] ? kmsan_get_metadata+0x116/0x180 [ 775.090945][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 775.096589][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 775.101885][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 775.106652][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 775.111420][T16718] __sys_recvmmsg+0x5dd/0x610 [ 775.116112][T16718] ? kmsan_get_metadata+0x116/0x180 [ 775.121324][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 775.127413][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 775.133585][T16718] __do_fast_syscall_32+0x129/0x180 [ 775.138809][T16718] do_fast_syscall_32+0x6a/0xc0 [ 775.143678][T16718] do_SYSENTER_32+0x73/0x90 [ 775.148199][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 775.155192][T16718] RIP: 0023:0xf7f82549 [ 775.159268][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 775.178880][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 775.187293][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 775.195257][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 775.203316][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 775.211279][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 775.219240][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 775.227229][T16718] Uninit was stored to memory at: [ 775.232273][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 775.237984][T16718] __msan_chain_origin+0x50/0x90 [ 775.242915][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 775.248017][T16718] get_compat_msghdr+0x108/0x2b0 [ 775.252964][T16718] do_recvmmsg+0xdbb/0x22b0 [ 775.257456][T16718] __sys_recvmmsg+0x5dd/0x610 [ 775.262150][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 775.268222][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 775.274369][T16718] __do_fast_syscall_32+0x129/0x180 [ 775.279576][T16718] do_fast_syscall_32+0x6a/0xc0 [ 775.284418][T16718] do_SYSENTER_32+0x73/0x90 [ 775.288915][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 775.295222][T16718] [ 775.297561][T16718] Uninit was stored to memory at: [ 775.302582][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 775.308291][T16718] __msan_chain_origin+0x50/0x90 [ 775.313217][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 775.318337][T16718] get_compat_msghdr+0x108/0x2b0 [ 775.323363][T16718] do_recvmmsg+0xdbb/0x22b0 [ 775.327867][T16718] __sys_recvmmsg+0x5dd/0x610 [ 775.332541][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 775.338601][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 775.344771][T16718] __do_fast_syscall_32+0x129/0x180 [ 775.349960][T16718] do_fast_syscall_32+0x6a/0xc0 [ 775.354799][T16718] do_SYSENTER_32+0x73/0x90 [ 775.359295][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 775.365695][T16718] [ 775.368021][T16718] Uninit was stored to memory at: [ 775.373042][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 775.378926][T16718] __msan_chain_origin+0x50/0x90 [ 775.383880][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 775.388984][T16718] get_compat_msghdr+0x108/0x2b0 [ 775.393911][T16718] do_recvmmsg+0xdbb/0x22b0 [ 775.398422][T16718] __sys_recvmmsg+0x5dd/0x610 [ 775.403093][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 775.409151][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 775.415310][T16718] __do_fast_syscall_32+0x129/0x180 [ 775.420517][T16718] do_fast_syscall_32+0x6a/0xc0 [ 775.425361][T16718] do_SYSENTER_32+0x73/0x90 [ 775.429859][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 775.436168][T16718] [ 775.438482][T16718] Uninit was stored to memory at: [ 775.443502][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 775.449212][T16718] __msan_chain_origin+0x50/0x90 [ 775.454148][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 775.459252][T16718] get_compat_msghdr+0x108/0x2b0 [ 775.464179][T16718] do_recvmmsg+0xdbb/0x22b0 [ 775.468672][T16718] __sys_recvmmsg+0x5dd/0x610 [ 775.473344][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 775.479405][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 775.485597][T16718] __do_fast_syscall_32+0x129/0x180 [ 775.490797][T16718] do_fast_syscall_32+0x6a/0xc0 [ 775.495678][T16718] do_SYSENTER_32+0x73/0x90 [ 775.500184][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 775.506493][T16718] [ 775.508822][T16718] Uninit was stored to memory at: [ 775.513847][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 775.519559][T16718] __msan_chain_origin+0x50/0x90 [ 775.524489][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 775.529603][T16718] get_compat_msghdr+0x108/0x2b0 [ 775.534540][T16718] do_recvmmsg+0xdbb/0x22b0 [ 775.539051][T16718] __sys_recvmmsg+0x5dd/0x610 [ 775.543730][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 775.549791][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 775.555939][T16718] __do_fast_syscall_32+0x129/0x180 [ 775.561134][T16718] do_fast_syscall_32+0x6a/0xc0 [ 775.566170][T16718] do_SYSENTER_32+0x73/0x90 [ 775.570667][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 775.577184][T16718] [ 775.579502][T16718] Uninit was stored to memory at: [ 775.584523][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 775.590233][T16718] __msan_chain_origin+0x50/0x90 [ 775.595183][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 775.600285][T16718] get_compat_msghdr+0x108/0x2b0 [ 775.605226][T16718] do_recvmmsg+0xdbb/0x22b0 [ 775.609730][T16718] __sys_recvmmsg+0x5dd/0x610 [ 775.614427][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 775.620574][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 775.626823][T16718] __do_fast_syscall_32+0x129/0x180 [ 775.632015][T16718] do_fast_syscall_32+0x6a/0xc0 [ 775.636855][T16718] do_SYSENTER_32+0x73/0x90 [ 775.641357][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 775.647665][T16718] [ 775.649978][T16718] Uninit was stored to memory at: [ 775.655084][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 775.660793][T16718] __msan_chain_origin+0x50/0x90 [ 775.665724][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 775.670930][T16718] get_compat_msghdr+0x108/0x2b0 [ 775.675857][T16718] do_recvmmsg+0xdbb/0x22b0 [ 775.680355][T16718] __sys_recvmmsg+0x5dd/0x610 [ 775.685025][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 775.691084][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 775.697366][T16718] __do_fast_syscall_32+0x129/0x180 [ 775.702589][T16718] do_fast_syscall_32+0x6a/0xc0 [ 775.707436][T16718] do_SYSENTER_32+0x73/0x90 [ 775.712179][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 775.718494][T16718] [ 775.720831][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 775.727506][T16718] do_recvmmsg+0xbf/0x22b0 [ 775.731919][T16718] do_recvmmsg+0xbf/0x22b0 [ 775.782302][ T1389] tipc: TX() has been purged, node left! [ 775.971718][T16718] not chained 60000 origins [ 775.976280][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 775.984956][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 775.995019][T16718] Call Trace: [ 775.998326][T16718] dump_stack+0x21c/0x280 [ 776.002696][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 776.008448][T16718] ? kmsan_get_metadata+0x116/0x180 [ 776.013664][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 776.019230][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 776.025318][T16718] ? _copy_from_user+0x201/0x310 [ 776.031174][T16718] ? kmsan_get_metadata+0x116/0x180 [ 776.036395][T16718] __msan_chain_origin+0x50/0x90 [ 776.041436][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 776.046588][T16718] get_compat_msghdr+0x108/0x2b0 [ 776.051551][T16718] do_recvmmsg+0xdbb/0x22b0 [ 776.056074][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 776.061918][T16718] ? kmsan_get_metadata+0x116/0x180 [ 776.067132][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 776.072778][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 776.078084][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 776.082865][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 776.087642][T16718] __sys_recvmmsg+0x5dd/0x610 [ 776.092341][T16718] ? kmsan_get_metadata+0x116/0x180 [ 776.097558][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 776.103645][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 776.109825][T16718] __do_fast_syscall_32+0x129/0x180 [ 776.115043][T16718] do_fast_syscall_32+0x6a/0xc0 [ 776.119912][T16718] do_SYSENTER_32+0x73/0x90 [ 776.124432][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 776.130761][T16718] RIP: 0023:0xf7f82549 [ 776.134862][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 776.154475][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 776.162902][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 776.170882][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 776.178863][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 776.186842][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 776.194827][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 776.202812][T16718] Uninit was stored to memory at: [ 776.207955][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 776.213780][T16718] __msan_chain_origin+0x50/0x90 [ 776.218730][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 776.223860][T16718] get_compat_msghdr+0x108/0x2b0 [ 776.228809][T16718] do_recvmmsg+0xdbb/0x22b0 [ 776.233327][T16718] __sys_recvmmsg+0x5dd/0x610 [ 776.238204][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 776.244284][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 776.250541][T16718] __do_fast_syscall_32+0x129/0x180 [ 776.255749][T16718] do_fast_syscall_32+0x6a/0xc0 [ 776.260610][T16718] do_SYSENTER_32+0x73/0x90 [ 776.265126][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 776.271447][T16718] [ 776.273783][T16718] Uninit was stored to memory at: [ 776.278816][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 776.284552][T16718] __msan_chain_origin+0x50/0x90 [ 776.289503][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 776.294618][T16718] get_compat_msghdr+0x108/0x2b0 [ 776.299560][T16718] do_recvmmsg+0xdbb/0x22b0 [ 776.304063][T16718] __sys_recvmmsg+0x5dd/0x610 [ 776.308744][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 776.314820][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 776.321008][T16718] __do_fast_syscall_32+0x129/0x180 [ 776.326239][T16718] do_fast_syscall_32+0x6a/0xc0 [ 776.331099][T16718] do_SYSENTER_32+0x73/0x90 [ 776.335615][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 776.341924][T16718] [ 776.344239][T16718] Uninit was stored to memory at: [ 776.349264][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 776.354977][T16718] __msan_chain_origin+0x50/0x90 [ 776.359908][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 776.365012][T16718] get_compat_msghdr+0x108/0x2b0 [ 776.369938][T16718] do_recvmmsg+0xdbb/0x22b0 [ 776.374429][T16718] __sys_recvmmsg+0x5dd/0x610 [ 776.379115][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 776.385176][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 776.391324][T16718] __do_fast_syscall_32+0x129/0x180 [ 776.396520][T16718] do_fast_syscall_32+0x6a/0xc0 [ 776.401387][T16718] do_SYSENTER_32+0x73/0x90 [ 776.405884][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 776.412190][T16718] [ 776.414527][T16718] Uninit was stored to memory at: [ 776.419549][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 776.425260][T16718] __msan_chain_origin+0x50/0x90 [ 776.430203][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 776.435329][T16718] get_compat_msghdr+0x108/0x2b0 [ 776.440268][T16718] do_recvmmsg+0xdbb/0x22b0 [ 776.444765][T16718] __sys_recvmmsg+0x5dd/0x610 [ 776.449436][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 776.455507][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 776.461668][T16718] __do_fast_syscall_32+0x129/0x180 [ 776.466857][T16718] do_fast_syscall_32+0x6a/0xc0 [ 776.471709][T16718] do_SYSENTER_32+0x73/0x90 [ 776.476208][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 776.482543][T16718] [ 776.484858][T16718] Uninit was stored to memory at: [ 776.489884][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 776.495595][T16718] __msan_chain_origin+0x50/0x90 [ 776.500523][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 776.505627][T16718] get_compat_msghdr+0x108/0x2b0 [ 776.510571][T16718] do_recvmmsg+0xdbb/0x22b0 [ 776.515066][T16718] __sys_recvmmsg+0x5dd/0x610 [ 776.519735][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 776.525793][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 776.531940][T16718] __do_fast_syscall_32+0x129/0x180 [ 776.537146][T16718] do_fast_syscall_32+0x6a/0xc0 [ 776.541988][T16718] do_SYSENTER_32+0x73/0x90 [ 776.546497][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 776.552804][T16718] [ 776.555122][T16718] Uninit was stored to memory at: [ 776.560154][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 776.565881][T16718] __msan_chain_origin+0x50/0x90 [ 776.570820][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 776.575925][T16718] get_compat_msghdr+0x108/0x2b0 [ 776.581141][T16718] do_recvmmsg+0xdbb/0x22b0 [ 776.585633][T16718] __sys_recvmmsg+0x5dd/0x610 [ 776.590306][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 776.596364][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 776.602520][T16718] __do_fast_syscall_32+0x129/0x180 [ 776.607726][T16718] do_fast_syscall_32+0x6a/0xc0 [ 776.612589][T16718] do_SYSENTER_32+0x73/0x90 [ 776.617104][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 776.623428][T16718] [ 776.625744][T16718] Uninit was stored to memory at: [ 776.630765][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 776.636484][T16718] __msan_chain_origin+0x50/0x90 [ 776.641453][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 776.646642][T16718] get_compat_msghdr+0x108/0x2b0 [ 776.653738][T16718] do_recvmmsg+0xdbb/0x22b0 [ 776.658229][T16718] __sys_recvmmsg+0x5dd/0x610 [ 776.662913][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 776.668975][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 776.675143][T16718] __do_fast_syscall_32+0x129/0x180 [ 776.680334][T16718] do_fast_syscall_32+0x6a/0xc0 [ 776.685306][T16718] do_SYSENTER_32+0x73/0x90 [ 776.689820][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 776.696218][T16718] [ 776.698883][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 776.705565][T16718] do_recvmmsg+0xbf/0x22b0 [ 776.709979][T16718] do_recvmmsg+0xbf/0x22b0 [ 776.969044][T16718] not chained 70000 origins [ 776.973615][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 776.982286][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 776.992348][T16718] Call Trace: [ 776.995651][T16718] dump_stack+0x21c/0x280 [ 777.000002][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 777.005752][T16718] ? kmsan_get_metadata+0x116/0x180 [ 777.010963][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 777.016525][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 777.022606][T16718] ? _copy_from_user+0x201/0x310 [ 777.027559][T16718] ? kmsan_get_metadata+0x116/0x180 [ 777.032778][T16718] __msan_chain_origin+0x50/0x90 [ 777.037727][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 777.042864][T16718] get_compat_msghdr+0x108/0x2b0 [ 777.047817][T16718] do_recvmmsg+0xdbb/0x22b0 [ 777.052340][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 777.058177][T16718] ? kmsan_get_metadata+0x116/0x180 [ 777.063388][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 777.069031][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 777.074416][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 777.079187][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 777.083984][T16718] __sys_recvmmsg+0x5dd/0x610 [ 777.089894][T16718] ? kmsan_get_metadata+0x116/0x180 [ 777.095107][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 777.101195][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 777.107363][T16718] __do_fast_syscall_32+0x129/0x180 [ 777.112605][T16718] do_fast_syscall_32+0x6a/0xc0 [ 777.117468][T16718] do_SYSENTER_32+0x73/0x90 [ 777.121988][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 777.128318][T16718] RIP: 0023:0xf7f82549 [ 777.132484][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 777.152093][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 777.160514][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 777.168492][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 777.176470][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 777.184451][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 777.192430][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 777.200417][T16718] Uninit was stored to memory at: [ 777.205455][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 777.211206][T16718] __msan_chain_origin+0x50/0x90 [ 777.216151][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 777.221270][T16718] get_compat_msghdr+0x108/0x2b0 [ 777.226219][T16718] do_recvmmsg+0xdbb/0x22b0 [ 777.230723][T16718] __sys_recvmmsg+0x5dd/0x610 [ 777.235405][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 777.241480][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 777.247640][T16718] __do_fast_syscall_32+0x129/0x180 [ 777.252879][T16718] do_fast_syscall_32+0x6a/0xc0 [ 777.257737][T16718] do_SYSENTER_32+0x73/0x90 [ 777.262251][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 777.268570][T16718] [ 777.270892][T16718] Uninit was stored to memory at: [ 777.275928][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 777.281742][T16718] __msan_chain_origin+0x50/0x90 [ 777.286688][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 777.291876][T16718] get_compat_msghdr+0x108/0x2b0 [ 777.296815][T16718] do_recvmmsg+0xdbb/0x22b0 [ 777.301320][T16718] __sys_recvmmsg+0x5dd/0x610 [ 777.306006][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 777.312079][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 777.318239][T16718] __do_fast_syscall_32+0x129/0x180 [ 777.323457][T16718] do_fast_syscall_32+0x6a/0xc0 [ 777.328320][T16718] do_SYSENTER_32+0x73/0x90 [ 777.332832][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 777.339148][T16718] [ 777.341471][T16718] Uninit was stored to memory at: [ 777.346507][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 777.352235][T16718] __msan_chain_origin+0x50/0x90 [ 777.357176][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 777.362471][T16718] get_compat_msghdr+0x108/0x2b0 [ 777.367433][T16718] do_recvmmsg+0xdbb/0x22b0 [ 777.371938][T16718] __sys_recvmmsg+0x5dd/0x610 [ 777.376648][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 777.382734][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 777.388901][T16718] __do_fast_syscall_32+0x129/0x180 [ 777.394110][T16718] do_fast_syscall_32+0x6a/0xc0 [ 777.398965][T16718] do_SYSENTER_32+0x73/0x90 [ 777.403496][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 777.409810][T16718] [ 777.412131][T16718] Uninit was stored to memory at: [ 777.417155][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 777.422891][T16718] __msan_chain_origin+0x50/0x90 [ 777.427823][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 777.432928][T16718] get_compat_msghdr+0x108/0x2b0 [ 777.437864][T16718] do_recvmmsg+0xdbb/0x22b0 [ 777.442379][T16718] __sys_recvmmsg+0x5dd/0x610 [ 777.447063][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 777.453125][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 777.459287][T16718] __do_fast_syscall_32+0x129/0x180 [ 777.464477][T16718] do_fast_syscall_32+0x6a/0xc0 [ 777.469323][T16718] do_SYSENTER_32+0x73/0x90 [ 777.473829][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 777.480149][T16718] [ 777.482465][T16718] Uninit was stored to memory at: [ 777.487482][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 777.493210][T16718] __msan_chain_origin+0x50/0x90 [ 777.498153][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 777.503263][T16718] get_compat_msghdr+0x108/0x2b0 [ 777.508204][T16718] do_recvmmsg+0xdbb/0x22b0 [ 777.512704][T16718] __sys_recvmmsg+0x5dd/0x610 [ 777.517399][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 777.523477][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 777.529628][T16718] __do_fast_syscall_32+0x129/0x180 [ 777.534818][T16718] do_fast_syscall_32+0x6a/0xc0 [ 777.539665][T16718] do_SYSENTER_32+0x73/0x90 [ 777.544162][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 777.550467][T16718] [ 777.552790][T16718] Uninit was stored to memory at: [ 777.557811][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 777.563522][T16718] __msan_chain_origin+0x50/0x90 [ 777.568469][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 777.573657][T16718] get_compat_msghdr+0x108/0x2b0 [ 777.578584][T16718] do_recvmmsg+0xdbb/0x22b0 [ 777.583077][T16718] __sys_recvmmsg+0x5dd/0x610 [ 777.587792][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 777.593867][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 777.600030][T16718] __do_fast_syscall_32+0x129/0x180 [ 777.605219][T16718] do_fast_syscall_32+0x6a/0xc0 [ 777.610061][T16718] do_SYSENTER_32+0x73/0x90 [ 777.614559][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 777.620868][T16718] [ 777.623185][T16718] Uninit was stored to memory at: [ 777.628305][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 777.634015][T16718] __msan_chain_origin+0x50/0x90 [ 777.639032][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 777.644140][T16718] get_compat_msghdr+0x108/0x2b0 [ 777.649070][T16718] do_recvmmsg+0xdbb/0x22b0 [ 777.653578][T16718] __sys_recvmmsg+0x5dd/0x610 [ 777.658376][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 777.664476][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 777.670633][T16718] __do_fast_syscall_32+0x129/0x180 [ 777.675850][T16718] do_fast_syscall_32+0x6a/0xc0 [ 777.680693][T16718] do_SYSENTER_32+0x73/0x90 [ 777.685190][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 777.691498][T16718] [ 777.693816][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 777.701006][T16718] do_recvmmsg+0xbf/0x22b0 [ 777.705413][T16718] do_recvmmsg+0xbf/0x22b0 [ 778.506547][T16718] not chained 80000 origins [ 778.511107][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 778.519778][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 778.530016][T16718] Call Trace: [ 778.533328][T16718] dump_stack+0x21c/0x280 [ 778.537686][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 778.543566][T16718] ? kmsan_get_metadata+0x116/0x180 [ 778.548789][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 778.554356][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 778.560444][T16718] ? _copy_from_user+0x201/0x310 [ 778.565403][T16718] ? kmsan_get_metadata+0x116/0x180 [ 778.570617][T16718] __msan_chain_origin+0x50/0x90 [ 778.575590][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 778.580736][T16718] get_compat_msghdr+0x108/0x2b0 [ 778.585815][T16718] do_recvmmsg+0xdbb/0x22b0 [ 778.590344][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 778.596190][T16718] ? kmsan_get_metadata+0x116/0x180 [ 778.601405][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 778.607341][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 778.612643][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 778.617414][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 778.622191][T16718] __sys_recvmmsg+0x5dd/0x610 [ 778.626886][T16718] ? kmsan_get_metadata+0x116/0x180 [ 778.632099][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 778.638279][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 778.644453][T16718] __do_fast_syscall_32+0x129/0x180 [ 778.649672][T16718] do_fast_syscall_32+0x6a/0xc0 [ 778.654540][T16718] do_SYSENTER_32+0x73/0x90 [ 778.659063][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 778.665399][T16718] RIP: 0023:0xf7f82549 [ 778.669481][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 778.689263][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 778.697696][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 778.705687][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 778.713672][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 778.721658][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 778.729637][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 778.737629][T16718] Uninit was stored to memory at: [ 778.742675][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 778.748409][T16718] __msan_chain_origin+0x50/0x90 [ 778.753356][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 778.758482][T16718] get_compat_msghdr+0x108/0x2b0 [ 778.763471][T16718] do_recvmmsg+0xdbb/0x22b0 [ 778.768070][T16718] __sys_recvmmsg+0x5dd/0x610 [ 778.772764][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 778.778847][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 778.785015][T16718] __do_fast_syscall_32+0x129/0x180 [ 778.790226][T16718] do_fast_syscall_32+0x6a/0xc0 [ 778.795088][T16718] do_SYSENTER_32+0x73/0x90 [ 778.799612][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 778.805942][T16718] [ 778.808273][T16718] Uninit was stored to memory at: [ 778.813315][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 778.819153][T16718] __msan_chain_origin+0x50/0x90 [ 778.824104][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 778.829229][T16718] get_compat_msghdr+0x108/0x2b0 [ 778.834268][T16718] do_recvmmsg+0xdbb/0x22b0 [ 778.838790][T16718] __sys_recvmmsg+0x5dd/0x610 [ 778.843507][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 778.849595][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 778.855783][T16718] __do_fast_syscall_32+0x129/0x180 [ 778.860993][T16718] do_fast_syscall_32+0x6a/0xc0 [ 778.865858][T16718] do_SYSENTER_32+0x73/0x90 [ 778.870379][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 778.876699][T16718] [ 778.879142][T16718] Uninit was stored to memory at: [ 778.884203][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 778.889939][T16718] __msan_chain_origin+0x50/0x90 [ 778.894936][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 778.900058][T16718] get_compat_msghdr+0x108/0x2b0 [ 778.905004][T16718] do_recvmmsg+0xdbb/0x22b0 [ 778.909519][T16718] __sys_recvmmsg+0x5dd/0x610 [ 778.914210][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 778.920288][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 778.926454][T16718] __do_fast_syscall_32+0x129/0x180 [ 778.931668][T16718] do_fast_syscall_32+0x6a/0xc0 [ 778.936611][T16718] do_SYSENTER_32+0x73/0x90 [ 778.941123][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 778.947444][T16718] [ 778.949774][T16718] Uninit was stored to memory at: [ 778.954810][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 778.960536][T16718] __msan_chain_origin+0x50/0x90 [ 778.965484][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 778.970601][T16718] get_compat_msghdr+0x108/0x2b0 [ 778.975541][T16718] do_recvmmsg+0xdbb/0x22b0 [ 778.980046][T16718] __sys_recvmmsg+0x5dd/0x610 [ 778.984742][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 778.990817][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 778.996979][T16718] __do_fast_syscall_32+0x129/0x180 [ 779.002273][T16718] do_fast_syscall_32+0x6a/0xc0 [ 779.007129][T16718] do_SYSENTER_32+0x73/0x90 [ 779.011642][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 779.017959][T16718] [ 779.020282][T16718] Uninit was stored to memory at: [ 779.025495][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 779.031222][T16718] __msan_chain_origin+0x50/0x90 [ 779.036165][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 779.041283][T16718] get_compat_msghdr+0x108/0x2b0 [ 779.046224][T16718] do_recvmmsg+0xdbb/0x22b0 [ 779.050730][T16718] __sys_recvmmsg+0x5dd/0x610 [ 779.055410][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 779.061486][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 779.067638][T16718] __do_fast_syscall_32+0x129/0x180 [ 779.072833][T16718] do_fast_syscall_32+0x6a/0xc0 [ 779.077674][T16718] do_SYSENTER_32+0x73/0x90 [ 779.082171][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 779.088499][T16718] [ 779.090816][T16718] Uninit was stored to memory at: [ 779.095837][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 779.101572][T16718] __msan_chain_origin+0x50/0x90 [ 779.107196][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 779.112303][T16718] get_compat_msghdr+0x108/0x2b0 [ 779.117239][T16718] do_recvmmsg+0xdbb/0x22b0 [ 779.121819][T16718] __sys_recvmmsg+0x5dd/0x610 [ 779.126490][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 779.132547][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 779.138711][T16718] __do_fast_syscall_32+0x129/0x180 [ 779.143902][T16718] do_fast_syscall_32+0x6a/0xc0 [ 779.148770][T16718] do_SYSENTER_32+0x73/0x90 [ 779.153267][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 779.159571][T16718] [ 779.161893][T16718] Uninit was stored to memory at: [ 779.166924][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 779.172632][T16718] __msan_chain_origin+0x50/0x90 [ 779.177559][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 779.182668][T16718] get_compat_msghdr+0x108/0x2b0 [ 779.187593][T16718] do_recvmmsg+0xdbb/0x22b0 [ 779.192083][T16718] __sys_recvmmsg+0x5dd/0x610 [ 779.196762][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 779.202821][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 779.208967][T16718] __do_fast_syscall_32+0x129/0x180 [ 779.214174][T16718] do_fast_syscall_32+0x6a/0xc0 [ 779.219015][T16718] do_SYSENTER_32+0x73/0x90 [ 779.223709][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 779.230041][T16718] [ 779.232359][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 779.239020][T16718] do_recvmmsg+0xbf/0x22b0 [ 779.243425][T16718] do_recvmmsg+0xbf/0x22b0 [ 779.676179][T16718] not chained 90000 origins [ 779.680716][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 779.689384][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 779.699540][T16718] Call Trace: [ 779.702846][T16718] dump_stack+0x21c/0x280 [ 779.707210][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 779.712970][T16718] ? kmsan_get_metadata+0x116/0x180 [ 779.718188][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 779.723776][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 779.729862][T16718] ? _copy_from_user+0x201/0x310 [ 779.734820][T16718] ? kmsan_get_metadata+0x116/0x180 [ 779.740032][T16718] __msan_chain_origin+0x50/0x90 [ 779.744981][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 779.750116][T16718] get_compat_msghdr+0x108/0x2b0 [ 779.755070][T16718] do_recvmmsg+0xdbb/0x22b0 [ 779.759589][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 779.765425][T16718] ? kmsan_get_metadata+0x116/0x180 [ 779.770754][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 779.776409][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 779.781711][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 779.786505][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 779.791283][T16718] __sys_recvmmsg+0x5dd/0x610 [ 779.796081][T16718] ? kmsan_get_metadata+0x116/0x180 [ 779.801299][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 779.807484][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 779.813648][T16718] __do_fast_syscall_32+0x129/0x180 [ 779.818864][T16718] do_fast_syscall_32+0x6a/0xc0 [ 779.823724][T16718] do_SYSENTER_32+0x73/0x90 [ 779.828233][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 779.834563][T16718] RIP: 0023:0xf7f82549 [ 779.838641][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 779.858257][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 779.866681][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 779.874666][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 779.882651][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 779.893152][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 779.901136][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 779.909210][T16718] Uninit was stored to memory at: [ 779.914260][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 779.920027][T16718] __msan_chain_origin+0x50/0x90 [ 779.924992][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 779.930113][T16718] get_compat_msghdr+0x108/0x2b0 [ 779.935061][T16718] do_recvmmsg+0xdbb/0x22b0 [ 779.939573][T16718] __sys_recvmmsg+0x5dd/0x610 [ 779.944258][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 779.950339][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 779.956503][T16718] __do_fast_syscall_32+0x129/0x180 [ 779.961720][T16718] do_fast_syscall_32+0x6a/0xc0 [ 779.966589][T16718] do_SYSENTER_32+0x73/0x90 [ 779.971105][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 779.977855][T16718] [ 779.980182][T16718] Uninit was stored to memory at: [ 779.985246][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 779.990980][T16718] __msan_chain_origin+0x50/0x90 [ 779.995925][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 780.001043][T16718] get_compat_msghdr+0x108/0x2b0 [ 780.005992][T16718] do_recvmmsg+0xdbb/0x22b0 [ 780.010499][T16718] __sys_recvmmsg+0x5dd/0x610 [ 780.015188][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 780.021264][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 780.027429][T16718] __do_fast_syscall_32+0x129/0x180 [ 780.032644][T16718] do_fast_syscall_32+0x6a/0xc0 [ 780.037508][T16718] do_SYSENTER_32+0x73/0x90 [ 780.042024][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 780.048341][T16718] [ 780.050666][T16718] Uninit was stored to memory at: [ 780.055706][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 780.061442][T16718] __msan_chain_origin+0x50/0x90 [ 780.066400][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 780.071533][T16718] get_compat_msghdr+0x108/0x2b0 [ 780.076479][T16718] do_recvmmsg+0xdbb/0x22b0 [ 780.080995][T16718] __sys_recvmmsg+0x5dd/0x610 [ 780.085684][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 780.091988][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 780.098142][T16718] __do_fast_syscall_32+0x129/0x180 [ 780.103326][T16718] do_fast_syscall_32+0x6a/0xc0 [ 780.108155][T16718] do_SYSENTER_32+0x73/0x90 [ 780.112641][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 780.118939][T16718] [ 780.121261][T16718] Uninit was stored to memory at: [ 780.126297][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 780.132008][T16718] __msan_chain_origin+0x50/0x90 [ 780.136936][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 780.142064][T16718] get_compat_msghdr+0x108/0x2b0 [ 780.146991][T16718] do_recvmmsg+0xdbb/0x22b0 [ 780.151624][T16718] __sys_recvmmsg+0x5dd/0x610 [ 780.156288][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 780.162473][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 780.168616][T16718] __do_fast_syscall_32+0x129/0x180 [ 780.173800][T16718] do_fast_syscall_32+0x6a/0xc0 [ 780.178631][T16718] do_SYSENTER_32+0x73/0x90 [ 780.183204][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 780.189502][T16718] [ 780.191824][T16718] Uninit was stored to memory at: [ 780.196837][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 780.203040][T16718] __msan_chain_origin+0x50/0x90 [ 780.207975][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 780.213073][T16718] get_compat_msghdr+0x108/0x2b0 [ 780.217994][T16718] do_recvmmsg+0xdbb/0x22b0 [ 780.222507][T16718] __sys_recvmmsg+0x5dd/0x610 [ 780.227351][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 780.233398][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 780.239695][T16718] __do_fast_syscall_32+0x129/0x180 [ 780.245076][T16718] do_fast_syscall_32+0x6a/0xc0 [ 780.249916][T16718] do_SYSENTER_32+0x73/0x90 [ 780.254409][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 780.260733][T16718] [ 780.263047][T16718] Uninit was stored to memory at: [ 780.268068][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 780.273789][T16718] __msan_chain_origin+0x50/0x90 [ 780.278724][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 780.283817][T16718] get_compat_msghdr+0x108/0x2b0 [ 780.288754][T16718] do_recvmmsg+0xdbb/0x22b0 [ 780.293234][T16718] __sys_recvmmsg+0x5dd/0x610 [ 780.297905][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 780.303963][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 780.310096][T16718] __do_fast_syscall_32+0x129/0x180 [ 780.315289][T16718] do_fast_syscall_32+0x6a/0xc0 [ 780.320153][T16718] do_SYSENTER_32+0x73/0x90 [ 780.324652][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 780.330949][T16718] [ 780.333276][T16718] Uninit was stored to memory at: [ 780.338307][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 780.344014][T16718] __msan_chain_origin+0x50/0x90 [ 780.348934][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 780.354025][T16718] get_compat_msghdr+0x108/0x2b0 [ 780.358962][T16718] do_recvmmsg+0xdbb/0x22b0 [ 780.363441][T16718] __sys_recvmmsg+0x5dd/0x610 [ 780.368114][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 780.374179][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 780.380319][T16718] __do_fast_syscall_32+0x129/0x180 [ 780.385502][T16718] do_fast_syscall_32+0x6a/0xc0 [ 780.390334][T16718] do_SYSENTER_32+0x73/0x90 [ 780.394823][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 780.401121][T16718] [ 780.403426][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 780.410111][T16718] do_recvmmsg+0xbf/0x22b0 [ 780.414503][T16718] do_recvmmsg+0xbf/0x22b0 [ 780.885429][T16718] not chained 100000 origins [ 780.890079][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 780.898752][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 780.908810][T16718] Call Trace: [ 780.912116][T16718] dump_stack+0x21c/0x280 [ 780.916468][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 780.922214][T16718] ? kmsan_get_metadata+0x116/0x180 [ 780.927416][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 780.932960][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 780.939024][T16718] ? _copy_from_user+0x201/0x310 [ 780.943968][T16718] ? kmsan_get_metadata+0x116/0x180 [ 780.949162][T16718] __msan_chain_origin+0x50/0x90 [ 780.954098][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 780.959220][T16718] get_compat_msghdr+0x108/0x2b0 [ 780.964177][T16718] do_recvmmsg+0xdbb/0x22b0 [ 780.968679][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 780.974499][T16718] ? kmsan_get_metadata+0x116/0x180 [ 780.979723][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 780.985373][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 780.990660][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 780.995438][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 781.000225][T16718] __sys_recvmmsg+0x5dd/0x610 [ 781.005199][T16718] ? kmsan_get_metadata+0x116/0x180 [ 781.010500][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 781.016571][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 781.022748][T16718] __do_fast_syscall_32+0x129/0x180 [ 781.027958][T16718] do_fast_syscall_32+0x6a/0xc0 [ 781.032808][T16718] do_SYSENTER_32+0x73/0x90 [ 781.037307][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 781.043623][T16718] RIP: 0023:0xf7f82549 [ 781.047683][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 781.067282][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 781.075688][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 781.083884][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 781.092369][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 781.100684][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 781.108676][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 781.116679][T16718] Uninit was stored to memory at: [ 781.123191][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 781.129825][T16718] __msan_chain_origin+0x50/0x90 [ 781.135299][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 781.140403][T16718] get_compat_msghdr+0x108/0x2b0 [ 781.145344][T16718] do_recvmmsg+0xdbb/0x22b0 [ 781.150708][T16718] __sys_recvmmsg+0x5dd/0x610 [ 781.155381][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 781.161449][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 781.167794][T16718] __do_fast_syscall_32+0x129/0x180 [ 781.173076][T16718] do_fast_syscall_32+0x6a/0xc0 [ 781.177940][T16718] do_SYSENTER_32+0x73/0x90 [ 781.182458][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 781.189551][T16718] [ 781.196130][T16718] Uninit was stored to memory at: [ 781.201176][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 781.206982][T16718] __msan_chain_origin+0x50/0x90 [ 781.212036][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 781.217255][T16718] get_compat_msghdr+0x108/0x2b0 [ 781.222183][T16718] do_recvmmsg+0xdbb/0x22b0 [ 781.226691][T16718] __sys_recvmmsg+0x5dd/0x610 [ 781.231364][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 781.237433][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 781.243598][T16718] __do_fast_syscall_32+0x129/0x180 [ 781.248789][T16718] do_fast_syscall_32+0x6a/0xc0 [ 781.253640][T16718] do_SYSENTER_32+0x73/0x90 [ 781.258138][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 781.264481][T16718] [ 781.266824][T16718] Uninit was stored to memory at: [ 781.271882][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 781.278383][T16718] __msan_chain_origin+0x50/0x90 [ 781.283326][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 781.288426][T16718] get_compat_msghdr+0x108/0x2b0 [ 781.293370][T16718] do_recvmmsg+0xdbb/0x22b0 [ 781.297904][T16718] __sys_recvmmsg+0x5dd/0x610 [ 781.302587][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 781.308658][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 781.314822][T16718] __do_fast_syscall_32+0x129/0x180 [ 781.320018][T16718] do_fast_syscall_32+0x6a/0xc0 [ 781.324876][T16718] do_SYSENTER_32+0x73/0x90 [ 781.329380][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 781.335701][T16718] [ 781.338023][T16718] Uninit was stored to memory at: [ 781.343040][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 781.348753][T16718] __msan_chain_origin+0x50/0x90 [ 781.353694][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 781.358798][T16718] get_compat_msghdr+0x108/0x2b0 [ 781.363900][T16718] do_recvmmsg+0xdbb/0x22b0 [ 781.368397][T16718] __sys_recvmmsg+0x5dd/0x610 [ 781.373160][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 781.379225][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 781.385375][T16718] __do_fast_syscall_32+0x129/0x180 [ 781.390579][T16718] do_fast_syscall_32+0x6a/0xc0 [ 781.395422][T16718] do_SYSENTER_32+0x73/0x90 [ 781.399920][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 781.406237][T16718] [ 781.408574][T16718] Uninit was stored to memory at: [ 781.413680][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 781.419402][T16718] __msan_chain_origin+0x50/0x90 [ 781.424330][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 781.429441][T16718] get_compat_msghdr+0x108/0x2b0 [ 781.434369][T16718] do_recvmmsg+0xdbb/0x22b0 [ 781.438879][T16718] __sys_recvmmsg+0x5dd/0x610 [ 781.443568][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 781.449645][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 781.455802][T16718] __do_fast_syscall_32+0x129/0x180 [ 781.460997][T16718] do_fast_syscall_32+0x6a/0xc0 [ 781.465843][T16718] do_SYSENTER_32+0x73/0x90 [ 781.470340][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 781.476646][T16718] [ 781.478969][T16718] Uninit was stored to memory at: [ 781.483997][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 781.489707][T16718] __msan_chain_origin+0x50/0x90 [ 781.494633][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 781.499735][T16718] get_compat_msghdr+0x108/0x2b0 [ 781.504677][T16718] do_recvmmsg+0xdbb/0x22b0 [ 781.509529][T16718] __sys_recvmmsg+0x5dd/0x610 [ 781.514244][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 781.520778][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 781.526937][T16718] __do_fast_syscall_32+0x129/0x180 [ 781.532135][T16718] do_fast_syscall_32+0x6a/0xc0 [ 781.537001][T16718] do_SYSENTER_32+0x73/0x90 [ 781.541525][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 781.547830][T16718] [ 781.550145][T16718] Uninit was stored to memory at: [ 781.555163][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 781.560873][T16718] __msan_chain_origin+0x50/0x90 [ 781.565804][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 781.570906][T16718] get_compat_msghdr+0x108/0x2b0 [ 781.576799][T16718] do_recvmmsg+0xdbb/0x22b0 [ 781.581291][T16718] __sys_recvmmsg+0x5dd/0x610 [ 781.585959][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 781.592037][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 781.598234][T16718] __do_fast_syscall_32+0x129/0x180 [ 781.603428][T16718] do_fast_syscall_32+0x6a/0xc0 [ 781.608280][T16718] do_SYSENTER_32+0x73/0x90 [ 781.612778][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 781.619081][T16718] [ 781.621400][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 781.628148][T16718] do_recvmmsg+0xbf/0x22b0 [ 781.632569][T16718] do_recvmmsg+0xbf/0x22b0 [ 782.025247][T16718] not chained 110000 origins [ 782.029893][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 782.038564][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 782.048655][T16718] Call Trace: [ 782.051966][T16718] dump_stack+0x21c/0x280 [ 782.056342][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 782.062094][T16718] ? kmsan_get_metadata+0x116/0x180 [ 782.067392][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 782.072962][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 782.079045][T16718] ? _copy_from_user+0x201/0x310 [ 782.084033][T16718] ? kmsan_get_metadata+0x116/0x180 [ 782.089257][T16718] __msan_chain_origin+0x50/0x90 [ 782.094214][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 782.099355][T16718] get_compat_msghdr+0x108/0x2b0 [ 782.104398][T16718] do_recvmmsg+0xdbb/0x22b0 [ 782.108916][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 782.114749][T16718] ? kmsan_get_metadata+0x116/0x180 [ 782.119985][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 782.125631][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 782.130925][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 782.135692][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 782.140469][T16718] __sys_recvmmsg+0x5dd/0x610 [ 782.145347][T16718] ? kmsan_get_metadata+0x116/0x180 [ 782.150561][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 782.156657][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 782.162857][T16718] __do_fast_syscall_32+0x129/0x180 [ 782.168097][T16718] do_fast_syscall_32+0x6a/0xc0 [ 782.173081][T16718] do_SYSENTER_32+0x73/0x90 [ 782.177603][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 782.183935][T16718] RIP: 0023:0xf7f82549 [ 782.188044][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 782.207741][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 782.216176][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 782.224166][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 782.232470][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 782.240454][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 782.248437][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 782.256424][T16718] Uninit was stored to memory at: [ 782.261474][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 782.267206][T16718] __msan_chain_origin+0x50/0x90 [ 782.272155][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 782.277442][T16718] get_compat_msghdr+0x108/0x2b0 [ 782.282375][T16718] do_recvmmsg+0xdbb/0x22b0 [ 782.286879][T16718] __sys_recvmmsg+0x5dd/0x610 [ 782.291646][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 782.297698][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 782.303900][T16718] __do_fast_syscall_32+0x129/0x180 [ 782.309159][T16718] do_fast_syscall_32+0x6a/0xc0 [ 782.314002][T16718] do_SYSENTER_32+0x73/0x90 [ 782.318552][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 782.324879][T16718] [ 782.327184][T16718] Uninit was stored to memory at: [ 782.332223][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 782.337938][T16718] __msan_chain_origin+0x50/0x90 [ 782.342877][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 782.347997][T16718] get_compat_msghdr+0x108/0x2b0 [ 782.352925][T16718] do_recvmmsg+0xdbb/0x22b0 [ 782.357423][T16718] __sys_recvmmsg+0x5dd/0x610 [ 782.362087][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 782.368132][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 782.374266][T16718] __do_fast_syscall_32+0x129/0x180 [ 782.379458][T16718] do_fast_syscall_32+0x6a/0xc0 [ 782.384300][T16718] do_SYSENTER_32+0x73/0x90 [ 782.390194][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 782.396505][T16718] [ 782.398822][T16718] Uninit was stored to memory at: [ 782.403851][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 782.409909][T16718] __msan_chain_origin+0x50/0x90 [ 782.414845][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 782.419942][T16718] get_compat_msghdr+0x108/0x2b0 [ 782.424883][T16718] do_recvmmsg+0xdbb/0x22b0 [ 782.429376][T16718] __sys_recvmmsg+0x5dd/0x610 [ 782.434039][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 782.440094][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 782.446228][T16718] __do_fast_syscall_32+0x129/0x180 [ 782.451420][T16718] do_fast_syscall_32+0x6a/0xc0 [ 782.456254][T16718] do_SYSENTER_32+0x73/0x90 [ 782.460916][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 782.467232][T16718] [ 782.469537][T16718] Uninit was stored to memory at: [ 782.474542][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 782.480246][T16718] __msan_chain_origin+0x50/0x90 [ 782.485168][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 782.490274][T16718] get_compat_msghdr+0x108/0x2b0 [ 782.495311][T16718] do_recvmmsg+0xdbb/0x22b0 [ 782.499886][T16718] __sys_recvmmsg+0x5dd/0x610 [ 782.504551][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 782.510603][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 782.516742][T16718] __do_fast_syscall_32+0x129/0x180 [ 782.522015][T16718] do_fast_syscall_32+0x6a/0xc0 [ 782.526868][T16718] do_SYSENTER_32+0x73/0x90 [ 782.531373][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 782.537699][T16718] [ 782.540007][T16718] Uninit was stored to memory at: [ 782.545027][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 782.550800][T16718] __msan_chain_origin+0x50/0x90 [ 782.555772][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 782.560920][T16718] get_compat_msghdr+0x108/0x2b0 [ 782.565846][T16718] do_recvmmsg+0xdbb/0x22b0 [ 782.570330][T16718] __sys_recvmmsg+0x5dd/0x610 [ 782.575006][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 782.581059][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 782.587221][T16718] __do_fast_syscall_32+0x129/0x180 [ 782.592414][T16718] do_fast_syscall_32+0x6a/0xc0 [ 782.597267][T16718] do_SYSENTER_32+0x73/0x90 [ 782.601780][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 782.608080][T16718] [ 782.610426][T16718] Uninit was stored to memory at: [ 782.615467][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 782.621170][T16718] __msan_chain_origin+0x50/0x90 [ 782.626118][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 782.631233][T16718] get_compat_msghdr+0x108/0x2b0 [ 782.636162][T16718] do_recvmmsg+0xdbb/0x22b0 [ 782.640829][T16718] __sys_recvmmsg+0x5dd/0x610 [ 782.645501][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 782.651560][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 782.657751][T16718] __do_fast_syscall_32+0x129/0x180 [ 782.662943][T16718] do_fast_syscall_32+0x6a/0xc0 [ 782.667791][T16718] do_SYSENTER_32+0x73/0x90 [ 782.672291][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 782.678594][T16718] [ 782.680915][T16718] Uninit was stored to memory at: [ 782.685931][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 782.691650][T16718] __msan_chain_origin+0x50/0x90 [ 782.696587][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 782.701695][T16718] get_compat_msghdr+0x108/0x2b0 [ 782.706622][T16718] do_recvmmsg+0xdbb/0x22b0 [ 782.711115][T16718] __sys_recvmmsg+0x5dd/0x610 [ 782.716831][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 782.722894][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 782.729030][T16718] __do_fast_syscall_32+0x129/0x180 [ 782.734229][T16718] do_fast_syscall_32+0x6a/0xc0 [ 782.739087][T16718] do_SYSENTER_32+0x73/0x90 [ 782.743574][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 782.749886][T16718] [ 782.752207][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 782.758882][T16718] do_recvmmsg+0xbf/0x22b0 [ 782.763297][T16718] do_recvmmsg+0xbf/0x22b0 [ 783.171251][T16718] not chained 120000 origins [ 783.175898][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 783.184569][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 783.194628][T16718] Call Trace: [ 783.197936][T16718] dump_stack+0x21c/0x280 [ 783.202314][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 783.208066][T16718] ? kmsan_get_metadata+0x116/0x180 [ 783.213282][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 783.218840][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 783.224919][T16718] ? _copy_from_user+0x201/0x310 [ 783.229875][T16718] ? kmsan_get_metadata+0x116/0x180 [ 783.235082][T16718] __msan_chain_origin+0x50/0x90 [ 783.240035][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 783.245210][T16718] get_compat_msghdr+0x108/0x2b0 [ 783.250194][T16718] do_recvmmsg+0xdbb/0x22b0 [ 783.254714][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 783.260566][T16718] ? kmsan_get_metadata+0x116/0x180 [ 783.265889][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 783.271536][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 783.276852][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 783.281620][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 783.286398][T16718] __sys_recvmmsg+0x5dd/0x610 [ 783.291094][T16718] ? kmsan_get_metadata+0x116/0x180 [ 783.296307][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 783.302395][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 783.308735][T16718] __do_fast_syscall_32+0x129/0x180 [ 783.313949][T16718] do_fast_syscall_32+0x6a/0xc0 [ 783.318816][T16718] do_SYSENTER_32+0x73/0x90 [ 783.323315][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 783.329644][T16718] RIP: 0023:0xf7f82549 [ 783.333692][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 783.353463][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 783.361878][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 783.369838][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 783.377802][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 783.385764][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 783.394790][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 783.402750][T16718] Uninit was stored to memory at: [ 783.407812][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 783.413625][T16718] __msan_chain_origin+0x50/0x90 [ 783.418562][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 783.423668][T16718] get_compat_msghdr+0x108/0x2b0 [ 783.428602][T16718] do_recvmmsg+0xdbb/0x22b0 [ 783.433107][T16718] __sys_recvmmsg+0x5dd/0x610 [ 783.437770][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 783.443923][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 783.450151][T16718] __do_fast_syscall_32+0x129/0x180 [ 783.455336][T16718] do_fast_syscall_32+0x6a/0xc0 [ 783.460193][T16718] do_SYSENTER_32+0x73/0x90 [ 783.464692][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 783.471002][T16718] [ 783.473327][T16718] Uninit was stored to memory at: [ 783.478350][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 783.484068][T16718] __msan_chain_origin+0x50/0x90 [ 783.489038][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 783.494212][T16718] get_compat_msghdr+0x108/0x2b0 [ 783.499919][T16718] do_recvmmsg+0xdbb/0x22b0 [ 783.504507][T16718] __sys_recvmmsg+0x5dd/0x610 [ 783.509190][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 783.515255][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 783.521434][T16718] __do_fast_syscall_32+0x129/0x180 [ 783.526629][T16718] do_fast_syscall_32+0x6a/0xc0 [ 783.531464][T16718] do_SYSENTER_32+0x73/0x90 [ 783.535975][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 783.542290][T16718] [ 783.544597][T16718] Uninit was stored to memory at: [ 783.549605][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 783.555317][T16718] __msan_chain_origin+0x50/0x90 [ 783.560251][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 783.565452][T16718] get_compat_msghdr+0x108/0x2b0 [ 783.570502][T16718] do_recvmmsg+0xdbb/0x22b0 [ 783.574987][T16718] __sys_recvmmsg+0x5dd/0x610 [ 783.579675][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 783.585826][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 783.591988][T16718] __do_fast_syscall_32+0x129/0x180 [ 783.597280][T16718] do_fast_syscall_32+0x6a/0xc0 [ 783.602132][T16718] do_SYSENTER_32+0x73/0x90 [ 783.606646][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 783.612945][T16718] [ 783.615269][T16718] Uninit was stored to memory at: [ 783.620333][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 783.626064][T16718] __msan_chain_origin+0x50/0x90 [ 783.630996][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 783.636111][T16718] get_compat_msghdr+0x108/0x2b0 [ 783.641058][T16718] do_recvmmsg+0xdbb/0x22b0 [ 783.645658][T16718] __sys_recvmmsg+0x5dd/0x610 [ 783.650347][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 783.656471][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 783.662699][T16718] __do_fast_syscall_32+0x129/0x180 [ 783.668048][T16718] do_fast_syscall_32+0x6a/0xc0 [ 783.672886][T16718] do_SYSENTER_32+0x73/0x90 [ 783.677489][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 783.684110][T16718] [ 783.686485][T16718] Uninit was stored to memory at: [ 783.691543][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 783.697278][T16718] __msan_chain_origin+0x50/0x90 [ 783.702212][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 783.707488][T16718] get_compat_msghdr+0x108/0x2b0 [ 783.712515][T16718] do_recvmmsg+0xdbb/0x22b0 [ 783.717007][T16718] __sys_recvmmsg+0x5dd/0x610 [ 783.721692][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 783.727864][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 783.734006][T16718] __do_fast_syscall_32+0x129/0x180 [ 783.739218][T16718] do_fast_syscall_32+0x6a/0xc0 [ 783.744052][T16718] do_SYSENTER_32+0x73/0x90 [ 783.748535][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 783.754868][T16718] [ 783.757197][T16718] Uninit was stored to memory at: [ 783.762218][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 783.768603][T16718] __msan_chain_origin+0x50/0x90 [ 783.773539][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 783.778661][T16718] get_compat_msghdr+0x108/0x2b0 [ 783.783591][T16718] do_recvmmsg+0xdbb/0x22b0 [ 783.788177][T16718] __sys_recvmmsg+0x5dd/0x610 [ 783.792835][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 783.798886][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 783.805025][T16718] __do_fast_syscall_32+0x129/0x180 [ 783.810214][T16718] do_fast_syscall_32+0x6a/0xc0 [ 783.815076][T16718] do_SYSENTER_32+0x73/0x90 [ 783.819590][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 783.825910][T16718] [ 783.828218][T16718] Uninit was stored to memory at: [ 783.833229][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 783.838941][T16718] __msan_chain_origin+0x50/0x90 [ 783.843868][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 783.849317][T16718] get_compat_msghdr+0x108/0x2b0 [ 783.854251][T16718] do_recvmmsg+0xdbb/0x22b0 [ 783.858862][T16718] __sys_recvmmsg+0x5dd/0x610 [ 783.863558][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 783.869627][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 783.875798][T16718] __do_fast_syscall_32+0x129/0x180 [ 783.881165][T16718] do_fast_syscall_32+0x6a/0xc0 [ 783.886136][T16718] do_SYSENTER_32+0x73/0x90 [ 783.890626][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 783.897369][T16718] [ 783.899680][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 783.906340][T16718] do_recvmmsg+0xbf/0x22b0 [ 783.910747][T16718] do_recvmmsg+0xbf/0x22b0 [ 784.140514][T16718] not chained 130000 origins [ 784.145174][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 784.153847][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 784.163908][T16718] Call Trace: [ 784.167213][T16718] dump_stack+0x21c/0x280 [ 784.171562][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 784.177314][T16718] ? kmsan_get_metadata+0x116/0x180 [ 784.182529][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 784.188093][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 784.194259][T16718] ? _copy_from_user+0x201/0x310 [ 784.199211][T16718] ? kmsan_get_metadata+0x116/0x180 [ 784.204714][T16718] __msan_chain_origin+0x50/0x90 [ 784.209666][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 784.214805][T16718] get_compat_msghdr+0x108/0x2b0 [ 784.219760][T16718] do_recvmmsg+0xdbb/0x22b0 [ 784.224277][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 784.230117][T16718] ? kmsan_get_metadata+0x116/0x180 [ 784.235415][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 784.241066][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 784.247235][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 784.252010][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 784.256789][T16718] __sys_recvmmsg+0x5dd/0x610 [ 784.261486][T16718] ? kmsan_get_metadata+0x116/0x180 [ 784.266700][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 784.272878][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 784.279047][T16718] __do_fast_syscall_32+0x129/0x180 [ 784.284353][T16718] do_fast_syscall_32+0x6a/0xc0 [ 784.289226][T16718] do_SYSENTER_32+0x73/0x90 [ 784.293862][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 784.300203][T16718] RIP: 0023:0xf7f82549 [ 784.304289][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 784.323902][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 784.332594][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 784.340586][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 784.348660][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 784.356643][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 784.364624][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 784.372635][T16718] Uninit was stored to memory at: [ 784.377677][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 784.383407][T16718] __msan_chain_origin+0x50/0x90 [ 784.388356][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 784.393475][T16718] get_compat_msghdr+0x108/0x2b0 [ 784.398568][T16718] do_recvmmsg+0xdbb/0x22b0 [ 784.403076][T16718] __sys_recvmmsg+0x5dd/0x610 [ 784.407768][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 784.413846][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 784.420017][T16718] __do_fast_syscall_32+0x129/0x180 [ 784.425262][T16718] do_fast_syscall_32+0x6a/0xc0 [ 784.430125][T16718] do_SYSENTER_32+0x73/0x90 [ 784.434729][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 784.441056][T16718] [ 784.443383][T16718] Uninit was stored to memory at: [ 784.448442][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 784.454174][T16718] __msan_chain_origin+0x50/0x90 [ 784.459147][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 784.464265][T16718] get_compat_msghdr+0x108/0x2b0 [ 784.469210][T16718] do_recvmmsg+0xdbb/0x22b0 [ 784.473743][T16718] __sys_recvmmsg+0x5dd/0x610 [ 784.478516][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 784.484593][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 784.490758][T16718] __do_fast_syscall_32+0x129/0x180 [ 784.496839][T16718] do_fast_syscall_32+0x6a/0xc0 [ 784.501700][T16718] do_SYSENTER_32+0x73/0x90 [ 784.506215][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 784.512533][T16718] [ 784.514858][T16718] Uninit was stored to memory at: [ 784.519893][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 784.526406][T16718] __msan_chain_origin+0x50/0x90 [ 784.531354][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 784.536561][T16718] get_compat_msghdr+0x108/0x2b0 [ 784.541507][T16718] do_recvmmsg+0xdbb/0x22b0 [ 784.546135][T16718] __sys_recvmmsg+0x5dd/0x610 [ 784.550857][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 784.556934][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 784.563276][T16718] __do_fast_syscall_32+0x129/0x180 [ 784.569218][T16718] do_fast_syscall_32+0x6a/0xc0 [ 784.574082][T16718] do_SYSENTER_32+0x73/0x90 [ 784.578602][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 784.584955][T16718] [ 784.587278][T16718] Uninit was stored to memory at: [ 784.592316][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 784.598042][T16718] __msan_chain_origin+0x50/0x90 [ 784.602988][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 784.608111][T16718] get_compat_msghdr+0x108/0x2b0 [ 784.613068][T16718] do_recvmmsg+0xdbb/0x22b0 [ 784.617668][T16718] __sys_recvmmsg+0x5dd/0x610 [ 784.622470][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 784.628549][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 784.634719][T16718] __do_fast_syscall_32+0x129/0x180 [ 784.639942][T16718] do_fast_syscall_32+0x6a/0xc0 [ 784.644804][T16718] do_SYSENTER_32+0x73/0x90 [ 784.649317][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 784.655635][T16718] [ 784.657961][T16718] Uninit was stored to memory at: [ 784.662995][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 784.668812][T16718] __msan_chain_origin+0x50/0x90 [ 784.673763][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 784.679024][T16718] get_compat_msghdr+0x108/0x2b0 [ 784.683976][T16718] do_recvmmsg+0xdbb/0x22b0 [ 784.688484][T16718] __sys_recvmmsg+0x5dd/0x610 [ 784.693181][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 784.699267][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 784.705438][T16718] __do_fast_syscall_32+0x129/0x180 [ 784.710664][T16718] do_fast_syscall_32+0x6a/0xc0 [ 784.715533][T16718] do_SYSENTER_32+0x73/0x90 [ 784.720051][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 784.726367][T16718] [ 784.728693][T16718] Uninit was stored to memory at: [ 784.733728][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 784.739456][T16718] __msan_chain_origin+0x50/0x90 [ 784.744404][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 784.749524][T16718] get_compat_msghdr+0x108/0x2b0 [ 784.754465][T16718] do_recvmmsg+0xdbb/0x22b0 [ 784.758980][T16718] __sys_recvmmsg+0x5dd/0x610 [ 784.763661][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 784.769733][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 784.775892][T16718] __do_fast_syscall_32+0x129/0x180 [ 784.781444][T16718] do_fast_syscall_32+0x6a/0xc0 [ 784.786481][T16718] do_SYSENTER_32+0x73/0x90 [ 784.790999][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 784.797363][T16718] [ 784.799688][T16718] Uninit was stored to memory at: [ 784.804800][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 784.810619][T16718] __msan_chain_origin+0x50/0x90 [ 784.815675][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 784.820778][T16718] get_compat_msghdr+0x108/0x2b0 [ 784.825699][T16718] do_recvmmsg+0xdbb/0x22b0 [ 784.830184][T16718] __sys_recvmmsg+0x5dd/0x610 [ 784.834884][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 784.840947][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 784.847111][T16718] __do_fast_syscall_32+0x129/0x180 [ 784.852311][T16718] do_fast_syscall_32+0x6a/0xc0 [ 784.857146][T16718] do_SYSENTER_32+0x73/0x90 [ 784.861661][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 784.867960][T16718] [ 784.870285][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 784.876939][T16718] do_recvmmsg+0xbf/0x22b0 [ 784.881336][T16718] do_recvmmsg+0xbf/0x22b0 [ 785.166911][T16718] not chained 140000 origins [ 785.171570][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 785.180243][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 785.190392][T16718] Call Trace: [ 785.193697][T16718] dump_stack+0x21c/0x280 [ 785.198046][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 785.203799][T16718] ? kmsan_get_metadata+0x116/0x180 [ 785.209098][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 785.214656][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 785.220740][T16718] ? _copy_from_user+0x201/0x310 [ 785.225694][T16718] ? kmsan_get_metadata+0x116/0x180 [ 785.230911][T16718] __msan_chain_origin+0x50/0x90 [ 785.235864][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 785.241005][T16718] get_compat_msghdr+0x108/0x2b0 [ 785.245958][T16718] do_recvmmsg+0xdbb/0x22b0 [ 785.250506][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 785.256343][T16718] ? kmsan_get_metadata+0x116/0x180 [ 785.261554][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 785.267203][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 785.272536][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 785.277307][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 785.282085][T16718] __sys_recvmmsg+0x5dd/0x610 [ 785.286782][T16718] ? kmsan_get_metadata+0x116/0x180 [ 785.291997][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 785.298082][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 785.304251][T16718] __do_fast_syscall_32+0x129/0x180 [ 785.309473][T16718] do_fast_syscall_32+0x6a/0xc0 [ 785.314340][T16718] do_SYSENTER_32+0x73/0x90 [ 785.318865][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 785.325197][T16718] RIP: 0023:0xf7f82549 [ 785.329271][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 785.349153][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 785.357581][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 785.365559][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 785.373568][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 785.381545][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 785.389521][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 785.397497][T16718] Uninit was stored to memory at: [ 785.402517][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 785.408217][T16718] __msan_chain_origin+0x50/0x90 [ 785.413150][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 785.418247][T16718] get_compat_msghdr+0x108/0x2b0 [ 785.423174][T16718] do_recvmmsg+0xdbb/0x22b0 [ 785.427740][T16718] __sys_recvmmsg+0x5dd/0x610 [ 785.432400][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 785.438460][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 785.444606][T16718] __do_fast_syscall_32+0x129/0x180 [ 785.449800][T16718] do_fast_syscall_32+0x6a/0xc0 [ 785.454750][T16718] do_SYSENTER_32+0x73/0x90 [ 785.459254][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 785.465570][T16718] [ 785.467881][T16718] Uninit was stored to memory at: [ 785.472902][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 785.478642][T16718] __msan_chain_origin+0x50/0x90 [ 785.483788][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 785.488882][T16718] get_compat_msghdr+0x108/0x2b0 [ 785.493810][T16718] do_recvmmsg+0xdbb/0x22b0 [ 785.498308][T16718] __sys_recvmmsg+0x5dd/0x610 [ 785.503422][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 785.509476][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 785.515615][T16718] __do_fast_syscall_32+0x129/0x180 [ 785.520796][T16718] do_fast_syscall_32+0x6a/0xc0 [ 785.525640][T16718] do_SYSENTER_32+0x73/0x90 [ 785.530154][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 785.536472][T16718] [ 785.538789][T16718] Uninit was stored to memory at: [ 785.543820][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 785.549639][T16718] __msan_chain_origin+0x50/0x90 [ 785.554562][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 785.559893][T16718] get_compat_msghdr+0x108/0x2b0 [ 785.564925][T16718] do_recvmmsg+0xdbb/0x22b0 [ 785.569656][T16718] __sys_recvmmsg+0x5dd/0x610 [ 785.574320][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 785.580374][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 785.586511][T16718] __do_fast_syscall_32+0x129/0x180 [ 785.592749][T16718] do_fast_syscall_32+0x6a/0xc0 [ 785.597598][T16718] do_SYSENTER_32+0x73/0x90 [ 785.602087][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 785.608386][T16718] [ 785.610692][T16718] Uninit was stored to memory at: [ 785.615905][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 785.621603][T16718] __msan_chain_origin+0x50/0x90 [ 785.626534][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 785.631626][T16718] get_compat_msghdr+0x108/0x2b0 [ 785.636557][T16718] do_recvmmsg+0xdbb/0x22b0 [ 785.641037][T16718] __sys_recvmmsg+0x5dd/0x610 [ 785.645697][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 785.651780][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 785.657939][T16718] __do_fast_syscall_32+0x129/0x180 [ 785.663226][T16718] do_fast_syscall_32+0x6a/0xc0 [ 785.668080][T16718] do_SYSENTER_32+0x73/0x90 [ 785.672594][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 785.678898][T16718] [ 785.681231][T16718] Uninit was stored to memory at: [ 785.686348][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 785.692053][T16718] __msan_chain_origin+0x50/0x90 [ 785.696990][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 785.702091][T16718] get_compat_msghdr+0x108/0x2b0 [ 785.707181][T16718] do_recvmmsg+0xdbb/0x22b0 [ 785.711669][T16718] __sys_recvmmsg+0x5dd/0x610 [ 785.716613][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 785.722680][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 785.728912][T16718] __do_fast_syscall_32+0x129/0x180 [ 785.734206][T16718] do_fast_syscall_32+0x6a/0xc0 [ 785.739054][T16718] do_SYSENTER_32+0x73/0x90 [ 785.743544][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 785.749858][T16718] [ 785.752166][T16718] Uninit was stored to memory at: [ 785.757177][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 785.763029][T16718] __msan_chain_origin+0x50/0x90 [ 785.767959][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 785.773125][T16718] get_compat_msghdr+0x108/0x2b0 [ 785.778045][T16718] do_recvmmsg+0xdbb/0x22b0 [ 785.782530][T16718] __sys_recvmmsg+0x5dd/0x610 [ 785.787256][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 785.793343][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 785.799486][T16718] __do_fast_syscall_32+0x129/0x180 [ 785.804673][T16718] do_fast_syscall_32+0x6a/0xc0 [ 785.809516][T16718] do_SYSENTER_32+0x73/0x90 [ 785.814002][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 785.820408][T16718] [ 785.822716][T16718] Uninit was stored to memory at: [ 785.827735][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 785.833464][T16718] __msan_chain_origin+0x50/0x90 [ 785.838387][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 785.843489][T16718] get_compat_msghdr+0x108/0x2b0 [ 785.848436][T16718] do_recvmmsg+0xdbb/0x22b0 [ 785.852940][T16718] __sys_recvmmsg+0x5dd/0x610 [ 785.857653][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 785.863710][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 785.869976][T16718] __do_fast_syscall_32+0x129/0x180 [ 785.875181][T16718] do_fast_syscall_32+0x6a/0xc0 [ 785.880045][T16718] do_SYSENTER_32+0x73/0x90 [ 785.884547][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 785.891206][T16718] [ 785.893526][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 785.900334][T16718] do_recvmmsg+0xbf/0x22b0 [ 785.904750][T16718] do_recvmmsg+0xbf/0x22b0 [ 786.196874][T16718] not chained 150000 origins [ 786.201517][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 786.210298][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 786.220364][T16718] Call Trace: [ 786.223674][T16718] dump_stack+0x21c/0x280 [ 786.228208][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 786.233977][T16718] ? kmsan_get_metadata+0x116/0x180 [ 786.239197][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 786.244850][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 786.250984][T16718] ? _copy_from_user+0x201/0x310 [ 786.255985][T16718] ? kmsan_get_metadata+0x116/0x180 [ 786.261292][T16718] __msan_chain_origin+0x50/0x90 [ 786.266243][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 786.271382][T16718] get_compat_msghdr+0x108/0x2b0 [ 786.276338][T16718] do_recvmmsg+0xdbb/0x22b0 [ 786.280882][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 786.286735][T16718] ? kmsan_get_metadata+0x116/0x180 [ 786.291948][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 786.297709][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 786.303006][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 786.307872][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 786.312648][T16718] __sys_recvmmsg+0x5dd/0x610 [ 786.317353][T16718] ? kmsan_get_metadata+0x116/0x180 [ 786.322573][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 786.328666][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 786.334839][T16718] __do_fast_syscall_32+0x129/0x180 [ 786.340060][T16718] do_fast_syscall_32+0x6a/0xc0 [ 786.344925][T16718] do_SYSENTER_32+0x73/0x90 [ 786.349451][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 786.355779][T16718] RIP: 0023:0xf7f82549 [ 786.359958][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 786.379571][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 786.387998][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 786.395987][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 786.403980][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 786.411965][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 786.419963][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 786.428038][T16718] Uninit was stored to memory at: [ 786.433081][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 786.438813][T16718] __msan_chain_origin+0x50/0x90 [ 786.443763][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 786.448881][T16718] get_compat_msghdr+0x108/0x2b0 [ 786.453923][T16718] do_recvmmsg+0xdbb/0x22b0 [ 786.458440][T16718] __sys_recvmmsg+0x5dd/0x610 [ 786.463126][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 786.469209][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 786.475375][T16718] __do_fast_syscall_32+0x129/0x180 [ 786.480589][T16718] do_fast_syscall_32+0x6a/0xc0 [ 786.485450][T16718] do_SYSENTER_32+0x73/0x90 [ 786.489973][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 786.496490][T16718] [ 786.498836][T16718] Uninit was stored to memory at: [ 786.503891][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 786.509634][T16718] __msan_chain_origin+0x50/0x90 [ 786.514585][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 786.519709][T16718] get_compat_msghdr+0x108/0x2b0 [ 786.524992][T16718] do_recvmmsg+0xdbb/0x22b0 [ 786.529947][T16718] __sys_recvmmsg+0x5dd/0x610 [ 786.534723][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 786.540814][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 786.546978][T16718] __do_fast_syscall_32+0x129/0x180 [ 786.552183][T16718] do_fast_syscall_32+0x6a/0xc0 [ 786.557032][T16718] do_SYSENTER_32+0x73/0x90 [ 786.561586][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 786.568145][T16718] [ 786.570485][T16718] Uninit was stored to memory at: [ 786.575610][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 786.581313][T16718] __msan_chain_origin+0x50/0x90 [ 786.586379][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 786.591503][T16718] get_compat_msghdr+0x108/0x2b0 [ 786.596603][T16718] do_recvmmsg+0xdbb/0x22b0 [ 786.601113][T16718] __sys_recvmmsg+0x5dd/0x610 [ 786.605776][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 786.611841][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 786.617981][T16718] __do_fast_syscall_32+0x129/0x180 [ 786.623198][T16718] do_fast_syscall_32+0x6a/0xc0 [ 786.628057][T16718] do_SYSENTER_32+0x73/0x90 [ 786.632575][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 786.638879][T16718] [ 786.641187][T16718] Uninit was stored to memory at: [ 786.646200][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 786.651930][T16718] __msan_chain_origin+0x50/0x90 [ 786.656899][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 786.661997][T16718] get_compat_msghdr+0x108/0x2b0 [ 786.666930][T16718] do_recvmmsg+0xdbb/0x22b0 [ 786.671425][T16718] __sys_recvmmsg+0x5dd/0x610 [ 786.676112][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 786.682172][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 786.688333][T16718] __do_fast_syscall_32+0x129/0x180 [ 786.694307][T16718] do_fast_syscall_32+0x6a/0xc0 [ 786.699177][T16718] do_SYSENTER_32+0x73/0x90 [ 786.703739][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 786.710155][T16718] [ 786.712470][T16718] Uninit was stored to memory at: [ 786.717513][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 786.723238][T16718] __msan_chain_origin+0x50/0x90 [ 786.728448][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 786.733621][T16718] get_compat_msghdr+0x108/0x2b0 [ 786.738755][T16718] do_recvmmsg+0xdbb/0x22b0 [ 786.743276][T16718] __sys_recvmmsg+0x5dd/0x610 [ 786.747935][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 786.753994][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 786.760141][T16718] __do_fast_syscall_32+0x129/0x180 [ 786.765319][T16718] do_fast_syscall_32+0x6a/0xc0 [ 786.770199][T16718] do_SYSENTER_32+0x73/0x90 [ 786.774706][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 786.781004][T16718] [ 786.783311][T16718] Uninit was stored to memory at: [ 786.788363][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 786.797041][T16718] __msan_chain_origin+0x50/0x90 [ 786.801979][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 786.807086][T16718] get_compat_msghdr+0x108/0x2b0 [ 786.812029][T16718] do_recvmmsg+0xdbb/0x22b0 [ 786.816526][T16718] __sys_recvmmsg+0x5dd/0x610 [ 786.821201][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 786.827269][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 786.833616][T16718] __do_fast_syscall_32+0x129/0x180 [ 786.838943][T16718] do_fast_syscall_32+0x6a/0xc0 [ 786.843787][T16718] do_SYSENTER_32+0x73/0x90 [ 786.848283][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 786.854586][T16718] [ 786.856905][T16718] Uninit was stored to memory at: [ 786.862021][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 786.867735][T16718] __msan_chain_origin+0x50/0x90 [ 786.872867][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 786.877974][T16718] get_compat_msghdr+0x108/0x2b0 [ 786.883028][T16718] do_recvmmsg+0xdbb/0x22b0 [ 786.887545][T16718] __sys_recvmmsg+0x5dd/0x610 [ 786.892392][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 786.898465][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 786.904879][T16718] __do_fast_syscall_32+0x129/0x180 [ 786.910084][T16718] do_fast_syscall_32+0x6a/0xc0 [ 786.915041][T16718] do_SYSENTER_32+0x73/0x90 [ 786.919544][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 786.925866][T16718] [ 786.928203][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 786.934952][T16718] do_recvmmsg+0xbf/0x22b0 [ 786.939360][T16718] do_recvmmsg+0xbf/0x22b0 [ 787.254039][T16718] not chained 160000 origins [ 787.258685][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 787.267358][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 787.277592][T16718] Call Trace: [ 787.280904][T16718] dump_stack+0x21c/0x280 [ 787.285264][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 787.291026][T16718] ? kmsan_get_metadata+0x116/0x180 [ 787.296326][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 787.301893][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 787.308009][T16718] ? _copy_from_user+0x201/0x310 [ 787.312963][T16718] ? kmsan_get_metadata+0x116/0x180 [ 787.318177][T16718] __msan_chain_origin+0x50/0x90 [ 787.323131][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 787.328284][T16718] get_compat_msghdr+0x108/0x2b0 [ 787.333244][T16718] do_recvmmsg+0xdbb/0x22b0 [ 787.337767][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 787.343618][T16718] ? kmsan_get_metadata+0x116/0x180 [ 787.348835][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 787.354483][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 787.359818][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 787.364595][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 787.369388][T16718] __sys_recvmmsg+0x5dd/0x610 [ 787.376693][T16718] ? kmsan_get_metadata+0x116/0x180 [ 787.381918][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 787.388015][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 787.394188][T16718] __do_fast_syscall_32+0x129/0x180 [ 787.399408][T16718] do_fast_syscall_32+0x6a/0xc0 [ 787.404280][T16718] do_SYSENTER_32+0x73/0x90 [ 787.408805][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 787.416292][T16718] RIP: 0023:0xf7f82549 [ 787.420369][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 787.440256][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 787.448683][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 787.456662][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 787.464640][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 787.472620][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 787.480604][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 787.488592][T16718] Uninit was stored to memory at: [ 787.493644][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 787.499399][T16718] __msan_chain_origin+0x50/0x90 [ 787.504367][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 787.509490][T16718] get_compat_msghdr+0x108/0x2b0 [ 787.514462][T16718] do_recvmmsg+0xdbb/0x22b0 [ 787.518970][T16718] __sys_recvmmsg+0x5dd/0x610 [ 787.523656][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 787.529736][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 787.535910][T16718] __do_fast_syscall_32+0x129/0x180 [ 787.541130][T16718] do_fast_syscall_32+0x6a/0xc0 [ 787.546015][T16718] do_SYSENTER_32+0x73/0x90 [ 787.550595][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 787.557032][T16718] [ 787.559340][T16718] Uninit was stored to memory at: [ 787.564457][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 787.570298][T16718] __msan_chain_origin+0x50/0x90 [ 787.575259][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 787.580367][T16718] get_compat_msghdr+0x108/0x2b0 [ 787.585353][T16718] do_recvmmsg+0xdbb/0x22b0 [ 787.589848][T16718] __sys_recvmmsg+0x5dd/0x610 [ 787.594526][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 787.600580][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 787.606718][T16718] __do_fast_syscall_32+0x129/0x180 [ 787.611917][T16718] do_fast_syscall_32+0x6a/0xc0 [ 787.616769][T16718] do_SYSENTER_32+0x73/0x90 [ 787.621303][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 787.627603][T16718] [ 787.629937][T16718] Uninit was stored to memory at: [ 787.635171][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 787.641006][T16718] __msan_chain_origin+0x50/0x90 [ 787.645951][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 787.651064][T16718] get_compat_msghdr+0x108/0x2b0 [ 787.656886][T16718] do_recvmmsg+0xdbb/0x22b0 [ 787.661408][T16718] __sys_recvmmsg+0x5dd/0x610 [ 787.666094][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 787.672155][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 787.678317][T16718] __do_fast_syscall_32+0x129/0x180 [ 787.683516][T16718] do_fast_syscall_32+0x6a/0xc0 [ 787.688356][T16718] do_SYSENTER_32+0x73/0x90 [ 787.693004][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 787.699419][T16718] [ 787.701731][T16718] Uninit was stored to memory at: [ 787.706877][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 787.712601][T16718] __msan_chain_origin+0x50/0x90 [ 787.717557][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 787.722684][T16718] get_compat_msghdr+0x108/0x2b0 [ 787.727635][T16718] do_recvmmsg+0xdbb/0x22b0 [ 787.732156][T16718] __sys_recvmmsg+0x5dd/0x610 [ 787.736849][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 787.742916][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 787.749138][T16718] __do_fast_syscall_32+0x129/0x180 [ 787.754313][T16718] do_fast_syscall_32+0x6a/0xc0 [ 787.759230][T16718] do_SYSENTER_32+0x73/0x90 [ 787.763722][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 787.770019][T16718] [ 787.772326][T16718] Uninit was stored to memory at: [ 787.777433][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 787.783141][T16718] __msan_chain_origin+0x50/0x90 [ 787.788087][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 787.793180][T16718] get_compat_msghdr+0x108/0x2b0 [ 787.798096][T16718] do_recvmmsg+0xdbb/0x22b0 [ 787.802593][T16718] __sys_recvmmsg+0x5dd/0x610 [ 787.807346][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 787.813398][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 787.819550][T16718] __do_fast_syscall_32+0x129/0x180 [ 787.824824][T16718] do_fast_syscall_32+0x6a/0xc0 [ 787.829656][T16718] do_SYSENTER_32+0x73/0x90 [ 787.834246][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 787.840725][T16718] [ 787.843118][T16718] Uninit was stored to memory at: [ 787.848125][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 787.853836][T16718] __msan_chain_origin+0x50/0x90 [ 787.858750][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 787.863835][T16718] get_compat_msghdr+0x108/0x2b0 [ 787.868748][T16718] do_recvmmsg+0xdbb/0x22b0 [ 787.873226][T16718] __sys_recvmmsg+0x5dd/0x610 [ 787.877882][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 787.883944][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 787.890280][T16718] __do_fast_syscall_32+0x129/0x180 [ 787.895458][T16718] do_fast_syscall_32+0x6a/0xc0 [ 787.900371][T16718] do_SYSENTER_32+0x73/0x90 [ 787.904878][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 787.911260][T16718] [ 787.913593][T16718] Uninit was stored to memory at: [ 787.918609][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 787.924327][T16718] __msan_chain_origin+0x50/0x90 [ 787.929423][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 787.934531][T16718] get_compat_msghdr+0x108/0x2b0 [ 787.939467][T16718] do_recvmmsg+0xdbb/0x22b0 [ 787.943961][T16718] __sys_recvmmsg+0x5dd/0x610 [ 787.948730][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 787.954808][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 787.961092][T16718] __do_fast_syscall_32+0x129/0x180 [ 787.966284][T16718] do_fast_syscall_32+0x6a/0xc0 [ 787.971124][T16718] do_SYSENTER_32+0x73/0x90 [ 787.975611][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 787.981933][T16718] [ 787.984248][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 787.991023][T16718] do_recvmmsg+0xbf/0x22b0 [ 787.995420][T16718] do_recvmmsg+0xbf/0x22b0 [ 788.403519][T16718] not chained 170000 origins [ 788.408172][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 788.416845][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 788.426906][T16718] Call Trace: [ 788.430215][T16718] dump_stack+0x21c/0x280 [ 788.434585][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 788.440340][T16718] ? kmsan_get_metadata+0x116/0x180 [ 788.445552][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 788.451117][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 788.457200][T16718] ? _copy_from_user+0x201/0x310 [ 788.462156][T16718] ? kmsan_get_metadata+0x116/0x180 [ 788.467395][T16718] __msan_chain_origin+0x50/0x90 [ 788.472350][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 788.477492][T16718] get_compat_msghdr+0x108/0x2b0 [ 788.482447][T16718] do_recvmmsg+0xdbb/0x22b0 [ 788.486985][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 788.492828][T16718] ? kmsan_get_metadata+0x116/0x180 [ 788.498045][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 788.503702][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 788.509005][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 788.513776][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 788.518557][T16718] __sys_recvmmsg+0x5dd/0x610 [ 788.523254][T16718] ? kmsan_get_metadata+0x116/0x180 [ 788.528599][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 788.534722][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 788.540892][T16718] __do_fast_syscall_32+0x129/0x180 [ 788.546112][T16718] do_fast_syscall_32+0x6a/0xc0 [ 788.550983][T16718] do_SYSENTER_32+0x73/0x90 [ 788.555503][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 788.561835][T16718] RIP: 0023:0xf7f82549 [ 788.565907][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 788.585512][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 788.593925][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 788.601897][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 788.609866][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 788.617832][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 788.626058][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 788.634033][T16718] Uninit was stored to memory at: [ 788.639071][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 788.644784][T16718] __msan_chain_origin+0x50/0x90 [ 788.649717][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 788.654834][T16718] get_compat_msghdr+0x108/0x2b0 [ 788.659779][T16718] do_recvmmsg+0xdbb/0x22b0 [ 788.664288][T16718] __sys_recvmmsg+0x5dd/0x610 [ 788.668960][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 788.675036][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 788.681187][T16718] __do_fast_syscall_32+0x129/0x180 [ 788.686397][T16718] do_fast_syscall_32+0x6a/0xc0 [ 788.691239][T16718] do_SYSENTER_32+0x73/0x90 [ 788.695740][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 788.702049][T16718] [ 788.704371][T16718] Uninit was stored to memory at: [ 788.709393][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 788.715221][T16718] __msan_chain_origin+0x50/0x90 [ 788.720160][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 788.725286][T16718] get_compat_msghdr+0x108/0x2b0 [ 788.730222][T16718] do_recvmmsg+0xdbb/0x22b0 [ 788.734719][T16718] __sys_recvmmsg+0x5dd/0x610 [ 788.739391][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 788.745454][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 788.751655][T16718] __do_fast_syscall_32+0x129/0x180 [ 788.756845][T16718] do_fast_syscall_32+0x6a/0xc0 [ 788.761688][T16718] do_SYSENTER_32+0x73/0x90 [ 788.766201][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 788.772510][T16718] [ 788.774823][T16718] Uninit was stored to memory at: [ 788.779843][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 788.785553][T16718] __msan_chain_origin+0x50/0x90 [ 788.790581][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 788.795688][T16718] get_compat_msghdr+0x108/0x2b0 [ 788.800631][T16718] do_recvmmsg+0xdbb/0x22b0 [ 788.805125][T16718] __sys_recvmmsg+0x5dd/0x610 [ 788.809811][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 788.815871][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 788.822017][T16718] __do_fast_syscall_32+0x129/0x180 [ 788.827207][T16718] do_fast_syscall_32+0x6a/0xc0 [ 788.832050][T16718] do_SYSENTER_32+0x73/0x90 [ 788.836547][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 788.842891][T16718] [ 788.845217][T16718] Uninit was stored to memory at: [ 788.850243][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 788.855957][T16718] __msan_chain_origin+0x50/0x90 [ 788.860892][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 788.866008][T16718] get_compat_msghdr+0x108/0x2b0 [ 788.870945][T16718] do_recvmmsg+0xdbb/0x22b0 [ 788.875441][T16718] __sys_recvmmsg+0x5dd/0x610 [ 788.880113][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 788.886172][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 788.892317][T16718] __do_fast_syscall_32+0x129/0x180 [ 788.897508][T16718] do_fast_syscall_32+0x6a/0xc0 [ 788.902353][T16718] do_SYSENTER_32+0x73/0x90 [ 788.906864][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 788.913169][T16718] [ 788.915483][T16718] Uninit was stored to memory at: [ 788.920847][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 788.926556][T16718] __msan_chain_origin+0x50/0x90 [ 788.931492][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 788.936665][T16718] get_compat_msghdr+0x108/0x2b0 [ 788.941593][T16718] do_recvmmsg+0xdbb/0x22b0 [ 788.946087][T16718] __sys_recvmmsg+0x5dd/0x610 [ 788.950779][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 788.956836][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 788.962984][T16718] __do_fast_syscall_32+0x129/0x180 [ 788.968175][T16718] do_fast_syscall_32+0x6a/0xc0 [ 788.973033][T16718] do_SYSENTER_32+0x73/0x90 [ 788.977530][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 788.983837][T16718] [ 788.986172][T16718] Uninit was stored to memory at: [ 788.991192][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 788.997856][T16718] __msan_chain_origin+0x50/0x90 [ 789.002785][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 789.007907][T16718] get_compat_msghdr+0x108/0x2b0 [ 789.012835][T16718] do_recvmmsg+0xdbb/0x22b0 [ 789.017326][T16718] __sys_recvmmsg+0x5dd/0x610 [ 789.021996][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 789.028055][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 789.034204][T16718] __do_fast_syscall_32+0x129/0x180 [ 789.039396][T16718] do_fast_syscall_32+0x6a/0xc0 [ 789.044239][T16718] do_SYSENTER_32+0x73/0x90 [ 789.048736][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 789.055056][T16718] [ 789.057378][T16718] Uninit was stored to memory at: [ 789.062394][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 789.068118][T16718] __msan_chain_origin+0x50/0x90 [ 789.073047][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 789.078166][T16718] get_compat_msghdr+0x108/0x2b0 [ 789.083092][T16718] do_recvmmsg+0xdbb/0x22b0 [ 789.090019][T16718] __sys_recvmmsg+0x5dd/0x610 [ 789.094690][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 789.100765][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 789.106912][T16718] __do_fast_syscall_32+0x129/0x180 [ 789.112110][T16718] do_fast_syscall_32+0x6a/0xc0 [ 789.116975][T16718] do_SYSENTER_32+0x73/0x90 [ 789.121474][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 789.127779][T16718] [ 789.130095][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 789.136772][T16718] do_recvmmsg+0xbf/0x22b0 [ 789.141175][T16718] do_recvmmsg+0xbf/0x22b0 [ 789.666020][T16718] not chained 180000 origins [ 789.670675][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 789.679353][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 789.689441][T16718] Call Trace: [ 789.692746][T16718] dump_stack+0x21c/0x280 [ 789.697109][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 789.702867][T16718] ? kmsan_get_metadata+0x116/0x180 [ 789.708083][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 789.713664][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 789.719747][T16718] ? _copy_from_user+0x201/0x310 [ 789.724739][T16718] ? kmsan_get_metadata+0x116/0x180 [ 789.729957][T16718] __msan_chain_origin+0x50/0x90 [ 789.734916][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 789.740146][T16718] get_compat_msghdr+0x108/0x2b0 [ 789.745105][T16718] do_recvmmsg+0xdbb/0x22b0 [ 789.749631][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 789.755479][T16718] ? kmsan_get_metadata+0x116/0x180 [ 789.760698][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 789.766349][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 789.771766][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 789.776567][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 789.781573][T16718] __sys_recvmmsg+0x5dd/0x610 [ 789.786283][T16718] ? kmsan_get_metadata+0x116/0x180 [ 789.791503][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 789.797600][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 789.803897][T16718] __do_fast_syscall_32+0x129/0x180 [ 789.809115][T16718] do_fast_syscall_32+0x6a/0xc0 [ 789.814030][T16718] do_SYSENTER_32+0x73/0x90 [ 789.818554][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 789.824893][T16718] RIP: 0023:0xf7f82549 [ 789.828967][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 789.848565][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 789.856992][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 789.864954][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 789.872923][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 789.880888][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 789.888852][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 789.896824][T16718] Uninit was stored to memory at: [ 789.901851][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 789.907559][T16718] __msan_chain_origin+0x50/0x90 [ 789.912496][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 789.917597][T16718] get_compat_msghdr+0x108/0x2b0 [ 789.922526][T16718] do_recvmmsg+0xdbb/0x22b0 [ 789.927035][T16718] __sys_recvmmsg+0x5dd/0x610 [ 789.931793][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 789.937937][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 789.944085][T16718] __do_fast_syscall_32+0x129/0x180 [ 789.949301][T16718] do_fast_syscall_32+0x6a/0xc0 [ 789.954143][T16718] do_SYSENTER_32+0x73/0x90 [ 789.958639][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 789.964944][T16718] [ 789.967257][T16718] Uninit was stored to memory at: [ 789.972277][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 789.977986][T16718] __msan_chain_origin+0x50/0x90 [ 789.982932][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 789.988041][T16718] get_compat_msghdr+0x108/0x2b0 [ 789.992971][T16718] do_recvmmsg+0xdbb/0x22b0 [ 789.997465][T16718] __sys_recvmmsg+0x5dd/0x610 [ 790.002155][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 790.008215][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 790.014376][T16718] __do_fast_syscall_32+0x129/0x180 [ 790.019570][T16718] do_fast_syscall_32+0x6a/0xc0 [ 790.024425][T16718] do_SYSENTER_32+0x73/0x90 [ 790.028920][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 790.035227][T16718] [ 790.037546][T16718] Uninit was stored to memory at: [ 790.042573][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 790.048283][T16718] __msan_chain_origin+0x50/0x90 [ 790.053229][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 790.058378][T16718] get_compat_msghdr+0x108/0x2b0 [ 790.063308][T16718] do_recvmmsg+0xdbb/0x22b0 [ 790.067818][T16718] __sys_recvmmsg+0x5dd/0x610 [ 790.072486][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 790.079152][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 790.085298][T16718] __do_fast_syscall_32+0x129/0x180 [ 790.090495][T16718] do_fast_syscall_32+0x6a/0xc0 [ 790.095339][T16718] do_SYSENTER_32+0x73/0x90 [ 790.099840][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 790.106164][T16718] [ 790.108478][T16718] Uninit was stored to memory at: [ 790.113495][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 790.119205][T16718] __msan_chain_origin+0x50/0x90 [ 790.124136][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 790.129256][T16718] get_compat_msghdr+0x108/0x2b0 [ 790.134185][T16718] do_recvmmsg+0xdbb/0x22b0 [ 790.138679][T16718] __sys_recvmmsg+0x5dd/0x610 [ 790.143346][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 790.149422][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 790.155573][T16718] __do_fast_syscall_32+0x129/0x180 [ 790.160763][T16718] do_fast_syscall_32+0x6a/0xc0 [ 790.165604][T16718] do_SYSENTER_32+0x73/0x90 [ 790.170102][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 790.176410][T16718] [ 790.178748][T16718] Uninit was stored to memory at: [ 790.183770][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 790.189482][T16718] __msan_chain_origin+0x50/0x90 [ 790.194433][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 790.199536][T16718] get_compat_msghdr+0x108/0x2b0 [ 790.204468][T16718] do_recvmmsg+0xdbb/0x22b0 [ 790.208960][T16718] __sys_recvmmsg+0x5dd/0x610 [ 790.213628][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 790.219687][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 790.225835][T16718] __do_fast_syscall_32+0x129/0x180 [ 790.231027][T16718] do_fast_syscall_32+0x6a/0xc0 [ 790.235871][T16718] do_SYSENTER_32+0x73/0x90 [ 790.240366][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 790.246671][T16718] [ 790.248987][T16718] Uninit was stored to memory at: [ 790.254006][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 790.259732][T16718] __msan_chain_origin+0x50/0x90 [ 790.264659][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 790.269762][T16718] get_compat_msghdr+0x108/0x2b0 [ 790.274705][T16718] do_recvmmsg+0xdbb/0x22b0 [ 790.279198][T16718] __sys_recvmmsg+0x5dd/0x610 [ 790.283884][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 790.289946][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 790.296092][T16718] __do_fast_syscall_32+0x129/0x180 [ 790.301287][T16718] do_fast_syscall_32+0x6a/0xc0 [ 790.306128][T16718] do_SYSENTER_32+0x73/0x90 [ 790.310626][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 790.316931][T16718] [ 790.319245][T16718] Uninit was stored to memory at: [ 790.324261][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 790.329981][T16718] __msan_chain_origin+0x50/0x90 [ 790.334907][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 790.340009][T16718] get_compat_msghdr+0x108/0x2b0 [ 790.344953][T16718] do_recvmmsg+0xdbb/0x22b0 [ 790.349543][T16718] __sys_recvmmsg+0x5dd/0x610 [ 790.354261][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 790.360369][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 790.366515][T16718] __do_fast_syscall_32+0x129/0x180 [ 790.371732][T16718] do_fast_syscall_32+0x6a/0xc0 [ 790.376580][T16718] do_SYSENTER_32+0x73/0x90 [ 790.381092][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 790.387427][T16718] [ 790.389758][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 790.396419][T16718] do_recvmmsg+0xbf/0x22b0 [ 790.400826][T16718] do_recvmmsg+0xbf/0x22b0 [ 791.202518][T16718] not chained 190000 origins [ 791.207163][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 791.215921][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 791.226034][T16718] Call Trace: [ 791.229345][T16718] dump_stack+0x21c/0x280 [ 791.233701][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 791.239461][T16718] ? kmsan_get_metadata+0x116/0x180 [ 791.244675][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 791.250226][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 791.256455][T16718] ? _copy_from_user+0x201/0x310 [ 791.261401][T16718] ? kmsan_get_metadata+0x116/0x180 [ 791.266613][T16718] __msan_chain_origin+0x50/0x90 [ 791.271555][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 791.276665][T16718] get_compat_msghdr+0x108/0x2b0 [ 791.281604][T16718] do_recvmmsg+0xdbb/0x22b0 [ 791.286205][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 791.292012][T16718] ? kmsan_get_metadata+0x116/0x180 [ 791.297215][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 791.302871][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 791.308161][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 791.312922][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 791.317701][T16718] __sys_recvmmsg+0x5dd/0x610 [ 791.322387][T16718] ? kmsan_get_metadata+0x116/0x180 [ 791.327580][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 791.333756][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 791.339921][T16718] __do_fast_syscall_32+0x129/0x180 [ 791.345132][T16718] do_fast_syscall_32+0x6a/0xc0 [ 791.349977][T16718] do_SYSENTER_32+0x73/0x90 [ 791.354577][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 791.360917][T16718] RIP: 0023:0xf7f82549 [ 791.365091][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 791.384960][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 791.393387][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 791.401505][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 791.409493][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 791.417472][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 791.425445][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 791.433611][T16718] Uninit was stored to memory at: [ 791.438694][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 791.444418][T16718] __msan_chain_origin+0x50/0x90 [ 791.449380][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 791.454487][T16718] get_compat_msghdr+0x108/0x2b0 [ 791.459430][T16718] do_recvmmsg+0xdbb/0x22b0 [ 791.463929][T16718] __sys_recvmmsg+0x5dd/0x610 [ 791.468603][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 791.474666][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 791.480925][T16718] __do_fast_syscall_32+0x129/0x180 [ 791.486215][T16718] do_fast_syscall_32+0x6a/0xc0 [ 791.491182][T16718] do_SYSENTER_32+0x73/0x90 [ 791.495675][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 791.501986][T16718] [ 791.504323][T16718] Uninit was stored to memory at: [ 791.509364][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 791.515148][T16718] __msan_chain_origin+0x50/0x90 [ 791.520099][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 791.525224][T16718] get_compat_msghdr+0x108/0x2b0 [ 791.530338][T16718] do_recvmmsg+0xdbb/0x22b0 [ 791.535042][T16718] __sys_recvmmsg+0x5dd/0x610 [ 791.539727][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 791.545815][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 791.551989][T16718] __do_fast_syscall_32+0x129/0x180 [ 791.557204][T16718] do_fast_syscall_32+0x6a/0xc0 [ 791.562058][T16718] do_SYSENTER_32+0x73/0x90 [ 791.567015][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 791.573324][T16718] [ 791.575653][T16718] Uninit was stored to memory at: [ 791.580669][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 791.586395][T16718] __msan_chain_origin+0x50/0x90 [ 791.591402][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 791.596517][T16718] get_compat_msghdr+0x108/0x2b0 [ 791.601440][T16718] do_recvmmsg+0xdbb/0x22b0 [ 791.605937][T16718] __sys_recvmmsg+0x5dd/0x610 [ 791.610634][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 791.617211][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 791.623356][T16718] __do_fast_syscall_32+0x129/0x180 [ 791.628584][T16718] do_fast_syscall_32+0x6a/0xc0 [ 791.633443][T16718] do_SYSENTER_32+0x73/0x90 [ 791.637974][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 791.644295][T16718] [ 791.646618][T16718] Uninit was stored to memory at: [ 791.651632][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 791.657337][T16718] __msan_chain_origin+0x50/0x90 [ 791.662281][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 791.667378][T16718] get_compat_msghdr+0x108/0x2b0 [ 791.672831][T16718] do_recvmmsg+0xdbb/0x22b0 [ 791.677315][T16718] __sys_recvmmsg+0x5dd/0x610 [ 791.682004][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 791.688049][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 791.694215][T16718] __do_fast_syscall_32+0x129/0x180 [ 791.699409][T16718] do_fast_syscall_32+0x6a/0xc0 [ 791.704257][T16718] do_SYSENTER_32+0x73/0x90 [ 791.708760][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 791.715186][T16718] [ 791.717501][T16718] Uninit was stored to memory at: [ 791.722529][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 791.728345][T16718] __msan_chain_origin+0x50/0x90 [ 791.733283][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 791.738429][T16718] get_compat_msghdr+0x108/0x2b0 [ 791.743370][T16718] do_recvmmsg+0xdbb/0x22b0 [ 791.747867][T16718] __sys_recvmmsg+0x5dd/0x610 [ 791.752543][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 791.758624][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 791.764773][T16718] __do_fast_syscall_32+0x129/0x180 [ 791.769967][T16718] do_fast_syscall_32+0x6a/0xc0 [ 791.774813][T16718] do_SYSENTER_32+0x73/0x90 [ 791.779325][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 791.785668][T16718] [ 791.787976][T16718] Uninit was stored to memory at: [ 791.792998][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 791.798963][T16718] __msan_chain_origin+0x50/0x90 [ 791.803996][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 791.809112][T16718] get_compat_msghdr+0x108/0x2b0 [ 791.814054][T16718] do_recvmmsg+0xdbb/0x22b0 [ 791.818681][T16718] __sys_recvmmsg+0x5dd/0x610 [ 791.823366][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 791.829446][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 791.835844][T16718] __do_fast_syscall_32+0x129/0x180 [ 791.841034][T16718] do_fast_syscall_32+0x6a/0xc0 [ 791.845994][T16718] do_SYSENTER_32+0x73/0x90 [ 791.850494][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 791.856809][T16718] [ 791.859123][T16718] Uninit was stored to memory at: [ 791.864160][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 791.869891][T16718] __msan_chain_origin+0x50/0x90 [ 791.874824][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 791.879928][T16718] get_compat_msghdr+0x108/0x2b0 [ 791.884948][T16718] do_recvmmsg+0xdbb/0x22b0 [ 791.889441][T16718] __sys_recvmmsg+0x5dd/0x610 [ 791.894126][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 791.900191][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 791.906351][T16718] __do_fast_syscall_32+0x129/0x180 [ 791.911571][T16718] do_fast_syscall_32+0x6a/0xc0 [ 791.916455][T16718] do_SYSENTER_32+0x73/0x90 [ 791.920949][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 791.927281][T16718] [ 791.929599][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 791.936277][T16718] do_recvmmsg+0xbf/0x22b0 [ 791.940702][T16718] do_recvmmsg+0xbf/0x22b0 [ 792.486438][T16718] not chained 200000 origins [ 792.491088][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 792.499765][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 792.509931][T16718] Call Trace: [ 792.513238][T16718] dump_stack+0x21c/0x280 [ 792.517601][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 792.523555][T16718] ? kmsan_get_metadata+0x116/0x180 [ 792.529033][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 792.534596][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 792.540793][T16718] ? _copy_from_user+0x201/0x310 [ 792.545750][T16718] ? kmsan_get_metadata+0x116/0x180 [ 792.550962][T16718] __msan_chain_origin+0x50/0x90 [ 792.555930][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 792.561179][T16718] get_compat_msghdr+0x108/0x2b0 [ 792.566227][T16718] do_recvmmsg+0xdbb/0x22b0 [ 792.570761][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 792.576609][T16718] ? kmsan_get_metadata+0x116/0x180 [ 792.581826][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 792.587470][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 792.592775][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 792.597548][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 792.602340][T16718] __sys_recvmmsg+0x5dd/0x610 [ 792.607032][T16718] ? kmsan_get_metadata+0x116/0x180 [ 792.612468][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 792.618542][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 792.624717][T16718] __do_fast_syscall_32+0x129/0x180 [ 792.629939][T16718] do_fast_syscall_32+0x6a/0xc0 [ 792.634802][T16718] do_SYSENTER_32+0x73/0x90 [ 792.639321][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 792.645738][T16718] RIP: 0023:0xf7f82549 [ 792.649792][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 792.670337][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 792.678764][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 792.686820][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 792.694866][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 792.702831][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 792.710794][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 792.718771][T16718] Uninit was stored to memory at: [ 792.723821][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 792.729553][T16718] __msan_chain_origin+0x50/0x90 [ 792.734539][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 792.739675][T16718] get_compat_msghdr+0x108/0x2b0 [ 792.744621][T16718] do_recvmmsg+0xdbb/0x22b0 [ 792.749151][T16718] __sys_recvmmsg+0x5dd/0x610 [ 792.753826][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 792.759911][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 792.766066][T16718] __do_fast_syscall_32+0x129/0x180 [ 792.771414][T16718] do_fast_syscall_32+0x6a/0xc0 [ 792.776250][T16718] do_SYSENTER_32+0x73/0x90 [ 792.780759][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 792.787081][T16718] [ 792.789409][T16718] Uninit was stored to memory at: [ 792.794421][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 792.800156][T16718] __msan_chain_origin+0x50/0x90 [ 792.805092][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 792.810210][T16718] get_compat_msghdr+0x108/0x2b0 [ 792.815143][T16718] do_recvmmsg+0xdbb/0x22b0 [ 792.819648][T16718] __sys_recvmmsg+0x5dd/0x610 [ 792.824321][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 792.830397][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 792.836538][T16718] __do_fast_syscall_32+0x129/0x180 [ 792.841733][T16718] do_fast_syscall_32+0x6a/0xc0 [ 792.846595][T16718] do_SYSENTER_32+0x73/0x90 [ 792.851122][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 792.857433][T16718] [ 792.859752][T16718] Uninit was stored to memory at: [ 792.864776][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 792.870504][T16718] __msan_chain_origin+0x50/0x90 [ 792.875443][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 792.880559][T16718] get_compat_msghdr+0x108/0x2b0 [ 792.885498][T16718] do_recvmmsg+0xdbb/0x22b0 [ 792.890005][T16718] __sys_recvmmsg+0x5dd/0x610 [ 792.894665][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 792.900727][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 792.906880][T16718] __do_fast_syscall_32+0x129/0x180 [ 792.912065][T16718] do_fast_syscall_32+0x6a/0xc0 [ 792.916897][T16718] do_SYSENTER_32+0x73/0x90 [ 792.921386][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 792.927686][T16718] [ 792.929990][T16718] Uninit was stored to memory at: [ 792.935009][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 792.940740][T16718] __msan_chain_origin+0x50/0x90 [ 792.945673][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 792.950778][T16718] get_compat_msghdr+0x108/0x2b0 [ 792.955708][T16718] do_recvmmsg+0xdbb/0x22b0 [ 792.960200][T16718] __sys_recvmmsg+0x5dd/0x610 [ 792.964972][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 792.971055][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 792.977209][T16718] __do_fast_syscall_32+0x129/0x180 [ 792.982427][T16718] do_fast_syscall_32+0x6a/0xc0 [ 792.987259][T16718] do_SYSENTER_32+0x73/0x90 [ 792.991765][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 792.998078][T16718] [ 793.000388][T16718] Uninit was stored to memory at: [ 793.005420][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 793.011140][T16718] __msan_chain_origin+0x50/0x90 [ 793.016074][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 793.021176][T16718] get_compat_msghdr+0x108/0x2b0 [ 793.026118][T16718] do_recvmmsg+0xdbb/0x22b0 [ 793.030616][T16718] __sys_recvmmsg+0x5dd/0x610 [ 793.035276][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 793.041345][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 793.047510][T16718] __do_fast_syscall_32+0x129/0x180 [ 793.052690][T16718] do_fast_syscall_32+0x6a/0xc0 [ 793.057519][T16718] do_SYSENTER_32+0x73/0x90 [ 793.062018][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 793.068450][T16718] [ 793.070780][T16718] Uninit was stored to memory at: [ 793.075994][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 793.081977][T16718] __msan_chain_origin+0x50/0x90 [ 793.087007][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 793.092228][T16718] get_compat_msghdr+0x108/0x2b0 [ 793.097252][T16718] do_recvmmsg+0xdbb/0x22b0 [ 793.101741][T16718] __sys_recvmmsg+0x5dd/0x610 [ 793.106405][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 793.112569][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 793.118725][T16718] __do_fast_syscall_32+0x129/0x180 [ 793.123925][T16718] do_fast_syscall_32+0x6a/0xc0 [ 793.128759][T16718] do_SYSENTER_32+0x73/0x90 [ 793.133248][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 793.139551][T16718] [ 793.141937][T16718] Uninit was stored to memory at: [ 793.147108][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 793.152810][T16718] __msan_chain_origin+0x50/0x90 [ 793.157748][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 793.162842][T16718] get_compat_msghdr+0x108/0x2b0 [ 793.167783][T16718] do_recvmmsg+0xdbb/0x22b0 [ 793.172276][T16718] __sys_recvmmsg+0x5dd/0x610 [ 793.176973][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 793.183039][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 793.189190][T16718] __do_fast_syscall_32+0x129/0x180 [ 793.194369][T16718] do_fast_syscall_32+0x6a/0xc0 [ 793.199215][T16718] do_SYSENTER_32+0x73/0x90 [ 793.203816][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 793.210217][T16718] [ 793.212523][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 793.219186][T16718] do_recvmmsg+0xbf/0x22b0 [ 793.223703][T16718] do_recvmmsg+0xbf/0x22b0 [ 793.798092][T16718] not chained 210000 origins [ 793.802753][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 793.811424][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 793.821482][T16718] Call Trace: [ 793.824881][T16718] dump_stack+0x21c/0x280 [ 793.829234][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 793.834990][T16718] ? kmsan_get_metadata+0x116/0x180 [ 793.840209][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 793.845772][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 793.851853][T16718] ? _copy_from_user+0x201/0x310 [ 793.856817][T16718] ? kmsan_get_metadata+0x116/0x180 [ 793.862029][T16718] __msan_chain_origin+0x50/0x90 [ 793.867007][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 793.872161][T16718] get_compat_msghdr+0x108/0x2b0 [ 793.877119][T16718] do_recvmmsg+0xdbb/0x22b0 [ 793.881641][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 793.887487][T16718] ? kmsan_get_metadata+0x116/0x180 [ 793.892734][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 793.898390][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 793.903690][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 793.908681][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 793.913458][T16718] __sys_recvmmsg+0x5dd/0x610 [ 793.918156][T16718] ? kmsan_get_metadata+0x116/0x180 [ 793.923373][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 793.929464][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 793.935633][T16718] __do_fast_syscall_32+0x129/0x180 [ 793.940852][T16718] do_fast_syscall_32+0x6a/0xc0 [ 793.945712][T16718] do_SYSENTER_32+0x73/0x90 [ 793.950228][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 793.956558][T16718] RIP: 0023:0xf7f82549 [ 793.960635][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 793.980248][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 793.988675][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 793.996809][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 794.004969][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 794.012946][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 794.020900][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 794.028864][T16718] Uninit was stored to memory at: [ 794.033902][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 794.039608][T16718] __msan_chain_origin+0x50/0x90 [ 794.044530][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 794.049645][T16718] get_compat_msghdr+0x108/0x2b0 [ 794.054592][T16718] do_recvmmsg+0xdbb/0x22b0 [ 794.059090][T16718] __sys_recvmmsg+0x5dd/0x610 [ 794.063774][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 794.069845][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 794.076005][T16718] __do_fast_syscall_32+0x129/0x180 [ 794.081219][T16718] do_fast_syscall_32+0x6a/0xc0 [ 794.086073][T16718] do_SYSENTER_32+0x73/0x90 [ 794.090558][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 794.096875][T16718] [ 794.099210][T16718] Uninit was stored to memory at: [ 794.104221][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 794.109941][T16718] __msan_chain_origin+0x50/0x90 [ 794.114882][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 794.119978][T16718] get_compat_msghdr+0x108/0x2b0 [ 794.124905][T16718] do_recvmmsg+0xdbb/0x22b0 [ 794.129419][T16718] __sys_recvmmsg+0x5dd/0x610 [ 794.134085][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 794.140153][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 794.146307][T16718] __do_fast_syscall_32+0x129/0x180 [ 794.151484][T16718] do_fast_syscall_32+0x6a/0xc0 [ 794.156322][T16718] do_SYSENTER_32+0x73/0x90 [ 794.160846][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 794.167157][T16718] [ 794.169466][T16718] Uninit was stored to memory at: [ 794.174478][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 794.180199][T16718] __msan_chain_origin+0x50/0x90 [ 794.185123][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 794.190224][T16718] get_compat_msghdr+0x108/0x2b0 [ 794.195180][T16718] do_recvmmsg+0xdbb/0x22b0 [ 794.199668][T16718] __sys_recvmmsg+0x5dd/0x610 [ 794.204344][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 794.210393][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 794.216535][T16718] __do_fast_syscall_32+0x129/0x180 [ 794.221718][T16718] do_fast_syscall_32+0x6a/0xc0 [ 794.226571][T16718] do_SYSENTER_32+0x73/0x90 [ 794.231070][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 794.237524][T16718] [ 794.239838][T16718] Uninit was stored to memory at: [ 794.244874][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 794.250585][T16718] __msan_chain_origin+0x50/0x90 [ 794.255749][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 794.260869][T16718] get_compat_msghdr+0x108/0x2b0 [ 794.265908][T16718] do_recvmmsg+0xdbb/0x22b0 [ 794.270408][T16718] __sys_recvmmsg+0x5dd/0x610 [ 794.275071][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 794.281164][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 794.287317][T16718] __do_fast_syscall_32+0x129/0x180 [ 794.292534][T16718] do_fast_syscall_32+0x6a/0xc0 [ 794.297374][T16718] do_SYSENTER_32+0x73/0x90 [ 794.301864][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 794.308228][T16718] [ 794.310550][T16718] Uninit was stored to memory at: [ 794.315694][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 794.321420][T16718] __msan_chain_origin+0x50/0x90 [ 794.326342][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 794.331435][T16718] get_compat_msghdr+0x108/0x2b0 [ 794.336370][T16718] do_recvmmsg+0xdbb/0x22b0 [ 794.340879][T16718] __sys_recvmmsg+0x5dd/0x610 [ 794.345551][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 794.351599][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 794.357749][T16718] __do_fast_syscall_32+0x129/0x180 [ 794.362964][T16718] do_fast_syscall_32+0x6a/0xc0 [ 794.367811][T16718] do_SYSENTER_32+0x73/0x90 [ 794.372315][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 794.379657][T16718] [ 794.381973][T16718] Uninit was stored to memory at: [ 794.387105][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 794.392947][T16718] __msan_chain_origin+0x50/0x90 [ 794.397877][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 794.402987][T16718] get_compat_msghdr+0x108/0x2b0 [ 794.407910][T16718] do_recvmmsg+0xdbb/0x22b0 [ 794.412401][T16718] __sys_recvmmsg+0x5dd/0x610 [ 794.417102][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 794.423160][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 794.429304][T16718] __do_fast_syscall_32+0x129/0x180 [ 794.434490][T16718] do_fast_syscall_32+0x6a/0xc0 [ 794.439338][T16718] do_SYSENTER_32+0x73/0x90 [ 794.443852][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 794.450171][T16718] [ 794.452477][T16718] Uninit was stored to memory at: [ 794.457487][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 794.463299][T16718] __msan_chain_origin+0x50/0x90 [ 794.468227][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 794.473349][T16718] get_compat_msghdr+0x108/0x2b0 [ 794.478285][T16718] do_recvmmsg+0xdbb/0x22b0 [ 794.482776][T16718] __sys_recvmmsg+0x5dd/0x610 [ 794.487449][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 794.493503][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 794.499668][T16718] __do_fast_syscall_32+0x129/0x180 [ 794.504867][T16718] do_fast_syscall_32+0x6a/0xc0 [ 794.509916][T16718] do_SYSENTER_32+0x73/0x90 [ 794.514416][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 794.520725][T16718] [ 794.523164][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 794.530007][T16718] do_recvmmsg+0xbf/0x22b0 [ 794.534560][T16718] do_recvmmsg+0xbf/0x22b0 [ 794.992574][T16718] not chained 220000 origins [ 794.997233][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 795.005903][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 795.015974][T16718] Call Trace: [ 795.019279][T16718] dump_stack+0x21c/0x280 [ 795.023626][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 795.029381][T16718] ? kmsan_get_metadata+0x116/0x180 [ 795.034593][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 795.040151][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 795.046233][T16718] ? _copy_from_user+0x201/0x310 [ 795.051189][T16718] ? kmsan_get_metadata+0x116/0x180 [ 795.056403][T16718] __msan_chain_origin+0x50/0x90 [ 795.061354][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 795.066490][T16718] get_compat_msghdr+0x108/0x2b0 [ 795.071442][T16718] do_recvmmsg+0xdbb/0x22b0 [ 795.075986][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 795.081850][T16718] ? kmsan_get_metadata+0x116/0x180 [ 795.087059][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 795.092703][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 795.097999][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 795.102768][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 795.107539][T16718] __sys_recvmmsg+0x5dd/0x610 [ 795.112239][T16718] ? kmsan_get_metadata+0x116/0x180 [ 795.117446][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 795.123531][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 795.129697][T16718] __do_fast_syscall_32+0x129/0x180 [ 795.134942][T16718] do_fast_syscall_32+0x6a/0xc0 [ 795.139805][T16718] do_SYSENTER_32+0x73/0x90 [ 795.144327][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.150656][T16718] RIP: 0023:0xf7f82549 [ 795.154727][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 795.174335][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 795.182756][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 795.190722][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 795.198698][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 795.206660][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 795.214621][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 795.222592][T16718] Uninit was stored to memory at: [ 795.227615][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 795.233427][T16718] __msan_chain_origin+0x50/0x90 [ 795.238379][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 795.243580][T16718] get_compat_msghdr+0x108/0x2b0 [ 795.248518][T16718] do_recvmmsg+0xdbb/0x22b0 [ 795.253010][T16718] __sys_recvmmsg+0x5dd/0x610 [ 795.257677][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 795.263752][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 795.269897][T16718] __do_fast_syscall_32+0x129/0x180 [ 795.275085][T16718] do_fast_syscall_32+0x6a/0xc0 [ 795.279926][T16718] do_SYSENTER_32+0x73/0x90 [ 795.284436][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.290765][T16718] [ 795.293080][T16718] Uninit was stored to memory at: [ 795.298098][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 795.303809][T16718] __msan_chain_origin+0x50/0x90 [ 795.308767][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 795.313868][T16718] get_compat_msghdr+0x108/0x2b0 [ 795.318808][T16718] do_recvmmsg+0xdbb/0x22b0 [ 795.323304][T16718] __sys_recvmmsg+0x5dd/0x610 [ 795.327971][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 795.334029][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 795.340179][T16718] __do_fast_syscall_32+0x129/0x180 [ 795.345381][T16718] do_fast_syscall_32+0x6a/0xc0 [ 795.350223][T16718] do_SYSENTER_32+0x73/0x90 [ 795.354720][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.361041][T16718] [ 795.363364][T16718] Uninit was stored to memory at: [ 795.368382][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 795.374100][T16718] __msan_chain_origin+0x50/0x90 [ 795.379026][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 795.384138][T16718] get_compat_msghdr+0x108/0x2b0 [ 795.389255][T16718] do_recvmmsg+0xdbb/0x22b0 [ 795.393777][T16718] __sys_recvmmsg+0x5dd/0x610 [ 795.398451][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 795.404534][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 795.410705][T16718] __do_fast_syscall_32+0x129/0x180 [ 795.415916][T16718] do_fast_syscall_32+0x6a/0xc0 [ 795.420758][T16718] do_SYSENTER_32+0x73/0x90 [ 795.425265][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.431569][T16718] [ 795.433882][T16718] Uninit was stored to memory at: [ 795.438899][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 795.444626][T16718] __msan_chain_origin+0x50/0x90 [ 795.449573][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 795.454683][T16718] get_compat_msghdr+0x108/0x2b0 [ 795.459696][T16718] do_recvmmsg+0xdbb/0x22b0 [ 795.464202][T16718] __sys_recvmmsg+0x5dd/0x610 [ 795.468869][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 795.474951][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 795.481097][T16718] __do_fast_syscall_32+0x129/0x180 [ 795.486286][T16718] do_fast_syscall_32+0x6a/0xc0 [ 795.491136][T16718] do_SYSENTER_32+0x73/0x90 [ 795.495630][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.501936][T16718] [ 795.504378][T16718] Uninit was stored to memory at: [ 795.509426][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 795.515146][T16718] __msan_chain_origin+0x50/0x90 [ 795.520166][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 795.525270][T16718] get_compat_msghdr+0x108/0x2b0 [ 795.530211][T16718] do_recvmmsg+0xdbb/0x22b0 [ 795.534704][T16718] __sys_recvmmsg+0x5dd/0x610 [ 795.539383][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 795.545438][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 795.551607][T16718] __do_fast_syscall_32+0x129/0x180 [ 795.556940][T16718] do_fast_syscall_32+0x6a/0xc0 [ 795.561799][T16718] do_SYSENTER_32+0x73/0x90 [ 795.566317][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.572625][T16718] [ 795.574940][T16718] Uninit was stored to memory at: [ 795.579973][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 795.585693][T16718] __msan_chain_origin+0x50/0x90 [ 795.590622][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 795.595722][T16718] get_compat_msghdr+0x108/0x2b0 [ 795.600649][T16718] do_recvmmsg+0xdbb/0x22b0 [ 795.605140][T16718] __sys_recvmmsg+0x5dd/0x610 [ 795.609809][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 795.615866][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 795.622011][T16718] __do_fast_syscall_32+0x129/0x180 [ 795.627212][T16718] do_fast_syscall_32+0x6a/0xc0 [ 795.632118][T16718] do_SYSENTER_32+0x73/0x90 [ 795.636613][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.642917][T16718] [ 795.645249][T16718] Uninit was stored to memory at: [ 795.650265][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 795.655989][T16718] __msan_chain_origin+0x50/0x90 [ 795.660917][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 795.666048][T16718] get_compat_msghdr+0x108/0x2b0 [ 795.670979][T16718] do_recvmmsg+0xdbb/0x22b0 [ 795.675473][T16718] __sys_recvmmsg+0x5dd/0x610 [ 795.680157][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 795.686230][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 795.692375][T16718] __do_fast_syscall_32+0x129/0x180 [ 795.697564][T16718] do_fast_syscall_32+0x6a/0xc0 [ 795.702404][T16718] do_SYSENTER_32+0x73/0x90 [ 795.707059][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 795.713374][T16718] [ 795.715724][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 795.722420][T16718] do_recvmmsg+0xbf/0x22b0 [ 795.727189][T16718] do_recvmmsg+0xbf/0x22b0 [ 796.426692][T16718] not chained 230000 origins [ 796.431338][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 796.440010][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 796.450191][T16718] Call Trace: [ 796.453464][T16718] dump_stack+0x21c/0x280 [ 796.457775][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 796.463483][T16718] ? kmsan_get_metadata+0x116/0x180 [ 796.468662][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 796.474342][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 796.480411][T16718] ? _copy_from_user+0x201/0x310 [ 796.485341][T16718] ? kmsan_get_metadata+0x116/0x180 [ 796.490527][T16718] __msan_chain_origin+0x50/0x90 [ 796.495536][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 796.500665][T16718] get_compat_msghdr+0x108/0x2b0 [ 796.505604][T16718] do_recvmmsg+0xdbb/0x22b0 [ 796.510095][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 796.516084][T16718] ? kmsan_get_metadata+0x116/0x180 [ 796.521307][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 796.526974][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 796.532258][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 796.537116][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 796.541878][T16718] __sys_recvmmsg+0x5dd/0x610 [ 796.546549][T16718] ? kmsan_get_metadata+0x116/0x180 [ 796.551743][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 796.557810][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 796.563988][T16718] __do_fast_syscall_32+0x129/0x180 [ 796.569173][T16718] do_fast_syscall_32+0x6a/0xc0 [ 796.574262][T16718] do_SYSENTER_32+0x73/0x90 [ 796.578910][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 796.585233][T16718] RIP: 0023:0xf7f82549 [ 796.589301][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 796.608889][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 796.617279][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 796.625256][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 796.633223][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 796.641203][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 796.649163][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 796.657144][T16718] Uninit was stored to memory at: [ 796.662154][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 796.667874][T16718] __msan_chain_origin+0x50/0x90 [ 796.672792][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 796.677987][T16718] get_compat_msghdr+0x108/0x2b0 [ 796.682914][T16718] do_recvmmsg+0xdbb/0x22b0 [ 796.687392][T16718] __sys_recvmmsg+0x5dd/0x610 [ 796.692053][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 796.698106][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 796.704250][T16718] __do_fast_syscall_32+0x129/0x180 [ 796.709779][T16718] do_fast_syscall_32+0x6a/0xc0 [ 796.714640][T16718] do_SYSENTER_32+0x73/0x90 [ 796.719130][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 796.725441][T16718] [ 796.727787][T16718] Uninit was stored to memory at: [ 796.732933][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 796.738773][T16718] __msan_chain_origin+0x50/0x90 [ 796.743716][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 796.748821][T16718] get_compat_msghdr+0x108/0x2b0 [ 796.753737][T16718] do_recvmmsg+0xdbb/0x22b0 [ 796.758488][T16718] __sys_recvmmsg+0x5dd/0x610 [ 796.763291][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 796.769390][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 796.775543][T16718] __do_fast_syscall_32+0x129/0x180 [ 796.780759][T16718] do_fast_syscall_32+0x6a/0xc0 [ 796.785612][T16718] do_SYSENTER_32+0x73/0x90 [ 796.790465][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 796.796851][T16718] [ 796.799159][T16718] Uninit was stored to memory at: [ 796.804169][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 796.809871][T16718] __msan_chain_origin+0x50/0x90 [ 796.814790][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 796.819906][T16718] get_compat_msghdr+0x108/0x2b0 [ 796.824846][T16718] do_recvmmsg+0xdbb/0x22b0 [ 796.829365][T16718] __sys_recvmmsg+0x5dd/0x610 [ 796.834050][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 796.840227][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 796.846380][T16718] __do_fast_syscall_32+0x129/0x180 [ 796.851580][T16718] do_fast_syscall_32+0x6a/0xc0 [ 796.856432][T16718] do_SYSENTER_32+0x73/0x90 [ 796.861038][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 796.867338][T16718] [ 796.869648][T16718] Uninit was stored to memory at: [ 796.874671][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 796.880371][T16718] __msan_chain_origin+0x50/0x90 [ 796.885300][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 796.890392][T16718] get_compat_msghdr+0x108/0x2b0 [ 796.895322][T16718] do_recvmmsg+0xdbb/0x22b0 [ 796.899808][T16718] __sys_recvmmsg+0x5dd/0x610 [ 796.904466][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 796.910516][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 796.916649][T16718] __do_fast_syscall_32+0x129/0x180 [ 796.921828][T16718] do_fast_syscall_32+0x6a/0xc0 [ 796.926657][T16718] do_SYSENTER_32+0x73/0x90 [ 796.931145][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 796.937529][T16718] [ 796.939850][T16718] Uninit was stored to memory at: [ 796.944917][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 796.950631][T16718] __msan_chain_origin+0x50/0x90 [ 796.955561][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 796.960662][T16718] get_compat_msghdr+0x108/0x2b0 [ 796.965595][T16718] do_recvmmsg+0xdbb/0x22b0 [ 796.970276][T16718] __sys_recvmmsg+0x5dd/0x610 [ 796.974932][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 796.981008][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 796.987144][T16718] __do_fast_syscall_32+0x129/0x180 [ 796.992325][T16718] do_fast_syscall_32+0x6a/0xc0 [ 796.997430][T16718] do_SYSENTER_32+0x73/0x90 [ 797.001919][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 797.008226][T16718] [ 797.010544][T16718] Uninit was stored to memory at: [ 797.015904][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 797.021608][T16718] __msan_chain_origin+0x50/0x90 [ 797.026526][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 797.031633][T16718] get_compat_msghdr+0x108/0x2b0 [ 797.036575][T16718] do_recvmmsg+0xdbb/0x22b0 [ 797.041066][T16718] __sys_recvmmsg+0x5dd/0x610 [ 797.045740][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 797.051933][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 797.058189][T16718] __do_fast_syscall_32+0x129/0x180 [ 797.063549][T16718] do_fast_syscall_32+0x6a/0xc0 [ 797.068482][T16718] do_SYSENTER_32+0x73/0x90 [ 797.072991][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 797.079393][T16718] [ 797.081702][T16718] Uninit was stored to memory at: [ 797.086711][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 797.092415][T16718] __msan_chain_origin+0x50/0x90 [ 797.097333][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 797.102424][T16718] get_compat_msghdr+0x108/0x2b0 [ 797.107340][T16718] do_recvmmsg+0xdbb/0x22b0 [ 797.111824][T16718] __sys_recvmmsg+0x5dd/0x610 [ 797.116588][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 797.122646][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 797.128800][T16718] __do_fast_syscall_32+0x129/0x180 [ 797.134090][T16718] do_fast_syscall_32+0x6a/0xc0 [ 797.138940][T16718] do_SYSENTER_32+0x73/0x90 [ 797.143442][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 797.149755][T16718] [ 797.152063][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 797.158754][T16718] do_recvmmsg+0xbf/0x22b0 [ 797.163158][T16718] do_recvmmsg+0xbf/0x22b0 [ 797.805935][T16718] not chained 240000 origins [ 797.810589][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 797.819260][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 797.830186][T16718] Call Trace: [ 797.833501][T16718] dump_stack+0x21c/0x280 [ 797.837854][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 797.843817][T16718] ? kmsan_get_metadata+0x116/0x180 [ 797.849029][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 797.854593][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 797.860764][T16718] ? _copy_from_user+0x201/0x310 [ 797.865722][T16718] ? kmsan_get_metadata+0x116/0x180 [ 797.871024][T16718] __msan_chain_origin+0x50/0x90 [ 797.875986][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 797.881124][T16718] get_compat_msghdr+0x108/0x2b0 [ 797.886077][T16718] do_recvmmsg+0xdbb/0x22b0 [ 797.890595][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 797.896434][T16718] ? kmsan_get_metadata+0x116/0x180 [ 797.901647][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 797.907397][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 797.912695][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 797.917464][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 797.922243][T16718] __sys_recvmmsg+0x5dd/0x610 [ 797.926940][T16718] ? kmsan_get_metadata+0x116/0x180 [ 797.932156][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 797.938249][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 797.944425][T16718] __do_fast_syscall_32+0x129/0x180 [ 797.949643][T16718] do_fast_syscall_32+0x6a/0xc0 [ 797.954525][T16718] do_SYSENTER_32+0x73/0x90 [ 797.959049][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 797.965404][T16718] RIP: 0023:0xf7f82549 [ 797.969486][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 797.989102][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 797.997528][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 798.005509][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 798.013517][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 798.021497][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 798.029477][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 798.038920][T16718] Uninit was stored to memory at: [ 798.043968][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 798.049698][T16718] __msan_chain_origin+0x50/0x90 [ 798.054640][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 798.059758][T16718] get_compat_msghdr+0x108/0x2b0 [ 798.064703][T16718] do_recvmmsg+0xdbb/0x22b0 [ 798.069211][T16718] __sys_recvmmsg+0x5dd/0x610 [ 798.074332][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 798.080427][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 798.086590][T16718] __do_fast_syscall_32+0x129/0x180 [ 798.091806][T16718] do_fast_syscall_32+0x6a/0xc0 [ 798.096678][T16718] do_SYSENTER_32+0x73/0x90 [ 798.101193][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 798.107509][T16718] [ 798.109851][T16718] Uninit was stored to memory at: [ 798.114919][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 798.120650][T16718] __msan_chain_origin+0x50/0x90 [ 798.125593][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 798.130712][T16718] get_compat_msghdr+0x108/0x2b0 [ 798.135655][T16718] do_recvmmsg+0xdbb/0x22b0 [ 798.140162][T16718] __sys_recvmmsg+0x5dd/0x610 [ 798.144875][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 798.150952][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 798.157115][T16718] __do_fast_syscall_32+0x129/0x180 [ 798.162326][T16718] do_fast_syscall_32+0x6a/0xc0 [ 798.167189][T16718] do_SYSENTER_32+0x73/0x90 [ 798.171703][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 798.178029][T16718] [ 798.180352][T16718] Uninit was stored to memory at: [ 798.185423][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 798.191175][T16718] __msan_chain_origin+0x50/0x90 [ 798.196123][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 798.201419][T16718] get_compat_msghdr+0x108/0x2b0 [ 798.206365][T16718] do_recvmmsg+0xdbb/0x22b0 [ 798.210875][T16718] __sys_recvmmsg+0x5dd/0x610 [ 798.215560][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 798.221635][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 798.227808][T16718] __do_fast_syscall_32+0x129/0x180 [ 798.233020][T16718] do_fast_syscall_32+0x6a/0xc0 [ 798.237880][T16718] do_SYSENTER_32+0x73/0x90 [ 798.242396][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 798.248715][T16718] [ 798.251046][T16718] Uninit was stored to memory at: [ 798.256080][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 798.261809][T16718] __msan_chain_origin+0x50/0x90 [ 798.266759][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 798.271885][T16718] get_compat_msghdr+0x108/0x2b0 [ 798.276828][T16718] do_recvmmsg+0xdbb/0x22b0 [ 798.281427][T16718] __sys_recvmmsg+0x5dd/0x610 [ 798.286108][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 798.292268][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 798.298432][T16718] __do_fast_syscall_32+0x129/0x180 [ 798.303637][T16718] do_fast_syscall_32+0x6a/0xc0 [ 798.308495][T16718] do_SYSENTER_32+0x73/0x90 [ 798.313120][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 798.319436][T16718] [ 798.321761][T16718] Uninit was stored to memory at: [ 798.326792][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 798.332525][T16718] __msan_chain_origin+0x50/0x90 [ 798.337475][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 798.342600][T16718] get_compat_msghdr+0x108/0x2b0 [ 798.347552][T16718] do_recvmmsg+0xdbb/0x22b0 [ 798.352059][T16718] __sys_recvmmsg+0x5dd/0x610 [ 798.356749][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 798.362838][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 798.369009][T16718] __do_fast_syscall_32+0x129/0x180 [ 798.374211][T16718] do_fast_syscall_32+0x6a/0xc0 [ 798.379071][T16718] do_SYSENTER_32+0x73/0x90 [ 798.383592][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 798.389932][T16718] [ 798.392256][T16718] Uninit was stored to memory at: [ 798.397287][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 798.403015][T16718] __msan_chain_origin+0x50/0x90 [ 798.407955][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 798.413081][T16718] get_compat_msghdr+0x108/0x2b0 [ 798.418019][T16718] do_recvmmsg+0xdbb/0x22b0 [ 798.422521][T16718] __sys_recvmmsg+0x5dd/0x610 [ 798.427206][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 798.433393][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 798.439553][T16718] __do_fast_syscall_32+0x129/0x180 [ 798.444758][T16718] do_fast_syscall_32+0x6a/0xc0 [ 798.449615][T16718] do_SYSENTER_32+0x73/0x90 [ 798.454115][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 798.460418][T16718] [ 798.462735][T16718] Uninit was stored to memory at: [ 798.467812][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 798.473515][T16718] __msan_chain_origin+0x50/0x90 [ 798.478465][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 798.483568][T16718] get_compat_msghdr+0x108/0x2b0 [ 798.488486][T16718] do_recvmmsg+0xdbb/0x22b0 [ 798.492981][T16718] __sys_recvmmsg+0x5dd/0x610 [ 798.497637][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 798.503685][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 798.509841][T16718] __do_fast_syscall_32+0x129/0x180 [ 798.515016][T16718] do_fast_syscall_32+0x6a/0xc0 [ 798.519856][T16718] do_SYSENTER_32+0x73/0x90 [ 798.524370][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 798.530689][T16718] [ 798.533016][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 798.539695][T16718] do_recvmmsg+0xbf/0x22b0 [ 798.544108][T16718] do_recvmmsg+0xbf/0x22b0 [ 798.816397][T16718] not chained 250000 origins [ 798.821043][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 798.830675][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 798.840735][T16718] Call Trace: [ 798.844044][T16718] dump_stack+0x21c/0x280 [ 798.848396][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 798.854151][T16718] ? kmsan_get_metadata+0x116/0x180 [ 798.859367][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 798.864931][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 798.871017][T16718] ? _copy_from_user+0x201/0x310 [ 798.875975][T16718] ? kmsan_get_metadata+0x116/0x180 [ 798.881191][T16718] __msan_chain_origin+0x50/0x90 [ 798.886141][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 798.891304][T16718] get_compat_msghdr+0x108/0x2b0 [ 798.896261][T16718] do_recvmmsg+0xdbb/0x22b0 [ 798.900880][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 798.906721][T16718] ? kmsan_get_metadata+0x116/0x180 [ 798.911952][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 798.917600][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 798.922901][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 798.927677][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 798.932458][T16718] __sys_recvmmsg+0x5dd/0x610 [ 798.937171][T16718] ? kmsan_get_metadata+0x116/0x180 [ 798.942398][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 798.948475][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 798.954618][T16718] __do_fast_syscall_32+0x129/0x180 [ 798.960062][T16718] do_fast_syscall_32+0x6a/0xc0 [ 798.964926][T16718] do_SYSENTER_32+0x73/0x90 [ 798.969555][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 798.976102][T16718] RIP: 0023:0xf7f82549 [ 798.980183][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 799.000156][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 799.008704][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 799.016768][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 799.024804][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 799.032767][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 799.040741][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 799.048732][T16718] Uninit was stored to memory at: [ 799.053767][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 799.059489][T16718] __msan_chain_origin+0x50/0x90 [ 799.064421][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 799.069631][T16718] get_compat_msghdr+0x108/0x2b0 [ 799.074772][T16718] do_recvmmsg+0xdbb/0x22b0 [ 799.079273][T16718] __sys_recvmmsg+0x5dd/0x610 [ 799.083962][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 799.090037][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 799.096189][T16718] __do_fast_syscall_32+0x129/0x180 [ 799.101382][T16718] do_fast_syscall_32+0x6a/0xc0 [ 799.106221][T16718] do_SYSENTER_32+0x73/0x90 [ 799.110732][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 799.117380][T16718] [ 799.119685][T16718] Uninit was stored to memory at: [ 799.124700][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 799.130406][T16718] __msan_chain_origin+0x50/0x90 [ 799.135372][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 799.140471][T16718] get_compat_msghdr+0x108/0x2b0 [ 799.145397][T16718] do_recvmmsg+0xdbb/0x22b0 [ 799.149880][T16718] __sys_recvmmsg+0x5dd/0x610 [ 799.154553][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 799.160602][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 799.166782][T16718] __do_fast_syscall_32+0x129/0x180 [ 799.171973][T16718] do_fast_syscall_32+0x6a/0xc0 [ 799.176904][T16718] do_SYSENTER_32+0x73/0x90 [ 799.181402][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 799.187720][T16718] [ 799.190033][T16718] Uninit was stored to memory at: [ 799.195078][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 799.200889][T16718] __msan_chain_origin+0x50/0x90 [ 799.205922][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 799.211109][T16718] get_compat_msghdr+0x108/0x2b0 [ 799.216156][T16718] do_recvmmsg+0xdbb/0x22b0 [ 799.220670][T16718] __sys_recvmmsg+0x5dd/0x610 [ 799.225447][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 799.231505][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 799.237657][T16718] __do_fast_syscall_32+0x129/0x180 [ 799.242841][T16718] do_fast_syscall_32+0x6a/0xc0 [ 799.247678][T16718] do_SYSENTER_32+0x73/0x90 [ 799.252521][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 799.258852][T16718] [ 799.261157][T16718] Uninit was stored to memory at: [ 799.266253][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 799.272088][T16718] __msan_chain_origin+0x50/0x90 [ 799.277015][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 799.282106][T16718] get_compat_msghdr+0x108/0x2b0 [ 799.287064][T16718] do_recvmmsg+0xdbb/0x22b0 [ 799.291560][T16718] __sys_recvmmsg+0x5dd/0x610 [ 799.296242][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 799.302297][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 799.308442][T16718] __do_fast_syscall_32+0x129/0x180 [ 799.313628][T16718] do_fast_syscall_32+0x6a/0xc0 [ 799.318481][T16718] do_SYSENTER_32+0x73/0x90 [ 799.322964][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 799.329261][T16718] [ 799.331568][T16718] Uninit was stored to memory at: [ 799.336593][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 799.342325][T16718] __msan_chain_origin+0x50/0x90 [ 799.347349][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 799.352576][T16718] get_compat_msghdr+0x108/0x2b0 [ 799.358110][T16718] do_recvmmsg+0xdbb/0x22b0 [ 799.362601][T16718] __sys_recvmmsg+0x5dd/0x610 [ 799.368407][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 799.374472][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 799.380805][T16718] __do_fast_syscall_32+0x129/0x180 [ 799.386002][T16718] do_fast_syscall_32+0x6a/0xc0 [ 799.390852][T16718] do_SYSENTER_32+0x73/0x90 [ 799.395784][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 799.402087][T16718] [ 799.404639][T16718] Uninit was stored to memory at: [ 799.409743][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 799.415497][T16718] __msan_chain_origin+0x50/0x90 [ 799.420538][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 799.425674][T16718] get_compat_msghdr+0x108/0x2b0 [ 799.430720][T16718] do_recvmmsg+0xdbb/0x22b0 [ 799.435218][T16718] __sys_recvmmsg+0x5dd/0x610 [ 799.439897][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 799.445961][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 799.452132][T16718] __do_fast_syscall_32+0x129/0x180 [ 799.457347][T16718] do_fast_syscall_32+0x6a/0xc0 [ 799.462186][T16718] do_SYSENTER_32+0x73/0x90 [ 799.466700][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 799.473010][T16718] [ 799.475341][T16718] Uninit was stored to memory at: [ 799.480409][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 799.486127][T16718] __msan_chain_origin+0x50/0x90 [ 799.491104][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 799.496221][T16718] get_compat_msghdr+0x108/0x2b0 [ 799.501152][T16718] do_recvmmsg+0xdbb/0x22b0 [ 799.505658][T16718] __sys_recvmmsg+0x5dd/0x610 [ 799.510491][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 799.516862][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 799.523099][T16718] __do_fast_syscall_32+0x129/0x180 [ 799.529291][T16718] do_fast_syscall_32+0x6a/0xc0 [ 799.534313][T16718] do_SYSENTER_32+0x73/0x90 [ 799.538841][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 799.545248][T16718] [ 799.547555][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 799.554235][T16718] do_recvmmsg+0xbf/0x22b0 [ 799.558630][T16718] do_recvmmsg+0xbf/0x22b0 [ 799.822067][T16718] not chained 260000 origins [ 799.826721][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 799.835410][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 799.845645][T16718] Call Trace: [ 799.848975][T16718] dump_stack+0x21c/0x280 [ 799.853413][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 799.859197][T16718] ? kmsan_get_metadata+0x116/0x180 [ 799.864405][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 799.869981][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 799.876063][T16718] ? _copy_from_user+0x201/0x310 [ 799.881022][T16718] ? kmsan_get_metadata+0x116/0x180 [ 799.886231][T16718] __msan_chain_origin+0x50/0x90 [ 799.891184][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 799.896319][T16718] get_compat_msghdr+0x108/0x2b0 [ 799.903348][T16718] do_recvmmsg+0xdbb/0x22b0 [ 799.907875][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 799.913881][T16718] ? kmsan_get_metadata+0x116/0x180 [ 799.919100][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 799.924835][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 799.930165][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 799.934931][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 799.939708][T16718] __sys_recvmmsg+0x5dd/0x610 [ 799.944405][T16718] ? kmsan_get_metadata+0x116/0x180 [ 799.949711][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 799.955800][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 799.961969][T16718] __do_fast_syscall_32+0x129/0x180 [ 799.967191][T16718] do_fast_syscall_32+0x6a/0xc0 [ 799.972166][T16718] do_SYSENTER_32+0x73/0x90 [ 799.976688][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 799.983021][T16718] RIP: 0023:0xf7f82549 [ 799.987100][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 800.006828][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 800.015255][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 800.023425][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 800.031416][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 800.040097][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 800.048082][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 800.056113][T16718] Uninit was stored to memory at: [ 800.061154][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 800.066883][T16718] __msan_chain_origin+0x50/0x90 [ 800.071827][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 800.076944][T16718] get_compat_msghdr+0x108/0x2b0 [ 800.081890][T16718] do_recvmmsg+0xdbb/0x22b0 [ 800.086395][T16718] __sys_recvmmsg+0x5dd/0x610 [ 800.091083][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 800.097158][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 800.103322][T16718] __do_fast_syscall_32+0x129/0x180 [ 800.108550][T16718] do_fast_syscall_32+0x6a/0xc0 [ 800.113407][T16718] do_SYSENTER_32+0x73/0x90 [ 800.117919][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 800.124236][T16718] [ 800.126563][T16718] Uninit was stored to memory at: [ 800.131597][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 800.137352][T16718] __msan_chain_origin+0x50/0x90 [ 800.142298][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 800.147418][T16718] get_compat_msghdr+0x108/0x2b0 [ 800.152362][T16718] do_recvmmsg+0xdbb/0x22b0 [ 800.156867][T16718] __sys_recvmmsg+0x5dd/0x610 [ 800.161565][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 800.167644][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 800.173836][T16718] __do_fast_syscall_32+0x129/0x180 [ 800.179306][T16718] do_fast_syscall_32+0x6a/0xc0 [ 800.184164][T16718] do_SYSENTER_32+0x73/0x90 [ 800.188718][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 800.195031][T16718] [ 800.197355][T16718] Uninit was stored to memory at: [ 800.202394][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 800.208124][T16718] __msan_chain_origin+0x50/0x90 [ 800.213065][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 800.218182][T16718] get_compat_msghdr+0x108/0x2b0 [ 800.223148][T16718] do_recvmmsg+0xdbb/0x22b0 [ 800.227640][T16718] __sys_recvmmsg+0x5dd/0x610 [ 800.232311][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 800.238470][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 800.244638][T16718] __do_fast_syscall_32+0x129/0x180 [ 800.249828][T16718] do_fast_syscall_32+0x6a/0xc0 [ 800.254669][T16718] do_SYSENTER_32+0x73/0x90 [ 800.259167][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 800.265483][T16718] [ 800.267805][T16718] Uninit was stored to memory at: [ 800.272836][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 800.278632][T16718] __msan_chain_origin+0x50/0x90 [ 800.283568][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 800.288685][T16718] get_compat_msghdr+0x108/0x2b0 [ 800.293616][T16718] do_recvmmsg+0xdbb/0x22b0 [ 800.298107][T16718] __sys_recvmmsg+0x5dd/0x610 [ 800.303385][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 800.309464][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 800.315617][T16718] __do_fast_syscall_32+0x129/0x180 [ 800.320808][T16718] do_fast_syscall_32+0x6a/0xc0 [ 800.325649][T16718] do_SYSENTER_32+0x73/0x90 [ 800.330151][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 800.336458][T16718] [ 800.338784][T16718] Uninit was stored to memory at: [ 800.343813][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 800.349519][T16718] __msan_chain_origin+0x50/0x90 [ 800.354449][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 800.359550][T16718] get_compat_msghdr+0x108/0x2b0 [ 800.364475][T16718] do_recvmmsg+0xdbb/0x22b0 [ 800.368968][T16718] __sys_recvmmsg+0x5dd/0x610 [ 800.373649][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 800.379716][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 800.385864][T16718] __do_fast_syscall_32+0x129/0x180 [ 800.391053][T16718] do_fast_syscall_32+0x6a/0xc0 [ 800.395986][T16718] do_SYSENTER_32+0x73/0x90 [ 800.400480][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 800.407217][T16718] [ 800.409529][T16718] Uninit was stored to memory at: [ 800.414545][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 800.420254][T16718] __msan_chain_origin+0x50/0x90 [ 800.425193][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 800.430316][T16718] get_compat_msghdr+0x108/0x2b0 [ 800.435255][T16718] do_recvmmsg+0xdbb/0x22b0 [ 800.439756][T16718] __sys_recvmmsg+0x5dd/0x610 [ 800.444424][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 800.450492][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 800.456660][T16718] __do_fast_syscall_32+0x129/0x180 [ 800.461850][T16718] do_fast_syscall_32+0x6a/0xc0 [ 800.466689][T16718] do_SYSENTER_32+0x73/0x90 [ 800.471372][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 800.477680][T16718] [ 800.479995][T16718] Uninit was stored to memory at: [ 800.485012][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 800.490740][T16718] __msan_chain_origin+0x50/0x90 [ 800.495718][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 800.500830][T16718] get_compat_msghdr+0x108/0x2b0 [ 800.505948][T16718] do_recvmmsg+0xdbb/0x22b0 [ 800.510445][T16718] __sys_recvmmsg+0x5dd/0x610 [ 800.515116][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 800.521175][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 800.527321][T16718] __do_fast_syscall_32+0x129/0x180 [ 800.532511][T16718] do_fast_syscall_32+0x6a/0xc0 [ 800.537353][T16718] do_SYSENTER_32+0x73/0x90 [ 800.541848][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 800.548353][T16718] [ 800.550780][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 800.557445][T16718] do_recvmmsg+0xbf/0x22b0 [ 800.561851][T16718] do_recvmmsg+0xbf/0x22b0 [ 801.222852][T16718] not chained 270000 origins [ 801.227536][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 801.236209][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 801.246274][T16718] Call Trace: [ 801.249601][T16718] dump_stack+0x21c/0x280 [ 801.253948][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 801.259706][T16718] ? kmsan_get_metadata+0x116/0x180 [ 801.264918][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 801.270516][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 801.276602][T16718] ? _copy_from_user+0x201/0x310 [ 801.281562][T16718] ? kmsan_get_metadata+0x116/0x180 [ 801.286780][T16718] __msan_chain_origin+0x50/0x90 [ 801.291833][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 801.297061][T16718] get_compat_msghdr+0x108/0x2b0 [ 801.302021][T16718] do_recvmmsg+0xdbb/0x22b0 [ 801.306555][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 801.312393][T16718] ? kmsan_get_metadata+0x116/0x180 [ 801.317611][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 801.323266][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 801.328564][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 801.333335][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 801.338111][T16718] __sys_recvmmsg+0x5dd/0x610 [ 801.342803][T16718] ? kmsan_get_metadata+0x116/0x180 [ 801.348013][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 801.354104][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 801.360276][T16718] __do_fast_syscall_32+0x129/0x180 [ 801.365496][T16718] do_fast_syscall_32+0x6a/0xc0 [ 801.370365][T16718] do_SYSENTER_32+0x73/0x90 [ 801.374914][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 801.381269][T16718] RIP: 0023:0xf7f82549 [ 801.385346][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 801.405072][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 801.413586][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 801.421571][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 801.429556][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 801.437540][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 801.445525][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 801.453518][T16718] Uninit was stored to memory at: [ 801.458562][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 801.464315][T16718] __msan_chain_origin+0x50/0x90 [ 801.469264][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 801.474381][T16718] get_compat_msghdr+0x108/0x2b0 [ 801.479326][T16718] do_recvmmsg+0xdbb/0x22b0 [ 801.483839][T16718] __sys_recvmmsg+0x5dd/0x610 [ 801.488533][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 801.494698][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 801.500882][T16718] __do_fast_syscall_32+0x129/0x180 [ 801.506095][T16718] do_fast_syscall_32+0x6a/0xc0 [ 801.511150][T16718] do_SYSENTER_32+0x73/0x90 [ 801.515658][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 801.521965][T16718] [ 801.524274][T16718] Uninit was stored to memory at: [ 801.529308][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 801.535026][T16718] __msan_chain_origin+0x50/0x90 [ 801.540085][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 801.545188][T16718] get_compat_msghdr+0x108/0x2b0 [ 801.550117][T16718] do_recvmmsg+0xdbb/0x22b0 [ 801.554610][T16718] __sys_recvmmsg+0x5dd/0x610 [ 801.559315][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 801.565375][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 801.571523][T16718] __do_fast_syscall_32+0x129/0x180 [ 801.576729][T16718] do_fast_syscall_32+0x6a/0xc0 [ 801.581560][T16718] do_SYSENTER_32+0x73/0x90 [ 801.586062][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 801.592632][T16718] [ 801.594936][T16718] Uninit was stored to memory at: [ 801.599942][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 801.605639][T16718] __msan_chain_origin+0x50/0x90 [ 801.610569][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 801.615688][T16718] get_compat_msghdr+0x108/0x2b0 [ 801.620618][T16718] do_recvmmsg+0xdbb/0x22b0 [ 801.625097][T16718] __sys_recvmmsg+0x5dd/0x610 [ 801.629771][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 801.635830][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 801.641973][T16718] __do_fast_syscall_32+0x129/0x180 [ 801.647244][T16718] do_fast_syscall_32+0x6a/0xc0 [ 801.652147][T16718] do_SYSENTER_32+0x73/0x90 [ 801.656652][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 801.662960][T16718] [ 801.665267][T16718] Uninit was stored to memory at: [ 801.670287][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 801.676003][T16718] __msan_chain_origin+0x50/0x90 [ 801.680943][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 801.686053][T16718] get_compat_msghdr+0x108/0x2b0 [ 801.690977][T16718] do_recvmmsg+0xdbb/0x22b0 [ 801.695566][T16718] __sys_recvmmsg+0x5dd/0x610 [ 801.700228][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 801.706274][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 801.712422][T16718] __do_fast_syscall_32+0x129/0x180 [ 801.717616][T16718] do_fast_syscall_32+0x6a/0xc0 [ 801.722463][T16718] do_SYSENTER_32+0x73/0x90 [ 801.726947][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 801.733875][T16718] [ 801.736186][T16718] Uninit was stored to memory at: [ 801.741213][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 801.746936][T16718] __msan_chain_origin+0x50/0x90 [ 801.751862][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 801.756977][T16718] get_compat_msghdr+0x108/0x2b0 [ 801.761928][T16718] do_recvmmsg+0xdbb/0x22b0 [ 801.766420][T16718] __sys_recvmmsg+0x5dd/0x610 [ 801.771101][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 801.777146][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 801.783323][T16718] __do_fast_syscall_32+0x129/0x180 [ 801.788611][T16718] do_fast_syscall_32+0x6a/0xc0 [ 801.793476][T16718] do_SYSENTER_32+0x73/0x90 [ 801.798132][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 801.804472][T16718] [ 801.806793][T16718] Uninit was stored to memory at: [ 801.811822][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 801.817531][T16718] __msan_chain_origin+0x50/0x90 [ 801.822546][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 801.827655][T16718] get_compat_msghdr+0x108/0x2b0 [ 801.832583][T16718] do_recvmmsg+0xdbb/0x22b0 [ 801.837066][T16718] __sys_recvmmsg+0x5dd/0x610 [ 801.841723][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 801.848401][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 801.854577][T16718] __do_fast_syscall_32+0x129/0x180 [ 801.859784][T16718] do_fast_syscall_32+0x6a/0xc0 [ 801.864627][T16718] do_SYSENTER_32+0x73/0x90 [ 801.869132][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 801.875460][T16718] [ 801.877877][T16718] Uninit was stored to memory at: [ 801.882921][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 801.888653][T16718] __msan_chain_origin+0x50/0x90 [ 801.893945][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 801.899082][T16718] get_compat_msghdr+0x108/0x2b0 [ 801.904010][T16718] do_recvmmsg+0xdbb/0x22b0 [ 801.908517][T16718] __sys_recvmmsg+0x5dd/0x610 [ 801.913188][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 801.919246][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 801.925405][T16718] __do_fast_syscall_32+0x129/0x180 [ 801.930599][T16718] do_fast_syscall_32+0x6a/0xc0 [ 801.935462][T16718] do_SYSENTER_32+0x73/0x90 [ 801.939947][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 801.946268][T16718] [ 801.948596][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 801.955288][T16718] do_recvmmsg+0xbf/0x22b0 [ 801.959687][T16718] do_recvmmsg+0xbf/0x22b0 [ 802.452213][T16718] not chained 280000 origins [ 802.456951][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 802.465622][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 802.475685][T16718] Call Trace: [ 802.478999][T16718] dump_stack+0x21c/0x280 [ 802.483350][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 802.489112][T16718] ? kmsan_get_metadata+0x116/0x180 [ 802.494324][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 802.499887][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 802.505979][T16718] ? _copy_from_user+0x201/0x310 [ 802.510939][T16718] ? kmsan_get_metadata+0x116/0x180 [ 802.516167][T16718] __msan_chain_origin+0x50/0x90 [ 802.521129][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 802.526537][T16718] get_compat_msghdr+0x108/0x2b0 [ 802.531496][T16718] do_recvmmsg+0xdbb/0x22b0 [ 802.536024][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 802.541883][T16718] ? kmsan_get_metadata+0x116/0x180 [ 802.547098][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 802.552922][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 802.558219][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 802.562988][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 802.567763][T16718] __sys_recvmmsg+0x5dd/0x610 [ 802.572461][T16718] ? kmsan_get_metadata+0x116/0x180 [ 802.577677][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 802.583787][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 802.589961][T16718] __do_fast_syscall_32+0x129/0x180 [ 802.595175][T16718] do_fast_syscall_32+0x6a/0xc0 [ 802.600041][T16718] do_SYSENTER_32+0x73/0x90 [ 802.604559][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 802.610888][T16718] RIP: 0023:0xf7f82549 [ 802.614963][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 802.634673][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 802.643124][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 802.651111][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 802.659072][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 802.667055][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 802.675180][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 802.683398][T16718] Uninit was stored to memory at: [ 802.688534][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 802.694255][T16718] __msan_chain_origin+0x50/0x90 [ 802.699204][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 802.704313][T16718] get_compat_msghdr+0x108/0x2b0 [ 802.709241][T16718] do_recvmmsg+0xdbb/0x22b0 [ 802.713739][T16718] __sys_recvmmsg+0x5dd/0x610 [ 802.718407][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 802.724519][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 802.730659][T16718] __do_fast_syscall_32+0x129/0x180 [ 802.735846][T16718] do_fast_syscall_32+0x6a/0xc0 [ 802.740685][T16718] do_SYSENTER_32+0x73/0x90 [ 802.745171][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 802.752174][T16718] [ 802.754481][T16718] Uninit was stored to memory at: [ 802.759506][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 802.765218][T16718] __msan_chain_origin+0x50/0x90 [ 802.770155][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 802.775411][T16718] get_compat_msghdr+0x108/0x2b0 [ 802.780378][T16718] do_recvmmsg+0xdbb/0x22b0 [ 802.785854][T16718] __sys_recvmmsg+0x5dd/0x610 [ 802.790549][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 802.796624][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 802.802778][T16718] __do_fast_syscall_32+0x129/0x180 [ 802.807968][T16718] do_fast_syscall_32+0x6a/0xc0 [ 802.812897][T16718] do_SYSENTER_32+0x73/0x90 [ 802.817405][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 802.823703][T16718] [ 802.826010][T16718] Uninit was stored to memory at: [ 802.831034][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 802.836741][T16718] __msan_chain_origin+0x50/0x90 [ 802.841682][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 802.846793][T16718] get_compat_msghdr+0x108/0x2b0 [ 802.851714][T16718] do_recvmmsg+0xdbb/0x22b0 [ 802.856199][T16718] __sys_recvmmsg+0x5dd/0x610 [ 802.860867][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 802.866930][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 802.874300][T16718] __do_fast_syscall_32+0x129/0x180 [ 802.879496][T16718] do_fast_syscall_32+0x6a/0xc0 [ 802.884333][T16718] do_SYSENTER_32+0x73/0x90 [ 802.888825][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 802.895122][T16718] [ 802.897437][T16718] Uninit was stored to memory at: [ 802.902452][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 802.908173][T16718] __msan_chain_origin+0x50/0x90 [ 802.913093][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 802.918186][T16718] get_compat_msghdr+0x108/0x2b0 [ 802.923127][T16718] do_recvmmsg+0xdbb/0x22b0 [ 802.927629][T16718] __sys_recvmmsg+0x5dd/0x610 [ 802.932303][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 802.938877][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 802.945015][T16718] __do_fast_syscall_32+0x129/0x180 [ 802.950200][T16718] do_fast_syscall_32+0x6a/0xc0 [ 802.955034][T16718] do_SYSENTER_32+0x73/0x90 [ 802.959529][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 802.965837][T16718] [ 802.968144][T16718] Uninit was stored to memory at: [ 802.973173][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 802.978877][T16718] __msan_chain_origin+0x50/0x90 [ 802.983811][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 802.988904][T16718] get_compat_msghdr+0x108/0x2b0 [ 802.993831][T16718] do_recvmmsg+0xdbb/0x22b0 [ 802.998343][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.003035][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.009085][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.015246][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.020449][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.025321][T16718] do_SYSENTER_32+0x73/0x90 [ 803.029811][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.036111][T16718] [ 803.039392][T16718] Uninit was stored to memory at: [ 803.044440][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 803.050156][T16718] __msan_chain_origin+0x50/0x90 [ 803.055074][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 803.060169][T16718] get_compat_msghdr+0x108/0x2b0 [ 803.065097][T16718] do_recvmmsg+0xdbb/0x22b0 [ 803.069591][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.074269][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.080435][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.086577][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.091847][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.096691][T16718] do_SYSENTER_32+0x73/0x90 [ 803.101481][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.107797][T16718] [ 803.110110][T16718] Uninit was stored to memory at: [ 803.115119][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 803.120846][T16718] __msan_chain_origin+0x50/0x90 [ 803.125768][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 803.130857][T16718] get_compat_msghdr+0x108/0x2b0 [ 803.135888][T16718] do_recvmmsg+0xdbb/0x22b0 [ 803.140550][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.145218][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.151276][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.157419][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.162620][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.167490][T16718] do_SYSENTER_32+0x73/0x90 [ 803.171995][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.178303][T16718] [ 803.180624][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 803.187295][T16718] do_recvmmsg+0xbf/0x22b0 [ 803.191700][T16718] do_recvmmsg+0xbf/0x22b0 [ 803.398851][T16718] not chained 290000 origins [ 803.403504][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 803.412180][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 803.422241][T16718] Call Trace: [ 803.425554][T16718] dump_stack+0x21c/0x280 [ 803.429909][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 803.435664][T16718] ? kmsan_get_metadata+0x116/0x180 [ 803.440878][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 803.446444][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 803.452525][T16718] ? _copy_from_user+0x201/0x310 [ 803.457481][T16718] ? kmsan_get_metadata+0x116/0x180 [ 803.462691][T16718] __msan_chain_origin+0x50/0x90 [ 803.467646][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 803.472789][T16718] get_compat_msghdr+0x108/0x2b0 [ 803.477746][T16718] do_recvmmsg+0xdbb/0x22b0 [ 803.482295][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 803.488142][T16718] ? kmsan_get_metadata+0x116/0x180 [ 803.493381][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 803.499144][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 803.504446][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 803.509217][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 803.513996][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.518694][T16718] ? kmsan_get_metadata+0x116/0x180 [ 803.523935][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.530032][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.536225][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.541473][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.546342][T16718] do_SYSENTER_32+0x73/0x90 [ 803.550874][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.557210][T16718] RIP: 0023:0xf7f82549 [ 803.561297][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 803.581718][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 803.590167][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 803.598147][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 803.606299][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 803.614280][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 803.622258][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 803.630251][T16718] Uninit was stored to memory at: [ 803.635294][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 803.641022][T16718] __msan_chain_origin+0x50/0x90 [ 803.645997][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 803.651124][T16718] get_compat_msghdr+0x108/0x2b0 [ 803.656157][T16718] do_recvmmsg+0xdbb/0x22b0 [ 803.660671][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.665363][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.671442][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.677606][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.682820][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.687679][T16718] do_SYSENTER_32+0x73/0x90 [ 803.692199][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.698541][T16718] [ 803.700870][T16718] Uninit was stored to memory at: [ 803.705909][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 803.711643][T16718] __msan_chain_origin+0x50/0x90 [ 803.716595][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 803.721722][T16718] get_compat_msghdr+0x108/0x2b0 [ 803.726770][T16718] do_recvmmsg+0xdbb/0x22b0 [ 803.731285][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.735988][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.742069][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.748241][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.753452][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.758311][T16718] do_SYSENTER_32+0x73/0x90 [ 803.763516][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.769920][T16718] [ 803.772251][T16718] Uninit was stored to memory at: [ 803.777285][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 803.783014][T16718] __msan_chain_origin+0x50/0x90 [ 803.787980][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 803.793097][T16718] get_compat_msghdr+0x108/0x2b0 [ 803.798039][T16718] do_recvmmsg+0xdbb/0x22b0 [ 803.802541][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.807241][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.813352][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.819515][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.824721][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.829583][T16718] do_SYSENTER_32+0x73/0x90 [ 803.834103][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.840424][T16718] [ 803.842747][T16718] Uninit was stored to memory at: [ 803.847871][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 803.853695][T16718] __msan_chain_origin+0x50/0x90 [ 803.858902][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 803.864127][T16718] get_compat_msghdr+0x108/0x2b0 [ 803.869074][T16718] do_recvmmsg+0xdbb/0x22b0 [ 803.873611][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.878312][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.884387][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.890552][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.895761][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.900617][T16718] do_SYSENTER_32+0x73/0x90 [ 803.905128][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.911447][T16718] [ 803.913772][T16718] Uninit was stored to memory at: [ 803.918808][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 803.924533][T16718] __msan_chain_origin+0x50/0x90 [ 803.929475][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 803.934597][T16718] get_compat_msghdr+0x108/0x2b0 [ 803.939540][T16718] do_recvmmsg+0xdbb/0x22b0 [ 803.944047][T16718] __sys_recvmmsg+0x5dd/0x610 [ 803.948733][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 803.954810][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 803.960976][T16718] __do_fast_syscall_32+0x129/0x180 [ 803.966271][T16718] do_fast_syscall_32+0x6a/0xc0 [ 803.971216][T16718] do_SYSENTER_32+0x73/0x90 [ 803.975727][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 803.982042][T16718] [ 803.984366][T16718] Uninit was stored to memory at: [ 803.989407][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 803.995132][T16718] __msan_chain_origin+0x50/0x90 [ 804.000077][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.005194][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.010134][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.014639][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.019321][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 804.025398][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 804.031732][T16718] __do_fast_syscall_32+0x129/0x180 [ 804.036946][T16718] do_fast_syscall_32+0x6a/0xc0 [ 804.041803][T16718] do_SYSENTER_32+0x73/0x90 [ 804.046324][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 804.052642][T16718] [ 804.054969][T16718] Uninit was stored to memory at: [ 804.060114][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 804.065845][T16718] __msan_chain_origin+0x50/0x90 [ 804.070798][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.076097][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.081995][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.086589][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.091675][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 804.097752][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 804.103920][T16718] __do_fast_syscall_32+0x129/0x180 [ 804.109129][T16718] do_fast_syscall_32+0x6a/0xc0 [ 804.113988][T16718] do_SYSENTER_32+0x73/0x90 [ 804.118498][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 804.124947][T16718] [ 804.127273][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 804.133963][T16718] do_recvmmsg+0xbf/0x22b0 [ 804.138391][T16718] do_recvmmsg+0xbf/0x22b0 [ 804.374325][T16718] not chained 300000 origins [ 804.378970][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 804.387728][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 804.397784][T16718] Call Trace: [ 804.401091][T16718] dump_stack+0x21c/0x280 [ 804.405442][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 804.411455][T16718] ? kmsan_get_metadata+0x116/0x180 [ 804.416672][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 804.422238][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 804.428318][T16718] ? _copy_from_user+0x201/0x310 [ 804.433269][T16718] ? kmsan_get_metadata+0x116/0x180 [ 804.438481][T16718] __msan_chain_origin+0x50/0x90 [ 804.443437][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.448579][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.453537][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.458063][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 804.463904][T16718] ? kmsan_get_metadata+0x116/0x180 [ 804.469119][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 804.474765][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 804.480280][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 804.485047][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 804.489826][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.494521][T16718] ? kmsan_get_metadata+0x116/0x180 [ 804.499733][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 804.505816][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 804.511983][T16718] __do_fast_syscall_32+0x129/0x180 [ 804.517199][T16718] do_fast_syscall_32+0x6a/0xc0 [ 804.522064][T16718] do_SYSENTER_32+0x73/0x90 [ 804.526674][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 804.533027][T16718] RIP: 0023:0xf7f82549 [ 804.537171][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 804.556992][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 804.565421][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 804.573415][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 804.581397][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 804.589372][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 804.597347][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 804.606279][T16718] Uninit was stored to memory at: [ 804.611465][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 804.617203][T16718] __msan_chain_origin+0x50/0x90 [ 804.622150][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.627269][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.632213][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.636985][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.641751][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 804.647861][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 804.654017][T16718] __do_fast_syscall_32+0x129/0x180 [ 804.659753][T16718] do_fast_syscall_32+0x6a/0xc0 [ 804.664614][T16718] do_SYSENTER_32+0x73/0x90 [ 804.669135][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 804.675454][T16718] [ 804.677865][T16718] Uninit was stored to memory at: [ 804.682897][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 804.688647][T16718] __msan_chain_origin+0x50/0x90 [ 804.693588][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.698715][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.703826][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.708330][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.713026][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 804.719146][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 804.725303][T16718] __do_fast_syscall_32+0x129/0x180 [ 804.731551][T16718] do_fast_syscall_32+0x6a/0xc0 [ 804.736410][T16718] do_SYSENTER_32+0x73/0x90 [ 804.740913][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 804.747255][T16718] [ 804.749558][T16718] Uninit was stored to memory at: [ 804.754572][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 804.760274][T16718] __msan_chain_origin+0x50/0x90 [ 804.765194][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.773236][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.778164][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.782655][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.787310][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 804.793368][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 804.799543][T16718] __do_fast_syscall_32+0x129/0x180 [ 804.804719][T16718] do_fast_syscall_32+0x6a/0xc0 [ 804.809550][T16718] do_SYSENTER_32+0x73/0x90 [ 804.814067][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 804.820384][T16718] [ 804.822689][T16718] Uninit was stored to memory at: [ 804.827698][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 804.833407][T16718] __msan_chain_origin+0x50/0x90 [ 804.838356][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.843441][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.848365][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.852847][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.857499][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 804.863542][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 804.869673][T16718] __do_fast_syscall_32+0x129/0x180 [ 804.874849][T16718] do_fast_syscall_32+0x6a/0xc0 [ 804.879675][T16718] do_SYSENTER_32+0x73/0x90 [ 804.884168][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 804.890486][T16718] [ 804.892787][T16718] Uninit was stored to memory at: [ 804.897800][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 804.903506][T16718] __msan_chain_origin+0x50/0x90 [ 804.908420][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.913507][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.918435][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.923072][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.927914][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 804.934015][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 804.940250][T16718] __do_fast_syscall_32+0x129/0x180 [ 804.945482][T16718] do_fast_syscall_32+0x6a/0xc0 [ 804.950314][T16718] do_SYSENTER_32+0x73/0x90 [ 804.954807][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 804.961129][T16718] [ 804.963440][T16718] Uninit was stored to memory at: [ 804.968465][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 804.974165][T16718] __msan_chain_origin+0x50/0x90 [ 804.979161][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 804.984298][T16718] get_compat_msghdr+0x108/0x2b0 [ 804.989218][T16718] do_recvmmsg+0xdbb/0x22b0 [ 804.993711][T16718] __sys_recvmmsg+0x5dd/0x610 [ 804.998384][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 805.004432][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 805.010588][T16718] __do_fast_syscall_32+0x129/0x180 [ 805.015768][T16718] do_fast_syscall_32+0x6a/0xc0 [ 805.020615][T16718] do_SYSENTER_32+0x73/0x90 [ 805.025118][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 805.031423][T16718] [ 805.033739][T16718] Uninit was stored to memory at: [ 805.038861][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 805.044557][T16718] __msan_chain_origin+0x50/0x90 [ 805.049472][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 805.054575][T16718] get_compat_msghdr+0x108/0x2b0 [ 805.059506][T16718] do_recvmmsg+0xdbb/0x22b0 [ 805.063984][T16718] __sys_recvmmsg+0x5dd/0x610 [ 805.068641][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 805.074698][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 805.080852][T16718] __do_fast_syscall_32+0x129/0x180 [ 805.086030][T16718] do_fast_syscall_32+0x6a/0xc0 [ 805.090872][T16718] do_SYSENTER_32+0x73/0x90 [ 805.095367][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 805.101666][T16718] [ 805.103970][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 805.110646][T16718] do_recvmmsg+0xbf/0x22b0 [ 805.115048][T16718] do_recvmmsg+0xbf/0x22b0 [ 805.400250][T16718] not chained 310000 origins [ 805.405136][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 805.413896][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 805.423960][T16718] Call Trace: [ 805.427266][T16718] dump_stack+0x21c/0x280 [ 805.431658][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 805.437419][T16718] ? kmsan_get_metadata+0x116/0x180 [ 805.442665][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 805.448227][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 805.454304][T16718] ? _copy_from_user+0x201/0x310 [ 805.459354][T16718] ? kmsan_get_metadata+0x116/0x180 [ 805.464596][T16718] __msan_chain_origin+0x50/0x90 [ 805.469550][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 805.474690][T16718] get_compat_msghdr+0x108/0x2b0 [ 805.479648][T16718] do_recvmmsg+0xdbb/0x22b0 [ 805.484189][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 805.490027][T16718] ? kmsan_get_metadata+0x116/0x180 [ 805.495234][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 805.500881][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 805.506179][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 805.510952][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 805.515899][T16718] __sys_recvmmsg+0x5dd/0x610 [ 805.520629][T16718] ? kmsan_get_metadata+0x116/0x180 [ 805.526031][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 805.532158][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 805.538332][T16718] __do_fast_syscall_32+0x129/0x180 [ 805.543686][T16718] do_fast_syscall_32+0x6a/0xc0 [ 805.548662][T16718] do_SYSENTER_32+0x73/0x90 [ 805.553390][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 805.559930][T16718] RIP: 0023:0xf7f82549 [ 805.563997][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 805.583956][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 805.592359][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 805.600321][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 805.608292][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 805.616375][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 805.624353][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 805.632337][T16718] Uninit was stored to memory at: [ 805.637382][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 805.643360][T16718] __msan_chain_origin+0x50/0x90 [ 805.648304][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 805.653405][T16718] get_compat_msghdr+0x108/0x2b0 [ 805.658365][T16718] do_recvmmsg+0xdbb/0x22b0 [ 805.662879][T16718] __sys_recvmmsg+0x5dd/0x610 [ 805.667548][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 805.673663][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 805.679815][T16718] __do_fast_syscall_32+0x129/0x180 [ 805.685127][T16718] do_fast_syscall_32+0x6a/0xc0 [ 805.689979][T16718] do_SYSENTER_32+0x73/0x90 [ 805.694474][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 805.700789][T16718] [ 805.703096][T16718] Uninit was stored to memory at: [ 805.708114][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 805.713819][T16718] __msan_chain_origin+0x50/0x90 [ 805.718740][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 805.723849][T16718] get_compat_msghdr+0x108/0x2b0 [ 805.728773][T16718] do_recvmmsg+0xdbb/0x22b0 [ 805.733501][T16718] __sys_recvmmsg+0x5dd/0x610 [ 805.738207][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 805.744283][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 805.750710][T16718] __do_fast_syscall_32+0x129/0x180 [ 805.756014][T16718] do_fast_syscall_32+0x6a/0xc0 [ 805.760938][T16718] do_SYSENTER_32+0x73/0x90 [ 805.765705][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 805.772022][T16718] [ 805.774329][T16718] Uninit was stored to memory at: [ 805.779362][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 805.785151][T16718] __msan_chain_origin+0x50/0x90 [ 805.790162][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 805.795257][T16718] get_compat_msghdr+0x108/0x2b0 [ 805.800197][T16718] do_recvmmsg+0xdbb/0x22b0 [ 805.804702][T16718] __sys_recvmmsg+0x5dd/0x610 [ 805.809490][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 805.815564][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 805.821704][T16718] __do_fast_syscall_32+0x129/0x180 [ 805.826894][T16718] do_fast_syscall_32+0x6a/0xc0 [ 805.831880][T16718] do_SYSENTER_32+0x73/0x90 [ 805.836412][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 805.842725][T16718] [ 805.845082][T16718] Uninit was stored to memory at: [ 805.851026][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 805.856831][T16718] __msan_chain_origin+0x50/0x90 [ 805.861755][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 805.867996][T16718] get_compat_msghdr+0x108/0x2b0 [ 805.872940][T16718] do_recvmmsg+0xdbb/0x22b0 [ 805.877432][T16718] __sys_recvmmsg+0x5dd/0x610 [ 805.882106][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 805.888183][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 805.894364][T16718] __do_fast_syscall_32+0x129/0x180 [ 805.899562][T16718] do_fast_syscall_32+0x6a/0xc0 [ 805.904427][T16718] do_SYSENTER_32+0x73/0x90 [ 805.908933][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 805.915246][T16718] [ 805.917563][T16718] Uninit was stored to memory at: [ 805.922578][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 805.928284][T16718] __msan_chain_origin+0x50/0x90 [ 805.933217][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 805.938322][T16718] get_compat_msghdr+0x108/0x2b0 [ 805.943345][T16718] do_recvmmsg+0xdbb/0x22b0 [ 805.947868][T16718] __sys_recvmmsg+0x5dd/0x610 [ 805.952552][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 805.958604][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 805.964851][T16718] __do_fast_syscall_32+0x129/0x180 [ 805.970035][T16718] do_fast_syscall_32+0x6a/0xc0 [ 805.974873][T16718] do_SYSENTER_32+0x73/0x90 [ 805.979360][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 805.985745][T16718] [ 805.988052][T16718] Uninit was stored to memory at: [ 805.993183][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 805.998997][T16718] __msan_chain_origin+0x50/0x90 [ 806.003937][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 806.009031][T16718] get_compat_msghdr+0x108/0x2b0 [ 806.013961][T16718] do_recvmmsg+0xdbb/0x22b0 [ 806.018470][T16718] __sys_recvmmsg+0x5dd/0x610 [ 806.023148][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 806.029308][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 806.035474][T16718] __do_fast_syscall_32+0x129/0x180 [ 806.040673][T16718] do_fast_syscall_32+0x6a/0xc0 [ 806.045535][T16718] do_SYSENTER_32+0x73/0x90 [ 806.050102][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 806.056524][T16718] [ 806.059008][T16718] Uninit was stored to memory at: [ 806.064030][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 806.069735][T16718] __msan_chain_origin+0x50/0x90 [ 806.074678][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 806.079802][T16718] get_compat_msghdr+0x108/0x2b0 [ 806.084734][T16718] do_recvmmsg+0xdbb/0x22b0 [ 806.089232][T16718] __sys_recvmmsg+0x5dd/0x610 [ 806.093893][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 806.099956][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 806.106103][T16718] __do_fast_syscall_32+0x129/0x180 [ 806.111294][T16718] do_fast_syscall_32+0x6a/0xc0 [ 806.116173][T16718] do_SYSENTER_32+0x73/0x90 [ 806.120684][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 806.126984][T16718] [ 806.129294][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 806.135951][T16718] do_recvmmsg+0xbf/0x22b0 [ 806.140372][T16718] do_recvmmsg+0xbf/0x22b0 [ 806.559640][T16718] not chained 320000 origins [ 806.564288][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 806.573048][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 806.583110][T16718] Call Trace: [ 806.586441][T16718] dump_stack+0x21c/0x280 [ 806.590797][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 806.596555][T16718] ? kmsan_get_metadata+0x116/0x180 [ 806.601811][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 806.607458][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 806.613547][T16718] ? _copy_from_user+0x201/0x310 [ 806.618509][T16718] ? kmsan_get_metadata+0x116/0x180 [ 806.623722][T16718] __msan_chain_origin+0x50/0x90 [ 806.628680][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 806.633819][T16718] get_compat_msghdr+0x108/0x2b0 [ 806.638772][T16718] do_recvmmsg+0xdbb/0x22b0 [ 806.643290][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 806.649128][T16718] ? kmsan_get_metadata+0x116/0x180 [ 806.654340][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 806.660017][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 806.665332][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 806.670121][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 806.675014][T16718] __sys_recvmmsg+0x5dd/0x610 [ 806.679750][T16718] ? kmsan_get_metadata+0x116/0x180 [ 806.685232][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 806.691320][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 806.697490][T16718] __do_fast_syscall_32+0x129/0x180 [ 806.702808][T16718] do_fast_syscall_32+0x6a/0xc0 [ 806.707676][T16718] do_SYSENTER_32+0x73/0x90 [ 806.712196][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 806.718522][T16718] RIP: 0023:0xf7f82549 [ 806.722604][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 806.742305][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 806.750731][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 806.758714][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 806.766694][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 806.774694][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 806.782674][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 806.790749][T16718] Uninit was stored to memory at: [ 806.795876][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 806.801719][T16718] __msan_chain_origin+0x50/0x90 [ 806.806689][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 806.811851][T16718] get_compat_msghdr+0x108/0x2b0 [ 806.818235][T16718] do_recvmmsg+0xdbb/0x22b0 [ 806.822741][T16718] __sys_recvmmsg+0x5dd/0x610 [ 806.827513][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 806.833576][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 806.839922][T16718] __do_fast_syscall_32+0x129/0x180 [ 806.845135][T16718] do_fast_syscall_32+0x6a/0xc0 [ 806.850010][T16718] do_SYSENTER_32+0x73/0x90 [ 806.854499][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 806.860913][T16718] [ 806.863242][T16718] Uninit was stored to memory at: [ 806.868271][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 806.873975][T16718] __msan_chain_origin+0x50/0x90 [ 806.878915][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 806.884005][T16718] get_compat_msghdr+0x108/0x2b0 [ 806.888923][T16718] do_recvmmsg+0xdbb/0x22b0 [ 806.893429][T16718] __sys_recvmmsg+0x5dd/0x610 [ 806.898304][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 806.904368][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 806.910507][T16718] __do_fast_syscall_32+0x129/0x180 [ 806.915708][T16718] do_fast_syscall_32+0x6a/0xc0 [ 806.920552][T16718] do_SYSENTER_32+0x73/0x90 [ 806.925059][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 806.931369][T16718] [ 806.933838][T16718] Uninit was stored to memory at: [ 806.939094][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 806.944803][T16718] __msan_chain_origin+0x50/0x90 [ 806.949889][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 806.955005][T16718] get_compat_msghdr+0x108/0x2b0 [ 806.959949][T16718] do_recvmmsg+0xdbb/0x22b0 [ 806.964454][T16718] __sys_recvmmsg+0x5dd/0x610 [ 806.969133][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 806.975195][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 806.981333][T16718] __do_fast_syscall_32+0x129/0x180 [ 806.986526][T16718] do_fast_syscall_32+0x6a/0xc0 [ 806.991529][T16718] do_SYSENTER_32+0x73/0x90 [ 806.996040][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 807.002376][T16718] [ 807.004721][T16718] Uninit was stored to memory at: [ 807.009754][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 807.015484][T16718] __msan_chain_origin+0x50/0x90 [ 807.020405][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 807.025504][T16718] get_compat_msghdr+0x108/0x2b0 [ 807.030420][T16718] do_recvmmsg+0xdbb/0x22b0 [ 807.034897][T16718] __sys_recvmmsg+0x5dd/0x610 [ 807.039554][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 807.045595][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 807.051731][T16718] __do_fast_syscall_32+0x129/0x180 [ 807.056908][T16718] do_fast_syscall_32+0x6a/0xc0 [ 807.061737][T16718] do_SYSENTER_32+0x73/0x90 [ 807.066249][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 807.073008][T16718] [ 807.075312][T16718] Uninit was stored to memory at: [ 807.080318][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 807.086014][T16718] __msan_chain_origin+0x50/0x90 [ 807.090934][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 807.096094][T16718] get_compat_msghdr+0x108/0x2b0 [ 807.101024][T16718] do_recvmmsg+0xdbb/0x22b0 [ 807.105505][T16718] __sys_recvmmsg+0x5dd/0x610 [ 807.110186][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 807.116252][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 807.122404][T16718] __do_fast_syscall_32+0x129/0x180 [ 807.127728][T16718] do_fast_syscall_32+0x6a/0xc0 [ 807.132576][T16718] do_SYSENTER_32+0x73/0x90 [ 807.137104][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 807.143409][T16718] [ 807.145723][T16718] Uninit was stored to memory at: [ 807.150801][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 807.156497][T16718] __msan_chain_origin+0x50/0x90 [ 807.161414][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 807.166507][T16718] get_compat_msghdr+0x108/0x2b0 [ 807.171459][T16718] do_recvmmsg+0xdbb/0x22b0 [ 807.175972][T16718] __sys_recvmmsg+0x5dd/0x610 [ 807.180687][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 807.186746][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 807.192896][T16718] __do_fast_syscall_32+0x129/0x180 [ 807.198080][T16718] do_fast_syscall_32+0x6a/0xc0 [ 807.202921][T16718] do_SYSENTER_32+0x73/0x90 [ 807.207414][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 807.213710][T16718] [ 807.216014][T16718] Uninit was stored to memory at: [ 807.221017][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 807.226717][T16718] __msan_chain_origin+0x50/0x90 [ 807.231638][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 807.236739][T16718] get_compat_msghdr+0x108/0x2b0 [ 807.241651][T16718] do_recvmmsg+0xdbb/0x22b0 [ 807.246129][T16718] __sys_recvmmsg+0x5dd/0x610 [ 807.250798][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 807.256868][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 807.263009][T16718] __do_fast_syscall_32+0x129/0x180 [ 807.268202][T16718] do_fast_syscall_32+0x6a/0xc0 [ 807.273053][T16718] do_SYSENTER_32+0x73/0x90 [ 807.277556][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 807.283862][T16718] [ 807.286169][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 807.292821][T16718] do_recvmmsg+0xbf/0x22b0 [ 807.297245][T16718] do_recvmmsg+0xbf/0x22b0 [ 807.724966][T16718] not chained 330000 origins [ 807.729616][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 807.738320][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 807.748989][T16718] Call Trace: [ 807.752292][T16718] dump_stack+0x21c/0x280 [ 807.756647][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 807.762402][T16718] ? kmsan_get_metadata+0x116/0x180 [ 807.767613][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 807.773171][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 807.779253][T16718] ? _copy_from_user+0x201/0x310 [ 807.784197][T16718] ? kmsan_get_metadata+0x116/0x180 [ 807.789405][T16718] __msan_chain_origin+0x50/0x90 [ 807.794441][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 807.799584][T16718] get_compat_msghdr+0x108/0x2b0 [ 807.804544][T16718] do_recvmmsg+0xdbb/0x22b0 [ 807.809075][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 807.814916][T16718] ? kmsan_get_metadata+0x116/0x180 [ 807.820127][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 807.825776][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 807.831082][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 807.835951][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 807.840733][T16718] __sys_recvmmsg+0x5dd/0x610 [ 807.845442][T16718] ? kmsan_get_metadata+0x116/0x180 [ 807.850833][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 807.856922][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 807.863112][T16718] __do_fast_syscall_32+0x129/0x180 [ 807.868614][T16718] do_fast_syscall_32+0x6a/0xc0 [ 807.873478][T16718] do_SYSENTER_32+0x73/0x90 [ 807.877997][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 807.884428][T16718] RIP: 0023:0xf7f82549 [ 807.888506][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 807.908121][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 807.916541][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 807.924525][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 807.932505][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 807.940662][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 807.948641][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 807.956626][T16718] Uninit was stored to memory at: [ 807.961666][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 807.968176][T16718] __msan_chain_origin+0x50/0x90 [ 807.973123][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 807.978241][T16718] get_compat_msghdr+0x108/0x2b0 [ 807.983189][T16718] do_recvmmsg+0xdbb/0x22b0 [ 807.987693][T16718] __sys_recvmmsg+0x5dd/0x610 [ 807.992379][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 807.998459][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 808.004628][T16718] __do_fast_syscall_32+0x129/0x180 [ 808.009845][T16718] do_fast_syscall_32+0x6a/0xc0 [ 808.014722][T16718] do_SYSENTER_32+0x73/0x90 [ 808.019236][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 808.025584][T16718] [ 808.028023][T16718] Uninit was stored to memory at: [ 808.033083][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 808.038810][T16718] __msan_chain_origin+0x50/0x90 [ 808.043757][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 808.048877][T16718] get_compat_msghdr+0x108/0x2b0 [ 808.053843][T16718] do_recvmmsg+0xdbb/0x22b0 [ 808.058354][T16718] __sys_recvmmsg+0x5dd/0x610 [ 808.063040][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 808.069118][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 808.075289][T16718] __do_fast_syscall_32+0x129/0x180 [ 808.080505][T16718] do_fast_syscall_32+0x6a/0xc0 [ 808.085364][T16718] do_SYSENTER_32+0x73/0x90 [ 808.089876][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 808.096195][T16718] [ 808.098520][T16718] Uninit was stored to memory at: [ 808.103558][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 808.109296][T16718] __msan_chain_origin+0x50/0x90 [ 808.114244][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 808.119365][T16718] get_compat_msghdr+0x108/0x2b0 [ 808.124312][T16718] do_recvmmsg+0xdbb/0x22b0 [ 808.128820][T16718] __sys_recvmmsg+0x5dd/0x610 [ 808.133513][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 808.139592][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 808.145760][T16718] __do_fast_syscall_32+0x129/0x180 [ 808.150977][T16718] do_fast_syscall_32+0x6a/0xc0 [ 808.155846][T16718] do_SYSENTER_32+0x73/0x90 [ 808.160610][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 808.166945][T16718] [ 808.169611][T16718] Uninit was stored to memory at: [ 808.174624][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 808.180472][T16718] __msan_chain_origin+0x50/0x90 [ 808.185418][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 808.190513][T16718] get_compat_msghdr+0x108/0x2b0 [ 808.195442][T16718] do_recvmmsg+0xdbb/0x22b0 [ 808.199937][T16718] __sys_recvmmsg+0x5dd/0x610 [ 808.204710][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 808.210761][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 808.216899][T16718] __do_fast_syscall_32+0x129/0x180 [ 808.222084][T16718] do_fast_syscall_32+0x6a/0xc0 [ 808.226918][T16718] do_SYSENTER_32+0x73/0x90 [ 808.231434][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 808.237758][T16718] [ 808.240075][T16718] Uninit was stored to memory at: [ 808.245087][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 808.250809][T16718] __msan_chain_origin+0x50/0x90 [ 808.255733][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 808.260849][T16718] get_compat_msghdr+0x108/0x2b0 [ 808.265790][T16718] do_recvmmsg+0xdbb/0x22b0 [ 808.270461][T16718] __sys_recvmmsg+0x5dd/0x610 [ 808.275138][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 808.281203][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 808.287341][T16718] __do_fast_syscall_32+0x129/0x180 [ 808.292527][T16718] do_fast_syscall_32+0x6a/0xc0 [ 808.297373][T16718] do_SYSENTER_32+0x73/0x90 [ 808.301877][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 808.308176][T16718] [ 808.310492][T16718] Uninit was stored to memory at: [ 808.315527][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 808.321251][T16718] __msan_chain_origin+0x50/0x90 [ 808.326197][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 808.331292][T16718] get_compat_msghdr+0x108/0x2b0 [ 808.336216][T16718] do_recvmmsg+0xdbb/0x22b0 [ 808.340720][T16718] __sys_recvmmsg+0x5dd/0x610 [ 808.345379][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 808.351443][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 808.357603][T16718] __do_fast_syscall_32+0x129/0x180 [ 808.362794][T16718] do_fast_syscall_32+0x6a/0xc0 [ 808.367638][T16718] do_SYSENTER_32+0x73/0x90 [ 808.372152][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 808.378462][T16718] [ 808.380801][T16718] Uninit was stored to memory at: [ 808.385898][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 808.391608][T16718] __msan_chain_origin+0x50/0x90 [ 808.396550][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 808.401661][T16718] get_compat_msghdr+0x108/0x2b0 [ 808.406585][T16718] do_recvmmsg+0xdbb/0x22b0 [ 808.411086][T16718] __sys_recvmmsg+0x5dd/0x610 [ 808.415863][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 808.421917][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 808.428067][T16718] __do_fast_syscall_32+0x129/0x180 [ 808.433376][T16718] do_fast_syscall_32+0x6a/0xc0 [ 808.438222][T16718] do_SYSENTER_32+0x73/0x90 [ 808.442711][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 808.449010][T16718] [ 808.451319][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 808.457996][T16718] do_recvmmsg+0xbf/0x22b0 [ 808.462409][T16718] do_recvmmsg+0xbf/0x22b0 [ 808.874543][T16718] not chained 340000 origins [ 808.879275][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 808.887943][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 808.898005][T16718] Call Trace: [ 808.901311][T16718] dump_stack+0x21c/0x280 [ 808.905706][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 808.911463][T16718] ? kmsan_get_metadata+0x116/0x180 [ 808.916685][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 808.922252][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 808.928363][T16718] ? _copy_from_user+0x201/0x310 [ 808.933318][T16718] ? kmsan_get_metadata+0x116/0x180 [ 808.938532][T16718] __msan_chain_origin+0x50/0x90 [ 808.943582][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 808.948734][T16718] get_compat_msghdr+0x108/0x2b0 [ 808.953679][T16718] do_recvmmsg+0xdbb/0x22b0 [ 808.958179][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 808.964111][T16718] ? kmsan_get_metadata+0x116/0x180 [ 808.969334][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 808.975099][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 808.980390][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 808.985143][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 808.989893][T16718] __sys_recvmmsg+0x5dd/0x610 [ 808.994573][T16718] ? kmsan_get_metadata+0x116/0x180 [ 808.999924][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 809.005990][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 809.012150][T16718] __do_fast_syscall_32+0x129/0x180 [ 809.017350][T16718] do_fast_syscall_32+0x6a/0xc0 [ 809.022796][T16718] do_SYSENTER_32+0x73/0x90 [ 809.027462][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 809.033838][T16718] RIP: 0023:0xf7f82549 [ 809.037903][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 809.057666][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 809.066201][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 809.074260][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 809.082237][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 809.090197][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 809.098155][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 809.106118][T16718] Uninit was stored to memory at: [ 809.111300][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 809.117021][T16718] __msan_chain_origin+0x50/0x90 [ 809.121958][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 809.127051][T16718] get_compat_msghdr+0x108/0x2b0 [ 809.131969][T16718] do_recvmmsg+0xdbb/0x22b0 [ 809.136457][T16718] __sys_recvmmsg+0x5dd/0x610 [ 809.141132][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 809.147190][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 809.153363][T16718] __do_fast_syscall_32+0x129/0x180 [ 809.159052][T16718] do_fast_syscall_32+0x6a/0xc0 [ 809.163936][T16718] do_SYSENTER_32+0x73/0x90 [ 809.168529][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 809.174844][T16718] [ 809.177150][T16718] Uninit was stored to memory at: [ 809.182214][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 809.187918][T16718] __msan_chain_origin+0x50/0x90 [ 809.192988][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 809.198139][T16718] get_compat_msghdr+0x108/0x2b0 [ 809.203060][T16718] do_recvmmsg+0xdbb/0x22b0 [ 809.207544][T16718] __sys_recvmmsg+0x5dd/0x610 [ 809.212201][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 809.218358][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 809.224509][T16718] __do_fast_syscall_32+0x129/0x180 [ 809.229706][T16718] do_fast_syscall_32+0x6a/0xc0 [ 809.234552][T16718] do_SYSENTER_32+0x73/0x90 [ 809.239057][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 809.245357][T16718] [ 809.247673][T16718] Uninit was stored to memory at: [ 809.252699][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 809.258422][T16718] __msan_chain_origin+0x50/0x90 [ 809.263352][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 809.268445][T16718] get_compat_msghdr+0x108/0x2b0 [ 809.273363][T16718] do_recvmmsg+0xdbb/0x22b0 [ 809.277848][T16718] __sys_recvmmsg+0x5dd/0x610 [ 809.282504][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 809.288554][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 809.294712][T16718] __do_fast_syscall_32+0x129/0x180 [ 809.299900][T16718] do_fast_syscall_32+0x6a/0xc0 [ 809.304732][T16718] do_SYSENTER_32+0x73/0x90 [ 809.309306][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 809.315606][T16718] [ 809.317919][T16718] Uninit was stored to memory at: [ 809.322928][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 809.328630][T16718] __msan_chain_origin+0x50/0x90 [ 809.333551][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 809.338648][T16718] get_compat_msghdr+0x108/0x2b0 [ 809.343565][T16718] do_recvmmsg+0xdbb/0x22b0 [ 809.348054][T16718] __sys_recvmmsg+0x5dd/0x610 [ 809.352743][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 809.358815][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 809.364971][T16718] __do_fast_syscall_32+0x129/0x180 [ 809.370161][T16718] do_fast_syscall_32+0x6a/0xc0 [ 809.375007][T16718] do_SYSENTER_32+0x73/0x90 [ 809.379497][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 809.385801][T16718] [ 809.388129][T16718] Uninit was stored to memory at: [ 809.393152][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 809.398864][T16718] __msan_chain_origin+0x50/0x90 [ 809.403789][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 809.408932][T16718] get_compat_msghdr+0x108/0x2b0 [ 809.413859][T16718] do_recvmmsg+0xdbb/0x22b0 [ 809.418358][T16718] __sys_recvmmsg+0x5dd/0x610 [ 809.423030][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 809.429106][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 809.435244][T16718] __do_fast_syscall_32+0x129/0x180 [ 809.440437][T16718] do_fast_syscall_32+0x6a/0xc0 [ 809.445288][T16718] do_SYSENTER_32+0x73/0x90 [ 809.449777][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 809.456079][T16718] [ 809.458413][T16718] Uninit was stored to memory at: [ 809.463438][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 809.469172][T16718] __msan_chain_origin+0x50/0x90 [ 809.474110][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 809.479213][T16718] get_compat_msghdr+0x108/0x2b0 [ 809.484137][T16718] do_recvmmsg+0xdbb/0x22b0 [ 809.488638][T16718] __sys_recvmmsg+0x5dd/0x610 [ 809.493311][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 809.499368][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 809.506295][T16718] __do_fast_syscall_32+0x129/0x180 [ 809.511910][T16718] do_fast_syscall_32+0x6a/0xc0 [ 809.516802][T16718] do_SYSENTER_32+0x73/0x90 [ 809.521306][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 809.527615][T16718] [ 809.530049][T16718] Uninit was stored to memory at: [ 809.535063][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 809.540797][T16718] __msan_chain_origin+0x50/0x90 [ 809.545741][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 809.551250][T16718] get_compat_msghdr+0x108/0x2b0 [ 809.556177][T16718] do_recvmmsg+0xdbb/0x22b0 [ 809.560674][T16718] __sys_recvmmsg+0x5dd/0x610 [ 809.565333][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 809.571402][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 809.577576][T16718] __do_fast_syscall_32+0x129/0x180 [ 809.582778][T16718] do_fast_syscall_32+0x6a/0xc0 [ 809.587647][T16718] do_SYSENTER_32+0x73/0x90 [ 809.592144][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 809.598448][T16718] [ 809.600755][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 809.607435][T16718] do_recvmmsg+0xbf/0x22b0 [ 809.612088][T16718] do_recvmmsg+0xbf/0x22b0 [ 810.245856][T16718] not chained 350000 origins [ 810.250515][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 810.259188][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 810.269255][T16718] Call Trace: [ 810.272564][T16718] dump_stack+0x21c/0x280 [ 810.276945][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 810.282704][T16718] ? kmsan_get_metadata+0x116/0x180 [ 810.287917][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 810.293480][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 810.299563][T16718] ? _copy_from_user+0x201/0x310 [ 810.304512][T16718] ? kmsan_get_metadata+0x116/0x180 [ 810.309721][T16718] __msan_chain_origin+0x50/0x90 [ 810.314671][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 810.319807][T16718] get_compat_msghdr+0x108/0x2b0 [ 810.324761][T16718] do_recvmmsg+0xdbb/0x22b0 [ 810.329307][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 810.335147][T16718] ? kmsan_get_metadata+0x116/0x180 [ 810.340463][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 810.346112][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 810.351409][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 810.356200][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 810.360986][T16718] __sys_recvmmsg+0x5dd/0x610 [ 810.365679][T16718] ? kmsan_get_metadata+0x116/0x180 [ 810.370894][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 810.377005][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 810.383220][T16718] __do_fast_syscall_32+0x129/0x180 [ 810.388560][T16718] do_fast_syscall_32+0x6a/0xc0 [ 810.393410][T16718] do_SYSENTER_32+0x73/0x90 [ 810.397959][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 810.404302][T16718] RIP: 0023:0xf7f82549 [ 810.408365][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 810.428354][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 810.436789][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 810.444764][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 810.452740][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 810.460807][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 810.468775][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 810.476939][T16718] Uninit was stored to memory at: [ 810.482083][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 810.487797][T16718] __msan_chain_origin+0x50/0x90 [ 810.492727][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 810.497830][T16718] get_compat_msghdr+0x108/0x2b0 [ 810.502778][T16718] do_recvmmsg+0xdbb/0x22b0 [ 810.507259][T16718] __sys_recvmmsg+0x5dd/0x610 [ 810.511936][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 810.518031][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 810.524191][T16718] __do_fast_syscall_32+0x129/0x180 [ 810.529406][T16718] do_fast_syscall_32+0x6a/0xc0 [ 810.534236][T16718] do_SYSENTER_32+0x73/0x90 [ 810.538734][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 810.545142][T16718] [ 810.547465][T16718] Uninit was stored to memory at: [ 810.552586][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 810.558307][T16718] __msan_chain_origin+0x50/0x90 [ 810.563439][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 810.568564][T16718] get_compat_msghdr+0x108/0x2b0 [ 810.573519][T16718] do_recvmmsg+0xdbb/0x22b0 [ 810.578027][T16718] __sys_recvmmsg+0x5dd/0x610 [ 810.582771][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 810.588937][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 810.595091][T16718] __do_fast_syscall_32+0x129/0x180 [ 810.600273][T16718] do_fast_syscall_32+0x6a/0xc0 [ 810.605126][T16718] do_SYSENTER_32+0x73/0x90 [ 810.609616][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 810.615935][T16718] [ 810.618246][T16718] Uninit was stored to memory at: [ 810.623270][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 810.628985][T16718] __msan_chain_origin+0x50/0x90 [ 810.633927][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 810.639046][T16718] get_compat_msghdr+0x108/0x2b0 [ 810.643978][T16718] do_recvmmsg+0xdbb/0x22b0 [ 810.648491][T16718] __sys_recvmmsg+0x5dd/0x610 [ 810.653177][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 810.659279][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 810.665444][T16718] __do_fast_syscall_32+0x129/0x180 [ 810.670629][T16718] do_fast_syscall_32+0x6a/0xc0 [ 810.675477][T16718] do_SYSENTER_32+0x73/0x90 [ 810.679967][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 810.686279][T16718] [ 810.688619][T16718] Uninit was stored to memory at: [ 810.693642][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 810.699646][T16718] __msan_chain_origin+0x50/0x90 [ 810.704694][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 810.709808][T16718] get_compat_msghdr+0x108/0x2b0 [ 810.715117][T16718] do_recvmmsg+0xdbb/0x22b0 [ 810.719631][T16718] __sys_recvmmsg+0x5dd/0x610 [ 810.724307][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 810.730364][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 810.736700][T16718] __do_fast_syscall_32+0x129/0x180 [ 810.741897][T16718] do_fast_syscall_32+0x6a/0xc0 [ 810.746743][T16718] do_SYSENTER_32+0x73/0x90 [ 810.751249][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 810.757558][T16718] [ 810.759890][T16718] Uninit was stored to memory at: [ 810.764913][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 810.770638][T16718] __msan_chain_origin+0x50/0x90 [ 810.775923][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 810.781021][T16718] get_compat_msghdr+0x108/0x2b0 [ 810.785953][T16718] do_recvmmsg+0xdbb/0x22b0 [ 810.790492][T16718] __sys_recvmmsg+0x5dd/0x610 [ 810.795149][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 810.801199][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 810.807420][T16718] __do_fast_syscall_32+0x129/0x180 [ 810.812629][T16718] do_fast_syscall_32+0x6a/0xc0 [ 810.817477][T16718] do_SYSENTER_32+0x73/0x90 [ 810.821981][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 810.828283][T16718] [ 810.830616][T16718] Uninit was stored to memory at: [ 810.835634][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 810.841346][T16718] __msan_chain_origin+0x50/0x90 [ 810.846272][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 810.851425][T16718] get_compat_msghdr+0x108/0x2b0 [ 810.856371][T16718] do_recvmmsg+0xdbb/0x22b0 [ 810.860894][T16718] __sys_recvmmsg+0x5dd/0x610 [ 810.865594][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 810.871997][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 810.878168][T16718] __do_fast_syscall_32+0x129/0x180 [ 810.883488][T16718] do_fast_syscall_32+0x6a/0xc0 [ 810.888476][T16718] do_SYSENTER_32+0x73/0x90 [ 810.893074][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 810.899383][T16718] [ 810.901702][T16718] Uninit was stored to memory at: [ 810.906730][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 810.912473][T16718] __msan_chain_origin+0x50/0x90 [ 810.917494][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 810.922600][T16718] get_compat_msghdr+0x108/0x2b0 [ 810.927668][T16718] do_recvmmsg+0xdbb/0x22b0 [ 810.932169][T16718] __sys_recvmmsg+0x5dd/0x610 [ 810.936844][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 810.942915][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 810.949063][T16718] __do_fast_syscall_32+0x129/0x180 [ 810.954290][T16718] do_fast_syscall_32+0x6a/0xc0 [ 810.959157][T16718] do_SYSENTER_32+0x73/0x90 [ 810.963675][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 810.970081][T16718] [ 810.972392][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 810.979107][T16718] do_recvmmsg+0xbf/0x22b0 [ 810.983715][T16718] do_recvmmsg+0xbf/0x22b0 [ 811.539501][T16718] not chained 360000 origins [ 811.544133][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 811.552811][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 811.562872][T16718] Call Trace: [ 811.566182][T16718] dump_stack+0x21c/0x280 [ 811.570537][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 811.576304][T16718] ? kmsan_get_metadata+0x116/0x180 [ 811.581518][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 811.587092][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 811.593175][T16718] ? _copy_from_user+0x201/0x310 [ 811.598136][T16718] ? kmsan_get_metadata+0x116/0x180 [ 811.603353][T16718] __msan_chain_origin+0x50/0x90 [ 811.608349][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 811.613491][T16718] get_compat_msghdr+0x108/0x2b0 [ 811.618451][T16718] do_recvmmsg+0xdbb/0x22b0 [ 811.622974][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 811.628818][T16718] ? kmsan_get_metadata+0x116/0x180 [ 811.634036][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 811.639691][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 811.645024][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 811.649975][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 811.654749][T16718] __sys_recvmmsg+0x5dd/0x610 [ 811.659457][T16718] ? kmsan_get_metadata+0x116/0x180 [ 811.664671][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 811.670767][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 811.677052][T16718] __do_fast_syscall_32+0x129/0x180 [ 811.682279][T16718] do_fast_syscall_32+0x6a/0xc0 [ 811.687149][T16718] do_SYSENTER_32+0x73/0x90 [ 811.691677][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 811.698018][T16718] RIP: 0023:0xf7f82549 [ 811.702098][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 811.721950][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 811.730390][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 811.738382][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 811.746551][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 811.754934][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 811.762912][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 811.770869][T16718] Uninit was stored to memory at: [ 811.775919][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 811.781643][T16718] __msan_chain_origin+0x50/0x90 [ 811.786584][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 811.791672][T16718] get_compat_msghdr+0x108/0x2b0 [ 811.796586][T16718] do_recvmmsg+0xdbb/0x22b0 [ 811.801080][T16718] __sys_recvmmsg+0x5dd/0x610 [ 811.805736][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 811.811781][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 811.817916][T16718] __do_fast_syscall_32+0x129/0x180 [ 811.823107][T16718] do_fast_syscall_32+0x6a/0xc0 [ 811.828089][T16718] do_SYSENTER_32+0x73/0x90 [ 811.832698][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 811.839018][T16718] [ 811.841432][T16718] Uninit was stored to memory at: [ 811.846471][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 811.852298][T16718] __msan_chain_origin+0x50/0x90 [ 811.857220][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 811.862318][T16718] get_compat_msghdr+0x108/0x2b0 [ 811.867239][T16718] do_recvmmsg+0xdbb/0x22b0 [ 811.871740][T16718] __sys_recvmmsg+0x5dd/0x610 [ 811.876405][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 811.882503][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 811.888727][T16718] __do_fast_syscall_32+0x129/0x180 [ 811.893945][T16718] do_fast_syscall_32+0x6a/0xc0 [ 811.898794][T16718] do_SYSENTER_32+0x73/0x90 [ 811.903283][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 811.909608][T16718] [ 811.911919][T16718] Uninit was stored to memory at: [ 811.917045][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 811.922801][T16718] __msan_chain_origin+0x50/0x90 [ 811.927728][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 811.932959][T16718] get_compat_msghdr+0x108/0x2b0 [ 811.937901][T16718] do_recvmmsg+0xdbb/0x22b0 [ 811.942408][T16718] __sys_recvmmsg+0x5dd/0x610 [ 811.947266][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 811.953347][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 811.959496][T16718] __do_fast_syscall_32+0x129/0x180 [ 811.964760][T16718] do_fast_syscall_32+0x6a/0xc0 [ 811.969595][T16718] do_SYSENTER_32+0x73/0x90 [ 811.974122][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 811.980435][T16718] [ 811.982771][T16718] Uninit was stored to memory at: [ 811.987976][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 811.993685][T16718] __msan_chain_origin+0x50/0x90 [ 811.998651][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 812.004117][T16718] get_compat_msghdr+0x108/0x2b0 [ 812.009039][T16718] do_recvmmsg+0xdbb/0x22b0 [ 812.013524][T16718] __sys_recvmmsg+0x5dd/0x610 [ 812.018194][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 812.024256][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 812.030415][T16718] __do_fast_syscall_32+0x129/0x180 [ 812.036125][T16718] do_fast_syscall_32+0x6a/0xc0 [ 812.041130][T16718] do_SYSENTER_32+0x73/0x90 [ 812.045705][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 812.052195][T16718] [ 812.054597][T16718] Uninit was stored to memory at: [ 812.059659][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 812.065369][T16718] __msan_chain_origin+0x50/0x90 [ 812.070290][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 812.075392][T16718] get_compat_msghdr+0x108/0x2b0 [ 812.080318][T16718] do_recvmmsg+0xdbb/0x22b0 [ 812.084833][T16718] __sys_recvmmsg+0x5dd/0x610 [ 812.089531][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 812.095926][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 812.102068][T16718] __do_fast_syscall_32+0x129/0x180 [ 812.107254][T16718] do_fast_syscall_32+0x6a/0xc0 [ 812.112096][T16718] do_SYSENTER_32+0x73/0x90 [ 812.116591][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 812.122886][T16718] [ 812.125191][T16718] Uninit was stored to memory at: [ 812.130196][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 812.135901][T16718] __msan_chain_origin+0x50/0x90 [ 812.140943][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 812.146047][T16718] get_compat_msghdr+0x108/0x2b0 [ 812.150976][T16718] do_recvmmsg+0xdbb/0x22b0 [ 812.155465][T16718] __sys_recvmmsg+0x5dd/0x610 [ 812.160278][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 812.166330][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 812.172489][T16718] __do_fast_syscall_32+0x129/0x180 [ 812.177670][T16718] do_fast_syscall_32+0x6a/0xc0 [ 812.182499][T16718] do_SYSENTER_32+0x73/0x90 [ 812.186998][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 812.193310][T16718] [ 812.195628][T16718] Uninit was stored to memory at: [ 812.200639][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 812.206352][T16718] __msan_chain_origin+0x50/0x90 [ 812.211286][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 812.216378][T16718] get_compat_msghdr+0x108/0x2b0 [ 812.221296][T16718] do_recvmmsg+0xdbb/0x22b0 [ 812.225787][T16718] __sys_recvmmsg+0x5dd/0x610 [ 812.230461][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 812.236515][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 812.242659][T16718] __do_fast_syscall_32+0x129/0x180 [ 812.247848][T16718] do_fast_syscall_32+0x6a/0xc0 [ 812.252706][T16718] do_SYSENTER_32+0x73/0x90 [ 812.257187][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 812.263498][T16718] [ 812.265802][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 812.272464][T16718] do_recvmmsg+0xbf/0x22b0 [ 812.276855][T16718] do_recvmmsg+0xbf/0x22b0 [ 812.931932][T16718] not chained 370000 origins [ 812.936576][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 812.945265][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 812.955326][T16718] Call Trace: [ 812.958640][T16718] dump_stack+0x21c/0x280 [ 812.963599][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 812.969357][T16718] ? kmsan_get_metadata+0x116/0x180 [ 812.974568][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 812.980137][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 812.986221][T16718] ? _copy_from_user+0x201/0x310 [ 812.991188][T16718] ? kmsan_get_metadata+0x116/0x180 [ 812.996406][T16718] __msan_chain_origin+0x50/0x90 [ 813.001362][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 813.006503][T16718] get_compat_msghdr+0x108/0x2b0 [ 813.011463][T16718] do_recvmmsg+0xdbb/0x22b0 [ 813.015991][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 813.021926][T16718] ? kmsan_get_metadata+0x116/0x180 [ 813.027140][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 813.032787][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 813.038082][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 813.042849][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 813.047625][T16718] __sys_recvmmsg+0x5dd/0x610 [ 813.052317][T16718] ? kmsan_get_metadata+0x116/0x180 [ 813.057529][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 813.063616][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 813.069792][T16718] __do_fast_syscall_32+0x129/0x180 [ 813.075007][T16718] do_fast_syscall_32+0x6a/0xc0 [ 813.079897][T16718] do_SYSENTER_32+0x73/0x90 [ 813.084410][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 813.090735][T16718] RIP: 0023:0xf7f82549 [ 813.094817][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 813.114565][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 813.123011][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 813.131087][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 813.139069][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 813.147052][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 813.155019][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 813.162992][T16718] Uninit was stored to memory at: [ 813.168045][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 813.173779][T16718] __msan_chain_origin+0x50/0x90 [ 813.178720][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 813.183825][T16718] get_compat_msghdr+0x108/0x2b0 [ 813.188752][T16718] do_recvmmsg+0xdbb/0x22b0 [ 813.193246][T16718] __sys_recvmmsg+0x5dd/0x610 [ 813.197922][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 813.203987][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 813.210139][T16718] __do_fast_syscall_32+0x129/0x180 [ 813.215347][T16718] do_fast_syscall_32+0x6a/0xc0 [ 813.220190][T16718] do_SYSENTER_32+0x73/0x90 [ 813.224698][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 813.231020][T16718] [ 813.233344][T16718] Uninit was stored to memory at: [ 813.238360][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 813.244070][T16718] __msan_chain_origin+0x50/0x90 [ 813.249258][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 813.254358][T16718] get_compat_msghdr+0x108/0x2b0 [ 813.259285][T16718] do_recvmmsg+0xdbb/0x22b0 [ 813.263777][T16718] __sys_recvmmsg+0x5dd/0x610 [ 813.268447][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 813.274508][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 813.280655][T16718] __do_fast_syscall_32+0x129/0x180 [ 813.285845][T16718] do_fast_syscall_32+0x6a/0xc0 [ 813.290692][T16718] do_SYSENTER_32+0x73/0x90 [ 813.295201][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 813.301520][T16718] [ 813.303833][T16718] Uninit was stored to memory at: [ 813.308850][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 813.314572][T16718] __msan_chain_origin+0x50/0x90 [ 813.319513][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 813.324626][T16718] get_compat_msghdr+0x108/0x2b0 [ 813.329899][T16718] do_recvmmsg+0xdbb/0x22b0 [ 813.334401][T16718] __sys_recvmmsg+0x5dd/0x610 [ 813.339085][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 813.345158][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 813.351304][T16718] __do_fast_syscall_32+0x129/0x180 [ 813.356495][T16718] do_fast_syscall_32+0x6a/0xc0 [ 813.361337][T16718] do_SYSENTER_32+0x73/0x90 [ 813.365836][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 813.372141][T16718] [ 813.374469][T16718] Uninit was stored to memory at: [ 813.379591][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 813.385299][T16718] __msan_chain_origin+0x50/0x90 [ 813.390234][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 813.396005][T16718] get_compat_msghdr+0x108/0x2b0 [ 813.400986][T16718] do_recvmmsg+0xdbb/0x22b0 [ 813.405478][T16718] __sys_recvmmsg+0x5dd/0x610 [ 813.410148][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 813.416205][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 813.422361][T16718] __do_fast_syscall_32+0x129/0x180 [ 813.427562][T16718] do_fast_syscall_32+0x6a/0xc0 [ 813.432412][T16718] do_SYSENTER_32+0x73/0x90 [ 813.436910][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 813.443215][T16718] [ 813.445527][T16718] Uninit was stored to memory at: [ 813.450543][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 813.456250][T16718] __msan_chain_origin+0x50/0x90 [ 813.461177][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 813.466275][T16718] get_compat_msghdr+0x108/0x2b0 [ 813.471212][T16718] do_recvmmsg+0xdbb/0x22b0 [ 813.475701][T16718] __sys_recvmmsg+0x5dd/0x610 [ 813.480367][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 813.486437][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 813.492585][T16718] __do_fast_syscall_32+0x129/0x180 [ 813.497783][T16718] do_fast_syscall_32+0x6a/0xc0 [ 813.502638][T16718] do_SYSENTER_32+0x73/0x90 [ 813.507141][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 813.513457][T16718] [ 813.515782][T16718] Uninit was stored to memory at: [ 813.520812][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 813.526541][T16718] __msan_chain_origin+0x50/0x90 [ 813.531474][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 813.536573][T16718] get_compat_msghdr+0x108/0x2b0 [ 813.541514][T16718] do_recvmmsg+0xdbb/0x22b0 [ 813.546179][T16718] __sys_recvmmsg+0x5dd/0x610 [ 813.550848][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 813.556904][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 813.563050][T16718] __do_fast_syscall_32+0x129/0x180 [ 813.568241][T16718] do_fast_syscall_32+0x6a/0xc0 [ 813.573081][T16718] do_SYSENTER_32+0x73/0x90 [ 813.577576][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 813.583878][T16718] [ 813.586191][T16718] Uninit was stored to memory at: [ 813.591218][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 813.596931][T16718] __msan_chain_origin+0x50/0x90 [ 813.601860][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 813.607230][T16718] get_compat_msghdr+0x108/0x2b0 [ 813.612167][T16718] do_recvmmsg+0xdbb/0x22b0 [ 813.616658][T16718] __sys_recvmmsg+0x5dd/0x610 [ 813.621336][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 813.627389][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 813.633535][T16718] __do_fast_syscall_32+0x129/0x180 [ 813.638811][T16718] do_fast_syscall_32+0x6a/0xc0 [ 813.643653][T16718] do_SYSENTER_32+0x73/0x90 [ 813.648249][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 813.654689][T16718] [ 813.657012][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 813.663682][T16718] do_recvmmsg+0xbf/0x22b0 [ 813.668183][T16718] do_recvmmsg+0xbf/0x22b0 [ 814.074067][T16718] not chained 380000 origins [ 814.078739][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 814.087422][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 814.097479][T16718] Call Trace: [ 814.100784][T16718] dump_stack+0x21c/0x280 [ 814.105222][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 814.111074][T16718] ? kmsan_get_metadata+0x116/0x180 [ 814.116394][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 814.121960][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 814.128044][T16718] ? _copy_from_user+0x201/0x310 [ 814.133005][T16718] ? kmsan_get_metadata+0x116/0x180 [ 814.138223][T16718] __msan_chain_origin+0x50/0x90 [ 814.143172][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 814.148487][T16718] get_compat_msghdr+0x108/0x2b0 [ 814.153445][T16718] do_recvmmsg+0xdbb/0x22b0 [ 814.157965][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 814.163807][T16718] ? kmsan_get_metadata+0x116/0x180 [ 814.169060][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 814.174739][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 814.180041][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 814.184814][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 814.189610][T16718] __sys_recvmmsg+0x5dd/0x610 [ 814.194314][T16718] ? kmsan_get_metadata+0x116/0x180 [ 814.199531][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 814.205618][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 814.211870][T16718] __do_fast_syscall_32+0x129/0x180 [ 814.217089][T16718] do_fast_syscall_32+0x6a/0xc0 [ 814.222169][T16718] do_SYSENTER_32+0x73/0x90 [ 814.226840][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 814.233263][T16718] RIP: 0023:0xf7f82549 [ 814.237345][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 814.257046][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 814.265474][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 814.273458][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 814.281450][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 814.289432][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 814.297409][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 814.305393][T16718] Uninit was stored to memory at: [ 814.310438][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 814.316191][T16718] __msan_chain_origin+0x50/0x90 [ 814.321145][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 814.326266][T16718] get_compat_msghdr+0x108/0x2b0 [ 814.331227][T16718] do_recvmmsg+0xdbb/0x22b0 [ 814.335742][T16718] __sys_recvmmsg+0x5dd/0x610 [ 814.340433][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 814.346546][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 814.352714][T16718] __do_fast_syscall_32+0x129/0x180 [ 814.357923][T16718] do_fast_syscall_32+0x6a/0xc0 [ 814.362783][T16718] do_SYSENTER_32+0x73/0x90 [ 814.367468][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 814.373788][T16718] [ 814.376111][T16718] Uninit was stored to memory at: [ 814.381143][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 814.387119][T16718] __msan_chain_origin+0x50/0x90 [ 814.392044][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 814.397267][T16718] get_compat_msghdr+0x108/0x2b0 [ 814.402193][T16718] do_recvmmsg+0xdbb/0x22b0 [ 814.406682][T16718] __sys_recvmmsg+0x5dd/0x610 [ 814.411344][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 814.417435][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 814.423594][T16718] __do_fast_syscall_32+0x129/0x180 [ 814.428801][T16718] do_fast_syscall_32+0x6a/0xc0 [ 814.434157][T16718] do_SYSENTER_32+0x73/0x90 [ 814.438659][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 814.445089][T16718] [ 814.447417][T16718] Uninit was stored to memory at: [ 814.452436][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 814.458138][T16718] __msan_chain_origin+0x50/0x90 [ 814.463069][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 814.468195][T16718] get_compat_msghdr+0x108/0x2b0 [ 814.473131][T16718] do_recvmmsg+0xdbb/0x22b0 [ 814.477640][T16718] __sys_recvmmsg+0x5dd/0x610 [ 814.482313][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 814.488361][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 814.494508][T16718] __do_fast_syscall_32+0x129/0x180 [ 814.499691][T16718] do_fast_syscall_32+0x6a/0xc0 [ 814.504538][T16718] do_SYSENTER_32+0x73/0x90 [ 814.509095][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 814.515409][T16718] [ 814.517729][T16718] Uninit was stored to memory at: [ 814.523348][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 814.529051][T16718] __msan_chain_origin+0x50/0x90 [ 814.533977][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 814.539099][T16718] get_compat_msghdr+0x108/0x2b0 [ 814.544024][T16718] do_recvmmsg+0xdbb/0x22b0 [ 814.548507][T16718] __sys_recvmmsg+0x5dd/0x610 [ 814.553169][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 814.559227][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 814.565488][T16718] __do_fast_syscall_32+0x129/0x180 [ 814.570673][T16718] do_fast_syscall_32+0x6a/0xc0 [ 814.575512][T16718] do_SYSENTER_32+0x73/0x90 [ 814.580012][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 814.586464][T16718] [ 814.588779][T16718] Uninit was stored to memory at: [ 814.593986][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 814.599695][T16718] __msan_chain_origin+0x50/0x90 [ 814.605187][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 814.610319][T16718] get_compat_msghdr+0x108/0x2b0 [ 814.615413][T16718] do_recvmmsg+0xdbb/0x22b0 [ 814.619921][T16718] __sys_recvmmsg+0x5dd/0x610 [ 814.624597][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 814.630840][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 814.636985][T16718] __do_fast_syscall_32+0x129/0x180 [ 814.642184][T16718] do_fast_syscall_32+0x6a/0xc0 [ 814.647044][T16718] do_SYSENTER_32+0x73/0x90 [ 814.651553][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 814.657865][T16718] [ 814.660191][T16718] Uninit was stored to memory at: [ 814.665322][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 814.671036][T16718] __msan_chain_origin+0x50/0x90 [ 814.676007][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 814.681149][T16718] get_compat_msghdr+0x108/0x2b0 [ 814.686174][T16718] do_recvmmsg+0xdbb/0x22b0 [ 814.690675][T16718] __sys_recvmmsg+0x5dd/0x610 [ 814.695353][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 814.701424][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 814.707662][T16718] __do_fast_syscall_32+0x129/0x180 [ 814.712839][T16718] do_fast_syscall_32+0x6a/0xc0 [ 814.717685][T16718] do_SYSENTER_32+0x73/0x90 [ 814.722197][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 814.728496][T16718] [ 814.730819][T16718] Uninit was stored to memory at: [ 814.735827][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 814.741543][T16718] __msan_chain_origin+0x50/0x90 [ 814.746488][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 814.751597][T16718] get_compat_msghdr+0x108/0x2b0 [ 814.756514][T16718] do_recvmmsg+0xdbb/0x22b0 [ 814.761008][T16718] __sys_recvmmsg+0x5dd/0x610 [ 814.766572][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 814.772690][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 814.778836][T16718] __do_fast_syscall_32+0x129/0x180 [ 814.784031][T16718] do_fast_syscall_32+0x6a/0xc0 [ 814.788884][T16718] do_SYSENTER_32+0x73/0x90 [ 814.793386][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 814.799689][T16718] [ 814.802014][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 814.808691][T16718] do_recvmmsg+0xbf/0x22b0 [ 814.813112][T16718] do_recvmmsg+0xbf/0x22b0 [ 815.282569][T16718] not chained 390000 origins [ 815.287299][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 815.296003][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 815.306069][T16718] Call Trace: [ 815.309383][T16718] dump_stack+0x21c/0x280 [ 815.313737][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 815.319500][T16718] ? kmsan_get_metadata+0x116/0x180 [ 815.324717][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 815.330285][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 815.336411][T16718] ? _copy_from_user+0x201/0x310 [ 815.341456][T16718] ? kmsan_get_metadata+0x116/0x180 [ 815.346671][T16718] __msan_chain_origin+0x50/0x90 [ 815.351623][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 815.356760][T16718] get_compat_msghdr+0x108/0x2b0 [ 815.361716][T16718] do_recvmmsg+0xdbb/0x22b0 [ 815.366247][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 815.372087][T16718] ? kmsan_get_metadata+0x116/0x180 [ 815.377320][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 815.382977][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 815.388301][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 815.393079][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 815.397856][T16718] __sys_recvmmsg+0x5dd/0x610 [ 815.402562][T16718] ? kmsan_get_metadata+0x116/0x180 [ 815.407773][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 815.413853][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 815.420025][T16718] __do_fast_syscall_32+0x129/0x180 [ 815.425238][T16718] do_fast_syscall_32+0x6a/0xc0 [ 815.430100][T16718] do_SYSENTER_32+0x73/0x90 [ 815.434627][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 815.440942][T16718] RIP: 0023:0xf7f82549 [ 815.445012][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 815.464696][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 815.473104][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 815.481097][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 815.489070][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 815.497118][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 815.505078][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 815.513058][T16718] Uninit was stored to memory at: [ 815.518106][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 815.523829][T16718] __msan_chain_origin+0x50/0x90 [ 815.528874][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 815.533979][T16718] get_compat_msghdr+0x108/0x2b0 [ 815.538914][T16718] do_recvmmsg+0xdbb/0x22b0 [ 815.543408][T16718] __sys_recvmmsg+0x5dd/0x610 [ 815.548298][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 815.554364][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 815.560514][T16718] __do_fast_syscall_32+0x129/0x180 [ 815.565710][T16718] do_fast_syscall_32+0x6a/0xc0 [ 815.570654][T16718] do_SYSENTER_32+0x73/0x90 [ 815.575200][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 815.581525][T16718] [ 815.584991][T16718] Uninit was stored to memory at: [ 815.590011][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 815.595721][T16718] __msan_chain_origin+0x50/0x90 [ 815.600705][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 815.605822][T16718] get_compat_msghdr+0x108/0x2b0 [ 815.610756][T16718] do_recvmmsg+0xdbb/0x22b0 [ 815.615260][T16718] __sys_recvmmsg+0x5dd/0x610 [ 815.619929][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 815.626099][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 815.632246][T16718] __do_fast_syscall_32+0x129/0x180 [ 815.637439][T16718] do_fast_syscall_32+0x6a/0xc0 [ 815.642284][T16718] do_SYSENTER_32+0x73/0x90 [ 815.646782][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 815.653091][T16718] [ 815.655418][T16718] Uninit was stored to memory at: [ 815.660542][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 815.666254][T16718] __msan_chain_origin+0x50/0x90 [ 815.671183][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 815.676454][T16718] get_compat_msghdr+0x108/0x2b0 [ 815.682095][T16718] do_recvmmsg+0xdbb/0x22b0 [ 815.686594][T16718] __sys_recvmmsg+0x5dd/0x610 [ 815.691285][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 815.697353][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 815.703506][T16718] __do_fast_syscall_32+0x129/0x180 [ 815.708886][T16718] do_fast_syscall_32+0x6a/0xc0 [ 815.713767][T16718] do_SYSENTER_32+0x73/0x90 [ 815.718286][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 815.724595][T16718] [ 815.726911][T16718] Uninit was stored to memory at: [ 815.731934][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 815.737647][T16718] __msan_chain_origin+0x50/0x90 [ 815.742577][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 815.747677][T16718] get_compat_msghdr+0x108/0x2b0 [ 815.752604][T16718] do_recvmmsg+0xdbb/0x22b0 [ 815.757183][T16718] __sys_recvmmsg+0x5dd/0x610 [ 815.761857][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 815.767934][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 815.774089][T16718] __do_fast_syscall_32+0x129/0x180 [ 815.779297][T16718] do_fast_syscall_32+0x6a/0xc0 [ 815.784246][T16718] do_SYSENTER_32+0x73/0x90 [ 815.788765][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 815.795176][T16718] [ 815.797509][T16718] Uninit was stored to memory at: [ 815.802528][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 815.808238][T16718] __msan_chain_origin+0x50/0x90 [ 815.813168][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 815.818271][T16718] get_compat_msghdr+0x108/0x2b0 [ 815.823196][T16718] do_recvmmsg+0xdbb/0x22b0 [ 815.827720][T16718] __sys_recvmmsg+0x5dd/0x610 [ 815.832395][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 815.838454][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 815.844620][T16718] __do_fast_syscall_32+0x129/0x180 [ 815.849829][T16718] do_fast_syscall_32+0x6a/0xc0 [ 815.854848][T16718] do_SYSENTER_32+0x73/0x90 [ 815.859348][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 815.865656][T16718] [ 815.867977][T16718] Uninit was stored to memory at: [ 815.873005][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 815.878723][T16718] __msan_chain_origin+0x50/0x90 [ 815.883657][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 815.888761][T16718] get_compat_msghdr+0x108/0x2b0 [ 815.893688][T16718] do_recvmmsg+0xdbb/0x22b0 [ 815.898181][T16718] __sys_recvmmsg+0x5dd/0x610 [ 815.902851][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 815.908923][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 815.915068][T16718] __do_fast_syscall_32+0x129/0x180 [ 815.920274][T16718] do_fast_syscall_32+0x6a/0xc0 [ 815.925117][T16718] do_SYSENTER_32+0x73/0x90 [ 815.929616][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 815.935922][T16718] [ 815.938234][T16718] Uninit was stored to memory at: [ 815.943252][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 815.949136][T16718] __msan_chain_origin+0x50/0x90 [ 815.954084][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 815.959204][T16718] get_compat_msghdr+0x108/0x2b0 [ 815.964133][T16718] do_recvmmsg+0xdbb/0x22b0 [ 815.968630][T16718] __sys_recvmmsg+0x5dd/0x610 [ 815.973317][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 815.979379][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 815.985524][T16718] __do_fast_syscall_32+0x129/0x180 [ 815.990718][T16718] do_fast_syscall_32+0x6a/0xc0 [ 815.995580][T16718] do_SYSENTER_32+0x73/0x90 [ 816.000079][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 816.006388][T16718] [ 816.008702][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 816.015370][T16718] do_recvmmsg+0xbf/0x22b0 [ 816.019774][T16718] do_recvmmsg+0xbf/0x22b0 [ 816.322963][T16718] not chained 400000 origins [ 816.327600][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 816.336274][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 816.346339][T16718] Call Trace: [ 816.349666][T16718] dump_stack+0x21c/0x280 [ 816.354017][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 816.359780][T16718] ? kmsan_get_metadata+0x116/0x180 [ 816.364988][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 816.370545][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 816.376623][T16718] ? _copy_from_user+0x201/0x310 [ 816.381573][T16718] ? kmsan_get_metadata+0x116/0x180 [ 816.386805][T16718] __msan_chain_origin+0x50/0x90 [ 816.391757][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 816.396894][T16718] get_compat_msghdr+0x108/0x2b0 [ 816.401859][T16718] do_recvmmsg+0xdbb/0x22b0 [ 816.406394][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 816.412262][T16718] ? kmsan_get_metadata+0x116/0x180 [ 816.417471][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 816.423118][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 816.428416][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 816.433187][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 816.437964][T16718] __sys_recvmmsg+0x5dd/0x610 [ 816.442660][T16718] ? kmsan_get_metadata+0x116/0x180 [ 816.447862][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 816.453954][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 816.460104][T16718] __do_fast_syscall_32+0x129/0x180 [ 816.465302][T16718] do_fast_syscall_32+0x6a/0xc0 [ 816.470169][T16718] do_SYSENTER_32+0x73/0x90 [ 816.474674][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 816.481025][T16718] RIP: 0023:0xf7f82549 [ 816.485093][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 816.504805][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 816.513214][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 816.521176][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 816.529142][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 816.537348][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 816.545327][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 816.553306][T16718] Uninit was stored to memory at: [ 816.558332][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 816.564068][T16718] __msan_chain_origin+0x50/0x90 [ 816.569000][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 816.574122][T16718] get_compat_msghdr+0x108/0x2b0 [ 816.579050][T16718] do_recvmmsg+0xdbb/0x22b0 [ 816.583541][T16718] __sys_recvmmsg+0x5dd/0x610 [ 816.588319][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 816.594396][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 816.600561][T16718] __do_fast_syscall_32+0x129/0x180 [ 816.605770][T16718] do_fast_syscall_32+0x6a/0xc0 [ 816.610621][T16718] do_SYSENTER_32+0x73/0x90 [ 816.615119][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 816.621426][T16718] [ 816.623741][T16718] Uninit was stored to memory at: [ 816.628788][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 816.634499][T16718] __msan_chain_origin+0x50/0x90 [ 816.639431][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 816.644547][T16718] get_compat_msghdr+0x108/0x2b0 [ 816.649478][T16718] do_recvmmsg+0xdbb/0x22b0 [ 816.654100][T16718] __sys_recvmmsg+0x5dd/0x610 [ 816.659065][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 816.665136][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 816.671291][T16718] __do_fast_syscall_32+0x129/0x180 [ 816.676511][T16718] do_fast_syscall_32+0x6a/0xc0 [ 816.681367][T16718] do_SYSENTER_32+0x73/0x90 [ 816.685907][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 816.692217][T16718] [ 816.694533][T16718] Uninit was stored to memory at: [ 816.699551][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 816.705263][T16718] __msan_chain_origin+0x50/0x90 [ 816.710195][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 816.715451][T16718] get_compat_msghdr+0x108/0x2b0 [ 816.720390][T16718] do_recvmmsg+0xdbb/0x22b0 [ 816.724936][T16718] __sys_recvmmsg+0x5dd/0x610 [ 816.729625][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 816.735692][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 816.741843][T16718] __do_fast_syscall_32+0x129/0x180 [ 816.747033][T16718] do_fast_syscall_32+0x6a/0xc0 [ 816.751884][T16718] do_SYSENTER_32+0x73/0x90 [ 816.756401][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 816.762722][T16718] [ 816.765038][T16718] Uninit was stored to memory at: [ 816.770059][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 816.775771][T16718] __msan_chain_origin+0x50/0x90 [ 816.781481][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 816.786601][T16718] get_compat_msghdr+0x108/0x2b0 [ 816.791618][T16718] do_recvmmsg+0xdbb/0x22b0 [ 816.796112][T16718] __sys_recvmmsg+0x5dd/0x610 [ 816.800783][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 816.806842][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 816.812988][T16718] __do_fast_syscall_32+0x129/0x180 [ 816.818179][T16718] do_fast_syscall_32+0x6a/0xc0 [ 816.823022][T16718] do_SYSENTER_32+0x73/0x90 [ 816.827556][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 816.833861][T16718] [ 816.836175][T16718] Uninit was stored to memory at: [ 816.841196][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 816.846932][T16718] __msan_chain_origin+0x50/0x90 [ 816.851867][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 816.857054][T16718] get_compat_msghdr+0x108/0x2b0 [ 816.861981][T16718] do_recvmmsg+0xdbb/0x22b0 [ 816.866488][T16718] __sys_recvmmsg+0x5dd/0x610 [ 816.871182][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 816.877333][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 816.883498][T16718] __do_fast_syscall_32+0x129/0x180 [ 816.888704][T16718] do_fast_syscall_32+0x6a/0xc0 [ 816.893561][T16718] do_SYSENTER_32+0x73/0x90 [ 816.898058][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 816.904365][T16718] [ 816.906684][T16718] Uninit was stored to memory at: [ 816.911703][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 816.917501][T16718] __msan_chain_origin+0x50/0x90 [ 816.922447][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 816.927558][T16718] get_compat_msghdr+0x108/0x2b0 [ 816.932495][T16718] do_recvmmsg+0xdbb/0x22b0 [ 816.936986][T16718] __sys_recvmmsg+0x5dd/0x610 [ 816.941656][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 816.947719][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 816.953868][T16718] __do_fast_syscall_32+0x129/0x180 [ 816.959059][T16718] do_fast_syscall_32+0x6a/0xc0 [ 816.963901][T16718] do_SYSENTER_32+0x73/0x90 [ 816.968397][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 816.974703][T16718] [ 816.977017][T16718] Uninit was stored to memory at: [ 816.982035][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 816.987763][T16718] __msan_chain_origin+0x50/0x90 [ 816.992697][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 816.997798][T16718] get_compat_msghdr+0x108/0x2b0 [ 817.002726][T16718] do_recvmmsg+0xdbb/0x22b0 [ 817.007244][T16718] __sys_recvmmsg+0x5dd/0x610 [ 817.011922][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 817.017983][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 817.024132][T16718] __do_fast_syscall_32+0x129/0x180 [ 817.029328][T16718] do_fast_syscall_32+0x6a/0xc0 [ 817.034171][T16718] do_SYSENTER_32+0x73/0x90 [ 817.038688][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 817.044994][T16718] [ 817.047312][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 817.053995][T16718] do_recvmmsg+0xbf/0x22b0 [ 817.058508][T16718] do_recvmmsg+0xbf/0x22b0 [ 817.676301][T16718] not chained 410000 origins [ 817.680955][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 817.689635][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 817.699719][T16718] Call Trace: [ 817.703028][T16718] dump_stack+0x21c/0x280 [ 817.707373][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 817.713133][T16718] ? kmsan_get_metadata+0x116/0x180 [ 817.718355][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 817.723927][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 817.730020][T16718] ? _copy_from_user+0x201/0x310 [ 817.734977][T16718] ? kmsan_get_metadata+0x116/0x180 [ 817.740192][T16718] __msan_chain_origin+0x50/0x90 [ 817.745149][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 817.750289][T16718] get_compat_msghdr+0x108/0x2b0 [ 817.755265][T16718] do_recvmmsg+0xdbb/0x22b0 [ 817.759788][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 817.765628][T16718] ? kmsan_get_metadata+0x116/0x180 [ 817.770865][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 817.776648][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 817.781955][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 817.786756][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 817.791553][T16718] __sys_recvmmsg+0x5dd/0x610 [ 817.796254][T16718] ? kmsan_get_metadata+0x116/0x180 [ 817.801471][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 817.807567][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 817.813729][T16718] __do_fast_syscall_32+0x129/0x180 [ 817.819092][T16718] do_fast_syscall_32+0x6a/0xc0 [ 817.823983][T16718] do_SYSENTER_32+0x73/0x90 [ 817.828501][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 817.834827][T16718] RIP: 0023:0xf7f82549 [ 817.838903][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 817.858630][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 817.867389][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 817.875364][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 817.883341][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 817.891300][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 817.899255][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 817.907218][T16718] Uninit was stored to memory at: [ 817.912248][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 817.917972][T16718] __msan_chain_origin+0x50/0x90 [ 817.922896][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 817.928026][T16718] get_compat_msghdr+0x108/0x2b0 [ 817.932963][T16718] do_recvmmsg+0xdbb/0x22b0 [ 817.937462][T16718] __sys_recvmmsg+0x5dd/0x610 [ 817.942132][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 817.948190][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 817.954348][T16718] __do_fast_syscall_32+0x129/0x180 [ 817.959539][T16718] do_fast_syscall_32+0x6a/0xc0 [ 817.964396][T16718] do_SYSENTER_32+0x73/0x90 [ 817.968994][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 817.975305][T16718] [ 817.977617][T16718] Uninit was stored to memory at: [ 817.982642][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 817.988354][T16718] __msan_chain_origin+0x50/0x90 [ 817.993285][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 817.998379][T16718] get_compat_msghdr+0x108/0x2b0 [ 818.003316][T16718] do_recvmmsg+0xdbb/0x22b0 [ 818.007807][T16718] __sys_recvmmsg+0x5dd/0x610 [ 818.012487][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 818.018541][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 818.024690][T16718] __do_fast_syscall_32+0x129/0x180 [ 818.029885][T16718] do_fast_syscall_32+0x6a/0xc0 [ 818.034749][T16718] do_SYSENTER_32+0x73/0x90 [ 818.039251][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 818.045584][T16718] [ 818.047901][T16718] Uninit was stored to memory at: [ 818.053025][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 818.058820][T16718] __msan_chain_origin+0x50/0x90 [ 818.063876][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 818.068990][T16718] get_compat_msghdr+0x108/0x2b0 [ 818.074385][T16718] do_recvmmsg+0xdbb/0x22b0 [ 818.078899][T16718] __sys_recvmmsg+0x5dd/0x610 [ 818.083592][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 818.089681][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 818.095836][T16718] __do_fast_syscall_32+0x129/0x180 [ 818.101033][T16718] do_fast_syscall_32+0x6a/0xc0 [ 818.105865][T16718] do_SYSENTER_32+0x73/0x90 [ 818.110445][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 818.116764][T16718] [ 818.119094][T16718] Uninit was stored to memory at: [ 818.124127][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 818.129853][T16718] __msan_chain_origin+0x50/0x90 [ 818.134795][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 818.139911][T16718] get_compat_msghdr+0x108/0x2b0 [ 818.144827][T16718] do_recvmmsg+0xdbb/0x22b0 [ 818.149410][T16718] __sys_recvmmsg+0x5dd/0x610 [ 818.154103][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 818.160156][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 818.166302][T16718] __do_fast_syscall_32+0x129/0x180 [ 818.171594][T16718] do_fast_syscall_32+0x6a/0xc0 [ 818.176443][T16718] do_SYSENTER_32+0x73/0x90 [ 818.180956][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 818.187283][T16718] [ 818.189612][T16718] Uninit was stored to memory at: [ 818.194637][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 818.200345][T16718] __msan_chain_origin+0x50/0x90 [ 818.205264][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 818.210366][T16718] get_compat_msghdr+0x108/0x2b0 [ 818.215296][T16718] do_recvmmsg+0xdbb/0x22b0 [ 818.219779][T16718] __sys_recvmmsg+0x5dd/0x610 [ 818.224438][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 818.230505][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 818.236681][T16718] __do_fast_syscall_32+0x129/0x180 [ 818.241867][T16718] do_fast_syscall_32+0x6a/0xc0 [ 818.246734][T16718] do_SYSENTER_32+0x73/0x90 [ 818.251249][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 818.257553][T16718] [ 818.259871][T16718] Uninit was stored to memory at: [ 818.264880][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 818.270583][T16718] __msan_chain_origin+0x50/0x90 [ 818.275516][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 818.280624][T16718] get_compat_msghdr+0x108/0x2b0 [ 818.285552][T16718] do_recvmmsg+0xdbb/0x22b0 [ 818.290046][T16718] __sys_recvmmsg+0x5dd/0x610 [ 818.294773][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 818.300858][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 818.307007][T16718] __do_fast_syscall_32+0x129/0x180 [ 818.312189][T16718] do_fast_syscall_32+0x6a/0xc0 [ 818.317017][T16718] do_SYSENTER_32+0x73/0x90 [ 818.321628][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 818.327934][T16718] [ 818.330261][T16718] Uninit was stored to memory at: [ 818.335410][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 818.341132][T16718] __msan_chain_origin+0x50/0x90 [ 818.346088][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 818.351197][T16718] get_compat_msghdr+0x108/0x2b0 [ 818.356132][T16718] do_recvmmsg+0xdbb/0x22b0 [ 818.360617][T16718] __sys_recvmmsg+0x5dd/0x610 [ 818.365294][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 818.371346][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 818.377493][T16718] __do_fast_syscall_32+0x129/0x180 [ 818.382698][T16718] do_fast_syscall_32+0x6a/0xc0 [ 818.387575][T16718] do_SYSENTER_32+0x73/0x90 [ 818.392098][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 818.398404][T16718] [ 818.400741][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 818.407557][T16718] do_recvmmsg+0xbf/0x22b0 [ 818.411975][T16718] do_recvmmsg+0xbf/0x22b0 [ 818.710687][T16718] not chained 420000 origins [ 818.715338][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 818.724012][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 818.734073][T16718] Call Trace: [ 818.737391][T16718] dump_stack+0x21c/0x280 [ 818.741746][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 818.747617][T16718] ? kmsan_get_metadata+0x116/0x180 [ 818.752826][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 818.758394][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 818.764513][T16718] ? _copy_from_user+0x201/0x310 [ 818.769469][T16718] ? kmsan_get_metadata+0x116/0x180 [ 818.774720][T16718] __msan_chain_origin+0x50/0x90 [ 818.779701][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 818.784844][T16718] get_compat_msghdr+0x108/0x2b0 [ 818.789801][T16718] do_recvmmsg+0xdbb/0x22b0 [ 818.794322][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 818.800184][T16718] ? kmsan_get_metadata+0x116/0x180 [ 818.805391][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 818.811098][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 818.816401][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 818.821191][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 818.826106][T16718] __sys_recvmmsg+0x5dd/0x610 [ 818.830909][T16718] ? kmsan_get_metadata+0x116/0x180 [ 818.836132][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 818.842231][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 818.848404][T16718] __do_fast_syscall_32+0x129/0x180 [ 818.853625][T16718] do_fast_syscall_32+0x6a/0xc0 [ 818.858492][T16718] do_SYSENTER_32+0x73/0x90 [ 818.863013][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 818.869356][T16718] RIP: 0023:0xf7f82549 [ 818.873445][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 818.893057][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 818.901482][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 818.909463][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 818.917441][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 818.925427][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 818.933411][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 818.941398][T16718] Uninit was stored to memory at: [ 818.946452][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 818.952184][T16718] __msan_chain_origin+0x50/0x90 [ 818.957138][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 818.962349][T16718] get_compat_msghdr+0x108/0x2b0 [ 818.967298][T16718] do_recvmmsg+0xdbb/0x22b0 [ 818.971805][T16718] __sys_recvmmsg+0x5dd/0x610 [ 818.976496][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 818.982576][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 818.988741][T16718] __do_fast_syscall_32+0x129/0x180 [ 818.993973][T16718] do_fast_syscall_32+0x6a/0xc0 [ 818.998834][T16718] do_SYSENTER_32+0x73/0x90 [ 819.003349][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 819.009671][T16718] [ 819.011996][T16718] Uninit was stored to memory at: [ 819.017032][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 819.022771][T16718] __msan_chain_origin+0x50/0x90 [ 819.027729][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 819.032850][T16718] get_compat_msghdr+0x108/0x2b0 [ 819.037975][T16718] do_recvmmsg+0xdbb/0x22b0 [ 819.042486][T16718] __sys_recvmmsg+0x5dd/0x610 [ 819.047170][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 819.053249][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 819.059768][T16718] __do_fast_syscall_32+0x129/0x180 [ 819.064985][T16718] do_fast_syscall_32+0x6a/0xc0 [ 819.069957][T16718] do_SYSENTER_32+0x73/0x90 [ 819.074576][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 819.080896][T16718] [ 819.083221][T16718] Uninit was stored to memory at: [ 819.088296][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 819.094030][T16718] __msan_chain_origin+0x50/0x90 [ 819.098980][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 819.104137][T16718] get_compat_msghdr+0x108/0x2b0 [ 819.109081][T16718] do_recvmmsg+0xdbb/0x22b0 [ 819.114290][T16718] __sys_recvmmsg+0x5dd/0x610 [ 819.118979][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 819.125054][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 819.131221][T16718] __do_fast_syscall_32+0x129/0x180 [ 819.136437][T16718] do_fast_syscall_32+0x6a/0xc0 [ 819.141302][T16718] do_SYSENTER_32+0x73/0x90 [ 819.145832][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 819.152152][T16718] [ 819.154482][T16718] Uninit was stored to memory at: [ 819.159526][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 819.165318][T16718] __msan_chain_origin+0x50/0x90 [ 819.170274][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 819.175667][T16718] get_compat_msghdr+0x108/0x2b0 [ 819.180625][T16718] do_recvmmsg+0xdbb/0x22b0 [ 819.185134][T16718] __sys_recvmmsg+0x5dd/0x610 [ 819.189824][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 819.195904][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 819.202077][T16718] __do_fast_syscall_32+0x129/0x180 [ 819.207293][T16718] do_fast_syscall_32+0x6a/0xc0 [ 819.212159][T16718] do_SYSENTER_32+0x73/0x90 [ 819.216684][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 819.223004][T16718] [ 819.225326][T16718] Uninit was stored to memory at: [ 819.230351][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 819.236151][T16718] __msan_chain_origin+0x50/0x90 [ 819.241085][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 819.246209][T16718] get_compat_msghdr+0x108/0x2b0 [ 819.251156][T16718] do_recvmmsg+0xdbb/0x22b0 [ 819.255654][T16718] __sys_recvmmsg+0x5dd/0x610 [ 819.260325][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 819.266471][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 819.272619][T16718] __do_fast_syscall_32+0x129/0x180 [ 819.277813][T16718] do_fast_syscall_32+0x6a/0xc0 [ 819.282657][T16718] do_SYSENTER_32+0x73/0x90 [ 819.287160][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 819.293477][T16718] [ 819.295790][T16718] Uninit was stored to memory at: [ 819.300812][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 819.306524][T16718] __msan_chain_origin+0x50/0x90 [ 819.311452][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 819.316555][T16718] get_compat_msghdr+0x108/0x2b0 [ 819.321484][T16718] do_recvmmsg+0xdbb/0x22b0 [ 819.325997][T16718] __sys_recvmmsg+0x5dd/0x610 [ 819.330667][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 819.336727][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 819.342879][T16718] __do_fast_syscall_32+0x129/0x180 [ 819.348071][T16718] do_fast_syscall_32+0x6a/0xc0 [ 819.352915][T16718] do_SYSENTER_32+0x73/0x90 [ 819.357414][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 819.363718][T16718] [ 819.366033][T16718] Uninit was stored to memory at: [ 819.371051][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 819.376775][T16718] __msan_chain_origin+0x50/0x90 [ 819.381703][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 819.386804][T16718] get_compat_msghdr+0x108/0x2b0 [ 819.391730][T16718] do_recvmmsg+0xdbb/0x22b0 [ 819.396230][T16718] __sys_recvmmsg+0x5dd/0x610 [ 819.400922][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 819.406997][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 819.413143][T16718] __do_fast_syscall_32+0x129/0x180 [ 819.418339][T16718] do_fast_syscall_32+0x6a/0xc0 [ 819.423182][T16718] do_SYSENTER_32+0x73/0x90 [ 819.427678][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 819.433987][T16718] [ 819.436301][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 819.442978][T16718] do_recvmmsg+0xbf/0x22b0 [ 819.448773][T16718] do_recvmmsg+0xbf/0x22b0 [ 819.827955][T16718] not chained 430000 origins [ 819.832652][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 819.841327][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 819.851389][T16718] Call Trace: [ 819.854698][T16718] dump_stack+0x21c/0x280 [ 819.859051][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 819.864891][T16718] ? kmsan_get_metadata+0x116/0x180 [ 819.870106][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 819.875679][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 819.881765][T16718] ? _copy_from_user+0x201/0x310 [ 819.886717][T16718] ? kmsan_get_metadata+0x116/0x180 [ 819.891929][T16718] __msan_chain_origin+0x50/0x90 [ 819.896887][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 819.902118][T16718] get_compat_msghdr+0x108/0x2b0 [ 819.907081][T16718] do_recvmmsg+0xdbb/0x22b0 [ 819.911603][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 819.917449][T16718] ? kmsan_get_metadata+0x116/0x180 [ 819.922664][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 819.928309][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 819.933606][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 819.938377][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 819.943149][T16718] __sys_recvmmsg+0x5dd/0x610 [ 819.947843][T16718] ? kmsan_get_metadata+0x116/0x180 [ 819.953063][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 819.959157][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 819.965326][T16718] __do_fast_syscall_32+0x129/0x180 [ 819.970544][T16718] do_fast_syscall_32+0x6a/0xc0 [ 819.975418][T16718] do_SYSENTER_32+0x73/0x90 [ 819.979945][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 819.986281][T16718] RIP: 0023:0xf7f82549 [ 819.990364][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 820.010327][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 820.018757][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 820.026741][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 820.034725][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 820.042709][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 820.050689][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 820.058677][T16718] Uninit was stored to memory at: [ 820.063722][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 820.069464][T16718] __msan_chain_origin+0x50/0x90 [ 820.074418][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 820.079541][T16718] get_compat_msghdr+0x108/0x2b0 [ 820.084494][T16718] do_recvmmsg+0xdbb/0x22b0 [ 820.089006][T16718] __sys_recvmmsg+0x5dd/0x610 [ 820.093694][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 820.099774][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 820.105932][T16718] __do_fast_syscall_32+0x129/0x180 [ 820.111148][T16718] do_fast_syscall_32+0x6a/0xc0 [ 820.116024][T16718] do_SYSENTER_32+0x73/0x90 [ 820.120541][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 820.126859][T16718] [ 820.129185][T16718] Uninit was stored to memory at: [ 820.134222][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 820.139953][T16718] __msan_chain_origin+0x50/0x90 [ 820.144895][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 820.150014][T16718] get_compat_msghdr+0x108/0x2b0 [ 820.154956][T16718] do_recvmmsg+0xdbb/0x22b0 [ 820.159464][T16718] __sys_recvmmsg+0x5dd/0x610 [ 820.164147][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 820.170231][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 820.176573][T16718] __do_fast_syscall_32+0x129/0x180 [ 820.182012][T16718] do_fast_syscall_32+0x6a/0xc0 [ 820.186958][T16718] do_SYSENTER_32+0x73/0x90 [ 820.191454][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 820.197755][T16718] [ 820.200063][T16718] Uninit was stored to memory at: [ 820.205074][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 820.210779][T16718] __msan_chain_origin+0x50/0x90 [ 820.215720][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 820.220910][T16718] get_compat_msghdr+0x108/0x2b0 [ 820.225834][T16718] do_recvmmsg+0xdbb/0x22b0 [ 820.230331][T16718] __sys_recvmmsg+0x5dd/0x610 [ 820.234995][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 820.241057][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 820.247204][T16718] __do_fast_syscall_32+0x129/0x180 [ 820.252428][T16718] do_fast_syscall_32+0x6a/0xc0 [ 820.257285][T16718] do_SYSENTER_32+0x73/0x90 [ 820.261805][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 820.268106][T16718] [ 820.270425][T16718] Uninit was stored to memory at: [ 820.275452][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 820.281171][T16718] __msan_chain_origin+0x50/0x90 [ 820.286090][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 820.291183][T16718] get_compat_msghdr+0x108/0x2b0 [ 820.296099][T16718] do_recvmmsg+0xdbb/0x22b0 [ 820.300583][T16718] __sys_recvmmsg+0x5dd/0x610 [ 820.305242][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 820.311308][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 820.317444][T16718] __do_fast_syscall_32+0x129/0x180 [ 820.322634][T16718] do_fast_syscall_32+0x6a/0xc0 [ 820.327489][T16718] do_SYSENTER_32+0x73/0x90 [ 820.331993][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 820.338313][T16718] [ 820.340620][T16718] Uninit was stored to memory at: [ 820.345643][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 820.351359][T16718] __msan_chain_origin+0x50/0x90 [ 820.356420][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 820.362654][T16718] get_compat_msghdr+0x108/0x2b0 [ 820.367717][T16718] do_recvmmsg+0xdbb/0x22b0 [ 820.372215][T16718] __sys_recvmmsg+0x5dd/0x610 [ 820.376882][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 820.382949][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 820.389882][T16718] __do_fast_syscall_32+0x129/0x180 [ 820.395446][T16718] do_fast_syscall_32+0x6a/0xc0 [ 820.400402][T16718] do_SYSENTER_32+0x73/0x90 [ 820.404903][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 820.411202][T16718] [ 820.413507][T16718] Uninit was stored to memory at: [ 820.418516][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 820.424227][T16718] __msan_chain_origin+0x50/0x90 [ 820.429248][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 820.434349][T16718] get_compat_msghdr+0x108/0x2b0 [ 820.439268][T16718] do_recvmmsg+0xdbb/0x22b0 [ 820.443748][T16718] __sys_recvmmsg+0x5dd/0x610 [ 820.448404][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 820.454465][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 820.460621][T16718] __do_fast_syscall_32+0x129/0x180 [ 820.465811][T16718] do_fast_syscall_32+0x6a/0xc0 [ 820.470655][T16718] do_SYSENTER_32+0x73/0x90 [ 820.475167][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 820.481483][T16718] [ 820.483824][T16718] Uninit was stored to memory at: [ 820.488834][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 820.494549][T16718] __msan_chain_origin+0x50/0x90 [ 820.499617][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 820.504955][T16718] get_compat_msghdr+0x108/0x2b0 [ 820.509905][T16718] do_recvmmsg+0xdbb/0x22b0 [ 820.514410][T16718] __sys_recvmmsg+0x5dd/0x610 [ 820.519099][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 820.525150][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 820.531291][T16718] __do_fast_syscall_32+0x129/0x180 [ 820.536703][T16718] do_fast_syscall_32+0x6a/0xc0 [ 820.541545][T16718] do_SYSENTER_32+0x73/0x90 [ 820.546087][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 820.552386][T16718] [ 820.554698][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 820.561381][T16718] do_recvmmsg+0xbf/0x22b0 [ 820.565812][T16718] do_recvmmsg+0xbf/0x22b0 [ 820.872514][T16718] not chained 440000 origins [ 820.877167][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 820.885841][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 820.895905][T16718] Call Trace: [ 820.899215][T16718] dump_stack+0x21c/0x280 [ 820.903569][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 820.909324][T16718] ? kmsan_get_metadata+0x116/0x180 [ 820.914542][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 820.920103][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 820.926185][T16718] ? _copy_from_user+0x201/0x310 [ 820.931139][T16718] ? kmsan_get_metadata+0x116/0x180 [ 820.936347][T16718] __msan_chain_origin+0x50/0x90 [ 820.941302][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 820.946439][T16718] get_compat_msghdr+0x108/0x2b0 [ 820.951395][T16718] do_recvmmsg+0xdbb/0x22b0 [ 820.955913][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 820.961754][T16718] ? kmsan_get_metadata+0x116/0x180 [ 820.966964][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 820.972627][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 820.977926][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 820.982695][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 820.987468][T16718] __sys_recvmmsg+0x5dd/0x610 [ 820.992184][T16718] ? kmsan_get_metadata+0x116/0x180 [ 820.997403][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 821.003493][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 821.009660][T16718] __do_fast_syscall_32+0x129/0x180 [ 821.014895][T16718] do_fast_syscall_32+0x6a/0xc0 [ 821.019789][T16718] do_SYSENTER_32+0x73/0x90 [ 821.024308][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 821.030726][T16718] RIP: 0023:0xf7f82549 [ 821.034807][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 821.054426][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 821.062859][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 821.070836][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 821.078816][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 821.086806][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 821.094785][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 821.102859][T16718] Uninit was stored to memory at: [ 821.107916][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 821.113649][T16718] __msan_chain_origin+0x50/0x90 [ 821.118692][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 821.123811][T16718] get_compat_msghdr+0x108/0x2b0 [ 821.128927][T16718] do_recvmmsg+0xdbb/0x22b0 [ 821.133438][T16718] __sys_recvmmsg+0x5dd/0x610 [ 821.138128][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 821.144747][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 821.150922][T16718] __do_fast_syscall_32+0x129/0x180 [ 821.156182][T16718] do_fast_syscall_32+0x6a/0xc0 [ 821.161077][T16718] do_SYSENTER_32+0x73/0x90 [ 821.165591][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 821.171913][T16718] [ 821.174238][T16718] Uninit was stored to memory at: [ 821.179274][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 821.185016][T16718] __msan_chain_origin+0x50/0x90 [ 821.189972][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 821.195076][T16718] get_compat_msghdr+0x108/0x2b0 [ 821.200008][T16718] do_recvmmsg+0xdbb/0x22b0 [ 821.204502][T16718] __sys_recvmmsg+0x5dd/0x610 [ 821.209172][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 821.215254][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 821.221426][T16718] __do_fast_syscall_32+0x129/0x180 [ 821.226615][T16718] do_fast_syscall_32+0x6a/0xc0 [ 821.231460][T16718] do_SYSENTER_32+0x73/0x90 [ 821.235959][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 821.242271][T16718] [ 821.244676][T16718] Uninit was stored to memory at: [ 821.249701][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 821.255434][T16718] __msan_chain_origin+0x50/0x90 [ 821.260373][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 821.265487][T16718] get_compat_msghdr+0x108/0x2b0 [ 821.270418][T16718] do_recvmmsg+0xdbb/0x22b0 [ 821.274910][T16718] __sys_recvmmsg+0x5dd/0x610 [ 821.279583][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 821.285644][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 821.292418][T16718] __do_fast_syscall_32+0x129/0x180 [ 821.297611][T16718] do_fast_syscall_32+0x6a/0xc0 [ 821.302456][T16718] do_SYSENTER_32+0x73/0x90 [ 821.306956][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 821.313352][T16718] [ 821.315667][T16718] Uninit was stored to memory at: [ 821.320689][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 821.326403][T16718] __msan_chain_origin+0x50/0x90 [ 821.331331][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 821.336446][T16718] get_compat_msghdr+0x108/0x2b0 [ 821.341371][T16718] do_recvmmsg+0xdbb/0x22b0 [ 821.345866][T16718] __sys_recvmmsg+0x5dd/0x610 [ 821.350533][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 821.356599][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 821.362761][T16718] __do_fast_syscall_32+0x129/0x180 [ 821.367953][T16718] do_fast_syscall_32+0x6a/0xc0 [ 821.372797][T16718] do_SYSENTER_32+0x73/0x90 [ 821.377313][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 821.383639][T16718] [ 821.385956][T16718] Uninit was stored to memory at: [ 821.391171][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 821.396896][T16718] __msan_chain_origin+0x50/0x90 [ 821.401827][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 821.406930][T16718] get_compat_msghdr+0x108/0x2b0 [ 821.411875][T16718] do_recvmmsg+0xdbb/0x22b0 [ 821.416369][T16718] __sys_recvmmsg+0x5dd/0x610 [ 821.421041][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 821.427116][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 821.433266][T16718] __do_fast_syscall_32+0x129/0x180 [ 821.438468][T16718] do_fast_syscall_32+0x6a/0xc0 [ 821.443309][T16718] do_SYSENTER_32+0x73/0x90 [ 821.447808][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 821.454114][T16718] [ 821.456440][T16718] Uninit was stored to memory at: [ 821.461458][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 821.467179][T16718] __msan_chain_origin+0x50/0x90 [ 821.472111][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 821.477214][T16718] get_compat_msghdr+0x108/0x2b0 [ 821.482157][T16718] do_recvmmsg+0xdbb/0x22b0 [ 821.486673][T16718] __sys_recvmmsg+0x5dd/0x610 [ 821.491354][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 821.497422][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 821.503575][T16718] __do_fast_syscall_32+0x129/0x180 [ 821.509562][T16718] do_fast_syscall_32+0x6a/0xc0 [ 821.514406][T16718] do_SYSENTER_32+0x73/0x90 [ 821.518921][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 821.525230][T16718] [ 821.527733][T16718] Uninit was stored to memory at: [ 821.532755][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 821.538476][T16718] __msan_chain_origin+0x50/0x90 [ 821.543450][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 821.548565][T16718] get_compat_msghdr+0x108/0x2b0 [ 821.553514][T16718] do_recvmmsg+0xdbb/0x22b0 [ 821.558024][T16718] __sys_recvmmsg+0x5dd/0x610 [ 821.562697][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 821.568755][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 821.574926][T16718] __do_fast_syscall_32+0x129/0x180 [ 821.580115][T16718] do_fast_syscall_32+0x6a/0xc0 [ 821.584959][T16718] do_SYSENTER_32+0x73/0x90 [ 821.589458][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 821.595763][T16718] [ 821.598079][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 821.604744][T16718] do_recvmmsg+0xbf/0x22b0 [ 821.609165][T16718] do_recvmmsg+0xbf/0x22b0 [ 822.094773][T16718] not chained 450000 origins [ 822.099433][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 822.108092][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 822.118136][T16718] Call Trace: [ 822.121517][T16718] dump_stack+0x21c/0x280 [ 822.125848][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 822.131589][T16718] ? kmsan_get_metadata+0x116/0x180 [ 822.136792][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 822.142425][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 822.148504][T16718] ? _copy_from_user+0x201/0x310 [ 822.153438][T16718] ? kmsan_get_metadata+0x116/0x180 [ 822.158727][T16718] __msan_chain_origin+0x50/0x90 [ 822.163668][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 822.168785][T16718] get_compat_msghdr+0x108/0x2b0 [ 822.173725][T16718] do_recvmmsg+0xdbb/0x22b0 [ 822.178228][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 822.184050][T16718] ? kmsan_get_metadata+0x116/0x180 [ 822.189254][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 822.194900][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 822.200178][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 822.205203][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 822.209961][T16718] __sys_recvmmsg+0x5dd/0x610 [ 822.214640][T16718] ? kmsan_get_metadata+0x116/0x180 [ 822.219837][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 822.225921][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 822.232074][T16718] __do_fast_syscall_32+0x129/0x180 [ 822.237284][T16718] do_fast_syscall_32+0x6a/0xc0 [ 822.242135][T16718] do_SYSENTER_32+0x73/0x90 [ 822.246638][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 822.252953][T16718] RIP: 0023:0xf7f82549 [ 822.257019][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 822.276633][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 822.285125][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 822.293091][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 822.301057][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 822.309026][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 822.317013][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 822.325078][T16718] Uninit was stored to memory at: [ 822.330103][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 822.335989][T16718] __msan_chain_origin+0x50/0x90 [ 822.340923][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 822.346029][T16718] get_compat_msghdr+0x108/0x2b0 [ 822.351047][T16718] do_recvmmsg+0xdbb/0x22b0 [ 822.355544][T16718] __sys_recvmmsg+0x5dd/0x610 [ 822.360218][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 822.366279][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 822.372425][T16718] __do_fast_syscall_32+0x129/0x180 [ 822.377631][T16718] do_fast_syscall_32+0x6a/0xc0 [ 822.382474][T16718] do_SYSENTER_32+0x73/0x90 [ 822.386969][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 822.393280][T16718] [ 822.395593][T16718] Uninit was stored to memory at: [ 822.400628][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 822.406356][T16718] __msan_chain_origin+0x50/0x90 [ 822.411292][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 822.416424][T16718] get_compat_msghdr+0x108/0x2b0 [ 822.421365][T16718] do_recvmmsg+0xdbb/0x22b0 [ 822.425872][T16718] __sys_recvmmsg+0x5dd/0x610 [ 822.430542][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 822.436632][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 822.442778][T16718] __do_fast_syscall_32+0x129/0x180 [ 822.447985][T16718] do_fast_syscall_32+0x6a/0xc0 [ 822.452892][T16718] do_SYSENTER_32+0x73/0x90 [ 822.457408][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 822.463716][T16718] [ 822.466137][T16718] Uninit was stored to memory at: [ 822.471160][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 822.476872][T16718] __msan_chain_origin+0x50/0x90 [ 822.481808][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 822.486907][T16718] get_compat_msghdr+0x108/0x2b0 [ 822.491832][T16718] do_recvmmsg+0xdbb/0x22b0 [ 822.496326][T16718] __sys_recvmmsg+0x5dd/0x610 [ 822.501005][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 822.507077][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 822.513397][T16718] __do_fast_syscall_32+0x129/0x180 [ 822.518606][T16718] do_fast_syscall_32+0x6a/0xc0 [ 822.523477][T16718] do_SYSENTER_32+0x73/0x90 [ 822.527988][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 822.534295][T16718] [ 822.536614][T16718] Uninit was stored to memory at: [ 822.541635][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 822.547366][T16718] __msan_chain_origin+0x50/0x90 [ 822.552334][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 822.557444][T16718] get_compat_msghdr+0x108/0x2b0 [ 822.562375][T16718] do_recvmmsg+0xdbb/0x22b0 [ 822.566872][T16718] __sys_recvmmsg+0x5dd/0x610 [ 822.571540][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 822.577606][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 822.583766][T16718] __do_fast_syscall_32+0x129/0x180 [ 822.588954][T16718] do_fast_syscall_32+0x6a/0xc0 [ 822.593811][T16718] do_SYSENTER_32+0x73/0x90 [ 822.598309][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 822.604790][T16718] [ 822.607120][T16718] Uninit was stored to memory at: [ 822.612146][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 822.617864][T16718] __msan_chain_origin+0x50/0x90 [ 822.622793][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 822.627895][T16718] get_compat_msghdr+0x108/0x2b0 [ 822.632818][T16718] do_recvmmsg+0xdbb/0x22b0 [ 822.637337][T16718] __sys_recvmmsg+0x5dd/0x610 [ 822.642022][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 822.648165][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 822.654354][T16718] __do_fast_syscall_32+0x129/0x180 [ 822.659556][T16718] do_fast_syscall_32+0x6a/0xc0 [ 822.664409][T16718] do_SYSENTER_32+0x73/0x90 [ 822.668919][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 822.675228][T16718] [ 822.677543][T16718] Uninit was stored to memory at: [ 822.682567][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 822.688280][T16718] __msan_chain_origin+0x50/0x90 [ 822.693381][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 822.699620][T16718] get_compat_msghdr+0x108/0x2b0 [ 822.704587][T16718] do_recvmmsg+0xdbb/0x22b0 [ 822.709095][T16718] __sys_recvmmsg+0x5dd/0x610 [ 822.713780][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 822.719864][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 822.726047][T16718] __do_fast_syscall_32+0x129/0x180 [ 822.731593][T16718] do_fast_syscall_32+0x6a/0xc0 [ 822.736453][T16718] do_SYSENTER_32+0x73/0x90 [ 822.740952][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 822.747266][T16718] [ 822.749585][T16718] Uninit was stored to memory at: [ 822.754629][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 822.760338][T16718] __msan_chain_origin+0x50/0x90 [ 822.765272][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 822.770393][T16718] get_compat_msghdr+0x108/0x2b0 [ 822.775319][T16718] do_recvmmsg+0xdbb/0x22b0 [ 822.779827][T16718] __sys_recvmmsg+0x5dd/0x610 [ 822.784497][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 822.790555][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 822.796703][T16718] __do_fast_syscall_32+0x129/0x180 [ 822.801894][T16718] do_fast_syscall_32+0x6a/0xc0 [ 822.806758][T16718] do_SYSENTER_32+0x73/0x90 [ 822.811259][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 822.819475][T16718] [ 822.821801][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 822.828469][T16718] do_recvmmsg+0xbf/0x22b0 [ 822.832877][T16718] do_recvmmsg+0xbf/0x22b0 [ 823.328211][T16718] not chained 460000 origins [ 823.332904][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 823.341577][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 823.351640][T16718] Call Trace: [ 823.354951][T16718] dump_stack+0x21c/0x280 [ 823.359307][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 823.365067][T16718] ? kmsan_get_metadata+0x116/0x180 [ 823.370325][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 823.375881][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 823.381972][T16718] ? _copy_from_user+0x201/0x310 [ 823.386924][T16718] ? kmsan_get_metadata+0x116/0x180 [ 823.392149][T16718] __msan_chain_origin+0x50/0x90 [ 823.397103][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 823.402242][T16718] get_compat_msghdr+0x108/0x2b0 [ 823.407200][T16718] do_recvmmsg+0xdbb/0x22b0 [ 823.411720][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 823.417558][T16718] ? kmsan_get_metadata+0x116/0x180 [ 823.422769][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 823.428430][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 823.433723][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 823.438486][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 823.443265][T16718] __sys_recvmmsg+0x5dd/0x610 [ 823.447947][T16718] ? kmsan_get_metadata+0x116/0x180 [ 823.453151][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 823.459228][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 823.465382][T16718] __do_fast_syscall_32+0x129/0x180 [ 823.470666][T16718] do_fast_syscall_32+0x6a/0xc0 [ 823.475517][T16718] do_SYSENTER_32+0x73/0x90 [ 823.480019][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 823.486344][T16718] RIP: 0023:0xf7f82549 [ 823.490409][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 823.510004][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 823.518407][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 823.526374][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 823.534518][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 823.542493][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 823.550644][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 823.558793][T16718] Uninit was stored to memory at: [ 823.563913][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 823.569718][T16718] __msan_chain_origin+0x50/0x90 [ 823.574834][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 823.579942][T16718] get_compat_msghdr+0x108/0x2b0 [ 823.584958][T16718] do_recvmmsg+0xdbb/0x22b0 [ 823.589459][T16718] __sys_recvmmsg+0x5dd/0x610 [ 823.594318][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 823.600403][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 823.608030][T16718] __do_fast_syscall_32+0x129/0x180 [ 823.613223][T16718] do_fast_syscall_32+0x6a/0xc0 [ 823.618077][T16718] do_SYSENTER_32+0x73/0x90 [ 823.622577][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 823.628889][T16718] [ 823.631211][T16718] Uninit was stored to memory at: [ 823.636232][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 823.642311][T16718] __msan_chain_origin+0x50/0x90 [ 823.647574][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 823.652705][T16718] get_compat_msghdr+0x108/0x2b0 [ 823.657637][T16718] do_recvmmsg+0xdbb/0x22b0 [ 823.662223][T16718] __sys_recvmmsg+0x5dd/0x610 [ 823.666906][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 823.672970][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 823.679143][T16718] __do_fast_syscall_32+0x129/0x180 [ 823.684337][T16718] do_fast_syscall_32+0x6a/0xc0 [ 823.689281][T16718] do_SYSENTER_32+0x73/0x90 [ 823.694131][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 823.701001][T16718] [ 823.703315][T16718] Uninit was stored to memory at: [ 823.708338][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 823.714167][T16718] __msan_chain_origin+0x50/0x90 [ 823.719121][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 823.724230][T16718] get_compat_msghdr+0x108/0x2b0 [ 823.729164][T16718] do_recvmmsg+0xdbb/0x22b0 [ 823.733660][T16718] __sys_recvmmsg+0x5dd/0x610 [ 823.738331][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 823.744396][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 823.750549][T16718] __do_fast_syscall_32+0x129/0x180 [ 823.755838][T16718] do_fast_syscall_32+0x6a/0xc0 [ 823.760678][T16718] do_SYSENTER_32+0x73/0x90 [ 823.766563][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 823.772868][T16718] [ 823.775182][T16718] Uninit was stored to memory at: [ 823.780201][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 823.785909][T16718] __msan_chain_origin+0x50/0x90 [ 823.790838][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 823.795938][T16718] get_compat_msghdr+0x108/0x2b0 [ 823.800955][T16718] do_recvmmsg+0xdbb/0x22b0 [ 823.805450][T16718] __sys_recvmmsg+0x5dd/0x610 [ 823.810116][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 823.816171][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 823.822331][T16718] __do_fast_syscall_32+0x129/0x180 [ 823.827519][T16718] do_fast_syscall_32+0x6a/0xc0 [ 823.832359][T16718] do_SYSENTER_32+0x73/0x90 [ 823.836953][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 823.843260][T16718] [ 823.845572][T16718] Uninit was stored to memory at: [ 823.850590][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 823.856298][T16718] __msan_chain_origin+0x50/0x90 [ 823.861224][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 823.866324][T16718] get_compat_msghdr+0x108/0x2b0 [ 823.871251][T16718] do_recvmmsg+0xdbb/0x22b0 [ 823.875744][T16718] __sys_recvmmsg+0x5dd/0x610 [ 823.880409][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 823.886468][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 823.892625][T16718] __do_fast_syscall_32+0x129/0x180 [ 823.897817][T16718] do_fast_syscall_32+0x6a/0xc0 [ 823.902660][T16718] do_SYSENTER_32+0x73/0x90 [ 823.907157][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 823.913470][T16718] [ 823.915781][T16718] Uninit was stored to memory at: [ 823.921406][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 823.927115][T16718] __msan_chain_origin+0x50/0x90 [ 823.932043][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 823.937155][T16718] get_compat_msghdr+0x108/0x2b0 [ 823.942080][T16718] do_recvmmsg+0xdbb/0x22b0 [ 823.946578][T16718] __sys_recvmmsg+0x5dd/0x610 [ 823.951256][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 823.957314][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 823.963460][T16718] __do_fast_syscall_32+0x129/0x180 [ 823.968650][T16718] do_fast_syscall_32+0x6a/0xc0 [ 823.973489][T16718] do_SYSENTER_32+0x73/0x90 [ 823.978347][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 823.984652][T16718] [ 823.986962][T16718] Uninit was stored to memory at: [ 823.991978][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 823.997686][T16718] __msan_chain_origin+0x50/0x90 [ 824.002612][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.007735][T16718] get_compat_msghdr+0x108/0x2b0 [ 824.012667][T16718] do_recvmmsg+0xdbb/0x22b0 [ 824.017158][T16718] __sys_recvmmsg+0x5dd/0x610 [ 824.021827][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 824.027883][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 824.034031][T16718] __do_fast_syscall_32+0x129/0x180 [ 824.039425][T16718] do_fast_syscall_32+0x6a/0xc0 [ 824.044872][T16718] do_SYSENTER_32+0x73/0x90 [ 824.049368][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 824.055671][T16718] [ 824.057983][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 824.064643][T16718] do_recvmmsg+0xbf/0x22b0 [ 824.069046][T16718] do_recvmmsg+0xbf/0x22b0 [ 824.321726][T16718] not chained 470000 origins [ 824.326371][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 824.335049][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 824.345105][T16718] Call Trace: [ 824.348411][T16718] dump_stack+0x21c/0x280 [ 824.352759][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 824.358514][T16718] ? kmsan_get_metadata+0x116/0x180 [ 824.363752][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 824.369316][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 824.375400][T16718] ? _copy_from_user+0x201/0x310 [ 824.380352][T16718] ? kmsan_get_metadata+0x116/0x180 [ 824.385561][T16718] __msan_chain_origin+0x50/0x90 [ 824.390514][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.395654][T16718] get_compat_msghdr+0x108/0x2b0 [ 824.400611][T16718] do_recvmmsg+0xdbb/0x22b0 [ 824.405128][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 824.410978][T16718] ? kmsan_get_metadata+0x116/0x180 [ 824.416195][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 824.421845][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 824.427140][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 824.431907][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 824.436686][T16718] __sys_recvmmsg+0x5dd/0x610 [ 824.441386][T16718] ? kmsan_get_metadata+0x116/0x180 [ 824.446602][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 824.452690][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 824.458985][T16718] __do_fast_syscall_32+0x129/0x180 [ 824.464202][T16718] do_fast_syscall_32+0x6a/0xc0 [ 824.469074][T16718] do_SYSENTER_32+0x73/0x90 [ 824.473594][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 824.479929][T16718] RIP: 0023:0xf7f82549 [ 824.484093][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 824.503706][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 824.512131][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 824.520115][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 824.528095][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 824.536078][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 824.544080][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 824.552073][T16718] Uninit was stored to memory at: [ 824.557143][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 824.562898][T16718] __msan_chain_origin+0x50/0x90 [ 824.567848][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.572968][T16718] get_compat_msghdr+0x108/0x2b0 [ 824.578064][T16718] do_recvmmsg+0xdbb/0x22b0 [ 824.582577][T16718] __sys_recvmmsg+0x5dd/0x610 [ 824.587270][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 824.593351][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 824.599531][T16718] __do_fast_syscall_32+0x129/0x180 [ 824.604754][T16718] do_fast_syscall_32+0x6a/0xc0 [ 824.609617][T16718] do_SYSENTER_32+0x73/0x90 [ 824.614135][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 824.620551][T16718] [ 824.622937][T16718] Uninit was stored to memory at: [ 824.627980][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 824.633744][T16718] __msan_chain_origin+0x50/0x90 [ 824.638725][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.643882][T16718] get_compat_msghdr+0x108/0x2b0 [ 824.649176][T16718] do_recvmmsg+0xdbb/0x22b0 [ 824.653682][T16718] __sys_recvmmsg+0x5dd/0x610 [ 824.658377][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 824.664463][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 824.670641][T16718] __do_fast_syscall_32+0x129/0x180 [ 824.675873][T16718] do_fast_syscall_32+0x6a/0xc0 [ 824.680739][T16718] do_SYSENTER_32+0x73/0x90 [ 824.685290][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 824.691610][T16718] [ 824.693941][T16718] Uninit was stored to memory at: [ 824.698993][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 824.704737][T16718] __msan_chain_origin+0x50/0x90 [ 824.709697][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.714828][T16718] get_compat_msghdr+0x108/0x2b0 [ 824.719869][T16718] do_recvmmsg+0xdbb/0x22b0 [ 824.724384][T16718] __sys_recvmmsg+0x5dd/0x610 [ 824.729105][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 824.735190][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 824.741365][T16718] __do_fast_syscall_32+0x129/0x180 [ 824.746575][T16718] do_fast_syscall_32+0x6a/0xc0 [ 824.751445][T16718] do_SYSENTER_32+0x73/0x90 [ 824.755962][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 824.762301][T16718] [ 824.764640][T16718] Uninit was stored to memory at: [ 824.769680][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 824.775496][T16718] __msan_chain_origin+0x50/0x90 [ 824.780472][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.785592][T16718] get_compat_msghdr+0x108/0x2b0 [ 824.790536][T16718] do_recvmmsg+0xdbb/0x22b0 [ 824.795047][T16718] __sys_recvmmsg+0x5dd/0x610 [ 824.799746][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 824.805821][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 824.811983][T16718] __do_fast_syscall_32+0x129/0x180 [ 824.817225][T16718] do_fast_syscall_32+0x6a/0xc0 [ 824.822191][T16718] do_SYSENTER_32+0x73/0x90 [ 824.826706][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 824.833111][T16718] [ 824.835439][T16718] Uninit was stored to memory at: [ 824.840478][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 824.846212][T16718] __msan_chain_origin+0x50/0x90 [ 824.851156][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.856972][T16718] get_compat_msghdr+0x108/0x2b0 [ 824.861914][T16718] do_recvmmsg+0xdbb/0x22b0 [ 824.866422][T16718] __sys_recvmmsg+0x5dd/0x610 [ 824.871109][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 824.877195][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 824.883366][T16718] __do_fast_syscall_32+0x129/0x180 [ 824.888572][T16718] do_fast_syscall_32+0x6a/0xc0 [ 824.893432][T16718] do_SYSENTER_32+0x73/0x90 [ 824.897945][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 824.904266][T16718] [ 824.906598][T16718] Uninit was stored to memory at: [ 824.911638][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 824.917376][T16718] __msan_chain_origin+0x50/0x90 [ 824.922331][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.927453][T16718] get_compat_msghdr+0x108/0x2b0 [ 824.932391][T16718] do_recvmmsg+0xdbb/0x22b0 [ 824.936896][T16718] __sys_recvmmsg+0x5dd/0x610 [ 824.941599][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 824.947676][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 824.953844][T16718] __do_fast_syscall_32+0x129/0x180 [ 824.959046][T16718] do_fast_syscall_32+0x6a/0xc0 [ 824.963905][T16718] do_SYSENTER_32+0x73/0x90 [ 824.968419][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 824.974735][T16718] [ 824.977065][T16718] Uninit was stored to memory at: [ 824.982282][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 824.987998][T16718] __msan_chain_origin+0x50/0x90 [ 824.993158][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 824.998357][T16718] get_compat_msghdr+0x108/0x2b0 [ 825.003299][T16718] do_recvmmsg+0xdbb/0x22b0 [ 825.007805][T16718] __sys_recvmmsg+0x5dd/0x610 [ 825.012499][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 825.018558][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 825.024712][T16718] __do_fast_syscall_32+0x129/0x180 [ 825.029936][T16718] do_fast_syscall_32+0x6a/0xc0 [ 825.034788][T16718] do_SYSENTER_32+0x73/0x90 [ 825.039414][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 825.045726][T16718] [ 825.048047][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 825.054736][T16718] do_recvmmsg+0xbf/0x22b0 [ 825.059154][T16718] do_recvmmsg+0xbf/0x22b0 [ 825.666663][T16718] not chained 480000 origins [ 825.671310][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 825.679983][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 825.690134][T16718] Call Trace: [ 825.693448][T16718] dump_stack+0x21c/0x280 [ 825.697804][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 825.703575][T16718] ? kmsan_get_metadata+0x116/0x180 [ 825.708789][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 825.714359][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 825.720447][T16718] ? _copy_from_user+0x201/0x310 [ 825.725403][T16718] ? kmsan_get_metadata+0x116/0x180 [ 825.730624][T16718] __msan_chain_origin+0x50/0x90 [ 825.735583][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 825.740727][T16718] get_compat_msghdr+0x108/0x2b0 [ 825.745686][T16718] do_recvmmsg+0xdbb/0x22b0 [ 825.750218][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 825.756058][T16718] ? kmsan_get_metadata+0x116/0x180 [ 825.761272][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 825.766943][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 825.772341][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 825.777140][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 825.782615][T16718] __sys_recvmmsg+0x5dd/0x610 [ 825.787324][T16718] ? kmsan_get_metadata+0x116/0x180 [ 825.792713][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 825.798802][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 825.804978][T16718] __do_fast_syscall_32+0x129/0x180 [ 825.810246][T16718] do_fast_syscall_32+0x6a/0xc0 [ 825.815111][T16718] do_SYSENTER_32+0x73/0x90 [ 825.819632][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 825.825960][T16718] RIP: 0023:0xf7f82549 [ 825.830040][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 825.850206][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 825.858631][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 825.866615][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 825.874684][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 825.883796][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 825.891780][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 825.899773][T16718] Uninit was stored to memory at: [ 825.904837][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 825.910573][T16718] __msan_chain_origin+0x50/0x90 [ 825.915528][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 825.920658][T16718] get_compat_msghdr+0x108/0x2b0 [ 825.925603][T16718] do_recvmmsg+0xdbb/0x22b0 [ 825.930118][T16718] __sys_recvmmsg+0x5dd/0x610 [ 825.934812][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 825.940924][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 825.947198][T16718] __do_fast_syscall_32+0x129/0x180 [ 825.952409][T16718] do_fast_syscall_32+0x6a/0xc0 [ 825.957296][T16718] do_SYSENTER_32+0x73/0x90 [ 825.961810][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 825.968131][T16718] [ 825.970466][T16718] Uninit was stored to memory at: [ 825.975534][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 825.981446][T16718] __msan_chain_origin+0x50/0x90 [ 825.986391][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 825.991515][T16718] get_compat_msghdr+0x108/0x2b0 [ 825.996475][T16718] do_recvmmsg+0xdbb/0x22b0 [ 826.000997][T16718] __sys_recvmmsg+0x5dd/0x610 [ 826.005695][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 826.011780][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 826.017950][T16718] __do_fast_syscall_32+0x129/0x180 [ 826.023184][T16718] do_fast_syscall_32+0x6a/0xc0 [ 826.028049][T16718] do_SYSENTER_32+0x73/0x90 [ 826.032570][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 826.038999][T16718] [ 826.041326][T16718] Uninit was stored to memory at: [ 826.046385][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 826.052147][T16718] __msan_chain_origin+0x50/0x90 [ 826.057372][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 826.062503][T16718] get_compat_msghdr+0x108/0x2b0 [ 826.067451][T16718] do_recvmmsg+0xdbb/0x22b0 [ 826.071961][T16718] __sys_recvmmsg+0x5dd/0x610 [ 826.076647][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 826.082728][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 826.089023][T16718] __do_fast_syscall_32+0x129/0x180 [ 826.094318][T16718] do_fast_syscall_32+0x6a/0xc0 [ 826.099179][T16718] do_SYSENTER_32+0x73/0x90 [ 826.103774][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 826.110295][T16718] [ 826.112623][T16718] Uninit was stored to memory at: [ 826.117703][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 826.123434][T16718] __msan_chain_origin+0x50/0x90 [ 826.128389][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 826.133496][T16718] get_compat_msghdr+0x108/0x2b0 [ 826.138437][T16718] do_recvmmsg+0xdbb/0x22b0 [ 826.142940][T16718] __sys_recvmmsg+0x5dd/0x610 [ 826.147623][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 826.153680][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 826.159827][T16718] __do_fast_syscall_32+0x129/0x180 [ 826.165030][T16718] do_fast_syscall_32+0x6a/0xc0 [ 826.169872][T16718] do_SYSENTER_32+0x73/0x90 [ 826.174371][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 826.180774][T16718] [ 826.183088][T16718] Uninit was stored to memory at: [ 826.188126][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 826.193947][T16718] __msan_chain_origin+0x50/0x90 [ 826.198878][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 826.203993][T16718] get_compat_msghdr+0x108/0x2b0 [ 826.208959][T16718] do_recvmmsg+0xdbb/0x22b0 [ 826.213452][T16718] __sys_recvmmsg+0x5dd/0x610 [ 826.218131][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 826.224190][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 826.230339][T16718] __do_fast_syscall_32+0x129/0x180 [ 826.235539][T16718] do_fast_syscall_32+0x6a/0xc0 [ 826.240393][T16718] do_SYSENTER_32+0x73/0x90 [ 826.245325][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 826.251634][T16718] [ 826.253947][T16718] Uninit was stored to memory at: [ 826.258966][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 826.264674][T16718] __msan_chain_origin+0x50/0x90 [ 826.269613][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 826.274812][T16718] get_compat_msghdr+0x108/0x2b0 [ 826.279738][T16718] do_recvmmsg+0xdbb/0x22b0 [ 826.284244][T16718] __sys_recvmmsg+0x5dd/0x610 [ 826.288922][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 826.295007][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 826.301328][T16718] __do_fast_syscall_32+0x129/0x180 [ 826.306517][T16718] do_fast_syscall_32+0x6a/0xc0 [ 826.311361][T16718] do_SYSENTER_32+0x73/0x90 [ 826.315868][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 826.322175][T16718] [ 826.324490][T16718] Uninit was stored to memory at: [ 826.329510][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 826.335219][T16718] __msan_chain_origin+0x50/0x90 [ 826.340149][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 826.345249][T16718] get_compat_msghdr+0x108/0x2b0 [ 826.350189][T16718] do_recvmmsg+0xdbb/0x22b0 [ 826.354679][T16718] __sys_recvmmsg+0x5dd/0x610 [ 826.359348][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 826.365405][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 826.371574][T16718] __do_fast_syscall_32+0x129/0x180 [ 826.376768][T16718] do_fast_syscall_32+0x6a/0xc0 [ 826.381612][T16718] do_SYSENTER_32+0x73/0x90 [ 826.386107][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 826.392423][T16718] [ 826.394745][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 826.401429][T16718] do_recvmmsg+0xbf/0x22b0 [ 826.405833][T16718] do_recvmmsg+0xbf/0x22b0 [ 827.018653][T16718] not chained 490000 origins [ 827.023312][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 827.032076][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 827.042135][T16718] Call Trace: [ 827.045473][T16718] dump_stack+0x21c/0x280 [ 827.049826][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 827.055666][T16718] ? kmsan_get_metadata+0x116/0x180 [ 827.060893][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 827.066511][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 827.072598][T16718] ? _copy_from_user+0x201/0x310 [ 827.077557][T16718] ? kmsan_get_metadata+0x116/0x180 [ 827.082770][T16718] __msan_chain_origin+0x50/0x90 [ 827.087748][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 827.092900][T16718] get_compat_msghdr+0x108/0x2b0 [ 827.097854][T16718] do_recvmmsg+0xdbb/0x22b0 [ 827.102391][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 827.108229][T16718] ? kmsan_get_metadata+0x116/0x180 [ 827.113453][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 827.119099][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 827.124396][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 827.129166][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 827.133945][T16718] __sys_recvmmsg+0x5dd/0x610 [ 827.138640][T16718] ? kmsan_get_metadata+0x116/0x180 [ 827.143854][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 827.149940][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 827.156106][T16718] __do_fast_syscall_32+0x129/0x180 [ 827.161318][T16718] do_fast_syscall_32+0x6a/0xc0 [ 827.166178][T16718] do_SYSENTER_32+0x73/0x90 [ 827.170694][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 827.177472][T16718] RIP: 0023:0xf7f82549 [ 827.181660][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 827.201397][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 827.209826][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 827.217809][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 827.225789][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 827.233795][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 827.242400][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 827.250632][T16718] Uninit was stored to memory at: [ 827.255651][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 827.261417][T16718] __msan_chain_origin+0x50/0x90 [ 827.266353][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 827.271450][T16718] get_compat_msghdr+0x108/0x2b0 [ 827.276377][T16718] do_recvmmsg+0xdbb/0x22b0 [ 827.280875][T16718] __sys_recvmmsg+0x5dd/0x610 [ 827.285531][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 827.291614][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 827.297794][T16718] __do_fast_syscall_32+0x129/0x180 [ 827.303118][T16718] do_fast_syscall_32+0x6a/0xc0 [ 827.307967][T16718] do_SYSENTER_32+0x73/0x90 [ 827.312481][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 827.318780][T16718] [ 827.321104][T16718] Uninit was stored to memory at: [ 827.326111][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 827.331829][T16718] __msan_chain_origin+0x50/0x90 [ 827.336748][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 827.341855][T16718] get_compat_msghdr+0x108/0x2b0 [ 827.346798][T16718] do_recvmmsg+0xdbb/0x22b0 [ 827.351286][T16718] __sys_recvmmsg+0x5dd/0x610 [ 827.356037][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 827.362108][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 827.368276][T16718] __do_fast_syscall_32+0x129/0x180 [ 827.373666][T16718] do_fast_syscall_32+0x6a/0xc0 [ 827.378495][T16718] do_SYSENTER_32+0x73/0x90 [ 827.382977][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 827.389280][T16718] [ 827.391594][T16718] Uninit was stored to memory at: [ 827.396598][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 827.402318][T16718] __msan_chain_origin+0x50/0x90 [ 827.407261][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 827.412371][T16718] get_compat_msghdr+0x108/0x2b0 [ 827.417310][T16718] do_recvmmsg+0xdbb/0x22b0 [ 827.421816][T16718] __sys_recvmmsg+0x5dd/0x610 [ 827.426906][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 827.432972][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 827.439304][T16718] __do_fast_syscall_32+0x129/0x180 [ 827.444524][T16718] do_fast_syscall_32+0x6a/0xc0 [ 827.449388][T16718] do_SYSENTER_32+0x73/0x90 [ 827.454109][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 827.460415][T16718] [ 827.462743][T16718] Uninit was stored to memory at: [ 827.467874][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 827.473853][T16718] __msan_chain_origin+0x50/0x90 [ 827.478792][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 827.483880][T16718] get_compat_msghdr+0x108/0x2b0 [ 827.488809][T16718] do_recvmmsg+0xdbb/0x22b0 [ 827.493323][T16718] __sys_recvmmsg+0x5dd/0x610 [ 827.497982][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 827.504043][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 827.510198][T16718] __do_fast_syscall_32+0x129/0x180 [ 827.515399][T16718] do_fast_syscall_32+0x6a/0xc0 [ 827.520252][T16718] do_SYSENTER_32+0x73/0x90 [ 827.524852][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 827.531448][T16718] [ 827.533765][T16718] Uninit was stored to memory at: [ 827.538787][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 827.544522][T16718] __msan_chain_origin+0x50/0x90 [ 827.549485][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 827.554704][T16718] get_compat_msghdr+0x108/0x2b0 [ 827.559632][T16718] do_recvmmsg+0xdbb/0x22b0 [ 827.564209][T16718] __sys_recvmmsg+0x5dd/0x610 [ 827.568893][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 827.575315][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 827.581716][T16718] __do_fast_syscall_32+0x129/0x180 [ 827.586896][T16718] do_fast_syscall_32+0x6a/0xc0 [ 827.591737][T16718] do_SYSENTER_32+0x73/0x90 [ 827.596223][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 827.602539][T16718] [ 827.604984][T16718] Uninit was stored to memory at: [ 827.610087][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 827.615960][T16718] __msan_chain_origin+0x50/0x90 [ 827.621173][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 827.626274][T16718] get_compat_msghdr+0x108/0x2b0 [ 827.631204][T16718] do_recvmmsg+0xdbb/0x22b0 [ 827.635701][T16718] __sys_recvmmsg+0x5dd/0x610 [ 827.640360][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 827.646405][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 827.652662][T16718] __do_fast_syscall_32+0x129/0x180 [ 827.657845][T16718] do_fast_syscall_32+0x6a/0xc0 [ 827.662780][T16718] do_SYSENTER_32+0x73/0x90 [ 827.667274][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 827.673591][T16718] [ 827.675898][T16718] Uninit was stored to memory at: [ 827.680918][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 827.686624][T16718] __msan_chain_origin+0x50/0x90 [ 827.691580][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 827.697205][T16718] get_compat_msghdr+0x108/0x2b0 [ 827.702143][T16718] do_recvmmsg+0xdbb/0x22b0 [ 827.706632][T16718] __sys_recvmmsg+0x5dd/0x610 [ 827.711319][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 827.717403][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 827.724158][T16718] __do_fast_syscall_32+0x129/0x180 [ 827.729364][T16718] do_fast_syscall_32+0x6a/0xc0 [ 827.734207][T16718] do_SYSENTER_32+0x73/0x90 [ 827.738703][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 827.745055][T16718] [ 827.747371][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 827.754040][T16718] do_recvmmsg+0xbf/0x22b0 [ 827.758558][T16718] do_recvmmsg+0xbf/0x22b0 [ 828.076218][T12452] tipc: TX() has been purged, node left! [ 828.616264][T16718] not chained 500000 origins [ 828.620911][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 828.629588][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 828.639633][T16718] Call Trace: [ 828.642931][T16718] dump_stack+0x21c/0x280 [ 828.647276][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 828.653006][T16718] ? kmsan_get_metadata+0x116/0x180 [ 828.658200][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 828.663775][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 828.669837][T16718] ? _copy_from_user+0x201/0x310 [ 828.674773][T16718] ? kmsan_get_metadata+0x116/0x180 [ 828.679986][T16718] __msan_chain_origin+0x50/0x90 [ 828.684962][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 828.690100][T16718] get_compat_msghdr+0x108/0x2b0 [ 828.695045][T16718] do_recvmmsg+0xdbb/0x22b0 [ 828.699564][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 828.705381][T16718] ? kmsan_get_metadata+0x116/0x180 [ 828.710574][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 828.716234][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 828.721531][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 828.726288][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 828.731047][T16718] __sys_recvmmsg+0x5dd/0x610 [ 828.735724][T16718] ? kmsan_get_metadata+0x116/0x180 [ 828.740920][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 828.746989][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 828.753139][T16718] __do_fast_syscall_32+0x129/0x180 [ 828.758336][T16718] do_fast_syscall_32+0x6a/0xc0 [ 828.763181][T16718] do_SYSENTER_32+0x73/0x90 [ 828.767682][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 828.774007][T16718] RIP: 0023:0xf7f82549 [ 828.778068][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 828.797750][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 828.806352][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 828.814399][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 828.822374][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 828.830432][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 828.838405][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 828.846385][T16718] Uninit was stored to memory at: [ 828.851408][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 828.857119][T16718] __msan_chain_origin+0x50/0x90 [ 828.862046][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 828.867146][T16718] get_compat_msghdr+0x108/0x2b0 [ 828.872070][T16718] do_recvmmsg+0xdbb/0x22b0 [ 828.876568][T16718] __sys_recvmmsg+0x5dd/0x610 [ 828.881235][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 828.887294][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 828.893446][T16718] __do_fast_syscall_32+0x129/0x180 [ 828.898647][T16718] do_fast_syscall_32+0x6a/0xc0 [ 828.903491][T16718] do_SYSENTER_32+0x73/0x90 [ 828.911374][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 828.917692][T16718] [ 828.920006][T16718] Uninit was stored to memory at: [ 828.925022][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 828.930729][T16718] __msan_chain_origin+0x50/0x90 [ 828.935656][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 828.940756][T16718] get_compat_msghdr+0x108/0x2b0 [ 828.945679][T16718] do_recvmmsg+0xdbb/0x22b0 [ 828.950197][T16718] __sys_recvmmsg+0x5dd/0x610 [ 828.954864][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 828.961032][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 828.967190][T16718] __do_fast_syscall_32+0x129/0x180 [ 828.972410][T16718] do_fast_syscall_32+0x6a/0xc0 [ 828.977257][T16718] do_SYSENTER_32+0x73/0x90 [ 828.981751][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 828.988067][T16718] [ 828.990388][T16718] Uninit was stored to memory at: [ 828.995415][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 829.001220][T16718] __msan_chain_origin+0x50/0x90 [ 829.006157][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 829.011268][T16718] get_compat_msghdr+0x108/0x2b0 [ 829.016193][T16718] do_recvmmsg+0xdbb/0x22b0 [ 829.020720][T16718] __sys_recvmmsg+0x5dd/0x610 [ 829.025387][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 829.031469][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 829.037622][T16718] __do_fast_syscall_32+0x129/0x180 [ 829.042811][T16718] do_fast_syscall_32+0x6a/0xc0 [ 829.047738][T16718] do_SYSENTER_32+0x73/0x90 [ 829.052247][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 829.058563][T16718] [ 829.060877][T16718] Uninit was stored to memory at: [ 829.065894][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 829.071602][T16718] __msan_chain_origin+0x50/0x90 [ 829.076529][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 829.081640][T16718] get_compat_msghdr+0x108/0x2b0 [ 829.086563][T16718] do_recvmmsg+0xdbb/0x22b0 [ 829.091065][T16718] __sys_recvmmsg+0x5dd/0x610 [ 829.095749][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 829.101820][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 829.107967][T16718] __do_fast_syscall_32+0x129/0x180 [ 829.113168][T16718] do_fast_syscall_32+0x6a/0xc0 [ 829.118009][T16718] do_SYSENTER_32+0x73/0x90 [ 829.122505][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 829.128824][T16718] [ 829.131138][T16718] Uninit was stored to memory at: [ 829.136154][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 829.141863][T16718] __msan_chain_origin+0x50/0x90 [ 829.146789][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 829.152505][T16718] get_compat_msghdr+0x108/0x2b0 [ 829.157434][T16718] do_recvmmsg+0xdbb/0x22b0 [ 829.161929][T16718] __sys_recvmmsg+0x5dd/0x610 [ 829.166596][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 829.172654][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 829.178798][T16718] __do_fast_syscall_32+0x129/0x180 [ 829.183996][T16718] do_fast_syscall_32+0x6a/0xc0 [ 829.188847][T16718] do_SYSENTER_32+0x73/0x90 [ 829.193365][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 829.199669][T16718] [ 829.201998][T16718] Uninit was stored to memory at: [ 829.207026][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 829.212824][T16718] __msan_chain_origin+0x50/0x90 [ 829.217840][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 829.222950][T16718] get_compat_msghdr+0x108/0x2b0 [ 829.227895][T16718] do_recvmmsg+0xdbb/0x22b0 [ 829.232384][T16718] __sys_recvmmsg+0x5dd/0x610 [ 829.237062][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 829.243131][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 829.249362][T16718] __do_fast_syscall_32+0x129/0x180 [ 829.254551][T16718] do_fast_syscall_32+0x6a/0xc0 [ 829.259405][T16718] do_SYSENTER_32+0x73/0x90 [ 829.263905][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 829.270216][T16718] [ 829.272528][T16718] Uninit was stored to memory at: [ 829.277566][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 829.283287][T16718] __msan_chain_origin+0x50/0x90 [ 829.288221][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 829.293324][T16718] get_compat_msghdr+0x108/0x2b0 [ 829.298253][T16718] do_recvmmsg+0xdbb/0x22b0 [ 829.302756][T16718] __sys_recvmmsg+0x5dd/0x610 [ 829.307426][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 829.313488][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 829.319658][T16718] __do_fast_syscall_32+0x129/0x180 [ 829.324850][T16718] do_fast_syscall_32+0x6a/0xc0 [ 829.329695][T16718] do_SYSENTER_32+0x73/0x90 [ 829.334201][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 829.340504][T16718] [ 829.342820][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 829.349484][T16718] do_recvmmsg+0xbf/0x22b0 [ 829.353900][T16718] do_recvmmsg+0xbf/0x22b0 [ 830.016201][T16718] not chained 510000 origins [ 830.020850][T16718] CPU: 0 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 830.029526][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 830.039600][T16718] Call Trace: [ 830.042907][T16718] dump_stack+0x21c/0x280 [ 830.047262][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 830.053020][T16718] ? kmsan_get_metadata+0x116/0x180 [ 830.058233][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 830.064402][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 830.070485][T16718] ? _copy_from_user+0x201/0x310 [ 830.075444][T16718] ? kmsan_get_metadata+0x116/0x180 [ 830.080657][T16718] __msan_chain_origin+0x50/0x90 [ 830.085613][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 830.090750][T16718] get_compat_msghdr+0x108/0x2b0 [ 830.095794][T16718] do_recvmmsg+0xdbb/0x22b0 [ 830.100321][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 830.106163][T16718] ? kmsan_get_metadata+0x116/0x180 [ 830.111416][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 830.117151][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 830.122454][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 830.127231][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 830.132006][T16718] __sys_recvmmsg+0x5dd/0x610 [ 830.136701][T16718] ? kmsan_get_metadata+0x116/0x180 [ 830.141918][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 830.148058][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 830.154285][T16718] __do_fast_syscall_32+0x129/0x180 [ 830.159508][T16718] do_fast_syscall_32+0x6a/0xc0 [ 830.164634][T16718] do_SYSENTER_32+0x73/0x90 [ 830.169271][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 830.175606][T16718] RIP: 0023:0xf7f82549 [ 830.179689][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 830.199322][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 830.207747][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 830.215749][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 830.223866][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 830.231847][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 830.239827][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 830.247812][T16718] Uninit was stored to memory at: [ 830.252919][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 830.258997][T16718] __msan_chain_origin+0x50/0x90 [ 830.263962][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 830.269079][T16718] get_compat_msghdr+0x108/0x2b0 [ 830.274036][T16718] do_recvmmsg+0xdbb/0x22b0 [ 830.278546][T16718] __sys_recvmmsg+0x5dd/0x610 [ 830.283231][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 830.289312][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 830.295474][T16718] __do_fast_syscall_32+0x129/0x180 [ 830.300682][T16718] do_fast_syscall_32+0x6a/0xc0 [ 830.305558][T16718] do_SYSENTER_32+0x73/0x90 [ 830.310109][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 830.316456][T16718] [ 830.318782][T16718] Uninit was stored to memory at: [ 830.323824][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 830.329554][T16718] __msan_chain_origin+0x50/0x90 [ 830.334507][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 830.339629][T16718] get_compat_msghdr+0x108/0x2b0 [ 830.344578][T16718] do_recvmmsg+0xdbb/0x22b0 [ 830.349088][T16718] __sys_recvmmsg+0x5dd/0x610 [ 830.353791][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 830.359876][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 830.366070][T16718] __do_fast_syscall_32+0x129/0x180 [ 830.371291][T16718] do_fast_syscall_32+0x6a/0xc0 [ 830.376150][T16718] do_SYSENTER_32+0x73/0x90 [ 830.380668][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 830.386984][T16718] [ 830.389421][T16718] Uninit was stored to memory at: [ 830.394454][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 830.400182][T16718] __msan_chain_origin+0x50/0x90 [ 830.405126][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 830.410243][T16718] get_compat_msghdr+0x108/0x2b0 [ 830.415190][T16718] do_recvmmsg+0xdbb/0x22b0 [ 830.419701][T16718] __sys_recvmmsg+0x5dd/0x610 [ 830.424390][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 830.430487][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 830.436653][T16718] __do_fast_syscall_32+0x129/0x180 [ 830.441867][T16718] do_fast_syscall_32+0x6a/0xc0 [ 830.446722][T16718] do_SYSENTER_32+0x73/0x90 [ 830.451232][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 830.457554][T16718] [ 830.459877][T16718] Uninit was stored to memory at: [ 830.464921][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 830.470651][T16718] __msan_chain_origin+0x50/0x90 [ 830.475599][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 830.480719][T16718] get_compat_msghdr+0x108/0x2b0 [ 830.485665][T16718] do_recvmmsg+0xdbb/0x22b0 [ 830.490176][T16718] __sys_recvmmsg+0x5dd/0x610 [ 830.494871][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 830.500951][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 830.507121][T16718] __do_fast_syscall_32+0x129/0x180 [ 830.512333][T16718] do_fast_syscall_32+0x6a/0xc0 [ 830.517193][T16718] do_SYSENTER_32+0x73/0x90 [ 830.521710][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 830.528035][T16718] [ 830.530368][T16718] Uninit was stored to memory at: [ 830.535412][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 830.541141][T16718] __msan_chain_origin+0x50/0x90 [ 830.546089][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 830.551217][T16718] get_compat_msghdr+0x108/0x2b0 [ 830.556167][T16718] do_recvmmsg+0xdbb/0x22b0 [ 830.560678][T16718] __sys_recvmmsg+0x5dd/0x610 [ 830.565370][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 830.571454][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 830.577622][T16718] __do_fast_syscall_32+0x129/0x180 [ 830.582994][T16718] do_fast_syscall_32+0x6a/0xc0 [ 830.587858][T16718] do_SYSENTER_32+0x73/0x90 [ 830.592374][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 830.598693][T16718] [ 830.601020][T16718] Uninit was stored to memory at: [ 830.606058][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 830.611788][T16718] __msan_chain_origin+0x50/0x90 [ 830.616742][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 830.621875][T16718] get_compat_msghdr+0x108/0x2b0 [ 830.626819][T16718] do_recvmmsg+0xdbb/0x22b0 [ 830.632200][T16718] __sys_recvmmsg+0x5dd/0x610 [ 830.636900][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 830.642982][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 830.649186][T16718] __do_fast_syscall_32+0x129/0x180 [ 830.654425][T16718] do_fast_syscall_32+0x6a/0xc0 [ 830.659291][T16718] do_SYSENTER_32+0x73/0x90 [ 830.663807][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 830.670127][T16718] [ 830.672459][T16718] Uninit was stored to memory at: [ 830.677703][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 830.683441][T16718] __msan_chain_origin+0x50/0x90 [ 830.688421][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 830.693548][T16718] get_compat_msghdr+0x108/0x2b0 [ 830.698498][T16718] do_recvmmsg+0xdbb/0x22b0 [ 830.703011][T16718] __sys_recvmmsg+0x5dd/0x610 [ 830.707716][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 830.713889][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 830.720059][T16718] __do_fast_syscall_32+0x129/0x180 [ 830.725275][T16718] do_fast_syscall_32+0x6a/0xc0 [ 830.734311][T16718] do_SYSENTER_32+0x73/0x90 [ 830.738832][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 830.745154][T16718] [ 830.747488][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 830.754174][T16718] do_recvmmsg+0xbf/0x22b0 [ 830.758602][T16718] do_recvmmsg+0xbf/0x22b0 [ 831.171300][T16718] not chained 520000 origins [ 831.175947][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 831.184715][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 831.194784][T16718] Call Trace: [ 831.198092][T16718] dump_stack+0x21c/0x280 [ 831.202440][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 831.208189][T16718] ? kmsan_get_metadata+0x116/0x180 [ 831.213398][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 831.218951][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 831.225029][T16718] ? _copy_from_user+0x201/0x310 [ 831.229980][T16718] ? kmsan_get_metadata+0x116/0x180 [ 831.235289][T16718] __msan_chain_origin+0x50/0x90 [ 831.240267][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 831.246031][T16718] get_compat_msghdr+0x108/0x2b0 [ 831.250990][T16718] do_recvmmsg+0xdbb/0x22b0 [ 831.255509][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 831.261451][T16718] ? kmsan_get_metadata+0x116/0x180 [ 831.266661][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 831.272307][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 831.277622][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 831.282413][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 831.287187][T16718] __sys_recvmmsg+0x5dd/0x610 [ 831.291878][T16718] ? kmsan_get_metadata+0x116/0x180 [ 831.297089][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 831.303176][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 831.309339][T16718] __do_fast_syscall_32+0x129/0x180 [ 831.314555][T16718] do_fast_syscall_32+0x6a/0xc0 [ 831.319421][T16718] do_SYSENTER_32+0x73/0x90 [ 831.323941][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 831.330271][T16718] RIP: 0023:0xf7f82549 [ 831.334345][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 831.354046][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 831.362469][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 831.370452][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 831.378432][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 831.386413][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 831.394393][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 831.402378][T16718] Uninit was stored to memory at: [ 831.407504][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 831.413239][T16718] __msan_chain_origin+0x50/0x90 [ 831.418276][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 831.423835][T16718] get_compat_msghdr+0x108/0x2b0 [ 831.428907][T16718] do_recvmmsg+0xdbb/0x22b0 [ 831.433417][T16718] __sys_recvmmsg+0x5dd/0x610 [ 831.438107][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 831.444185][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 831.450351][T16718] __do_fast_syscall_32+0x129/0x180 [ 831.455567][T16718] do_fast_syscall_32+0x6a/0xc0 [ 831.460429][T16718] do_SYSENTER_32+0x73/0x90 [ 831.464944][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 831.471262][T16718] [ 831.473589][T16718] Uninit was stored to memory at: [ 831.478793][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 831.484522][T16718] __msan_chain_origin+0x50/0x90 [ 831.489475][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 831.494607][T16718] get_compat_msghdr+0x108/0x2b0 [ 831.499564][T16718] do_recvmmsg+0xdbb/0x22b0 [ 831.504100][T16718] __sys_recvmmsg+0x5dd/0x610 [ 831.509245][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 831.515334][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 831.521509][T16718] __do_fast_syscall_32+0x129/0x180 [ 831.526722][T16718] do_fast_syscall_32+0x6a/0xc0 [ 831.531586][T16718] do_SYSENTER_32+0x73/0x90 [ 831.536104][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 831.542428][T16718] [ 831.544755][T16718] Uninit was stored to memory at: [ 831.549805][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 831.555539][T16718] __msan_chain_origin+0x50/0x90 [ 831.560490][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 831.565610][T16718] get_compat_msghdr+0x108/0x2b0 [ 831.570556][T16718] do_recvmmsg+0xdbb/0x22b0 [ 831.575061][T16718] __sys_recvmmsg+0x5dd/0x610 [ 831.579746][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 831.586085][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 831.592263][T16718] __do_fast_syscall_32+0x129/0x180 [ 831.597476][T16718] do_fast_syscall_32+0x6a/0xc0 [ 831.603727][T16718] do_SYSENTER_32+0x73/0x90 [ 831.608246][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 831.614572][T16718] [ 831.616895][T16718] Uninit was stored to memory at: [ 831.621932][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 831.627695][T16718] __msan_chain_origin+0x50/0x90 [ 831.632642][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 831.637760][T16718] get_compat_msghdr+0x108/0x2b0 [ 831.643923][T16718] do_recvmmsg+0xdbb/0x22b0 [ 831.648437][T16718] __sys_recvmmsg+0x5dd/0x610 [ 831.653124][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 831.659225][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 831.665397][T16718] __do_fast_syscall_32+0x129/0x180 [ 831.670601][T16718] do_fast_syscall_32+0x6a/0xc0 [ 831.675458][T16718] do_SYSENTER_32+0x73/0x90 [ 831.679976][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 831.686680][T16718] [ 831.689007][T16718] Uninit was stored to memory at: [ 831.694046][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 831.699964][T16718] __msan_chain_origin+0x50/0x90 [ 831.704916][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 831.710044][T16718] get_compat_msghdr+0x108/0x2b0 [ 831.714991][T16718] do_recvmmsg+0xdbb/0x22b0 [ 831.719500][T16718] __sys_recvmmsg+0x5dd/0x610 [ 831.724185][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 831.730263][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 831.736434][T16718] __do_fast_syscall_32+0x129/0x180 [ 831.741651][T16718] do_fast_syscall_32+0x6a/0xc0 [ 831.746513][T16718] do_SYSENTER_32+0x73/0x90 [ 831.751071][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 831.757426][T16718] [ 831.759750][T16718] Uninit was stored to memory at: [ 831.764873][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 831.770605][T16718] __msan_chain_origin+0x50/0x90 [ 831.775547][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 831.780678][T16718] get_compat_msghdr+0x108/0x2b0 [ 831.785620][T16718] do_recvmmsg+0xdbb/0x22b0 [ 831.790134][T16718] __sys_recvmmsg+0x5dd/0x610 [ 831.794827][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 831.800932][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 831.807130][T16718] __do_fast_syscall_32+0x129/0x180 [ 831.812354][T16718] do_fast_syscall_32+0x6a/0xc0 [ 831.817217][T16718] do_SYSENTER_32+0x73/0x90 [ 831.821730][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 831.828047][T16718] [ 831.830370][T16718] Uninit was stored to memory at: [ 831.835403][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 831.841138][T16718] __msan_chain_origin+0x50/0x90 [ 831.846091][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 831.851211][T16718] get_compat_msghdr+0x108/0x2b0 [ 831.856154][T16718] do_recvmmsg+0xdbb/0x22b0 [ 831.860873][T16718] __sys_recvmmsg+0x5dd/0x610 [ 831.865559][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 831.871638][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 831.877803][T16718] __do_fast_syscall_32+0x129/0x180 [ 831.883007][T16718] do_fast_syscall_32+0x6a/0xc0 [ 831.887888][T16718] do_SYSENTER_32+0x73/0x90 [ 831.892397][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 831.898805][T16718] [ 831.901130][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 831.907810][T16718] do_recvmmsg+0xbf/0x22b0 [ 831.912231][T16718] do_recvmmsg+0xbf/0x22b0 [ 832.463091][T16718] not chained 530000 origins [ 832.467737][T16718] CPU: 1 PID: 16718 Comm: syz-executor.2 Not tainted 5.9.0-rc4-syzkaller #0 [ 832.476422][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 832.486498][T16718] Call Trace: [ 832.489893][T16718] dump_stack+0x21c/0x280 [ 832.494244][T16718] kmsan_internal_chain_origin+0x6f/0x130 [ 832.500001][T16718] ? kmsan_get_metadata+0x116/0x180 [ 832.505212][T16718] ? kmsan_set_origin_checked+0x95/0xf0 [ 832.510770][T16718] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 832.516853][T16718] ? _copy_from_user+0x201/0x310 [ 832.521817][T16718] ? kmsan_get_metadata+0x116/0x180 [ 832.527033][T16718] __msan_chain_origin+0x50/0x90 [ 832.532006][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 832.537317][T16718] get_compat_msghdr+0x108/0x2b0 [ 832.542283][T16718] do_recvmmsg+0xdbb/0x22b0 [ 832.546806][T16718] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 832.552651][T16718] ? kmsan_get_metadata+0x116/0x180 [ 832.557863][T16718] ? kmsan_internal_set_origin+0x75/0xb0 [ 832.563509][T16718] ? __msan_poison_alloca+0xf0/0x120 [ 832.568830][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 832.573607][T16718] ? __sys_recvmmsg+0xbb/0x610 [ 832.578387][T16718] __sys_recvmmsg+0x5dd/0x610 [ 832.583178][T16718] ? kmsan_get_metadata+0x116/0x180 [ 832.588395][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 832.594484][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 832.600654][T16718] __do_fast_syscall_32+0x129/0x180 [ 832.605870][T16718] do_fast_syscall_32+0x6a/0xc0 [ 832.610739][T16718] do_SYSENTER_32+0x73/0x90 [ 832.615255][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 832.621672][T16718] RIP: 0023:0xf7f82549 [ 832.625751][T16718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 832.646244][T16718] RSP: 002b:00000000f557c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 832.654674][T16718] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200038c0 [ 832.662659][T16718] RDX: 00000000fffffdf5 RSI: 0000000000000000 RDI: 0000000000000000 [ 832.670647][T16718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 832.678633][T16718] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 832.686703][T16718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 832.694729][T16718] Uninit was stored to memory at: [ 832.699773][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 832.705507][T16718] __msan_chain_origin+0x50/0x90 [ 832.710542][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 832.715661][T16718] get_compat_msghdr+0x108/0x2b0 [ 832.720613][T16718] do_recvmmsg+0xdbb/0x22b0 [ 832.725127][T16718] __sys_recvmmsg+0x5dd/0x610 [ 832.729815][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 832.735899][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 832.742154][T16718] __do_fast_syscall_32+0x129/0x180 [ 832.747361][T16718] do_fast_syscall_32+0x6a/0xc0 [ 832.752236][T16718] do_SYSENTER_32+0x73/0x90 [ 832.756833][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 832.763147][T16718] [ 832.765494][T16718] Uninit was stored to memory at: [ 832.770531][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 832.776259][T16718] __msan_chain_origin+0x50/0x90 [ 832.781206][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 832.786334][T16718] get_compat_msghdr+0x108/0x2b0 [ 832.791275][T16718] do_recvmmsg+0xdbb/0x22b0 [ 832.795786][T16718] __sys_recvmmsg+0x5dd/0x610 [ 832.800486][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 832.806565][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 832.812743][T16718] __do_fast_syscall_32+0x129/0x180 [ 832.817958][T16718] do_fast_syscall_32+0x6a/0xc0 [ 832.822826][T16718] do_SYSENTER_32+0x73/0x90 [ 832.827341][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 832.833661][T16718] [ 832.835994][T16718] Uninit was stored to memory at: [ 832.841031][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 832.846780][T16718] __msan_chain_origin+0x50/0x90 [ 832.851728][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 832.856931][T16718] get_compat_msghdr+0x108/0x2b0 [ 832.861871][T16718] do_recvmmsg+0xdbb/0x22b0 [ 832.866384][T16718] __sys_recvmmsg+0x5dd/0x610 [ 832.871082][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 832.877173][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 832.883423][T16718] __do_fast_syscall_32+0x129/0x180 [ 832.888637][T16718] do_fast_syscall_32+0x6a/0xc0 [ 832.893499][T16718] do_SYSENTER_32+0x73/0x90 [ 832.898038][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 832.904618][T16718] [ 832.906941][T16718] Uninit was stored to memory at: [ 832.911975][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 832.917702][T16718] __msan_chain_origin+0x50/0x90 [ 832.922645][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 832.927764][T16718] get_compat_msghdr+0x108/0x2b0 [ 832.932705][T16718] do_recvmmsg+0xdbb/0x22b0 [ 832.937248][T16718] __sys_recvmmsg+0x5dd/0x610 [ 832.941934][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 832.948007][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 832.954168][T16718] __do_fast_syscall_32+0x129/0x180 [ 832.959377][T16718] do_fast_syscall_32+0x6a/0xc0 [ 832.964238][T16718] do_SYSENTER_32+0x73/0x90 [ 832.968753][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 832.975126][T16718] [ 832.977447][T16718] Uninit was stored to memory at: [ 832.982497][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 832.988220][T16718] __msan_chain_origin+0x50/0x90 [ 832.993162][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 832.998275][T16718] get_compat_msghdr+0x108/0x2b0 [ 833.003214][T16718] do_recvmmsg+0xdbb/0x22b0 [ 833.007721][T16718] __sys_recvmmsg+0x5dd/0x610 [ 833.012405][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 833.018481][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 833.024649][T16718] __do_fast_syscall_32+0x129/0x180 [ 833.029896][T16718] do_fast_syscall_32+0x6a/0xc0 [ 833.034752][T16718] do_SYSENTER_32+0x73/0x90 [ 833.039263][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 833.045631][T16718] [ 833.047959][T16718] Uninit was stored to memory at: [ 833.052992][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 833.058744][T16718] __msan_chain_origin+0x50/0x90 [ 833.063685][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 833.068802][T16718] get_compat_msghdr+0x108/0x2b0 [ 833.073771][T16718] do_recvmmsg+0xdbb/0x22b0 [ 833.078278][T16718] __sys_recvmmsg+0x5dd/0x610 [ 833.082963][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 833.089040][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 833.095198][T16718] __do_fast_syscall_32+0x129/0x180 [ 833.100582][T16718] do_fast_syscall_32+0x6a/0xc0 [ 833.105438][T16718] do_SYSENTER_32+0x73/0x90 [ 833.109950][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 833.116273][T16718] [ 833.118597][T16718] Uninit was stored to memory at: [ 833.123628][T16718] kmsan_internal_chain_origin+0xad/0x130 [ 833.129354][T16718] __msan_chain_origin+0x50/0x90 [ 833.134305][T16718] __get_compat_msghdr+0x6db/0x9d0 [ 833.139433][T16718] get_compat_msghdr+0x108/0x2b0 [ 833.144377][T16718] do_recvmmsg+0xdbb/0x22b0 [ 833.148906][T16718] __sys_recvmmsg+0x5dd/0x610 [ 833.153597][T16718] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 833.159763][T16718] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 833.165925][T16718] __do_fast_syscall_32+0x129/0x180 [ 833.171220][T16718] do_fast_syscall_32+0x6a/0xc0 [ 833.176076][T16718] do_SYSENTER_32+0x73/0x90 [ 833.180592][T16718] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 833.186910][T16718] [ 833.189236][T16718] Local variable ----msg_sys@do_recvmmsg created at: [ 833.195914][T16718] do_recvmmsg+0xbf/0x22b0 [ 833.200333][T16718] do_recvmmsg+0xbf/0x22b0 [ 833.321006][T12452] tipc: TX() has been purged, node left! [ 833.351929][T12452] tipc: TX() has been purged, node left! [ 833.387410][T12452] tipc: TX() has been purged, node left! 10:49:00 executing program 2: perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7ffffffffff8, 0x693d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x24, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fe, &(0x7f0000000080)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r1, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x9000000) 10:49:00 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:49:00 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb, 0x1, 'ipvlan\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6}]}}}, @IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_ADDRESS={0xa, 0x1, @random="ead35f125dd9"}]}, 0x5c}}, 0x0) 10:49:00 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x3, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:49:00 executing program 0: getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, &(0x7f00000006c0)={'HL\x00'}, 0x0) setsockopt$inet6_MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rds(0xa, 0x5, 0x0) bind$rds(r0, &(0x7f0000000100)={0x2, 0x4e24, @empty}, 0x10) connect$rds(r0, &(0x7f00000000c0)={0x2, 0x4e24, @loopback=0xac14140e}, 0x10) 10:49:00 executing program 5: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x5) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x441, 0x0) [ 835.018503][T16931] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 835.212562][T16940] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. 10:49:00 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000404"], 0x28) sendmsg$inet6(r0, &(0x7f00000013c0)={&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0}, 0x0) 10:49:00 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit_group(0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) mremap(&(0x7f0000331000/0x3000)=nil, 0x4cb000, 0x600000, 0x0, &(0x7f00007fc000/0x600000)=nil) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x3fd, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) syz_genetlink_get_family_id$batadv(0x0) 10:49:00 executing program 5: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x5) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x441, 0x0) 10:49:01 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={[], [], @empty}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0xfffe}, 0x9c) 10:49:01 executing program 4: mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002000)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000004340)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000000000)="9eda438838743bd4e9720bee57093515dc189a5ea685e9556c1c2c3cfc4df50d66d31a48aa312663b68d18c5826b5b55fb738208863dac0f10f423aee7a5d8ddc45ebdfeb7424bae859d7c37ecfc4b63914d5a56d91017dd22bc84f759a15969951aef9d5c88c96560896988fa18cd946cfcc3a0f1c993348377904eac32c980bdf7976ebca2b499cab63c4e841514277fc71d4620e29a92523402485de0e82896484c0ae497a4d686df23ca7b68c3fd5e624d3510d7f94838e54af877ca58a00c5a672bba11f5aa1ed1980dfef47b9973d0bf456ded5e72f1702b3dc5197fce39cba53a038d8dc0ec783ce70577107dc5e8b299e64a0b7f1191f0926bd25762370191710bab2f44e9069f55f8a3f87e4cb488a2fb3348c0bf3b3874291f83e4776b160ea73aafa3919c7c069c73c0052173a63158db8b65541d161f9c964926ad7f06bdd6cb6a32135b04e35701c2e13c49c1f75dc7a25d623378860692d172ec3f1e1f2d9dc77c015c13721efcb101c2390abb847e871132f472a37cc0163b39b1d575a5444e246a08a1afb1a696cabab29498a314429a3b9f44c43ba29f71fac1fbe0d01c3c16d22730932704bcfb0c1b7a432bc51dd3f5dd5afc3b342cbe6a6ff899039e28f9a51881b1d46fdcf31767cb6f5c5c69ab3c80615d77c4d1664fc4ec831b8cea2e752bbb7a9ce79df875b29f1e232751daf32a1a0c4ff8bd0688e2b8e2d668b8a77e20a9eb6ec2e2c23b94e507baeacbcfa31fb6e1ca3343668f43e3aa6d85e7c29bf0bb4dbdabddc92be7f4a6f5d21b19e6da17bfb6cc926e3847532fae29c7b62fb909130ec372d3c16cfe6aaf3ce2af0fe7610fde7aad61bc80d2f96b999c8ccf6d22cf903ca8ae8b879ec4a416f334982e9810c0140a18d4dc81b5edaae23e9f4abaf40ed71512aebbba5bb251545e188db789558a845a2877b14bdaeec3c738b7d730c0860531bf5517d4f0e8f95ed3571f8a35816d5116fcb8d7cbf42b7d5d5e65541508c898bb2e0fe96297d2ab7135662de39df099ebaed5871111f5346278cee5728cec512e6c0a0d65b51e3d627873195b84103341c2bc83b6c8fdd8ba17f5957413f61c69d618c9b9d0b1f08dc81921b6c662ee1da3bfa019b095e9a03c2db4d645ccb7364e895098cbf7d932c72d80663c7a1694d122f7348393079223c11d36c64a5856eae0397ab9a9d948204b74e56525a9d552dd0916de81cbb5af3c59b3d7f8f9154423ce2cb45a5bc808e24bef13212019a19545fe54ba84d01534358380192b8c7b0eda907810375bb66a578a58fec392b47991271c8367b91d710e8a176bc1a4e96f0e137d4c25fbb03eddc392f9f170dd744472b864fbbae7c93d86e682308b21b73c5652065d72cf02e1152b44024a90a3b52eb0bb3cb412e518d37a68aa4c7f46789c54ab30d3a73d0a8712fde612294cda2aa1ccf164930b9b1d17801d4fbb06e849d39bf2b5141330caa0d2618b616f1c67e1ca57080e79ed9092ba7a55e8121cfc825cd26a0199a479a7ab1b7b23d2a4dd82fa6d04ee41ca680435efc934f0451e865e8632ac2f1115f4cdd33b0fccb7a2326127faf20cba37c828613dba5a98f4e1ad25eb6b91078cf73d873df9ef91531476f64b83559ff7ccdc4c070d478b18196ea05fe8d4ea0216ee5273dfabbd04582f40f064c9781afd2cbf30901f28cd09cc934f1b2d50883778274177e3dba8af0a1b931d80ce1a6c4085780ea2195b65ecfd2953f78a5290fe560d0cd6a5e73890a5a82dc410b92a3ef2be05ec5607820fd4ca6b9c3aa258d59022fdcb21665f1ce4e8aad8fd918c43bd3c2afe3dc223ff9f48831d401c8b6996190793d1dd7551f8511b69283992398d8f9b4bd2b3398d3b8c6f3c5d8b802ca5282b70242df2b7be4b38e70c3065f8da888631375afcc05ce578089c4f783776b286b7a60d1b5e189e2742a3240c1036a953d886885422eef01413c38099b64505fd5a73488acb4e611820674c58ae74d6c64a885d4beda9bd7903bcdc71e3711e2a057c0eab2100c321050ab14c6e453c53182577ad3178603cd9afde40a701120e9a36074fd582428c74e02781318e6c65450f8f020bd22475696fe13b8c59260e53a06d16eabd135e887a0a6bbc8ad21be7661df76fec5b13844f68b8eed1a7379713738beac9f23c7a26520e19797a910cde9fb285179526889b908b7eb49bb06f70f6271fba8712c1a4269ebcf4b7d043e924e3d2c4c753fd7e547d95841e335179836f76424e728810d7f32b78256ea30c79d9238a6588426e1f2d4c0b03d5605bd826ed24f0f11326b4cf958632b86e017aa80e142db1580c44f76d9c98196f3f6852ab2bfc6a01a3553a130c2d171957f5a45c3550fbbc990ef8742a98a86b280a57b9f198ff436bc01161ada50e6f23026c3254adf2321bff7e20aa54080bbb57d8d52c6a6df6107706a2e5bc6da68f17b474c0edd39401d765086e885cf7992405f856557915603cbe8894676e996bbadbb649a5e7498b91f9bd2f697dd9ebbe4d386050258b9f4c94781e61c660651c3f1e3ae51f8c035eca365bf15d6db48ea9ce183515f4a208d010f7c23dcacbd6e225490d7e9c133525f5c9018d752b21b4897bf18b64b6a9936f538a0a8958fc934440aeeaad2b68ac844d76f0900a6c95bd0b353d85d4fb62eb88360112237fd8c636a80e3130b21d66ae8ec58a4b76cba0602f96da919f7e84fd37e3ec2379f58e389a39c78d2482e03c379e3c4649ad63a76e3707ecff07d2fcb0c9dfc524cab49e69a09c92e4f88714335cb57d3f6184d07bef9657280fb5c9fd2d8f940f7ac6c5407e3077aa2e4ba8e217e0ee19e302d6d90e3be05a86dade35d2e454e511afb5cf5936f1d11f2fa6be6ceaa817dbdc7a6aabf2fad8ff3efa8382a25099f0c5989d2ad56ae0f4968b2cfcfc67b4f1c161c75900b4848f59a3c0376dfcb7997bf28e9e85d6dd942a360516de38e1c1a038a796f9a77ff2b0c7e5e8f4932391a0e58e76dacc6f9764178a211dfde3e75d367d2911ff398126ffdf83cf2fbdf1ad5232bed9155f7a168638a572094a9e934d4969b358cf6e121d7fd2aeae2f499068b42c152f0e3403a230885d6f92f038ddaa23499f804ffb06abdbabb51f6c38c92fb1a6271a4b13d6d11125b8ec12efa5907dc65062797fb9cca15e2f254e76b182d3fcdb4e96ac4de36d6df7e7bba5c32f422286b1be3b79bffb6fd693761952d195a84ad9ceb07287a0fbefab9e0347b513c5f60233ccd4b52d90ec144a2f896d9dc7f279f8aa93038f3efa286e1c3006933a4d7183d952f8d28b141b28b2af355b5bd8198dfde1ffb8d09202aff0d16ca3fec194662892a49f829813970a4520f1228aa03d211a45bed3b2e05bf1f10b1a152761e7b6c6ddea863a3c02224256092c70ca70dc185c4c385dd98b09e2682661e1e66f71d9c4037048eb70e8a1cbe57de87ec43713abf5fdcf63b9c482f318e3bec37e878dadbae15a02d731e6c8574eb14c059d72f73be5174add786d06b585a28a06d349d8e434a491b34897b3c1ad786ec8280d7f57edd4fbc6aea5485d659b59d393e331cf91e6ed76f340fcf7cf460892fa7318fc42b883f61d888ad982a751accb613c66661fba5f3d6de751a6a9ef8a4700316aaad04e991aab7903f4ef012ec2a8c092234e74ef335daf360ae47bbd2bbc6ad8c1a4f81efe8bbd703cb55ef36b32b4e30cb5a3b165c02ba295d0e1c40ce6ff8f479a74f01275f113ebfa8ade37a59ce70e6ca2a6f48f1be085f61bf772e2c2da523a2cfe63e99c57bdb1ff23139d4fca49eff7547e9880eefd3f7511a677efa23b52098ba89037c48dfcda2e8c1cfb9f892161049e53f8cee55256279512aecab8c441600dae0fd957883273047cf5c66ba209f830aa2ce0cbe41ca08c0cef4aed7f4324009200661a7ce680e5a8df2d051c1d8b2f63d25d8d74d05c75c46c8f3f24d625539e63459650960498a54ec3b16225bbbf4d3930009df265839d72611f5332a904cdebada108236e4414a2909ad01ec44b9d7f75de4385ad7ca5152e890a0919b3639fd1bcbca3b737ebb8d9ae541b1271cf2166ba15830e66f3d3afd3b754a7f81ad4f0999704ae99c114907c5be4a4797f13b80564f234723a34dbe137dabfd7fa23562df679f54a6ab54def6d63deae9844f72fd73efd0413551f5c4b9ee826eb3b7faf92a59ea34a16723b4fea14d1c8815a4e2d39fc48d1dbce526a7c53f5a96d0ef6463a0cee73fd3505f5c764a264b83c4a21f80e8b61c82d24442d13da99d18dc1b2538e7a510f6093d9ef2bc5cc777d4f98411e93919eddfd69d6e20d227cb61c50f358ea227f4de941fb080c1cf6b1f6e25533768fe133dbfc3f9d29c603bed38aa3c5af5b81a706b0067b40b88f992610d04c7cc36b8f649697cd6a93fae51138161891ae75a7147780fc59af5a6e18c54f9d2a4fe7fa92314b399afba9a40d0cc24f70a2593acf8d179215e06b7a9a88224bafcb2cbf60caf5fe4ff38208a70793b5dc33cd572956260e1c86312d3ba9b3a4b2b44376f2e78c616a6c0880ac8dcbaa30b9f761d500fd03a8518dd0509157b184a2d95e0caf3ffc8ac2db6c54d80c71a1e5b9ea3bf51071e2118af204123daceeb04e4f6f31f32a4d3fbb76ee49440cabda2c121c1b99acab5b87cecc37c3f9066af34ab29d6598bbfd91047a2ac7ce3a8f3027ff5e6d743506f161087278896a98ed37122ba208b61cf54d3929555ab06b564cd5e4f46f4755a6cfa2ef2b30d29ea66f2749d4060d411fa9160c91b6f55cf071ac8222c6313df18759e2958cddfe3db4cbeb9cd39abcf5f0beaecae8437813995cb7ed0b87d42ca942ff7245ece204798d01361c5f008e0d82bdf76660515bc78f7f8f409ccf68614b2cb50f5af2615661326fd971bc57eeeade60ea906b8df1cb0dfafd318cd2c396309c329d0469ca192aa8f51d7c4227685440f073983255baf054b97b9d7be1d1470d7eabd5c09b2116b4e86b0567b7e97e088717a4fe3dbdd310a1c39136ea4d2c47492001f9885dba03bf97e7da376171d666441cdc2f999db137603d57df32b4260fa0165e82917bb1631ea314e7a7437e66fc68cef22cda8f456d6e583f6e3237e0bc79987a9103f7cf0918e26881f67ea582e1ff3a49177599d385bf6e42572a2547933aeddb826530e9adf30dd84c3a7fae5c4c26f6c6f3a9f0906decd314e2407825abef959c5416d18a92ff34e6c521a16e8a0a29937c77d4ee99b41d530a732acbe0bf5d274df9d496b47a9a624546bdcf9976cde12ec989cb2a70b33a7c8a3a77652023164695f9db30dfcf587f0cd4f73e385730bcbdd688f6dcb08ba0efbb9f579220afefa4acfea522e864fce9b1782ce9f14824d16e9d33a2609c23ba3c5a1af02549357a0dcc12e37819d778021762cf895abeac1125b744c8b8225a091e7be9ded9993cfa3ca9abb83e25c8f559009977a2ed9374a89619fae5ef6d164bb73d242004dc8428e44689b33ee3bbe88bb4962ab0a32a90e7aea044f08410752cb2d7aeaf3196648a3a99092665b478bb394b48f79b36db0efc7f50d6a5179c945f5298cfaac5e5dea715296f92abce7281d48a0c9c6b785a35ef5f1697c047ddb254fe9a8ab9f498b0c1ae09ffd01a3d8d427fee7e36c51e0e5c2fee2245fb8464626ab5c9857ebce91f7d22bf024d10c2d71021cd69268472de419e6cefd970cc3a8e4d1bbe6496799aa7f100411766e712aff08b731460f14f9d7356db12cf8e1c6121968dc68b1d81c086b325ca4ce6fe1f476707e08fa913144b757c6be17cf93150db29544d207f09a896f33b7335d9339215da751e7af2c6bdd19db6f521af2c8a5998dc607f97026d07111488741134c1c86eba123273d1fd5ee4b471e86f9ae9478a04c7482076ab34a1eca5c64f89e5106eed44bceec019c67c12fb4db4fdac153f4ac3b63ffeb6d30de58ec039e2dd3c181e254cd94d0a2b0b44490384cc5915b54ee1db2b6d059879bf8126c9ca976d0f7862da07ecd350930a081810a7afd72b2ad3f65b96ae9c7f91227a2b5513a559f36b90fe01be9ae5ad3ca65e2c26f358fc26b858a3633fda7ae49a5fb705220a5819b3cca41b1ccc21d7c40f5fa9c422288efa5394e4312675899d704a2aab62b8363f58fd4bc12a8bea6ffc45b4414237bf5f019321206dbba439acb5ef26641f30fdac20f964354bce94e4c9d73e137f9806deefaf6f4acaa0e76ad4fef9f6cb7fc01bbabda9612c05adbe46afcf94819e8a4b4b49ff764784fa432d47fb6d4230900043d1b4521cd6839fe8c5df4d1899fdfb13880e207cac73f0a29020bdd563bd9c2f6bcd1ec523b3e03ebf6164fc65af001830c51396f9df2d346f83a59cfc82201cf1150ea57259d579fc2ed199b3fbe42d5188c84e4354610743e5b23a265246313cc63913f17412fa00d98b379b80b96d936969572e11316bc8926cb23115186f3b2387b82c3898fa41bf16a308da62d5a3eb3609af1943fddde08a4036eb2a41b7292caad9eb082614b02a1fa255bc7abd4d0e3b4ec1801e131e68c7aa9da1a0ff10f9de87dec8fad1ad8bfa99caa49e203a7b9c33e044d4544a537471e7a452468b821959bc488c6b8cbf81e90081a26de273ad1203cc06adb6af242ab19f96c1c66b58c37e2c9309704fba63af99a8d9c5efc651afb631fe9f546b938cc3b8e526c4159e5c9f7afb29fd1d55fabf09367ce2a63a35e7a2062d1c772ed981fd77157a847f687a177cf9886ce41df8cc509302b46bc1e2ba896b1c1656a1bbfdf4cd9ac39cf8510d1c823075f16550fd044aacc8d42a56f03718f7b18475cdc3999faeb25ab3dd8a807ee04d8e5d831d08b4e309dff50330685138797e10c6362636f53f22bfc1f3d5090a5d369282d9de36bb4e2505411ccc6ea395afa1567b15a2fb4be2adeea7126b1a8e80034105e0d98bdd78e796ce1cdc06a4ae666fc0baec5c52614340ed997673e26ec47c88846c000bb7c9077337cd44f5c041fdcc64986e5e1c0f488148f0ee6f842c44c0b72e82109270341bba6e9080b70fcf930d0f10be5a36798e70111fed72727b72282ff164fc08319d74f1f57cde71b57cb397a9e753f87b97729bafba017a24cbfdee5dfe7fc296c112e93bb8fce560ca80a3afd8370baaa79ad783b51352b5440b144a47378c9ae22eda5794328e95bcca220fd07bb56915529b155c61858efe89ad36a79288e74c0e251addcfaf797432175a5562b46eff5e3aebeb74623e18beef85389383c604d8884431b07dc4bea0174aadc337ff41f558a63f16690feae47efa2a5d1318b7397e1e4ba398727d286791b71610e1d78d32800e7e113c12abf0f60b6ca4401ecd23b7aacd990633b2b017daf6bfef1b2361ece74b7dbcbb1a73d4bc1f9d2e5c9fb0b7980d25cc44d1b10c09ef5a6a05c84669294a5cadf0cd88ab449f9f0bcdd8c48590d416c5c1feaa494a2145949c2a3373df7c6014225f2745bbeb20ff294d22c0d96ca111e6926946207cab56a03162a49e68968e398f70690188ee3ca847ef421742d60b9a6ad029e8a3d607950b2bf8ad8ff297cb39acc94905635770436e134435e28205140331b5100d9f64469792fffac87bca0835cbc617446ff86a7b50418c305f32e658b32130e491e38709fd3697017ac8084cdf1ed81a28375aed092ab4e32ca88a933154dd3a9e99351acbada926b67b310c7070ac1a414a28c5abfe1f45476249a12f18ca2d981528d881ed3c5072e46a6eff3cdf37dcbc89c7f79c88a1f8d15d15beb66a0e4440c7b93e379c4e2bac1d5c8e85f1852887e2cfeb178fba1c67dc2adb0c87df8ca4444ca7f455509f492effb5001328b8cc696e2933207a2d78bbce8562ca34a248193c914406b161c8141479d891b0c6110ec1e25cad38299b489f2ec437017cadba67dcb58abd4933c95b3526f1d4747b8701a7d71e446e4b62e2941d4281faca0cf22914be5aad80f47100000000ceb24e82508fe55a92fb6db70d03d1c1ec09cfee31639341756a4630a0eaaecac7bfbddf9d30c42cbd45eb181d5bd341307ad26f496bb042e2b655c03ac3dcc587acbf50f79b5c239be9938b62d3251b199f8413b020605d5d0552cfd9c39c9132719d6d0a326b000e12fcb51bc274df79d11430060d05978cdd50583f1bca82c57dbee605e2d00fcb5414af13a596d35cb5ba62de6a28cbccc857d23547b1c7fd5ac8fbf6758d5b8451fa46d9acc00344dc2e565674b1dd3547eb8f8aa5fff99042f8d1d59e6ad2f53379211e6832fcb68f5777eb2db85b28f724f4e4ce6342cf55713ff7b0cb4f7f47dd12a6566b86709eaefae024373267ce72a89e7f3e42ab48edcccc96b5d0403fe93a927e5ccf470014f220b8257393226cd7b996f20e6a34f81206733a9fdce03b701943c1b560d3eab68c2c225cf7f7f2b56123be2bb173e9e5b37f4d3348f6b987764ad07c2acd44514ff264d7eda31e5e517a179414841ad4553d51c08f435e05f10aa82d74b97a9ba3a133e6c9175fdcd4f3dc9c16d3be1d5bbaf13240177081ac1d56681bfa988a93af09868afd608520c0bfd71d857a6661fdaf6f2e166987eb007449dd26334ae932c5003fefc0f983b9e49cbfcea325f2de16a9ae935caa46f5b3433957fb370971ed957f138f08a60fed5b84995e428e7ae7d5c22021ff016baef0e713a118344c016a99ad469313ba7f2452da0dd82e019f64aa229cf80a69b3e08ac5847f10d247179855546313232f23e055c2f74ecef14e0fdcc29a9bf0976fbb249bd5c7903183d2a53c70960a183630e7d4928daa7091a85ad987d2a4a5b8f6be6612fa72d9fbb33c67bb38eff19f2e784f94e0354cf6d35a5b2c62233c039de3734b38e97ec72bd673fef09fd56fec329818cc68cdf12cb52f7d37a8350c16e94208880bfcd3e895d7aa4489e3dd15db4a9026f0d2a46f1e89c35845dbd976a1992b87c15a0c7580e6424b8792a7bb7b933d7c5433d4133ba4dbbcf7995d6ed3feaa32f876a287feeb9cc6107778c1f83e0119d980b9e994c2a3ae3de24a103efb3cacb746b49d1ad85746b233ab4aaf0e988ec2a786bc93f32040d3bdc3008031634cdfded5ac95b2279e096243228296591e7ba53c4a127772cc4620e6b238ccad250629194533d0a669ff3366c52d64928693e0b0cbb0b8e2c6029089d4dfe2b4b6c5dcd85f1a02770611e65001e48a32a8b0431a3b9d77fa3a95be38a0436a704c05a8e0183f3214c25531a63796f679bf72885aa766468d42b2543542d7e82544efc5c5e81e6a91a0f5d4e68000cff687d63e45c9a11d4ef515050daa592c9a828ac7c0488e7cdb3d6fdaef5e9176ee68d981ea50d386d74df3b40660351736deb03bfceb721878cf9894b0302df15964242ab6b9f77f98ba1c7993735983d2b022600ab74a19e3636e1400d08ba45d3a5c2774cb06a1c358bbfc11d27efaf7ca53c2e7757c8c76da24707d91a4a5244262898d68083ff91c514d9b9b1ebaa0cb0b10254fda1b1e82b9a1a47f117b5b280ddbec1f6732d11117ef1a7a674699df87fe795d1243cb9c4527e364e2b711b6562a87fafc130ce0baf1701686639b05f0c8dc708f008b1e6ab89e8d623bb83f3d54b7bcdbdacd055ac4eccbd36bbe0af0f65a00e3d6dd985ae8851d176976cfb5816d1fc2a63d3546aecaa4e712ca6961d1f181315d553de6b53485faed0dcfcf819a1ba3badffe797377d3d1ddaed8e7a0acc0c3d277762262a139f94de49faca167b11bf04f2104a5ab9a73367a6461f7124c91a2c4229ef98e6ebde9aac283c7d029400d71293f488ba169b62c1e94689cf5b248ed4aea62b88d65bb764cfe27d5231a58486e7381df518f4ed81cb905108c54a5050a94ca0e94da20d3794bc5fab9127dc95b6404b1e27b4e28136fc27806f7be798444c33aca88ffd45b860eba0d5033839f5a092863954604f1952bd61dad23b11643fe14f3ade08116aa2c13eee701ccd13e506bd65a1060bf69579aea8c8143cd38c0891a3065f251eba0c20ab9c69ddf28e3bd6400cc203bac8de1882239ad4e1b97b0ae2f1abb7bac7c0d8ef82b97ebfb1f5577f06a3a1377b09ada4db87d342f20ab0eca4b9c206042471307511429cb57a578211f92d3647189861cad9145f5eb26ab696abe50a2a6c1b469df97da28aba4e79b586c348a430f5ea61c4be1032fa61d18581f05a07fb8707c8996e0fff1c3eda59b992687fa12483b9327e10224b20d42e8b3fc4670bf070ced602283273d6818acd1f6da567c44d3f5e1377065d43d87d889843ae48e7fa8ba1634815695b8c480ca271e6e833799c70da80fd79acc09b989667a2294de5da73f0363df9a33ad4dab8d27cf7bed0a06838672e3d07d52b6396e9b5576021d5e925abd533bf161c944795065fdd44e8462e3070c479f1c118276653488dd9b2f1a673f8cad3612ca1fab4388ec9c8f834a01a499adb7b3a9a977672f6d75b41bbdd7f91ceb7e7a88568d17bb432be9e4e96e115075bce197ef4754d2914c2c59e2d7f4c08f0dbe34d31f229428f211bf1d7e8f5c319ed4a8273cb6255eb318851ac4557b0278fac63107a54d407c42f300b843a12abd3b893b46c7efac2e388ab42b87aebe2543bd4c15f459bc50aad10ffe1c1196fb52c26e54bdaa7fbd52451f207ffb073ef4b3f71eedd7da40c89505019739e3fa733bcdc84ff4919e8fe2358129ef28291be1d6426b8bafe88463b1d3cd7273745381c7f65221898e6ad361e88b24c54ccc7ac9a830145b6dc096e2d71ef71ec4f03524cb870b724e08d223bdec2f6fdde6200217a13b5136004d455d66547f5a1793e0cad85677d49e5c558852107007c8136812cf021afaf6f7e8f59883371be46cda412dd9c6fcf187c31252ceb5758901d39cd5355ab386d9a7fe6ea46ebf277aaf809c3023211ea9aa189de4d422080ebb9fec50ffab6b95ba4ae5018accc497e79149ed6047ce561ccc10e9194cdccd5c9fb75175c8dbc9d0a916ad59288f010defbbb50d263041ab37aac0f93253bef6f898cd0825d99d27224f26181f9713b8979da64756c95e7505f25a2688960d6155c3613dcc31b6c337a6dbfc6b12cfde1db22b93bbd5e48534fb0bda8b212577a14dcf665c834b0bd24e5f624d2455fe048dbe930328d7cb632db3b0e244bb5d43390b420b15157a339487fc78976f867d3a361aafdd3f50a93c01882da7c220089a544381db22e2c86b228dc2be01820468460437588952a549d37498e529e62aa62bad1580546bcb1e9a6ed1870b7838d05d12f6e3a041e78b1bdb80894626f20889ccb3a468aa4fb24b9c87cbb28623ce59c6b3c6286db366d08004551a25fe4d8d194a2bb7c52e1c85a5fbe4cb15b171489da121bea1c469a6bb185d63213084e3a81ee54dc03a94dc5ecdda7bfaad1df68021aaf4627c9d529f13e5c81b5ee4dd228949ca16b9a61d186211d153294470907557e5e14ae665013f285fe4d3766e7b3d8ce5e2a14692072d4d8f79354bcc8db8a2a36c8bcd", 0x2000, &(0x7f00000069c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000066c0)={0x90, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x0, 0x0) r3 = socket$unix(0x1, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r4, 0x0) ioctl$FIBMAP(r2, 0x5393, &(0x7f00000020c0)) [ 836.221816][T16954] ===================================================== [ 836.228817][T16954] BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x81/0x90 [ 836.236293][T16954] CPU: 0 PID: 16954 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0 [ 836.244971][T16954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 836.255036][T16954] Call Trace: [ 836.258347][T16954] dump_stack+0x21c/0x280 [ 836.262698][T16954] kmsan_report+0xf7/0x1e0 [ 836.267140][T16954] kmsan_internal_check_memory+0x238/0x3d0 [ 836.272991][T16954] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 836.279171][T16954] kmsan_copy_to_user+0x81/0x90 [ 836.284034][T16954] _copy_to_user+0x18e/0x260 [ 836.288737][T16954] scsi_cmd_ioctl+0x2422/0x25a0 [ 836.293637][T16954] scsi_cmd_blk_ioctl+0x1f6/0x240 [ 836.298778][T16954] sd_ioctl_common+0x50a/0x5c0 [ 836.303582][T16954] sd_compat_ioctl+0xc5/0x220 [ 836.308538][T16954] ? sd_ioctl+0x220/0x220 [ 836.312935][T16954] compat_blkdev_ioctl+0x74b/0x1200 [ 836.318162][T16954] ? blkdev_common_ioctl+0x3810/0x3810 [ 836.323699][T16954] __se_compat_sys_ioctl+0x55f/0x1100 [ 836.329105][T16954] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 836.335192][T16954] ? syscall_enter_from_user_mode_work+0x4d/0x120 [ 836.341625][T16954] __ia32_compat_sys_ioctl+0x4a/0x70 [ 836.346932][T16954] __do_fast_syscall_32+0x129/0x180 [ 836.352153][T16954] do_fast_syscall_32+0x6a/0xc0 [ 836.357026][T16954] do_SYSENTER_32+0x73/0x90 [ 836.361547][T16954] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 836.367887][T16954] RIP: 0023:0xf7f02549 [ 836.371978][T16954] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 836.391595][T16954] RSP: 002b:00000000f54fc0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 836.400027][T16954] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005393 [ 836.408020][T16954] RDX: 00000000200020c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 836.416008][T16954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 836.423994][T16954] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 836.431982][T16954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 836.439979][T16954] [ 836.442332][T16954] Local variable ----cgc32.i42.i@scsi_cmd_ioctl created at: [ 836.449723][T16954] scsi_cmd_ioctl+0x2257/0x25a0 [ 836.455576][T16954] scsi_cmd_ioctl+0x2257/0x25a0 [ 836.460425][T16954] [ 836.462765][T16954] Bytes 29-31 of 44 are uninitialized [ 836.468326][T16954] Memory access of size 44 starts at ffff888046debac8 [ 836.475092][T16954] Data copied to user address 00000000200020c0 [ 836.481257][T16954] ===================================================== [ 836.488196][T16954] Disabling lock debugging due to kernel taint [ 836.494360][T16954] Kernel panic - not syncing: panic_on_warn set ... [ 836.500965][T16954] CPU: 0 PID: 16954 Comm: syz-executor.4 Tainted: G B 5.9.0-rc4-syzkaller #0 [ 836.511036][T16954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 836.521105][T16954] Call Trace: [ 836.524418][T16954] dump_stack+0x21c/0x280 [ 836.528936][T16954] panic+0x4d7/0xef7 [ 836.532869][T16954] ? add_taint+0x17c/0x210 [ 836.537303][T16954] kmsan_report+0x1df/0x1e0 [ 836.541831][T16954] kmsan_internal_check_memory+0x238/0x3d0 [ 836.547753][T16954] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 836.553934][T16954] kmsan_copy_to_user+0x81/0x90 [ 836.558807][T16954] _copy_to_user+0x18e/0x260 [ 836.563429][T16954] scsi_cmd_ioctl+0x2422/0x25a0 [ 836.568371][T16954] scsi_cmd_blk_ioctl+0x1f6/0x240 [ 836.573417][T16954] sd_ioctl_common+0x50a/0x5c0 [ 836.578213][T16954] sd_compat_ioctl+0xc5/0x220 [ 836.582910][T16954] ? sd_ioctl+0x220/0x220 [ 836.587252][T16954] compat_blkdev_ioctl+0x74b/0x1200 [ 836.592489][T16954] ? blkdev_common_ioctl+0x3810/0x3810 [ 836.597960][T16954] __se_compat_sys_ioctl+0x55f/0x1100 [ 836.603357][T16954] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 836.609434][T16954] ? syscall_enter_from_user_mode_work+0x4d/0x120 [ 836.615871][T16954] __ia32_compat_sys_ioctl+0x4a/0x70 [ 836.621197][T16954] __do_fast_syscall_32+0x129/0x180 [ 836.626417][T16954] do_fast_syscall_32+0x6a/0xc0 [ 836.631485][T16954] do_SYSENTER_32+0x73/0x90 [ 836.636021][T16954] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 836.642361][T16954] RIP: 0023:0xf7f02549 [ 836.646442][T16954] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 836.666097][T16954] RSP: 002b:00000000f54fc0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 836.674530][T16954] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005393 [ 836.682516][T16954] RDX: 00000000200020c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 836.690503][T16954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 836.698487][T16954] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 836.706469][T16954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 836.716522][T16954] Kernel Offset: disabled [ 836.720855][T16954] Rebooting in 86400 seconds..