0000000000000000"], 0x80}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmmsg(r3, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1220.561657] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1220.601846] ? __module_address+0x6a/0x5f0 [ 1220.601846] ? ret_from_intr+0x13/0x33 [ 1220.601846] ? flat_init_apic_ldr+0x180/0x180 [ 1220.601846] ? is_bpf_text_address+0x3e5/0x4d0 [ 1220.601846] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1220.601846] ? is_bpf_text_address+0x49e/0x4d0 [ 1220.601846] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1220.601846] ? __module_address+0x6a/0x5f0 [ 1220.642472] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1220.642472] ? in_task_stack+0x12c/0x210 [ 1220.642472] ? get_stack_info+0x206/0x220 [ 1220.642472] __msan_chain_origin+0x6d/0xb0 [ 1220.642472] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1220.642472] __save_stack_trace+0x8be/0xc60 [ 1220.642472] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1220.671908] save_stack_trace+0xc6/0x110 [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] ? do_softirq_own_stack+0x49/0x80 [ 1220.671908] ? kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] ? kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] ? __msan_memcpy+0x6f/0x80 [ 1220.671908] ? pskb_expand_head+0x436/0x1d20 [ 1220.671908] ? skb_shift+0xce2/0x2d10 [ 1220.671908] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] ? tcp_ack+0x2888/0xa010 [ 1220.671908] ? tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] ? tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] ? tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ? ip_local_deliver+0x44b/0x510 [ 1220.671908] ? ip_rcv+0x6b6/0x740 [ 1220.671908] ? process_backlog+0x82b/0x11e0 [ 1220.671908] ? net_rx_action+0x98f/0x1d50 [ 1220.671908] ? __do_softirq+0x721/0xc7f [ 1220.671908] ? do_softirq_own_stack+0x49/0x80 [ 1220.671908] ? __local_bh_enable_ip+0x228/0x260 [ 1220.671908] ? _raw_spin_unlock_bh+0x4b/0x60 [ 1220.671908] ? sk_wait_data+0x4b9/0x920 [ 1220.671908] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1220.671908] ? inet_recvmsg+0x5b8/0x6c0 [ 1220.671908] ? sock_recvmsg+0x1d1/0x230 [ 1220.671908] ? ___sys_recvmsg+0x444/0xae0 [ 1220.671908] ? __se_sys_recvmsg+0x2fa/0x450 [ 1220.671908] ? __x64_sys_recvmsg+0x4a/0x70 [ 1220.671908] ? do_syscall_64+0xcf/0x110 [ 1220.671908] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1220.671908] ? __msan_get_context_state+0x9/0x20 [ 1220.671908] ? INIT_INT+0xc/0x30 [ 1220.671908] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1220.671908] kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] __msan_memcpy+0x6f/0x80 [ 1220.671908] pskb_expand_head+0x436/0x1d20 [ 1220.671908] skb_shift+0xce2/0x2d10 [ 1220.671908] tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] tcp_ack+0x2888/0xa010 [ 1220.671908] ? tcp_parse_options+0xbe/0x1cf0 [ 1220.671908] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1220.671908] ? tcp_parse_options+0x1c55/0x1cf0 [ 1220.671908] tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] ? __msan_get_context_state+0x9/0x20 [ 1220.671908] tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ? tcp_filter+0x260/0x260 [ 1220.671908] ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ? nf_hook_slow+0x36f/0x3d0 [ 1220.671908] ip_local_deliver+0x44b/0x510 [ 1220.671908] ? ip_local_deliver+0x510/0x510 [ 1220.671908] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1220.671908] ip_rcv+0x6b6/0x740 [ 1220.671908] ? ip_rcv_core+0x1370/0x1370 [ 1220.671908] process_backlog+0x82b/0x11e0 [ 1220.671908] ? ip_local_deliver_finish+0xff0/0xff0 [ 1220.671908] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1220.671908] net_rx_action+0x98f/0x1d50 [ 1220.671908] ? net_tx_action+0xf20/0xf20 [ 1220.671908] __do_softirq+0x721/0xc7f [ 1220.671908] do_softirq_own_stack+0x49/0x80 [ 1220.671908] [ 1220.671908] __local_bh_enable_ip+0x228/0x260 [ 1220.671908] _raw_spin_unlock_bh+0x4b/0x60 [ 1220.671908] sk_wait_data+0x4b9/0x920 [ 1220.671908] ? tcp_send_ack+0x68/0x90 [ 1220.671908] ? tcp_cleanup_rbuf+0x57b/0x8e0 [ 1220.671908] ? wait_woken+0x5b0/0x5b0 [ 1220.671908] tcp_recvmsg+0x1d10/0x4aa0 [ 1220.671908] ? tcp_mmap+0x150/0x150 [ 1220.671908] inet_recvmsg+0x5b8/0x6c0 [ 1220.671908] sock_recvmsg+0x1d1/0x230 [ 1220.671908] ? inet_sendpage+0x990/0x990 [ 1220.671908] ___sys_recvmsg+0x444/0xae0 [ 1220.671908] ? __fdget+0x329/0x440 [ 1220.671908] __se_sys_recvmsg+0x2fa/0x450 [ 1220.671908] __x64_sys_recvmsg+0x4a/0x70 [ 1220.671908] do_syscall_64+0xcf/0x110 [ 1220.671908] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1220.671908] RIP: 0033:0x457569 [ 1220.671908] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1220.671908] RSP: 002b:00007f9e40040c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1220.671908] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1220.671908] RDX: 0000000000000100 RSI: 0000000020000240 RDI: 0000000000000005 [ 1220.671908] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1220.671908] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e400416d4 [ 1220.671908] R13: 00000000004c3549 R14: 00000000004d54c0 R15: 00000000ffffffff [ 1220.671908] Uninit was stored to memory at: [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] __msan_chain_origin+0x6d/0xb0 [ 1220.671908] __save_stack_trace+0x8be/0xc60 [ 1220.671908] save_stack_trace+0xc6/0x110 [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] __msan_memcpy+0x6f/0x80 [ 1220.671908] pskb_expand_head+0x436/0x1d20 [ 1220.671908] skb_shift+0xce2/0x2d10 [ 1220.671908] tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] tcp_ack+0x2888/0xa010 [ 1220.671908] tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ip_local_deliver+0x44b/0x510 [ 1220.671908] ip_rcv+0x6b6/0x740 [ 1220.671908] process_backlog+0x82b/0x11e0 [ 1220.671908] net_rx_action+0x98f/0x1d50 [ 1220.671908] __do_softirq+0x721/0xc7f [ 1220.671908] [ 1220.671908] Uninit was stored to memory at: [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] __msan_chain_origin+0x6d/0xb0 [ 1220.671908] __save_stack_trace+0x8be/0xc60 [ 1220.671908] save_stack_trace+0xc6/0x110 [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] __msan_memcpy+0x6f/0x80 [ 1220.671908] pskb_expand_head+0x436/0x1d20 [ 1220.671908] skb_shift+0xce2/0x2d10 [ 1220.671908] tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] tcp_ack+0x2888/0xa010 [ 1220.671908] tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ip_local_deliver+0x44b/0x510 [ 1220.671908] ip_rcv+0x6b6/0x740 [ 1220.671908] process_backlog+0x82b/0x11e0 [ 1220.671908] net_rx_action+0x98f/0x1d50 [ 1220.671908] __do_softirq+0x721/0xc7f [ 1220.671908] [ 1220.671908] Uninit was stored to memory at: [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] __msan_chain_origin+0x6d/0xb0 [ 1220.671908] __save_stack_trace+0x8be/0xc60 [ 1220.671908] save_stack_trace+0xc6/0x110 [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] __msan_memcpy+0x6f/0x80 [ 1220.671908] pskb_expand_head+0x436/0x1d20 [ 1220.671908] skb_shift+0xce2/0x2d10 [ 1220.671908] tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] tcp_ack+0x2888/0xa010 [ 1220.671908] tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ip_local_deliver+0x44b/0x510 [ 1220.671908] ip_rcv+0x6b6/0x740 [ 1220.671908] process_backlog+0x82b/0x11e0 [ 1220.671908] net_rx_action+0x98f/0x1d50 [ 1220.671908] __do_softirq+0x721/0xc7f [ 1220.671908] [ 1220.671908] Uninit was stored to memory at: [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] __msan_chain_origin+0x6d/0xb0 [ 1220.671908] __save_stack_trace+0x8be/0xc60 [ 1220.671908] save_stack_trace+0xc6/0x110 [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] __msan_memcpy+0x6f/0x80 [ 1220.671908] pskb_expand_head+0x436/0x1d20 [ 1220.671908] skb_shift+0xce2/0x2d10 [ 1220.671908] tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] tcp_ack+0x2888/0xa010 [ 1220.671908] tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ip_local_deliver+0x44b/0x510 [ 1220.671908] ip_rcv+0x6b6/0x740 [ 1220.671908] process_backlog+0x82b/0x11e0 [ 1220.671908] net_rx_action+0x98f/0x1d50 [ 1220.671908] __do_softirq+0x721/0xc7f [ 1220.671908] [ 1220.671908] Uninit was stored to memory at: [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] __msan_chain_origin+0x6d/0xb0 [ 1220.671908] __save_stack_trace+0x8be/0xc60 [ 1220.671908] save_stack_trace+0xc6/0x110 [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] __msan_memcpy+0x6f/0x80 [ 1220.671908] pskb_expand_head+0x436/0x1d20 [ 1220.671908] skb_shift+0xce2/0x2d10 [ 1220.671908] tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] tcp_ack+0x2888/0xa010 [ 1220.671908] tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ip_local_deliver+0x44b/0x510 [ 1220.671908] ip_rcv+0x6b6/0x740 [ 1220.671908] process_backlog+0x82b/0x11e0 [ 1220.671908] net_rx_action+0x98f/0x1d50 [ 1220.671908] __do_softirq+0x721/0xc7f [ 1220.671908] [ 1220.671908] Uninit was stored to memory at: [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] __msan_chain_origin+0x6d/0xb0 [ 1220.671908] __save_stack_trace+0x8be/0xc60 [ 1220.671908] save_stack_trace+0xc6/0x110 [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] __msan_memcpy+0x6f/0x80 [ 1220.671908] pskb_expand_head+0x436/0x1d20 [ 1220.671908] skb_shift+0xce2/0x2d10 [ 1220.671908] tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] tcp_ack+0x2888/0xa010 [ 1220.671908] tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ip_local_deliver+0x44b/0x510 [ 1220.671908] ip_rcv+0x6b6/0x740 [ 1220.671908] process_backlog+0x82b/0x11e0 [ 1220.671908] net_rx_action+0x98f/0x1d50 [ 1220.671908] __do_softirq+0x721/0xc7f [ 1220.671908] [ 1220.671908] Uninit was stored to memory at: [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] __msan_chain_origin+0x6d/0xb0 [ 1220.671908] __save_stack_trace+0x8be/0xc60 [ 1220.671908] save_stack_trace+0xc6/0x110 [ 1220.671908] kmsan_internal_chain_origin+0x136/0x240 [ 1220.671908] kmsan_memcpy_origins+0x13d/0x190 [ 1220.671908] __msan_memcpy+0x6f/0x80 [ 1220.671908] pskb_expand_head+0x436/0x1d20 [ 1220.671908] skb_shift+0xce2/0x2d10 [ 1220.671908] tcp_sacktag_walk+0x2156/0x29d0 [ 1220.671908] tcp_sacktag_write_queue+0x2805/0x4630 [ 1220.671908] tcp_ack+0x2888/0xa010 [ 1220.671908] tcp_rcv_established+0xf7e/0x2940 [ 1220.671908] tcp_v4_do_rcv+0x686/0xd80 [ 1220.671908] tcp_v4_rcv+0x5a13/0x6520 [ 1220.671908] ip_local_deliver_finish+0x8d8/0xff0 [ 1220.671908] ip_local_deliver+0x44b/0x510 [ 1220.671908] ip_rcv+0x6b6/0x740 [ 1220.671908] process_backlog+0x82b/0x11e0 [ 1220.671908] net_rx_action+0x98f/0x1d50 [ 1220.671908] __do_softirq+0x721/0xc7f [ 1220.671908] [ 1220.671908] Local variable description: ----old.addr.i.i.i@should_fail 14:17:38 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) [ 1220.671908] Variable was created at: [ 1220.671908] should_fail+0x123/0x13c0 [ 1220.671908] __should_failslab+0x278/0x2a0 [ 1221.840801] not chained 5430000 origins [ 1221.841659] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1221.841659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1221.841659] Call Trace: [ 1221.841659] dump_stack+0x32d/0x480 [ 1221.841659] kmsan_internal_chain_origin+0x222/0x240 [ 1221.841659] ? INIT_BOOL+0xc/0x30 [ 1221.841659] ? do_raw_spin_lock+0x2c3/0x410 [ 1221.841659] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1221.841659] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1221.841659] ? in_task_stack+0x12c/0x210 [ 1221.841659] ? task_kmsan_context_state+0x51/0x90 [ 1221.841659] ? __msan_get_context_state+0x9/0x20 [ 1221.841659] ? __kernel_text_address+0x19/0x350 [ 1221.841659] ? ret_from_fork+0x35/0x40 [ 1221.911799] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1221.911799] ? in_task_stack+0x12c/0x210 [ 1221.911799] __msan_chain_origin+0x6d/0xb0 [ 1221.911799] ? run_ksoftirqd+0x37/0x60 [ 1221.911799] __save_stack_trace+0x8be/0xc60 [ 1221.911799] ? run_ksoftirqd+0x37/0x60 [ 1221.911799] save_stack_trace+0xc6/0x110 [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] ? run_ksoftirqd+0x37/0x60 [ 1221.911799] ? kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] ? kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] ? __msan_memcpy+0x6f/0x80 [ 1221.911799] ? pskb_expand_head+0x436/0x1d20 [ 1221.911799] ? skb_shift+0xce2/0x2d10 [ 1221.911799] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] ? tcp_ack+0x2888/0xa010 [ 1221.911799] ? tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] ? tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] ? tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ? ip_local_deliver+0x44b/0x510 [ 1221.911799] ? ip_rcv+0x6b6/0x740 [ 1221.911799] ? process_backlog+0x82b/0x11e0 [ 1221.911799] ? net_rx_action+0x98f/0x1d50 [ 1221.911799] ? __do_softirq+0x721/0xc7f [ 1221.911799] ? run_ksoftirqd+0x37/0x60 [ 1221.911799] ? smpboot_thread_fn+0x69c/0xb30 [ 1221.911799] ? kthread+0x5e7/0x620 [ 1221.911799] ? ret_from_fork+0x35/0x40 [ 1221.911799] ? __msan_get_context_state+0x9/0x20 [ 1221.911799] ? INIT_INT+0xc/0x30 [ 1221.911799] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1221.911799] kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] __msan_memcpy+0x6f/0x80 [ 1221.911799] pskb_expand_head+0x436/0x1d20 [ 1221.911799] skb_shift+0xce2/0x2d10 [ 1221.911799] tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] tcp_ack+0x2888/0xa010 [ 1221.911799] ? tcp_parse_options+0xbe/0x1cf0 [ 1221.911799] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1221.911799] ? tcp_parse_options+0x1c55/0x1cf0 [ 1221.911799] tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] ? __msan_get_context_state+0x9/0x20 [ 1221.911799] tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ? tcp_filter+0x260/0x260 [ 1221.911799] ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ? nf_hook_slow+0x36f/0x3d0 [ 1221.911799] ip_local_deliver+0x44b/0x510 [ 1221.911799] ? ip_local_deliver+0x510/0x510 [ 1221.911799] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1221.911799] ip_rcv+0x6b6/0x740 [ 1221.911799] ? ip_rcv_core+0x1370/0x1370 [ 1221.911799] process_backlog+0x82b/0x11e0 [ 1221.911799] ? ip_local_deliver_finish+0xff0/0xff0 [ 1221.911799] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1221.911799] net_rx_action+0x98f/0x1d50 [ 1221.911799] ? net_tx_action+0xf20/0xf20 [ 1221.911799] __do_softirq+0x721/0xc7f [ 1221.911799] ? ksoftirqd_should_run+0x50/0x50 [ 1221.911799] run_ksoftirqd+0x37/0x60 [ 1221.911799] smpboot_thread_fn+0x69c/0xb30 [ 1221.911799] kthread+0x5e7/0x620 [ 1221.911799] ? cpu_report_death+0x4a0/0x4a0 [ 1221.911799] ? INIT_BOOL+0x30/0x30 [ 1221.911799] ret_from_fork+0x35/0x40 [ 1221.911799] Uninit was stored to memory at: [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] __msan_chain_origin+0x6d/0xb0 [ 1221.911799] __save_stack_trace+0x8be/0xc60 [ 1221.911799] save_stack_trace+0xc6/0x110 [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] __msan_memcpy+0x6f/0x80 [ 1221.911799] pskb_expand_head+0x436/0x1d20 [ 1221.911799] skb_shift+0xce2/0x2d10 [ 1221.911799] tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] tcp_ack+0x2888/0xa010 [ 1221.911799] tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ip_local_deliver+0x44b/0x510 [ 1221.911799] ip_rcv+0x6b6/0x740 [ 1221.911799] process_backlog+0x82b/0x11e0 [ 1221.911799] net_rx_action+0x98f/0x1d50 [ 1221.911799] __do_softirq+0x721/0xc7f [ 1221.911799] [ 1221.911799] Uninit was stored to memory at: [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] __msan_chain_origin+0x6d/0xb0 [ 1221.911799] __save_stack_trace+0x8be/0xc60 [ 1221.911799] save_stack_trace+0xc6/0x110 [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] __msan_memcpy+0x6f/0x80 [ 1221.911799] pskb_expand_head+0x436/0x1d20 [ 1221.911799] skb_shift+0xce2/0x2d10 [ 1221.911799] tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] tcp_ack+0x2888/0xa010 [ 1221.911799] tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ip_local_deliver+0x44b/0x510 [ 1221.911799] ip_rcv+0x6b6/0x740 [ 1221.911799] process_backlog+0x82b/0x11e0 [ 1221.911799] net_rx_action+0x98f/0x1d50 [ 1221.911799] __do_softirq+0x721/0xc7f [ 1221.911799] [ 1221.911799] Uninit was stored to memory at: [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] __msan_chain_origin+0x6d/0xb0 [ 1221.911799] __save_stack_trace+0x8be/0xc60 [ 1221.911799] save_stack_trace+0xc6/0x110 [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] __msan_memcpy+0x6f/0x80 [ 1221.911799] pskb_expand_head+0x436/0x1d20 [ 1221.911799] skb_shift+0xce2/0x2d10 [ 1221.911799] tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] tcp_ack+0x2888/0xa010 [ 1221.911799] tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ip_local_deliver+0x44b/0x510 [ 1221.911799] ip_rcv+0x6b6/0x740 [ 1221.911799] process_backlog+0x82b/0x11e0 [ 1221.911799] net_rx_action+0x98f/0x1d50 [ 1221.911799] __do_softirq+0x721/0xc7f [ 1221.911799] [ 1221.911799] Uninit was stored to memory at: [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] __msan_chain_origin+0x6d/0xb0 [ 1221.911799] __save_stack_trace+0x8be/0xc60 [ 1221.911799] save_stack_trace+0xc6/0x110 [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] __msan_memcpy+0x6f/0x80 [ 1221.911799] pskb_expand_head+0x436/0x1d20 [ 1221.911799] skb_shift+0xce2/0x2d10 [ 1221.911799] tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] tcp_ack+0x2888/0xa010 [ 1221.911799] tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ip_local_deliver+0x44b/0x510 [ 1221.911799] ip_rcv+0x6b6/0x740 [ 1221.911799] process_backlog+0x82b/0x11e0 [ 1221.911799] net_rx_action+0x98f/0x1d50 [ 1221.911799] __do_softirq+0x721/0xc7f [ 1221.911799] [ 1221.911799] Uninit was stored to memory at: [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] __msan_chain_origin+0x6d/0xb0 [ 1221.911799] __save_stack_trace+0x8be/0xc60 [ 1221.911799] save_stack_trace+0xc6/0x110 [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] __msan_memcpy+0x6f/0x80 [ 1221.911799] pskb_expand_head+0x436/0x1d20 [ 1221.911799] skb_shift+0xce2/0x2d10 [ 1221.911799] tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] tcp_ack+0x2888/0xa010 [ 1221.911799] tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ip_local_deliver+0x44b/0x510 [ 1221.911799] ip_rcv+0x6b6/0x740 [ 1221.911799] process_backlog+0x82b/0x11e0 [ 1221.911799] net_rx_action+0x98f/0x1d50 [ 1221.911799] __do_softirq+0x721/0xc7f [ 1221.911799] [ 1221.911799] Uninit was stored to memory at: [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] __msan_chain_origin+0x6d/0xb0 [ 1221.911799] __save_stack_trace+0x8be/0xc60 [ 1221.911799] save_stack_trace+0xc6/0x110 [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] __msan_memcpy+0x6f/0x80 [ 1221.911799] pskb_expand_head+0x436/0x1d20 [ 1221.911799] skb_shift+0xce2/0x2d10 [ 1221.911799] tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] tcp_ack+0x2888/0xa010 [ 1221.911799] tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ip_local_deliver+0x44b/0x510 [ 1221.911799] ip_rcv+0x6b6/0x740 [ 1221.911799] process_backlog+0x82b/0x11e0 [ 1221.911799] net_rx_action+0x98f/0x1d50 [ 1221.911799] __do_softirq+0x721/0xc7f [ 1221.911799] [ 1221.911799] Uninit was stored to memory at: [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] __msan_chain_origin+0x6d/0xb0 [ 1221.911799] __save_stack_trace+0x8be/0xc60 [ 1221.911799] save_stack_trace+0xc6/0x110 [ 1221.911799] kmsan_internal_chain_origin+0x136/0x240 [ 1221.911799] kmsan_memcpy_origins+0x13d/0x190 [ 1221.911799] __msan_memcpy+0x6f/0x80 [ 1221.911799] pskb_expand_head+0x436/0x1d20 [ 1221.911799] skb_shift+0xce2/0x2d10 [ 1221.911799] tcp_sacktag_walk+0x2156/0x29d0 [ 1221.911799] tcp_sacktag_write_queue+0x2805/0x4630 [ 1221.911799] tcp_ack+0x2888/0xa010 [ 1221.911799] tcp_rcv_established+0xf7e/0x2940 [ 1221.911799] tcp_v4_do_rcv+0x686/0xd80 [ 1221.911799] tcp_v4_rcv+0x5a13/0x6520 [ 1221.911799] ip_local_deliver_finish+0x8d8/0xff0 [ 1221.911799] ip_local_deliver+0x44b/0x510 [ 1221.911799] ip_rcv+0x6b6/0x740 [ 1221.911799] process_backlog+0x82b/0x11e0 [ 1221.911799] net_rx_action+0x98f/0x1d50 [ 1221.911799] __do_softirq+0x721/0xc7f [ 1221.911799] [ 1221.911799] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1221.911799] Variable was created at: [ 1221.911799] ipv4_conntrack_local+0x75/0x470 [ 1221.911799] nf_hook_slow+0x15c/0x3d0 14:17:40 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:40 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) [ 1223.328727] not chained 5440000 origins [ 1223.331671] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1223.331671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1223.331671] Call Trace: [ 1223.331671] dump_stack+0x32d/0x480 [ 1223.331671] ? save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x222/0x240 [ 1223.331671] ? kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] ? __msan_chain_origin+0x6d/0xb0 [ 1223.331671] ? __save_stack_trace+0x8be/0xc60 [ 1223.331671] ? save_stack_trace+0xc6/0x110 [ 1223.331671] ? kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] ? kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] ? __msan_memcpy+0x6f/0x80 [ 1223.331671] ? pskb_expand_head+0x436/0x1d20 [ 1223.331671] ? skb_shift+0xce2/0x2d10 [ 1223.331671] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] ? tcp_ack+0x2888/0xa010 [ 1223.331671] ? tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] ? tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] ? tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ? ip_local_deliver+0x44b/0x510 [ 1223.331671] ? ip_rcv+0x6b6/0x740 [ 1223.331671] ? process_backlog+0x82b/0x11e0 [ 1223.331671] ? net_rx_action+0x98f/0x1d50 [ 1223.331671] ? __do_softirq+0x721/0xc7f [ 1223.331671] ? run_ksoftirqd+0x37/0x60 [ 1223.331671] ? smpboot_thread_fn+0x69c/0xb30 [ 1223.331671] ? kthread+0x5e7/0x620 [ 1223.331671] ? ret_from_fork+0x35/0x40 [ 1223.331671] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1223.331671] ? in_task_stack+0x12c/0x210 [ 1223.331671] ? task_kmsan_context_state+0x51/0x90 [ 1223.331671] ? __msan_get_context_state+0x9/0x20 [ 1223.331671] ? __kernel_text_address+0x19/0x350 [ 1223.331671] ? ret_from_fork+0x35/0x40 [ 1223.331671] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1223.331671] ? in_task_stack+0x12c/0x210 [ 1223.331671] __msan_chain_origin+0x6d/0xb0 [ 1223.331671] ? process_backlog+0x82b/0x11e0 [ 1223.331671] __save_stack_trace+0x8be/0xc60 [ 1223.331671] ? process_backlog+0x82b/0x11e0 [ 1223.331671] save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] ? run_ksoftirqd+0x37/0x60 [ 1223.331671] ? kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] ? kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] ? __msan_memcpy+0x6f/0x80 [ 1223.331671] ? pskb_expand_head+0x436/0x1d20 [ 1223.331671] ? skb_shift+0xce2/0x2d10 [ 1223.331671] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] ? tcp_ack+0x2888/0xa010 [ 1223.331671] ? tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] ? tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] ? tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ? ip_local_deliver+0x44b/0x510 [ 1223.331671] ? ip_rcv+0x6b6/0x740 [ 1223.331671] ? process_backlog+0x82b/0x11e0 [ 1223.331671] ? net_rx_action+0x98f/0x1d50 [ 1223.331671] ? __do_softirq+0x721/0xc7f [ 1223.331671] ? run_ksoftirqd+0x37/0x60 [ 1223.331671] ? smpboot_thread_fn+0x69c/0xb30 [ 1223.331671] ? kthread+0x5e7/0x620 [ 1223.331671] ? ret_from_fork+0x35/0x40 [ 1223.331671] ? __msan_get_context_state+0x9/0x20 [ 1223.331671] ? INIT_INT+0xc/0x30 [ 1223.331671] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1223.331671] kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] __msan_memcpy+0x6f/0x80 [ 1223.331671] pskb_expand_head+0x436/0x1d20 [ 1223.331671] skb_shift+0xce2/0x2d10 [ 1223.331671] tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] tcp_ack+0x2888/0xa010 [ 1223.331671] ? tcp_parse_options+0xbe/0x1cf0 [ 1223.331671] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1223.331671] ? tcp_parse_options+0x1c55/0x1cf0 [ 1223.331671] tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] ? __msan_get_context_state+0x9/0x20 [ 1223.331671] tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ? tcp_filter+0x260/0x260 [ 1223.331671] ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ? nf_hook_slow+0x36f/0x3d0 [ 1223.331671] ip_local_deliver+0x44b/0x510 [ 1223.331671] ? ip_local_deliver+0x510/0x510 [ 1223.331671] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1223.331671] ip_rcv+0x6b6/0x740 [ 1223.331671] ? ip_rcv_core+0x1370/0x1370 [ 1223.331671] process_backlog+0x82b/0x11e0 [ 1223.331671] ? ip_local_deliver_finish+0xff0/0xff0 [ 1223.331671] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1223.331671] net_rx_action+0x98f/0x1d50 [ 1223.331671] ? net_tx_action+0xf20/0xf20 [ 1223.331671] __do_softirq+0x721/0xc7f [ 1223.331671] ? ksoftirqd_should_run+0x50/0x50 [ 1223.331671] run_ksoftirqd+0x37/0x60 [ 1223.331671] smpboot_thread_fn+0x69c/0xb30 [ 1223.331671] kthread+0x5e7/0x620 [ 1223.331671] ? cpu_report_death+0x4a0/0x4a0 [ 1223.331671] ? INIT_BOOL+0x30/0x30 [ 1223.331671] ret_from_fork+0x35/0x40 [ 1223.331671] Uninit was stored to memory at: [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] __msan_chain_origin+0x6d/0xb0 [ 1223.331671] __save_stack_trace+0x8be/0xc60 [ 1223.331671] save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] __msan_memcpy+0x6f/0x80 [ 1223.331671] pskb_expand_head+0x436/0x1d20 [ 1223.331671] skb_shift+0xce2/0x2d10 [ 1223.331671] tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] tcp_ack+0x2888/0xa010 [ 1223.331671] tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ip_local_deliver+0x44b/0x510 [ 1223.331671] ip_rcv+0x6b6/0x740 [ 1223.331671] process_backlog+0x82b/0x11e0 [ 1223.331671] net_rx_action+0x98f/0x1d50 [ 1223.331671] __do_softirq+0x721/0xc7f [ 1223.331671] [ 1223.331671] Uninit was stored to memory at: [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] __msan_chain_origin+0x6d/0xb0 [ 1223.331671] __save_stack_trace+0x8be/0xc60 [ 1223.331671] save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] __msan_memcpy+0x6f/0x80 [ 1223.331671] pskb_expand_head+0x436/0x1d20 [ 1223.331671] skb_shift+0xce2/0x2d10 [ 1223.331671] tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] tcp_ack+0x2888/0xa010 [ 1223.331671] tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ip_local_deliver+0x44b/0x510 [ 1223.331671] ip_rcv+0x6b6/0x740 [ 1223.331671] process_backlog+0x82b/0x11e0 [ 1223.331671] net_rx_action+0x98f/0x1d50 [ 1223.331671] __do_softirq+0x721/0xc7f [ 1223.331671] [ 1223.331671] Uninit was stored to memory at: [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] __msan_chain_origin+0x6d/0xb0 [ 1223.331671] __save_stack_trace+0x8be/0xc60 [ 1223.331671] save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] __msan_memcpy+0x6f/0x80 [ 1223.331671] pskb_expand_head+0x436/0x1d20 [ 1223.331671] skb_shift+0xce2/0x2d10 [ 1223.331671] tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] tcp_ack+0x2888/0xa010 [ 1223.331671] tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ip_local_deliver+0x44b/0x510 [ 1223.331671] ip_rcv+0x6b6/0x740 [ 1223.331671] process_backlog+0x82b/0x11e0 [ 1223.331671] net_rx_action+0x98f/0x1d50 [ 1223.331671] __do_softirq+0x721/0xc7f [ 1223.331671] [ 1223.331671] Uninit was stored to memory at: [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] __msan_chain_origin+0x6d/0xb0 [ 1223.331671] __save_stack_trace+0x8be/0xc60 [ 1223.331671] save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] __msan_memcpy+0x6f/0x80 [ 1223.331671] pskb_expand_head+0x436/0x1d20 [ 1223.331671] skb_shift+0xce2/0x2d10 [ 1223.331671] tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] tcp_ack+0x2888/0xa010 [ 1223.331671] tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ip_local_deliver+0x44b/0x510 [ 1223.331671] ip_rcv+0x6b6/0x740 [ 1223.331671] process_backlog+0x82b/0x11e0 [ 1223.331671] net_rx_action+0x98f/0x1d50 [ 1223.331671] __do_softirq+0x721/0xc7f [ 1223.331671] [ 1223.331671] Uninit was stored to memory at: [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] __msan_chain_origin+0x6d/0xb0 [ 1223.331671] __save_stack_trace+0x8be/0xc60 [ 1223.331671] save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] __msan_memcpy+0x6f/0x80 [ 1223.331671] pskb_expand_head+0x436/0x1d20 [ 1223.331671] skb_shift+0xce2/0x2d10 [ 1223.331671] tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] tcp_ack+0x2888/0xa010 [ 1223.331671] tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ip_local_deliver+0x44b/0x510 [ 1223.331671] ip_rcv+0x6b6/0x740 [ 1223.331671] process_backlog+0x82b/0x11e0 [ 1223.331671] net_rx_action+0x98f/0x1d50 [ 1223.331671] __do_softirq+0x721/0xc7f [ 1223.331671] [ 1223.331671] Uninit was stored to memory at: [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] __msan_chain_origin+0x6d/0xb0 [ 1223.331671] __save_stack_trace+0x8be/0xc60 [ 1223.331671] save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] __msan_memcpy+0x6f/0x80 [ 1223.331671] pskb_expand_head+0x436/0x1d20 [ 1223.331671] skb_shift+0xce2/0x2d10 [ 1223.331671] tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] tcp_ack+0x2888/0xa010 [ 1223.331671] tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ip_local_deliver_finish+0x8d8/0xff0 [ 1223.331671] ip_local_deliver+0x44b/0x510 [ 1223.331671] ip_rcv+0x6b6/0x740 [ 1223.331671] process_backlog+0x82b/0x11e0 [ 1223.331671] net_rx_action+0x98f/0x1d50 [ 1223.331671] __do_softirq+0x721/0xc7f [ 1223.331671] [ 1223.331671] Uninit was stored to memory at: [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] __msan_chain_origin+0x6d/0xb0 [ 1223.331671] __save_stack_trace+0x8be/0xc60 [ 1223.331671] save_stack_trace+0xc6/0x110 [ 1223.331671] kmsan_internal_chain_origin+0x136/0x240 [ 1223.331671] kmsan_memcpy_origins+0x13d/0x190 [ 1223.331671] __msan_memcpy+0x6f/0x80 [ 1223.331671] pskb_expand_head+0x436/0x1d20 [ 1223.331671] skb_shift+0xce2/0x2d10 [ 1223.331671] tcp_sacktag_walk+0x2156/0x29d0 [ 1223.331671] tcp_sacktag_write_queue+0x2805/0x4630 [ 1223.331671] tcp_ack+0x2888/0xa010 [ 1223.331671] tcp_rcv_established+0xf7e/0x2940 [ 1223.331671] tcp_v4_do_rcv+0x686/0xd80 [ 1223.331671] tcp_v4_rcv+0x5a13/0x6520 [ 1223.331671] ip_local_deliver_finish+0x8d8/0xff0 14:17:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x61f7, 0x101000) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000000140)={0x24101b58fd89248b, 0x1, 0x100000000, 0x0, 0x7}) sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000184000)=ANY=[@ANYRESHEX=r1], 0x12}}, 0xfffffffffffffffc) r3 = socket$key(0xf, 0x3, 0x2) sendmmsg(r3, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1223.331671] ip_local_deliver+0x44b/0x510 [ 1223.331671] ip_rcv+0x6b6/0x740 [ 1223.331671] process_backlog+0x82b/0x11e0 [ 1223.331671] net_rx_action+0x98f/0x1d50 [ 1223.331671] __do_softirq+0x721/0xc7f [ 1223.331671] [ 1223.331671] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1223.331671] Variable was created at: [ 1223.331671] ipv4_conntrack_local+0x75/0x470 [ 1223.331671] nf_hook_slow+0x15c/0x3d0 [ 1224.552882] not chained 5450000 origins [ 1224.556915] CPU: 0 PID: 18850 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 1224.561662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1224.561662] Call Trace: [ 1224.561662] [ 1224.561662] dump_stack+0x32d/0x480 [ 1224.561662] ? save_stack_trace+0xc6/0x110 [ 1224.561662] kmsan_internal_chain_origin+0x222/0x240 [ 1224.561662] ? __msan_poison_alloca+0x1e0/0x270 [ 1224.561662] ? __msan_memcpy+0x6f/0x80 [ 1224.561662] ? __msan_get_context_state+0x9/0x20 [ 1224.561662] ? INIT_INT+0xc/0x30 [ 1224.561662] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1224.561662] ? __module_address+0x6a/0x5f0 [ 1224.561662] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1224.561662] ? in_task_stack+0x12c/0x210 [ 1224.561662] ? get_stack_info+0x206/0x220 [ 1224.561662] __msan_chain_origin+0x6d/0xb0 [ 1224.561662] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1224.561662] __save_stack_trace+0x8be/0xc60 [ 1224.561662] ? INIT_INT+0x30/0x30 [ 1224.561662] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1224.561662] save_stack_trace+0xc6/0x110 [ 1224.561662] kmsan_internal_chain_origin+0x136/0x240 [ 1224.561662] ? kmsan_internal_chain_origin+0x136/0x240 [ 1224.561662] ? kmsan_memcpy_origins+0x13d/0x190 [ 1224.561662] ? __msan_memcpy+0x6f/0x80 [ 1224.561662] ? pskb_expand_head+0x436/0x1d20 [ 1224.561662] ? skb_shift+0xce2/0x2d10 [ 1224.561662] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1224.561662] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.561662] ? tcp_ack+0x2888/0xa010 [ 1224.561662] ? tcp_rcv_established+0xf7e/0x2940 [ 1224.561662] ? tcp_v4_do_rcv+0x686/0xd80 [ 1224.561662] ? tcp_v4_rcv+0x5a13/0x6520 [ 1224.561662] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1224.561662] ? ip_local_deliver+0x44b/0x510 [ 1224.561662] ? ip_rcv+0x6b6/0x740 [ 1224.561662] ? process_backlog+0x82b/0x11e0 [ 1224.561662] ? net_rx_action+0x98f/0x1d50 [ 1224.561662] ? __do_softirq+0x721/0xc7f [ 1224.561662] ? irq_exit+0x305/0x340 [ 1224.561662] ? exiting_irq+0xe/0x10 [ 1224.561662] ? smp_apic_timer_interrupt+0x64/0x90 [ 1224.561662] ? apic_timer_interrupt+0xf/0x20 [ 1224.752786] ? __msan_poison_alloca+0x23/0x270 [ 1224.752786] ? page_remove_rmap+0x106/0x1820 [ 1224.752786] ? unmap_page_range+0x213a/0x3950 [ 1224.752786] ? unmap_single_vma+0x43f/0x5e0 [ 1224.752786] ? unmap_vmas+0x251/0x380 [ 1224.752786] ? exit_mmap+0x51e/0xa10 [ 1224.752786] ? __mmput+0x17a/0x700 [ 1224.752786] ? mmput+0x190/0x210 [ 1224.752786] ? exit_mm+0xa90/0xc70 [ 1224.752786] ? do_exit+0x10f2/0x4070 [ 1224.752786] ? do_group_exit+0x1a7/0x350 [ 1224.752786] ? get_signal+0x11e2/0x2330 [ 1224.752786] ? do_signal+0x1f3/0x2fc0 [ 1224.752786] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1224.752786] ? syscall_return_slowpath+0xed/0x730 [ 1224.752786] ? do_syscall_64+0xf5/0x110 [ 1224.752786] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1224.752786] ? __msan_get_context_state+0x9/0x20 [ 1224.752786] ? INIT_INT+0xc/0x30 [ 1224.752786] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1224.752786] kmsan_memcpy_origins+0x13d/0x190 [ 1224.752786] __msan_memcpy+0x6f/0x80 [ 1224.752786] pskb_expand_head+0x436/0x1d20 [ 1224.752786] skb_shift+0xce2/0x2d10 [ 1224.752786] tcp_sacktag_walk+0x2156/0x29d0 [ 1224.752786] tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.752786] tcp_ack+0x2888/0xa010 [ 1224.752786] ? tcp_parse_options+0xbe/0x1cf0 [ 1224.752786] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1224.752786] ? tcp_parse_options+0x1c55/0x1cf0 [ 1224.752786] tcp_rcv_established+0xf7e/0x2940 [ 1224.752786] ? __msan_get_context_state+0x9/0x20 [ 1224.752786] tcp_v4_do_rcv+0x686/0xd80 [ 1224.752786] tcp_v4_rcv+0x5a13/0x6520 [ 1224.752786] ? tcp_filter+0x260/0x260 [ 1224.752786] ip_local_deliver_finish+0x8d8/0xff0 [ 1224.752786] ? nf_hook_slow+0x36f/0x3d0 [ 1224.752786] ip_local_deliver+0x44b/0x510 [ 1224.752786] ? ip_local_deliver+0x510/0x510 [ 1224.752786] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1224.752786] ip_rcv+0x6b6/0x740 [ 1224.752786] ? ip_rcv_core+0x1370/0x1370 [ 1224.752786] process_backlog+0x82b/0x11e0 [ 1224.752786] ? ip_local_deliver_finish+0xff0/0xff0 [ 1224.752786] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1224.752786] net_rx_action+0x98f/0x1d50 [ 1224.752786] ? net_tx_action+0xf20/0xf20 [ 1224.752786] __do_softirq+0x721/0xc7f [ 1224.752786] irq_exit+0x305/0x340 [ 1224.752786] exiting_irq+0xe/0x10 [ 1224.752786] smp_apic_timer_interrupt+0x64/0x90 [ 1224.752786] apic_timer_interrupt+0xf/0x20 [ 1224.752786] [ 1224.752786] RIP: 0010:__msan_poison_alloca+0x23/0x270 [ 1224.752786] Code: 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 f0 48 83 ec 70 65 48 8b 04 25 28 00 00 00 48 89 44 24 60 <48> 81 fe 01 40 00 00 0f 83 2a 02 00 00 48 b8 04 00 00 00 04 00 00 [ 1224.752786] RSP: 0018:ffff8880acddf220 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 1224.752786] RAX: 3b7fedf72e470e00 RBX: 0000000000000000 RCX: 0000000000000002 [ 1224.752786] RDX: ffffffff8bf150a0 RSI: 0000000000000004 RDI: ffff8880acddf318 [ 1224.752786] RBP: ffff8880acddf2b8 R08: 0000000000480020 R09: 0000000000000002 [ 1224.752786] R10: 000000ffffffffff R11: 0000000000000000 R12: ffff888186230988 [ 1224.752786] R13: ffffea0007adf420 R14: 0000000000000000 R15: 0000000000000000 [ 1224.752786] ? page_remove_rmap+0xf1/0x1820 [ 1224.752786] ? unmap_page_range+0x213a/0x3950 [ 1224.752786] page_remove_rmap+0x106/0x1820 [ 1224.752786] ? __tlb_remove_page_size+0x24b/0x560 [ 1224.752786] unmap_page_range+0x213a/0x3950 [ 1224.752786] unmap_single_vma+0x43f/0x5e0 [ 1224.752786] unmap_vmas+0x251/0x380 [ 1224.752786] exit_mmap+0x51e/0xa10 [ 1224.752786] ? __khugepaged_exit+0x6b9/0x8b0 [ 1224.752786] __mmput+0x17a/0x700 [ 1224.752786] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1224.752786] mmput+0x190/0x210 [ 1224.752786] exit_mm+0xa90/0xc70 [ 1224.752786] do_exit+0x10f2/0x4070 [ 1224.752786] do_group_exit+0x1a7/0x350 [ 1224.752786] get_signal+0x11e2/0x2330 [ 1224.752786] ? do_signal+0x1dd/0x2fc0 [ 1224.752786] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1224.752786] do_signal+0x1f3/0x2fc0 [ 1224.752786] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1224.752786] ? kmsan_set_origin+0x7f/0x100 [ 1224.752786] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1224.752786] prepare_exit_to_usermode+0x2c9/0x4c0 [ 1224.752786] syscall_return_slowpath+0xed/0x730 [ 1224.752786] ? __se_sys_seccomp+0x92/0xb0 [ 1224.752786] do_syscall_64+0xf5/0x110 [ 1224.752786] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1224.752786] RIP: 0033:0x457569 [ 1224.752786] Code: 83 c4 18 c3 e8 d8 64 00 00 48 8b 04 24 48 8b 4c 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d ea 55 0b <01> 87 01 8b 05 e2 55 0b 01 83 f8 01 0f 85 8a 00 00 00 b8 01 00 00 [ 1224.752786] RSP: 002b:00007f26388a1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 1224.752786] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000457569 [ 1224.752786] RDX: 0000000020007ff0 RSI: 0000000000000000 RDI: 0000000000000001 [ 1224.752786] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1224.752786] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f26388a26d4 [ 1224.752786] R13: 00000000004c331f R14: 00000000004d5790 R15: 00000000ffffffff [ 1224.752786] Uninit was stored to memory at: [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] __msan_chain_origin+0x6d/0xb0 [ 1224.752786] __save_stack_trace+0x8be/0xc60 [ 1224.752786] save_stack_trace+0xc6/0x110 [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] kmsan_memcpy_origins+0x13d/0x190 [ 1224.752786] __msan_memcpy+0x6f/0x80 [ 1224.752786] pskb_expand_head+0x436/0x1d20 [ 1224.752786] skb_shift+0xce2/0x2d10 [ 1224.752786] tcp_sacktag_walk+0x2156/0x29d0 [ 1224.752786] tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.752786] tcp_ack+0x2888/0xa010 [ 1224.752786] tcp_rcv_established+0xf7e/0x2940 [ 1224.752786] tcp_v4_do_rcv+0x686/0xd80 [ 1224.752786] tcp_v4_rcv+0x5a13/0x6520 [ 1224.752786] ip_local_deliver_finish+0x8d8/0xff0 [ 1224.752786] ip_local_deliver+0x44b/0x510 [ 1224.752786] ip_rcv+0x6b6/0x740 [ 1224.752786] process_backlog+0x82b/0x11e0 [ 1224.752786] net_rx_action+0x98f/0x1d50 [ 1224.752786] __do_softirq+0x721/0xc7f [ 1224.752786] [ 1224.752786] Uninit was stored to memory at: [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] __msan_chain_origin+0x6d/0xb0 [ 1224.752786] __save_stack_trace+0x8be/0xc60 [ 1224.752786] save_stack_trace+0xc6/0x110 [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] kmsan_memcpy_origins+0x13d/0x190 [ 1224.752786] __msan_memcpy+0x6f/0x80 [ 1224.752786] pskb_expand_head+0x436/0x1d20 [ 1224.752786] skb_shift+0xce2/0x2d10 [ 1224.752786] tcp_sacktag_walk+0x2156/0x29d0 [ 1224.752786] tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.752786] tcp_ack+0x2888/0xa010 [ 1224.752786] tcp_rcv_established+0xf7e/0x2940 [ 1224.752786] tcp_v4_do_rcv+0x686/0xd80 [ 1224.752786] tcp_v4_rcv+0x5a13/0x6520 [ 1224.752786] ip_local_deliver_finish+0x8d8/0xff0 [ 1224.752786] ip_local_deliver+0x44b/0x510 [ 1224.752786] ip_rcv+0x6b6/0x740 [ 1224.752786] process_backlog+0x82b/0x11e0 [ 1224.752786] net_rx_action+0x98f/0x1d50 [ 1224.752786] __do_softirq+0x721/0xc7f [ 1224.752786] [ 1224.752786] Uninit was stored to memory at: [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] __msan_chain_origin+0x6d/0xb0 [ 1224.752786] __save_stack_trace+0x8be/0xc60 [ 1224.752786] save_stack_trace+0xc6/0x110 [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] kmsan_memcpy_origins+0x13d/0x190 [ 1224.752786] __msan_memcpy+0x6f/0x80 [ 1224.752786] pskb_expand_head+0x436/0x1d20 [ 1224.752786] skb_shift+0xce2/0x2d10 [ 1224.752786] tcp_sacktag_walk+0x2156/0x29d0 [ 1224.752786] tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.752786] tcp_ack+0x2888/0xa010 [ 1224.752786] tcp_rcv_established+0xf7e/0x2940 [ 1224.752786] tcp_v4_do_rcv+0x686/0xd80 [ 1224.752786] tcp_v4_rcv+0x5a13/0x6520 [ 1224.752786] ip_local_deliver_finish+0x8d8/0xff0 [ 1224.752786] ip_local_deliver+0x44b/0x510 [ 1224.752786] ip_rcv+0x6b6/0x740 [ 1224.752786] process_backlog+0x82b/0x11e0 [ 1224.752786] net_rx_action+0x98f/0x1d50 [ 1224.752786] __do_softirq+0x721/0xc7f [ 1224.752786] [ 1224.752786] Uninit was stored to memory at: [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] __msan_chain_origin+0x6d/0xb0 [ 1224.752786] __save_stack_trace+0x8be/0xc60 [ 1224.752786] save_stack_trace+0xc6/0x110 [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] kmsan_memcpy_origins+0x13d/0x190 [ 1224.752786] __msan_memcpy+0x6f/0x80 [ 1224.752786] pskb_expand_head+0x436/0x1d20 [ 1224.752786] skb_shift+0xce2/0x2d10 [ 1224.752786] tcp_sacktag_walk+0x2156/0x29d0 [ 1224.752786] tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.752786] tcp_ack+0x2888/0xa010 [ 1224.752786] tcp_rcv_established+0xf7e/0x2940 [ 1224.752786] tcp_v4_do_rcv+0x686/0xd80 [ 1224.752786] tcp_v4_rcv+0x5a13/0x6520 [ 1224.752786] ip_local_deliver_finish+0x8d8/0xff0 [ 1224.752786] ip_local_deliver+0x44b/0x510 [ 1224.752786] ip_rcv+0x6b6/0x740 [ 1224.752786] process_backlog+0x82b/0x11e0 [ 1224.752786] net_rx_action+0x98f/0x1d50 [ 1224.752786] __do_softirq+0x721/0xc7f [ 1224.752786] [ 1224.752786] Uninit was stored to memory at: [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] __msan_chain_origin+0x6d/0xb0 [ 1224.752786] __save_stack_trace+0x8be/0xc60 [ 1224.752786] save_stack_trace+0xc6/0x110 [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] kmsan_memcpy_origins+0x13d/0x190 [ 1224.752786] __msan_memcpy+0x6f/0x80 [ 1224.752786] pskb_expand_head+0x436/0x1d20 [ 1224.752786] skb_shift+0xce2/0x2d10 [ 1224.752786] tcp_sacktag_walk+0x2156/0x29d0 [ 1224.752786] tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.752786] tcp_ack+0x2888/0xa010 [ 1224.752786] tcp_rcv_established+0xf7e/0x2940 [ 1224.752786] tcp_v4_do_rcv+0x686/0xd80 [ 1224.752786] tcp_v4_rcv+0x5a13/0x6520 [ 1224.752786] ip_local_deliver_finish+0x8d8/0xff0 [ 1224.752786] ip_local_deliver+0x44b/0x510 [ 1224.752786] ip_rcv+0x6b6/0x740 [ 1224.752786] process_backlog+0x82b/0x11e0 [ 1224.752786] net_rx_action+0x98f/0x1d50 [ 1224.752786] __do_softirq+0x721/0xc7f [ 1224.752786] [ 1224.752786] Uninit was stored to memory at: [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] __msan_chain_origin+0x6d/0xb0 [ 1224.752786] __save_stack_trace+0x8be/0xc60 [ 1224.752786] save_stack_trace+0xc6/0x110 [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] kmsan_memcpy_origins+0x13d/0x190 [ 1224.752786] __msan_memcpy+0x6f/0x80 [ 1224.752786] pskb_expand_head+0x436/0x1d20 [ 1224.752786] skb_shift+0xce2/0x2d10 [ 1224.752786] tcp_sacktag_walk+0x2156/0x29d0 [ 1224.752786] tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.752786] tcp_ack+0x2888/0xa010 [ 1224.752786] tcp_rcv_established+0xf7e/0x2940 [ 1224.752786] tcp_v4_do_rcv+0x686/0xd80 [ 1224.752786] tcp_v4_rcv+0x5a13/0x6520 [ 1224.752786] ip_local_deliver_finish+0x8d8/0xff0 [ 1224.752786] ip_local_deliver+0x44b/0x510 [ 1224.752786] ip_rcv+0x6b6/0x740 [ 1224.752786] process_backlog+0x82b/0x11e0 [ 1224.752786] net_rx_action+0x98f/0x1d50 [ 1224.752786] __do_softirq+0x721/0xc7f [ 1224.752786] [ 1224.752786] Uninit was stored to memory at: [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] __msan_chain_origin+0x6d/0xb0 [ 1224.752786] __save_stack_trace+0x8be/0xc60 [ 1224.752786] save_stack_trace+0xc6/0x110 [ 1224.752786] kmsan_internal_chain_origin+0x136/0x240 [ 1224.752786] kmsan_memcpy_origins+0x13d/0x190 [ 1224.752786] __msan_memcpy+0x6f/0x80 [ 1224.752786] pskb_expand_head+0x436/0x1d20 [ 1224.752786] skb_shift+0xce2/0x2d10 [ 1224.752786] tcp_sacktag_walk+0x2156/0x29d0 [ 1224.752786] tcp_sacktag_write_queue+0x2805/0x4630 [ 1224.752786] tcp_ack+0x2888/0xa010 [ 1224.752786] tcp_rcv_established+0xf7e/0x2940 [ 1224.752786] tcp_v4_do_rcv+0x686/0xd80 [ 1224.752786] tcp_v4_rcv+0x5a13/0x6520 [ 1224.752786] ip_local_deliver_finish+0x8d8/0xff0 [ 1224.752786] ip_local_deliver+0x44b/0x510 [ 1224.752786] ip_rcv+0x6b6/0x740 [ 1224.752786] process_backlog+0x82b/0x11e0 [ 1224.752786] net_rx_action+0x98f/0x1d50 [ 1224.752786] __do_softirq+0x721/0xc7f [ 1224.752786] [ 1224.752786] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1224.752786] Variable was created at: [ 1224.752786] ipv4_conntrack_local+0x75/0x470 [ 1224.752786] nf_hook_slow+0x15c/0x3d0 [ 1225.907466] not chained 5460000 origins [ 1225.911472] CPU: 0 PID: 18850 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 1225.916937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1225.916937] Call Trace: [ 1225.916937] [ 1225.916937] dump_stack+0x32d/0x480 [ 1225.916937] kmsan_internal_chain_origin+0x222/0x240 [ 1225.916937] ? __msan_poison_alloca+0x1e0/0x270 [ 1225.916937] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1225.916937] ? __module_address+0x6a/0x5f0 [ 1225.916937] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1225.916937] ? in_task_stack+0x12c/0x210 [ 1225.916937] ? get_stack_info+0x206/0x220 [ 1225.916937] __msan_chain_origin+0x6d/0xb0 [ 1225.916937] ? do_syscall_64+0xf5/0x110 [ 1225.916937] __save_stack_trace+0x8be/0xc60 [ 1225.916937] ? INIT_INT+0x30/0x30 [ 1225.916937] ? do_syscall_64+0xf5/0x110 [ 1225.916937] save_stack_trace+0xc6/0x110 [ 1225.916937] kmsan_internal_chain_origin+0x136/0x240 [ 1225.916937] ? kmsan_internal_chain_origin+0x136/0x240 [ 1225.916937] ? kmsan_memcpy_origins+0x13d/0x190 [ 1225.916937] ? __msan_memcpy+0x6f/0x80 [ 1225.916937] ? pskb_expand_head+0x436/0x1d20 [ 1225.916937] ? skb_shift+0xce2/0x2d10 [ 1225.916937] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1225.916937] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1225.916937] ? tcp_ack+0x2888/0xa010 [ 1225.916937] ? tcp_rcv_established+0xf7e/0x2940 [ 1225.916937] ? tcp_v4_do_rcv+0x686/0xd80 [ 1226.042768] ? tcp_v4_rcv+0x5a13/0x6520 [ 1226.042768] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1226.042768] ? ip_local_deliver+0x44b/0x510 [ 1226.042768] ? ip_rcv+0x6b6/0x740 [ 1226.042768] ? process_backlog+0x82b/0x11e0 [ 1226.042768] ? net_rx_action+0x98f/0x1d50 [ 1226.042768] ? __do_softirq+0x721/0xc7f [ 1226.042768] ? irq_exit+0x305/0x340 [ 1226.042768] ? exiting_irq+0xe/0x10 [ 1226.042768] ? smp_apic_timer_interrupt+0x64/0x90 [ 1226.082450] ? apic_timer_interrupt+0xf/0x20 [ 1226.082450] ? __msan_poison_alloca+0x23/0x270 [ 1226.082450] ? page_remove_rmap+0x106/0x1820 [ 1226.082450] ? unmap_page_range+0x213a/0x3950 [ 1226.082450] ? unmap_single_vma+0x43f/0x5e0 [ 1226.106562] ? unmap_vmas+0x251/0x380 [ 1226.106562] ? exit_mmap+0x51e/0xa10 [ 1226.111868] ? __mmput+0x17a/0x700 [ 1226.111868] ? mmput+0x190/0x210 [ 1226.111868] ? exit_mm+0xa90/0xc70 [ 1226.111868] ? do_exit+0x10f2/0x4070 [ 1226.111868] ? do_group_exit+0x1a7/0x350 [ 1226.111868] ? get_signal+0x11e2/0x2330 [ 1226.111868] ? do_signal+0x1f3/0x2fc0 [ 1226.111868] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1226.111868] ? syscall_return_slowpath+0xed/0x730 [ 1226.111868] ? do_syscall_64+0xf5/0x110 [ 1226.111868] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1226.111868] ? __msan_get_context_state+0x9/0x20 [ 1226.111868] ? INIT_INT+0xc/0x30 [ 1226.111868] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1226.111868] kmsan_memcpy_origins+0x13d/0x190 [ 1226.111868] __msan_memcpy+0x6f/0x80 [ 1226.111868] pskb_expand_head+0x436/0x1d20 [ 1226.111868] skb_shift+0xce2/0x2d10 [ 1226.111868] tcp_sacktag_walk+0x2156/0x29d0 [ 1226.111868] tcp_sacktag_write_queue+0x2805/0x4630 [ 1226.111868] tcp_ack+0x2888/0xa010 [ 1226.111868] ? tcp_parse_options+0xbe/0x1cf0 [ 1226.111868] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1226.111868] ? tcp_parse_options+0x1c55/0x1cf0 [ 1226.111868] tcp_rcv_established+0xf7e/0x2940 [ 1226.111868] ? __msan_get_context_state+0x9/0x20 [ 1226.111868] tcp_v4_do_rcv+0x686/0xd80 [ 1226.111868] tcp_v4_rcv+0x5a13/0x6520 [ 1226.111868] ? tcp_filter+0x260/0x260 [ 1226.111868] ip_local_deliver_finish+0x8d8/0xff0 [ 1226.111868] ? nf_hook_slow+0x36f/0x3d0 [ 1226.111868] ip_local_deliver+0x44b/0x510 [ 1226.111868] ? ip_local_deliver+0x510/0x510 [ 1226.111868] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1226.111868] ip_rcv+0x6b6/0x740 [ 1226.111868] ? ip_rcv_core+0x1370/0x1370 [ 1226.111868] process_backlog+0x82b/0x11e0 [ 1226.111868] ? ip_local_deliver_finish+0xff0/0xff0 [ 1226.111868] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1226.111868] net_rx_action+0x98f/0x1d50 [ 1226.111868] ? net_tx_action+0xf20/0xf20 [ 1226.111868] __do_softirq+0x721/0xc7f [ 1226.111868] irq_exit+0x305/0x340 [ 1226.111868] exiting_irq+0xe/0x10 [ 1226.111868] smp_apic_timer_interrupt+0x64/0x90 [ 1226.111868] apic_timer_interrupt+0xf/0x20 [ 1226.111868] [ 1226.111868] RIP: 0010:__msan_poison_alloca+0x23/0x270 [ 1226.111868] Code: 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 f0 48 83 ec 70 65 48 8b 04 25 28 00 00 00 48 89 44 24 60 <48> 81 fe 01 40 00 00 0f 83 2a 02 00 00 48 b8 04 00 00 00 04 00 00 [ 1226.111868] RSP: 0018:ffff8880acddf220 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 1226.111868] RAX: 3b7fedf72e470e00 RBX: 0000000000000000 RCX: 0000000000000002 [ 1226.111868] RDX: ffffffff8bf150a0 RSI: 0000000000000004 RDI: ffff8880acddf318 [ 1226.111868] RBP: ffff8880acddf2b8 R08: 0000000000480020 R09: 0000000000000002 [ 1226.111868] R10: 000000ffffffffff R11: 0000000000000000 R12: ffff888186230988 [ 1226.111868] R13: ffffea0007adf420 R14: 0000000000000000 R15: 0000000000000000 [ 1226.111868] ? page_remove_rmap+0xf1/0x1820 [ 1226.111868] ? unmap_page_range+0x213a/0x3950 [ 1226.111868] page_remove_rmap+0x106/0x1820 [ 1226.111868] ? __tlb_remove_page_size+0x24b/0x560 [ 1226.111868] unmap_page_range+0x213a/0x3950 [ 1226.111868] unmap_single_vma+0x43f/0x5e0 [ 1226.111868] unmap_vmas+0x251/0x380 [ 1226.111868] exit_mmap+0x51e/0xa10 [ 1226.111868] ? __khugepaged_exit+0x6b9/0x8b0 [ 1226.111868] __mmput+0x17a/0x700 [ 1226.111868] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1226.111868] mmput+0x190/0x210 [ 1226.111868] exit_mm+0xa90/0xc70 [ 1226.111868] do_exit+0x10f2/0x4070 [ 1226.111868] do_group_exit+0x1a7/0x350 [ 1226.111868] get_signal+0x11e2/0x2330 [ 1226.111868] ? do_signal+0x1dd/0x2fc0 [ 1226.111868] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1226.111868] do_signal+0x1f3/0x2fc0 [ 1226.111868] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1226.111868] ? kmsan_set_origin+0x7f/0x100 [ 1226.111868] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1226.111868] prepare_exit_to_usermode+0x2c9/0x4c0 [ 1226.111868] syscall_return_slowpath+0xed/0x730 [ 1226.111868] ? __se_sys_seccomp+0x92/0xb0 [ 1226.111868] do_syscall_64+0xf5/0x110 [ 1226.111868] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1226.111868] RIP: 0033:0x457569 [ 1226.111868] Code: 83 c4 18 c3 e8 d8 64 00 00 48 8b 04 24 48 8b 4c 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d ea 55 0b <01> 87 01 8b 05 e2 55 0b 01 83 f8 01 0f 85 8a 00 00 00 b8 01 00 00 [ 1226.111868] RSP: 002b:00007f26388a1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 1226.111868] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000457569 [ 1226.111868] RDX: 0000000020007ff0 RSI: 0000000000000000 RDI: 0000000000000001 [ 1226.111868] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1226.111868] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f26388a26d4 [ 1226.111868] R13: 00000000004c331f R14: 00000000004d5790 R15: 00000000ffffffff [ 1226.111868] Uninit was stored to memory at: [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] __msan_chain_origin+0x6d/0xb0 [ 1226.111868] __save_stack_trace+0x8be/0xc60 [ 1226.111868] save_stack_trace+0xc6/0x110 [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] kmsan_memcpy_origins+0x13d/0x190 [ 1226.111868] __msan_memcpy+0x6f/0x80 [ 1226.111868] pskb_expand_head+0x436/0x1d20 [ 1226.111868] skb_shift+0xce2/0x2d10 [ 1226.111868] tcp_sacktag_walk+0x2156/0x29d0 [ 1226.111868] tcp_sacktag_write_queue+0x2805/0x4630 [ 1226.111868] tcp_ack+0x2888/0xa010 [ 1226.111868] tcp_rcv_established+0xf7e/0x2940 [ 1226.111868] tcp_v4_do_rcv+0x686/0xd80 [ 1226.111868] tcp_v4_rcv+0x5a13/0x6520 [ 1226.111868] ip_local_deliver_finish+0x8d8/0xff0 [ 1226.111868] ip_local_deliver+0x44b/0x510 [ 1226.111868] ip_rcv+0x6b6/0x740 [ 1226.111868] process_backlog+0x82b/0x11e0 [ 1226.111868] net_rx_action+0x98f/0x1d50 [ 1226.111868] __do_softirq+0x721/0xc7f [ 1226.111868] [ 1226.111868] Uninit was stored to memory at: [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] __msan_chain_origin+0x6d/0xb0 [ 1226.111868] __save_stack_trace+0x8be/0xc60 [ 1226.111868] save_stack_trace+0xc6/0x110 [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] kmsan_memcpy_origins+0x13d/0x190 [ 1226.111868] __msan_memcpy+0x6f/0x80 [ 1226.111868] pskb_expand_head+0x436/0x1d20 [ 1226.111868] skb_shift+0xce2/0x2d10 [ 1226.111868] tcp_sacktag_walk+0x2156/0x29d0 [ 1226.111868] tcp_sacktag_write_queue+0x2805/0x4630 [ 1226.111868] tcp_ack+0x2888/0xa010 [ 1226.111868] tcp_rcv_established+0xf7e/0x2940 [ 1226.111868] tcp_v4_do_rcv+0x686/0xd80 [ 1226.111868] tcp_v4_rcv+0x5a13/0x6520 [ 1226.111868] ip_local_deliver_finish+0x8d8/0xff0 [ 1226.111868] ip_local_deliver+0x44b/0x510 [ 1226.111868] ip_rcv+0x6b6/0x740 [ 1226.111868] process_backlog+0x82b/0x11e0 [ 1226.111868] net_rx_action+0x98f/0x1d50 [ 1226.111868] __do_softirq+0x721/0xc7f [ 1226.111868] [ 1226.111868] Uninit was stored to memory at: [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] __msan_chain_origin+0x6d/0xb0 [ 1226.111868] __save_stack_trace+0x8be/0xc60 [ 1226.111868] save_stack_trace+0xc6/0x110 [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] kmsan_memcpy_origins+0x13d/0x190 [ 1226.111868] __msan_memcpy+0x6f/0x80 [ 1226.111868] pskb_expand_head+0x436/0x1d20 [ 1226.111868] skb_shift+0xce2/0x2d10 [ 1226.111868] tcp_sacktag_walk+0x2156/0x29d0 [ 1226.111868] tcp_sacktag_write_queue+0x2805/0x4630 [ 1226.111868] tcp_ack+0x2888/0xa010 [ 1226.111868] tcp_rcv_established+0xf7e/0x2940 [ 1226.111868] tcp_v4_do_rcv+0x686/0xd80 [ 1226.111868] tcp_v4_rcv+0x5a13/0x6520 [ 1226.111868] ip_local_deliver_finish+0x8d8/0xff0 [ 1226.111868] ip_local_deliver+0x44b/0x510 [ 1226.111868] ip_rcv+0x6b6/0x740 [ 1226.111868] process_backlog+0x82b/0x11e0 [ 1226.111868] net_rx_action+0x98f/0x1d50 [ 1226.111868] __do_softirq+0x721/0xc7f [ 1226.111868] [ 1226.111868] Uninit was stored to memory at: [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] __msan_chain_origin+0x6d/0xb0 [ 1226.111868] __save_stack_trace+0x8be/0xc60 [ 1226.111868] save_stack_trace+0xc6/0x110 [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] kmsan_memcpy_origins+0x13d/0x190 [ 1226.111868] __msan_memcpy+0x6f/0x80 [ 1226.111868] pskb_expand_head+0x436/0x1d20 [ 1226.111868] skb_shift+0xce2/0x2d10 [ 1226.111868] tcp_sacktag_walk+0x2156/0x29d0 [ 1226.111868] tcp_sacktag_write_queue+0x2805/0x4630 [ 1226.111868] tcp_ack+0x2888/0xa010 [ 1226.111868] tcp_rcv_established+0xf7e/0x2940 [ 1226.111868] tcp_v4_do_rcv+0x686/0xd80 [ 1226.111868] tcp_v4_rcv+0x5a13/0x6520 [ 1226.111868] ip_local_deliver_finish+0x8d8/0xff0 [ 1226.111868] ip_local_deliver+0x44b/0x510 [ 1226.111868] ip_rcv+0x6b6/0x740 [ 1226.111868] process_backlog+0x82b/0x11e0 [ 1226.111868] net_rx_action+0x98f/0x1d50 [ 1226.111868] __do_softirq+0x721/0xc7f [ 1226.111868] [ 1226.111868] Uninit was stored to memory at: [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] __msan_chain_origin+0x6d/0xb0 [ 1226.111868] __save_stack_trace+0x8be/0xc60 [ 1226.111868] save_stack_trace+0xc6/0x110 [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] kmsan_memcpy_origins+0x13d/0x190 [ 1226.111868] __msan_memcpy+0x6f/0x80 [ 1226.111868] pskb_expand_head+0x436/0x1d20 [ 1226.111868] skb_shift+0xce2/0x2d10 [ 1226.111868] tcp_sacktag_walk+0x2156/0x29d0 [ 1226.111868] tcp_sacktag_write_queue+0x2805/0x4630 [ 1226.111868] tcp_ack+0x2888/0xa010 [ 1226.111868] tcp_rcv_established+0xf7e/0x2940 [ 1226.111868] tcp_v4_do_rcv+0x686/0xd80 [ 1226.111868] tcp_v4_rcv+0x5a13/0x6520 [ 1226.111868] ip_local_deliver_finish+0x8d8/0xff0 [ 1226.111868] ip_local_deliver+0x44b/0x510 [ 1226.111868] ip_rcv+0x6b6/0x740 [ 1226.111868] process_backlog+0x82b/0x11e0 [ 1226.111868] net_rx_action+0x98f/0x1d50 [ 1226.111868] __do_softirq+0x721/0xc7f [ 1226.111868] [ 1226.111868] Uninit was stored to memory at: [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] __msan_chain_origin+0x6d/0xb0 [ 1226.111868] __save_stack_trace+0x8be/0xc60 [ 1226.111868] save_stack_trace+0xc6/0x110 [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] kmsan_memcpy_origins+0x13d/0x190 [ 1226.111868] __msan_memcpy+0x6f/0x80 [ 1226.111868] pskb_expand_head+0x436/0x1d20 [ 1226.111868] skb_shift+0xce2/0x2d10 [ 1226.111868] tcp_sacktag_walk+0x2156/0x29d0 [ 1226.111868] tcp_sacktag_write_queue+0x2805/0x4630 [ 1226.111868] tcp_ack+0x2888/0xa010 [ 1226.111868] tcp_rcv_established+0xf7e/0x2940 [ 1226.111868] tcp_v4_do_rcv+0x686/0xd80 [ 1226.111868] tcp_v4_rcv+0x5a13/0x6520 [ 1226.111868] ip_local_deliver_finish+0x8d8/0xff0 [ 1226.111868] ip_local_deliver+0x44b/0x510 [ 1226.111868] ip_rcv+0x6b6/0x740 [ 1226.111868] process_backlog+0x82b/0x11e0 [ 1226.111868] net_rx_action+0x98f/0x1d50 [ 1226.111868] __do_softirq+0x721/0xc7f [ 1226.111868] [ 1226.111868] Uninit was stored to memory at: [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] __msan_chain_origin+0x6d/0xb0 [ 1226.111868] __save_stack_trace+0x8be/0xc60 [ 1226.111868] save_stack_trace+0xc6/0x110 [ 1226.111868] kmsan_internal_chain_origin+0x136/0x240 [ 1226.111868] kmsan_memcpy_origins+0x13d/0x190 [ 1226.111868] __msan_memcpy+0x6f/0x80 [ 1226.111868] pskb_expand_head+0x436/0x1d20 [ 1226.111868] skb_shift+0xce2/0x2d10 [ 1226.111868] tcp_sacktag_walk+0x2156/0x29d0 [ 1226.111868] tcp_sacktag_write_queue+0x2805/0x4630 [ 1226.111868] tcp_ack+0x2888/0xa010 [ 1226.111868] tcp_rcv_established+0xf7e/0x2940 [ 1226.111868] tcp_v4_do_rcv+0x686/0xd80 [ 1226.111868] tcp_v4_rcv+0x5a13/0x6520 [ 1226.111868] ip_local_deliver_finish+0x8d8/0xff0 [ 1226.111868] ip_local_deliver+0x44b/0x510 [ 1226.111868] ip_rcv+0x6b6/0x740 [ 1226.111868] process_backlog+0x82b/0x11e0 14:17:44 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1226.111868] net_rx_action+0x98f/0x1d50 [ 1226.111868] __do_softirq+0x721/0xc7f [ 1226.111868] [ 1226.111868] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1226.111868] Variable was created at: [ 1226.111868] ipv4_conntrack_local+0x75/0x470 [ 1226.111868] nf_hook_slow+0x15c/0x3d0 14:17:44 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x200000, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpu.stat\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x80000000, 0x208000) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x401000420200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000140), &(0x7f00000001c0)=0x4) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb000000000000000003000500000000000200003db28dbebb0000000000000000"], 0x80}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f0000000200)={0x7, 0xf80, 0x8a57}) sendmmsg(r3, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1227.542245] not chained 5470000 origins [ 1227.546271] CPU: 0 PID: 18891 Comm: syz-executor4 Not tainted 4.20.0-rc2+ #85 [ 1227.551643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1227.551643] Call Trace: [ 1227.551643] dump_stack+0x32d/0x480 [ 1227.551643] kmsan_internal_chain_origin+0x222/0x240 [ 1227.551643] ? save_stack_trace+0xc6/0x110 [ 1227.551643] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1227.551643] ? kmsan_internal_chain_origin+0x90/0x240 [ 1227.551643] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1227.551643] ? is_bpf_text_address+0x49e/0x4d0 [ 1227.551643] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1227.551643] ? in_task_stack+0x12c/0x210 [ 1227.606976] __msan_chain_origin+0x6d/0xb0 [ 1227.612594] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1227.612594] __save_stack_trace+0x8be/0xc60 [ 1227.612594] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1227.612594] save_stack_trace+0xc6/0x110 [ 1227.612594] kmsan_internal_chain_origin+0x136/0x240 [ 1227.612594] ? __vfs_write+0x888/0xb80 [ 1227.612594] ? kmsan_internal_chain_origin+0x136/0x240 [ 1227.612594] ? kmsan_memcpy_origins+0x13d/0x190 [ 1227.612594] ? __msan_memcpy+0x6f/0x80 [ 1227.612594] ? pskb_expand_head+0x436/0x1d20 [ 1227.612594] ? tcp_fragment+0x378/0x21d0 [ 1227.612594] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1227.612594] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1227.612594] ? tcp_ack+0x2888/0xa010 [ 1227.612594] ? tcp_rcv_established+0xf7e/0x2940 [ 1227.612594] ? tcp_v4_do_rcv+0x686/0xd80 [ 1227.612594] ? __release_sock+0x32d/0x750 [ 1227.612594] ? release_sock+0x99/0x2a0 [ 1227.612594] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1227.612594] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1227.612594] ? tcp_sendmsg+0xb2/0x100 [ 1227.612594] ? inet_sendmsg+0x4e9/0x800 [ 1227.612594] ? sock_write_iter+0x3f4/0x4f0 [ 1227.612594] ? __vfs_write+0x888/0xb80 [ 1227.612594] ? vfs_write+0x4a3/0x8f0 [ 1227.612594] ? __se_sys_write+0x17a/0x370 [ 1227.612594] ? __x64_sys_write+0x4a/0x70 [ 1227.612594] ? do_syscall_64+0xcf/0x110 [ 1227.612594] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1227.612594] ? __msan_get_context_state+0x9/0x20 [ 1227.612594] ? INIT_INT+0xc/0x30 [ 1227.612594] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1227.612594] kmsan_memcpy_origins+0x13d/0x190 [ 1227.612594] __msan_memcpy+0x6f/0x80 [ 1227.612594] pskb_expand_head+0x436/0x1d20 [ 1227.612594] tcp_fragment+0x378/0x21d0 [ 1227.612594] tcp_sacktag_walk+0xe88/0x29d0 [ 1227.612594] tcp_sacktag_write_queue+0x2805/0x4630 [ 1227.612594] tcp_ack+0x2888/0xa010 [ 1227.612594] ? tcp_parse_options+0xbe/0x1cf0 [ 1227.612594] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1227.612594] ? tcp_parse_options+0x1c55/0x1cf0 [ 1227.612594] tcp_rcv_established+0xf7e/0x2940 [ 1227.612594] ? kmsan_set_origin+0x7f/0x100 [ 1227.612594] ? __msan_get_context_state+0x9/0x20 [ 1227.811853] tcp_v4_do_rcv+0x686/0xd80 [ 1227.811853] ? inet_sk_rx_dst_set+0x200/0x200 [ 1227.811853] __release_sock+0x32d/0x750 [ 1227.811853] release_sock+0x99/0x2a0 [ 1227.811853] sk_stream_wait_memory+0x9cc/0x1430 [ 1227.811853] ? wait_woken+0x5b0/0x5b0 [ 1227.811853] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1227.811853] tcp_sendmsg+0xb2/0x100 [ 1227.811853] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1227.811853] inet_sendmsg+0x4e9/0x800 [ 1227.811853] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1227.811853] ? security_socket_sendmsg+0x1bd/0x200 [ 1227.811853] ? inet_getname+0x490/0x490 [ 1227.811853] sock_write_iter+0x3f4/0x4f0 [ 1227.811853] ? sock_read_iter+0x4e0/0x4e0 [ 1227.811853] __vfs_write+0x888/0xb80 [ 1227.811853] vfs_write+0x4a3/0x8f0 [ 1227.811853] __se_sys_write+0x17a/0x370 [ 1227.811853] __x64_sys_write+0x4a/0x70 14:17:44 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:44 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f00000005c0)=ANY=[@ANYRESOCT=r0, @ANYBLOB="8d9c8978159279ff4f9eab2c42cc5b2ac30e92716f9d7bd704674e50bef2afadf1b352488aee0093e9efa0bdb39f425b1916366cea288d76d7de23d98c04215d642aebbe7ed51c5084a5861688a1f89900c873e5824ce5d9f3cc752e532854cd53ef00d9c62f92a94d6ecb0981261415bef998a8ba439c7100be42f4189fb8023474ad7fa3edcf6f219217598ffd9ce3464cbc06f53babcc3d5591ddd5f4db4d7905b5814b1e04bb8c04571f419372811e666671daccdd97acbad256bfc10035b0c228d21d1cfbb4914d"], 0xfffffdb5) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:17:44 executing program 1: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b628571") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:17:44 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0xaa, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x4001fd) [ 1227.811853] do_syscall_64+0xcf/0x110 [ 1227.811853] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1227.811853] RIP: 0033:0x457569 [ 1227.811853] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1227.811853] RSP: 002b:00007f9e40061c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1227.811853] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1227.811853] RDX: 000000000000ff5a RSI: 0000000020000100 RDI: 0000000000000005 [ 1227.941830] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1227.949218] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e400626d4 [ 1227.949218] R13: 00000000004c5893 R14: 00000000004d95a0 R15: 00000000ffffffff [ 1227.967131] Uninit was stored to memory at: [ 1227.967131] kmsan_internal_chain_origin+0x136/0x240 [ 1227.967131] __msan_chain_origin+0x6d/0xb0 [ 1227.967131] __save_stack_trace+0x8be/0xc60 [ 1227.967131] save_stack_trace+0xc6/0x110 [ 1227.967131] kmsan_internal_chain_origin+0x136/0x240 [ 1227.967131] kmsan_memcpy_origins+0x13d/0x190 [ 1227.967131] __msan_memcpy+0x6f/0x80 [ 1227.967131] pskb_expand_head+0x436/0x1d20 [ 1227.967131] tcp_fragment+0x378/0x21d0 [ 1227.967131] tcp_sacktag_walk+0xe88/0x29d0 [ 1228.014725] tcp_sacktag_write_queue+0x2805/0x4630 [ 1228.017268] tcp_ack+0x2888/0xa010 [ 1228.020566] tcp_rcv_established+0xf7e/0x2940 [ 1228.020566] tcp_v4_do_rcv+0x686/0xd80 [ 1228.028986] __release_sock+0x32d/0x750 [ 1228.033601] release_sock+0x99/0x2a0 [ 1228.033601] sk_stream_wait_memory+0x9cc/0x1430 [ 1228.033601] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1228.033601] tcp_sendmsg+0xb2/0x100 [ 1228.033601] inet_sendmsg+0x4e9/0x800 [ 1228.033601] sock_write_iter+0x3f4/0x4f0 [ 1228.033601] __vfs_write+0x888/0xb80 [ 1228.033601] vfs_write+0x4a3/0x8f0 [ 1228.033601] __se_sys_write+0x17a/0x370 [ 1228.033601] __x64_sys_write+0x4a/0x70 [ 1228.033601] do_syscall_64+0xcf/0x110 [ 1228.033601] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1228.033601] [ 1228.086414] Uninit was stored to memory at: [ 1228.086414] kmsan_internal_chain_origin+0x136/0x240 [ 1228.086414] __msan_chain_origin+0x6d/0xb0 [ 1228.086414] __save_stack_trace+0x8be/0xc60 [ 1228.086414] save_stack_trace+0xc6/0x110 [ 1228.086414] kmsan_internal_chain_origin+0x136/0x240 [ 1228.086414] kmsan_memcpy_origins+0x13d/0x190 [ 1228.086414] __msan_memcpy+0x6f/0x80 [ 1228.086414] pskb_expand_head+0x436/0x1d20 [ 1228.086414] tcp_fragment+0x378/0x21d0 [ 1228.086414] tcp_sacktag_walk+0xe88/0x29d0 [ 1228.086414] tcp_sacktag_write_queue+0x2805/0x4630 [ 1228.086414] tcp_ack+0x2888/0xa010 [ 1228.141818] tcp_rcv_established+0xf7e/0x2940 [ 1228.141818] tcp_v4_do_rcv+0x686/0xd80 [ 1228.141818] __release_sock+0x32d/0x750 [ 1228.141818] release_sock+0x99/0x2a0 [ 1228.141818] sk_stream_wait_memory+0x9cc/0x1430 [ 1228.161140] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1228.161140] tcp_sendmsg+0xb2/0x100 [ 1228.161140] inet_sendmsg+0x4e9/0x800 [ 1228.161140] sock_write_iter+0x3f4/0x4f0 [ 1228.161140] __vfs_write+0x888/0xb80 [ 1228.161140] vfs_write+0x4a3/0x8f0 [ 1228.161140] __se_sys_write+0x17a/0x370 [ 1228.161140] __x64_sys_write+0x4a/0x70 [ 1228.161140] do_syscall_64+0xcf/0x110 [ 1228.161140] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1228.161140] [ 1228.161140] Uninit was stored to memory at: [ 1228.161140] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] __msan_chain_origin+0x6d/0xb0 [ 1228.211886] __save_stack_trace+0x8be/0xc60 [ 1228.211886] save_stack_trace+0xc6/0x110 [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] kmsan_memcpy_origins+0x13d/0x190 [ 1228.211886] __msan_memcpy+0x6f/0x80 [ 1228.211886] pskb_expand_head+0x436/0x1d20 [ 1228.211886] tcp_fragment+0x378/0x21d0 [ 1228.211886] tcp_sacktag_walk+0xe88/0x29d0 [ 1228.211886] tcp_sacktag_write_queue+0x2805/0x4630 [ 1228.211886] tcp_ack+0x2888/0xa010 [ 1228.211886] tcp_rcv_established+0xf7e/0x2940 [ 1228.211886] tcp_v4_do_rcv+0x686/0xd80 [ 1228.211886] __release_sock+0x32d/0x750 [ 1228.211886] release_sock+0x99/0x2a0 [ 1228.211886] sk_stream_wait_memory+0x9cc/0x1430 [ 1228.211886] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1228.211886] tcp_sendmsg+0xb2/0x100 [ 1228.211886] inet_sendmsg+0x4e9/0x800 [ 1228.211886] sock_write_iter+0x3f4/0x4f0 [ 1228.211886] __vfs_write+0x888/0xb80 [ 1228.211886] vfs_write+0x4a3/0x8f0 [ 1228.211886] __se_sys_write+0x17a/0x370 [ 1228.211886] __x64_sys_write+0x4a/0x70 [ 1228.211886] do_syscall_64+0xcf/0x110 [ 1228.211886] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1228.211886] [ 1228.211886] Uninit was stored to memory at: [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] __msan_chain_origin+0x6d/0xb0 [ 1228.211886] __save_stack_trace+0x8be/0xc60 [ 1228.211886] save_stack_trace+0xc6/0x110 [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] kmsan_memcpy_origins+0x13d/0x190 [ 1228.211886] __msan_memcpy+0x6f/0x80 [ 1228.211886] pskb_expand_head+0x436/0x1d20 [ 1228.211886] tcp_fragment+0x378/0x21d0 [ 1228.211886] tcp_sacktag_walk+0xe88/0x29d0 [ 1228.211886] tcp_sacktag_write_queue+0x2805/0x4630 [ 1228.211886] tcp_ack+0x2888/0xa010 [ 1228.211886] tcp_rcv_established+0xf7e/0x2940 [ 1228.211886] tcp_v4_do_rcv+0x686/0xd80 [ 1228.211886] __release_sock+0x32d/0x750 [ 1228.211886] release_sock+0x99/0x2a0 [ 1228.211886] sk_stream_wait_memory+0x9cc/0x1430 [ 1228.211886] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1228.211886] tcp_sendmsg+0xb2/0x100 [ 1228.211886] inet_sendmsg+0x4e9/0x800 [ 1228.211886] sock_write_iter+0x3f4/0x4f0 [ 1228.211886] __vfs_write+0x888/0xb80 [ 1228.211886] vfs_write+0x4a3/0x8f0 [ 1228.211886] __se_sys_write+0x17a/0x370 [ 1228.211886] __x64_sys_write+0x4a/0x70 [ 1228.211886] do_syscall_64+0xcf/0x110 [ 1228.211886] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1228.211886] [ 1228.211886] Uninit was stored to memory at: [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] __msan_chain_origin+0x6d/0xb0 [ 1228.211886] __save_stack_trace+0x8be/0xc60 [ 1228.211886] save_stack_trace+0xc6/0x110 [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] kmsan_memcpy_origins+0x13d/0x190 [ 1228.211886] __msan_memcpy+0x6f/0x80 [ 1228.211886] pskb_expand_head+0x436/0x1d20 [ 1228.211886] tcp_fragment+0x378/0x21d0 [ 1228.211886] tcp_sacktag_walk+0xe88/0x29d0 [ 1228.211886] tcp_sacktag_write_queue+0x2805/0x4630 [ 1228.211886] tcp_ack+0x2888/0xa010 [ 1228.211886] tcp_rcv_established+0xf7e/0x2940 [ 1228.211886] tcp_v4_do_rcv+0x686/0xd80 [ 1228.211886] __release_sock+0x32d/0x750 [ 1228.211886] release_sock+0x99/0x2a0 [ 1228.211886] sk_stream_wait_memory+0x9cc/0x1430 [ 1228.211886] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1228.211886] tcp_sendmsg+0xb2/0x100 [ 1228.211886] inet_sendmsg+0x4e9/0x800 [ 1228.211886] sock_write_iter+0x3f4/0x4f0 [ 1228.211886] __vfs_write+0x888/0xb80 [ 1228.211886] vfs_write+0x4a3/0x8f0 [ 1228.211886] __se_sys_write+0x17a/0x370 [ 1228.211886] __x64_sys_write+0x4a/0x70 [ 1228.211886] do_syscall_64+0xcf/0x110 [ 1228.211886] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1228.211886] [ 1228.211886] Uninit was stored to memory at: [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] __msan_chain_origin+0x6d/0xb0 [ 1228.211886] __save_stack_trace+0x8be/0xc60 [ 1228.211886] save_stack_trace+0xc6/0x110 [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] kmsan_memcpy_origins+0x13d/0x190 [ 1228.211886] __msan_memcpy+0x6f/0x80 [ 1228.211886] pskb_expand_head+0x436/0x1d20 [ 1228.211886] tcp_fragment+0x378/0x21d0 [ 1228.211886] tcp_sacktag_walk+0xe88/0x29d0 [ 1228.211886] tcp_sacktag_write_queue+0x2805/0x4630 [ 1228.211886] tcp_ack+0x2888/0xa010 [ 1228.211886] tcp_rcv_established+0xf7e/0x2940 [ 1228.211886] tcp_v4_do_rcv+0x686/0xd80 [ 1228.211886] __release_sock+0x32d/0x750 [ 1228.211886] release_sock+0x99/0x2a0 [ 1228.211886] sk_stream_wait_memory+0x9cc/0x1430 [ 1228.211886] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1228.211886] tcp_sendmsg+0xb2/0x100 [ 1228.211886] inet_sendmsg+0x4e9/0x800 [ 1228.211886] sock_write_iter+0x3f4/0x4f0 [ 1228.211886] __vfs_write+0x888/0xb80 [ 1228.211886] vfs_write+0x4a3/0x8f0 [ 1228.211886] __se_sys_write+0x17a/0x370 [ 1228.211886] __x64_sys_write+0x4a/0x70 [ 1228.211886] do_syscall_64+0xcf/0x110 [ 1228.211886] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1228.211886] [ 1228.211886] Uninit was stored to memory at: [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] __msan_chain_origin+0x6d/0xb0 [ 1228.211886] __save_stack_trace+0x8be/0xc60 [ 1228.211886] save_stack_trace+0xc6/0x110 [ 1228.211886] kmsan_internal_chain_origin+0x136/0x240 [ 1228.211886] kmsan_memcpy_origins+0x13d/0x190 [ 1228.211886] __msan_memcpy+0x6f/0x80 [ 1228.211886] pskb_expand_head+0x436/0x1d20 [ 1228.211886] tcp_fragment+0x378/0x21d0 [ 1228.211886] tcp_sacktag_walk+0xe88/0x29d0 [ 1228.211886] tcp_sacktag_write_queue+0x2805/0x4630 [ 1228.211886] tcp_ack+0x2888/0xa010 [ 1228.211886] tcp_rcv_established+0xf7e/0x2940 [ 1228.211886] tcp_v4_do_rcv+0x686/0xd80 [ 1228.211886] __release_sock+0x32d/0x750 [ 1228.211886] release_sock+0x99/0x2a0 [ 1228.211886] sk_stream_wait_memory+0x9cc/0x1430 [ 1228.211886] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1228.211886] tcp_sendmsg+0xb2/0x100 [ 1228.211886] inet_sendmsg+0x4e9/0x800 [ 1228.211886] sock_write_iter+0x3f4/0x4f0 [ 1228.211886] __vfs_write+0x888/0xb80 [ 1228.211886] vfs_write+0x4a3/0x8f0 [ 1228.211886] __se_sys_write+0x17a/0x370 [ 1228.211886] __x64_sys_write+0x4a/0x70 [ 1228.211886] do_syscall_64+0xcf/0x110 [ 1228.211886] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1228.211886] [ 1228.211886] Local variable description: ----p@ip_vs_conn_out_get_proto [ 1228.211886] Variable was created at: [ 1228.211886] ip_vs_conn_out_get_proto+0xb2/0x740 [ 1228.211886] ip_vs_out+0x9ae/0x4570 14:17:45 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) [ 1229.069972] not chained 5480000 origins [ 1229.071658] CPU: 0 PID: 18906 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #85 [ 1229.071658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1229.071658] Call Trace: [ 1229.071658] [ 1229.071658] dump_stack+0x32d/0x480 [ 1229.071658] kmsan_internal_chain_origin+0x222/0x240 [ 1229.071658] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1229.071658] ? is_bpf_text_address+0x49e/0x4d0 [ 1229.071658] ? INIT_INT+0xc/0x30 [ 1229.071658] ? __kernel_text_address+0x250/0x350 [ 1229.071658] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1229.071658] ? __save_stack_trace+0x9f2/0xc60 [ 1229.131812] __msan_chain_origin+0x6d/0xb0 [ 1229.131812] save_stack_trace+0xfa/0x110 [ 1229.131812] kmsan_internal_chain_origin+0x136/0x240 [ 1229.131812] ? irq_exit+0x305/0x340 [ 1229.131812] ? kmsan_internal_chain_origin+0x136/0x240 [ 1229.131812] ? kmsan_memcpy_origins+0x13d/0x190 [ 1229.131812] ? __msan_memcpy+0x6f/0x80 [ 1229.131812] ? pskb_expand_head+0x436/0x1d20 14:17:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) r2 = dup(r1) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000040)={0x0, 0x3}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f00000001c0)={r3, 0x98, "36e9595a8f0fe934ac5f5da7558bc1420c85bb0107274ac2bb5f1d2693420b798b44329065d86ebd305c8ae1c0e1dbc69bbce2c89714586f07d9fdb279564207657f5cd8b3ee77f30432fe89169e09978b3b46e8b2d1bfa931f455dbe516ede3b884b2682133ca05efde9a2fefc47cbb56b64515c5ab79f918906294bbb1c5e2ca190d8f69c232305bb715dc71b49159f757688dddcda8bc"}, &(0x7f0000000100)=0xa0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb000000000000000003000500000000000200003db28dbebb0000000000000000"], 0x80}}, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmmsg(r4, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1229.131812] ? skb_shift+0xce2/0x2d10 [ 1229.131812] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1229.175654] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.175654] ? tcp_ack+0x2888/0xa010 [ 1229.175654] ? tcp_rcv_established+0xf7e/0x2940 [ 1229.175654] ? tcp_v4_do_rcv+0x686/0xd80 [ 1229.175654] ? tcp_v4_rcv+0x5a13/0x6520 [ 1229.175654] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1229.201888] ? ip_local_deliver+0x44b/0x510 [ 1229.201888] ? ip_rcv+0x6b6/0x740 [ 1229.201888] ? process_backlog+0x82b/0x11e0 [ 1229.201888] ? net_rx_action+0x98f/0x1d50 [ 1229.201888] ? __do_softirq+0x721/0xc7f [ 1229.201888] ? irq_exit+0x305/0x340 [ 1229.201888] ? exiting_irq+0xe/0x10 [ 1229.201888] ? smp_apic_timer_interrupt+0x64/0x90 [ 1229.201888] ? apic_timer_interrupt+0xf/0x20 [ 1229.201888] ? kmsan_get_metadata_or_null+0x1f9/0x380 [ 1229.201888] ? __msan_poison_alloca+0x1e0/0x270 [ 1229.201888] ? handle_mm_fault+0xcc/0xa8c0 [ 1229.201888] ? __do_page_fault+0xdeb/0x1d90 [ 1229.201888] ? do_page_fault+0x98/0xd0 [ 1229.201888] ? page_fault+0x1e/0x30 [ 1229.201888] ? __msan_get_context_state+0x9/0x20 [ 1229.201888] ? INIT_INT+0xc/0x30 [ 1229.201888] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1229.201888] kmsan_memcpy_origins+0x13d/0x190 [ 1229.201888] __msan_memcpy+0x6f/0x80 [ 1229.201888] pskb_expand_head+0x436/0x1d20 [ 1229.291861] skb_shift+0xce2/0x2d10 [ 1229.291861] tcp_sacktag_walk+0x2156/0x29d0 [ 1229.291861] tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.291861] tcp_ack+0x2888/0xa010 [ 1229.291861] ? tcp_parse_options+0xbe/0x1cf0 [ 1229.291861] ? __msan_metadata_ptr_for_store_1+0x13/0x20 14:17:46 executing program 1: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b62857170") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:17:46 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) [ 1229.291861] ? tcp_parse_options+0x1c55/0x1cf0 [ 1229.291861] tcp_rcv_established+0xf7e/0x2940 [ 1229.291861] ? __msan_get_context_state+0x9/0x20 [ 1229.291861] tcp_v4_do_rcv+0x686/0xd80 [ 1229.291861] tcp_v4_rcv+0x5a13/0x6520 [ 1229.291861] ? tcp_filter+0x260/0x260 [ 1229.291861] ip_local_deliver_finish+0x8d8/0xff0 [ 1229.291861] ? nf_hook_slow+0x36f/0x3d0 [ 1229.291861] ip_local_deliver+0x44b/0x510 [ 1229.291861] ? ip_local_deliver+0x510/0x510 [ 1229.291861] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1229.291861] ip_rcv+0x6b6/0x740 [ 1229.291861] ? ip_rcv_core+0x1370/0x1370 [ 1229.291861] process_backlog+0x82b/0x11e0 [ 1229.291861] ? ip_local_deliver_finish+0xff0/0xff0 [ 1229.291861] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1229.291861] net_rx_action+0x98f/0x1d50 [ 1229.291861] ? net_tx_action+0xf20/0xf20 [ 1229.291861] __do_softirq+0x721/0xc7f [ 1229.291861] irq_exit+0x305/0x340 [ 1229.401822] exiting_irq+0xe/0x10 [ 1229.401822] smp_apic_timer_interrupt+0x64/0x90 [ 1229.401822] apic_timer_interrupt+0xf/0x20 [ 1229.401822] [ 1229.401822] RIP: 0010:kmsan_get_metadata_or_null+0x1f9/0x380 [ 1229.401822] Code: 00 00 16 00 00 48 03 08 48 c1 e9 05 48 ba 00 b0 aa aa aa aa aa aa 48 0f af d1 4c 09 f2 48 b8 00 00 00 00 80 88 ff ff 48 01 d0 31 01 00 00 65 44 8b 2c 25 20 a1 02 00 48 b8 00 00 00 00 00 02 [ 1229.427170] RSP: 0000:ffff8880ace3fb78 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 1229.427170] RAX: ffff8880adaffda8 RBX: ffff8880ace3fda8 RCX: 00000000002090fd [ 1229.427170] RDX: 00000000adaffda8 RSI: 0000000000000004 RDI: ffff8880ace3fda8 [ 1229.427170] RBP: ffff8880ace3fbb0 R08: 0000000000480020 R09: 0000000000000002 [ 1229.427170] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88812ce3fda8 [ 1229.472340] R13: ffffea00040d57e8 R14: 0000000000000da8 R15: 0000000000000004 [ 1229.472340] __msan_poison_alloca+0x1e0/0x270 [ 1229.472340] ? handle_mm_fault+0xcc/0xa8c0 [ 1229.472340] ? __do_page_fault+0xdeb/0x1d90 [ 1229.472340] handle_mm_fault+0xcc/0xa8c0 [ 1229.472340] ? kmsan_set_origin+0x7f/0x100 [ 1229.472340] ? mlx4_en_DUMP_ETH_STATS+0x21db/0x66f0 [ 1229.472340] ? find_vma+0x2db/0x330 [ 1229.472340] __do_page_fault+0xdeb/0x1d90 [ 1229.472340] ? __msan_poison_alloca+0x1e0/0x270 [ 1229.472340] do_page_fault+0x98/0xd0 [ 1229.472340] ? page_fault+0x8/0x30 [ 1229.472340] page_fault+0x1e/0x30 [ 1229.472340] RIP: 0033:0x459f1d [ 1229.472340] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 30 8a fb ff 48 85 f6 0f 84 27 8a fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 1229.541836] RSP: 002b:0000000000a3fac8 EFLAGS: 00010202 [ 1229.541836] RAX: ffffffffffffffea RBX: 00007f696f04a700 RCX: 00007f696f04a700 [ 1229.541836] RDX: 00000000003d0f00 RSI: 00007f696f049db0 RDI: 000000000040e070 [ 1229.541836] RBP: 0000000000a3fcd0 R08: 00007f696f04a9d0 R09: 00007f696f04a700 [ 1229.541836] R10: 00007f696f049dc0 R11: 0000000000000246 R12: 0000000000000000 [ 1229.541836] R13: 0000000000a3fb7f R14: 00007f696f04a9c0 R15: 0000000000000001 [ 1229.541836] Uninit was stored to memory at: [ 1229.541836] kmsan_internal_chain_origin+0x136/0x240 [ 1229.541836] __msan_chain_origin+0x6d/0xb0 [ 1229.541836] save_stack_trace+0xfa/0x110 [ 1229.541836] kmsan_internal_chain_origin+0x136/0x240 [ 1229.541836] kmsan_memcpy_origins+0x13d/0x190 [ 1229.541836] __msan_memcpy+0x6f/0x80 [ 1229.541836] pskb_expand_head+0x436/0x1d20 [ 1229.633198] skb_shift+0xce2/0x2d10 [ 1229.633198] tcp_sacktag_walk+0x2156/0x29d0 [ 1229.633198] tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.633198] tcp_ack+0x2888/0xa010 [ 1229.633198] tcp_rcv_established+0xf7e/0x2940 [ 1229.633198] tcp_v4_do_rcv+0x686/0xd80 [ 1229.633198] tcp_v4_rcv+0x5a13/0x6520 [ 1229.633198] ip_local_deliver_finish+0x8d8/0xff0 [ 1229.633198] ip_local_deliver+0x44b/0x510 [ 1229.633198] ip_rcv+0x6b6/0x740 [ 1229.633198] process_backlog+0x82b/0x11e0 [ 1229.633198] net_rx_action+0x98f/0x1d50 [ 1229.633198] __do_softirq+0x721/0xc7f [ 1229.633198] [ 1229.633198] Uninit was stored to memory at: [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] __msan_chain_origin+0x6d/0xb0 [ 1229.633198] __save_stack_trace+0x833/0xc60 [ 1229.633198] save_stack_trace+0xc6/0x110 [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] kmsan_memcpy_origins+0x13d/0x190 [ 1229.633198] __msan_memcpy+0x6f/0x80 [ 1229.633198] pskb_expand_head+0x436/0x1d20 [ 1229.633198] skb_shift+0xce2/0x2d10 [ 1229.633198] tcp_sacktag_walk+0x2156/0x29d0 [ 1229.633198] tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.633198] tcp_ack+0x2888/0xa010 [ 1229.633198] tcp_rcv_established+0xf7e/0x2940 [ 1229.633198] tcp_v4_do_rcv+0x686/0xd80 [ 1229.633198] tcp_v4_rcv+0x5a13/0x6520 [ 1229.633198] ip_local_deliver_finish+0x8d8/0xff0 [ 1229.633198] ip_local_deliver+0x44b/0x510 [ 1229.633198] ip_rcv+0x6b6/0x740 [ 1229.633198] process_backlog+0x82b/0x11e0 [ 1229.633198] net_rx_action+0x98f/0x1d50 [ 1229.633198] __do_softirq+0x721/0xc7f [ 1229.633198] [ 1229.633198] Uninit was stored to memory at: [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] __msan_chain_origin+0x6d/0xb0 [ 1229.633198] save_stack_trace+0xfa/0x110 [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] kmsan_memcpy_origins+0x13d/0x190 [ 1229.633198] __msan_memcpy+0x6f/0x80 [ 1229.633198] pskb_expand_head+0x436/0x1d20 [ 1229.633198] skb_shift+0xce2/0x2d10 [ 1229.633198] tcp_sacktag_walk+0x2156/0x29d0 [ 1229.633198] tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.633198] tcp_ack+0x2888/0xa010 [ 1229.633198] tcp_rcv_established+0xf7e/0x2940 [ 1229.633198] tcp_v4_do_rcv+0x686/0xd80 [ 1229.633198] tcp_v4_rcv+0x5a13/0x6520 [ 1229.633198] ip_local_deliver_finish+0x8d8/0xff0 [ 1229.633198] ip_local_deliver+0x44b/0x510 [ 1229.633198] ip_rcv+0x6b6/0x740 [ 1229.633198] process_backlog+0x82b/0x11e0 [ 1229.633198] net_rx_action+0x98f/0x1d50 [ 1229.633198] __do_softirq+0x721/0xc7f [ 1229.633198] [ 1229.633198] Uninit was stored to memory at: [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] __msan_chain_origin+0x6d/0xb0 [ 1229.633198] __save_stack_trace+0x833/0xc60 [ 1229.633198] save_stack_trace+0xc6/0x110 [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] kmsan_memcpy_origins+0x13d/0x190 [ 1229.633198] __msan_memcpy+0x6f/0x80 [ 1229.633198] pskb_expand_head+0x436/0x1d20 [ 1229.633198] skb_shift+0xce2/0x2d10 [ 1229.633198] tcp_sacktag_walk+0x2156/0x29d0 [ 1229.633198] tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.633198] tcp_ack+0x2888/0xa010 [ 1229.633198] tcp_rcv_established+0xf7e/0x2940 [ 1229.633198] tcp_v4_do_rcv+0x686/0xd80 [ 1229.633198] tcp_v4_rcv+0x5a13/0x6520 [ 1229.633198] ip_local_deliver_finish+0x8d8/0xff0 [ 1229.633198] ip_local_deliver+0x44b/0x510 [ 1229.633198] ip_rcv+0x6b6/0x740 [ 1229.633198] process_backlog+0x82b/0x11e0 [ 1229.633198] net_rx_action+0x98f/0x1d50 [ 1229.633198] __do_softirq+0x721/0xc7f [ 1229.633198] [ 1229.633198] Uninit was stored to memory at: [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] __msan_chain_origin+0x6d/0xb0 [ 1229.633198] save_stack_trace+0xfa/0x110 [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] kmsan_memcpy_origins+0x13d/0x190 [ 1229.633198] __msan_memcpy+0x6f/0x80 [ 1229.633198] pskb_expand_head+0x436/0x1d20 [ 1229.633198] skb_shift+0xce2/0x2d10 [ 1229.633198] tcp_sacktag_walk+0x2156/0x29d0 [ 1229.633198] tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.633198] tcp_ack+0x2888/0xa010 [ 1229.633198] tcp_rcv_established+0xf7e/0x2940 [ 1229.633198] tcp_v4_do_rcv+0x686/0xd80 [ 1229.633198] tcp_v4_rcv+0x5a13/0x6520 [ 1229.633198] ip_local_deliver_finish+0x8d8/0xff0 [ 1229.633198] ip_local_deliver+0x44b/0x510 [ 1229.633198] ip_rcv+0x6b6/0x740 [ 1229.633198] process_backlog+0x82b/0x11e0 [ 1229.633198] net_rx_action+0x98f/0x1d50 [ 1229.633198] __do_softirq+0x721/0xc7f [ 1229.633198] [ 1229.633198] Uninit was stored to memory at: [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] __msan_chain_origin+0x6d/0xb0 [ 1229.633198] __save_stack_trace+0x833/0xc60 [ 1229.633198] save_stack_trace+0xc6/0x110 [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] kmsan_memcpy_origins+0x13d/0x190 [ 1229.633198] __msan_memcpy+0x6f/0x80 [ 1229.633198] pskb_expand_head+0x436/0x1d20 [ 1229.633198] skb_shift+0xce2/0x2d10 [ 1229.633198] tcp_sacktag_walk+0x2156/0x29d0 [ 1229.633198] tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.633198] tcp_ack+0x2888/0xa010 [ 1229.633198] tcp_rcv_established+0xf7e/0x2940 [ 1229.633198] tcp_v4_do_rcv+0x686/0xd80 [ 1229.633198] tcp_v4_rcv+0x5a13/0x6520 [ 1229.633198] ip_local_deliver_finish+0x8d8/0xff0 [ 1229.633198] ip_local_deliver+0x44b/0x510 [ 1229.633198] ip_rcv+0x6b6/0x740 [ 1229.633198] process_backlog+0x82b/0x11e0 [ 1229.633198] net_rx_action+0x98f/0x1d50 [ 1229.633198] __do_softirq+0x721/0xc7f [ 1229.633198] [ 1229.633198] Uninit was stored to memory at: [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] __msan_chain_origin+0x6d/0xb0 [ 1229.633198] save_stack_trace+0xfa/0x110 [ 1229.633198] kmsan_internal_chain_origin+0x136/0x240 [ 1229.633198] kmsan_memcpy_origins+0x13d/0x190 [ 1229.633198] __msan_memcpy+0x6f/0x80 [ 1229.633198] pskb_expand_head+0x436/0x1d20 [ 1229.633198] skb_shift+0xce2/0x2d10 [ 1229.633198] tcp_sacktag_walk+0x2156/0x29d0 [ 1229.633198] tcp_sacktag_write_queue+0x2805/0x4630 [ 1229.633198] tcp_ack+0x2888/0xa010 [ 1229.633198] tcp_rcv_established+0xf7e/0x2940 [ 1229.633198] tcp_v4_do_rcv+0x686/0xd80 [ 1229.633198] tcp_v4_rcv+0x5a13/0x6520 [ 1229.633198] ip_local_deliver_finish+0x8d8/0xff0 [ 1229.633198] ip_local_deliver+0x44b/0x510 [ 1229.633198] ip_rcv+0x6b6/0x740 [ 1229.633198] process_backlog+0x82b/0x11e0 [ 1229.633198] net_rx_action+0x98f/0x1d50 [ 1229.633198] __do_softirq+0x721/0xc7f [ 1229.633198] [ 1229.633198] Local variable description: ----v.addr.i.i.i@run_posix_cpu_timers [ 1229.633198] Variable was created at: [ 1229.633198] run_posix_cpu_timers+0xbb/0x4720 [ 1229.633198] update_process_times+0x1b0/0x1e0 14:17:47 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:17:47 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:47 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) [ 1230.710229] not chained 5490000 origins [ 1230.711656] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1230.711656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1230.711656] Call Trace: [ 1230.711656] dump_stack+0x32d/0x480 [ 1230.711656] kmsan_internal_chain_origin+0x222/0x240 [ 1230.711656] ? ret_from_fork+0x35/0x40 [ 1230.711656] ? save_stack_trace+0xc6/0x110 [ 1230.747004] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1230.747004] ? kmsan_internal_chain_origin+0x90/0x240 [ 1230.759674] ? kmsan_internal_chain_origin+0x136/0x240 [ 1230.759674] ? __msan_chain_origin+0x6d/0xb0 [ 1230.759674] ? save_stack_trace+0xfa/0x110 [ 1230.759674] ? kmsan_internal_chain_origin+0x136/0x240 [ 1230.759674] ? kmsan_memcpy_origins+0x13d/0x190 [ 1230.759674] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1230.759674] ? in_task_stack+0x12c/0x210 [ 1230.791822] __msan_chain_origin+0x6d/0xb0 [ 1230.791822] ? kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __save_stack_trace+0x8be/0xc60 [ 1230.791822] ? kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] save_stack_trace+0xc6/0x110 [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] ? run_ksoftirqd+0x37/0x60 [ 1230.791822] ? kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] ? kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] ? __msan_memcpy+0x6f/0x80 [ 1230.791822] ? pskb_expand_head+0x436/0x1d20 [ 1230.791822] ? tcp_fragment+0x378/0x21d0 [ 1230.791822] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] ? tcp_ack+0x2888/0xa010 [ 1230.791822] ? tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] ? tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] ? tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ? ip_local_deliver+0x44b/0x510 [ 1230.791822] ? ip_rcv+0x6b6/0x740 [ 1230.791822] ? process_backlog+0x82b/0x11e0 [ 1230.791822] ? net_rx_action+0x98f/0x1d50 [ 1230.791822] ? __do_softirq+0x721/0xc7f [ 1230.791822] ? run_ksoftirqd+0x37/0x60 [ 1230.791822] ? smpboot_thread_fn+0x69c/0xb30 [ 1230.791822] ? kthread+0x5e7/0x620 [ 1230.791822] ? ret_from_fork+0x35/0x40 [ 1230.791822] ? __msan_get_context_state+0x9/0x20 [ 1230.791822] ? INIT_INT+0xc/0x30 [ 1230.791822] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1230.791822] kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __msan_memcpy+0x6f/0x80 [ 1230.791822] pskb_expand_head+0x436/0x1d20 [ 1230.791822] tcp_fragment+0x378/0x21d0 [ 1230.791822] tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] tcp_ack+0x2888/0xa010 [ 1230.791822] ? tcp_parse_options+0xbe/0x1cf0 [ 1230.791822] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1230.791822] ? tcp_parse_options+0x1c55/0x1cf0 [ 1230.791822] tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] ? __msan_get_context_state+0x9/0x20 [ 1230.791822] tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ? tcp_filter+0x260/0x260 [ 1230.791822] ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ? nf_hook_slow+0x36f/0x3d0 [ 1230.791822] ip_local_deliver+0x44b/0x510 [ 1230.791822] ? ip_local_deliver+0x510/0x510 [ 1230.791822] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1230.791822] ip_rcv+0x6b6/0x740 [ 1230.791822] ? ip_rcv_core+0x1370/0x1370 [ 1230.791822] process_backlog+0x82b/0x11e0 [ 1230.791822] ? ip_local_deliver_finish+0xff0/0xff0 [ 1230.791822] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1230.791822] net_rx_action+0x98f/0x1d50 [ 1230.791822] ? net_tx_action+0xf20/0xf20 [ 1230.791822] __do_softirq+0x721/0xc7f [ 1230.791822] ? ksoftirqd_should_run+0x50/0x50 [ 1230.791822] run_ksoftirqd+0x37/0x60 [ 1230.791822] smpboot_thread_fn+0x69c/0xb30 [ 1230.791822] kthread+0x5e7/0x620 [ 1230.791822] ? cpu_report_death+0x4a0/0x4a0 [ 1230.791822] ? INIT_BOOL+0x30/0x30 [ 1230.791822] ret_from_fork+0x35/0x40 [ 1230.791822] Uninit was stored to memory at: [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] __msan_chain_origin+0x6d/0xb0 [ 1230.791822] __save_stack_trace+0x8be/0xc60 [ 1230.791822] save_stack_trace+0xc6/0x110 [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __msan_memcpy+0x6f/0x80 [ 1230.791822] pskb_expand_head+0x436/0x1d20 [ 1230.791822] tcp_fragment+0x378/0x21d0 [ 1230.791822] tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] tcp_ack+0x2888/0xa010 [ 1230.791822] tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ip_local_deliver+0x44b/0x510 [ 1230.791822] ip_rcv+0x6b6/0x740 [ 1230.791822] process_backlog+0x82b/0x11e0 [ 1230.791822] net_rx_action+0x98f/0x1d50 [ 1230.791822] __do_softirq+0x721/0xc7f [ 1230.791822] [ 1230.791822] Uninit was stored to memory at: [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] __msan_chain_origin+0x6d/0xb0 [ 1230.791822] __save_stack_trace+0x8be/0xc60 [ 1230.791822] save_stack_trace+0xc6/0x110 [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __msan_memcpy+0x6f/0x80 [ 1230.791822] pskb_expand_head+0x436/0x1d20 [ 1230.791822] tcp_fragment+0x378/0x21d0 [ 1230.791822] tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] tcp_ack+0x2888/0xa010 [ 1230.791822] tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ip_local_deliver+0x44b/0x510 [ 1230.791822] ip_rcv+0x6b6/0x740 [ 1230.791822] process_backlog+0x82b/0x11e0 [ 1230.791822] net_rx_action+0x98f/0x1d50 [ 1230.791822] __do_softirq+0x721/0xc7f [ 1230.791822] [ 1230.791822] Uninit was stored to memory at: [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] __msan_chain_origin+0x6d/0xb0 [ 1230.791822] __save_stack_trace+0x8be/0xc60 [ 1230.791822] save_stack_trace+0xc6/0x110 [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __msan_memcpy+0x6f/0x80 [ 1230.791822] pskb_expand_head+0x436/0x1d20 [ 1230.791822] tcp_fragment+0x378/0x21d0 [ 1230.791822] tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] tcp_ack+0x2888/0xa010 [ 1230.791822] tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ip_local_deliver+0x44b/0x510 [ 1230.791822] ip_rcv+0x6b6/0x740 [ 1230.791822] process_backlog+0x82b/0x11e0 [ 1230.791822] net_rx_action+0x98f/0x1d50 [ 1230.791822] __do_softirq+0x721/0xc7f [ 1230.791822] [ 1230.791822] Uninit was stored to memory at: [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] __msan_chain_origin+0x6d/0xb0 [ 1230.791822] __save_stack_trace+0x8be/0xc60 [ 1230.791822] save_stack_trace+0xc6/0x110 [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __msan_memcpy+0x6f/0x80 [ 1230.791822] pskb_expand_head+0x436/0x1d20 [ 1230.791822] tcp_fragment+0x378/0x21d0 [ 1230.791822] tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] tcp_ack+0x2888/0xa010 [ 1230.791822] tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ip_local_deliver+0x44b/0x510 [ 1230.791822] ip_rcv+0x6b6/0x740 [ 1230.791822] process_backlog+0x82b/0x11e0 [ 1230.791822] net_rx_action+0x98f/0x1d50 [ 1230.791822] __do_softirq+0x721/0xc7f [ 1230.791822] [ 1230.791822] Uninit was stored to memory at: [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] __msan_chain_origin+0x6d/0xb0 [ 1230.791822] __save_stack_trace+0x8be/0xc60 [ 1230.791822] save_stack_trace+0xc6/0x110 [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __msan_memcpy+0x6f/0x80 [ 1230.791822] pskb_expand_head+0x436/0x1d20 [ 1230.791822] tcp_fragment+0x378/0x21d0 [ 1230.791822] tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] tcp_ack+0x2888/0xa010 [ 1230.791822] tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ip_local_deliver+0x44b/0x510 [ 1230.791822] ip_rcv+0x6b6/0x740 [ 1230.791822] process_backlog+0x82b/0x11e0 [ 1230.791822] net_rx_action+0x98f/0x1d50 [ 1230.791822] __do_softirq+0x721/0xc7f [ 1230.791822] [ 1230.791822] Uninit was stored to memory at: [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] __msan_chain_origin+0x6d/0xb0 [ 1230.791822] __save_stack_trace+0x8be/0xc60 [ 1230.791822] save_stack_trace+0xc6/0x110 [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __msan_memcpy+0x6f/0x80 [ 1230.791822] pskb_expand_head+0x436/0x1d20 [ 1230.791822] tcp_fragment+0x378/0x21d0 [ 1230.791822] tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] tcp_ack+0x2888/0xa010 [ 1230.791822] tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ip_local_deliver+0x44b/0x510 [ 1230.791822] ip_rcv+0x6b6/0x740 [ 1230.791822] process_backlog+0x82b/0x11e0 [ 1230.791822] net_rx_action+0x98f/0x1d50 [ 1230.791822] __do_softirq+0x721/0xc7f [ 1230.791822] [ 1230.791822] Uninit was stored to memory at: [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] __msan_chain_origin+0x6d/0xb0 [ 1230.791822] __save_stack_trace+0x8be/0xc60 [ 1230.791822] save_stack_trace+0xc6/0x110 [ 1230.791822] kmsan_internal_chain_origin+0x136/0x240 [ 1230.791822] kmsan_memcpy_origins+0x13d/0x190 [ 1230.791822] __msan_memcpy+0x6f/0x80 [ 1230.791822] pskb_expand_head+0x436/0x1d20 [ 1230.791822] tcp_fragment+0x378/0x21d0 [ 1230.791822] tcp_sacktag_walk+0xe88/0x29d0 [ 1230.791822] tcp_sacktag_write_queue+0x2805/0x4630 [ 1230.791822] tcp_ack+0x2888/0xa010 [ 1230.791822] tcp_rcv_established+0xf7e/0x2940 [ 1230.791822] tcp_v4_do_rcv+0x686/0xd80 [ 1230.791822] tcp_v4_rcv+0x5a13/0x6520 [ 1230.791822] ip_local_deliver_finish+0x8d8/0xff0 [ 1230.791822] ip_local_deliver+0x44b/0x510 [ 1230.791822] ip_rcv+0x6b6/0x740 [ 1230.791822] process_backlog+0x82b/0x11e0 [ 1230.791822] net_rx_action+0x98f/0x1d50 [ 1230.791822] __do_softirq+0x721/0xc7f [ 1230.791822] [ 1230.791822] Local variable description: ----p@ip_vs_conn_out_get_proto [ 1230.791822] Variable was created at: [ 1230.791822] ip_vs_conn_out_get_proto+0xb2/0x740 [ 1230.791822] ip_vs_out+0x9ae/0x4570 14:17:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:49 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:49 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) remap_file_pages(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x0, 0x42000) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) write$P9_RCLUNK(r1, &(0x7f0000000140)={0x7, 0x79, 0x2}, 0x7) ioctl$NBD_DO_IT(r1, 0xab03) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:17:49 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x2) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:17:49 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000400)={r7, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r8 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r9, 0x4010641c, &(0x7f0000000300)={r10, &(0x7f0000000200)=""/244}) sendmmsg(r8, &(0x7f0000000180), 0x400000000000117, 0x0) r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCNXCL(r11, 0x540d) fstat(r9, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000005c0)=0x0, &(0x7f0000000600), &(0x7f0000000640)) write$FUSE_ENTRY(r9, &(0x7f0000000680)={0x90, 0xfffffffffffffffe, 0x2, {0x5, 0x1, 0x5, 0x3, 0x3, 0x5, {0x1, 0x9, 0x7, 0x7, 0x3, 0x9, 0xb4d, 0x0, 0x2, 0x1ff, 0x800, r12, r13, 0x7, 0x1f}}}, 0x90) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000740)) 14:17:49 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1232.442085] not chained 5500000 origins [ 1232.446115] CPU: 0 PID: 18957 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 1232.451789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1232.451789] Call Trace: [ 1232.451789] dump_stack+0x32d/0x480 [ 1232.451789] kmsan_internal_chain_origin+0x222/0x240 [ 1232.451789] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1232.451789] ? __module_address+0x6a/0x5f0 [ 1232.451789] ? is_bpf_text_address+0x3e5/0x4d0 [ 1232.451789] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1232.451789] ? __module_address+0x6a/0x5f0 [ 1232.451789] ? is_bpf_text_address+0x3e5/0x4d0 [ 1232.501816] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1232.504488] ? is_bpf_text_address+0x49e/0x4d0 [ 1232.504488] ? kmsan_internal_chain_origin+0x90/0x240 [ 1232.504488] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1232.504488] ? is_bpf_text_address+0x49e/0x4d0 [ 1232.504488] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1232.504488] ? in_task_stack+0x12c/0x210 [ 1232.504488] __msan_chain_origin+0x6d/0xb0 [ 1232.504488] ? __release_sock+0x32d/0x750 [ 1232.504488] __save_stack_trace+0x8be/0xc60 [ 1232.504488] ? __release_sock+0x32d/0x750 [ 1232.504488] save_stack_trace+0xc6/0x110 [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] ? __vfs_write+0x888/0xb80 [ 1232.504488] ? kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] ? kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] ? __msan_memcpy+0x6f/0x80 [ 1232.504488] ? pskb_expand_head+0x436/0x1d20 [ 1232.504488] ? tcp_fragment+0x378/0x21d0 [ 1232.504488] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] ? tcp_ack+0x2888/0xa010 [ 1232.504488] ? tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] ? tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] ? __release_sock+0x32d/0x750 [ 1232.504488] ? release_sock+0x99/0x2a0 [ 1232.504488] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] ? tcp_sendmsg+0xb2/0x100 [ 1232.504488] ? inet_sendmsg+0x4e9/0x800 [ 1232.504488] ? sock_write_iter+0x3f4/0x4f0 [ 1232.504488] ? __vfs_write+0x888/0xb80 [ 1232.504488] ? vfs_write+0x4a3/0x8f0 [ 1232.504488] ? __se_sys_write+0x17a/0x370 [ 1232.504488] ? __x64_sys_write+0x4a/0x70 [ 1232.504488] ? do_syscall_64+0xcf/0x110 [ 1232.504488] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] ? __msan_get_context_state+0x9/0x20 [ 1232.504488] ? INIT_INT+0xc/0x30 [ 1232.504488] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1232.504488] ? kmsan_set_origin+0x7f/0x100 [ 1232.504488] kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] __msan_memcpy+0x6f/0x80 [ 1232.504488] pskb_expand_head+0x436/0x1d20 [ 1232.504488] tcp_fragment+0x378/0x21d0 [ 1232.504488] ? kmsan_set_origin+0x7f/0x100 [ 1232.504488] tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] tcp_ack+0x2888/0xa010 [ 1232.504488] ? tcp_parse_options+0xbe/0x1cf0 [ 1232.504488] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1232.504488] ? tcp_parse_options+0x1c55/0x1cf0 [ 1232.504488] tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] ? __msan_get_context_state+0x9/0x20 [ 1232.504488] tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] ? inet_sk_rx_dst_set+0x200/0x200 [ 1232.504488] __release_sock+0x32d/0x750 [ 1232.504488] release_sock+0x99/0x2a0 [ 1232.504488] sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] ? wait_woken+0x5b0/0x5b0 [ 1232.504488] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] tcp_sendmsg+0xb2/0x100 [ 1232.504488] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1232.504488] inet_sendmsg+0x4e9/0x800 [ 1232.504488] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1232.504488] ? security_socket_sendmsg+0x1bd/0x200 [ 1232.504488] ? inet_getname+0x490/0x490 [ 1232.504488] sock_write_iter+0x3f4/0x4f0 [ 1232.504488] ? sock_read_iter+0x4e0/0x4e0 [ 1232.504488] __vfs_write+0x888/0xb80 [ 1232.504488] vfs_write+0x4a3/0x8f0 [ 1232.504488] __se_sys_write+0x17a/0x370 [ 1232.504488] __x64_sys_write+0x4a/0x70 [ 1232.504488] do_syscall_64+0xcf/0x110 [ 1232.504488] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] RIP: 0033:0x457569 [ 1232.504488] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1232.504488] RSP: 002b:00007fe9058c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1232.504488] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1232.504488] RDX: 000000000000ff5a RSI: 0000000020000100 RDI: 0000000000000005 [ 1232.504488] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1232.504488] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe9058c16d4 [ 1232.504488] R13: 00000000004c5893 R14: 00000000004d95a0 R15: 00000000ffffffff [ 1232.504488] Uninit was stored to memory at: [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] __msan_chain_origin+0x6d/0xb0 [ 1232.504488] __save_stack_trace+0x8be/0xc60 [ 1232.504488] save_stack_trace+0xc6/0x110 [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] __msan_memcpy+0x6f/0x80 [ 1232.504488] pskb_expand_head+0x436/0x1d20 [ 1232.504488] tcp_fragment+0x378/0x21d0 [ 1232.504488] tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] tcp_ack+0x2888/0xa010 [ 1232.504488] tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] __release_sock+0x32d/0x750 [ 1232.504488] release_sock+0x99/0x2a0 [ 1232.504488] sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] tcp_sendmsg+0xb2/0x100 [ 1232.504488] inet_sendmsg+0x4e9/0x800 [ 1232.504488] sock_write_iter+0x3f4/0x4f0 [ 1232.504488] __vfs_write+0x888/0xb80 [ 1232.504488] vfs_write+0x4a3/0x8f0 [ 1232.504488] __se_sys_write+0x17a/0x370 [ 1232.504488] __x64_sys_write+0x4a/0x70 [ 1232.504488] do_syscall_64+0xcf/0x110 [ 1232.504488] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] [ 1232.504488] Uninit was stored to memory at: [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] __msan_chain_origin+0x6d/0xb0 [ 1232.504488] __save_stack_trace+0x8be/0xc60 [ 1232.504488] save_stack_trace+0xc6/0x110 [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] __msan_memcpy+0x6f/0x80 [ 1232.504488] pskb_expand_head+0x436/0x1d20 [ 1232.504488] tcp_fragment+0x378/0x21d0 [ 1232.504488] tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] tcp_ack+0x2888/0xa010 [ 1232.504488] tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] __release_sock+0x32d/0x750 [ 1232.504488] release_sock+0x99/0x2a0 [ 1232.504488] sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] tcp_sendmsg+0xb2/0x100 [ 1232.504488] inet_sendmsg+0x4e9/0x800 [ 1232.504488] sock_write_iter+0x3f4/0x4f0 [ 1232.504488] __vfs_write+0x888/0xb80 [ 1232.504488] vfs_write+0x4a3/0x8f0 [ 1232.504488] __se_sys_write+0x17a/0x370 [ 1232.504488] __x64_sys_write+0x4a/0x70 [ 1232.504488] do_syscall_64+0xcf/0x110 [ 1232.504488] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] [ 1232.504488] Uninit was stored to memory at: [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] __msan_chain_origin+0x6d/0xb0 [ 1232.504488] __save_stack_trace+0x8be/0xc60 [ 1232.504488] save_stack_trace+0xc6/0x110 [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] __msan_memcpy+0x6f/0x80 [ 1232.504488] pskb_expand_head+0x436/0x1d20 [ 1232.504488] tcp_fragment+0x378/0x21d0 [ 1232.504488] tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] tcp_ack+0x2888/0xa010 [ 1232.504488] tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] __release_sock+0x32d/0x750 [ 1232.504488] release_sock+0x99/0x2a0 [ 1232.504488] sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] tcp_sendmsg+0xb2/0x100 [ 1232.504488] inet_sendmsg+0x4e9/0x800 [ 1232.504488] sock_write_iter+0x3f4/0x4f0 [ 1232.504488] __vfs_write+0x888/0xb80 [ 1232.504488] vfs_write+0x4a3/0x8f0 [ 1232.504488] __se_sys_write+0x17a/0x370 [ 1232.504488] __x64_sys_write+0x4a/0x70 [ 1232.504488] do_syscall_64+0xcf/0x110 [ 1232.504488] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] [ 1232.504488] Uninit was stored to memory at: [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] __msan_chain_origin+0x6d/0xb0 [ 1232.504488] __save_stack_trace+0x8be/0xc60 [ 1232.504488] save_stack_trace+0xc6/0x110 [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] __msan_memcpy+0x6f/0x80 [ 1232.504488] pskb_expand_head+0x436/0x1d20 [ 1232.504488] tcp_fragment+0x378/0x21d0 [ 1232.504488] tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] tcp_ack+0x2888/0xa010 [ 1232.504488] tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] __release_sock+0x32d/0x750 [ 1232.504488] release_sock+0x99/0x2a0 [ 1232.504488] sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] tcp_sendmsg+0xb2/0x100 [ 1232.504488] inet_sendmsg+0x4e9/0x800 [ 1232.504488] sock_write_iter+0x3f4/0x4f0 [ 1232.504488] __vfs_write+0x888/0xb80 [ 1232.504488] vfs_write+0x4a3/0x8f0 [ 1232.504488] __se_sys_write+0x17a/0x370 [ 1232.504488] __x64_sys_write+0x4a/0x70 [ 1232.504488] do_syscall_64+0xcf/0x110 [ 1232.504488] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] [ 1232.504488] Uninit was stored to memory at: [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] __msan_chain_origin+0x6d/0xb0 [ 1232.504488] __save_stack_trace+0x8be/0xc60 [ 1232.504488] save_stack_trace+0xc6/0x110 [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] __msan_memcpy+0x6f/0x80 [ 1232.504488] pskb_expand_head+0x436/0x1d20 [ 1232.504488] tcp_fragment+0x378/0x21d0 [ 1232.504488] tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] tcp_ack+0x2888/0xa010 [ 1232.504488] tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] __release_sock+0x32d/0x750 [ 1232.504488] release_sock+0x99/0x2a0 [ 1232.504488] sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] tcp_sendmsg+0xb2/0x100 [ 1232.504488] inet_sendmsg+0x4e9/0x800 [ 1232.504488] sock_write_iter+0x3f4/0x4f0 [ 1232.504488] __vfs_write+0x888/0xb80 [ 1232.504488] vfs_write+0x4a3/0x8f0 [ 1232.504488] __se_sys_write+0x17a/0x370 [ 1232.504488] __x64_sys_write+0x4a/0x70 [ 1232.504488] do_syscall_64+0xcf/0x110 [ 1232.504488] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] [ 1232.504488] Uninit was stored to memory at: [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] __msan_chain_origin+0x6d/0xb0 [ 1232.504488] __save_stack_trace+0x8be/0xc60 [ 1232.504488] save_stack_trace+0xc6/0x110 [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] __msan_memcpy+0x6f/0x80 [ 1232.504488] pskb_expand_head+0x436/0x1d20 [ 1232.504488] tcp_fragment+0x378/0x21d0 [ 1232.504488] tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] tcp_ack+0x2888/0xa010 [ 1232.504488] tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] __release_sock+0x32d/0x750 [ 1232.504488] release_sock+0x99/0x2a0 [ 1232.504488] sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] tcp_sendmsg+0xb2/0x100 [ 1232.504488] inet_sendmsg+0x4e9/0x800 [ 1232.504488] sock_write_iter+0x3f4/0x4f0 [ 1232.504488] __vfs_write+0x888/0xb80 [ 1232.504488] vfs_write+0x4a3/0x8f0 [ 1232.504488] __se_sys_write+0x17a/0x370 [ 1232.504488] __x64_sys_write+0x4a/0x70 [ 1232.504488] do_syscall_64+0xcf/0x110 [ 1232.504488] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] [ 1232.504488] Uninit was stored to memory at: [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] __msan_chain_origin+0x6d/0xb0 [ 1232.504488] __save_stack_trace+0x8be/0xc60 [ 1232.504488] save_stack_trace+0xc6/0x110 [ 1232.504488] kmsan_internal_chain_origin+0x136/0x240 [ 1232.504488] kmsan_memcpy_origins+0x13d/0x190 [ 1232.504488] __msan_memcpy+0x6f/0x80 [ 1232.504488] pskb_expand_head+0x436/0x1d20 [ 1232.504488] tcp_fragment+0x378/0x21d0 [ 1232.504488] tcp_sacktag_walk+0xe88/0x29d0 [ 1232.504488] tcp_sacktag_write_queue+0x2805/0x4630 [ 1232.504488] tcp_ack+0x2888/0xa010 [ 1232.504488] tcp_rcv_established+0xf7e/0x2940 [ 1232.504488] tcp_v4_do_rcv+0x686/0xd80 [ 1232.504488] __release_sock+0x32d/0x750 [ 1232.504488] release_sock+0x99/0x2a0 [ 1232.504488] sk_stream_wait_memory+0x9cc/0x1430 [ 1232.504488] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1232.504488] tcp_sendmsg+0xb2/0x100 [ 1232.504488] inet_sendmsg+0x4e9/0x800 [ 1232.504488] sock_write_iter+0x3f4/0x4f0 [ 1232.504488] __vfs_write+0x888/0xb80 [ 1232.504488] vfs_write+0x4a3/0x8f0 [ 1232.504488] __se_sys_write+0x17a/0x370 [ 1232.504488] __x64_sys_write+0x4a/0x70 [ 1232.504488] do_syscall_64+0xcf/0x110 [ 1232.504488] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1232.504488] [ 1232.504488] Local variable description: ----p@ip_vs_conn_out_get_proto [ 1232.504488] Variable was created at: [ 1232.504488] ip_vs_conn_out_get_proto+0xb2/0x740 14:17:50 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) [ 1232.504488] ip_vs_out+0x9ae/0x4570 14:17:50 executing program 1: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b62857170") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) [ 1233.977874] not chained 5510000 origins [ 1233.981658] CPU: 0 PID: 18959 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #85 [ 1233.981658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1233.981658] Call Trace: [ 1233.981658] [ 1233.981658] dump_stack+0x32d/0x480 [ 1233.981658] kmsan_internal_chain_origin+0x222/0x240 [ 1233.981658] ? INIT_BOOL+0xc/0x30 [ 1233.981658] ? do_raw_spin_lock+0x2c3/0x410 [ 1233.981658] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1233.981658] ? __module_address+0x6a/0x5f0 [ 1233.981658] ? is_bpf_text_address+0x3e5/0x4d0 [ 1233.981658] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1233.981658] ? is_bpf_text_address+0x49e/0x4d0 [ 1233.981658] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1233.981658] ? __module_address+0x6a/0x5f0 [ 1233.981658] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1233.981658] ? is_bpf_text_address+0x49e/0x4d0 [ 1233.981658] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1233.981658] __msan_chain_origin+0x6d/0xb0 [ 1233.981658] ? ip_rcv+0x6b6/0x740 [ 1233.981658] __save_stack_trace+0x8be/0xc60 [ 1233.981658] ? ip_rcv+0x6b6/0x740 [ 1233.981658] save_stack_trace+0xc6/0x110 [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] ? do_softirq_own_stack+0x49/0x80 [ 1233.981658] ? kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] ? kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] ? __msan_memcpy+0x6f/0x80 [ 1233.981658] ? pskb_expand_head+0x436/0x1d20 [ 1233.981658] ? skb_shift+0xce2/0x2d10 [ 1233.981658] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] ? tcp_ack+0x2888/0xa010 [ 1233.981658] ? tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] ? tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] ? tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ? ip_local_deliver+0x44b/0x510 [ 1233.981658] ? ip_rcv+0x6b6/0x740 [ 1233.981658] ? process_backlog+0x82b/0x11e0 [ 1233.981658] ? net_rx_action+0x98f/0x1d50 [ 1233.981658] ? __do_softirq+0x721/0xc7f [ 1233.981658] ? do_softirq_own_stack+0x49/0x80 [ 1233.981658] ? __local_bh_enable_ip+0x228/0x260 [ 1233.981658] ? _raw_spin_unlock_bh+0x4b/0x60 [ 1233.981658] ? sock_setsockopt+0x50e7/0x5230 [ 1233.981658] ? __sys_setsockopt+0x336/0x540 [ 1233.981658] ? __se_sys_setsockopt+0xdd/0x100 [ 1233.981658] ? __x64_sys_setsockopt+0x62/0x80 [ 1233.981658] ? do_syscall_64+0xcf/0x110 [ 1233.981658] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1233.981658] ? __msan_get_context_state+0x9/0x20 [ 1233.981658] ? INIT_INT+0xc/0x30 [ 1233.981658] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1233.981658] kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] __msan_memcpy+0x6f/0x80 [ 1233.981658] pskb_expand_head+0x436/0x1d20 [ 1233.981658] skb_shift+0xce2/0x2d10 [ 1233.981658] tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] tcp_ack+0x2888/0xa010 [ 1233.981658] ? tcp_parse_options+0xbe/0x1cf0 [ 1233.981658] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1233.981658] ? tcp_parse_options+0x1c55/0x1cf0 [ 1233.981658] tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] ? __msan_get_context_state+0x9/0x20 [ 1233.981658] tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ? tcp_filter+0x260/0x260 [ 1233.981658] ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ? nf_hook_slow+0x36f/0x3d0 [ 1233.981658] ip_local_deliver+0x44b/0x510 [ 1233.981658] ? ip_local_deliver+0x510/0x510 [ 1233.981658] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1233.981658] ip_rcv+0x6b6/0x740 [ 1233.981658] ? ip_rcv_core+0x1370/0x1370 [ 1233.981658] process_backlog+0x82b/0x11e0 [ 1233.981658] ? ip_local_deliver_finish+0xff0/0xff0 [ 1233.981658] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1233.981658] net_rx_action+0x98f/0x1d50 [ 1233.981658] ? net_tx_action+0xf20/0xf20 [ 1233.981658] __do_softirq+0x721/0xc7f [ 1233.981658] do_softirq_own_stack+0x49/0x80 [ 1233.981658] [ 1233.981658] __local_bh_enable_ip+0x228/0x260 [ 1233.981658] _raw_spin_unlock_bh+0x4b/0x60 [ 1233.981658] sock_setsockopt+0x50e7/0x5230 [ 1233.981658] __sys_setsockopt+0x336/0x540 [ 1233.981658] __se_sys_setsockopt+0xdd/0x100 [ 1233.981658] __x64_sys_setsockopt+0x62/0x80 [ 1233.981658] do_syscall_64+0xcf/0x110 [ 1233.981658] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1233.981658] RIP: 0033:0x457569 [ 1233.981658] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1233.981658] RSP: 002b:00007fb0b0f30c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1233.981658] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457569 [ 1233.981658] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000005 [ 1233.981658] RBP: 000000000072bf00 R08: 0000000000000010 R09: 0000000000000000 [ 1233.981658] R10: 0000000020b86000 R11: 0000000000000246 R12: 00007fb0b0f316d4 [ 1233.981658] R13: 00000000004c3e5d R14: 00000000004d6348 R15: 00000000ffffffff [ 1233.981658] Uninit was stored to memory at: [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] __msan_chain_origin+0x6d/0xb0 [ 1233.981658] __save_stack_trace+0x8be/0xc60 [ 1233.981658] save_stack_trace+0xc6/0x110 [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] __msan_memcpy+0x6f/0x80 [ 1233.981658] pskb_expand_head+0x436/0x1d20 [ 1233.981658] skb_shift+0x29a0/0x2d10 [ 1233.981658] tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] tcp_ack+0x2888/0xa010 [ 1233.981658] tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ip_local_deliver+0x44b/0x510 [ 1233.981658] ip_rcv+0x6b6/0x740 [ 1233.981658] process_backlog+0x82b/0x11e0 [ 1233.981658] net_rx_action+0x98f/0x1d50 [ 1233.981658] __do_softirq+0x721/0xc7f [ 1233.981658] [ 1233.981658] Uninit was stored to memory at: [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] __msan_chain_origin+0x6d/0xb0 [ 1233.981658] __save_stack_trace+0x8be/0xc60 [ 1233.981658] save_stack_trace+0xc6/0x110 [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] __msan_memcpy+0x6f/0x80 [ 1233.981658] pskb_expand_head+0x436/0x1d20 [ 1233.981658] skb_shift+0x29a0/0x2d10 [ 1233.981658] tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] tcp_ack+0x2888/0xa010 [ 1233.981658] tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ip_local_deliver+0x44b/0x510 [ 1233.981658] ip_rcv+0x6b6/0x740 [ 1233.981658] process_backlog+0x82b/0x11e0 [ 1233.981658] net_rx_action+0x98f/0x1d50 [ 1233.981658] __do_softirq+0x721/0xc7f [ 1233.981658] [ 1233.981658] Uninit was stored to memory at: [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] __msan_chain_origin+0x6d/0xb0 [ 1233.981658] __save_stack_trace+0x8be/0xc60 [ 1233.981658] save_stack_trace+0xc6/0x110 [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] __msan_memcpy+0x6f/0x80 [ 1233.981658] pskb_expand_head+0x436/0x1d20 [ 1233.981658] skb_shift+0x29a0/0x2d10 [ 1233.981658] tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] tcp_ack+0x2888/0xa010 [ 1233.981658] tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ip_local_deliver+0x44b/0x510 [ 1233.981658] ip_rcv+0x6b6/0x740 [ 1233.981658] process_backlog+0x82b/0x11e0 [ 1233.981658] net_rx_action+0x98f/0x1d50 [ 1233.981658] __do_softirq+0x721/0xc7f [ 1233.981658] [ 1233.981658] Uninit was stored to memory at: [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] __msan_chain_origin+0x6d/0xb0 [ 1233.981658] __save_stack_trace+0x8be/0xc60 [ 1233.981658] save_stack_trace+0xc6/0x110 [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] __msan_memcpy+0x6f/0x80 [ 1233.981658] pskb_expand_head+0x436/0x1d20 [ 1233.981658] skb_shift+0x29a0/0x2d10 [ 1233.981658] tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] tcp_ack+0x2888/0xa010 [ 1233.981658] tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ip_local_deliver+0x44b/0x510 [ 1233.981658] ip_rcv+0x6b6/0x740 [ 1233.981658] process_backlog+0x82b/0x11e0 [ 1233.981658] net_rx_action+0x98f/0x1d50 [ 1233.981658] __do_softirq+0x721/0xc7f [ 1233.981658] [ 1233.981658] Uninit was stored to memory at: [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] __msan_chain_origin+0x6d/0xb0 [ 1233.981658] __save_stack_trace+0x8be/0xc60 [ 1233.981658] save_stack_trace+0xc6/0x110 [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] __msan_memcpy+0x6f/0x80 [ 1233.981658] pskb_expand_head+0x436/0x1d20 [ 1233.981658] skb_shift+0x29a0/0x2d10 [ 1233.981658] tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] tcp_ack+0x2888/0xa010 [ 1233.981658] tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ip_local_deliver+0x44b/0x510 [ 1233.981658] ip_rcv+0x6b6/0x740 [ 1233.981658] process_backlog+0x82b/0x11e0 [ 1233.981658] net_rx_action+0x98f/0x1d50 [ 1233.981658] __do_softirq+0x721/0xc7f [ 1233.981658] [ 1233.981658] Uninit was stored to memory at: [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] __msan_chain_origin+0x6d/0xb0 [ 1233.981658] __save_stack_trace+0x8be/0xc60 [ 1233.981658] save_stack_trace+0xc6/0x110 [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] __msan_memcpy+0x6f/0x80 [ 1233.981658] pskb_expand_head+0x436/0x1d20 [ 1233.981658] skb_shift+0x29a0/0x2d10 [ 1233.981658] tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] tcp_ack+0x2888/0xa010 [ 1233.981658] tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ip_local_deliver+0x44b/0x510 [ 1233.981658] ip_rcv+0x6b6/0x740 [ 1233.981658] process_backlog+0x82b/0x11e0 [ 1233.981658] net_rx_action+0x98f/0x1d50 [ 1233.981658] __do_softirq+0x721/0xc7f [ 1233.981658] [ 1233.981658] Uninit was stored to memory at: [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] __msan_chain_origin+0x6d/0xb0 [ 1233.981658] __save_stack_trace+0x8be/0xc60 [ 1233.981658] save_stack_trace+0xc6/0x110 [ 1233.981658] kmsan_internal_chain_origin+0x136/0x240 [ 1233.981658] kmsan_memcpy_origins+0x13d/0x190 [ 1233.981658] __msan_memcpy+0x6f/0x80 [ 1233.981658] pskb_expand_head+0x436/0x1d20 [ 1233.981658] skb_shift+0x29a0/0x2d10 [ 1233.981658] tcp_sacktag_walk+0x2156/0x29d0 [ 1233.981658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1233.981658] tcp_ack+0x2888/0xa010 [ 1233.981658] tcp_rcv_established+0xf7e/0x2940 [ 1233.981658] tcp_v4_do_rcv+0x686/0xd80 [ 1233.981658] tcp_v4_rcv+0x5a13/0x6520 [ 1233.981658] ip_local_deliver_finish+0x8d8/0xff0 [ 1233.981658] ip_local_deliver+0x44b/0x510 [ 1233.981658] ip_rcv+0x6b6/0x740 [ 1233.981658] process_backlog+0x82b/0x11e0 [ 1233.981658] net_rx_action+0x98f/0x1d50 [ 1233.981658] __do_softirq+0x721/0xc7f [ 1233.981658] [ 1233.981658] Local variable description: ----__ai_new.i@sched_clock_cpu [ 1233.981658] Variable was created at: [ 1233.981658] sched_clock_cpu+0x75/0x770 [ 1233.981658] scheduler_tick+0x134/0x6a0 [ 1235.154752] not chained 5520000 origins [ 1235.158763] CPU: 0 PID: 18959 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #85 [ 1235.161645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1235.175047] Call Trace: [ 1235.175047] [ 1235.175047] dump_stack+0x32d/0x480 [ 1235.183674] kmsan_internal_chain_origin+0x222/0x240 [ 1235.186062] ? INIT_BOOL+0xc/0x30 [ 1235.191594] ? do_raw_spin_lock+0x2c3/0x410 [ 1235.191594] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1235.191594] ? __module_address+0x6a/0x5f0 [ 1235.191594] ? is_bpf_text_address+0x3e5/0x4d0 [ 1235.191594] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1235.191594] ? is_bpf_text_address+0x49e/0x4d0 [ 1235.191594] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1235.191594] ? __module_address+0x6a/0x5f0 [ 1235.191594] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1235.232853] ? in_task_stack+0x12c/0x210 [ 1235.232853] ? get_stack_info+0x206/0x220 [ 1235.232853] __msan_chain_origin+0x6d/0xb0 [ 1235.232853] ? __x64_sys_setsockopt+0x62/0x80 [ 1235.232853] __save_stack_trace+0x8be/0xc60 [ 1235.232853] ? __x64_sys_setsockopt+0x62/0x80 [ 1235.259020] save_stack_trace+0xc6/0x110 [ 1235.259020] kmsan_internal_chain_origin+0x136/0x240 [ 1235.259020] ? do_softirq_own_stack+0x49/0x80 [ 1235.259020] ? kmsan_internal_chain_origin+0x136/0x240 [ 1235.259020] ? kmsan_memcpy_origins+0x13d/0x190 [ 1235.259020] ? __msan_memcpy+0x6f/0x80 [ 1235.289101] ? pskb_expand_head+0x436/0x1d20 [ 1235.289101] ? skb_shift+0xce2/0x2d10 [ 1235.289101] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] ? tcp_ack+0x2888/0xa010 [ 1235.289101] ? tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] ? tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] ? tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ? ip_local_deliver+0x44b/0x510 [ 1235.289101] ? ip_rcv+0x6b6/0x740 [ 1235.289101] ? process_backlog+0x82b/0x11e0 [ 1235.289101] ? net_rx_action+0x98f/0x1d50 [ 1235.289101] ? __do_softirq+0x721/0xc7f [ 1235.289101] ? do_softirq_own_stack+0x49/0x80 [ 1235.289101] ? __local_bh_enable_ip+0x228/0x260 [ 1235.289101] ? _raw_spin_unlock_bh+0x4b/0x60 [ 1235.289101] ? sock_setsockopt+0x50e7/0x5230 [ 1235.289101] ? __sys_setsockopt+0x336/0x540 [ 1235.289101] ? __se_sys_setsockopt+0xdd/0x100 [ 1235.289101] ? __x64_sys_setsockopt+0x62/0x80 [ 1235.289101] ? do_syscall_64+0xcf/0x110 [ 1235.289101] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1235.289101] ? __msan_get_context_state+0x9/0x20 [ 1235.289101] ? INIT_INT+0xc/0x30 [ 1235.289101] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1235.289101] kmsan_memcpy_origins+0x13d/0x190 [ 1235.289101] __msan_memcpy+0x6f/0x80 [ 1235.289101] pskb_expand_head+0x436/0x1d20 [ 1235.289101] skb_shift+0xce2/0x2d10 [ 1235.289101] tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] tcp_ack+0x2888/0xa010 [ 1235.289101] ? tcp_parse_options+0xbe/0x1cf0 [ 1235.289101] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1235.289101] ? tcp_parse_options+0x1c55/0x1cf0 [ 1235.289101] tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] ? __msan_get_context_state+0x9/0x20 [ 1235.289101] tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ? tcp_filter+0x260/0x260 [ 1235.289101] ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ? nf_hook_slow+0x36f/0x3d0 [ 1235.289101] ip_local_deliver+0x44b/0x510 [ 1235.289101] ? ip_local_deliver+0x510/0x510 [ 1235.289101] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1235.289101] ip_rcv+0x6b6/0x740 [ 1235.289101] ? ip_rcv_core+0x1370/0x1370 [ 1235.289101] process_backlog+0x82b/0x11e0 [ 1235.289101] ? ip_local_deliver_finish+0xff0/0xff0 [ 1235.289101] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1235.289101] net_rx_action+0x98f/0x1d50 [ 1235.289101] ? net_tx_action+0xf20/0xf20 [ 1235.289101] __do_softirq+0x721/0xc7f [ 1235.289101] do_softirq_own_stack+0x49/0x80 [ 1235.289101] [ 1235.289101] __local_bh_enable_ip+0x228/0x260 [ 1235.289101] _raw_spin_unlock_bh+0x4b/0x60 [ 1235.289101] sock_setsockopt+0x50e7/0x5230 [ 1235.289101] __sys_setsockopt+0x336/0x540 [ 1235.289101] __se_sys_setsockopt+0xdd/0x100 [ 1235.289101] __x64_sys_setsockopt+0x62/0x80 [ 1235.289101] do_syscall_64+0xcf/0x110 [ 1235.289101] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1235.289101] RIP: 0033:0x457569 [ 1235.289101] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1235.289101] RSP: 002b:00007fb0b0f30c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1235.289101] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457569 [ 1235.289101] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000005 [ 1235.289101] RBP: 000000000072bf00 R08: 0000000000000010 R09: 0000000000000000 [ 1235.289101] R10: 0000000020b86000 R11: 0000000000000246 R12: 00007fb0b0f316d4 [ 1235.289101] R13: 00000000004c3e5d R14: 00000000004d6348 R15: 00000000ffffffff [ 1235.289101] Uninit was stored to memory at: [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] __msan_chain_origin+0x6d/0xb0 [ 1235.289101] __save_stack_trace+0x8be/0xc60 [ 1235.289101] save_stack_trace+0xc6/0x110 [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] kmsan_memcpy_origins+0x13d/0x190 [ 1235.289101] __msan_memcpy+0x6f/0x80 [ 1235.289101] pskb_expand_head+0x436/0x1d20 [ 1235.289101] skb_shift+0x29a0/0x2d10 [ 1235.289101] tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] tcp_ack+0x2888/0xa010 [ 1235.289101] tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ip_local_deliver+0x44b/0x510 [ 1235.289101] ip_rcv+0x6b6/0x740 [ 1235.289101] process_backlog+0x82b/0x11e0 [ 1235.289101] net_rx_action+0x98f/0x1d50 [ 1235.289101] __do_softirq+0x721/0xc7f [ 1235.289101] [ 1235.289101] Uninit was stored to memory at: [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] __msan_chain_origin+0x6d/0xb0 [ 1235.289101] __save_stack_trace+0x8be/0xc60 [ 1235.289101] save_stack_trace+0xc6/0x110 [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] kmsan_memcpy_origins+0x13d/0x190 [ 1235.289101] __msan_memcpy+0x6f/0x80 [ 1235.289101] pskb_expand_head+0x436/0x1d20 [ 1235.289101] skb_shift+0x29a0/0x2d10 [ 1235.289101] tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] tcp_ack+0x2888/0xa010 [ 1235.289101] tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ip_local_deliver+0x44b/0x510 [ 1235.289101] ip_rcv+0x6b6/0x740 [ 1235.289101] process_backlog+0x82b/0x11e0 [ 1235.289101] net_rx_action+0x98f/0x1d50 [ 1235.289101] __do_softirq+0x721/0xc7f [ 1235.289101] [ 1235.289101] Uninit was stored to memory at: [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] __msan_chain_origin+0x6d/0xb0 [ 1235.289101] __save_stack_trace+0x8be/0xc60 [ 1235.289101] save_stack_trace+0xc6/0x110 [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] kmsan_memcpy_origins+0x13d/0x190 [ 1235.289101] __msan_memcpy+0x6f/0x80 [ 1235.289101] pskb_expand_head+0x436/0x1d20 [ 1235.289101] skb_shift+0x29a0/0x2d10 [ 1235.289101] tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] tcp_ack+0x2888/0xa010 [ 1235.289101] tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ip_local_deliver+0x44b/0x510 [ 1235.289101] ip_rcv+0x6b6/0x740 [ 1235.289101] process_backlog+0x82b/0x11e0 [ 1235.289101] net_rx_action+0x98f/0x1d50 [ 1235.289101] __do_softirq+0x721/0xc7f [ 1235.289101] [ 1235.289101] Uninit was stored to memory at: [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] __msan_chain_origin+0x6d/0xb0 [ 1235.289101] __save_stack_trace+0x8be/0xc60 [ 1235.289101] save_stack_trace+0xc6/0x110 [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] kmsan_memcpy_origins+0x13d/0x190 [ 1235.289101] __msan_memcpy+0x6f/0x80 [ 1235.289101] pskb_expand_head+0x436/0x1d20 [ 1235.289101] skb_shift+0x29a0/0x2d10 [ 1235.289101] tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] tcp_ack+0x2888/0xa010 [ 1235.289101] tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ip_local_deliver+0x44b/0x510 [ 1235.289101] ip_rcv+0x6b6/0x740 [ 1235.289101] process_backlog+0x82b/0x11e0 [ 1235.289101] net_rx_action+0x98f/0x1d50 [ 1235.289101] __do_softirq+0x721/0xc7f [ 1235.289101] [ 1235.289101] Uninit was stored to memory at: [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] __msan_chain_origin+0x6d/0xb0 [ 1235.289101] __save_stack_trace+0x8be/0xc60 [ 1235.289101] save_stack_trace+0xc6/0x110 [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] kmsan_memcpy_origins+0x13d/0x190 [ 1235.289101] __msan_memcpy+0x6f/0x80 [ 1235.289101] pskb_expand_head+0x436/0x1d20 [ 1235.289101] skb_shift+0x29a0/0x2d10 [ 1235.289101] tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] tcp_ack+0x2888/0xa010 [ 1235.289101] tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ip_local_deliver+0x44b/0x510 [ 1235.289101] ip_rcv+0x6b6/0x740 [ 1235.289101] process_backlog+0x82b/0x11e0 [ 1235.289101] net_rx_action+0x98f/0x1d50 [ 1235.289101] __do_softirq+0x721/0xc7f [ 1235.289101] [ 1235.289101] Uninit was stored to memory at: [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] __msan_chain_origin+0x6d/0xb0 [ 1235.289101] __save_stack_trace+0x8be/0xc60 [ 1235.289101] save_stack_trace+0xc6/0x110 [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] kmsan_memcpy_origins+0x13d/0x190 [ 1235.289101] __msan_memcpy+0x6f/0x80 [ 1235.289101] pskb_expand_head+0x436/0x1d20 [ 1235.289101] skb_shift+0x29a0/0x2d10 [ 1235.289101] tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] tcp_ack+0x2888/0xa010 [ 1235.289101] tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ip_local_deliver+0x44b/0x510 [ 1235.289101] ip_rcv+0x6b6/0x740 [ 1235.289101] process_backlog+0x82b/0x11e0 [ 1235.289101] net_rx_action+0x98f/0x1d50 [ 1235.289101] __do_softirq+0x721/0xc7f [ 1235.289101] [ 1235.289101] Uninit was stored to memory at: [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] __msan_chain_origin+0x6d/0xb0 [ 1235.289101] __save_stack_trace+0x8be/0xc60 [ 1235.289101] save_stack_trace+0xc6/0x110 [ 1235.289101] kmsan_internal_chain_origin+0x136/0x240 [ 1235.289101] kmsan_memcpy_origins+0x13d/0x190 [ 1235.289101] __msan_memcpy+0x6f/0x80 [ 1235.289101] pskb_expand_head+0x436/0x1d20 [ 1235.289101] skb_shift+0x29a0/0x2d10 [ 1235.289101] tcp_sacktag_walk+0x2156/0x29d0 [ 1235.289101] tcp_sacktag_write_queue+0x2805/0x4630 [ 1235.289101] tcp_ack+0x2888/0xa010 [ 1235.289101] tcp_rcv_established+0xf7e/0x2940 [ 1235.289101] tcp_v4_do_rcv+0x686/0xd80 [ 1235.289101] tcp_v4_rcv+0x5a13/0x6520 [ 1235.289101] ip_local_deliver_finish+0x8d8/0xff0 [ 1235.289101] ip_local_deliver+0x44b/0x510 [ 1235.289101] ip_rcv+0x6b6/0x740 [ 1235.289101] process_backlog+0x82b/0x11e0 [ 1235.289101] net_rx_action+0x98f/0x1d50 [ 1235.289101] __do_softirq+0x721/0xc7f [ 1235.289101] [ 1235.289101] Local variable description: ----__ai_new.i@sched_clock_cpu [ 1235.289101] Variable was created at: [ 1235.289101] sched_clock_cpu+0x75/0x770 [ 1235.289101] scheduler_tick+0x134/0x6a0 14:17:53 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000000)={0x0, 0xb317, 0xfffffffffffffffa}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e1f, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000500)='/dev/autofs\x00', 0x101000, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000480)='/dev/hwrng\x00', 0x800, 0x0) pipe2$9p(&(0x7f0000000540), 0x4800) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000580)={'nat\x00'}, &(0x7f0000000600)=0x54) ioctl$TUNGETSNDBUF(r3, 0x800454d3, &(0x7f00000004c0)) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x800, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev}}, {{@in=@local}, 0x0, @in=@multicast2}}, &(0x7f0000000440)=0xe8) 14:17:53 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:53 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:17:53 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:53 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000400)={r7, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r8 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r9, 0x4010641c, &(0x7f0000000300)={r10, &(0x7f0000000200)=""/244}) sendmmsg(r8, &(0x7f0000000180), 0x400000000000117, 0x0) r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCNXCL(r11, 0x540d) fstat(r9, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000005c0)=0x0, &(0x7f0000000600), &(0x7f0000000640)) write$FUSE_ENTRY(r9, &(0x7f0000000680)={0x90, 0xfffffffffffffffe, 0x2, {0x5, 0x1, 0x5, 0x3, 0x3, 0x5, {0x1, 0x9, 0x7, 0x7, 0x3, 0x9, 0xb4d, 0x0, 0x2, 0x1ff, 0x800, r12, r13, 0x7, 0x1f}}}, 0x90) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000740)) 14:17:54 executing program 1: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b62857170") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:17:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:54 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x2) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:17:54 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:17:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:54 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000400)={r7, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r8 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r9, 0x4010641c, &(0x7f0000000300)={r10, &(0x7f0000000200)=""/244}) sendmmsg(r8, &(0x7f0000000180), 0x400000000000117, 0x0) r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCNXCL(r11, 0x540d) fstat(r9, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000005c0)=0x0, &(0x7f0000000600), &(0x7f0000000640)) write$FUSE_ENTRY(r9, &(0x7f0000000680)={0x90, 0xfffffffffffffffe, 0x2, {0x5, 0x1, 0x5, 0x3, 0x3, 0x5, {0x1, 0x9, 0x7, 0x7, 0x3, 0x9, 0xb4d, 0x0, 0x2, 0x1ff, 0x800, r12, r13, 0x7, 0x1f}}}, 0x90) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000740)) 14:17:54 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000000), &(0x7f0000000140)=0x4) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = syz_open_dev$midi(&(0x7f0000000400)='/dev/midi#\x00', 0x4, 0x507982) ioctl$sock_bt(r2, 0x541b, &(0x7f0000000440)="ae2432a023bf045c322491ce8ef0e6c835c42a32743920ccbf8b9c22a1a6f61533dd57d4b2d52f4daf523420c660b3500240f9e38caa15d2daa4ae6b94d22e1f98bd4c1f8830469e0b47f77440d74150f6d063b0d2a77161b99d06425206292b6d56b112d1b70ece501752df9b3bcd42db925a430295ab0315350c79a2fdcfee3a85b1") getsockname$unix(r0, &(0x7f0000000340)=@abs, &(0x7f00000003c0)=0x6e) 14:17:55 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) [ 1238.071401] not chained 5530000 origins [ 1238.071667] CPU: 1 PID: 19024 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 1238.077624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1238.077624] Call Trace: [ 1238.077624] dump_stack+0x32d/0x480 [ 1238.077624] ? save_stack_trace+0xc6/0x110 [ 1238.077624] kmsan_internal_chain_origin+0x222/0x240 [ 1238.077624] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1238.077624] ? is_bpf_text_address+0x49e/0x4d0 [ 1238.077624] ? INIT_INT+0xc/0x30 [ 1238.077624] ? __msan_warning+0x76/0xc0 [ 1238.077624] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1238.077624] ? __save_stack_trace+0x9f2/0xc60 [ 1238.077624] __msan_chain_origin+0x6d/0xb0 [ 1238.077624] save_stack_trace+0xfa/0x110 [ 1238.077624] kmsan_internal_chain_origin+0x136/0x240 [ 1238.077624] ? __se_sys_write+0x17a/0x370 [ 1238.077624] ? kmsan_internal_chain_origin+0x136/0x240 [ 1238.077624] ? kmsan_memcpy_origins+0x13d/0x190 [ 1238.077624] ? __msan_memcpy+0x6f/0x80 [ 1238.077624] ? pskb_expand_head+0x436/0x1d20 [ 1238.077624] ? tcp_trim_head+0x214/0x9b0 [ 1238.077624] ? tcp_ack+0x3193/0xa010 [ 1238.178359] ? tcp_rcv_established+0xf7e/0x2940 [ 1238.178359] ? tcp_v4_do_rcv+0x686/0xd80 [ 1238.178359] ? __release_sock+0x32d/0x750 [ 1238.178359] ? release_sock+0x99/0x2a0 [ 1238.178359] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1238.201073] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.201073] ? tcp_sendmsg+0xb2/0x100 [ 1238.201073] ? inet_sendmsg+0x4e9/0x800 [ 1238.201073] ? sock_write_iter+0x3f4/0x4f0 [ 1238.217309] ? __vfs_write+0x888/0xb80 [ 1238.217309] ? vfs_write+0x4a3/0x8f0 [ 1238.217309] ? __se_sys_write+0x17a/0x370 [ 1238.217309] ? __x64_sys_write+0x4a/0x70 [ 1238.217309] ? do_syscall_64+0xcf/0x110 [ 1238.217309] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] ? __msan_get_context_state+0x9/0x20 [ 1238.217309] ? INIT_INT+0xc/0x30 [ 1238.217309] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1238.217309] kmsan_memcpy_origins+0x13d/0x190 [ 1238.217309] __msan_memcpy+0x6f/0x80 [ 1238.217309] pskb_expand_head+0x436/0x1d20 [ 1238.217309] tcp_trim_head+0x214/0x9b0 [ 1238.217309] tcp_ack+0x3193/0xa010 [ 1238.217309] tcp_rcv_established+0xf7e/0x2940 [ 1238.217309] ? kmsan_set_origin+0x7f/0x100 [ 1238.217309] ? __msan_get_context_state+0x9/0x20 [ 1238.217309] tcp_v4_do_rcv+0x686/0xd80 [ 1238.217309] ? inet_sk_rx_dst_set+0x200/0x200 [ 1238.217309] __release_sock+0x32d/0x750 [ 1238.217309] release_sock+0x99/0x2a0 [ 1238.217309] sk_stream_wait_memory+0x9cc/0x1430 [ 1238.217309] ? wait_woken+0x5b0/0x5b0 [ 1238.217309] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.217309] tcp_sendmsg+0xb2/0x100 [ 1238.217309] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1238.217309] inet_sendmsg+0x4e9/0x800 [ 1238.217309] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1238.217309] ? security_socket_sendmsg+0x1bd/0x200 [ 1238.217309] ? inet_getname+0x490/0x490 [ 1238.217309] sock_write_iter+0x3f4/0x4f0 [ 1238.217309] ? sock_read_iter+0x4e0/0x4e0 [ 1238.217309] __vfs_write+0x888/0xb80 [ 1238.217309] vfs_write+0x4a3/0x8f0 [ 1238.217309] __se_sys_write+0x17a/0x370 [ 1238.217309] __x64_sys_write+0x4a/0x70 [ 1238.217309] do_syscall_64+0xcf/0x110 [ 1238.217309] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] RIP: 0033:0x457569 [ 1238.217309] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1238.217309] RSP: 002b:00007fe9058c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1238.217309] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1238.217309] RDX: 000000000000ff5a RSI: 0000000020000100 RDI: 0000000000000005 [ 1238.217309] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1238.217309] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe9058c16d4 [ 1238.217309] R13: 00000000004c5893 R14: 00000000004d95a0 R15: 00000000ffffffff [ 1238.217309] Uninit was stored to memory at: [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] __msan_chain_origin+0x6d/0xb0 [ 1238.217309] save_stack_trace+0xfa/0x110 [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] kmsan_memcpy_origins+0x13d/0x190 [ 1238.217309] __msan_memcpy+0x6f/0x80 [ 1238.217309] pskb_expand_head+0x436/0x1d20 [ 1238.217309] tcp_trim_head+0x214/0x9b0 [ 1238.217309] tcp_ack+0x3193/0xa010 [ 1238.217309] tcp_rcv_established+0xf7e/0x2940 [ 1238.217309] tcp_v4_do_rcv+0x686/0xd80 [ 1238.217309] __release_sock+0x32d/0x750 [ 1238.217309] release_sock+0x99/0x2a0 [ 1238.217309] sk_stream_wait_memory+0x9cc/0x1430 [ 1238.217309] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.217309] tcp_sendmsg+0xb2/0x100 [ 1238.217309] inet_sendmsg+0x4e9/0x800 [ 1238.217309] sock_write_iter+0x3f4/0x4f0 [ 1238.217309] __vfs_write+0x888/0xb80 [ 1238.217309] vfs_write+0x4a3/0x8f0 [ 1238.217309] __se_sys_write+0x17a/0x370 [ 1238.217309] __x64_sys_write+0x4a/0x70 [ 1238.217309] do_syscall_64+0xcf/0x110 [ 1238.217309] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] [ 1238.217309] Uninit was stored to memory at: [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] __msan_chain_origin+0x6d/0xb0 [ 1238.217309] __save_stack_trace+0x833/0xc60 [ 1238.217309] save_stack_trace+0xc6/0x110 [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] kmsan_memcpy_origins+0x13d/0x190 [ 1238.217309] __msan_memcpy+0x6f/0x80 [ 1238.217309] pskb_expand_head+0x436/0x1d20 [ 1238.217309] tcp_trim_head+0x214/0x9b0 [ 1238.217309] tcp_ack+0x3193/0xa010 [ 1238.217309] tcp_rcv_established+0xf7e/0x2940 [ 1238.217309] tcp_v4_do_rcv+0x686/0xd80 [ 1238.217309] __release_sock+0x32d/0x750 [ 1238.217309] release_sock+0x99/0x2a0 [ 1238.217309] sk_stream_wait_memory+0x9cc/0x1430 [ 1238.217309] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.217309] tcp_sendmsg+0xb2/0x100 [ 1238.217309] inet_sendmsg+0x4e9/0x800 [ 1238.217309] sock_write_iter+0x3f4/0x4f0 [ 1238.217309] __vfs_write+0x888/0xb80 [ 1238.217309] vfs_write+0x4a3/0x8f0 [ 1238.217309] __se_sys_write+0x17a/0x370 [ 1238.217309] __x64_sys_write+0x4a/0x70 [ 1238.217309] do_syscall_64+0xcf/0x110 [ 1238.217309] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] [ 1238.217309] Uninit was stored to memory at: [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] __msan_chain_origin+0x6d/0xb0 [ 1238.217309] save_stack_trace+0xfa/0x110 [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] kmsan_memcpy_origins+0x13d/0x190 [ 1238.217309] __msan_memcpy+0x6f/0x80 [ 1238.217309] pskb_expand_head+0x436/0x1d20 [ 1238.217309] tcp_trim_head+0x214/0x9b0 [ 1238.217309] tcp_ack+0x3193/0xa010 [ 1238.217309] tcp_rcv_established+0xf7e/0x2940 [ 1238.217309] tcp_v4_do_rcv+0x686/0xd80 [ 1238.217309] __release_sock+0x32d/0x750 [ 1238.217309] release_sock+0x99/0x2a0 [ 1238.217309] sk_stream_wait_memory+0x9cc/0x1430 [ 1238.217309] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.217309] tcp_sendmsg+0xb2/0x100 [ 1238.217309] inet_sendmsg+0x4e9/0x800 [ 1238.217309] sock_write_iter+0x3f4/0x4f0 [ 1238.217309] __vfs_write+0x888/0xb80 [ 1238.217309] vfs_write+0x4a3/0x8f0 [ 1238.217309] __se_sys_write+0x17a/0x370 [ 1238.217309] __x64_sys_write+0x4a/0x70 [ 1238.217309] do_syscall_64+0xcf/0x110 [ 1238.217309] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] [ 1238.217309] Uninit was stored to memory at: [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] __msan_chain_origin+0x6d/0xb0 [ 1238.217309] __save_stack_trace+0x833/0xc60 [ 1238.217309] save_stack_trace+0xc6/0x110 [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] kmsan_memcpy_origins+0x13d/0x190 [ 1238.217309] __msan_memcpy+0x6f/0x80 [ 1238.217309] pskb_expand_head+0x436/0x1d20 [ 1238.217309] tcp_trim_head+0x214/0x9b0 [ 1238.217309] tcp_ack+0x3193/0xa010 [ 1238.217309] tcp_rcv_established+0xf7e/0x2940 [ 1238.217309] tcp_v4_do_rcv+0x686/0xd80 [ 1238.217309] __release_sock+0x32d/0x750 [ 1238.217309] release_sock+0x99/0x2a0 [ 1238.217309] sk_stream_wait_memory+0x9cc/0x1430 [ 1238.217309] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.217309] tcp_sendmsg+0xb2/0x100 [ 1238.217309] inet_sendmsg+0x4e9/0x800 [ 1238.217309] sock_write_iter+0x3f4/0x4f0 [ 1238.217309] __vfs_write+0x888/0xb80 [ 1238.217309] vfs_write+0x4a3/0x8f0 [ 1238.217309] __se_sys_write+0x17a/0x370 [ 1238.217309] __x64_sys_write+0x4a/0x70 [ 1238.217309] do_syscall_64+0xcf/0x110 [ 1238.217309] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] [ 1238.217309] Uninit was stored to memory at: [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] __msan_chain_origin+0x6d/0xb0 [ 1238.217309] save_stack_trace+0xfa/0x110 [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] kmsan_memcpy_origins+0x13d/0x190 [ 1238.217309] __msan_memcpy+0x6f/0x80 [ 1238.217309] pskb_expand_head+0x436/0x1d20 [ 1238.217309] tcp_trim_head+0x214/0x9b0 [ 1238.217309] tcp_ack+0x3193/0xa010 [ 1238.217309] tcp_rcv_established+0xf7e/0x2940 [ 1238.217309] tcp_v4_do_rcv+0x686/0xd80 [ 1238.217309] __release_sock+0x32d/0x750 [ 1238.217309] release_sock+0x99/0x2a0 [ 1238.217309] sk_stream_wait_memory+0x9cc/0x1430 [ 1238.217309] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.217309] tcp_sendmsg+0xb2/0x100 [ 1238.217309] inet_sendmsg+0x4e9/0x800 [ 1238.217309] sock_write_iter+0x3f4/0x4f0 [ 1238.217309] __vfs_write+0x888/0xb80 [ 1238.217309] vfs_write+0x4a3/0x8f0 [ 1238.217309] __se_sys_write+0x17a/0x370 [ 1238.217309] __x64_sys_write+0x4a/0x70 [ 1238.217309] do_syscall_64+0xcf/0x110 [ 1238.217309] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] [ 1238.217309] Uninit was stored to memory at: [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] __msan_chain_origin+0x6d/0xb0 [ 1238.217309] __save_stack_trace+0x833/0xc60 [ 1238.217309] save_stack_trace+0xc6/0x110 [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] kmsan_memcpy_origins+0x13d/0x190 [ 1238.217309] __msan_memcpy+0x6f/0x80 [ 1238.217309] pskb_expand_head+0x436/0x1d20 [ 1238.217309] tcp_trim_head+0x214/0x9b0 [ 1238.217309] tcp_ack+0x3193/0xa010 [ 1238.217309] tcp_rcv_established+0xf7e/0x2940 [ 1238.217309] tcp_v4_do_rcv+0x686/0xd80 [ 1238.217309] __release_sock+0x32d/0x750 [ 1238.217309] release_sock+0x99/0x2a0 [ 1238.217309] sk_stream_wait_memory+0x9cc/0x1430 [ 1238.217309] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.217309] tcp_sendmsg+0xb2/0x100 [ 1238.217309] inet_sendmsg+0x4e9/0x800 [ 1238.217309] sock_write_iter+0x3f4/0x4f0 [ 1238.217309] __vfs_write+0x888/0xb80 [ 1238.217309] vfs_write+0x4a3/0x8f0 [ 1238.217309] __se_sys_write+0x17a/0x370 [ 1238.217309] __x64_sys_write+0x4a/0x70 [ 1238.217309] do_syscall_64+0xcf/0x110 [ 1238.217309] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] [ 1238.217309] Uninit was stored to memory at: [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] __msan_chain_origin+0x6d/0xb0 [ 1238.217309] save_stack_trace+0xfa/0x110 [ 1238.217309] kmsan_internal_chain_origin+0x136/0x240 [ 1238.217309] kmsan_memcpy_origins+0x13d/0x190 [ 1238.217309] __msan_memcpy+0x6f/0x80 [ 1238.217309] pskb_expand_head+0x436/0x1d20 [ 1238.217309] tcp_trim_head+0x214/0x9b0 [ 1238.217309] tcp_ack+0x3193/0xa010 [ 1238.217309] tcp_rcv_established+0xf7e/0x2940 [ 1238.217309] tcp_v4_do_rcv+0x686/0xd80 [ 1238.217309] __release_sock+0x32d/0x750 [ 1238.217309] release_sock+0x99/0x2a0 [ 1238.217309] sk_stream_wait_memory+0x9cc/0x1430 [ 1238.217309] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1238.217309] tcp_sendmsg+0xb2/0x100 [ 1238.217309] inet_sendmsg+0x4e9/0x800 [ 1238.217309] sock_write_iter+0x3f4/0x4f0 14:17:55 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000009b2ae28caace6c9c5c3533480000000000030006000000000002002000ac14ffbb000000000000000003000500000000000200003db28dbebb000000000000000010e34285b23b5a78d1aa465f9c942a8bbb5b8a3b67c1ed4fe9afcd2da64de20fe87f6bbf5d7e8fdd18e3376cf908ae316efe56e00fb35d2d9e2c257ee28f8ce7699c34f0ea8c3d730990318d3ec3741632094db4e255c3cda1c4adbfc4dcebffe7768e089afd245d248716bd3cb951894df7"], 0x80}}, 0x0) socket$key(0xf, 0x3, 0x2) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@multicast2, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast2}}, &(0x7f00000002c0)=0xe8) r4 = getuid() r5 = getegid() r6 = getgid() stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = open(&(0x7f00000006c0)='./file0\x00', 0x240000, 0x0) ioctl$KVM_SET_MP_STATE(r9, 0x4004ae99, &(0x7f0000000700)=0x1) lstat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000a00)) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32=r2, @ANYBLOB="02000200", @ANYRES32=r3, @ANYBLOB="02000100", @ANYRES32=r4, @ANYBLOB="040002000000000008000100", @ANYRES32=r5, @ANYRES16=r8, @ANYRES32=r6, @ANYBLOB="08000300", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000200", @ANYRESOCT=r7, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:56 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1238.217309] __vfs_write+0x888/0xb80 [ 1238.217309] vfs_write+0x4a3/0x8f0 [ 1238.217309] __se_sys_write+0x17a/0x370 [ 1238.217309] __x64_sys_write+0x4a/0x70 [ 1238.217309] do_syscall_64+0xcf/0x110 [ 1238.217309] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1238.217309] [ 1238.217309] Local variable description: ----_tcphdr.i@__dev_queue_xmit [ 1238.217309] Variable was created at: [ 1238.217309] __dev_queue_xmit+0xd0/0x3e00 [ 1238.217309] dev_queue_xmit+0x4b/0x60 [ 1239.425813] not chained 5540000 origins [ 1239.429829] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1239.431656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1239.431656] Call Trace: [ 1239.431656] dump_stack+0x32d/0x480 [ 1239.431656] ? save_stack_trace+0xc6/0x110 [ 1239.431656] kmsan_internal_chain_origin+0x222/0x240 [ 1239.431656] ? kmsan_internal_chain_origin+0x136/0x240 [ 1239.431656] ? __msan_chain_origin+0x6d/0xb0 [ 1239.431656] ? __save_stack_trace+0x8be/0xc60 [ 1239.431656] ? save_stack_trace+0xc6/0x110 [ 1239.431656] ? kmsan_internal_chain_origin+0x136/0x240 [ 1239.482208] ? kmsan_memcpy_origins+0x13d/0x190 [ 1239.482208] ? __msan_memcpy+0x6f/0x80 [ 1239.482208] ? pskb_expand_head+0x436/0x1d20 [ 1239.482208] ? skb_shift+0x29a0/0x2d10 [ 1239.482208] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1239.482208] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.482208] ? tcp_ack+0x2888/0xa010 [ 1239.482208] ? tcp_rcv_established+0xf7e/0x2940 [ 1239.482208] ? tcp_v4_do_rcv+0x686/0xd80 14:17:56 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r8, 0x4010641c, &(0x7f0000000300)={r9, &(0x7f0000000200)=""/244}) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCNXCL(r10, 0x540d) fstat(r8, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000005c0)=0x0, &(0x7f0000000600), &(0x7f0000000640)) write$FUSE_ENTRY(r8, &(0x7f0000000680)={0x90, 0xfffffffffffffffe, 0x2, {0x5, 0x1, 0x5, 0x3, 0x3, 0x5, {0x1, 0x9, 0x7, 0x7, 0x3, 0x9, 0xb4d, 0x0, 0x2, 0x1ff, 0x800, r11, r12, 0x7, 0x1f}}}, 0x90) [ 1239.482208] ? tcp_v4_rcv+0x5a13/0x6520 [ 1239.482208] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1239.482208] ? ip_local_deliver+0x44b/0x510 [ 1239.482208] ? ip_rcv+0x6b6/0x740 [ 1239.482208] ? process_backlog+0x82b/0x11e0 [ 1239.482208] ? net_rx_action+0x98f/0x1d50 [ 1239.482208] ? __do_softirq+0x721/0xc7f [ 1239.482208] ? run_ksoftirqd+0x37/0x60 [ 1239.482208] ? smpboot_thread_fn+0x69c/0xb30 [ 1239.560693] ? kthread+0x5e7/0x620 [ 1239.560693] ? ret_from_fork+0x35/0x40 [ 1239.560693] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1239.560693] ? in_task_stack+0x12c/0x210 [ 1239.560693] ? task_kmsan_context_state+0x51/0x90 [ 1239.560693] ? __msan_get_context_state+0x9/0x20 [ 1239.560693] ? __kernel_text_address+0x19/0x350 [ 1239.560693] ? ret_from_fork+0x35/0x40 [ 1239.560693] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1239.560693] ? in_task_stack+0x12c/0x210 [ 1239.560693] __msan_chain_origin+0x6d/0xb0 [ 1239.560693] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1239.560693] __save_stack_trace+0x8be/0xc60 [ 1239.560693] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1239.560693] save_stack_trace+0xc6/0x110 [ 1239.560693] kmsan_internal_chain_origin+0x136/0x240 [ 1239.560693] ? run_ksoftirqd+0x37/0x60 [ 1239.560693] ? kmsan_internal_chain_origin+0x136/0x240 [ 1239.560693] ? kmsan_memcpy_origins+0x13d/0x190 [ 1239.560693] ? __msan_memcpy+0x6f/0x80 [ 1239.560693] ? pskb_expand_head+0x436/0x1d20 [ 1239.560693] ? skb_shift+0x29a0/0x2d10 [ 1239.560693] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1239.560693] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.560693] ? tcp_ack+0x2888/0xa010 [ 1239.560693] ? tcp_rcv_established+0xf7e/0x2940 [ 1239.560693] ? tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] ? tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ? ip_local_deliver+0x44b/0x510 [ 1239.681834] ? ip_rcv+0x6b6/0x740 [ 1239.681834] ? process_backlog+0x82b/0x11e0 [ 1239.681834] ? net_rx_action+0x98f/0x1d50 [ 1239.681834] ? __do_softirq+0x721/0xc7f [ 1239.681834] ? run_ksoftirqd+0x37/0x60 [ 1239.681834] ? smpboot_thread_fn+0x69c/0xb30 [ 1239.681834] ? kthread+0x5e7/0x620 [ 1239.681834] ? ret_from_fork+0x35/0x40 [ 1239.681834] ? __msan_get_context_state+0x9/0x20 [ 1239.681834] ? INIT_INT+0xc/0x30 [ 1239.681834] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1239.681834] kmsan_memcpy_origins+0x13d/0x190 [ 1239.681834] __msan_memcpy+0x6f/0x80 [ 1239.681834] pskb_expand_head+0x436/0x1d20 [ 1239.681834] skb_shift+0x29a0/0x2d10 [ 1239.681834] tcp_sacktag_walk+0x2156/0x29d0 [ 1239.681834] tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.681834] tcp_ack+0x2888/0xa010 [ 1239.681834] ? tcp_parse_options+0xbe/0x1cf0 [ 1239.681834] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1239.681834] ? tcp_parse_options+0x1c55/0x1cf0 [ 1239.681834] tcp_rcv_established+0xf7e/0x2940 [ 1239.681834] ? __msan_get_context_state+0x9/0x20 [ 1239.681834] tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ? tcp_filter+0x260/0x260 [ 1239.681834] ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ? nf_hook_slow+0x36f/0x3d0 [ 1239.681834] ip_local_deliver+0x44b/0x510 [ 1239.681834] ? ip_local_deliver+0x510/0x510 [ 1239.681834] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1239.681834] ip_rcv+0x6b6/0x740 [ 1239.681834] ? ip_rcv_core+0x1370/0x1370 [ 1239.681834] process_backlog+0x82b/0x11e0 [ 1239.681834] ? ip_local_deliver_finish+0xff0/0xff0 [ 1239.681834] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1239.681834] net_rx_action+0x98f/0x1d50 [ 1239.681834] ? net_tx_action+0xf20/0xf20 [ 1239.681834] __do_softirq+0x721/0xc7f [ 1239.681834] ? ksoftirqd_should_run+0x50/0x50 [ 1239.681834] run_ksoftirqd+0x37/0x60 [ 1239.681834] smpboot_thread_fn+0x69c/0xb30 [ 1239.681834] kthread+0x5e7/0x620 [ 1239.681834] ? cpu_report_death+0x4a0/0x4a0 [ 1239.681834] ? INIT_BOOL+0x30/0x30 [ 1239.681834] ret_from_fork+0x35/0x40 [ 1239.681834] Uninit was stored to memory at: [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] __msan_chain_origin+0x6d/0xb0 [ 1239.681834] __save_stack_trace+0x8be/0xc60 [ 1239.681834] save_stack_trace+0xc6/0x110 [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] kmsan_memcpy_origins+0x13d/0x190 [ 1239.681834] __msan_memcpy+0x6f/0x80 [ 1239.681834] pskb_expand_head+0x436/0x1d20 [ 1239.681834] skb_shift+0x29a0/0x2d10 [ 1239.681834] tcp_sacktag_walk+0x2156/0x29d0 [ 1239.681834] tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.681834] tcp_ack+0x2888/0xa010 [ 1239.681834] tcp_rcv_established+0xf7e/0x2940 [ 1239.681834] tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ip_local_deliver+0x44b/0x510 [ 1239.681834] ip_rcv+0x6b6/0x740 [ 1239.681834] process_backlog+0x82b/0x11e0 [ 1239.681834] net_rx_action+0x98f/0x1d50 [ 1239.681834] __do_softirq+0x721/0xc7f [ 1239.681834] [ 1239.681834] Uninit was stored to memory at: [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] __msan_chain_origin+0x6d/0xb0 [ 1239.681834] __save_stack_trace+0x8be/0xc60 [ 1239.681834] save_stack_trace+0xc6/0x110 [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] kmsan_memcpy_origins+0x13d/0x190 [ 1239.681834] __msan_memcpy+0x6f/0x80 [ 1239.681834] pskb_expand_head+0x436/0x1d20 [ 1239.681834] skb_shift+0x29a0/0x2d10 [ 1239.681834] tcp_sacktag_walk+0x2156/0x29d0 [ 1239.681834] tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.681834] tcp_ack+0x2888/0xa010 [ 1239.681834] tcp_rcv_established+0xf7e/0x2940 [ 1239.681834] tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ip_local_deliver+0x44b/0x510 [ 1239.681834] ip_rcv+0x6b6/0x740 [ 1239.681834] process_backlog+0x82b/0x11e0 [ 1239.681834] net_rx_action+0x98f/0x1d50 [ 1239.681834] __do_softirq+0x721/0xc7f [ 1239.681834] [ 1239.681834] Uninit was stored to memory at: [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] __msan_chain_origin+0x6d/0xb0 [ 1239.681834] __save_stack_trace+0x8be/0xc60 [ 1239.681834] save_stack_trace+0xc6/0x110 [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] kmsan_memcpy_origins+0x13d/0x190 [ 1239.681834] __msan_memcpy+0x6f/0x80 [ 1239.681834] pskb_expand_head+0x436/0x1d20 [ 1239.681834] skb_shift+0x29a0/0x2d10 [ 1239.681834] tcp_sacktag_walk+0x2156/0x29d0 [ 1239.681834] tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.681834] tcp_ack+0x2888/0xa010 [ 1239.681834] tcp_rcv_established+0xf7e/0x2940 [ 1239.681834] tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ip_local_deliver+0x44b/0x510 [ 1239.681834] ip_rcv+0x6b6/0x740 [ 1239.681834] process_backlog+0x82b/0x11e0 [ 1239.681834] net_rx_action+0x98f/0x1d50 [ 1239.681834] __do_softirq+0x721/0xc7f [ 1239.681834] [ 1239.681834] Uninit was stored to memory at: [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] __msan_chain_origin+0x6d/0xb0 [ 1239.681834] __save_stack_trace+0x8be/0xc60 [ 1239.681834] save_stack_trace+0xc6/0x110 [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] kmsan_memcpy_origins+0x13d/0x190 [ 1239.681834] __msan_memcpy+0x6f/0x80 [ 1239.681834] pskb_expand_head+0x436/0x1d20 [ 1239.681834] skb_shift+0x29a0/0x2d10 [ 1239.681834] tcp_sacktag_walk+0x2156/0x29d0 [ 1239.681834] tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.681834] tcp_ack+0x2888/0xa010 [ 1239.681834] tcp_rcv_established+0xf7e/0x2940 [ 1239.681834] tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ip_local_deliver+0x44b/0x510 [ 1239.681834] ip_rcv+0x6b6/0x740 [ 1239.681834] process_backlog+0x82b/0x11e0 [ 1239.681834] net_rx_action+0x98f/0x1d50 [ 1239.681834] __do_softirq+0x721/0xc7f [ 1239.681834] [ 1239.681834] Uninit was stored to memory at: [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] __msan_chain_origin+0x6d/0xb0 [ 1239.681834] __save_stack_trace+0x8be/0xc60 [ 1239.681834] save_stack_trace+0xc6/0x110 [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] kmsan_memcpy_origins+0x13d/0x190 [ 1239.681834] __msan_memcpy+0x6f/0x80 [ 1239.681834] pskb_expand_head+0x436/0x1d20 [ 1239.681834] skb_shift+0x29a0/0x2d10 [ 1239.681834] tcp_sacktag_walk+0x2156/0x29d0 [ 1239.681834] tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.681834] tcp_ack+0x2888/0xa010 [ 1239.681834] tcp_rcv_established+0xf7e/0x2940 [ 1239.681834] tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ip_local_deliver+0x44b/0x510 [ 1239.681834] ip_rcv+0x6b6/0x740 [ 1239.681834] process_backlog+0x82b/0x11e0 [ 1239.681834] net_rx_action+0x98f/0x1d50 [ 1239.681834] __do_softirq+0x721/0xc7f [ 1239.681834] [ 1239.681834] Uninit was stored to memory at: [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] __msan_chain_origin+0x6d/0xb0 [ 1239.681834] __save_stack_trace+0x8be/0xc60 [ 1239.681834] save_stack_trace+0xc6/0x110 [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] kmsan_memcpy_origins+0x13d/0x190 [ 1239.681834] __msan_memcpy+0x6f/0x80 [ 1239.681834] pskb_expand_head+0x436/0x1d20 [ 1239.681834] skb_shift+0x29a0/0x2d10 [ 1239.681834] tcp_sacktag_walk+0x2156/0x29d0 [ 1239.681834] tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.681834] tcp_ack+0x2888/0xa010 [ 1239.681834] tcp_rcv_established+0xf7e/0x2940 [ 1239.681834] tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ip_local_deliver+0x44b/0x510 [ 1239.681834] ip_rcv+0x6b6/0x740 [ 1239.681834] process_backlog+0x82b/0x11e0 [ 1239.681834] net_rx_action+0x98f/0x1d50 [ 1239.681834] __do_softirq+0x721/0xc7f [ 1239.681834] [ 1239.681834] Uninit was stored to memory at: [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] __msan_chain_origin+0x6d/0xb0 [ 1239.681834] __save_stack_trace+0x8be/0xc60 [ 1239.681834] save_stack_trace+0xc6/0x110 [ 1239.681834] kmsan_internal_chain_origin+0x136/0x240 [ 1239.681834] kmsan_memcpy_origins+0x13d/0x190 [ 1239.681834] __msan_memcpy+0x6f/0x80 [ 1239.681834] pskb_expand_head+0x436/0x1d20 [ 1239.681834] skb_shift+0x29a0/0x2d10 [ 1239.681834] tcp_sacktag_walk+0x2156/0x29d0 [ 1239.681834] tcp_sacktag_write_queue+0x2805/0x4630 [ 1239.681834] tcp_ack+0x2888/0xa010 [ 1239.681834] tcp_rcv_established+0xf7e/0x2940 [ 1239.681834] tcp_v4_do_rcv+0x686/0xd80 [ 1239.681834] tcp_v4_rcv+0x5a13/0x6520 [ 1239.681834] ip_local_deliver_finish+0x8d8/0xff0 [ 1239.681834] ip_local_deliver+0x44b/0x510 [ 1239.681834] ip_rcv+0x6b6/0x740 [ 1239.681834] process_backlog+0x82b/0x11e0 [ 1239.681834] net_rx_action+0x98f/0x1d50 [ 1239.681834] __do_softirq+0x721/0xc7f [ 1239.681834] [ 1239.681834] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1239.681834] Variable was created at: [ 1239.681834] ipv4_conntrack_local+0x75/0x470 [ 1239.681834] nf_hook_slow+0x15c/0x3d0 [ 1240.587195] not chained 5550000 origins [ 1240.591219] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1240.591657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1240.591657] Call Trace: [ 1240.591657] dump_stack+0x32d/0x480 [ 1240.591657] kmsan_internal_chain_origin+0x222/0x240 [ 1240.591657] ? kmsan_set_origin+0x7f/0x100 [ 1240.591657] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1240.591657] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1240.591657] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1240.591657] ? in_task_stack+0x12c/0x210 [ 1240.591657] ? task_kmsan_context_state+0x51/0x90 [ 1240.591657] ? __msan_get_context_state+0x9/0x20 [ 1240.591657] ? __kernel_text_address+0x19/0x350 [ 1240.591657] ? ret_from_fork+0x35/0x40 [ 1240.591657] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1240.591657] ? in_task_stack+0x12c/0x210 [ 1240.591657] __msan_chain_origin+0x6d/0xb0 [ 1240.591657] ? kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __save_stack_trace+0x8be/0xc60 [ 1240.591657] ? kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] save_stack_trace+0xc6/0x110 [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] ? run_ksoftirqd+0x37/0x60 [ 1240.591657] ? kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] ? kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] ? __msan_memcpy+0x6f/0x80 [ 1240.591657] ? pskb_expand_head+0x436/0x1d20 [ 1240.591657] ? skb_shift+0xce2/0x2d10 [ 1240.591657] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] ? tcp_ack+0x2888/0xa010 [ 1240.591657] ? tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] ? tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] ? tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ? ip_local_deliver+0x44b/0x510 [ 1240.591657] ? ip_rcv+0x6b6/0x740 [ 1240.591657] ? process_backlog+0x82b/0x11e0 [ 1240.591657] ? net_rx_action+0x98f/0x1d50 [ 1240.591657] ? __do_softirq+0x721/0xc7f [ 1240.591657] ? run_ksoftirqd+0x37/0x60 [ 1240.591657] ? smpboot_thread_fn+0x69c/0xb30 [ 1240.591657] ? kthread+0x5e7/0x620 [ 1240.591657] ? ret_from_fork+0x35/0x40 [ 1240.591657] ? __msan_get_context_state+0x9/0x20 [ 1240.591657] ? INIT_INT+0xc/0x30 [ 1240.591657] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1240.591657] kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __msan_memcpy+0x6f/0x80 [ 1240.591657] pskb_expand_head+0x436/0x1d20 [ 1240.591657] skb_shift+0xce2/0x2d10 [ 1240.591657] tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] tcp_ack+0x2888/0xa010 [ 1240.591657] ? tcp_parse_options+0xbe/0x1cf0 [ 1240.591657] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1240.591657] ? tcp_parse_options+0x1c55/0x1cf0 [ 1240.591657] tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] ? __msan_get_context_state+0x9/0x20 [ 1240.591657] tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ? tcp_filter+0x260/0x260 [ 1240.591657] ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ? nf_hook_slow+0x36f/0x3d0 [ 1240.591657] ip_local_deliver+0x44b/0x510 [ 1240.591657] ? ip_local_deliver+0x510/0x510 [ 1240.591657] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1240.591657] ip_rcv+0x6b6/0x740 [ 1240.591657] ? ip_rcv_core+0x1370/0x1370 [ 1240.591657] process_backlog+0x82b/0x11e0 [ 1240.591657] ? ip_local_deliver_finish+0xff0/0xff0 [ 1240.591657] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1240.591657] net_rx_action+0x98f/0x1d50 [ 1240.591657] ? net_tx_action+0xf20/0xf20 [ 1240.591657] __do_softirq+0x721/0xc7f [ 1240.591657] ? ksoftirqd_should_run+0x50/0x50 [ 1240.591657] run_ksoftirqd+0x37/0x60 [ 1240.591657] smpboot_thread_fn+0x69c/0xb30 [ 1240.591657] kthread+0x5e7/0x620 [ 1240.591657] ? cpu_report_death+0x4a0/0x4a0 [ 1240.591657] ? INIT_BOOL+0x30/0x30 [ 1240.591657] ret_from_fork+0x35/0x40 [ 1240.591657] Uninit was stored to memory at: [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] __msan_chain_origin+0x6d/0xb0 [ 1240.591657] __save_stack_trace+0x8be/0xc60 [ 1240.591657] save_stack_trace+0xc6/0x110 [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __msan_memcpy+0x6f/0x80 [ 1240.591657] pskb_expand_head+0x436/0x1d20 [ 1240.591657] skb_shift+0x29a0/0x2d10 [ 1240.591657] tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] tcp_ack+0x2888/0xa010 [ 1240.591657] tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ip_local_deliver+0x44b/0x510 [ 1240.591657] ip_rcv+0x6b6/0x740 [ 1240.591657] process_backlog+0x82b/0x11e0 [ 1240.591657] net_rx_action+0x98f/0x1d50 [ 1240.591657] __do_softirq+0x721/0xc7f [ 1240.591657] [ 1240.591657] Uninit was stored to memory at: [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] __msan_chain_origin+0x6d/0xb0 [ 1240.591657] __save_stack_trace+0x8be/0xc60 [ 1240.591657] save_stack_trace+0xc6/0x110 [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __msan_memcpy+0x6f/0x80 [ 1240.591657] pskb_expand_head+0x436/0x1d20 [ 1240.591657] skb_shift+0x29a0/0x2d10 [ 1240.591657] tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] tcp_ack+0x2888/0xa010 [ 1240.591657] tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ip_local_deliver+0x44b/0x510 [ 1240.591657] ip_rcv+0x6b6/0x740 [ 1240.591657] process_backlog+0x82b/0x11e0 [ 1240.591657] net_rx_action+0x98f/0x1d50 [ 1240.591657] __do_softirq+0x721/0xc7f [ 1240.591657] [ 1240.591657] Uninit was stored to memory at: [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] __msan_chain_origin+0x6d/0xb0 [ 1240.591657] __save_stack_trace+0x8be/0xc60 [ 1240.591657] save_stack_trace+0xc6/0x110 [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __msan_memcpy+0x6f/0x80 [ 1240.591657] pskb_expand_head+0x436/0x1d20 [ 1240.591657] skb_shift+0x29a0/0x2d10 [ 1240.591657] tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] tcp_ack+0x2888/0xa010 [ 1240.591657] tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ip_local_deliver+0x44b/0x510 [ 1240.591657] ip_rcv+0x6b6/0x740 [ 1240.591657] process_backlog+0x82b/0x11e0 [ 1240.591657] net_rx_action+0x98f/0x1d50 [ 1240.591657] __do_softirq+0x721/0xc7f [ 1240.591657] [ 1240.591657] Uninit was stored to memory at: [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] __msan_chain_origin+0x6d/0xb0 [ 1240.591657] __save_stack_trace+0x8be/0xc60 [ 1240.591657] save_stack_trace+0xc6/0x110 [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __msan_memcpy+0x6f/0x80 [ 1240.591657] pskb_expand_head+0x436/0x1d20 [ 1240.591657] skb_shift+0x29a0/0x2d10 [ 1240.591657] tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] tcp_ack+0x2888/0xa010 [ 1240.591657] tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ip_local_deliver+0x44b/0x510 [ 1240.591657] ip_rcv+0x6b6/0x740 [ 1240.591657] process_backlog+0x82b/0x11e0 [ 1240.591657] net_rx_action+0x98f/0x1d50 [ 1240.591657] __do_softirq+0x721/0xc7f [ 1240.591657] [ 1240.591657] Uninit was stored to memory at: [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] __msan_chain_origin+0x6d/0xb0 [ 1240.591657] __save_stack_trace+0x8be/0xc60 [ 1240.591657] save_stack_trace+0xc6/0x110 [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __msan_memcpy+0x6f/0x80 [ 1240.591657] pskb_expand_head+0x436/0x1d20 [ 1240.591657] skb_shift+0x29a0/0x2d10 [ 1240.591657] tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] tcp_ack+0x2888/0xa010 [ 1240.591657] tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ip_local_deliver+0x44b/0x510 [ 1240.591657] ip_rcv+0x6b6/0x740 [ 1240.591657] process_backlog+0x82b/0x11e0 [ 1240.591657] net_rx_action+0x98f/0x1d50 [ 1240.591657] __do_softirq+0x721/0xc7f [ 1240.591657] [ 1240.591657] Uninit was stored to memory at: [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] __msan_chain_origin+0x6d/0xb0 [ 1240.591657] __save_stack_trace+0x8be/0xc60 [ 1240.591657] save_stack_trace+0xc6/0x110 [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __msan_memcpy+0x6f/0x80 [ 1240.591657] pskb_expand_head+0x436/0x1d20 [ 1240.591657] skb_shift+0x29a0/0x2d10 [ 1240.591657] tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] tcp_ack+0x2888/0xa010 [ 1240.591657] tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ip_local_deliver+0x44b/0x510 [ 1240.591657] ip_rcv+0x6b6/0x740 [ 1240.591657] process_backlog+0x82b/0x11e0 [ 1240.591657] net_rx_action+0x98f/0x1d50 [ 1240.591657] __do_softirq+0x721/0xc7f [ 1240.591657] [ 1240.591657] Uninit was stored to memory at: [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] __msan_chain_origin+0x6d/0xb0 [ 1240.591657] __save_stack_trace+0x8be/0xc60 [ 1240.591657] save_stack_trace+0xc6/0x110 [ 1240.591657] kmsan_internal_chain_origin+0x136/0x240 [ 1240.591657] kmsan_memcpy_origins+0x13d/0x190 [ 1240.591657] __msan_memcpy+0x6f/0x80 [ 1240.591657] pskb_expand_head+0x436/0x1d20 [ 1240.591657] skb_shift+0x29a0/0x2d10 [ 1240.591657] tcp_sacktag_walk+0x2156/0x29d0 [ 1240.591657] tcp_sacktag_write_queue+0x2805/0x4630 [ 1240.591657] tcp_ack+0x2888/0xa010 [ 1240.591657] tcp_rcv_established+0xf7e/0x2940 [ 1240.591657] tcp_v4_do_rcv+0x686/0xd80 [ 1240.591657] tcp_v4_rcv+0x5a13/0x6520 [ 1240.591657] ip_local_deliver_finish+0x8d8/0xff0 [ 1240.591657] ip_local_deliver+0x44b/0x510 [ 1240.591657] ip_rcv+0x6b6/0x740 [ 1240.591657] process_backlog+0x82b/0x11e0 [ 1240.591657] net_rx_action+0x98f/0x1d50 [ 1240.591657] __do_softirq+0x721/0xc7f [ 1240.591657] [ 1240.591657] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1240.591657] Variable was created at: [ 1240.591657] ipv4_conntrack_local+0x75/0x470 [ 1240.591657] nf_hook_slow+0x15c/0x3d0 14:17:58 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32], 0x14, 0x100000000000) 14:17:58 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000009b2ae28caace6c9c5c3533480000000000030006000000000002002000ac14ffbb000000000000000003000500000000000200003db28dbebb000000000000000010e34285b23b5a78d1aa465f9c942a8bbb5b8a3b67c1ed4fe9afcd2da64de20fe87f6bbf5d7e8fdd18e3376cf908ae316efe56e00fb35d2d9e2c257ee28f8ce7699c34f0ea8c3d730990318d3ec3741632094db4e255c3cda1c4adbfc4dcebffe7768e089afd245d248716bd3cb951894df7"], 0x80}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@multicast2, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast2}}, &(0x7f00000002c0)=0xe8) r5 = getuid() r6 = getegid() r7 = getgid() stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r10 = open(&(0x7f00000006c0)='./file0\x00', 0x240000, 0x0) ioctl$KVM_SET_MP_STATE(r10, 0x4004ae99, &(0x7f0000000700)=0x1) lstat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000a00)) fstat(r2, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32=r3, @ANYBLOB="02000200", @ANYRES32=r4, @ANYBLOB="02000100", @ANYRES32=r5, @ANYBLOB="040002000000000008000100", @ANYRES32=r6, @ANYRES16=r9, @ANYRES32=r7, @ANYBLOB="08000300", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="08000200", @ANYRESOCT=r8, @ANYBLOB="080f2200", @ANYRES32=r11, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000100000000002000020000000000"], 0x15, 0x100000000000) 14:17:58 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1242.071241] not chained 5560000 origins [ 1242.071664] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1242.071664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1242.071664] Call Trace: [ 1242.092496] dump_stack+0x32d/0x480 [ 1242.092496] ? save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x222/0x240 [ 1242.092496] ? kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] ? __msan_chain_origin+0x6d/0xb0 [ 1242.092496] ? __save_stack_trace+0x8be/0xc60 [ 1242.092496] ? save_stack_trace+0xc6/0x110 [ 1242.092496] ? kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] ? kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] ? __msan_memcpy+0x6f/0x80 [ 1242.092496] ? pskb_expand_head+0x436/0x1d20 [ 1242.092496] ? skb_shift+0xce2/0x2d10 [ 1242.092496] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] ? tcp_ack+0x2888/0xa010 [ 1242.092496] ? tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] ? tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] ? tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ? ip_local_deliver+0x44b/0x510 [ 1242.092496] ? ip_rcv+0x6b6/0x740 [ 1242.092496] ? process_backlog+0x82b/0x11e0 [ 1242.092496] ? net_rx_action+0x98f/0x1d50 [ 1242.092496] ? __do_softirq+0x721/0xc7f [ 1242.092496] ? run_ksoftirqd+0x37/0x60 [ 1242.092496] ? smpboot_thread_fn+0x69c/0xb30 [ 1242.092496] ? kthread+0x5e7/0x620 [ 1242.092496] ? ret_from_fork+0x35/0x40 [ 1242.092496] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1242.092496] ? in_task_stack+0x12c/0x210 [ 1242.092496] ? task_kmsan_context_state+0x51/0x90 [ 1242.092496] ? __msan_get_context_state+0x9/0x20 [ 1242.092496] ? __kernel_text_address+0x19/0x350 [ 1242.092496] ? ret_from_fork+0x35/0x40 [ 1242.092496] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1242.092496] ? in_task_stack+0x12c/0x210 [ 1242.092496] __msan_chain_origin+0x6d/0xb0 [ 1242.092496] ? tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] __save_stack_trace+0x8be/0xc60 [ 1242.092496] ? tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] ? run_ksoftirqd+0x37/0x60 [ 1242.092496] ? kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] ? kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] ? __msan_memcpy+0x6f/0x80 [ 1242.092496] ? pskb_expand_head+0x436/0x1d20 [ 1242.092496] ? skb_shift+0xce2/0x2d10 [ 1242.092496] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] ? tcp_ack+0x2888/0xa010 [ 1242.092496] ? tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] ? tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] ? tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ? ip_local_deliver+0x44b/0x510 [ 1242.092496] ? ip_rcv+0x6b6/0x740 [ 1242.092496] ? process_backlog+0x82b/0x11e0 [ 1242.092496] ? net_rx_action+0x98f/0x1d50 [ 1242.092496] ? __do_softirq+0x721/0xc7f [ 1242.092496] ? run_ksoftirqd+0x37/0x60 [ 1242.092496] ? smpboot_thread_fn+0x69c/0xb30 [ 1242.092496] ? kthread+0x5e7/0x620 [ 1242.092496] ? ret_from_fork+0x35/0x40 [ 1242.092496] ? __msan_get_context_state+0x9/0x20 [ 1242.092496] ? INIT_INT+0xc/0x30 [ 1242.092496] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1242.092496] kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] __msan_memcpy+0x6f/0x80 [ 1242.092496] pskb_expand_head+0x436/0x1d20 [ 1242.092496] skb_shift+0xce2/0x2d10 [ 1242.092496] tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] tcp_ack+0x2888/0xa010 [ 1242.092496] ? tcp_parse_options+0xbe/0x1cf0 [ 1242.092496] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1242.092496] ? tcp_parse_options+0x1c55/0x1cf0 [ 1242.092496] tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] ? __msan_get_context_state+0x9/0x20 [ 1242.092496] tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ? tcp_filter+0x260/0x260 [ 1242.092496] ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ? nf_hook_slow+0x36f/0x3d0 [ 1242.092496] ip_local_deliver+0x44b/0x510 [ 1242.092496] ? ip_local_deliver+0x510/0x510 [ 1242.092496] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1242.092496] ip_rcv+0x6b6/0x740 [ 1242.092496] ? ip_rcv_core+0x1370/0x1370 [ 1242.092496] process_backlog+0x82b/0x11e0 [ 1242.092496] ? __msan_get_context_state+0x9/0x20 [ 1242.092496] ? ip_local_deliver_finish+0xff0/0xff0 [ 1242.092496] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1242.092496] net_rx_action+0x98f/0x1d50 [ 1242.092496] ? net_tx_action+0xf20/0xf20 [ 1242.092496] __do_softirq+0x721/0xc7f [ 1242.092496] ? ksoftirqd_should_run+0x50/0x50 [ 1242.092496] run_ksoftirqd+0x37/0x60 [ 1242.092496] smpboot_thread_fn+0x69c/0xb30 [ 1242.092496] kthread+0x5e7/0x620 [ 1242.092496] ? cpu_report_death+0x4a0/0x4a0 [ 1242.092496] ? INIT_BOOL+0x30/0x30 [ 1242.092496] ret_from_fork+0x35/0x40 [ 1242.092496] Uninit was stored to memory at: [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] __msan_chain_origin+0x6d/0xb0 [ 1242.092496] __save_stack_trace+0x8be/0xc60 [ 1242.092496] save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] __msan_memcpy+0x6f/0x80 [ 1242.092496] pskb_expand_head+0x436/0x1d20 [ 1242.092496] skb_shift+0xce2/0x2d10 [ 1242.092496] tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] tcp_ack+0x2888/0xa010 [ 1242.092496] tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ip_local_deliver+0x44b/0x510 [ 1242.092496] ip_rcv+0x6b6/0x740 [ 1242.092496] process_backlog+0x82b/0x11e0 [ 1242.092496] net_rx_action+0x98f/0x1d50 [ 1242.092496] __do_softirq+0x721/0xc7f [ 1242.092496] [ 1242.092496] Uninit was stored to memory at: [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] __msan_chain_origin+0x6d/0xb0 [ 1242.092496] __save_stack_trace+0x8be/0xc60 [ 1242.092496] save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] __msan_memcpy+0x6f/0x80 [ 1242.092496] pskb_expand_head+0x436/0x1d20 [ 1242.092496] skb_shift+0xce2/0x2d10 [ 1242.092496] tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] tcp_ack+0x2888/0xa010 [ 1242.092496] tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ip_local_deliver+0x44b/0x510 [ 1242.092496] ip_rcv+0x6b6/0x740 [ 1242.092496] process_backlog+0x82b/0x11e0 [ 1242.092496] net_rx_action+0x98f/0x1d50 [ 1242.092496] __do_softirq+0x721/0xc7f [ 1242.092496] [ 1242.092496] Uninit was stored to memory at: [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] __msan_chain_origin+0x6d/0xb0 [ 1242.092496] __save_stack_trace+0x8be/0xc60 [ 1242.092496] save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] __msan_memcpy+0x6f/0x80 [ 1242.092496] pskb_expand_head+0x436/0x1d20 [ 1242.092496] skb_shift+0xce2/0x2d10 [ 1242.092496] tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] tcp_ack+0x2888/0xa010 [ 1242.092496] tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ip_local_deliver+0x44b/0x510 [ 1242.092496] ip_rcv+0x6b6/0x740 [ 1242.092496] process_backlog+0x82b/0x11e0 [ 1242.092496] net_rx_action+0x98f/0x1d50 [ 1242.092496] __do_softirq+0x721/0xc7f [ 1242.092496] [ 1242.092496] Uninit was stored to memory at: [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] __msan_chain_origin+0x6d/0xb0 [ 1242.092496] __save_stack_trace+0x8be/0xc60 [ 1242.092496] save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] __msan_memcpy+0x6f/0x80 [ 1242.092496] pskb_expand_head+0x436/0x1d20 [ 1242.092496] skb_shift+0xce2/0x2d10 [ 1242.092496] tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] tcp_ack+0x2888/0xa010 [ 1242.092496] tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ip_local_deliver+0x44b/0x510 [ 1242.092496] ip_rcv+0x6b6/0x740 [ 1242.092496] process_backlog+0x82b/0x11e0 [ 1242.092496] net_rx_action+0x98f/0x1d50 [ 1242.092496] __do_softirq+0x721/0xc7f [ 1242.092496] [ 1242.092496] Uninit was stored to memory at: [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] __msan_chain_origin+0x6d/0xb0 [ 1242.092496] __save_stack_trace+0x8be/0xc60 [ 1242.092496] save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] __msan_memcpy+0x6f/0x80 [ 1242.092496] pskb_expand_head+0x436/0x1d20 [ 1242.092496] skb_shift+0xce2/0x2d10 [ 1242.092496] tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] tcp_ack+0x2888/0xa010 [ 1242.092496] tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ip_local_deliver+0x44b/0x510 [ 1242.092496] ip_rcv+0x6b6/0x740 [ 1242.092496] process_backlog+0x82b/0x11e0 [ 1242.092496] net_rx_action+0x98f/0x1d50 [ 1242.092496] __do_softirq+0x721/0xc7f [ 1242.092496] [ 1242.092496] Uninit was stored to memory at: [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] __msan_chain_origin+0x6d/0xb0 [ 1242.092496] __save_stack_trace+0x8be/0xc60 [ 1242.092496] save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] __msan_memcpy+0x6f/0x80 [ 1242.092496] pskb_expand_head+0x436/0x1d20 [ 1242.092496] skb_shift+0xce2/0x2d10 [ 1242.092496] tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] tcp_ack+0x2888/0xa010 [ 1242.092496] tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ip_local_deliver+0x44b/0x510 [ 1242.092496] ip_rcv+0x6b6/0x740 [ 1242.092496] process_backlog+0x82b/0x11e0 [ 1242.092496] net_rx_action+0x98f/0x1d50 [ 1242.092496] __do_softirq+0x721/0xc7f [ 1242.092496] [ 1242.092496] Uninit was stored to memory at: [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] __msan_chain_origin+0x6d/0xb0 [ 1242.092496] __save_stack_trace+0x8be/0xc60 [ 1242.092496] save_stack_trace+0xc6/0x110 [ 1242.092496] kmsan_internal_chain_origin+0x136/0x240 [ 1242.092496] kmsan_memcpy_origins+0x13d/0x190 [ 1242.092496] __msan_memcpy+0x6f/0x80 [ 1242.092496] pskb_expand_head+0x436/0x1d20 [ 1242.092496] skb_shift+0xce2/0x2d10 [ 1242.092496] tcp_sacktag_walk+0x2156/0x29d0 [ 1242.092496] tcp_sacktag_write_queue+0x2805/0x4630 [ 1242.092496] tcp_ack+0x2888/0xa010 [ 1242.092496] tcp_rcv_established+0xf7e/0x2940 [ 1242.092496] tcp_v4_do_rcv+0x686/0xd80 [ 1242.092496] tcp_v4_rcv+0x5a13/0x6520 [ 1242.092496] ip_local_deliver_finish+0x8d8/0xff0 [ 1242.092496] ip_local_deliver+0x44b/0x510 [ 1242.092496] ip_rcv+0x6b6/0x740 [ 1242.092496] process_backlog+0x82b/0x11e0 [ 1242.092496] net_rx_action+0x98f/0x1d50 [ 1242.092496] __do_softirq+0x721/0xc7f [ 1242.092496] [ 1242.092496] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1242.092496] Variable was created at: [ 1242.092496] ipv4_conntrack_local+0x75/0x470 [ 1242.092496] nf_hook_slow+0x15c/0x3d0 14:18:00 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x2) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:00 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32], 0x14, 0x100000000000) 14:18:00 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x5, 0x208840) write$FUSE_BMAP(r1, &(0x7f0000000140)={0x18, 0x0, 0x1, {0x5}}, 0x18) 14:18:00 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r8, 0x4010641c, &(0x7f0000000300)={r9, &(0x7f0000000200)=""/244}) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCNXCL(r10, 0x540d) fstat(r8, &(0x7f0000000540)) getresgid(&(0x7f00000005c0), &(0x7f0000000600), &(0x7f0000000640)) 14:18:00 executing program 1: r0 = accept$inet(0xffffffffffffff9c, &(0x7f00000003c0), &(0x7f0000000400)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffff9c, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={0x0}, &(0x7f0000000480)=0x8) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000004c0)={r1, 0x3, 0xfffffffffffffff8, 0xbceb, 0x100000000, 0xff}, 0x14) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0xd9) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r3, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x8, 0x3, 0x0, 0xe8}]}, 0xfffffffffffffe19) sendto$inet(r3, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', 0x20000, 0x30) setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000780)={0x81, {{0xa, 0x4e22, 0x0, @local, 0x5}}, 0x1, 0x4, [{{0xa, 0x4e21, 0x3, @loopback, 0xfffffffffffffffb}}, {{0xa, 0x4e22, 0x1, @mcast1, 0x4ed2}}, {{0xa, 0x4e20, 0x3f, @ipv4={[], [], @loopback}, 0x5}}, {{0xa, 0x4e21, 0xfffffffffffffbff, @empty, 0x7fffffff}}]}, 0x290) write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f00000000c0)) getsockopt$inet6_tcp_buf(r3, 0x6, 0x1a, &(0x7f0000000340)=""/91, &(0x7f0000000140)=0x5b) r5 = accept(r3, 0x0, &(0x7f0000000500)) bind$unix(r5, &(0x7f0000000a40)=@abs={0x0, 0x0, 0x4e20}, 0x6e) ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f0000000540)={r2, 0x7, 0x0, "349c7c89b8"}) recvmsg(r3, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) r6 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x9, 0x121000) getsockopt$inet6_tcp_buf(r6, 0x6, 0x3f, &(0x7f0000000600)=""/200, &(0x7f0000000700)=0xc8) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x212) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f00000005c0)={0x0, 0x2, 0x81, &(0x7f0000000580)=0x5}) [ 1243.849458] not chained 5570000 origins [ 1243.851676] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1243.851676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1243.851676] Call Trace: [ 1243.872108] dump_stack+0x32d/0x480 [ 1243.872108] ? save_stack_trace+0xc6/0x110 [ 1243.872108] kmsan_internal_chain_origin+0x222/0x240 [ 1243.872108] ? kmsan_internal_chain_origin+0x136/0x240 [ 1243.872108] ? __msan_chain_origin+0x6d/0xb0 [ 1243.894562] ? __save_stack_trace+0x8be/0xc60 [ 1243.894562] ? save_stack_trace+0xc6/0x110 [ 1243.894562] ? kmsan_internal_chain_origin+0x136/0x240 [ 1243.894562] ? kmsan_memcpy_origins+0x13d/0x190 [ 1243.894562] ? __msan_memcpy+0x6f/0x80 [ 1243.894562] ? pskb_expand_head+0x436/0x1d20 [ 1243.894562] ? skb_shift+0xce2/0x2d10 [ 1243.894562] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1243.894562] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1243.894562] ? tcp_ack+0x2888/0xa010 [ 1243.894562] ? tcp_rcv_established+0xf7e/0x2940 [ 1243.894562] ? tcp_v4_do_rcv+0x686/0xd80 [ 1243.894562] ? tcp_v4_rcv+0x5a13/0x6520 [ 1243.894562] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1243.894562] ? ip_local_deliver+0x44b/0x510 [ 1243.894562] ? ip_rcv+0x6b6/0x740 [ 1243.894562] ? process_backlog+0x82b/0x11e0 [ 1243.894562] ? net_rx_action+0x98f/0x1d50 [ 1243.894562] ? __do_softirq+0x721/0xc7f [ 1243.894562] ? run_ksoftirqd+0x37/0x60 [ 1243.894562] ? smpboot_thread_fn+0x69c/0xb30 [ 1243.982573] ? kthread+0x5e7/0x620 [ 1243.982573] ? ret_from_fork+0x35/0x40 [ 1243.982573] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1243.982573] ? in_task_stack+0x12c/0x210 [ 1243.982573] ? task_kmsan_context_state+0x51/0x90 [ 1243.982573] ? __msan_get_context_state+0x9/0x20 [ 1243.982573] ? __kernel_text_address+0x19/0x350 [ 1243.982573] ? ret_from_fork+0x35/0x40 [ 1243.982573] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1243.982573] ? in_task_stack+0x12c/0x210 [ 1243.982573] __msan_chain_origin+0x6d/0xb0 [ 1243.982573] ? ip_local_deliver+0x44b/0x510 [ 1243.982573] __save_stack_trace+0x8be/0xc60 [ 1243.982573] ? ip_local_deliver+0x44b/0x510 [ 1243.982573] save_stack_trace+0xc6/0x110 [ 1243.982573] kmsan_internal_chain_origin+0x136/0x240 [ 1243.982573] ? run_ksoftirqd+0x37/0x60 [ 1243.982573] ? kmsan_internal_chain_origin+0x136/0x240 [ 1243.982573] ? kmsan_memcpy_origins+0x13d/0x190 [ 1243.982573] ? __msan_memcpy+0x6f/0x80 [ 1243.982573] ? pskb_expand_head+0x436/0x1d20 [ 1243.982573] ? skb_shift+0xfc3/0x2d10 [ 1243.982573] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1243.982573] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1243.982573] ? tcp_ack+0x2888/0xa010 [ 1243.982573] ? tcp_rcv_established+0xf7e/0x2940 [ 1243.982573] ? tcp_v4_do_rcv+0x686/0xd80 [ 1243.982573] ? tcp_v4_rcv+0x5a13/0x6520 [ 1243.982573] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1243.982573] ? ip_local_deliver+0x44b/0x510 [ 1243.982573] ? ip_rcv+0x6b6/0x740 [ 1243.982573] ? process_backlog+0x82b/0x11e0 [ 1243.982573] ? net_rx_action+0x98f/0x1d50 [ 1243.982573] ? __do_softirq+0x721/0xc7f [ 1243.982573] ? run_ksoftirqd+0x37/0x60 [ 1243.982573] ? smpboot_thread_fn+0x69c/0xb30 [ 1244.143638] ? kthread+0x5e7/0x620 [ 1244.143638] ? ret_from_fork+0x35/0x40 [ 1244.143638] ? __msan_get_context_state+0x9/0x20 [ 1244.143638] ? INIT_INT+0xc/0x30 [ 1244.143638] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1244.143638] kmsan_memcpy_origins+0x13d/0x190 [ 1244.143638] __msan_memcpy+0x6f/0x80 [ 1244.143638] pskb_expand_head+0x436/0x1d20 [ 1244.143638] skb_shift+0xfc3/0x2d10 [ 1244.143638] tcp_sacktag_walk+0x2156/0x29d0 [ 1244.143638] tcp_sacktag_write_queue+0x2805/0x4630 [ 1244.143638] tcp_ack+0x2888/0xa010 [ 1244.143638] ? tcp_parse_options+0xbe/0x1cf0 [ 1244.143638] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1244.143638] ? tcp_parse_options+0x1c55/0x1cf0 [ 1244.143638] tcp_rcv_established+0xf7e/0x2940 [ 1244.143638] ? __msan_get_context_state+0x9/0x20 [ 1244.143638] tcp_v4_do_rcv+0x686/0xd80 [ 1244.143638] tcp_v4_rcv+0x5a13/0x6520 [ 1244.143638] ? tcp_filter+0x260/0x260 [ 1244.143638] ip_local_deliver_finish+0x8d8/0xff0 [ 1244.143638] ? nf_hook_slow+0x36f/0x3d0 [ 1244.143638] ip_local_deliver+0x44b/0x510 [ 1244.143638] ? ip_local_deliver+0x510/0x510 [ 1244.143638] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1244.143638] ip_rcv+0x6b6/0x740 [ 1244.143638] ? ip_rcv_core+0x1370/0x1370 [ 1244.143638] process_backlog+0x82b/0x11e0 [ 1244.143638] ? ip_local_deliver_finish+0xff0/0xff0 [ 1244.143638] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1244.143638] net_rx_action+0x98f/0x1d50 [ 1244.143638] ? net_tx_action+0xf20/0xf20 [ 1244.143638] __do_softirq+0x721/0xc7f [ 1244.143638] ? ksoftirqd_should_run+0x50/0x50 [ 1244.143638] run_ksoftirqd+0x37/0x60 [ 1244.143638] smpboot_thread_fn+0x69c/0xb30 [ 1244.143638] kthread+0x5e7/0x620 [ 1244.143638] ? cpu_report_death+0x4a0/0x4a0 [ 1244.143638] ? INIT_BOOL+0x30/0x30 [ 1244.143638] ret_from_fork+0x35/0x40 [ 1244.143638] Uninit was stored to memory at: [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] __msan_chain_origin+0x6d/0xb0 [ 1244.143638] __save_stack_trace+0x8be/0xc60 [ 1244.143638] save_stack_trace+0xc6/0x110 [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] kmsan_memcpy_origins+0x13d/0x190 [ 1244.143638] __msan_memcpy+0x6f/0x80 [ 1244.143638] pskb_expand_head+0x436/0x1d20 [ 1244.143638] skb_shift+0xce2/0x2d10 [ 1244.143638] tcp_sacktag_walk+0x2156/0x29d0 [ 1244.143638] tcp_sacktag_write_queue+0x2805/0x4630 [ 1244.143638] tcp_ack+0x2888/0xa010 [ 1244.143638] tcp_rcv_established+0xf7e/0x2940 [ 1244.143638] tcp_v4_do_rcv+0x686/0xd80 [ 1244.143638] tcp_v4_rcv+0x5a13/0x6520 [ 1244.143638] ip_local_deliver_finish+0x8d8/0xff0 [ 1244.143638] ip_local_deliver+0x44b/0x510 [ 1244.143638] ip_rcv+0x6b6/0x740 [ 1244.143638] process_backlog+0x82b/0x11e0 [ 1244.143638] net_rx_action+0x98f/0x1d50 [ 1244.143638] __do_softirq+0x721/0xc7f [ 1244.143638] [ 1244.143638] Uninit was stored to memory at: [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] __msan_chain_origin+0x6d/0xb0 [ 1244.143638] __save_stack_trace+0x8be/0xc60 [ 1244.143638] save_stack_trace+0xc6/0x110 [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] kmsan_memcpy_origins+0x13d/0x190 [ 1244.143638] __msan_memcpy+0x6f/0x80 [ 1244.143638] pskb_expand_head+0x436/0x1d20 [ 1244.143638] skb_shift+0xce2/0x2d10 [ 1244.143638] tcp_sacktag_walk+0x2156/0x29d0 [ 1244.143638] tcp_sacktag_write_queue+0x2805/0x4630 [ 1244.143638] tcp_ack+0x2888/0xa010 [ 1244.143638] tcp_rcv_established+0xf7e/0x2940 [ 1244.143638] tcp_v4_do_rcv+0x686/0xd80 [ 1244.143638] tcp_v4_rcv+0x5a13/0x6520 [ 1244.143638] ip_local_deliver_finish+0x8d8/0xff0 [ 1244.143638] ip_local_deliver+0x44b/0x510 [ 1244.143638] ip_rcv+0x6b6/0x740 [ 1244.143638] process_backlog+0x82b/0x11e0 [ 1244.143638] net_rx_action+0x98f/0x1d50 [ 1244.143638] __do_softirq+0x721/0xc7f [ 1244.143638] [ 1244.143638] Uninit was stored to memory at: [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] __msan_chain_origin+0x6d/0xb0 [ 1244.143638] __save_stack_trace+0x8be/0xc60 [ 1244.143638] save_stack_trace+0xc6/0x110 [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] kmsan_memcpy_origins+0x13d/0x190 [ 1244.143638] __msan_memcpy+0x6f/0x80 [ 1244.143638] pskb_expand_head+0x436/0x1d20 [ 1244.143638] skb_shift+0xce2/0x2d10 [ 1244.143638] tcp_sacktag_walk+0x2156/0x29d0 [ 1244.143638] tcp_sacktag_write_queue+0x2805/0x4630 [ 1244.143638] tcp_ack+0x2888/0xa010 [ 1244.143638] tcp_rcv_established+0xf7e/0x2940 [ 1244.143638] tcp_v4_do_rcv+0x686/0xd80 [ 1244.143638] tcp_v4_rcv+0x5a13/0x6520 [ 1244.143638] ip_local_deliver_finish+0x8d8/0xff0 [ 1244.143638] ip_local_deliver+0x44b/0x510 [ 1244.143638] ip_rcv+0x6b6/0x740 [ 1244.143638] process_backlog+0x82b/0x11e0 [ 1244.143638] net_rx_action+0x98f/0x1d50 [ 1244.143638] __do_softirq+0x721/0xc7f [ 1244.143638] [ 1244.143638] Uninit was stored to memory at: [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] __msan_chain_origin+0x6d/0xb0 [ 1244.143638] __save_stack_trace+0x8be/0xc60 [ 1244.143638] save_stack_trace+0xc6/0x110 [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] kmsan_memcpy_origins+0x13d/0x190 [ 1244.143638] __msan_memcpy+0x6f/0x80 [ 1244.143638] pskb_expand_head+0x436/0x1d20 [ 1244.143638] skb_shift+0xce2/0x2d10 [ 1244.143638] tcp_sacktag_walk+0x2156/0x29d0 [ 1244.143638] tcp_sacktag_write_queue+0x2805/0x4630 [ 1244.143638] tcp_ack+0x2888/0xa010 [ 1244.143638] tcp_rcv_established+0xf7e/0x2940 [ 1244.143638] tcp_v4_do_rcv+0x686/0xd80 [ 1244.143638] tcp_v4_rcv+0x5a13/0x6520 [ 1244.143638] ip_local_deliver_finish+0x8d8/0xff0 [ 1244.143638] ip_local_deliver+0x44b/0x510 [ 1244.143638] ip_rcv+0x6b6/0x740 [ 1244.143638] process_backlog+0x82b/0x11e0 [ 1244.143638] net_rx_action+0x98f/0x1d50 [ 1244.143638] __do_softirq+0x721/0xc7f [ 1244.143638] [ 1244.143638] Uninit was stored to memory at: [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] __msan_chain_origin+0x6d/0xb0 [ 1244.143638] __save_stack_trace+0x8be/0xc60 [ 1244.143638] save_stack_trace+0xc6/0x110 [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] kmsan_memcpy_origins+0x13d/0x190 [ 1244.143638] __msan_memcpy+0x6f/0x80 [ 1244.143638] pskb_expand_head+0x436/0x1d20 [ 1244.143638] skb_shift+0xce2/0x2d10 [ 1244.143638] tcp_sacktag_walk+0x2156/0x29d0 [ 1244.143638] tcp_sacktag_write_queue+0x2805/0x4630 [ 1244.143638] tcp_ack+0x2888/0xa010 [ 1244.143638] tcp_rcv_established+0xf7e/0x2940 [ 1244.143638] tcp_v4_do_rcv+0x686/0xd80 [ 1244.143638] tcp_v4_rcv+0x5a13/0x6520 [ 1244.143638] ip_local_deliver_finish+0x8d8/0xff0 [ 1244.143638] ip_local_deliver+0x44b/0x510 [ 1244.143638] ip_rcv+0x6b6/0x740 [ 1244.143638] process_backlog+0x82b/0x11e0 [ 1244.143638] net_rx_action+0x98f/0x1d50 [ 1244.143638] __do_softirq+0x721/0xc7f [ 1244.143638] [ 1244.143638] Uninit was stored to memory at: [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] __msan_chain_origin+0x6d/0xb0 [ 1244.143638] __save_stack_trace+0x8be/0xc60 [ 1244.143638] save_stack_trace+0xc6/0x110 [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] kmsan_memcpy_origins+0x13d/0x190 [ 1244.143638] __msan_memcpy+0x6f/0x80 [ 1244.143638] pskb_expand_head+0x436/0x1d20 [ 1244.143638] skb_shift+0xce2/0x2d10 [ 1244.143638] tcp_sacktag_walk+0x2156/0x29d0 [ 1244.143638] tcp_sacktag_write_queue+0x2805/0x4630 [ 1244.143638] tcp_ack+0x2888/0xa010 [ 1244.143638] tcp_rcv_established+0xf7e/0x2940 [ 1244.143638] tcp_v4_do_rcv+0x686/0xd80 [ 1244.143638] tcp_v4_rcv+0x5a13/0x6520 [ 1244.143638] ip_local_deliver_finish+0x8d8/0xff0 [ 1244.143638] ip_local_deliver+0x44b/0x510 [ 1244.143638] ip_rcv+0x6b6/0x740 [ 1244.143638] process_backlog+0x82b/0x11e0 [ 1244.143638] net_rx_action+0x98f/0x1d50 [ 1244.143638] __do_softirq+0x721/0xc7f [ 1244.143638] [ 1244.143638] Uninit was stored to memory at: [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] __msan_chain_origin+0x6d/0xb0 [ 1244.143638] __save_stack_trace+0x8be/0xc60 [ 1244.143638] save_stack_trace+0xc6/0x110 [ 1244.143638] kmsan_internal_chain_origin+0x136/0x240 [ 1244.143638] kmsan_memcpy_origins+0x13d/0x190 [ 1244.143638] __msan_memcpy+0x6f/0x80 [ 1244.143638] pskb_expand_head+0x436/0x1d20 [ 1244.143638] skb_shift+0xce2/0x2d10 [ 1244.143638] tcp_sacktag_walk+0x2156/0x29d0 [ 1244.143638] tcp_sacktag_write_queue+0x2805/0x4630 [ 1244.143638] tcp_ack+0x2888/0xa010 [ 1244.143638] tcp_rcv_established+0xf7e/0x2940 [ 1244.143638] tcp_v4_do_rcv+0x686/0xd80 [ 1244.143638] tcp_v4_rcv+0x5a13/0x6520 [ 1244.143638] ip_local_deliver_finish+0x8d8/0xff0 [ 1244.143638] ip_local_deliver+0x44b/0x510 [ 1244.143638] ip_rcv+0x6b6/0x740 [ 1244.143638] process_backlog+0x82b/0x11e0 [ 1244.143638] net_rx_action+0x98f/0x1d50 [ 1244.143638] __do_softirq+0x721/0xc7f [ 1244.143638] [ 1244.143638] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1244.143638] Variable was created at: [ 1244.143638] ipv4_conntrack_local+0x75/0x470 [ 1244.143638] nf_hook_slow+0x15c/0x3d0 [ 1245.001153] not chained 5580000 origins [ 1245.001990] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1245.001990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1245.013677] Call Trace: [ 1245.013677] dump_stack+0x32d/0x480 [ 1245.013677] kmsan_internal_chain_origin+0x222/0x240 [ 1245.013677] ? kmsan_set_origin+0x7f/0x100 [ 1245.013677] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1245.013677] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1245.013677] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1245.013677] ? in_task_stack+0x12c/0x210 [ 1245.013677] ? task_kmsan_context_state+0x51/0x90 [ 1245.013677] ? __msan_get_context_state+0x9/0x20 [ 1245.013677] ? __kernel_text_address+0x19/0x350 [ 1245.013677] ? ret_from_fork+0x35/0x40 [ 1245.013677] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1245.013677] ? in_task_stack+0x12c/0x210 [ 1245.013677] __msan_chain_origin+0x6d/0xb0 [ 1245.013677] ? kmsan_memcpy_origins+0x13d/0x190 [ 1245.013677] __save_stack_trace+0x8be/0xc60 [ 1245.013677] ? kmsan_memcpy_origins+0x13d/0x190 [ 1245.013677] save_stack_trace+0xc6/0x110 [ 1245.013677] kmsan_internal_chain_origin+0x136/0x240 [ 1245.013677] ? run_ksoftirqd+0x37/0x60 [ 1245.013677] ? kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] ? kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] ? __msan_memcpy+0x6f/0x80 [ 1245.116838] ? pskb_expand_head+0x436/0x1d20 [ 1245.116838] ? skb_shift+0xce2/0x2d10 [ 1245.116838] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] ? tcp_ack+0x2888/0xa010 [ 1245.116838] ? tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] ? tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] ? tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ? ip_local_deliver+0x44b/0x510 [ 1245.116838] ? ip_rcv+0x6b6/0x740 [ 1245.116838] ? process_backlog+0x82b/0x11e0 [ 1245.116838] ? net_rx_action+0x98f/0x1d50 [ 1245.116838] ? __do_softirq+0x721/0xc7f [ 1245.116838] ? run_ksoftirqd+0x37/0x60 [ 1245.116838] ? smpboot_thread_fn+0x69c/0xb30 [ 1245.116838] ? kthread+0x5e7/0x620 [ 1245.116838] ? ret_from_fork+0x35/0x40 [ 1245.116838] ? __msan_get_context_state+0x9/0x20 [ 1245.116838] ? INIT_INT+0xc/0x30 [ 1245.116838] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1245.116838] kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] __msan_memcpy+0x6f/0x80 [ 1245.116838] pskb_expand_head+0x436/0x1d20 [ 1245.116838] skb_shift+0xce2/0x2d10 [ 1245.116838] tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] tcp_ack+0x2888/0xa010 [ 1245.116838] ? tcp_parse_options+0xbe/0x1cf0 [ 1245.116838] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1245.116838] ? tcp_parse_options+0x1c55/0x1cf0 [ 1245.116838] tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] ? __msan_get_context_state+0x9/0x20 [ 1245.116838] tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ? tcp_filter+0x260/0x260 [ 1245.116838] ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ? nf_hook_slow+0x36f/0x3d0 [ 1245.116838] ip_local_deliver+0x44b/0x510 [ 1245.116838] ? ip_local_deliver+0x510/0x510 [ 1245.116838] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1245.116838] ip_rcv+0x6b6/0x740 [ 1245.116838] ? ip_rcv_core+0x1370/0x1370 [ 1245.116838] process_backlog+0x82b/0x11e0 [ 1245.116838] ? ip_local_deliver_finish+0xff0/0xff0 [ 1245.116838] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1245.116838] net_rx_action+0x98f/0x1d50 [ 1245.116838] ? net_tx_action+0xf20/0xf20 [ 1245.116838] __do_softirq+0x721/0xc7f [ 1245.116838] ? ksoftirqd_should_run+0x50/0x50 [ 1245.116838] run_ksoftirqd+0x37/0x60 [ 1245.116838] smpboot_thread_fn+0x69c/0xb30 [ 1245.116838] kthread+0x5e7/0x620 [ 1245.116838] ? cpu_report_death+0x4a0/0x4a0 [ 1245.116838] ? INIT_BOOL+0x30/0x30 [ 1245.116838] ret_from_fork+0x35/0x40 [ 1245.116838] Uninit was stored to memory at: [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] __msan_chain_origin+0x6d/0xb0 [ 1245.116838] __save_stack_trace+0x8be/0xc60 [ 1245.116838] save_stack_trace+0xc6/0x110 [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] __msan_memcpy+0x6f/0x80 [ 1245.116838] pskb_expand_head+0x436/0x1d20 [ 1245.116838] skb_shift+0xce2/0x2d10 [ 1245.116838] tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] tcp_ack+0x2888/0xa010 [ 1245.116838] tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ip_local_deliver+0x44b/0x510 [ 1245.116838] ip_rcv+0x6b6/0x740 [ 1245.116838] process_backlog+0x82b/0x11e0 [ 1245.116838] net_rx_action+0x98f/0x1d50 [ 1245.116838] __do_softirq+0x721/0xc7f [ 1245.116838] [ 1245.116838] Uninit was stored to memory at: [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] __msan_chain_origin+0x6d/0xb0 [ 1245.116838] __save_stack_trace+0x8be/0xc60 [ 1245.116838] save_stack_trace+0xc6/0x110 [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] __msan_memcpy+0x6f/0x80 [ 1245.116838] pskb_expand_head+0x436/0x1d20 [ 1245.116838] skb_shift+0xce2/0x2d10 [ 1245.116838] tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] tcp_ack+0x2888/0xa010 [ 1245.116838] tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ip_local_deliver+0x44b/0x510 [ 1245.116838] ip_rcv+0x6b6/0x740 [ 1245.116838] process_backlog+0x82b/0x11e0 [ 1245.116838] net_rx_action+0x98f/0x1d50 [ 1245.116838] __do_softirq+0x721/0xc7f [ 1245.116838] [ 1245.116838] Uninit was stored to memory at: [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] __msan_chain_origin+0x6d/0xb0 [ 1245.116838] __save_stack_trace+0x8be/0xc60 [ 1245.116838] save_stack_trace+0xc6/0x110 [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] __msan_memcpy+0x6f/0x80 [ 1245.116838] pskb_expand_head+0x436/0x1d20 [ 1245.116838] skb_shift+0xce2/0x2d10 [ 1245.116838] tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] tcp_ack+0x2888/0xa010 [ 1245.116838] tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ip_local_deliver+0x44b/0x510 [ 1245.116838] ip_rcv+0x6b6/0x740 [ 1245.116838] process_backlog+0x82b/0x11e0 [ 1245.116838] net_rx_action+0x98f/0x1d50 [ 1245.116838] __do_softirq+0x721/0xc7f [ 1245.116838] [ 1245.116838] Uninit was stored to memory at: [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] __msan_chain_origin+0x6d/0xb0 [ 1245.116838] __save_stack_trace+0x8be/0xc60 [ 1245.116838] save_stack_trace+0xc6/0x110 [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] __msan_memcpy+0x6f/0x80 [ 1245.116838] pskb_expand_head+0x436/0x1d20 [ 1245.116838] skb_shift+0xce2/0x2d10 [ 1245.116838] tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] tcp_ack+0x2888/0xa010 [ 1245.116838] tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ip_local_deliver+0x44b/0x510 [ 1245.116838] ip_rcv+0x6b6/0x740 [ 1245.116838] process_backlog+0x82b/0x11e0 [ 1245.116838] net_rx_action+0x98f/0x1d50 [ 1245.116838] __do_softirq+0x721/0xc7f [ 1245.116838] [ 1245.116838] Uninit was stored to memory at: [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] __msan_chain_origin+0x6d/0xb0 [ 1245.116838] __save_stack_trace+0x8be/0xc60 [ 1245.116838] save_stack_trace+0xc6/0x110 [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] __msan_memcpy+0x6f/0x80 [ 1245.116838] pskb_expand_head+0x436/0x1d20 [ 1245.116838] skb_shift+0xce2/0x2d10 [ 1245.116838] tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] tcp_ack+0x2888/0xa010 [ 1245.116838] tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ip_local_deliver+0x44b/0x510 [ 1245.116838] ip_rcv+0x6b6/0x740 [ 1245.116838] process_backlog+0x82b/0x11e0 [ 1245.116838] net_rx_action+0x98f/0x1d50 [ 1245.116838] __do_softirq+0x721/0xc7f [ 1245.116838] [ 1245.116838] Uninit was stored to memory at: [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] __msan_chain_origin+0x6d/0xb0 [ 1245.116838] __save_stack_trace+0x8be/0xc60 [ 1245.116838] save_stack_trace+0xc6/0x110 [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] __msan_memcpy+0x6f/0x80 [ 1245.116838] pskb_expand_head+0x436/0x1d20 [ 1245.116838] skb_shift+0xce2/0x2d10 [ 1245.116838] tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] tcp_ack+0x2888/0xa010 [ 1245.116838] tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ip_local_deliver+0x44b/0x510 [ 1245.116838] ip_rcv+0x6b6/0x740 [ 1245.116838] process_backlog+0x82b/0x11e0 [ 1245.116838] net_rx_action+0x98f/0x1d50 [ 1245.116838] __do_softirq+0x721/0xc7f [ 1245.116838] [ 1245.116838] Uninit was stored to memory at: [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] __msan_chain_origin+0x6d/0xb0 [ 1245.116838] __save_stack_trace+0x8be/0xc60 [ 1245.116838] save_stack_trace+0xc6/0x110 [ 1245.116838] kmsan_internal_chain_origin+0x136/0x240 [ 1245.116838] kmsan_memcpy_origins+0x13d/0x190 [ 1245.116838] __msan_memcpy+0x6f/0x80 [ 1245.116838] pskb_expand_head+0x436/0x1d20 [ 1245.116838] skb_shift+0xce2/0x2d10 [ 1245.116838] tcp_sacktag_walk+0x2156/0x29d0 [ 1245.116838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1245.116838] tcp_ack+0x2888/0xa010 [ 1245.116838] tcp_rcv_established+0xf7e/0x2940 [ 1245.116838] tcp_v4_do_rcv+0x686/0xd80 [ 1245.116838] tcp_v4_rcv+0x5a13/0x6520 [ 1245.116838] ip_local_deliver_finish+0x8d8/0xff0 [ 1245.116838] ip_local_deliver+0x44b/0x510 [ 1245.116838] ip_rcv+0x6b6/0x740 [ 1245.116838] process_backlog+0x82b/0x11e0 [ 1245.116838] net_rx_action+0x98f/0x1d50 [ 1245.116838] __do_softirq+0x721/0xc7f [ 1245.116838] [ 1245.116838] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1245.116838] Variable was created at: [ 1245.116838] ipv4_conntrack_local+0x75/0x470 [ 1245.116838] nf_hook_slow+0x15c/0x3d0 [ 1246.066145] not chained 5590000 origins [ 1246.070163] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1246.071670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1246.071670] Call Trace: [ 1246.071670] dump_stack+0x32d/0x480 [ 1246.071670] kmsan_internal_chain_origin+0x222/0x240 [ 1246.071670] ? kmsan_set_origin+0x7f/0x100 [ 1246.071670] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1246.071670] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1246.071670] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1246.071670] ? in_task_stack+0x12c/0x210 [ 1246.071670] ? task_kmsan_context_state+0x51/0x90 [ 1246.071670] ? __msan_get_context_state+0x9/0x20 [ 1246.071670] ? __kernel_text_address+0x19/0x350 [ 1246.071670] ? ret_from_fork+0x35/0x40 [ 1246.071670] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1246.071670] ? in_task_stack+0x12c/0x210 [ 1246.071670] __msan_chain_origin+0x6d/0xb0 [ 1246.071670] ? process_backlog+0x82b/0x11e0 [ 1246.071670] __save_stack_trace+0x8be/0xc60 [ 1246.071670] ? process_backlog+0x82b/0x11e0 [ 1246.071670] save_stack_trace+0xc6/0x110 [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] ? run_ksoftirqd+0x37/0x60 [ 1246.071670] ? kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] ? kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] ? __msan_memcpy+0x6f/0x80 [ 1246.071670] ? pskb_expand_head+0x436/0x1d20 [ 1246.071670] ? skb_shift+0xce2/0x2d10 [ 1246.071670] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] ? tcp_ack+0x2888/0xa010 [ 1246.071670] ? tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] ? tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] ? tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1246.071670] ? ip_local_deliver+0x44b/0x510 [ 1246.071670] ? ip_rcv+0x6b6/0x740 [ 1246.071670] ? process_backlog+0x82b/0x11e0 [ 1246.071670] ? net_rx_action+0x98f/0x1d50 [ 1246.071670] ? __do_softirq+0x721/0xc7f [ 1246.071670] ? run_ksoftirqd+0x37/0x60 [ 1246.071670] ? smpboot_thread_fn+0x69c/0xb30 [ 1246.071670] ? kthread+0x5e7/0x620 [ 1246.071670] ? ret_from_fork+0x35/0x40 [ 1246.071670] ? __msan_get_context_state+0x9/0x20 [ 1246.071670] ? INIT_INT+0xc/0x30 [ 1246.071670] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1246.071670] kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] __msan_memcpy+0x6f/0x80 [ 1246.071670] pskb_expand_head+0x436/0x1d20 [ 1246.071670] skb_shift+0xce2/0x2d10 [ 1246.071670] tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] tcp_ack+0x2888/0xa010 [ 1246.071670] ? tcp_parse_options+0xbe/0x1cf0 [ 1246.071670] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1246.071670] ? tcp_parse_options+0x1c55/0x1cf0 [ 1246.071670] tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] ? __msan_get_context_state+0x9/0x20 [ 1246.071670] tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ? tcp_filter+0x260/0x260 [ 1246.071670] ip_local_deliver_finish+0x8d8/0xff0 [ 1246.071670] ? nf_hook_slow+0x36f/0x3d0 [ 1246.071670] ip_local_deliver+0x44b/0x510 [ 1246.071670] ? ip_local_deliver+0x510/0x510 [ 1246.071670] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1246.071670] ip_rcv+0x6b6/0x740 [ 1246.071670] ? ip_rcv_core+0x1370/0x1370 [ 1246.071670] process_backlog+0x82b/0x11e0 [ 1246.071670] ? ip_local_deliver_finish+0xff0/0xff0 [ 1246.071670] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1246.071670] net_rx_action+0x98f/0x1d50 [ 1246.071670] ? net_tx_action+0xf20/0xf20 [ 1246.071670] __do_softirq+0x721/0xc7f [ 1246.071670] ? ksoftirqd_should_run+0x50/0x50 [ 1246.071670] run_ksoftirqd+0x37/0x60 [ 1246.071670] smpboot_thread_fn+0x69c/0xb30 [ 1246.071670] kthread+0x5e7/0x620 [ 1246.071670] ? cpu_report_death+0x4a0/0x4a0 [ 1246.071670] ? INIT_BOOL+0x30/0x30 [ 1246.071670] ret_from_fork+0x35/0x40 [ 1246.071670] Uninit was stored to memory at: [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] __msan_chain_origin+0x6d/0xb0 [ 1246.071670] __save_stack_trace+0x8be/0xc60 [ 1246.071670] save_stack_trace+0xc6/0x110 [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] __msan_memcpy+0x6f/0x80 [ 1246.071670] pskb_expand_head+0x436/0x1d20 [ 1246.071670] skb_shift+0xce2/0x2d10 [ 1246.071670] tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] tcp_ack+0x2888/0xa010 [ 1246.071670] tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ip_local_deliver_finish+0x8d8/0xff0 [ 1246.071670] ip_local_deliver+0x44b/0x510 [ 1246.071670] ip_rcv+0x6b6/0x740 [ 1246.071670] process_backlog+0x82b/0x11e0 [ 1246.071670] net_rx_action+0x98f/0x1d50 [ 1246.071670] __do_softirq+0x721/0xc7f [ 1246.071670] [ 1246.071670] Uninit was stored to memory at: [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] __msan_chain_origin+0x6d/0xb0 [ 1246.071670] __save_stack_trace+0x8be/0xc60 [ 1246.071670] save_stack_trace+0xc6/0x110 [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] __msan_memcpy+0x6f/0x80 [ 1246.071670] pskb_expand_head+0x436/0x1d20 [ 1246.071670] skb_shift+0xce2/0x2d10 [ 1246.071670] tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] tcp_ack+0x2888/0xa010 [ 1246.071670] tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ip_local_deliver_finish+0x8d8/0xff0 [ 1246.071670] ip_local_deliver+0x44b/0x510 [ 1246.071670] ip_rcv+0x6b6/0x740 [ 1246.071670] process_backlog+0x82b/0x11e0 [ 1246.071670] net_rx_action+0x98f/0x1d50 [ 1246.071670] __do_softirq+0x721/0xc7f [ 1246.071670] [ 1246.071670] Uninit was stored to memory at: [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] __msan_chain_origin+0x6d/0xb0 [ 1246.071670] __save_stack_trace+0x8be/0xc60 [ 1246.071670] save_stack_trace+0xc6/0x110 [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] __msan_memcpy+0x6f/0x80 [ 1246.071670] pskb_expand_head+0x436/0x1d20 [ 1246.071670] skb_shift+0xce2/0x2d10 [ 1246.071670] tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] tcp_ack+0x2888/0xa010 [ 1246.071670] tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ip_local_deliver_finish+0x8d8/0xff0 [ 1246.071670] ip_local_deliver+0x44b/0x510 [ 1246.071670] ip_rcv+0x6b6/0x740 [ 1246.071670] process_backlog+0x82b/0x11e0 [ 1246.071670] net_rx_action+0x98f/0x1d50 [ 1246.071670] __do_softirq+0x721/0xc7f [ 1246.071670] [ 1246.071670] Uninit was stored to memory at: [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] __msan_chain_origin+0x6d/0xb0 [ 1246.071670] __save_stack_trace+0x8be/0xc60 [ 1246.071670] save_stack_trace+0xc6/0x110 [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] __msan_memcpy+0x6f/0x80 [ 1246.071670] pskb_expand_head+0x436/0x1d20 [ 1246.071670] skb_shift+0xce2/0x2d10 [ 1246.071670] tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] tcp_ack+0x2888/0xa010 [ 1246.071670] tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ip_local_deliver_finish+0x8d8/0xff0 [ 1246.071670] ip_local_deliver+0x44b/0x510 [ 1246.071670] ip_rcv+0x6b6/0x740 [ 1246.071670] process_backlog+0x82b/0x11e0 [ 1246.071670] net_rx_action+0x98f/0x1d50 [ 1246.071670] __do_softirq+0x721/0xc7f [ 1246.071670] [ 1246.071670] Uninit was stored to memory at: [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] __msan_chain_origin+0x6d/0xb0 [ 1246.071670] __save_stack_trace+0x8be/0xc60 [ 1246.071670] save_stack_trace+0xc6/0x110 [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] __msan_memcpy+0x6f/0x80 [ 1246.071670] pskb_expand_head+0x436/0x1d20 [ 1246.071670] skb_shift+0xce2/0x2d10 [ 1246.071670] tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] tcp_ack+0x2888/0xa010 [ 1246.071670] tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ip_local_deliver_finish+0x8d8/0xff0 [ 1246.071670] ip_local_deliver+0x44b/0x510 [ 1246.071670] ip_rcv+0x6b6/0x740 [ 1246.071670] process_backlog+0x82b/0x11e0 [ 1246.071670] net_rx_action+0x98f/0x1d50 [ 1246.071670] __do_softirq+0x721/0xc7f [ 1246.071670] [ 1246.071670] Uninit was stored to memory at: [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] __msan_chain_origin+0x6d/0xb0 [ 1246.071670] __save_stack_trace+0x8be/0xc60 [ 1246.071670] save_stack_trace+0xc6/0x110 [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] __msan_memcpy+0x6f/0x80 [ 1246.071670] pskb_expand_head+0x436/0x1d20 [ 1246.071670] skb_shift+0xce2/0x2d10 [ 1246.071670] tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] tcp_ack+0x2888/0xa010 [ 1246.071670] tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ip_local_deliver_finish+0x8d8/0xff0 [ 1246.071670] ip_local_deliver+0x44b/0x510 [ 1246.071670] ip_rcv+0x6b6/0x740 [ 1246.071670] process_backlog+0x82b/0x11e0 [ 1246.071670] net_rx_action+0x98f/0x1d50 [ 1246.071670] __do_softirq+0x721/0xc7f [ 1246.071670] [ 1246.071670] Uninit was stored to memory at: [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] __msan_chain_origin+0x6d/0xb0 [ 1246.071670] __save_stack_trace+0x8be/0xc60 [ 1246.071670] save_stack_trace+0xc6/0x110 [ 1246.071670] kmsan_internal_chain_origin+0x136/0x240 [ 1246.071670] kmsan_memcpy_origins+0x13d/0x190 [ 1246.071670] __msan_memcpy+0x6f/0x80 [ 1246.071670] pskb_expand_head+0x436/0x1d20 [ 1246.071670] skb_shift+0xce2/0x2d10 [ 1246.071670] tcp_sacktag_walk+0x2156/0x29d0 [ 1246.071670] tcp_sacktag_write_queue+0x2805/0x4630 [ 1246.071670] tcp_ack+0x2888/0xa010 [ 1246.071670] tcp_rcv_established+0xf7e/0x2940 [ 1246.071670] tcp_v4_do_rcv+0x686/0xd80 [ 1246.071670] tcp_v4_rcv+0x5a13/0x6520 [ 1246.071670] ip_local_deliver_finish+0x8d8/0xff0 14:18:01 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:01 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32], 0x14, 0x100000000000) [ 1246.071670] ip_local_deliver+0x44b/0x510 [ 1246.071670] ip_rcv+0x6b6/0x740 [ 1246.071670] process_backlog+0x82b/0x11e0 [ 1246.071670] net_rx_action+0x98f/0x1d50 [ 1246.071670] __do_softirq+0x721/0xc7f [ 1246.071670] [ 1246.071670] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1246.071670] Variable was created at: [ 1246.071670] ipv4_conntrack_local+0x75/0x470 [ 1246.071670] nf_hook_slow+0x15c/0x3d0 [ 1247.187547] not chained 5600000 origins [ 1247.191563] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1247.191652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1247.191652] Call Trace: [ 1247.191652] dump_stack+0x32d/0x480 [ 1247.191652] kmsan_internal_chain_origin+0x222/0x240 [ 1247.191652] ? ip_finish_output+0xd93/0x10f0 [ 1247.221852] ? ip_output+0x55c/0x630 [ 1247.221852] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1247.221852] ? in_task_stack+0x12c/0x210 [ 1247.221852] ? task_kmsan_context_state+0x51/0x90 [ 1247.221852] ? __msan_get_context_state+0x9/0x20 [ 1247.221852] ? __kernel_text_address+0x19/0x350 [ 1247.221852] ? ret_from_fork+0x35/0x40 [ 1247.252750] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1247.252750] ? in_task_stack+0x12c/0x210 [ 1247.252750] __msan_chain_origin+0x6d/0xb0 [ 1247.252750] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] __save_stack_trace+0x8be/0xc60 [ 1247.252750] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] save_stack_trace+0xc6/0x110 [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] ? kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] ? kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] ? __msan_memcpy+0x6f/0x80 [ 1247.252750] ? pskb_expand_head+0x436/0x1d20 [ 1247.252750] ? ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ? ip_local_deliver+0x44b/0x510 [ 1247.252750] ? ip_rcv+0x6b6/0x740 [ 1247.252750] ? process_backlog+0x82b/0x11e0 [ 1247.252750] ? net_rx_action+0x98f/0x1d50 [ 1247.252750] ? __do_softirq+0x721/0xc7f [ 1247.252750] ? run_ksoftirqd+0x37/0x60 [ 1247.252750] ? smpboot_thread_fn+0x69c/0xb30 [ 1247.252750] ? kthread+0x5e7/0x620 [ 1247.252750] ? ret_from_fork+0x35/0x40 [ 1247.252750] ? __msan_get_context_state+0x9/0x20 [ 1247.252750] ? INIT_INT+0xc/0x30 [ 1247.252750] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1247.252750] kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] __msan_memcpy+0x6f/0x80 [ 1247.252750] pskb_expand_head+0x436/0x1d20 [ 1247.252750] ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ? tcp_filter+0x260/0x260 [ 1247.252750] ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ? nf_hook_slow+0x36f/0x3d0 [ 1247.252750] ip_local_deliver+0x44b/0x510 [ 1247.252750] ? ip_local_deliver+0x510/0x510 [ 1247.252750] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1247.252750] ip_rcv+0x6b6/0x740 [ 1247.252750] ? ip_rcv_core+0x1370/0x1370 [ 1247.252750] process_backlog+0x82b/0x11e0 [ 1247.252750] ? __msan_get_context_state+0x9/0x20 [ 1247.252750] ? ip_local_deliver_finish+0xff0/0xff0 [ 1247.252750] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1247.252750] net_rx_action+0x98f/0x1d50 [ 1247.252750] ? net_tx_action+0xf20/0xf20 [ 1247.252750] __do_softirq+0x721/0xc7f [ 1247.252750] ? ksoftirqd_should_run+0x50/0x50 [ 1247.252750] run_ksoftirqd+0x37/0x60 [ 1247.252750] smpboot_thread_fn+0x69c/0xb30 [ 1247.252750] kthread+0x5e7/0x620 [ 1247.252750] ? cpu_report_death+0x4a0/0x4a0 [ 1247.252750] ? INIT_BOOL+0x30/0x30 [ 1247.252750] ret_from_fork+0x35/0x40 [ 1247.252750] Uninit was stored to memory at: [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] __msan_chain_origin+0x6d/0xb0 [ 1247.252750] __save_stack_trace+0x8be/0xc60 [ 1247.252750] save_stack_trace+0xc6/0x110 [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] __msan_memcpy+0x6f/0x80 [ 1247.252750] pskb_expand_head+0x436/0x1d20 [ 1247.252750] ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ip_local_deliver+0x44b/0x510 [ 1247.252750] ip_rcv+0x6b6/0x740 [ 1247.252750] process_backlog+0x82b/0x11e0 [ 1247.252750] net_rx_action+0x98f/0x1d50 [ 1247.252750] __do_softirq+0x721/0xc7f [ 1247.252750] [ 1247.252750] Uninit was stored to memory at: [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] __msan_chain_origin+0x6d/0xb0 [ 1247.252750] __save_stack_trace+0x8be/0xc60 [ 1247.252750] save_stack_trace+0xc6/0x110 [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] __msan_memcpy+0x6f/0x80 [ 1247.252750] pskb_expand_head+0x436/0x1d20 [ 1247.252750] ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ip_local_deliver+0x44b/0x510 [ 1247.252750] ip_rcv+0x6b6/0x740 [ 1247.252750] process_backlog+0x82b/0x11e0 [ 1247.252750] net_rx_action+0x98f/0x1d50 [ 1247.252750] __do_softirq+0x721/0xc7f [ 1247.252750] [ 1247.252750] Uninit was stored to memory at: [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] __msan_chain_origin+0x6d/0xb0 [ 1247.252750] __save_stack_trace+0x8be/0xc60 [ 1247.252750] save_stack_trace+0xc6/0x110 [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] __msan_memcpy+0x6f/0x80 [ 1247.252750] pskb_expand_head+0x436/0x1d20 [ 1247.252750] ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ip_local_deliver+0x44b/0x510 [ 1247.252750] ip_rcv+0x6b6/0x740 [ 1247.252750] process_backlog+0x82b/0x11e0 [ 1247.252750] net_rx_action+0x98f/0x1d50 [ 1247.252750] __do_softirq+0x721/0xc7f [ 1247.252750] [ 1247.252750] Uninit was stored to memory at: [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] __msan_chain_origin+0x6d/0xb0 [ 1247.252750] __save_stack_trace+0x8be/0xc60 [ 1247.252750] save_stack_trace+0xc6/0x110 [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] __msan_memcpy+0x6f/0x80 [ 1247.252750] pskb_expand_head+0x436/0x1d20 [ 1247.252750] ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ip_local_deliver+0x44b/0x510 [ 1247.252750] ip_rcv+0x6b6/0x740 [ 1247.252750] process_backlog+0x82b/0x11e0 [ 1247.252750] net_rx_action+0x98f/0x1d50 [ 1247.252750] __do_softirq+0x721/0xc7f [ 1247.252750] [ 1247.252750] Uninit was stored to memory at: [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] __msan_chain_origin+0x6d/0xb0 [ 1247.252750] __save_stack_trace+0x8be/0xc60 [ 1247.252750] save_stack_trace+0xc6/0x110 [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] __msan_memcpy+0x6f/0x80 [ 1247.252750] pskb_expand_head+0x436/0x1d20 [ 1247.252750] ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ip_local_deliver+0x44b/0x510 [ 1247.252750] ip_rcv+0x6b6/0x740 [ 1247.252750] process_backlog+0x82b/0x11e0 [ 1247.252750] net_rx_action+0x98f/0x1d50 [ 1247.252750] __do_softirq+0x721/0xc7f [ 1247.252750] [ 1247.252750] Uninit was stored to memory at: [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] __msan_chain_origin+0x6d/0xb0 [ 1247.252750] __save_stack_trace+0x8be/0xc60 [ 1247.252750] save_stack_trace+0xc6/0x110 [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] __msan_memcpy+0x6f/0x80 [ 1247.252750] pskb_expand_head+0x436/0x1d20 [ 1247.252750] ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ip_local_deliver+0x44b/0x510 [ 1247.252750] ip_rcv+0x6b6/0x740 [ 1247.252750] process_backlog+0x82b/0x11e0 [ 1247.252750] net_rx_action+0x98f/0x1d50 [ 1247.252750] __do_softirq+0x721/0xc7f [ 1247.252750] [ 1247.252750] Uninit was stored to memory at: [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] __msan_chain_origin+0x6d/0xb0 [ 1247.252750] __save_stack_trace+0x8be/0xc60 [ 1247.252750] save_stack_trace+0xc6/0x110 [ 1247.252750] kmsan_internal_chain_origin+0x136/0x240 [ 1247.252750] kmsan_memcpy_origins+0x13d/0x190 [ 1247.252750] __msan_memcpy+0x6f/0x80 [ 1247.252750] pskb_expand_head+0x436/0x1d20 [ 1247.252750] ___pskb_trim+0x3c9/0x1bf0 [ 1247.252750] sk_filter_trim_cap+0x5ac/0xa60 [ 1247.252750] tcp_v4_rcv+0x4a1b/0x6520 [ 1247.252750] ip_local_deliver_finish+0x8d8/0xff0 [ 1247.252750] ip_local_deliver+0x44b/0x510 [ 1247.252750] ip_rcv+0x6b6/0x740 [ 1247.252750] process_backlog+0x82b/0x11e0 [ 1247.252750] net_rx_action+0x98f/0x1d50 [ 1247.252750] __do_softirq+0x721/0xc7f [ 1247.252750] [ 1247.252750] Local variable description: ----i.addr.i.i.i.i.i@memcg_kmem_put_cache [ 1247.252750] Variable was created at: [ 1247.252750] memcg_kmem_put_cache+0x5e/0x460 [ 1247.252750] kmem_cache_alloc_node+0xbad/0xec0 14:18:05 executing program 0 (fault-call:2 fault-nth:0): perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:05 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB], 0x15, 0x100000000000) 14:18:05 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r8, 0x4010641c, &(0x7f0000000300)={r9, &(0x7f0000000200)=""/244}) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCNXCL(r10, 0x540d) fstat(r8, &(0x7f0000000540)) 14:18:05 executing program 1: r0 = accept$inet(0xffffffffffffff9c, &(0x7f00000003c0), &(0x7f0000000400)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffff9c, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={0x0}, &(0x7f0000000480)=0x8) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000004c0)={r1, 0x3, 0xfffffffffffffff8, 0xbceb, 0x100000000, 0xff}, 0x14) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0xd9) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r3, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x8, 0x3, 0x0, 0xe8}]}, 0xfffffffffffffe19) sendto$inet(r3, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', 0x20000, 0x30) setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000780)={0x81, {{0xa, 0x4e22, 0x0, @local, 0x5}}, 0x1, 0x4, [{{0xa, 0x4e21, 0x3, @loopback, 0xfffffffffffffffb}}, {{0xa, 0x4e22, 0x1, @mcast1, 0x4ed2}}, {{0xa, 0x4e20, 0x3f, @ipv4={[], [], @loopback}, 0x5}}, {{0xa, 0x4e21, 0xfffffffffffffbff, @empty, 0x7fffffff}}]}, 0x290) write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f00000000c0)) getsockopt$inet6_tcp_buf(r3, 0x6, 0x1a, &(0x7f0000000340)=""/91, &(0x7f0000000140)=0x5b) r5 = accept(r3, 0x0, &(0x7f0000000500)) bind$unix(r5, &(0x7f0000000a40)=@abs={0x0, 0x0, 0x4e20}, 0x6e) ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f0000000540)={r2, 0x7, 0x0, "349c7c89b8"}) recvmsg(r3, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) r6 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x9, 0x121000) getsockopt$inet6_tcp_buf(r6, 0x6, 0x3f, &(0x7f0000000600)=""/200, &(0x7f0000000700)=0xc8) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x212) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f00000005c0)={0x0, 0x2, 0x81, &(0x7f0000000580)=0x5}) 14:18:05 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x0, &(0x7f0000f40ff8)}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1248.524266] FAULT_INJECTION: forcing a failure. [ 1248.524266] name failslab, interval 1, probability 0, space 0, times 0 [ 1248.531747] CPU: 1 PID: 19092 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #85 [ 1248.531747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1248.531747] Call Trace: [ 1248.531747] dump_stack+0x32d/0x480 [ 1248.531747] should_fail+0x11e5/0x13c0 [ 1248.531747] __should_failslab+0x278/0x2a0 [ 1248.564385] should_failslab+0x29/0x70 [ 1248.564385] kmem_cache_alloc+0x146/0xe20 [ 1248.564385] ? __sigqueue_alloc+0x53e/0x860 [ 1248.564385] ? kmsan_set_origin+0x7f/0x100 [ 1248.564385] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1248.564385] __sigqueue_alloc+0x53e/0x860 [ 1248.564385] __send_signal+0x692/0x1b40 [ 1248.564385] ? __msan_get_context_state+0x9/0x20 [ 1248.564385] force_sig_info+0x6ac/0xa80 [ 1248.603006] force_sig_fault+0x15a/0x1e0 [ 1248.603006] __bad_area_nosemaphore+0x5d0/0x8f0 [ 1248.603006] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1248.603006] bad_area+0xe8/0x100 [ 1248.603006] __do_page_fault+0x1057/0x1d90 [ 1248.603006] ? __msan_poison_alloca+0x1e0/0x270 [ 1248.603006] do_page_fault+0x98/0xd0 [ 1248.603006] ? page_fault+0x8/0x30 [ 1248.603006] page_fault+0x1e/0x30 [ 1248.603006] RIP: 0033:0x20000140 [ 1248.603006] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <36> 42 4f 64 33 7f 7f 8f a9 78 db 77 e4 c4 a6 eb f7 17 c4 82 7d 18 [ 1248.603006] RSP: 002b:00007fb0b0f0fc58 EFLAGS: 00010206 14:18:05 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x20, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x0, &(0x7f0000f40ff8)}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1248.603006] RAX: 0000000000401580 RBX: 00007fb0b0f0fc90 RCX: 0000000000000000 [ 1248.603006] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140 [ 1248.603006] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1248.603006] R10: 0000000000000064 R11: 0000000000000000 R12: 00007fb0b0f106d4 [ 1248.603006] R13: 00000000004c4b9e R14: 00000000004d8268 R15: 0000000000000003 14:18:05 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYBLOB], 0x14, 0x100000000000) 14:18:06 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x427a, 0x0) getsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000080), &(0x7f00000001c0)=0x4) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(r2, 0x0, r0) 14:18:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYBLOB], 0x14, 0x100000000000) 14:18:06 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x0, &(0x7f0000f40ff8)}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:06 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7fffffff, 0x2000) ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, &(0x7f0000000040)={{0x0, @addr=0x7}, 0x8, 0x3, 0x80000001}) sendmsg$nl_xfrm(r0, &(0x7f0000773fc8)={&(0x7f0000450ff4), 0xc, &(0x7f0000ad0ff0)={&(0x7f0000b2b000)=@updsa={0xf8, 0x1a, 0x401, 0x0, 0x0, {{@in6, @in6=@mcast1}, {@in6=@ipv4={[], [], @local={0xac, 0x14, 0xffffffffffffffff}}, 0x0, 0x3c}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0xa}, [@tfcpad={0x8}]}, 0xf8}}, 0x0) 14:18:06 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xfffffffffffffe01, 0x400) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000340)={0xffffffffffffffff}, 0x13f, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r1, &(0x7f00000003c0)={0x10, 0x30, 0xfa00, {&(0x7f0000000140), 0x2, {0xa, 0x4e22, 0x400, @mcast1, 0xffffffffffffffbd}, r2}}, 0x38) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYBLOB], 0x14, 0x100000000000) 14:18:06 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r8, 0x4010641c, &(0x7f0000000300)={r9, &(0x7f0000000200)=""/244}) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCNXCL(r10, 0x540d) [ 1249.732444] not chained 5610000 origins [ 1249.736470] CPU: 0 PID: 19127 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 1249.741665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1249.741665] Call Trace: [ 1249.741665] [ 1249.741665] dump_stack+0x32d/0x480 [ 1249.741665] kmsan_internal_chain_origin+0x222/0x240 [ 1249.741665] ? save_stack_trace+0xc6/0x110 [ 1249.741665] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1249.741665] ? kmsan_internal_chain_origin+0x90/0x240 [ 1249.741665] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1249.741665] ? is_bpf_text_address+0x49e/0x4d0 [ 1249.741665] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1249.741665] __msan_chain_origin+0x6d/0xb0 [ 1249.741665] ? __msan_memcpy+0x6f/0x80 [ 1249.741665] __save_stack_trace+0x8be/0xc60 [ 1249.741665] ? __msan_memcpy+0x6f/0x80 [ 1249.741665] save_stack_trace+0xc6/0x110 [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] ? __msan_poison_alloca+0xbd/0x270 [ 1249.741665] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1249.741665] ? kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] ? kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] ? __msan_memcpy+0x6f/0x80 [ 1249.741665] ? pskb_expand_head+0x436/0x1d20 [ 1249.741665] ? tcp_fragment+0x378/0x21d0 [ 1249.741665] ? tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] ? tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] ? tcp_write_timer+0x139/0x250 [ 1249.741665] ? call_timer_fn+0x356/0x7c0 [ 1249.741665] ? __run_timers+0xe95/0x1300 [ 1249.741665] ? run_timer_softirq+0x55/0xa0 [ 1249.741665] ? __do_softirq+0x721/0xc7f [ 1249.741665] ? irq_exit+0x305/0x340 [ 1249.741665] ? exiting_irq+0xe/0x10 [ 1249.741665] ? smp_apic_timer_interrupt+0x64/0x90 [ 1249.741665] ? apic_timer_interrupt+0xf/0x20 [ 1249.741665] ? kmsan_get_metadata_or_null+0x1db/0x380 [ 1249.741665] ? __msan_poison_alloca+0xbd/0x270 [ 1249.741665] ? page_remove_rmap+0x106/0x1820 [ 1249.741665] ? unmap_page_range+0x213a/0x3950 [ 1249.741665] ? unmap_single_vma+0x43f/0x5e0 [ 1249.741665] ? unmap_vmas+0x251/0x380 [ 1249.741665] ? exit_mmap+0x51e/0xa10 [ 1249.741665] ? __mmput+0x17a/0x700 [ 1249.741665] ? mmput+0x190/0x210 [ 1249.741665] ? exit_mm+0xa90/0xc70 [ 1249.741665] ? do_exit+0x10f2/0x4070 [ 1249.741665] ? do_group_exit+0x1a7/0x350 [ 1249.741665] ? get_signal+0x11e2/0x2330 [ 1249.741665] ? do_signal+0x1f3/0x2fc0 [ 1249.741665] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1249.741665] ? syscall_return_slowpath+0xed/0x730 [ 1249.741665] ? do_syscall_64+0xf5/0x110 [ 1249.741665] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1249.741665] ? __msan_get_context_state+0x9/0x20 [ 1249.741665] ? INIT_INT+0xc/0x30 [ 1249.741665] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1249.741665] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1249.741665] kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] __msan_memcpy+0x6f/0x80 [ 1249.741665] pskb_expand_head+0x436/0x1d20 [ 1249.741665] tcp_fragment+0x378/0x21d0 [ 1249.741665] tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] tcp_write_timer+0x139/0x250 [ 1249.741665] call_timer_fn+0x356/0x7c0 [ 1249.741665] ? tcp_init_xmit_timers+0x130/0x130 [ 1249.741665] __run_timers+0xe95/0x1300 [ 1249.741665] ? tcp_init_xmit_timers+0x130/0x130 [ 1249.741665] run_timer_softirq+0x55/0xa0 [ 1249.741665] ? timers_dead_cpu+0xb70/0xb70 [ 1249.741665] __do_softirq+0x721/0xc7f [ 1249.741665] irq_exit+0x305/0x340 [ 1249.741665] exiting_irq+0xe/0x10 [ 1249.741665] smp_apic_timer_interrupt+0x64/0x90 [ 1249.741665] apic_timer_interrupt+0xf/0x20 [ 1249.741665] [ 1249.741665] RIP: 0010:kmsan_get_metadata_or_null+0x1db/0x380 [ 1249.741665] Code: ff 84 c0 0f 84 73 01 00 00 49 8d 45 40 49 83 c5 48 80 7d d4 00 49 0f 45 c5 48 b9 00 00 00 00 00 16 00 00 48 03 08 48 c1 e9 05 <48> ba 00 b0 aa aa aa aa aa aa 48 0f af d1 4c 09 f2 48 b8 00 00 00 [ 1249.741665] RSP: 0018:ffff888118b5f1d8 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13 [ 1249.741665] RAX: ffffea00069443e0 RBX: ffff888118b5f318 RCX: 000000000034a24d [ 1249.741665] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff888118b5f318 [ 1249.741665] RBP: ffff888118b5f210 R08: 0000000000480020 R09: 0000000000000002 [ 1249.741665] R10: 000000ffffffffff R11: 0000000000000000 R12: ffff888198b5f318 [ 1249.741665] R13: ffffea00069443e8 R14: 0000000000000318 R15: 0000000000000004 [ 1249.741665] __msan_poison_alloca+0xbd/0x270 [ 1249.741665] ? page_remove_rmap+0xf1/0x1820 [ 1249.741665] ? unmap_page_range+0x213a/0x3950 [ 1249.741665] page_remove_rmap+0x106/0x1820 [ 1249.741665] ? __tlb_remove_page_size+0x24b/0x560 [ 1249.741665] unmap_page_range+0x213a/0x3950 [ 1249.741665] unmap_single_vma+0x43f/0x5e0 [ 1249.741665] unmap_vmas+0x251/0x380 [ 1249.741665] exit_mmap+0x51e/0xa10 [ 1249.741665] ? __khugepaged_exit+0x6b9/0x8b0 [ 1249.741665] __mmput+0x17a/0x700 [ 1249.741665] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1249.741665] mmput+0x190/0x210 [ 1249.741665] exit_mm+0xa90/0xc70 [ 1249.741665] do_exit+0x10f2/0x4070 [ 1249.741665] do_group_exit+0x1a7/0x350 [ 1249.741665] get_signal+0x11e2/0x2330 [ 1249.741665] ? do_signal+0x1dd/0x2fc0 [ 1249.741665] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1249.741665] do_signal+0x1f3/0x2fc0 [ 1249.741665] ? kmsan_set_origin+0x7f/0x100 [ 1249.741665] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1249.741665] prepare_exit_to_usermode+0x2c9/0x4c0 [ 1249.741665] syscall_return_slowpath+0xed/0x730 [ 1249.741665] do_syscall_64+0xf5/0x110 [ 1249.741665] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1249.741665] RIP: 0033:0x457569 [ 1249.741665] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1249.741665] RSP: 002b:00007f26388a1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1249.741665] RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569 [ 1249.741665] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08 [ 1249.741665] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1249.741665] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c [ 1249.741665] R13: 0000000000a3fb7f R14: 00007f26388a29c0 R15: 0000000000000000 [ 1249.741665] Uninit was stored to memory at: [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] __msan_chain_origin+0x6d/0xb0 [ 1249.741665] __save_stack_trace+0x8be/0xc60 [ 1249.741665] save_stack_trace+0xc6/0x110 [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] __msan_memcpy+0x6f/0x80 [ 1249.741665] pskb_expand_head+0x436/0x1d20 [ 1249.741665] tcp_fragment+0x378/0x21d0 [ 1249.741665] tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] tcp_write_timer+0x139/0x250 [ 1249.741665] call_timer_fn+0x356/0x7c0 [ 1249.741665] __run_timers+0xe95/0x1300 [ 1249.741665] run_timer_softirq+0x55/0xa0 [ 1249.741665] __do_softirq+0x721/0xc7f [ 1249.741665] [ 1249.741665] Uninit was stored to memory at: [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] __msan_chain_origin+0x6d/0xb0 [ 1249.741665] __save_stack_trace+0x8be/0xc60 [ 1249.741665] save_stack_trace+0xc6/0x110 [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] __msan_memcpy+0x6f/0x80 [ 1249.741665] pskb_expand_head+0x436/0x1d20 [ 1249.741665] tcp_fragment+0x378/0x21d0 [ 1249.741665] tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] tcp_write_timer+0x139/0x250 [ 1249.741665] call_timer_fn+0x356/0x7c0 [ 1249.741665] __run_timers+0xe95/0x1300 [ 1249.741665] run_timer_softirq+0x55/0xa0 [ 1249.741665] __do_softirq+0x721/0xc7f [ 1249.741665] [ 1249.741665] Uninit was stored to memory at: [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] __msan_chain_origin+0x6d/0xb0 [ 1249.741665] __save_stack_trace+0x8be/0xc60 [ 1249.741665] save_stack_trace+0xc6/0x110 [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] __msan_memcpy+0x6f/0x80 [ 1249.741665] pskb_expand_head+0x436/0x1d20 [ 1249.741665] tcp_fragment+0x378/0x21d0 [ 1249.741665] tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] tcp_write_timer+0x139/0x250 [ 1249.741665] call_timer_fn+0x356/0x7c0 [ 1249.741665] __run_timers+0xe95/0x1300 [ 1249.741665] run_timer_softirq+0x55/0xa0 [ 1249.741665] __do_softirq+0x721/0xc7f [ 1249.741665] [ 1249.741665] Uninit was stored to memory at: [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] __msan_chain_origin+0x6d/0xb0 [ 1249.741665] __save_stack_trace+0x8be/0xc60 [ 1249.741665] save_stack_trace+0xc6/0x110 [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] __msan_memcpy+0x6f/0x80 [ 1249.741665] pskb_expand_head+0x436/0x1d20 [ 1249.741665] tcp_fragment+0x378/0x21d0 [ 1249.741665] tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] tcp_write_timer+0x139/0x250 [ 1249.741665] call_timer_fn+0x356/0x7c0 [ 1249.741665] __run_timers+0xe95/0x1300 [ 1249.741665] run_timer_softirq+0x55/0xa0 [ 1249.741665] __do_softirq+0x721/0xc7f [ 1249.741665] [ 1249.741665] Uninit was stored to memory at: [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] __msan_chain_origin+0x6d/0xb0 [ 1249.741665] __save_stack_trace+0x8be/0xc60 [ 1249.741665] save_stack_trace+0xc6/0x110 [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] __msan_memcpy+0x6f/0x80 [ 1249.741665] pskb_expand_head+0x436/0x1d20 [ 1249.741665] tcp_fragment+0x378/0x21d0 [ 1249.741665] tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] tcp_write_timer+0x139/0x250 [ 1249.741665] call_timer_fn+0x356/0x7c0 [ 1249.741665] __run_timers+0xe95/0x1300 [ 1249.741665] run_timer_softirq+0x55/0xa0 [ 1249.741665] __do_softirq+0x721/0xc7f [ 1249.741665] [ 1249.741665] Uninit was stored to memory at: [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] __msan_chain_origin+0x6d/0xb0 [ 1249.741665] __save_stack_trace+0x8be/0xc60 [ 1249.741665] save_stack_trace+0xc6/0x110 [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] __msan_memcpy+0x6f/0x80 [ 1249.741665] pskb_expand_head+0x436/0x1d20 [ 1249.741665] tcp_fragment+0x378/0x21d0 [ 1249.741665] tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] tcp_write_timer+0x139/0x250 [ 1249.741665] call_timer_fn+0x356/0x7c0 [ 1249.741665] __run_timers+0xe95/0x1300 [ 1249.741665] run_timer_softirq+0x55/0xa0 [ 1249.741665] __do_softirq+0x721/0xc7f [ 1249.741665] [ 1249.741665] Uninit was stored to memory at: [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] __msan_chain_origin+0x6d/0xb0 [ 1249.741665] __save_stack_trace+0x8be/0xc60 [ 1249.741665] save_stack_trace+0xc6/0x110 [ 1249.741665] kmsan_internal_chain_origin+0x136/0x240 [ 1249.741665] kmsan_memcpy_origins+0x13d/0x190 [ 1249.741665] __msan_memcpy+0x6f/0x80 [ 1249.741665] pskb_expand_head+0x436/0x1d20 [ 1249.741665] tcp_fragment+0x378/0x21d0 [ 1249.741665] tcp_send_loss_probe+0x6a2/0xc00 [ 1249.741665] tcp_write_timer_handler+0x691/0xe80 [ 1249.741665] tcp_write_timer+0x139/0x250 [ 1249.741665] call_timer_fn+0x356/0x7c0 [ 1249.741665] __run_timers+0xe95/0x1300 [ 1249.741665] run_timer_softirq+0x55/0xa0 [ 1249.741665] __do_softirq+0x721/0xc7f [ 1249.741665] [ 1249.741665] Local variable description: ----target.i.i@nf_nat_inet_fn [ 1249.741665] Variable was created at: [ 1249.741665] nf_nat_inet_fn+0xaf/0x1290 [ 1249.741665] nf_nat_ipv4_in+0x3a5/0x5e0 14:18:08 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x0, &(0x7f0000f40ff8)}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:08 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYRES32, @ANYBLOB], 0x13, 0x100000000000) 14:18:08 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") r1 = dup2(r0, r0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r2, @ANYBLOB="100327bd7000ffdbdf2510000000080006000800000008000400090000001400020008000600f100000008000000040000000600000014000600fe8000000000000000003f3d3da810a95f834bb8628e60f7c60000000000aa0c000100080005000000000024000300080005007f000001080003000400000008000500ffffffff080001000300000008000500070000000800050007000000068c1ea63e34e7c0c382da64baac1364eeecf8ddc0268d5383b76c5182a98646ddb2dbcfc015f9f7b8d55c72f5b7dd6d811c9be4e959be557c6213f2846e15eb82e95a76e5608179428362f39ddb6cfe527d4ec13db39412b0b8b39213868e7a227a83d0075b18c5ea6ea82be77fa4a1f0450442fedb694e39dbbfea24882f47abc7e2bac59c69a8862932a04bcaa9fa791a65935cb00bb4457b88295f2a0b8ffa8d7c78235a3fe5968be2a5f7da536526e8c8e52ba63a781ca03464d0c500000000000000000000000000000000"], 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x48005) setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:08 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r2 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_udp_int(r2, 0x11, 0x6f, &(0x7f00000004c0), &(0x7f0000000500)=0x4) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000340)={0x0, 0x20, 0xffffffff, 0x15, 0x5, 0x6, 0x7, 0x9, {0x0, @in6={{0xa, 0x4e24, 0xb32, @dev={0xfe, 0x80, [], 0xc}, 0x6}}, 0x2, 0x0, 0x91, 0x81, 0xbad7}}, &(0x7f0000000000)=0xb0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000400)={r3, @in6={{0xa, 0x4e21, 0x7, @dev={0xfe, 0x80, [], 0x1d}, 0x8}}}, &(0x7f0000000140)=0x84) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:08 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB="080f2200", @ANYBLOB], 0x12, 0x100000000000) 14:18:08 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x0, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:08 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, r0, 0x0, 0x1, &(0x7f0000000000)='\x00', 0xffffffffffffffff}, 0x30) ptrace$peekuser(0x3, r1, 0x81) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:08 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, r0) keyctl$assume_authority(0x10, r1) r2 = syz_open_dev$adsp(&(0x7f00000003c0)='/dev/adsp#\x00', 0x8, 0x0) ioctl$LOOP_CLR_FD(r2, 0x4c01) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f0000000000)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r3, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f00000000c0)) recvmsg(r3, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) openat$ppp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ppp\x00', 0x121000, 0x0) 14:18:09 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000001300)={0x53, 0x0, 0x6, 0x0, @buffer={0xd, 0x76, &(0x7f00000000c0)=""/118}, &(0x7f0000000200)="9a4757c4e674", &(0x7f0000000300)=""/4096, 0x0, 0x0, 0x0, &(0x7f0000000140)}) 14:18:09 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYRESOCT, @ANYBLOB], 0x11, 0x100000000000) 14:18:09 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/dlm_plock\x00', 0x20880, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000400)={0x7f, @rand_addr=0x5, 0x4e22, 0x4, 'wrr\x00', 0x2, 0x81, 0x60}, 0x2c) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x100) ioctl$KDDELIO(r2, 0x4b35, 0x40) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:09 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r8, 0x4010641c, &(0x7f0000000300)={r9, &(0x7f0000000200)=""/244}) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) 14:18:09 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x0, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:09 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000240), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) socket$inet6_dccp(0xa, 0x6, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000080)={0x0, 0xfade}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000200)={0x6, 0x8000, 0x3, 0x6, r2}, 0x10) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:09 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000200", @ANYBLOB], 0x10, 0x100000000000) [ 1252.678905] not chained 5620000 origins [ 1252.681659] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1252.681659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1252.681659] Call Trace: [ 1252.681659] dump_stack+0x32d/0x480 [ 1252.681659] kmsan_internal_chain_origin+0x222/0x240 [ 1252.681659] ? INIT_BOOL+0xc/0x30 [ 1252.681659] ? do_raw_spin_lock+0x2c3/0x410 [ 1252.681659] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1252.681659] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1252.681659] ? in_task_stack+0x12c/0x210 [ 1252.681659] ? task_kmsan_context_state+0x51/0x90 [ 1252.681659] ? __msan_get_context_state+0x9/0x20 [ 1252.681659] ? __kernel_text_address+0x19/0x350 [ 1252.681659] ? ret_from_fork+0x35/0x40 [ 1252.681659] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1252.681659] ? in_task_stack+0x12c/0x210 [ 1252.681659] __msan_chain_origin+0x6d/0xb0 [ 1252.681659] ? ip_rcv+0x6b6/0x740 [ 1252.681659] __save_stack_trace+0x8be/0xc60 [ 1252.681659] ? ip_rcv+0x6b6/0x740 [ 1252.681659] save_stack_trace+0xc6/0x110 [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] ? run_ksoftirqd+0x37/0x60 [ 1252.681659] ? kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] ? kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] ? __msan_memcpy+0x6f/0x80 [ 1252.681659] ? pskb_expand_head+0x436/0x1d20 [ 1252.681659] ? skb_shift+0xce2/0x2d10 [ 1252.681659] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] ? tcp_ack+0x2888/0xa010 [ 1252.681659] ? tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] ? tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] ? tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ? ip_local_deliver+0x44b/0x510 [ 1252.681659] ? ip_rcv+0x6b6/0x740 [ 1252.681659] ? process_backlog+0x82b/0x11e0 [ 1252.681659] ? net_rx_action+0x98f/0x1d50 [ 1252.681659] ? __do_softirq+0x721/0xc7f [ 1252.681659] ? run_ksoftirqd+0x37/0x60 [ 1252.681659] ? smpboot_thread_fn+0x69c/0xb30 [ 1252.681659] ? kthread+0x5e7/0x620 [ 1252.681659] ? ret_from_fork+0x35/0x40 [ 1252.681659] ? __msan_get_context_state+0x9/0x20 [ 1252.681659] ? INIT_INT+0xc/0x30 [ 1252.681659] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1252.681659] kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] __msan_memcpy+0x6f/0x80 [ 1252.681659] pskb_expand_head+0x436/0x1d20 [ 1252.681659] skb_shift+0xce2/0x2d10 [ 1252.681659] tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] tcp_ack+0x2888/0xa010 [ 1252.681659] ? tcp_parse_options+0xbe/0x1cf0 [ 1252.681659] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1252.681659] ? tcp_parse_options+0x1c55/0x1cf0 [ 1252.681659] tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] ? __msan_get_context_state+0x9/0x20 [ 1252.681659] tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ? tcp_filter+0x260/0x260 [ 1252.681659] ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ? nf_hook_slow+0x36f/0x3d0 [ 1252.681659] ip_local_deliver+0x44b/0x510 [ 1252.681659] ? ip_local_deliver+0x510/0x510 [ 1252.681659] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1252.681659] ip_rcv+0x6b6/0x740 [ 1252.681659] ? ip_rcv_core+0x1370/0x1370 [ 1252.681659] process_backlog+0x82b/0x11e0 [ 1252.681659] ? ip_local_deliver_finish+0xff0/0xff0 [ 1252.681659] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1252.681659] net_rx_action+0x98f/0x1d50 [ 1252.681659] ? net_tx_action+0xf20/0xf20 [ 1252.681659] __do_softirq+0x721/0xc7f [ 1252.681659] ? ksoftirqd_should_run+0x50/0x50 [ 1252.681659] run_ksoftirqd+0x37/0x60 [ 1252.681659] smpboot_thread_fn+0x69c/0xb30 [ 1252.681659] kthread+0x5e7/0x620 [ 1252.681659] ? cpu_report_death+0x4a0/0x4a0 [ 1252.681659] ? INIT_BOOL+0x30/0x30 [ 1252.681659] ret_from_fork+0x35/0x40 [ 1252.681659] Uninit was stored to memory at: [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] __msan_chain_origin+0x6d/0xb0 [ 1252.681659] __save_stack_trace+0x8be/0xc60 [ 1252.681659] save_stack_trace+0xc6/0x110 [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] __msan_memcpy+0x6f/0x80 [ 1252.681659] pskb_expand_head+0x436/0x1d20 [ 1252.681659] skb_shift+0xce2/0x2d10 [ 1252.681659] tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] tcp_ack+0x2888/0xa010 [ 1252.681659] tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ip_local_deliver+0x44b/0x510 [ 1252.681659] ip_rcv+0x6b6/0x740 [ 1252.681659] process_backlog+0x82b/0x11e0 [ 1252.681659] net_rx_action+0x98f/0x1d50 [ 1252.681659] __do_softirq+0x721/0xc7f [ 1252.681659] [ 1252.681659] Uninit was stored to memory at: [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] __msan_chain_origin+0x6d/0xb0 [ 1252.681659] __save_stack_trace+0x8be/0xc60 [ 1252.681659] save_stack_trace+0xc6/0x110 [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] __msan_memcpy+0x6f/0x80 [ 1252.681659] pskb_expand_head+0x436/0x1d20 [ 1252.681659] skb_shift+0xce2/0x2d10 [ 1252.681659] tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] tcp_ack+0x2888/0xa010 [ 1252.681659] tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ip_local_deliver+0x44b/0x510 [ 1252.681659] ip_rcv+0x6b6/0x740 [ 1252.681659] process_backlog+0x82b/0x11e0 [ 1252.681659] net_rx_action+0x98f/0x1d50 [ 1252.681659] __do_softirq+0x721/0xc7f [ 1252.681659] [ 1252.681659] Uninit was stored to memory at: [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] __msan_chain_origin+0x6d/0xb0 [ 1252.681659] __save_stack_trace+0x8be/0xc60 [ 1252.681659] save_stack_trace+0xc6/0x110 [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] __msan_memcpy+0x6f/0x80 [ 1252.681659] pskb_expand_head+0x436/0x1d20 [ 1252.681659] skb_shift+0xce2/0x2d10 [ 1252.681659] tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] tcp_ack+0x2888/0xa010 [ 1252.681659] tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ip_local_deliver+0x44b/0x510 [ 1252.681659] ip_rcv+0x6b6/0x740 [ 1252.681659] process_backlog+0x82b/0x11e0 [ 1252.681659] net_rx_action+0x98f/0x1d50 [ 1252.681659] __do_softirq+0x721/0xc7f [ 1252.681659] [ 1252.681659] Uninit was stored to memory at: [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] __msan_chain_origin+0x6d/0xb0 [ 1252.681659] __save_stack_trace+0x8be/0xc60 [ 1252.681659] save_stack_trace+0xc6/0x110 [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] __msan_memcpy+0x6f/0x80 [ 1252.681659] pskb_expand_head+0x436/0x1d20 [ 1252.681659] skb_shift+0xce2/0x2d10 [ 1252.681659] tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] tcp_ack+0x2888/0xa010 [ 1252.681659] tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ip_local_deliver+0x44b/0x510 [ 1252.681659] ip_rcv+0x6b6/0x740 [ 1252.681659] process_backlog+0x82b/0x11e0 [ 1252.681659] net_rx_action+0x98f/0x1d50 [ 1252.681659] __do_softirq+0x721/0xc7f [ 1252.681659] [ 1252.681659] Uninit was stored to memory at: [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] __msan_chain_origin+0x6d/0xb0 [ 1252.681659] __save_stack_trace+0x8be/0xc60 [ 1252.681659] save_stack_trace+0xc6/0x110 [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] __msan_memcpy+0x6f/0x80 [ 1252.681659] pskb_expand_head+0x436/0x1d20 [ 1252.681659] skb_shift+0xce2/0x2d10 [ 1252.681659] tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] tcp_ack+0x2888/0xa010 [ 1252.681659] tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ip_local_deliver+0x44b/0x510 [ 1252.681659] ip_rcv+0x6b6/0x740 [ 1252.681659] process_backlog+0x82b/0x11e0 [ 1252.681659] net_rx_action+0x98f/0x1d50 [ 1252.681659] __do_softirq+0x721/0xc7f [ 1252.681659] [ 1252.681659] Uninit was stored to memory at: [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] __msan_chain_origin+0x6d/0xb0 [ 1252.681659] __save_stack_trace+0x8be/0xc60 [ 1252.681659] save_stack_trace+0xc6/0x110 [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] __msan_memcpy+0x6f/0x80 [ 1252.681659] pskb_expand_head+0x436/0x1d20 [ 1252.681659] skb_shift+0xce2/0x2d10 [ 1252.681659] tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] tcp_ack+0x2888/0xa010 [ 1252.681659] tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ip_local_deliver+0x44b/0x510 [ 1252.681659] ip_rcv+0x6b6/0x740 [ 1252.681659] process_backlog+0x82b/0x11e0 [ 1252.681659] net_rx_action+0x98f/0x1d50 [ 1252.681659] __do_softirq+0x721/0xc7f [ 1252.681659] [ 1252.681659] Uninit was stored to memory at: [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] __msan_chain_origin+0x6d/0xb0 [ 1252.681659] __save_stack_trace+0x8be/0xc60 [ 1252.681659] save_stack_trace+0xc6/0x110 [ 1252.681659] kmsan_internal_chain_origin+0x136/0x240 [ 1252.681659] kmsan_memcpy_origins+0x13d/0x190 [ 1252.681659] __msan_memcpy+0x6f/0x80 [ 1252.681659] pskb_expand_head+0x436/0x1d20 [ 1252.681659] skb_shift+0xce2/0x2d10 [ 1252.681659] tcp_sacktag_walk+0x2156/0x29d0 [ 1252.681659] tcp_sacktag_write_queue+0x2805/0x4630 [ 1252.681659] tcp_ack+0x2888/0xa010 [ 1252.681659] tcp_rcv_established+0xf7e/0x2940 [ 1252.681659] tcp_v4_do_rcv+0x686/0xd80 [ 1252.681659] tcp_v4_rcv+0x5a13/0x6520 [ 1252.681659] ip_local_deliver_finish+0x8d8/0xff0 [ 1252.681659] ip_local_deliver+0x44b/0x510 [ 1252.681659] ip_rcv+0x6b6/0x740 [ 1252.681659] process_backlog+0x82b/0x11e0 [ 1252.681659] net_rx_action+0x98f/0x1d50 [ 1252.681659] __do_softirq+0x721/0xc7f [ 1252.681659] [ 1252.681659] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1252.681659] Variable was created at: [ 1252.681659] ipv4_conntrack_local+0x75/0x470 [ 1252.681659] nf_hook_slow+0x15c/0x3d0 14:18:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB], 0xf, 0x100000000000) 14:18:11 executing program 1: 14:18:11 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="08000100", @ANYBLOB], 0xe, 0x100000000000) 14:18:11 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000340)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x10) 14:18:11 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r8, 0x4010641c, &(0x7f0000000300)={r9, &(0x7f0000000200)=""/244}) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:11 executing program 1: [ 1254.988379] not chained 5630000 origins [ 1254.991658] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1254.991658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1255.003733] Call Trace: [ 1255.003733] dump_stack+0x32d/0x480 [ 1255.003733] kmsan_internal_chain_origin+0x222/0x240 [ 1255.003733] ? ret_from_fork+0x35/0x40 [ 1255.003733] ? save_stack_trace+0xc6/0x110 [ 1255.003733] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1255.003733] ? kmsan_internal_chain_origin+0x90/0x240 14:18:12 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB], 0xd, 0x100000000000) 14:18:12 executing program 1: [ 1255.003733] ? kmsan_internal_chain_origin+0x136/0x240 [ 1255.003733] ? __msan_chain_origin+0x6d/0xb0 [ 1255.003733] ? save_stack_trace+0xfa/0x110 [ 1255.003733] ? kmsan_internal_chain_origin+0x136/0x240 [ 1255.003733] ? kmsan_memcpy_origins+0x13d/0x190 [ 1255.003733] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1255.003733] ? in_task_stack+0x12c/0x210 [ 1255.003733] __msan_chain_origin+0x6d/0xb0 [ 1255.003733] ? run_ksoftirqd+0x37/0x60 [ 1255.080365] __save_stack_trace+0x8be/0xc60 [ 1255.081791] ? run_ksoftirqd+0x37/0x60 14:18:12 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000001c0)) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1255.081791] save_stack_trace+0xc6/0x110 [ 1255.081791] kmsan_internal_chain_origin+0x136/0x240 [ 1255.081791] ? kmsan_internal_chain_origin+0x136/0x240 [ 1255.081791] ? kmsan_memcpy_origins+0x13d/0x190 [ 1255.081791] ? __msan_memcpy+0x6f/0x80 [ 1255.081791] ? pskb_expand_head+0x436/0x1d20 [ 1255.081791] ? ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ? ip_local_deliver+0x44b/0x510 [ 1255.117367] ? ip_rcv+0x6b6/0x740 [ 1255.117367] ? process_backlog+0x82b/0x11e0 [ 1255.117367] ? net_rx_action+0x98f/0x1d50 [ 1255.117367] ? __do_softirq+0x721/0xc7f [ 1255.117367] ? run_ksoftirqd+0x37/0x60 [ 1255.117367] ? smpboot_thread_fn+0x69c/0xb30 [ 1255.117367] ? kthread+0x5e7/0x620 [ 1255.117367] ? ret_from_fork+0x35/0x40 [ 1255.117367] ? __msan_get_context_state+0x9/0x20 [ 1255.117367] ? INIT_INT+0xc/0x30 [ 1255.117367] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1255.117367] kmsan_memcpy_origins+0x13d/0x190 [ 1255.117367] __msan_memcpy+0x6f/0x80 [ 1255.117367] pskb_expand_head+0x436/0x1d20 [ 1255.117367] ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ? tcp_filter+0x260/0x260 [ 1255.117367] ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ? nf_hook_slow+0x36f/0x3d0 [ 1255.117367] ip_local_deliver+0x44b/0x510 [ 1255.117367] ? ip_local_deliver+0x510/0x510 [ 1255.117367] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1255.117367] ip_rcv+0x6b6/0x740 [ 1255.117367] ? ip_rcv_core+0x1370/0x1370 [ 1255.117367] process_backlog+0x82b/0x11e0 [ 1255.117367] ? ip_local_deliver_finish+0xff0/0xff0 [ 1255.117367] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1255.117367] net_rx_action+0x98f/0x1d50 [ 1255.117367] ? net_tx_action+0xf20/0xf20 [ 1255.117367] __do_softirq+0x721/0xc7f [ 1255.117367] ? ksoftirqd_should_run+0x50/0x50 [ 1255.117367] run_ksoftirqd+0x37/0x60 [ 1255.117367] smpboot_thread_fn+0x69c/0xb30 [ 1255.117367] kthread+0x5e7/0x620 [ 1255.117367] ? cpu_report_death+0x4a0/0x4a0 [ 1255.117367] ? INIT_BOOL+0x30/0x30 [ 1255.117367] ret_from_fork+0x35/0x40 [ 1255.117367] Uninit was stored to memory at: [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] __msan_chain_origin+0x6d/0xb0 [ 1255.117367] __save_stack_trace+0x8be/0xc60 [ 1255.117367] save_stack_trace+0xc6/0x110 [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] kmsan_memcpy_origins+0x13d/0x190 [ 1255.117367] __msan_memcpy+0x6f/0x80 [ 1255.117367] pskb_expand_head+0x436/0x1d20 [ 1255.117367] ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ip_local_deliver+0x44b/0x510 [ 1255.117367] ip_rcv+0x6b6/0x740 [ 1255.117367] process_backlog+0x82b/0x11e0 [ 1255.117367] net_rx_action+0x98f/0x1d50 [ 1255.117367] __do_softirq+0x721/0xc7f [ 1255.117367] [ 1255.117367] Uninit was stored to memory at: [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] __msan_chain_origin+0x6d/0xb0 [ 1255.117367] __save_stack_trace+0x8be/0xc60 [ 1255.117367] save_stack_trace+0xc6/0x110 [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] kmsan_memcpy_origins+0x13d/0x190 [ 1255.117367] __msan_memcpy+0x6f/0x80 [ 1255.117367] pskb_expand_head+0x436/0x1d20 [ 1255.117367] ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ip_local_deliver+0x44b/0x510 [ 1255.117367] ip_rcv+0x6b6/0x740 [ 1255.117367] process_backlog+0x82b/0x11e0 [ 1255.117367] net_rx_action+0x98f/0x1d50 [ 1255.117367] __do_softirq+0x721/0xc7f [ 1255.117367] [ 1255.117367] Uninit was stored to memory at: [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] __msan_chain_origin+0x6d/0xb0 [ 1255.117367] __save_stack_trace+0x8be/0xc60 [ 1255.117367] save_stack_trace+0xc6/0x110 [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] kmsan_memcpy_origins+0x13d/0x190 [ 1255.117367] __msan_memcpy+0x6f/0x80 [ 1255.117367] pskb_expand_head+0x436/0x1d20 [ 1255.117367] ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ip_local_deliver+0x44b/0x510 [ 1255.117367] ip_rcv+0x6b6/0x740 [ 1255.117367] process_backlog+0x82b/0x11e0 [ 1255.117367] net_rx_action+0x98f/0x1d50 [ 1255.117367] __do_softirq+0x721/0xc7f [ 1255.117367] [ 1255.117367] Uninit was stored to memory at: [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] __msan_chain_origin+0x6d/0xb0 [ 1255.117367] __save_stack_trace+0x8be/0xc60 [ 1255.117367] save_stack_trace+0xc6/0x110 [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] kmsan_memcpy_origins+0x13d/0x190 [ 1255.117367] __msan_memcpy+0x6f/0x80 [ 1255.117367] pskb_expand_head+0x436/0x1d20 [ 1255.117367] ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ip_local_deliver+0x44b/0x510 [ 1255.117367] ip_rcv+0x6b6/0x740 [ 1255.117367] process_backlog+0x82b/0x11e0 [ 1255.117367] net_rx_action+0x98f/0x1d50 [ 1255.117367] __do_softirq+0x721/0xc7f [ 1255.117367] [ 1255.117367] Uninit was stored to memory at: [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] __msan_chain_origin+0x6d/0xb0 [ 1255.117367] __save_stack_trace+0x8be/0xc60 [ 1255.117367] save_stack_trace+0xc6/0x110 [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] kmsan_memcpy_origins+0x13d/0x190 [ 1255.117367] __msan_memcpy+0x6f/0x80 [ 1255.117367] pskb_expand_head+0x436/0x1d20 [ 1255.117367] ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ip_local_deliver+0x44b/0x510 [ 1255.117367] ip_rcv+0x6b6/0x740 [ 1255.117367] process_backlog+0x82b/0x11e0 [ 1255.117367] net_rx_action+0x98f/0x1d50 [ 1255.117367] __do_softirq+0x721/0xc7f [ 1255.117367] [ 1255.117367] Uninit was stored to memory at: [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] __msan_chain_origin+0x6d/0xb0 [ 1255.117367] __save_stack_trace+0x8be/0xc60 [ 1255.117367] save_stack_trace+0xc6/0x110 [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] kmsan_memcpy_origins+0x13d/0x190 [ 1255.117367] __msan_memcpy+0x6f/0x80 [ 1255.117367] pskb_expand_head+0x436/0x1d20 [ 1255.117367] ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ip_local_deliver+0x44b/0x510 [ 1255.117367] ip_rcv+0x6b6/0x740 [ 1255.117367] process_backlog+0x82b/0x11e0 [ 1255.117367] net_rx_action+0x98f/0x1d50 [ 1255.117367] __do_softirq+0x721/0xc7f [ 1255.117367] [ 1255.117367] Uninit was stored to memory at: [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] __msan_chain_origin+0x6d/0xb0 [ 1255.117367] __save_stack_trace+0x8be/0xc60 [ 1255.117367] save_stack_trace+0xc6/0x110 [ 1255.117367] kmsan_internal_chain_origin+0x136/0x240 [ 1255.117367] kmsan_memcpy_origins+0x13d/0x190 [ 1255.117367] __msan_memcpy+0x6f/0x80 [ 1255.117367] pskb_expand_head+0x436/0x1d20 [ 1255.117367] ___pskb_trim+0x3c9/0x1bf0 [ 1255.117367] sk_filter_trim_cap+0x5ac/0xa60 [ 1255.117367] tcp_v4_rcv+0x4a1b/0x6520 [ 1255.117367] ip_local_deliver_finish+0x8d8/0xff0 [ 1255.117367] ip_local_deliver+0x44b/0x510 [ 1255.117367] ip_rcv+0x6b6/0x740 [ 1255.117367] process_backlog+0x82b/0x11e0 [ 1255.117367] net_rx_action+0x98f/0x1d50 [ 1255.117367] __do_softirq+0x721/0xc7f [ 1255.117367] [ 1255.117367] Local variable description: ----__ai_n1.i.i.i.i@kmem_cache_free [ 1255.117367] Variable was created at: [ 1255.117367] kmem_cache_free+0x158/0x3370 [ 1255.117367] kfree_skb_partial+0x9a/0xd0 14:18:13 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000400)={{{@in=@remote, @in6=@ipv4={[], [], @dev}}}, {{@in=@broadcast}, 0x0, @in=@loopback}}, &(0x7f0000000080)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000500)={{{@in=@rand_addr, @in=@dev}}, {{@in=@broadcast}, 0x0, @in=@loopback}}, &(0x7f00000001c0)=0xe8) r1 = geteuid() fstat(r0, &(0x7f0000000200)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000600)={{{@in=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f0000000300)=0xe8) fstat(r0, &(0x7f0000000700)) fstat(r0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r1, r2, r3) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000340)) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r4, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x5, @loopback}, 0xfe2d) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:13 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:13 executing program 1: 14:18:13 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYBLOB], 0xc, 0x100000000000) 14:18:13 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80000, 0x0) ioctl$HDIO_GETGEO(r1, 0x301, &(0x7f0000000140)) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:13 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) openat$dsp(0xffffffffffffff9c, &(0x7f0000000880)='/dev/dsp\x00', 0x24000, 0x0) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1256.768215] not chained 5640000 origins [ 1256.771675] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1256.771675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1256.783279] Call Trace: [ 1256.789974] dump_stack+0x32d/0x480 [ 1256.789974] kmsan_internal_chain_origin+0x222/0x240 [ 1256.789974] ? ret_from_fork+0x35/0x40 [ 1256.789974] ? save_stack_trace+0xc6/0x110 [ 1256.789974] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1256.789974] ? kmsan_internal_chain_origin+0x90/0x240 [ 1256.789974] ? task_kmsan_context_state+0x51/0x90 [ 1256.789974] ? __msan_get_context_state+0x9/0x20 [ 1256.789974] ? __kernel_text_address+0x19/0x350 [ 1256.789974] ? ret_from_fork+0x35/0x40 [ 1256.789974] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1256.789974] ? in_task_stack+0x12c/0x210 [ 1256.789974] __msan_chain_origin+0x6d/0xb0 [ 1256.789974] __save_stack_trace+0xaff/0xc60 [ 1256.789974] ? ret_from_fork+0x35/0x40 [ 1256.789974] save_stack_trace+0xc6/0x110 [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] ? kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] ? kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] ? __msan_memcpy+0x6f/0x80 [ 1256.789974] ? pskb_expand_head+0x436/0x1d20 [ 1256.789974] ? ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ? ip_local_deliver+0x44b/0x510 [ 1256.789974] ? ip_rcv+0x6b6/0x740 [ 1256.789974] ? process_backlog+0x82b/0x11e0 [ 1256.789974] ? net_rx_action+0x98f/0x1d50 [ 1256.789974] ? __do_softirq+0x721/0xc7f [ 1256.789974] ? run_ksoftirqd+0x37/0x60 [ 1256.789974] ? smpboot_thread_fn+0x69c/0xb30 [ 1256.789974] ? kthread+0x5e7/0x620 [ 1256.789974] ? ret_from_fork+0x35/0x40 [ 1256.789974] ? __msan_get_context_state+0x9/0x20 [ 1256.789974] ? INIT_INT+0xc/0x30 [ 1256.789974] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1256.789974] kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] __msan_memcpy+0x6f/0x80 [ 1256.789974] pskb_expand_head+0x436/0x1d20 [ 1256.789974] ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ? tcp_filter+0x260/0x260 [ 1256.789974] ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ? nf_hook_slow+0x36f/0x3d0 [ 1256.789974] ip_local_deliver+0x44b/0x510 [ 1256.789974] ? ip_local_deliver+0x510/0x510 [ 1256.789974] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1256.789974] ip_rcv+0x6b6/0x740 [ 1256.789974] ? ip_rcv_core+0x1370/0x1370 [ 1256.789974] process_backlog+0x82b/0x11e0 [ 1256.789974] ? ip_local_deliver_finish+0xff0/0xff0 [ 1256.789974] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1256.789974] net_rx_action+0x98f/0x1d50 [ 1256.789974] ? net_tx_action+0xf20/0xf20 [ 1256.789974] __do_softirq+0x721/0xc7f [ 1256.789974] ? ksoftirqd_should_run+0x50/0x50 [ 1256.789974] run_ksoftirqd+0x37/0x60 [ 1256.789974] smpboot_thread_fn+0x69c/0xb30 [ 1256.789974] kthread+0x5e7/0x620 [ 1256.789974] ? cpu_report_death+0x4a0/0x4a0 [ 1256.789974] ? INIT_BOOL+0x30/0x30 [ 1256.789974] ret_from_fork+0x35/0x40 [ 1256.789974] Uninit was stored to memory at: [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] __msan_chain_origin+0x6d/0xb0 [ 1256.789974] __save_stack_trace+0x8be/0xc60 [ 1256.789974] save_stack_trace+0xc6/0x110 [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] __msan_memcpy+0x6f/0x80 [ 1256.789974] pskb_expand_head+0x436/0x1d20 [ 1256.789974] ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ip_local_deliver+0x44b/0x510 [ 1256.789974] ip_rcv+0x6b6/0x740 [ 1256.789974] process_backlog+0x82b/0x11e0 [ 1256.789974] net_rx_action+0x98f/0x1d50 [ 1256.789974] __do_softirq+0x721/0xc7f [ 1256.789974] [ 1256.789974] Uninit was stored to memory at: [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] __msan_chain_origin+0x6d/0xb0 [ 1256.789974] __save_stack_trace+0x8be/0xc60 [ 1256.789974] save_stack_trace+0xc6/0x110 [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] __msan_memcpy+0x6f/0x80 [ 1256.789974] pskb_expand_head+0x436/0x1d20 [ 1256.789974] ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ip_local_deliver+0x44b/0x510 [ 1256.789974] ip_rcv+0x6b6/0x740 [ 1256.789974] process_backlog+0x82b/0x11e0 [ 1256.789974] net_rx_action+0x98f/0x1d50 [ 1256.789974] __do_softirq+0x721/0xc7f [ 1256.789974] [ 1256.789974] Uninit was stored to memory at: [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] __msan_chain_origin+0x6d/0xb0 [ 1256.789974] __save_stack_trace+0x8be/0xc60 [ 1256.789974] save_stack_trace+0xc6/0x110 [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] __msan_memcpy+0x6f/0x80 [ 1256.789974] pskb_expand_head+0x436/0x1d20 [ 1256.789974] ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ip_local_deliver+0x44b/0x510 [ 1256.789974] ip_rcv+0x6b6/0x740 [ 1256.789974] process_backlog+0x82b/0x11e0 [ 1256.789974] net_rx_action+0x98f/0x1d50 [ 1256.789974] __do_softirq+0x721/0xc7f [ 1256.789974] [ 1256.789974] Uninit was stored to memory at: [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] __msan_chain_origin+0x6d/0xb0 [ 1256.789974] __save_stack_trace+0x8be/0xc60 [ 1256.789974] save_stack_trace+0xc6/0x110 [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] __msan_memcpy+0x6f/0x80 [ 1256.789974] pskb_expand_head+0x436/0x1d20 [ 1256.789974] ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ip_local_deliver+0x44b/0x510 [ 1256.789974] ip_rcv+0x6b6/0x740 [ 1256.789974] process_backlog+0x82b/0x11e0 [ 1256.789974] net_rx_action+0x98f/0x1d50 [ 1256.789974] __do_softirq+0x721/0xc7f [ 1256.789974] [ 1256.789974] Uninit was stored to memory at: [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] __msan_chain_origin+0x6d/0xb0 [ 1256.789974] __save_stack_trace+0x8be/0xc60 [ 1256.789974] save_stack_trace+0xc6/0x110 [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] __msan_memcpy+0x6f/0x80 [ 1256.789974] pskb_expand_head+0x436/0x1d20 [ 1256.789974] ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ip_local_deliver+0x44b/0x510 [ 1256.789974] ip_rcv+0x6b6/0x740 [ 1256.789974] process_backlog+0x82b/0x11e0 [ 1256.789974] net_rx_action+0x98f/0x1d50 [ 1256.789974] __do_softirq+0x721/0xc7f [ 1256.789974] [ 1256.789974] Uninit was stored to memory at: [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] __msan_chain_origin+0x6d/0xb0 [ 1256.789974] __save_stack_trace+0x8be/0xc60 [ 1256.789974] save_stack_trace+0xc6/0x110 [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] __msan_memcpy+0x6f/0x80 [ 1256.789974] pskb_expand_head+0x436/0x1d20 [ 1256.789974] ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ip_local_deliver+0x44b/0x510 [ 1256.789974] ip_rcv+0x6b6/0x740 [ 1256.789974] process_backlog+0x82b/0x11e0 [ 1256.789974] net_rx_action+0x98f/0x1d50 [ 1256.789974] __do_softirq+0x721/0xc7f [ 1256.789974] [ 1256.789974] Uninit was stored to memory at: [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] __msan_chain_origin+0x6d/0xb0 [ 1256.789974] __save_stack_trace+0x8be/0xc60 [ 1256.789974] save_stack_trace+0xc6/0x110 [ 1256.789974] kmsan_internal_chain_origin+0x136/0x240 [ 1256.789974] kmsan_memcpy_origins+0x13d/0x190 [ 1256.789974] __msan_memcpy+0x6f/0x80 [ 1256.789974] pskb_expand_head+0x436/0x1d20 [ 1256.789974] ___pskb_trim+0x3c9/0x1bf0 [ 1256.789974] sk_filter_trim_cap+0x5ac/0xa60 [ 1256.789974] tcp_v4_rcv+0x4a1b/0x6520 [ 1256.789974] ip_local_deliver_finish+0x8d8/0xff0 [ 1256.789974] ip_local_deliver+0x44b/0x510 [ 1256.789974] ip_rcv+0x6b6/0x740 [ 1256.789974] process_backlog+0x82b/0x11e0 [ 1256.789974] net_rx_action+0x98f/0x1d50 [ 1256.789974] __do_softirq+0x721/0xc7f [ 1256.789974] [ 1256.789974] Local variable description: ----c.i.i@should_fail [ 1256.789974] Variable was created at: [ 1256.789974] should_fail+0x162/0x13c0 14:18:13 executing program 1: 14:18:13 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYBLOB], 0xc, 0x100000000000) [ 1256.789974] __should_failslab+0x278/0x2a0 14:18:14 executing program 1: 14:18:14 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:15 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="08000300", @ANYBLOB], 0xc, 0x100000000000) [ 1258.188243] not chained 5650000 origins [ 1258.191673] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1258.191673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1258.191673] Call Trace: [ 1258.191673] dump_stack+0x32d/0x480 [ 1258.191673] ? save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x222/0x240 [ 1258.191673] ? kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] ? __msan_chain_origin+0x6d/0xb0 [ 1258.191673] ? __save_stack_trace+0x8be/0xc60 [ 1258.191673] ? save_stack_trace+0xc6/0x110 [ 1258.191673] ? kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] ? kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] ? __msan_memcpy+0x6f/0x80 [ 1258.191673] ? pskb_expand_head+0x436/0x1d20 [ 1258.191673] ? skb_shift+0xce2/0x2d10 [ 1258.191673] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] ? tcp_ack+0x2888/0xa010 [ 1258.191673] ? tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] ? tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] ? tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ? ip_local_deliver+0x44b/0x510 [ 1258.191673] ? ip_rcv+0x6b6/0x740 [ 1258.191673] ? process_backlog+0x82b/0x11e0 [ 1258.191673] ? net_rx_action+0x98f/0x1d50 [ 1258.191673] ? __do_softirq+0x721/0xc7f [ 1258.191673] ? run_ksoftirqd+0x37/0x60 [ 1258.191673] ? smpboot_thread_fn+0x69c/0xb30 [ 1258.191673] ? kthread+0x5e7/0x620 [ 1258.191673] ? ret_from_fork+0x35/0x40 [ 1258.191673] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1258.191673] ? in_task_stack+0x12c/0x210 [ 1258.191673] ? task_kmsan_context_state+0x51/0x90 [ 1258.191673] ? __msan_get_context_state+0x9/0x20 [ 1258.191673] ? __kernel_text_address+0x19/0x350 [ 1258.191673] ? ret_from_fork+0x35/0x40 [ 1258.191673] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1258.191673] ? in_task_stack+0x12c/0x210 [ 1258.191673] __msan_chain_origin+0x6d/0xb0 [ 1258.191673] ? tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] __save_stack_trace+0x8be/0xc60 [ 1258.191673] ? tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] ? run_ksoftirqd+0x37/0x60 [ 1258.191673] ? kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] ? kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] ? __msan_memcpy+0x6f/0x80 [ 1258.191673] ? pskb_expand_head+0x436/0x1d20 [ 1258.191673] ? skb_shift+0xce2/0x2d10 [ 1258.191673] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] ? tcp_ack+0x2888/0xa010 [ 1258.191673] ? tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] ? tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] ? tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ? ip_local_deliver+0x44b/0x510 [ 1258.191673] ? ip_rcv+0x6b6/0x740 [ 1258.191673] ? process_backlog+0x82b/0x11e0 [ 1258.191673] ? net_rx_action+0x98f/0x1d50 [ 1258.191673] ? __do_softirq+0x721/0xc7f [ 1258.191673] ? run_ksoftirqd+0x37/0x60 [ 1258.191673] ? smpboot_thread_fn+0x69c/0xb30 [ 1258.191673] ? kthread+0x5e7/0x620 [ 1258.191673] ? ret_from_fork+0x35/0x40 [ 1258.191673] ? __msan_get_context_state+0x9/0x20 [ 1258.191673] ? INIT_INT+0xc/0x30 [ 1258.191673] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1258.191673] kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] __msan_memcpy+0x6f/0x80 [ 1258.191673] pskb_expand_head+0x436/0x1d20 [ 1258.191673] skb_shift+0xce2/0x2d10 [ 1258.191673] tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] ? task_scan_max+0x6b0/0x750 [ 1258.191673] tcp_ack+0x2888/0xa010 [ 1258.191673] ? tcp_parse_options+0xbe/0x1cf0 [ 1258.191673] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1258.191673] ? tcp_parse_options+0x1c55/0x1cf0 [ 1258.191673] tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] ? __msan_get_context_state+0x9/0x20 [ 1258.191673] tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ? tcp_filter+0x260/0x260 [ 1258.191673] ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ? nf_hook_slow+0x36f/0x3d0 [ 1258.191673] ip_local_deliver+0x44b/0x510 [ 1258.191673] ? ip_local_deliver+0x510/0x510 [ 1258.191673] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1258.191673] ip_rcv+0x6b6/0x740 [ 1258.191673] ? ip_rcv_core+0x1370/0x1370 [ 1258.191673] process_backlog+0x82b/0x11e0 [ 1258.191673] ? ip_local_deliver_finish+0xff0/0xff0 [ 1258.191673] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1258.191673] net_rx_action+0x98f/0x1d50 [ 1258.191673] ? net_tx_action+0xf20/0xf20 [ 1258.191673] __do_softirq+0x721/0xc7f [ 1258.191673] ? ksoftirqd_should_run+0x50/0x50 [ 1258.191673] run_ksoftirqd+0x37/0x60 [ 1258.191673] smpboot_thread_fn+0x69c/0xb30 [ 1258.191673] kthread+0x5e7/0x620 [ 1258.191673] ? cpu_report_death+0x4a0/0x4a0 [ 1258.191673] ? INIT_BOOL+0x30/0x30 [ 1258.191673] ret_from_fork+0x35/0x40 [ 1258.191673] Uninit was stored to memory at: [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] __msan_chain_origin+0x6d/0xb0 [ 1258.191673] __save_stack_trace+0x8be/0xc60 [ 1258.191673] save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] __msan_memcpy+0x6f/0x80 [ 1258.191673] pskb_expand_head+0x436/0x1d20 [ 1258.191673] skb_shift+0xce2/0x2d10 [ 1258.191673] tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] tcp_ack+0x2888/0xa010 [ 1258.191673] tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ip_local_deliver+0x44b/0x510 [ 1258.191673] ip_rcv+0x6b6/0x740 [ 1258.191673] process_backlog+0x82b/0x11e0 [ 1258.191673] net_rx_action+0x98f/0x1d50 [ 1258.191673] __do_softirq+0x721/0xc7f [ 1258.191673] [ 1258.191673] Uninit was stored to memory at: [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] __msan_chain_origin+0x6d/0xb0 [ 1258.191673] __save_stack_trace+0x8be/0xc60 [ 1258.191673] save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] __msan_memcpy+0x6f/0x80 [ 1258.191673] pskb_expand_head+0x436/0x1d20 [ 1258.191673] skb_shift+0xce2/0x2d10 [ 1258.191673] tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] tcp_ack+0x2888/0xa010 [ 1258.191673] tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ip_local_deliver+0x44b/0x510 [ 1258.191673] ip_rcv+0x6b6/0x740 [ 1258.191673] process_backlog+0x82b/0x11e0 [ 1258.191673] net_rx_action+0x98f/0x1d50 [ 1258.191673] __do_softirq+0x721/0xc7f [ 1258.191673] [ 1258.191673] Uninit was stored to memory at: [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] __msan_chain_origin+0x6d/0xb0 [ 1258.191673] __save_stack_trace+0x8be/0xc60 [ 1258.191673] save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] __msan_memcpy+0x6f/0x80 [ 1258.191673] pskb_expand_head+0x436/0x1d20 [ 1258.191673] skb_shift+0xce2/0x2d10 [ 1258.191673] tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] tcp_ack+0x2888/0xa010 [ 1258.191673] tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ip_local_deliver+0x44b/0x510 [ 1258.191673] ip_rcv+0x6b6/0x740 [ 1258.191673] process_backlog+0x82b/0x11e0 [ 1258.191673] net_rx_action+0x98f/0x1d50 [ 1258.191673] __do_softirq+0x721/0xc7f [ 1258.191673] [ 1258.191673] Uninit was stored to memory at: [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] __msan_chain_origin+0x6d/0xb0 [ 1258.191673] __save_stack_trace+0x8be/0xc60 [ 1258.191673] save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] __msan_memcpy+0x6f/0x80 [ 1258.191673] pskb_expand_head+0x436/0x1d20 [ 1258.191673] skb_shift+0xce2/0x2d10 [ 1258.191673] tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] tcp_ack+0x2888/0xa010 [ 1258.191673] tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ip_local_deliver+0x44b/0x510 [ 1258.191673] ip_rcv+0x6b6/0x740 [ 1258.191673] process_backlog+0x82b/0x11e0 [ 1258.191673] net_rx_action+0x98f/0x1d50 [ 1258.191673] __do_softirq+0x721/0xc7f [ 1258.191673] [ 1258.191673] Uninit was stored to memory at: [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] __msan_chain_origin+0x6d/0xb0 [ 1258.191673] __save_stack_trace+0x8be/0xc60 [ 1258.191673] save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] __msan_memcpy+0x6f/0x80 [ 1258.191673] pskb_expand_head+0x436/0x1d20 [ 1258.191673] skb_shift+0xce2/0x2d10 [ 1258.191673] tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] tcp_ack+0x2888/0xa010 [ 1258.191673] tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ip_local_deliver+0x44b/0x510 [ 1258.191673] ip_rcv+0x6b6/0x740 [ 1258.191673] process_backlog+0x82b/0x11e0 [ 1258.191673] net_rx_action+0x98f/0x1d50 [ 1258.191673] __do_softirq+0x721/0xc7f [ 1258.191673] [ 1258.191673] Uninit was stored to memory at: [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] __msan_chain_origin+0x6d/0xb0 [ 1258.191673] __save_stack_trace+0x8be/0xc60 [ 1258.191673] save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] __msan_memcpy+0x6f/0x80 [ 1258.191673] pskb_expand_head+0x436/0x1d20 [ 1258.191673] skb_shift+0xce2/0x2d10 [ 1258.191673] tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] tcp_ack+0x2888/0xa010 [ 1258.191673] tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ip_local_deliver+0x44b/0x510 [ 1258.191673] ip_rcv+0x6b6/0x740 [ 1258.191673] process_backlog+0x82b/0x11e0 [ 1258.191673] net_rx_action+0x98f/0x1d50 [ 1258.191673] __do_softirq+0x721/0xc7f [ 1258.191673] [ 1258.191673] Uninit was stored to memory at: [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] __msan_chain_origin+0x6d/0xb0 [ 1258.191673] __save_stack_trace+0x8be/0xc60 [ 1258.191673] save_stack_trace+0xc6/0x110 [ 1258.191673] kmsan_internal_chain_origin+0x136/0x240 [ 1258.191673] kmsan_memcpy_origins+0x13d/0x190 [ 1258.191673] __msan_memcpy+0x6f/0x80 [ 1258.191673] pskb_expand_head+0x436/0x1d20 [ 1258.191673] skb_shift+0xce2/0x2d10 [ 1258.191673] tcp_sacktag_walk+0x2156/0x29d0 [ 1258.191673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1258.191673] tcp_ack+0x2888/0xa010 [ 1258.191673] tcp_rcv_established+0xf7e/0x2940 [ 1258.191673] tcp_v4_do_rcv+0x686/0xd80 [ 1258.191673] tcp_v4_rcv+0x5a13/0x6520 [ 1258.191673] ip_local_deliver_finish+0x8d8/0xff0 [ 1258.191673] ip_local_deliver+0x44b/0x510 [ 1258.191673] ip_rcv+0x6b6/0x740 [ 1258.191673] process_backlog+0x82b/0x11e0 [ 1258.191673] net_rx_action+0x98f/0x1d50 [ 1258.191673] __do_softirq+0x721/0xc7f [ 1258.191673] [ 1258.191673] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1258.191673] Variable was created at: [ 1258.191673] ipv4_conntrack_local+0x75/0x470 [ 1258.191673] nf_hook_slow+0x15c/0x3d0 [ 1259.355790] not chained 5660000 origins [ 1259.359810] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1259.364476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1259.369578] Call Trace: [ 1259.377813] dump_stack+0x32d/0x480 [ 1259.377813] kmsan_internal_chain_origin+0x222/0x240 [ 1259.377813] ? kmsan_set_origin+0x7f/0x100 [ 1259.377813] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1259.377813] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1259.377813] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1259.377813] ? in_task_stack+0x12c/0x210 [ 1259.377813] ? task_kmsan_context_state+0x51/0x90 [ 1259.377813] ? __msan_get_context_state+0x9/0x20 [ 1259.377813] ? __kernel_text_address+0x19/0x350 [ 1259.377813] ? ret_from_fork+0x35/0x40 [ 1259.377813] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1259.377813] ? in_task_stack+0x12c/0x210 [ 1259.377813] __msan_chain_origin+0x6d/0xb0 [ 1259.377813] ? kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] __save_stack_trace+0x8be/0xc60 [ 1259.377813] ? kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] save_stack_trace+0xc6/0x110 [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] ? run_ksoftirqd+0x37/0x60 [ 1259.377813] ? kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] ? kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] ? __msan_memcpy+0x6f/0x80 [ 1259.377813] ? pskb_expand_head+0x436/0x1d20 [ 1259.377813] ? skb_shift+0xce2/0x2d10 [ 1259.377813] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] ? tcp_ack+0x2888/0xa010 [ 1259.377813] ? tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] ? tcp_v4_do_rcv+0x686/0xd80 [ 1259.377813] ? tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ? ip_local_deliver+0x44b/0x510 [ 1259.377813] ? ip_rcv+0x6b6/0x740 [ 1259.377813] ? process_backlog+0x82b/0x11e0 [ 1259.377813] ? net_rx_action+0x98f/0x1d50 [ 1259.377813] ? __do_softirq+0x721/0xc7f [ 1259.377813] ? run_ksoftirqd+0x37/0x60 [ 1259.377813] ? smpboot_thread_fn+0x69c/0xb30 [ 1259.377813] ? kthread+0x5e7/0x620 [ 1259.377813] ? ret_from_fork+0x35/0x40 [ 1259.377813] ? __msan_get_context_state+0x9/0x20 [ 1259.377813] ? INIT_INT+0xc/0x30 [ 1259.377813] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1259.377813] kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] __msan_memcpy+0x6f/0x80 [ 1259.377813] pskb_expand_head+0x436/0x1d20 [ 1259.377813] skb_shift+0xce2/0x2d10 [ 1259.377813] tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] ? task_scan_max+0x6b0/0x750 [ 1259.377813] tcp_ack+0x2888/0xa010 [ 1259.377813] ? tcp_parse_options+0xbe/0x1cf0 [ 1259.377813] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1259.377813] ? tcp_parse_options+0x1c55/0x1cf0 [ 1259.377813] tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] ? __msan_get_context_state+0x9/0x20 [ 1259.377813] tcp_v4_do_rcv+0x686/0xd80 [ 1259.377813] tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ? tcp_filter+0x260/0x260 [ 1259.377813] ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ? nf_hook_slow+0x36f/0x3d0 [ 1259.377813] ip_local_deliver+0x44b/0x510 [ 1259.377813] ? ip_local_deliver+0x510/0x510 [ 1259.377813] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1259.377813] ip_rcv+0x6b6/0x740 [ 1259.377813] ? ip_rcv_core+0x1370/0x1370 [ 1259.377813] process_backlog+0x82b/0x11e0 [ 1259.377813] ? ip_local_deliver_finish+0xff0/0xff0 [ 1259.377813] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1259.377813] net_rx_action+0x98f/0x1d50 [ 1259.377813] ? net_tx_action+0xf20/0xf20 [ 1259.377813] __do_softirq+0x721/0xc7f [ 1259.377813] ? ksoftirqd_should_run+0x50/0x50 [ 1259.377813] run_ksoftirqd+0x37/0x60 [ 1259.377813] smpboot_thread_fn+0x69c/0xb30 [ 1259.377813] kthread+0x5e7/0x620 [ 1259.377813] ? cpu_report_death+0x4a0/0x4a0 [ 1259.377813] ? INIT_BOOL+0x30/0x30 [ 1259.377813] ret_from_fork+0x35/0x40 [ 1259.377813] Uninit was stored to memory at: [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] __msan_chain_origin+0x6d/0xb0 [ 1259.377813] __save_stack_trace+0x8be/0xc60 [ 1259.377813] save_stack_trace+0xc6/0x110 [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] __msan_memcpy+0x6f/0x80 [ 1259.377813] pskb_expand_head+0x436/0x1d20 [ 1259.377813] skb_shift+0xce2/0x2d10 [ 1259.377813] tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] tcp_ack+0x2888/0xa010 [ 1259.377813] tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] tcp_v4_do_rcv+0x686/0xd80 [ 1259.377813] tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ip_local_deliver+0x44b/0x510 [ 1259.377813] ip_rcv+0x6b6/0x740 [ 1259.377813] process_backlog+0x82b/0x11e0 [ 1259.377813] net_rx_action+0x98f/0x1d50 [ 1259.377813] __do_softirq+0x721/0xc7f [ 1259.377813] [ 1259.377813] Uninit was stored to memory at: [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] __msan_chain_origin+0x6d/0xb0 [ 1259.377813] __save_stack_trace+0x8be/0xc60 [ 1259.377813] save_stack_trace+0xc6/0x110 [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] __msan_memcpy+0x6f/0x80 [ 1259.377813] pskb_expand_head+0x436/0x1d20 [ 1259.377813] skb_shift+0xce2/0x2d10 [ 1259.377813] tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] tcp_ack+0x2888/0xa010 [ 1259.377813] tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] tcp_v4_do_rcv+0x686/0xd80 [ 1259.377813] tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ip_local_deliver+0x44b/0x510 [ 1259.377813] ip_rcv+0x6b6/0x740 [ 1259.377813] process_backlog+0x82b/0x11e0 [ 1259.377813] net_rx_action+0x98f/0x1d50 [ 1259.377813] __do_softirq+0x721/0xc7f [ 1259.377813] [ 1259.377813] Uninit was stored to memory at: [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] __msan_chain_origin+0x6d/0xb0 [ 1259.377813] __save_stack_trace+0x8be/0xc60 [ 1259.377813] save_stack_trace+0xc6/0x110 [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] __msan_memcpy+0x6f/0x80 [ 1259.377813] pskb_expand_head+0x436/0x1d20 [ 1259.377813] skb_shift+0xce2/0x2d10 [ 1259.377813] tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] tcp_ack+0x2888/0xa010 [ 1259.377813] tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] tcp_v4_do_rcv+0x686/0xd80 [ 1259.377813] tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ip_local_deliver+0x44b/0x510 [ 1259.377813] ip_rcv+0x6b6/0x740 [ 1259.377813] process_backlog+0x82b/0x11e0 [ 1259.377813] net_rx_action+0x98f/0x1d50 [ 1259.377813] __do_softirq+0x721/0xc7f [ 1259.377813] [ 1259.377813] Uninit was stored to memory at: [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] __msan_chain_origin+0x6d/0xb0 [ 1259.377813] __save_stack_trace+0x8be/0xc60 [ 1259.377813] save_stack_trace+0xc6/0x110 [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] __msan_memcpy+0x6f/0x80 [ 1259.377813] pskb_expand_head+0x436/0x1d20 [ 1259.377813] skb_shift+0xce2/0x2d10 [ 1259.377813] tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] tcp_ack+0x2888/0xa010 [ 1259.377813] tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] tcp_v4_do_rcv+0x686/0xd80 [ 1259.377813] tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ip_local_deliver+0x44b/0x510 [ 1259.377813] ip_rcv+0x6b6/0x740 [ 1259.377813] process_backlog+0x82b/0x11e0 [ 1259.377813] net_rx_action+0x98f/0x1d50 [ 1259.377813] __do_softirq+0x721/0xc7f [ 1259.377813] [ 1259.377813] Uninit was stored to memory at: [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] __msan_chain_origin+0x6d/0xb0 [ 1259.377813] __save_stack_trace+0x8be/0xc60 [ 1259.377813] save_stack_trace+0xc6/0x110 [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] __msan_memcpy+0x6f/0x80 [ 1259.377813] pskb_expand_head+0x436/0x1d20 [ 1259.377813] skb_shift+0xce2/0x2d10 [ 1259.377813] tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] tcp_ack+0x2888/0xa010 [ 1259.377813] tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] tcp_v4_do_rcv+0x686/0xd80 [ 1259.377813] tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ip_local_deliver+0x44b/0x510 [ 1259.377813] ip_rcv+0x6b6/0x740 [ 1259.377813] process_backlog+0x82b/0x11e0 [ 1259.377813] net_rx_action+0x98f/0x1d50 [ 1259.377813] __do_softirq+0x721/0xc7f [ 1259.377813] [ 1259.377813] Uninit was stored to memory at: [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] __msan_chain_origin+0x6d/0xb0 [ 1259.377813] __save_stack_trace+0x8be/0xc60 [ 1259.377813] save_stack_trace+0xc6/0x110 [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] __msan_memcpy+0x6f/0x80 [ 1259.377813] pskb_expand_head+0x436/0x1d20 [ 1259.377813] skb_shift+0xce2/0x2d10 [ 1259.377813] tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] tcp_ack+0x2888/0xa010 [ 1259.377813] tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] tcp_v4_do_rcv+0x686/0xd80 [ 1259.377813] tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ip_local_deliver+0x44b/0x510 [ 1259.377813] ip_rcv+0x6b6/0x740 [ 1259.377813] process_backlog+0x82b/0x11e0 [ 1259.377813] net_rx_action+0x98f/0x1d50 [ 1259.377813] __do_softirq+0x721/0xc7f [ 1259.377813] [ 1259.377813] Uninit was stored to memory at: [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] __msan_chain_origin+0x6d/0xb0 [ 1259.377813] __save_stack_trace+0x8be/0xc60 [ 1259.377813] save_stack_trace+0xc6/0x110 [ 1259.377813] kmsan_internal_chain_origin+0x136/0x240 [ 1259.377813] kmsan_memcpy_origins+0x13d/0x190 [ 1259.377813] __msan_memcpy+0x6f/0x80 [ 1259.377813] pskb_expand_head+0x436/0x1d20 [ 1259.377813] skb_shift+0xce2/0x2d10 [ 1259.377813] tcp_sacktag_walk+0x2156/0x29d0 [ 1259.377813] tcp_sacktag_write_queue+0x2805/0x4630 [ 1259.377813] tcp_ack+0x2888/0xa010 [ 1259.377813] tcp_rcv_established+0xf7e/0x2940 [ 1259.377813] tcp_v4_do_rcv+0x686/0xd80 14:18:16 executing program 1: 14:18:17 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(r0, &(0x7f0000000100), 0x8d) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:17 executing program 1: [ 1259.377813] tcp_v4_rcv+0x5a13/0x6520 [ 1259.377813] ip_local_deliver_finish+0x8d8/0xff0 [ 1259.377813] ip_local_deliver+0x44b/0x510 [ 1259.377813] ip_rcv+0x6b6/0x740 [ 1259.377813] process_backlog+0x82b/0x11e0 [ 1259.377813] net_rx_action+0x98f/0x1d50 [ 1259.377813] __do_softirq+0x721/0xc7f [ 1259.377813] [ 1259.377813] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1259.377813] Variable was created at: [ 1259.377813] ipv4_conntrack_local+0x75/0x470 [ 1259.377813] nf_hook_slow+0x15c/0x3d0 14:18:17 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)={0x0, @aes256, 0x1, "456006df29f742f1"}) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:17 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB], 0xb, 0x100000000000) 14:18:17 executing program 1: syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000180)={0x0, 0x2710}, 0xfffffffffffffda5) [ 1261.036008] not chained 5670000 origins [ 1261.040044] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1261.041669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1261.041669] Call Trace: [ 1261.041669] dump_stack+0x32d/0x480 [ 1261.041669] kmsan_internal_chain_origin+0x222/0x240 [ 1261.041669] ? kmsan_set_origin+0x7f/0x100 [ 1261.041669] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1261.041669] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1261.041669] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1261.041669] ? in_task_stack+0x12c/0x210 [ 1261.041669] ? task_kmsan_context_state+0x51/0x90 [ 1261.041669] ? __msan_get_context_state+0x9/0x20 [ 1261.041669] ? __kernel_text_address+0x19/0x350 [ 1261.041669] ? ret_from_fork+0x35/0x40 [ 1261.041669] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1261.111775] ? in_task_stack+0x12c/0x210 [ 1261.111775] __msan_chain_origin+0x6d/0xb0 [ 1261.111775] ? __do_softirq+0x721/0xc7f [ 1261.111775] __save_stack_trace+0x8be/0xc60 [ 1261.111775] ? __do_softirq+0x721/0xc7f [ 1261.111775] save_stack_trace+0xc6/0x110 [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] ? run_ksoftirqd+0x37/0x60 [ 1261.111775] ? kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] ? kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] ? __msan_memcpy+0x6f/0x80 [ 1261.111775] ? pskb_expand_head+0x436/0x1d20 [ 1261.111775] ? skb_shift+0xce2/0x2d10 [ 1261.111775] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] ? tcp_ack+0x2888/0xa010 [ 1261.111775] ? tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] ? tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] ? tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ? ip_local_deliver+0x44b/0x510 [ 1261.111775] ? ip_rcv+0x6b6/0x740 [ 1261.111775] ? process_backlog+0x82b/0x11e0 [ 1261.111775] ? net_rx_action+0x98f/0x1d50 [ 1261.111775] ? __do_softirq+0x721/0xc7f [ 1261.111775] ? run_ksoftirqd+0x37/0x60 [ 1261.111775] ? smpboot_thread_fn+0x69c/0xb30 [ 1261.111775] ? kthread+0x5e7/0x620 [ 1261.111775] ? ret_from_fork+0x35/0x40 [ 1261.111775] ? __msan_get_context_state+0x9/0x20 [ 1261.111775] ? INIT_INT+0xc/0x30 [ 1261.111775] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1261.111775] kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] __msan_memcpy+0x6f/0x80 [ 1261.111775] pskb_expand_head+0x436/0x1d20 [ 1261.111775] skb_shift+0xce2/0x2d10 [ 1261.111775] tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] tcp_ack+0x2888/0xa010 [ 1261.111775] ? tcp_parse_options+0xbe/0x1cf0 [ 1261.111775] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1261.111775] ? tcp_parse_options+0x1c55/0x1cf0 [ 1261.111775] tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] ? __msan_get_context_state+0x9/0x20 [ 1261.111775] tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ? tcp_filter+0x260/0x260 [ 1261.111775] ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ? nf_hook_slow+0x36f/0x3d0 [ 1261.111775] ip_local_deliver+0x44b/0x510 [ 1261.111775] ? ip_local_deliver+0x510/0x510 [ 1261.111775] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1261.111775] ip_rcv+0x6b6/0x740 [ 1261.111775] ? ip_rcv_core+0x1370/0x1370 [ 1261.111775] process_backlog+0x82b/0x11e0 [ 1261.111775] ? ip_local_deliver_finish+0xff0/0xff0 [ 1261.111775] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1261.111775] net_rx_action+0x98f/0x1d50 [ 1261.111775] ? net_tx_action+0xf20/0xf20 [ 1261.111775] __do_softirq+0x721/0xc7f [ 1261.111775] ? ksoftirqd_should_run+0x50/0x50 [ 1261.111775] run_ksoftirqd+0x37/0x60 [ 1261.111775] smpboot_thread_fn+0x69c/0xb30 [ 1261.111775] kthread+0x5e7/0x620 [ 1261.111775] ? cpu_report_death+0x4a0/0x4a0 [ 1261.111775] ? INIT_BOOL+0x30/0x30 [ 1261.111775] ret_from_fork+0x35/0x40 [ 1261.111775] Uninit was stored to memory at: [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] __msan_chain_origin+0x6d/0xb0 [ 1261.111775] __save_stack_trace+0x8be/0xc60 [ 1261.111775] save_stack_trace+0xc6/0x110 [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] __msan_memcpy+0x6f/0x80 [ 1261.111775] pskb_expand_head+0x436/0x1d20 [ 1261.111775] skb_shift+0xce2/0x2d10 [ 1261.111775] tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] tcp_ack+0x2888/0xa010 [ 1261.111775] tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ip_local_deliver+0x44b/0x510 [ 1261.111775] ip_rcv+0x6b6/0x740 [ 1261.111775] process_backlog+0x82b/0x11e0 [ 1261.111775] net_rx_action+0x98f/0x1d50 [ 1261.111775] __do_softirq+0x721/0xc7f [ 1261.111775] [ 1261.111775] Uninit was stored to memory at: [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] __msan_chain_origin+0x6d/0xb0 [ 1261.111775] __save_stack_trace+0x8be/0xc60 [ 1261.111775] save_stack_trace+0xc6/0x110 [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] __msan_memcpy+0x6f/0x80 [ 1261.111775] pskb_expand_head+0x436/0x1d20 [ 1261.111775] skb_shift+0xce2/0x2d10 [ 1261.111775] tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] tcp_ack+0x2888/0xa010 [ 1261.111775] tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ip_local_deliver+0x44b/0x510 [ 1261.111775] ip_rcv+0x6b6/0x740 [ 1261.111775] process_backlog+0x82b/0x11e0 [ 1261.111775] net_rx_action+0x98f/0x1d50 [ 1261.111775] __do_softirq+0x721/0xc7f [ 1261.111775] [ 1261.111775] Uninit was stored to memory at: [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] __msan_chain_origin+0x6d/0xb0 [ 1261.111775] __save_stack_trace+0x8be/0xc60 [ 1261.111775] save_stack_trace+0xc6/0x110 [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] __msan_memcpy+0x6f/0x80 [ 1261.111775] pskb_expand_head+0x436/0x1d20 [ 1261.111775] skb_shift+0xce2/0x2d10 [ 1261.111775] tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] tcp_ack+0x2888/0xa010 [ 1261.111775] tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ip_local_deliver+0x44b/0x510 [ 1261.111775] ip_rcv+0x6b6/0x740 [ 1261.111775] process_backlog+0x82b/0x11e0 [ 1261.111775] net_rx_action+0x98f/0x1d50 [ 1261.111775] __do_softirq+0x721/0xc7f [ 1261.111775] [ 1261.111775] Uninit was stored to memory at: [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] __msan_chain_origin+0x6d/0xb0 [ 1261.111775] __save_stack_trace+0x8be/0xc60 [ 1261.111775] save_stack_trace+0xc6/0x110 [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] __msan_memcpy+0x6f/0x80 [ 1261.111775] pskb_expand_head+0x436/0x1d20 [ 1261.111775] skb_shift+0xce2/0x2d10 [ 1261.111775] tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] tcp_ack+0x2888/0xa010 [ 1261.111775] tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ip_local_deliver+0x44b/0x510 [ 1261.111775] ip_rcv+0x6b6/0x740 [ 1261.111775] process_backlog+0x82b/0x11e0 [ 1261.111775] net_rx_action+0x98f/0x1d50 [ 1261.111775] __do_softirq+0x721/0xc7f [ 1261.111775] [ 1261.111775] Uninit was stored to memory at: [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] __msan_chain_origin+0x6d/0xb0 [ 1261.111775] __save_stack_trace+0x8be/0xc60 [ 1261.111775] save_stack_trace+0xc6/0x110 [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] __msan_memcpy+0x6f/0x80 [ 1261.111775] pskb_expand_head+0x436/0x1d20 [ 1261.111775] skb_shift+0xce2/0x2d10 [ 1261.111775] tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] tcp_ack+0x2888/0xa010 [ 1261.111775] tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ip_local_deliver+0x44b/0x510 [ 1261.111775] ip_rcv+0x6b6/0x740 [ 1261.111775] process_backlog+0x82b/0x11e0 [ 1261.111775] net_rx_action+0x98f/0x1d50 [ 1261.111775] __do_softirq+0x721/0xc7f [ 1261.111775] [ 1261.111775] Uninit was stored to memory at: [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] __msan_chain_origin+0x6d/0xb0 [ 1261.111775] __save_stack_trace+0x8be/0xc60 [ 1261.111775] save_stack_trace+0xc6/0x110 [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] __msan_memcpy+0x6f/0x80 [ 1261.111775] pskb_expand_head+0x436/0x1d20 [ 1261.111775] skb_shift+0xce2/0x2d10 [ 1261.111775] tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] tcp_ack+0x2888/0xa010 [ 1261.111775] tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ip_local_deliver+0x44b/0x510 [ 1261.111775] ip_rcv+0x6b6/0x740 [ 1261.111775] process_backlog+0x82b/0x11e0 [ 1261.111775] net_rx_action+0x98f/0x1d50 [ 1261.111775] __do_softirq+0x721/0xc7f [ 1261.111775] [ 1261.111775] Uninit was stored to memory at: [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] __msan_chain_origin+0x6d/0xb0 [ 1261.111775] __save_stack_trace+0x8be/0xc60 [ 1261.111775] save_stack_trace+0xc6/0x110 [ 1261.111775] kmsan_internal_chain_origin+0x136/0x240 [ 1261.111775] kmsan_memcpy_origins+0x13d/0x190 [ 1261.111775] __msan_memcpy+0x6f/0x80 [ 1261.111775] pskb_expand_head+0x436/0x1d20 [ 1261.111775] skb_shift+0xce2/0x2d10 [ 1261.111775] tcp_sacktag_walk+0x2156/0x29d0 [ 1261.111775] tcp_sacktag_write_queue+0x2805/0x4630 [ 1261.111775] tcp_ack+0x2888/0xa010 [ 1261.111775] tcp_rcv_established+0xf7e/0x2940 [ 1261.111775] tcp_v4_do_rcv+0x686/0xd80 [ 1261.111775] tcp_v4_rcv+0x5a13/0x6520 [ 1261.111775] ip_local_deliver_finish+0x8d8/0xff0 [ 1261.111775] ip_local_deliver+0x44b/0x510 [ 1261.111775] ip_rcv+0x6b6/0x740 [ 1261.111775] process_backlog+0x82b/0x11e0 [ 1261.111775] net_rx_action+0x98f/0x1d50 [ 1261.111775] __do_softirq+0x721/0xc7f [ 1261.111775] [ 1261.111775] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1261.111775] Variable was created at: [ 1261.111775] ipv4_conntrack_local+0x75/0x470 [ 1261.111775] nf_hook_slow+0x15c/0x3d0 14:18:19 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:19 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:19 executing program 1: syz_execute_func(&(0x7f0000000280)="3666440f50f564ff0941c366440f56c9c4c27d794e0066420fe2e3f347aac442019dccd3196f") r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x2, 0x0) pwrite64(r0, &(0x7f0000000040)="12f5fccc391c7e0461010038cb510ece10fc72e820b843a2d084a7afacee19259a36e712744e974c3155f6d24853019b711ab5506f90acc2753cc95d37724cf618ae4d93f9189426e044e50fd05ba84e452bd840b6366c8eef5a35f30000000000000005a87a1676bf6be658e8000000", 0x70, 0x0) 14:18:19 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x9, 0x400) ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000080)) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:19 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYRES16, @ANYBLOB], 0xa, 0x100000000000) 14:18:19 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000001300)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0xd, 0x76, &(0x7f00000000c0)=""/118}, &(0x7f0000000200)="9a4757c4e674", &(0x7f0000000300)=""/4096, 0x0, 0x0, 0x0, &(0x7f0000000140)}) 14:18:19 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYRES32, @ANYBLOB], 0x9, 0x100000000000) 14:18:19 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:19 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") capset(&(0x7f0000001000)={0x19980330}, &(0x7f0000001040)) r1 = memfd_create(&(0x7f0000000400)='\x00', 0x0) fgetxattr(r1, &(0x7f0000000180)=@known='security.selinux\x00', &(0x7f0000001040)=""/4096, 0x12b8) 14:18:20 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x2000, 0x0) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000380)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x5c, r2, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}, @FOU_ATTR_TYPE={0x8, 0x4, 0x3}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x8}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e20}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e20}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e21}, @FOU_ATTR_AF={0x8, 0x2, 0xa}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4005}, 0x800) r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7, 0x0) ioctl$UI_SET_SNDBIT(r3, 0x4004556a, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:20 executing program 1: syz_execute_func(&(0x7f0000000280)="3666440f50f564ff0941c366440f56c9c4c27d794e0066420fe2e3f347aac442019dccd3196f") r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x1, 0x0) r1 = dup(r0) write$P9_RREAD(r1, &(0x7f0000000140)={0xb}, 0xb) 14:18:20 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYBLOB], 0x8, 0x100000000000) 14:18:20 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:20 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x128c4baf, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) r1 = getuid() ioprio_set$uid(0x3, r1, 0x3f) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x1, 0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:20 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:20 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="040002000000000008000100", @ANYBLOB], 0x8, 0x100000000000) [ 1263.889647] not chained 5680000 origins [ 1263.891675] CPU: 1 PID: 19358 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #85 [ 1263.891675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1263.891675] Call Trace: [ 1263.910589] [ 1263.910589] dump_stack+0x32d/0x480 [ 1263.910589] kmsan_internal_chain_origin+0x222/0x240 [ 1263.910589] ? INIT_BOOL+0xc/0x30 [ 1263.910589] ? do_raw_spin_lock+0x2c3/0x410 [ 1263.910589] ? __msan_metadata_ptr_for_load_8+0x10/0x20 14:18:21 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1263.910589] ? __module_address+0x6a/0x5f0 [ 1263.910589] ? is_bpf_text_address+0x3e5/0x4d0 [ 1263.910589] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1263.949002] ? is_bpf_text_address+0x49e/0x4d0 [ 1263.949002] ? kmsan_internal_chain_origin+0x90/0x240 [ 1263.958260] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1263.958260] ? is_bpf_text_address+0x49e/0x4d0 [ 1263.958260] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1263.958260] __msan_chain_origin+0x6d/0xb0 [ 1263.958260] ? tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] __save_stack_trace+0x8be/0xc60 [ 1263.958260] ? tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] save_stack_trace+0xc6/0x110 [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] ? irq_exit+0x305/0x340 [ 1263.958260] ? kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] ? kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] ? __msan_memcpy+0x6f/0x80 [ 1263.958260] ? pskb_expand_head+0x436/0x1d20 [ 1263.958260] ? skb_shift+0xce2/0x2d10 [ 1263.958260] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] ? tcp_ack+0x2888/0xa010 [ 1263.958260] ? tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] ? tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] ? tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1263.958260] ? ip_local_deliver+0x44b/0x510 [ 1263.958260] ? ip_rcv+0x6b6/0x740 [ 1263.958260] ? process_backlog+0x82b/0x11e0 [ 1263.958260] ? net_rx_action+0x98f/0x1d50 [ 1263.958260] ? __do_softirq+0x721/0xc7f [ 1263.958260] ? irq_exit+0x305/0x340 [ 1263.958260] ? exiting_irq+0xe/0x10 [ 1263.958260] ? smp_apic_timer_interrupt+0x64/0x90 [ 1263.958260] ? apic_timer_interrupt+0xf/0x20 [ 1263.958260] ? finish_lock_switch+0x2b/0x40 [ 1263.958260] ? finish_task_switch+0x17e/0x410 [ 1263.958260] ? __schedule+0x8a8/0xa60 [ 1263.958260] ? schedule+0x1db/0x320 [ 1263.958260] ? prepare_exit_to_usermode+0x222/0x4c0 [ 1263.958260] ? syscall_return_slowpath+0xed/0x730 [ 1263.958260] ? do_syscall_64+0xf5/0x110 [ 1263.958260] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1263.958260] ? __msan_get_context_state+0x9/0x20 [ 1263.958260] ? INIT_INT+0xc/0x30 [ 1263.958260] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1263.958260] kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] __msan_memcpy+0x6f/0x80 [ 1263.958260] pskb_expand_head+0x436/0x1d20 [ 1263.958260] skb_shift+0xce2/0x2d10 [ 1263.958260] tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] tcp_ack+0x2888/0xa010 [ 1263.958260] ? tcp_parse_options+0xbe/0x1cf0 [ 1263.958260] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1263.958260] ? tcp_parse_options+0x1c55/0x1cf0 [ 1263.958260] tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] ? __msan_get_context_state+0x9/0x20 [ 1263.958260] tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ? tcp_filter+0x260/0x260 [ 1263.958260] ip_local_deliver_finish+0x8d8/0xff0 [ 1263.958260] ? nf_hook_slow+0x36f/0x3d0 [ 1263.958260] ip_local_deliver+0x44b/0x510 [ 1263.958260] ? ip_local_deliver+0x510/0x510 [ 1263.958260] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1263.958260] ip_rcv+0x6b6/0x740 [ 1263.958260] ? ip_rcv_core+0x1370/0x1370 [ 1263.958260] process_backlog+0x82b/0x11e0 [ 1263.958260] ? ip_local_deliver_finish+0xff0/0xff0 [ 1263.958260] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1263.958260] net_rx_action+0x98f/0x1d50 [ 1263.958260] ? net_tx_action+0xf20/0xf20 [ 1263.958260] __do_softirq+0x721/0xc7f [ 1263.958260] irq_exit+0x305/0x340 [ 1263.958260] exiting_irq+0xe/0x10 [ 1263.958260] smp_apic_timer_interrupt+0x64/0x90 [ 1263.958260] apic_timer_interrupt+0xf/0x20 [ 1263.958260] [ 1263.958260] RIP: 0010:finish_lock_switch+0x2b/0x40 [ 1263.958260] Code: 48 89 e5 53 48 89 fb e8 03 ed 9b 00 8b b8 88 0c 00 00 48 8b 00 48 85 c0 75 12 48 89 df e8 6d e2 9b 00 c6 00 00 c6 03 00 fb 5b <5d> c3 e8 1e ec 9b 00 eb e7 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 [ 1263.958260] RSP: 0018:ffff8880a953fce8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 1263.958260] RAX: ffff8881dc3b8b80 RBX: ffff8881cda73c00 RCX: ffff8881dc3b8b80 [ 1263.958260] RDX: ffff8881dc3b9b80 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 1263.958260] RBP: ffff8880a953fce8 R08: ffff888000000000 R09: 0000000000000002 [ 1263.958260] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888118e93c00 [ 1263.958260] R13: ffff88821fdb8510 R14: ffff888118e94588 R15: ffff88821fdb7b80 [ 1263.958260] finish_task_switch+0x17e/0x410 [ 1263.958260] __schedule+0x8a8/0xa60 [ 1263.958260] schedule+0x1db/0x320 [ 1263.958260] prepare_exit_to_usermode+0x222/0x4c0 [ 1263.958260] syscall_return_slowpath+0xed/0x730 [ 1263.958260] ? __se_sys_openat+0xcb/0xe0 [ 1263.958260] do_syscall_64+0xf5/0x110 [ 1263.958260] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1263.958260] RIP: 0033:0x457569 [ 1263.958260] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1263.958260] RSP: 002b:00007f696f06ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1263.958260] RAX: 0000000000000006 RBX: 0000000000000004 RCX: 0000000000457569 [ 1263.958260] RDX: 0000000000000000 RSI: 0000000020000100 RDI: ffffffffffffff9c [ 1263.958260] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1263.958260] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f696f06b6d4 [ 1263.958260] R13: 00000000004c2ea8 R14: 00000000004d4908 R15: 00000000ffffffff [ 1263.958260] Uninit was stored to memory at: [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] __msan_chain_origin+0x6d/0xb0 [ 1263.958260] __save_stack_trace+0x8be/0xc60 [ 1263.958260] save_stack_trace+0xc6/0x110 [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] __msan_memcpy+0x6f/0x80 [ 1263.958260] pskb_expand_head+0x436/0x1d20 [ 1263.958260] skb_shift+0xce2/0x2d10 [ 1263.958260] tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] tcp_ack+0x2888/0xa010 [ 1263.958260] tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ip_local_deliver_finish+0x8d8/0xff0 [ 1263.958260] ip_local_deliver+0x44b/0x510 [ 1263.958260] ip_rcv+0x6b6/0x740 [ 1263.958260] process_backlog+0x82b/0x11e0 [ 1263.958260] net_rx_action+0x98f/0x1d50 [ 1263.958260] __do_softirq+0x721/0xc7f [ 1263.958260] [ 1263.958260] Uninit was stored to memory at: [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] __msan_chain_origin+0x6d/0xb0 [ 1263.958260] __save_stack_trace+0x8be/0xc60 [ 1263.958260] save_stack_trace+0xc6/0x110 [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] __msan_memcpy+0x6f/0x80 [ 1263.958260] pskb_expand_head+0x436/0x1d20 [ 1263.958260] skb_shift+0xce2/0x2d10 [ 1263.958260] tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] tcp_ack+0x2888/0xa010 [ 1263.958260] tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ip_local_deliver_finish+0x8d8/0xff0 [ 1263.958260] ip_local_deliver+0x44b/0x510 [ 1263.958260] ip_rcv+0x6b6/0x740 [ 1263.958260] process_backlog+0x82b/0x11e0 [ 1263.958260] net_rx_action+0x98f/0x1d50 [ 1263.958260] __do_softirq+0x721/0xc7f [ 1263.958260] [ 1263.958260] Uninit was stored to memory at: [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] __msan_chain_origin+0x6d/0xb0 [ 1263.958260] __save_stack_trace+0x8be/0xc60 [ 1263.958260] save_stack_trace+0xc6/0x110 [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] __msan_memcpy+0x6f/0x80 [ 1263.958260] pskb_expand_head+0x436/0x1d20 [ 1263.958260] skb_shift+0xce2/0x2d10 [ 1263.958260] tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] tcp_ack+0x2888/0xa010 [ 1263.958260] tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ip_local_deliver_finish+0x8d8/0xff0 [ 1263.958260] ip_local_deliver+0x44b/0x510 [ 1263.958260] ip_rcv+0x6b6/0x740 [ 1263.958260] process_backlog+0x82b/0x11e0 [ 1263.958260] net_rx_action+0x98f/0x1d50 [ 1263.958260] __do_softirq+0x721/0xc7f [ 1263.958260] [ 1263.958260] Uninit was stored to memory at: [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] __msan_chain_origin+0x6d/0xb0 [ 1263.958260] __save_stack_trace+0x8be/0xc60 [ 1263.958260] save_stack_trace+0xc6/0x110 [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] __msan_memcpy+0x6f/0x80 [ 1263.958260] pskb_expand_head+0x436/0x1d20 [ 1263.958260] skb_shift+0xce2/0x2d10 [ 1263.958260] tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] tcp_ack+0x2888/0xa010 [ 1263.958260] tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ip_local_deliver_finish+0x8d8/0xff0 [ 1263.958260] ip_local_deliver+0x44b/0x510 [ 1263.958260] ip_rcv+0x6b6/0x740 [ 1263.958260] process_backlog+0x82b/0x11e0 [ 1263.958260] net_rx_action+0x98f/0x1d50 [ 1263.958260] __do_softirq+0x721/0xc7f [ 1263.958260] [ 1263.958260] Uninit was stored to memory at: [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] __msan_chain_origin+0x6d/0xb0 [ 1263.958260] __save_stack_trace+0x8be/0xc60 [ 1263.958260] save_stack_trace+0xc6/0x110 [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] __msan_memcpy+0x6f/0x80 [ 1263.958260] pskb_expand_head+0x436/0x1d20 [ 1263.958260] skb_shift+0xce2/0x2d10 [ 1263.958260] tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] tcp_ack+0x2888/0xa010 [ 1263.958260] tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ip_local_deliver_finish+0x8d8/0xff0 [ 1263.958260] ip_local_deliver+0x44b/0x510 [ 1263.958260] ip_rcv+0x6b6/0x740 [ 1263.958260] process_backlog+0x82b/0x11e0 [ 1263.958260] net_rx_action+0x98f/0x1d50 [ 1263.958260] __do_softirq+0x721/0xc7f [ 1263.958260] [ 1263.958260] Uninit was stored to memory at: [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] __msan_chain_origin+0x6d/0xb0 [ 1263.958260] __save_stack_trace+0x8be/0xc60 [ 1263.958260] save_stack_trace+0xc6/0x110 [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] __msan_memcpy+0x6f/0x80 [ 1263.958260] pskb_expand_head+0x436/0x1d20 [ 1263.958260] skb_shift+0xce2/0x2d10 [ 1263.958260] tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] tcp_ack+0x2888/0xa010 [ 1263.958260] tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ip_local_deliver_finish+0x8d8/0xff0 [ 1263.958260] ip_local_deliver+0x44b/0x510 [ 1263.958260] ip_rcv+0x6b6/0x740 [ 1263.958260] process_backlog+0x82b/0x11e0 [ 1263.958260] net_rx_action+0x98f/0x1d50 [ 1263.958260] __do_softirq+0x721/0xc7f [ 1263.958260] [ 1263.958260] Uninit was stored to memory at: [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] __msan_chain_origin+0x6d/0xb0 [ 1263.958260] __save_stack_trace+0x8be/0xc60 [ 1263.958260] save_stack_trace+0xc6/0x110 [ 1263.958260] kmsan_internal_chain_origin+0x136/0x240 [ 1263.958260] kmsan_memcpy_origins+0x13d/0x190 [ 1263.958260] __msan_memcpy+0x6f/0x80 [ 1263.958260] pskb_expand_head+0x436/0x1d20 [ 1263.958260] skb_shift+0xce2/0x2d10 [ 1263.958260] tcp_sacktag_walk+0x2156/0x29d0 [ 1263.958260] tcp_sacktag_write_queue+0x2805/0x4630 [ 1263.958260] tcp_ack+0x2888/0xa010 [ 1263.958260] tcp_rcv_established+0xf7e/0x2940 [ 1263.958260] tcp_v4_do_rcv+0x686/0xd80 [ 1263.958260] tcp_v4_rcv+0x5a13/0x6520 [ 1263.958260] ip_local_deliver_finish+0x8d8/0xff0 14:18:22 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/dlm_plock\x00', 0x20880, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000400)={0x7f, @rand_addr=0x5, 0x4e22, 0x4, 'wrr\x00', 0x2, 0x81, 0x60}, 0x2c) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x100) ioctl$KDDELIO(r2, 0x4b35, 0x40) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1263.958260] ip_local_deliver+0x44b/0x510 [ 1263.958260] ip_rcv+0x6b6/0x740 [ 1263.958260] process_backlog+0x82b/0x11e0 [ 1263.958260] net_rx_action+0x98f/0x1d50 [ 1263.958260] __do_softirq+0x721/0xc7f [ 1263.958260] [ 1263.958260] Local variable description: ----cputime.i@run_posix_cpu_timers [ 1263.958260] Variable was created at: [ 1263.958260] run_posix_cpu_timers+0x7c/0x4720 [ 1263.958260] update_process_times+0x1b0/0x1e0 [ 1265.169745] not chained 5690000 origins [ 1265.171689] CPU: 1 PID: 6760 Comm: syz-fuzzer Not tainted 4.20.0-rc2+ #85 [ 1265.171689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1265.171689] Call Trace: [ 1265.171689] [ 1265.171689] dump_stack+0x32d/0x480 [ 1265.171689] kmsan_internal_chain_origin+0x222/0x240 [ 1265.171689] ? INIT_BOOL+0xc/0x30 [ 1265.171689] ? do_raw_spin_lock+0x2c3/0x410 [ 1265.171689] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1265.171689] ? __module_address+0x6a/0x5f0 [ 1265.171689] ? is_bpf_text_address+0x3e5/0x4d0 [ 1265.171689] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1265.171689] ? is_bpf_text_address+0x49e/0x4d0 [ 1265.171689] ? kmsan_internal_chain_origin+0x90/0x240 [ 1265.171689] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1265.171689] ? is_bpf_text_address+0x49e/0x4d0 [ 1265.171689] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1265.171689] __msan_chain_origin+0x6d/0xb0 [ 1265.171689] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] __save_stack_trace+0x8be/0xc60 [ 1265.171689] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] save_stack_trace+0xc6/0x110 [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] ? irq_exit+0x305/0x340 [ 1265.171689] ? kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] ? kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] ? __msan_memcpy+0x6f/0x80 [ 1265.171689] ? pskb_expand_head+0x436/0x1d20 [ 1265.171689] ? skb_shift+0xce2/0x2d10 [ 1265.171689] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] ? tcp_ack+0x2888/0xa010 [ 1265.171689] ? tcp_rcv_established+0xf7e/0x2940 [ 1265.171689] ? tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] ? tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ? ip_local_deliver+0x44b/0x510 [ 1265.171689] ? ip_rcv+0x6b6/0x740 [ 1265.171689] ? process_backlog+0x82b/0x11e0 [ 1265.171689] ? net_rx_action+0x98f/0x1d50 [ 1265.171689] ? __do_softirq+0x721/0xc7f [ 1265.171689] ? irq_exit+0x305/0x340 [ 1265.171689] ? exiting_irq+0xe/0x10 [ 1265.171689] ? smp_apic_timer_interrupt+0x64/0x90 [ 1265.171689] ? apic_timer_interrupt+0xf/0x20 [ 1265.171689] ? acpi_pm_read+0x31/0x60 [ 1265.171689] ? ktime_get_ts64+0x17f/0x830 [ 1265.171689] ? __se_sys_pselect6+0xb7d/0x1220 [ 1265.171689] ? __x64_sys_pselect6+0x6e/0x90 [ 1265.171689] ? do_syscall_64+0xcf/0x110 [ 1265.171689] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1265.171689] ? __msan_get_context_state+0x9/0x20 [ 1265.171689] ? INIT_INT+0xc/0x30 [ 1265.171689] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1265.171689] kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] __msan_memcpy+0x6f/0x80 [ 1265.171689] pskb_expand_head+0x436/0x1d20 [ 1265.171689] skb_shift+0xce2/0x2d10 [ 1265.171689] tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] tcp_ack+0x2888/0xa010 [ 1265.171689] ? tcp_parse_options+0xbe/0x1cf0 [ 1265.171689] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1265.171689] ? tcp_parse_options+0x1c55/0x1cf0 [ 1265.171689] tcp_rcv_established+0xf7e/0x2940 14:18:22 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1265.171689] ? __msan_get_context_state+0x9/0x20 [ 1265.171689] tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ? tcp_filter+0x260/0x260 [ 1265.171689] ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ? nf_hook_slow+0x36f/0x3d0 [ 1265.171689] ip_local_deliver+0x44b/0x510 [ 1265.171689] ? ip_local_deliver+0x510/0x510 [ 1265.171689] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1265.171689] ip_rcv+0x6b6/0x740 [ 1265.171689] ? ip_rcv_core+0x1370/0x1370 [ 1265.171689] process_backlog+0x82b/0x11e0 [ 1265.171689] ? ip_local_deliver_finish+0xff0/0xff0 [ 1265.171689] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1265.171689] net_rx_action+0x98f/0x1d50 [ 1265.171689] ? net_tx_action+0xf20/0xf20 [ 1265.171689] __do_softirq+0x721/0xc7f [ 1265.171689] irq_exit+0x305/0x340 [ 1265.171689] exiting_irq+0xe/0x10 [ 1265.171689] smp_apic_timer_interrupt+0x64/0x90 [ 1265.171689] apic_timer_interrupt+0xf/0x20 [ 1265.171689] [ 1265.171689] RIP: 0010:acpi_pm_read+0x31/0x60 [ 1265.171689] Code: e8 34 1d d4 f9 48 89 c3 e8 bc 2c 71 f9 44 8b 34 25 10 cd 38 8c 48 c7 c7 10 cd 38 8c e8 f8 12 d4 f9 83 38 00 75 23 44 89 f2 ed <25> ff ff ff 00 48 c7 83 20 03 00 00 00 00 00 00 c7 83 a8 0f 00 00 [ 1265.171689] RSP: 0018:ffff888197f9fc98 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 1265.171689] RAX: 0000000000bf00d2 RBX: ffff8881add00988 RCX: ffff8881fbf8cd10 [ 1265.171689] RDX: 000000000000b008 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 1265.171689] RBP: ffff888197f9fca8 R08: ffff888000000000 R09: 0000000000000002 [ 1265.171689] R10: 0000000000000000 R11: ffffffff88356900 R12: ffffffff8c20ce40 [ 1265.171689] R13: ffffffff88356900 R14: 000000000000b008 R15: 0000000000000000 [ 1265.171689] ? acpi_pm_read_slow+0x100/0x100 [ 1265.171689] ? acpi_pm_read_slow+0x100/0x100 [ 1265.171689] ? acpi_pm_read+0x28/0x60 [ 1265.171689] ktime_get_ts64+0x17f/0x830 [ 1265.171689] ? timespec64_add_safe+0x95/0x370 [ 1265.171689] ? __se_sys_pselect6+0x7ca/0x1220 [ 1265.171689] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1265.171689] ? timespec64_add_safe+0x1dd/0x370 [ 1265.171689] __se_sys_pselect6+0xb7d/0x1220 [ 1265.171689] __x64_sys_pselect6+0x6e/0x90 [ 1265.171689] do_syscall_64+0xcf/0x110 [ 1265.171689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1265.171689] RIP: 0033:0x45d911 [ 1265.171689] Code: 0f 00 f7 f1 48 89 04 24 b8 e8 03 00 00 f7 e2 48 89 44 24 08 31 ff 31 f6 31 d2 45 31 d2 49 89 e0 45 31 c9 b8 0e 01 00 00 0f 05 <48> 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc b8 ba 00 00 00 0f 05 [ 1265.171689] RSP: 002b:000000c420035f18 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 1265.171689] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045d911 [ 1265.171689] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1265.171689] RBP: 000000c420035f28 R08: 000000c420035f18 R09: 0000000000000000 [ 1265.171689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000430120 [ 1265.171689] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000000 [ 1265.171689] Uninit was stored to memory at: [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] __msan_chain_origin+0x6d/0xb0 [ 1265.171689] __save_stack_trace+0x8be/0xc60 [ 1265.171689] save_stack_trace+0xc6/0x110 [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] __msan_memcpy+0x6f/0x80 [ 1265.171689] pskb_expand_head+0x436/0x1d20 [ 1265.171689] skb_shift+0xce2/0x2d10 [ 1265.171689] tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] tcp_ack+0x2888/0xa010 [ 1265.171689] tcp_rcv_established+0xf7e/0x2940 [ 1265.171689] tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ip_local_deliver+0x44b/0x510 [ 1265.171689] ip_rcv+0x6b6/0x740 [ 1265.171689] process_backlog+0x82b/0x11e0 [ 1265.171689] net_rx_action+0x98f/0x1d50 [ 1265.171689] __do_softirq+0x721/0xc7f [ 1265.171689] [ 1265.171689] Uninit was stored to memory at: [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] __msan_chain_origin+0x6d/0xb0 [ 1265.171689] __save_stack_trace+0x8be/0xc60 [ 1265.171689] save_stack_trace+0xc6/0x110 [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] __msan_memcpy+0x6f/0x80 [ 1265.171689] pskb_expand_head+0x436/0x1d20 [ 1265.171689] skb_shift+0xce2/0x2d10 [ 1265.171689] tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] tcp_ack+0x2888/0xa010 [ 1265.171689] tcp_rcv_established+0xf7e/0x2940 [ 1265.171689] tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ip_local_deliver+0x44b/0x510 [ 1265.171689] ip_rcv+0x6b6/0x740 [ 1265.171689] process_backlog+0x82b/0x11e0 [ 1265.171689] net_rx_action+0x98f/0x1d50 [ 1265.171689] __do_softirq+0x721/0xc7f [ 1265.171689] [ 1265.171689] Uninit was stored to memory at: [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] __msan_chain_origin+0x6d/0xb0 [ 1265.171689] __save_stack_trace+0x8be/0xc60 [ 1265.171689] save_stack_trace+0xc6/0x110 [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] __msan_memcpy+0x6f/0x80 [ 1265.171689] pskb_expand_head+0x436/0x1d20 [ 1265.171689] skb_shift+0xce2/0x2d10 [ 1265.171689] tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] tcp_ack+0x2888/0xa010 [ 1265.171689] tcp_rcv_established+0xf7e/0x2940 [ 1265.171689] tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ip_local_deliver+0x44b/0x510 [ 1265.171689] ip_rcv+0x6b6/0x740 [ 1265.171689] process_backlog+0x82b/0x11e0 [ 1265.171689] net_rx_action+0x98f/0x1d50 [ 1265.171689] __do_softirq+0x721/0xc7f [ 1265.171689] [ 1265.171689] Uninit was stored to memory at: [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] __msan_chain_origin+0x6d/0xb0 [ 1265.171689] __save_stack_trace+0x8be/0xc60 [ 1265.171689] save_stack_trace+0xc6/0x110 [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] __msan_memcpy+0x6f/0x80 [ 1265.171689] pskb_expand_head+0x436/0x1d20 [ 1265.171689] skb_shift+0xce2/0x2d10 [ 1265.171689] tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] tcp_ack+0x2888/0xa010 [ 1265.171689] tcp_rcv_established+0xf7e/0x2940 [ 1265.171689] tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ip_local_deliver+0x44b/0x510 [ 1265.171689] ip_rcv+0x6b6/0x740 [ 1265.171689] process_backlog+0x82b/0x11e0 [ 1265.171689] net_rx_action+0x98f/0x1d50 [ 1265.171689] __do_softirq+0x721/0xc7f [ 1265.171689] [ 1265.171689] Uninit was stored to memory at: [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] __msan_chain_origin+0x6d/0xb0 [ 1265.171689] __save_stack_trace+0x8be/0xc60 [ 1265.171689] save_stack_trace+0xc6/0x110 [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] __msan_memcpy+0x6f/0x80 [ 1265.171689] pskb_expand_head+0x436/0x1d20 [ 1265.171689] skb_shift+0xce2/0x2d10 [ 1265.171689] tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] tcp_ack+0x2888/0xa010 [ 1265.171689] tcp_rcv_established+0xf7e/0x2940 [ 1265.171689] tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ip_local_deliver+0x44b/0x510 [ 1265.171689] ip_rcv+0x6b6/0x740 [ 1265.171689] process_backlog+0x82b/0x11e0 [ 1265.171689] net_rx_action+0x98f/0x1d50 [ 1265.171689] __do_softirq+0x721/0xc7f [ 1265.171689] [ 1265.171689] Uninit was stored to memory at: [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] __msan_chain_origin+0x6d/0xb0 [ 1265.171689] __save_stack_trace+0x8be/0xc60 [ 1265.171689] save_stack_trace+0xc6/0x110 [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] __msan_memcpy+0x6f/0x80 [ 1265.171689] pskb_expand_head+0x436/0x1d20 [ 1265.171689] skb_shift+0xce2/0x2d10 [ 1265.171689] tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] tcp_ack+0x2888/0xa010 [ 1265.171689] tcp_rcv_established+0xf7e/0x2940 [ 1265.171689] tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ip_local_deliver+0x44b/0x510 [ 1265.171689] ip_rcv+0x6b6/0x740 [ 1265.171689] process_backlog+0x82b/0x11e0 [ 1265.171689] net_rx_action+0x98f/0x1d50 [ 1265.171689] __do_softirq+0x721/0xc7f [ 1265.171689] [ 1265.171689] Uninit was stored to memory at: [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] __msan_chain_origin+0x6d/0xb0 [ 1265.171689] __save_stack_trace+0x8be/0xc60 [ 1265.171689] save_stack_trace+0xc6/0x110 [ 1265.171689] kmsan_internal_chain_origin+0x136/0x240 [ 1265.171689] kmsan_memcpy_origins+0x13d/0x190 [ 1265.171689] __msan_memcpy+0x6f/0x80 [ 1265.171689] pskb_expand_head+0x436/0x1d20 [ 1265.171689] skb_shift+0xce2/0x2d10 [ 1265.171689] tcp_sacktag_walk+0x2156/0x29d0 [ 1265.171689] tcp_sacktag_write_queue+0x2805/0x4630 [ 1265.171689] tcp_ack+0x2888/0xa010 [ 1265.171689] tcp_rcv_established+0xf7e/0x2940 [ 1265.171689] tcp_v4_do_rcv+0x686/0xd80 [ 1265.171689] tcp_v4_rcv+0x5a13/0x6520 [ 1265.171689] ip_local_deliver_finish+0x8d8/0xff0 [ 1265.171689] ip_local_deliver+0x44b/0x510 [ 1265.171689] ip_rcv+0x6b6/0x740 [ 1265.171689] process_backlog+0x82b/0x11e0 [ 1265.171689] net_rx_action+0x98f/0x1d50 [ 1265.171689] __do_softirq+0x721/0xc7f [ 1265.171689] [ 1265.171689] Local variable description: ----cputime.i@run_posix_cpu_timers [ 1265.171689] Variable was created at: [ 1265.171689] run_posix_cpu_timers+0x7c/0x4720 [ 1265.171689] update_process_times+0x1b0/0x1e0 [ 1266.457505] not chained 5700000 origins [ 1266.461525] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1266.461742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1266.461742] Call Trace: [ 1266.461742] dump_stack+0x32d/0x480 [ 1266.461742] kmsan_internal_chain_origin+0x222/0x240 [ 1266.461742] ? kmsan_set_origin+0x7f/0x100 [ 1266.461742] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1266.461742] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1266.461742] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1266.461742] ? in_task_stack+0x12c/0x210 [ 1266.461742] ? task_kmsan_context_state+0x51/0x90 [ 1266.461742] ? __msan_get_context_state+0x9/0x20 [ 1266.461742] ? __kernel_text_address+0x19/0x350 [ 1266.461742] ? ret_from_fork+0x35/0x40 [ 1266.461742] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1266.461742] ? in_task_stack+0x12c/0x210 [ 1266.461742] __msan_chain_origin+0x6d/0xb0 [ 1266.461742] ? ip_rcv+0x6b6/0x740 [ 1266.461742] __save_stack_trace+0x8be/0xc60 [ 1266.461742] ? ip_rcv+0x6b6/0x740 [ 1266.461742] save_stack_trace+0xc6/0x110 [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] ? run_ksoftirqd+0x37/0x60 [ 1266.461742] ? kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] ? kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] ? __msan_memcpy+0x6f/0x80 [ 1266.461742] ? pskb_expand_head+0x436/0x1d20 [ 1266.461742] ? skb_shift+0x29a0/0x2d10 [ 1266.461742] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] ? tcp_ack+0x2888/0xa010 [ 1266.461742] ? tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] ? tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] ? tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ? ip_local_deliver+0x44b/0x510 [ 1266.461742] ? ip_rcv+0x6b6/0x740 [ 1266.461742] ? process_backlog+0x82b/0x11e0 [ 1266.461742] ? net_rx_action+0x98f/0x1d50 [ 1266.461742] ? __do_softirq+0x721/0xc7f [ 1266.461742] ? run_ksoftirqd+0x37/0x60 [ 1266.461742] ? smpboot_thread_fn+0x69c/0xb30 [ 1266.461742] ? kthread+0x5e7/0x620 [ 1266.461742] ? ret_from_fork+0x35/0x40 [ 1266.461742] ? __msan_get_context_state+0x9/0x20 [ 1266.461742] ? INIT_INT+0xc/0x30 [ 1266.461742] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1266.461742] kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] __msan_memcpy+0x6f/0x80 [ 1266.461742] pskb_expand_head+0x436/0x1d20 [ 1266.461742] skb_shift+0x29a0/0x2d10 [ 1266.461742] tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] tcp_ack+0x2888/0xa010 [ 1266.461742] ? tcp_parse_options+0xbe/0x1cf0 [ 1266.461742] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1266.461742] ? tcp_parse_options+0x1c55/0x1cf0 [ 1266.461742] tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] ? __msan_get_context_state+0x9/0x20 [ 1266.461742] tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ? tcp_filter+0x260/0x260 [ 1266.461742] ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ? nf_hook_slow+0x36f/0x3d0 [ 1266.461742] ip_local_deliver+0x44b/0x510 [ 1266.461742] ? ip_local_deliver+0x510/0x510 [ 1266.461742] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1266.461742] ip_rcv+0x6b6/0x740 [ 1266.461742] ? ip_rcv_core+0x1370/0x1370 [ 1266.461742] process_backlog+0x82b/0x11e0 [ 1266.461742] ? ip_local_deliver_finish+0xff0/0xff0 [ 1266.461742] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1266.461742] net_rx_action+0x98f/0x1d50 [ 1266.461742] ? net_tx_action+0xf20/0xf20 [ 1266.461742] __do_softirq+0x721/0xc7f [ 1266.461742] ? ksoftirqd_should_run+0x50/0x50 [ 1266.461742] run_ksoftirqd+0x37/0x60 [ 1266.461742] smpboot_thread_fn+0x69c/0xb30 [ 1266.461742] kthread+0x5e7/0x620 [ 1266.461742] ? cpu_report_death+0x4a0/0x4a0 [ 1266.461742] ? INIT_BOOL+0x30/0x30 [ 1266.461742] ret_from_fork+0x35/0x40 [ 1266.461742] Uninit was stored to memory at: [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] __msan_chain_origin+0x6d/0xb0 [ 1266.461742] __save_stack_trace+0x8be/0xc60 [ 1266.461742] save_stack_trace+0xc6/0x110 [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] __msan_memcpy+0x6f/0x80 [ 1266.461742] pskb_expand_head+0x436/0x1d20 [ 1266.461742] skb_shift+0xce2/0x2d10 [ 1266.461742] tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] tcp_ack+0x2888/0xa010 [ 1266.461742] tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ip_local_deliver+0x44b/0x510 [ 1266.461742] ip_rcv+0x6b6/0x740 [ 1266.461742] process_backlog+0x82b/0x11e0 [ 1266.461742] net_rx_action+0x98f/0x1d50 [ 1266.461742] __do_softirq+0x721/0xc7f [ 1266.461742] [ 1266.461742] Uninit was stored to memory at: [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] __msan_chain_origin+0x6d/0xb0 [ 1266.461742] __save_stack_trace+0x8be/0xc60 [ 1266.461742] save_stack_trace+0xc6/0x110 [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] __msan_memcpy+0x6f/0x80 [ 1266.461742] pskb_expand_head+0x436/0x1d20 [ 1266.461742] skb_shift+0xce2/0x2d10 [ 1266.461742] tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] tcp_ack+0x2888/0xa010 [ 1266.461742] tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ip_local_deliver+0x44b/0x510 [ 1266.461742] ip_rcv+0x6b6/0x740 [ 1266.461742] process_backlog+0x82b/0x11e0 [ 1266.461742] net_rx_action+0x98f/0x1d50 [ 1266.461742] __do_softirq+0x721/0xc7f [ 1266.461742] [ 1266.461742] Uninit was stored to memory at: [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] __msan_chain_origin+0x6d/0xb0 [ 1266.461742] __save_stack_trace+0x8be/0xc60 [ 1266.461742] save_stack_trace+0xc6/0x110 [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] __msan_memcpy+0x6f/0x80 [ 1266.461742] pskb_expand_head+0x436/0x1d20 [ 1266.461742] skb_shift+0xce2/0x2d10 [ 1266.461742] tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] tcp_ack+0x2888/0xa010 [ 1266.461742] tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ip_local_deliver+0x44b/0x510 [ 1266.461742] ip_rcv+0x6b6/0x740 [ 1266.461742] process_backlog+0x82b/0x11e0 [ 1266.461742] net_rx_action+0x98f/0x1d50 [ 1266.461742] __do_softirq+0x721/0xc7f [ 1266.461742] [ 1266.461742] Uninit was stored to memory at: [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] __msan_chain_origin+0x6d/0xb0 [ 1266.461742] __save_stack_trace+0x8be/0xc60 [ 1266.461742] save_stack_trace+0xc6/0x110 [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] __msan_memcpy+0x6f/0x80 [ 1266.461742] pskb_expand_head+0x436/0x1d20 [ 1266.461742] skb_shift+0xce2/0x2d10 [ 1266.461742] tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] tcp_ack+0x2888/0xa010 [ 1266.461742] tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ip_local_deliver+0x44b/0x510 [ 1266.461742] ip_rcv+0x6b6/0x740 [ 1266.461742] process_backlog+0x82b/0x11e0 [ 1266.461742] net_rx_action+0x98f/0x1d50 [ 1266.461742] __do_softirq+0x721/0xc7f [ 1266.461742] [ 1266.461742] Uninit was stored to memory at: [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] __msan_chain_origin+0x6d/0xb0 [ 1266.461742] __save_stack_trace+0x8be/0xc60 [ 1266.461742] save_stack_trace+0xc6/0x110 [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] __msan_memcpy+0x6f/0x80 [ 1266.461742] pskb_expand_head+0x436/0x1d20 [ 1266.461742] skb_shift+0xce2/0x2d10 [ 1266.461742] tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] tcp_ack+0x2888/0xa010 [ 1266.461742] tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ip_local_deliver+0x44b/0x510 [ 1266.461742] ip_rcv+0x6b6/0x740 [ 1266.461742] process_backlog+0x82b/0x11e0 [ 1266.461742] net_rx_action+0x98f/0x1d50 [ 1266.461742] __do_softirq+0x721/0xc7f [ 1266.461742] [ 1266.461742] Uninit was stored to memory at: [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] __msan_chain_origin+0x6d/0xb0 [ 1266.461742] __save_stack_trace+0x8be/0xc60 [ 1266.461742] save_stack_trace+0xc6/0x110 [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] __msan_memcpy+0x6f/0x80 [ 1266.461742] pskb_expand_head+0x436/0x1d20 [ 1266.461742] skb_shift+0xce2/0x2d10 [ 1266.461742] tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] tcp_ack+0x2888/0xa010 [ 1266.461742] tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ip_local_deliver+0x44b/0x510 [ 1266.461742] ip_rcv+0x6b6/0x740 [ 1266.461742] process_backlog+0x82b/0x11e0 [ 1266.461742] net_rx_action+0x98f/0x1d50 [ 1266.461742] __do_softirq+0x721/0xc7f [ 1266.461742] [ 1266.461742] Uninit was stored to memory at: [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] __msan_chain_origin+0x6d/0xb0 [ 1266.461742] __save_stack_trace+0x8be/0xc60 [ 1266.461742] save_stack_trace+0xc6/0x110 [ 1266.461742] kmsan_internal_chain_origin+0x136/0x240 [ 1266.461742] kmsan_memcpy_origins+0x13d/0x190 [ 1266.461742] __msan_memcpy+0x6f/0x80 [ 1266.461742] pskb_expand_head+0x436/0x1d20 [ 1266.461742] skb_shift+0xce2/0x2d10 [ 1266.461742] tcp_sacktag_walk+0x2156/0x29d0 [ 1266.461742] tcp_sacktag_write_queue+0x2805/0x4630 [ 1266.461742] tcp_ack+0x2888/0xa010 [ 1266.461742] tcp_rcv_established+0xf7e/0x2940 [ 1266.461742] tcp_v4_do_rcv+0x686/0xd80 [ 1266.461742] tcp_v4_rcv+0x5a13/0x6520 [ 1266.461742] ip_local_deliver_finish+0x8d8/0xff0 [ 1266.461742] ip_local_deliver+0x44b/0x510 [ 1266.461742] ip_rcv+0x6b6/0x740 [ 1266.461742] process_backlog+0x82b/0x11e0 [ 1266.461742] net_rx_action+0x98f/0x1d50 [ 1266.461742] __do_softirq+0x721/0xc7f [ 1266.461742] [ 1266.461742] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1266.461742] Variable was created at: [ 1266.461742] ipv4_conntrack_local+0x75/0x470 [ 1266.461742] nf_hook_slow+0x15c/0x3d0 14:18:24 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB], 0x7, 0x100000000000) 14:18:24 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f00000001c0)=@nfc={0x27, 0x1, 0x2, 0x3}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000400)="9c634a6c5eadab646686e37e46a4bbe9b0cea0559f6995860abc12088e5b1fa00db13196132d36d5f4e74b32ef328cf1bbca190098e894b8872fdb6c5412e8cfc51be00427fdeb2326b52496a0488473e4c3f81c1e132fada03fff8534ffb9327b1485be78dd36a8a2711e38b1443c8c88adf7b73bf917384639acde09bab2539d7aa43fad4f509e6942c4341d6434a9e55581d3a5e110980f18e9362737e49cbd1142eda4498a32fc", 0xa9}, {&(0x7f00000004c0)="ce2fe8ee48b126afbbf8ffc0dc5d4a4199bc4b476a90dad8a8becb4fbe7aa8fa13f0f5d64a89150696486f1825798c3546245bc058355c405243697ca5526ba47e3e9801bc9b5b9c1a4177ca81ab4f816771fdf920f7db9ceed297d81d4037f7c2c40cd79577039d698bb07d328d616c8512a0d51c3a8202c2c4d33c7c5c344ca169d7ea16c95081a2d252854a32ff61dbb7fd4453c2", 0x96}, {&(0x7f0000000580)="34dcef1d5c4e72becf040752160d6db885d7546166c6e091c67677af7fb64e4eb531f4e1e8a7cd525155fe138e7e2dae70204223144c58cdeb2aaa32938f02de7264ac2fca3400715c1db9411c338c3f4f8cab4b1b818b3f4ec595ae64982804000401d6579954dda9fa468f680391a92a7179802d9a340d6f49eeba176d7b2503f9342abc8c9ba4b27e060084b5fae19b612b592dfca38635ab18b7d2644d1cb5f2f3a5aa950fd4665944a21acd16d0f7c43561e1e1b5f6e2a4a5309003ee75f255f0ea1c0993af0ea62903337d656b5d", 0xd1}, {&(0x7f0000000000)="4677d8184841d93592d537e6e49e7d7616d9768f2b53a4a01917", 0x1a}, {&(0x7f0000000300)="5d16d09d97c72e7a990d4df1e195a0add1b4126784bfd807c9815d4429637020d43097b2e08e589b79a06a9d836b1b63ea3dda45e40c844daf264550d555b8e33b3cb0f4f1362972f1", 0x49}, {&(0x7f0000000680)="24925ae446142a6f463c8a5adde6754c9328eb722aebdb0b368812592ce2d422205b8a2b72b36170b122d3c4c1a958a681b63c34aea441d5ddcd5497dc755a15267c6fe0d2", 0x45}], 0x6, &(0x7f0000000780)=[{0x80, 0x19f, 0x3, "d79a965657051b81a4c3634a323acb6d1d611a07bbdf906e39a50a2f2c4e010b8fe1bc46b9021755e407725f5a2ac07a6977afe5dfd1ed575640bee675b2324e355da34ffb5510b9de0b262436acb172c2418bc90e1f8b624a996c8056fdc3f6034b1f9aeaebabd9fd596ac387"}], 0x80, 0x4000804}, 0x4040801) [ 1267.802449] not chained 5710000 origins [ 1267.806470] CPU: 0 PID: 19368 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 1267.811658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1267.811658] Call Trace: [ 1267.811658] [ 1267.811658] dump_stack+0x32d/0x480 [ 1267.811658] kmsan_internal_chain_origin+0x222/0x240 [ 1267.811658] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1267.811658] ? __msan_poison_alloca+0x1e0/0x270 [ 1267.811658] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1267.811658] ? rcu_irq_exit+0x396/0x410 [ 1267.811658] ? kmsan_internal_chain_origin+0x90/0x240 [ 1267.811658] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1267.811658] ? in_task_stack+0x12c/0x210 [ 1267.811658] ? get_stack_info+0x206/0x220 [ 1267.811658] __msan_chain_origin+0x6d/0xb0 [ 1267.811658] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1267.811658] __save_stack_trace+0x8be/0xc60 [ 1267.811658] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1267.890040] save_stack_trace+0xc6/0x110 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] ? ip_finish_output+0xd93/0x10f0 [ 1267.890040] ? inet_recvmsg+0x5b8/0x6c0 [ 1267.890040] ? kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] ? kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] ? __msan_memcpy+0x6f/0x80 [ 1267.890040] ? pskb_expand_head+0x436/0x1d20 [ 1267.890040] ? ___pskb_trim+0x3c9/0x1bf0 [ 1267.890040] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1267.890040] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1267.890040] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1267.890040] ? ip_local_deliver+0x44b/0x510 [ 1267.946550] not chained 5720000 origins [ 1267.890040] ? ip_rcv+0x6b6/0x740 [ 1267.890040] ? process_backlog+0x82b/0x11e0 [ 1267.890040] ? net_rx_action+0x98f/0x1d50 [ 1267.890040] ? __do_softirq+0x721/0xc7f [ 1267.890040] ? do_softirq_own_stack+0x49/0x80 [ 1267.890040] ? __local_bh_enable_ip+0x228/0x260 [ 1267.890040] ? local_bh_enable+0x36/0x40 [ 1267.890040] ? ip_finish_output2+0x1430/0x1560 [ 1267.890040] ? ip_finish_output+0xd93/0x10f0 [ 1267.890040] ? ip_output+0x55c/0x630 [ 1267.890040] ? __ip_queue_xmit+0x1bb5/0x2170 [ 1267.890040] ? ip_queue_xmit+0xcc/0xf0 [ 1267.890040] ? __tcp_transmit_skb+0x425c/0x5e00 [ 1267.890040] ? tcp_write_xmit+0x389a/0xacc0 [ 1267.890040] ? __tcp_push_pending_frames+0x124/0x4e0 [ 1267.890040] ? tcp_data_snd_check+0x1ec/0x1080 [ 1267.890040] ? tcp_rcv_established+0x1bb2/0x2940 [ 1267.890040] ? tcp_v4_do_rcv+0x686/0xd80 [ 1267.890040] ? __release_sock+0x32d/0x750 [ 1267.890040] ? sk_wait_data+0x2c3/0x920 [ 1267.890040] ? tcp_recvmsg+0x1d10/0x4aa0 [ 1267.890040] ? inet_recvmsg+0x5b8/0x6c0 [ 1267.890040] ? sock_recvmsg+0x1d1/0x230 [ 1267.890040] ? ___sys_recvmsg+0x444/0xae0 [ 1267.890040] ? __se_sys_recvmsg+0x2fa/0x450 [ 1267.890040] ? __x64_sys_recvmsg+0x4a/0x70 [ 1267.890040] ? do_syscall_64+0xcf/0x110 [ 1267.890040] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1267.890040] ? __msan_get_context_state+0x9/0x20 [ 1267.890040] ? INIT_INT+0xc/0x30 [ 1267.890040] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1267.890040] kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] __msan_memcpy+0x6f/0x80 [ 1267.890040] pskb_expand_head+0x436/0x1d20 [ 1267.890040] ___pskb_trim+0x3c9/0x1bf0 [ 1267.890040] sk_filter_trim_cap+0x5ac/0xa60 [ 1267.890040] tcp_v4_rcv+0x4a1b/0x6520 [ 1267.890040] ? tcp_filter+0x260/0x260 [ 1267.890040] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.890040] ? nf_hook_slow+0x36f/0x3d0 [ 1267.890040] ip_local_deliver+0x44b/0x510 [ 1267.890040] ? ip_local_deliver+0x510/0x510 [ 1267.890040] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1267.890040] ip_rcv+0x6b6/0x740 [ 1267.890040] ? ip_rcv_core+0x1370/0x1370 [ 1267.890040] process_backlog+0x82b/0x11e0 [ 1267.890040] ? ip_local_deliver_finish+0xff0/0xff0 [ 1267.890040] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1267.890040] net_rx_action+0x98f/0x1d50 [ 1267.890040] ? net_tx_action+0xf20/0xf20 [ 1267.890040] __do_softirq+0x721/0xc7f [ 1267.890040] do_softirq_own_stack+0x49/0x80 [ 1267.890040] [ 1267.890040] __local_bh_enable_ip+0x228/0x260 [ 1267.890040] local_bh_enable+0x36/0x40 [ 1267.890040] ip_finish_output2+0x1430/0x1560 [ 1267.890040] ip_finish_output+0xd93/0x10f0 [ 1267.890040] ip_output+0x55c/0x630 [ 1267.890040] ? ip_mc_finish_output+0x440/0x440 [ 1267.890040] ? ip_finish_output+0x10f0/0x10f0 [ 1267.890040] __ip_queue_xmit+0x1bb5/0x2170 [ 1267.890040] ip_queue_xmit+0xcc/0xf0 [ 1267.890040] ? dst_hold_safe+0x5d0/0x5d0 [ 1267.890040] __tcp_transmit_skb+0x425c/0x5e00 [ 1267.890040] tcp_write_xmit+0x389a/0xacc0 [ 1267.890040] __tcp_push_pending_frames+0x124/0x4e0 [ 1267.890040] tcp_data_snd_check+0x1ec/0x1080 [ 1267.890040] tcp_rcv_established+0x1bb2/0x2940 [ 1267.890040] ? __msan_get_context_state+0x9/0x20 [ 1267.890040] tcp_v4_do_rcv+0x686/0xd80 [ 1267.890040] ? inet_sk_rx_dst_set+0x200/0x200 [ 1267.890040] __release_sock+0x32d/0x750 [ 1267.890040] sk_wait_data+0x2c3/0x920 [ 1267.890040] ? tcp_send_ack+0x68/0x90 [ 1267.890040] ? tcp_cleanup_rbuf+0x57b/0x8e0 [ 1267.890040] ? wait_woken+0x5b0/0x5b0 [ 1267.890040] tcp_recvmsg+0x1d10/0x4aa0 [ 1267.890040] ? tcp_mmap+0x150/0x150 [ 1267.890040] inet_recvmsg+0x5b8/0x6c0 [ 1267.890040] sock_recvmsg+0x1d1/0x230 [ 1267.890040] ? inet_sendpage+0x990/0x990 [ 1267.890040] ___sys_recvmsg+0x444/0xae0 [ 1267.890040] ? __fdget+0x329/0x440 [ 1267.890040] __se_sys_recvmsg+0x2fa/0x450 [ 1267.890040] __x64_sys_recvmsg+0x4a/0x70 [ 1267.890040] do_syscall_64+0xcf/0x110 [ 1267.890040] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1267.890040] RIP: 0033:0x457569 [ 1267.890040] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1267.890040] RSP: 002b:00007f26388a1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1267.890040] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1267.890040] RDX: 0000000000000100 RSI: 0000000020000240 RDI: 0000000000000006 [ 1267.890040] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1267.890040] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f26388a26d4 [ 1267.890040] R13: 00000000004c3549 R14: 00000000004d54c0 R15: 00000000ffffffff [ 1267.890040] Uninit was stored to memory at: [ 1267.951668] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1267.951668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] Call Trace: [ 1267.890040] __msan_chain_origin+0x6d/0xb0 [ 1267.951668] dump_stack+0x32d/0x480 [ 1267.890040] __save_stack_trace+0x8be/0xc60 [ 1267.951668] kmsan_internal_chain_origin+0x222/0x240 [ 1267.890040] save_stack_trace+0xc6/0x110 [ 1267.951668] ? INIT_BOOL+0xc/0x30 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] ? do_raw_spin_lock+0x2c3/0x410 [ 1267.890040] kmsan_memcpy_origins+0x13d/0x190 [ 1267.951668] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1267.890040] __msan_memcpy+0x6f/0x80 [ 1267.951668] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1267.890040] pskb_expand_head+0x436/0x1d20 [ 1267.951668] ? in_task_stack+0x12c/0x210 [ 1267.890040] ___pskb_trim+0x3c9/0x1bf0 [ 1267.951668] ? task_kmsan_context_state+0x51/0x90 [ 1267.890040] sk_filter_trim_cap+0x5ac/0xa60 [ 1267.951668] ? __msan_get_context_state+0x9/0x20 [ 1267.890040] tcp_v4_rcv+0x4a1b/0x6520 [ 1267.951668] ? __kernel_text_address+0x19/0x350 [ 1267.890040] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.951668] ? ret_from_fork+0x35/0x40 [ 1267.890040] ip_local_deliver+0x44b/0x510 [ 1267.951668] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1267.890040] ip_rcv+0x6b6/0x740 [ 1267.951668] ? in_task_stack+0x12c/0x210 [ 1267.890040] process_backlog+0x82b/0x11e0 [ 1267.951668] __msan_chain_origin+0x6d/0xb0 [ 1267.890040] net_rx_action+0x98f/0x1d50 [ 1267.951668] ? kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] __do_softirq+0x721/0xc7f [ 1267.951668] __save_stack_trace+0x8be/0xc60 [ 1267.890040] [ 1267.951668] ? kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] Uninit was stored to memory at: [ 1267.951668] save_stack_trace+0xc6/0x110 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] __msan_chain_origin+0x6d/0xb0 [ 1267.951668] ? run_ksoftirqd+0x37/0x60 [ 1267.890040] __save_stack_trace+0x8be/0xc60 [ 1267.951668] ? kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] save_stack_trace+0xc6/0x110 [ 1267.951668] ? kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] ? __msan_memcpy+0x6f/0x80 [ 1267.890040] kmsan_memcpy_origins+0x13d/0x190 [ 1267.951668] ? pskb_expand_head+0x436/0x1d20 [ 1267.890040] __msan_memcpy+0x6f/0x80 [ 1267.951668] ? skb_shift+0xce2/0x2d10 [ 1267.890040] pskb_expand_head+0x436/0x1d20 [ 1267.951668] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1267.890040] ___pskb_trim+0x3c9/0x1bf0 [ 1267.951668] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1267.890040] sk_filter_trim_cap+0x5ac/0xa60 [ 1267.951668] ? tcp_ack+0x2888/0xa010 [ 1267.890040] tcp_v4_rcv+0x4a1b/0x6520 [ 1267.951668] ? tcp_rcv_established+0xf7e/0x2940 [ 1267.890040] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.951668] ? tcp_v4_do_rcv+0x686/0xd80 [ 1267.890040] ip_local_deliver+0x44b/0x510 [ 1267.951668] ? tcp_v4_rcv+0x5a13/0x6520 [ 1267.890040] ip_rcv+0x6b6/0x740 [ 1267.951668] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1267.890040] process_backlog+0x82b/0x11e0 [ 1267.951668] ? ip_local_deliver+0x44b/0x510 [ 1267.890040] net_rx_action+0x98f/0x1d50 [ 1267.951668] ? ip_rcv+0x6b6/0x740 [ 1267.890040] __do_softirq+0x721/0xc7f [ 1267.951668] ? process_backlog+0x82b/0x11e0 [ 1267.890040] [ 1267.951668] ? net_rx_action+0x98f/0x1d50 [ 1267.890040] Uninit was stored to memory at: [ 1267.951668] ? __do_softirq+0x721/0xc7f [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] ? run_ksoftirqd+0x37/0x60 [ 1267.890040] __msan_chain_origin+0x6d/0xb0 [ 1267.951668] ? smpboot_thread_fn+0x69c/0xb30 [ 1267.890040] __save_stack_trace+0x8be/0xc60 [ 1267.951668] ? kthread+0x5e7/0x620 [ 1267.890040] save_stack_trace+0xc6/0x110 [ 1267.951668] ? ret_from_fork+0x35/0x40 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] ? __msan_get_context_state+0x9/0x20 [ 1267.890040] kmsan_memcpy_origins+0x13d/0x190 [ 1267.951668] ? INIT_INT+0xc/0x30 [ 1267.890040] __msan_memcpy+0x6f/0x80 [ 1267.951668] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1267.890040] pskb_expand_head+0x436/0x1d20 [ 1267.951668] kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] ___pskb_trim+0x3c9/0x1bf0 [ 1267.951668] __msan_memcpy+0x6f/0x80 [ 1267.890040] sk_filter_trim_cap+0x5ac/0xa60 [ 1267.951668] pskb_expand_head+0x436/0x1d20 [ 1267.890040] tcp_v4_rcv+0x4a1b/0x6520 [ 1267.951668] skb_shift+0xce2/0x2d10 [ 1267.890040] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.951668] tcp_sacktag_walk+0x2156/0x29d0 [ 1267.890040] ip_local_deliver+0x44b/0x510 [ 1267.951668] tcp_sacktag_write_queue+0x2805/0x4630 [ 1267.890040] ip_rcv+0x6b6/0x740 [ 1267.951668] tcp_ack+0x2888/0xa010 [ 1267.890040] process_backlog+0x82b/0x11e0 [ 1267.951668] ? tcp_parse_options+0xbe/0x1cf0 [ 1267.890040] net_rx_action+0x98f/0x1d50 [ 1267.951668] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1267.890040] __do_softirq+0x721/0xc7f [ 1267.951668] ? tcp_parse_options+0x1c55/0x1cf0 [ 1267.890040] [ 1267.951668] tcp_rcv_established+0xf7e/0x2940 [ 1267.890040] Uninit was stored to memory at: [ 1267.951668] ? __msan_get_context_state+0x9/0x20 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] tcp_v4_do_rcv+0x686/0xd80 [ 1267.890040] __msan_chain_origin+0x6d/0xb0 [ 1267.951668] tcp_v4_rcv+0x5a13/0x6520 [ 1267.890040] __save_stack_trace+0x8be/0xc60 [ 1267.951668] ? tcp_filter+0x260/0x260 [ 1267.890040] save_stack_trace+0xc6/0x110 [ 1267.951668] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] ? nf_hook_slow+0x36f/0x3d0 [ 1267.890040] kmsan_memcpy_origins+0x13d/0x190 [ 1267.951668] ip_local_deliver+0x44b/0x510 [ 1267.890040] __msan_memcpy+0x6f/0x80 [ 1267.951668] ? ip_local_deliver+0x510/0x510 [ 1267.890040] pskb_expand_head+0x436/0x1d20 [ 1267.951668] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1267.890040] ___pskb_trim+0x3c9/0x1bf0 [ 1267.951668] ip_rcv+0x6b6/0x740 [ 1267.890040] sk_filter_trim_cap+0x5ac/0xa60 [ 1267.951668] ? ip_rcv_core+0x1370/0x1370 [ 1267.890040] tcp_v4_rcv+0x4a1b/0x6520 [ 1267.951668] process_backlog+0x82b/0x11e0 [ 1267.890040] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.951668] ? ip_local_deliver_finish+0xff0/0xff0 [ 1267.890040] ip_local_deliver+0x44b/0x510 [ 1267.951668] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1267.890040] ip_rcv+0x6b6/0x740 [ 1267.951668] net_rx_action+0x98f/0x1d50 [ 1267.890040] process_backlog+0x82b/0x11e0 [ 1267.951668] ? net_tx_action+0xf20/0xf20 [ 1267.890040] net_rx_action+0x98f/0x1d50 [ 1267.951668] __do_softirq+0x721/0xc7f [ 1267.890040] __do_softirq+0x721/0xc7f [ 1267.951668] ? ksoftirqd_should_run+0x50/0x50 [ 1267.890040] [ 1267.951668] run_ksoftirqd+0x37/0x60 [ 1267.890040] Uninit was stored to memory at: [ 1267.951668] smpboot_thread_fn+0x69c/0xb30 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] kthread+0x5e7/0x620 [ 1267.890040] __msan_chain_origin+0x6d/0xb0 [ 1267.951668] ? cpu_report_death+0x4a0/0x4a0 [ 1267.890040] __save_stack_trace+0x8be/0xc60 [ 1267.951668] ? INIT_BOOL+0x30/0x30 [ 1267.890040] save_stack_trace+0xc6/0x110 [ 1267.951668] ret_from_fork+0x35/0x40 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] Uninit was stored to memory at: [ 1267.890040] kmsan_memcpy_origins+0x13d/0x190 [ 1267.951668] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] __msan_chain_origin+0x6d/0xb0 [ 1267.890040] __msan_memcpy+0x6f/0x80 [ 1267.951668] __save_stack_trace+0x8be/0xc60 [ 1267.890040] pskb_expand_head+0x436/0x1d20 [ 1267.951668] save_stack_trace+0xc6/0x110 [ 1267.890040] ___pskb_trim+0x3c9/0x1bf0 [ 1267.951668] kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] sk_filter_trim_cap+0x5ac/0xa60 [ 1267.951668] kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] tcp_v4_rcv+0x4a1b/0x6520 [ 1267.951668] __msan_memcpy+0x6f/0x80 [ 1267.890040] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.951668] pskb_expand_head+0x436/0x1d20 [ 1267.890040] ip_local_deliver+0x44b/0x510 [ 1267.951668] skb_shift+0xce2/0x2d10 [ 1267.890040] ip_rcv+0x6b6/0x740 [ 1267.951668] tcp_sacktag_walk+0x2156/0x29d0 [ 1267.890040] process_backlog+0x82b/0x11e0 [ 1267.951668] tcp_sacktag_write_queue+0x2805/0x4630 [ 1267.890040] net_rx_action+0x98f/0x1d50 [ 1267.951668] tcp_ack+0x2888/0xa010 [ 1267.890040] __do_softirq+0x721/0xc7f [ 1267.951668] tcp_rcv_established+0xf7e/0x2940 [ 1267.890040] [ 1267.951668] tcp_v4_do_rcv+0x686/0xd80 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] tcp_v4_rcv+0x5a13/0x6520 [ 1267.890040] __msan_chain_origin+0x6d/0xb0 [ 1267.951668] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.890040] __save_stack_trace+0x8be/0xc60 [ 1267.951668] ip_local_deliver+0x44b/0x510 [ 1267.890040] save_stack_trace+0xc6/0x110 [ 1267.951668] ip_rcv+0x6b6/0x740 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] process_backlog+0x82b/0x11e0 [ 1267.890040] kmsan_memcpy_origins+0x13d/0x190 [ 1267.951668] net_rx_action+0x98f/0x1d50 [ 1267.890040] __msan_memcpy+0x6f/0x80 [ 1267.951668] __do_softirq+0x721/0xc7f [ 1267.890040] pskb_expand_head+0x436/0x1d20 [ 1267.951668] kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] ___pskb_trim+0x3c9/0x1bf0 [ 1267.951668] __msan_chain_origin+0x6d/0xb0 [ 1267.890040] sk_filter_trim_cap+0x5ac/0xa60 [ 1267.951668] __save_stack_trace+0x8be/0xc60 [ 1267.890040] tcp_v4_rcv+0x4a1b/0x6520 [ 1267.951668] save_stack_trace+0xc6/0x110 [ 1267.890040] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.951668] kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] ip_local_deliver+0x44b/0x510 [ 1267.951668] kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] ip_rcv+0x6b6/0x740 [ 1267.951668] __msan_memcpy+0x6f/0x80 [ 1267.890040] process_backlog+0x82b/0x11e0 [ 1267.951668] pskb_expand_head+0x436/0x1d20 [ 1267.890040] net_rx_action+0x98f/0x1d50 [ 1267.951668] skb_shift+0xce2/0x2d10 [ 1267.890040] __do_softirq+0x721/0xc7f [ 1267.951668] tcp_sacktag_walk+0x2156/0x29d0 [ 1267.890040] [ 1267.951668] tcp_sacktag_write_queue+0x2805/0x4630 [ 1267.890040] Uninit was stored to memory at: [ 1267.951668] tcp_ack+0x2888/0xa010 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] tcp_rcv_established+0xf7e/0x2940 [ 1267.890040] __msan_chain_origin+0x6d/0xb0 [ 1267.951668] tcp_v4_do_rcv+0x686/0xd80 [ 1267.890040] __save_stack_trace+0x8be/0xc60 [ 1267.951668] tcp_v4_rcv+0x5a13/0x6520 [ 1267.890040] save_stack_trace+0xc6/0x110 [ 1267.951668] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.890040] kmsan_internal_chain_origin+0x136/0x240 [ 1267.951668] ip_local_deliver+0x44b/0x510 [ 1267.890040] kmsan_memcpy_origins+0x13d/0x190 [ 1267.951668] ip_rcv+0x6b6/0x740 [ 1267.890040] __msan_memcpy+0x6f/0x80 [ 1267.951668] process_backlog+0x82b/0x11e0 [ 1267.890040] pskb_expand_head+0x436/0x1d20 [ 1267.951668] net_rx_action+0x98f/0x1d50 [ 1267.890040] ___pskb_trim+0x3c9/0x1bf0 [ 1267.951668] __do_softirq+0x721/0xc7f [ 1267.890040] sk_filter_trim_cap+0x5ac/0xa60 [ 1267.951668] [ 1267.890040] tcp_v4_rcv+0x4a1b/0x6520 [ 1267.951668] kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] ip_local_deliver_finish+0x8d8/0xff0 [ 1267.951668] __msan_chain_origin+0x6d/0xb0 [ 1267.890040] ip_local_deliver+0x44b/0x510 [ 1267.951668] __save_stack_trace+0x8be/0xc60 [ 1267.890040] ip_rcv+0x6b6/0x740 [ 1267.951668] save_stack_trace+0xc6/0x110 [ 1267.890040] process_backlog+0x82b/0x11e0 [ 1267.951668] kmsan_internal_chain_origin+0x136/0x240 [ 1267.890040] net_rx_action+0x98f/0x1d50 [ 1267.951668] kmsan_memcpy_origins+0x13d/0x190 [ 1267.890040] __do_softirq+0x721/0xc7f [ 1267.951668] __msan_memcpy+0x6f/0x80 [ 1267.890040] [ 1267.951668] pskb_expand_head+0x436/0x1d20 [ 1269.491222] skb_shift+0xce2/0x2d10 [ 1269.491222] tcp_sacktag_walk+0x2156/0x29d0 [ 1269.491222] tcp_sacktag_write_queue+0x2805/0x4630 [ 1269.491222] tcp_ack+0x2888/0xa010 [ 1269.491222] tcp_rcv_established+0xf7e/0x2940 [ 1269.491222] tcp_v4_do_rcv+0x686/0xd80 [ 1269.491222] tcp_v4_rcv+0x5a13/0x6520 [ 1269.491222] ip_local_deliver_finish+0x8d8/0xff0 [ 1269.491222] ip_local_deliver+0x44b/0x510 [ 1269.491222] ip_rcv+0x6b6/0x740 [ 1269.491222] process_backlog+0x82b/0x11e0 [ 1269.491222] net_rx_action+0x98f/0x1d50 [ 1269.491222] __do_softirq+0x721/0xc7f [ 1269.491222] [ 1269.491222] Uninit was stored to memory at: [ 1269.491222] kmsan_internal_chain_origin+0x136/0x240 [ 1269.491222] __msan_chain_origin+0x6d/0xb0 [ 1269.491222] __save_stack_trace+0x8be/0xc60 [ 1269.491222] save_stack_trace+0xc6/0x110 [ 1269.491222] kmsan_internal_chain_origin+0x136/0x240 [ 1269.491222] kmsan_memcpy_origins+0x13d/0x190 [ 1269.491222] __msan_memcpy+0x6f/0x80 [ 1269.491222] pskb_expand_head+0x436/0x1d20 [ 1269.491222] skb_shift+0xce2/0x2d10 [ 1269.491222] tcp_sacktag_walk+0x2156/0x29d0 [ 1269.491222] tcp_sacktag_write_queue+0x2805/0x4630 [ 1269.491222] tcp_ack+0x2888/0xa010 [ 1269.491222] tcp_rcv_established+0xf7e/0x2940 [ 1269.491222] tcp_v4_do_rcv+0x686/0xd80 [ 1269.613451] tcp_v4_rcv+0x5a13/0x6520 [ 1269.613451] ip_local_deliver_finish+0x8d8/0xff0 [ 1269.613451] ip_local_deliver+0x44b/0x510 [ 1269.613451] ip_rcv+0x6b6/0x740 [ 1269.613451] process_backlog+0x82b/0x11e0 [ 1269.613451] net_rx_action+0x98f/0x1d50 [ 1269.613451] __do_softirq+0x721/0xc7f [ 1269.613451] [ 1269.613451] Uninit was stored to memory at: [ 1269.613451] kmsan_internal_chain_origin+0x136/0x240 [ 1269.613451] __msan_chain_origin+0x6d/0xb0 [ 1269.613451] __save_stack_trace+0x8be/0xc60 [ 1269.613451] save_stack_trace+0xc6/0x110 [ 1269.613451] kmsan_internal_chain_origin+0x136/0x240 [ 1269.613451] kmsan_memcpy_origins+0x13d/0x190 [ 1269.674682] __msan_memcpy+0x6f/0x80 [ 1269.674682] pskb_expand_head+0x436/0x1d20 [ 1269.674682] skb_shift+0xce2/0x2d10 [ 1269.674682] tcp_sacktag_walk+0x2156/0x29d0 [ 1269.674682] tcp_sacktag_write_queue+0x2805/0x4630 [ 1269.674682] tcp_ack+0x2888/0xa010 [ 1269.674682] tcp_rcv_established+0xf7e/0x2940 [ 1269.674682] tcp_v4_do_rcv+0x686/0xd80 [ 1269.674682] tcp_v4_rcv+0x5a13/0x6520 [ 1269.674682] ip_local_deliver_finish+0x8d8/0xff0 [ 1269.674682] ip_local_deliver+0x44b/0x510 [ 1269.674682] ip_rcv+0x6b6/0x740 [ 1269.674682] process_backlog+0x82b/0x11e0 [ 1269.674682] net_rx_action+0x98f/0x1d50 [ 1269.674682] __do_softirq+0x721/0xc7f [ 1269.674682] [ 1269.674682] Uninit was stored to memory at: [ 1269.674682] kmsan_internal_chain_origin+0x136/0x240 [ 1269.674682] __msan_chain_origin+0x6d/0xb0 [ 1269.674682] __save_stack_trace+0x8be/0xc60 [ 1269.674682] save_stack_trace+0xc6/0x110 [ 1269.674682] kmsan_internal_chain_origin+0x136/0x240 [ 1269.674682] kmsan_memcpy_origins+0x13d/0x190 [ 1269.674682] __msan_memcpy+0x6f/0x80 [ 1269.674682] pskb_expand_head+0x436/0x1d20 [ 1269.674682] skb_shift+0xce2/0x2d10 [ 1269.674682] tcp_sacktag_walk+0x2156/0x29d0 [ 1269.674682] tcp_sacktag_write_queue+0x2805/0x4630 [ 1269.674682] tcp_ack+0x2888/0xa010 [ 1269.674682] tcp_rcv_established+0xf7e/0x2940 [ 1269.674682] tcp_v4_do_rcv+0x686/0xd80 [ 1269.674682] tcp_v4_rcv+0x5a13/0x6520 [ 1269.674682] ip_local_deliver_finish+0x8d8/0xff0 [ 1269.674682] ip_local_deliver+0x44b/0x510 [ 1269.674682] ip_rcv+0x6b6/0x740 [ 1269.674682] process_backlog+0x82b/0x11e0 [ 1269.674682] net_rx_action+0x98f/0x1d50 [ 1269.674682] __do_softirq+0x721/0xc7f [ 1269.674682] [ 1269.674682] Uninit was stored to memory at: [ 1269.674682] kmsan_internal_chain_origin+0x136/0x240 [ 1269.674682] __msan_chain_origin+0x6d/0xb0 [ 1269.674682] __save_stack_trace+0x8be/0xc60 [ 1269.674682] save_stack_trace+0xc6/0x110 [ 1269.674682] kmsan_internal_chain_origin+0x136/0x240 [ 1269.674682] kmsan_memcpy_origins+0x13d/0x190 [ 1269.674682] __msan_memcpy+0x6f/0x80 [ 1269.674682] pskb_expand_head+0x436/0x1d20 [ 1269.674682] skb_shift+0xce2/0x2d10 [ 1269.674682] tcp_sacktag_walk+0x2156/0x29d0 [ 1269.674682] tcp_sacktag_write_queue+0x2805/0x4630 [ 1269.674682] tcp_ack+0x2888/0xa010 [ 1269.674682] tcp_rcv_established+0xf7e/0x2940 [ 1269.674682] tcp_v4_do_rcv+0x686/0xd80 [ 1269.674682] tcp_v4_rcv+0x5a13/0x6520 [ 1269.674682] ip_local_deliver_finish+0x8d8/0xff0 [ 1269.674682] ip_local_deliver+0x44b/0x510 [ 1269.674682] ip_rcv+0x6b6/0x740 [ 1269.674682] process_backlog+0x82b/0x11e0 [ 1269.674682] net_rx_action+0x98f/0x1d50 [ 1269.674682] __do_softirq+0x721/0xc7f [ 1269.674682] [ 1269.674682] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1269.674682] Variable was created at: [ 1269.674682] ipv4_conntrack_local+0x75/0x470 [ 1269.674682] nf_hook_slow+0x15c/0x3d0 14:18:27 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000400)={0x0, 0x7e, "1220e2e28d7fe6026b3117554ccd37726cbfd77fc9d3d54b8ba6c5f9ee6852920953d930959d48df81ecc77ae95f29e409fecdc062c6ee428fa2260a1d05aa9dbf0fa87f16f1e775b29f07217520152377fc569b28980dd781819ecf9ddf9f7ed83664f354d0b0d85482d71acc7fdc2008c2a821d1e1b78f72f0ec5061fa"}, &(0x7f00000004c0)=0x86) setsockopt(r1, 0xffff, 0xbbae, &(0x7f0000000540)="186ffa1144794aa11c0966f5b7d8c397ba33817e2759cc08889debbca1c25aa765208d0cef6407b8692d54d591ab7052aab6ae175e64bde05d49ff3d2856297f9ee67e42a26e8af9064de5f04a60b1fde848bf720f93a6fbda5fa79d3a", 0x5d) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000500)={r2, 0xfff, 0x7f}, 0x8) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x301502, 0x141) renameat(r3, &(0x7f0000000140)='./file0\x00', r0, &(0x7f0000000340)='./file0\x00') setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snapshot\x00', 0x280, 0x0) ioctl$EVIOCRMFF(r4, 0x40044581, &(0x7f00000003c0)=0x7) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) prctl$getname(0x10, &(0x7f00000005c0)=""/43) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:27 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000100", @ANYBLOB], 0x6, 0x100000000000) 14:18:27 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:27 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000080)={0x0, 0x8, 0x100000001, &(0x7f0000000000)=0x5}) 14:18:27 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) read(r0, &(0x7f0000000000)=""/39, 0x20000024) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, r0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c460100040000000000000000008711d400000000000000000000e4ff00020000000018b78f4db015e42209331e1c436535562e70d7db0199a9338c9c0d402fbe692ebd825ce83cac02e7ac5cf2ae612f7e8789eac0808b32fbca61e33e2a966a3eaa9cba8a60d086b6d35a309080daaff2ce37d6643cc09dc9afb34b644500d44345a9dbf33cc587bf63281277cd82f00ce18446caef8d3df5658e13bd074a0d24ec0208a3ebbe8232ea6916beb3c4d8adf3ddda3c65b3b3bdd81c2a8100ff8fbc616d994573a3dd442ceef1562fd66fabce91cf353a75a5c0f3d7e4ba60fe8c265873def3bd942b8524126b7e1754933a3dd05f3f537bd22d4eb60d1e9001d7fcf8b9b21b164fac59beb91a2cbf4867112061fa169c897cdc178cad939ea199f2d45cfa0b95040abc70623d7d00000000000036e41edd1675eba190df62b9c102105e29d10629b40e38508951b621ed7810a9616cdaafbdd2031f1ccce074b803453953f5a641e704992030ee12f4e372b297bace0e9b29b0d38a7b5097bd40147acd62d4c92bdc5597"], 0x2a) pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) getgroups(0x1, &(0x7f0000000340)=[0xffffffffffffffff]) r4 = getegid() openat$vsock(0xffffffffffffff9c, &(0x7f0000000800)='/dev/vsock\x00', 0xc2000, 0x0) getresgid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)=0x0) getresgid(&(0x7f0000000440)=0x0, &(0x7f0000000480), &(0x7f00000004c0)) lstat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x3, &(0x7f00000005c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xee00]) fstat(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000740)={0x0, 0x0, 0x0}, &(0x7f0000000780)=0xc) getgroups(0x9, &(0x7f00000007c0)=[r3, r4, r5, r6, r7, r8, r9, r10, r11]) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000280)=@assoc_id=0x0, &(0x7f00000002c0)=0x4) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000300)={r12, 0x2}, 0x8) 14:18:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB], 0x5, 0x100000000000) 14:18:27 executing program 0: fanotify_init(0x50, 0x101000) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") r0 = gettid() getpriority(0x2, r0) setresuid(0x0, 0x0, 0x0) seccomp(0x1000000000, 0x0, &(0x7f0000000240)={0x0, &(0x7f0000000280)}) r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x4, 0x101000) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000400)={0x2, 0x0, @ioapic={0x0, 0x3ff, 0x0, 0x8, 0x0, [{0x7fffffff, 0x6632, 0x1, [], 0x6}, {0x20, 0x405, 0x9, [], 0x9}, {0x1000, 0x9, 0x5, [], 0x7}, {0x3042, 0x8, 0x100000001, [], 0x2}, {0x3, 0x6, 0x101, [], 0x100000000}, {0xffffffffffff0001, 0xa71, 0x5, [], 0x9}, {0x2, 0x6, 0x100000000, [], 0x1321456a}, {0xffffffffffffff7f, 0x8, 0x5, [], 0x4}, {0x10001, 0x6, 0x89, [], 0xaf8}, {0x80000001, 0x1, 0x2, [], 0x1}, {0x3, 0x9, 0x4, [], 0x81}, {0x7, 0x16, 0xd1d}, {0x3, 0x7fffffff, 0x40, [], 0x11}, {0x20, 0x0, 0x101, [], 0x9}, {0x6, 0x6, 0x401, [], 0x7ff}, {0x3, 0xffffffffffff2c35, 0xffffffffffffffc0, [], 0x9}, {0x1, 0x0, 0x9b4d, [], 0x6}, {0x2, 0x20000000000, 0x9, [], 0xff}, {0x5, 0x1, 0x9, [], 0x5}, {0x3, 0x3ff, 0x5c3, [], 0x7}, {0x7, 0x8, 0x44a4, [], 0xfffffffffffffff7}, {0x1e9, 0x8, 0x46, [], 0x8}, {0x8, 0x2, 0x1ff, [], 0x8}, {0x4, 0x81, 0x7ff}]}}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000200)=0x0) fcntl$setown(r1, 0x8, r2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = socket$inet6(0xa, 0x5, 0x0) connect(r4, &(0x7f0000000080)=@rc, 0x80) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r5 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r5, 0x1, 0x4000000000000002, &(0x7f0000d11000)=0x3fb, 0x4) bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={[], [], @remote}}, 0x1c) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a472d02402b62856f707064ad6a904600d121f4889e") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r6 = fcntl$dupfd(r4, 0x0, r4) ioctl$TIOCMSET(r6, 0x5418, &(0x7f0000000000)=0x3f) 14:18:27 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:28 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYBLOB], 0x4, 0x100000000000) 14:18:28 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:28 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$inet_smc(0x2b, 0x1, 0x0) sendmsg(r1, &(0x7f00000024c0)={0x0, 0x0, &(0x7f0000002440)}, 0x20008010) listen(r1, 0x0) close(r0) 14:18:28 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x7, 0x4000) write$FUSE_BMAP(r0, &(0x7f0000000140)={0x18, 0x0, 0x3, {0x800}}, 0x18) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getresuid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:28 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYBLOB], 0x4, 0x100000000000) 14:18:28 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYBLOB], 0x4, 0x100000000000) 14:18:28 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYBLOB], 0x4, 0x100000000000) [ 1271.841086] not chained 5730000 origins [ 1271.841645] CPU: 0 PID: 19446 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 1271.841645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1271.841645] Call Trace: [ 1271.841645] dump_stack+0x32d/0x480 [ 1271.841645] kmsan_internal_chain_origin+0x222/0x240 [ 1271.841645] ? save_stack_trace+0xc6/0x110 [ 1271.841645] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1271.841645] ? kmsan_internal_chain_origin+0x90/0x240 [ 1271.841645] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1271.841645] ? is_bpf_text_address+0x49e/0x4d0 [ 1271.841645] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1271.841645] ? in_task_stack+0x12c/0x210 [ 1271.841645] __msan_chain_origin+0x6d/0xb0 [ 1271.841645] ? tcp_ack+0x2888/0xa010 [ 1271.841645] __save_stack_trace+0x8be/0xc60 [ 1271.841645] ? tcp_ack+0x2888/0xa010 [ 1271.841645] save_stack_trace+0xc6/0x110 [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] ? __vfs_write+0x888/0xb80 [ 1271.841645] ? kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] ? kmsan_memcpy_origins+0x13d/0x190 [ 1271.841645] ? __msan_memcpy+0x6f/0x80 [ 1271.841645] ? pskb_expand_head+0x436/0x1d20 [ 1271.841645] ? tcp_fragment+0x378/0x21d0 [ 1271.841645] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1271.841645] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1271.841645] ? tcp_ack+0x2888/0xa010 [ 1271.841645] ? tcp_rcv_established+0xf7e/0x2940 [ 1271.841645] ? tcp_v4_do_rcv+0x686/0xd80 [ 1271.841645] ? __release_sock+0x32d/0x750 [ 1271.841645] ? release_sock+0x99/0x2a0 [ 1271.841645] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1271.841645] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1271.841645] ? tcp_sendmsg+0xb2/0x100 [ 1271.841645] ? inet_sendmsg+0x4e9/0x800 [ 1271.841645] ? sock_write_iter+0x3f4/0x4f0 [ 1271.841645] ? __vfs_write+0x888/0xb80 [ 1271.841645] ? vfs_write+0x4a3/0x8f0 [ 1271.841645] ? __se_sys_write+0x17a/0x370 [ 1271.841645] ? __x64_sys_write+0x4a/0x70 [ 1271.841645] ? do_syscall_64+0xcf/0x110 [ 1271.841645] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1271.841645] ? __msan_get_context_state+0x9/0x20 [ 1271.841645] ? INIT_INT+0xc/0x30 [ 1271.841645] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1271.841645] kmsan_memcpy_origins+0x13d/0x190 [ 1271.841645] __msan_memcpy+0x6f/0x80 [ 1271.841645] pskb_expand_head+0x436/0x1d20 [ 1271.841645] tcp_fragment+0x378/0x21d0 [ 1271.841645] ? kmsan_set_origin+0x7f/0x100 [ 1271.841645] tcp_sacktag_walk+0xe88/0x29d0 [ 1271.841645] tcp_sacktag_write_queue+0x2805/0x4630 [ 1271.841645] tcp_ack+0x2888/0xa010 [ 1271.841645] ? tcp_parse_options+0xbe/0x1cf0 [ 1271.841645] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1271.841645] ? tcp_parse_options+0x1c55/0x1cf0 [ 1271.841645] tcp_rcv_established+0xf7e/0x2940 [ 1271.841645] ? __msan_get_context_state+0x9/0x20 [ 1271.841645] tcp_v4_do_rcv+0x686/0xd80 [ 1271.841645] ? inet_sk_rx_dst_set+0x200/0x200 [ 1271.841645] __release_sock+0x32d/0x750 [ 1271.841645] release_sock+0x99/0x2a0 [ 1271.841645] sk_stream_wait_memory+0x9cc/0x1430 [ 1271.841645] ? wait_woken+0x5b0/0x5b0 [ 1271.841645] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1271.841645] tcp_sendmsg+0xb2/0x100 [ 1271.841645] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1271.841645] inet_sendmsg+0x4e9/0x800 [ 1271.841645] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1271.841645] ? security_socket_sendmsg+0x1bd/0x200 [ 1271.841645] ? inet_getname+0x490/0x490 [ 1271.841645] sock_write_iter+0x3f4/0x4f0 [ 1271.841645] ? sock_read_iter+0x4e0/0x4e0 [ 1271.841645] __vfs_write+0x888/0xb80 [ 1271.841645] vfs_write+0x4a3/0x8f0 [ 1271.841645] __se_sys_write+0x17a/0x370 [ 1271.841645] __x64_sys_write+0x4a/0x70 [ 1271.841645] do_syscall_64+0xcf/0x110 [ 1271.841645] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1271.841645] RIP: 0033:0x457569 [ 1271.841645] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1271.841645] RSP: 002b:00007fe9058c0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1271.841645] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1271.841645] RDX: 000000000000ff5a RSI: 0000000020000100 RDI: 0000000000000005 [ 1271.841645] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1271.841645] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe9058c16d4 [ 1271.841645] R13: 00000000004c5893 R14: 00000000004d95a0 R15: 00000000ffffffff [ 1271.841645] Uninit was stored to memory at: [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] __msan_chain_origin+0x6d/0xb0 [ 1271.841645] __save_stack_trace+0x8be/0xc60 [ 1271.841645] save_stack_trace+0xc6/0x110 [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] kmsan_memcpy_origins+0x13d/0x190 [ 1271.841645] __msan_memcpy+0x6f/0x80 [ 1271.841645] pskb_expand_head+0x436/0x1d20 [ 1271.841645] tcp_fragment+0x378/0x21d0 [ 1271.841645] tcp_sacktag_walk+0xe88/0x29d0 [ 1271.841645] tcp_sacktag_write_queue+0x2805/0x4630 [ 1271.841645] tcp_ack+0x2888/0xa010 [ 1271.841645] tcp_rcv_established+0xf7e/0x2940 [ 1271.841645] tcp_v4_do_rcv+0x686/0xd80 [ 1271.841645] __release_sock+0x32d/0x750 [ 1271.841645] release_sock+0x99/0x2a0 [ 1271.841645] sk_stream_wait_memory+0x9cc/0x1430 [ 1271.841645] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1271.841645] tcp_sendmsg+0xb2/0x100 [ 1271.841645] inet_sendmsg+0x4e9/0x800 [ 1271.841645] sock_write_iter+0x3f4/0x4f0 [ 1271.841645] __vfs_write+0x888/0xb80 [ 1271.841645] vfs_write+0x4a3/0x8f0 [ 1271.841645] __se_sys_write+0x17a/0x370 [ 1271.841645] __x64_sys_write+0x4a/0x70 [ 1271.841645] do_syscall_64+0xcf/0x110 [ 1271.841645] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1271.841645] [ 1271.841645] Uninit was stored to memory at: [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] __msan_chain_origin+0x6d/0xb0 [ 1271.841645] __save_stack_trace+0x8be/0xc60 [ 1271.841645] save_stack_trace+0xc6/0x110 [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] kmsan_memcpy_origins+0x13d/0x190 [ 1271.841645] __msan_memcpy+0x6f/0x80 [ 1271.841645] pskb_expand_head+0x436/0x1d20 [ 1271.841645] tcp_fragment+0x378/0x21d0 [ 1271.841645] tcp_sacktag_walk+0xe88/0x29d0 [ 1271.841645] tcp_sacktag_write_queue+0x2805/0x4630 [ 1271.841645] tcp_ack+0x2888/0xa010 [ 1271.841645] tcp_rcv_established+0xf7e/0x2940 [ 1271.841645] tcp_v4_do_rcv+0x686/0xd80 [ 1271.841645] __release_sock+0x32d/0x750 [ 1271.841645] release_sock+0x99/0x2a0 [ 1271.841645] sk_stream_wait_memory+0x9cc/0x1430 [ 1271.841645] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1271.841645] tcp_sendmsg+0xb2/0x100 [ 1271.841645] inet_sendmsg+0x4e9/0x800 [ 1271.841645] sock_write_iter+0x3f4/0x4f0 [ 1271.841645] __vfs_write+0x888/0xb80 [ 1271.841645] vfs_write+0x4a3/0x8f0 [ 1271.841645] __se_sys_write+0x17a/0x370 [ 1271.841645] __x64_sys_write+0x4a/0x70 [ 1271.841645] do_syscall_64+0xcf/0x110 [ 1271.841645] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1271.841645] [ 1271.841645] Uninit was stored to memory at: [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] __msan_chain_origin+0x6d/0xb0 [ 1271.841645] __save_stack_trace+0x8be/0xc60 [ 1271.841645] save_stack_trace+0xc6/0x110 [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] kmsan_memcpy_origins+0x13d/0x190 [ 1271.841645] __msan_memcpy+0x6f/0x80 [ 1271.841645] pskb_expand_head+0x436/0x1d20 [ 1271.841645] tcp_fragment+0x378/0x21d0 [ 1271.841645] tcp_sacktag_walk+0xe88/0x29d0 [ 1271.841645] tcp_sacktag_write_queue+0x2805/0x4630 [ 1271.841645] tcp_ack+0x2888/0xa010 [ 1271.841645] tcp_rcv_established+0xf7e/0x2940 [ 1271.841645] tcp_v4_do_rcv+0x686/0xd80 [ 1271.841645] __release_sock+0x32d/0x750 [ 1271.841645] release_sock+0x99/0x2a0 [ 1271.841645] sk_stream_wait_memory+0x9cc/0x1430 [ 1271.841645] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1271.841645] tcp_sendmsg+0xb2/0x100 [ 1271.841645] inet_sendmsg+0x4e9/0x800 [ 1271.841645] sock_write_iter+0x3f4/0x4f0 [ 1271.841645] __vfs_write+0x888/0xb80 [ 1271.841645] vfs_write+0x4a3/0x8f0 [ 1271.841645] __se_sys_write+0x17a/0x370 [ 1271.841645] __x64_sys_write+0x4a/0x70 [ 1271.841645] do_syscall_64+0xcf/0x110 [ 1271.841645] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1271.841645] [ 1271.841645] Uninit was stored to memory at: [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] __msan_chain_origin+0x6d/0xb0 [ 1271.841645] __save_stack_trace+0x8be/0xc60 [ 1271.841645] save_stack_trace+0xc6/0x110 [ 1271.841645] kmsan_internal_chain_origin+0x136/0x240 [ 1271.841645] kmsan_memcpy_origins+0x13d/0x190 [ 1271.841645] __msan_memcpy+0x6f/0x80 [ 1271.841645] pskb_expand_head+0x436/0x1d20 [ 1271.841645] tcp_fragment+0x378/0x21d0 [ 1271.841645] tcp_sacktag_walk+0xe88/0x29d0 [ 1271.841645] tcp_sacktag_write_queue+0x2805/0x4630 [ 1271.841645] tcp_ack+0x2888/0xa010 [ 1271.841645] tcp_rcv_established+0xf7e/0x2940 [ 1271.841645] tcp_v4_do_rcv+0x686/0xd80 [ 1271.841645] __release_sock+0x32d/0x750 [ 1271.841645] release_sock+0x99/0x2a0 [ 1271.841645] sk_stream_wait_memory+0x9cc/0x1430 [ 1271.841645] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1271.841645] tcp_sendmsg+0xb2/0x100 [ 1271.841645] inet_sendmsg+0x4e9/0x800 [ 1271.841645] sock_write_iter+0x3f4/0x4f0 [ 1271.841645] __vfs_write+0x888/0xb80 [ 1271.841645] vfs_write+0x4a3/0x8f0 [ 1271.841645] __se_sys_write+0x17a/0x370 [ 1271.841645] __x64_sys_write+0x4a/0x70 [ 1271.841645] do_syscall_64+0xcf/0x110 [ 1272.731762] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1272.731762] [ 1272.731762] Uninit was stored to memory at: [ 1272.731762] kmsan_internal_chain_origin+0x136/0x240 [ 1272.731762] __msan_chain_origin+0x6d/0xb0 [ 1272.731762] __save_stack_trace+0x8be/0xc60 [ 1272.731762] save_stack_trace+0xc6/0x110 [ 1272.731762] kmsan_internal_chain_origin+0x136/0x240 [ 1272.731762] kmsan_memcpy_origins+0x13d/0x190 [ 1272.731762] __msan_memcpy+0x6f/0x80 [ 1272.731762] pskb_expand_head+0x436/0x1d20 [ 1272.731762] tcp_fragment+0x378/0x21d0 [ 1272.731762] tcp_sacktag_walk+0xe88/0x29d0 [ 1272.731762] tcp_sacktag_write_queue+0x2805/0x4630 [ 1272.731762] tcp_ack+0x2888/0xa010 [ 1272.731762] tcp_rcv_established+0xf7e/0x2940 [ 1272.731762] tcp_v4_do_rcv+0x686/0xd80 [ 1272.731762] __release_sock+0x32d/0x750 [ 1272.731762] release_sock+0x99/0x2a0 [ 1272.731762] sk_stream_wait_memory+0x9cc/0x1430 [ 1272.731762] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1272.731762] tcp_sendmsg+0xb2/0x100 [ 1272.731762] inet_sendmsg+0x4e9/0x800 [ 1272.731762] sock_write_iter+0x3f4/0x4f0 [ 1272.731762] __vfs_write+0x888/0xb80 [ 1272.731762] vfs_write+0x4a3/0x8f0 [ 1272.731762] __se_sys_write+0x17a/0x370 [ 1272.731762] __x64_sys_write+0x4a/0x70 [ 1272.731762] do_syscall_64+0xcf/0x110 [ 1272.731762] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1272.731762] [ 1272.731762] Uninit was stored to memory at: [ 1272.731762] kmsan_internal_chain_origin+0x136/0x240 [ 1272.731762] __msan_chain_origin+0x6d/0xb0 [ 1272.731762] __save_stack_trace+0x8be/0xc60 [ 1272.731762] save_stack_trace+0xc6/0x110 [ 1272.731762] kmsan_internal_chain_origin+0x136/0x240 [ 1272.731762] kmsan_memcpy_origins+0x13d/0x190 [ 1272.731762] __msan_memcpy+0x6f/0x80 [ 1272.731762] pskb_expand_head+0x436/0x1d20 [ 1272.731762] tcp_fragment+0x378/0x21d0 [ 1272.731762] tcp_sacktag_walk+0xe88/0x29d0 [ 1272.731762] tcp_sacktag_write_queue+0x2805/0x4630 [ 1272.731762] tcp_ack+0x2888/0xa010 [ 1272.731762] tcp_rcv_established+0xf7e/0x2940 [ 1272.731762] tcp_v4_do_rcv+0x686/0xd80 [ 1272.731762] __release_sock+0x32d/0x750 [ 1272.731762] release_sock+0x99/0x2a0 [ 1272.731762] sk_stream_wait_memory+0x9cc/0x1430 [ 1272.731762] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1272.731762] tcp_sendmsg+0xb2/0x100 [ 1272.731762] inet_sendmsg+0x4e9/0x800 [ 1272.731762] sock_write_iter+0x3f4/0x4f0 [ 1272.731762] __vfs_write+0x888/0xb80 [ 1272.731762] vfs_write+0x4a3/0x8f0 [ 1272.731762] __se_sys_write+0x17a/0x370 [ 1272.731762] __x64_sys_write+0x4a/0x70 [ 1272.731762] do_syscall_64+0xcf/0x110 [ 1272.731762] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1272.731762] [ 1272.731762] Uninit was stored to memory at: [ 1272.731762] kmsan_internal_chain_origin+0x136/0x240 [ 1272.731762] __msan_chain_origin+0x6d/0xb0 [ 1272.731762] __save_stack_trace+0x8be/0xc60 [ 1272.731762] save_stack_trace+0xc6/0x110 [ 1272.731762] kmsan_internal_chain_origin+0x136/0x240 [ 1272.731762] kmsan_memcpy_origins+0x13d/0x190 [ 1272.731762] __msan_memcpy+0x6f/0x80 [ 1272.731762] pskb_expand_head+0x436/0x1d20 [ 1272.731762] tcp_fragment+0x378/0x21d0 [ 1272.731762] tcp_sacktag_walk+0xe88/0x29d0 [ 1272.731762] tcp_sacktag_write_queue+0x2805/0x4630 [ 1272.731762] tcp_ack+0x2888/0xa010 [ 1272.731762] tcp_rcv_established+0xf7e/0x2940 [ 1272.731762] tcp_v4_do_rcv+0x686/0xd80 [ 1272.731762] __release_sock+0x32d/0x750 [ 1272.731762] release_sock+0x99/0x2a0 [ 1272.731762] sk_stream_wait_memory+0x9cc/0x1430 [ 1272.731762] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1272.731762] tcp_sendmsg+0xb2/0x100 [ 1272.731762] inet_sendmsg+0x4e9/0x800 [ 1272.731762] sock_write_iter+0x3f4/0x4f0 [ 1272.731762] __vfs_write+0x888/0xb80 [ 1272.731762] vfs_write+0x4a3/0x8f0 [ 1272.731762] __se_sys_write+0x17a/0x370 [ 1272.731762] __x64_sys_write+0x4a/0x70 [ 1272.731762] do_syscall_64+0xcf/0x110 [ 1272.731762] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1272.731762] [ 1272.731762] Local variable description: ----p@ip_vs_conn_out_get_proto [ 1272.731762] Variable was created at: [ 1272.731762] ip_vs_conn_out_get_proto+0xb2/0x740 [ 1272.731762] ip_vs_out+0x9ae/0x4570 14:18:30 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYBLOB], 0x4, 0x100000000000) 14:18:30 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000400)={r6, 0x0, 0x2f4a4bc61aeea34a, 0x0, 0x200}, &(0x7f0000000440)=0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmmsg(r7, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:30 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB], 0x3, 0x100000000000) [ 1273.669507] not chained 5740000 origins [ 1273.671679] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1273.671679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1273.671679] Call Trace: [ 1273.671679] dump_stack+0x32d/0x480 [ 1273.671679] ? save_stack_trace+0xc6/0x110 [ 1273.671679] kmsan_internal_chain_origin+0x222/0x240 [ 1273.671679] ? kmsan_internal_chain_origin+0x136/0x240 [ 1273.671679] ? __msan_chain_origin+0x6d/0xb0 [ 1273.671679] ? __save_stack_trace+0x8be/0xc60 [ 1273.716773] ? save_stack_trace+0xc6/0x110 [ 1273.716773] ? kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] ? kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] ? __msan_memcpy+0x6f/0x80 [ 1273.716773] ? pskb_expand_head+0x436/0x1d20 [ 1273.716773] ? skb_shift+0xce2/0x2d10 [ 1273.716773] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] ? tcp_ack+0x2888/0xa010 [ 1273.716773] ? tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] ? tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] ? tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ? ip_local_deliver+0x44b/0x510 [ 1273.716773] ? ip_rcv+0x6b6/0x740 [ 1273.716773] ? process_backlog+0x82b/0x11e0 [ 1273.716773] ? net_rx_action+0x98f/0x1d50 [ 1273.716773] ? __do_softirq+0x721/0xc7f [ 1273.716773] ? run_ksoftirqd+0x37/0x60 [ 1273.716773] ? smpboot_thread_fn+0x69c/0xb30 [ 1273.716773] ? kthread+0x5e7/0x620 [ 1273.716773] ? ret_from_fork+0x35/0x40 [ 1273.716773] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1273.716773] ? in_task_stack+0x12c/0x210 [ 1273.716773] ? task_kmsan_context_state+0x51/0x90 [ 1273.716773] ? __msan_get_context_state+0x9/0x20 [ 1273.716773] ? __kernel_text_address+0x19/0x350 [ 1273.716773] ? ret_from_fork+0x35/0x40 [ 1273.716773] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1273.716773] ? in_task_stack+0x12c/0x210 [ 1273.716773] __msan_chain_origin+0x6d/0xb0 [ 1273.716773] ? ip_local_deliver+0x44b/0x510 [ 1273.716773] __save_stack_trace+0x8be/0xc60 [ 1273.716773] ? ip_local_deliver+0x44b/0x510 [ 1273.716773] save_stack_trace+0xc6/0x110 [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] ? run_ksoftirqd+0x37/0x60 [ 1273.716773] ? kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] ? kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] ? __msan_memcpy+0x6f/0x80 [ 1273.716773] ? pskb_expand_head+0x436/0x1d20 [ 1273.716773] ? skb_shift+0xfc3/0x2d10 [ 1273.716773] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] ? tcp_ack+0x2888/0xa010 [ 1273.716773] ? tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] ? tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] ? tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ? ip_local_deliver+0x44b/0x510 [ 1273.716773] ? ip_rcv+0x6b6/0x740 [ 1273.716773] ? process_backlog+0x82b/0x11e0 [ 1273.716773] ? net_rx_action+0x98f/0x1d50 [ 1273.716773] ? __do_softirq+0x721/0xc7f [ 1273.716773] ? run_ksoftirqd+0x37/0x60 [ 1273.716773] ? smpboot_thread_fn+0x69c/0xb30 [ 1273.716773] ? kthread+0x5e7/0x620 [ 1273.716773] ? ret_from_fork+0x35/0x40 [ 1273.716773] ? __msan_get_context_state+0x9/0x20 [ 1273.716773] ? INIT_INT+0xc/0x30 [ 1273.716773] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1273.716773] kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] __msan_memcpy+0x6f/0x80 [ 1273.716773] pskb_expand_head+0x436/0x1d20 [ 1273.716773] skb_shift+0xfc3/0x2d10 [ 1273.716773] tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] tcp_ack+0x2888/0xa010 [ 1273.716773] ? tcp_parse_options+0xbe/0x1cf0 [ 1273.716773] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1273.716773] ? tcp_parse_options+0x1c55/0x1cf0 [ 1273.716773] tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] ? __msan_get_context_state+0x9/0x20 [ 1273.716773] tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ? tcp_filter+0x260/0x260 [ 1273.716773] ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ? nf_hook_slow+0x36f/0x3d0 [ 1273.716773] ip_local_deliver+0x44b/0x510 [ 1273.716773] ? ip_local_deliver+0x510/0x510 [ 1273.716773] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1273.716773] ip_rcv+0x6b6/0x740 [ 1273.716773] ? ip_rcv_core+0x1370/0x1370 [ 1273.716773] process_backlog+0x82b/0x11e0 [ 1273.716773] ? __msan_poison_alloca+0x1e0/0x270 [ 1273.716773] ? ip_local_deliver_finish+0xff0/0xff0 [ 1273.716773] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1273.716773] net_rx_action+0x98f/0x1d50 [ 1273.716773] ? net_tx_action+0xf20/0xf20 [ 1273.716773] __do_softirq+0x721/0xc7f [ 1273.716773] ? ksoftirqd_should_run+0x50/0x50 [ 1273.716773] run_ksoftirqd+0x37/0x60 [ 1273.716773] smpboot_thread_fn+0x69c/0xb30 [ 1273.716773] kthread+0x5e7/0x620 [ 1273.716773] ? cpu_report_death+0x4a0/0x4a0 [ 1273.716773] ? INIT_BOOL+0x30/0x30 [ 1273.716773] ret_from_fork+0x35/0x40 [ 1273.716773] Uninit was stored to memory at: [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] __msan_chain_origin+0x6d/0xb0 [ 1273.716773] __save_stack_trace+0x8be/0xc60 [ 1273.716773] save_stack_trace+0xc6/0x110 [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] __msan_memcpy+0x6f/0x80 [ 1273.716773] pskb_expand_head+0x436/0x1d20 [ 1273.716773] skb_shift+0xce2/0x2d10 [ 1273.716773] tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] tcp_ack+0x2888/0xa010 [ 1273.716773] tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ip_local_deliver+0x44b/0x510 [ 1273.716773] ip_rcv+0x6b6/0x740 [ 1273.716773] process_backlog+0x82b/0x11e0 [ 1273.716773] net_rx_action+0x98f/0x1d50 [ 1273.716773] __do_softirq+0x721/0xc7f [ 1273.716773] [ 1273.716773] Uninit was stored to memory at: [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] __msan_chain_origin+0x6d/0xb0 [ 1273.716773] __save_stack_trace+0x8be/0xc60 [ 1273.716773] save_stack_trace+0xc6/0x110 [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] __msan_memcpy+0x6f/0x80 [ 1273.716773] pskb_expand_head+0x436/0x1d20 [ 1273.716773] skb_shift+0xce2/0x2d10 [ 1273.716773] tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] tcp_ack+0x2888/0xa010 [ 1273.716773] tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ip_local_deliver+0x44b/0x510 [ 1273.716773] ip_rcv+0x6b6/0x740 [ 1273.716773] process_backlog+0x82b/0x11e0 [ 1273.716773] net_rx_action+0x98f/0x1d50 [ 1273.716773] __do_softirq+0x721/0xc7f [ 1273.716773] [ 1273.716773] Uninit was stored to memory at: [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] __msan_chain_origin+0x6d/0xb0 [ 1273.716773] __save_stack_trace+0x8be/0xc60 [ 1273.716773] save_stack_trace+0xc6/0x110 [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] __msan_memcpy+0x6f/0x80 [ 1273.716773] pskb_expand_head+0x436/0x1d20 [ 1273.716773] skb_shift+0xce2/0x2d10 [ 1273.716773] tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] tcp_ack+0x2888/0xa010 [ 1273.716773] tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ip_local_deliver+0x44b/0x510 [ 1273.716773] ip_rcv+0x6b6/0x740 [ 1273.716773] process_backlog+0x82b/0x11e0 [ 1273.716773] net_rx_action+0x98f/0x1d50 [ 1273.716773] __do_softirq+0x721/0xc7f [ 1273.716773] [ 1273.716773] Uninit was stored to memory at: [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] __msan_chain_origin+0x6d/0xb0 [ 1273.716773] __save_stack_trace+0x8be/0xc60 [ 1273.716773] save_stack_trace+0xc6/0x110 [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] __msan_memcpy+0x6f/0x80 [ 1273.716773] pskb_expand_head+0x436/0x1d20 [ 1273.716773] skb_shift+0xce2/0x2d10 [ 1273.716773] tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] tcp_ack+0x2888/0xa010 [ 1273.716773] tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ip_local_deliver+0x44b/0x510 [ 1273.716773] ip_rcv+0x6b6/0x740 [ 1273.716773] process_backlog+0x82b/0x11e0 [ 1273.716773] net_rx_action+0x98f/0x1d50 [ 1273.716773] __do_softirq+0x721/0xc7f [ 1273.716773] [ 1273.716773] Uninit was stored to memory at: [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] __msan_chain_origin+0x6d/0xb0 [ 1273.716773] __save_stack_trace+0x8be/0xc60 [ 1273.716773] save_stack_trace+0xc6/0x110 [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] __msan_memcpy+0x6f/0x80 [ 1273.716773] pskb_expand_head+0x436/0x1d20 [ 1273.716773] skb_shift+0xce2/0x2d10 [ 1273.716773] tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] tcp_ack+0x2888/0xa010 [ 1273.716773] tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ip_local_deliver+0x44b/0x510 [ 1273.716773] ip_rcv+0x6b6/0x740 [ 1273.716773] process_backlog+0x82b/0x11e0 [ 1273.716773] net_rx_action+0x98f/0x1d50 [ 1273.716773] __do_softirq+0x721/0xc7f [ 1273.716773] [ 1273.716773] Uninit was stored to memory at: [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] __msan_chain_origin+0x6d/0xb0 [ 1273.716773] __save_stack_trace+0x8be/0xc60 [ 1273.716773] save_stack_trace+0xc6/0x110 [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] __msan_memcpy+0x6f/0x80 [ 1273.716773] pskb_expand_head+0x436/0x1d20 [ 1273.716773] skb_shift+0xce2/0x2d10 [ 1273.716773] tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] tcp_ack+0x2888/0xa010 [ 1273.716773] tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] tcp_v4_rcv+0x5a13/0x6520 [ 1273.716773] ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ip_local_deliver+0x44b/0x510 [ 1273.716773] ip_rcv+0x6b6/0x740 [ 1273.716773] process_backlog+0x82b/0x11e0 [ 1273.716773] net_rx_action+0x98f/0x1d50 [ 1273.716773] __do_softirq+0x721/0xc7f [ 1273.716773] [ 1273.716773] Uninit was stored to memory at: [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] __msan_chain_origin+0x6d/0xb0 [ 1273.716773] __save_stack_trace+0x8be/0xc60 [ 1273.716773] save_stack_trace+0xc6/0x110 [ 1273.716773] kmsan_internal_chain_origin+0x136/0x240 [ 1273.716773] kmsan_memcpy_origins+0x13d/0x190 [ 1273.716773] __msan_memcpy+0x6f/0x80 [ 1273.716773] pskb_expand_head+0x436/0x1d20 [ 1273.716773] skb_shift+0xce2/0x2d10 [ 1273.716773] tcp_sacktag_walk+0x2156/0x29d0 [ 1273.716773] tcp_sacktag_write_queue+0x2805/0x4630 [ 1273.716773] tcp_ack+0x2888/0xa010 [ 1273.716773] tcp_rcv_established+0xf7e/0x2940 [ 1273.716773] tcp_v4_do_rcv+0x686/0xd80 [ 1273.716773] tcp_v4_rcv+0x5a13/0x6520 14:18:31 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240)='/dev/fuse\x00', 0x2, 0x0) write$FUSE_POLL(r1, &(0x7f0000000300)={0x2, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x6) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x4, 0x73, 0x80000000000}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:31 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32], 0x4) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:31 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB="02000200", @ANYBLOB], 0x4, 0x100000000000) [ 1273.716773] ip_local_deliver_finish+0x8d8/0xff0 [ 1273.716773] ip_local_deliver+0x44b/0x510 [ 1273.716773] ip_rcv+0x6b6/0x740 [ 1273.716773] process_backlog+0x82b/0x11e0 [ 1273.716773] net_rx_action+0x98f/0x1d50 [ 1273.716773] __do_softirq+0x721/0xc7f [ 1273.716773] [ 1273.716773] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1273.716773] Variable was created at: [ 1273.716773] ipv4_conntrack_local+0x75/0x470 [ 1273.716773] nf_hook_slow+0x15c/0x3d0 14:18:32 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB], 0x3, 0x100000000000) 14:18:32 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000380)={0x0, 0x5}, &(0x7f00000003c0)=0x8) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmmsg(r5, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:32 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet(0x2, 0x8000f, 0x20) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r2, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r0, @ANYRESDEC=r2, @ANYRESOCT=0x0, @ANYRES64=r0, @ANYPTR64=&(0x7f0000000140)=ANY=[@ANYPTR64, @ANYRES32=r1, @ANYRES32=0x0, @ANYPTR=&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRESOCT=r1, @ANYRESOCT=r0], @ANYRES32=r2], @ANYBLOB="3d7e60b305765344ff12ee0f49ebc67e829cfae5750c82a7ac950f40e6a82eda15fe3e0716e40f70cb1290198e82ad0000000000000000420100bddb3b7f65a78d033b629c982055bbd0d56302f570d07baf829925f36152f57c92c180a8083eb2bc4c84ef463432f6b9322c09bde4a2917484e800c0dd2613693d24c1dc", @ANYRESHEX=0x0], 0x93) ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f00000000c0)) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000340)=0x1, 0x4) recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000380)) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f00000004c0)={r3, 0x2}) socket$nl_crypto(0x10, 0x3, 0x15) 14:18:32 executing program 1: socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r0, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x0, 0x2, 0x4, 0x2, {0xa, 0x4e20, 0x4, @empty, 0x7}}}, 0x3a) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@loopback, @in6=@mcast1}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f00000005c0)=0xe8) getsockname(r0, &(0x7f0000004080)=@xdp, &(0x7f0000004100)=0x80) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x80000001) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x2000, 0x0) getsockopt$ARPT_SO_GET_INFO(r2, 0x0, 0x60, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000100)=0x44) 14:18:32 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000400)={0x0, 0x0, 0x6, 0x0, 0x0, [{r0, 0x0, 0x6}, {r0, 0x0, 0x5}, {r0, 0x0, 0x7}, {r0, 0x0, 0x3}, {r0, 0x0, 0x1ff}, {r0}]}) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:32 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYRES32, @ANYBLOB], 0x3, 0x100000000000) 14:18:32 executing program 1: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000000)=0x1f, 0x4) splice(r0, 0x0, r1, &(0x7f00000002c0), 0x3fffffffffff, 0x0) 14:18:32 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES16=0x0], 0x2) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:33 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x100d}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f00000001c0)={0xf, 0x8, 0xfa00, {r2, 0x10}}, 0x9a) 14:18:33 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x400100, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmmsg(r5, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYBLOB], 0x2, 0x100000000000) 14:18:33 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000340)='/dev/audio\x00', 0x0, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000380)={{0x5, 0x940, 0xffff, 0x4f47}, 'syz1\x00', 0x33}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8000, 0x2) ioctl$VIDIOC_TRY_ENCODER_CMD(r2, 0xc028564e, &(0x7f0000000140)={0x3, 0x1, [0xf4, 0x80000000, 0xc455, 0xc6, 0x8, 0x46, 0x8000, 0x2d7]}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r3 = semget$private(0x0, 0x4, 0x410) semctl$SETVAL(r3, 0x4, 0x10, &(0x7f0000000400)=0x80000000) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000f40000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x1b) poll(&(0x7f0000000000)=[{r0}], 0x1, 0x0) 14:18:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYBLOB], 0x2, 0x100000000000) 14:18:33 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0xfffffffffffffffc, 0x0) fgetxattr(r0, &(0x7f0000000080)=@random={'security.', 'cpusetppp1\x00'}, &(0x7f00000001c0)=""/110, 0x6e) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000340)=[{}]}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000240)={0x0, 0x2000000000000000, 0x10000, 0x1ff, 0x1, 0x4f9}, &(0x7f0000000300)=0x14) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380)={r1, 0x3}, 0xb417e36499268832) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:33 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmmsg(r5, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010004000000000002000600", @ANYBLOB], 0x2, 0x100000000000) 14:18:33 executing program 1: unshare(0x20400) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x0, &(0x7f0000000100), &(0x7f00000000c0)=0x4) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) 14:18:34 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x8, &(0x7f0000007ff0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000400)={{{@in=@dev, @in=@multicast2}}, {{}, 0x0, @in=@multicast1}}, &(0x7f0000000300)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000500)=0xc) fstat(r0, &(0x7f0000000540)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000005c0)={{{@in6=@ipv4, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f00000006c0)=0xe8) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000700)={0x0, 0x0}, &(0x7f0000000740)=0xc) r3 = getuid() setresuid(r3, r2, r1) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) socket$inet6_udplite(0xa, 0x2, 0x88) r4 = creat(&(0x7f0000000780)='./file0\x00', 0x4) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f00000007c0)={0x0, 0x40}, &(0x7f0000000800)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000840)={r5, 0x8}, 0x8) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r6 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000240)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0], 0x7, 0x6, 0x1, 0x3}) 14:18:34 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:34 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:18:34 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x40, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000180)={{{@in=@rand_addr, @in6=@ipv4}}, {{}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000580)) stat(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000300)) sendmsg$nl_generic(r0, &(0x7f0000000540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f0000000380)={0x14, 0x1f, 0x0, 0x70bd29, 0x25dfdbfc, {0x13}}, 0x14}, 0x1, 0x0, 0x0, 0x4000050}, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) lseek(r1, 0x0, 0x8) lsetxattr$security_selinux(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:systemd_logind_exec_t:s0\x00', 0x2b, 0x0) [ 1277.557137] not chained 5750000 origins [ 1277.561180] CPU: 1 PID: 19559 Comm: syz-executor3 Not tainted 4.20.0-rc2+ #85 [ 1277.561680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1277.574135] Call Trace: [ 1277.574135] [ 1277.574135] dump_stack+0x32d/0x480 [ 1277.574135] kmsan_internal_chain_origin+0x222/0x240 [ 1277.574135] ? kmsan_set_origin+0x7f/0x100 [ 1277.574135] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1277.574135] ? __module_address+0x6a/0x5f0 [ 1277.574135] ? is_bpf_text_address+0x3e5/0x4d0 [ 1277.574135] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1277.574135] ? is_bpf_text_address+0x49e/0x4d0 [ 1277.574135] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1277.574135] ? __module_address+0x6a/0x5f0 [ 1277.574135] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1277.574135] ? is_bpf_text_address+0x49e/0x4d0 [ 1277.574135] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1277.574135] __msan_chain_origin+0x6d/0xb0 [ 1277.574135] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.574135] __save_stack_trace+0x8be/0xc60 [ 1277.574135] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.574135] save_stack_trace+0xc6/0x110 [ 1277.574135] kmsan_internal_chain_origin+0x136/0x240 [ 1277.574135] ? irq_exit+0x305/0x340 [ 1277.574135] ? kmsan_internal_chain_origin+0x136/0x240 [ 1277.574135] ? kmsan_memcpy_origins+0x13d/0x190 [ 1277.574135] ? __msan_memcpy+0x6f/0x80 [ 1277.574135] ? pskb_expand_head+0x436/0x1d20 [ 1277.574135] ? skb_shift+0xce2/0x2d10 [ 1277.574135] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1277.574135] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.574135] ? tcp_ack+0x2888/0xa010 [ 1277.574135] ? tcp_rcv_established+0xf7e/0x2940 [ 1277.574135] ? tcp_v4_do_rcv+0x686/0xd80 [ 1277.574135] ? tcp_v4_rcv+0x5a13/0x6520 [ 1277.574135] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1277.574135] ? ip_local_deliver+0x44b/0x510 [ 1277.574135] ? ip_rcv+0x6b6/0x740 [ 1277.574135] ? process_backlog+0x82b/0x11e0 [ 1277.574135] ? net_rx_action+0x98f/0x1d50 [ 1277.574135] ? __do_softirq+0x721/0xc7f [ 1277.574135] ? irq_exit+0x305/0x340 [ 1277.574135] ? exiting_irq+0xe/0x10 [ 1277.574135] ? smp_apic_timer_interrupt+0x64/0x90 [ 1277.574135] ? apic_timer_interrupt+0xf/0x20 [ 1277.574135] ? kmsan_get_shadow_origin_ptr+0x1c3/0x410 [ 1277.574135] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1277.574135] ? handle_mm_fault+0x650/0xa8c0 [ 1277.574135] ? __do_page_fault+0xdeb/0x1d90 [ 1277.574135] ? do_page_fault+0x98/0xd0 [ 1277.574135] ? page_fault+0x1e/0x30 [ 1277.574135] ? __msan_get_context_state+0x9/0x20 [ 1277.574135] ? INIT_INT+0xc/0x30 [ 1277.574135] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1277.574135] kmsan_memcpy_origins+0x13d/0x190 [ 1277.574135] __msan_memcpy+0x6f/0x80 [ 1277.574135] pskb_expand_head+0x436/0x1d20 [ 1277.574135] skb_shift+0xce2/0x2d10 [ 1277.574135] tcp_sacktag_walk+0x2156/0x29d0 [ 1277.574135] tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.574135] tcp_ack+0x2888/0xa010 [ 1277.574135] ? tcp_parse_options+0xbe/0x1cf0 [ 1277.841937] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1277.841937] ? tcp_parse_options+0x1c55/0x1cf0 [ 1277.841937] tcp_rcv_established+0xf7e/0x2940 [ 1277.841937] ? __msan_get_context_state+0x9/0x20 [ 1277.841937] tcp_v4_do_rcv+0x686/0xd80 [ 1277.841937] tcp_v4_rcv+0x5a13/0x6520 [ 1277.841937] ? tcp_filter+0x260/0x260 [ 1277.841937] ip_local_deliver_finish+0x8d8/0xff0 [ 1277.841937] ? nf_hook_slow+0x36f/0x3d0 [ 1277.841937] ip_local_deliver+0x44b/0x510 [ 1277.841937] ? ip_local_deliver+0x510/0x510 [ 1277.841937] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1277.841937] ip_rcv+0x6b6/0x740 [ 1277.841937] ? ip_rcv_core+0x1370/0x1370 [ 1277.841937] process_backlog+0x82b/0x11e0 [ 1277.841937] ? ip_local_deliver_finish+0xff0/0xff0 [ 1277.841937] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1277.841937] net_rx_action+0x98f/0x1d50 [ 1277.841937] ? net_tx_action+0xf20/0xf20 [ 1277.841937] __do_softirq+0x721/0xc7f [ 1277.841937] irq_exit+0x305/0x340 [ 1277.841937] exiting_irq+0xe/0x10 [ 1277.841937] smp_apic_timer_interrupt+0x64/0x90 [ 1277.841937] apic_timer_interrupt+0xf/0x20 [ 1277.841937] [ 1277.841937] RIP: 0010:kmsan_get_shadow_origin_ptr+0x1c3/0x410 [ 1277.841937] Code: 7f 48 c1 e1 05 48 01 ca 0f 84 9f 00 00 00 48 85 c0 0f 84 96 00 00 00 48 8b 0a 83 e1 02 48 85 c9 0f 84 87 00 00 00 48 8b 48 40 <48> 85 c9 0f 84 eb 01 00 00 48 8b 50 48 48 85 d2 0f 84 de 01 00 00 [ 1277.841937] RSP: 0000:ffff8880a8c0fc20 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 1277.841937] RAX: ffffea000770f2e0 RBX: ffffffff8c914000 RCX: ffffea000770f340 [ 1277.841937] RDX: 0000000000000000 RSI: ffff8881bd7dddf0 RDI: 00000000000004e0 [ 1277.841937] RBP: ffff8880a8c0fc50 R08: ffff888000000000 R09: ffff8880a96bfc28 [ 1277.841937] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881bd7dddf0 [ 1277.841937] R13: ffff88813d7dddf0 R14: ffffffff8c913000 R15: ffff88813d7dddf0 [ 1277.841937] __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1277.841937] handle_mm_fault+0x650/0xa8c0 [ 1277.841937] ? kmsan_set_origin+0x7f/0x100 [ 1277.841937] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1277.841937] ? find_vma+0xad/0x330 [ 1277.841937] __do_page_fault+0xdeb/0x1d90 [ 1277.841937] ? __msan_poison_alloca+0x1e0/0x270 [ 1277.841937] do_page_fault+0x98/0xd0 [ 1277.841937] ? page_fault+0x8/0x30 [ 1277.841937] page_fault+0x1e/0x30 [ 1277.841937] RIP: 0033:0x4830d0 [ 1277.841937] Code: Bad RIP value. [ 1277.841937] RSP: 002b:0000000000a3fd98 EFLAGS: 00010246 [ 1277.841937] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000045a01a [ 1277.841937] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1277.841937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000e9d940 [ 1277.841937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1277.841937] R13: 0000000000000001 R14: 0000000000000191 R15: 0000000000000003 [ 1277.841937] Uninit was stored to memory at: [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] __msan_chain_origin+0x6d/0xb0 [ 1277.841937] __save_stack_trace+0x8be/0xc60 [ 1277.841937] save_stack_trace+0xc6/0x110 [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] kmsan_memcpy_origins+0x13d/0x190 [ 1277.841937] __msan_memcpy+0x6f/0x80 [ 1277.841937] pskb_expand_head+0x436/0x1d20 [ 1277.841937] skb_shift+0xce2/0x2d10 [ 1277.841937] tcp_sacktag_walk+0x2156/0x29d0 [ 1277.841937] tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.841937] tcp_ack+0x2888/0xa010 [ 1277.841937] tcp_rcv_established+0xf7e/0x2940 [ 1277.841937] tcp_v4_do_rcv+0x686/0xd80 [ 1277.841937] tcp_v4_rcv+0x5a13/0x6520 [ 1277.841937] ip_local_deliver_finish+0x8d8/0xff0 [ 1277.841937] ip_local_deliver+0x44b/0x510 [ 1277.841937] ip_rcv+0x6b6/0x740 [ 1277.841937] process_backlog+0x82b/0x11e0 [ 1277.841937] net_rx_action+0x98f/0x1d50 [ 1277.841937] __do_softirq+0x721/0xc7f [ 1277.841937] [ 1277.841937] Uninit was stored to memory at: [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] __msan_chain_origin+0x6d/0xb0 [ 1277.841937] __save_stack_trace+0x8be/0xc60 [ 1277.841937] save_stack_trace+0xc6/0x110 [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] kmsan_memcpy_origins+0x13d/0x190 [ 1277.841937] __msan_memcpy+0x6f/0x80 [ 1277.841937] pskb_expand_head+0x436/0x1d20 [ 1277.841937] skb_shift+0xce2/0x2d10 [ 1277.841937] tcp_sacktag_walk+0x2156/0x29d0 [ 1277.841937] tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.841937] tcp_ack+0x2888/0xa010 [ 1277.841937] tcp_rcv_established+0xf7e/0x2940 [ 1277.841937] tcp_v4_do_rcv+0x686/0xd80 [ 1277.841937] tcp_v4_rcv+0x5a13/0x6520 [ 1277.841937] ip_local_deliver_finish+0x8d8/0xff0 [ 1277.841937] ip_local_deliver+0x44b/0x510 [ 1277.841937] ip_rcv+0x6b6/0x740 [ 1277.841937] process_backlog+0x82b/0x11e0 [ 1277.841937] net_rx_action+0x98f/0x1d50 [ 1277.841937] __do_softirq+0x721/0xc7f [ 1277.841937] [ 1277.841937] Uninit was stored to memory at: [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] __msan_chain_origin+0x6d/0xb0 [ 1277.841937] __save_stack_trace+0x8be/0xc60 [ 1277.841937] save_stack_trace+0xc6/0x110 [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] kmsan_memcpy_origins+0x13d/0x190 [ 1277.841937] __msan_memcpy+0x6f/0x80 [ 1277.841937] pskb_expand_head+0x436/0x1d20 [ 1277.841937] skb_shift+0xce2/0x2d10 [ 1277.841937] tcp_sacktag_walk+0x2156/0x29d0 [ 1277.841937] tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.841937] tcp_ack+0x2888/0xa010 [ 1277.841937] tcp_rcv_established+0xf7e/0x2940 [ 1277.841937] tcp_v4_do_rcv+0x686/0xd80 [ 1277.841937] tcp_v4_rcv+0x5a13/0x6520 [ 1277.841937] ip_local_deliver_finish+0x8d8/0xff0 [ 1277.841937] ip_local_deliver+0x44b/0x510 [ 1277.841937] ip_rcv+0x6b6/0x740 [ 1277.841937] process_backlog+0x82b/0x11e0 [ 1277.841937] net_rx_action+0x98f/0x1d50 [ 1277.841937] __do_softirq+0x721/0xc7f [ 1277.841937] [ 1277.841937] Uninit was stored to memory at: [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] __msan_chain_origin+0x6d/0xb0 [ 1277.841937] __save_stack_trace+0x8be/0xc60 [ 1277.841937] save_stack_trace+0xc6/0x110 [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] kmsan_memcpy_origins+0x13d/0x190 [ 1277.841937] __msan_memcpy+0x6f/0x80 [ 1277.841937] pskb_expand_head+0x436/0x1d20 [ 1277.841937] skb_shift+0xce2/0x2d10 [ 1277.841937] tcp_sacktag_walk+0x2156/0x29d0 [ 1277.841937] tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.841937] tcp_ack+0x2888/0xa010 [ 1277.841937] tcp_rcv_established+0xf7e/0x2940 [ 1277.841937] tcp_v4_do_rcv+0x686/0xd80 [ 1277.841937] tcp_v4_rcv+0x5a13/0x6520 [ 1277.841937] ip_local_deliver_finish+0x8d8/0xff0 [ 1277.841937] ip_local_deliver+0x44b/0x510 [ 1277.841937] ip_rcv+0x6b6/0x740 [ 1277.841937] process_backlog+0x82b/0x11e0 [ 1277.841937] net_rx_action+0x98f/0x1d50 [ 1277.841937] __do_softirq+0x721/0xc7f [ 1277.841937] [ 1277.841937] Uninit was stored to memory at: [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] __msan_chain_origin+0x6d/0xb0 [ 1277.841937] __save_stack_trace+0x8be/0xc60 [ 1277.841937] save_stack_trace+0xc6/0x110 [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] kmsan_memcpy_origins+0x13d/0x190 [ 1277.841937] __msan_memcpy+0x6f/0x80 [ 1277.841937] pskb_expand_head+0x436/0x1d20 [ 1277.841937] skb_shift+0xce2/0x2d10 [ 1277.841937] tcp_sacktag_walk+0x2156/0x29d0 [ 1277.841937] tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.841937] tcp_ack+0x2888/0xa010 [ 1277.841937] tcp_rcv_established+0xf7e/0x2940 [ 1277.841937] tcp_v4_do_rcv+0x686/0xd80 [ 1277.841937] tcp_v4_rcv+0x5a13/0x6520 [ 1277.841937] ip_local_deliver_finish+0x8d8/0xff0 [ 1277.841937] ip_local_deliver+0x44b/0x510 [ 1277.841937] ip_rcv+0x6b6/0x740 [ 1277.841937] process_backlog+0x82b/0x11e0 [ 1277.841937] net_rx_action+0x98f/0x1d50 [ 1277.841937] __do_softirq+0x721/0xc7f [ 1277.841937] [ 1277.841937] Uninit was stored to memory at: [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] __msan_chain_origin+0x6d/0xb0 [ 1277.841937] __save_stack_trace+0x8be/0xc60 [ 1277.841937] save_stack_trace+0xc6/0x110 [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] kmsan_memcpy_origins+0x13d/0x190 [ 1277.841937] __msan_memcpy+0x6f/0x80 [ 1277.841937] pskb_expand_head+0x436/0x1d20 [ 1277.841937] skb_shift+0xce2/0x2d10 [ 1277.841937] tcp_sacktag_walk+0x2156/0x29d0 [ 1277.841937] tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.841937] tcp_ack+0x2888/0xa010 [ 1277.841937] tcp_rcv_established+0xf7e/0x2940 [ 1277.841937] tcp_v4_do_rcv+0x686/0xd80 [ 1277.841937] tcp_v4_rcv+0x5a13/0x6520 [ 1277.841937] ip_local_deliver_finish+0x8d8/0xff0 [ 1277.841937] ip_local_deliver+0x44b/0x510 [ 1277.841937] ip_rcv+0x6b6/0x740 [ 1277.841937] process_backlog+0x82b/0x11e0 [ 1277.841937] net_rx_action+0x98f/0x1d50 [ 1277.841937] __do_softirq+0x721/0xc7f [ 1277.841937] [ 1277.841937] Uninit was stored to memory at: [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] __msan_chain_origin+0x6d/0xb0 [ 1277.841937] __save_stack_trace+0x8be/0xc60 [ 1277.841937] save_stack_trace+0xc6/0x110 [ 1277.841937] kmsan_internal_chain_origin+0x136/0x240 [ 1277.841937] kmsan_memcpy_origins+0x13d/0x190 [ 1277.841937] __msan_memcpy+0x6f/0x80 [ 1277.841937] pskb_expand_head+0x436/0x1d20 [ 1277.841937] skb_shift+0xce2/0x2d10 [ 1277.841937] tcp_sacktag_walk+0x2156/0x29d0 [ 1277.841937] tcp_sacktag_write_queue+0x2805/0x4630 [ 1277.841937] tcp_ack+0x2888/0xa010 [ 1277.841937] tcp_rcv_established+0xf7e/0x2940 [ 1277.841937] tcp_v4_do_rcv+0x686/0xd80 [ 1277.841937] tcp_v4_rcv+0x5a13/0x6520 [ 1277.841937] ip_local_deliver_finish+0x8d8/0xff0 [ 1277.841937] ip_local_deliver+0x44b/0x510 [ 1277.841937] ip_rcv+0x6b6/0x740 14:18:35 executing program 1: r0 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0x101080) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x5, 0xff, 0x800, 0x5}, &(0x7f00000001c0)=0x14) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0xcbaf, 0x2, 0x6, 0x8, r1}, &(0x7f0000000240)=0x10) r2 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000280), &(0x7f0000000400)=0x4) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f00000004c0)='syz0\x00') ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x4, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000100)=["3249b67840c1"], 0x649c356b9750c4}) r3 = accept$inet(0xffffffffffffff9c, &(0x7f0000000000)={0x2, 0x0, @loopback}, &(0x7f0000000040)=0x10) getsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb) ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000480)) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000440)={0x2, r0}) [ 1277.841937] process_backlog+0x82b/0x11e0 [ 1277.841937] net_rx_action+0x98f/0x1d50 [ 1277.841937] __do_softirq+0x721/0xc7f [ 1277.841937] [ 1277.841937] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1277.841937] Variable was created at: [ 1277.841937] ipv4_conntrack_local+0x75/0x470 [ 1277.841937] nf_hook_slow+0x15c/0x3d0 [ 1278.838125] not chained 5760000 origins [ 1278.841673] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1278.841673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1278.841673] Call Trace: [ 1278.841673] dump_stack+0x32d/0x480 [ 1278.841673] kmsan_internal_chain_origin+0x222/0x240 [ 1278.841673] ? kmsan_set_origin+0x7f/0x100 [ 1278.841673] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1278.841673] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1278.841673] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1278.841673] ? in_task_stack+0x12c/0x210 [ 1278.841673] ? task_kmsan_context_state+0x51/0x90 [ 1278.841673] ? __msan_get_context_state+0x9/0x20 [ 1278.841673] ? __kernel_text_address+0x19/0x350 [ 1278.841673] ? ret_from_fork+0x35/0x40 [ 1278.841673] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1278.841673] ? in_task_stack+0x12c/0x210 [ 1278.841673] __msan_chain_origin+0x6d/0xb0 [ 1278.841673] ? tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] __save_stack_trace+0x8be/0xc60 [ 1278.841673] ? tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] save_stack_trace+0xc6/0x110 [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] ? run_ksoftirqd+0x37/0x60 [ 1278.841673] ? kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] ? kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] ? __msan_memcpy+0x6f/0x80 [ 1278.841673] ? pskb_expand_head+0x436/0x1d20 [ 1278.841673] ? skb_shift+0xce2/0x2d10 [ 1278.841673] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] ? tcp_ack+0x2888/0xa010 [ 1278.841673] ? tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] ? tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] ? tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ? ip_local_deliver+0x44b/0x510 [ 1278.841673] ? ip_rcv+0x6b6/0x740 [ 1278.841673] ? process_backlog+0x82b/0x11e0 [ 1278.841673] ? net_rx_action+0x98f/0x1d50 [ 1278.841673] ? __do_softirq+0x721/0xc7f [ 1278.841673] ? run_ksoftirqd+0x37/0x60 [ 1278.841673] ? smpboot_thread_fn+0x69c/0xb30 [ 1278.841673] ? kthread+0x5e7/0x620 [ 1278.841673] ? ret_from_fork+0x35/0x40 [ 1278.841673] ? __msan_get_context_state+0x9/0x20 [ 1278.841673] ? INIT_INT+0xc/0x30 [ 1278.841673] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1278.841673] kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] __msan_memcpy+0x6f/0x80 [ 1278.841673] pskb_expand_head+0x436/0x1d20 [ 1278.841673] skb_shift+0xce2/0x2d10 [ 1278.841673] tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] tcp_ack+0x2888/0xa010 [ 1278.841673] ? tcp_parse_options+0xbe/0x1cf0 [ 1278.841673] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1278.841673] ? tcp_parse_options+0x1c55/0x1cf0 [ 1278.841673] tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] ? __msan_get_context_state+0x9/0x20 [ 1278.841673] tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ? tcp_filter+0x260/0x260 [ 1278.841673] ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ? nf_hook_slow+0x36f/0x3d0 [ 1278.841673] ip_local_deliver+0x44b/0x510 [ 1278.841673] ? ip_local_deliver+0x510/0x510 [ 1278.841673] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1278.841673] ip_rcv+0x6b6/0x740 [ 1278.841673] ? ip_rcv_core+0x1370/0x1370 [ 1278.841673] process_backlog+0x82b/0x11e0 [ 1278.841673] ? __msan_poison_alloca+0x1e0/0x270 [ 1278.841673] ? ip_local_deliver_finish+0xff0/0xff0 [ 1278.841673] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1278.841673] net_rx_action+0x98f/0x1d50 [ 1278.841673] ? net_tx_action+0xf20/0xf20 [ 1278.841673] __do_softirq+0x721/0xc7f [ 1278.841673] ? ksoftirqd_should_run+0x50/0x50 [ 1278.841673] run_ksoftirqd+0x37/0x60 [ 1278.841673] smpboot_thread_fn+0x69c/0xb30 [ 1278.841673] kthread+0x5e7/0x620 [ 1278.841673] ? cpu_report_death+0x4a0/0x4a0 [ 1278.841673] ? INIT_BOOL+0x30/0x30 [ 1278.841673] ret_from_fork+0x35/0x40 [ 1278.841673] Uninit was stored to memory at: [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] __msan_chain_origin+0x6d/0xb0 [ 1278.841673] __save_stack_trace+0x8be/0xc60 [ 1278.841673] save_stack_trace+0xc6/0x110 [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] __msan_memcpy+0x6f/0x80 [ 1278.841673] pskb_expand_head+0x436/0x1d20 [ 1278.841673] skb_shift+0xce2/0x2d10 [ 1278.841673] tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] tcp_ack+0x2888/0xa010 [ 1278.841673] tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ip_local_deliver+0x44b/0x510 [ 1278.841673] ip_rcv+0x6b6/0x740 [ 1278.841673] process_backlog+0x82b/0x11e0 [ 1278.841673] net_rx_action+0x98f/0x1d50 [ 1278.841673] __do_softirq+0x721/0xc7f [ 1278.841673] [ 1278.841673] Uninit was stored to memory at: [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] __msan_chain_origin+0x6d/0xb0 [ 1278.841673] __save_stack_trace+0x8be/0xc60 [ 1278.841673] save_stack_trace+0xc6/0x110 [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] __msan_memcpy+0x6f/0x80 [ 1278.841673] pskb_expand_head+0x436/0x1d20 [ 1278.841673] skb_shift+0xce2/0x2d10 [ 1278.841673] tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] tcp_ack+0x2888/0xa010 [ 1278.841673] tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ip_local_deliver+0x44b/0x510 [ 1278.841673] ip_rcv+0x6b6/0x740 [ 1278.841673] process_backlog+0x82b/0x11e0 [ 1278.841673] net_rx_action+0x98f/0x1d50 [ 1278.841673] __do_softirq+0x721/0xc7f [ 1278.841673] [ 1278.841673] Uninit was stored to memory at: [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] __msan_chain_origin+0x6d/0xb0 [ 1278.841673] __save_stack_trace+0x8be/0xc60 [ 1278.841673] save_stack_trace+0xc6/0x110 [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] __msan_memcpy+0x6f/0x80 [ 1278.841673] pskb_expand_head+0x436/0x1d20 [ 1278.841673] skb_shift+0xce2/0x2d10 [ 1278.841673] tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] tcp_ack+0x2888/0xa010 [ 1278.841673] tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ip_local_deliver+0x44b/0x510 [ 1278.841673] ip_rcv+0x6b6/0x740 [ 1278.841673] process_backlog+0x82b/0x11e0 [ 1278.841673] net_rx_action+0x98f/0x1d50 [ 1278.841673] __do_softirq+0x721/0xc7f [ 1278.841673] [ 1278.841673] Uninit was stored to memory at: [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] __msan_chain_origin+0x6d/0xb0 [ 1278.841673] __save_stack_trace+0x8be/0xc60 [ 1278.841673] save_stack_trace+0xc6/0x110 [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] __msan_memcpy+0x6f/0x80 [ 1278.841673] pskb_expand_head+0x436/0x1d20 [ 1278.841673] skb_shift+0xce2/0x2d10 [ 1278.841673] tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] tcp_ack+0x2888/0xa010 [ 1278.841673] tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ip_local_deliver+0x44b/0x510 [ 1278.841673] ip_rcv+0x6b6/0x740 [ 1278.841673] process_backlog+0x82b/0x11e0 [ 1278.841673] net_rx_action+0x98f/0x1d50 [ 1278.841673] __do_softirq+0x721/0xc7f [ 1278.841673] [ 1278.841673] Uninit was stored to memory at: [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] __msan_chain_origin+0x6d/0xb0 [ 1278.841673] __save_stack_trace+0x8be/0xc60 [ 1278.841673] save_stack_trace+0xc6/0x110 [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] __msan_memcpy+0x6f/0x80 [ 1278.841673] pskb_expand_head+0x436/0x1d20 [ 1278.841673] skb_shift+0xce2/0x2d10 [ 1278.841673] tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] tcp_ack+0x2888/0xa010 [ 1278.841673] tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ip_local_deliver+0x44b/0x510 [ 1278.841673] ip_rcv+0x6b6/0x740 [ 1278.841673] process_backlog+0x82b/0x11e0 [ 1278.841673] net_rx_action+0x98f/0x1d50 [ 1278.841673] __do_softirq+0x721/0xc7f [ 1278.841673] [ 1278.841673] Uninit was stored to memory at: [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] __msan_chain_origin+0x6d/0xb0 [ 1278.841673] __save_stack_trace+0x8be/0xc60 [ 1278.841673] save_stack_trace+0xc6/0x110 [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] __msan_memcpy+0x6f/0x80 [ 1278.841673] pskb_expand_head+0x436/0x1d20 [ 1278.841673] skb_shift+0xce2/0x2d10 [ 1278.841673] tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] tcp_ack+0x2888/0xa010 [ 1278.841673] tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ip_local_deliver+0x44b/0x510 [ 1278.841673] ip_rcv+0x6b6/0x740 [ 1278.841673] process_backlog+0x82b/0x11e0 [ 1278.841673] net_rx_action+0x98f/0x1d50 [ 1278.841673] __do_softirq+0x721/0xc7f [ 1278.841673] [ 1278.841673] Uninit was stored to memory at: [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] __msan_chain_origin+0x6d/0xb0 [ 1278.841673] __save_stack_trace+0x8be/0xc60 [ 1278.841673] save_stack_trace+0xc6/0x110 [ 1278.841673] kmsan_internal_chain_origin+0x136/0x240 [ 1278.841673] kmsan_memcpy_origins+0x13d/0x190 [ 1278.841673] __msan_memcpy+0x6f/0x80 [ 1278.841673] pskb_expand_head+0x436/0x1d20 [ 1278.841673] skb_shift+0xce2/0x2d10 [ 1278.841673] tcp_sacktag_walk+0x2156/0x29d0 [ 1278.841673] tcp_sacktag_write_queue+0x2805/0x4630 [ 1278.841673] tcp_ack+0x2888/0xa010 [ 1278.841673] tcp_rcv_established+0xf7e/0x2940 [ 1278.841673] tcp_v4_do_rcv+0x686/0xd80 [ 1278.841673] tcp_v4_rcv+0x5a13/0x6520 [ 1278.841673] ip_local_deliver_finish+0x8d8/0xff0 [ 1278.841673] ip_local_deliver+0x44b/0x510 [ 1278.841673] ip_rcv+0x6b6/0x740 [ 1278.841673] process_backlog+0x82b/0x11e0 [ 1278.841673] net_rx_action+0x98f/0x1d50 [ 1278.841673] __do_softirq+0x721/0xc7f [ 1278.841673] [ 1278.841673] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1278.841673] Variable was created at: [ 1278.841673] ipv4_conntrack_local+0x75/0x470 [ 1278.841673] nf_hook_slow+0x15c/0x3d0 14:18:37 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000480)='/dev/autofs\x00', 0x2a000, 0x0) getsockname$packet(r1, &(0x7f0000000280), &(0x7f0000000000)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r1, @ANYRES16=0x0], 0xffffffffffffff57) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer2\x00', 0x20004, 0x0) statx(r2, &(0x7f0000000140)='./file0\x00', 0x6000, 0x820, &(0x7f0000000340)) 14:18:37 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f00000001c0)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x8, @loopback}, 0x38d) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) poll(&(0x7f0000000000)=[{r0, 0x100}], 0x1, 0x1ff) 14:18:37 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmmsg(r5, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:37 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000340)='/dev/audio\x00', 0x0, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000380)={{0x5, 0x940, 0xffff, 0x4f47}, 'syz1\x00', 0x33}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8000, 0x2) ioctl$VIDIOC_TRY_ENCODER_CMD(r2, 0xc028564e, &(0x7f0000000140)={0x3, 0x1, [0xf4, 0x80000000, 0xc455, 0xc6, 0x8, 0x46, 0x8000, 0x2d7]}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r3 = semget$private(0x0, 0x4, 0x410) semctl$SETVAL(r3, 0x4, 0x10, &(0x7f0000000400)=0x80000000) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:37 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:37 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) [ 1280.556843] not chained 5770000 origins [ 1280.561035] CPU: 1 PID: 19583 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 1280.561678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1280.561678] Call Trace: [ 1280.561678] dump_stack+0x32d/0x480 [ 1280.561678] kmsan_internal_chain_origin+0x222/0x240 [ 1280.561678] ? save_stack_trace+0xc6/0x110 [ 1280.561678] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1280.596206] ? kmsan_internal_chain_origin+0x90/0x240 [ 1280.602427] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1280.602427] ? is_bpf_text_address+0x49e/0x4d0 [ 1280.602427] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1280.602427] ? in_task_stack+0x12c/0x210 [ 1280.602427] __msan_chain_origin+0x6d/0xb0 [ 1280.602427] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] __save_stack_trace+0x8be/0xc60 [ 1280.602427] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] save_stack_trace+0xc6/0x110 [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] ? __vfs_write+0x888/0xb80 [ 1280.602427] ? kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] ? kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] ? __msan_memcpy+0x6f/0x80 [ 1280.602427] ? pskb_expand_head+0x436/0x1d20 [ 1280.602427] ? tcp_fragment+0x378/0x21d0 [ 1280.602427] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] ? tcp_ack+0x2888/0xa010 [ 1280.602427] ? tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] ? tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] ? __release_sock+0x32d/0x750 [ 1280.602427] ? release_sock+0x99/0x2a0 [ 1280.602427] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] ? tcp_sendmsg+0xb2/0x100 [ 1280.602427] ? inet_sendmsg+0x4e9/0x800 [ 1280.602427] ? sock_write_iter+0x3f4/0x4f0 [ 1280.602427] ? __vfs_write+0x888/0xb80 [ 1280.602427] ? vfs_write+0x4a3/0x8f0 [ 1280.602427] ? __se_sys_write+0x17a/0x370 [ 1280.602427] ? __x64_sys_write+0x4a/0x70 [ 1280.602427] ? do_syscall_64+0xcf/0x110 [ 1280.602427] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] ? __msan_get_context_state+0x9/0x20 [ 1280.602427] ? INIT_INT+0xc/0x30 [ 1280.602427] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1280.602427] kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] __msan_memcpy+0x6f/0x80 [ 1280.602427] pskb_expand_head+0x436/0x1d20 [ 1280.602427] tcp_fragment+0x378/0x21d0 [ 1280.602427] ? kmsan_set_origin+0x7f/0x100 [ 1280.602427] tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] tcp_ack+0x2888/0xa010 [ 1280.602427] ? tcp_parse_options+0xbe/0x1cf0 [ 1280.602427] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1280.602427] ? tcp_parse_options+0x1c55/0x1cf0 [ 1280.602427] tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] ? kmsan_set_origin+0x7f/0x100 [ 1280.602427] ? __msan_get_context_state+0x9/0x20 [ 1280.602427] tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] ? inet_sk_rx_dst_set+0x200/0x200 [ 1280.602427] __release_sock+0x32d/0x750 [ 1280.602427] release_sock+0x99/0x2a0 [ 1280.602427] sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] ? wait_woken+0x5b0/0x5b0 [ 1280.602427] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] tcp_sendmsg+0xb2/0x100 [ 1280.602427] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1280.602427] inet_sendmsg+0x4e9/0x800 [ 1280.602427] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1280.602427] ? security_socket_sendmsg+0x1bd/0x200 [ 1280.602427] ? inet_getname+0x490/0x490 [ 1280.602427] sock_write_iter+0x3f4/0x4f0 [ 1280.602427] ? sock_read_iter+0x4e0/0x4e0 [ 1280.602427] __vfs_write+0x888/0xb80 [ 1280.602427] vfs_write+0x4a3/0x8f0 [ 1280.602427] __se_sys_write+0x17a/0x370 [ 1280.602427] __x64_sys_write+0x4a/0x70 [ 1280.602427] do_syscall_64+0xcf/0x110 [ 1280.602427] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] RIP: 0033:0x457569 [ 1280.602427] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1280.602427] RSP: 002b:00007f26388a1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1280.602427] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1280.602427] RDX: 000000000000ff5a RSI: 0000000020000100 RDI: 0000000000000006 [ 1280.602427] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1280.602427] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f26388a26d4 [ 1280.602427] R13: 00000000004c5893 R14: 00000000004d95a0 R15: 00000000ffffffff [ 1280.602427] Uninit was stored to memory at: [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] __msan_chain_origin+0x6d/0xb0 [ 1280.602427] __save_stack_trace+0x8be/0xc60 [ 1280.602427] save_stack_trace+0xc6/0x110 [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] __msan_memcpy+0x6f/0x80 [ 1280.602427] pskb_expand_head+0x436/0x1d20 [ 1280.602427] tcp_fragment+0x378/0x21d0 [ 1280.602427] tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] tcp_ack+0x2888/0xa010 [ 1280.602427] tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] __release_sock+0x32d/0x750 [ 1280.602427] release_sock+0x99/0x2a0 [ 1280.602427] sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] tcp_sendmsg+0xb2/0x100 [ 1280.602427] inet_sendmsg+0x4e9/0x800 [ 1280.602427] sock_write_iter+0x3f4/0x4f0 [ 1280.602427] __vfs_write+0x888/0xb80 [ 1280.602427] vfs_write+0x4a3/0x8f0 [ 1280.602427] __se_sys_write+0x17a/0x370 [ 1280.602427] __x64_sys_write+0x4a/0x70 [ 1280.602427] do_syscall_64+0xcf/0x110 [ 1280.602427] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] [ 1280.602427] Uninit was stored to memory at: [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] __msan_chain_origin+0x6d/0xb0 [ 1280.602427] __save_stack_trace+0x8be/0xc60 [ 1280.602427] save_stack_trace+0xc6/0x110 [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] __msan_memcpy+0x6f/0x80 [ 1280.602427] pskb_expand_head+0x436/0x1d20 [ 1280.602427] tcp_fragment+0x378/0x21d0 [ 1280.602427] tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] tcp_ack+0x2888/0xa010 [ 1280.602427] tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] __release_sock+0x32d/0x750 [ 1280.602427] release_sock+0x99/0x2a0 [ 1280.602427] sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] tcp_sendmsg+0xb2/0x100 [ 1280.602427] inet_sendmsg+0x4e9/0x800 [ 1280.602427] sock_write_iter+0x3f4/0x4f0 [ 1280.602427] __vfs_write+0x888/0xb80 [ 1280.602427] vfs_write+0x4a3/0x8f0 [ 1280.602427] __se_sys_write+0x17a/0x370 [ 1280.602427] __x64_sys_write+0x4a/0x70 [ 1280.602427] do_syscall_64+0xcf/0x110 [ 1280.602427] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] [ 1280.602427] Uninit was stored to memory at: [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] __msan_chain_origin+0x6d/0xb0 [ 1280.602427] __save_stack_trace+0x8be/0xc60 [ 1280.602427] save_stack_trace+0xc6/0x110 [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] __msan_memcpy+0x6f/0x80 [ 1280.602427] pskb_expand_head+0x436/0x1d20 [ 1280.602427] tcp_fragment+0x378/0x21d0 [ 1280.602427] tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] tcp_ack+0x2888/0xa010 [ 1280.602427] tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] __release_sock+0x32d/0x750 [ 1280.602427] release_sock+0x99/0x2a0 [ 1280.602427] sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] tcp_sendmsg+0xb2/0x100 [ 1280.602427] inet_sendmsg+0x4e9/0x800 [ 1280.602427] sock_write_iter+0x3f4/0x4f0 [ 1280.602427] __vfs_write+0x888/0xb80 [ 1280.602427] vfs_write+0x4a3/0x8f0 [ 1280.602427] __se_sys_write+0x17a/0x370 [ 1280.602427] __x64_sys_write+0x4a/0x70 [ 1280.602427] do_syscall_64+0xcf/0x110 [ 1280.602427] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] [ 1280.602427] Uninit was stored to memory at: [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] __msan_chain_origin+0x6d/0xb0 [ 1280.602427] __save_stack_trace+0x8be/0xc60 [ 1280.602427] save_stack_trace+0xc6/0x110 [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] __msan_memcpy+0x6f/0x80 [ 1280.602427] pskb_expand_head+0x436/0x1d20 [ 1280.602427] tcp_fragment+0x378/0x21d0 [ 1280.602427] tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] tcp_ack+0x2888/0xa010 [ 1280.602427] tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] __release_sock+0x32d/0x750 [ 1280.602427] release_sock+0x99/0x2a0 [ 1280.602427] sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] tcp_sendmsg+0xb2/0x100 [ 1280.602427] inet_sendmsg+0x4e9/0x800 [ 1280.602427] sock_write_iter+0x3f4/0x4f0 [ 1280.602427] __vfs_write+0x888/0xb80 [ 1280.602427] vfs_write+0x4a3/0x8f0 [ 1280.602427] __se_sys_write+0x17a/0x370 [ 1280.602427] __x64_sys_write+0x4a/0x70 [ 1280.602427] do_syscall_64+0xcf/0x110 [ 1280.602427] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] [ 1280.602427] Uninit was stored to memory at: [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] __msan_chain_origin+0x6d/0xb0 [ 1280.602427] __save_stack_trace+0x8be/0xc60 [ 1280.602427] save_stack_trace+0xc6/0x110 [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] __msan_memcpy+0x6f/0x80 [ 1280.602427] pskb_expand_head+0x436/0x1d20 [ 1280.602427] tcp_fragment+0x378/0x21d0 [ 1280.602427] tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] tcp_ack+0x2888/0xa010 [ 1280.602427] tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] __release_sock+0x32d/0x750 [ 1280.602427] release_sock+0x99/0x2a0 [ 1280.602427] sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] tcp_sendmsg+0xb2/0x100 [ 1280.602427] inet_sendmsg+0x4e9/0x800 [ 1280.602427] sock_write_iter+0x3f4/0x4f0 [ 1280.602427] __vfs_write+0x888/0xb80 [ 1280.602427] vfs_write+0x4a3/0x8f0 [ 1280.602427] __se_sys_write+0x17a/0x370 [ 1280.602427] __x64_sys_write+0x4a/0x70 [ 1280.602427] do_syscall_64+0xcf/0x110 [ 1280.602427] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] [ 1280.602427] Uninit was stored to memory at: [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] __msan_chain_origin+0x6d/0xb0 [ 1280.602427] __save_stack_trace+0x8be/0xc60 [ 1280.602427] save_stack_trace+0xc6/0x110 [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] __msan_memcpy+0x6f/0x80 [ 1280.602427] pskb_expand_head+0x436/0x1d20 [ 1280.602427] tcp_fragment+0x378/0x21d0 [ 1280.602427] tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] tcp_ack+0x2888/0xa010 [ 1280.602427] tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] __release_sock+0x32d/0x750 [ 1280.602427] release_sock+0x99/0x2a0 [ 1280.602427] sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] tcp_sendmsg+0xb2/0x100 [ 1280.602427] inet_sendmsg+0x4e9/0x800 [ 1280.602427] sock_write_iter+0x3f4/0x4f0 [ 1280.602427] __vfs_write+0x888/0xb80 [ 1280.602427] vfs_write+0x4a3/0x8f0 [ 1280.602427] __se_sys_write+0x17a/0x370 [ 1280.602427] __x64_sys_write+0x4a/0x70 [ 1280.602427] do_syscall_64+0xcf/0x110 [ 1280.602427] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] [ 1280.602427] Uninit was stored to memory at: [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] __msan_chain_origin+0x6d/0xb0 [ 1280.602427] __save_stack_trace+0x8be/0xc60 [ 1280.602427] save_stack_trace+0xc6/0x110 [ 1280.602427] kmsan_internal_chain_origin+0x136/0x240 [ 1280.602427] kmsan_memcpy_origins+0x13d/0x190 [ 1280.602427] __msan_memcpy+0x6f/0x80 [ 1280.602427] pskb_expand_head+0x436/0x1d20 [ 1280.602427] tcp_fragment+0x378/0x21d0 [ 1280.602427] tcp_sacktag_walk+0xe88/0x29d0 [ 1280.602427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1280.602427] tcp_ack+0x2888/0xa010 [ 1280.602427] tcp_rcv_established+0xf7e/0x2940 [ 1280.602427] tcp_v4_do_rcv+0x686/0xd80 [ 1280.602427] __release_sock+0x32d/0x750 [ 1280.602427] release_sock+0x99/0x2a0 [ 1280.602427] sk_stream_wait_memory+0x9cc/0x1430 [ 1280.602427] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1280.602427] tcp_sendmsg+0xb2/0x100 [ 1280.602427] inet_sendmsg+0x4e9/0x800 [ 1280.602427] sock_write_iter+0x3f4/0x4f0 [ 1280.602427] __vfs_write+0x888/0xb80 [ 1280.602427] vfs_write+0x4a3/0x8f0 14:18:38 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x400000000, @loopback}, 0x1c) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 1280.602427] __se_sys_write+0x17a/0x370 [ 1280.602427] __x64_sys_write+0x4a/0x70 [ 1280.602427] do_syscall_64+0xcf/0x110 [ 1280.602427] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1280.602427] [ 1280.602427] Local variable description: ----_tcph@tcp_packet [ 1280.602427] Variable was created at: [ 1280.602427] tcp_packet+0xe1/0x73c0 [ 1280.602427] nf_conntrack_in+0x9f0/0x1edd 14:18:39 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmmsg(r5, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) [ 1282.131042] not chained 5780000 origins [ 1282.131703] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1282.131703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1282.131703] Call Trace: [ 1282.131703] dump_stack+0x32d/0x480 [ 1282.131703] ? save_stack_trace+0xc6/0x110 [ 1282.131703] kmsan_internal_chain_origin+0x222/0x240 [ 1282.131703] ? kmsan_internal_chain_origin+0x136/0x240 [ 1282.131703] ? __msan_chain_origin+0x6d/0xb0 [ 1282.131703] ? __save_stack_trace+0x8be/0xc60 [ 1282.131703] ? save_stack_trace+0xc6/0x110 [ 1282.131703] ? kmsan_internal_chain_origin+0x136/0x240 [ 1282.131703] ? kmsan_memcpy_origins+0x13d/0x190 [ 1282.131703] ? __msan_memcpy+0x6f/0x80 [ 1282.131703] ? pskb_expand_head+0x436/0x1d20 [ 1282.131703] ? skb_shift+0xce2/0x2d10 [ 1282.131703] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1282.131703] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.131703] ? tcp_ack+0x2888/0xa010 [ 1282.131703] ? tcp_rcv_established+0xf7e/0x2940 [ 1282.131703] ? tcp_v4_do_rcv+0x686/0xd80 [ 1282.131703] ? tcp_v4_rcv+0x5a13/0x6520 [ 1282.131703] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1282.131703] ? ip_local_deliver+0x44b/0x510 [ 1282.241884] ? ip_rcv+0x6b6/0x740 [ 1282.241884] ? process_backlog+0x82b/0x11e0 [ 1282.241884] ? net_rx_action+0x98f/0x1d50 [ 1282.241884] ? __do_softirq+0x721/0xc7f [ 1282.241884] ? run_ksoftirqd+0x37/0x60 [ 1282.241884] ? smpboot_thread_fn+0x69c/0xb30 [ 1282.241884] ? kthread+0x5e7/0x620 [ 1282.241884] ? ret_from_fork+0x35/0x40 [ 1282.241884] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1282.241884] ? in_task_stack+0x12c/0x210 [ 1282.241884] ? task_kmsan_context_state+0x51/0x90 [ 1282.241884] ? __msan_get_context_state+0x9/0x20 [ 1282.241884] ? __kernel_text_address+0x19/0x350 [ 1282.241884] ? ret_from_fork+0x35/0x40 [ 1282.241884] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1282.241884] ? in_task_stack+0x12c/0x210 [ 1282.241884] __msan_chain_origin+0x6d/0xb0 [ 1282.241884] ? tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] __save_stack_trace+0x8be/0xc60 [ 1282.241884] ? tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] save_stack_trace+0xc6/0x110 [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] ? run_ksoftirqd+0x37/0x60 [ 1282.241884] ? kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] ? kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] ? __msan_memcpy+0x6f/0x80 [ 1282.241884] ? pskb_expand_head+0x436/0x1d20 [ 1282.241884] ? skb_shift+0xfc3/0x2d10 [ 1282.241884] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] ? tcp_ack+0x2888/0xa010 [ 1282.241884] ? tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] ? tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] ? tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ? ip_local_deliver+0x44b/0x510 [ 1282.241884] ? ip_rcv+0x6b6/0x740 [ 1282.241884] ? process_backlog+0x82b/0x11e0 [ 1282.241884] ? net_rx_action+0x98f/0x1d50 [ 1282.241884] ? __do_softirq+0x721/0xc7f [ 1282.241884] ? run_ksoftirqd+0x37/0x60 [ 1282.241884] ? smpboot_thread_fn+0x69c/0xb30 [ 1282.241884] ? kthread+0x5e7/0x620 [ 1282.241884] ? ret_from_fork+0x35/0x40 [ 1282.241884] ? __msan_get_context_state+0x9/0x20 [ 1282.241884] ? INIT_INT+0xc/0x30 [ 1282.241884] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1282.241884] kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] __msan_memcpy+0x6f/0x80 [ 1282.241884] pskb_expand_head+0x436/0x1d20 [ 1282.241884] skb_shift+0xfc3/0x2d10 [ 1282.241884] tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] tcp_ack+0x2888/0xa010 [ 1282.241884] ? tcp_parse_options+0xbe/0x1cf0 [ 1282.241884] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1282.241884] ? tcp_parse_options+0x1c55/0x1cf0 [ 1282.241884] tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] ? __msan_get_context_state+0x9/0x20 [ 1282.241884] tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ? tcp_filter+0x260/0x260 [ 1282.241884] ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ? nf_hook_slow+0x36f/0x3d0 [ 1282.241884] ip_local_deliver+0x44b/0x510 [ 1282.241884] ? ip_local_deliver+0x510/0x510 [ 1282.241884] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1282.241884] ip_rcv+0x6b6/0x740 [ 1282.241884] ? ip_rcv_core+0x1370/0x1370 [ 1282.241884] process_backlog+0x82b/0x11e0 [ 1282.241884] ? __msan_poison_alloca+0x1e0/0x270 [ 1282.241884] ? ip_local_deliver_finish+0xff0/0xff0 [ 1282.241884] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1282.241884] net_rx_action+0x98f/0x1d50 [ 1282.241884] ? net_tx_action+0xf20/0xf20 [ 1282.241884] __do_softirq+0x721/0xc7f [ 1282.241884] ? ksoftirqd_should_run+0x50/0x50 [ 1282.241884] run_ksoftirqd+0x37/0x60 [ 1282.241884] smpboot_thread_fn+0x69c/0xb30 [ 1282.241884] kthread+0x5e7/0x620 [ 1282.241884] ? cpu_report_death+0x4a0/0x4a0 [ 1282.241884] ? INIT_BOOL+0x30/0x30 [ 1282.241884] ret_from_fork+0x35/0x40 [ 1282.241884] Uninit was stored to memory at: [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] __msan_chain_origin+0x6d/0xb0 [ 1282.241884] __save_stack_trace+0x8be/0xc60 [ 1282.241884] save_stack_trace+0xc6/0x110 [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] __msan_memcpy+0x6f/0x80 [ 1282.241884] pskb_expand_head+0x436/0x1d20 [ 1282.241884] skb_shift+0xce2/0x2d10 [ 1282.241884] tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] tcp_ack+0x2888/0xa010 [ 1282.241884] tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ip_local_deliver+0x44b/0x510 [ 1282.241884] ip_rcv+0x6b6/0x740 [ 1282.241884] process_backlog+0x82b/0x11e0 [ 1282.241884] net_rx_action+0x98f/0x1d50 [ 1282.241884] __do_softirq+0x721/0xc7f [ 1282.241884] [ 1282.241884] Uninit was stored to memory at: [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] __msan_chain_origin+0x6d/0xb0 [ 1282.241884] __save_stack_trace+0x8be/0xc60 [ 1282.241884] save_stack_trace+0xc6/0x110 [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] __msan_memcpy+0x6f/0x80 [ 1282.241884] pskb_expand_head+0x436/0x1d20 [ 1282.241884] skb_shift+0xce2/0x2d10 [ 1282.241884] tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] tcp_ack+0x2888/0xa010 [ 1282.241884] tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ip_local_deliver+0x44b/0x510 [ 1282.241884] ip_rcv+0x6b6/0x740 [ 1282.241884] process_backlog+0x82b/0x11e0 [ 1282.241884] net_rx_action+0x98f/0x1d50 [ 1282.241884] __do_softirq+0x721/0xc7f [ 1282.241884] [ 1282.241884] Uninit was stored to memory at: [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] __msan_chain_origin+0x6d/0xb0 [ 1282.241884] __save_stack_trace+0x8be/0xc60 [ 1282.241884] save_stack_trace+0xc6/0x110 [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] __msan_memcpy+0x6f/0x80 [ 1282.241884] pskb_expand_head+0x436/0x1d20 [ 1282.241884] skb_shift+0xce2/0x2d10 [ 1282.241884] tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] tcp_ack+0x2888/0xa010 [ 1282.241884] tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ip_local_deliver+0x44b/0x510 [ 1282.241884] ip_rcv+0x6b6/0x740 [ 1282.241884] process_backlog+0x82b/0x11e0 [ 1282.241884] net_rx_action+0x98f/0x1d50 [ 1282.241884] __do_softirq+0x721/0xc7f [ 1282.241884] [ 1282.241884] Uninit was stored to memory at: [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] __msan_chain_origin+0x6d/0xb0 [ 1282.241884] __save_stack_trace+0x8be/0xc60 [ 1282.241884] save_stack_trace+0xc6/0x110 [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] __msan_memcpy+0x6f/0x80 [ 1282.241884] pskb_expand_head+0x436/0x1d20 [ 1282.241884] skb_shift+0xce2/0x2d10 [ 1282.241884] tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] tcp_ack+0x2888/0xa010 [ 1282.241884] tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ip_local_deliver+0x44b/0x510 [ 1282.241884] ip_rcv+0x6b6/0x740 [ 1282.241884] process_backlog+0x82b/0x11e0 [ 1282.241884] net_rx_action+0x98f/0x1d50 [ 1282.241884] __do_softirq+0x721/0xc7f [ 1282.241884] [ 1282.241884] Uninit was stored to memory at: [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] __msan_chain_origin+0x6d/0xb0 [ 1282.241884] __save_stack_trace+0x8be/0xc60 [ 1282.241884] save_stack_trace+0xc6/0x110 [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] __msan_memcpy+0x6f/0x80 [ 1282.241884] pskb_expand_head+0x436/0x1d20 [ 1282.241884] skb_shift+0xce2/0x2d10 [ 1282.241884] tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] tcp_ack+0x2888/0xa010 [ 1282.241884] tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ip_local_deliver+0x44b/0x510 [ 1282.241884] ip_rcv+0x6b6/0x740 [ 1282.241884] process_backlog+0x82b/0x11e0 [ 1282.241884] net_rx_action+0x98f/0x1d50 [ 1282.241884] __do_softirq+0x721/0xc7f [ 1282.241884] [ 1282.241884] Uninit was stored to memory at: [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] __msan_chain_origin+0x6d/0xb0 [ 1282.241884] __save_stack_trace+0x8be/0xc60 [ 1282.241884] save_stack_trace+0xc6/0x110 [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] __msan_memcpy+0x6f/0x80 [ 1282.241884] pskb_expand_head+0x436/0x1d20 [ 1282.241884] skb_shift+0xce2/0x2d10 [ 1282.241884] tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] tcp_ack+0x2888/0xa010 [ 1282.241884] tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ip_local_deliver+0x44b/0x510 [ 1282.241884] ip_rcv+0x6b6/0x740 [ 1282.241884] process_backlog+0x82b/0x11e0 [ 1282.241884] net_rx_action+0x98f/0x1d50 [ 1282.241884] __do_softirq+0x721/0xc7f [ 1282.241884] [ 1282.241884] Uninit was stored to memory at: [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] __msan_chain_origin+0x6d/0xb0 [ 1282.241884] __save_stack_trace+0x8be/0xc60 [ 1282.241884] save_stack_trace+0xc6/0x110 [ 1282.241884] kmsan_internal_chain_origin+0x136/0x240 [ 1282.241884] kmsan_memcpy_origins+0x13d/0x190 [ 1282.241884] __msan_memcpy+0x6f/0x80 [ 1282.241884] pskb_expand_head+0x436/0x1d20 [ 1282.241884] skb_shift+0xce2/0x2d10 [ 1282.241884] tcp_sacktag_walk+0x2156/0x29d0 [ 1282.241884] tcp_sacktag_write_queue+0x2805/0x4630 [ 1282.241884] tcp_ack+0x2888/0xa010 [ 1282.241884] tcp_rcv_established+0xf7e/0x2940 [ 1282.241884] tcp_v4_do_rcv+0x686/0xd80 [ 1282.241884] tcp_v4_rcv+0x5a13/0x6520 [ 1282.241884] ip_local_deliver_finish+0x8d8/0xff0 [ 1282.241884] ip_local_deliver+0x44b/0x510 [ 1282.241884] ip_rcv+0x6b6/0x740 [ 1282.241884] process_backlog+0x82b/0x11e0 [ 1282.241884] net_rx_action+0x98f/0x1d50 [ 1282.241884] __do_softirq+0x721/0xc7f [ 1282.241884] [ 1282.241884] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1282.241884] Variable was created at: [ 1282.241884] ipv4_conntrack_local+0x75/0x470 [ 1282.241884] nf_hook_slow+0x15c/0x3d0 14:18:40 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:40 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ppp\x00', 0x100, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000280)={0x2, &(0x7f0000000240)=[{0x0}, {}]}) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000380)={0x9, 0xf, 0x4, 0x0, {0x0, 0x2710}, {0x2, 0xe, 0x9, 0x1, 0xfff, 0x7, "4d8e0186"}, 0x800, 0x3, @userptr=0x6e7, 0x4}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000340)={r1, &(0x7f00000002c0)=""/79}) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000400)={0x4, 0x3, 0x2, "c223ae5788187573c868a1fba728e2fd6d18a2b83009152fa4f63ca3413b44bf", 0x38323151}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r2, &(0x7f0000000000)={&(0x7f0000000040), 0xc, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[]}, 0x1, 0x0, 0x0, 0x3}, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x1c1000, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffff9c, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) connect(r3, &(0x7f0000000180)=@in6={0xa, 0x4e22, 0x15, @remote, 0x8}, 0x80) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000140)={r4, 0x10000}, 0x8) 14:18:40 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x0) [ 1283.753148] not chained 5790000 origins [ 1283.757173] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1283.761687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1283.761687] Call Trace: [ 1283.761687] dump_stack+0x32d/0x480 [ 1283.761687] kmsan_internal_chain_origin+0x222/0x240 [ 1283.761687] ? kmsan_set_origin+0x7f/0x100 [ 1283.761687] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1283.761687] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1283.761687] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1283.761687] ? in_task_stack+0x12c/0x210 [ 1283.761687] ? task_kmsan_context_state+0x51/0x90 [ 1283.761687] ? __msan_get_context_state+0x9/0x20 [ 1283.761687] ? __kernel_text_address+0x19/0x350 [ 1283.761687] ? ret_from_fork+0x35/0x40 [ 1283.761687] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1283.761687] ? in_task_stack+0x12c/0x210 [ 1283.761687] __msan_chain_origin+0x6d/0xb0 [ 1283.761687] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] __save_stack_trace+0x8be/0xc60 [ 1283.761687] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] save_stack_trace+0xc6/0x110 [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] ? run_ksoftirqd+0x37/0x60 [ 1283.761687] ? kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] ? kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] ? __msan_memcpy+0x6f/0x80 [ 1283.761687] ? pskb_expand_head+0x436/0x1d20 [ 1283.761687] ? skb_shift+0xce2/0x2d10 [ 1283.761687] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] ? tcp_ack+0x2888/0xa010 [ 1283.761687] ? tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] ? tcp_v4_do_rcv+0x686/0xd80 [ 1283.761687] ? tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ? ip_local_deliver+0x44b/0x510 [ 1283.761687] ? ip_rcv+0x6b6/0x740 [ 1283.761687] ? process_backlog+0x82b/0x11e0 [ 1283.761687] ? net_rx_action+0x98f/0x1d50 [ 1283.761687] ? __do_softirq+0x721/0xc7f [ 1283.761687] ? run_ksoftirqd+0x37/0x60 [ 1283.761687] ? smpboot_thread_fn+0x69c/0xb30 [ 1283.761687] ? kthread+0x5e7/0x620 [ 1283.761687] ? ret_from_fork+0x35/0x40 [ 1283.761687] ? __msan_get_context_state+0x9/0x20 [ 1283.761687] ? INIT_INT+0xc/0x30 [ 1283.761687] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1283.761687] kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] __msan_memcpy+0x6f/0x80 [ 1283.761687] pskb_expand_head+0x436/0x1d20 [ 1283.761687] skb_shift+0xce2/0x2d10 [ 1283.761687] tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] tcp_ack+0x2888/0xa010 [ 1283.761687] ? tcp_parse_options+0xbe/0x1cf0 [ 1283.761687] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1283.761687] ? tcp_parse_options+0x1c55/0x1cf0 [ 1283.761687] tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] ? __msan_get_context_state+0x9/0x20 [ 1283.761687] tcp_v4_do_rcv+0x686/0xd80 [ 1283.761687] tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ? tcp_filter+0x260/0x260 [ 1283.761687] ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ? nf_hook_slow+0x36f/0x3d0 [ 1283.761687] ip_local_deliver+0x44b/0x510 [ 1283.761687] ? ip_local_deliver+0x510/0x510 [ 1283.761687] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1283.761687] ip_rcv+0x6b6/0x740 [ 1283.761687] ? ip_rcv_core+0x1370/0x1370 [ 1283.761687] process_backlog+0x82b/0x11e0 [ 1283.761687] ? __msan_poison_alloca+0x1e0/0x270 [ 1283.761687] ? ip_local_deliver_finish+0xff0/0xff0 [ 1283.761687] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1283.761687] net_rx_action+0x98f/0x1d50 [ 1283.761687] ? net_tx_action+0xf20/0xf20 [ 1283.761687] __do_softirq+0x721/0xc7f [ 1283.761687] ? ksoftirqd_should_run+0x50/0x50 [ 1283.761687] run_ksoftirqd+0x37/0x60 [ 1283.761687] smpboot_thread_fn+0x69c/0xb30 [ 1283.761687] kthread+0x5e7/0x620 [ 1283.761687] ? cpu_report_death+0x4a0/0x4a0 [ 1283.761687] ? INIT_BOOL+0x30/0x30 [ 1283.761687] ret_from_fork+0x35/0x40 [ 1283.761687] Uninit was stored to memory at: [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] __msan_chain_origin+0x6d/0xb0 [ 1283.761687] __save_stack_trace+0x8be/0xc60 [ 1283.761687] save_stack_trace+0xc6/0x110 [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] __msan_memcpy+0x6f/0x80 [ 1283.761687] pskb_expand_head+0x436/0x1d20 [ 1283.761687] skb_shift+0xce2/0x2d10 [ 1283.761687] tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] tcp_ack+0x2888/0xa010 [ 1283.761687] tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] tcp_v4_do_rcv+0x686/0xd80 [ 1283.761687] tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ip_local_deliver+0x44b/0x510 [ 1283.761687] ip_rcv+0x6b6/0x740 [ 1283.761687] process_backlog+0x82b/0x11e0 [ 1283.761687] net_rx_action+0x98f/0x1d50 [ 1283.761687] __do_softirq+0x721/0xc7f [ 1283.761687] [ 1283.761687] Uninit was stored to memory at: [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] __msan_chain_origin+0x6d/0xb0 [ 1283.761687] __save_stack_trace+0x8be/0xc60 [ 1283.761687] save_stack_trace+0xc6/0x110 [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] __msan_memcpy+0x6f/0x80 [ 1283.761687] pskb_expand_head+0x436/0x1d20 [ 1283.761687] skb_shift+0xce2/0x2d10 [ 1283.761687] tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] tcp_ack+0x2888/0xa010 [ 1283.761687] tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] tcp_v4_do_rcv+0x686/0xd80 [ 1283.761687] tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ip_local_deliver+0x44b/0x510 [ 1283.761687] ip_rcv+0x6b6/0x740 [ 1283.761687] process_backlog+0x82b/0x11e0 [ 1283.761687] net_rx_action+0x98f/0x1d50 [ 1283.761687] __do_softirq+0x721/0xc7f [ 1283.761687] [ 1283.761687] Uninit was stored to memory at: [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] __msan_chain_origin+0x6d/0xb0 [ 1283.761687] __save_stack_trace+0x8be/0xc60 [ 1283.761687] save_stack_trace+0xc6/0x110 [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] __msan_memcpy+0x6f/0x80 [ 1283.761687] pskb_expand_head+0x436/0x1d20 [ 1283.761687] skb_shift+0xce2/0x2d10 [ 1283.761687] tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] tcp_ack+0x2888/0xa010 [ 1283.761687] tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] tcp_v4_do_rcv+0x686/0xd80 [ 1283.761687] tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ip_local_deliver+0x44b/0x510 [ 1283.761687] ip_rcv+0x6b6/0x740 [ 1283.761687] process_backlog+0x82b/0x11e0 [ 1283.761687] net_rx_action+0x98f/0x1d50 [ 1283.761687] __do_softirq+0x721/0xc7f [ 1283.761687] [ 1283.761687] Uninit was stored to memory at: [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] __msan_chain_origin+0x6d/0xb0 [ 1283.761687] __save_stack_trace+0x8be/0xc60 [ 1283.761687] save_stack_trace+0xc6/0x110 [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] __msan_memcpy+0x6f/0x80 [ 1283.761687] pskb_expand_head+0x436/0x1d20 [ 1283.761687] skb_shift+0xce2/0x2d10 [ 1283.761687] tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] tcp_ack+0x2888/0xa010 [ 1283.761687] tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] tcp_v4_do_rcv+0x686/0xd80 [ 1283.761687] tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ip_local_deliver+0x44b/0x510 [ 1283.761687] ip_rcv+0x6b6/0x740 [ 1283.761687] process_backlog+0x82b/0x11e0 [ 1283.761687] net_rx_action+0x98f/0x1d50 [ 1283.761687] __do_softirq+0x721/0xc7f [ 1283.761687] [ 1283.761687] Uninit was stored to memory at: [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] __msan_chain_origin+0x6d/0xb0 [ 1283.761687] __save_stack_trace+0x8be/0xc60 [ 1283.761687] save_stack_trace+0xc6/0x110 [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] __msan_memcpy+0x6f/0x80 [ 1283.761687] pskb_expand_head+0x436/0x1d20 [ 1283.761687] skb_shift+0xce2/0x2d10 [ 1283.761687] tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] tcp_ack+0x2888/0xa010 [ 1283.761687] tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] tcp_v4_do_rcv+0x686/0xd80 [ 1283.761687] tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ip_local_deliver+0x44b/0x510 [ 1283.761687] ip_rcv+0x6b6/0x740 [ 1283.761687] process_backlog+0x82b/0x11e0 [ 1283.761687] net_rx_action+0x98f/0x1d50 [ 1283.761687] __do_softirq+0x721/0xc7f [ 1283.761687] [ 1283.761687] Uninit was stored to memory at: [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] __msan_chain_origin+0x6d/0xb0 [ 1283.761687] __save_stack_trace+0x8be/0xc60 [ 1283.761687] save_stack_trace+0xc6/0x110 [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] __msan_memcpy+0x6f/0x80 [ 1283.761687] pskb_expand_head+0x436/0x1d20 [ 1283.761687] skb_shift+0xce2/0x2d10 [ 1283.761687] tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] tcp_ack+0x2888/0xa010 [ 1283.761687] tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] tcp_v4_do_rcv+0x686/0xd80 [ 1283.761687] tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ip_local_deliver+0x44b/0x510 [ 1283.761687] ip_rcv+0x6b6/0x740 [ 1283.761687] process_backlog+0x82b/0x11e0 [ 1283.761687] net_rx_action+0x98f/0x1d50 [ 1283.761687] __do_softirq+0x721/0xc7f [ 1283.761687] [ 1283.761687] Uninit was stored to memory at: [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] __msan_chain_origin+0x6d/0xb0 [ 1283.761687] __save_stack_trace+0x8be/0xc60 [ 1283.761687] save_stack_trace+0xc6/0x110 [ 1283.761687] kmsan_internal_chain_origin+0x136/0x240 [ 1283.761687] kmsan_memcpy_origins+0x13d/0x190 [ 1283.761687] __msan_memcpy+0x6f/0x80 [ 1283.761687] pskb_expand_head+0x436/0x1d20 [ 1283.761687] skb_shift+0xce2/0x2d10 [ 1283.761687] tcp_sacktag_walk+0x2156/0x29d0 [ 1283.761687] tcp_sacktag_write_queue+0x2805/0x4630 [ 1283.761687] tcp_ack+0x2888/0xa010 [ 1283.761687] tcp_rcv_established+0xf7e/0x2940 [ 1283.761687] tcp_v4_do_rcv+0x686/0xd80 14:18:41 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4008000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x74, r2, 0x0, 0x70bd2a, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x58, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x29}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x1}}, @IPVS_SVC_ATTR_AF={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2e, 0x20}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xaa}]}, 0x74}, 0x1, 0x0, 0x0, 0x881}, 0x800) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1283.761687] tcp_v4_rcv+0x5a13/0x6520 [ 1283.761687] ip_local_deliver_finish+0x8d8/0xff0 [ 1283.761687] ip_local_deliver+0x44b/0x510 [ 1283.761687] ip_rcv+0x6b6/0x740 [ 1283.761687] process_backlog+0x82b/0x11e0 [ 1283.761687] net_rx_action+0x98f/0x1d50 [ 1283.761687] __do_softirq+0x721/0xc7f [ 1283.761687] [ 1283.761687] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1283.761687] Variable was created at: [ 1283.761687] ipv4_conntrack_local+0x75/0x470 [ 1283.761687] nf_hook_slow+0x15c/0x3d0 14:18:42 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:42 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000480)='/dev/autofs\x00', 0x2a000, 0x0) getsockname$packet(r1, &(0x7f0000000280), &(0x7f0000000000)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r1, @ANYRES16=0x0], 0xffffffffffffff57) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer2\x00', 0x20004, 0x0) statx(r2, &(0x7f0000000140)='./file0\x00', 0x6000, 0x820, &(0x7f0000000340)) 14:18:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x0) [ 1285.396824] not chained 5800000 origins [ 1285.400848] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1285.401655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1285.411878] Call Trace: [ 1285.411878] dump_stack+0x32d/0x480 [ 1285.411878] kmsan_internal_chain_origin+0x222/0x240 [ 1285.411878] ? ret_from_fork+0x35/0x40 [ 1285.432183] not chained 5810000 origins [ 1285.411878] ? save_stack_trace+0xc6/0x110 [ 1285.411878] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1285.411878] ? kmsan_internal_chain_origin+0x90/0x240 [ 1285.411878] ? kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ? __msan_chain_origin+0x6d/0xb0 [ 1285.411878] ? save_stack_trace+0xfa/0x110 [ 1285.411878] ? kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ? kmsan_memcpy_origins+0x13d/0x190 [ 1285.411878] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1285.411878] ? in_task_stack+0x12c/0x210 [ 1285.411878] __msan_chain_origin+0x6d/0xb0 [ 1285.411878] ? pskb_expand_head+0x436/0x1d20 [ 1285.411878] __save_stack_trace+0x8be/0xc60 [ 1285.411878] ? pskb_expand_head+0x436/0x1d20 [ 1285.411878] save_stack_trace+0xc6/0x110 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ? run_ksoftirqd+0x37/0x60 [ 1285.411878] ? kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ? kmsan_memcpy_origins+0x13d/0x190 [ 1285.411878] ? __msan_memcpy+0x6f/0x80 [ 1285.411878] ? pskb_expand_head+0x436/0x1d20 [ 1285.411878] ? tcp_fragment+0x378/0x21d0 [ 1285.411878] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1285.411878] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.411878] ? tcp_ack+0x2888/0xa010 [ 1285.411878] ? tcp_rcv_established+0xf7e/0x2940 [ 1285.411878] ? tcp_v4_do_rcv+0x686/0xd80 [ 1285.411878] ? tcp_v4_rcv+0x5a13/0x6520 [ 1285.411878] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1285.411878] ? ip_local_deliver+0x44b/0x510 [ 1285.411878] ? ip_rcv+0x6b6/0x740 [ 1285.411878] ? process_backlog+0x82b/0x11e0 [ 1285.411878] ? net_rx_action+0x98f/0x1d50 [ 1285.411878] ? __do_softirq+0x721/0xc7f [ 1285.411878] ? run_ksoftirqd+0x37/0x60 [ 1285.411878] ? smpboot_thread_fn+0x69c/0xb30 [ 1285.411878] ? kthread+0x5e7/0x620 [ 1285.411878] ? ret_from_fork+0x35/0x40 [ 1285.411878] ? __msan_get_context_state+0x9/0x20 [ 1285.411878] ? INIT_INT+0xc/0x30 [ 1285.411878] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1285.411878] kmsan_memcpy_origins+0x13d/0x190 [ 1285.411878] __msan_memcpy+0x6f/0x80 [ 1285.411878] pskb_expand_head+0x436/0x1d20 [ 1285.411878] tcp_fragment+0x378/0x21d0 [ 1285.411878] tcp_sacktag_walk+0xe88/0x29d0 [ 1285.411878] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.411878] tcp_ack+0x2888/0xa010 [ 1285.411878] ? tcp_parse_options+0xbe/0x1cf0 [ 1285.411878] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1285.411878] ? tcp_parse_options+0x1c55/0x1cf0 [ 1285.411878] tcp_rcv_established+0xf7e/0x2940 [ 1285.411878] ? __msan_get_context_state+0x9/0x20 [ 1285.411878] tcp_v4_do_rcv+0x686/0xd80 [ 1285.411878] tcp_v4_rcv+0x5a13/0x6520 [ 1285.411878] ? tcp_filter+0x260/0x260 [ 1285.411878] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.411878] ? nf_hook_slow+0x36f/0x3d0 [ 1285.411878] ip_local_deliver+0x44b/0x510 [ 1285.411878] ? ip_local_deliver+0x510/0x510 [ 1285.411878] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1285.411878] ip_rcv+0x6b6/0x740 [ 1285.411878] ? ip_rcv_core+0x1370/0x1370 [ 1285.411878] process_backlog+0x82b/0x11e0 [ 1285.411878] ? ip_local_deliver_finish+0xff0/0xff0 [ 1285.411878] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1285.411878] net_rx_action+0x98f/0x1d50 [ 1285.411878] ? net_tx_action+0xf20/0xf20 [ 1285.411878] __do_softirq+0x721/0xc7f [ 1285.411878] ? ksoftirqd_should_run+0x50/0x50 [ 1285.411878] run_ksoftirqd+0x37/0x60 [ 1285.411878] smpboot_thread_fn+0x69c/0xb30 [ 1285.411878] kthread+0x5e7/0x620 [ 1285.411878] ? cpu_report_death+0x4a0/0x4a0 [ 1285.411878] ? INIT_BOOL+0x30/0x30 [ 1285.411878] ret_from_fork+0x35/0x40 [ 1285.411878] Uninit was stored to memory at: [ 1285.441692] CPU: 1 PID: 8190 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #85 [ 1285.441692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] Call Trace: [ 1285.411878] __msan_chain_origin+0x6d/0xb0 [ 1285.441692] [ 1285.411878] __save_stack_trace+0x8be/0xc60 [ 1285.441692] dump_stack+0x32d/0x480 [ 1285.411878] save_stack_trace+0xc6/0x110 [ 1285.441692] kmsan_internal_chain_origin+0x222/0x240 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] ? __msan_poison_alloca+0x1e0/0x270 [ 1285.411878] kmsan_memcpy_origins+0x13d/0x190 [ 1285.441692] ? kmsan_internal_chain_origin+0x90/0x240 [ 1285.411878] __msan_memcpy+0x6f/0x80 [ 1285.441692] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1285.411878] pskb_expand_head+0x436/0x1d20 [ 1285.441692] ? is_bpf_text_address+0x49e/0x4d0 [ 1285.411878] tcp_fragment+0x378/0x21d0 [ 1285.441692] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1285.411878] tcp_sacktag_walk+0xe88/0x29d0 [ 1285.441692] __msan_chain_origin+0x6d/0xb0 [ 1285.411878] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.441692] ? pskb_expand_head+0x436/0x1d20 [ 1285.411878] tcp_ack+0x2888/0xa010 [ 1285.441692] __save_stack_trace+0x8be/0xc60 [ 1285.411878] tcp_rcv_established+0xf7e/0x2940 [ 1285.441692] ? pskb_expand_head+0x436/0x1d20 [ 1285.411878] tcp_v4_do_rcv+0x686/0xd80 [ 1285.441692] save_stack_trace+0xc6/0x110 [ 1285.411878] tcp_v4_rcv+0x5a13/0x6520 [ 1285.441692] kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.441692] ? irq_exit+0x305/0x340 [ 1285.411878] ip_local_deliver+0x44b/0x510 [ 1285.441692] ? kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ip_rcv+0x6b6/0x740 [ 1285.441692] ? kmsan_memcpy_origins+0x13d/0x190 [ 1285.411878] process_backlog+0x82b/0x11e0 [ 1285.441692] ? __msan_memcpy+0x6f/0x80 [ 1285.411878] net_rx_action+0x98f/0x1d50 [ 1285.441692] ? pskb_expand_head+0x436/0x1d20 [ 1285.411878] __do_softirq+0x721/0xc7f [ 1285.441692] ? skb_shift+0xfc3/0x2d10 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1285.411878] __msan_chain_origin+0x6d/0xb0 [ 1285.441692] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.411878] __save_stack_trace+0x8be/0xc60 [ 1285.441692] ? tcp_ack+0x2888/0xa010 [ 1285.411878] save_stack_trace+0xc6/0x110 [ 1285.441692] ? tcp_rcv_established+0xf7e/0x2940 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] ? tcp_v4_do_rcv+0x686/0xd80 [ 1285.411878] kmsan_memcpy_origins+0x13d/0x190 [ 1285.441692] ? tcp_v4_rcv+0x5a13/0x6520 [ 1285.411878] __msan_memcpy+0x6f/0x80 [ 1285.441692] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1285.411878] pskb_expand_head+0x436/0x1d20 [ 1285.441692] ? ip_local_deliver+0x44b/0x510 [ 1285.411878] tcp_fragment+0x378/0x21d0 [ 1285.441692] ? ip_rcv+0x6b6/0x740 [ 1285.411878] tcp_sacktag_walk+0xe88/0x29d0 [ 1285.441692] ? process_backlog+0x82b/0x11e0 [ 1285.411878] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.441692] ? net_rx_action+0x98f/0x1d50 [ 1285.411878] tcp_ack+0x2888/0xa010 [ 1285.441692] ? __do_softirq+0x721/0xc7f [ 1285.411878] tcp_rcv_established+0xf7e/0x2940 [ 1285.441692] ? irq_exit+0x305/0x340 [ 1285.411878] tcp_v4_do_rcv+0x686/0xd80 [ 1285.441692] ? exiting_irq+0xe/0x10 [ 1285.411878] tcp_v4_rcv+0x5a13/0x6520 [ 1285.441692] ? smp_apic_timer_interrupt+0x64/0x90 [ 1285.411878] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.441692] ? apic_timer_interrupt+0xf/0x20 [ 1285.411878] ip_local_deliver+0x44b/0x510 [ 1285.441692] ? __msan_poison_alloca+0x17c/0x270 [ 1285.411878] ip_rcv+0x6b6/0x740 [ 1285.441692] ? syscall_return_slowpath+0x4f/0x730 [ 1285.411878] process_backlog+0x82b/0x11e0 [ 1285.441692] ? do_syscall_64+0xf5/0x110 [ 1285.411878] net_rx_action+0x98f/0x1d50 [ 1285.441692] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1285.411878] __do_softirq+0x721/0xc7f [ 1285.441692] ? __msan_get_context_state+0x9/0x20 [ 1285.411878] [ 1285.441692] ? INIT_INT+0xc/0x30 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1285.411878] __msan_chain_origin+0x6d/0xb0 [ 1285.441692] kmsan_memcpy_origins+0x13d/0x190 [ 1285.411878] __save_stack_trace+0x8be/0xc60 [ 1285.441692] __msan_memcpy+0x6f/0x80 [ 1285.411878] save_stack_trace+0xc6/0x110 [ 1285.441692] pskb_expand_head+0x436/0x1d20 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] skb_shift+0xfc3/0x2d10 [ 1285.411878] kmsan_memcpy_origins+0x13d/0x190 [ 1285.441692] tcp_sacktag_walk+0x2156/0x29d0 [ 1285.411878] __msan_memcpy+0x6f/0x80 [ 1285.441692] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.411878] pskb_expand_head+0x436/0x1d20 [ 1285.441692] tcp_ack+0x2888/0xa010 [ 1285.411878] tcp_fragment+0x378/0x21d0 [ 1285.441692] ? tcp_parse_options+0xbe/0x1cf0 [ 1285.411878] tcp_sacktag_walk+0xe88/0x29d0 [ 1285.441692] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1285.411878] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.441692] ? tcp_parse_options+0x1c55/0x1cf0 [ 1285.411878] tcp_ack+0x2888/0xa010 [ 1285.441692] tcp_rcv_established+0xf7e/0x2940 [ 1285.411878] tcp_rcv_established+0xf7e/0x2940 [ 1285.441692] ? __msan_get_context_state+0x9/0x20 [ 1285.411878] tcp_v4_do_rcv+0x686/0xd80 [ 1285.441692] tcp_v4_do_rcv+0x686/0xd80 [ 1285.411878] tcp_v4_rcv+0x5a13/0x6520 [ 1285.441692] tcp_v4_rcv+0x5a13/0x6520 [ 1285.411878] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.441692] ? tcp_filter+0x260/0x260 [ 1285.411878] ip_local_deliver+0x44b/0x510 [ 1285.441692] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.411878] ip_rcv+0x6b6/0x740 [ 1285.441692] ? nf_hook_slow+0x36f/0x3d0 [ 1285.411878] process_backlog+0x82b/0x11e0 [ 1285.441692] ip_local_deliver+0x44b/0x510 [ 1285.411878] net_rx_action+0x98f/0x1d50 [ 1285.441692] ? ip_local_deliver+0x510/0x510 [ 1285.411878] __do_softirq+0x721/0xc7f [ 1285.441692] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] ip_rcv+0x6b6/0x740 [ 1285.411878] __msan_chain_origin+0x6d/0xb0 [ 1285.441692] ? ip_rcv_core+0x1370/0x1370 [ 1285.411878] __save_stack_trace+0x8be/0xc60 [ 1285.441692] process_backlog+0x82b/0x11e0 [ 1285.411878] save_stack_trace+0xc6/0x110 [ 1285.441692] ? ip_local_deliver_finish+0xff0/0xff0 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1285.411878] kmsan_memcpy_origins+0x13d/0x190 [ 1285.441692] net_rx_action+0x98f/0x1d50 [ 1285.411878] __msan_memcpy+0x6f/0x80 [ 1285.441692] ? net_tx_action+0xf20/0xf20 [ 1285.411878] pskb_expand_head+0x436/0x1d20 [ 1285.441692] __do_softirq+0x721/0xc7f [ 1285.411878] tcp_fragment+0x378/0x21d0 [ 1285.441692] irq_exit+0x305/0x340 [ 1285.411878] tcp_sacktag_walk+0xe88/0x29d0 [ 1285.441692] exiting_irq+0xe/0x10 [ 1285.411878] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.441692] smp_apic_timer_interrupt+0x64/0x90 [ 1285.411878] tcp_ack+0x2888/0xa010 [ 1285.441692] apic_timer_interrupt+0xf/0x20 [ 1285.411878] tcp_rcv_established+0xf7e/0x2940 [ 1285.441692] [ 1285.411878] tcp_v4_do_rcv+0x686/0xd80 [ 1285.441692] RIP: 0010:__msan_poison_alloca+0x17c/0x270 [ 1285.411878] tcp_v4_rcv+0x5a13/0x6520 [ 1285.441692] Code: 48 00 e8 f7 56 ca 02 ff 8b 7c 09 00 00 4c 8b 74 24 08 0f 85 f9 00 00 00 41 89 c7 e8 de fd 35 ff 4c 89 6c 24 18 ff 74 24 18 9d <44> 89 e0 83 e0 03 41 01 c6 45 85 f6 0f 8e a9 00 00 00 49 29 c4 44 [ 1285.411878] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.441692] RSP: 0018:ffff88811aeffde0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 1285.411878] ip_local_deliver+0x44b/0x510 [ 1285.441692] RAX: 00000000f4a000cc RBX: ffff8881cda73c00 RCX: ffff88811aeffe20 [ 1285.411878] ip_rcv+0x6b6/0x740 [ 1285.411878] process_backlog+0x82b/0x11e0 [ 1285.441692] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 00000000f62b0c48 [ 1285.411878] net_rx_action+0x98f/0x1d50 [ 1285.441692] RBP: ffff88811aeffe80 R08: 0000000000480020 R09: 0000000000000002 [ 1285.411878] __do_softirq+0x721/0xc7f [ 1285.441692] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88811aeffee8 [ 1285.411878] [ 1285.441692] R13: 0000000000000246 R14: 0000000000000001 R15: 00000000f4a000cc [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] ? syscall_return_slowpath+0x4f/0x730 [ 1285.411878] __msan_chain_origin+0x6d/0xb0 [ 1285.441692] ? do_syscall_64+0xf5/0x110 [ 1285.411878] __save_stack_trace+0x8be/0xc60 [ 1285.441692] syscall_return_slowpath+0x4f/0x730 [ 1285.411878] save_stack_trace+0xc6/0x110 [ 1285.441692] ? hrtimer_init_sleeper+0xc0/0xc0 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] do_syscall_64+0xf5/0x110 [ 1285.411878] kmsan_memcpy_origins+0x13d/0x190 [ 1285.441692] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1285.411878] __msan_memcpy+0x6f/0x80 [ 1285.441692] RIP: 0033:0x483060 [ 1285.411878] pskb_expand_head+0x436/0x1d20 [ 1285.441692] Code: 00 00 48 c7 c0 d4 ff ff ff 64 c7 00 16 00 00 00 31 c0 eb be 66 0f 1f 44 00 00 83 3d 11 34 5c 00 00 75 14 b8 23 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 d4 f8 f8 ff c3 48 83 ec 08 e8 ba 70 fd ff [ 1285.411878] tcp_fragment+0x378/0x21d0 [ 1285.441692] RSP: 002b:0000000000a3fd78 EFLAGS: 00000246 ORIG_RAX: 0000000000000023 [ 1285.411878] tcp_sacktag_walk+0xe88/0x29d0 [ 1285.441692] RAX: 0000000000000000 RBX: 0000000000139cd4 RCX: 0000000000483060 [ 1285.411878] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.441692] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a3fd80 [ 1285.411878] tcp_ack+0x2888/0xa010 [ 1285.441692] RBP: 00000000000006fc R08: 0000000000000001 R09: 00000000011b8940 [ 1285.411878] tcp_rcv_established+0xf7e/0x2940 [ 1285.441692] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f [ 1285.411878] tcp_v4_do_rcv+0x686/0xd80 [ 1285.441692] R13: 0000000000139073 R14: 000000000000021d R15: 0000000000000005 [ 1285.411878] tcp_v4_rcv+0x5a13/0x6520 [ 1285.441692] Uninit was stored to memory at: [ 1285.411878] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.441692] kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ip_local_deliver+0x44b/0x510 [ 1285.441692] __msan_chain_origin+0x6d/0xb0 [ 1285.411878] ip_rcv+0x6b6/0x740 [ 1285.441692] __save_stack_trace+0x8be/0xc60 [ 1285.411878] process_backlog+0x82b/0x11e0 [ 1285.441692] save_stack_trace+0xc6/0x110 [ 1285.411878] net_rx_action+0x98f/0x1d50 [ 1285.441692] kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] __do_softirq+0x721/0xc7f [ 1285.441692] kmsan_memcpy_origins+0x13d/0x190 [ 1285.411878] [ 1285.441692] __msan_memcpy+0x6f/0x80 [ 1285.411878] Uninit was stored to memory at: [ 1285.441692] pskb_expand_head+0x436/0x1d20 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] skb_shift+0xce2/0x2d10 [ 1285.411878] __msan_chain_origin+0x6d/0xb0 [ 1285.441692] tcp_sacktag_walk+0x2156/0x29d0 [ 1285.411878] __save_stack_trace+0x8be/0xc60 [ 1285.441692] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.411878] save_stack_trace+0xc6/0x110 [ 1285.441692] tcp_ack+0x2888/0xa010 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] tcp_rcv_established+0xf7e/0x2940 [ 1285.411878] kmsan_memcpy_origins+0x13d/0x190 [ 1285.441692] tcp_v4_do_rcv+0x686/0xd80 [ 1285.411878] __msan_memcpy+0x6f/0x80 [ 1285.441692] tcp_v4_rcv+0x5a13/0x6520 [ 1285.411878] pskb_expand_head+0x436/0x1d20 [ 1285.441692] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.411878] tcp_fragment+0x378/0x21d0 [ 1285.441692] ip_local_deliver+0x44b/0x510 [ 1285.411878] tcp_sacktag_walk+0xe88/0x29d0 [ 1285.441692] ip_rcv+0x6b6/0x740 [ 1285.411878] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.441692] process_backlog+0x82b/0x11e0 [ 1285.411878] tcp_ack+0x2888/0xa010 [ 1285.441692] net_rx_action+0x98f/0x1d50 [ 1285.411878] tcp_rcv_established+0xf7e/0x2940 [ 1285.441692] __do_softirq+0x721/0xc7f [ 1285.411878] tcp_v4_do_rcv+0x686/0xd80 [ 1285.441692] [ 1285.411878] tcp_v4_rcv+0x5a13/0x6520 [ 1285.441692] Uninit was stored to memory at: [ 1285.411878] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.441692] kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ip_local_deliver+0x44b/0x510 [ 1285.441692] __msan_chain_origin+0x6d/0xb0 [ 1285.411878] ip_rcv+0x6b6/0x740 [ 1285.441692] __save_stack_trace+0x8be/0xc60 [ 1285.411878] process_backlog+0x82b/0x11e0 [ 1285.441692] save_stack_trace+0xc6/0x110 [ 1285.411878] net_rx_action+0x98f/0x1d50 [ 1285.441692] kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] __do_softirq+0x721/0xc7f [ 1285.441692] kmsan_memcpy_origins+0x13d/0x190 [ 1285.411878] [ 1285.441692] __msan_memcpy+0x6f/0x80 [ 1285.441692] pskb_expand_head+0x436/0x1d20 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] skb_shift+0xce2/0x2d10 [ 1285.411878] __msan_chain_origin+0x6d/0xb0 [ 1285.441692] tcp_sacktag_walk+0x2156/0x29d0 [ 1285.411878] __save_stack_trace+0x8be/0xc60 [ 1285.441692] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.411878] save_stack_trace+0xc6/0x110 [ 1285.441692] tcp_ack+0x2888/0xa010 [ 1285.411878] kmsan_internal_chain_origin+0x136/0x240 [ 1285.441692] tcp_rcv_established+0xf7e/0x2940 [ 1285.411878] kmsan_memcpy_origins+0x13d/0x190 [ 1285.441692] tcp_v4_do_rcv+0x686/0xd80 [ 1285.411878] __msan_memcpy+0x6f/0x80 [ 1285.441692] tcp_v4_rcv+0x5a13/0x6520 [ 1285.411878] pskb_expand_head+0x436/0x1d20 [ 1285.441692] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.411878] tcp_fragment+0x378/0x21d0 [ 1285.441692] ip_local_deliver+0x44b/0x510 [ 1285.411878] tcp_sacktag_walk+0xe88/0x29d0 [ 1285.441692] ip_rcv+0x6b6/0x740 [ 1285.411878] tcp_sacktag_write_queue+0x2805/0x4630 [ 1285.441692] process_backlog+0x82b/0x11e0 [ 1285.411878] tcp_ack+0x2888/0xa010 [ 1285.441692] net_rx_action+0x98f/0x1d50 [ 1285.411878] tcp_rcv_established+0xf7e/0x2940 [ 1285.441692] __do_softirq+0x721/0xc7f [ 1285.411878] tcp_v4_do_rcv+0x686/0xd80 [ 1285.441692] [ 1285.411878] tcp_v4_rcv+0x5a13/0x6520 [ 1285.441692] Uninit was stored to memory at: [ 1285.411878] ip_local_deliver_finish+0x8d8/0xff0 [ 1285.441692] kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] ip_local_deliver+0x44b/0x510 [ 1285.441692] __msan_chain_origin+0x6d/0xb0 [ 1285.411878] ip_rcv+0x6b6/0x740 [ 1285.441692] __save_stack_trace+0x8be/0xc60 [ 1285.411878] process_backlog+0x82b/0x11e0 [ 1285.441692] save_stack_trace+0xc6/0x110 [ 1285.411878] net_rx_action+0x98f/0x1d50 [ 1285.441692] kmsan_internal_chain_origin+0x136/0x240 [ 1285.411878] __do_softirq+0x721/0xc7f [ 1285.441692] kmsan_memcpy_origins+0x13d/0x190 [ 1285.441692] __msan_memcpy+0x6f/0x80 [ 1285.441692] pskb_expand_head+0x436/0x1d20 [ 1285.441692] skb_shift+0xce2/0x2d10 [ 1287.133292] tcp_sacktag_walk+0x2156/0x29d0 [ 1287.133292] tcp_sacktag_write_queue+0x2805/0x4630 [ 1287.133292] tcp_ack+0x2888/0xa010 [ 1287.133292] tcp_rcv_established+0xf7e/0x2940 [ 1287.133292] tcp_v4_do_rcv+0x686/0xd80 [ 1287.133292] tcp_v4_rcv+0x5a13/0x6520 [ 1287.133292] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.133292] ip_local_deliver+0x44b/0x510 [ 1287.133292] ip_rcv+0x6b6/0x740 [ 1287.133292] process_backlog+0x82b/0x11e0 [ 1287.133292] net_rx_action+0x98f/0x1d50 [ 1287.133292] __do_softirq+0x721/0xc7f [ 1287.133292] [ 1287.133292] Uninit was stored to memory at: [ 1287.133292] kmsan_internal_chain_origin+0x136/0x240 [ 1287.133292] __msan_chain_origin+0x6d/0xb0 [ 1287.133292] __save_stack_trace+0x8be/0xc60 [ 1287.133292] save_stack_trace+0xc6/0x110 [ 1287.133292] kmsan_internal_chain_origin+0x136/0x240 [ 1287.133292] kmsan_memcpy_origins+0x13d/0x190 [ 1287.133292] __msan_memcpy+0x6f/0x80 [ 1287.133292] pskb_expand_head+0x436/0x1d20 [ 1287.133292] skb_shift+0xce2/0x2d10 [ 1287.133292] tcp_sacktag_walk+0x2156/0x29d0 [ 1287.133292] tcp_sacktag_write_queue+0x2805/0x4630 [ 1287.133292] tcp_ack+0x2888/0xa010 [ 1287.133292] tcp_rcv_established+0xf7e/0x2940 [ 1287.133292] tcp_v4_do_rcv+0x686/0xd80 [ 1287.133292] tcp_v4_rcv+0x5a13/0x6520 [ 1287.133292] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.133292] ip_local_deliver+0x44b/0x510 [ 1287.133292] ip_rcv+0x6b6/0x740 [ 1287.133292] process_backlog+0x82b/0x11e0 [ 1287.133292] net_rx_action+0x98f/0x1d50 [ 1287.133292] __do_softirq+0x721/0xc7f [ 1287.133292] [ 1287.133292] Uninit was stored to memory at: [ 1287.133292] kmsan_internal_chain_origin+0x136/0x240 [ 1287.133292] __msan_chain_origin+0x6d/0xb0 [ 1287.133292] __save_stack_trace+0x8be/0xc60 [ 1287.133292] save_stack_trace+0xc6/0x110 [ 1287.133292] kmsan_internal_chain_origin+0x136/0x240 [ 1287.133292] kmsan_memcpy_origins+0x13d/0x190 [ 1287.133292] __msan_memcpy+0x6f/0x80 [ 1287.133292] pskb_expand_head+0x436/0x1d20 [ 1287.133292] skb_shift+0xce2/0x2d10 [ 1287.133292] tcp_sacktag_walk+0x2156/0x29d0 [ 1287.133292] tcp_sacktag_write_queue+0x2805/0x4630 [ 1287.133292] tcp_ack+0x2888/0xa010 [ 1287.133292] tcp_rcv_established+0xf7e/0x2940 [ 1287.133292] tcp_v4_do_rcv+0x686/0xd80 [ 1287.133292] tcp_v4_rcv+0x5a13/0x6520 [ 1287.133292] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.133292] ip_local_deliver+0x44b/0x510 [ 1287.133292] ip_rcv+0x6b6/0x740 [ 1287.133292] process_backlog+0x82b/0x11e0 [ 1287.133292] net_rx_action+0x98f/0x1d50 [ 1287.133292] __do_softirq+0x721/0xc7f [ 1287.133292] [ 1287.133292] Uninit was stored to memory at: [ 1287.133292] kmsan_internal_chain_origin+0x136/0x240 [ 1287.133292] __msan_chain_origin+0x6d/0xb0 [ 1287.133292] __save_stack_trace+0x8be/0xc60 [ 1287.133292] save_stack_trace+0xc6/0x110 [ 1287.133292] kmsan_internal_chain_origin+0x136/0x240 [ 1287.133292] kmsan_memcpy_origins+0x13d/0x190 [ 1287.133292] __msan_memcpy+0x6f/0x80 [ 1287.133292] pskb_expand_head+0x436/0x1d20 [ 1287.133292] skb_shift+0xce2/0x2d10 [ 1287.133292] tcp_sacktag_walk+0x2156/0x29d0 [ 1287.133292] tcp_sacktag_write_queue+0x2805/0x4630 [ 1287.133292] tcp_ack+0x2888/0xa010 [ 1287.133292] tcp_rcv_established+0xf7e/0x2940 [ 1287.133292] tcp_v4_do_rcv+0x686/0xd80 [ 1287.133292] tcp_v4_rcv+0x5a13/0x6520 [ 1287.133292] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.133292] ip_local_deliver+0x44b/0x510 [ 1287.133292] ip_rcv+0x6b6/0x740 [ 1287.133292] process_backlog+0x82b/0x11e0 [ 1287.133292] net_rx_action+0x98f/0x1d50 [ 1287.133292] __do_softirq+0x721/0xc7f [ 1287.133292] [ 1287.133292] Uninit was stored to memory at: [ 1287.133292] kmsan_internal_chain_origin+0x136/0x240 [ 1287.133292] __msan_chain_origin+0x6d/0xb0 [ 1287.133292] __save_stack_trace+0x8be/0xc60 [ 1287.133292] save_stack_trace+0xc6/0x110 [ 1287.133292] kmsan_internal_chain_origin+0x136/0x240 [ 1287.133292] kmsan_memcpy_origins+0x13d/0x190 [ 1287.133292] __msan_memcpy+0x6f/0x80 [ 1287.133292] pskb_expand_head+0x436/0x1d20 [ 1287.133292] skb_shift+0xce2/0x2d10 [ 1287.133292] tcp_sacktag_walk+0x2156/0x29d0 [ 1287.133292] tcp_sacktag_write_queue+0x2805/0x4630 [ 1287.133292] tcp_ack+0x2888/0xa010 [ 1287.133292] tcp_rcv_established+0xf7e/0x2940 [ 1287.133292] tcp_v4_do_rcv+0x686/0xd80 [ 1287.133292] tcp_v4_rcv+0x5a13/0x6520 [ 1287.133292] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.133292] ip_local_deliver+0x44b/0x510 [ 1287.133292] ip_rcv+0x6b6/0x740 [ 1287.133292] process_backlog+0x82b/0x11e0 [ 1287.133292] net_rx_action+0x98f/0x1d50 [ 1287.133292] __do_softirq+0x721/0xc7f [ 1287.133292] [ 1287.133292] Local variable description: ----cputime.i@run_posix_cpu_timers [ 1287.133292] Variable was created at: [ 1287.133292] run_posix_cpu_timers+0x7c/0x4720 [ 1287.133292] update_process_times+0x1b0/0x1e0 [ 1287.623685] not chained 5820000 origins [ 1287.627706] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1287.631679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1287.631679] Call Trace: [ 1287.646045] dump_stack+0x32d/0x480 [ 1287.646045] kmsan_internal_chain_origin+0x222/0x240 [ 1287.646045] ? ip_finish_output+0xd93/0x10f0 [ 1287.657588] ? ip_output+0x55c/0x630 [ 1287.657588] ? kmsan_internal_chain_origin+0x90/0x240 [ 1287.657588] ? task_kmsan_context_state+0x51/0x90 [ 1287.657588] ? __msan_get_context_state+0x9/0x20 [ 1287.657588] ? __kernel_text_address+0x19/0x350 [ 1287.657588] ? ret_from_fork+0x35/0x40 [ 1287.657588] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1287.657588] ? in_task_stack+0x12c/0x210 [ 1287.657588] __msan_chain_origin+0x6d/0xb0 [ 1287.657588] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1287.657588] __save_stack_trace+0x8be/0xc60 [ 1287.657588] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1287.657588] save_stack_trace+0xc6/0x110 [ 1287.657588] kmsan_internal_chain_origin+0x136/0x240 [ 1287.657588] ? kmsan_internal_chain_origin+0x136/0x240 [ 1287.657588] ? kmsan_memcpy_origins+0x13d/0x190 [ 1287.657588] ? __msan_memcpy+0x6f/0x80 [ 1287.657588] ? pskb_expand_head+0x436/0x1d20 [ 1287.657588] ? ___pskb_trim+0x3c9/0x1bf0 [ 1287.657588] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1287.657588] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1287.657588] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1287.657588] ? ip_local_deliver+0x44b/0x510 [ 1287.657588] ? ip_rcv+0x6b6/0x740 [ 1287.657588] ? process_backlog+0x82b/0x11e0 14:18:44 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x0) [ 1287.773260] ? net_rx_action+0x98f/0x1d50 [ 1287.773260] ? __do_softirq+0x721/0xc7f [ 1287.773260] ? run_ksoftirqd+0x37/0x60 [ 1287.773260] ? smpboot_thread_fn+0x69c/0xb30 [ 1287.773260] ? kthread+0x5e7/0x620 [ 1287.773260] ? ret_from_fork+0x35/0x40 [ 1287.773260] ? __msan_get_context_state+0x9/0x20 [ 1287.773260] ? INIT_INT+0xc/0x30 [ 1287.773260] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1287.773260] kmsan_memcpy_origins+0x13d/0x190 [ 1287.773260] __msan_memcpy+0x6f/0x80 [ 1287.773260] pskb_expand_head+0x436/0x1d20 [ 1287.773260] ___pskb_trim+0x3c9/0x1bf0 [ 1287.773260] sk_filter_trim_cap+0x5ac/0xa60 [ 1287.773260] tcp_v4_rcv+0x4a1b/0x6520 [ 1287.773260] ? tcp_filter+0x260/0x260 [ 1287.773260] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.773260] ? nf_hook_slow+0x36f/0x3d0 [ 1287.773260] ip_local_deliver+0x44b/0x510 [ 1287.773260] ? ip_local_deliver+0x510/0x510 [ 1287.773260] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1287.773260] ip_rcv+0x6b6/0x740 [ 1287.773260] ? ip_rcv_core+0x1370/0x1370 [ 1287.773260] process_backlog+0x82b/0x11e0 [ 1287.773260] ? __msan_poison_alloca+0x1e0/0x270 [ 1287.773260] ? ip_local_deliver_finish+0xff0/0xff0 [ 1287.773260] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1287.773260] net_rx_action+0x98f/0x1d50 [ 1287.773260] ? net_tx_action+0xf20/0xf20 [ 1287.773260] __do_softirq+0x721/0xc7f [ 1287.773260] ? ksoftirqd_should_run+0x50/0x50 [ 1287.773260] run_ksoftirqd+0x37/0x60 [ 1287.773260] smpboot_thread_fn+0x69c/0xb30 [ 1287.773260] kthread+0x5e7/0x620 [ 1287.773260] ? cpu_report_death+0x4a0/0x4a0 [ 1287.773260] ? INIT_BOOL+0x30/0x30 [ 1287.773260] ret_from_fork+0x35/0x40 [ 1287.773260] Uninit was stored to memory at: [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] __msan_chain_origin+0x6d/0xb0 [ 1287.773260] __save_stack_trace+0x8be/0xc60 [ 1287.773260] save_stack_trace+0xc6/0x110 [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] kmsan_memcpy_origins+0x13d/0x190 [ 1287.773260] __msan_memcpy+0x6f/0x80 [ 1287.773260] pskb_expand_head+0x436/0x1d20 [ 1287.773260] ___pskb_trim+0x3c9/0x1bf0 [ 1287.773260] sk_filter_trim_cap+0x5ac/0xa60 [ 1287.773260] tcp_v4_rcv+0x4a1b/0x6520 [ 1287.773260] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.773260] ip_local_deliver+0x44b/0x510 [ 1287.773260] ip_rcv+0x6b6/0x740 [ 1287.773260] process_backlog+0x82b/0x11e0 [ 1287.773260] net_rx_action+0x98f/0x1d50 [ 1287.773260] __do_softirq+0x721/0xc7f [ 1287.773260] [ 1287.773260] Uninit was stored to memory at: [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] __msan_chain_origin+0x6d/0xb0 [ 1287.773260] __save_stack_trace+0x8be/0xc60 [ 1287.773260] save_stack_trace+0xc6/0x110 [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] kmsan_memcpy_origins+0x13d/0x190 [ 1287.773260] __msan_memcpy+0x6f/0x80 [ 1287.773260] pskb_expand_head+0x436/0x1d20 [ 1287.773260] ___pskb_trim+0x3c9/0x1bf0 [ 1287.773260] sk_filter_trim_cap+0x5ac/0xa60 [ 1287.773260] tcp_v4_rcv+0x4a1b/0x6520 [ 1287.773260] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.773260] ip_local_deliver+0x44b/0x510 [ 1287.773260] ip_rcv+0x6b6/0x740 [ 1287.773260] process_backlog+0x82b/0x11e0 [ 1287.773260] net_rx_action+0x98f/0x1d50 [ 1287.773260] __do_softirq+0x721/0xc7f [ 1287.773260] [ 1287.773260] Uninit was stored to memory at: [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] __msan_chain_origin+0x6d/0xb0 [ 1287.773260] __save_stack_trace+0x8be/0xc60 [ 1287.773260] save_stack_trace+0xc6/0x110 [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] kmsan_memcpy_origins+0x13d/0x190 [ 1287.773260] __msan_memcpy+0x6f/0x80 [ 1287.773260] pskb_expand_head+0x436/0x1d20 [ 1287.773260] ___pskb_trim+0x3c9/0x1bf0 [ 1287.773260] sk_filter_trim_cap+0x5ac/0xa60 [ 1287.773260] tcp_v4_rcv+0x4a1b/0x6520 [ 1287.773260] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.773260] ip_local_deliver+0x44b/0x510 [ 1287.773260] ip_rcv+0x6b6/0x740 [ 1287.773260] process_backlog+0x82b/0x11e0 [ 1287.773260] net_rx_action+0x98f/0x1d50 [ 1287.773260] __do_softirq+0x721/0xc7f [ 1287.773260] [ 1287.773260] Uninit was stored to memory at: [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] __msan_chain_origin+0x6d/0xb0 [ 1287.773260] __save_stack_trace+0x8be/0xc60 [ 1287.773260] save_stack_trace+0xc6/0x110 [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] kmsan_memcpy_origins+0x13d/0x190 [ 1287.773260] __msan_memcpy+0x6f/0x80 [ 1287.773260] pskb_expand_head+0x436/0x1d20 [ 1287.773260] ___pskb_trim+0x3c9/0x1bf0 [ 1287.773260] sk_filter_trim_cap+0x5ac/0xa60 [ 1287.773260] tcp_v4_rcv+0x4a1b/0x6520 [ 1287.773260] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.773260] ip_local_deliver+0x44b/0x510 [ 1287.773260] ip_rcv+0x6b6/0x740 [ 1287.773260] process_backlog+0x82b/0x11e0 [ 1287.773260] net_rx_action+0x98f/0x1d50 [ 1287.773260] __do_softirq+0x721/0xc7f [ 1287.773260] [ 1287.773260] Uninit was stored to memory at: [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] __msan_chain_origin+0x6d/0xb0 [ 1287.773260] __save_stack_trace+0x8be/0xc60 [ 1287.773260] save_stack_trace+0xc6/0x110 [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] kmsan_memcpy_origins+0x13d/0x190 [ 1287.773260] __msan_memcpy+0x6f/0x80 [ 1287.773260] pskb_expand_head+0x436/0x1d20 [ 1287.773260] ___pskb_trim+0x3c9/0x1bf0 [ 1287.773260] sk_filter_trim_cap+0x5ac/0xa60 [ 1287.773260] tcp_v4_rcv+0x4a1b/0x6520 [ 1287.773260] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.773260] ip_local_deliver+0x44b/0x510 [ 1287.773260] ip_rcv+0x6b6/0x740 [ 1287.773260] process_backlog+0x82b/0x11e0 [ 1287.773260] net_rx_action+0x98f/0x1d50 [ 1287.773260] __do_softirq+0x721/0xc7f [ 1287.773260] [ 1287.773260] Uninit was stored to memory at: [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] __msan_chain_origin+0x6d/0xb0 [ 1287.773260] __save_stack_trace+0x8be/0xc60 [ 1287.773260] save_stack_trace+0xc6/0x110 [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] kmsan_memcpy_origins+0x13d/0x190 [ 1287.773260] __msan_memcpy+0x6f/0x80 [ 1287.773260] pskb_expand_head+0x436/0x1d20 [ 1287.773260] ___pskb_trim+0x3c9/0x1bf0 [ 1287.773260] sk_filter_trim_cap+0x5ac/0xa60 [ 1287.773260] tcp_v4_rcv+0x4a1b/0x6520 [ 1287.773260] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.773260] ip_local_deliver+0x44b/0x510 [ 1287.773260] ip_rcv+0x6b6/0x740 [ 1287.773260] process_backlog+0x82b/0x11e0 [ 1287.773260] net_rx_action+0x98f/0x1d50 [ 1287.773260] __do_softirq+0x721/0xc7f [ 1287.773260] [ 1287.773260] Uninit was stored to memory at: [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] __msan_chain_origin+0x6d/0xb0 [ 1287.773260] __save_stack_trace+0x8be/0xc60 [ 1287.773260] save_stack_trace+0xc6/0x110 [ 1287.773260] kmsan_internal_chain_origin+0x136/0x240 [ 1287.773260] kmsan_memcpy_origins+0x13d/0x190 [ 1287.773260] __msan_memcpy+0x6f/0x80 [ 1287.773260] pskb_expand_head+0x436/0x1d20 [ 1287.773260] ___pskb_trim+0x3c9/0x1bf0 [ 1287.773260] sk_filter_trim_cap+0x5ac/0xa60 [ 1287.773260] tcp_v4_rcv+0x4a1b/0x6520 [ 1287.773260] ip_local_deliver_finish+0x8d8/0xff0 [ 1287.773260] ip_local_deliver+0x44b/0x510 [ 1287.773260] ip_rcv+0x6b6/0x740 [ 1287.773260] process_backlog+0x82b/0x11e0 [ 1287.773260] net_rx_action+0x98f/0x1d50 [ 1287.773260] __do_softirq+0x721/0xc7f [ 1287.773260] [ 1287.773260] Local variable description: ----__ai_o2.i.i.i.i@kmem_cache_free [ 1287.773260] Variable was created at: [ 1287.773260] kmem_cache_free+0x143/0x3370 [ 1287.773260] __kfree_skb+0x2cc/0x310 [ 1288.507662] not chained 5830000 origins [ 1288.511669] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1288.511669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1288.511669] Call Trace: [ 1288.511669] dump_stack+0x32d/0x480 [ 1288.511669] kmsan_internal_chain_origin+0x222/0x240 [ 1288.511669] ? ip_finish_output+0xd93/0x10f0 [ 1288.511669] ? ip_output+0x55c/0x630 [ 1288.511669] ? kmsan_internal_chain_origin+0x90/0x240 [ 1288.511669] ? task_kmsan_context_state+0x51/0x90 [ 1288.511669] ? __msan_get_context_state+0x9/0x20 [ 1288.511669] ? __kernel_text_address+0x19/0x350 [ 1288.511669] ? ret_from_fork+0x35/0x40 [ 1288.511669] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1288.511669] ? in_task_stack+0x12c/0x210 [ 1288.511669] __msan_chain_origin+0x6d/0xb0 [ 1288.511669] __save_stack_trace+0xaff/0xc60 [ 1288.511669] ? ret_from_fork+0x35/0x40 [ 1288.511669] save_stack_trace+0xc6/0x110 [ 1288.511669] kmsan_internal_chain_origin+0x136/0x240 [ 1288.511669] ? kmsan_internal_chain_origin+0x136/0x240 [ 1288.511669] ? kmsan_memcpy_origins+0x13d/0x190 [ 1288.511669] ? __msan_memcpy+0x6f/0x80 [ 1288.511669] ? pskb_expand_head+0x436/0x1d20 [ 1288.511669] ? ___pskb_trim+0x3c9/0x1bf0 [ 1288.511669] ? sk_filter_trim_cap+0x5ac/0xa60 [ 1288.511669] ? tcp_v4_rcv+0x4a1b/0x6520 [ 1288.511669] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1288.511669] ? ip_local_deliver+0x44b/0x510 [ 1288.511669] ? ip_rcv+0x6b6/0x740 [ 1288.644766] ? process_backlog+0x82b/0x11e0 [ 1288.644766] ? net_rx_action+0x98f/0x1d50 [ 1288.644766] ? __do_softirq+0x721/0xc7f [ 1288.644766] ? run_ksoftirqd+0x37/0x60 [ 1288.644766] ? smpboot_thread_fn+0x69c/0xb30 [ 1288.644766] ? kthread+0x5e7/0x620 [ 1288.644766] ? ret_from_fork+0x35/0x40 [ 1288.644766] ? __msan_get_context_state+0x9/0x20 [ 1288.644766] ? INIT_INT+0xc/0x30 [ 1288.644766] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1288.644766] kmsan_memcpy_origins+0x13d/0x190 [ 1288.644766] __msan_memcpy+0x6f/0x80 [ 1288.644766] pskb_expand_head+0x436/0x1d20 [ 1288.644766] ___pskb_trim+0x3c9/0x1bf0 [ 1288.644766] sk_filter_trim_cap+0x5ac/0xa60 [ 1288.644766] tcp_v4_rcv+0x4a1b/0x6520 [ 1288.644766] ? tcp_filter+0x260/0x260 [ 1288.644766] ip_local_deliver_finish+0x8d8/0xff0 [ 1288.644766] ? nf_hook_slow+0x36f/0x3d0 [ 1288.644766] ip_local_deliver+0x44b/0x510 [ 1288.644766] ? ip_local_deliver+0x510/0x510 [ 1288.644766] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1288.644766] ip_rcv+0x6b6/0x740 [ 1288.644766] ? ip_rcv_core+0x1370/0x1370 [ 1288.644766] process_backlog+0x82b/0x11e0 [ 1288.644766] ? __msan_poison_alloca+0x1e0/0x270 [ 1288.644766] ? ip_local_deliver_finish+0xff0/0xff0 [ 1288.644766] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1288.644766] net_rx_action+0x98f/0x1d50 [ 1288.644766] ? net_tx_action+0xf20/0xf20 [ 1288.644766] __do_softirq+0x721/0xc7f 14:18:45 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@remote, @in6=@dev}}, {{@in=@loopback}, 0x0, @in=@local}}, &(0x7f0000000080)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000500)={{{@in=@loopback, @in6=@mcast1}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f00000001c0)=0xe8) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r0, &(0x7f0000000680)) r3 = geteuid() setresuid(r3, r1, r2) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r4, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") finit_module(r0, &(0x7f0000000000)='\x00', 0x3) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:45 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80], 0x3, 0x4000}) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmmsg(r5, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1288.644766] ? ksoftirqd_should_run+0x50/0x50 [ 1288.644766] run_ksoftirqd+0x37/0x60 [ 1288.644766] smpboot_thread_fn+0x69c/0xb30 [ 1288.644766] kthread+0x5e7/0x620 [ 1288.791863] ? cpu_report_death+0x4a0/0x4a0 [ 1288.791863] ? INIT_BOOL+0x30/0x30 [ 1288.797569] ret_from_fork+0x35/0x40 [ 1288.797569] Uninit was stored to memory at: [ 1288.797569] kmsan_internal_chain_origin+0x136/0x240 [ 1288.813666] __msan_chain_origin+0x6d/0xb0 [ 1288.813666] __save_stack_trace+0x8be/0xc60 [ 1288.813666] save_stack_trace+0xc6/0x110 14:18:45 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) socketpair(0x11, 0x3, 0x3, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000140)={0x800, 0x18, [0x8, 0x0, 0x3ff, 0x2, 0x80000000, 0x7]}) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1288.813666] kmsan_internal_chain_origin+0x136/0x240 [ 1288.813666] kmsan_memcpy_origins+0x13d/0x190 [ 1288.813666] __msan_memcpy+0x6f/0x80 [ 1288.813666] pskb_expand_head+0x436/0x1d20 [ 1288.813666] ___pskb_trim+0x3c9/0x1bf0 [ 1288.813666] sk_filter_trim_cap+0x5ac/0xa60 [ 1288.848419] tcp_v4_rcv+0x4a1b/0x6520 [ 1288.848419] ip_local_deliver_finish+0x8d8/0xff0 [ 1288.848419] ip_local_deliver+0x44b/0x510 [ 1288.848419] ip_rcv+0x6b6/0x740 [ 1288.848419] process_backlog+0x82b/0x11e0 [ 1288.848419] net_rx_action+0x98f/0x1d50 [ 1288.848419] __do_softirq+0x721/0xc7f [ 1288.876855] [ 1288.876855] Uninit was stored to memory at: [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] __msan_chain_origin+0x6d/0xb0 [ 1288.876855] __save_stack_trace+0x8be/0xc60 [ 1288.876855] save_stack_trace+0xc6/0x110 [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] kmsan_memcpy_origins+0x13d/0x190 [ 1288.876855] __msan_memcpy+0x6f/0x80 [ 1288.876855] pskb_expand_head+0x436/0x1d20 [ 1288.876855] ___pskb_trim+0x3c9/0x1bf0 [ 1288.876855] sk_filter_trim_cap+0x5ac/0xa60 [ 1288.876855] tcp_v4_rcv+0x4a1b/0x6520 [ 1288.876855] ip_local_deliver_finish+0x8d8/0xff0 [ 1288.876855] ip_local_deliver+0x44b/0x510 [ 1288.876855] ip_rcv+0x6b6/0x740 [ 1288.876855] process_backlog+0x82b/0x11e0 [ 1288.876855] net_rx_action+0x98f/0x1d50 [ 1288.876855] __do_softirq+0x721/0xc7f [ 1288.876855] [ 1288.876855] Uninit was stored to memory at: [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] __msan_chain_origin+0x6d/0xb0 [ 1288.876855] __save_stack_trace+0x8be/0xc60 [ 1288.876855] save_stack_trace+0xc6/0x110 [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] kmsan_memcpy_origins+0x13d/0x190 [ 1288.876855] __msan_memcpy+0x6f/0x80 [ 1288.876855] pskb_expand_head+0x436/0x1d20 [ 1288.876855] ___pskb_trim+0x3c9/0x1bf0 [ 1288.876855] sk_filter_trim_cap+0x5ac/0xa60 [ 1288.876855] tcp_v4_rcv+0x4a1b/0x6520 [ 1288.876855] ip_local_deliver_finish+0x8d8/0xff0 [ 1288.876855] ip_local_deliver+0x44b/0x510 [ 1288.876855] ip_rcv+0x6b6/0x740 [ 1288.876855] process_backlog+0x82b/0x11e0 [ 1288.876855] net_rx_action+0x98f/0x1d50 [ 1288.876855] __do_softirq+0x721/0xc7f [ 1288.876855] [ 1288.876855] Uninit was stored to memory at: [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] __msan_chain_origin+0x6d/0xb0 [ 1288.876855] __save_stack_trace+0x8be/0xc60 [ 1288.876855] save_stack_trace+0xc6/0x110 [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] kmsan_memcpy_origins+0x13d/0x190 [ 1288.876855] __msan_memcpy+0x6f/0x80 [ 1288.876855] pskb_expand_head+0x436/0x1d20 [ 1288.876855] ___pskb_trim+0x3c9/0x1bf0 [ 1288.876855] sk_filter_trim_cap+0x5ac/0xa60 [ 1288.876855] tcp_v4_rcv+0x4a1b/0x6520 [ 1288.876855] ip_local_deliver_finish+0x8d8/0xff0 [ 1288.876855] ip_local_deliver+0x44b/0x510 [ 1288.876855] ip_rcv+0x6b6/0x740 [ 1288.876855] process_backlog+0x82b/0x11e0 [ 1288.876855] net_rx_action+0x98f/0x1d50 [ 1288.876855] __do_softirq+0x721/0xc7f [ 1288.876855] [ 1288.876855] Uninit was stored to memory at: [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] __msan_chain_origin+0x6d/0xb0 [ 1288.876855] __save_stack_trace+0x8be/0xc60 [ 1288.876855] save_stack_trace+0xc6/0x110 [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] kmsan_memcpy_origins+0x13d/0x190 [ 1288.876855] __msan_memcpy+0x6f/0x80 [ 1288.876855] pskb_expand_head+0x436/0x1d20 [ 1288.876855] ___pskb_trim+0x3c9/0x1bf0 [ 1288.876855] sk_filter_trim_cap+0x5ac/0xa60 [ 1288.876855] tcp_v4_rcv+0x4a1b/0x6520 [ 1288.876855] ip_local_deliver_finish+0x8d8/0xff0 [ 1288.876855] ip_local_deliver+0x44b/0x510 [ 1288.876855] ip_rcv+0x6b6/0x740 [ 1288.876855] process_backlog+0x82b/0x11e0 [ 1288.876855] net_rx_action+0x98f/0x1d50 [ 1288.876855] __do_softirq+0x721/0xc7f [ 1288.876855] [ 1288.876855] Uninit was stored to memory at: [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] __msan_chain_origin+0x6d/0xb0 [ 1288.876855] __save_stack_trace+0x8be/0xc60 [ 1288.876855] save_stack_trace+0xc6/0x110 [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] kmsan_memcpy_origins+0x13d/0x190 [ 1288.876855] __msan_memcpy+0x6f/0x80 [ 1288.876855] pskb_expand_head+0x436/0x1d20 [ 1288.876855] ___pskb_trim+0x3c9/0x1bf0 [ 1288.876855] sk_filter_trim_cap+0x5ac/0xa60 [ 1288.876855] tcp_v4_rcv+0x4a1b/0x6520 [ 1288.876855] ip_local_deliver_finish+0x8d8/0xff0 [ 1288.876855] ip_local_deliver+0x44b/0x510 [ 1288.876855] ip_rcv+0x6b6/0x740 [ 1288.876855] process_backlog+0x82b/0x11e0 [ 1288.876855] net_rx_action+0x98f/0x1d50 [ 1288.876855] __do_softirq+0x721/0xc7f [ 1288.876855] [ 1288.876855] Uninit was stored to memory at: [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] __msan_chain_origin+0x6d/0xb0 [ 1288.876855] __save_stack_trace+0x8be/0xc60 [ 1288.876855] save_stack_trace+0xc6/0x110 [ 1288.876855] kmsan_internal_chain_origin+0x136/0x240 [ 1288.876855] kmsan_memcpy_origins+0x13d/0x190 [ 1288.876855] __msan_memcpy+0x6f/0x80 [ 1288.876855] pskb_expand_head+0x436/0x1d20 [ 1288.876855] ___pskb_trim+0x3c9/0x1bf0 [ 1288.876855] sk_filter_trim_cap+0x5ac/0xa60 [ 1288.876855] tcp_v4_rcv+0x4a1b/0x6520 [ 1288.876855] ip_local_deliver_finish+0x8d8/0xff0 [ 1288.876855] ip_local_deliver+0x44b/0x510 [ 1288.876855] ip_rcv+0x6b6/0x740 [ 1288.876855] process_backlog+0x82b/0x11e0 [ 1288.876855] net_rx_action+0x98f/0x1d50 [ 1288.876855] __do_softirq+0x721/0xc7f [ 1288.876855] [ 1288.876855] Local variable description: ----__ai_o2.i.i.i.i@kmem_cache_free [ 1288.876855] Variable was created at: [ 1288.876855] kmem_cache_free+0x143/0x3370 [ 1288.876855] __kfree_skb+0x2cc/0x310 [ 1289.377238] not chained 5840000 origins [ 1289.381253] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1289.381653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1289.381653] Call Trace: [ 1289.381653] dump_stack+0x32d/0x480 [ 1289.381653] kmsan_internal_chain_origin+0x222/0x240 [ 1289.381653] ? kmsan_set_origin+0x7f/0x100 [ 1289.410719] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1289.410719] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1289.410719] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1289.410719] ? in_task_stack+0x12c/0x210 [ 1289.410719] ? task_kmsan_context_state+0x51/0x90 [ 1289.410719] ? __msan_get_context_state+0x9/0x20 [ 1289.410719] ? __kernel_text_address+0x19/0x350 [ 1289.444427] ? ret_from_fork+0x35/0x40 [ 1289.444427] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1289.444427] ? in_task_stack+0x12c/0x210 [ 1289.444427] __msan_chain_origin+0x6d/0xb0 [ 1289.444427] ? run_ksoftirqd+0x37/0x60 [ 1289.444427] __save_stack_trace+0x8be/0xc60 [ 1289.444427] ? run_ksoftirqd+0x37/0x60 [ 1289.444427] save_stack_trace+0xc6/0x110 [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] ? run_ksoftirqd+0x37/0x60 [ 1289.444427] ? kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] ? kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] ? __msan_memcpy+0x6f/0x80 [ 1289.444427] ? pskb_expand_head+0x436/0x1d20 [ 1289.444427] ? skb_shift+0xce2/0x2d10 [ 1289.444427] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] ? tcp_ack+0x2888/0xa010 [ 1289.444427] ? tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] ? tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] ? tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ? ip_local_deliver+0x44b/0x510 [ 1289.444427] ? ip_rcv+0x6b6/0x740 [ 1289.444427] ? process_backlog+0x82b/0x11e0 [ 1289.444427] ? net_rx_action+0x98f/0x1d50 [ 1289.444427] ? __do_softirq+0x721/0xc7f [ 1289.444427] ? run_ksoftirqd+0x37/0x60 [ 1289.444427] ? smpboot_thread_fn+0x69c/0xb30 [ 1289.444427] ? kthread+0x5e7/0x620 [ 1289.444427] ? ret_from_fork+0x35/0x40 [ 1289.444427] ? __msan_get_context_state+0x9/0x20 [ 1289.444427] ? INIT_INT+0xc/0x30 [ 1289.444427] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1289.444427] kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] __msan_memcpy+0x6f/0x80 [ 1289.444427] pskb_expand_head+0x436/0x1d20 [ 1289.444427] skb_shift+0xce2/0x2d10 [ 1289.444427] tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] tcp_ack+0x2888/0xa010 [ 1289.444427] ? tcp_parse_options+0xbe/0x1cf0 [ 1289.444427] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1289.444427] ? tcp_parse_options+0x1c55/0x1cf0 [ 1289.444427] tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] ? __msan_get_context_state+0x9/0x20 [ 1289.444427] tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ? tcp_filter+0x260/0x260 [ 1289.444427] ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ? nf_hook_slow+0x36f/0x3d0 [ 1289.444427] ip_local_deliver+0x44b/0x510 [ 1289.444427] ? ip_local_deliver+0x510/0x510 [ 1289.444427] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1289.444427] ip_rcv+0x6b6/0x740 [ 1289.444427] ? ip_rcv_core+0x1370/0x1370 [ 1289.444427] process_backlog+0x82b/0x11e0 [ 1289.444427] ? __msan_poison_alloca+0x1e0/0x270 [ 1289.444427] ? ip_local_deliver_finish+0xff0/0xff0 [ 1289.444427] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1289.444427] net_rx_action+0x98f/0x1d50 [ 1289.444427] ? net_tx_action+0xf20/0xf20 [ 1289.444427] __do_softirq+0x721/0xc7f [ 1289.444427] ? ksoftirqd_should_run+0x50/0x50 [ 1289.444427] run_ksoftirqd+0x37/0x60 [ 1289.444427] smpboot_thread_fn+0x69c/0xb30 [ 1289.444427] kthread+0x5e7/0x620 [ 1289.444427] ? cpu_report_death+0x4a0/0x4a0 [ 1289.444427] ? INIT_BOOL+0x30/0x30 [ 1289.444427] ret_from_fork+0x35/0x40 [ 1289.444427] Uninit was stored to memory at: [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] __msan_chain_origin+0x6d/0xb0 [ 1289.444427] __save_stack_trace+0x8be/0xc60 [ 1289.444427] save_stack_trace+0xc6/0x110 [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] __msan_memcpy+0x6f/0x80 [ 1289.444427] pskb_expand_head+0x436/0x1d20 [ 1289.444427] skb_shift+0xce2/0x2d10 [ 1289.444427] tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] tcp_ack+0x2888/0xa010 [ 1289.444427] tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ip_local_deliver+0x44b/0x510 [ 1289.444427] ip_rcv+0x6b6/0x740 [ 1289.444427] process_backlog+0x82b/0x11e0 [ 1289.444427] net_rx_action+0x98f/0x1d50 [ 1289.444427] __do_softirq+0x721/0xc7f [ 1289.444427] [ 1289.444427] Uninit was stored to memory at: [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] __msan_chain_origin+0x6d/0xb0 [ 1289.444427] __save_stack_trace+0x8be/0xc60 [ 1289.444427] save_stack_trace+0xc6/0x110 [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] __msan_memcpy+0x6f/0x80 [ 1289.444427] pskb_expand_head+0x436/0x1d20 [ 1289.444427] skb_shift+0xce2/0x2d10 [ 1289.444427] tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] tcp_ack+0x2888/0xa010 [ 1289.444427] tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ip_local_deliver+0x44b/0x510 [ 1289.444427] ip_rcv+0x6b6/0x740 [ 1289.444427] process_backlog+0x82b/0x11e0 [ 1289.444427] net_rx_action+0x98f/0x1d50 [ 1289.444427] __do_softirq+0x721/0xc7f [ 1289.444427] [ 1289.444427] Uninit was stored to memory at: [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] __msan_chain_origin+0x6d/0xb0 [ 1289.444427] __save_stack_trace+0x8be/0xc60 [ 1289.444427] save_stack_trace+0xc6/0x110 [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] __msan_memcpy+0x6f/0x80 [ 1289.444427] pskb_expand_head+0x436/0x1d20 [ 1289.444427] skb_shift+0xce2/0x2d10 [ 1289.444427] tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] tcp_ack+0x2888/0xa010 [ 1289.444427] tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ip_local_deliver+0x44b/0x510 [ 1289.444427] ip_rcv+0x6b6/0x740 [ 1289.444427] process_backlog+0x82b/0x11e0 [ 1289.444427] net_rx_action+0x98f/0x1d50 [ 1289.444427] __do_softirq+0x721/0xc7f [ 1289.444427] [ 1289.444427] Uninit was stored to memory at: [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] __msan_chain_origin+0x6d/0xb0 [ 1289.444427] __save_stack_trace+0x8be/0xc60 [ 1289.444427] save_stack_trace+0xc6/0x110 [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] __msan_memcpy+0x6f/0x80 [ 1289.444427] pskb_expand_head+0x436/0x1d20 [ 1289.444427] skb_shift+0xce2/0x2d10 [ 1289.444427] tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] tcp_ack+0x2888/0xa010 [ 1289.444427] tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ip_local_deliver+0x44b/0x510 [ 1289.444427] ip_rcv+0x6b6/0x740 [ 1289.444427] process_backlog+0x82b/0x11e0 [ 1289.444427] net_rx_action+0x98f/0x1d50 [ 1289.444427] __do_softirq+0x721/0xc7f [ 1289.444427] [ 1289.444427] Uninit was stored to memory at: [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] __msan_chain_origin+0x6d/0xb0 [ 1289.444427] __save_stack_trace+0x8be/0xc60 [ 1289.444427] save_stack_trace+0xc6/0x110 [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] __msan_memcpy+0x6f/0x80 [ 1289.444427] pskb_expand_head+0x436/0x1d20 [ 1289.444427] skb_shift+0xce2/0x2d10 [ 1289.444427] tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] tcp_ack+0x2888/0xa010 [ 1289.444427] tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ip_local_deliver+0x44b/0x510 [ 1289.444427] ip_rcv+0x6b6/0x740 [ 1289.444427] process_backlog+0x82b/0x11e0 [ 1289.444427] net_rx_action+0x98f/0x1d50 [ 1289.444427] __do_softirq+0x721/0xc7f [ 1289.444427] [ 1289.444427] Uninit was stored to memory at: [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] __msan_chain_origin+0x6d/0xb0 [ 1289.444427] __save_stack_trace+0x8be/0xc60 [ 1289.444427] save_stack_trace+0xc6/0x110 [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] __msan_memcpy+0x6f/0x80 [ 1289.444427] pskb_expand_head+0x436/0x1d20 [ 1289.444427] skb_shift+0xce2/0x2d10 [ 1289.444427] tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] tcp_ack+0x2888/0xa010 [ 1289.444427] tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ip_local_deliver+0x44b/0x510 [ 1289.444427] ip_rcv+0x6b6/0x740 [ 1289.444427] process_backlog+0x82b/0x11e0 [ 1289.444427] net_rx_action+0x98f/0x1d50 [ 1289.444427] __do_softirq+0x721/0xc7f [ 1289.444427] [ 1289.444427] Uninit was stored to memory at: [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] __msan_chain_origin+0x6d/0xb0 [ 1289.444427] __save_stack_trace+0x8be/0xc60 [ 1289.444427] save_stack_trace+0xc6/0x110 [ 1289.444427] kmsan_internal_chain_origin+0x136/0x240 [ 1289.444427] kmsan_memcpy_origins+0x13d/0x190 [ 1289.444427] __msan_memcpy+0x6f/0x80 [ 1289.444427] pskb_expand_head+0x436/0x1d20 [ 1289.444427] skb_shift+0xce2/0x2d10 [ 1289.444427] tcp_sacktag_walk+0x2156/0x29d0 [ 1289.444427] tcp_sacktag_write_queue+0x2805/0x4630 [ 1289.444427] tcp_ack+0x2888/0xa010 [ 1289.444427] tcp_rcv_established+0xf7e/0x2940 [ 1289.444427] tcp_v4_do_rcv+0x686/0xd80 [ 1289.444427] tcp_v4_rcv+0x5a13/0x6520 [ 1289.444427] ip_local_deliver_finish+0x8d8/0xff0 [ 1289.444427] ip_local_deliver+0x44b/0x510 [ 1289.444427] ip_rcv+0x6b6/0x740 [ 1289.444427] process_backlog+0x82b/0x11e0 [ 1289.444427] net_rx_action+0x98f/0x1d50 [ 1289.444427] __do_softirq+0x721/0xc7f [ 1289.444427] [ 1289.444427] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1289.444427] Variable was created at: [ 1289.444427] ipv4_conntrack_local+0x75/0x470 [ 1289.444427] nf_hook_slow+0x15c/0x3d0 [ 1290.437112] not chained 5850000 origins [ 1290.441125] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1290.441658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1290.441658] Call Trace: [ 1290.441658] dump_stack+0x32d/0x480 [ 1290.441658] kmsan_internal_chain_origin+0x222/0x240 [ 1290.441658] ? INIT_BOOL+0xc/0x30 [ 1290.441658] ? do_raw_spin_lock+0x2c3/0x410 [ 1290.441658] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1290.441658] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1290.441658] ? in_task_stack+0x12c/0x210 [ 1290.441658] ? task_kmsan_context_state+0x51/0x90 [ 1290.441658] ? __msan_get_context_state+0x9/0x20 [ 1290.441658] ? __kernel_text_address+0x19/0x350 [ 1290.441658] ? ret_from_fork+0x35/0x40 [ 1290.441658] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1290.441658] ? in_task_stack+0x12c/0x210 [ 1290.441658] __msan_chain_origin+0x6d/0xb0 [ 1290.441658] ? tcp_ack+0x2888/0xa010 [ 1290.441658] __save_stack_trace+0x8be/0xc60 [ 1290.441658] ? tcp_ack+0x2888/0xa010 [ 1290.441658] save_stack_trace+0xc6/0x110 [ 1290.441658] kmsan_internal_chain_origin+0x136/0x240 [ 1290.441658] ? run_ksoftirqd+0x37/0x60 [ 1290.441658] ? kmsan_internal_chain_origin+0x136/0x240 [ 1290.441658] ? kmsan_memcpy_origins+0x13d/0x190 [ 1290.441658] ? __msan_memcpy+0x6f/0x80 [ 1290.441658] ? pskb_expand_head+0x436/0x1d20 [ 1290.441658] ? skb_shift+0xce2/0x2d10 [ 1290.441658] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1290.441658] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.441658] ? tcp_ack+0x2888/0xa010 [ 1290.441658] ? tcp_rcv_established+0xf7e/0x2940 [ 1290.441658] ? tcp_v4_do_rcv+0x686/0xd80 [ 1290.441658] ? tcp_v4_rcv+0x5a13/0x6520 [ 1290.441658] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1290.441658] ? ip_local_deliver+0x44b/0x510 [ 1290.441658] ? ip_rcv+0x6b6/0x740 [ 1290.441658] ? process_backlog+0x82b/0x11e0 [ 1290.441658] ? net_rx_action+0x98f/0x1d50 [ 1290.441658] ? __do_softirq+0x721/0xc7f [ 1290.441658] ? run_ksoftirqd+0x37/0x60 [ 1290.441658] ? smpboot_thread_fn+0x69c/0xb30 [ 1290.441658] ? kthread+0x5e7/0x620 [ 1290.441658] ? ret_from_fork+0x35/0x40 [ 1290.441658] ? __msan_get_context_state+0x9/0x20 [ 1290.441658] ? INIT_INT+0xc/0x30 [ 1290.441658] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1290.441658] kmsan_memcpy_origins+0x13d/0x190 [ 1290.441658] __msan_memcpy+0x6f/0x80 [ 1290.441658] pskb_expand_head+0x436/0x1d20 [ 1290.441658] skb_shift+0xce2/0x2d10 [ 1290.441658] tcp_sacktag_walk+0x2156/0x29d0 [ 1290.441658] tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.441658] tcp_ack+0x2888/0xa010 [ 1290.441658] ? tcp_parse_options+0xbe/0x1cf0 [ 1290.441658] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1290.441658] ? tcp_parse_options+0x1c55/0x1cf0 [ 1290.441658] tcp_rcv_established+0xf7e/0x2940 [ 1290.441658] ? __msan_get_context_state+0x9/0x20 [ 1290.441658] tcp_v4_do_rcv+0x686/0xd80 [ 1290.441658] tcp_v4_rcv+0x5a13/0x6520 [ 1290.441658] ? tcp_filter+0x260/0x260 [ 1290.441658] ip_local_deliver_finish+0x8d8/0xff0 [ 1290.441658] ? nf_hook_slow+0x36f/0x3d0 [ 1290.725121] ip_local_deliver+0x44b/0x510 [ 1290.725121] ? ip_local_deliver+0x510/0x510 [ 1290.725121] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1290.725121] ip_rcv+0x6b6/0x740 [ 1290.725121] ? ip_rcv_core+0x1370/0x1370 [ 1290.725121] process_backlog+0x82b/0x11e0 [ 1290.725121] ? __msan_poison_alloca+0x1e0/0x270 [ 1290.725121] ? ip_local_deliver_finish+0xff0/0xff0 [ 1290.725121] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1290.725121] net_rx_action+0x98f/0x1d50 [ 1290.725121] ? net_tx_action+0xf20/0xf20 [ 1290.725121] __do_softirq+0x721/0xc7f [ 1290.773471] ? ksoftirqd_should_run+0x50/0x50 [ 1290.773471] run_ksoftirqd+0x37/0x60 [ 1290.773471] smpboot_thread_fn+0x69c/0xb30 [ 1290.773471] kthread+0x5e7/0x620 [ 1290.773471] ? cpu_report_death+0x4a0/0x4a0 [ 1290.773471] ? INIT_BOOL+0x30/0x30 [ 1290.798797] FAULT_INJECTION: forcing a failure. [ 1290.798797] name failslab, interval 1, probability 0, space 0, times 0 [ 1290.773471] ret_from_fork+0x35/0x40 [ 1290.773471] Uninit was stored to memory at: [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] __msan_chain_origin+0x6d/0xb0 [ 1290.773471] __save_stack_trace+0x8be/0xc60 [ 1290.773471] save_stack_trace+0xc6/0x110 [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] kmsan_memcpy_origins+0x13d/0x190 [ 1290.812614] CPU: 0 PID: 19659 Comm: syz-executor3 Not tainted 4.20.0-rc2+ #85 [ 1290.773471] __msan_memcpy+0x6f/0x80 [ 1290.773471] pskb_expand_head+0x436/0x1d20 [ 1290.820536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1290.773471] skb_shift+0xce2/0x2d10 [ 1290.773471] tcp_sacktag_walk+0x2156/0x29d0 [ 1290.822497] Call Trace: [ 1290.773471] tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.773471] tcp_ack+0x2888/0xa010 [ 1290.822497] dump_stack+0x32d/0x480 [ 1290.773471] tcp_rcv_established+0xf7e/0x2940 [ 1290.773471] tcp_v4_do_rcv+0x686/0xd80 [ 1290.822497] should_fail+0x11e5/0x13c0 [ 1290.773471] tcp_v4_rcv+0x5a13/0x6520 [ 1290.773471] ip_local_deliver_finish+0x8d8/0xff0 [ 1290.822497] __should_failslab+0x278/0x2a0 [ 1290.773471] ip_local_deliver+0x44b/0x510 [ 1290.773471] ip_rcv+0x6b6/0x740 [ 1290.822497] should_failslab+0x29/0x70 [ 1290.773471] process_backlog+0x82b/0x11e0 [ 1290.773471] net_rx_action+0x98f/0x1d50 [ 1290.822497] __kmalloc_node+0x257/0x1520 [ 1290.773471] __do_softirq+0x721/0xc7f [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.822497] ? kmsan_set_origin+0x7f/0x100 [ 1290.773471] __msan_chain_origin+0x6d/0xb0 [ 1290.773471] __save_stack_trace+0x8be/0xc60 [ 1290.822497] ? kvmalloc_node+0x19d/0x3e0 [ 1290.773471] save_stack_trace+0xc6/0x110 [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.822497] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1290.773471] kmsan_memcpy_origins+0x13d/0x190 [ 1290.773471] __msan_memcpy+0x6f/0x80 [ 1290.822497] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1290.773471] pskb_expand_head+0x436/0x1d20 [ 1290.773471] skb_shift+0xce2/0x2d10 [ 1290.822497] kvmalloc_node+0x19d/0x3e0 [ 1290.773471] tcp_sacktag_walk+0x2156/0x29d0 [ 1290.773471] tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.822497] setxattr+0x3c7/0x980 [ 1290.773471] tcp_ack+0x2888/0xa010 [ 1290.773471] tcp_rcv_established+0xf7e/0x2940 [ 1290.822497] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1290.773471] tcp_v4_do_rcv+0x686/0xd80 [ 1290.773471] tcp_v4_rcv+0x5a13/0x6520 [ 1290.822497] ? __mnt_want_write_file+0x42b/0x580 [ 1290.773471] ip_local_deliver_finish+0x8d8/0xff0 [ 1290.773471] ip_local_deliver+0x44b/0x510 [ 1290.822497] __se_sys_fsetxattr+0x2c1/0x3b0 [ 1290.773471] ip_rcv+0x6b6/0x740 [ 1290.773471] process_backlog+0x82b/0x11e0 [ 1290.822497] __x64_sys_fsetxattr+0x62/0x80 [ 1290.773471] net_rx_action+0x98f/0x1d50 [ 1290.773471] __do_softirq+0x721/0xc7f [ 1290.822497] do_syscall_64+0xcf/0x110 [ 1290.773471] [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.822497] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1290.773471] __msan_chain_origin+0x6d/0xb0 [ 1290.773471] __save_stack_trace+0x8be/0xc60 [ 1290.822497] RIP: 0033:0x457569 [ 1290.773471] save_stack_trace+0xc6/0x110 [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.822497] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1290.773471] kmsan_memcpy_origins+0x13d/0x190 [ 1290.773471] __msan_memcpy+0x6f/0x80 [ 1290.822497] RSP: 002b:00007f5a7d803c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 1290.773471] pskb_expand_head+0x436/0x1d20 [ 1290.773471] skb_shift+0xce2/0x2d10 [ 1290.822497] RAX: ffffffffffffffda RBX: 00007f5a7d803c90 RCX: 0000000000457569 [ 1290.773471] tcp_sacktag_walk+0x2156/0x29d0 [ 1290.773471] tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.822497] RDX: 0000000020000840 RSI: 0000000020000040 RDI: 0000000000000004 [ 1290.773471] tcp_ack+0x2888/0xa010 [ 1290.773471] tcp_rcv_established+0xf7e/0x2940 [ 1290.822497] RBP: 000000000072bf00 R08: 0000100000000000 R09: 0000000000000000 [ 1290.773471] tcp_v4_do_rcv+0x686/0xd80 [ 1290.773471] tcp_v4_rcv+0x5a13/0x6520 [ 1290.822497] R10: 0000000000000001 R11: 0000000000000246 R12: 00007f5a7d8046d4 [ 1290.773471] ip_local_deliver_finish+0x8d8/0xff0 [ 1290.773471] ip_local_deliver+0x44b/0x510 [ 1290.822497] R13: 00000000004bde22 R14: 00000000004ccf70 R15: 0000000000000005 [ 1290.773471] ip_rcv+0x6b6/0x740 [ 1290.773471] process_backlog+0x82b/0x11e0 [ 1290.773471] net_rx_action+0x98f/0x1d50 [ 1290.773471] __do_softirq+0x721/0xc7f [ 1290.773471] [ 1290.773471] Uninit was stored to memory at: [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] __msan_chain_origin+0x6d/0xb0 [ 1290.773471] __save_stack_trace+0x8be/0xc60 [ 1290.773471] save_stack_trace+0xc6/0x110 [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] kmsan_memcpy_origins+0x13d/0x190 [ 1290.773471] __msan_memcpy+0x6f/0x80 [ 1290.773471] pskb_expand_head+0x436/0x1d20 [ 1290.773471] skb_shift+0xce2/0x2d10 [ 1290.773471] tcp_sacktag_walk+0x2156/0x29d0 [ 1290.773471] tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.773471] tcp_ack+0x2888/0xa010 [ 1290.773471] tcp_rcv_established+0xf7e/0x2940 [ 1290.773471] tcp_v4_do_rcv+0x686/0xd80 [ 1290.773471] tcp_v4_rcv+0x5a13/0x6520 [ 1290.773471] ip_local_deliver_finish+0x8d8/0xff0 [ 1290.773471] ip_local_deliver+0x44b/0x510 [ 1290.773471] ip_rcv+0x6b6/0x740 [ 1290.773471] process_backlog+0x82b/0x11e0 [ 1290.773471] net_rx_action+0x98f/0x1d50 [ 1290.773471] __do_softirq+0x721/0xc7f [ 1290.773471] [ 1290.773471] Uninit was stored to memory at: [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] __msan_chain_origin+0x6d/0xb0 [ 1290.773471] __save_stack_trace+0x8be/0xc60 [ 1290.773471] save_stack_trace+0xc6/0x110 [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] kmsan_memcpy_origins+0x13d/0x190 [ 1290.773471] __msan_memcpy+0x6f/0x80 [ 1290.773471] pskb_expand_head+0x436/0x1d20 [ 1290.773471] skb_shift+0xce2/0x2d10 [ 1290.773471] tcp_sacktag_walk+0x2156/0x29d0 [ 1290.773471] tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.773471] tcp_ack+0x2888/0xa010 [ 1290.773471] tcp_rcv_established+0xf7e/0x2940 [ 1290.773471] tcp_v4_do_rcv+0x686/0xd80 [ 1290.773471] tcp_v4_rcv+0x5a13/0x6520 [ 1290.773471] ip_local_deliver_finish+0x8d8/0xff0 [ 1290.773471] ip_local_deliver+0x44b/0x510 [ 1290.773471] ip_rcv+0x6b6/0x740 [ 1290.773471] process_backlog+0x82b/0x11e0 [ 1290.773471] net_rx_action+0x98f/0x1d50 [ 1290.773471] __do_softirq+0x721/0xc7f [ 1290.773471] [ 1290.773471] Uninit was stored to memory at: [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] __msan_chain_origin+0x6d/0xb0 [ 1290.773471] __save_stack_trace+0x8be/0xc60 [ 1290.773471] save_stack_trace+0xc6/0x110 [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] kmsan_memcpy_origins+0x13d/0x190 [ 1290.773471] __msan_memcpy+0x6f/0x80 [ 1290.773471] pskb_expand_head+0x436/0x1d20 [ 1290.773471] skb_shift+0xce2/0x2d10 [ 1290.773471] tcp_sacktag_walk+0x2156/0x29d0 [ 1290.773471] tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.773471] tcp_ack+0x2888/0xa010 [ 1290.773471] tcp_rcv_established+0xf7e/0x2940 [ 1290.773471] tcp_v4_do_rcv+0x686/0xd80 [ 1290.773471] tcp_v4_rcv+0x5a13/0x6520 [ 1290.773471] ip_local_deliver_finish+0x8d8/0xff0 [ 1290.773471] ip_local_deliver+0x44b/0x510 [ 1290.773471] ip_rcv+0x6b6/0x740 [ 1290.773471] process_backlog+0x82b/0x11e0 [ 1290.773471] net_rx_action+0x98f/0x1d50 [ 1290.773471] __do_softirq+0x721/0xc7f [ 1290.773471] [ 1290.773471] Uninit was stored to memory at: [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] __msan_chain_origin+0x6d/0xb0 [ 1290.773471] __save_stack_trace+0x8be/0xc60 [ 1290.773471] save_stack_trace+0xc6/0x110 [ 1290.773471] kmsan_internal_chain_origin+0x136/0x240 [ 1290.773471] kmsan_memcpy_origins+0x13d/0x190 [ 1290.773471] __msan_memcpy+0x6f/0x80 [ 1290.773471] pskb_expand_head+0x436/0x1d20 [ 1290.773471] skb_shift+0xce2/0x2d10 [ 1290.773471] tcp_sacktag_walk+0x2156/0x29d0 [ 1290.773471] tcp_sacktag_write_queue+0x2805/0x4630 [ 1290.773471] tcp_ack+0x2888/0xa010 [ 1290.773471] tcp_rcv_established+0xf7e/0x2940 [ 1290.773471] tcp_v4_do_rcv+0x686/0xd80 [ 1290.773471] tcp_v4_rcv+0x5a13/0x6520 [ 1290.773471] ip_local_deliver_finish+0x8d8/0xff0 [ 1290.773471] ip_local_deliver+0x44b/0x510 [ 1290.773471] ip_rcv+0x6b6/0x740 [ 1290.773471] process_backlog+0x82b/0x11e0 [ 1290.773471] net_rx_action+0x98f/0x1d50 [ 1290.773471] __do_softirq+0x721/0xc7f [ 1290.773471] [ 1290.773471] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1290.773471] Variable was created at: [ 1290.773471] ipv4_conntrack_local+0x75/0x470 [ 1290.773471] nf_hook_slow+0x15c/0x3d0 [ 1291.653753] not chained 5860000 origins [ 1291.657763] CPU: 0 PID: 19659 Comm: syz-executor3 Not tainted 4.20.0-rc2+ #85 [ 1291.661655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1291.673695] Call Trace: [ 1291.673695] [ 1291.673695] dump_stack+0x32d/0x480 [ 1291.673695] kmsan_internal_chain_origin+0x222/0x240 [ 1291.673695] ? kmsan_internal_chain_origin+0x136/0x240 [ 1291.692852] ? __msan_chain_origin+0x6d/0xb0 [ 1291.692852] ? __save_stack_trace+0x8be/0xc60 [ 1291.692852] ? save_stack_trace+0xc6/0x110 [ 1291.692852] ? kmsan_internal_chain_origin+0x136/0x240 [ 1291.692852] ? kmsan_memcpy_origins+0x13d/0x190 [ 1291.692852] ? __msan_memcpy+0x6f/0x80 [ 1291.692852] ? pskb_expand_head+0x436/0x1d20 [ 1291.692852] ? __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.692852] ? tcp_retransmit_skb+0xa4/0x430 [ 1291.692852] ? tcp_retransmit_timer+0x341b/0x4910 [ 1291.692852] ? tcp_write_timer_handler+0x51d/0xe80 [ 1291.692852] ? tcp_write_timer+0x139/0x250 [ 1291.692852] ? call_timer_fn+0x356/0x7c0 [ 1291.692852] ? __run_timers+0xe95/0x1300 [ 1291.692852] ? run_timer_softirq+0x55/0xa0 [ 1291.692852] ? __do_softirq+0x721/0xc7f [ 1291.692852] ? irq_exit+0x305/0x340 [ 1291.692852] ? exiting_irq+0xe/0x10 [ 1291.692852] ? smp_apic_timer_interrupt+0x64/0x90 [ 1291.692852] ? apic_timer_interrupt+0xf/0x20 [ 1291.692852] ? kmsan_get_metadata_or_null+0x312/0x380 [ 1291.692852] ? __msan_poison_alloca+0x1e0/0x270 [ 1291.692852] ? page_remove_rmap+0x15a/0x1820 [ 1291.692852] ? unmap_page_range+0x213a/0x3950 [ 1291.692852] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1291.692852] ? __module_address+0x6a/0x5f0 [ 1291.692852] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1291.692852] ? in_task_stack+0x12c/0x210 [ 1291.818163] ? get_stack_info+0x206/0x220 [ 1291.818163] __msan_chain_origin+0x6d/0xb0 [ 1291.818163] ? get_signal+0x11e2/0x2330 [ 1291.818163] __save_stack_trace+0x8be/0xc60 [ 1291.818163] ? get_signal+0x11e2/0x2330 [ 1291.818163] save_stack_trace+0xc6/0x110 [ 1291.818163] kmsan_internal_chain_origin+0x136/0x240 [ 1291.818163] ? kmsan_get_metadata_or_null+0x312/0x380 [ 1291.818163] ? do_signal+0x1f3/0x2fc0 [ 1291.818163] ? kmsan_internal_chain_origin+0x136/0x240 [ 1291.818163] ? kmsan_memcpy_origins+0x13d/0x190 [ 1291.818163] ? __msan_memcpy+0x6f/0x80 [ 1291.818163] ? pskb_expand_head+0x436/0x1d20 [ 1291.818163] ? __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.818163] ? tcp_retransmit_skb+0xa4/0x430 [ 1291.818163] ? tcp_retransmit_timer+0x341b/0x4910 [ 1291.818163] ? tcp_write_timer_handler+0x51d/0xe80 [ 1291.818163] ? tcp_write_timer+0x139/0x250 [ 1291.818163] ? call_timer_fn+0x356/0x7c0 [ 1291.903518] ? __run_timers+0xe95/0x1300 [ 1291.903518] ? run_timer_softirq+0x55/0xa0 [ 1291.903518] ? __do_softirq+0x721/0xc7f [ 1291.903518] ? irq_exit+0x305/0x340 [ 1291.903518] ? exiting_irq+0xe/0x10 [ 1291.903518] ? smp_apic_timer_interrupt+0x64/0x90 [ 1291.903518] ? apic_timer_interrupt+0xf/0x20 [ 1291.903518] ? kmsan_get_metadata_or_null+0x312/0x380 [ 1291.903518] ? __msan_poison_alloca+0x1e0/0x270 [ 1291.903518] ? page_remove_rmap+0x15a/0x1820 [ 1291.903518] ? unmap_page_range+0x213a/0x3950 [ 1291.903518] ? unmap_single_vma+0x43f/0x5e0 [ 1291.903518] ? unmap_vmas+0x251/0x380 [ 1291.903518] ? exit_mmap+0x51e/0xa10 [ 1291.903518] ? __mmput+0x17a/0x700 [ 1291.903518] ? mmput+0x190/0x210 [ 1291.903518] ? exit_mm+0xa90/0xc70 [ 1291.903518] ? do_exit+0x10f2/0x4070 [ 1291.903518] ? do_group_exit+0x1a7/0x350 [ 1291.903518] ? get_signal+0x11e2/0x2330 [ 1291.903518] ? do_signal+0x1f3/0x2fc0 [ 1291.903518] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1291.903518] ? syscall_return_slowpath+0xed/0x730 [ 1291.903518] ? do_syscall_64+0xf5/0x110 [ 1291.903518] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1291.903518] ? __msan_get_context_state+0x9/0x20 [ 1291.903518] ? INIT_INT+0xc/0x30 [ 1291.903518] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1291.903518] ? ipv4_dst_check+0x1aa/0x2a0 [ 1291.903518] kmsan_memcpy_origins+0x13d/0x190 [ 1291.903518] __msan_memcpy+0x6f/0x80 [ 1291.903518] pskb_expand_head+0x436/0x1d20 [ 1291.903518] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.903518] ? acpi_pm_read_slow+0x100/0x100 [ 1291.903518] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1291.903518] ? ktime_get_with_offset+0x344/0x4e0 [ 1291.903518] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 1291.903518] ? tcp_enter_loss+0x14f6/0x15b0 [ 1291.903518] tcp_retransmit_skb+0xa4/0x430 [ 1291.903518] tcp_retransmit_timer+0x341b/0x4910 [ 1291.903518] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1291.903518] tcp_write_timer_handler+0x51d/0xe80 [ 1291.903518] tcp_write_timer+0x139/0x250 [ 1291.903518] call_timer_fn+0x356/0x7c0 [ 1291.903518] ? tcp_init_xmit_timers+0x130/0x130 [ 1291.903518] __run_timers+0xe95/0x1300 [ 1291.903518] ? tcp_init_xmit_timers+0x130/0x130 [ 1291.903518] run_timer_softirq+0x55/0xa0 [ 1291.903518] ? timers_dead_cpu+0xb70/0xb70 [ 1291.903518] __do_softirq+0x721/0xc7f [ 1291.903518] irq_exit+0x305/0x340 [ 1291.903518] exiting_irq+0xe/0x10 [ 1291.903518] smp_apic_timer_interrupt+0x64/0x90 [ 1291.903518] apic_timer_interrupt+0xf/0x20 [ 1291.903518] [ 1291.903518] RIP: 0010:kmsan_get_metadata_or_null+0x312/0x380 [ 1291.903518] Code: 4c 01 f1 74 40 f6 01 02 74 3b 48 39 c3 76 0a 48 8b 04 25 10 50 e3 8b eb 0a 48 b8 00 00 00 80 7f 77 00 00 4c 01 e0 48 c1 e8 0c <48> 8d 04 40 48 c1 e0 05 49 bd 00 00 00 00 00 ea ff ff 49 01 c5 0f [ 1291.903518] RSP: 0018:ffff8880aec0f1d8 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13 [ 1291.903518] RAX: 00000000000aec0f RBX: ffff8880aec0f310 RCX: ffff88821fff12a0 [ 1291.903518] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff8880aec0f310 [ 1291.903518] RBP: ffff8880aec0f210 R08: 0000000000480020 R09: 0000000000000002 [ 1291.903518] R10: 000000ffffffffff R11: ffffffff8b200000 R12: ffff88812ec0f310 [ 1291.903518] R13: 000000000000000b R14: 00000000000002a0 R15: 0000000000000000 [ 1291.903518] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1291.903518] __msan_poison_alloca+0x1e0/0x270 [ 1291.903518] ? page_remove_rmap+0x15a/0x1820 [ 1291.903518] ? unmap_page_range+0x213a/0x3950 [ 1291.903518] page_remove_rmap+0x15a/0x1820 [ 1291.903518] ? __tlb_remove_page_size+0x24b/0x560 [ 1291.903518] unmap_page_range+0x213a/0x3950 [ 1291.903518] unmap_single_vma+0x43f/0x5e0 [ 1291.903518] unmap_vmas+0x251/0x380 [ 1291.903518] exit_mmap+0x51e/0xa10 [ 1291.903518] ? __khugepaged_exit+0x6b9/0x8b0 [ 1291.903518] __mmput+0x17a/0x700 [ 1291.903518] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1291.903518] mmput+0x190/0x210 [ 1291.903518] exit_mm+0xa90/0xc70 [ 1291.903518] do_exit+0x10f2/0x4070 [ 1291.903518] do_group_exit+0x1a7/0x350 [ 1291.903518] get_signal+0x11e2/0x2330 [ 1291.903518] ? do_signal+0x1dd/0x2fc0 [ 1291.903518] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1291.903518] do_signal+0x1f3/0x2fc0 [ 1291.903518] ? kmsan_set_origin+0x7f/0x100 [ 1291.903518] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1291.903518] prepare_exit_to_usermode+0x2c9/0x4c0 [ 1291.903518] syscall_return_slowpath+0xed/0x730 [ 1291.903518] do_syscall_64+0xf5/0x110 [ 1291.903518] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1291.903518] RIP: 0033:0x457569 [ 1291.903518] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1291.903518] RSP: 002b:00007f5a7d803cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1291.903518] RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569 [ 1291.903518] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08 [ 1291.903518] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1291.903518] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c [ 1291.903518] R13: 0000000000a3fb7f R14: 00007f5a7d8049c0 R15: 0000000000000000 [ 1291.903518] Uninit was stored to memory at: [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] __msan_chain_origin+0x6d/0xb0 [ 1291.903518] __save_stack_trace+0x8be/0xc60 [ 1291.903518] save_stack_trace+0xc6/0x110 [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] kmsan_memcpy_origins+0x13d/0x190 [ 1291.903518] __msan_memcpy+0x6f/0x80 [ 1291.903518] pskb_expand_head+0x436/0x1d20 [ 1291.903518] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.903518] tcp_retransmit_skb+0xa4/0x430 [ 1291.903518] tcp_retransmit_timer+0x341b/0x4910 [ 1291.903518] tcp_write_timer_handler+0x51d/0xe80 [ 1291.903518] tcp_write_timer+0x139/0x250 [ 1291.903518] call_timer_fn+0x356/0x7c0 [ 1291.903518] __run_timers+0xe95/0x1300 [ 1291.903518] run_timer_softirq+0x55/0xa0 [ 1291.903518] __do_softirq+0x721/0xc7f [ 1291.903518] [ 1291.903518] Uninit was stored to memory at: [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] __msan_chain_origin+0x6d/0xb0 [ 1291.903518] __save_stack_trace+0x8be/0xc60 [ 1291.903518] save_stack_trace+0xc6/0x110 [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] kmsan_memcpy_origins+0x13d/0x190 [ 1291.903518] __msan_memcpy+0x6f/0x80 [ 1291.903518] pskb_expand_head+0x436/0x1d20 [ 1291.903518] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.903518] tcp_retransmit_skb+0xa4/0x430 [ 1291.903518] tcp_retransmit_timer+0x341b/0x4910 [ 1291.903518] tcp_write_timer_handler+0x51d/0xe80 [ 1291.903518] tcp_write_timer+0x139/0x250 [ 1291.903518] call_timer_fn+0x356/0x7c0 [ 1291.903518] __run_timers+0xe95/0x1300 [ 1291.903518] run_timer_softirq+0x55/0xa0 [ 1291.903518] __do_softirq+0x721/0xc7f [ 1291.903518] [ 1291.903518] Uninit was stored to memory at: [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] __msan_chain_origin+0x6d/0xb0 [ 1291.903518] __save_stack_trace+0x8be/0xc60 [ 1291.903518] save_stack_trace+0xc6/0x110 [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] kmsan_memcpy_origins+0x13d/0x190 [ 1291.903518] __msan_memcpy+0x6f/0x80 [ 1291.903518] pskb_expand_head+0x436/0x1d20 [ 1291.903518] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.903518] tcp_retransmit_skb+0xa4/0x430 [ 1291.903518] tcp_retransmit_timer+0x341b/0x4910 [ 1291.903518] tcp_write_timer_handler+0x51d/0xe80 [ 1291.903518] tcp_write_timer+0x139/0x250 [ 1291.903518] call_timer_fn+0x356/0x7c0 [ 1291.903518] __run_timers+0xe95/0x1300 [ 1291.903518] run_timer_softirq+0x55/0xa0 [ 1291.903518] __do_softirq+0x721/0xc7f [ 1291.903518] [ 1291.903518] Uninit was stored to memory at: [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] __msan_chain_origin+0x6d/0xb0 [ 1291.903518] __save_stack_trace+0x8be/0xc60 [ 1291.903518] save_stack_trace+0xc6/0x110 [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] kmsan_memcpy_origins+0x13d/0x190 [ 1291.903518] __msan_memcpy+0x6f/0x80 [ 1291.903518] pskb_expand_head+0x436/0x1d20 [ 1291.903518] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.903518] tcp_retransmit_skb+0xa4/0x430 [ 1291.903518] tcp_retransmit_timer+0x341b/0x4910 [ 1291.903518] tcp_write_timer_handler+0x51d/0xe80 [ 1291.903518] tcp_write_timer+0x139/0x250 [ 1291.903518] call_timer_fn+0x356/0x7c0 [ 1291.903518] __run_timers+0xe95/0x1300 [ 1291.903518] run_timer_softirq+0x55/0xa0 [ 1291.903518] __do_softirq+0x721/0xc7f [ 1291.903518] [ 1291.903518] Uninit was stored to memory at: [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] __msan_chain_origin+0x6d/0xb0 [ 1291.903518] __save_stack_trace+0x8be/0xc60 [ 1291.903518] save_stack_trace+0xc6/0x110 [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] kmsan_memcpy_origins+0x13d/0x190 [ 1291.903518] __msan_memcpy+0x6f/0x80 [ 1291.903518] pskb_expand_head+0x436/0x1d20 [ 1291.903518] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.903518] tcp_retransmit_skb+0xa4/0x430 [ 1291.903518] tcp_retransmit_timer+0x341b/0x4910 [ 1291.903518] tcp_write_timer_handler+0x51d/0xe80 [ 1291.903518] tcp_write_timer+0x139/0x250 [ 1291.903518] call_timer_fn+0x356/0x7c0 [ 1291.903518] __run_timers+0xe95/0x1300 [ 1291.903518] run_timer_softirq+0x55/0xa0 [ 1291.903518] __do_softirq+0x721/0xc7f [ 1291.903518] [ 1291.903518] Uninit was stored to memory at: [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] __msan_chain_origin+0x6d/0xb0 [ 1291.903518] __save_stack_trace+0x8be/0xc60 [ 1291.903518] save_stack_trace+0xc6/0x110 [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] kmsan_memcpy_origins+0x13d/0x190 [ 1291.903518] __msan_memcpy+0x6f/0x80 [ 1291.903518] pskb_expand_head+0x436/0x1d20 [ 1291.903518] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.903518] tcp_retransmit_skb+0xa4/0x430 [ 1291.903518] tcp_retransmit_timer+0x341b/0x4910 [ 1291.903518] tcp_write_timer_handler+0x51d/0xe80 [ 1291.903518] tcp_write_timer+0x139/0x250 [ 1291.903518] call_timer_fn+0x356/0x7c0 [ 1291.903518] __run_timers+0xe95/0x1300 [ 1291.903518] run_timer_softirq+0x55/0xa0 [ 1291.903518] __do_softirq+0x721/0xc7f [ 1291.903518] [ 1291.903518] Uninit was stored to memory at: [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] __msan_chain_origin+0x6d/0xb0 [ 1291.903518] __save_stack_trace+0x8be/0xc60 [ 1291.903518] save_stack_trace+0xc6/0x110 [ 1291.903518] kmsan_internal_chain_origin+0x136/0x240 [ 1291.903518] kmsan_memcpy_origins+0x13d/0x190 [ 1291.903518] __msan_memcpy+0x6f/0x80 [ 1291.903518] pskb_expand_head+0x436/0x1d20 [ 1291.903518] __tcp_retransmit_skb+0xdf6/0x46c0 [ 1291.903518] tcp_retransmit_skb+0xa4/0x430 [ 1291.903518] tcp_retransmit_timer+0x341b/0x4910 [ 1291.903518] tcp_write_timer_handler+0x51d/0xe80 [ 1291.903518] tcp_write_timer+0x139/0x250 [ 1291.903518] call_timer_fn+0x356/0x7c0 [ 1291.903518] __run_timers+0xe95/0x1300 [ 1291.903518] run_timer_softirq+0x55/0xa0 [ 1291.903518] __do_softirq+0x721/0xc7f [ 1291.903518] 14:18:47 executing program 1: unshare(0x2000400) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000140)) r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0xc8, 0x200) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000080)) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000000)={0x0, r0}) 14:18:47 executing program 3 (fault-call:2 fault-nth:0): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:18:50 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 1291.903518] Local variable description: ----__ai_o1.i.i.i.i@kmem_cache_free [ 1291.903518] Variable was created at: [ 1291.903518] kmem_cache_free+0x12e/0x3370 [ 1291.903518] __kfree_skb+0x2cc/0x310 14:18:50 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000380)='/dev/full\x00', 0xca40, 0x0) ioctl$EVIOCSABS3F(r0, 0x401845ff, &(0x7f0000000800)={0x6, 0x3, 0x4, 0x1, 0x80000001, 0x80000000}) r1 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x8002, 0x0) statx(r2, &(0x7f0000000200)='./file0\x00', 0x0, 0x21, &(0x7f0000000500)) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080), 0x8) fcntl$getownex(r1, 0x10, &(0x7f0000000880)) ioctl$RTC_UIE_ON(r0, 0x7003) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) r3 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x10, r2, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000007c0)={0xc0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="12634840020000000000000002000000000000000000000010000000000000000000000018000000000000002000000000000000", @ANYPTR=&(0x7f0000000240)=ANY=[@ANYBLOB="852a6a770a000000", @ANYRES64=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="780000000000000000f2ffffffffffffff000000080000003800000000000000"], @ANYBLOB="fbffffffffffffff11634840030000000000000004000000000000000000000001000000000000000000000000000000000000002000000000000000", @ANYPTR=&(0x7f0000000340)=ANY=[], @ANYPTR=&(0x7f0000000340)=ANY=[@ANYBLOB="380000000000000030000000000000000093c2bb86000000000000002800000000000000"], @ANYBLOB="00080000000000000b6300000f630c400100000004000000000000000e630c400000000002000000000000000d630000"], 0xf0, 0x0, &(0x7f00000006c0)="5b2bff66a211922e50b51963fad1bafdd1adb9cb118f551ea9429abea39d890c7b132e8f84ca2c48c41fba5e93fd76bb9b34fce3469fa9e7eb21b0b0f7d776c3c09fa95722bf7edce2d4c78eaa7581cc82580d78381e0124bfe8342ab54eb907ed8332a81f1c3b794836d89c39e4632bde735a983f35e52cf9d4808a78291f56cb7628835053786065b41145d2a84bbd6064c332778dd6c625536464b9ef8c945fe4c9208ee5cde1291b656238c29c8fb98b232c0f2137ee4c292b2ad3aecc0e04e8e18af07068e43ac2903ced6a71ab7aeec613755fe2c84f1f888cffa5c1ec728686d9c446b16f9e03e15c144f5622"}) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r4, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x440, 0x0) ioctl(r4, 0x3, &(0x7f0000000400)="56ac79842bf745a342caca1c9451220d721ad432668c1fe16f939cb2b62a5e71d8a1415e2278941963558374bbaa216210e481078db2b683ae07733e3f3faf5e88a0e9d44ca10216f707e72c5926485b471cb7ddb85925be4c2959af3b527dbdf4e5664bddd5b3bc98c0ba7e8180b2ca2114db05b3f12173147c184ee1470f224e86900501037777199ec85326e2d949864acf6b232345132683accdd9d29bad5d39e89aca7d1296177a5cb879816ad8d3580f7a22889946c9c7879e78cbfed28039252a32") r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) write$binfmt_elf64(r5, &(0x7f00000008c0)={{0x7f, 0x45, 0x4c, 0x46, 0x8001, 0x1ff, 0x200, 0x5, 0x40, 0x2, 0x3e, 0x4, 0xe5, 0x40, 0x2d6, 0xcd, 0x100000000, 0x38, 0x2, 0x401, 0x80, 0xffffffffffff8000}, [{0x2, 0x2, 0x4, 0x5, 0x4, 0x1, 0x600, 0x7}], "118482fad26ff6243b7bd5ed6aa7e128fb7202fb02480151c6e118a826e472e5b39345ef3c68f2237a778630bd71dadc0fb7bf38a559f244c4d3bbdd7dfb97341ca62f35277cd07a2ed179a596ae9cb701a08c0f749ed3fbb51a7f4afe695bb08c46f7c396042de4749f9622862d22dd252f0cf9e675ba88b5bccb183aa5a5d56b627a3309bd89596e169d6e874ecf0a5444ea1b44901a8d42608a567edf1562"}, 0x118) 14:18:50 executing program 3 (fault-call:2 fault-nth:1): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:18:50 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="a933e29dc2e6e19a266cb8628bcc4ed9865a581ddf12db7825e1b75be1f4957c40ca59b1e91cfca866b1a326701a6d8ff63d4656e15b04d86e77131cb559fff7be3cbdbe158529b3804d2787b657578af9bbe12aaaa1ec3aae247fe6f416c5db568d1669"], 0x1, 0x100000000000) 14:18:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x10000, 0x55476de47aa33b81) write$input_event(r2, &(0x7f00000000c0)={{0x0, 0x7530}, 0x1f, 0x10000, 0x100000000}, 0x18) 14:18:51 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:51 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000400)="0a5c2d0240316285717070") r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x204000, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f0000000140)={0xbf0000, 0x2, 0x3, [], &(0x7f0000000100)={0x0, 0x0, [], @p_u32=&(0x7f00000000c0)}}) writev(r3, &(0x7f0000000700)=[{&(0x7f0000000000)='e', 0x1}], 0x1) 14:18:51 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmmsg(r4, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1294.408224] not chained 5870000 origins [ 1294.411662] CPU: 0 PID: 19698 Comm: syz-executor4 Not tainted 4.20.0-rc2+ #85 [ 1294.411662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1294.411662] Call Trace: [ 1294.411662] dump_stack+0x32d/0x480 [ 1294.411662] kmsan_internal_chain_origin+0x222/0x240 [ 1294.411662] ? save_stack_trace+0xc6/0x110 [ 1294.411662] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1294.411662] ? kmsan_internal_chain_origin+0x90/0x240 [ 1294.411662] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1294.411662] ? is_bpf_text_address+0x49e/0x4d0 [ 1294.411662] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1294.468620] ? in_task_stack+0x12c/0x210 [ 1294.471813] __msan_chain_origin+0x6d/0xb0 [ 1294.471813] ? tcp_rcv_established+0xf7e/0x2940 [ 1294.471813] __save_stack_trace+0x8be/0xc60 [ 1294.471813] ? tcp_rcv_established+0xf7e/0x2940 [ 1294.471813] save_stack_trace+0xc6/0x110 [ 1294.471813] kmsan_internal_chain_origin+0x136/0x240 [ 1294.499015] ? __vfs_write+0x888/0xb80 [ 1294.499015] ? kmsan_internal_chain_origin+0x136/0x240 [ 1294.499015] ? kmsan_memcpy_origins+0x13d/0x190 [ 1294.499015] ? __msan_memcpy+0x6f/0x80 [ 1294.499015] ? pskb_expand_head+0x436/0x1d20 [ 1294.499015] ? tcp_fragment+0x378/0x21d0 [ 1294.499015] ? tcp_sacktag_walk+0xe88/0x29d0 [ 1294.499015] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.499015] ? tcp_ack+0x2888/0xa010 [ 1294.499015] ? tcp_rcv_established+0xf7e/0x2940 [ 1294.545545] ? tcp_v4_do_rcv+0x686/0xd80 [ 1294.545545] ? __release_sock+0x32d/0x750 [ 1294.545545] ? release_sock+0x99/0x2a0 [ 1294.545545] ? sk_stream_wait_memory+0x9cc/0x1430 [ 1294.545545] ? tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.545545] ? tcp_sendmsg+0xb2/0x100 [ 1294.545545] ? inet_sendmsg+0x4e9/0x800 [ 1294.545545] ? sock_write_iter+0x3f4/0x4f0 [ 1294.545545] ? __vfs_write+0x888/0xb80 [ 1294.545545] ? vfs_write+0x4a3/0x8f0 [ 1294.545545] ? __se_sys_write+0x17a/0x370 [ 1294.545545] ? __x64_sys_write+0x4a/0x70 [ 1294.545545] ? do_syscall_64+0xcf/0x110 [ 1294.545545] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.545545] ? __msan_get_context_state+0x9/0x20 [ 1294.545545] ? INIT_INT+0xc/0x30 [ 1294.545545] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1294.545545] kmsan_memcpy_origins+0x13d/0x190 [ 1294.545545] __msan_memcpy+0x6f/0x80 [ 1294.545545] pskb_expand_head+0x436/0x1d20 [ 1294.545545] tcp_fragment+0x378/0x21d0 [ 1294.545545] ? kmsan_set_origin+0x7f/0x100 [ 1294.545545] tcp_sacktag_walk+0xe88/0x29d0 [ 1294.545545] tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.545545] tcp_ack+0x2888/0xa010 [ 1294.545545] ? tcp_parse_options+0xbe/0x1cf0 [ 1294.545545] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1294.545545] ? tcp_parse_options+0x1c55/0x1cf0 [ 1294.545545] tcp_rcv_established+0xf7e/0x2940 [ 1294.671847] ? __msan_get_context_state+0x9/0x20 [ 1294.671847] tcp_v4_do_rcv+0x686/0xd80 [ 1294.671847] ? inet_sk_rx_dst_set+0x200/0x200 [ 1294.671847] __release_sock+0x32d/0x750 [ 1294.671847] release_sock+0x99/0x2a0 [ 1294.671847] sk_stream_wait_memory+0x9cc/0x1430 [ 1294.671847] ? wait_woken+0x5b0/0x5b0 [ 1294.671847] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.671847] tcp_sendmsg+0xb2/0x100 [ 1294.671847] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 1294.671847] inet_sendmsg+0x4e9/0x800 [ 1294.671847] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1294.671847] ? security_socket_sendmsg+0x1bd/0x200 [ 1294.671847] ? inet_getname+0x490/0x490 [ 1294.671847] sock_write_iter+0x3f4/0x4f0 [ 1294.671847] ? sock_read_iter+0x4e0/0x4e0 [ 1294.671847] __vfs_write+0x888/0xb80 [ 1294.671847] vfs_write+0x4a3/0x8f0 [ 1294.671847] __se_sys_write+0x17a/0x370 [ 1294.671847] __x64_sys_write+0x4a/0x70 [ 1294.671847] do_syscall_64+0xcf/0x110 [ 1294.671847] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.671847] RIP: 0033:0x457569 [ 1294.671847] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1294.671847] RSP: 002b:00007f9e40040c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1294.671847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 1294.671847] RDX: 000000000000ff5a RSI: 0000000020000100 RDI: 0000000000000005 [ 1294.671847] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1294.671847] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e400416d4 [ 1294.671847] R13: 00000000004c5893 R14: 00000000004d95a0 R15: 00000000ffffffff [ 1294.671847] Uninit was stored to memory at: [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] __msan_chain_origin+0x6d/0xb0 [ 1294.671847] __save_stack_trace+0x8be/0xc60 [ 1294.671847] save_stack_trace+0xc6/0x110 [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] kmsan_memcpy_origins+0x13d/0x190 [ 1294.671847] __msan_memcpy+0x6f/0x80 [ 1294.671847] pskb_expand_head+0x436/0x1d20 [ 1294.671847] tcp_fragment+0x378/0x21d0 [ 1294.671847] tcp_sacktag_walk+0xe88/0x29d0 [ 1294.671847] tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.671847] tcp_ack+0x2888/0xa010 [ 1294.671847] tcp_rcv_established+0xf7e/0x2940 [ 1294.671847] tcp_v4_do_rcv+0x686/0xd80 [ 1294.671847] __release_sock+0x32d/0x750 [ 1294.671847] release_sock+0x99/0x2a0 [ 1294.671847] sk_stream_wait_memory+0x9cc/0x1430 [ 1294.671847] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.671847] tcp_sendmsg+0xb2/0x100 [ 1294.671847] inet_sendmsg+0x4e9/0x800 [ 1294.671847] sock_write_iter+0x3f4/0x4f0 [ 1294.671847] __vfs_write+0x888/0xb80 [ 1294.671847] vfs_write+0x4a3/0x8f0 [ 1294.671847] __se_sys_write+0x17a/0x370 [ 1294.671847] __x64_sys_write+0x4a/0x70 [ 1294.671847] do_syscall_64+0xcf/0x110 [ 1294.671847] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.671847] [ 1294.671847] Uninit was stored to memory at: [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] __msan_chain_origin+0x6d/0xb0 [ 1294.671847] __save_stack_trace+0x8be/0xc60 [ 1294.671847] save_stack_trace+0xc6/0x110 [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] kmsan_memcpy_origins+0x13d/0x190 [ 1294.671847] __msan_memcpy+0x6f/0x80 [ 1294.671847] pskb_expand_head+0x436/0x1d20 [ 1294.671847] tcp_fragment+0x378/0x21d0 [ 1294.671847] tcp_sacktag_walk+0xe88/0x29d0 [ 1294.671847] tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.671847] tcp_ack+0x2888/0xa010 [ 1294.671847] tcp_rcv_established+0xf7e/0x2940 [ 1294.671847] tcp_v4_do_rcv+0x686/0xd80 [ 1294.671847] __release_sock+0x32d/0x750 [ 1294.671847] release_sock+0x99/0x2a0 [ 1294.671847] sk_stream_wait_memory+0x9cc/0x1430 [ 1294.671847] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.671847] tcp_sendmsg+0xb2/0x100 [ 1294.671847] inet_sendmsg+0x4e9/0x800 [ 1294.671847] sock_write_iter+0x3f4/0x4f0 [ 1294.671847] __vfs_write+0x888/0xb80 [ 1294.671847] vfs_write+0x4a3/0x8f0 [ 1294.671847] __se_sys_write+0x17a/0x370 [ 1294.671847] __x64_sys_write+0x4a/0x70 [ 1294.671847] do_syscall_64+0xcf/0x110 [ 1294.671847] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.671847] [ 1294.671847] Uninit was stored to memory at: [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] __msan_chain_origin+0x6d/0xb0 [ 1294.671847] __save_stack_trace+0x8be/0xc60 [ 1294.671847] save_stack_trace+0xc6/0x110 [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] kmsan_memcpy_origins+0x13d/0x190 [ 1294.671847] __msan_memcpy+0x6f/0x80 [ 1294.671847] pskb_expand_head+0x436/0x1d20 [ 1294.671847] tcp_fragment+0x378/0x21d0 [ 1294.671847] tcp_sacktag_walk+0xe88/0x29d0 [ 1294.671847] tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.671847] tcp_ack+0x2888/0xa010 [ 1294.671847] tcp_rcv_established+0xf7e/0x2940 [ 1294.671847] tcp_v4_do_rcv+0x686/0xd80 [ 1294.671847] __release_sock+0x32d/0x750 [ 1294.671847] release_sock+0x99/0x2a0 [ 1294.671847] sk_stream_wait_memory+0x9cc/0x1430 [ 1294.671847] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.671847] tcp_sendmsg+0xb2/0x100 [ 1294.671847] inet_sendmsg+0x4e9/0x800 [ 1294.671847] sock_write_iter+0x3f4/0x4f0 [ 1294.671847] __vfs_write+0x888/0xb80 [ 1294.671847] vfs_write+0x4a3/0x8f0 [ 1294.671847] __se_sys_write+0x17a/0x370 [ 1294.671847] __x64_sys_write+0x4a/0x70 [ 1294.671847] do_syscall_64+0xcf/0x110 [ 1294.671847] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.671847] [ 1294.671847] Uninit was stored to memory at: [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] __msan_chain_origin+0x6d/0xb0 [ 1294.671847] __save_stack_trace+0x8be/0xc60 [ 1294.671847] save_stack_trace+0xc6/0x110 [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] kmsan_memcpy_origins+0x13d/0x190 [ 1294.671847] __msan_memcpy+0x6f/0x80 [ 1294.671847] pskb_expand_head+0x436/0x1d20 [ 1294.671847] tcp_fragment+0x378/0x21d0 [ 1294.671847] tcp_sacktag_walk+0xe88/0x29d0 [ 1294.671847] tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.671847] tcp_ack+0x2888/0xa010 [ 1294.671847] tcp_rcv_established+0xf7e/0x2940 [ 1294.671847] tcp_v4_do_rcv+0x686/0xd80 [ 1294.671847] __release_sock+0x32d/0x750 [ 1294.671847] release_sock+0x99/0x2a0 [ 1294.671847] sk_stream_wait_memory+0x9cc/0x1430 [ 1294.671847] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.671847] tcp_sendmsg+0xb2/0x100 [ 1294.671847] inet_sendmsg+0x4e9/0x800 [ 1294.671847] sock_write_iter+0x3f4/0x4f0 [ 1294.671847] __vfs_write+0x888/0xb80 [ 1294.671847] vfs_write+0x4a3/0x8f0 [ 1294.671847] __se_sys_write+0x17a/0x370 [ 1294.671847] __x64_sys_write+0x4a/0x70 [ 1294.671847] do_syscall_64+0xcf/0x110 [ 1294.671847] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.671847] [ 1294.671847] Uninit was stored to memory at: [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] __msan_chain_origin+0x6d/0xb0 [ 1294.671847] __save_stack_trace+0x8be/0xc60 [ 1294.671847] save_stack_trace+0xc6/0x110 [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] kmsan_memcpy_origins+0x13d/0x190 [ 1294.671847] __msan_memcpy+0x6f/0x80 [ 1294.671847] pskb_expand_head+0x436/0x1d20 [ 1294.671847] tcp_fragment+0x378/0x21d0 [ 1294.671847] tcp_sacktag_walk+0xe88/0x29d0 [ 1294.671847] tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.671847] tcp_ack+0x2888/0xa010 [ 1294.671847] tcp_rcv_established+0xf7e/0x2940 [ 1294.671847] tcp_v4_do_rcv+0x686/0xd80 [ 1294.671847] __release_sock+0x32d/0x750 [ 1294.671847] release_sock+0x99/0x2a0 [ 1294.671847] sk_stream_wait_memory+0x9cc/0x1430 [ 1294.671847] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.671847] tcp_sendmsg+0xb2/0x100 [ 1294.671847] inet_sendmsg+0x4e9/0x800 [ 1294.671847] sock_write_iter+0x3f4/0x4f0 [ 1294.671847] __vfs_write+0x888/0xb80 [ 1294.671847] vfs_write+0x4a3/0x8f0 [ 1294.671847] __se_sys_write+0x17a/0x370 [ 1294.671847] __x64_sys_write+0x4a/0x70 [ 1294.671847] do_syscall_64+0xcf/0x110 [ 1294.671847] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.671847] [ 1294.671847] Uninit was stored to memory at: [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] __msan_chain_origin+0x6d/0xb0 [ 1294.671847] __save_stack_trace+0x8be/0xc60 [ 1294.671847] save_stack_trace+0xc6/0x110 [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] kmsan_memcpy_origins+0x13d/0x190 [ 1294.671847] __msan_memcpy+0x6f/0x80 [ 1294.671847] pskb_expand_head+0x436/0x1d20 [ 1294.671847] tcp_fragment+0x378/0x21d0 [ 1294.671847] tcp_sacktag_walk+0xe88/0x29d0 [ 1294.671847] tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.671847] tcp_ack+0x2888/0xa010 [ 1294.671847] tcp_rcv_established+0xf7e/0x2940 [ 1294.671847] tcp_v4_do_rcv+0x686/0xd80 [ 1294.671847] __release_sock+0x32d/0x750 [ 1294.671847] release_sock+0x99/0x2a0 [ 1294.671847] sk_stream_wait_memory+0x9cc/0x1430 [ 1294.671847] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.671847] tcp_sendmsg+0xb2/0x100 [ 1294.671847] inet_sendmsg+0x4e9/0x800 [ 1294.671847] sock_write_iter+0x3f4/0x4f0 [ 1294.671847] __vfs_write+0x888/0xb80 [ 1294.671847] vfs_write+0x4a3/0x8f0 [ 1294.671847] __se_sys_write+0x17a/0x370 [ 1294.671847] __x64_sys_write+0x4a/0x70 [ 1294.671847] do_syscall_64+0xcf/0x110 [ 1294.671847] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.671847] [ 1294.671847] Uninit was stored to memory at: [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] __msan_chain_origin+0x6d/0xb0 [ 1294.671847] __save_stack_trace+0x8be/0xc60 [ 1294.671847] save_stack_trace+0xc6/0x110 [ 1294.671847] kmsan_internal_chain_origin+0x136/0x240 [ 1294.671847] kmsan_memcpy_origins+0x13d/0x190 [ 1294.671847] __msan_memcpy+0x6f/0x80 [ 1294.671847] pskb_expand_head+0x436/0x1d20 [ 1294.671847] tcp_fragment+0x378/0x21d0 [ 1294.671847] tcp_sacktag_walk+0xe88/0x29d0 [ 1294.671847] tcp_sacktag_write_queue+0x2805/0x4630 [ 1294.671847] tcp_ack+0x2888/0xa010 [ 1294.671847] tcp_rcv_established+0xf7e/0x2940 [ 1294.671847] tcp_v4_do_rcv+0x686/0xd80 [ 1294.671847] __release_sock+0x32d/0x750 [ 1294.671847] release_sock+0x99/0x2a0 [ 1294.671847] sk_stream_wait_memory+0x9cc/0x1430 [ 1294.671847] tcp_sendmsg_locked+0x1bca/0x6c30 [ 1294.671847] tcp_sendmsg+0xb2/0x100 [ 1294.671847] inet_sendmsg+0x4e9/0x800 [ 1294.671847] sock_write_iter+0x3f4/0x4f0 [ 1294.671847] __vfs_write+0x888/0xb80 [ 1294.671847] vfs_write+0x4a3/0x8f0 [ 1294.671847] __se_sys_write+0x17a/0x370 [ 1294.671847] __x64_sys_write+0x4a/0x70 [ 1294.671847] do_syscall_64+0xcf/0x110 14:18:52 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f00000003c0)="2951578ba22668d89b0abad88e916b14c513cde3f040bf09bdddb567ce36544fe81e5fd14937b50710b2c37be97083520d2ac28724add144b9d0b3a74d21d135b9da9ef2ae5560c0927830a192bd70bc73b43884b8ffaf626d1e46509cb7b2ff00ee8280b6e87ec7c701f7ee9e88e7ffa594bec3f732fa12e2c70f6d86705e8f918d1be0dbdaaf448714a4bb3a749352d3eafead1f2de511e89c11efc2f9aafe28a29147dd6a", 0x119, 0x44, &(0x7f0000e68000)={0x2, 0x4e27, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000000)=0xbe, 0x4) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:52 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) [ 1294.671847] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1294.671847] [ 1294.671847] Local variable description: ----p@ip_vs_conn_out_get_proto [ 1294.671847] Variable was created at: [ 1294.671847] ip_vs_conn_out_get_proto+0xb2/0x740 [ 1294.671847] ip_vs_out+0x9ae/0x4570 14:18:52 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="45a60d88fcd8b334f05662616863fe7ad542"], 0x1, 0x100000000000) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x1b, 0x7, 0x3f}) [ 1295.795250] not chained 5880000 origins [ 1295.799276] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1295.801670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1295.801670] Call Trace: [ 1295.801670] dump_stack+0x32d/0x480 [ 1295.801670] kmsan_internal_chain_origin+0x222/0x240 [ 1295.801670] ? __qdisc_run+0x35be/0x3600 [ 1295.829158] ? __msan_poison_alloca+0x1e0/0x270 [ 1295.829158] ? __local_bh_enable_ip+0x46/0x260 [ 1295.829158] ? local_bh_enable+0x36/0x40 [ 1295.842279] ? __local_bh_enable_ip+0x11f/0x260 [ 1295.842279] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1295.842279] ? in_task_stack+0x12c/0x210 [ 1295.842279] ? task_kmsan_context_state+0x51/0x90 [ 1295.842279] ? __msan_get_context_state+0x9/0x20 [ 1295.842279] ? __kernel_text_address+0x19/0x350 [ 1295.842279] ? ret_from_fork+0x35/0x40 [ 1295.842279] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1295.842279] ? in_task_stack+0x12c/0x210 [ 1295.842279] __msan_chain_origin+0x6d/0xb0 [ 1295.842279] ? __do_softirq+0x721/0xc7f [ 1295.842279] __save_stack_trace+0x8be/0xc60 [ 1295.842279] ? __do_softirq+0x721/0xc7f [ 1295.842279] save_stack_trace+0xc6/0x110 [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] ? run_ksoftirqd+0x37/0x60 [ 1295.842279] ? kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] ? kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] ? __msan_memcpy+0x6f/0x80 [ 1295.842279] ? pskb_expand_head+0x436/0x1d20 [ 1295.842279] ? skb_shift+0xce2/0x2d10 [ 1295.842279] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] ? tcp_ack+0x2888/0xa010 [ 1295.842279] ? tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] ? tcp_v4_do_rcv+0x686/0xd80 [ 1295.842279] ? tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ? ip_local_deliver+0x44b/0x510 [ 1295.842279] ? ip_rcv+0x6b6/0x740 [ 1295.842279] ? process_backlog+0x82b/0x11e0 [ 1295.842279] ? net_rx_action+0x98f/0x1d50 [ 1295.842279] ? __do_softirq+0x721/0xc7f [ 1295.842279] ? run_ksoftirqd+0x37/0x60 [ 1295.842279] ? smpboot_thread_fn+0x69c/0xb30 [ 1295.842279] ? kthread+0x5e7/0x620 [ 1295.842279] ? ret_from_fork+0x35/0x40 [ 1295.842279] ? __msan_get_context_state+0x9/0x20 [ 1295.842279] ? INIT_INT+0xc/0x30 [ 1295.842279] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1295.842279] kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] __msan_memcpy+0x6f/0x80 [ 1295.842279] pskb_expand_head+0x436/0x1d20 [ 1295.842279] skb_shift+0xce2/0x2d10 [ 1295.842279] tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] tcp_ack+0x2888/0xa010 [ 1295.842279] ? tcp_parse_options+0xbe/0x1cf0 [ 1295.842279] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1295.842279] ? tcp_parse_options+0x1c55/0x1cf0 [ 1295.842279] tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] ? __msan_get_context_state+0x9/0x20 [ 1295.842279] tcp_v4_do_rcv+0x686/0xd80 [ 1295.842279] tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ? tcp_filter+0x260/0x260 [ 1295.842279] ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ? nf_hook_slow+0x36f/0x3d0 [ 1295.842279] ip_local_deliver+0x44b/0x510 [ 1295.842279] ? ip_local_deliver+0x510/0x510 [ 1295.842279] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1295.842279] ip_rcv+0x6b6/0x740 [ 1295.842279] ? ip_rcv_core+0x1370/0x1370 [ 1295.842279] process_backlog+0x82b/0x11e0 [ 1295.842279] ? ip_local_deliver_finish+0xff0/0xff0 [ 1295.842279] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1295.842279] net_rx_action+0x98f/0x1d50 [ 1295.842279] ? net_tx_action+0xf20/0xf20 [ 1295.842279] __do_softirq+0x721/0xc7f [ 1295.842279] ? ksoftirqd_should_run+0x50/0x50 [ 1295.842279] run_ksoftirqd+0x37/0x60 [ 1295.842279] smpboot_thread_fn+0x69c/0xb30 [ 1295.842279] kthread+0x5e7/0x620 [ 1295.842279] ? cpu_report_death+0x4a0/0x4a0 [ 1295.842279] ? INIT_BOOL+0x30/0x30 [ 1295.842279] ret_from_fork+0x35/0x40 [ 1295.842279] Uninit was stored to memory at: [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] __msan_chain_origin+0x6d/0xb0 [ 1295.842279] __save_stack_trace+0x8be/0xc60 [ 1295.842279] save_stack_trace+0xc6/0x110 [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] __msan_memcpy+0x6f/0x80 [ 1295.842279] pskb_expand_head+0x436/0x1d20 [ 1295.842279] skb_shift+0xce2/0x2d10 [ 1295.842279] tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] tcp_ack+0x2888/0xa010 [ 1295.842279] tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] tcp_v4_do_rcv+0x686/0xd80 [ 1295.842279] tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ip_local_deliver+0x44b/0x510 [ 1295.842279] ip_rcv+0x6b6/0x740 [ 1295.842279] process_backlog+0x82b/0x11e0 [ 1295.842279] net_rx_action+0x98f/0x1d50 [ 1295.842279] __do_softirq+0x721/0xc7f [ 1295.842279] [ 1295.842279] Uninit was stored to memory at: [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] __msan_chain_origin+0x6d/0xb0 [ 1295.842279] __save_stack_trace+0x8be/0xc60 [ 1295.842279] save_stack_trace+0xc6/0x110 [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] __msan_memcpy+0x6f/0x80 [ 1295.842279] pskb_expand_head+0x436/0x1d20 [ 1295.842279] skb_shift+0xce2/0x2d10 [ 1295.842279] tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] tcp_ack+0x2888/0xa010 [ 1295.842279] tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] tcp_v4_do_rcv+0x686/0xd80 [ 1295.842279] tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ip_local_deliver+0x44b/0x510 [ 1295.842279] ip_rcv+0x6b6/0x740 [ 1295.842279] process_backlog+0x82b/0x11e0 [ 1295.842279] net_rx_action+0x98f/0x1d50 [ 1295.842279] __do_softirq+0x721/0xc7f [ 1295.842279] [ 1295.842279] Uninit was stored to memory at: [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] __msan_chain_origin+0x6d/0xb0 [ 1295.842279] __save_stack_trace+0x8be/0xc60 [ 1295.842279] save_stack_trace+0xc6/0x110 [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] __msan_memcpy+0x6f/0x80 [ 1295.842279] pskb_expand_head+0x436/0x1d20 [ 1295.842279] skb_shift+0xce2/0x2d10 [ 1295.842279] tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] tcp_ack+0x2888/0xa010 [ 1295.842279] tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] tcp_v4_do_rcv+0x686/0xd80 [ 1295.842279] tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ip_local_deliver+0x44b/0x510 [ 1295.842279] ip_rcv+0x6b6/0x740 [ 1295.842279] process_backlog+0x82b/0x11e0 [ 1295.842279] net_rx_action+0x98f/0x1d50 [ 1295.842279] __do_softirq+0x721/0xc7f [ 1295.842279] [ 1295.842279] Uninit was stored to memory at: [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] __msan_chain_origin+0x6d/0xb0 [ 1295.842279] __save_stack_trace+0x8be/0xc60 [ 1295.842279] save_stack_trace+0xc6/0x110 [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] __msan_memcpy+0x6f/0x80 [ 1295.842279] pskb_expand_head+0x436/0x1d20 [ 1295.842279] skb_shift+0xce2/0x2d10 [ 1295.842279] tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] tcp_ack+0x2888/0xa010 [ 1295.842279] tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] tcp_v4_do_rcv+0x686/0xd80 [ 1295.842279] tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ip_local_deliver+0x44b/0x510 [ 1295.842279] ip_rcv+0x6b6/0x740 [ 1295.842279] process_backlog+0x82b/0x11e0 [ 1295.842279] net_rx_action+0x98f/0x1d50 [ 1295.842279] __do_softirq+0x721/0xc7f [ 1295.842279] [ 1295.842279] Uninit was stored to memory at: [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] __msan_chain_origin+0x6d/0xb0 [ 1295.842279] __save_stack_trace+0x8be/0xc60 [ 1295.842279] save_stack_trace+0xc6/0x110 [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] __msan_memcpy+0x6f/0x80 [ 1295.842279] pskb_expand_head+0x436/0x1d20 [ 1295.842279] skb_shift+0xce2/0x2d10 [ 1295.842279] tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] tcp_ack+0x2888/0xa010 [ 1295.842279] tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] tcp_v4_do_rcv+0x686/0xd80 [ 1295.842279] tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ip_local_deliver+0x44b/0x510 [ 1295.842279] ip_rcv+0x6b6/0x740 [ 1295.842279] process_backlog+0x82b/0x11e0 [ 1295.842279] net_rx_action+0x98f/0x1d50 [ 1295.842279] __do_softirq+0x721/0xc7f [ 1295.842279] [ 1295.842279] Uninit was stored to memory at: [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] __msan_chain_origin+0x6d/0xb0 [ 1295.842279] __save_stack_trace+0x8be/0xc60 [ 1295.842279] save_stack_trace+0xc6/0x110 [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] __msan_memcpy+0x6f/0x80 [ 1295.842279] pskb_expand_head+0x436/0x1d20 [ 1295.842279] skb_shift+0xce2/0x2d10 [ 1295.842279] tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] tcp_ack+0x2888/0xa010 [ 1295.842279] tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] tcp_v4_do_rcv+0x686/0xd80 [ 1295.842279] tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ip_local_deliver+0x44b/0x510 [ 1295.842279] ip_rcv+0x6b6/0x740 [ 1295.842279] process_backlog+0x82b/0x11e0 [ 1295.842279] net_rx_action+0x98f/0x1d50 [ 1295.842279] __do_softirq+0x721/0xc7f [ 1295.842279] [ 1295.842279] Uninit was stored to memory at: [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] __msan_chain_origin+0x6d/0xb0 [ 1295.842279] __save_stack_trace+0x8be/0xc60 [ 1295.842279] save_stack_trace+0xc6/0x110 [ 1295.842279] kmsan_internal_chain_origin+0x136/0x240 [ 1295.842279] kmsan_memcpy_origins+0x13d/0x190 [ 1295.842279] __msan_memcpy+0x6f/0x80 [ 1295.842279] pskb_expand_head+0x436/0x1d20 [ 1295.842279] skb_shift+0xce2/0x2d10 [ 1295.842279] tcp_sacktag_walk+0x2156/0x29d0 [ 1295.842279] tcp_sacktag_write_queue+0x2805/0x4630 [ 1295.842279] tcp_ack+0x2888/0xa010 [ 1295.842279] tcp_rcv_established+0xf7e/0x2940 [ 1295.842279] tcp_v4_do_rcv+0x686/0xd80 14:18:53 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000840)=ANY=[], 0x0, 0x100000000000) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x311440, 0x0) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) [ 1295.842279] tcp_v4_rcv+0x5a13/0x6520 [ 1295.842279] ip_local_deliver_finish+0x8d8/0xff0 [ 1295.842279] ip_local_deliver+0x44b/0x510 [ 1295.842279] ip_rcv+0x6b6/0x740 [ 1295.842279] process_backlog+0x82b/0x11e0 [ 1295.842279] net_rx_action+0x98f/0x1d50 [ 1295.842279] __do_softirq+0x721/0xc7f [ 1295.842279] [ 1295.842279] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1295.842279] Variable was created at: [ 1295.842279] ipv4_conntrack_local+0x75/0x470 [ 1295.842279] nf_hook_slow+0x15c/0x3d0 14:18:54 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000340)='/dev/autofs\x00', 0x6040, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/autofs\x00', 0x200000, 0x0) renameat(r0, &(0x7f0000000380)='./file0\x00', r1, &(0x7f0000000600)='./file0\x00') r2 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000100)=0xc) getgroups(0x3, &(0x7f0000000140)=[0x0, 0xee01, 0xffffffffffffffff]) r5 = getuid() r6 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x3f, 0x2100) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000200)={0x0, 0x81, 0x7fffffff, 0x1ff, 0x6, 0x8, 0x3, 0xffffffff, {0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x10000, 0x2, 0x6, 0xffffffff, 0x5c1}}, &(0x7f00000002c0)=0xb0) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x18, &(0x7f0000000300)={r7, 0x6}, 0x8) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r6, 0x40045542, &(0x7f0000000640)) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000120000,user_id=', @ANYRESDEC=r3, @ANYBLOB="2c6772fff28bfa5cb8479b6e75701c00643d", @ANYRESDEC=r4, @ANYBLOB=',allow_other,allow_other,blksize=0x0000000000001a00,max_read=0x0000000000000007,allow_other,default_permissions,default_permissions,uid>', @ANYRESDEC=r5, @ANYBLOB=',appraise_type=imasig,context=sysadm_u,uid>', @ANYRESDEC=r8, @ANYBLOB=',smackfsfloor=eth1\',\x00']) r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r9) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x8031, 0xffffffffffffffff, 0x0) semget(0xffffffffffffffff, 0x0, 0x0) 14:18:54 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) getpgid(0x0) r1 = getpgrp(0x0) fcntl$setown(r0, 0x8, r1) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:54 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) r1 = fcntl$getown(r0, 0x9) capget(&(0x7f0000000000)={0x399f1336, r1}, &(0x7f0000000140)={0x4, 0x0, 0x10001, 0x10000, 0x7, 0x8}) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x104) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x8000, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f0000000200)=0x1000) fsetxattr$system_posix_acl(r1, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYRESOCT=r1], 0x1, 0x100000000000) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000100)) 14:18:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="7f892e8cad1374602259e623e5552a938f3c51ec25bd684fd0d87cc2b46b"], 0x1, 0x100000000000) [ 1297.942535] not chained 5890000 origins [ 1297.946562] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1297.951666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1297.951666] Call Trace: [ 1297.951666] dump_stack+0x32d/0x480 [ 1297.951666] ? save_stack_trace+0xc6/0x110 [ 1297.951666] kmsan_internal_chain_origin+0x222/0x240 [ 1297.951666] ? kmsan_internal_chain_origin+0x136/0x240 [ 1297.951666] ? __msan_chain_origin+0x6d/0xb0 [ 1297.951666] ? __save_stack_trace+0x8be/0xc60 14:18:55 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:55 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x40e002, 0x0) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000080)=0x1000) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) [ 1297.951666] ? save_stack_trace+0xc6/0x110 [ 1297.951666] ? kmsan_internal_chain_origin+0x136/0x240 [ 1297.951666] ? kmsan_memcpy_origins+0x13d/0x190 [ 1297.951666] ? __msan_memcpy+0x6f/0x80 [ 1297.951666] ? pskb_expand_head+0x436/0x1d20 [ 1297.951666] ? skb_shift+0xce2/0x2d10 [ 1297.951666] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1297.951666] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1297.951666] ? tcp_ack+0x2888/0xa010 [ 1297.951666] ? tcp_rcv_established+0xf7e/0x2940 [ 1297.951666] ? tcp_v4_do_rcv+0x686/0xd80 [ 1297.951666] ? tcp_v4_rcv+0x5a13/0x6520 [ 1297.951666] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1297.951666] ? ip_local_deliver+0x44b/0x510 [ 1297.951666] ? ip_rcv+0x6b6/0x740 [ 1297.951666] ? process_backlog+0x82b/0x11e0 [ 1297.951666] ? net_rx_action+0x98f/0x1d50 [ 1297.951666] ? __do_softirq+0x721/0xc7f [ 1297.951666] ? run_ksoftirqd+0x37/0x60 [ 1297.951666] ? smpboot_thread_fn+0x69c/0xb30 [ 1297.951666] ? kthread+0x5e7/0x620 [ 1297.951666] ? ret_from_fork+0x35/0x40 [ 1297.951666] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1297.951666] ? in_task_stack+0x12c/0x210 [ 1297.951666] ? task_kmsan_context_state+0x51/0x90 [ 1297.951666] ? __msan_get_context_state+0x9/0x20 [ 1297.951666] ? __kernel_text_address+0x19/0x350 [ 1297.951666] ? ret_from_fork+0x35/0x40 [ 1297.951666] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1298.114844] ? in_task_stack+0x12c/0x210 [ 1298.114844] __msan_chain_origin+0x6d/0xb0 [ 1298.114844] ? ip_local_deliver+0x44b/0x510 [ 1298.114844] __save_stack_trace+0x8be/0xc60 [ 1298.114844] ? ip_local_deliver+0x44b/0x510 [ 1298.114844] save_stack_trace+0xc6/0x110 [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] ? run_ksoftirqd+0x37/0x60 [ 1298.114844] ? kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] ? kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] ? __msan_memcpy+0x6f/0x80 [ 1298.114844] ? pskb_expand_head+0x436/0x1d20 [ 1298.114844] ? skb_shift+0xce2/0x2d10 [ 1298.114844] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] ? tcp_ack+0x2888/0xa010 [ 1298.114844] ? tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] ? tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] ? tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ? ip_local_deliver+0x44b/0x510 [ 1298.114844] ? ip_rcv+0x6b6/0x740 [ 1298.114844] ? process_backlog+0x82b/0x11e0 [ 1298.114844] ? net_rx_action+0x98f/0x1d50 [ 1298.114844] ? __do_softirq+0x721/0xc7f [ 1298.114844] ? run_ksoftirqd+0x37/0x60 [ 1298.114844] ? smpboot_thread_fn+0x69c/0xb30 [ 1298.114844] ? kthread+0x5e7/0x620 [ 1298.114844] ? ret_from_fork+0x35/0x40 [ 1298.114844] ? __msan_get_context_state+0x9/0x20 [ 1298.114844] ? INIT_INT+0xc/0x30 [ 1298.114844] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1298.114844] kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] __msan_memcpy+0x6f/0x80 [ 1298.114844] pskb_expand_head+0x436/0x1d20 [ 1298.114844] skb_shift+0xce2/0x2d10 [ 1298.114844] tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] tcp_ack+0x2888/0xa010 [ 1298.114844] ? tcp_parse_options+0xbe/0x1cf0 [ 1298.114844] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1298.114844] ? tcp_parse_options+0x1c55/0x1cf0 [ 1298.114844] tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] ? __msan_get_context_state+0x9/0x20 [ 1298.114844] tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ? tcp_filter+0x260/0x260 [ 1298.114844] ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ? nf_hook_slow+0x36f/0x3d0 [ 1298.114844] ip_local_deliver+0x44b/0x510 [ 1298.114844] ? ip_local_deliver+0x510/0x510 [ 1298.114844] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1298.114844] ip_rcv+0x6b6/0x740 [ 1298.114844] ? ip_rcv_core+0x1370/0x1370 [ 1298.114844] process_backlog+0x82b/0x11e0 [ 1298.114844] ? ip_local_deliver_finish+0xff0/0xff0 [ 1298.114844] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1298.114844] net_rx_action+0x98f/0x1d50 [ 1298.114844] ? net_tx_action+0xf20/0xf20 [ 1298.114844] __do_softirq+0x721/0xc7f [ 1298.114844] ? ksoftirqd_should_run+0x50/0x50 [ 1298.114844] run_ksoftirqd+0x37/0x60 [ 1298.114844] smpboot_thread_fn+0x69c/0xb30 [ 1298.114844] kthread+0x5e7/0x620 [ 1298.114844] ? cpu_report_death+0x4a0/0x4a0 [ 1298.114844] ? INIT_BOOL+0x30/0x30 [ 1298.114844] ret_from_fork+0x35/0x40 [ 1298.114844] Uninit was stored to memory at: [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] __msan_chain_origin+0x6d/0xb0 [ 1298.114844] __save_stack_trace+0x8be/0xc60 [ 1298.114844] save_stack_trace+0xc6/0x110 [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] __msan_memcpy+0x6f/0x80 [ 1298.114844] pskb_expand_head+0x436/0x1d20 [ 1298.114844] skb_shift+0xce2/0x2d10 [ 1298.114844] tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] tcp_ack+0x2888/0xa010 [ 1298.114844] tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ip_local_deliver+0x44b/0x510 [ 1298.114844] ip_rcv+0x6b6/0x740 [ 1298.114844] process_backlog+0x82b/0x11e0 [ 1298.114844] net_rx_action+0x98f/0x1d50 [ 1298.114844] __do_softirq+0x721/0xc7f [ 1298.114844] [ 1298.114844] Uninit was stored to memory at: [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] __msan_chain_origin+0x6d/0xb0 [ 1298.114844] __save_stack_trace+0x8be/0xc60 [ 1298.114844] save_stack_trace+0xc6/0x110 [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] __msan_memcpy+0x6f/0x80 [ 1298.114844] pskb_expand_head+0x436/0x1d20 [ 1298.114844] skb_shift+0xce2/0x2d10 [ 1298.114844] tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] tcp_ack+0x2888/0xa010 [ 1298.114844] tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ip_local_deliver+0x44b/0x510 [ 1298.114844] ip_rcv+0x6b6/0x740 [ 1298.114844] process_backlog+0x82b/0x11e0 [ 1298.114844] net_rx_action+0x98f/0x1d50 [ 1298.114844] __do_softirq+0x721/0xc7f [ 1298.114844] [ 1298.114844] Uninit was stored to memory at: [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] __msan_chain_origin+0x6d/0xb0 [ 1298.114844] __save_stack_trace+0x8be/0xc60 [ 1298.114844] save_stack_trace+0xc6/0x110 [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] __msan_memcpy+0x6f/0x80 [ 1298.114844] pskb_expand_head+0x436/0x1d20 [ 1298.114844] skb_shift+0xce2/0x2d10 [ 1298.114844] tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] tcp_ack+0x2888/0xa010 [ 1298.114844] tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ip_local_deliver+0x44b/0x510 [ 1298.114844] ip_rcv+0x6b6/0x740 [ 1298.114844] process_backlog+0x82b/0x11e0 [ 1298.114844] net_rx_action+0x98f/0x1d50 [ 1298.114844] __do_softirq+0x721/0xc7f [ 1298.114844] [ 1298.114844] Uninit was stored to memory at: [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] __msan_chain_origin+0x6d/0xb0 [ 1298.114844] __save_stack_trace+0x8be/0xc60 [ 1298.114844] save_stack_trace+0xc6/0x110 [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] __msan_memcpy+0x6f/0x80 [ 1298.114844] pskb_expand_head+0x436/0x1d20 [ 1298.114844] skb_shift+0xce2/0x2d10 [ 1298.114844] tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] tcp_ack+0x2888/0xa010 [ 1298.114844] tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ip_local_deliver+0x44b/0x510 [ 1298.114844] ip_rcv+0x6b6/0x740 [ 1298.114844] process_backlog+0x82b/0x11e0 [ 1298.114844] net_rx_action+0x98f/0x1d50 [ 1298.114844] __do_softirq+0x721/0xc7f [ 1298.114844] [ 1298.114844] Uninit was stored to memory at: [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] __msan_chain_origin+0x6d/0xb0 [ 1298.114844] __save_stack_trace+0x8be/0xc60 [ 1298.114844] save_stack_trace+0xc6/0x110 [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] __msan_memcpy+0x6f/0x80 [ 1298.114844] pskb_expand_head+0x436/0x1d20 [ 1298.114844] skb_shift+0xce2/0x2d10 [ 1298.114844] tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] tcp_ack+0x2888/0xa010 [ 1298.114844] tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ip_local_deliver+0x44b/0x510 [ 1298.114844] ip_rcv+0x6b6/0x740 [ 1298.114844] process_backlog+0x82b/0x11e0 [ 1298.114844] net_rx_action+0x98f/0x1d50 [ 1298.114844] __do_softirq+0x721/0xc7f [ 1298.114844] [ 1298.114844] Uninit was stored to memory at: [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] __msan_chain_origin+0x6d/0xb0 [ 1298.114844] __save_stack_trace+0x8be/0xc60 [ 1298.114844] save_stack_trace+0xc6/0x110 [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] __msan_memcpy+0x6f/0x80 [ 1298.114844] pskb_expand_head+0x436/0x1d20 [ 1298.114844] skb_shift+0xce2/0x2d10 [ 1298.114844] tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] tcp_ack+0x2888/0xa010 [ 1298.114844] tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ip_local_deliver+0x44b/0x510 [ 1298.114844] ip_rcv+0x6b6/0x740 [ 1298.114844] process_backlog+0x82b/0x11e0 [ 1298.114844] net_rx_action+0x98f/0x1d50 [ 1298.114844] __do_softirq+0x721/0xc7f [ 1298.114844] [ 1298.114844] Uninit was stored to memory at: [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] __msan_chain_origin+0x6d/0xb0 [ 1298.114844] __save_stack_trace+0x8be/0xc60 [ 1298.114844] save_stack_trace+0xc6/0x110 [ 1298.114844] kmsan_internal_chain_origin+0x136/0x240 [ 1298.114844] kmsan_memcpy_origins+0x13d/0x190 [ 1298.114844] __msan_memcpy+0x6f/0x80 [ 1298.114844] pskb_expand_head+0x436/0x1d20 [ 1298.114844] skb_shift+0xce2/0x2d10 [ 1298.114844] tcp_sacktag_walk+0x2156/0x29d0 [ 1298.114844] tcp_sacktag_write_queue+0x2805/0x4630 [ 1298.114844] tcp_ack+0x2888/0xa010 [ 1298.114844] tcp_rcv_established+0xf7e/0x2940 [ 1298.114844] tcp_v4_do_rcv+0x686/0xd80 [ 1298.114844] tcp_v4_rcv+0x5a13/0x6520 [ 1298.114844] ip_local_deliver_finish+0x8d8/0xff0 [ 1298.114844] ip_local_deliver+0x44b/0x510 [ 1298.114844] ip_rcv+0x6b6/0x740 [ 1298.114844] process_backlog+0x82b/0x11e0 [ 1298.114844] net_rx_action+0x98f/0x1d50 [ 1298.114844] __do_softirq+0x721/0xc7f [ 1298.114844] [ 1298.114844] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1298.114844] Variable was created at: [ 1298.114844] ipv4_conntrack_local+0x75/0x470 [ 1298.114844] nf_hook_slow+0x15c/0x3d0 14:18:56 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmmsg(r4, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:56 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x80) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fsetxattr$system_posix_acl(r2, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:18:56 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:56 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2800, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYPTR], 0x1, 0x100000000000) syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x5, 0x200600) 14:18:56 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x4001fd) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:18:57 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x0, 0x10000) write$P9_RRENAME(r2, &(0x7f00000000c0)={0x7, 0x15, 0x2}, 0x7) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:18:57 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) r1 = fcntl$getown(r0, 0x9) capget(&(0x7f0000000000)={0x399f1336, r1}, &(0x7f0000000140)={0x4, 0x0, 0x10001, 0x10000, 0x7, 0x8}) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x104) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:57 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) 14:18:57 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) pipe(&(0x7f0000000000)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000380)={0x0, 0x1}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000400)={r2, @in={{0x2, 0x4e22, @rand_addr=0x6d02}}, 0x6, 0x1, 0x65, 0x1, 0x33}, &(0x7f00000004c0)=0x98) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:18:57 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x100000001}) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmmsg(r3, &(0x7f0000000180), 0x400000000000117, 0x0) 14:18:57 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000240)) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x3, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x4) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setuid(r2) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:18:57 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="94d0aa"], 0x1, 0x100000000000) [ 1300.957779] not chained 5900000 origins [ 1300.961654] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 1300.961654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1300.961654] Call Trace: [ 1300.961654] dump_stack+0x32d/0x480 [ 1300.961654] kmsan_internal_chain_origin+0x222/0x240 [ 1300.961654] ? ret_from_fork+0x35/0x40 [ 1300.961654] ? save_stack_trace+0xc6/0x110 [ 1300.961654] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 1300.961654] ? kmsan_internal_chain_origin+0x90/0x240 [ 1300.961654] ? kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] ? __msan_chain_origin+0x6d/0xb0 [ 1300.961654] ? save_stack_trace+0xfa/0x110 [ 1300.961654] ? kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] ? kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1300.961654] ? in_task_stack+0x12c/0x210 [ 1300.961654] __msan_chain_origin+0x6d/0xb0 [ 1300.961654] ? tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] __save_stack_trace+0x8be/0xc60 [ 1300.961654] ? tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] save_stack_trace+0xc6/0x110 [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] ? kthread+0x5e7/0x620 [ 1300.961654] ? kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] ? kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] ? __msan_memcpy+0x6f/0x80 [ 1300.961654] ? pskb_expand_head+0x436/0x1d20 [ 1300.961654] ? tcp_trim_head+0x214/0x9b0 [ 1300.961654] ? tcp_ack+0x3193/0xa010 [ 1300.961654] ? tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] ? tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] ? tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ? ip_local_deliver+0x44b/0x510 [ 1300.961654] ? ip_rcv+0x6b6/0x740 [ 1300.961654] ? process_backlog+0x82b/0x11e0 [ 1300.961654] ? net_rx_action+0x98f/0x1d50 [ 1300.961654] ? __do_softirq+0x721/0xc7f [ 1300.961654] ? run_ksoftirqd+0x37/0x60 [ 1300.961654] ? smpboot_thread_fn+0x69c/0xb30 [ 1300.961654] ? kthread+0x5e7/0x620 [ 1300.961654] ? ret_from_fork+0x35/0x40 [ 1300.961654] ? __msan_get_context_state+0x9/0x20 [ 1300.961654] ? INIT_INT+0xc/0x30 [ 1300.961654] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1300.961654] kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] __msan_memcpy+0x6f/0x80 [ 1300.961654] pskb_expand_head+0x436/0x1d20 [ 1300.961654] tcp_trim_head+0x214/0x9b0 [ 1300.961654] tcp_ack+0x3193/0xa010 [ 1300.961654] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1300.961654] tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] ? __msan_get_context_state+0x9/0x20 [ 1300.961654] tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ? tcp_filter+0x260/0x260 [ 1300.961654] ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ? nf_hook_slow+0x36f/0x3d0 [ 1300.961654] ip_local_deliver+0x44b/0x510 [ 1300.961654] ? ip_local_deliver+0x510/0x510 [ 1300.961654] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1300.961654] ip_rcv+0x6b6/0x740 [ 1300.961654] ? ip_rcv_core+0x1370/0x1370 [ 1300.961654] process_backlog+0x82b/0x11e0 [ 1300.961654] ? ip_local_deliver_finish+0xff0/0xff0 [ 1300.961654] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1300.961654] net_rx_action+0x98f/0x1d50 [ 1300.961654] ? net_tx_action+0xf20/0xf20 [ 1300.961654] __do_softirq+0x721/0xc7f [ 1300.961654] ? ksoftirqd_should_run+0x50/0x50 [ 1300.961654] run_ksoftirqd+0x37/0x60 [ 1300.961654] smpboot_thread_fn+0x69c/0xb30 [ 1300.961654] kthread+0x5e7/0x620 [ 1300.961654] ? cpu_report_death+0x4a0/0x4a0 [ 1300.961654] ? INIT_BOOL+0x30/0x30 [ 1300.961654] ret_from_fork+0x35/0x40 [ 1300.961654] Uninit was stored to memory at: [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] __msan_chain_origin+0x6d/0xb0 [ 1300.961654] __save_stack_trace+0x8be/0xc60 [ 1300.961654] save_stack_trace+0xc6/0x110 [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] __msan_memcpy+0x6f/0x80 [ 1300.961654] pskb_expand_head+0x436/0x1d20 [ 1300.961654] tcp_trim_head+0x214/0x9b0 [ 1300.961654] tcp_ack+0x3193/0xa010 [ 1300.961654] tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ip_local_deliver+0x44b/0x510 [ 1300.961654] ip_rcv+0x6b6/0x740 [ 1300.961654] process_backlog+0x82b/0x11e0 [ 1300.961654] net_rx_action+0x98f/0x1d50 [ 1300.961654] __do_softirq+0x721/0xc7f [ 1300.961654] [ 1300.961654] Uninit was stored to memory at: [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] __msan_chain_origin+0x6d/0xb0 [ 1300.961654] __save_stack_trace+0x8be/0xc60 [ 1300.961654] save_stack_trace+0xc6/0x110 [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] __msan_memcpy+0x6f/0x80 [ 1300.961654] pskb_expand_head+0x436/0x1d20 [ 1300.961654] tcp_trim_head+0x214/0x9b0 [ 1300.961654] tcp_ack+0x3193/0xa010 [ 1300.961654] tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ip_local_deliver+0x44b/0x510 [ 1300.961654] ip_rcv+0x6b6/0x740 [ 1300.961654] process_backlog+0x82b/0x11e0 [ 1300.961654] net_rx_action+0x98f/0x1d50 [ 1300.961654] __do_softirq+0x721/0xc7f [ 1300.961654] [ 1300.961654] Uninit was stored to memory at: [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] __msan_chain_origin+0x6d/0xb0 [ 1300.961654] __save_stack_trace+0x8be/0xc60 [ 1300.961654] save_stack_trace+0xc6/0x110 [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] __msan_memcpy+0x6f/0x80 [ 1300.961654] pskb_expand_head+0x436/0x1d20 [ 1300.961654] tcp_trim_head+0x214/0x9b0 [ 1300.961654] tcp_ack+0x3193/0xa010 [ 1300.961654] tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ip_local_deliver+0x44b/0x510 [ 1300.961654] ip_rcv+0x6b6/0x740 [ 1300.961654] process_backlog+0x82b/0x11e0 [ 1300.961654] net_rx_action+0x98f/0x1d50 [ 1300.961654] __do_softirq+0x721/0xc7f [ 1300.961654] [ 1300.961654] Uninit was stored to memory at: [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] __msan_chain_origin+0x6d/0xb0 [ 1300.961654] __save_stack_trace+0x8be/0xc60 [ 1300.961654] save_stack_trace+0xc6/0x110 [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] __msan_memcpy+0x6f/0x80 [ 1300.961654] pskb_expand_head+0x436/0x1d20 [ 1300.961654] tcp_trim_head+0x214/0x9b0 [ 1300.961654] tcp_ack+0x3193/0xa010 [ 1300.961654] tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ip_local_deliver+0x44b/0x510 [ 1300.961654] ip_rcv+0x6b6/0x740 [ 1300.961654] process_backlog+0x82b/0x11e0 [ 1300.961654] net_rx_action+0x98f/0x1d50 [ 1300.961654] __do_softirq+0x721/0xc7f [ 1300.961654] [ 1300.961654] Uninit was stored to memory at: [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] __msan_chain_origin+0x6d/0xb0 [ 1300.961654] __save_stack_trace+0x8be/0xc60 [ 1300.961654] save_stack_trace+0xc6/0x110 [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] __msan_memcpy+0x6f/0x80 [ 1300.961654] pskb_expand_head+0x436/0x1d20 [ 1300.961654] tcp_trim_head+0x214/0x9b0 [ 1300.961654] tcp_ack+0x3193/0xa010 [ 1300.961654] tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ip_local_deliver+0x44b/0x510 [ 1300.961654] ip_rcv+0x6b6/0x740 [ 1300.961654] process_backlog+0x82b/0x11e0 [ 1300.961654] net_rx_action+0x98f/0x1d50 [ 1300.961654] __do_softirq+0x721/0xc7f [ 1300.961654] [ 1300.961654] Uninit was stored to memory at: [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] __msan_chain_origin+0x6d/0xb0 [ 1300.961654] __save_stack_trace+0x8be/0xc60 [ 1300.961654] save_stack_trace+0xc6/0x110 [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] __msan_memcpy+0x6f/0x80 [ 1300.961654] pskb_expand_head+0x436/0x1d20 [ 1300.961654] tcp_trim_head+0x214/0x9b0 [ 1300.961654] tcp_ack+0x3193/0xa010 [ 1300.961654] tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ip_local_deliver+0x44b/0x510 [ 1300.961654] ip_rcv+0x6b6/0x740 [ 1300.961654] process_backlog+0x82b/0x11e0 [ 1300.961654] net_rx_action+0x98f/0x1d50 [ 1300.961654] __do_softirq+0x721/0xc7f [ 1300.961654] [ 1300.961654] Uninit was stored to memory at: [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] __msan_chain_origin+0x6d/0xb0 [ 1300.961654] __save_stack_trace+0x8be/0xc60 [ 1300.961654] save_stack_trace+0xc6/0x110 [ 1300.961654] kmsan_internal_chain_origin+0x136/0x240 [ 1300.961654] kmsan_memcpy_origins+0x13d/0x190 [ 1300.961654] __msan_memcpy+0x6f/0x80 [ 1300.961654] pskb_expand_head+0x436/0x1d20 [ 1300.961654] tcp_trim_head+0x214/0x9b0 [ 1300.961654] tcp_ack+0x3193/0xa010 [ 1300.961654] tcp_rcv_established+0xf7e/0x2940 [ 1300.961654] tcp_v4_do_rcv+0x686/0xd80 [ 1300.961654] tcp_v4_rcv+0x5a13/0x6520 [ 1300.961654] ip_local_deliver_finish+0x8d8/0xff0 [ 1300.961654] ip_local_deliver+0x44b/0x510 [ 1300.961654] ip_rcv+0x6b6/0x740 [ 1300.961654] process_backlog+0x82b/0x11e0 [ 1300.961654] net_rx_action+0x98f/0x1d50 [ 1300.961654] __do_softirq+0x721/0xc7f [ 1300.961654] [ 1300.961654] Local variable description: ----v.addr.i.i108@update_curr [ 1300.961654] Variable was created at: [ 1300.961654] update_curr+0x62/0x2100 [ 1300.961654] check_preempt_wakeup+0xc72/0x1670 [ 1302.118288] not chained 5910000 origins [ 1302.121672] CPU: 1 PID: 19791 Comm: syz-executor5 Not tainted 4.20.0-rc2+ #85 [ 1302.124793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1302.124793] Call Trace: [ 1302.124793] [ 1302.124793] dump_stack+0x32d/0x480 [ 1302.124793] kmsan_internal_chain_origin+0x222/0x240 [ 1302.124793] ? kmsan_set_origin+0x7f/0x100 [ 1302.124793] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1302.124793] ? __module_address+0x6a/0x5f0 [ 1302.124793] ? is_bpf_text_address+0x3e5/0x4d0 [ 1302.124793] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1302.124793] ? is_bpf_text_address+0x49e/0x4d0 [ 1302.124793] ? kmsan_internal_chain_origin+0x90/0x240 [ 1302.124793] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1302.124793] ? in_task_stack+0x12c/0x210 [ 1302.124793] ? get_stack_info+0x206/0x220 [ 1302.124793] __msan_chain_origin+0x6d/0xb0 [ 1302.124793] ? unmap_single_vma+0x43f/0x5e0 [ 1302.124793] __save_stack_trace+0x8be/0xc60 [ 1302.124793] ? unmap_single_vma+0x43f/0x5e0 [ 1302.124793] save_stack_trace+0xc6/0x110 [ 1302.124793] kmsan_internal_chain_origin+0x136/0x240 [ 1302.124793] ? irq_exit+0x305/0x340 [ 1302.124793] ? do_exit+0x10f2/0x4070 [ 1302.124793] ? kmsan_internal_chain_origin+0x136/0x240 [ 1302.124793] ? kmsan_memcpy_origins+0x13d/0x190 [ 1302.124793] ? __msan_memcpy+0x6f/0x80 [ 1302.124793] ? pskb_expand_head+0x436/0x1d20 [ 1302.124793] ? skb_shift+0xce2/0x2d10 [ 1302.124793] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] ? tcp_ack+0x2888/0xa010 [ 1302.260768] ? tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] ? tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] ? tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ? ip_local_deliver+0x44b/0x510 [ 1302.260768] ? ip_rcv+0x6b6/0x740 [ 1302.260768] ? process_backlog+0x82b/0x11e0 [ 1302.260768] ? net_rx_action+0x98f/0x1d50 [ 1302.260768] ? __do_softirq+0x721/0xc7f [ 1302.260768] ? irq_exit+0x305/0x340 [ 1302.260768] ? exiting_irq+0xe/0x10 [ 1302.260768] ? smp_apic_timer_interrupt+0x64/0x90 [ 1302.260768] ? apic_timer_interrupt+0xf/0x20 [ 1302.260768] ? kmsan_get_shadow_origin_ptr+0x214/0x410 [ 1302.260768] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1302.260768] ? unmap_page_range+0x1c95/0x3950 [ 1302.260768] ? unmap_single_vma+0x43f/0x5e0 [ 1302.260768] ? unmap_vmas+0x251/0x380 [ 1302.260768] ? exit_mmap+0x51e/0xa10 [ 1302.260768] ? __mmput+0x17a/0x700 [ 1302.260768] ? mmput+0x190/0x210 [ 1302.260768] ? exit_mm+0xa90/0xc70 [ 1302.260768] ? do_exit+0x10f2/0x4070 [ 1302.260768] ? do_group_exit+0x1a7/0x350 [ 1302.260768] ? get_signal+0x11e2/0x2330 [ 1302.260768] ? do_signal+0x1f3/0x2fc0 [ 1302.260768] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1302.260768] ? syscall_return_slowpath+0xed/0x730 [ 1302.260768] ? do_syscall_64+0xf5/0x110 [ 1302.260768] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1302.260768] ? __msan_get_context_state+0x9/0x20 [ 1302.260768] ? INIT_INT+0xc/0x30 [ 1302.260768] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1302.260768] kmsan_memcpy_origins+0x13d/0x190 [ 1302.260768] __msan_memcpy+0x6f/0x80 [ 1302.260768] pskb_expand_head+0x436/0x1d20 [ 1302.260768] skb_shift+0xce2/0x2d10 [ 1302.260768] tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] tcp_ack+0x2888/0xa010 [ 1302.260768] ? tcp_parse_options+0xbe/0x1cf0 [ 1302.260768] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1302.260768] ? tcp_parse_options+0x1c55/0x1cf0 [ 1302.260768] tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] ? __msan_get_context_state+0x9/0x20 [ 1302.260768] tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ? tcp_filter+0x260/0x260 [ 1302.260768] ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ? nf_hook_slow+0x36f/0x3d0 [ 1302.260768] ip_local_deliver+0x44b/0x510 [ 1302.260768] ? ip_local_deliver+0x510/0x510 [ 1302.260768] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1302.260768] ip_rcv+0x6b6/0x740 [ 1302.260768] ? ip_rcv_core+0x1370/0x1370 [ 1302.260768] process_backlog+0x82b/0x11e0 [ 1302.260768] ? ip_local_deliver_finish+0xff0/0xff0 [ 1302.260768] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1302.260768] net_rx_action+0x98f/0x1d50 [ 1302.260768] ? net_tx_action+0xf20/0xf20 [ 1302.260768] __do_softirq+0x721/0xc7f [ 1302.260768] irq_exit+0x305/0x340 [ 1302.260768] exiting_irq+0xe/0x10 [ 1302.260768] smp_apic_timer_interrupt+0x64/0x90 [ 1302.260768] apic_timer_interrupt+0xf/0x20 [ 1302.260768] [ 1302.260768] RIP: 0010:kmsan_get_shadow_origin_ptr+0x214/0x410 [ 1302.260768] Code: 88 ff ff 48 be 00 00 00 00 00 16 00 00 44 89 f8 25 ff 0f 00 00 48 01 f1 48 c1 e9 05 48 bf 00 b0 aa aa aa aa aa aa 48 0f af cf <48> 09 c1 4c 01 c1 0f 84 97 01 00 00 41 81 e7 fc 0f 00 00 48 01 f2 [ 1302.260768] RSP: 0018:ffff8880b032f310 EFLAGS: 00000a07 ORIG_RAX: ffffffffffffff13 [ 1302.260768] RAX: 0000000000000048 RBX: ffffffff8c912000 RCX: 00000000afe2e000 [ 1302.260768] RDX: ffffea00041f5380 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 1302.260768] RBP: ffff8880b032f340 R08: ffff888000000000 R09: ffffffffffffffff [ 1302.260768] R10: 000000ffffffffff R11: 0000000000000000 R12: ffff88813023d048 [ 1302.260768] R13: ffff888118e96388 R14: ffffffff8c911000 R15: ffff8880b023d048 [ 1302.260768] __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1302.260768] unmap_page_range+0x1c95/0x3950 [ 1302.260768] unmap_single_vma+0x43f/0x5e0 [ 1302.260768] unmap_vmas+0x251/0x380 [ 1302.260768] exit_mmap+0x51e/0xa10 [ 1302.260768] ? __khugepaged_exit+0x6b9/0x8b0 [ 1302.260768] __mmput+0x17a/0x700 [ 1302.260768] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1302.260768] mmput+0x190/0x210 [ 1302.260768] exit_mm+0xa90/0xc70 [ 1302.260768] do_exit+0x10f2/0x4070 [ 1302.260768] do_group_exit+0x1a7/0x350 [ 1302.260768] get_signal+0x11e2/0x2330 [ 1302.260768] ? do_signal+0x1dd/0x2fc0 [ 1302.260768] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 1302.260768] do_signal+0x1f3/0x2fc0 [ 1302.260768] ? kmsan_set_origin+0x7f/0x100 [ 1302.260768] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1302.260768] prepare_exit_to_usermode+0x2c9/0x4c0 [ 1302.260768] syscall_return_slowpath+0xed/0x730 [ 1302.260768] do_syscall_64+0xf5/0x110 [ 1302.260768] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1302.260768] RIP: 0033:0x457569 [ 1302.260768] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1302.260768] RSP: 002b:00007f696f06acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1302.260768] RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569 [ 1302.260768] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08 [ 1302.260768] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1302.260768] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c [ 1302.260768] R13: 0000000000a3fb7f R14: 00007f696f06b9c0 R15: 0000000000000000 [ 1302.260768] Uninit was stored to memory at: [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] __msan_chain_origin+0x6d/0xb0 [ 1302.260768] __save_stack_trace+0x8be/0xc60 [ 1302.260768] save_stack_trace+0xc6/0x110 [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] kmsan_memcpy_origins+0x13d/0x190 [ 1302.260768] __msan_memcpy+0x6f/0x80 [ 1302.260768] pskb_expand_head+0x436/0x1d20 [ 1302.260768] skb_shift+0xce2/0x2d10 [ 1302.260768] tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] tcp_ack+0x2888/0xa010 [ 1302.260768] tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ip_local_deliver+0x44b/0x510 [ 1302.260768] ip_rcv+0x6b6/0x740 [ 1302.260768] process_backlog+0x82b/0x11e0 [ 1302.260768] net_rx_action+0x98f/0x1d50 [ 1302.260768] __do_softirq+0x721/0xc7f [ 1302.260768] [ 1302.260768] Uninit was stored to memory at: [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] __msan_chain_origin+0x6d/0xb0 [ 1302.260768] __save_stack_trace+0x8be/0xc60 [ 1302.260768] save_stack_trace+0xc6/0x110 [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] kmsan_memcpy_origins+0x13d/0x190 [ 1302.260768] __msan_memcpy+0x6f/0x80 [ 1302.260768] pskb_expand_head+0x436/0x1d20 [ 1302.260768] skb_shift+0xce2/0x2d10 [ 1302.260768] tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] tcp_ack+0x2888/0xa010 [ 1302.260768] tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ip_local_deliver+0x44b/0x510 [ 1302.260768] ip_rcv+0x6b6/0x740 [ 1302.260768] process_backlog+0x82b/0x11e0 [ 1302.260768] net_rx_action+0x98f/0x1d50 [ 1302.260768] __do_softirq+0x721/0xc7f [ 1302.260768] [ 1302.260768] Uninit was stored to memory at: [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] __msan_chain_origin+0x6d/0xb0 [ 1302.260768] __save_stack_trace+0x8be/0xc60 [ 1302.260768] save_stack_trace+0xc6/0x110 [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] kmsan_memcpy_origins+0x13d/0x190 [ 1302.260768] __msan_memcpy+0x6f/0x80 [ 1302.260768] pskb_expand_head+0x436/0x1d20 [ 1302.260768] skb_shift+0xce2/0x2d10 [ 1302.260768] tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] tcp_ack+0x2888/0xa010 [ 1302.260768] tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ip_local_deliver+0x44b/0x510 [ 1302.260768] ip_rcv+0x6b6/0x740 [ 1302.260768] process_backlog+0x82b/0x11e0 [ 1302.260768] net_rx_action+0x98f/0x1d50 [ 1302.260768] __do_softirq+0x721/0xc7f [ 1302.260768] [ 1302.260768] Uninit was stored to memory at: [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] __msan_chain_origin+0x6d/0xb0 [ 1302.260768] __save_stack_trace+0x8be/0xc60 [ 1302.260768] save_stack_trace+0xc6/0x110 [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] kmsan_memcpy_origins+0x13d/0x190 [ 1302.260768] __msan_memcpy+0x6f/0x80 [ 1302.260768] pskb_expand_head+0x436/0x1d20 [ 1302.260768] skb_shift+0xce2/0x2d10 [ 1302.260768] tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] tcp_ack+0x2888/0xa010 [ 1302.260768] tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ip_local_deliver+0x44b/0x510 [ 1302.260768] ip_rcv+0x6b6/0x740 [ 1302.260768] process_backlog+0x82b/0x11e0 [ 1302.260768] net_rx_action+0x98f/0x1d50 [ 1302.260768] __do_softirq+0x721/0xc7f [ 1302.260768] [ 1302.260768] Uninit was stored to memory at: [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] __msan_chain_origin+0x6d/0xb0 [ 1302.260768] __save_stack_trace+0x8be/0xc60 [ 1302.260768] save_stack_trace+0xc6/0x110 [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] kmsan_memcpy_origins+0x13d/0x190 [ 1302.260768] __msan_memcpy+0x6f/0x80 [ 1302.260768] pskb_expand_head+0x436/0x1d20 [ 1302.260768] skb_shift+0xce2/0x2d10 [ 1302.260768] tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] tcp_ack+0x2888/0xa010 [ 1302.260768] tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ip_local_deliver+0x44b/0x510 [ 1302.260768] ip_rcv+0x6b6/0x740 [ 1302.260768] process_backlog+0x82b/0x11e0 [ 1302.260768] net_rx_action+0x98f/0x1d50 [ 1302.260768] __do_softirq+0x721/0xc7f [ 1302.260768] [ 1302.260768] Uninit was stored to memory at: [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] __msan_chain_origin+0x6d/0xb0 [ 1302.260768] __save_stack_trace+0x8be/0xc60 [ 1302.260768] save_stack_trace+0xc6/0x110 [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] kmsan_memcpy_origins+0x13d/0x190 [ 1302.260768] __msan_memcpy+0x6f/0x80 [ 1302.260768] pskb_expand_head+0x436/0x1d20 [ 1302.260768] skb_shift+0xce2/0x2d10 [ 1302.260768] tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] tcp_ack+0x2888/0xa010 [ 1302.260768] tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ip_local_deliver+0x44b/0x510 [ 1302.260768] ip_rcv+0x6b6/0x740 [ 1302.260768] process_backlog+0x82b/0x11e0 [ 1302.260768] net_rx_action+0x98f/0x1d50 [ 1302.260768] __do_softirq+0x721/0xc7f [ 1302.260768] [ 1302.260768] Uninit was stored to memory at: [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] __msan_chain_origin+0x6d/0xb0 [ 1302.260768] __save_stack_trace+0x8be/0xc60 [ 1302.260768] save_stack_trace+0xc6/0x110 [ 1302.260768] kmsan_internal_chain_origin+0x136/0x240 [ 1302.260768] kmsan_memcpy_origins+0x13d/0x190 [ 1302.260768] __msan_memcpy+0x6f/0x80 [ 1302.260768] pskb_expand_head+0x436/0x1d20 [ 1302.260768] skb_shift+0xce2/0x2d10 [ 1302.260768] tcp_sacktag_walk+0x2156/0x29d0 [ 1302.260768] tcp_sacktag_write_queue+0x2805/0x4630 [ 1302.260768] tcp_ack+0x2888/0xa010 [ 1302.260768] tcp_rcv_established+0xf7e/0x2940 [ 1302.260768] tcp_v4_do_rcv+0x686/0xd80 [ 1302.260768] tcp_v4_rcv+0x5a13/0x6520 [ 1302.260768] ip_local_deliver_finish+0x8d8/0xff0 [ 1302.260768] ip_local_deliver+0x44b/0x510 [ 1302.260768] ip_rcv+0x6b6/0x740 [ 1302.260768] process_backlog+0x82b/0x11e0 [ 1302.260768] net_rx_action+0x98f/0x1d50 [ 1302.260768] __do_softirq+0x721/0xc7f [ 1302.260768] [ 1302.260768] Local variable description: ----cputime.i@run_posix_cpu_timers [ 1302.260768] Variable was created at: [ 1302.260768] run_posix_cpu_timers+0x7c/0x4720 [ 1302.260768] update_process_times+0x1b0/0x1e0 [ 1303.504006] not chained 5920000 origins [ 1303.508044] CPU: 0 PID: 6762 Comm: syz-fuzzer Not tainted 4.20.0-rc2+ #85 [ 1303.511660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1303.517428] Call Trace: [ 1303.517428] [ 1303.517428] dump_stack+0x32d/0x480 [ 1303.517428] kmsan_internal_chain_origin+0x222/0x240 [ 1303.517428] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1303.517428] ? __module_address+0x6a/0x5f0 [ 1303.517428] ? is_bpf_text_address+0x3e5/0x4d0 [ 1303.517428] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1303.517428] ? is_bpf_text_address+0x49e/0x4d0 [ 1303.517428] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1303.517428] ? __module_address+0x6a/0x5f0 [ 1303.517428] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1303.517428] ? is_bpf_text_address+0x49e/0x4d0 [ 1303.517428] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1303.517428] __msan_chain_origin+0x6d/0xb0 [ 1303.517428] ? tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] __save_stack_trace+0x8be/0xc60 [ 1303.517428] ? tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] save_stack_trace+0xc6/0x110 [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] ? irq_exit+0x305/0x340 [ 1303.517428] ? kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] ? kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] ? __msan_memcpy+0x6f/0x80 [ 1303.517428] ? pskb_expand_head+0x436/0x1d20 [ 1303.517428] ? skb_shift+0xfc3/0x2d10 [ 1303.517428] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] ? tcp_ack+0x2888/0xa010 [ 1303.517428] ? tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] ? tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] ? tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ? ip_local_deliver+0x44b/0x510 [ 1303.517428] ? ip_rcv+0x6b6/0x740 [ 1303.517428] ? process_backlog+0x82b/0x11e0 [ 1303.517428] ? net_rx_action+0x98f/0x1d50 [ 1303.517428] ? __do_softirq+0x721/0xc7f [ 1303.517428] ? irq_exit+0x305/0x340 [ 1303.517428] ? exiting_irq+0xe/0x10 [ 1303.517428] ? smp_apic_timer_interrupt+0x64/0x90 [ 1303.517428] ? apic_timer_interrupt+0xf/0x20 [ 1303.517428] ? finish_lock_switch+0x2b/0x40 [ 1303.517428] ? finish_task_switch+0x17e/0x410 [ 1303.517428] ? __schedule+0x8a8/0xa60 [ 1303.517428] ? schedule+0x1db/0x320 [ 1303.517428] ? prepare_exit_to_usermode+0x222/0x4c0 [ 1303.517428] ? syscall_return_slowpath+0xed/0x730 [ 1303.517428] ? do_syscall_64+0xf5/0x110 [ 1303.517428] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1303.517428] ? __msan_get_context_state+0x9/0x20 [ 1303.517428] ? INIT_INT+0xc/0x30 [ 1303.517428] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1303.517428] kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] __msan_memcpy+0x6f/0x80 [ 1303.517428] pskb_expand_head+0x436/0x1d20 [ 1303.517428] skb_shift+0xfc3/0x2d10 [ 1303.517428] tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] tcp_ack+0x2888/0xa010 [ 1303.517428] ? tcp_parse_options+0xbe/0x1cf0 [ 1303.517428] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1303.517428] ? tcp_parse_options+0x1c55/0x1cf0 [ 1303.517428] tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] ? __msan_get_context_state+0x9/0x20 [ 1303.517428] tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ? tcp_filter+0x260/0x260 [ 1303.517428] ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ? nf_hook_slow+0x36f/0x3d0 [ 1303.517428] ip_local_deliver+0x44b/0x510 [ 1303.517428] ? ip_local_deliver+0x510/0x510 [ 1303.517428] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1303.517428] ip_rcv+0x6b6/0x740 [ 1303.517428] ? ip_rcv_core+0x1370/0x1370 [ 1303.517428] process_backlog+0x82b/0x11e0 [ 1303.517428] ? ip_local_deliver_finish+0xff0/0xff0 [ 1303.517428] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1303.517428] net_rx_action+0x98f/0x1d50 [ 1303.517428] ? net_tx_action+0xf20/0xf20 [ 1303.517428] __do_softirq+0x721/0xc7f [ 1303.517428] irq_exit+0x305/0x340 [ 1303.517428] exiting_irq+0xe/0x10 [ 1303.517428] smp_apic_timer_interrupt+0x64/0x90 [ 1303.517428] apic_timer_interrupt+0xf/0x20 [ 1303.517428] [ 1303.517428] RIP: 0010:finish_lock_switch+0x2b/0x40 [ 1303.517428] Code: 48 89 e5 53 48 89 fb e8 03 ed 9b 00 8b b8 88 0c 00 00 48 8b 00 48 85 c0 75 12 48 89 df e8 6d e2 9b 00 c6 00 00 c6 03 00 fb 5b <5d> c3 e8 1e ec 9b 00 eb e7 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 [ 1303.517428] RSP: 0018:ffff88819e10fce8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 1303.517428] RAX: ffff8881dc1b8b80 RBX: ffff88815ebd3c00 RCX: ffff8881dc1b8b80 [ 1303.517428] RDX: ffff8881dc1b9b80 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 1303.517428] RBP: ffff88819e10fce8 R08: ffff888000000000 R09: 0000000000000002 [ 1303.517428] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881b6239e00 [ 1303.517428] R13: ffff88821fcb8510 R14: ffff8881b623a788 R15: ffff88821fcb7b80 [ 1303.517428] finish_task_switch+0x17e/0x410 [ 1303.517428] __schedule+0x8a8/0xa60 [ 1303.517428] schedule+0x1db/0x320 [ 1303.517428] prepare_exit_to_usermode+0x222/0x4c0 [ 1303.517428] syscall_return_slowpath+0xed/0x730 [ 1303.517428] do_syscall_64+0xf5/0x110 [ 1303.517428] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1303.517428] RIP: 0033:0x7ffd76dcaa02 [ 1303.517428] Code: 89 04 24 ff c1 49 81 f8 ff c9 9a 3b 77 ea 89 c9 eb 02 31 c9 48 01 ca 48 89 16 4c 89 46 08 48 83 c4 08 c3 b8 e4 00 00 00 0f 05 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 56 53 49 [ 1303.517428] RSP: 002b:000000c42e9a5648 EFLAGS: 00000297 ORIG_RAX: 00000000000000e4 [ 1303.517428] RAX: 0000000000000000 RBX: 00007f8465b86f40 RCX: 00007ffd76dcaa02 [ 1303.517428] RDX: 00007f8465b86ef8 RSI: 000000c42e9a5650 RDI: 0000000000000001 [ 1303.517428] RBP: 000000c42e9a5660 R08: 0000000000000000 R09: 00007ffd76dc70b8 [ 1303.517428] R10: 000000000002b4ec R11: 0000000000000297 R12: 0000000000000000 [ 1303.517428] R13: 00000000000000f2 R14: 0000000000000032 R15: 0000000000000002 [ 1303.517428] Uninit was stored to memory at: [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] __msan_chain_origin+0x6d/0xb0 [ 1303.517428] __save_stack_trace+0x8be/0xc60 [ 1303.517428] save_stack_trace+0xc6/0x110 [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] __msan_memcpy+0x6f/0x80 [ 1303.517428] pskb_expand_head+0x436/0x1d20 [ 1303.517428] skb_shift+0xce2/0x2d10 [ 1303.517428] tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] tcp_ack+0x2888/0xa010 [ 1303.517428] tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ip_local_deliver+0x44b/0x510 [ 1303.517428] ip_rcv+0x6b6/0x740 [ 1303.517428] process_backlog+0x82b/0x11e0 [ 1303.517428] net_rx_action+0x98f/0x1d50 [ 1303.517428] __do_softirq+0x721/0xc7f [ 1303.517428] [ 1303.517428] Uninit was stored to memory at: [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] __msan_chain_origin+0x6d/0xb0 [ 1303.517428] __save_stack_trace+0x8be/0xc60 [ 1303.517428] save_stack_trace+0xc6/0x110 [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] __msan_memcpy+0x6f/0x80 [ 1303.517428] pskb_expand_head+0x436/0x1d20 [ 1303.517428] skb_shift+0xce2/0x2d10 [ 1303.517428] tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] tcp_ack+0x2888/0xa010 [ 1303.517428] tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ip_local_deliver+0x44b/0x510 [ 1303.517428] ip_rcv+0x6b6/0x740 [ 1303.517428] process_backlog+0x82b/0x11e0 [ 1303.517428] net_rx_action+0x98f/0x1d50 [ 1303.517428] __do_softirq+0x721/0xc7f [ 1303.517428] [ 1303.517428] Uninit was stored to memory at: [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] __msan_chain_origin+0x6d/0xb0 [ 1303.517428] __save_stack_trace+0x8be/0xc60 [ 1303.517428] save_stack_trace+0xc6/0x110 [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] __msan_memcpy+0x6f/0x80 [ 1303.517428] pskb_expand_head+0x436/0x1d20 [ 1303.517428] skb_shift+0xce2/0x2d10 [ 1303.517428] tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] tcp_ack+0x2888/0xa010 [ 1303.517428] tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ip_local_deliver+0x44b/0x510 [ 1303.517428] ip_rcv+0x6b6/0x740 [ 1303.517428] process_backlog+0x82b/0x11e0 [ 1303.517428] net_rx_action+0x98f/0x1d50 [ 1303.517428] __do_softirq+0x721/0xc7f [ 1303.517428] [ 1303.517428] Uninit was stored to memory at: [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] __msan_chain_origin+0x6d/0xb0 [ 1303.517428] __save_stack_trace+0x8be/0xc60 [ 1303.517428] save_stack_trace+0xc6/0x110 [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] __msan_memcpy+0x6f/0x80 [ 1303.517428] pskb_expand_head+0x436/0x1d20 [ 1303.517428] skb_shift+0xce2/0x2d10 [ 1303.517428] tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] tcp_ack+0x2888/0xa010 [ 1303.517428] tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ip_local_deliver+0x44b/0x510 [ 1303.517428] ip_rcv+0x6b6/0x740 [ 1303.517428] process_backlog+0x82b/0x11e0 [ 1303.517428] net_rx_action+0x98f/0x1d50 [ 1303.517428] __do_softirq+0x721/0xc7f [ 1303.517428] [ 1303.517428] Uninit was stored to memory at: [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] __msan_chain_origin+0x6d/0xb0 [ 1303.517428] __save_stack_trace+0x8be/0xc60 [ 1303.517428] save_stack_trace+0xc6/0x110 [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] __msan_memcpy+0x6f/0x80 [ 1303.517428] pskb_expand_head+0x436/0x1d20 [ 1303.517428] skb_shift+0xce2/0x2d10 [ 1303.517428] tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] tcp_ack+0x2888/0xa010 [ 1303.517428] tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ip_local_deliver+0x44b/0x510 [ 1303.517428] ip_rcv+0x6b6/0x740 [ 1303.517428] process_backlog+0x82b/0x11e0 [ 1303.517428] net_rx_action+0x98f/0x1d50 [ 1303.517428] __do_softirq+0x721/0xc7f [ 1303.517428] [ 1303.517428] Uninit was stored to memory at: [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] __msan_chain_origin+0x6d/0xb0 [ 1303.517428] __save_stack_trace+0x8be/0xc60 [ 1303.517428] save_stack_trace+0xc6/0x110 [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] __msan_memcpy+0x6f/0x80 [ 1303.517428] pskb_expand_head+0x436/0x1d20 [ 1303.517428] skb_shift+0xce2/0x2d10 [ 1303.517428] tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] tcp_ack+0x2888/0xa010 [ 1303.517428] tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ip_local_deliver+0x44b/0x510 [ 1303.517428] ip_rcv+0x6b6/0x740 [ 1303.517428] process_backlog+0x82b/0x11e0 [ 1303.517428] net_rx_action+0x98f/0x1d50 [ 1303.517428] __do_softirq+0x721/0xc7f [ 1303.517428] [ 1303.517428] Uninit was stored to memory at: [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] __msan_chain_origin+0x6d/0xb0 [ 1303.517428] __save_stack_trace+0x8be/0xc60 [ 1303.517428] save_stack_trace+0xc6/0x110 [ 1303.517428] kmsan_internal_chain_origin+0x136/0x240 [ 1303.517428] kmsan_memcpy_origins+0x13d/0x190 [ 1303.517428] __msan_memcpy+0x6f/0x80 [ 1303.517428] pskb_expand_head+0x436/0x1d20 [ 1303.517428] skb_shift+0xce2/0x2d10 [ 1303.517428] tcp_sacktag_walk+0x2156/0x29d0 [ 1303.517428] tcp_sacktag_write_queue+0x2805/0x4630 [ 1303.517428] tcp_ack+0x2888/0xa010 [ 1303.517428] tcp_rcv_established+0xf7e/0x2940 [ 1303.517428] tcp_v4_do_rcv+0x686/0xd80 [ 1303.517428] tcp_v4_rcv+0x5a13/0x6520 [ 1303.517428] ip_local_deliver_finish+0x8d8/0xff0 [ 1303.517428] ip_local_deliver+0x44b/0x510 [ 1303.517428] ip_rcv+0x6b6/0x740 [ 1303.517428] process_backlog+0x82b/0x11e0 [ 1303.517428] net_rx_action+0x98f/0x1d50 [ 1303.517428] __do_softirq+0x721/0xc7f [ 1303.517428] [ 1303.517428] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1303.517428] Variable was created at: [ 1303.517428] ipv4_conntrack_local+0x75/0x470 [ 1303.517428] nf_hook_slow+0x15c/0x3d0 14:19:01 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmmsg(r3, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:01 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x2, 0x204000) bind$rds(r0, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:19:01 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x4000, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000000c0)) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="3c15e1a61c4c2527a050c7d0a673f37ec2cf1b16bfffe5283bd30a33fe9fcad25252b2d85b55634bb03bba69513dc7c29ac8cac0b8680f78cde8ed360c576ebf992bfda484112f876930b5d56aa60f79f1d7de6c743ab495fb82ff058b1c532a541b8d095e5135a65c45b49a1ea3ad041fbd2362901f0c1b3d657e08470b52ced5929f84cb17a74824e270ed05a778a92094f65e31429b711a4d190ee2348bbc6d8c0267c8987f1264238aa3365a49c5dd6ed4c4136407ec8b69e9b6be8663d4490f70dce5aa7302ae70913683bca1baf408ac3e693297854bd2aac1d14f96021491228c8114208c402292bcc21fc9fd6757e93478afab477d5653858d741e8f0b190faddbec8157ecc733fb0a2a8e000cc5091d715a0e0892cdd7f3ed73c38be7f32b5dcb61b9fe9f7b43ef213622232fd3af601cc223be8cf7ffb2b4d1befe780ddf"], 0x1, 0x100000000000) r3 = syz_genetlink_get_family_id$team(&(0x7f00000003c0)='team\x00') getsockname(r2, &(0x7f0000000400)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000000480)=0x80) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000004c0)={0x0, @multicast1, @multicast1}, &(0x7f0000000500)=0xc) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000580)={@local, @rand_addr, 0x0}, &(0x7f00000005c0)=0xc) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000680)={'vcan0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000006c0)={{{@in6=@ipv4={[], [], @dev}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000007c0)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', 0x0}) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000840)={0x0, @multicast2, @loopback}, &(0x7f0000000880)=0xc) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000008c0)={0x0, @broadcast, @rand_addr}, &(0x7f0000000900)=0xc) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000a00)={{{@in6, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000b00)=0xe8) getsockopt$inet6_mreq(r2, 0x29, 0x1f, &(0x7f0000000c80)={@ipv4={[], [], @broadcast}, 0x0}, &(0x7f0000000cc0)=0x14) accept4(r2, &(0x7f0000000e80)=@can={0x1d, 0x0}, &(0x7f0000000f00)=0x80, 0x0) accept$packet(r2, &(0x7f0000000f40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000f80)=0x14) accept4(r2, &(0x7f0000000fc0)=@hci={0x1f, 0x0}, &(0x7f0000001040)=0x80, 0x80800) getsockname$packet(r2, &(0x7f0000001080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000010c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000001100)={'vcan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001280)={'veth0_to_bond\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f00000018c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0xd10c863cc3e32e2d}, 0xc, &(0x7f0000001880)={&(0x7f00000012c0)={0x59c, r3, 0x200, 0x70bd28, 0x25dfdbff, {}, [{{0x8, 0x1, r4}, {0x168, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r6}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0xc, 0x4, [{0xeaca, 0x6, 0x2, 0xc73}]}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r7}}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0x50, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r9}, {0x80, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r10}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x6}}, {0x8}}}]}}, {{0x8, 0x1, r11}, {0x268, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x81}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r13}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r14}}, {0x8}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r15}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffff9}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r16}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffff7}}}]}}, {{0x8, 0x1, r17}, {0xc0, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r18}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r19}}, {0x8}}}]}}]}, 0x59c}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) 14:19:01 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) r1 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) ioctl$DRM_IOCTL_AGP_ACQUIRE(r1, 0x6430) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xfffffdf6) pipe(&(0x7f0000000000)) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:19:02 executing program 4: syz_execute_func(&(0x7f0000000280)="3666440f50f564ff0941c366440f56c9c4c27d794e0066420fe2e3f347aac442019dccd3196f") r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x1, 0x0) r1 = dup(r0) write$P9_RATTACH(r1, &(0x7f0000000000)={0x14}, 0x14) [ 1305.256014] not chained 5930000 origins [ 1305.260069] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1305.261672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1305.261672] Call Trace: [ 1305.261672] dump_stack+0x32d/0x480 [ 1305.261672] ? save_stack_trace+0xc6/0x110 [ 1305.261672] kmsan_internal_chain_origin+0x222/0x240 [ 1305.261672] ? kmsan_internal_chain_origin+0x136/0x240 [ 1305.261672] ? __msan_chain_origin+0x6d/0xb0 [ 1305.261672] ? __save_stack_trace+0x8be/0xc60 14:19:02 executing program 4: mlock(&(0x7f0000fec000/0x13000)=nil, 0x13000) munlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000) [ 1305.261672] ? save_stack_trace+0xc6/0x110 [ 1305.261672] ? kmsan_internal_chain_origin+0x136/0x240 [ 1305.261672] ? kmsan_memcpy_origins+0x13d/0x190 [ 1305.261672] ? __msan_memcpy+0x6f/0x80 [ 1305.261672] ? pskb_expand_head+0x436/0x1d20 [ 1305.261672] ? skb_shift+0xce2/0x2d10 [ 1305.261672] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1305.334270] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1305.334270] ? tcp_ack+0x2888/0xa010 [ 1305.334270] ? tcp_rcv_established+0xf7e/0x2940 [ 1305.334270] ? tcp_v4_do_rcv+0x686/0xd80 [ 1305.334270] ? tcp_v4_rcv+0x5a13/0x6520 [ 1305.334270] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1305.334270] ? ip_local_deliver+0x44b/0x510 [ 1305.365242] ? ip_rcv+0x6b6/0x740 [ 1305.365242] ? process_backlog+0x82b/0x11e0 [ 1305.365242] ? net_rx_action+0x98f/0x1d50 [ 1305.365242] ? __do_softirq+0x721/0xc7f [ 1305.365242] ? run_ksoftirqd+0x37/0x60 [ 1305.365242] ? smpboot_thread_fn+0x69c/0xb30 [ 1305.365242] ? kthread+0x5e7/0x620 [ 1305.365242] ? ret_from_fork+0x35/0x40 [ 1305.365242] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1305.365242] ? in_task_stack+0x12c/0x210 [ 1305.365242] ? task_kmsan_context_state+0x51/0x90 [ 1305.365242] ? __msan_get_context_state+0x9/0x20 [ 1305.365242] ? __kernel_text_address+0x19/0x350 [ 1305.365242] ? ret_from_fork+0x35/0x40 [ 1305.365242] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1305.365242] ? in_task_stack+0x12c/0x210 [ 1305.365242] __msan_chain_origin+0x6d/0xb0 [ 1305.365242] ? tcp_ack+0x2888/0xa010 [ 1305.365242] __save_stack_trace+0x8be/0xc60 [ 1305.365242] ? tcp_ack+0x2888/0xa010 [ 1305.365242] save_stack_trace+0xc6/0x110 [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] ? run_ksoftirqd+0x37/0x60 [ 1305.365242] ? kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] ? kmsan_memcpy_origins+0x13d/0x190 [ 1305.365242] ? __msan_memcpy+0x6f/0x80 [ 1305.365242] ? pskb_expand_head+0x436/0x1d20 [ 1305.365242] ? skb_shift+0xce2/0x2d10 [ 1305.365242] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1305.365242] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1305.365242] ? tcp_ack+0x2888/0xa010 [ 1305.365242] ? tcp_rcv_established+0xf7e/0x2940 [ 1305.365242] ? tcp_v4_do_rcv+0x686/0xd80 [ 1305.365242] ? tcp_v4_rcv+0x5a13/0x6520 [ 1305.365242] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1305.365242] ? ip_local_deliver+0x44b/0x510 [ 1305.365242] ? ip_rcv+0x6b6/0x740 [ 1305.365242] ? process_backlog+0x82b/0x11e0 [ 1305.365242] ? net_rx_action+0x98f/0x1d50 [ 1305.365242] ? __do_softirq+0x721/0xc7f [ 1305.365242] ? run_ksoftirqd+0x37/0x60 [ 1305.365242] ? smpboot_thread_fn+0x69c/0xb30 [ 1305.365242] ? kthread+0x5e7/0x620 [ 1305.365242] ? ret_from_fork+0x35/0x40 14:19:02 executing program 1: syz_execute_func(&(0x7f0000000280)="3666440f50f564ff0941c366440f56c9c4c27d794e0066420fe2e3f347aac442019dccd3196f") r0 = epoll_create(0x80) r1 = dup(r0) write$P9_RGETLOCK(r1, &(0x7f0000000100)=ANY=[], 0x0) [ 1305.365242] ? __msan_get_context_state+0x9/0x20 [ 1305.365242] ? INIT_INT+0xc/0x30 [ 1305.365242] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1305.365242] kmsan_memcpy_origins+0x13d/0x190 [ 1305.365242] __msan_memcpy+0x6f/0x80 [ 1305.365242] pskb_expand_head+0x436/0x1d20 [ 1305.365242] skb_shift+0xce2/0x2d10 [ 1305.365242] tcp_sacktag_walk+0x2156/0x29d0 [ 1305.365242] tcp_sacktag_write_queue+0x2805/0x4630 [ 1305.365242] tcp_ack+0x2888/0xa010 [ 1305.365242] ? tcp_parse_options+0xbe/0x1cf0 14:19:02 executing program 4: syz_execute_func(&(0x7f0000000280)="3666440f50f564ff0941c366440f56c9c4c27d794e0066420fe2e3f347aac442019dccd3196f") r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x1, 0x0) r1 = dup(r0) write$P9_RFLUSH(r1, &(0x7f0000000000)={0x7}, 0x7) [ 1305.365242] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1305.365242] ? tcp_parse_options+0x1c55/0x1cf0 [ 1305.365242] tcp_rcv_established+0xf7e/0x2940 [ 1305.365242] ? __msan_get_context_state+0x9/0x20 [ 1305.365242] tcp_v4_do_rcv+0x686/0xd80 [ 1305.365242] tcp_v4_rcv+0x5a13/0x6520 [ 1305.365242] ? tcp_filter+0x260/0x260 [ 1305.365242] ip_local_deliver_finish+0x8d8/0xff0 [ 1305.365242] ? nf_hook_slow+0x36f/0x3d0 [ 1305.365242] ip_local_deliver+0x44b/0x510 [ 1305.365242] ? ip_local_deliver+0x510/0x510 [ 1305.365242] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1305.365242] ip_rcv+0x6b6/0x740 [ 1305.365242] ? ip_rcv_core+0x1370/0x1370 [ 1305.365242] process_backlog+0x82b/0x11e0 [ 1305.365242] ? __msan_poison_alloca+0x1e0/0x270 [ 1305.365242] ? ip_local_deliver_finish+0xff0/0xff0 [ 1305.365242] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1305.365242] net_rx_action+0x98f/0x1d50 [ 1305.365242] ? net_tx_action+0xf20/0xf20 [ 1305.365242] __do_softirq+0x721/0xc7f [ 1305.365242] ? ksoftirqd_should_run+0x50/0x50 [ 1305.365242] run_ksoftirqd+0x37/0x60 [ 1305.365242] smpboot_thread_fn+0x69c/0xb30 [ 1305.365242] kthread+0x5e7/0x620 [ 1305.365242] ? cpu_report_death+0x4a0/0x4a0 [ 1305.365242] ? INIT_BOOL+0x30/0x30 [ 1305.365242] ret_from_fork+0x35/0x40 [ 1305.365242] Uninit was stored to memory at: [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] __msan_chain_origin+0x6d/0xb0 [ 1305.365242] __save_stack_trace+0x8be/0xc60 [ 1305.365242] save_stack_trace+0xc6/0x110 [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] kmsan_memcpy_origins+0x13d/0x190 [ 1305.365242] __msan_memcpy+0x6f/0x80 [ 1305.365242] pskb_expand_head+0x436/0x1d20 [ 1305.365242] skb_shift+0xce2/0x2d10 [ 1305.365242] tcp_sacktag_walk+0x2156/0x29d0 [ 1305.365242] tcp_sacktag_write_queue+0x2805/0x4630 [ 1305.365242] tcp_ack+0x2888/0xa010 [ 1305.365242] tcp_rcv_established+0xf7e/0x2940 [ 1305.365242] tcp_v4_do_rcv+0x686/0xd80 [ 1305.365242] tcp_v4_rcv+0x5a13/0x6520 [ 1305.365242] ip_local_deliver_finish+0x8d8/0xff0 [ 1305.365242] ip_local_deliver+0x44b/0x510 [ 1305.365242] ip_rcv+0x6b6/0x740 [ 1305.365242] process_backlog+0x82b/0x11e0 14:19:02 executing program 4: clone(0x3102001fff, 0x0, 0xfffffffffffffffe, &(0x7f00000003c0), 0xffffffffffffffff) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) read(r0, &(0x7f0000000040)=""/11, 0xb) r1 = epoll_create1(0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000380)=0x404100000001, 0xfe3f) connect$inet6(r2, &(0x7f0000000080), 0x1c) r3 = dup2(r2, r2) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x132441) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000002380), 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ZERO(r3, 0x0, 0x48f, &(0x7f0000000040)={0x0, @loopback, 0x0, 0x0, 'lblc\x00'}, 0x2c) r4 = syz_open_pts(r0, 0x0) accept(r2, &(0x7f0000000280)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000000)=0x80) dup2(r1, r4) [ 1305.365242] net_rx_action+0x98f/0x1d50 [ 1305.365242] __do_softirq+0x721/0xc7f [ 1305.365242] [ 1305.365242] Uninit was stored to memory at: [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] __msan_chain_origin+0x6d/0xb0 [ 1305.365242] __save_stack_trace+0x8be/0xc60 [ 1305.365242] save_stack_trace+0xc6/0x110 [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] kmsan_memcpy_origins+0x13d/0x190 [ 1305.365242] __msan_memcpy+0x6f/0x80 [ 1305.365242] pskb_expand_head+0x436/0x1d20 [ 1305.365242] skb_shift+0xce2/0x2d10 [ 1305.365242] tcp_sacktag_walk+0x2156/0x29d0 [ 1305.365242] tcp_sacktag_write_queue+0x2805/0x4630 [ 1305.365242] tcp_ack+0x2888/0xa010 [ 1305.365242] tcp_rcv_established+0xf7e/0x2940 [ 1305.365242] tcp_v4_do_rcv+0x686/0xd80 [ 1305.365242] tcp_v4_rcv+0x5a13/0x6520 [ 1305.365242] ip_local_deliver_finish+0x8d8/0xff0 [ 1305.365242] ip_local_deliver+0x44b/0x510 [ 1305.365242] ip_rcv+0x6b6/0x740 [ 1305.365242] process_backlog+0x82b/0x11e0 [ 1305.365242] net_rx_action+0x98f/0x1d50 [ 1305.365242] __do_softirq+0x721/0xc7f [ 1305.365242] [ 1305.365242] Uninit was stored to memory at: [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] __msan_chain_origin+0x6d/0xb0 [ 1305.365242] __save_stack_trace+0x8be/0xc60 [ 1305.365242] save_stack_trace+0xc6/0x110 [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] kmsan_memcpy_origins+0x13d/0x190 [ 1305.365242] __msan_memcpy+0x6f/0x80 [ 1305.365242] pskb_expand_head+0x436/0x1d20 [ 1305.365242] skb_shift+0xce2/0x2d10 14:19:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x1) connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @mcast1, 0xfe}, 0xfffffffffffffe88) mlockall(0x1) clone(0x800000000, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2340000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x4) ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000640)) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x7fffffff) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8228}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x50, r3, 0x9, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xff}, @IPVS_CMD_ATTR_SERVICE={0x10, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x12, 0x1}}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x3d}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4040) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000240)={0x0, 0xc000000000000000, 0x0, 0x5, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x7}) ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f00000000c0)={0x5a, &(0x7f0000000280)=""/90}) [ 1305.365242] tcp_sacktag_walk+0x2156/0x29d0 [ 1305.365242] tcp_sacktag_write_queue+0x2805/0x4630 [ 1305.365242] tcp_ack+0x2888/0xa010 [ 1305.365242] tcp_rcv_established+0xf7e/0x2940 [ 1305.365242] tcp_v4_do_rcv+0x686/0xd80 [ 1305.365242] tcp_v4_rcv+0x5a13/0x6520 [ 1305.365242] ip_local_deliver_finish+0x8d8/0xff0 [ 1305.365242] ip_local_deliver+0x44b/0x510 [ 1305.365242] ip_rcv+0x6b6/0x740 [ 1305.365242] process_backlog+0x82b/0x11e0 [ 1305.365242] net_rx_action+0x98f/0x1d50 [ 1305.365242] __do_softirq+0x721/0xc7f [ 1305.365242] [ 1305.365242] Uninit was stored to memory at: [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] __msan_chain_origin+0x6d/0xb0 [ 1305.365242] __save_stack_trace+0x8be/0xc60 [ 1305.365242] save_stack_trace+0xc6/0x110 [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] kmsan_memcpy_origins+0x13d/0x190 [ 1305.365242] __msan_memcpy+0x6f/0x80 [ 1305.365242] pskb_expand_head+0x436/0x1d20 [ 1305.365242] skb_shift+0xce2/0x2d10 [ 1305.365242] tcp_sacktag_walk+0x2156/0x29d0 [ 1305.365242] tcp_sacktag_write_queue+0x2805/0x4630 [ 1305.365242] tcp_ack+0x2888/0xa010 [ 1305.365242] tcp_rcv_established+0xf7e/0x2940 [ 1305.365242] tcp_v4_do_rcv+0x686/0xd80 [ 1305.365242] tcp_v4_rcv+0x5a13/0x6520 [ 1305.365242] ip_local_deliver_finish+0x8d8/0xff0 [ 1305.365242] ip_local_deliver+0x44b/0x510 [ 1305.365242] ip_rcv+0x6b6/0x740 [ 1305.365242] process_backlog+0x82b/0x11e0 [ 1305.365242] net_rx_action+0x98f/0x1d50 [ 1305.365242] __do_softirq+0x721/0xc7f [ 1305.365242] [ 1305.365242] Uninit was stored to memory at: [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] __msan_chain_origin+0x6d/0xb0 [ 1305.365242] __save_stack_trace+0x8be/0xc60 [ 1305.365242] save_stack_trace+0xc6/0x110 [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] kmsan_memcpy_origins+0x13d/0x190 [ 1305.365242] __msan_memcpy+0x6f/0x80 [ 1305.365242] pskb_expand_head+0x436/0x1d20 [ 1305.365242] skb_shift+0xce2/0x2d10 [ 1305.365242] tcp_sacktag_walk+0x2156/0x29d0 [ 1305.365242] tcp_sacktag_write_queue+0x2805/0x4630 [ 1305.365242] tcp_ack+0x2888/0xa010 [ 1305.365242] tcp_rcv_established+0xf7e/0x2940 [ 1305.365242] tcp_v4_do_rcv+0x686/0xd80 [ 1305.365242] tcp_v4_rcv+0x5a13/0x6520 [ 1305.365242] ip_local_deliver_finish+0x8d8/0xff0 [ 1305.365242] ip_local_deliver+0x44b/0x510 [ 1305.365242] ip_rcv+0x6b6/0x740 [ 1306.180176] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:0 [ 1305.365242] process_backlog+0x82b/0x11e0 [ 1305.365242] net_rx_action+0x98f/0x1d50 [ 1305.365242] __do_softirq+0x721/0xc7f [ 1305.365242] [ 1305.365242] Uninit was stored to memory at: [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] __msan_chain_origin+0x6d/0xb0 [ 1305.365242] __save_stack_trace+0x8be/0xc60 [ 1305.365242] save_stack_trace+0xc6/0x110 [ 1305.365242] kmsan_internal_chain_origin+0x136/0x240 [ 1305.365242] kmsan_memcpy_origins+0x13d/0x190 [ 1305.365242] __msan_memcpy+0x6f/0x80 [ 1305.365242] pskb_expand_head+0x436/0x1d20 [ 1305.365242] skb_shift+0xce2/0x2d10 [ 1306.191666] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.191666] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.191666] tcp_ack+0x2888/0xa010 [ 1306.191666] tcp_rcv_established+0xf7e/0x2940 [ 1306.191666] tcp_v4_do_rcv+0x686/0xd80 [ 1306.191666] tcp_v4_rcv+0x5a13/0x6520 [ 1306.191666] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.191666] ip_local_deliver+0x44b/0x510 [ 1306.191666] ip_rcv+0x6b6/0x740 [ 1306.191666] process_backlog+0x82b/0x11e0 [ 1306.191666] net_rx_action+0x98f/0x1d50 [ 1306.191666] __do_softirq+0x721/0xc7f [ 1306.191666] [ 1306.191666] Uninit was stored to memory at: [ 1306.191666] kmsan_internal_chain_origin+0x136/0x240 [ 1306.191666] __msan_chain_origin+0x6d/0xb0 [ 1306.191666] __save_stack_trace+0x8be/0xc60 [ 1306.191666] save_stack_trace+0xc6/0x110 [ 1306.191666] kmsan_internal_chain_origin+0x136/0x240 [ 1306.191666] kmsan_memcpy_origins+0x13d/0x190 [ 1306.191666] __msan_memcpy+0x6f/0x80 [ 1306.191666] pskb_expand_head+0x436/0x1d20 [ 1306.191666] skb_shift+0xce2/0x2d10 [ 1306.191666] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.191666] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.346563] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:0 [ 1306.191666] tcp_ack+0x2888/0xa010 [ 1306.191666] tcp_rcv_established+0xf7e/0x2940 [ 1306.191666] tcp_v4_do_rcv+0x686/0xd80 [ 1306.191666] tcp_v4_rcv+0x5a13/0x6520 [ 1306.191666] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.191666] ip_local_deliver+0x44b/0x510 [ 1306.191666] ip_rcv+0x6b6/0x740 [ 1306.191666] process_backlog+0x82b/0x11e0 [ 1306.191666] net_rx_action+0x98f/0x1d50 [ 1306.191666] __do_softirq+0x721/0xc7f [ 1306.191666] [ 1306.191666] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1306.191666] Variable was created at: [ 1306.191666] ipv4_conntrack_local+0x75/0x470 [ 1306.369746] not chained 5940000 origins [ 1306.384665] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1306.384665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1306.384665] Call Trace: [ 1306.384665] dump_stack+0x32d/0x480 [ 1306.384665] kmsan_internal_chain_origin+0x222/0x240 [ 1306.384665] ? kmsan_set_origin+0x7f/0x100 [ 1306.384665] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1306.384665] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1306.384665] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1306.384665] ? in_task_stack+0x12c/0x210 [ 1306.384665] ? task_kmsan_context_state+0x51/0x90 [ 1306.384665] ? __msan_get_context_state+0x9/0x20 [ 1306.384665] ? __kernel_text_address+0x19/0x350 [ 1306.384665] ? ret_from_fork+0x35/0x40 [ 1306.384665] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1306.384665] ? in_task_stack+0x12c/0x210 [ 1306.384665] __msan_chain_origin+0x6d/0xb0 [ 1306.384665] ? ret_from_fork+0x35/0x40 [ 1306.384665] __save_stack_trace+0x8be/0xc60 [ 1306.384665] ? ret_from_fork+0x35/0x40 [ 1306.384665] save_stack_trace+0xc6/0x110 [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] ? run_ksoftirqd+0x37/0x60 [ 1306.384665] ? kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] ? kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] ? __msan_memcpy+0x6f/0x80 [ 1306.384665] ? pskb_expand_head+0x436/0x1d20 [ 1306.384665] ? skb_shift+0xce2/0x2d10 [ 1306.384665] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] ? tcp_ack+0x2888/0xa010 [ 1306.384665] ? tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] ? tcp_v4_do_rcv+0x686/0xd80 [ 1306.384665] ? tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ? ip_local_deliver+0x44b/0x510 [ 1306.384665] ? ip_rcv+0x6b6/0x740 [ 1306.384665] ? process_backlog+0x82b/0x11e0 [ 1306.384665] ? net_rx_action+0x98f/0x1d50 [ 1306.384665] ? __do_softirq+0x721/0xc7f [ 1306.384665] ? run_ksoftirqd+0x37/0x60 [ 1306.384665] ? smpboot_thread_fn+0x69c/0xb30 [ 1306.384665] ? kthread+0x5e7/0x620 [ 1306.384665] ? ret_from_fork+0x35/0x40 [ 1306.384665] ? __msan_get_context_state+0x9/0x20 [ 1306.384665] ? INIT_INT+0xc/0x30 [ 1306.384665] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1306.384665] kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] __msan_memcpy+0x6f/0x80 [ 1306.384665] pskb_expand_head+0x436/0x1d20 [ 1306.384665] skb_shift+0xce2/0x2d10 [ 1306.384665] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] tcp_ack+0x2888/0xa010 [ 1306.384665] ? tcp_parse_options+0xbe/0x1cf0 [ 1306.384665] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1306.384665] ? tcp_parse_options+0x1c55/0x1cf0 [ 1306.384665] tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] ? __msan_get_context_state+0x9/0x20 [ 1306.384665] tcp_v4_do_rcv+0x686/0xd80 [ 1306.384665] tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ? tcp_filter+0x260/0x260 [ 1306.384665] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ? nf_hook_slow+0x36f/0x3d0 [ 1306.384665] ip_local_deliver+0x44b/0x510 [ 1306.384665] ? ip_local_deliver+0x510/0x510 [ 1306.384665] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1306.384665] ip_rcv+0x6b6/0x740 [ 1306.384665] ? ip_rcv_core+0x1370/0x1370 [ 1306.384665] process_backlog+0x82b/0x11e0 [ 1306.384665] ? __msan_poison_alloca+0x1e0/0x270 [ 1306.384665] ? ip_local_deliver_finish+0xff0/0xff0 [ 1306.384665] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1306.384665] net_rx_action+0x98f/0x1d50 [ 1306.384665] ? net_tx_action+0xf20/0xf20 [ 1306.384665] __do_softirq+0x721/0xc7f [ 1306.384665] ? ksoftirqd_should_run+0x50/0x50 [ 1306.384665] run_ksoftirqd+0x37/0x60 [ 1306.384665] smpboot_thread_fn+0x69c/0xb30 [ 1306.384665] kthread+0x5e7/0x620 [ 1306.384665] ? cpu_report_death+0x4a0/0x4a0 [ 1306.384665] ? INIT_BOOL+0x30/0x30 [ 1306.384665] ret_from_fork+0x35/0x40 [ 1306.384665] Uninit was stored to memory at: [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] __msan_chain_origin+0x6d/0xb0 [ 1306.384665] __save_stack_trace+0x8be/0xc60 [ 1306.384665] save_stack_trace+0xc6/0x110 [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] __msan_memcpy+0x6f/0x80 [ 1306.384665] pskb_expand_head+0x436/0x1d20 [ 1306.384665] skb_shift+0xce2/0x2d10 [ 1306.384665] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] tcp_ack+0x2888/0xa010 [ 1306.384665] tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] tcp_v4_do_rcv+0x686/0xd80 [ 1306.384665] tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ip_local_deliver+0x44b/0x510 [ 1306.384665] ip_rcv+0x6b6/0x740 [ 1306.384665] process_backlog+0x82b/0x11e0 [ 1306.384665] net_rx_action+0x98f/0x1d50 [ 1306.384665] __do_softirq+0x721/0xc7f [ 1306.384665] [ 1306.384665] Uninit was stored to memory at: [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] __msan_chain_origin+0x6d/0xb0 [ 1306.384665] __save_stack_trace+0x8be/0xc60 [ 1306.384665] save_stack_trace+0xc6/0x110 [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] __msan_memcpy+0x6f/0x80 [ 1306.384665] pskb_expand_head+0x436/0x1d20 [ 1306.384665] skb_shift+0xce2/0x2d10 [ 1306.384665] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] tcp_ack+0x2888/0xa010 [ 1306.384665] tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] tcp_v4_do_rcv+0x686/0xd80 [ 1306.384665] tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ip_local_deliver+0x44b/0x510 [ 1306.384665] ip_rcv+0x6b6/0x740 [ 1306.384665] process_backlog+0x82b/0x11e0 [ 1306.384665] net_rx_action+0x98f/0x1d50 [ 1306.384665] __do_softirq+0x721/0xc7f [ 1306.384665] [ 1306.384665] Uninit was stored to memory at: [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] __msan_chain_origin+0x6d/0xb0 [ 1306.384665] __save_stack_trace+0x8be/0xc60 [ 1306.384665] save_stack_trace+0xc6/0x110 [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] __msan_memcpy+0x6f/0x80 [ 1306.384665] pskb_expand_head+0x436/0x1d20 [ 1306.384665] skb_shift+0xce2/0x2d10 [ 1306.384665] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] tcp_ack+0x2888/0xa010 [ 1306.384665] tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] tcp_v4_do_rcv+0x686/0xd80 [ 1306.384665] tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ip_local_deliver+0x44b/0x510 [ 1306.384665] ip_rcv+0x6b6/0x740 [ 1306.384665] process_backlog+0x82b/0x11e0 [ 1306.384665] net_rx_action+0x98f/0x1d50 [ 1306.384665] __do_softirq+0x721/0xc7f [ 1306.384665] [ 1306.384665] Uninit was stored to memory at: [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] __msan_chain_origin+0x6d/0xb0 [ 1306.384665] __save_stack_trace+0x8be/0xc60 [ 1306.384665] save_stack_trace+0xc6/0x110 [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] __msan_memcpy+0x6f/0x80 [ 1306.384665] pskb_expand_head+0x436/0x1d20 [ 1306.384665] skb_shift+0xce2/0x2d10 [ 1306.384665] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] tcp_ack+0x2888/0xa010 [ 1306.384665] tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] tcp_v4_do_rcv+0x686/0xd80 [ 1306.384665] tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ip_local_deliver+0x44b/0x510 [ 1306.384665] ip_rcv+0x6b6/0x740 [ 1306.384665] process_backlog+0x82b/0x11e0 [ 1306.384665] net_rx_action+0x98f/0x1d50 [ 1306.384665] __do_softirq+0x721/0xc7f [ 1306.384665] [ 1306.384665] Uninit was stored to memory at: [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] __msan_chain_origin+0x6d/0xb0 [ 1306.384665] __save_stack_trace+0x8be/0xc60 [ 1306.384665] save_stack_trace+0xc6/0x110 [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] __msan_memcpy+0x6f/0x80 [ 1306.384665] pskb_expand_head+0x436/0x1d20 [ 1306.384665] skb_shift+0xce2/0x2d10 [ 1306.384665] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] tcp_ack+0x2888/0xa010 [ 1306.384665] tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] tcp_v4_do_rcv+0x686/0xd80 [ 1306.384665] tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ip_local_deliver+0x44b/0x510 [ 1306.384665] ip_rcv+0x6b6/0x740 [ 1306.384665] process_backlog+0x82b/0x11e0 [ 1306.384665] net_rx_action+0x98f/0x1d50 [ 1306.384665] __do_softirq+0x721/0xc7f [ 1306.384665] [ 1306.384665] Uninit was stored to memory at: [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] __msan_chain_origin+0x6d/0xb0 [ 1306.384665] __save_stack_trace+0x8be/0xc60 [ 1306.384665] save_stack_trace+0xc6/0x110 [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] __msan_memcpy+0x6f/0x80 [ 1306.384665] pskb_expand_head+0x436/0x1d20 [ 1306.384665] skb_shift+0xce2/0x2d10 [ 1306.384665] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] tcp_ack+0x2888/0xa010 [ 1306.384665] tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] tcp_v4_do_rcv+0x686/0xd80 [ 1306.384665] tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ip_local_deliver+0x44b/0x510 [ 1306.384665] ip_rcv+0x6b6/0x740 [ 1306.384665] process_backlog+0x82b/0x11e0 [ 1306.384665] net_rx_action+0x98f/0x1d50 [ 1306.384665] __do_softirq+0x721/0xc7f [ 1306.384665] [ 1306.384665] Uninit was stored to memory at: [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] __msan_chain_origin+0x6d/0xb0 [ 1306.384665] __save_stack_trace+0x8be/0xc60 [ 1306.384665] save_stack_trace+0xc6/0x110 [ 1306.384665] kmsan_internal_chain_origin+0x136/0x240 [ 1306.384665] kmsan_memcpy_origins+0x13d/0x190 [ 1306.384665] __msan_memcpy+0x6f/0x80 [ 1306.384665] pskb_expand_head+0x436/0x1d20 [ 1306.384665] skb_shift+0xce2/0x2d10 [ 1306.384665] tcp_sacktag_walk+0x2156/0x29d0 [ 1306.384665] tcp_sacktag_write_queue+0x2805/0x4630 [ 1306.384665] tcp_ack+0x2888/0xa010 [ 1306.384665] tcp_rcv_established+0xf7e/0x2940 [ 1306.384665] tcp_v4_do_rcv+0x686/0xd80 14:19:04 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socketpair(0x0, 0x2, 0x2, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETPERSIST(r3, 0x400454cb, 0x4) ioctl(r1, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(r0, 0x40000000, r2) 14:19:04 executing program 3: socketpair$unix(0x1, 0x100000000006, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) [ 1306.384665] tcp_v4_rcv+0x5a13/0x6520 [ 1306.384665] ip_local_deliver_finish+0x8d8/0xff0 [ 1306.384665] ip_local_deliver+0x44b/0x510 [ 1306.384665] ip_rcv+0x6b6/0x740 [ 1306.384665] process_backlog+0x82b/0x11e0 [ 1306.384665] net_rx_action+0x98f/0x1d50 [ 1306.384665] __do_softirq+0x721/0xc7f [ 1306.384665] [ 1306.384665] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1306.384665] Variable was created at: [ 1306.384665] ipv4_conntrack_local+0x75/0x470 [ 1306.384665] nf_hook_slow+0x15c/0x3d0 14:19:04 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmmsg(r2, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:04 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r0) r3 = perf_event_open$cgroup(&(0x7f00000000c0)={0x7, 0x70, 0x4, 0x9, 0x40, 0xcbe0, 0x0, 0x81, 0x20000, 0x4, 0x9, 0xd1, 0x33, 0x0, 0x6, 0x1, 0x101, 0x650a, 0x6, 0xffffffffffff0001, 0x0, 0x3, 0x2, 0x3, 0xfffffffffffffff9, 0x3, 0x1ff, 0x38, 0x100, 0x5, 0x580, 0x7, 0x1, 0xffffffffffff0001, 0x2, 0x8, 0xff, 0x9, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000000), 0xc}, 0xd0, 0x3, 0x1f, 0x5, 0xd86, 0x1, 0x2980d125}, 0xffffffffffffff9c, 0xffffffffffffffff, 0xffffffffffffffff, 0x5) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x3) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e22, @local}}, [0x5, 0x6, 0x2, 0x7, 0x3c9, 0x34, 0x2, 0x1, 0x6, 0x33, 0x80, 0x85, 0xfd38, 0x9, 0x100]}, 0xffffffffffffffff) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:19:04 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x11, 0x2, r0, 0x0) 14:19:05 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0xfffffffffffffca2) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:19:05 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000000000)={0xa4, &(0x7f0000004fe8)=[{0x6, 0x0, 0x81, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa878db77e4c8dca6ebf717c4827d18a3643000000000f30f660f50c00096f2a5c463ad489eeb7f00360f614f030f381cb9aea2e12226f242d64a595dc422c5aa717a6563360f8aa2") r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/stat\x00') getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000240)={0x0, 0x2, 0x20}, &(0x7f0000000400)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000440)={r1, 0x1}, &(0x7f0000000480)=0x8) setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r2 = socket$xdp(0x2c, 0x3, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_MRT6_DEL_MFC(r3, 0x29, 0xcd, &(0x7f00000001c0)={{0xa, 0x4e24, 0x8, @ipv4, 0x4}, {0xa, 0x4e22, 0xffff, @ipv4={[], [], @multicast1}, 0x384b}, 0x7fff, [0x6, 0x7, 0x8, 0x100000000, 0xcf, 0x3f, 0x8, 0x7]}, 0x5c) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000000300)={0x2, 0x0, [{}, {}]}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:19:05 executing program 1: 14:19:05 executing program 4: 14:19:05 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x6252, 0x400000) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x8) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="28470300e9530aae4ffd070ecca208c90d295f70e540fc0354a477426572c80b7cfbf607"], 0x1, 0x100000000000) 14:19:05 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmmsg(r2, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:05 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x3623162dcead7e49, 0x70, 0xfffffffffffffffe, 0x200, 0x7f, 0x9, 0x0, 0x4c7, 0x800, 0xb, 0x10001, 0xffffffff, 0x9, 0x9, 0xd5bc, 0x0, 0x8001, 0x2, 0x5, 0x637, 0xffffffffffff0000, 0x2, 0x200, 0x401, 0x4, 0xfc, 0xfffffffffffffff8, 0x0, 0x9, 0x4, 0x0, 0x6, 0x7, 0x3, 0x0, 0x9, 0x100, 0x39, 0x0, 0x100000000, 0x1, @perf_config_ext={0x8000, 0x3}, 0x0, 0x1, 0x4, 0x0, 0x100000000, 0x0, 0xfff}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x30ba) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:19:05 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) r0 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0xfcda) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth0\x00', 0x0}) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000140)={r1, @loopback, @rand_addr}, 0xc) sendto$unix(r0, &(0x7f0000000080), 0x7272, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) readv(r0, &(0x7f0000000500)=[{&(0x7f0000000200)=""/175, 0xaf}], 0x1) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x1b}, 0xfffffffffffffffe}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000000)) 14:19:05 executing program 1: 14:19:05 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:05 executing program 4: 14:19:06 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000)=ANY=[], &(0x7f0000000140)) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:19:06 executing program 3: ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000000c0)=0x0) wait4(r0, &(0x7f0000000100), 0x6, &(0x7f0000000140)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = getpid() ptrace$getsig(0x4202, r3, 0x2, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fsetxattr$system_posix_acl(r2, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) 14:19:06 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x200) ioctl$VIDIOC_G_SELECTION(r0, 0xc040565e, &(0x7f0000000080)={0x8, 0x101, 0x3, {0x5, 0x7f, 0x200}}) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:19:06 executing program 4: 14:19:06 executing program 1: 14:19:06 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:06 executing program 1: 14:19:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0xffffffffffd) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xec, 0x40080) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) 14:19:06 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1309.899212] not chained 5950000 origins [ 1309.901672] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1309.901672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1309.901672] Call Trace: [ 1309.901672] dump_stack+0x32d/0x480 [ 1309.901672] ? save_stack_trace+0xc6/0x110 [ 1309.901672] kmsan_internal_chain_origin+0x222/0x240 [ 1309.901672] ? kmsan_internal_chain_origin+0x136/0x240 [ 1309.901672] ? __msan_chain_origin+0x6d/0xb0 [ 1309.901672] ? __save_stack_trace+0x8be/0xc60 14:19:07 executing program 1: [ 1309.901672] ? save_stack_trace+0xc6/0x110 [ 1309.901672] ? kmsan_internal_chain_origin+0x136/0x240 [ 1309.901672] ? kmsan_memcpy_origins+0x13d/0x190 [ 1309.901672] ? __msan_memcpy+0x6f/0x80 [ 1309.901672] ? pskb_expand_head+0x436/0x1d20 [ 1309.901672] ? skb_shift+0xce2/0x2d10 [ 1309.901672] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1309.901672] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1309.901672] ? tcp_ack+0x2888/0xa010 [ 1309.901672] ? tcp_rcv_established+0xf7e/0x2940 [ 1309.901672] ? tcp_v4_do_rcv+0x686/0xd80 [ 1309.901672] ? tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ? ip_local_deliver+0x44b/0x510 [ 1310.000930] ? ip_rcv+0x6b6/0x740 [ 1310.000930] ? process_backlog+0x82b/0x11e0 [ 1310.000930] ? net_rx_action+0x98f/0x1d50 [ 1310.000930] ? __do_softirq+0x721/0xc7f [ 1310.000930] ? run_ksoftirqd+0x37/0x60 [ 1310.000930] ? smpboot_thread_fn+0x69c/0xb30 [ 1310.000930] ? kthread+0x5e7/0x620 [ 1310.000930] ? ret_from_fork+0x35/0x40 [ 1310.000930] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1310.000930] ? in_task_stack+0x12c/0x210 [ 1310.000930] ? task_kmsan_context_state+0x51/0x90 [ 1310.000930] ? __msan_get_context_state+0x9/0x20 [ 1310.000930] ? __kernel_text_address+0x19/0x350 [ 1310.000930] ? ret_from_fork+0x35/0x40 [ 1310.000930] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1310.000930] ? in_task_stack+0x12c/0x210 [ 1310.000930] __msan_chain_origin+0x6d/0xb0 [ 1310.000930] ? ret_from_fork+0x35/0x40 [ 1310.000930] __save_stack_trace+0x8be/0xc60 [ 1310.000930] ? ret_from_fork+0x35/0x40 [ 1310.000930] save_stack_trace+0xc6/0x110 [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] ? run_ksoftirqd+0x37/0x60 [ 1310.000930] ? kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] ? kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] ? __msan_memcpy+0x6f/0x80 [ 1310.000930] ? pskb_expand_head+0x436/0x1d20 [ 1310.000930] ? skb_shift+0xfc3/0x2d10 [ 1310.000930] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] ? tcp_ack+0x2888/0xa010 14:19:07 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) [ 1310.000930] ? tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] ? tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] ? tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ? ip_local_deliver+0x44b/0x510 [ 1310.000930] ? ip_rcv+0x6b6/0x740 [ 1310.000930] ? process_backlog+0x82b/0x11e0 [ 1310.000930] ? net_rx_action+0x98f/0x1d50 [ 1310.000930] ? __do_softirq+0x721/0xc7f [ 1310.000930] ? run_ksoftirqd+0x37/0x60 [ 1310.000930] ? smpboot_thread_fn+0x69c/0xb30 [ 1310.000930] ? kthread+0x5e7/0x620 [ 1310.000930] ? ret_from_fork+0x35/0x40 [ 1310.000930] ? __msan_get_context_state+0x9/0x20 [ 1310.000930] ? INIT_INT+0xc/0x30 [ 1310.000930] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1310.000930] kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] __msan_memcpy+0x6f/0x80 [ 1310.000930] pskb_expand_head+0x436/0x1d20 [ 1310.000930] skb_shift+0xfc3/0x2d10 [ 1310.000930] tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] tcp_ack+0x2888/0xa010 [ 1310.000930] ? tcp_parse_options+0xbe/0x1cf0 14:19:07 executing program 1: [ 1310.000930] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1310.000930] ? tcp_parse_options+0x1c55/0x1cf0 [ 1310.000930] tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] ? __msan_get_context_state+0x9/0x20 [ 1310.000930] tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ? tcp_filter+0x260/0x260 [ 1310.000930] ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ? nf_hook_slow+0x36f/0x3d0 [ 1310.000930] ip_local_deliver+0x44b/0x510 [ 1310.000930] ? ip_local_deliver+0x510/0x510 [ 1310.000930] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1310.000930] ip_rcv+0x6b6/0x740 [ 1310.000930] ? ip_rcv_core+0x1370/0x1370 [ 1310.000930] process_backlog+0x82b/0x11e0 [ 1310.000930] ? ip_local_deliver_finish+0xff0/0xff0 [ 1310.000930] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1310.000930] net_rx_action+0x98f/0x1d50 [ 1310.000930] ? net_tx_action+0xf20/0xf20 [ 1310.000930] __do_softirq+0x721/0xc7f [ 1310.000930] ? ksoftirqd_should_run+0x50/0x50 [ 1310.000930] run_ksoftirqd+0x37/0x60 [ 1310.000930] smpboot_thread_fn+0x69c/0xb30 [ 1310.000930] kthread+0x5e7/0x620 [ 1310.000930] ? cpu_report_death+0x4a0/0x4a0 [ 1310.000930] ? INIT_BOOL+0x30/0x30 [ 1310.000930] ret_from_fork+0x35/0x40 [ 1310.000930] Uninit was stored to memory at: [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] __msan_chain_origin+0x6d/0xb0 [ 1310.000930] __save_stack_trace+0x8be/0xc60 [ 1310.000930] save_stack_trace+0xc6/0x110 [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] __msan_memcpy+0x6f/0x80 [ 1310.000930] pskb_expand_head+0x436/0x1d20 [ 1310.000930] skb_shift+0xce2/0x2d10 [ 1310.000930] tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] tcp_ack+0x2888/0xa010 [ 1310.000930] tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ip_local_deliver+0x44b/0x510 [ 1310.000930] ip_rcv+0x6b6/0x740 [ 1310.000930] process_backlog+0x82b/0x11e0 [ 1310.000930] net_rx_action+0x98f/0x1d50 [ 1310.000930] __do_softirq+0x721/0xc7f [ 1310.000930] [ 1310.000930] Uninit was stored to memory at: [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] __msan_chain_origin+0x6d/0xb0 [ 1310.000930] __save_stack_trace+0x8be/0xc60 [ 1310.000930] save_stack_trace+0xc6/0x110 [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] __msan_memcpy+0x6f/0x80 [ 1310.000930] pskb_expand_head+0x436/0x1d20 [ 1310.000930] skb_shift+0xce2/0x2d10 [ 1310.000930] tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] tcp_ack+0x2888/0xa010 [ 1310.000930] tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ip_local_deliver+0x44b/0x510 [ 1310.000930] ip_rcv+0x6b6/0x740 [ 1310.000930] process_backlog+0x82b/0x11e0 [ 1310.000930] net_rx_action+0x98f/0x1d50 [ 1310.000930] __do_softirq+0x721/0xc7f [ 1310.000930] [ 1310.000930] Uninit was stored to memory at: [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] __msan_chain_origin+0x6d/0xb0 [ 1310.000930] __save_stack_trace+0x8be/0xc60 [ 1310.000930] save_stack_trace+0xc6/0x110 [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] __msan_memcpy+0x6f/0x80 [ 1310.000930] pskb_expand_head+0x436/0x1d20 [ 1310.000930] skb_shift+0xce2/0x2d10 [ 1310.000930] tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] tcp_ack+0x2888/0xa010 [ 1310.000930] tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ip_local_deliver+0x44b/0x510 [ 1310.000930] ip_rcv+0x6b6/0x740 [ 1310.000930] process_backlog+0x82b/0x11e0 [ 1310.000930] net_rx_action+0x98f/0x1d50 [ 1310.000930] __do_softirq+0x721/0xc7f [ 1310.000930] [ 1310.000930] Uninit was stored to memory at: [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] __msan_chain_origin+0x6d/0xb0 [ 1310.000930] __save_stack_trace+0x8be/0xc60 [ 1310.000930] save_stack_trace+0xc6/0x110 [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] __msan_memcpy+0x6f/0x80 [ 1310.000930] pskb_expand_head+0x436/0x1d20 [ 1310.000930] skb_shift+0xce2/0x2d10 [ 1310.000930] tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] tcp_ack+0x2888/0xa010 [ 1310.000930] tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ip_local_deliver+0x44b/0x510 [ 1310.000930] ip_rcv+0x6b6/0x740 [ 1310.000930] process_backlog+0x82b/0x11e0 [ 1310.000930] net_rx_action+0x98f/0x1d50 [ 1310.000930] __do_softirq+0x721/0xc7f [ 1310.000930] [ 1310.000930] Uninit was stored to memory at: [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] __msan_chain_origin+0x6d/0xb0 [ 1310.000930] __save_stack_trace+0x8be/0xc60 [ 1310.000930] save_stack_trace+0xc6/0x110 [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] __msan_memcpy+0x6f/0x80 [ 1310.000930] pskb_expand_head+0x436/0x1d20 [ 1310.000930] skb_shift+0xce2/0x2d10 [ 1310.000930] tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] tcp_ack+0x2888/0xa010 [ 1310.000930] tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ip_local_deliver+0x44b/0x510 [ 1310.000930] ip_rcv+0x6b6/0x740 [ 1310.000930] process_backlog+0x82b/0x11e0 [ 1310.000930] net_rx_action+0x98f/0x1d50 [ 1310.000930] __do_softirq+0x721/0xc7f [ 1310.000930] [ 1310.000930] Uninit was stored to memory at: [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] __msan_chain_origin+0x6d/0xb0 [ 1310.000930] __save_stack_trace+0x8be/0xc60 [ 1310.000930] save_stack_trace+0xc6/0x110 [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] __msan_memcpy+0x6f/0x80 [ 1310.000930] pskb_expand_head+0x436/0x1d20 [ 1310.000930] skb_shift+0xce2/0x2d10 [ 1310.000930] tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] tcp_ack+0x2888/0xa010 [ 1310.000930] tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ip_local_deliver+0x44b/0x510 [ 1310.000930] ip_rcv+0x6b6/0x740 [ 1310.000930] process_backlog+0x82b/0x11e0 [ 1310.000930] net_rx_action+0x98f/0x1d50 [ 1310.000930] __do_softirq+0x721/0xc7f [ 1310.000930] [ 1310.000930] Uninit was stored to memory at: [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] __msan_chain_origin+0x6d/0xb0 [ 1310.000930] __save_stack_trace+0x8be/0xc60 [ 1310.000930] save_stack_trace+0xc6/0x110 [ 1310.000930] kmsan_internal_chain_origin+0x136/0x240 [ 1310.000930] kmsan_memcpy_origins+0x13d/0x190 [ 1310.000930] __msan_memcpy+0x6f/0x80 [ 1310.000930] pskb_expand_head+0x436/0x1d20 [ 1310.000930] skb_shift+0xce2/0x2d10 [ 1310.000930] tcp_sacktag_walk+0x2156/0x29d0 [ 1310.000930] tcp_sacktag_write_queue+0x2805/0x4630 [ 1310.000930] tcp_ack+0x2888/0xa010 [ 1310.000930] tcp_rcv_established+0xf7e/0x2940 [ 1310.000930] tcp_v4_do_rcv+0x686/0xd80 [ 1310.000930] tcp_v4_rcv+0x5a13/0x6520 [ 1310.000930] ip_local_deliver_finish+0x8d8/0xff0 [ 1310.000930] ip_local_deliver+0x44b/0x510 [ 1310.000930] ip_rcv+0x6b6/0x740 [ 1310.000930] process_backlog+0x82b/0x11e0 [ 1310.000930] net_rx_action+0x98f/0x1d50 [ 1310.000930] __do_softirq+0x721/0xc7f [ 1310.000930] [ 1310.000930] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1310.000930] Variable was created at: [ 1310.000930] ipv4_conntrack_local+0x75/0x470 [ 1310.000930] nf_hook_slow+0x15c/0x3d0 [ 1311.061866] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1311.068750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1311.071669] Call Trace: [ 1311.071669] dump_stack+0x32d/0x480 [ 1311.071669] kmsan_internal_chain_origin+0x222/0x240 [ 1311.071669] ? kmsan_set_origin+0x7f/0x100 [ 1311.092517] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1311.092517] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1311.092517] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1311.092517] ? in_task_stack+0x12c/0x210 [ 1311.092517] ? task_kmsan_context_state+0x51/0x90 [ 1311.092517] ? __msan_get_context_state+0x9/0x20 [ 1311.092517] ? __kernel_text_address+0x19/0x350 [ 1311.092517] ? ret_from_fork+0x35/0x40 [ 1311.092517] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1311.092517] ? in_task_stack+0x12c/0x210 [ 1311.092517] __msan_chain_origin+0x6d/0xb0 [ 1311.092517] ? skb_shift+0xce2/0x2d10 [ 1311.092517] __save_stack_trace+0x8be/0xc60 [ 1311.092517] ? skb_shift+0xce2/0x2d10 [ 1311.092517] save_stack_trace+0xc6/0x110 [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] ? run_ksoftirqd+0x37/0x60 [ 1311.092517] ? kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] ? kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] ? __msan_memcpy+0x6f/0x80 [ 1311.092517] ? pskb_expand_head+0x436/0x1d20 [ 1311.092517] ? skb_shift+0xce2/0x2d10 [ 1311.092517] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] ? tcp_ack+0x2888/0xa010 [ 1311.092517] ? tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] ? tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] ? tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ? ip_local_deliver+0x44b/0x510 [ 1311.092517] ? ip_rcv+0x6b6/0x740 [ 1311.092517] ? process_backlog+0x82b/0x11e0 [ 1311.092517] ? net_rx_action+0x98f/0x1d50 [ 1311.092517] ? __do_softirq+0x721/0xc7f [ 1311.092517] ? run_ksoftirqd+0x37/0x60 [ 1311.092517] ? smpboot_thread_fn+0x69c/0xb30 [ 1311.092517] ? kthread+0x5e7/0x620 [ 1311.092517] ? ret_from_fork+0x35/0x40 [ 1311.092517] ? __msan_get_context_state+0x9/0x20 [ 1311.092517] ? INIT_INT+0xc/0x30 [ 1311.092517] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1311.092517] kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] __msan_memcpy+0x6f/0x80 [ 1311.092517] pskb_expand_head+0x436/0x1d20 [ 1311.092517] skb_shift+0xce2/0x2d10 [ 1311.092517] tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] tcp_ack+0x2888/0xa010 [ 1311.092517] ? tcp_parse_options+0xbe/0x1cf0 [ 1311.092517] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1311.092517] ? tcp_parse_options+0x1c55/0x1cf0 [ 1311.092517] tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] ? __msan_get_context_state+0x9/0x20 [ 1311.092517] tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ? tcp_filter+0x260/0x260 [ 1311.092517] ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ? nf_hook_slow+0x36f/0x3d0 [ 1311.092517] ip_local_deliver+0x44b/0x510 [ 1311.092517] ? ip_local_deliver+0x510/0x510 [ 1311.092517] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1311.092517] ip_rcv+0x6b6/0x740 [ 1311.092517] ? ip_rcv_core+0x1370/0x1370 [ 1311.092517] process_backlog+0x82b/0x11e0 [ 1311.092517] ? ip_local_deliver_finish+0xff0/0xff0 [ 1311.092517] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1311.092517] net_rx_action+0x98f/0x1d50 [ 1311.092517] ? net_tx_action+0xf20/0xf20 [ 1311.092517] __do_softirq+0x721/0xc7f [ 1311.092517] ? ksoftirqd_should_run+0x50/0x50 [ 1311.092517] run_ksoftirqd+0x37/0x60 [ 1311.092517] smpboot_thread_fn+0x69c/0xb30 [ 1311.092517] kthread+0x5e7/0x620 [ 1311.092517] ? cpu_report_death+0x4a0/0x4a0 [ 1311.092517] ? INIT_BOOL+0x30/0x30 [ 1311.092517] ret_from_fork+0x35/0x40 [ 1311.092517] Uninit was stored to memory at: [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] __msan_chain_origin+0x6d/0xb0 [ 1311.092517] __save_stack_trace+0x8be/0xc60 [ 1311.092517] save_stack_trace+0xc6/0x110 [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] __msan_memcpy+0x6f/0x80 [ 1311.092517] pskb_expand_head+0x436/0x1d20 [ 1311.092517] skb_shift+0xce2/0x2d10 [ 1311.092517] tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] tcp_ack+0x2888/0xa010 [ 1311.092517] tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ip_local_deliver+0x44b/0x510 [ 1311.092517] ip_rcv+0x6b6/0x740 [ 1311.092517] process_backlog+0x82b/0x11e0 [ 1311.092517] net_rx_action+0x98f/0x1d50 [ 1311.092517] __do_softirq+0x721/0xc7f [ 1311.092517] [ 1311.092517] Uninit was stored to memory at: [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] __msan_chain_origin+0x6d/0xb0 [ 1311.092517] __save_stack_trace+0x8be/0xc60 [ 1311.092517] save_stack_trace+0xc6/0x110 [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] __msan_memcpy+0x6f/0x80 [ 1311.092517] pskb_expand_head+0x436/0x1d20 [ 1311.092517] skb_shift+0xce2/0x2d10 [ 1311.092517] tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] tcp_ack+0x2888/0xa010 [ 1311.092517] tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ip_local_deliver+0x44b/0x510 [ 1311.092517] ip_rcv+0x6b6/0x740 [ 1311.092517] process_backlog+0x82b/0x11e0 [ 1311.092517] net_rx_action+0x98f/0x1d50 [ 1311.092517] __do_softirq+0x721/0xc7f [ 1311.092517] [ 1311.092517] Uninit was stored to memory at: [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] __msan_chain_origin+0x6d/0xb0 [ 1311.092517] __save_stack_trace+0x8be/0xc60 [ 1311.092517] save_stack_trace+0xc6/0x110 [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] __msan_memcpy+0x6f/0x80 [ 1311.092517] pskb_expand_head+0x436/0x1d20 [ 1311.092517] skb_shift+0xce2/0x2d10 [ 1311.092517] tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] tcp_ack+0x2888/0xa010 [ 1311.092517] tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ip_local_deliver+0x44b/0x510 [ 1311.092517] ip_rcv+0x6b6/0x740 [ 1311.092517] process_backlog+0x82b/0x11e0 [ 1311.092517] net_rx_action+0x98f/0x1d50 [ 1311.092517] __do_softirq+0x721/0xc7f [ 1311.092517] [ 1311.092517] Uninit was stored to memory at: [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] __msan_chain_origin+0x6d/0xb0 [ 1311.092517] __save_stack_trace+0x8be/0xc60 [ 1311.092517] save_stack_trace+0xc6/0x110 [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] __msan_memcpy+0x6f/0x80 [ 1311.092517] pskb_expand_head+0x436/0x1d20 [ 1311.092517] skb_shift+0xce2/0x2d10 [ 1311.092517] tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] tcp_ack+0x2888/0xa010 [ 1311.092517] tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ip_local_deliver+0x44b/0x510 [ 1311.092517] ip_rcv+0x6b6/0x740 [ 1311.092517] process_backlog+0x82b/0x11e0 [ 1311.092517] net_rx_action+0x98f/0x1d50 [ 1311.092517] __do_softirq+0x721/0xc7f [ 1311.092517] [ 1311.092517] Uninit was stored to memory at: [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] __msan_chain_origin+0x6d/0xb0 [ 1311.092517] __save_stack_trace+0x8be/0xc60 [ 1311.092517] save_stack_trace+0xc6/0x110 [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] __msan_memcpy+0x6f/0x80 [ 1311.092517] pskb_expand_head+0x436/0x1d20 [ 1311.092517] skb_shift+0xce2/0x2d10 [ 1311.092517] tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] tcp_ack+0x2888/0xa010 [ 1311.092517] tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ip_local_deliver+0x44b/0x510 [ 1311.092517] ip_rcv+0x6b6/0x740 [ 1311.092517] process_backlog+0x82b/0x11e0 [ 1311.092517] net_rx_action+0x98f/0x1d50 [ 1311.092517] __do_softirq+0x721/0xc7f [ 1311.092517] [ 1311.092517] Uninit was stored to memory at: [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] __msan_chain_origin+0x6d/0xb0 [ 1311.092517] __save_stack_trace+0x8be/0xc60 [ 1311.092517] save_stack_trace+0xc6/0x110 [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] __msan_memcpy+0x6f/0x80 [ 1311.092517] pskb_expand_head+0x436/0x1d20 [ 1311.092517] skb_shift+0xce2/0x2d10 [ 1311.092517] tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] tcp_ack+0x2888/0xa010 [ 1311.092517] tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ip_local_deliver+0x44b/0x510 [ 1311.092517] ip_rcv+0x6b6/0x740 [ 1311.092517] process_backlog+0x82b/0x11e0 [ 1311.092517] net_rx_action+0x98f/0x1d50 [ 1311.092517] __do_softirq+0x721/0xc7f [ 1311.092517] [ 1311.092517] Uninit was stored to memory at: [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] __msan_chain_origin+0x6d/0xb0 [ 1311.092517] __save_stack_trace+0x8be/0xc60 [ 1311.092517] save_stack_trace+0xc6/0x110 [ 1311.092517] kmsan_internal_chain_origin+0x136/0x240 [ 1311.092517] kmsan_memcpy_origins+0x13d/0x190 [ 1311.092517] __msan_memcpy+0x6f/0x80 [ 1311.092517] pskb_expand_head+0x436/0x1d20 [ 1311.092517] skb_shift+0xce2/0x2d10 [ 1311.092517] tcp_sacktag_walk+0x2156/0x29d0 [ 1311.092517] tcp_sacktag_write_queue+0x2805/0x4630 [ 1311.092517] tcp_ack+0x2888/0xa010 [ 1311.092517] tcp_rcv_established+0xf7e/0x2940 [ 1311.092517] tcp_v4_do_rcv+0x686/0xd80 [ 1311.092517] tcp_v4_rcv+0x5a13/0x6520 [ 1311.092517] ip_local_deliver_finish+0x8d8/0xff0 [ 1311.092517] ip_local_deliver+0x44b/0x510 [ 1311.092517] ip_rcv+0x6b6/0x740 [ 1311.092517] process_backlog+0x82b/0x11e0 [ 1311.092517] net_rx_action+0x98f/0x1d50 [ 1311.092517] __do_softirq+0x721/0xc7f [ 1311.092517] [ 1311.092517] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1311.092517] Variable was created at: [ 1311.092517] ipv4_conntrack_local+0x75/0x470 [ 1311.092517] nf_hook_slow+0x15c/0x3d0 [ 1312.391505] not chained 5970000 origins [ 1312.391685] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1312.391685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1312.391685] Call Trace: [ 1312.391685] dump_stack+0x32d/0x480 [ 1312.391685] kmsan_internal_chain_origin+0x222/0x240 [ 1312.391685] ? kmsan_set_origin+0x7f/0x100 [ 1312.391685] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1312.391685] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1312.391685] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1312.391685] ? in_task_stack+0x12c/0x210 [ 1312.391685] ? task_kmsan_context_state+0x51/0x90 [ 1312.391685] ? __msan_get_context_state+0x9/0x20 [ 1312.456799] ? __kernel_text_address+0x19/0x350 [ 1312.456799] ? ret_from_fork+0x35/0x40 [ 1312.456799] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1312.456799] ? in_task_stack+0x12c/0x210 [ 1312.456799] __msan_chain_origin+0x6d/0xb0 [ 1312.456799] ? process_backlog+0x82b/0x11e0 [ 1312.456799] __save_stack_trace+0x8be/0xc60 [ 1312.456799] ? process_backlog+0x82b/0x11e0 [ 1312.456799] save_stack_trace+0xc6/0x110 [ 1312.456799] kmsan_internal_chain_origin+0x136/0x240 [ 1312.456799] ? run_ksoftirqd+0x37/0x60 [ 1312.456799] ? kmsan_internal_chain_origin+0x136/0x240 [ 1312.456799] ? kmsan_memcpy_origins+0x13d/0x190 [ 1312.456799] ? __msan_memcpy+0x6f/0x80 [ 1312.456799] ? pskb_expand_head+0x436/0x1d20 [ 1312.456799] ? skb_shift+0xce2/0x2d10 [ 1312.456799] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1312.456799] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] ? tcp_ack+0x2888/0xa010 [ 1312.536331] ? tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] ? tcp_v4_do_rcv+0x686/0xd80 [ 1312.536331] ? tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ? ip_local_deliver+0x44b/0x510 [ 1312.536331] ? ip_rcv+0x6b6/0x740 [ 1312.536331] ? process_backlog+0x82b/0x11e0 [ 1312.536331] ? net_rx_action+0x98f/0x1d50 [ 1312.536331] ? __do_softirq+0x721/0xc7f [ 1312.536331] ? run_ksoftirqd+0x37/0x60 [ 1312.536331] ? smpboot_thread_fn+0x69c/0xb30 [ 1312.536331] ? kthread+0x5e7/0x620 [ 1312.536331] ? ret_from_fork+0x35/0x40 [ 1312.536331] ? __msan_get_context_state+0x9/0x20 [ 1312.536331] ? INIT_INT+0xc/0x30 [ 1312.536331] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1312.536331] kmsan_memcpy_origins+0x13d/0x190 [ 1312.536331] __msan_memcpy+0x6f/0x80 [ 1312.536331] pskb_expand_head+0x436/0x1d20 [ 1312.536331] skb_shift+0xce2/0x2d10 [ 1312.536331] tcp_sacktag_walk+0x2156/0x29d0 [ 1312.536331] tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] tcp_ack+0x2888/0xa010 [ 1312.536331] ? tcp_parse_options+0xbe/0x1cf0 [ 1312.536331] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1312.536331] ? tcp_parse_options+0x1c55/0x1cf0 [ 1312.536331] tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] ? __msan_get_context_state+0x9/0x20 [ 1312.536331] tcp_v4_do_rcv+0x686/0xd80 [ 1312.536331] tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ? tcp_filter+0x260/0x260 [ 1312.536331] ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ? nf_hook_slow+0x36f/0x3d0 [ 1312.536331] ip_local_deliver+0x44b/0x510 [ 1312.536331] ? ip_local_deliver+0x510/0x510 [ 1312.536331] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1312.536331] ip_rcv+0x6b6/0x740 [ 1312.536331] ? ip_rcv_core+0x1370/0x1370 [ 1312.536331] process_backlog+0x82b/0x11e0 [ 1312.536331] ? __msan_get_context_state+0x9/0x20 [ 1312.536331] ? ip_local_deliver_finish+0xff0/0xff0 [ 1312.536331] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1312.536331] net_rx_action+0x98f/0x1d50 [ 1312.536331] ? net_tx_action+0xf20/0xf20 [ 1312.536331] __do_softirq+0x721/0xc7f [ 1312.536331] ? ksoftirqd_should_run+0x50/0x50 [ 1312.536331] run_ksoftirqd+0x37/0x60 [ 1312.536331] smpboot_thread_fn+0x69c/0xb30 [ 1312.536331] kthread+0x5e7/0x620 [ 1312.536331] ? cpu_report_death+0x4a0/0x4a0 [ 1312.536331] ? INIT_BOOL+0x30/0x30 [ 1312.536331] ret_from_fork+0x35/0x40 [ 1312.536331] Uninit was stored to memory at: [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] __msan_chain_origin+0x6d/0xb0 [ 1312.536331] __save_stack_trace+0x8be/0xc60 [ 1312.536331] save_stack_trace+0xc6/0x110 [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] kmsan_memcpy_origins+0x13d/0x190 [ 1312.536331] __msan_memcpy+0x6f/0x80 [ 1312.536331] pskb_expand_head+0x436/0x1d20 [ 1312.536331] skb_shift+0x29a0/0x2d10 [ 1312.536331] tcp_sacktag_walk+0x2156/0x29d0 [ 1312.536331] tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] tcp_ack+0x2888/0xa010 [ 1312.536331] tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] tcp_v4_do_rcv+0x686/0xd80 [ 1312.536331] tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ip_local_deliver+0x44b/0x510 [ 1312.536331] ip_rcv+0x6b6/0x740 [ 1312.536331] process_backlog+0x82b/0x11e0 [ 1312.536331] net_rx_action+0x98f/0x1d50 [ 1312.536331] __do_softirq+0x721/0xc7f [ 1312.536331] [ 1312.536331] Uninit was stored to memory at: [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] __msan_chain_origin+0x6d/0xb0 [ 1312.536331] __save_stack_trace+0x8be/0xc60 [ 1312.536331] save_stack_trace+0xc6/0x110 [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] kmsan_memcpy_origins+0x13d/0x190 [ 1312.536331] __msan_memcpy+0x6f/0x80 [ 1312.536331] pskb_expand_head+0x436/0x1d20 [ 1312.536331] skb_shift+0x29a0/0x2d10 [ 1312.536331] tcp_sacktag_walk+0x2156/0x29d0 [ 1312.536331] tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] tcp_ack+0x2888/0xa010 [ 1312.536331] tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] tcp_v4_do_rcv+0x686/0xd80 [ 1312.536331] tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ip_local_deliver+0x44b/0x510 [ 1312.536331] ip_rcv+0x6b6/0x740 [ 1312.536331] process_backlog+0x82b/0x11e0 [ 1312.536331] net_rx_action+0x98f/0x1d50 [ 1312.536331] __do_softirq+0x721/0xc7f [ 1312.536331] [ 1312.536331] Uninit was stored to memory at: [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] __msan_chain_origin+0x6d/0xb0 [ 1312.536331] __save_stack_trace+0x8be/0xc60 [ 1312.536331] save_stack_trace+0xc6/0x110 [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] kmsan_memcpy_origins+0x13d/0x190 [ 1312.536331] __msan_memcpy+0x6f/0x80 [ 1312.536331] pskb_expand_head+0x436/0x1d20 [ 1312.536331] skb_shift+0x29a0/0x2d10 [ 1312.536331] tcp_sacktag_walk+0x2156/0x29d0 [ 1312.536331] tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] tcp_ack+0x2888/0xa010 [ 1312.536331] tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] tcp_v4_do_rcv+0x686/0xd80 [ 1312.536331] tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ip_local_deliver+0x44b/0x510 [ 1312.536331] ip_rcv+0x6b6/0x740 [ 1312.536331] process_backlog+0x82b/0x11e0 [ 1312.536331] net_rx_action+0x98f/0x1d50 [ 1312.536331] __do_softirq+0x721/0xc7f [ 1312.536331] [ 1312.536331] Uninit was stored to memory at: [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] __msan_chain_origin+0x6d/0xb0 [ 1312.536331] __save_stack_trace+0x8be/0xc60 [ 1312.536331] save_stack_trace+0xc6/0x110 [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] kmsan_memcpy_origins+0x13d/0x190 [ 1312.536331] __msan_memcpy+0x6f/0x80 [ 1312.536331] pskb_expand_head+0x436/0x1d20 [ 1312.536331] skb_shift+0x29a0/0x2d10 [ 1312.536331] tcp_sacktag_walk+0x2156/0x29d0 [ 1312.536331] tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] tcp_ack+0x2888/0xa010 [ 1312.536331] tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] tcp_v4_do_rcv+0x686/0xd80 [ 1312.536331] tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ip_local_deliver+0x44b/0x510 [ 1312.536331] ip_rcv+0x6b6/0x740 [ 1312.536331] process_backlog+0x82b/0x11e0 [ 1312.536331] net_rx_action+0x98f/0x1d50 [ 1312.536331] __do_softirq+0x721/0xc7f [ 1312.536331] [ 1312.536331] Uninit was stored to memory at: [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] __msan_chain_origin+0x6d/0xb0 [ 1312.536331] __save_stack_trace+0x8be/0xc60 [ 1312.536331] save_stack_trace+0xc6/0x110 [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] kmsan_memcpy_origins+0x13d/0x190 [ 1312.536331] __msan_memcpy+0x6f/0x80 [ 1312.536331] pskb_expand_head+0x436/0x1d20 [ 1312.536331] skb_shift+0x29a0/0x2d10 [ 1312.536331] tcp_sacktag_walk+0x2156/0x29d0 [ 1312.536331] tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] tcp_ack+0x2888/0xa010 [ 1312.536331] tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] tcp_v4_do_rcv+0x686/0xd80 [ 1312.536331] tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ip_local_deliver+0x44b/0x510 [ 1312.536331] ip_rcv+0x6b6/0x740 [ 1312.536331] process_backlog+0x82b/0x11e0 [ 1312.536331] net_rx_action+0x98f/0x1d50 [ 1312.536331] __do_softirq+0x721/0xc7f [ 1312.536331] [ 1312.536331] Uninit was stored to memory at: [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] __msan_chain_origin+0x6d/0xb0 [ 1312.536331] __save_stack_trace+0x8be/0xc60 [ 1312.536331] save_stack_trace+0xc6/0x110 [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] kmsan_memcpy_origins+0x13d/0x190 [ 1312.536331] __msan_memcpy+0x6f/0x80 [ 1312.536331] pskb_expand_head+0x436/0x1d20 [ 1312.536331] skb_shift+0x29a0/0x2d10 [ 1312.536331] tcp_sacktag_walk+0x2156/0x29d0 [ 1312.536331] tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] tcp_ack+0x2888/0xa010 [ 1312.536331] tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] tcp_v4_do_rcv+0x686/0xd80 [ 1312.536331] tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ip_local_deliver+0x44b/0x510 [ 1312.536331] ip_rcv+0x6b6/0x740 [ 1312.536331] process_backlog+0x82b/0x11e0 [ 1312.536331] net_rx_action+0x98f/0x1d50 [ 1312.536331] __do_softirq+0x721/0xc7f [ 1312.536331] [ 1312.536331] Uninit was stored to memory at: [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] __msan_chain_origin+0x6d/0xb0 [ 1312.536331] __save_stack_trace+0x8be/0xc60 [ 1312.536331] save_stack_trace+0xc6/0x110 [ 1312.536331] kmsan_internal_chain_origin+0x136/0x240 [ 1312.536331] kmsan_memcpy_origins+0x13d/0x190 [ 1312.536331] __msan_memcpy+0x6f/0x80 [ 1312.536331] pskb_expand_head+0x436/0x1d20 [ 1312.536331] skb_shift+0x29a0/0x2d10 [ 1312.536331] tcp_sacktag_walk+0x2156/0x29d0 [ 1312.536331] tcp_sacktag_write_queue+0x2805/0x4630 [ 1312.536331] tcp_ack+0x2888/0xa010 [ 1312.536331] tcp_rcv_established+0xf7e/0x2940 [ 1312.536331] tcp_v4_do_rcv+0x686/0xd80 14:19:10 executing program 1: 14:19:10 executing program 4: 14:19:10 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind(r1, &(0x7f0000000140)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x1, 0x0, 0x3, 0x2, {0xa, 0x4e24, 0x71, @mcast2, 0x9}}}, 0x80) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x7f, 0x10082) getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x44, &(0x7f00000000c0)={'HL\x00'}, &(0x7f0000000100)=0x1e) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) [ 1312.536331] tcp_v4_rcv+0x5a13/0x6520 [ 1312.536331] ip_local_deliver_finish+0x8d8/0xff0 [ 1312.536331] ip_local_deliver+0x44b/0x510 [ 1312.536331] ip_rcv+0x6b6/0x740 [ 1312.536331] process_backlog+0x82b/0x11e0 [ 1312.536331] net_rx_action+0x98f/0x1d50 [ 1312.536331] __do_softirq+0x721/0xc7f [ 1312.536331] [ 1312.536331] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1312.536331] Variable was created at: [ 1312.536331] ipv4_conntrack_local+0x75/0x470 [ 1312.536331] nf_hook_slow+0x15c/0x3d0 14:19:10 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0}, &(0x7f00000002c0)=0x14) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) r3 = dup3(r0, r1, 0x80000) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') getpeername$packet(r3, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000640)=0x14) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000001240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4010128}, 0xc, &(0x7f0000001200)={&(0x7f0000000680)={0xb44, r4, 0x21, 0x70bd25, 0x25dfdbfd, {}, [{{0x8, 0x1, r2}, {0xf0, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r2}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x75}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r5}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r2}, {0x138, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x4933}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0xb67}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r2}, {0x1d8, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r2}}}, {0x6c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x3c, 0x4, [{0x3a1, 0x8, 0xe9, 0xf93d}, {0x7f6, 0x447, 0x2, 0x6}, {0x9, 0x7b55, 0x481, 0x4}, {0x8001, 0x8, 0x1, 0x7}, {0x4, 0x4, 0x8, 0xf237}, {0x5, 0x6, 0xfd, 0x7}, {0x4, 0x38e27d89, 0x7, 0x3}]}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x78}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x10000}}}]}}, {{0x8, 0x1, r2}, {0x244, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}, {0x4c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x1c, 0x4, [{0x101, 0xfffffffffffffffd, 0x80000000, 0xd86}, {0x6, 0x6, 0x1000}, {0xffffffff80000001, 0x200, 0xffffffffffffff03, 0x401}]}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffff9}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0xffffffffffffff80}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r2}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r2}, {0x16c, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r2}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x6d5}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x7f}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r2}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r2}}, {0x8}}}]}}, {{0x8, 0x1, r2}, {0x130, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0xfff}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x101}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r2}}}]}}, {{0x8, 0x1, r2}, {0xbc, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8}}}]}}, {{0x8, 0x1, r2}, {0x154, 0x2, [{0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x8, 0x2, 0x3f, 0x93d0}, {0x101, 0x1, 0x6ae, 0x81}, {0xbb, 0xb7bc, 0x401, 0x2}, {0x1000, 0xcbb, 0x81, 0xffffffffffffffff}, {0x9ca3, 0x9, 0x80, 0x2}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r2}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r2}}}]}}]}, 0xb44}, 0x1, 0x0, 0x0, 0x40}, 0x80) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000580)='./cgroup.cpu/syz1\x00', 0x1ff) write$vnet(r3, &(0x7f0000000500)={0x1, {&(0x7f0000000340)=""/198, 0xc6, &(0x7f0000000440)=""/139, 0x2, 0x2}}, 0x68) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:19:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x200) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x3ff}, &(0x7f0000000340)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000400)={r1, 0xe4}, 0x8) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000440)=0x7) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x8000, 0x0) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x27, &(0x7f0000000200)={@loopback, @local, 0x0}, &(0x7f0000000240)=0xc) bind$can_raw(r3, &(0x7f0000000480)={0x1d, r4}, 0xfffffede) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:19:10 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:10 executing program 4: 14:19:10 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x40800, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x75a8) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="1de9cc1f8a581a37e92f3a285024dad29ec44cbaf2aae3b8ea13435d03f94e49174e73cba7fc1e9337df21eb17864770af3aded69a4d051e9527eb61ec9ca2d3b36275d3e8eee1835bc1a798030000008f17671fc2d657bde84c4055ef8e20a83671e4280798e263ee9c9be6f2331071617ca01f1a5b8daf92957c102c9badb6306c4a2abdf84d1f5490f39324a42da9238a5486dbfee735a6397011085226"], 0x1, 0x100000000000) 14:19:10 executing program 1: clone(0x3102001fff, 0x0, 0xfffffffffffffffe, &(0x7f00000003c0), 0xffffffffffffffff) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) read(r0, &(0x7f0000000040)=""/11, 0xb) r1 = epoll_create1(0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000380)=0x404100000001, 0xfe3f) connect$inet6(r2, &(0x7f0000000080), 0x1c) r3 = dup2(r2, r2) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x132441) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000002380), 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ZERO(r3, 0x0, 0x48f, &(0x7f0000000040)={0x0, @loopback, 0x0, 0x0, 'lblc\x00'}, 0x2c) r4 = syz_open_pts(r0, 0x0) setsockopt$inet6_IPV6_PKTINFO(r2, 0x29, 0x32, &(0x7f0000000840)={@remote}, 0x14) dup2(r1, r4) 14:19:11 executing program 4: syz_execute_func(&(0x7f0000000280)="3666440f50f564ff0941c366440f56c9c4c27d794e0066420fe2e3f347aac442019dccd3196f") r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x1, 0x0) r1 = dup(r0) write$P9_RGETLOCK(r1, &(0x7f0000000080)={0x2b, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0xd, '/dev/net/tun\x00'}}, 0x2b) [ 1314.276145] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:0 14:19:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/udp6\x00') ioctl$LOOP_GET_STATUS(r2, 0x4c03, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="18edde11c49da1e569fefc1f8879492c9caa16e8238462750cff16219d04334b748b49fdbb96e82c946fd10c7bf3ac0a0d6d7edb56f0930a781704cb6c1f4273f93f3bc7156e349ee50bc119665816200d4b852bd24763583de7e49a1429c16cbc155ccf0dd430719af21f0b118b4246884bedfbfcc233648b052a312e7e3502c182bb30b78c005605970aa3723624d78be362bc8c7c77000000000000183740da8ee2062280469908bb6e461362f9410dbb3e000000000000000000009babe37d1930534c1608c447bd068ac1c1c7de513f59824ba9a1c3bad4585fe5cb2863622046ef222bf853b9b045ff65d0850c4fd6bddf96e9f1f5710d3b26f0c5f2e3c8ef5784136f93b25c0ad47709c4095c140867e1d7fedbd9d62b55b9893808a3e9a55a1b8e9f4f110c99c1ed26f79d75fafd0194ee7a28e867eeabcc39c45095757cf8644c245c723cb54b13f0fb4b5325ac095696"], 0x1, 0x100000000000) 14:19:11 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:11 executing program 1: syz_execute_func(&(0x7f0000000280)="3666440f50f564ff0941c366440f56c9c4c27d794e0066420fe2e3f347aac442019dccd3196f") r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x1, 0x0) write$tun(r0, &(0x7f0000000100)=ANY=[], 0x0) 14:19:11 executing program 4: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x20000000802, 0x0) write(r0, &(0x7f0000000040)="240000001a0025f00018000400edfc0e8000000000000000000000000800020048050000", 0x24) 14:19:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0x10000, 0x0) write$FUSE_NOTIFY_INVAL_INODE(r2, &(0x7f0000000200)={0x28, 0x2, 0x0, {0x5, 0x4, 0x800}}, 0x28) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$inet(r3, &(0x7f00000000c0)="2a0ee70a487bd43a3f0908c8cb42311e2b2e90229f63566f932d60e844e61b656519ce91baa795f2d3f49c398bb9680c41a44aa92e27240fa159e45234757b25dd7574d53a32f2a716a9da88a2a1125f14a3d26b1302a94d3bf38c4db198e87716152fcf88abc253dda19de4c32ef2acc432d2cf3178d4aecc0b9006874be31fbbcf0fb82d99e1382dec5efd8a3f00728175afc6a21bf8b92b24713c89ec654e0c15ef491e4c24623212b43a97ed692146eb2784bed045a79ae02db31db144", 0xbf, 0x1, &(0x7f0000000180)={0x2, 0x4e22, @multicast1}, 0x10) 14:19:12 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x22000, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000400)={0x7c1, {{0x2, 0x4e24, @multicast1}}, 0x1, 0x9, [{{0x2, 0x4e21, @remote}}, {{0x2, 0x4e21, @broadcast}}, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1f}}}, {{0x2, 0x4e23, @multicast2}}, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e22, @multicast1}}, {{0x2, 0x4e24, @loopback}}, {{0x2, 0x4e22, @multicast1}}, {{0x2, 0x4e24, @rand_addr=0x2}}]}, 0x510) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xffff, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e20, @remote}}}, &(0x7f0000000080)=0x84) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000300)={r2, 0x20}, 0x8) ioctl(r1, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 14:19:12 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:19:12 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)={0x0, r0, 0x4, 0x2}, 0x14) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:12 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "7914084b165e9ec52f1595ab29ebf015f37b541a5750acb2ac95e9ad3962af352e5323b779821fa55ee14bf9"}) futex(&(0x7f0000000180), 0x0, 0x0, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000380)=0x1, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:19:12 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) r1 = fcntl$getown(r0, 0x9) capget(&(0x7f0000000000)={0x399f1336, r1}, &(0x7f0000000140)={0x4, 0x0, 0x10001, 0x10000, 0x7, 0x8}) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x104) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:19:12 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x3) getpeername(r0, &(0x7f00000000c0)=@generic, &(0x7f0000000040)=0x80) 14:19:12 executing program 5: openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x141401, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) [ 1315.828713] not chained 5980000 origins [ 1315.831662] CPU: 0 PID: 20016 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #85 [ 1315.831662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1315.831662] Call Trace: [ 1315.831662] [ 1315.831662] dump_stack+0x32d/0x480 [ 1315.831662] kmsan_internal_chain_origin+0x222/0x240 [ 1315.831662] ? kmsan_set_origin+0x7f/0x100 [ 1315.831662] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1315.831662] ? __module_address+0x6a/0x5f0 [ 1315.831662] ? is_bpf_text_address+0x3e5/0x4d0 [ 1315.831662] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1315.831662] ? is_bpf_text_address+0x49e/0x4d0 [ 1315.831662] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1315.831662] ? __module_address+0x6a/0x5f0 [ 1315.831662] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1315.831662] ? is_bpf_text_address+0x49e/0x4d0 [ 1315.831662] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1315.831662] __msan_chain_origin+0x6d/0xb0 [ 1315.831662] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1315.925607] __save_stack_trace+0x8be/0xc60 [ 1315.925607] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1315.925607] save_stack_trace+0xc6/0x110 [ 1315.925607] kmsan_internal_chain_origin+0x136/0x240 [ 1315.925607] ? irq_exit+0x305/0x340 [ 1315.947571] ? kmsan_internal_chain_origin+0x136/0x240 [ 1315.947571] ? kmsan_memcpy_origins+0x13d/0x190 [ 1315.947571] ? __msan_memcpy+0x6f/0x80 [ 1315.947571] ? pskb_expand_head+0x436/0x1d20 [ 1315.947571] ? skb_shift+0xce2/0x2d10 [ 1315.947571] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1315.947571] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1315.947571] ? tcp_ack+0x2888/0xa010 [ 1315.947571] ? tcp_rcv_established+0xf7e/0x2940 [ 1315.947571] ? tcp_v4_do_rcv+0x686/0xd80 [ 1315.947571] ? tcp_v4_rcv+0x5a13/0x6520 [ 1315.947571] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1315.947571] ? ip_local_deliver+0x44b/0x510 [ 1316.001846] ? ip_rcv+0x6b6/0x740 [ 1316.001846] ? process_backlog+0x82b/0x11e0 [ 1316.001846] ? net_rx_action+0x98f/0x1d50 [ 1316.001846] ? __do_softirq+0x721/0xc7f [ 1316.001846] ? irq_exit+0x305/0x340 [ 1316.001846] ? exiting_irq+0xe/0x10 [ 1316.001846] ? smp_apic_timer_interrupt+0x64/0x90 [ 1316.001846] ? apic_timer_interrupt+0xf/0x20 [ 1316.001846] ? __msan_get_context_state+0x9/0x20 [ 1316.001846] ? INIT_INT+0xc/0x30 [ 1316.001846] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1316.001846] kmsan_memcpy_origins+0x13d/0x190 [ 1316.001846] __msan_memcpy+0x6f/0x80 [ 1316.001846] pskb_expand_head+0x436/0x1d20 [ 1316.001846] skb_shift+0xce2/0x2d10 [ 1316.001846] tcp_sacktag_walk+0x2156/0x29d0 [ 1316.071838] tcp_sacktag_write_queue+0x2805/0x4630 [ 1316.071838] tcp_ack+0x2888/0xa010 [ 1316.071838] ? tcp_parse_options+0xbe/0x1cf0 [ 1316.071838] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1316.071838] ? tcp_parse_options+0x1c55/0x1cf0 [ 1316.071838] tcp_rcv_established+0xf7e/0x2940 [ 1316.071838] ? __msan_get_context_state+0x9/0x20 [ 1316.071838] tcp_v4_do_rcv+0x686/0xd80 [ 1316.071838] tcp_v4_rcv+0x5a13/0x6520 [ 1316.071838] ? tcp_filter+0x260/0x260 [ 1316.114071] ip_local_deliver_finish+0x8d8/0xff0 [ 1316.114071] ? nf_hook_slow+0x36f/0x3d0 [ 1316.114071] ip_local_deliver+0x44b/0x510 [ 1316.114071] ? ip_local_deliver+0x510/0x510 [ 1316.114071] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1316.114071] ip_rcv+0x6b6/0x740 [ 1316.141896] ? ip_rcv_core+0x1370/0x1370 [ 1316.141896] process_backlog+0x82b/0x11e0 [ 1316.141896] ? ip_local_deliver_finish+0xff0/0xff0 [ 1316.141896] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1316.141896] net_rx_action+0x98f/0x1d50 [ 1316.141896] ? net_tx_action+0xf20/0xf20 [ 1316.141896] __do_softirq+0x721/0xc7f [ 1316.141896] irq_exit+0x305/0x340 [ 1316.141896] exiting_irq+0xe/0x10 [ 1316.141896] smp_apic_timer_interrupt+0x64/0x90 [ 1316.141896] apic_timer_interrupt+0xf/0x20 [ 1316.141896] [ 1316.141896] RIP: 0033:0x4015b7 [ 1316.141896] Code: 0f 1f 00 48 83 ec 18 89 fe 31 c0 bf e7 00 00 00 e8 ae 5f 05 00 c7 44 24 0c 00 00 00 00 66 0f 1f 44 00 00 8b 44 24 0c 83 c0 01 <89> 44 24 0c eb f3 0f 1f 00 55 53 48 89 fd 48 81 ec d8 00 00 00 84 [ 1316.141896] RSP: 002b:00007fb0b0f30690 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13 [ 1316.141896] RAX: 0000000002188459 RBX: 000000000000000b RCX: 0000000000457569 [ 1316.141896] RDX: 0000000000000000 RSI: 00007fb0b0f306c0 RDI: 000000000000000b [ 1316.141896] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1316.141896] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb0b0f316d4 [ 1316.141896] R13: 00000000004c4b9e R14: 00000000004d8268 R15: 00000000ffffffff [ 1316.141896] Uninit was stored to memory at: [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] __msan_chain_origin+0x6d/0xb0 [ 1316.141896] __save_stack_trace+0x8be/0xc60 [ 1316.141896] save_stack_trace+0xc6/0x110 [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] kmsan_memcpy_origins+0x13d/0x190 [ 1316.141896] __msan_memcpy+0x6f/0x80 [ 1316.141896] pskb_expand_head+0x436/0x1d20 [ 1316.141896] skb_shift+0xce2/0x2d10 [ 1316.141896] tcp_sacktag_walk+0x2156/0x29d0 [ 1316.141896] tcp_sacktag_write_queue+0x2805/0x4630 [ 1316.141896] tcp_ack+0x2888/0xa010 [ 1316.141896] tcp_rcv_established+0xf7e/0x2940 [ 1316.141896] tcp_v4_do_rcv+0x686/0xd80 [ 1316.141896] tcp_v4_rcv+0x5a13/0x6520 [ 1316.141896] ip_local_deliver_finish+0x8d8/0xff0 [ 1316.141896] ip_local_deliver+0x44b/0x510 [ 1316.141896] ip_rcv+0x6b6/0x740 [ 1316.141896] process_backlog+0x82b/0x11e0 [ 1316.141896] net_rx_action+0x98f/0x1d50 [ 1316.141896] __do_softirq+0x721/0xc7f [ 1316.141896] [ 1316.141896] Uninit was stored to memory at: [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] __msan_chain_origin+0x6d/0xb0 [ 1316.141896] __save_stack_trace+0x8be/0xc60 [ 1316.141896] save_stack_trace+0xc6/0x110 [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] kmsan_memcpy_origins+0x13d/0x190 [ 1316.141896] __msan_memcpy+0x6f/0x80 [ 1316.141896] pskb_expand_head+0x436/0x1d20 [ 1316.141896] skb_shift+0xce2/0x2d10 [ 1316.141896] tcp_sacktag_walk+0x2156/0x29d0 [ 1316.141896] tcp_sacktag_write_queue+0x2805/0x4630 [ 1316.141896] tcp_ack+0x2888/0xa010 [ 1316.141896] tcp_rcv_established+0xf7e/0x2940 [ 1316.141896] tcp_v4_do_rcv+0x686/0xd80 [ 1316.141896] tcp_v4_rcv+0x5a13/0x6520 [ 1316.141896] ip_local_deliver_finish+0x8d8/0xff0 [ 1316.141896] ip_local_deliver+0x44b/0x510 [ 1316.141896] ip_rcv+0x6b6/0x740 [ 1316.141896] process_backlog+0x82b/0x11e0 [ 1316.141896] net_rx_action+0x98f/0x1d50 [ 1316.141896] __do_softirq+0x721/0xc7f [ 1316.141896] [ 1316.141896] Uninit was stored to memory at: [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] __msan_chain_origin+0x6d/0xb0 [ 1316.141896] __save_stack_trace+0x8be/0xc60 [ 1316.141896] save_stack_trace+0xc6/0x110 [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] kmsan_memcpy_origins+0x13d/0x190 [ 1316.141896] __msan_memcpy+0x6f/0x80 [ 1316.141896] pskb_expand_head+0x436/0x1d20 [ 1316.141896] skb_shift+0xce2/0x2d10 [ 1316.141896] tcp_sacktag_walk+0x2156/0x29d0 [ 1316.141896] tcp_sacktag_write_queue+0x2805/0x4630 [ 1316.141896] tcp_ack+0x2888/0xa010 [ 1316.141896] tcp_rcv_established+0xf7e/0x2940 [ 1316.141896] tcp_v4_do_rcv+0x686/0xd80 [ 1316.141896] tcp_v4_rcv+0x5a13/0x6520 [ 1316.141896] ip_local_deliver_finish+0x8d8/0xff0 [ 1316.141896] ip_local_deliver+0x44b/0x510 [ 1316.141896] ip_rcv+0x6b6/0x740 [ 1316.141896] process_backlog+0x82b/0x11e0 [ 1316.141896] net_rx_action+0x98f/0x1d50 [ 1316.141896] __do_softirq+0x721/0xc7f [ 1316.141896] [ 1316.141896] Uninit was stored to memory at: [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] __msan_chain_origin+0x6d/0xb0 [ 1316.141896] __save_stack_trace+0x8be/0xc60 [ 1316.141896] save_stack_trace+0xc6/0x110 [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] kmsan_memcpy_origins+0x13d/0x190 [ 1316.141896] __msan_memcpy+0x6f/0x80 [ 1316.141896] pskb_expand_head+0x436/0x1d20 [ 1316.141896] skb_shift+0xce2/0x2d10 [ 1316.141896] tcp_sacktag_walk+0x2156/0x29d0 [ 1316.141896] tcp_sacktag_write_queue+0x2805/0x4630 [ 1316.141896] tcp_ack+0x2888/0xa010 [ 1316.141896] tcp_rcv_established+0xf7e/0x2940 [ 1316.141896] tcp_v4_do_rcv+0x686/0xd80 [ 1316.141896] tcp_v4_rcv+0x5a13/0x6520 [ 1316.141896] ip_local_deliver_finish+0x8d8/0xff0 [ 1316.141896] ip_local_deliver+0x44b/0x510 [ 1316.141896] ip_rcv+0x6b6/0x740 [ 1316.141896] process_backlog+0x82b/0x11e0 [ 1316.141896] net_rx_action+0x98f/0x1d50 [ 1316.141896] __do_softirq+0x721/0xc7f [ 1316.141896] [ 1316.141896] Uninit was stored to memory at: [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] __msan_chain_origin+0x6d/0xb0 [ 1316.141896] __save_stack_trace+0x8be/0xc60 [ 1316.141896] save_stack_trace+0xc6/0x110 [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] kmsan_memcpy_origins+0x13d/0x190 [ 1316.141896] __msan_memcpy+0x6f/0x80 [ 1316.141896] pskb_expand_head+0x436/0x1d20 [ 1316.141896] skb_shift+0xce2/0x2d10 [ 1316.141896] tcp_sacktag_walk+0x2156/0x29d0 [ 1316.141896] tcp_sacktag_write_queue+0x2805/0x4630 [ 1316.141896] tcp_ack+0x2888/0xa010 [ 1316.141896] tcp_rcv_established+0xf7e/0x2940 [ 1316.141896] tcp_v4_do_rcv+0x686/0xd80 [ 1316.141896] tcp_v4_rcv+0x5a13/0x6520 [ 1316.141896] ip_local_deliver_finish+0x8d8/0xff0 [ 1316.141896] ip_local_deliver+0x44b/0x510 [ 1316.141896] ip_rcv+0x6b6/0x740 [ 1316.141896] process_backlog+0x82b/0x11e0 [ 1316.141896] net_rx_action+0x98f/0x1d50 [ 1316.141896] __do_softirq+0x721/0xc7f [ 1316.141896] [ 1316.141896] Uninit was stored to memory at: [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] __msan_chain_origin+0x6d/0xb0 [ 1316.141896] __save_stack_trace+0x8be/0xc60 [ 1316.141896] save_stack_trace+0xc6/0x110 [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] kmsan_memcpy_origins+0x13d/0x190 [ 1316.141896] __msan_memcpy+0x6f/0x80 [ 1316.141896] pskb_expand_head+0x436/0x1d20 [ 1316.141896] skb_shift+0xce2/0x2d10 [ 1316.141896] tcp_sacktag_walk+0x2156/0x29d0 [ 1316.141896] tcp_sacktag_write_queue+0x2805/0x4630 [ 1316.141896] tcp_ack+0x2888/0xa010 [ 1316.141896] tcp_rcv_established+0xf7e/0x2940 [ 1316.141896] tcp_v4_do_rcv+0x686/0xd80 [ 1316.141896] tcp_v4_rcv+0x5a13/0x6520 [ 1316.141896] ip_local_deliver_finish+0x8d8/0xff0 [ 1316.141896] ip_local_deliver+0x44b/0x510 [ 1316.141896] ip_rcv+0x6b6/0x740 [ 1316.141896] process_backlog+0x82b/0x11e0 [ 1316.141896] net_rx_action+0x98f/0x1d50 [ 1316.141896] __do_softirq+0x721/0xc7f [ 1316.141896] [ 1316.141896] Uninit was stored to memory at: [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] __msan_chain_origin+0x6d/0xb0 [ 1316.141896] __save_stack_trace+0x8be/0xc60 [ 1316.141896] save_stack_trace+0xc6/0x110 [ 1316.141896] kmsan_internal_chain_origin+0x136/0x240 [ 1316.141896] kmsan_memcpy_origins+0x13d/0x190 [ 1316.141896] __msan_memcpy+0x6f/0x80 [ 1316.141896] pskb_expand_head+0x436/0x1d20 [ 1316.141896] skb_shift+0xce2/0x2d10 [ 1316.141896] tcp_sacktag_walk+0x2156/0x29d0 [ 1316.141896] tcp_sacktag_write_queue+0x2805/0x4630 [ 1316.141896] tcp_ack+0x2888/0xa010 [ 1316.141896] tcp_rcv_established+0xf7e/0x2940 [ 1316.141896] tcp_v4_do_rcv+0x686/0xd80 [ 1316.141896] tcp_v4_rcv+0x5a13/0x6520 [ 1316.141896] ip_local_deliver_finish+0x8d8/0xff0 [ 1316.141896] ip_local_deliver+0x44b/0x510 [ 1316.141896] ip_rcv+0x6b6/0x740 [ 1316.141896] process_backlog+0x82b/0x11e0 [ 1316.141896] net_rx_action+0x98f/0x1d50 [ 1316.141896] __do_softirq+0x721/0xc7f [ 1316.141896] [ 1316.141896] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1316.141896] Variable was created at: [ 1316.141896] ipv4_conntrack_local+0x75/0x470 14:19:12 executing program 1 (fault-call:11 fault-nth:0): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x9) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:19:13 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:13 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="bcd038a800000000000000506a18a7241ebf8c55563b800d2dc0ed7286e9b8f86c"], 0x1, 0x100000000000) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x40000, 0x0) mmap$perf(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x10010, r2, 0x0) [ 1316.141896] nf_hook_slow+0x15c/0x3d0 [ 1317.212769] not chained 5990000 origins [ 1317.216797] CPU: 1 PID: 20050 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 1317.221674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1317.221674] Call Trace: [ 1317.221674] [ 1317.221674] dump_stack+0x32d/0x480 [ 1317.221674] kmsan_internal_chain_origin+0x222/0x240 [ 1317.221674] ? kmsan_set_origin+0x7f/0x100 [ 1317.221674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1317.221674] ? __module_address+0x6a/0x5f0 [ 1317.221674] ? is_bpf_text_address+0x3e5/0x4d0 [ 1317.221674] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1317.221674] ? is_bpf_text_address+0x49e/0x4d0 [ 1317.221674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1317.221674] ? __module_address+0x6a/0x5f0 [ 1317.221674] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 1317.221674] ? is_bpf_text_address+0x49e/0x4d0 [ 1317.221674] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1317.221674] __msan_chain_origin+0x6d/0xb0 [ 1317.221674] ? smp_apic_timer_interrupt+0x64/0x90 [ 1317.308684] __save_stack_trace+0x8be/0xc60 [ 1317.310831] ? smp_apic_timer_interrupt+0x64/0x90 [ 1317.310831] save_stack_trace+0xc6/0x110 [ 1317.310831] kmsan_internal_chain_origin+0x136/0x240 [ 1317.310831] ? irq_exit+0x305/0x340 [ 1317.310831] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1317.310831] ? kmsan_internal_chain_origin+0x136/0x240 [ 1317.310831] ? kmsan_memcpy_origins+0x13d/0x190 [ 1317.310831] ? __msan_memcpy+0x6f/0x80 [ 1317.310831] ? pskb_expand_head+0x436/0x1d20 [ 1317.310831] ? skb_shift+0xce2/0x2d10 [ 1317.310831] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1317.310831] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.310831] ? tcp_ack+0x2888/0xa010 [ 1317.310831] ? tcp_rcv_established+0xf7e/0x2940 [ 1317.310831] ? tcp_v4_do_rcv+0x686/0xd80 [ 1317.381820] ? tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ? ip_local_deliver+0x44b/0x510 [ 1317.381820] ? ip_rcv+0x6b6/0x740 [ 1317.381820] ? process_backlog+0x82b/0x11e0 [ 1317.381820] ? net_rx_action+0x98f/0x1d50 [ 1317.381820] ? __do_softirq+0x721/0xc7f [ 1317.381820] ? irq_exit+0x305/0x340 [ 1317.381820] ? exiting_irq+0xe/0x10 [ 1317.381820] ? smp_apic_timer_interrupt+0x64/0x90 [ 1317.381820] ? apic_timer_interrupt+0xf/0x20 [ 1317.381820] ? kmsan_get_shadow_origin_ptr+0x23b/0x410 [ 1317.381820] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1317.381820] ? plist_add+0x64/0x930 [ 1317.381820] ? futex_wait_queue_me+0x38c/0x920 [ 1317.381820] ? futex_wait+0x46d/0xc50 [ 1317.381820] ? do_futex+0x5d4/0x5e80 [ 1317.381820] ? __se_sys_futex+0x3e7/0x7e0 [ 1317.381820] ? __x64_sys_futex+0x6e/0x90 [ 1317.381820] ? do_syscall_64+0xcf/0x110 [ 1317.381820] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1317.381820] ? __msan_get_context_state+0x9/0x20 [ 1317.381820] ? INIT_INT+0xc/0x30 [ 1317.381820] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1317.381820] kmsan_memcpy_origins+0x13d/0x190 [ 1317.381820] __msan_memcpy+0x6f/0x80 [ 1317.381820] pskb_expand_head+0x436/0x1d20 [ 1317.381820] skb_shift+0xce2/0x2d10 [ 1317.381820] tcp_sacktag_walk+0x2156/0x29d0 [ 1317.381820] tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.381820] tcp_ack+0x2888/0xa010 [ 1317.381820] ? tcp_parse_options+0xbe/0x1cf0 [ 1317.381820] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1317.381820] ? tcp_parse_options+0x1c55/0x1cf0 [ 1317.381820] tcp_rcv_established+0xf7e/0x2940 [ 1317.381820] ? __msan_get_context_state+0x9/0x20 [ 1317.381820] tcp_v4_do_rcv+0x686/0xd80 [ 1317.381820] tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ? tcp_filter+0x260/0x260 [ 1317.381820] ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ? nf_hook_slow+0x36f/0x3d0 [ 1317.381820] ip_local_deliver+0x44b/0x510 [ 1317.381820] ? ip_local_deliver+0x510/0x510 [ 1317.381820] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1317.381820] ip_rcv+0x6b6/0x740 [ 1317.381820] ? ip_rcv_core+0x1370/0x1370 [ 1317.381820] process_backlog+0x82b/0x11e0 [ 1317.381820] ? ip_local_deliver_finish+0xff0/0xff0 [ 1317.381820] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1317.381820] net_rx_action+0x98f/0x1d50 [ 1317.381820] ? net_tx_action+0xf20/0xf20 [ 1317.381820] __do_softirq+0x721/0xc7f [ 1317.381820] irq_exit+0x305/0x340 [ 1317.381820] exiting_irq+0xe/0x10 [ 1317.381820] smp_apic_timer_interrupt+0x64/0x90 [ 1317.381820] apic_timer_interrupt+0xf/0x20 [ 1317.381820] [ 1317.381820] RIP: 0010:kmsan_get_shadow_origin_ptr+0x23b/0x410 [ 1317.381820] Code: 0f af cf 48 09 c1 4c 01 c1 0f 84 97 01 00 00 41 81 e7 fc 0f 00 00 48 01 f2 48 c1 ea 05 48 0f af d7 4c 01 c2 49 89 ce 4c 01 fa <48> 89 d3 0f 85 73 01 00 00 0f 0b 49 bd 00 00 00 00 00 02 00 00 65 [ 1317.381820] RSP: 0018:ffff8880a7b4f7f0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 1317.381820] RAX: 0000000000000a40 RBX: ffffffff8c914000 RCX: ffff8880a7b5fa40 [ 1317.381820] RDX: ffff8880a7b6fa40 RSI: 0000160000000000 RDI: aaaaaaaaaaaab000 [ 1317.381820] RBP: ffff8880a7b4f820 R08: ffff888000000000 R09: ffff8881259bbc10 [ 1317.381820] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888127b4fa40 [ 1317.381820] R13: ffffc900024fd588 R14: ffff8880a7b5fa40 R15: 0000000000000a40 [ 1317.381820] __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1317.381820] plist_add+0x64/0x930 [ 1317.381820] ? kmsan_set_origin+0x7f/0x100 [ 1317.381820] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1317.381820] futex_wait_queue_me+0x38c/0x920 [ 1317.381820] futex_wait+0x46d/0xc50 [ 1317.381820] ? do_futex+0x2a2/0x5e80 [ 1317.381820] ? __se_sys_futex+0x3e7/0x7e0 [ 1317.381820] do_futex+0x5d4/0x5e80 [ 1317.381820] ? inet_shutdown+0x600/0x600 [ 1317.381820] ? sock_ioctl+0xb0/0xe00 [ 1317.381820] ? do_vfs_ioctl+0xfbc/0x2f70 [ 1317.381820] ? __msan_poison_alloca+0x1e0/0x270 [ 1317.381820] ? __msan_poison_alloca+0x1e0/0x270 [ 1317.381820] ? __x64_sys_futex+0x6e/0x90 [ 1317.381820] __se_sys_futex+0x3e7/0x7e0 [ 1317.381820] __x64_sys_futex+0x6e/0x90 [ 1317.381820] do_syscall_64+0xcf/0x110 [ 1317.381820] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1317.381820] RIP: 0033:0x457569 [ 1317.381820] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1317.381820] RSP: 002b:00007f2638880cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1317.381820] RAX: ffffffffffffffda RBX: 000000000072bfa8 RCX: 0000000000457569 [ 1317.381820] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bfa8 [ 1317.381820] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1317.381820] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bfac [ 1317.381820] R13: 0000000000a3fb7f R14: 00007f26388819c0 R15: 0000000000000001 [ 1317.381820] Uninit was stored to memory at: [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] __msan_chain_origin+0x6d/0xb0 [ 1317.381820] __save_stack_trace+0x8be/0xc60 [ 1317.381820] save_stack_trace+0xc6/0x110 [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] kmsan_memcpy_origins+0x13d/0x190 [ 1317.381820] __msan_memcpy+0x6f/0x80 [ 1317.381820] pskb_expand_head+0x436/0x1d20 [ 1317.381820] skb_shift+0xce2/0x2d10 [ 1317.381820] tcp_sacktag_walk+0x2156/0x29d0 [ 1317.381820] tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.381820] tcp_ack+0x2888/0xa010 [ 1317.381820] tcp_rcv_established+0xf7e/0x2940 [ 1317.381820] tcp_v4_do_rcv+0x686/0xd80 [ 1317.381820] tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ip_local_deliver+0x44b/0x510 [ 1317.381820] ip_rcv+0x6b6/0x740 [ 1317.381820] process_backlog+0x82b/0x11e0 [ 1317.381820] net_rx_action+0x98f/0x1d50 [ 1317.381820] __do_softirq+0x721/0xc7f [ 1317.381820] [ 1317.381820] Uninit was stored to memory at: [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] __msan_chain_origin+0x6d/0xb0 [ 1317.381820] __save_stack_trace+0x8be/0xc60 [ 1317.381820] save_stack_trace+0xc6/0x110 [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] kmsan_memcpy_origins+0x13d/0x190 [ 1317.381820] __msan_memcpy+0x6f/0x80 [ 1317.381820] pskb_expand_head+0x436/0x1d20 [ 1317.381820] skb_shift+0xce2/0x2d10 [ 1317.381820] tcp_sacktag_walk+0x2156/0x29d0 [ 1317.381820] tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.381820] tcp_ack+0x2888/0xa010 [ 1317.381820] tcp_rcv_established+0xf7e/0x2940 [ 1317.381820] tcp_v4_do_rcv+0x686/0xd80 [ 1317.381820] tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ip_local_deliver+0x44b/0x510 [ 1317.381820] ip_rcv+0x6b6/0x740 [ 1317.381820] process_backlog+0x82b/0x11e0 [ 1317.381820] net_rx_action+0x98f/0x1d50 [ 1317.381820] __do_softirq+0x721/0xc7f [ 1317.381820] [ 1317.381820] Uninit was stored to memory at: [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] __msan_chain_origin+0x6d/0xb0 [ 1317.381820] __save_stack_trace+0x8be/0xc60 [ 1317.381820] save_stack_trace+0xc6/0x110 [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] kmsan_memcpy_origins+0x13d/0x190 [ 1317.381820] __msan_memcpy+0x6f/0x80 [ 1317.381820] pskb_expand_head+0x436/0x1d20 [ 1317.381820] skb_shift+0xce2/0x2d10 [ 1317.381820] tcp_sacktag_walk+0x2156/0x29d0 [ 1317.381820] tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.381820] tcp_ack+0x2888/0xa010 [ 1317.381820] tcp_rcv_established+0xf7e/0x2940 [ 1317.381820] tcp_v4_do_rcv+0x686/0xd80 [ 1317.381820] tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ip_local_deliver+0x44b/0x510 [ 1317.381820] ip_rcv+0x6b6/0x740 [ 1317.381820] process_backlog+0x82b/0x11e0 [ 1317.381820] net_rx_action+0x98f/0x1d50 [ 1317.381820] __do_softirq+0x721/0xc7f [ 1317.381820] [ 1317.381820] Uninit was stored to memory at: [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] __msan_chain_origin+0x6d/0xb0 [ 1317.381820] __save_stack_trace+0x8be/0xc60 [ 1317.381820] save_stack_trace+0xc6/0x110 [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] kmsan_memcpy_origins+0x13d/0x190 [ 1317.381820] __msan_memcpy+0x6f/0x80 [ 1317.381820] pskb_expand_head+0x436/0x1d20 [ 1317.381820] skb_shift+0xce2/0x2d10 [ 1317.381820] tcp_sacktag_walk+0x2156/0x29d0 [ 1317.381820] tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.381820] tcp_ack+0x2888/0xa010 [ 1317.381820] tcp_rcv_established+0xf7e/0x2940 [ 1317.381820] tcp_v4_do_rcv+0x686/0xd80 [ 1317.381820] tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ip_local_deliver+0x44b/0x510 [ 1317.381820] ip_rcv+0x6b6/0x740 [ 1317.381820] process_backlog+0x82b/0x11e0 [ 1317.381820] net_rx_action+0x98f/0x1d50 [ 1317.381820] __do_softirq+0x721/0xc7f [ 1317.381820] [ 1317.381820] Uninit was stored to memory at: [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] __msan_chain_origin+0x6d/0xb0 [ 1317.381820] __save_stack_trace+0x8be/0xc60 [ 1317.381820] save_stack_trace+0xc6/0x110 [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] kmsan_memcpy_origins+0x13d/0x190 [ 1317.381820] __msan_memcpy+0x6f/0x80 [ 1317.381820] pskb_expand_head+0x436/0x1d20 [ 1317.381820] skb_shift+0xce2/0x2d10 [ 1317.381820] tcp_sacktag_walk+0x2156/0x29d0 [ 1317.381820] tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.381820] tcp_ack+0x2888/0xa010 [ 1317.381820] tcp_rcv_established+0xf7e/0x2940 [ 1317.381820] tcp_v4_do_rcv+0x686/0xd80 [ 1317.381820] tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ip_local_deliver+0x44b/0x510 [ 1317.381820] ip_rcv+0x6b6/0x740 [ 1317.381820] process_backlog+0x82b/0x11e0 [ 1317.381820] net_rx_action+0x98f/0x1d50 [ 1317.381820] __do_softirq+0x721/0xc7f [ 1317.381820] [ 1317.381820] Uninit was stored to memory at: [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] __msan_chain_origin+0x6d/0xb0 [ 1317.381820] __save_stack_trace+0x8be/0xc60 [ 1317.381820] save_stack_trace+0xc6/0x110 [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] kmsan_memcpy_origins+0x13d/0x190 [ 1317.381820] __msan_memcpy+0x6f/0x80 [ 1317.381820] pskb_expand_head+0x436/0x1d20 [ 1317.381820] skb_shift+0xce2/0x2d10 [ 1317.381820] tcp_sacktag_walk+0x2156/0x29d0 [ 1317.381820] tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.381820] tcp_ack+0x2888/0xa010 [ 1317.381820] tcp_rcv_established+0xf7e/0x2940 [ 1317.381820] tcp_v4_do_rcv+0x686/0xd80 [ 1317.381820] tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ip_local_deliver+0x44b/0x510 [ 1317.381820] ip_rcv+0x6b6/0x740 [ 1317.381820] process_backlog+0x82b/0x11e0 [ 1317.381820] net_rx_action+0x98f/0x1d50 [ 1317.381820] __do_softirq+0x721/0xc7f [ 1317.381820] [ 1317.381820] Uninit was stored to memory at: [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] __msan_chain_origin+0x6d/0xb0 [ 1317.381820] __save_stack_trace+0x8be/0xc60 [ 1317.381820] save_stack_trace+0xc6/0x110 [ 1317.381820] kmsan_internal_chain_origin+0x136/0x240 [ 1317.381820] kmsan_memcpy_origins+0x13d/0x190 [ 1317.381820] __msan_memcpy+0x6f/0x80 [ 1317.381820] pskb_expand_head+0x436/0x1d20 [ 1317.381820] skb_shift+0xce2/0x2d10 [ 1317.381820] tcp_sacktag_walk+0x2156/0x29d0 [ 1317.381820] tcp_sacktag_write_queue+0x2805/0x4630 [ 1317.381820] tcp_ack+0x2888/0xa010 [ 1317.381820] tcp_rcv_established+0xf7e/0x2940 [ 1317.381820] tcp_v4_do_rcv+0x686/0xd80 14:19:15 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000300)=0x72, 0x4) r3 = syz_open_dev$vcsa(&(0x7f00000013c0)='/dev/vcsa#\x00', 0x2, 0x200) ioctl$NBD_SET_SIZE(r3, 0xab02, 0x5) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x14) bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x40, 0x0) ioctl$EVIOCGPHYS(r4, 0x80404507, &(0x7f00000003c0)=""/4096) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) ioctl$TIOCSCTTY(r4, 0x540e, 0x229) sendto$inet(r2, &(0x7f0000000140), 0x397, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x5, 0x3, 0x91, 0x4}) tee(r4, r1, 0x6, 0x2) write(r0, &(0x7f0000000340)="07665d3d02bfccd95a2116489b2b59ebc39ac129b86bacd9cf401d0d22d41626052b9cbdbe27127953a6e31ebc9b1b875ad6f4d82cb627d21b76ed537cf51e6b7e961c2ad9ac90a7dbd83a4509cdcd9437b159cd5cf2fb9c6a83d21cf2d979204df5b7385ee8d60b3ec37a6eae25e9bb372f3ad2f8069995985d", 0x7a) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f00000000c0)) recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 14:19:15 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x100, 0x0) ioctl$SG_SET_COMMAND_Q(r0, 0x2271, &(0x7f0000000140)) ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780), &(0x7f00000003c0), 0x0, 0x0, 0x0, &(0x7f0000000800), &(0x7f0000000380)=[0x3, 0xd212, 0x3, 0x7de2, 0x2, 0x8080, 0xb67, 0x40, 0x1, 0x0]}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000001c0)=@nat={"6e6174000000000000000300", 0x19, 0x1, 0x0, [0x20000580, 0x0, 0x0, 0x200005b0, 0x200005e0], 0x0, &(0x7f0000000240), &(0x7f00000008c0)=ANY=[]}, 0x78) r2 = dup2(r1, r1) statx(r2, &(0x7f00000000c0)='./file0\x00', 0x7100, 0x18, &(0x7f0000000280)) openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/current\x00', 0x2, 0x0) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz'}, 0x0, 0x0, 0xfffffffffffffff9) [ 1317.381820] tcp_v4_rcv+0x5a13/0x6520 [ 1317.381820] ip_local_deliver_finish+0x8d8/0xff0 [ 1317.381820] ip_local_deliver+0x44b/0x510 [ 1317.381820] ip_rcv+0x6b6/0x740 [ 1317.381820] process_backlog+0x82b/0x11e0 [ 1317.381820] net_rx_action+0x98f/0x1d50 [ 1317.381820] __do_softirq+0x721/0xc7f [ 1317.381820] [ 1317.381820] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1317.381820] Variable was created at: [ 1317.381820] ipv4_conntrack_local+0x75/0x470 [ 1317.381820] nf_hook_slow+0x15c/0x3d0 14:19:15 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="021800001000000000000000000000000800120000000000000000000000000093be6e39498b80bc0000000000000000e000000100000000000000265bac760000000000000000000000000000000000030006000000000002002000ac14ffbb0000000000000000030005ba00000000000200003db28dbebb00000000000000"], 0x80}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x400000000000117, 0x0) 14:19:15 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x47, 0x0, 0xc, 0x0, 0x8, 0x0, 0x0, 0x80000001, 0x0, 0x8, 0x0, 0xfffffffffffffff9, 0x8, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9, 0x1, 0x0, 0xf49b, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x7}, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa) seccomp(0x1, 0x0, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_execute_func(&(0x7f0000000140)="36424f64337f7f8fa978db77e4c4a6ebf717c4827d18a3643000000000f30fbcbb0000000096f2a5c463ad489efe7f00000a0f381cb9aea2e12226f242d64a595dc422c5aa717a6567360f8aa2") setresuid(0x0, 0x0, 0x0) seccomp(0x0, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000380), 0x8) write$FUSE_POLL(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x0, 0x1}, 0x18) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) fcntl$getflags(r0, 0x40a) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000740)={0x3, 0x70, 0x100000001, 0x88, 0x7, 0x101, 0x0, 0x4, 0x1, 0xb, 0x4, 0x28, 0xd27e, 0x802be20, 0x6, 0x9, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x2c, 0x22973650, 0x1, 0x19ad, 0xffffffff, 0xc68, 0x60e, 0x9, 0x1f, 0x0, 0x5, 0xffffffffffffff7f, 0x0, 0x880, 0x101, 0x800, 0x7fffffff, 0xfffffffffffffffb, 0x2, 0x0, 0x57d50877, 0x7, @perf_bp={&(0x7f0000000700), 0x3}, 0x4000, 0x5a, 0x1, 0x0, 0x9, 0x6, 0x9}) ioctl(r2, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000500)=ANY=[@ANYBLOB="080000f8a1710dec097c49fed981362a8405c393308adeb7bef0f38bfd94c333ccb511a3fc1caec453f77b05bb6152f520789dda4e5b7ac6ddf6785f881e1392deff7a42d56813992fa6e58ee01fcb1a278aeb489799ca69945d53f9674d71bb08927690adb5d5a7e0fec78a70653fed99cf80bc08b423cfa69f8ac37ad1773fb940901bfc25a1cee59fd971de16ab330a193a803db121b7c4be8f34407a101728158f97d6850b08647ef0b8d34a93c5a4989c453b66ff52fe0fff8745927139a93741d40f661857f9efec76bbd0b07fef34c03eead3c650bf9170c24277", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000400)=0x24) setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000680)={'mangle\x00', 0x3, [{}, {}, {}]}, 0x58) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000440)={r4, 0x9}, &(0x7f0000000480)=0x8) lseek(r3, 0x0, 0x4) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000080)={0x0, 0x5}, &(0x7f00000001c0)=0x8) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f00000004c0)={0xa, 0x7, 0x0, 0x1f, '\x00', 0xffffffffffff16fb}) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000240)={r5, 0x2c, &(0x7f0000000200)=[@in6={0xa, 0x4e21, 0x8, @local, 0x15a800000000000}, @in={0x2, 0x4e22, @broadcast}]}, &(0x7f0000000300)=0x10) ioctl$sock_ifreq(r2, 0x8932, &(0x7f0000000600)={'nr0\x00', @ifru_addrs=@hci={0x1f, 0x0}}) sendto$packet(r1, &(0x7f0000000340)="125bd6a9b00d6c", 0x7, 0x44001, &(0x7f0000000640)={0x11, 0x9, r6, 0x1, 0x1, 0x6, @random="55cf7354c3ef"}, 0x14) [ 1318.682574] FAULT_INJECTION: forcing a failure. [ 1318.682574] name failslab, interval 1, probability 0, space 0, times 0 [ 1318.694198] CPU: 0 PID: 20050 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 1318.701532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1318.704049] Call Trace: [ 1318.704049] dump_stack+0x32d/0x480 [ 1318.704049] should_fail+0x11e5/0x13c0 [ 1318.704049] __should_failslab+0x278/0x2a0 [ 1318.704049] should_failslab+0x29/0x70 [ 1318.704049] kmem_cache_alloc_node+0x164/0xec0 [ 1318.704049] ? __alloc_skb+0x32e/0xeb0 [ 1318.704049] __alloc_skb+0x32e/0xeb0 [ 1318.704049] __tcp_send_ack+0x100/0x880 [ 1318.704049] ? __msan_poison_alloca+0x1e0/0x270 [ 1318.704049] tcp_send_ack+0x68/0x90 [ 1318.704049] tcp_cleanup_rbuf+0x57b/0x8e0 [ 1318.704049] tcp_recvmsg+0x1c35/0x4aa0 [ 1318.704049] ? tcp_mmap+0x150/0x150 [ 1318.704049] inet_recvmsg+0x5b8/0x6c0 [ 1318.704049] sock_recvmsg+0x1d1/0x230 [ 1318.704049] ? inet_sendpage+0x990/0x990 [ 1318.704049] ___sys_recvmsg+0x444/0xae0 [ 1318.704049] ? __fdget+0x329/0x440 [ 1318.704049] __se_sys_recvmsg+0x2fa/0x450 [ 1318.704049] __x64_sys_recvmsg+0x4a/0x70 [ 1318.704049] do_syscall_64+0xcf/0x110 [ 1318.704049] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 1318.801794] RIP: 0033:0x457569 [ 1318.801794] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1318.801794] RSP: 002b:00007f2638880c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 1318.801794] RAX: ffffffffffffffda RBX: 00007f2638880c90 RCX: 0000000000457569 [ 1318.801794] RDX: 0000000000000100 RSI: 0000000020000240 RDI: 0000000000000005 [ 1318.801794] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1318.801794] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f26388816d4 [ 1318.801794] R13: 00000000004c3549 R14: 00000000004d54c0 R15: 0000000000000006 [ 1318.910315] not chained 6000000 origins [ 1318.911688] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 1318.911688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1318.927858] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 1318.911688] Call Trace: [ 1318.911688] dump_stack+0x32d/0x480 [ 1318.911688] ? save_stack_trace+0xc6/0x110 [ 1318.911688] kmsan_internal_chain_origin+0x222/0x240 [ 1318.911688] ? kmsan_internal_chain_origin+0x136/0x240 [ 1318.911688] ? __msan_chain_origin+0x6d/0xb0 [ 1318.911688] ? __save_stack_trace+0x8be/0xc60 [ 1318.911688] ? save_stack_trace+0xc6/0x110 [ 1318.911688] ? kmsan_internal_chain_origin+0x136/0x240 [ 1318.911688] ? kmsan_memcpy_origins+0x13d/0x190 [ 1318.911688] ? __msan_memcpy+0x6f/0x80 [ 1318.911688] ? pskb_expand_head+0x436/0x1d20 [ 1318.911688] ? skb_shift+0xce2/0x2d10 [ 1318.911688] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1318.995853] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.000005] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 1318.995853] ? tcp_ack+0x2888/0xa010 [ 1318.995853] ? tcp_rcv_established+0xf7e/0x2940 [ 1318.995853] ? tcp_v4_do_rcv+0x686/0xd80 [ 1318.995853] ? tcp_v4_rcv+0x5a13/0x6520 [ 1318.995853] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1318.995853] ? ip_local_deliver+0x44b/0x510 [ 1318.995853] ? ip_rcv+0x6b6/0x740 [ 1318.995853] ? process_backlog+0x82b/0x11e0 [ 1318.995853] ? net_rx_action+0x98f/0x1d50 [ 1318.995853] ? __do_softirq+0x721/0xc7f [ 1318.995853] ? run_ksoftirqd+0x37/0x60 [ 1318.995853] ? smpboot_thread_fn+0x69c/0xb30 [ 1318.995853] ? kthread+0x5e7/0x620 [ 1318.995853] ? ret_from_fork+0x35/0x40 [ 1318.995853] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1318.995853] ? in_task_stack+0x12c/0x210 [ 1318.995853] ? task_kmsan_context_state+0x51/0x90 [ 1318.995853] ? __msan_get_context_state+0x9/0x20 [ 1318.995853] ? __kernel_text_address+0x19/0x350 [ 1318.995853] ? ret_from_fork+0x35/0x40 [ 1318.995853] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 1318.995853] ? in_task_stack+0x12c/0x210 14:19:16 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket(0x9, 0x1, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getgroups(0x2, &(0x7f0000000040)=[0xffffffffffffffff, 0xee01]) r2 = semget$private(0x0, 0x4, 0x0) semctl$IPC_SET(r2, 0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x0, r1}}) [ 1318.995853] __msan_chain_origin+0x6d/0xb0 [ 1318.995853] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1318.995853] __save_stack_trace+0x8be/0xc60 [ 1318.995853] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1318.995853] save_stack_trace+0xc6/0x110 [ 1318.995853] kmsan_internal_chain_origin+0x136/0x240 [ 1318.995853] ? run_ksoftirqd+0x37/0x60 [ 1318.995853] ? kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] ? kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] ? __msan_memcpy+0x6f/0x80 [ 1319.138675] ? pskb_expand_head+0x436/0x1d20 [ 1319.138675] ? skb_shift+0xce2/0x2d10 [ 1319.138675] ? tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] ? tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] ? tcp_ack+0x2888/0xa010 [ 1319.138675] ? tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] ? tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] ? tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ? ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ? ip_local_deliver+0x44b/0x510 [ 1319.138675] ? ip_rcv+0x6b6/0x740 [ 1319.138675] ? process_backlog+0x82b/0x11e0 [ 1319.138675] ? net_rx_action+0x98f/0x1d50 [ 1319.138675] ? __do_softirq+0x721/0xc7f [ 1319.138675] ? run_ksoftirqd+0x37/0x60 [ 1319.138675] ? smpboot_thread_fn+0x69c/0xb30 [ 1319.138675] ? kthread+0x5e7/0x620 [ 1319.138675] ? ret_from_fork+0x35/0x40 [ 1319.138675] ? __msan_get_context_state+0x9/0x20 [ 1319.138675] ? INIT_INT+0xc/0x30 [ 1319.138675] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 1319.138675] kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] __msan_memcpy+0x6f/0x80 [ 1319.138675] pskb_expand_head+0x436/0x1d20 [ 1319.138675] skb_shift+0xce2/0x2d10 [ 1319.138675] ? __switch_to_asm+0x34/0x70 [ 1319.138675] tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] tcp_ack+0x2888/0xa010 [ 1319.138675] ? tcp_parse_options+0xbe/0x1cf0 [ 1319.138675] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 1319.138675] ? tcp_parse_options+0x1c55/0x1cf0 [ 1319.138675] tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] ? __msan_get_context_state+0x9/0x20 [ 1319.138675] tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ? tcp_filter+0x260/0x260 [ 1319.138675] ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ? nf_hook_slow+0x36f/0x3d0 [ 1319.138675] ip_local_deliver+0x44b/0x510 [ 1319.138675] ? ip_local_deliver+0x510/0x510 [ 1319.138675] ? ip_call_ra_chain+0x7a0/0x7a0 [ 1319.138675] ip_rcv+0x6b6/0x740 [ 1319.138675] ? ip_rcv_core+0x1370/0x1370 [ 1319.138675] process_backlog+0x82b/0x11e0 [ 1319.138675] ? ip_local_deliver_finish+0xff0/0xff0 [ 1319.138675] ? rps_trigger_softirq+0x2e0/0x2e0 [ 1319.138675] net_rx_action+0x98f/0x1d50 [ 1319.138675] ? net_tx_action+0xf20/0xf20 [ 1319.138675] __do_softirq+0x721/0xc7f [ 1319.138675] ? ksoftirqd_should_run+0x50/0x50 [ 1319.138675] run_ksoftirqd+0x37/0x60 [ 1319.138675] smpboot_thread_fn+0x69c/0xb30 [ 1319.138675] kthread+0x5e7/0x620 [ 1319.138675] ? cpu_report_death+0x4a0/0x4a0 [ 1319.138675] ? INIT_BOOL+0x30/0x30 [ 1319.138675] ret_from_fork+0x35/0x40 [ 1319.138675] Uninit was stored to memory at: [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] __msan_chain_origin+0x6d/0xb0 [ 1319.138675] __save_stack_trace+0x8be/0xc60 [ 1319.138675] save_stack_trace+0xc6/0x110 [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] __msan_memcpy+0x6f/0x80 [ 1319.138675] pskb_expand_head+0x436/0x1d20 [ 1319.138675] skb_shift+0xce2/0x2d10 [ 1319.138675] tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] tcp_ack+0x2888/0xa010 [ 1319.138675] tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ip_local_deliver+0x44b/0x510 [ 1319.138675] ip_rcv+0x6b6/0x740 [ 1319.138675] process_backlog+0x82b/0x11e0 [ 1319.138675] net_rx_action+0x98f/0x1d50 [ 1319.138675] __do_softirq+0x721/0xc7f [ 1319.138675] [ 1319.138675] Uninit was stored to memory at: [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] __msan_chain_origin+0x6d/0xb0 [ 1319.138675] __save_stack_trace+0x8be/0xc60 [ 1319.138675] save_stack_trace+0xc6/0x110 [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] __msan_memcpy+0x6f/0x80 [ 1319.138675] pskb_expand_head+0x436/0x1d20 [ 1319.138675] skb_shift+0xce2/0x2d10 [ 1319.138675] tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] tcp_ack+0x2888/0xa010 [ 1319.138675] tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ip_local_deliver+0x44b/0x510 [ 1319.138675] ip_rcv+0x6b6/0x740 [ 1319.138675] process_backlog+0x82b/0x11e0 [ 1319.138675] net_rx_action+0x98f/0x1d50 [ 1319.138675] __do_softirq+0x721/0xc7f [ 1319.138675] [ 1319.138675] Uninit was stored to memory at: [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] __msan_chain_origin+0x6d/0xb0 [ 1319.138675] __save_stack_trace+0x8be/0xc60 [ 1319.138675] save_stack_trace+0xc6/0x110 [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] __msan_memcpy+0x6f/0x80 [ 1319.138675] pskb_expand_head+0x436/0x1d20 [ 1319.138675] skb_shift+0xce2/0x2d10 [ 1319.138675] tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] tcp_ack+0x2888/0xa010 [ 1319.138675] tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ip_local_deliver+0x44b/0x510 [ 1319.138675] ip_rcv+0x6b6/0x740 [ 1319.138675] process_backlog+0x82b/0x11e0 [ 1319.138675] net_rx_action+0x98f/0x1d50 [ 1319.138675] __do_softirq+0x721/0xc7f [ 1319.138675] [ 1319.138675] Uninit was stored to memory at: [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] __msan_chain_origin+0x6d/0xb0 [ 1319.138675] __save_stack_trace+0x8be/0xc60 [ 1319.138675] save_stack_trace+0xc6/0x110 [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] __msan_memcpy+0x6f/0x80 [ 1319.138675] pskb_expand_head+0x436/0x1d20 [ 1319.138675] skb_shift+0xce2/0x2d10 [ 1319.138675] tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] tcp_ack+0x2888/0xa010 [ 1319.138675] tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ip_local_deliver+0x44b/0x510 [ 1319.138675] ip_rcv+0x6b6/0x740 [ 1319.138675] process_backlog+0x82b/0x11e0 [ 1319.138675] net_rx_action+0x98f/0x1d50 [ 1319.138675] __do_softirq+0x721/0xc7f [ 1319.138675] [ 1319.138675] Uninit was stored to memory at: [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] __msan_chain_origin+0x6d/0xb0 [ 1319.138675] __save_stack_trace+0x8be/0xc60 [ 1319.138675] save_stack_trace+0xc6/0x110 [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] __msan_memcpy+0x6f/0x80 [ 1319.138675] pskb_expand_head+0x436/0x1d20 [ 1319.138675] skb_shift+0xce2/0x2d10 [ 1319.138675] tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] tcp_ack+0x2888/0xa010 [ 1319.138675] tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ip_local_deliver+0x44b/0x510 [ 1319.138675] ip_rcv+0x6b6/0x740 [ 1319.138675] process_backlog+0x82b/0x11e0 [ 1319.138675] net_rx_action+0x98f/0x1d50 [ 1319.138675] __do_softirq+0x721/0xc7f [ 1319.138675] [ 1319.138675] Uninit was stored to memory at: [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] __msan_chain_origin+0x6d/0xb0 [ 1319.138675] __save_stack_trace+0x8be/0xc60 [ 1319.138675] save_stack_trace+0xc6/0x110 [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] __msan_memcpy+0x6f/0x80 [ 1319.138675] pskb_expand_head+0x436/0x1d20 [ 1319.138675] skb_shift+0xce2/0x2d10 [ 1319.138675] tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] tcp_ack+0x2888/0xa010 [ 1319.138675] tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ip_local_deliver+0x44b/0x510 [ 1319.138675] ip_rcv+0x6b6/0x740 [ 1319.138675] process_backlog+0x82b/0x11e0 [ 1319.138675] net_rx_action+0x98f/0x1d50 [ 1319.138675] __do_softirq+0x721/0xc7f [ 1319.138675] [ 1319.138675] Uninit was stored to memory at: [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] __msan_chain_origin+0x6d/0xb0 [ 1319.138675] __save_stack_trace+0x8be/0xc60 [ 1319.138675] save_stack_trace+0xc6/0x110 [ 1319.138675] kmsan_internal_chain_origin+0x136/0x240 [ 1319.138675] kmsan_memcpy_origins+0x13d/0x190 [ 1319.138675] __msan_memcpy+0x6f/0x80 [ 1319.138675] pskb_expand_head+0x436/0x1d20 [ 1319.138675] skb_shift+0xce2/0x2d10 [ 1319.138675] tcp_sacktag_walk+0x2156/0x29d0 [ 1319.138675] tcp_sacktag_write_queue+0x2805/0x4630 [ 1319.138675] tcp_ack+0x2888/0xa010 [ 1319.138675] tcp_rcv_established+0xf7e/0x2940 [ 1319.138675] tcp_v4_do_rcv+0x686/0xd80 [ 1319.138675] tcp_v4_rcv+0x5a13/0x6520 [ 1319.138675] ip_local_deliver_finish+0x8d8/0xff0 [ 1319.138675] ip_local_deliver+0x44b/0x510 [ 1319.138675] ip_rcv+0x6b6/0x740 [ 1319.138675] process_backlog+0x82b/0x11e0 [ 1319.138675] net_rx_action+0x98f/0x1d50 [ 1319.138675] __do_softirq+0x721/0xc7f [ 1319.138675] [ 1319.138675] Local variable description: ----v.addr.i.i.i@ipv4_conntrack_local [ 1319.138675] Variable was created at: [ 1319.138675] ipv4_conntrack_local+0x75/0x470 [ 1319.138675] nf_hook_slow+0x15c/0x3d0 14:19:17 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) rt_sigreturn() r2 = syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x1, 0x8042) r3 = syz_open_dev$usb(&(0x7f0000000240)='/dev/bus/usb/00#/00#\x00', 0x8, 0x121000) ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000280)=r3) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000840)=ANY=[@ANYBLOB], 0x1, 0x100000000000) pipe2(&(0x7f00000002c0), 0x80000) r4 = memfd_create(&(0x7f0000000040)="102c00", 0x7) r5 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') sendmsg$FOU_CMD_GET(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="e549ec27", @ANYRES16=r5, @ANYBLOB="000425bd7000fcdbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0x4) [ 1320.296371] PANIC: double fault, error_code: 0x0 [ 1320.301226] CPU: 1 PID: 20085 Comm: syz-executor3 Not tainted 4.20.0-rc2+ #85 [ 1320.301674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1320.317705] ================================================================== [ 1320.317705] BUG: KMSAN: uninit-value in do_raw_spin_lock+0x130/0x410 [ 1320.317705] CPU: 1 PID: 20085 Comm: syz-executor3 Not tainted 4.20.0-rc2+ #85 [ 1320.317705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1320.317705] Call Trace: [ 1320.317705] <#DF> [ 1320.317705] dump_stack+0x32d/0x480 [ 1320.317705] ? do_raw_spin_lock+0x130/0x410 [ 1320.317705] kmsan_report+0x19f/0x300 [ 1320.317705] kmsan_internal_check_memory+0x35b/0x3b0 [ 1320.317705] ? __msan_poison_alloca+0x1e0/0x270 [ 1320.317705] kmsan_check_memory+0xd/0x10 [ 1320.317705] do_raw_spin_lock+0x130/0x410 [ 1320.317705] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1320.317705] _raw_spin_lock+0x27/0x30 [ 1320.317705] vprintk_emit+0x1d9/0x8a0 [ 1320.317705] vprintk_default+0x90/0xa0 [ 1320.317705] vprintk_func+0x26b/0x2a0 [ 1320.317705] printk+0x1a3/0x1f0 [ 1320.317705] ? kmsan_get_origin_address+0x212/0x360 [ 1320.317705] ? kmsan_get_shadow_origin_ptr+0x2c0/0x410 [ 1320.317705] show_iret_regs+0x13c/0x540 [ 1320.317705] ? kmsan_get_origin_address+0x212/0x360 [ 1320.317705] ? __show_regs+0xb2/0x1350 [ 1320.317705] ? show_regs+0xaf/0x170 [ 1320.317705] __show_regs+0xc9/0x1350 [ 1320.317705] ? get_cpu_entry_area+0xc/0x30 [ 1320.317705] ? kmsan_get_shadow_origin_ptr+0x2c0/0x410 [ 1320.317705] show_regs+0xaf/0x170 [ 1320.317705] df_debug+0x86/0xb0 [ 1320.317705] do_double_fault+0x362/0x480 [ 1320.317705] double_fault+0x1e/0x30 [ 1320.317705] RIP: 0010:kmsan_get_origin_address+0x212/0x360 [ 1320.317705] Code: 2d 01 00 00 e9 fe 00 00 00 65 44 8b 34 25 20 a1 02 00 48 b8 00 00 00 00 00 02 00 00 48 01 d8 48 3d ff 0f e8 00 77 38 44 89 f7 19 30 4a ff 48 89 d9 48 29 c1 85 c9 78 26 48 63 c1 48 3d ff 9f [ 1320.317705] RSP: 0018:fffffe000003c000 EFLAGS: 00010093 [ 1320.317705] RAX: 000000000003c150 RBX: fffffe000003c150 RCX: 000000000000002e [ 1320.317705] RDX: 0000000000000001 RSI: 0000000000000088 RDI: 0000000000000001 [ 1320.317705] RBP: fffffe000003c038 R08: 0000000000000000 R09: 0000000000000000 [ 1320.317705] R10: 0000000000000000 R11: 0000000000000000 R12: 0000778000000000 [ 1320.317705] R13: 0000000000000000 R14: 0000000000000001 R15: fffffe008003c150 [ 1320.317705] [ 1320.317705] [ 1320.317705] kmsan_memmove_origins+0xbd/0x1c0 [ 1320.317705] ? kmsan_memmove_shadow+0xad/0xd0 [ 1320.317705] __msan_memmove+0x6c/0x80 [ 1320.317705] fixup_bad_iret+0x63/0xc0 [ 1320.317705] error_entry+0xad/0xc0 [ 1320.317705] RIP: 0000: (null) [ 1320.317705] Code: Bad RIP value. [ 1320.317705] RSP: a3fb7f:00007f5a7d8049c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 1320.317705] RAX: 0000000000000000 RBX: ffffffff8b000e58 RCX: 000000000040393c [ 1320.317705] RDX: 7ce1ce792145f800 RSI: 0000000000000000 RDI: 0000000000000000 [ 1320.317705] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08 [ 1320.317705] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000 [ 1320.317705] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c [ 1320.317705] ? general_protection+0x8/0x30 [ 1320.317705] ? general_protection+0x8/0x30 [ 1320.317705] [ 1320.317705] [ 1320.317705] Local variable description: ----v.addr.i.i@do_raw_spin_lock [ 1320.317705] Variable was created at: [ 1320.317705] do_raw_spin_lock+0x62/0x410 [ 1320.317705] _raw_spin_lock+0x27/0x30 [ 1320.317705] [ 1320.317705] Bytes 0-7 of 8 are uninitialized [ 1320.317705] Memory access of size 8 starts at fffffe00000439f8 [ 1320.317705] ================================================================== [ 1320.317705] Disabling lock debugging due to kernel taint [ 1320.317705] Kernel panic - not syncing: panic_on_warn set ... [ 1320.317705] CPU: 1 PID: 20085 Comm: syz-executor3 Tainted: G B 4.20.0-rc2+ #85 [ 1320.317705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1320.317705] Call Trace: [ 1320.317705] <#DF> [ 1320.317705] dump_stack+0x32d/0x480 [ 1320.317705] panic+0x624/0xc08 [ 1320.317705] kmsan_report+0x300/0x300 [ 1320.317705] kmsan_internal_check_memory+0x35b/0x3b0 [ 1320.317705] ? __msan_poison_alloca+0x1e0/0x270 [ 1320.317705] kmsan_check_memory+0xd/0x10 [ 1320.317705] do_raw_spin_lock+0x130/0x410 [ 1320.317705] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 1320.317705] _raw_spin_lock+0x27/0x30 [ 1320.317705] vprintk_emit+0x1d9/0x8a0 [ 1320.317705] vprintk_default+0x90/0xa0 [ 1320.317705] vprintk_func+0x26b/0x2a0 [ 1320.317705] printk+0x1a3/0x1f0 [ 1320.317705] ? kmsan_get_origin_address+0x212/0x360 [ 1320.317705] ? kmsan_get_shadow_origin_ptr+0x2c0/0x410 [ 1320.317705] show_iret_regs+0x13c/0x540 [ 1320.317705] ? kmsan_get_origin_address+0x212/0x360 [ 1320.317705] ? __show_regs+0xb2/0x1350 [ 1320.317705] ? show_regs+0xaf/0x170 [ 1320.317705] __show_regs+0xc9/0x1350 [ 1320.317705] ? get_cpu_entry_area+0xc/0x30 [ 1320.317705] ? kmsan_get_shadow_origin_ptr+0x2c0/0x410 [ 1320.317705] show_regs+0xaf/0x170 [ 1320.317705] df_debug+0x86/0xb0 [ 1320.317705] do_double_fault+0x362/0x480 [ 1320.317705] double_fault+0x1e/0x30 [ 1320.317705] RIP: 0010:kmsan_get_origin_address+0x212/0x360 [ 1320.317705] Code: 2d 01 00 00 e9 fe 00 00 00 65 44 8b 34 25 20 a1 02 00 48 b8 00 00 00 00 00 02 00 00 48 01 d8 48 3d ff 0f e8 00 77 38 44 89 f7 19 30 4a ff 48 89 d9 48 29 c1 85 c9 78 26 48 63 c1 48 3d ff 9f [ 1320.317705] RSP: 0018:fffffe000003c000 EFLAGS: 00010093 [ 1320.317705] RAX: 000000000003c150 RBX: fffffe000003c150 RCX: 000000000000002e [ 1320.317705] RDX: 0000000000000001 RSI: 0000000000000088 RDI: 0000000000000001 [ 1320.317705] RBP: fffffe000003c038 R08: 0000000000000000 R09: 0000000000000000 [ 1320.317705] R10: 0000000000000000 R11: 0000000000000000 R12: 0000778000000000 [ 1320.317705] R13: 0000000000000000 R14: 0000000000000001 R15: fffffe008003c150 [ 1320.317705] [ 1320.317705] [ 1320.317705] kmsan_memmove_origins+0xbd/0x1c0 [ 1320.317705] ? kmsan_memmove_shadow+0xad/0xd0 [ 1320.317705] __msan_memmove+0x6c/0x80 [ 1320.317705] fixup_bad_iret+0x63/0xc0 [ 1320.317705] error_entry+0xad/0xc0 [ 1320.317705] RIP: 0000: (null) [ 1320.317705] Code: Bad RIP value. [ 1320.317705] RSP: a3fb7f:00007f5a7d8049c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 1320.317705] RAX: 0000000000000000 RBX: ffffffff8b000e58 RCX: 000000000040393c [ 1320.317705] RDX: 7ce1ce792145f800 RSI: 0000000000000000 RDI: 0000000000000000 [ 1320.317705] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08 [ 1320.317705] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000 [ 1320.317705] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c [ 1320.317705] ? general_protection+0x8/0x30 [ 1320.317705] ? general_protection+0x8/0x30 [ 1320.317705] [ 1320.317705] Kernel Offset: disabled