03 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 592.761507][ T28] audit: type=1326 audit(1599451206.245:1387): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12417 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 592.784794][ T28] audit: type=1326 audit(1599451206.245:1388): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12417 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 592.808621][ T28] audit: type=1326 audit(1599451206.255:1389): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12417 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 592.831878][ T28] audit: type=1326 audit(1599451206.255:1390): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12417 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 592.874328][T12420] not chained 10000 origins [ 592.878875][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 592.887553][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 592.897618][T12420] Call Trace: [ 592.900949][T12420] dump_stack+0x21c/0x280 [ 592.905310][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 592.911082][T12420] ? kmsan_get_metadata+0x116/0x180 [ 592.916300][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 592.921868][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 592.928024][T12420] ? _copy_from_user+0x201/0x310 [ 592.932984][T12420] ? kmsan_get_metadata+0x116/0x180 [ 592.938201][T12420] __msan_chain_origin+0x50/0x90 [ 592.943246][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 592.948494][T12420] get_compat_msghdr+0x108/0x2b0 [ 592.953456][T12420] do_recvmmsg+0xdbb/0x22c0 [ 592.958022][T12420] ? kmsan_get_metadata+0x116/0x180 [ 592.963239][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 592.969150][T12420] ? kmsan_get_metadata+0x116/0x180 [ 592.974359][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 592.980023][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 592.985320][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 592.990094][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 592.994873][T12420] __sys_recvmmsg+0x5dd/0x610 [ 592.999594][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.005819][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.012274][T12420] __do_fast_syscall_32+0x2af/0x480 [ 593.017507][T12420] do_fast_syscall_32+0x6b/0xd0 [ 593.022377][T12420] do_SYSENTER_32+0x73/0x90 [ 593.026898][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.033226][T12420] RIP: 0023:0xf7f15549 [ 593.037289][T12420] Code: Bad RIP value. [ 593.041356][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 593.049874][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 593.057854][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 593.065830][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 593.073811][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 593.081791][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 593.089784][T12420] Uninit was stored to memory at: [ 593.094826][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 593.100565][T12420] __msan_chain_origin+0x50/0x90 [ 593.105535][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 593.110668][T12420] get_compat_msghdr+0x108/0x2b0 [ 593.115609][T12420] do_recvmmsg+0xdbb/0x22c0 [ 593.120134][T12420] __sys_recvmmsg+0x5dd/0x610 [ 593.124820][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.130983][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.137159][T12420] __do_fast_syscall_32+0x2af/0x480 [ 593.142364][T12420] do_fast_syscall_32+0x6b/0xd0 [ 593.147222][T12420] do_SYSENTER_32+0x73/0x90 [ 593.151738][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.158073][T12420] [ 593.160413][T12420] Uninit was stored to memory at: [ 593.165453][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 593.171185][T12420] __msan_chain_origin+0x50/0x90 [ 593.176136][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 593.181253][T12420] get_compat_msghdr+0x108/0x2b0 [ 593.186201][T12420] do_recvmmsg+0xdbb/0x22c0 [ 593.190707][T12420] __sys_recvmmsg+0x5dd/0x610 [ 593.195484][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.201557][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.207725][T12420] __do_fast_syscall_32+0x2af/0x480 [ 593.212929][T12420] do_fast_syscall_32+0x6b/0xd0 [ 593.217788][T12420] do_SYSENTER_32+0x73/0x90 [ 593.222296][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.228631][T12420] [ 593.230969][T12420] Uninit was stored to memory at: [ 593.236004][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 593.241748][T12420] __msan_chain_origin+0x50/0x90 [ 593.246709][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 593.251833][T12420] get_compat_msghdr+0x108/0x2b0 [ 593.256862][T12420] do_recvmmsg+0xdbb/0x22c0 [ 593.261369][T12420] __sys_recvmmsg+0x5dd/0x610 [ 593.266056][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.272132][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.278299][T12420] __do_fast_syscall_32+0x2af/0x480 [ 593.283513][T12420] do_fast_syscall_32+0x6b/0xd0 [ 593.288374][T12420] do_SYSENTER_32+0x73/0x90 [ 593.292886][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.299220][T12420] [ 593.301549][T12420] Uninit was stored to memory at: [ 593.306591][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 593.312321][T12420] __msan_chain_origin+0x50/0x90 [ 593.317269][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 593.322386][T12420] get_compat_msghdr+0x108/0x2b0 [ 593.327331][T12420] do_recvmmsg+0xdbb/0x22c0 [ 593.331862][T12420] __sys_recvmmsg+0x5dd/0x610 [ 593.336549][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.342623][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.348788][T12420] __do_fast_syscall_32+0x2af/0x480 [ 593.353991][T12420] do_fast_syscall_32+0x6b/0xd0 [ 593.358848][T12420] do_SYSENTER_32+0x73/0x90 [ 593.363378][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.369715][T12420] [ 593.372043][T12420] Uninit was stored to memory at: [ 593.377076][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 593.382820][T12420] __msan_chain_origin+0x50/0x90 [ 593.387770][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 593.392888][T12420] get_compat_msghdr+0x108/0x2b0 [ 593.397837][T12420] do_recvmmsg+0xdbb/0x22c0 [ 593.402348][T12420] __sys_recvmmsg+0x5dd/0x610 [ 593.407038][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.413118][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.419288][T12420] __do_fast_syscall_32+0x2af/0x480 [ 593.424496][T12420] do_fast_syscall_32+0x6b/0xd0 [ 593.429357][T12420] do_SYSENTER_32+0x73/0x90 [ 593.433868][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.440192][T12420] [ 593.442528][T12420] Uninit was stored to memory at: [ 593.447576][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 593.453310][T12420] __msan_chain_origin+0x50/0x90 [ 593.458262][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 593.463394][T12420] get_compat_msghdr+0x108/0x2b0 [ 593.468344][T12420] do_recvmmsg+0xdbb/0x22c0 [ 593.472862][T12420] __sys_recvmmsg+0x5dd/0x610 [ 593.477556][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.483642][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.489835][T12420] __do_fast_syscall_32+0x2af/0x480 [ 593.495044][T12420] do_fast_syscall_32+0x6b/0xd0 [ 593.500081][T12420] do_SYSENTER_32+0x73/0x90 [ 593.504601][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.510940][T12420] [ 593.513265][T12420] Uninit was stored to memory at: [ 593.518304][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 593.524041][T12420] __msan_chain_origin+0x50/0x90 [ 593.528989][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 593.534116][T12420] get_compat_msghdr+0x108/0x2b0 [ 593.539062][T12420] do_recvmmsg+0xdbb/0x22c0 [ 593.543570][T12420] __sys_recvmmsg+0x5dd/0x610 [ 593.548264][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 593.554355][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 593.560517][T12420] __do_fast_syscall_32+0x2af/0x480 [ 593.565723][T12420] do_fast_syscall_32+0x6b/0xd0 [ 593.570591][T12420] do_SYSENTER_32+0x73/0x90 [ 593.575104][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 593.581421][T12420] [ 593.583747][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 593.590428][T12420] do_recvmmsg+0xbf/0x22c0 [ 593.594846][T12420] do_recvmmsg+0xbf/0x22c0 04:00:07 executing program 1: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x40481) sendfile(r1, r0, 0x0, 0x0) 04:00:08 executing program 3: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ttyprintk\x00', 0x40002, 0x0) write$binfmt_misc(r0, &(0x7f0000000300)={'syz1', "9c377abe4529b0aef96d76e52982932d9dc2971bb319c60a941322a7978fa7063609affaf9731a215ba5a10ebd208977265c3ac57b702591ede48dc43c9ca29c60873b1cd57d3b530901af009b37f799df070d"}, 0x57) 04:00:08 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x68) [ 594.204602][ T28] audit: type=1326 audit(1599451207.815:1391): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12430 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 594.228284][ T28] audit: type=1326 audit(1599451207.815:1392): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12430 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 594.702698][T12444] [U] syz17zE)mv)-— [ 594.708168][T12444] [U] "6 s![ w&\:{p%<`;};S  04:00:08 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 595.220629][T12420] not chained 20000 origins [ 595.225185][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 595.233853][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 595.243922][T12420] Call Trace: [ 595.247236][T12420] dump_stack+0x21c/0x280 [ 595.251585][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 595.257338][T12420] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 595.263163][T12420] ? kmsan_get_metadata+0x116/0x180 [ 595.268460][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 595.274024][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 595.280128][T12420] ? _copy_from_user+0x201/0x310 [ 595.285083][T12420] ? kmsan_get_metadata+0x116/0x180 [ 595.290323][T12420] __msan_chain_origin+0x50/0x90 [ 595.295297][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 595.300446][T12420] get_compat_msghdr+0x108/0x2b0 [ 595.305406][T12420] do_recvmmsg+0xdbb/0x22c0 [ 595.309951][T12420] ? kmsan_get_metadata+0x116/0x180 [ 595.315166][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 595.321160][T12420] ? kmsan_get_metadata+0x116/0x180 [ 595.326369][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 595.332013][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 595.337316][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 595.342098][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 595.346881][T12420] __sys_recvmmsg+0x5dd/0x610 [ 595.351608][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 595.357700][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 595.363870][T12420] __do_fast_syscall_32+0x2af/0x480 [ 595.369093][T12420] do_fast_syscall_32+0x6b/0xd0 [ 595.373984][T12420] do_SYSENTER_32+0x73/0x90 [ 595.378505][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 595.384843][T12420] RIP: 0023:0xf7f15549 [ 595.388906][T12420] Code: Bad RIP value. [ 595.392971][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 595.401389][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 595.409390][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 595.417385][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 595.425363][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 595.433342][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 595.441387][T12420] Uninit was stored to memory at: [ 595.446427][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 595.452154][T12420] __msan_chain_origin+0x50/0x90 [ 595.457100][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 595.462218][T12420] get_compat_msghdr+0x108/0x2b0 [ 595.467163][T12420] do_recvmmsg+0xdbb/0x22c0 [ 595.471668][T12420] __sys_recvmmsg+0x5dd/0x610 [ 595.476374][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 595.482448][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 595.488611][T12420] __do_fast_syscall_32+0x2af/0x480 [ 595.493819][T12420] do_fast_syscall_32+0x6b/0xd0 [ 595.498678][T12420] do_SYSENTER_32+0x73/0x90 [ 595.503190][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 595.509506][T12420] [ 595.511831][T12420] Uninit was stored to memory at: [ 595.516867][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 595.522603][T12420] __msan_chain_origin+0x50/0x90 [ 595.527557][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 595.532683][T12420] get_compat_msghdr+0x108/0x2b0 [ 595.537628][T12420] do_recvmmsg+0xdbb/0x22c0 [ 595.542135][T12420] __sys_recvmmsg+0x5dd/0x610 [ 595.546820][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 595.552890][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 595.559054][T12420] __do_fast_syscall_32+0x2af/0x480 [ 595.564264][T12420] do_fast_syscall_32+0x6b/0xd0 [ 595.569122][T12420] do_SYSENTER_32+0x73/0x90 [ 595.573633][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 595.579968][T12420] [ 595.582293][T12420] Uninit was stored to memory at: [ 595.587327][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 595.593055][T12420] __msan_chain_origin+0x50/0x90 [ 595.598017][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 595.603133][T12420] get_compat_msghdr+0x108/0x2b0 [ 595.608073][T12420] do_recvmmsg+0xdbb/0x22c0 [ 595.612584][T12420] __sys_recvmmsg+0x5dd/0x610 [ 595.617276][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 595.623347][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 595.629507][T12420] __do_fast_syscall_32+0x2af/0x480 [ 595.634713][T12420] do_fast_syscall_32+0x6b/0xd0 [ 595.639657][T12420] do_SYSENTER_32+0x73/0x90 [ 595.644165][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 595.650487][T12420] [ 595.652813][T12420] Uninit was stored to memory at: [ 595.657852][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 595.663580][T12420] __msan_chain_origin+0x50/0x90 [ 595.668596][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 595.673725][T12420] get_compat_msghdr+0x108/0x2b0 [ 595.678670][T12420] do_recvmmsg+0xdbb/0x22c0 [ 595.683184][T12420] __sys_recvmmsg+0x5dd/0x610 [ 595.687873][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 595.693947][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 595.700107][T12420] __do_fast_syscall_32+0x2af/0x480 [ 595.705311][T12420] do_fast_syscall_32+0x6b/0xd0 [ 595.710170][T12420] do_SYSENTER_32+0x73/0x90 [ 595.714679][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 595.721022][T12420] [ 595.723349][T12420] Uninit was stored to memory at: [ 595.728383][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 595.734106][T12420] __msan_chain_origin+0x50/0x90 [ 595.739048][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 595.744161][T12420] get_compat_msghdr+0x108/0x2b0 [ 595.749105][T12420] do_recvmmsg+0xdbb/0x22c0 [ 595.753610][T12420] __sys_recvmmsg+0x5dd/0x610 [ 595.758293][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 595.764381][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 595.770560][T12420] __do_fast_syscall_32+0x2af/0x480 [ 595.775767][T12420] do_fast_syscall_32+0x6b/0xd0 [ 595.780628][T12420] do_SYSENTER_32+0x73/0x90 [ 595.785136][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 595.791455][T12420] [ 595.793779][T12420] Uninit was stored to memory at: [ 595.798824][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 595.804550][T12420] __msan_chain_origin+0x50/0x90 [ 595.809494][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 595.814609][T12420] get_compat_msghdr+0x108/0x2b0 [ 595.819637][T12420] do_recvmmsg+0xdbb/0x22c0 [ 595.824143][T12420] __sys_recvmmsg+0x5dd/0x610 [ 595.828830][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 595.834905][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 595.841065][T12420] __do_fast_syscall_32+0x2af/0x480 [ 595.846282][T12420] do_fast_syscall_32+0x6b/0xd0 [ 595.851145][T12420] do_SYSENTER_32+0x73/0x90 [ 595.855654][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 595.861981][T12420] [ 595.864316][T12420] Uninit was stored to memory at: [ 595.869375][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 595.875132][T12420] __msan_chain_origin+0x50/0x90 [ 595.880090][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 595.885206][T12420] get_compat_msghdr+0x108/0x2b0 [ 595.890153][T12420] do_recvmmsg+0xdbb/0x22c0 [ 595.894667][T12420] __sys_recvmmsg+0x5dd/0x610 [ 595.899356][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 595.905430][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 595.911589][T12420] __do_fast_syscall_32+0x2af/0x480 [ 595.916799][T12420] do_fast_syscall_32+0x6b/0xd0 [ 595.921653][T12420] do_SYSENTER_32+0x73/0x90 [ 595.926165][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 595.932483][T12420] [ 595.934808][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 595.941487][T12420] do_recvmmsg+0xbf/0x22c0 [ 595.946429][T12420] do_recvmmsg+0xbf/0x22c0 [ 596.599210][T12420] not chained 30000 origins [ 596.603779][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 596.612454][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 596.622616][T12420] Call Trace: [ 596.625931][T12420] dump_stack+0x21c/0x280 [ 596.630291][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 596.636076][T12420] ? kmsan_get_metadata+0x116/0x180 [ 596.641298][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 596.646951][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 596.653050][T12420] ? _copy_from_user+0x201/0x310 [ 596.658019][T12420] ? kmsan_get_metadata+0x116/0x180 [ 596.663245][T12420] __msan_chain_origin+0x50/0x90 [ 596.668208][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 596.673362][T12420] get_compat_msghdr+0x108/0x2b0 [ 596.678330][T12420] do_recvmmsg+0xdbb/0x22c0 [ 596.682882][T12420] ? kmsan_get_metadata+0x116/0x180 [ 596.688127][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 596.694040][T12420] ? kmsan_get_metadata+0x116/0x180 [ 596.699264][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 596.704913][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 596.710218][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 596.714996][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 596.719781][T12420] __sys_recvmmsg+0x5dd/0x610 [ 596.724504][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.730610][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.736787][T12420] __do_fast_syscall_32+0x2af/0x480 [ 596.742014][T12420] do_fast_syscall_32+0x6b/0xd0 [ 596.746888][T12420] do_SYSENTER_32+0x73/0x90 [ 596.751413][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.757753][T12420] RIP: 0023:0xf7f15549 [ 596.761824][T12420] Code: Bad RIP value. [ 596.765896][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 596.774321][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 596.782304][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 596.790467][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 596.798477][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 596.806481][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 596.814504][T12420] Uninit was stored to memory at: [ 596.819554][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 596.825290][T12420] __msan_chain_origin+0x50/0x90 [ 596.830244][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 596.835368][T12420] get_compat_msghdr+0x108/0x2b0 [ 596.840414][T12420] do_recvmmsg+0xdbb/0x22c0 [ 596.844937][T12420] __sys_recvmmsg+0x5dd/0x610 [ 596.849680][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.855850][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.862112][T12420] __do_fast_syscall_32+0x2af/0x480 [ 596.867326][T12420] do_fast_syscall_32+0x6b/0xd0 [ 596.872187][T12420] do_SYSENTER_32+0x73/0x90 [ 596.876707][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.883033][T12420] [ 596.885370][T12420] Uninit was stored to memory at: [ 596.890409][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 596.896137][T12420] __msan_chain_origin+0x50/0x90 [ 596.901090][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 596.906212][T12420] get_compat_msghdr+0x108/0x2b0 [ 596.911157][T12420] do_recvmmsg+0xdbb/0x22c0 [ 596.915691][T12420] __sys_recvmmsg+0x5dd/0x610 [ 596.920383][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.926464][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 596.932631][T12420] __do_fast_syscall_32+0x2af/0x480 [ 596.937844][T12420] do_fast_syscall_32+0x6b/0xd0 [ 596.942708][T12420] do_SYSENTER_32+0x73/0x90 [ 596.947247][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 596.953592][T12420] [ 596.955940][T12420] Uninit was stored to memory at: [ 596.960982][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 596.966712][T12420] __msan_chain_origin+0x50/0x90 [ 596.971662][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 596.976870][T12420] get_compat_msghdr+0x108/0x2b0 [ 596.981818][T12420] do_recvmmsg+0xdbb/0x22c0 [ 596.986335][T12420] __sys_recvmmsg+0x5dd/0x610 [ 596.991030][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 596.997114][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.003281][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.008495][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.013358][T12420] do_SYSENTER_32+0x73/0x90 [ 597.017892][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.024216][T12420] [ 597.026546][T12420] Uninit was stored to memory at: [ 597.031586][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.037318][T12420] __msan_chain_origin+0x50/0x90 [ 597.042269][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.047397][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.052348][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.056864][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.061575][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.067679][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.073848][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.079069][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.083931][T12420] do_SYSENTER_32+0x73/0x90 [ 597.088450][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.094772][T12420] [ 597.097105][T12420] Uninit was stored to memory at: [ 597.102166][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.107901][T12420] __msan_chain_origin+0x50/0x90 [ 597.112855][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.117980][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.122930][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.127446][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.132134][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.138216][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.144382][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.149595][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.154457][T12420] do_SYSENTER_32+0x73/0x90 [ 597.158975][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.165314][T12420] [ 597.167656][T12420] Uninit was stored to memory at: [ 597.172708][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.178446][T12420] __msan_chain_origin+0x50/0x90 [ 597.183397][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.188521][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.193478][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.197998][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.202700][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.208786][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.214957][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.220173][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.225039][T12420] do_SYSENTER_32+0x73/0x90 [ 597.229561][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.235883][T12420] [ 597.238220][T12420] Uninit was stored to memory at: [ 597.243266][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.249003][T12420] __msan_chain_origin+0x50/0x90 [ 597.253958][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.259084][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.264037][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.268557][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.273251][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.279339][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.285519][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.290739][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.295606][T12420] do_SYSENTER_32+0x73/0x90 [ 597.300157][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.306479][T12420] [ 597.308815][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 597.315502][T12420] do_recvmmsg+0xbf/0x22c0 [ 597.319927][T12420] do_recvmmsg+0xbf/0x22c0 [ 597.485187][T12420] not chained 40000 origins [ 597.489752][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 597.498430][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 597.508499][T12420] Call Trace: [ 597.511819][T12420] dump_stack+0x21c/0x280 [ 597.516179][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 597.522051][T12420] ? kmsan_get_metadata+0x116/0x180 [ 597.527273][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 597.532844][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 597.538936][T12420] ? _copy_from_user+0x201/0x310 [ 597.543897][T12420] ? kmsan_get_metadata+0x116/0x180 [ 597.549115][T12420] __msan_chain_origin+0x50/0x90 [ 597.554080][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.559235][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.564232][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.568794][T12420] ? kmsan_get_metadata+0x116/0x180 [ 597.574040][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 597.579960][T12420] ? kmsan_get_metadata+0x116/0x180 [ 597.585180][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 597.590834][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 597.596138][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 597.600945][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 597.605734][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.610489][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.616601][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.622794][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.628031][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.632913][T12420] do_SYSENTER_32+0x73/0x90 [ 597.637445][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.643789][T12420] RIP: 0023:0xf7f15549 [ 597.647856][T12420] Code: Bad RIP value. [ 597.651929][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 597.660359][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 597.668864][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 597.676846][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 597.684826][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 597.692812][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 597.700818][T12420] Uninit was stored to memory at: [ 597.705869][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.711694][T12420] __msan_chain_origin+0x50/0x90 [ 597.716648][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.721816][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.726775][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.731332][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.736032][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.742128][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.748320][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.753538][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.758411][T12420] do_SYSENTER_32+0x73/0x90 [ 597.762933][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.769259][T12420] [ 597.771597][T12420] Uninit was stored to memory at: [ 597.776650][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.782479][T12420] __msan_chain_origin+0x50/0x90 [ 597.787444][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.792583][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.797541][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.802071][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.806770][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.812894][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.819078][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.824304][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.829179][T12420] do_SYSENTER_32+0x73/0x90 [ 597.833710][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.840045][T12420] [ 597.842389][T12420] Uninit was stored to memory at: [ 597.847468][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.853215][T12420] __msan_chain_origin+0x50/0x90 [ 597.858298][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.863444][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.868405][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.872961][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.877668][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.883784][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.889971][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.895201][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.900079][T12420] do_SYSENTER_32+0x73/0x90 [ 597.904613][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.910944][T12420] [ 597.913282][T12420] Uninit was stored to memory at: [ 597.918338][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.924114][T12420] __msan_chain_origin+0x50/0x90 [ 597.929080][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 597.934220][T12420] get_compat_msghdr+0x108/0x2b0 [ 597.939192][T12420] do_recvmmsg+0xdbb/0x22c0 [ 597.943735][T12420] __sys_recvmmsg+0x5dd/0x610 [ 597.948440][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 597.954533][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 597.960717][T12420] __do_fast_syscall_32+0x2af/0x480 [ 597.965959][T12420] do_fast_syscall_32+0x6b/0xd0 [ 597.970827][T12420] do_SYSENTER_32+0x73/0x90 [ 597.975351][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 597.981675][T12420] [ 597.984013][T12420] Uninit was stored to memory at: [ 597.989061][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 597.994800][T12420] __msan_chain_origin+0x50/0x90 [ 597.999762][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 598.004911][T12420] get_compat_msghdr+0x108/0x2b0 [ 598.009871][T12420] do_recvmmsg+0xdbb/0x22c0 [ 598.014397][T12420] __sys_recvmmsg+0x5dd/0x610 [ 598.019101][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.025198][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.031377][T12420] __do_fast_syscall_32+0x2af/0x480 [ 598.036605][T12420] do_fast_syscall_32+0x6b/0xd0 [ 598.041481][T12420] do_SYSENTER_32+0x73/0x90 [ 598.046014][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.052346][T12420] [ 598.054682][T12420] Uninit was stored to memory at: [ 598.059729][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 598.065466][T12420] __msan_chain_origin+0x50/0x90 [ 598.070421][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 598.075555][T12420] get_compat_msghdr+0x108/0x2b0 [ 598.080505][T12420] do_recvmmsg+0xdbb/0x22c0 [ 598.085026][T12420] __sys_recvmmsg+0x5dd/0x610 [ 598.089721][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.095804][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.101969][T12420] __do_fast_syscall_32+0x2af/0x480 [ 598.107181][T12420] do_fast_syscall_32+0x6b/0xd0 [ 598.112045][T12420] do_SYSENTER_32+0x73/0x90 [ 598.116567][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.122891][T12420] [ 598.125221][T12420] Uninit was stored to memory at: [ 598.130266][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 598.135997][T12420] __msan_chain_origin+0x50/0x90 [ 598.140949][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 598.146071][T12420] get_compat_msghdr+0x108/0x2b0 [ 598.151020][T12420] do_recvmmsg+0xdbb/0x22c0 [ 598.155539][T12420] __sys_recvmmsg+0x5dd/0x610 [ 598.160228][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.166340][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.172509][T12420] __do_fast_syscall_32+0x2af/0x480 [ 598.177733][T12420] do_fast_syscall_32+0x6b/0xd0 [ 598.182599][T12420] do_SYSENTER_32+0x73/0x90 [ 598.187119][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.193445][T12420] [ 598.195784][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 598.202471][T12420] do_recvmmsg+0xbf/0x22c0 [ 598.206897][T12420] do_recvmmsg+0xbf/0x22c0 [ 598.644874][T12420] not chained 50000 origins [ 598.649464][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 598.658247][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 598.668320][T12420] Call Trace: [ 598.671638][T12420] dump_stack+0x21c/0x280 [ 598.676026][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 598.681828][T12420] ? kmsan_get_metadata+0x116/0x180 [ 598.687048][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 598.692623][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 598.698723][T12420] ? _copy_from_user+0x201/0x310 [ 598.703687][T12420] ? kmsan_get_metadata+0x116/0x180 [ 598.708911][T12420] __msan_chain_origin+0x50/0x90 [ 598.713871][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 598.719026][T12420] get_compat_msghdr+0x108/0x2b0 [ 598.723995][T12420] do_recvmmsg+0xdbb/0x22c0 [ 598.728566][T12420] ? kmsan_get_metadata+0x116/0x180 [ 598.733793][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 598.739709][T12420] ? kmsan_get_metadata+0x116/0x180 [ 598.744941][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 598.750858][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 598.756164][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 598.760938][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 598.765724][T12420] __sys_recvmmsg+0x5dd/0x610 [ 598.770468][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.776568][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.782751][T12420] __do_fast_syscall_32+0x2af/0x480 [ 598.787982][T12420] do_fast_syscall_32+0x6b/0xd0 [ 598.792850][T12420] do_SYSENTER_32+0x73/0x90 [ 598.797417][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.803763][T12420] RIP: 0023:0xf7f15549 [ 598.807832][T12420] Code: Bad RIP value. [ 598.811931][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 598.820356][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 598.828338][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 598.836317][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 598.844296][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 598.852280][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 598.860275][T12420] Uninit was stored to memory at: [ 598.865319][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 598.871052][T12420] __msan_chain_origin+0x50/0x90 [ 598.876001][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 598.881123][T12420] get_compat_msghdr+0x108/0x2b0 [ 598.886086][T12420] do_recvmmsg+0xdbb/0x22c0 [ 598.890607][T12420] __sys_recvmmsg+0x5dd/0x610 [ 598.895299][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.901377][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.907542][T12420] __do_fast_syscall_32+0x2af/0x480 [ 598.912757][T12420] do_fast_syscall_32+0x6b/0xd0 [ 598.917618][T12420] do_SYSENTER_32+0x73/0x90 [ 598.922132][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.928456][T12420] [ 598.930790][T12420] Uninit was stored to memory at: [ 598.935831][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 598.941561][T12420] __msan_chain_origin+0x50/0x90 [ 598.946517][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 598.951642][T12420] get_compat_msghdr+0x108/0x2b0 [ 598.956594][T12420] do_recvmmsg+0xdbb/0x22c0 [ 598.961110][T12420] __sys_recvmmsg+0x5dd/0x610 [ 598.965808][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 598.971887][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 598.978056][T12420] __do_fast_syscall_32+0x2af/0x480 [ 598.983267][T12420] do_fast_syscall_32+0x6b/0xd0 [ 598.988129][T12420] do_SYSENTER_32+0x73/0x90 [ 598.992649][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 598.998973][T12420] [ 599.001301][T12420] Uninit was stored to memory at: [ 599.006342][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 599.012072][T12420] __msan_chain_origin+0x50/0x90 [ 599.017033][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 599.022162][T12420] get_compat_msghdr+0x108/0x2b0 [ 599.027111][T12420] do_recvmmsg+0xdbb/0x22c0 [ 599.031623][T12420] __sys_recvmmsg+0x5dd/0x610 [ 599.036317][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.042402][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.048568][T12420] __do_fast_syscall_32+0x2af/0x480 [ 599.053786][T12420] do_fast_syscall_32+0x6b/0xd0 [ 599.058647][T12420] do_SYSENTER_32+0x73/0x90 [ 599.063164][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.069486][T12420] [ 599.071817][T12420] Uninit was stored to memory at: [ 599.076858][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 599.082596][T12420] __msan_chain_origin+0x50/0x90 [ 599.087569][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 599.092695][T12420] get_compat_msghdr+0x108/0x2b0 [ 599.097646][T12420] do_recvmmsg+0xdbb/0x22c0 [ 599.102164][T12420] __sys_recvmmsg+0x5dd/0x610 [ 599.106855][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.112932][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.119097][T12420] __do_fast_syscall_32+0x2af/0x480 [ 599.124316][T12420] do_fast_syscall_32+0x6b/0xd0 [ 599.129181][T12420] do_SYSENTER_32+0x73/0x90 [ 599.133699][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.140034][T12420] [ 599.142366][T12420] Uninit was stored to memory at: [ 599.147409][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 599.153154][T12420] __msan_chain_origin+0x50/0x90 [ 599.158113][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 599.163237][T12420] get_compat_msghdr+0x108/0x2b0 [ 599.168192][T12420] do_recvmmsg+0xdbb/0x22c0 [ 599.172714][T12420] __sys_recvmmsg+0x5dd/0x610 [ 599.177408][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.183486][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.189652][T12420] __do_fast_syscall_32+0x2af/0x480 [ 599.194868][T12420] do_fast_syscall_32+0x6b/0xd0 [ 599.199737][T12420] do_SYSENTER_32+0x73/0x90 [ 599.204259][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.210590][T12420] [ 599.212923][T12420] Uninit was stored to memory at: [ 599.217963][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 599.223697][T12420] __msan_chain_origin+0x50/0x90 [ 599.228659][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 599.233786][T12420] get_compat_msghdr+0x108/0x2b0 [ 599.238742][T12420] do_recvmmsg+0xdbb/0x22c0 [ 599.243257][T12420] __sys_recvmmsg+0x5dd/0x610 [ 599.247952][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.254031][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.260373][T12420] __do_fast_syscall_32+0x2af/0x480 [ 599.265591][T12420] do_fast_syscall_32+0x6b/0xd0 [ 599.270455][T12420] do_SYSENTER_32+0x73/0x90 [ 599.274977][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.281301][T12420] [ 599.283634][T12420] Uninit was stored to memory at: [ 599.288680][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 599.294419][T12420] __msan_chain_origin+0x50/0x90 [ 599.299370][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 599.304495][T12420] get_compat_msghdr+0x108/0x2b0 [ 599.309445][T12420] do_recvmmsg+0xdbb/0x22c0 [ 599.313960][T12420] __sys_recvmmsg+0x5dd/0x610 [ 599.318651][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 599.324733][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 599.330901][T12420] __do_fast_syscall_32+0x2af/0x480 [ 599.336113][T12420] do_fast_syscall_32+0x6b/0xd0 [ 599.340980][T12420] do_SYSENTER_32+0x73/0x90 [ 599.345498][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 599.351822][T12420] [ 599.354155][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 599.360843][T12420] do_recvmmsg+0xbf/0x22c0 [ 599.365289][T12420] do_recvmmsg+0xbf/0x22c0 [ 600.231140][T12420] not chained 60000 origins [ 600.235698][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 600.244376][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 600.254444][T12420] Call Trace: [ 600.257762][T12420] dump_stack+0x21c/0x280 [ 600.262129][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 600.267909][T12420] ? kmsan_get_metadata+0x116/0x180 [ 600.273131][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 600.278701][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 600.284800][T12420] ? _copy_from_user+0x201/0x310 [ 600.289760][T12420] ? kmsan_get_metadata+0x116/0x180 [ 600.294977][T12420] __msan_chain_origin+0x50/0x90 [ 600.299989][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 600.305152][T12420] get_compat_msghdr+0x108/0x2b0 [ 600.310141][T12420] do_recvmmsg+0xdbb/0x22c0 [ 600.314697][T12420] ? kmsan_get_metadata+0x116/0x180 [ 600.319923][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 600.325842][T12420] ? kmsan_get_metadata+0x116/0x180 [ 600.331062][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 600.336751][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 600.342084][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 600.346859][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 600.351645][T12420] __sys_recvmmsg+0x5dd/0x610 [ 600.356365][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 600.362464][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 600.368649][T12420] __do_fast_syscall_32+0x2af/0x480 [ 600.373879][T12420] do_fast_syscall_32+0x6b/0xd0 [ 600.378759][T12420] do_SYSENTER_32+0x73/0x90 [ 600.383297][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 600.389634][T12420] RIP: 0023:0xf7f15549 [ 600.393701][T12420] Code: Bad RIP value. [ 600.397781][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 600.406207][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 600.414276][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 600.422292][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 600.430278][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 600.438280][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 600.446286][T12420] Uninit was stored to memory at: [ 600.451334][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 600.457078][T12420] __msan_chain_origin+0x50/0x90 [ 600.462034][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 600.467189][T12420] get_compat_msghdr+0x108/0x2b0 [ 600.472139][T12420] do_recvmmsg+0xdbb/0x22c0 [ 600.476660][T12420] __sys_recvmmsg+0x5dd/0x610 [ 600.481453][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 600.487560][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 600.493740][T12420] __do_fast_syscall_32+0x2af/0x480 [ 600.498958][T12420] do_fast_syscall_32+0x6b/0xd0 [ 600.503823][T12420] do_SYSENTER_32+0x73/0x90 [ 600.508364][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 600.514688][T12420] [ 600.517022][T12420] Uninit was stored to memory at: [ 600.522068][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 600.527810][T12420] __msan_chain_origin+0x50/0x90 [ 600.532765][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 600.537894][T12420] get_compat_msghdr+0x108/0x2b0 [ 600.542846][T12420] do_recvmmsg+0xdbb/0x22c0 [ 600.547363][T12420] __sys_recvmmsg+0x5dd/0x610 [ 600.552054][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 600.558143][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 600.564399][T12420] __do_fast_syscall_32+0x2af/0x480 [ 600.569614][T12420] do_fast_syscall_32+0x6b/0xd0 [ 600.574479][T12420] do_SYSENTER_32+0x73/0x90 [ 600.579032][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 600.585379][T12420] [ 600.587710][T12420] Uninit was stored to memory at: [ 600.592754][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 600.598528][T12420] __msan_chain_origin+0x50/0x90 [ 600.603505][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 600.608653][T12420] get_compat_msghdr+0x108/0x2b0 [ 600.613608][T12420] do_recvmmsg+0xdbb/0x22c0 [ 600.618127][T12420] __sys_recvmmsg+0x5dd/0x610 [ 600.622824][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 600.628912][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 600.635089][T12420] __do_fast_syscall_32+0x2af/0x480 [ 600.640308][T12420] do_fast_syscall_32+0x6b/0xd0 [ 600.645177][T12420] do_SYSENTER_32+0x73/0x90 [ 600.649720][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 600.656046][T12420] [ 600.658385][T12420] Uninit was stored to memory at: [ 600.663430][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 600.669168][T12420] __msan_chain_origin+0x50/0x90 [ 600.674152][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 600.679280][T12420] get_compat_msghdr+0x108/0x2b0 [ 600.684231][T12420] do_recvmmsg+0xdbb/0x22c0 [ 600.688755][T12420] __sys_recvmmsg+0x5dd/0x610 [ 600.693453][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 600.699565][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 600.705767][T12420] __do_fast_syscall_32+0x2af/0x480 [ 600.710983][T12420] do_fast_syscall_32+0x6b/0xd0 [ 600.715872][T12420] do_SYSENTER_32+0x73/0x90 [ 600.720393][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 600.727244][T12420] [ 600.729587][T12420] Uninit was stored to memory at: [ 600.734648][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 600.740382][T12420] __msan_chain_origin+0x50/0x90 [ 600.745352][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 600.750477][T12420] get_compat_msghdr+0x108/0x2b0 [ 600.755429][T12420] do_recvmmsg+0xdbb/0x22c0 [ 600.759974][T12420] __sys_recvmmsg+0x5dd/0x610 [ 600.764668][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 600.770752][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 600.776961][T12420] __do_fast_syscall_32+0x2af/0x480 [ 600.783135][T12420] do_fast_syscall_32+0x6b/0xd0 [ 600.788013][T12420] do_SYSENTER_32+0x73/0x90 [ 600.792561][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 600.800106][T12420] [ 600.802441][T12420] Uninit was stored to memory at: [ 600.807482][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 600.813217][T12420] __msan_chain_origin+0x50/0x90 [ 600.818169][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 600.823324][T12420] get_compat_msghdr+0x108/0x2b0 [ 600.828292][T12420] do_recvmmsg+0xdbb/0x22c0 [ 600.832807][T12420] __sys_recvmmsg+0x5dd/0x610 [ 600.837500][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 600.843585][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 600.849780][T12420] __do_fast_syscall_32+0x2af/0x480 [ 600.854997][T12420] do_fast_syscall_32+0x6b/0xd0 [ 600.859867][T12420] do_SYSENTER_32+0x73/0x90 [ 600.864386][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 600.870709][T12420] [ 600.873052][T12420] Uninit was stored to memory at: [ 600.878450][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 600.884186][T12420] __msan_chain_origin+0x50/0x90 [ 600.889140][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 600.894267][T12420] get_compat_msghdr+0x108/0x2b0 [ 600.899220][T12420] do_recvmmsg+0xdbb/0x22c0 [ 600.903743][T12420] __sys_recvmmsg+0x5dd/0x610 [ 600.908438][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 600.914519][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 600.920687][T12420] __do_fast_syscall_32+0x2af/0x480 [ 600.925947][T12420] do_fast_syscall_32+0x6b/0xd0 [ 600.930812][T12420] do_SYSENTER_32+0x73/0x90 [ 600.935357][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 600.941684][T12420] [ 600.944016][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 600.950705][T12420] do_recvmmsg+0xbf/0x22c0 [ 600.955135][T12420] do_recvmmsg+0xbf/0x22c0 [ 601.389677][T12420] not chained 70000 origins [ 601.394234][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 601.402917][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 601.413677][T12420] Call Trace: [ 601.417004][T12420] dump_stack+0x21c/0x280 [ 601.421363][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 601.427151][T12420] ? kmsan_get_metadata+0x116/0x180 [ 601.432374][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 601.438030][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 601.444133][T12420] ? _copy_from_user+0x201/0x310 [ 601.449105][T12420] ? kmsan_get_metadata+0x116/0x180 [ 601.454353][T12420] __msan_chain_origin+0x50/0x90 [ 601.459318][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 601.464476][T12420] get_compat_msghdr+0x108/0x2b0 [ 601.469448][T12420] do_recvmmsg+0xdbb/0x22c0 [ 601.474010][T12420] ? kmsan_get_metadata+0x116/0x180 [ 601.479235][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 601.485155][T12420] ? kmsan_get_metadata+0x116/0x180 [ 601.491330][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 601.497016][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 601.502324][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 601.507108][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 601.511904][T12420] __sys_recvmmsg+0x5dd/0x610 [ 601.516637][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.522753][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.528936][T12420] __do_fast_syscall_32+0x2af/0x480 [ 601.534181][T12420] do_fast_syscall_32+0x6b/0xd0 [ 601.539064][T12420] do_SYSENTER_32+0x73/0x90 [ 601.543596][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.549940][T12420] RIP: 0023:0xf7f15549 [ 601.554010][T12420] Code: Bad RIP value. [ 601.558085][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 601.566514][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 601.574619][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 601.582630][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 601.590618][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 601.598631][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 601.606636][T12420] Uninit was stored to memory at: [ 601.611695][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 601.617461][T12420] __msan_chain_origin+0x50/0x90 [ 601.622426][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 601.627562][T12420] get_compat_msghdr+0x108/0x2b0 [ 601.632546][T12420] do_recvmmsg+0xdbb/0x22c0 [ 601.637094][T12420] __sys_recvmmsg+0x5dd/0x610 [ 601.642488][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.648591][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.654773][T12420] __do_fast_syscall_32+0x2af/0x480 [ 601.660027][T12420] do_fast_syscall_32+0x6b/0xd0 [ 601.664993][T12420] do_SYSENTER_32+0x73/0x90 [ 601.669517][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.675872][T12420] [ 601.678204][T12420] Uninit was stored to memory at: [ 601.683248][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 601.689008][T12420] __msan_chain_origin+0x50/0x90 [ 601.693972][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 601.699103][T12420] get_compat_msghdr+0x108/0x2b0 [ 601.704066][T12420] do_recvmmsg+0xdbb/0x22c0 [ 601.708608][T12420] __sys_recvmmsg+0x5dd/0x610 [ 601.713311][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.719398][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.725582][T12420] __do_fast_syscall_32+0x2af/0x480 [ 601.730806][T12420] do_fast_syscall_32+0x6b/0xd0 [ 601.735705][T12420] do_SYSENTER_32+0x73/0x90 [ 601.740230][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.746565][T12420] [ 601.748899][T12420] Uninit was stored to memory at: [ 601.753944][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 601.759677][T12420] __msan_chain_origin+0x50/0x90 [ 601.764635][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 601.769766][T12420] get_compat_msghdr+0x108/0x2b0 [ 601.774716][T12420] do_recvmmsg+0xdbb/0x22c0 [ 601.779232][T12420] __sys_recvmmsg+0x5dd/0x610 [ 601.783926][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.790881][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.797078][T12420] __do_fast_syscall_32+0x2af/0x480 [ 601.802301][T12420] do_fast_syscall_32+0x6b/0xd0 [ 601.807169][T12420] do_SYSENTER_32+0x73/0x90 [ 601.811711][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.818034][T12420] [ 601.820365][T12420] Uninit was stored to memory at: [ 601.825407][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 601.831171][T12420] __msan_chain_origin+0x50/0x90 [ 601.836144][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 601.841271][T12420] get_compat_msghdr+0x108/0x2b0 [ 601.846226][T12420] do_recvmmsg+0xdbb/0x22c0 [ 601.850765][T12420] __sys_recvmmsg+0x5dd/0x610 [ 601.855479][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.861568][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.867741][T12420] __do_fast_syscall_32+0x2af/0x480 [ 601.872954][T12420] do_fast_syscall_32+0x6b/0xd0 [ 601.877841][T12420] do_SYSENTER_32+0x73/0x90 [ 601.882361][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.888693][T12420] [ 601.891030][T12420] Uninit was stored to memory at: [ 601.896074][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 601.902442][T12420] __msan_chain_origin+0x50/0x90 [ 601.907404][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 601.912548][T12420] get_compat_msghdr+0x108/0x2b0 [ 601.917601][T12420] do_recvmmsg+0xdbb/0x22c0 [ 601.922127][T12420] __sys_recvmmsg+0x5dd/0x610 [ 601.926827][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 601.932916][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 601.939838][T12420] __do_fast_syscall_32+0x2af/0x480 [ 601.945066][T12420] do_fast_syscall_32+0x6b/0xd0 [ 601.949972][T12420] do_SYSENTER_32+0x73/0x90 [ 601.954499][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 601.960862][T12420] [ 601.963196][T12420] Uninit was stored to memory at: [ 601.968238][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 601.973976][T12420] __msan_chain_origin+0x50/0x90 [ 601.978942][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 601.984084][T12420] get_compat_msghdr+0x108/0x2b0 [ 601.989074][T12420] do_recvmmsg+0xdbb/0x22c0 [ 601.993606][T12420] __sys_recvmmsg+0x5dd/0x610 [ 601.998312][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.004408][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.010676][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.015918][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.020790][T12420] do_SYSENTER_32+0x73/0x90 [ 602.025316][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.031647][T12420] [ 602.033981][T12420] Uninit was stored to memory at: [ 602.039030][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 602.045298][T12420] __msan_chain_origin+0x50/0x90 [ 602.050281][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.055421][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.060380][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.064908][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.069616][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.075735][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.082887][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.088112][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.092992][T12420] do_SYSENTER_32+0x73/0x90 [ 602.097520][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.104641][T12420] [ 602.106983][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 602.113678][T12420] do_recvmmsg+0xbf/0x22c0 [ 602.118124][T12420] do_recvmmsg+0xbf/0x22c0 [ 602.283865][T12420] not chained 80000 origins [ 602.288421][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 602.297135][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 602.307227][T12420] Call Trace: [ 602.310567][T12420] dump_stack+0x21c/0x280 [ 602.314961][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 602.320768][T12420] ? kmsan_get_metadata+0x116/0x180 [ 602.326019][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 602.331602][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 602.337717][T12420] ? _copy_from_user+0x201/0x310 [ 602.342685][T12420] ? kmsan_get_metadata+0x116/0x180 [ 602.347922][T12420] __msan_chain_origin+0x50/0x90 [ 602.352887][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.358058][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.363029][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.367586][T12420] ? kmsan_get_metadata+0x116/0x180 [ 602.372810][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 602.378736][T12420] ? kmsan_get_metadata+0x116/0x180 [ 602.383956][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 602.389615][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 602.394922][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 602.399700][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 602.404488][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.409214][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.415315][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.421492][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.426748][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.431647][T12420] do_SYSENTER_32+0x73/0x90 [ 602.436176][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.442512][T12420] RIP: 0023:0xf7f15549 [ 602.446586][T12420] Code: Bad RIP value. [ 602.450658][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 602.459171][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 602.467155][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 602.475137][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 602.483131][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 602.491113][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 602.499112][T12420] Uninit was stored to memory at: [ 602.504157][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 602.509899][T12420] __msan_chain_origin+0x50/0x90 [ 602.514858][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.519989][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.524936][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.529465][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.534188][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.540278][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.546453][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.551665][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.556548][T12420] do_SYSENTER_32+0x73/0x90 [ 602.561069][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.567400][T12420] [ 602.569728][T12420] Uninit was stored to memory at: [ 602.574756][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 602.580471][T12420] __msan_chain_origin+0x50/0x90 [ 602.585394][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.590528][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.595449][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.599938][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.604602][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.610658][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.616815][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.622000][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.626850][T12420] do_SYSENTER_32+0x73/0x90 [ 602.631355][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.637656][T12420] [ 602.640022][T12420] Uninit was stored to memory at: [ 602.645050][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 602.650813][T12420] __msan_chain_origin+0x50/0x90 [ 602.655748][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.660856][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.665795][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.670281][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.674954][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.681015][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.687194][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.692398][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.697277][T12420] do_SYSENTER_32+0x73/0x90 [ 602.701768][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.708078][T12420] [ 602.710406][T12420] Uninit was stored to memory at: [ 602.715529][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 602.721247][T12420] __msan_chain_origin+0x50/0x90 [ 602.726190][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.731335][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.736269][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.740759][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.745428][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.751509][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.757655][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.762843][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.767724][T12420] do_SYSENTER_32+0x73/0x90 [ 602.772275][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.778605][T12420] [ 602.780928][T12420] Uninit was stored to memory at: [ 602.785953][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 602.791690][T12420] __msan_chain_origin+0x50/0x90 [ 602.796624][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.801736][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.806675][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.811182][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.815860][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.821915][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.828096][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.833303][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.838145][T12420] do_SYSENTER_32+0x73/0x90 [ 602.842635][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.848943][T12420] [ 602.851268][T12420] Uninit was stored to memory at: [ 602.856301][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 602.862024][T12420] __msan_chain_origin+0x50/0x90 [ 602.866961][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.872091][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.877028][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.881543][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.886228][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.892306][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.898465][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.903665][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.908524][T12420] do_SYSENTER_32+0x73/0x90 [ 602.913035][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.919356][T12420] [ 602.921694][T12420] Uninit was stored to memory at: [ 602.926726][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 602.932460][T12420] __msan_chain_origin+0x50/0x90 [ 602.937392][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 602.942501][T12420] get_compat_msghdr+0x108/0x2b0 [ 602.947446][T12420] do_recvmmsg+0xdbb/0x22c0 [ 602.951999][T12420] __sys_recvmmsg+0x5dd/0x610 [ 602.956670][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 602.962743][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 602.968902][T12420] __do_fast_syscall_32+0x2af/0x480 [ 602.974103][T12420] do_fast_syscall_32+0x6b/0xd0 [ 602.978950][T12420] do_SYSENTER_32+0x73/0x90 [ 602.983441][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 602.989775][T12420] [ 602.992114][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 602.998902][T12420] do_recvmmsg+0xbf/0x22c0 [ 603.003308][T12420] do_recvmmsg+0xbf/0x22c0 [ 603.210273][T12420] not chained 90000 origins [ 603.214833][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 603.223516][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 603.233588][T12420] Call Trace: [ 603.236981][T12420] dump_stack+0x21c/0x280 [ 603.241349][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 603.247134][T12420] ? kmsan_get_metadata+0x116/0x180 [ 603.252360][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 603.258198][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 603.265194][T12420] ? _copy_from_user+0x201/0x310 [ 603.270161][T12420] ? kmsan_get_metadata+0x116/0x180 [ 603.275386][T12420] __msan_chain_origin+0x50/0x90 [ 603.280357][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 603.285524][T12420] get_compat_msghdr+0x108/0x2b0 [ 603.290501][T12420] do_recvmmsg+0xdbb/0x22c0 [ 603.295061][T12420] ? kmsan_get_metadata+0x116/0x180 [ 603.300292][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 603.306218][T12420] ? kmsan_get_metadata+0x116/0x180 [ 603.311446][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 603.317112][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 603.322424][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 603.327231][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 603.332018][T12420] __sys_recvmmsg+0x5dd/0x610 [ 603.336757][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.342897][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.349064][T12420] __do_fast_syscall_32+0x2af/0x480 [ 603.354314][T12420] do_fast_syscall_32+0x6b/0xd0 [ 603.359193][T12420] do_SYSENTER_32+0x73/0x90 [ 603.363691][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.370008][T12420] RIP: 0023:0xf7f15549 [ 603.374055][T12420] Code: Bad RIP value. [ 603.378108][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 603.386519][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 603.394509][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 603.402472][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 603.410434][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 603.418398][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 603.426387][T12420] Uninit was stored to memory at: [ 603.431447][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 603.437180][T12420] __msan_chain_origin+0x50/0x90 [ 603.442112][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 603.447228][T12420] get_compat_msghdr+0x108/0x2b0 [ 603.452183][T12420] do_recvmmsg+0xdbb/0x22c0 [ 603.456688][T12420] __sys_recvmmsg+0x5dd/0x610 [ 603.461392][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.467486][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.473654][T12420] __do_fast_syscall_32+0x2af/0x480 [ 603.478847][T12420] do_fast_syscall_32+0x6b/0xd0 [ 603.483687][T12420] do_SYSENTER_32+0x73/0x90 [ 603.488198][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.494518][T12420] [ 603.496849][T12420] Uninit was stored to memory at: [ 603.501866][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 603.507616][T12420] __msan_chain_origin+0x50/0x90 [ 603.512574][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 603.517693][T12420] get_compat_msghdr+0x108/0x2b0 [ 603.522627][T12420] do_recvmmsg+0xdbb/0x22c0 [ 603.527145][T12420] __sys_recvmmsg+0x5dd/0x610 [ 603.531833][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.537917][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.544135][T12420] __do_fast_syscall_32+0x2af/0x480 [ 603.549332][T12420] do_fast_syscall_32+0x6b/0xd0 [ 603.554173][T12420] do_SYSENTER_32+0x73/0x90 [ 603.558718][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.565047][T12420] [ 603.567371][T12420] Uninit was stored to memory at: [ 603.572429][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 603.578155][T12420] __msan_chain_origin+0x50/0x90 [ 603.583091][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 603.588225][T12420] get_compat_msghdr+0x108/0x2b0 [ 603.593172][T12420] do_recvmmsg+0xdbb/0x22c0 [ 603.597669][T12420] __sys_recvmmsg+0x5dd/0x610 [ 603.602360][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.608444][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.614624][T12420] __do_fast_syscall_32+0x2af/0x480 [ 603.619839][T12420] do_fast_syscall_32+0x6b/0xd0 [ 603.624704][T12420] do_SYSENTER_32+0x73/0x90 [ 603.629231][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.635540][T12420] [ 603.637863][T12420] Uninit was stored to memory at: [ 603.642889][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 603.648623][T12420] __msan_chain_origin+0x50/0x90 [ 603.653588][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 603.658711][T12420] get_compat_msghdr+0x108/0x2b0 [ 603.663651][T12420] do_recvmmsg+0xdbb/0x22c0 [ 603.668163][T12420] __sys_recvmmsg+0x5dd/0x610 [ 603.672854][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.678911][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.685054][T12420] __do_fast_syscall_32+0x2af/0x480 [ 603.690264][T12420] do_fast_syscall_32+0x6b/0xd0 [ 603.695104][T12420] do_SYSENTER_32+0x73/0x90 [ 603.699613][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.705915][T12420] [ 603.708246][T12420] Uninit was stored to memory at: [ 603.713278][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 603.718989][T12420] __msan_chain_origin+0x50/0x90 [ 603.723917][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 603.729031][T12420] get_compat_msghdr+0x108/0x2b0 [ 603.733980][T12420] do_recvmmsg+0xdbb/0x22c0 [ 603.738486][T12420] __sys_recvmmsg+0x5dd/0x610 [ 603.743187][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.749262][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.755412][T12420] __do_fast_syscall_32+0x2af/0x480 [ 603.760617][T12420] do_fast_syscall_32+0x6b/0xd0 [ 603.765473][T12420] do_SYSENTER_32+0x73/0x90 [ 603.769985][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.776297][T12420] [ 603.778642][T12420] Uninit was stored to memory at: [ 603.783657][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 603.789386][T12420] __msan_chain_origin+0x50/0x90 [ 603.794325][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 603.799434][T12420] get_compat_msghdr+0x108/0x2b0 [ 603.804367][T12420] do_recvmmsg+0xdbb/0x22c0 [ 603.808869][T12420] __sys_recvmmsg+0x5dd/0x610 [ 603.813551][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.819610][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.825775][T12420] __do_fast_syscall_32+0x2af/0x480 [ 603.830967][T12420] do_fast_syscall_32+0x6b/0xd0 [ 603.835810][T12420] do_SYSENTER_32+0x73/0x90 [ 603.840302][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.846614][T12420] [ 603.848945][T12420] Uninit was stored to memory at: [ 603.853976][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 603.859693][T12420] __msan_chain_origin+0x50/0x90 [ 603.864635][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 603.869751][T12420] get_compat_msghdr+0x108/0x2b0 [ 603.874711][T12420] do_recvmmsg+0xdbb/0x22c0 [ 603.879201][T12420] __sys_recvmmsg+0x5dd/0x610 [ 603.883875][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 603.889930][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 603.896085][T12420] __do_fast_syscall_32+0x2af/0x480 [ 603.901287][T12420] do_fast_syscall_32+0x6b/0xd0 [ 603.906136][T12420] do_SYSENTER_32+0x73/0x90 [ 603.910675][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 603.916992][T12420] [ 603.919317][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 603.926003][T12420] do_recvmmsg+0xbf/0x22c0 [ 603.930418][T12420] do_recvmmsg+0xbf/0x22c0 [ 604.135256][T12420] not chained 100000 origins [ 604.139908][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 604.148587][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 604.158681][T12420] Call Trace: [ 604.162003][T12420] dump_stack+0x21c/0x280 [ 604.166364][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 604.172156][T12420] ? kmsan_get_metadata+0x116/0x180 [ 604.177382][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 604.182948][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 604.189045][T12420] ? _copy_from_user+0x201/0x310 [ 604.194007][T12420] ? kmsan_get_metadata+0x116/0x180 [ 604.199241][T12420] __msan_chain_origin+0x50/0x90 [ 604.204235][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 604.209427][T12420] get_compat_msghdr+0x108/0x2b0 [ 604.214422][T12420] do_recvmmsg+0xdbb/0x22c0 [ 604.218996][T12420] ? kmsan_get_metadata+0x116/0x180 [ 604.224244][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 604.230190][T12420] ? kmsan_get_metadata+0x116/0x180 [ 604.235416][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 604.241081][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 604.246388][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 604.251199][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 604.256004][T12420] __sys_recvmmsg+0x5dd/0x610 [ 604.260722][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.266833][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.273014][T12420] __do_fast_syscall_32+0x2af/0x480 [ 604.278252][T12420] do_fast_syscall_32+0x6b/0xd0 [ 604.283126][T12420] do_SYSENTER_32+0x73/0x90 [ 604.287664][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.294013][T12420] RIP: 0023:0xf7f15549 [ 604.298086][T12420] Code: Bad RIP value. [ 604.302171][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 604.310610][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 604.318606][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 604.326597][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 604.334585][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 604.342577][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 604.350587][T12420] Uninit was stored to memory at: [ 604.355666][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 604.361416][T12420] __msan_chain_origin+0x50/0x90 [ 604.366378][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 604.371509][T12420] get_compat_msghdr+0x108/0x2b0 [ 604.376464][T12420] do_recvmmsg+0xdbb/0x22c0 [ 604.380985][T12420] __sys_recvmmsg+0x5dd/0x610 [ 604.385685][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.391778][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.397959][T12420] __do_fast_syscall_32+0x2af/0x480 [ 604.403186][T12420] do_fast_syscall_32+0x6b/0xd0 [ 604.408056][T12420] do_SYSENTER_32+0x73/0x90 [ 604.412575][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.418903][T12420] [ 604.421238][T12420] Uninit was stored to memory at: [ 604.426330][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 604.432069][T12420] __msan_chain_origin+0x50/0x90 [ 604.437029][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 604.442186][T12420] get_compat_msghdr+0x108/0x2b0 [ 604.447152][T12420] do_recvmmsg+0xdbb/0x22c0 [ 604.451675][T12420] __sys_recvmmsg+0x5dd/0x610 [ 604.456384][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.462463][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.468633][T12420] __do_fast_syscall_32+0x2af/0x480 [ 604.473838][T12420] do_fast_syscall_32+0x6b/0xd0 [ 604.478698][T12420] do_SYSENTER_32+0x73/0x90 [ 604.483200][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.489515][T12420] [ 604.491856][T12420] Uninit was stored to memory at: [ 604.496893][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 604.502619][T12420] __msan_chain_origin+0x50/0x90 [ 604.507549][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 604.512659][T12420] get_compat_msghdr+0x108/0x2b0 [ 604.517605][T12420] do_recvmmsg+0xdbb/0x22c0 [ 604.522125][T12420] __sys_recvmmsg+0x5dd/0x610 [ 604.526813][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.532904][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.539080][T12420] __do_fast_syscall_32+0x2af/0x480 [ 604.544329][T12420] do_fast_syscall_32+0x6b/0xd0 [ 604.549215][T12420] do_SYSENTER_32+0x73/0x90 [ 604.553761][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.560079][T12420] [ 604.562865][T12420] Uninit was stored to memory at: [ 604.567900][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 604.573642][T12420] __msan_chain_origin+0x50/0x90 [ 604.578589][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 604.583701][T12420] get_compat_msghdr+0x108/0x2b0 [ 604.588641][T12420] do_recvmmsg+0xdbb/0x22c0 [ 604.593134][T12420] __sys_recvmmsg+0x5dd/0x610 [ 604.597849][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.603935][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.610101][T12420] __do_fast_syscall_32+0x2af/0x480 [ 604.615319][T12420] do_fast_syscall_32+0x6b/0xd0 [ 604.620211][T12420] do_SYSENTER_32+0x73/0x90 [ 604.624719][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.631026][T12420] [ 604.633340][T12420] Uninit was stored to memory at: [ 604.638375][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 604.644141][T12420] __msan_chain_origin+0x50/0x90 [ 604.649092][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 604.654209][T12420] get_compat_msghdr+0x108/0x2b0 [ 604.659163][T12420] do_recvmmsg+0xdbb/0x22c0 [ 604.663679][T12420] __sys_recvmmsg+0x5dd/0x610 [ 604.668345][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.674419][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.680573][T12420] __do_fast_syscall_32+0x2af/0x480 [ 604.685778][T12420] do_fast_syscall_32+0x6b/0xd0 [ 604.690621][T12420] do_SYSENTER_32+0x73/0x90 [ 604.695122][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.701446][T12420] [ 604.703772][T12420] Uninit was stored to memory at: [ 604.708789][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 604.714509][T12420] __msan_chain_origin+0x50/0x90 [ 604.719438][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 604.724558][T12420] get_compat_msghdr+0x108/0x2b0 [ 604.729508][T12420] do_recvmmsg+0xdbb/0x22c0 [ 604.734001][T12420] __sys_recvmmsg+0x5dd/0x610 [ 604.738689][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.744750][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.750900][T12420] __do_fast_syscall_32+0x2af/0x480 [ 604.756477][T12420] do_fast_syscall_32+0x6b/0xd0 [ 604.761347][T12420] do_SYSENTER_32+0x73/0x90 [ 604.765843][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.772149][T12420] [ 604.774474][T12420] Uninit was stored to memory at: [ 604.779515][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 604.785244][T12420] __msan_chain_origin+0x50/0x90 [ 604.790191][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 604.796302][T12420] get_compat_msghdr+0x108/0x2b0 [ 604.801250][T12420] do_recvmmsg+0xdbb/0x22c0 [ 604.805768][T12420] __sys_recvmmsg+0x5dd/0x610 [ 604.810461][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 604.817331][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 604.823514][T12420] __do_fast_syscall_32+0x2af/0x480 [ 604.828718][T12420] do_fast_syscall_32+0x6b/0xd0 [ 604.833702][T12420] do_SYSENTER_32+0x73/0x90 [ 604.838343][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 604.844790][T12420] [ 604.847149][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 604.853878][T12420] do_recvmmsg+0xbf/0x22c0 [ 604.858302][T12420] do_recvmmsg+0xbf/0x22c0 [ 605.004851][T12420] not chained 110000 origins [ 605.009501][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 605.018192][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.028284][T12420] Call Trace: [ 605.031604][T12420] dump_stack+0x21c/0x280 [ 605.035968][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 605.041889][T12420] ? kmsan_get_metadata+0x116/0x180 [ 605.047115][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 605.052699][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 605.058803][T12420] ? _copy_from_user+0x201/0x310 [ 605.063972][T12420] ? kmsan_get_metadata+0x116/0x180 [ 605.070197][T12420] __msan_chain_origin+0x50/0x90 [ 605.075191][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 605.080376][T12420] get_compat_msghdr+0x108/0x2b0 [ 605.085364][T12420] do_recvmmsg+0xdbb/0x22c0 [ 605.089970][T12420] ? kmsan_get_metadata+0x116/0x180 [ 605.095211][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 605.101165][T12420] ? kmsan_get_metadata+0x116/0x180 [ 605.106415][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 605.112983][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 605.118324][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 605.123114][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 605.127916][T12420] __sys_recvmmsg+0x5dd/0x610 [ 605.132688][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.139154][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.145342][T12420] __do_fast_syscall_32+0x2af/0x480 [ 605.150586][T12420] do_fast_syscall_32+0x6b/0xd0 [ 605.155742][T12420] do_SYSENTER_32+0x73/0x90 [ 605.160281][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.166644][T12420] RIP: 0023:0xf7f15549 [ 605.170725][T12420] Code: Bad RIP value. [ 605.174837][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 605.183274][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 605.191270][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 605.199286][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 605.207389][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 605.215381][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 605.223972][T12420] Uninit was stored to memory at: [ 605.229094][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 605.234810][T12420] __msan_chain_origin+0x50/0x90 [ 605.240727][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 605.246572][T12420] get_compat_msghdr+0x108/0x2b0 [ 605.251537][T12420] do_recvmmsg+0xdbb/0x22c0 [ 605.256048][T12420] __sys_recvmmsg+0x5dd/0x610 [ 605.261451][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.267554][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.273817][T12420] __do_fast_syscall_32+0x2af/0x480 [ 605.279024][T12420] do_fast_syscall_32+0x6b/0xd0 [ 605.283887][T12420] do_SYSENTER_32+0x73/0x90 [ 605.288384][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.294693][T12420] [ 605.297019][T12420] Uninit was stored to memory at: [ 605.302058][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 605.307776][T12420] __msan_chain_origin+0x50/0x90 [ 605.312726][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 605.317851][T12420] get_compat_msghdr+0x108/0x2b0 [ 605.322818][T12420] do_recvmmsg+0xdbb/0x22c0 [ 605.327353][T12420] __sys_recvmmsg+0x5dd/0x610 [ 605.332039][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.338101][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.344250][T12420] __do_fast_syscall_32+0x2af/0x480 [ 605.349443][T12420] do_fast_syscall_32+0x6b/0xd0 [ 605.354283][T12420] do_SYSENTER_32+0x73/0x90 [ 605.358783][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.365087][T12420] [ 605.367407][T12420] Uninit was stored to memory at: [ 605.372451][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 605.378161][T12420] __msan_chain_origin+0x50/0x90 [ 605.383093][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 605.388197][T12420] get_compat_msghdr+0x108/0x2b0 [ 605.393123][T12420] do_recvmmsg+0xdbb/0x22c0 [ 605.397625][T12420] __sys_recvmmsg+0x5dd/0x610 [ 605.402305][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.408363][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.414518][T12420] __do_fast_syscall_32+0x2af/0x480 [ 605.419714][T12420] do_fast_syscall_32+0x6b/0xd0 [ 605.425974][T12420] do_SYSENTER_32+0x73/0x90 [ 605.430586][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.436925][T12420] [ 605.439254][T12420] Uninit was stored to memory at: [ 605.444371][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 605.450104][T12420] __msan_chain_origin+0x50/0x90 [ 605.455039][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 605.460150][T12420] get_compat_msghdr+0x108/0x2b0 [ 605.465104][T12420] do_recvmmsg+0xdbb/0x22c0 [ 605.469604][T12420] __sys_recvmmsg+0x5dd/0x610 [ 605.474284][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.480346][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.486515][T12420] __do_fast_syscall_32+0x2af/0x480 [ 605.491773][T12420] do_fast_syscall_32+0x6b/0xd0 [ 605.496645][T12420] do_SYSENTER_32+0x73/0x90 [ 605.501182][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.507496][T12420] [ 605.509879][T12420] Uninit was stored to memory at: [ 605.514924][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 605.520640][T12420] __msan_chain_origin+0x50/0x90 [ 605.525767][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 605.530875][T12420] get_compat_msghdr+0x108/0x2b0 [ 605.535819][T12420] do_recvmmsg+0xdbb/0x22c0 [ 605.540327][T12420] __sys_recvmmsg+0x5dd/0x610 [ 605.545019][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.551081][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.557249][T12420] __do_fast_syscall_32+0x2af/0x480 [ 605.562470][T12420] do_fast_syscall_32+0x6b/0xd0 [ 605.567327][T12420] do_SYSENTER_32+0x73/0x90 [ 605.571834][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.578142][T12420] [ 605.580463][T12420] Uninit was stored to memory at: [ 605.585484][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 605.591197][T12420] __msan_chain_origin+0x50/0x90 [ 605.596149][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 605.601274][T12420] get_compat_msghdr+0x108/0x2b0 [ 605.606233][T12420] do_recvmmsg+0xdbb/0x22c0 [ 605.610754][T12420] __sys_recvmmsg+0x5dd/0x610 [ 605.615434][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.621556][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.627724][T12420] __do_fast_syscall_32+0x2af/0x480 [ 605.632929][T12420] do_fast_syscall_32+0x6b/0xd0 [ 605.637790][T12420] do_SYSENTER_32+0x73/0x90 [ 605.642339][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.648668][T12420] [ 605.651010][T12420] Uninit was stored to memory at: [ 605.656095][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 605.661869][T12420] __msan_chain_origin+0x50/0x90 [ 605.666847][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 605.672012][T12420] get_compat_msghdr+0x108/0x2b0 [ 605.676991][T12420] do_recvmmsg+0xdbb/0x22c0 [ 605.681521][T12420] __sys_recvmmsg+0x5dd/0x610 [ 605.686217][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 605.692316][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 605.698480][T12420] __do_fast_syscall_32+0x2af/0x480 [ 605.703709][T12420] do_fast_syscall_32+0x6b/0xd0 [ 605.708572][T12420] do_SYSENTER_32+0x73/0x90 [ 605.713091][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 605.719447][T12420] [ 605.721772][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 605.728503][T12420] do_recvmmsg+0xbf/0x22c0 [ 605.732959][T12420] do_recvmmsg+0xbf/0x22c0 [ 605.932717][T12420] not chained 120000 origins [ 605.937372][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 605.946052][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.956120][T12420] Call Trace: [ 605.959444][T12420] dump_stack+0x21c/0x280 [ 605.963817][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 605.969605][T12420] ? kmsan_get_metadata+0x116/0x180 [ 605.974828][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 605.980410][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 605.986512][T12420] ? _copy_from_user+0x201/0x310 [ 605.991487][T12420] ? kmsan_get_metadata+0x116/0x180 [ 605.996718][T12420] __msan_chain_origin+0x50/0x90 [ 606.001687][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.006853][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.011860][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.016422][T12420] ? kmsan_get_metadata+0x116/0x180 [ 606.021649][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 606.027566][T12420] ? kmsan_get_metadata+0x116/0x180 [ 606.032797][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 606.038453][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 606.043796][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 606.048557][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 606.053318][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.058037][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.064130][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.070298][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.075516][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.080384][T12420] do_SYSENTER_32+0x73/0x90 [ 606.084890][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.091230][T12420] RIP: 0023:0xf7f15549 [ 606.095304][T12420] Code: Bad RIP value. [ 606.099379][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 606.107797][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 606.115776][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 606.123749][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 606.131735][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 606.139706][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 606.147680][T12420] Uninit was stored to memory at: [ 606.152726][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 606.158461][T12420] __msan_chain_origin+0x50/0x90 [ 606.163409][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.168538][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.173483][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.177990][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.182691][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.188757][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.194924][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.200130][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.205004][T12420] do_SYSENTER_32+0x73/0x90 [ 606.209537][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.215869][T12420] [ 606.218183][T12420] Uninit was stored to memory at: [ 606.223201][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 606.228923][T12420] __msan_chain_origin+0x50/0x90 [ 606.233866][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.238972][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.243912][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.248419][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.253104][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.259164][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.265322][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.270515][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.275385][T12420] do_SYSENTER_32+0x73/0x90 [ 606.279912][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.286256][T12420] [ 606.288589][T12420] Uninit was stored to memory at: [ 606.293636][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 606.299348][T12420] __msan_chain_origin+0x50/0x90 [ 606.304277][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.309396][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.314350][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.318857][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.323555][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.329618][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.335779][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.341003][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.345839][T12420] do_SYSENTER_32+0x73/0x90 [ 606.350332][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.356640][T12420] [ 606.358982][T12420] Uninit was stored to memory at: [ 606.364010][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 606.369738][T12420] __msan_chain_origin+0x50/0x90 [ 606.374689][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.379805][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.384733][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.389228][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.393910][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.399977][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.406142][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.411349][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.416204][T12420] do_SYSENTER_32+0x73/0x90 [ 606.420726][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.427056][T12420] [ 606.429384][T12420] Uninit was stored to memory at: [ 606.434416][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 606.440140][T12420] __msan_chain_origin+0x50/0x90 [ 606.445103][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.450210][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.455141][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.459659][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.464344][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.470409][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.476608][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.481831][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.486704][T12420] do_SYSENTER_32+0x73/0x90 [ 606.491227][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.497541][T12420] [ 606.499861][T12420] Uninit was stored to memory at: [ 606.504967][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 606.510681][T12420] __msan_chain_origin+0x50/0x90 [ 606.515620][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.520724][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.525659][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.530164][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.534863][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.540972][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.547286][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.552513][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.557376][T12420] do_SYSENTER_32+0x73/0x90 [ 606.561898][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.568212][T12420] [ 606.570564][T12420] Uninit was stored to memory at: [ 606.575610][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 606.581329][T12420] __msan_chain_origin+0x50/0x90 [ 606.586280][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.591402][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.596342][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.600862][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.605536][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.611593][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.617769][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.622962][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.627834][T12420] do_SYSENTER_32+0x73/0x90 [ 606.632360][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 606.638674][T12420] [ 606.641015][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 606.647731][T12420] do_recvmmsg+0xbf/0x22c0 [ 606.652157][T12420] do_recvmmsg+0xbf/0x22c0 [ 606.849323][T12420] not chained 130000 origins [ 606.854016][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 606.862713][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 606.872788][T12420] Call Trace: [ 606.876118][T12420] dump_stack+0x21c/0x280 [ 606.880488][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 606.886273][T12420] ? kmsan_get_metadata+0x116/0x180 [ 606.891519][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 606.897184][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 606.903285][T12420] ? _copy_from_user+0x201/0x310 [ 606.908254][T12420] ? kmsan_get_metadata+0x116/0x180 [ 606.913477][T12420] __msan_chain_origin+0x50/0x90 [ 606.918467][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 606.923624][T12420] get_compat_msghdr+0x108/0x2b0 [ 606.928619][T12420] do_recvmmsg+0xdbb/0x22c0 [ 606.933181][T12420] ? kmsan_get_metadata+0x116/0x180 [ 606.938405][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 606.944323][T12420] ? kmsan_get_metadata+0x116/0x180 [ 606.949545][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 606.955206][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 606.960521][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 606.965306][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 606.970094][T12420] __sys_recvmmsg+0x5dd/0x610 [ 606.974817][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 606.980920][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 606.987104][T12420] __do_fast_syscall_32+0x2af/0x480 [ 606.992338][T12420] do_fast_syscall_32+0x6b/0xd0 [ 606.997210][T12420] do_SYSENTER_32+0x73/0x90 [ 607.001735][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.008076][T12420] RIP: 0023:0xf7f15549 [ 607.012151][T12420] Code: Bad RIP value. [ 607.016225][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 607.025002][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 607.032982][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 607.040948][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 607.048942][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 607.056915][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 607.064900][T12420] Uninit was stored to memory at: [ 607.069921][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 607.075628][T12420] __msan_chain_origin+0x50/0x90 [ 607.080571][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 607.085688][T12420] get_compat_msghdr+0x108/0x2b0 [ 607.090612][T12420] do_recvmmsg+0xdbb/0x22c0 [ 607.095109][T12420] __sys_recvmmsg+0x5dd/0x610 [ 607.099776][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.105829][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.111978][T12420] __do_fast_syscall_32+0x2af/0x480 [ 607.117184][T12420] do_fast_syscall_32+0x6b/0xd0 [ 607.122044][T12420] do_SYSENTER_32+0x73/0x90 [ 607.126553][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.132869][T12420] [ 607.135180][T12420] Uninit was stored to memory at: [ 607.140198][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 607.145930][T12420] __msan_chain_origin+0x50/0x90 [ 607.150889][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 607.156018][T12420] get_compat_msghdr+0x108/0x2b0 [ 607.160973][T12420] do_recvmmsg+0xdbb/0x22c0 [ 607.165494][T12420] __sys_recvmmsg+0x5dd/0x610 [ 607.170183][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.176260][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.182429][T12420] __do_fast_syscall_32+0x2af/0x480 [ 607.187644][T12420] do_fast_syscall_32+0x6b/0xd0 [ 607.192529][T12420] do_SYSENTER_32+0x73/0x90 [ 607.197065][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.203395][T12420] [ 607.205752][T12420] Uninit was stored to memory at: [ 607.210799][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 607.216528][T12420] __msan_chain_origin+0x50/0x90 [ 607.221496][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 607.226602][T12420] get_compat_msghdr+0x108/0x2b0 [ 607.231533][T12420] do_recvmmsg+0xdbb/0x22c0 [ 607.236045][T12420] __sys_recvmmsg+0x5dd/0x610 [ 607.240750][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.246933][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.253127][T12420] __do_fast_syscall_32+0x2af/0x480 [ 607.258325][T12420] do_fast_syscall_32+0x6b/0xd0 [ 607.263171][T12420] do_SYSENTER_32+0x73/0x90 [ 607.267689][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.274012][T12420] [ 607.276351][T12420] Uninit was stored to memory at: [ 607.281393][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 607.287124][T12420] __msan_chain_origin+0x50/0x90 [ 607.292073][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 607.297208][T12420] get_compat_msghdr+0x108/0x2b0 [ 607.302170][T12420] do_recvmmsg+0xdbb/0x22c0 [ 607.307932][T12420] __sys_recvmmsg+0x5dd/0x610 [ 607.312641][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.318746][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.324920][T12420] __do_fast_syscall_32+0x2af/0x480 [ 607.330144][T12420] do_fast_syscall_32+0x6b/0xd0 [ 607.335000][T12420] do_SYSENTER_32+0x73/0x90 [ 607.339570][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.345888][T12420] [ 607.348214][T12420] Uninit was stored to memory at: [ 607.353249][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 607.358988][T12420] __msan_chain_origin+0x50/0x90 [ 607.364637][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 607.369769][T12420] get_compat_msghdr+0x108/0x2b0 [ 607.374717][T12420] do_recvmmsg+0xdbb/0x22c0 [ 607.379215][T12420] __sys_recvmmsg+0x5dd/0x610 [ 607.383893][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.389970][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.396165][T12420] __do_fast_syscall_32+0x2af/0x480 [ 607.401404][T12420] do_fast_syscall_32+0x6b/0xd0 [ 607.406278][T12420] do_SYSENTER_32+0x73/0x90 [ 607.410817][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.417160][T12420] [ 607.419477][T12420] Uninit was stored to memory at: [ 607.424590][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 607.430316][T12420] __msan_chain_origin+0x50/0x90 [ 607.435248][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 607.440367][T12420] get_compat_msghdr+0x108/0x2b0 [ 607.445296][T12420] do_recvmmsg+0xdbb/0x22c0 [ 607.449803][T12420] __sys_recvmmsg+0x5dd/0x610 [ 607.454490][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.460568][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.466753][T12420] __do_fast_syscall_32+0x2af/0x480 [ 607.471977][T12420] do_fast_syscall_32+0x6b/0xd0 [ 607.476830][T12420] do_SYSENTER_32+0x73/0x90 [ 607.481331][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.487669][T12420] [ 607.490013][T12420] Uninit was stored to memory at: [ 607.495054][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 607.500789][T12420] __msan_chain_origin+0x50/0x90 [ 607.505735][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 607.510847][T12420] get_compat_msghdr+0x108/0x2b0 [ 607.515777][T12420] do_recvmmsg+0xdbb/0x22c0 [ 607.520466][T12420] __sys_recvmmsg+0x5dd/0x610 [ 607.525162][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.531344][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.537538][T12420] __do_fast_syscall_32+0x2af/0x480 [ 607.542736][T12420] do_fast_syscall_32+0x6b/0xd0 [ 607.547605][T12420] do_SYSENTER_32+0x73/0x90 [ 607.552124][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.558450][T12420] [ 607.560799][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 607.567484][T12420] do_recvmmsg+0xbf/0x22c0 [ 607.571928][T12420] do_recvmmsg+0xbf/0x22c0 [ 607.795424][T12420] not chained 140000 origins [ 607.800074][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 607.809837][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 607.819936][T12420] Call Trace: [ 607.823258][T12420] dump_stack+0x21c/0x280 [ 607.827627][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 607.833422][T12420] ? kmsan_get_metadata+0x116/0x180 [ 607.838659][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 607.844414][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 607.850537][T12420] ? _copy_from_user+0x201/0x310 [ 607.855526][T12420] ? kmsan_get_metadata+0x116/0x180 [ 607.860776][T12420] __msan_chain_origin+0x50/0x90 [ 607.865770][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 607.870955][T12420] get_compat_msghdr+0x108/0x2b0 [ 607.875933][T12420] do_recvmmsg+0xdbb/0x22c0 [ 607.880498][T12420] ? kmsan_get_metadata+0x116/0x180 [ 607.885732][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 607.891701][T12420] ? kmsan_get_metadata+0x116/0x180 [ 607.896930][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 607.902603][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 607.907919][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 607.912700][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 607.917519][T12420] __sys_recvmmsg+0x5dd/0x610 [ 607.922252][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 607.928362][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 607.934542][T12420] __do_fast_syscall_32+0x2af/0x480 [ 607.939861][T12420] do_fast_syscall_32+0x6b/0xd0 [ 607.944788][T12420] do_SYSENTER_32+0x73/0x90 [ 607.949332][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 607.955649][T12420] RIP: 0023:0xf7f15549 [ 607.960002][T12420] Code: Bad RIP value. [ 607.964066][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 607.972470][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 607.980437][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 607.988421][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 607.996455][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 608.005203][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 608.013193][T12420] Uninit was stored to memory at: [ 608.018240][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 608.023969][T12420] __msan_chain_origin+0x50/0x90 [ 608.028930][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.034069][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.039018][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.043518][T12420] __sys_recvmmsg+0x5dd/0x610 [ 608.048206][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.054406][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.060562][T12420] __do_fast_syscall_32+0x2af/0x480 [ 608.065766][T12420] do_fast_syscall_32+0x6b/0xd0 [ 608.070615][T12420] do_SYSENTER_32+0x73/0x90 [ 608.075112][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.081433][T12420] [ 608.083754][T12420] Uninit was stored to memory at: [ 608.088798][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 608.094570][T12420] __msan_chain_origin+0x50/0x90 [ 608.099524][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.104646][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.109595][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.114092][T12420] __sys_recvmmsg+0x5dd/0x610 [ 608.118781][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.124861][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.131037][T12420] __do_fast_syscall_32+0x2af/0x480 [ 608.136296][T12420] do_fast_syscall_32+0x6b/0xd0 [ 608.141189][T12420] do_SYSENTER_32+0x73/0x90 [ 608.145714][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.152043][T12420] [ 608.154380][T12420] Uninit was stored to memory at: [ 608.159416][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 608.165155][T12420] __msan_chain_origin+0x50/0x90 [ 608.170115][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.175274][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.180233][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.184750][T12420] __sys_recvmmsg+0x5dd/0x610 [ 608.189439][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.195509][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.201654][T12420] __do_fast_syscall_32+0x2af/0x480 [ 608.206868][T12420] do_fast_syscall_32+0x6b/0xd0 [ 608.211768][T12420] do_SYSENTER_32+0x73/0x90 [ 608.216313][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.222643][T12420] [ 608.224958][T12420] Uninit was stored to memory at: [ 608.229997][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 608.235711][T12420] __msan_chain_origin+0x50/0x90 [ 608.240657][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.245774][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.250723][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.255220][T12420] __sys_recvmmsg+0x5dd/0x610 [ 608.259902][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.265974][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.272151][T12420] __do_fast_syscall_32+0x2af/0x480 [ 608.278494][T12420] do_fast_syscall_32+0x6b/0xd0 [ 608.283370][T12420] do_SYSENTER_32+0x73/0x90 [ 608.287908][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.294231][T12420] [ 608.296553][T12420] Uninit was stored to memory at: [ 608.301578][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 608.307394][T12420] __msan_chain_origin+0x50/0x90 [ 608.312342][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.317465][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.322413][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.326928][T12420] __sys_recvmmsg+0x5dd/0x610 [ 608.331630][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.337707][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.343871][T12420] __do_fast_syscall_32+0x2af/0x480 [ 608.349956][T12420] do_fast_syscall_32+0x6b/0xd0 [ 608.354816][T12420] do_SYSENTER_32+0x73/0x90 [ 608.359347][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.365706][T12420] [ 608.368154][T12420] Uninit was stored to memory at: [ 608.373203][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 608.378980][T12420] __msan_chain_origin+0x50/0x90 [ 608.383937][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.389060][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.394009][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.399220][T12420] __sys_recvmmsg+0x5dd/0x610 [ 608.403892][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.409976][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.416142][T12420] __do_fast_syscall_32+0x2af/0x480 [ 608.421359][T12420] do_fast_syscall_32+0x6b/0xd0 [ 608.426220][T12420] do_SYSENTER_32+0x73/0x90 [ 608.430757][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.437099][T12420] [ 608.439415][T12420] Uninit was stored to memory at: [ 608.444452][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 608.454444][T12420] __msan_chain_origin+0x50/0x90 [ 608.459445][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.464589][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.476667][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.481191][T12420] __sys_recvmmsg+0x5dd/0x610 [ 608.485892][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.491988][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.498153][T12420] __do_fast_syscall_32+0x2af/0x480 [ 608.503417][T12420] do_fast_syscall_32+0x6b/0xd0 [ 608.508294][T12420] do_SYSENTER_32+0x73/0x90 [ 608.512824][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.519152][T12420] [ 608.521496][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 608.528199][T12420] do_recvmmsg+0xbf/0x22c0 [ 608.532625][T12420] do_recvmmsg+0xbf/0x22c0 [ 608.750244][T12420] not chained 150000 origins [ 608.754882][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 608.763557][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 608.773651][T12420] Call Trace: [ 608.776970][T12420] dump_stack+0x21c/0x280 [ 608.781331][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 608.787108][T12420] ? kmsan_get_metadata+0x116/0x180 [ 608.792335][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 608.797908][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 608.804006][T12420] ? _copy_from_user+0x201/0x310 [ 608.808969][T12420] ? kmsan_get_metadata+0x116/0x180 [ 608.814189][T12420] __msan_chain_origin+0x50/0x90 [ 608.819158][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.824342][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.829316][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.833891][T12420] ? kmsan_get_metadata+0x116/0x180 [ 608.839117][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 608.845039][T12420] ? kmsan_get_metadata+0x116/0x180 [ 608.850302][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 608.855956][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 608.861263][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 608.866041][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 608.870828][T12420] __sys_recvmmsg+0x5dd/0x610 [ 608.875540][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 608.881750][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 608.887927][T12420] __do_fast_syscall_32+0x2af/0x480 [ 608.893126][T12420] do_fast_syscall_32+0x6b/0xd0 [ 608.898005][T12420] do_SYSENTER_32+0x73/0x90 [ 608.902532][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 608.908849][T12420] RIP: 0023:0xf7f15549 [ 608.912911][T12420] Code: Bad RIP value. [ 608.916971][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 608.925406][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 608.933386][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 608.941365][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 608.949953][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 608.957955][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 608.965968][T12420] Uninit was stored to memory at: [ 608.971576][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 608.977301][T12420] __msan_chain_origin+0x50/0x90 [ 608.982244][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 608.987461][T12420] get_compat_msghdr+0x108/0x2b0 [ 608.992426][T12420] do_recvmmsg+0xdbb/0x22c0 [ 608.996932][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.001634][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.007689][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.013832][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.019022][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.023883][T12420] do_SYSENTER_32+0x73/0x90 [ 609.028376][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.034677][T12420] [ 609.036999][T12420] Uninit was stored to memory at: [ 609.042042][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.047773][T12420] __msan_chain_origin+0x50/0x90 [ 609.052719][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.057835][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.062773][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.067275][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.071939][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.078005][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.084509][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.089697][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.094551][T12420] do_SYSENTER_32+0x73/0x90 [ 609.099062][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.105379][T12420] [ 609.107690][T12420] Uninit was stored to memory at: [ 609.112718][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.125378][T12420] __msan_chain_origin+0x50/0x90 [ 609.130323][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.135436][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.140379][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.144881][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.149544][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.155610][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.161763][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.166951][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.171794][T12420] do_SYSENTER_32+0x73/0x90 [ 609.176308][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.182660][T12420] [ 609.184986][T12420] Uninit was stored to memory at: [ 609.190001][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.195714][T12420] __msan_chain_origin+0x50/0x90 [ 609.200658][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.205782][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.210721][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.215229][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.219915][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.226006][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.232182][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.237391][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.242269][T12420] do_SYSENTER_32+0x73/0x90 [ 609.246763][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.253063][T12420] [ 609.255384][T12420] Uninit was stored to memory at: [ 609.260415][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.266141][T12420] __msan_chain_origin+0x50/0x90 [ 609.271100][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.276211][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.281156][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.285644][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.290312][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.296384][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.302567][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.307775][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.312635][T12420] do_SYSENTER_32+0x73/0x90 [ 609.317162][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.323519][T12420] [ 609.325851][T12420] Uninit was stored to memory at: [ 609.333878][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.339617][T12420] __msan_chain_origin+0x50/0x90 [ 609.344546][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.349669][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.354596][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.359102][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.363793][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.369863][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.376020][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.381225][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.386087][T12420] do_SYSENTER_32+0x73/0x90 [ 609.390612][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.396945][T12420] [ 609.399452][T12420] Uninit was stored to memory at: [ 609.404511][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.410239][T12420] __msan_chain_origin+0x50/0x90 [ 609.415195][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.420297][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.425241][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.429759][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.434457][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.440545][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.446704][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.451909][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.456751][T12420] do_SYSENTER_32+0x73/0x90 [ 609.461957][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.468277][T12420] [ 609.470610][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 609.477294][T12420] do_recvmmsg+0xbf/0x22c0 [ 609.481720][T12420] do_recvmmsg+0xbf/0x22c0 [ 609.624184][T12420] not chained 160000 origins [ 609.628842][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 609.637531][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 609.647600][T12420] Call Trace: [ 609.650928][T12420] dump_stack+0x21c/0x280 [ 609.655323][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 609.661141][T12420] ? kmsan_get_metadata+0x116/0x180 [ 609.666371][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 609.671965][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 609.678092][T12420] ? _copy_from_user+0x201/0x310 [ 609.683061][T12420] ? kmsan_get_metadata+0x116/0x180 [ 609.688290][T12420] __msan_chain_origin+0x50/0x90 [ 609.693256][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.698422][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.703396][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.707979][T12420] ? kmsan_get_metadata+0x116/0x180 [ 609.713208][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 609.719130][T12420] ? kmsan_get_metadata+0x116/0x180 [ 609.724350][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 609.730010][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 609.735333][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 609.740111][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 609.744899][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.749650][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.755759][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.761938][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.767171][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.772049][T12420] do_SYSENTER_32+0x73/0x90 [ 609.776586][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.782928][T12420] RIP: 0023:0xf7f15549 [ 609.786998][T12420] Code: Bad RIP value. [ 609.791077][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 609.799508][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 609.807495][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 609.815485][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 609.823471][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 609.831462][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 609.839466][T12420] Uninit was stored to memory at: [ 609.844523][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.850274][T12420] __msan_chain_origin+0x50/0x90 [ 609.855241][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.865617][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.870606][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.875136][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.879857][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.886825][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.893034][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.898268][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.903146][T12420] do_SYSENTER_32+0x73/0x90 [ 609.907710][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.914040][T12420] [ 609.916383][T12420] Uninit was stored to memory at: [ 609.921432][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.927171][T12420] __msan_chain_origin+0x50/0x90 [ 609.932142][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 609.937274][T12420] get_compat_msghdr+0x108/0x2b0 [ 609.942234][T12420] do_recvmmsg+0xdbb/0x22c0 [ 609.946777][T12420] __sys_recvmmsg+0x5dd/0x610 [ 609.951478][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 609.958006][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 609.964898][T12420] __do_fast_syscall_32+0x2af/0x480 [ 609.970117][T12420] do_fast_syscall_32+0x6b/0xd0 [ 609.974987][T12420] do_SYSENTER_32+0x73/0x90 [ 609.979510][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 609.985865][T12420] [ 609.988177][T12420] Uninit was stored to memory at: [ 609.993229][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 609.998939][T12420] __msan_chain_origin+0x50/0x90 [ 610.003875][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.009003][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.014674][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.019167][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.023877][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.029954][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.036146][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.041347][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.046196][T12420] do_SYSENTER_32+0x73/0x90 [ 610.050702][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.057012][T12420] [ 610.059696][T12420] Uninit was stored to memory at: [ 610.064711][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 610.070417][T12420] __msan_chain_origin+0x50/0x90 [ 610.075341][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.081559][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.086496][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.091025][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.095730][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.101822][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.107971][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.113286][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.118170][T12420] do_SYSENTER_32+0x73/0x90 [ 610.122769][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.129081][T12420] [ 610.131411][T12420] Uninit was stored to memory at: [ 610.136445][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 610.142190][T12420] __msan_chain_origin+0x50/0x90 [ 610.147121][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.153177][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.158118][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.163937][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.169315][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.175372][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.181533][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.186737][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.191609][T12420] do_SYSENTER_32+0x73/0x90 [ 610.196141][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.202492][T12420] [ 610.204836][T12420] Uninit was stored to memory at: [ 610.209856][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 610.215570][T12420] __msan_chain_origin+0x50/0x90 [ 610.220506][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.225606][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.230549][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.235052][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.239746][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.245827][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.251993][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.257196][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.262047][T12420] do_SYSENTER_32+0x73/0x90 [ 610.266563][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.272891][T12420] [ 610.276165][T12420] Uninit was stored to memory at: [ 610.281196][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 610.287358][T12420] __msan_chain_origin+0x50/0x90 [ 610.292402][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.297517][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.302459][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.306989][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.311689][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.317796][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.323971][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.329163][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.334002][T12420] do_SYSENTER_32+0x73/0x90 [ 610.338509][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.344826][T12420] [ 610.347140][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 610.353818][T12420] do_recvmmsg+0xbf/0x22c0 [ 610.358231][T12420] do_recvmmsg+0xbf/0x22c0 [ 610.553712][T12420] not chained 170000 origins [ 610.558366][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 610.567043][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 610.577104][T12420] Call Trace: [ 610.580392][T12420] dump_stack+0x21c/0x280 [ 610.584723][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 610.590459][T12420] ? kmsan_get_metadata+0x116/0x180 [ 610.595650][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 610.601205][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 610.607285][T12420] ? _copy_from_user+0x201/0x310 [ 610.612245][T12420] ? kmsan_get_metadata+0x116/0x180 [ 610.617450][T12420] __msan_chain_origin+0x50/0x90 [ 610.622384][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.627527][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.632479][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.637040][T12420] ? kmsan_get_metadata+0x116/0x180 [ 610.642269][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 610.648179][T12420] ? kmsan_get_metadata+0x116/0x180 [ 610.653419][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 610.659060][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 610.664336][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 610.669094][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 610.673869][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.678572][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.684662][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.690840][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.696070][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.700952][T12420] do_SYSENTER_32+0x73/0x90 [ 610.705452][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.711774][T12420] RIP: 0023:0xf7f15549 [ 610.715826][T12420] Code: Bad RIP value. [ 610.719896][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 610.729160][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 610.737145][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 610.745109][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 610.753086][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 610.761067][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 610.769057][T12420] Uninit was stored to memory at: [ 610.774091][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 610.779806][T12420] __msan_chain_origin+0x50/0x90 [ 610.784756][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.789878][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.795079][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.799578][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.804265][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.810324][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.816486][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.821673][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.826523][T12420] do_SYSENTER_32+0x73/0x90 [ 610.831033][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.837364][T12420] [ 610.839709][T12420] Uninit was stored to memory at: [ 610.845369][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 610.851095][T12420] __msan_chain_origin+0x50/0x90 [ 610.856041][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.861172][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.866131][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.870643][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.875326][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.881387][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.887567][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.892789][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.897645][T12420] do_SYSENTER_32+0x73/0x90 [ 610.902152][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.908460][T12420] [ 610.910798][T12420] Uninit was stored to memory at: [ 610.915837][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 610.922260][T12420] __msan_chain_origin+0x50/0x90 [ 610.927220][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 610.932337][T12420] get_compat_msghdr+0x108/0x2b0 [ 610.937268][T12420] do_recvmmsg+0xdbb/0x22c0 [ 610.941772][T12420] __sys_recvmmsg+0x5dd/0x610 [ 610.946459][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 610.952530][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 610.958673][T12420] __do_fast_syscall_32+0x2af/0x480 [ 610.963861][T12420] do_fast_syscall_32+0x6b/0xd0 [ 610.968716][T12420] do_SYSENTER_32+0x73/0x90 [ 610.973271][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 610.979588][T12420] [ 610.981913][T12420] Uninit was stored to memory at: [ 610.986945][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 610.992668][T12420] __msan_chain_origin+0x50/0x90 [ 610.997612][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.002996][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.007938][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.012441][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.017108][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.023163][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.029310][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.034505][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.039345][T12420] do_SYSENTER_32+0x73/0x90 [ 611.043843][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.050147][T12420] [ 611.052458][T12420] Uninit was stored to memory at: [ 611.057473][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 611.063177][T12420] __msan_chain_origin+0x50/0x90 [ 611.068114][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.073224][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.078158][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.082682][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.087366][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.093438][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.100207][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.105402][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.110268][T12420] do_SYSENTER_32+0x73/0x90 [ 611.114760][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.121062][T12420] [ 611.123371][T12420] Uninit was stored to memory at: [ 611.128408][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 611.134130][T12420] __msan_chain_origin+0x50/0x90 [ 611.139064][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.144173][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.149110][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.153618][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.158297][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.164352][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.170497][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.175701][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.181496][T12420] do_SYSENTER_32+0x73/0x90 [ 611.186001][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.192330][T12420] [ 611.194679][T12420] Uninit was stored to memory at: [ 611.199704][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 611.205429][T12420] __msan_chain_origin+0x50/0x90 [ 611.210376][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.215476][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.220405][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.225855][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.230540][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.236597][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.242753][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.247954][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.252810][T12420] do_SYSENTER_32+0x73/0x90 [ 611.257306][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.263608][T12420] [ 611.265939][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 611.272638][T12420] do_recvmmsg+0xbf/0x22c0 [ 611.277047][T12420] do_recvmmsg+0xbf/0x22c0 [ 611.465176][T12420] not chained 180000 origins [ 611.469830][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 611.478539][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 611.488608][T12420] Call Trace: [ 611.491929][T12420] dump_stack+0x21c/0x280 [ 611.496291][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 611.502093][T12420] ? kmsan_get_metadata+0x116/0x180 [ 611.507319][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 611.512897][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 611.519044][T12420] ? _copy_from_user+0x201/0x310 [ 611.524017][T12420] ? kmsan_get_metadata+0x116/0x180 [ 611.529256][T12420] __msan_chain_origin+0x50/0x90 [ 611.534230][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.539400][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.544411][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.549066][T12420] ? kmsan_get_metadata+0x116/0x180 [ 611.554301][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 611.560227][T12420] ? kmsan_get_metadata+0x116/0x180 [ 611.565465][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 611.571137][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 611.576453][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 611.581239][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 611.587098][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.591883][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.597996][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.604180][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.609427][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.614311][T12420] do_SYSENTER_32+0x73/0x90 [ 611.618850][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.625199][T12420] RIP: 0023:0xf7f15549 [ 611.629273][T12420] Code: Bad RIP value. [ 611.633357][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 611.642488][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 611.658673][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 611.666756][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 611.674773][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 611.682797][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 611.690812][T12420] Uninit was stored to memory at: [ 611.695871][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 611.701622][T12420] __msan_chain_origin+0x50/0x90 [ 611.706590][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.711725][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.716690][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.721210][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.725930][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.732629][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.738829][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.745022][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.749899][T12420] do_SYSENTER_32+0x73/0x90 [ 611.754426][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.760758][T12420] [ 611.763092][T12420] Uninit was stored to memory at: [ 611.768249][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 611.773991][T12420] __msan_chain_origin+0x50/0x90 [ 611.778952][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.784084][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.789039][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.793536][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.798823][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.804889][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.811078][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.816301][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.821175][T12420] do_SYSENTER_32+0x73/0x90 [ 611.825702][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.832033][T12420] [ 611.834372][T12420] Uninit was stored to memory at: [ 611.839406][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 611.845126][T12420] __msan_chain_origin+0x50/0x90 [ 611.851036][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.856181][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.861142][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.865636][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.870308][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.876400][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.882603][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.887834][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.892691][T12420] do_SYSENTER_32+0x73/0x90 [ 611.897206][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.903526][T12420] [ 611.905841][T12420] Uninit was stored to memory at: [ 611.910873][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 611.916602][T12420] __msan_chain_origin+0x50/0x90 [ 611.921550][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.926672][T12420] get_compat_msghdr+0x108/0x2b0 [ 611.931617][T12420] do_recvmmsg+0xdbb/0x22c0 [ 611.936128][T12420] __sys_recvmmsg+0x5dd/0x610 [ 611.940829][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 611.946904][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 611.953080][T12420] __do_fast_syscall_32+0x2af/0x480 [ 611.958298][T12420] do_fast_syscall_32+0x6b/0xd0 [ 611.963177][T12420] do_SYSENTER_32+0x73/0x90 [ 611.967696][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 611.974002][T12420] [ 611.976325][T12420] Uninit was stored to memory at: [ 611.981374][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 611.987092][T12420] __msan_chain_origin+0x50/0x90 [ 611.992026][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 611.997159][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.002104][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.006611][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.011366][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.017466][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.024589][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.029786][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.034635][T12420] do_SYSENTER_32+0x73/0x90 [ 612.039154][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.045463][T12420] [ 612.047796][T12420] Uninit was stored to memory at: [ 612.052817][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 612.058553][T12420] __msan_chain_origin+0x50/0x90 [ 612.063498][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.068617][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.073561][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.078070][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.082772][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.088830][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.094974][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.100184][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.105051][T12420] do_SYSENTER_32+0x73/0x90 [ 612.109564][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.115872][T12420] [ 612.118195][T12420] Uninit was stored to memory at: [ 612.123332][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 612.129052][T12420] __msan_chain_origin+0x50/0x90 [ 612.134003][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.139159][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.144123][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.148637][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.153323][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.159398][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.165558][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.170748][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.175589][T12420] do_SYSENTER_32+0x73/0x90 [ 612.180100][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.186431][T12420] [ 612.188776][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 612.195441][T12420] do_recvmmsg+0xbf/0x22c0 [ 612.199862][T12420] do_recvmmsg+0xbf/0x22c0 [ 612.382822][T12420] not chained 190000 origins [ 612.387468][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 612.396150][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 612.406236][T12420] Call Trace: [ 612.409578][T12420] dump_stack+0x21c/0x280 [ 612.413963][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 612.419743][T12420] ? kmsan_get_metadata+0x116/0x180 [ 612.424966][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 612.430590][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 612.436720][T12420] ? _copy_from_user+0x201/0x310 [ 612.441682][T12420] ? kmsan_get_metadata+0x116/0x180 [ 612.448036][T12420] __msan_chain_origin+0x50/0x90 [ 612.453006][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.458170][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.463168][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.467730][T12420] ? kmsan_get_metadata+0x116/0x180 [ 612.472984][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 612.478906][T12420] ? kmsan_get_metadata+0x116/0x180 [ 612.484124][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 612.489778][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 612.495068][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 612.499826][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 612.504603][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.509316][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.515731][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.522007][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.527218][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.532119][T12420] do_SYSENTER_32+0x73/0x90 [ 612.536649][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.542996][T12420] RIP: 0023:0xf7f15549 [ 612.547049][T12420] Code: Bad RIP value. [ 612.551105][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 612.559512][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 612.567481][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 612.575461][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 612.583442][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 612.591423][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 612.599402][T12420] Uninit was stored to memory at: [ 612.604470][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 612.610194][T12420] __msan_chain_origin+0x50/0x90 [ 612.615177][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.620306][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.625348][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.630551][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.635247][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.641317][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.647488][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.653672][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.658558][T12420] do_SYSENTER_32+0x73/0x90 [ 612.663084][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.669407][T12420] [ 612.672156][T12420] Uninit was stored to memory at: [ 612.677212][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 612.683034][T12420] __msan_chain_origin+0x50/0x90 [ 612.687981][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.693090][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.698037][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.702547][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.707232][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.713305][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.719455][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.724662][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.729520][T12420] do_SYSENTER_32+0x73/0x90 [ 612.734047][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.740353][T12420] [ 612.742680][T12420] Uninit was stored to memory at: [ 612.747726][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 612.753447][T12420] __msan_chain_origin+0x50/0x90 [ 612.758392][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.763509][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.768436][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.773031][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.777728][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.783802][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.789971][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.795159][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.800002][T12420] do_SYSENTER_32+0x73/0x90 [ 612.804492][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.810817][T12420] [ 612.813305][T12420] Uninit was stored to memory at: [ 612.818338][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 612.824080][T12420] __msan_chain_origin+0x50/0x90 [ 612.829023][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.834146][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.839097][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.844138][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.848828][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.854902][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.861047][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.866268][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.871145][T12420] do_SYSENTER_32+0x73/0x90 [ 612.875659][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.882053][T12420] [ 612.884379][T12420] Uninit was stored to memory at: [ 612.889415][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 612.895125][T12420] __msan_chain_origin+0x50/0x90 [ 612.900061][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.905868][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.910829][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.915325][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.920274][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.926396][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 612.932587][T12420] __do_fast_syscall_32+0x2af/0x480 [ 612.937794][T12420] do_fast_syscall_32+0x6b/0xd0 [ 612.942658][T12420] do_SYSENTER_32+0x73/0x90 [ 612.947198][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 612.953537][T12420] [ 612.955850][T12420] Uninit was stored to memory at: [ 612.960869][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 612.966593][T12420] __msan_chain_origin+0x50/0x90 [ 612.971564][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 612.976686][T12420] get_compat_msghdr+0x108/0x2b0 [ 612.981668][T12420] do_recvmmsg+0xdbb/0x22c0 [ 612.986173][T12420] __sys_recvmmsg+0x5dd/0x610 [ 612.990871][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 612.996973][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.003138][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.008329][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.013167][T12420] do_SYSENTER_32+0x73/0x90 [ 613.017674][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.023997][T12420] [ 613.026316][T12420] Uninit was stored to memory at: [ 613.031350][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 613.037090][T12420] __msan_chain_origin+0x50/0x90 [ 613.042039][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.047159][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.052100][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.056611][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.061304][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.067389][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.073565][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.078761][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.083600][T12420] do_SYSENTER_32+0x73/0x90 [ 613.088115][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.094441][T12420] [ 613.096765][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 613.103462][T12420] do_recvmmsg+0xbf/0x22c0 [ 613.107883][T12420] do_recvmmsg+0xbf/0x22c0 [ 613.300893][T12420] not chained 200000 origins [ 613.305548][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 613.314229][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 613.324345][T12420] Call Trace: [ 613.327670][T12420] dump_stack+0x21c/0x280 [ 613.332029][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 613.337807][T12420] ? kmsan_get_metadata+0x116/0x180 [ 613.343029][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 613.348863][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 613.354966][T12420] ? _copy_from_user+0x201/0x310 [ 613.359926][T12420] ? kmsan_get_metadata+0x116/0x180 [ 613.365143][T12420] __msan_chain_origin+0x50/0x90 [ 613.370105][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.375291][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.380271][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.384822][T12420] ? kmsan_get_metadata+0x116/0x180 [ 613.390048][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 613.395989][T12420] ? kmsan_get_metadata+0x116/0x180 [ 613.401213][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 613.406874][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 613.412182][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 613.416963][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 613.421749][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.426497][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.432605][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.438789][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.444025][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.448885][T12420] do_SYSENTER_32+0x73/0x90 [ 613.453382][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.459705][T12420] RIP: 0023:0xf7f15549 [ 613.463753][T12420] Code: Bad RIP value. [ 613.467858][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 613.476285][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 613.484287][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 613.492272][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 613.500256][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 613.508234][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 613.516208][T12420] Uninit was stored to memory at: [ 613.521237][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 613.526945][T12420] __msan_chain_origin+0x50/0x90 [ 613.531870][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.536966][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.541899][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.547517][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.552177][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.558232][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.564389][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.569575][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.574410][T12420] do_SYSENTER_32+0x73/0x90 [ 613.578899][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.585212][T12420] [ 613.587523][T12420] Uninit was stored to memory at: [ 613.592558][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 613.598283][T12420] __msan_chain_origin+0x50/0x90 [ 613.603210][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.608323][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.613264][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.617754][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.622424][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.628490][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.634628][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.639819][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.644664][T12420] do_SYSENTER_32+0x73/0x90 [ 613.649156][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.655482][T12420] [ 613.657796][T12420] Uninit was stored to memory at: [ 613.662821][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 613.668573][T12420] __msan_chain_origin+0x50/0x90 [ 613.673509][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.678607][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.683526][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.688029][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.692953][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.699007][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.705162][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.710350][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.715192][T12420] do_SYSENTER_32+0x73/0x90 [ 613.719700][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.726024][T12420] [ 613.728364][T12420] Uninit was stored to memory at: [ 613.733387][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 613.739109][T12420] __msan_chain_origin+0x50/0x90 [ 613.744033][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.749141][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.754061][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.758559][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.763227][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.769293][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.775448][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.780636][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.785482][T12420] do_SYSENTER_32+0x73/0x90 [ 613.789973][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.796281][T12420] [ 613.798604][T12420] Uninit was stored to memory at: [ 613.803619][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 613.809348][T12420] __msan_chain_origin+0x50/0x90 [ 613.814274][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.819376][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.824307][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.828809][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.833502][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.839569][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.845719][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.850924][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.855767][T12420] do_SYSENTER_32+0x73/0x90 [ 613.860269][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.866570][T12420] [ 613.868879][T12420] Uninit was stored to memory at: [ 613.873891][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 613.879598][T12420] __msan_chain_origin+0x50/0x90 [ 613.884523][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.889631][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.894747][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.899233][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.903896][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.909950][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.916209][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.921405][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.926253][T12420] do_SYSENTER_32+0x73/0x90 [ 613.930757][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 613.937064][T12420] [ 613.939405][T12420] Uninit was stored to memory at: [ 613.944435][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 613.950140][T12420] __msan_chain_origin+0x50/0x90 [ 613.955094][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 613.960202][T12420] get_compat_msghdr+0x108/0x2b0 [ 613.965150][T12420] do_recvmmsg+0xdbb/0x22c0 [ 613.969647][T12420] __sys_recvmmsg+0x5dd/0x610 [ 613.974326][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 613.980378][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 613.986535][T12420] __do_fast_syscall_32+0x2af/0x480 [ 613.991717][T12420] do_fast_syscall_32+0x6b/0xd0 [ 613.996557][T12420] do_SYSENTER_32+0x73/0x90 [ 614.001049][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.007353][T12420] [ 614.009659][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 614.016328][T12420] do_recvmmsg+0xbf/0x22c0 [ 614.020740][T12420] do_recvmmsg+0xbf/0x22c0 [ 614.221838][T12420] not chained 210000 origins [ 614.226492][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 614.235172][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 614.245236][T12420] Call Trace: [ 614.248556][T12420] dump_stack+0x21c/0x280 [ 614.252918][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 614.258697][T12420] ? kmsan_get_metadata+0x116/0x180 [ 614.263919][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 614.269491][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 614.275584][T12420] ? _copy_from_user+0x201/0x310 [ 614.280577][T12420] ? kmsan_get_metadata+0x116/0x180 [ 614.285808][T12420] __msan_chain_origin+0x50/0x90 [ 614.290778][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 614.295934][T12420] get_compat_msghdr+0x108/0x2b0 [ 614.300907][T12420] do_recvmmsg+0xdbb/0x22c0 [ 614.305468][T12420] ? kmsan_get_metadata+0x116/0x180 [ 614.310694][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 614.316612][T12420] ? kmsan_get_metadata+0x116/0x180 [ 614.321831][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 614.327488][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 614.332816][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 614.337593][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 614.342379][T12420] __sys_recvmmsg+0x5dd/0x610 [ 614.347103][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.353201][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.359378][T12420] __do_fast_syscall_32+0x2af/0x480 [ 614.364611][T12420] do_fast_syscall_32+0x6b/0xd0 [ 614.370098][T12420] do_SYSENTER_32+0x73/0x90 [ 614.374628][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.381038][T12420] RIP: 0023:0xf7f15549 [ 614.385107][T12420] Code: Bad RIP value. [ 614.389186][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 614.397658][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 614.405639][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 614.413621][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 614.421602][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 614.429561][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 614.437545][T12420] Uninit was stored to memory at: [ 614.442581][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 614.448293][T12420] __msan_chain_origin+0x50/0x90 [ 614.453220][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 614.458346][T12420] get_compat_msghdr+0x108/0x2b0 [ 614.463276][T12420] do_recvmmsg+0xdbb/0x22c0 [ 614.467774][T12420] __sys_recvmmsg+0x5dd/0x610 [ 614.472446][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.478511][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.484657][T12420] __do_fast_syscall_32+0x2af/0x480 [ 614.489870][T12420] do_fast_syscall_32+0x6b/0xd0 [ 614.494735][T12420] do_SYSENTER_32+0x73/0x90 [ 614.499265][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.505570][T12420] [ 614.507887][T12420] Uninit was stored to memory at: [ 614.512907][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 614.518640][T12420] __msan_chain_origin+0x50/0x90 [ 614.523598][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 614.528728][T12420] get_compat_msghdr+0x108/0x2b0 [ 614.533677][T12420] do_recvmmsg+0xdbb/0x22c0 [ 614.538167][T12420] __sys_recvmmsg+0x5dd/0x610 [ 614.542886][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.548958][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.555140][T12420] __do_fast_syscall_32+0x2af/0x480 [ 614.560330][T12420] do_fast_syscall_32+0x6b/0xd0 [ 614.565216][T12420] do_SYSENTER_32+0x73/0x90 [ 614.569710][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.576016][T12420] [ 614.578376][T12420] Uninit was stored to memory at: [ 614.583387][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 614.589108][T12420] __msan_chain_origin+0x50/0x90 [ 614.594049][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 614.599164][T12420] get_compat_msghdr+0x108/0x2b0 [ 614.604131][T12420] do_recvmmsg+0xdbb/0x22c0 [ 614.608632][T12420] __sys_recvmmsg+0x5dd/0x610 [ 614.613332][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.619405][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.625559][T12420] __do_fast_syscall_32+0x2af/0x480 [ 614.630771][T12420] do_fast_syscall_32+0x6b/0xd0 [ 614.635610][T12420] do_SYSENTER_32+0x73/0x90 [ 614.640118][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.646429][T12420] [ 614.648769][T12420] Uninit was stored to memory at: [ 614.653808][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 614.659557][T12420] __msan_chain_origin+0x50/0x90 [ 614.664495][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 614.669642][T12420] get_compat_msghdr+0x108/0x2b0 [ 614.674572][T12420] do_recvmmsg+0xdbb/0x22c0 [ 614.679064][T12420] __sys_recvmmsg+0x5dd/0x610 [ 614.683749][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.689808][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.695978][T12420] __do_fast_syscall_32+0x2af/0x480 [ 614.701205][T12420] do_fast_syscall_32+0x6b/0xd0 [ 614.706072][T12420] do_SYSENTER_32+0x73/0x90 [ 614.710615][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.716943][T12420] [ 614.719266][T12420] Uninit was stored to memory at: [ 614.724284][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 614.730014][T12420] __msan_chain_origin+0x50/0x90 [ 614.734939][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 614.740048][T12420] get_compat_msghdr+0x108/0x2b0 [ 614.744972][T12420] do_recvmmsg+0xdbb/0x22c0 [ 614.749462][T12420] __sys_recvmmsg+0x5dd/0x610 [ 614.754191][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.760265][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.766423][T12420] __do_fast_syscall_32+0x2af/0x480 [ 614.771632][T12420] do_fast_syscall_32+0x6b/0xd0 [ 614.776489][T12420] do_SYSENTER_32+0x73/0x90 [ 614.781002][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.787318][T12420] [ 614.789652][T12420] Uninit was stored to memory at: [ 614.794691][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 614.800408][T12420] __msan_chain_origin+0x50/0x90 [ 614.805358][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 614.810485][T12420] get_compat_msghdr+0x108/0x2b0 [ 614.815434][T12420] do_recvmmsg+0xdbb/0x22c0 [ 614.819951][T12420] __sys_recvmmsg+0x5dd/0x610 [ 614.824642][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.830703][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.836871][T12420] __do_fast_syscall_32+0x2af/0x480 [ 614.842076][T12420] do_fast_syscall_32+0x6b/0xd0 [ 614.846944][T12420] do_SYSENTER_32+0x73/0x90 [ 614.851484][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.857808][T12420] [ 614.860126][T12420] Uninit was stored to memory at: [ 614.865145][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 614.870855][T12420] __msan_chain_origin+0x50/0x90 [ 614.875787][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 614.880895][T12420] get_compat_msghdr+0x108/0x2b0 [ 614.885823][T12420] do_recvmmsg+0xdbb/0x22c0 [ 614.890320][T12420] __sys_recvmmsg+0x5dd/0x610 [ 614.894990][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 614.901055][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 614.907253][T12420] __do_fast_syscall_32+0x2af/0x480 [ 614.912463][T12420] do_fast_syscall_32+0x6b/0xd0 [ 614.917324][T12420] do_SYSENTER_32+0x73/0x90 [ 614.921840][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 614.928155][T12420] [ 614.930496][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 614.937191][T12420] do_recvmmsg+0xbf/0x22c0 [ 614.941611][T12420] do_recvmmsg+0xbf/0x22c0 [ 615.137698][T12420] not chained 220000 origins [ 615.142344][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 615.151025][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 615.161092][T12420] Call Trace: [ 615.164411][T12420] dump_stack+0x21c/0x280 [ 615.168788][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 615.174571][T12420] ? kmsan_get_metadata+0x116/0x180 [ 615.179799][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 615.185373][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 615.191473][T12420] ? _copy_from_user+0x201/0x310 [ 615.196438][T12420] ? kmsan_get_metadata+0x116/0x180 [ 615.201660][T12420] __msan_chain_origin+0x50/0x90 [ 615.206628][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 615.211803][T12420] get_compat_msghdr+0x108/0x2b0 [ 615.216773][T12420] do_recvmmsg+0xdbb/0x22c0 [ 615.221328][T12420] ? kmsan_get_metadata+0x116/0x180 [ 615.226559][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 615.232477][T12420] ? kmsan_get_metadata+0x116/0x180 [ 615.237758][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 615.243415][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 615.248724][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 615.253508][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 615.258302][T12420] __sys_recvmmsg+0x5dd/0x610 [ 615.263028][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.269133][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.275311][T12420] __do_fast_syscall_32+0x2af/0x480 [ 615.280543][T12420] do_fast_syscall_32+0x6b/0xd0 [ 615.285402][T12420] do_SYSENTER_32+0x73/0x90 [ 615.289900][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.296254][T12420] RIP: 0023:0xf7f15549 [ 615.300316][T12420] Code: Bad RIP value. [ 615.304365][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 615.312767][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 615.320745][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 615.328717][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 615.336700][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 615.344682][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 615.352696][T12420] Uninit was stored to memory at: [ 615.357748][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 615.363496][T12420] __msan_chain_origin+0x50/0x90 [ 615.368455][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 615.373595][T12420] get_compat_msghdr+0x108/0x2b0 [ 615.378545][T12420] do_recvmmsg+0xdbb/0x22c0 [ 615.383057][T12420] __sys_recvmmsg+0x5dd/0x610 [ 615.387739][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.393805][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.399975][T12420] __do_fast_syscall_32+0x2af/0x480 [ 615.405198][T12420] do_fast_syscall_32+0x6b/0xd0 [ 615.410159][T12420] do_SYSENTER_32+0x73/0x90 [ 615.414654][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.420979][T12420] [ 615.423305][T12420] Uninit was stored to memory at: [ 615.428352][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 615.434066][T12420] __msan_chain_origin+0x50/0x90 [ 615.439013][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 615.444143][T12420] get_compat_msghdr+0x108/0x2b0 [ 615.449075][T12420] do_recvmmsg+0xdbb/0x22c0 [ 615.453585][T12420] __sys_recvmmsg+0x5dd/0x610 [ 615.458279][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.464371][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.470528][T12420] __do_fast_syscall_32+0x2af/0x480 [ 615.475732][T12420] do_fast_syscall_32+0x6b/0xd0 [ 615.480598][T12420] do_SYSENTER_32+0x73/0x90 [ 615.485171][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.491477][T12420] [ 615.493790][T12420] Uninit was stored to memory at: [ 615.498875][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 615.504612][T12420] __msan_chain_origin+0x50/0x90 [ 615.509577][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 615.514696][T12420] get_compat_msghdr+0x108/0x2b0 [ 615.519638][T12420] do_recvmmsg+0xdbb/0x22c0 [ 615.524136][T12420] __sys_recvmmsg+0x5dd/0x610 [ 615.528814][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.534866][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.541020][T12420] __do_fast_syscall_32+0x2af/0x480 [ 615.546244][T12420] do_fast_syscall_32+0x6b/0xd0 [ 615.551102][T12420] do_SYSENTER_32+0x73/0x90 [ 615.555606][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.561917][T12420] [ 615.564251][T12420] Uninit was stored to memory at: [ 615.569297][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 615.575019][T12420] __msan_chain_origin+0x50/0x90 [ 615.579966][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 615.585061][T12420] get_compat_msghdr+0x108/0x2b0 [ 615.589999][T12420] do_recvmmsg+0xdbb/0x22c0 [ 615.594503][T12420] __sys_recvmmsg+0x5dd/0x610 [ 615.599169][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.606202][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.612367][T12420] __do_fast_syscall_32+0x2af/0x480 [ 615.617601][T12420] do_fast_syscall_32+0x6b/0xd0 [ 615.622442][T12420] do_SYSENTER_32+0x73/0x90 [ 615.626950][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.633271][T12420] [ 615.635621][T12420] Uninit was stored to memory at: [ 615.640638][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 615.646365][T12420] __msan_chain_origin+0x50/0x90 [ 615.651314][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 615.656423][T12420] get_compat_msghdr+0x108/0x2b0 [ 615.661349][T12420] do_recvmmsg+0xdbb/0x22c0 [ 615.665844][T12420] __sys_recvmmsg+0x5dd/0x610 [ 615.670516][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.676579][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.682742][T12420] __do_fast_syscall_32+0x2af/0x480 [ 615.687947][T12420] do_fast_syscall_32+0x6b/0xd0 [ 615.692805][T12420] do_SYSENTER_32+0x73/0x90 [ 615.697314][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.703634][T12420] [ 615.705956][T12420] Uninit was stored to memory at: [ 615.710992][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 615.716705][T12420] __msan_chain_origin+0x50/0x90 [ 615.721631][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 615.726749][T12420] get_compat_msghdr+0x108/0x2b0 [ 615.731702][T12420] do_recvmmsg+0xdbb/0x22c0 [ 615.736215][T12420] __sys_recvmmsg+0x5dd/0x610 [ 615.740892][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.746973][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.753136][T12420] __do_fast_syscall_32+0x2af/0x480 [ 615.758341][T12420] do_fast_syscall_32+0x6b/0xd0 [ 615.763180][T12420] do_SYSENTER_32+0x73/0x90 [ 615.767693][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.774030][T12420] [ 615.776352][T12420] Uninit was stored to memory at: [ 615.781370][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 615.787102][T12420] __msan_chain_origin+0x50/0x90 [ 615.792090][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 615.797246][T12420] get_compat_msghdr+0x108/0x2b0 [ 615.802192][T12420] do_recvmmsg+0xdbb/0x22c0 [ 615.806732][T12420] __sys_recvmmsg+0x5dd/0x610 [ 615.811436][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 615.817538][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 615.823791][T12420] __do_fast_syscall_32+0x2af/0x480 [ 615.829003][T12420] do_fast_syscall_32+0x6b/0xd0 [ 615.833867][T12420] do_SYSENTER_32+0x73/0x90 [ 615.838368][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 615.844675][T12420] [ 615.846999][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 615.853772][T12420] do_recvmmsg+0xbf/0x22c0 [ 615.858183][T12420] do_recvmmsg+0xbf/0x22c0 [ 616.028365][T12420] not chained 230000 origins [ 616.033025][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 616.041718][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 616.051787][T12420] Call Trace: [ 616.055109][T12420] dump_stack+0x21c/0x280 [ 616.059482][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 616.065265][T12420] ? kmsan_get_metadata+0x116/0x180 [ 616.070487][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 616.076087][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 616.082197][T12420] ? _copy_from_user+0x201/0x310 [ 616.087185][T12420] ? kmsan_get_metadata+0x116/0x180 [ 616.092494][T12420] __msan_chain_origin+0x50/0x90 [ 616.097463][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 616.102626][T12420] get_compat_msghdr+0x108/0x2b0 [ 616.107604][T12420] do_recvmmsg+0xdbb/0x22c0 [ 616.112160][T12420] ? kmsan_get_metadata+0x116/0x180 [ 616.117409][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 616.123328][T12420] ? kmsan_get_metadata+0x116/0x180 [ 616.128548][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 616.134201][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 616.139512][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 616.144294][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 616.149093][T12420] __sys_recvmmsg+0x5dd/0x610 [ 616.153816][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.159943][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.166141][T12420] __do_fast_syscall_32+0x2af/0x480 [ 616.171371][T12420] do_fast_syscall_32+0x6b/0xd0 [ 616.176247][T12420] do_SYSENTER_32+0x73/0x90 [ 616.180777][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.187150][T12420] RIP: 0023:0xf7f15549 [ 616.191218][T12420] Code: Bad RIP value. [ 616.195293][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 616.204072][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 616.212064][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 616.220048][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 616.228037][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 616.236027][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 616.244060][T12420] Uninit was stored to memory at: [ 616.249112][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 616.254849][T12420] __msan_chain_origin+0x50/0x90 [ 616.259807][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 616.264959][T12420] get_compat_msghdr+0x108/0x2b0 [ 616.269929][T12420] do_recvmmsg+0xdbb/0x22c0 [ 616.274418][T12420] __sys_recvmmsg+0x5dd/0x610 [ 616.279097][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.285161][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.291314][T12420] __do_fast_syscall_32+0x2af/0x480 [ 616.296511][T12420] do_fast_syscall_32+0x6b/0xd0 [ 616.301375][T12420] do_SYSENTER_32+0x73/0x90 [ 616.305865][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.312164][T12420] [ 616.314475][T12420] Uninit was stored to memory at: [ 616.319490][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 616.325207][T12420] __msan_chain_origin+0x50/0x90 [ 616.330136][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 616.335229][T12420] get_compat_msghdr+0x108/0x2b0 [ 616.340161][T12420] do_recvmmsg+0xdbb/0x22c0 [ 616.344647][T12420] __sys_recvmmsg+0x5dd/0x610 [ 616.349313][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.355379][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.361646][T12420] __do_fast_syscall_32+0x2af/0x480 [ 616.366866][T12420] do_fast_syscall_32+0x6b/0xd0 [ 616.371707][T12420] do_SYSENTER_32+0x73/0x90 [ 616.376211][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.382541][T12420] [ 616.384852][T12420] Uninit was stored to memory at: [ 616.389903][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 616.395610][T12420] __msan_chain_origin+0x50/0x90 [ 616.400554][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 616.405668][T12420] get_compat_msghdr+0x108/0x2b0 [ 616.410610][T12420] do_recvmmsg+0xdbb/0x22c0 [ 616.415096][T12420] __sys_recvmmsg+0x5dd/0x610 [ 616.419763][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.425832][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.433810][T12420] __do_fast_syscall_32+0x2af/0x480 [ 616.439034][T12420] do_fast_syscall_32+0x6b/0xd0 [ 616.443896][T12420] do_SYSENTER_32+0x73/0x90 [ 616.448391][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.454793][T12420] [ 616.457110][T12420] Uninit was stored to memory at: [ 616.462141][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 616.467865][T12420] __msan_chain_origin+0x50/0x90 [ 616.472830][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 616.477946][T12420] get_compat_msghdr+0x108/0x2b0 [ 616.482890][T12420] do_recvmmsg+0xdbb/0x22c0 [ 616.487385][T12420] __sys_recvmmsg+0x5dd/0x610 [ 616.492071][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.498161][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.504332][T12420] __do_fast_syscall_32+0x2af/0x480 [ 616.509523][T12420] do_fast_syscall_32+0x6b/0xd0 [ 616.514379][T12420] do_SYSENTER_32+0x73/0x90 [ 616.518886][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.525212][T12420] [ 616.527548][T12420] Uninit was stored to memory at: [ 616.532568][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 616.538290][T12420] __msan_chain_origin+0x50/0x90 [ 616.543237][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 616.548372][T12420] get_compat_msghdr+0x108/0x2b0 [ 616.553311][T12420] do_recvmmsg+0xdbb/0x22c0 [ 616.557824][T12420] __sys_recvmmsg+0x5dd/0x610 [ 616.562505][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.568575][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.574732][T12420] __do_fast_syscall_32+0x2af/0x480 [ 616.579961][T12420] do_fast_syscall_32+0x6b/0xd0 [ 616.584910][T12420] do_SYSENTER_32+0x73/0x90 [ 616.589406][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.595708][T12420] [ 616.598050][T12420] Uninit was stored to memory at: [ 616.603108][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 616.608860][T12420] __msan_chain_origin+0x50/0x90 [ 616.613804][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 616.618924][T12420] get_compat_msghdr+0x108/0x2b0 [ 616.623851][T12420] do_recvmmsg+0xdbb/0x22c0 [ 616.628360][T12420] __sys_recvmmsg+0x5dd/0x610 [ 616.633045][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.639114][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.645268][T12420] __do_fast_syscall_32+0x2af/0x480 [ 616.650462][T12420] do_fast_syscall_32+0x6b/0xd0 [ 616.655302][T12420] do_SYSENTER_32+0x73/0x90 [ 616.659794][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.666131][T12420] [ 616.668469][T12420] Uninit was stored to memory at: [ 616.673502][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 616.679211][T12420] __msan_chain_origin+0x50/0x90 [ 616.684153][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 616.689270][T12420] get_compat_msghdr+0x108/0x2b0 [ 616.694224][T12420] do_recvmmsg+0xdbb/0x22c0 [ 616.698783][T12420] __sys_recvmmsg+0x5dd/0x610 [ 616.703446][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 616.709511][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 616.715682][T12420] __do_fast_syscall_32+0x2af/0x480 [ 616.720877][T12420] do_fast_syscall_32+0x6b/0xd0 [ 616.725731][T12420] do_SYSENTER_32+0x73/0x90 [ 616.730239][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 616.736544][T12420] [ 616.738867][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 616.745541][T12420] do_recvmmsg+0xbf/0x22c0 [ 616.749957][T12420] do_recvmmsg+0xbf/0x22c0 [ 616.981318][T12420] not chained 240000 origins [ 616.985998][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 616.994672][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 617.004720][T12420] Call Trace: [ 617.008014][T12420] dump_stack+0x21c/0x280 [ 617.012346][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 617.018173][T12420] ? kmsan_get_metadata+0x116/0x180 [ 617.023369][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 617.028915][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 617.034981][T12420] ? _copy_from_user+0x201/0x310 [ 617.039915][T12420] ? kmsan_get_metadata+0x116/0x180 [ 617.045107][T12420] __msan_chain_origin+0x50/0x90 [ 617.050061][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.055350][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.060343][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.064870][T12420] ? kmsan_get_metadata+0x116/0x180 [ 617.070090][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 617.076000][T12420] ? kmsan_get_metadata+0x116/0x180 [ 617.081212][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 617.086843][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 617.092128][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 617.096886][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 617.101658][T12420] __sys_recvmmsg+0x5dd/0x610 [ 617.106345][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.112424][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.118609][T12420] __do_fast_syscall_32+0x2af/0x480 [ 617.123810][T12420] do_fast_syscall_32+0x6b/0xd0 [ 617.128693][T12420] do_SYSENTER_32+0x73/0x90 [ 617.133221][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.139552][T12420] RIP: 0023:0xf7f15549 [ 617.143639][T12420] Code: Bad RIP value. [ 617.147688][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 617.156097][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 617.164074][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 617.172036][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 617.180011][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 617.187968][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 617.195945][T12420] Uninit was stored to memory at: [ 617.200977][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 617.206683][T12420] __msan_chain_origin+0x50/0x90 [ 617.211652][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.216762][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.221692][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.226184][T12420] __sys_recvmmsg+0x5dd/0x610 [ 617.230946][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.237004][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.243145][T12420] __do_fast_syscall_32+0x2af/0x480 [ 617.248334][T12420] do_fast_syscall_32+0x6b/0xd0 [ 617.253172][T12420] do_SYSENTER_32+0x73/0x90 [ 617.257676][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.263991][T12420] [ 617.266302][T12420] Uninit was stored to memory at: [ 617.271320][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 617.277032][T12420] __msan_chain_origin+0x50/0x90 [ 617.281975][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.287083][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.292022][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.296864][T12420] __sys_recvmmsg+0x5dd/0x610 [ 617.301545][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.307629][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.313792][T12420] __do_fast_syscall_32+0x2af/0x480 [ 617.318989][T12420] do_fast_syscall_32+0x6b/0xd0 [ 617.323848][T12420] do_SYSENTER_32+0x73/0x90 [ 617.328351][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.334666][T12420] [ 617.336980][T12420] Uninit was stored to memory at: [ 617.341998][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 617.347707][T12420] __msan_chain_origin+0x50/0x90 [ 617.352633][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.357741][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.362679][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.367181][T12420] __sys_recvmmsg+0x5dd/0x610 [ 617.371857][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.377910][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.384047][T12420] __do_fast_syscall_32+0x2af/0x480 [ 617.389237][T12420] do_fast_syscall_32+0x6b/0xd0 [ 617.394074][T12420] do_SYSENTER_32+0x73/0x90 [ 617.398575][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.404894][T12420] [ 617.407247][T12420] Uninit was stored to memory at: [ 617.412298][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 617.418029][T12420] __msan_chain_origin+0x50/0x90 [ 617.422964][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.428076][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.433007][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.437517][T12420] __sys_recvmmsg+0x5dd/0x610 [ 617.442179][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.448286][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.454431][T12420] __do_fast_syscall_32+0x2af/0x480 [ 617.459668][T12420] do_fast_syscall_32+0x6b/0xd0 [ 617.464541][T12420] do_SYSENTER_32+0x73/0x90 [ 617.469034][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.475348][T12420] [ 617.477672][T12420] Uninit was stored to memory at: [ 617.482691][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 617.488399][T12420] __msan_chain_origin+0x50/0x90 [ 617.493327][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.498428][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.503366][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.507864][T12420] __sys_recvmmsg+0x5dd/0x610 [ 617.512557][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.518643][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.524809][T12420] __do_fast_syscall_32+0x2af/0x480 [ 617.530019][T12420] do_fast_syscall_32+0x6b/0xd0 [ 617.534860][T12420] do_SYSENTER_32+0x73/0x90 [ 617.539349][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.545672][T12420] [ 617.547998][T12420] Uninit was stored to memory at: [ 617.553014][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 617.558760][T12420] __msan_chain_origin+0x50/0x90 [ 617.563685][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.568844][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.573785][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.578292][T12420] __sys_recvmmsg+0x5dd/0x610 [ 617.582965][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.589027][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.596151][T12420] __do_fast_syscall_32+0x2af/0x480 [ 617.601348][T12420] do_fast_syscall_32+0x6b/0xd0 [ 617.606204][T12420] do_SYSENTER_32+0x73/0x90 [ 617.610693][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.617010][T12420] [ 617.619330][T12420] Uninit was stored to memory at: [ 617.624343][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 617.630068][T12420] __msan_chain_origin+0x50/0x90 [ 617.635007][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.640118][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.645131][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.649619][T12420] __sys_recvmmsg+0x5dd/0x610 [ 617.654298][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 617.660380][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 617.666572][T12420] __do_fast_syscall_32+0x2af/0x480 [ 617.671762][T12420] do_fast_syscall_32+0x6b/0xd0 [ 617.676617][T12420] do_SYSENTER_32+0x73/0x90 [ 617.681156][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 617.687489][T12420] [ 617.695916][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 617.702591][T12420] do_recvmmsg+0xbf/0x22c0 [ 617.707010][T12420] do_recvmmsg+0xbf/0x22c0 [ 617.901868][T12420] not chained 250000 origins [ 617.906521][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 617.915209][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 617.925315][T12420] Call Trace: [ 617.928647][T12420] dump_stack+0x21c/0x280 [ 617.933021][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 617.938817][T12420] ? kmsan_get_metadata+0x116/0x180 [ 617.944073][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 617.949670][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 617.955780][T12420] ? _copy_from_user+0x201/0x310 [ 617.960760][T12420] ? kmsan_get_metadata+0x116/0x180 [ 617.965992][T12420] __msan_chain_origin+0x50/0x90 [ 617.970959][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 617.976125][T12420] get_compat_msghdr+0x108/0x2b0 [ 617.981109][T12420] do_recvmmsg+0xdbb/0x22c0 [ 617.985691][T12420] ? kmsan_get_metadata+0x116/0x180 [ 617.990932][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 617.996870][T12420] ? kmsan_get_metadata+0x116/0x180 [ 618.002107][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 618.007792][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 618.013106][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 618.018069][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 618.022865][T12420] __sys_recvmmsg+0x5dd/0x610 [ 618.027595][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.033713][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.039908][T12420] __do_fast_syscall_32+0x2af/0x480 [ 618.045162][T12420] do_fast_syscall_32+0x6b/0xd0 [ 618.050053][T12420] do_SYSENTER_32+0x73/0x90 [ 618.054598][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.060972][T12420] RIP: 0023:0xf7f15549 [ 618.065045][T12420] Code: Bad RIP value. [ 618.069120][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 618.077585][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 618.085580][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 618.093573][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 618.101564][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 618.109558][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 618.117565][T12420] Uninit was stored to memory at: [ 618.122611][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 618.128367][T12420] __msan_chain_origin+0x50/0x90 [ 618.133321][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 618.138447][T12420] get_compat_msghdr+0x108/0x2b0 [ 618.143430][T12420] do_recvmmsg+0xdbb/0x22c0 [ 618.147948][T12420] __sys_recvmmsg+0x5dd/0x610 [ 618.152643][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.158726][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.164903][T12420] __do_fast_syscall_32+0x2af/0x480 [ 618.170119][T12420] do_fast_syscall_32+0x6b/0xd0 [ 618.175008][T12420] do_SYSENTER_32+0x73/0x90 [ 618.179528][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.185858][T12420] [ 618.188192][T12420] Uninit was stored to memory at: [ 618.193235][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 618.198970][T12420] __msan_chain_origin+0x50/0x90 [ 618.203943][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 618.209071][T12420] get_compat_msghdr+0x108/0x2b0 [ 618.214024][T12420] do_recvmmsg+0xdbb/0x22c0 [ 618.218540][T12420] __sys_recvmmsg+0x5dd/0x610 [ 618.223241][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.229329][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.235508][T12420] __do_fast_syscall_32+0x2af/0x480 [ 618.241426][T12420] do_fast_syscall_32+0x6b/0xd0 [ 618.246295][T12420] do_SYSENTER_32+0x73/0x90 [ 618.250815][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.257139][T12420] [ 618.259497][T12420] Uninit was stored to memory at: [ 618.264550][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 618.270285][T12420] __msan_chain_origin+0x50/0x90 [ 618.275239][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 618.280389][T12420] get_compat_msghdr+0x108/0x2b0 [ 618.285342][T12420] do_recvmmsg+0xdbb/0x22c0 [ 618.289889][T12420] __sys_recvmmsg+0x5dd/0x610 [ 618.294587][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.300671][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.306865][T12420] __do_fast_syscall_32+0x2af/0x480 [ 618.312080][T12420] do_fast_syscall_32+0x6b/0xd0 [ 618.316949][T12420] do_SYSENTER_32+0x73/0x90 [ 618.321472][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.327798][T12420] [ 618.330134][T12420] Uninit was stored to memory at: [ 618.335179][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 618.340917][T12420] __msan_chain_origin+0x50/0x90 [ 618.345872][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 618.350999][T12420] get_compat_msghdr+0x108/0x2b0 [ 618.355951][T12420] do_recvmmsg+0xdbb/0x22c0 [ 618.360488][T12420] __sys_recvmmsg+0x5dd/0x610 [ 618.365182][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.371264][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.377460][T12420] __do_fast_syscall_32+0x2af/0x480 [ 618.382676][T12420] do_fast_syscall_32+0x6b/0xd0 [ 618.387572][T12420] do_SYSENTER_32+0x73/0x90 [ 618.392092][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.398420][T12420] [ 618.400755][T12420] Uninit was stored to memory at: [ 618.406895][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 618.412628][T12420] __msan_chain_origin+0x50/0x90 [ 618.417605][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 618.422742][T12420] get_compat_msghdr+0x108/0x2b0 [ 618.427693][T12420] do_recvmmsg+0xdbb/0x22c0 [ 618.432207][T12420] __sys_recvmmsg+0x5dd/0x610 [ 618.437006][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.443095][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.449286][T12420] __do_fast_syscall_32+0x2af/0x480 [ 618.454506][T12420] do_fast_syscall_32+0x6b/0xd0 [ 618.459476][T12420] do_SYSENTER_32+0x73/0x90 [ 618.464006][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.470357][T12420] [ 618.472697][T12420] Uninit was stored to memory at: [ 618.477750][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 618.483492][T12420] __msan_chain_origin+0x50/0x90 [ 618.488479][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 618.493633][T12420] get_compat_msghdr+0x108/0x2b0 [ 618.498591][T12420] do_recvmmsg+0xdbb/0x22c0 [ 618.503112][T12420] __sys_recvmmsg+0x5dd/0x610 [ 618.507812][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.513902][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.520079][T12420] __do_fast_syscall_32+0x2af/0x480 [ 618.525570][T12420] do_fast_syscall_32+0x6b/0xd0 [ 618.530444][T12420] do_SYSENTER_32+0x73/0x90 [ 618.534973][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.541301][T12420] [ 618.543635][T12420] Uninit was stored to memory at: [ 618.548683][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 618.554420][T12420] __msan_chain_origin+0x50/0x90 [ 618.559380][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 618.564511][T12420] get_compat_msghdr+0x108/0x2b0 [ 618.569469][T12420] do_recvmmsg+0xdbb/0x22c0 [ 618.574043][T12420] __sys_recvmmsg+0x5dd/0x610 [ 618.578747][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 618.584832][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 618.591006][T12420] __do_fast_syscall_32+0x2af/0x480 [ 618.596225][T12420] do_fast_syscall_32+0x6b/0xd0 [ 618.601089][T12420] do_SYSENTER_32+0x73/0x90 [ 618.605613][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 618.611936][T12420] [ 618.614274][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 618.620967][T12420] do_recvmmsg+0xbf/0x22c0 [ 618.625401][T12420] do_recvmmsg+0xbf/0x22c0 [ 619.070925][T12420] not chained 260000 origins [ 619.075603][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 619.084303][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 619.094390][T12420] Call Trace: [ 619.097712][T12420] dump_stack+0x21c/0x280 [ 619.102093][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 619.107901][T12420] ? kmsan_get_metadata+0x116/0x180 [ 619.113128][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 619.118700][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 619.124801][T12420] ? _copy_from_user+0x201/0x310 [ 619.129802][T12420] ? kmsan_get_metadata+0x116/0x180 [ 619.135022][T12420] __msan_chain_origin+0x50/0x90 [ 619.139988][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 619.145168][T12420] get_compat_msghdr+0x108/0x2b0 [ 619.150151][T12420] do_recvmmsg+0xdbb/0x22c0 [ 619.154702][T12420] ? kmsan_get_metadata+0x116/0x180 [ 619.159931][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 619.165856][T12420] ? kmsan_get_metadata+0x116/0x180 [ 619.171087][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 619.176748][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 619.182067][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 619.186862][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 619.191672][T12420] __sys_recvmmsg+0x5dd/0x610 [ 619.196402][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.202513][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.208705][T12420] __do_fast_syscall_32+0x2af/0x480 [ 619.213945][T12420] do_fast_syscall_32+0x6b/0xd0 [ 619.218822][T12420] do_SYSENTER_32+0x73/0x90 [ 619.223349][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.229699][T12420] RIP: 0023:0xf7f15549 [ 619.233807][T12420] Code: Bad RIP value. [ 619.237886][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 619.246321][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 619.254314][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 619.262307][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 619.270299][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 619.278291][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 619.286319][T12420] Uninit was stored to memory at: [ 619.291380][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 619.297125][T12420] __msan_chain_origin+0x50/0x90 [ 619.302086][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 619.307223][T12420] get_compat_msghdr+0x108/0x2b0 [ 619.312184][T12420] do_recvmmsg+0xdbb/0x22c0 [ 619.317716][T12420] __sys_recvmmsg+0x5dd/0x610 [ 619.322418][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.328514][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.334704][T12420] __do_fast_syscall_32+0x2af/0x480 [ 619.339929][T12420] do_fast_syscall_32+0x6b/0xd0 [ 619.344802][T12420] do_SYSENTER_32+0x73/0x90 [ 619.349327][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.355684][T12420] [ 619.358019][T12420] Uninit was stored to memory at: [ 619.363068][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 619.368813][T12420] __msan_chain_origin+0x50/0x90 [ 619.374468][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 619.379606][T12420] get_compat_msghdr+0x108/0x2b0 [ 619.384588][T12420] do_recvmmsg+0xdbb/0x22c0 [ 619.389111][T12420] __sys_recvmmsg+0x5dd/0x610 [ 619.393818][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.399909][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.406103][T12420] __do_fast_syscall_32+0x2af/0x480 [ 619.411323][T12420] do_fast_syscall_32+0x6b/0xd0 [ 619.416220][T12420] do_SYSENTER_32+0x73/0x90 [ 619.420744][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.427071][T12420] [ 619.429404][T12420] Uninit was stored to memory at: [ 619.434485][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 619.440247][T12420] __msan_chain_origin+0x50/0x90 [ 619.445202][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 619.450336][T12420] get_compat_msghdr+0x108/0x2b0 [ 619.455291][T12420] do_recvmmsg+0xdbb/0x22c0 [ 619.459813][T12420] __sys_recvmmsg+0x5dd/0x610 [ 619.464539][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.470675][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.476851][T12420] __do_fast_syscall_32+0x2af/0x480 [ 619.482097][T12420] do_fast_syscall_32+0x6b/0xd0 [ 619.486979][T12420] do_SYSENTER_32+0x73/0x90 [ 619.492225][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.498560][T12420] [ 619.500893][T12420] Uninit was stored to memory at: [ 619.505943][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 619.511710][T12420] __msan_chain_origin+0x50/0x90 [ 619.516695][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 619.521838][T12420] get_compat_msghdr+0x108/0x2b0 [ 619.526804][T12420] do_recvmmsg+0xdbb/0x22c0 [ 619.531331][T12420] __sys_recvmmsg+0x5dd/0x610 [ 619.536032][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.542131][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.548308][T12420] __do_fast_syscall_32+0x2af/0x480 [ 619.553527][T12420] do_fast_syscall_32+0x6b/0xd0 [ 619.558403][T12420] do_SYSENTER_32+0x73/0x90 [ 619.562940][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.569271][T12420] [ 619.571604][T12420] Uninit was stored to memory at: [ 619.576651][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 619.582390][T12420] __msan_chain_origin+0x50/0x90 [ 619.587346][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 619.592474][T12420] get_compat_msghdr+0x108/0x2b0 [ 619.597429][T12420] do_recvmmsg+0xdbb/0x22c0 [ 619.601968][T12420] __sys_recvmmsg+0x5dd/0x610 [ 619.606668][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.612766][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.618964][T12420] __do_fast_syscall_32+0x2af/0x480 [ 619.624206][T12420] do_fast_syscall_32+0x6b/0xd0 [ 619.629075][T12420] do_SYSENTER_32+0x73/0x90 [ 619.633600][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.640926][T12420] [ 619.643264][T12420] Uninit was stored to memory at: [ 619.648312][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 619.654046][T12420] __msan_chain_origin+0x50/0x90 [ 619.659004][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 619.664135][T12420] get_compat_msghdr+0x108/0x2b0 [ 619.669090][T12420] do_recvmmsg+0xdbb/0x22c0 [ 619.673615][T12420] __sys_recvmmsg+0x5dd/0x610 [ 619.678313][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.684398][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.690577][T12420] __do_fast_syscall_32+0x2af/0x480 [ 619.695792][T12420] do_fast_syscall_32+0x6b/0xd0 [ 619.700659][T12420] do_SYSENTER_32+0x73/0x90 [ 619.705178][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.711536][T12420] [ 619.713869][T12420] Uninit was stored to memory at: [ 619.718914][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 619.724651][T12420] __msan_chain_origin+0x50/0x90 [ 619.729650][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 619.734799][T12420] get_compat_msghdr+0x108/0x2b0 [ 619.739754][T12420] do_recvmmsg+0xdbb/0x22c0 [ 619.744281][T12420] __sys_recvmmsg+0x5dd/0x610 [ 619.748978][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 619.755072][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 619.761251][T12420] __do_fast_syscall_32+0x2af/0x480 [ 619.766474][T12420] do_fast_syscall_32+0x6b/0xd0 [ 619.771347][T12420] do_SYSENTER_32+0x73/0x90 [ 619.775878][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 619.782205][T12420] [ 619.784545][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 619.791237][T12420] do_recvmmsg+0xbf/0x22c0 [ 619.795668][T12420] do_recvmmsg+0xbf/0x22c0 [ 619.988392][T12420] not chained 270000 origins [ 619.993040][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 620.001718][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 620.011797][T12420] Call Trace: [ 620.015188][T12420] dump_stack+0x21c/0x280 [ 620.019554][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 620.025337][T12420] ? kmsan_get_metadata+0x116/0x180 [ 620.030585][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 620.036164][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 620.042265][T12420] ? _copy_from_user+0x201/0x310 [ 620.047228][T12420] ? kmsan_get_metadata+0x116/0x180 [ 620.052451][T12420] __msan_chain_origin+0x50/0x90 [ 620.057417][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.062575][T12420] get_compat_msghdr+0x108/0x2b0 [ 620.067548][T12420] do_recvmmsg+0xdbb/0x22c0 [ 620.072107][T12420] ? kmsan_get_metadata+0x116/0x180 [ 620.077357][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 620.083293][T12420] ? kmsan_get_metadata+0x116/0x180 [ 620.088515][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 620.094197][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 620.099527][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 620.104308][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 620.109120][T12420] __sys_recvmmsg+0x5dd/0x610 [ 620.113845][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.119949][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.126138][T12420] __do_fast_syscall_32+0x2af/0x480 [ 620.131370][T12420] do_fast_syscall_32+0x6b/0xd0 [ 620.136248][T12420] do_SYSENTER_32+0x73/0x90 [ 620.140777][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.147129][T12420] RIP: 0023:0xf7f15549 [ 620.151199][T12420] Code: Bad RIP value. [ 620.155278][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 620.163705][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 620.171697][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 620.179683][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 620.187667][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 620.195648][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 620.203711][T12420] Uninit was stored to memory at: [ 620.208799][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 620.214535][T12420] __msan_chain_origin+0x50/0x90 [ 620.219486][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.224608][T12420] get_compat_msghdr+0x108/0x2b0 [ 620.229580][T12420] do_recvmmsg+0xdbb/0x22c0 [ 620.234098][T12420] __sys_recvmmsg+0x5dd/0x610 [ 620.238798][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.244881][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.251046][T12420] __do_fast_syscall_32+0x2af/0x480 [ 620.256256][T12420] do_fast_syscall_32+0x6b/0xd0 [ 620.261124][T12420] do_SYSENTER_32+0x73/0x90 [ 620.265638][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.271957][T12420] [ 620.274285][T12420] Uninit was stored to memory at: [ 620.279328][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 620.285061][T12420] __msan_chain_origin+0x50/0x90 [ 620.290011][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.295162][T12420] get_compat_msghdr+0x108/0x2b0 [ 620.300129][T12420] do_recvmmsg+0xdbb/0x22c0 [ 620.304645][T12420] __sys_recvmmsg+0x5dd/0x610 [ 620.309334][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.315416][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.321603][T12420] __do_fast_syscall_32+0x2af/0x480 [ 620.326824][T12420] do_fast_syscall_32+0x6b/0xd0 [ 620.331705][T12420] do_SYSENTER_32+0x73/0x90 [ 620.336226][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.342550][T12420] [ 620.344879][T12420] Uninit was stored to memory at: [ 620.349920][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 620.355656][T12420] __msan_chain_origin+0x50/0x90 [ 620.360611][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.365744][T12420] get_compat_msghdr+0x108/0x2b0 [ 620.370708][T12420] do_recvmmsg+0xdbb/0x22c0 [ 620.375224][T12420] __sys_recvmmsg+0x5dd/0x610 [ 620.379939][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.386020][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.392185][T12420] __do_fast_syscall_32+0x2af/0x480 [ 620.397396][T12420] do_fast_syscall_32+0x6b/0xd0 [ 620.402260][T12420] do_SYSENTER_32+0x73/0x90 [ 620.406782][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.413147][T12420] [ 620.415476][T12420] Uninit was stored to memory at: [ 620.420515][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 620.426248][T12420] __msan_chain_origin+0x50/0x90 [ 620.431199][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.436325][T12420] get_compat_msghdr+0x108/0x2b0 [ 620.441275][T12420] do_recvmmsg+0xdbb/0x22c0 [ 620.445803][T12420] __sys_recvmmsg+0x5dd/0x610 [ 620.450493][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.456574][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.462727][T12420] __do_fast_syscall_32+0x2af/0x480 [ 620.467912][T12420] do_fast_syscall_32+0x6b/0xd0 [ 620.472744][T12420] do_SYSENTER_32+0x73/0x90 [ 620.477245][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.483567][T12420] [ 620.485888][T12420] Uninit was stored to memory at: [ 620.490903][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 620.496620][T12420] __msan_chain_origin+0x50/0x90 [ 620.501558][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.506661][T12420] get_compat_msghdr+0x108/0x2b0 [ 620.511590][T12420] do_recvmmsg+0xdbb/0x22c0 [ 620.516174][T12420] __sys_recvmmsg+0x5dd/0x610 [ 620.520868][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.526937][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.533078][T12420] __do_fast_syscall_32+0x2af/0x480 [ 620.538274][T12420] do_fast_syscall_32+0x6b/0xd0 [ 620.543127][T12420] do_SYSENTER_32+0x73/0x90 [ 620.547627][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.553928][T12420] [ 620.556244][T12420] Uninit was stored to memory at: [ 620.561272][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 620.566978][T12420] __msan_chain_origin+0x50/0x90 [ 620.571900][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.577028][T12420] get_compat_msghdr+0x108/0x2b0 [ 620.581964][T12420] do_recvmmsg+0xdbb/0x22c0 [ 620.586464][T12420] __sys_recvmmsg+0x5dd/0x610 [ 620.591184][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.597267][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.603425][T12420] __do_fast_syscall_32+0x2af/0x480 [ 620.608625][T12420] do_fast_syscall_32+0x6b/0xd0 [ 620.613474][T12420] do_SYSENTER_32+0x73/0x90 [ 620.617979][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.624306][T12420] [ 620.626627][T12420] Uninit was stored to memory at: [ 620.631641][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 620.637363][T12420] __msan_chain_origin+0x50/0x90 [ 620.642302][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.647398][T12420] get_compat_msghdr+0x108/0x2b0 [ 620.652326][T12420] do_recvmmsg+0xdbb/0x22c0 [ 620.656833][T12420] __sys_recvmmsg+0x5dd/0x610 [ 620.661514][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 620.667570][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 620.673714][T12420] __do_fast_syscall_32+0x2af/0x480 [ 620.679028][T12420] do_fast_syscall_32+0x6b/0xd0 [ 620.683881][T12420] do_SYSENTER_32+0x73/0x90 [ 620.688412][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 620.694715][T12420] [ 620.697036][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 620.703724][T12420] do_recvmmsg+0xbf/0x22c0 [ 620.708179][T12420] do_recvmmsg+0xbf/0x22c0 [ 620.727723][T11124] Bluetooth: hci3: command 0x0406 tx timeout [ 620.923767][T12420] not chained 280000 origins [ 620.928439][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 620.937117][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 620.947176][T12420] Call Trace: [ 620.950466][T12420] dump_stack+0x21c/0x280 [ 620.954793][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 620.960526][T12420] ? kmsan_get_metadata+0x116/0x180 [ 620.965778][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 620.971320][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 620.977388][T12420] ? _copy_from_user+0x201/0x310 [ 620.982323][T12420] ? kmsan_get_metadata+0x116/0x180 [ 620.987513][T12420] __msan_chain_origin+0x50/0x90 [ 620.992456][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 620.997572][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.002512][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.007025][T12420] ? kmsan_get_metadata+0x116/0x180 [ 621.012234][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 621.018136][T12420] ? kmsan_get_metadata+0x116/0x180 [ 621.023325][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 621.028964][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 621.034295][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 621.039062][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 621.043819][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.048521][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.054607][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.060770][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.066000][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.070858][T12420] do_SYSENTER_32+0x73/0x90 [ 621.075359][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.081683][T12420] RIP: 0023:0xf7f15549 [ 621.085746][T12420] Code: Bad RIP value. [ 621.089818][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 621.098227][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 621.106210][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 621.114170][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 621.122132][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 621.130093][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 621.138065][T12420] Uninit was stored to memory at: [ 621.143085][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 621.148796][T12420] __msan_chain_origin+0x50/0x90 [ 621.153727][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 621.158859][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.163806][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.168349][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.173022][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.179094][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.185257][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.190466][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.195322][T12420] do_SYSENTER_32+0x73/0x90 [ 621.199817][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.206119][T12420] [ 621.208436][T12420] Uninit was stored to memory at: [ 621.213476][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 621.219201][T12420] __msan_chain_origin+0x50/0x90 [ 621.224125][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 621.229224][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.234159][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.238652][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.243328][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.249430][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.255597][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.260808][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.265656][T12420] do_SYSENTER_32+0x73/0x90 [ 621.270155][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.276454][T12420] [ 621.278764][T12420] Uninit was stored to memory at: [ 621.283786][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 621.289491][T12420] __msan_chain_origin+0x50/0x90 [ 621.294425][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 621.299532][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.304455][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.308946][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.313623][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.319685][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.325839][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.331115][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.335960][T12420] do_SYSENTER_32+0x73/0x90 [ 621.340467][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.346800][T12420] [ 621.349121][T12420] Uninit was stored to memory at: [ 621.354148][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 621.359865][T12420] __msan_chain_origin+0x50/0x90 [ 621.364803][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 621.369902][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.374827][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.379313][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.383988][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.390044][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.396199][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.401386][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.406222][T12420] do_SYSENTER_32+0x73/0x90 [ 621.410725][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.417077][T12420] [ 621.419399][T12420] Uninit was stored to memory at: [ 621.424436][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 621.430143][T12420] __msan_chain_origin+0x50/0x90 [ 621.435072][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 621.440182][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.445104][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.449606][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.454269][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.460358][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.466509][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.471695][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.476530][T12420] do_SYSENTER_32+0x73/0x90 [ 621.481013][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.487313][T12420] [ 621.489634][T12420] Uninit was stored to memory at: [ 621.494662][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 621.500381][T12420] __msan_chain_origin+0x50/0x90 [ 621.505319][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 621.510422][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.515358][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.519853][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.524524][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.530589][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.536731][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.541921][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.546759][T12420] do_SYSENTER_32+0x73/0x90 [ 621.551247][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.557546][T12420] [ 621.559865][T12420] Uninit was stored to memory at: [ 621.564877][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 621.570581][T12420] __msan_chain_origin+0x50/0x90 [ 621.575520][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 621.580617][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.585540][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.590030][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.594699][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.600756][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.606901][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.612092][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.616950][T12420] do_SYSENTER_32+0x73/0x90 [ 621.621444][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.627757][T12420] [ 621.630095][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 621.636774][T12420] do_recvmmsg+0xbf/0x22c0 [ 621.641173][T12420] do_recvmmsg+0xbf/0x22c0 [ 621.773163][T12420] not chained 290000 origins [ 621.777810][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 621.786486][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 621.796549][T12420] Call Trace: [ 621.799873][T12420] dump_stack+0x21c/0x280 [ 621.804248][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 621.810043][T12420] ? kmsan_get_metadata+0x116/0x180 [ 621.815262][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 621.820829][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 621.826922][T12420] ? _copy_from_user+0x201/0x310 [ 621.831884][T12420] ? kmsan_get_metadata+0x116/0x180 [ 621.837097][T12420] __msan_chain_origin+0x50/0x90 [ 621.842060][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 621.847217][T12420] get_compat_msghdr+0x108/0x2b0 [ 621.852192][T12420] do_recvmmsg+0xdbb/0x22c0 [ 621.856750][T12420] ? kmsan_get_metadata+0x116/0x180 [ 621.861998][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 621.867924][T12420] ? kmsan_get_metadata+0x116/0x180 [ 621.873146][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 621.878846][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 621.884157][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 621.888942][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 621.893730][T12420] __sys_recvmmsg+0x5dd/0x610 [ 621.898459][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 621.904588][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 621.910776][T12420] __do_fast_syscall_32+0x2af/0x480 [ 621.916019][T12420] do_fast_syscall_32+0x6b/0xd0 [ 621.920907][T12420] do_SYSENTER_32+0x73/0x90 [ 621.925616][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 621.931957][T12420] RIP: 0023:0xf7f15549 [ 621.936029][T12420] Code: Bad RIP value. [ 621.940103][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 621.948537][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 621.956526][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 621.964519][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 621.972511][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 621.980507][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 621.988512][T12420] Uninit was stored to memory at: [ 621.993576][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 621.999319][T12420] __msan_chain_origin+0x50/0x90 [ 622.004276][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.009414][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.014370][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.018895][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.023593][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.029676][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.035847][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.041083][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.045955][T12420] do_SYSENTER_32+0x73/0x90 [ 622.050475][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.056803][T12420] [ 622.059134][T12420] Uninit was stored to memory at: [ 622.064183][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 622.069922][T12420] __msan_chain_origin+0x50/0x90 [ 622.074879][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.080009][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.084962][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.089480][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.094177][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.100250][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.106391][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.111575][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.116410][T12420] do_SYSENTER_32+0x73/0x90 [ 622.120896][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.127197][T12420] [ 622.129559][T12420] Uninit was stored to memory at: [ 622.134573][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 622.140309][T12420] __msan_chain_origin+0x50/0x90 [ 622.145234][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.150382][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.155304][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.159794][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.164458][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.170515][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.176661][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.181867][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.186704][T12420] do_SYSENTER_32+0x73/0x90 [ 622.191189][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.197523][T12420] [ 622.199855][T12420] Uninit was stored to memory at: [ 622.204885][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 622.210588][T12420] __msan_chain_origin+0x50/0x90 [ 622.215509][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.220609][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.225539][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.230062][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.234745][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.240803][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.246964][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.252152][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.256989][T12420] do_SYSENTER_32+0x73/0x90 [ 622.261479][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.267791][T12420] [ 622.270143][T12420] Uninit was stored to memory at: [ 622.275172][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 622.280893][T12420] __msan_chain_origin+0x50/0x90 [ 622.285819][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.290935][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.295873][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.300377][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.305058][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.311125][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.317328][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.322530][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.327372][T12420] do_SYSENTER_32+0x73/0x90 [ 622.331873][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.338175][T12420] [ 622.340482][T12420] Uninit was stored to memory at: [ 622.345516][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 622.351235][T12420] __msan_chain_origin+0x50/0x90 [ 622.356181][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.361277][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.366218][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.370720][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.375404][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.381471][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.387622][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.392823][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.397676][T12420] do_SYSENTER_32+0x73/0x90 [ 622.402168][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.408482][T12420] [ 622.410795][T12420] Uninit was stored to memory at: [ 622.415826][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 622.421530][T12420] __msan_chain_origin+0x50/0x90 [ 622.426459][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.431650][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.436591][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.441091][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.445792][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.451848][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.457991][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.463195][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.468034][T12420] do_SYSENTER_32+0x73/0x90 [ 622.472554][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.478871][T12420] [ 622.481183][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 622.487846][T12420] do_recvmmsg+0xbf/0x22c0 [ 622.492259][T12420] do_recvmmsg+0xbf/0x22c0 [ 622.651351][T12420] not chained 300000 origins [ 622.655999][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 622.664680][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 622.674750][T12420] Call Trace: [ 622.678070][T12420] dump_stack+0x21c/0x280 [ 622.682434][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 622.688217][T12420] ? kmsan_get_metadata+0x116/0x180 [ 622.693440][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 622.699017][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 622.705121][T12420] ? _copy_from_user+0x201/0x310 [ 622.710089][T12420] ? kmsan_get_metadata+0x116/0x180 [ 622.715313][T12420] __msan_chain_origin+0x50/0x90 [ 622.720277][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.725434][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.730410][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.734990][T12420] ? kmsan_get_metadata+0x116/0x180 [ 622.740305][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 622.746246][T12420] ? kmsan_get_metadata+0x116/0x180 [ 622.751487][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 622.757142][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 622.762448][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 622.767224][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 622.772009][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.776733][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.782923][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.789098][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.794327][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.799203][T12420] do_SYSENTER_32+0x73/0x90 [ 622.803782][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.810118][T12420] RIP: 0023:0xf7f15549 [ 622.814186][T12420] Code: Bad RIP value. [ 622.818260][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 622.826687][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 622.834670][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 622.842643][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 622.850604][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 622.858563][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 622.866602][T12420] Uninit was stored to memory at: [ 622.871643][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 622.877349][T12420] __msan_chain_origin+0x50/0x90 [ 622.882278][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.887396][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.892320][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.896809][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.901485][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.907598][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.913757][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.918971][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.923839][T12420] do_SYSENTER_32+0x73/0x90 [ 622.928344][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 622.934647][T12420] [ 622.936973][T12420] Uninit was stored to memory at: [ 622.942001][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 622.947723][T12420] __msan_chain_origin+0x50/0x90 [ 622.952647][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 622.957743][T12420] get_compat_msghdr+0x108/0x2b0 [ 622.962664][T12420] do_recvmmsg+0xdbb/0x22c0 [ 622.970464][T12420] __sys_recvmmsg+0x5dd/0x610 [ 622.975159][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 622.981215][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 622.987358][T12420] __do_fast_syscall_32+0x2af/0x480 [ 622.992633][T12420] do_fast_syscall_32+0x6b/0xd0 [ 622.997488][T12420] do_SYSENTER_32+0x73/0x90 [ 623.001996][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.008385][T12420] [ 623.010695][T12420] Uninit was stored to memory at: [ 623.015728][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.021450][T12420] __msan_chain_origin+0x50/0x90 [ 623.026391][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.031487][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.036420][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.040943][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.045611][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.051680][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.057820][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.063004][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.067892][T12420] do_SYSENTER_32+0x73/0x90 [ 623.072382][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.078693][T12420] [ 623.081013][T12420] Uninit was stored to memory at: [ 623.086052][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.091789][T12420] __msan_chain_origin+0x50/0x90 [ 623.096717][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.101833][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.106774][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.111281][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.115966][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.122056][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.128248][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.133452][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.138294][T12420] do_SYSENTER_32+0x73/0x90 [ 623.142787][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.149089][T12420] [ 623.151605][T12420] Uninit was stored to memory at: [ 623.156634][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.162366][T12420] __msan_chain_origin+0x50/0x90 [ 623.167307][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.172427][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.177355][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.181861][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.186539][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.192611][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.198757][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.203944][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.208792][T12420] do_SYSENTER_32+0x73/0x90 [ 623.213292][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.219594][T12420] [ 623.221914][T12420] Uninit was stored to memory at: [ 623.226931][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.232652][T12420] __msan_chain_origin+0x50/0x90 [ 623.237579][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.242705][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.247640][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.252133][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.256806][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.262870][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.269022][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.274225][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.279103][T12420] do_SYSENTER_32+0x73/0x90 [ 623.283612][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.289925][T12420] [ 623.292358][T12420] Uninit was stored to memory at: [ 623.297379][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.303096][T12420] __msan_chain_origin+0x50/0x90 [ 623.308040][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.313155][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.318120][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.322634][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.327320][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.333400][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.339565][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.344764][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.349645][T12420] do_SYSENTER_32+0x73/0x90 [ 623.354179][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.360494][T12420] [ 623.362811][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 623.369491][T12420] do_recvmmsg+0xbf/0x22c0 [ 623.373898][T12420] do_recvmmsg+0xbf/0x22c0 [ 623.506646][T12420] not chained 310000 origins [ 623.511309][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 623.519990][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 623.530059][T12420] Call Trace: [ 623.533411][T12420] dump_stack+0x21c/0x280 [ 623.537774][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 623.543533][T12420] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 623.549382][T12420] ? kmsan_get_metadata+0x116/0x180 [ 623.554603][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 623.560178][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 623.566275][T12420] ? _copy_from_user+0x201/0x310 [ 623.571239][T12420] ? kmsan_get_metadata+0x116/0x180 [ 623.576461][T12420] __msan_chain_origin+0x50/0x90 [ 623.581424][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.586583][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.591560][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.596124][T12420] ? kmsan_get_metadata+0x116/0x180 [ 623.602778][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 623.608698][T12420] ? kmsan_get_metadata+0x116/0x180 [ 623.613922][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 623.619584][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 623.624898][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 623.629680][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 623.634471][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.639196][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.645303][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.651490][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.656900][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.661781][T12420] do_SYSENTER_32+0x73/0x90 [ 623.666320][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.672662][T12420] RIP: 0023:0xf7f15549 [ 623.676733][T12420] Code: Bad RIP value. [ 623.680810][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 623.689242][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 623.697489][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 623.705495][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 623.713511][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 623.721502][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 623.729533][T12420] Uninit was stored to memory at: [ 623.734589][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.740351][T12420] __msan_chain_origin+0x50/0x90 [ 623.745314][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.750452][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.755411][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.759930][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.764633][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.770728][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.776903][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.782155][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.787032][T12420] do_SYSENTER_32+0x73/0x90 [ 623.791563][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.797889][T12420] [ 623.800223][T12420] Uninit was stored to memory at: [ 623.805272][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.811010][T12420] __msan_chain_origin+0x50/0x90 [ 623.815961][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.821127][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.826072][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.830566][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.835231][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.841294][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.847447][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.852643][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.857490][T12420] do_SYSENTER_32+0x73/0x90 [ 623.861996][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.868308][T12420] [ 623.870616][T12420] Uninit was stored to memory at: [ 623.875629][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.881341][T12420] __msan_chain_origin+0x50/0x90 [ 623.886282][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.891378][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.896300][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.900816][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.905491][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.911549][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.917698][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.922898][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.927735][T12420] do_SYSENTER_32+0x73/0x90 [ 623.932223][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 623.938547][T12420] [ 623.940876][T12420] Uninit was stored to memory at: [ 623.945893][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 623.951614][T12420] __msan_chain_origin+0x50/0x90 [ 623.956540][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 623.961652][T12420] get_compat_msghdr+0x108/0x2b0 [ 623.966594][T12420] do_recvmmsg+0xdbb/0x22c0 [ 623.971090][T12420] __sys_recvmmsg+0x5dd/0x610 [ 623.975757][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 623.981828][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 623.987981][T12420] __do_fast_syscall_32+0x2af/0x480 [ 623.993178][T12420] do_fast_syscall_32+0x6b/0xd0 [ 623.998014][T12420] do_SYSENTER_32+0x73/0x90 [ 624.002607][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.008908][T12420] [ 624.011221][T12420] Uninit was stored to memory at: [ 624.016250][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.021970][T12420] __msan_chain_origin+0x50/0x90 [ 624.026893][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.031994][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.036920][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.041408][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.046085][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.052148][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.058301][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.063498][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.068339][T12420] do_SYSENTER_32+0x73/0x90 [ 624.072841][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.079148][T12420] [ 624.081469][T12420] Uninit was stored to memory at: [ 624.086482][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.092197][T12420] __msan_chain_origin+0x50/0x90 [ 624.097131][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.102247][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.107171][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.111668][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.116333][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.122398][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.128562][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.133770][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.138635][T12420] do_SYSENTER_32+0x73/0x90 [ 624.143160][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.149496][T12420] [ 624.151806][T12420] Uninit was stored to memory at: [ 624.156824][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.162528][T12420] __msan_chain_origin+0x50/0x90 [ 624.167465][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.172569][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.177506][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.181989][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.186739][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.192791][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.198948][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.204132][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.211082][T12420] do_SYSENTER_32+0x73/0x90 [ 624.215578][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.221883][T12420] [ 624.224192][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 624.230954][T12420] do_recvmmsg+0xbf/0x22c0 [ 624.235354][T12420] do_recvmmsg+0xbf/0x22c0 [ 624.411541][T12420] not chained 320000 origins [ 624.416152][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 624.424834][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 624.434887][T12420] Call Trace: [ 624.438190][T12420] dump_stack+0x21c/0x280 [ 624.442531][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 624.448286][T12420] ? kmsan_get_metadata+0x116/0x180 [ 624.453477][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 624.459033][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 624.465107][T12420] ? _copy_from_user+0x201/0x310 [ 624.470045][T12420] ? kmsan_get_metadata+0x116/0x180 [ 624.475246][T12420] __msan_chain_origin+0x50/0x90 [ 624.480179][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.485301][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.490242][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.494758][T12420] ? kmsan_get_metadata+0x116/0x180 [ 624.499967][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 624.505883][T12420] ? kmsan_get_metadata+0x116/0x180 [ 624.511091][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 624.516760][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 624.522667][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 624.527440][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 624.532199][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.536949][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.543024][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.549175][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.554376][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.559221][T12420] do_SYSENTER_32+0x73/0x90 [ 624.563723][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.570043][T12420] RIP: 0023:0xf7f15549 [ 624.574091][T12420] Code: Bad RIP value. [ 624.578155][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 624.587268][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 624.595237][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 624.603247][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 624.611217][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 624.619202][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 624.627175][T12420] Uninit was stored to memory at: [ 624.632211][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.637921][T12420] __msan_chain_origin+0x50/0x90 [ 624.642873][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.648019][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.652945][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.657435][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.662101][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.668153][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.674310][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.679514][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.684369][T12420] do_SYSENTER_32+0x73/0x90 [ 624.688886][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.695193][T12420] [ 624.697521][T12420] Uninit was stored to memory at: [ 624.702549][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.708257][T12420] __msan_chain_origin+0x50/0x90 [ 624.713195][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.718305][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.723235][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.727739][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.732399][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.738451][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.744608][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.749808][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.754660][T12420] do_SYSENTER_32+0x73/0x90 [ 624.759165][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.765473][T12420] [ 624.767783][T12420] Uninit was stored to memory at: [ 624.772798][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.778515][T12420] __msan_chain_origin+0x50/0x90 [ 624.783442][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.788560][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.793500][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.797993][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.802660][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.808718][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.814868][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.820762][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.825598][T12420] do_SYSENTER_32+0x73/0x90 [ 624.830102][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.836403][T12420] [ 624.838714][T12420] Uninit was stored to memory at: [ 624.844515][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.850223][T12420] __msan_chain_origin+0x50/0x90 [ 624.855146][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.860254][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.865185][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.869689][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.874353][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.880756][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.886913][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.892116][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.896968][T12420] do_SYSENTER_32+0x73/0x90 [ 624.901458][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.907767][T12420] [ 624.910075][T12420] Uninit was stored to memory at: [ 624.916076][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.921994][T12420] __msan_chain_origin+0x50/0x90 [ 624.926958][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 624.932086][T12420] get_compat_msghdr+0x108/0x2b0 [ 624.937048][T12420] do_recvmmsg+0xdbb/0x22c0 [ 624.941564][T12420] __sys_recvmmsg+0x5dd/0x610 [ 624.946260][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 624.952343][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 624.958516][T12420] __do_fast_syscall_32+0x2af/0x480 [ 624.963736][T12420] do_fast_syscall_32+0x6b/0xd0 [ 624.968612][T12420] do_SYSENTER_32+0x73/0x90 [ 624.973148][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 624.979474][T12420] [ 624.981836][T12420] Uninit was stored to memory at: [ 624.986889][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 624.992631][T12420] __msan_chain_origin+0x50/0x90 [ 624.997599][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.002731][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.007724][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.012243][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.016948][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.023155][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.029328][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.034683][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.039555][T12420] do_SYSENTER_32+0x73/0x90 [ 625.044084][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.050540][T12420] [ 625.052883][T12420] Uninit was stored to memory at: [ 625.057933][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 625.063706][T12420] __msan_chain_origin+0x50/0x90 [ 625.068676][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.073833][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.078830][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.083350][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.088055][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.094158][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.100328][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.105587][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.110452][T12420] do_SYSENTER_32+0x73/0x90 [ 625.123861][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.130192][T12420] [ 625.132560][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 625.139275][T12420] do_recvmmsg+0xbf/0x22c0 [ 625.143712][T12420] do_recvmmsg+0xbf/0x22c0 [ 625.285136][T12420] not chained 330000 origins [ 625.289792][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 625.298467][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 625.316347][T12420] Call Trace: [ 625.319683][T12420] dump_stack+0x21c/0x280 [ 625.324048][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 625.329851][T12420] ? kmsan_get_metadata+0x116/0x180 [ 625.335081][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 625.340659][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 625.346763][T12420] ? _copy_from_user+0x201/0x310 [ 625.351728][T12420] ? kmsan_get_metadata+0x116/0x180 [ 625.356999][T12420] __msan_chain_origin+0x50/0x90 [ 625.361963][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.367127][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.372104][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.376686][T12420] ? kmsan_get_metadata+0x116/0x180 [ 625.382004][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 625.387975][T12420] ? kmsan_get_metadata+0x116/0x180 [ 625.393195][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 625.398854][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 625.404164][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 625.408944][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 625.413733][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.418465][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.424567][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.430752][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.436001][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.440875][T12420] do_SYSENTER_32+0x73/0x90 [ 625.445449][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.452769][T12420] RIP: 0023:0xf7f15549 [ 625.456839][T12420] Code: Bad RIP value. [ 625.460934][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 625.469370][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 625.478182][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 625.486334][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 625.494312][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 625.502993][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 625.510981][T12420] Uninit was stored to memory at: [ 625.516039][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 625.521772][T12420] __msan_chain_origin+0x50/0x90 [ 625.526721][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.531832][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.536785][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.541280][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.546054][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.552160][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.558325][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.563517][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.568897][T12420] do_SYSENTER_32+0x73/0x90 [ 625.573412][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.579728][T12420] [ 625.582138][T12420] Uninit was stored to memory at: [ 625.587176][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 625.592887][T12420] __msan_chain_origin+0x50/0x90 [ 625.597817][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.603004][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.607937][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.612444][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.617129][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.623201][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.629356][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.634543][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.639379][T12420] do_SYSENTER_32+0x73/0x90 [ 625.643878][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.650182][T12420] [ 625.652493][T12420] Uninit was stored to memory at: [ 625.657511][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 625.663234][T12420] __msan_chain_origin+0x50/0x90 [ 625.668170][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.673315][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.678240][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.682734][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.687402][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.693473][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.699617][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.704812][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.709653][T12420] do_SYSENTER_32+0x73/0x90 [ 625.714149][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.720478][T12420] [ 625.722794][T12420] Uninit was stored to memory at: [ 625.728265][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 625.733995][T12420] __msan_chain_origin+0x50/0x90 [ 625.738954][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.744053][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.748978][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.753488][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.758173][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.764241][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.770398][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.775589][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.780427][T12420] do_SYSENTER_32+0x73/0x90 [ 625.784935][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.791238][T12420] [ 625.793560][T12420] Uninit was stored to memory at: [ 625.798589][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 625.804297][T12420] __msan_chain_origin+0x50/0x90 [ 625.809225][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.814323][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.819248][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.823763][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.828464][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.834529][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.840676][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.845865][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.850729][T12420] do_SYSENTER_32+0x73/0x90 [ 625.855236][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.861556][T12420] [ 625.864923][T12420] Uninit was stored to memory at: [ 625.869959][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 625.875682][T12420] __msan_chain_origin+0x50/0x90 [ 625.880620][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.885730][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.890708][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.895196][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.899867][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.905927][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.912169][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.917378][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.922234][T12420] do_SYSENTER_32+0x73/0x90 [ 625.926742][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 625.933063][T12420] [ 625.935378][T12420] Uninit was stored to memory at: [ 625.940421][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 625.946839][T12420] __msan_chain_origin+0x50/0x90 [ 625.951801][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 625.956901][T12420] get_compat_msghdr+0x108/0x2b0 [ 625.961829][T12420] do_recvmmsg+0xdbb/0x22c0 [ 625.966330][T12420] __sys_recvmmsg+0x5dd/0x610 [ 625.971021][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 625.977100][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 625.983240][T12420] __do_fast_syscall_32+0x2af/0x480 [ 625.988444][T12420] do_fast_syscall_32+0x6b/0xd0 [ 625.993299][T12420] do_SYSENTER_32+0x73/0x90 [ 625.997803][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.004122][T12420] [ 626.006435][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 626.013096][T12420] do_recvmmsg+0xbf/0x22c0 [ 626.017495][T12420] do_recvmmsg+0xbf/0x22c0 [ 626.172152][T12420] not chained 340000 origins [ 626.176778][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 626.185442][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 626.195484][T12420] Call Trace: [ 626.198800][T12420] dump_stack+0x21c/0x280 [ 626.203152][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 626.208904][T12420] ? kmsan_get_metadata+0x116/0x180 [ 626.214089][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 626.219638][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 626.225722][T12420] ? _copy_from_user+0x201/0x310 [ 626.230654][T12420] ? kmsan_get_metadata+0x116/0x180 [ 626.235842][T12420] __msan_chain_origin+0x50/0x90 [ 626.240775][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 626.245908][T12420] get_compat_msghdr+0x108/0x2b0 [ 626.250891][T12420] do_recvmmsg+0xdbb/0x22c0 [ 626.255422][T12420] ? kmsan_get_metadata+0x116/0x180 [ 626.260617][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 626.266508][T12420] ? kmsan_get_metadata+0x116/0x180 [ 626.271697][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 626.277321][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 626.282709][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 626.287460][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 626.292213][T12420] __sys_recvmmsg+0x5dd/0x610 [ 626.296916][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.303000][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.309146][T12420] __do_fast_syscall_32+0x2af/0x480 [ 626.314357][T12420] do_fast_syscall_32+0x6b/0xd0 [ 626.319201][T12420] do_SYSENTER_32+0x73/0x90 [ 626.323807][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.330123][T12420] RIP: 0023:0xf7f15549 [ 626.334169][T12420] Code: Bad RIP value. [ 626.338239][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 626.346657][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 626.355227][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 626.363219][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 626.371183][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 626.379146][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 626.387121][T12420] Uninit was stored to memory at: [ 626.392158][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 626.397894][T12420] __msan_chain_origin+0x50/0x90 [ 626.402862][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 626.407962][T12420] get_compat_msghdr+0x108/0x2b0 [ 626.412902][T12420] do_recvmmsg+0xdbb/0x22c0 [ 626.417404][T12420] __sys_recvmmsg+0x5dd/0x610 [ 626.422072][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.428126][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.434278][T12420] __do_fast_syscall_32+0x2af/0x480 [ 626.439477][T12420] do_fast_syscall_32+0x6b/0xd0 [ 626.444355][T12420] do_SYSENTER_32+0x73/0x90 [ 626.448862][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.455165][T12420] [ 626.457487][T12420] Uninit was stored to memory at: [ 626.462505][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 626.468214][T12420] __msan_chain_origin+0x50/0x90 [ 626.473144][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 626.478245][T12420] get_compat_msghdr+0x108/0x2b0 [ 626.483193][T12420] do_recvmmsg+0xdbb/0x22c0 [ 626.487699][T12420] __sys_recvmmsg+0x5dd/0x610 [ 626.492397][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.498454][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.504607][T12420] __do_fast_syscall_32+0x2af/0x480 [ 626.509796][T12420] do_fast_syscall_32+0x6b/0xd0 [ 626.514660][T12420] do_SYSENTER_32+0x73/0x90 [ 626.519177][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.525501][T12420] [ 626.527834][T12420] Uninit was stored to memory at: [ 626.532869][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 626.538598][T12420] __msan_chain_origin+0x50/0x90 [ 626.543572][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 626.548689][T12420] get_compat_msghdr+0x108/0x2b0 [ 626.553639][T12420] do_recvmmsg+0xdbb/0x22c0 [ 626.558222][T12420] __sys_recvmmsg+0x5dd/0x610 [ 626.562913][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.568975][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.575145][T12420] __do_fast_syscall_32+0x2af/0x480 [ 626.580366][T12420] do_fast_syscall_32+0x6b/0xd0 [ 626.585208][T12420] do_SYSENTER_32+0x73/0x90 [ 626.589719][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.596041][T12420] [ 626.598371][T12420] Uninit was stored to memory at: [ 626.603407][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 626.609142][T12420] __msan_chain_origin+0x50/0x90 [ 626.614087][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 626.619209][T12420] get_compat_msghdr+0x108/0x2b0 [ 626.624141][T12420] do_recvmmsg+0xdbb/0x22c0 [ 626.628647][T12420] __sys_recvmmsg+0x5dd/0x610 [ 626.633355][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.639440][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.646466][T12420] __do_fast_syscall_32+0x2af/0x480 [ 626.651663][T12420] do_fast_syscall_32+0x6b/0xd0 [ 626.656509][T12420] do_SYSENTER_32+0x73/0x90 [ 626.661007][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.667329][T12420] [ 626.669662][T12420] Uninit was stored to memory at: [ 626.674696][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 626.680431][T12420] __msan_chain_origin+0x50/0x90 [ 626.685361][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 626.690472][T12420] get_compat_msghdr+0x108/0x2b0 [ 626.695417][T12420] do_recvmmsg+0xdbb/0x22c0 [ 626.699910][T12420] __sys_recvmmsg+0x5dd/0x610 [ 626.704598][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.710714][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.716893][T12420] __do_fast_syscall_32+0x2af/0x480 [ 626.722089][T12420] do_fast_syscall_32+0x6b/0xd0 [ 626.726939][T12420] do_SYSENTER_32+0x73/0x90 [ 626.731449][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.737781][T12420] [ 626.740111][T12420] Uninit was stored to memory at: [ 626.745184][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 626.750916][T12420] __msan_chain_origin+0x50/0x90 [ 626.755845][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 626.760961][T12420] get_compat_msghdr+0x108/0x2b0 [ 626.765948][T12420] do_recvmmsg+0xdbb/0x22c0 [ 626.770724][T12420] __sys_recvmmsg+0x5dd/0x610 [ 626.775394][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.781454][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.787616][T12420] __do_fast_syscall_32+0x2af/0x480 [ 626.792822][T12420] do_fast_syscall_32+0x6b/0xd0 [ 626.797666][T12420] do_SYSENTER_32+0x73/0x90 [ 626.802169][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.808490][T12420] [ 626.810823][T12420] Uninit was stored to memory at: [ 626.815847][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 626.821579][T12420] __msan_chain_origin+0x50/0x90 [ 626.826511][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 626.831616][T12420] get_compat_msghdr+0x108/0x2b0 [ 626.836559][T12420] do_recvmmsg+0xdbb/0x22c0 [ 626.841051][T12420] __sys_recvmmsg+0x5dd/0x610 [ 626.845722][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 626.851815][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 626.857983][T12420] __do_fast_syscall_32+0x2af/0x480 [ 626.863178][T12420] do_fast_syscall_32+0x6b/0xd0 [ 626.868037][T12420] do_SYSENTER_32+0x73/0x90 [ 626.872548][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 626.878869][T12420] [ 626.881185][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 626.887871][T12420] do_recvmmsg+0xbf/0x22c0 [ 626.892285][T12420] do_recvmmsg+0xbf/0x22c0 [ 627.150789][T12420] not chained 350000 origins [ 627.155433][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 627.164110][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 627.174179][T12420] Call Trace: [ 627.177496][T12420] dump_stack+0x21c/0x280 [ 627.182811][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 627.188593][T12420] ? kmsan_get_metadata+0x116/0x180 [ 627.193839][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 627.199434][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 627.205535][T12420] ? _copy_from_user+0x201/0x310 [ 627.210502][T12420] ? kmsan_get_metadata+0x116/0x180 [ 627.215763][T12420] __msan_chain_origin+0x50/0x90 [ 627.220808][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 627.226782][T12420] get_compat_msghdr+0x108/0x2b0 [ 627.231757][T12420] do_recvmmsg+0xdbb/0x22c0 [ 627.236330][T12420] ? kmsan_get_metadata+0x116/0x180 [ 627.241559][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 627.247479][T12420] ? kmsan_get_metadata+0x116/0x180 [ 627.252699][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 627.259230][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 627.264568][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 627.270313][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 627.275400][T12420] __sys_recvmmsg+0x5dd/0x610 [ 627.280125][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.286233][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.292425][T12420] __do_fast_syscall_32+0x2af/0x480 [ 627.297666][T12420] do_fast_syscall_32+0x6b/0xd0 [ 627.302549][T12420] do_SYSENTER_32+0x73/0x90 [ 627.307083][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.313436][T12420] RIP: 0023:0xf7f15549 [ 627.317512][T12420] Code: Bad RIP value. [ 627.321591][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 627.330024][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 627.338019][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 627.346008][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 627.353996][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 627.361991][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 627.369995][T12420] Uninit was stored to memory at: [ 627.375048][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 627.380827][T12420] __msan_chain_origin+0x50/0x90 [ 627.385820][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 627.391473][T12420] get_compat_msghdr+0x108/0x2b0 [ 627.396455][T12420] do_recvmmsg+0xdbb/0x22c0 [ 627.400976][T12420] __sys_recvmmsg+0x5dd/0x610 [ 627.405672][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.411765][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.419075][T12420] __do_fast_syscall_32+0x2af/0x480 [ 627.424302][T12420] do_fast_syscall_32+0x6b/0xd0 [ 627.429176][T12420] do_SYSENTER_32+0x73/0x90 [ 627.433702][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.440033][T12420] [ 627.442375][T12420] Uninit was stored to memory at: [ 627.447426][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 627.453168][T12420] __msan_chain_origin+0x50/0x90 [ 627.458128][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 627.463255][T12420] get_compat_msghdr+0x108/0x2b0 [ 627.468207][T12420] do_recvmmsg+0xdbb/0x22c0 [ 627.472726][T12420] __sys_recvmmsg+0x5dd/0x610 [ 627.477422][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.483684][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.489862][T12420] __do_fast_syscall_32+0x2af/0x480 [ 627.495100][T12420] do_fast_syscall_32+0x6b/0xd0 [ 627.499983][T12420] do_SYSENTER_32+0x73/0x90 [ 627.504517][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.510854][T12420] [ 627.513197][T12420] Uninit was stored to memory at: [ 627.518261][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 627.524020][T12420] __msan_chain_origin+0x50/0x90 [ 627.529027][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 627.534172][T12420] get_compat_msghdr+0x108/0x2b0 [ 627.539161][T12420] do_recvmmsg+0xdbb/0x22c0 [ 627.543698][T12420] __sys_recvmmsg+0x5dd/0x610 [ 627.548403][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.554675][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.560873][T12420] __do_fast_syscall_32+0x2af/0x480 [ 627.566119][T12420] do_fast_syscall_32+0x6b/0xd0 [ 627.571006][T12420] do_SYSENTER_32+0x73/0x90 [ 627.575538][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.581874][T12420] [ 627.584211][T12420] Uninit was stored to memory at: [ 627.589265][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 627.595012][T12420] __msan_chain_origin+0x50/0x90 [ 627.600730][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 627.605886][T12420] get_compat_msghdr+0x108/0x2b0 [ 627.610866][T12420] do_recvmmsg+0xdbb/0x22c0 [ 627.615410][T12420] __sys_recvmmsg+0x5dd/0x610 [ 627.620139][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.626276][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.632594][T12420] __do_fast_syscall_32+0x2af/0x480 [ 627.637832][T12420] do_fast_syscall_32+0x6b/0xd0 [ 627.642717][T12420] do_SYSENTER_32+0x73/0x90 [ 627.647254][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.653589][T12420] [ 627.655932][T12420] Uninit was stored to memory at: [ 627.660992][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 627.666769][T12420] __msan_chain_origin+0x50/0x90 [ 627.671739][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 627.676884][T12420] get_compat_msghdr+0x108/0x2b0 [ 627.681934][T12420] do_recvmmsg+0xdbb/0x22c0 [ 627.686487][T12420] __sys_recvmmsg+0x5dd/0x610 [ 627.691636][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.697738][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.703922][T12420] __do_fast_syscall_32+0x2af/0x480 [ 627.709159][T12420] do_fast_syscall_32+0x6b/0xd0 [ 627.714075][T12420] do_SYSENTER_32+0x73/0x90 [ 627.718631][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.724985][T12420] [ 627.727319][T12420] Uninit was stored to memory at: [ 627.732375][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 627.738117][T12420] __msan_chain_origin+0x50/0x90 [ 627.743074][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 627.748239][T12420] get_compat_msghdr+0x108/0x2b0 [ 627.753217][T12420] do_recvmmsg+0xdbb/0x22c0 [ 627.757738][T12420] __sys_recvmmsg+0x5dd/0x610 [ 627.762426][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.768501][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.774654][T12420] __do_fast_syscall_32+0x2af/0x480 [ 627.779870][T12420] do_fast_syscall_32+0x6b/0xd0 [ 627.784741][T12420] do_SYSENTER_32+0x73/0x90 [ 627.789276][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.795593][T12420] [ 627.798267][T12420] Uninit was stored to memory at: [ 627.803308][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 627.809370][T12420] __msan_chain_origin+0x50/0x90 [ 627.814336][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 627.819442][T12420] get_compat_msghdr+0x108/0x2b0 [ 627.824389][T12420] do_recvmmsg+0xdbb/0x22c0 [ 627.828897][T12420] __sys_recvmmsg+0x5dd/0x610 [ 627.833585][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 627.839669][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 627.845834][T12420] __do_fast_syscall_32+0x2af/0x480 [ 627.851044][T12420] do_fast_syscall_32+0x6b/0xd0 [ 627.855901][T12420] do_SYSENTER_32+0x73/0x90 [ 627.860406][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 627.866712][T12420] [ 627.869026][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 627.875705][T12420] do_recvmmsg+0xbf/0x22c0 [ 627.880155][T12420] do_recvmmsg+0xbf/0x22c0 [ 628.031429][T12420] not chained 360000 origins [ 628.036072][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 628.044747][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 628.054798][T12420] Call Trace: [ 628.058114][T12420] dump_stack+0x21c/0x280 [ 628.062482][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 628.068221][T12420] ? kmsan_get_metadata+0x116/0x180 [ 628.073417][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 628.078976][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 628.085072][T12420] ? _copy_from_user+0x201/0x310 [ 628.090031][T12420] ? kmsan_get_metadata+0x116/0x180 [ 628.095256][T12420] __msan_chain_origin+0x50/0x90 [ 628.100905][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 628.106075][T12420] get_compat_msghdr+0x108/0x2b0 [ 628.111038][T12420] do_recvmmsg+0xdbb/0x22c0 [ 628.115577][T12420] ? kmsan_get_metadata+0x116/0x180 [ 628.120794][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 628.126744][T12420] ? kmsan_get_metadata+0x116/0x180 [ 628.131997][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 628.137661][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 628.142961][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 628.147738][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 628.152519][T12420] __sys_recvmmsg+0x5dd/0x610 [ 628.157214][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.163291][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.169471][T12420] __do_fast_syscall_32+0x2af/0x480 [ 628.174684][T12420] do_fast_syscall_32+0x6b/0xd0 [ 628.179536][T12420] do_SYSENTER_32+0x73/0x90 [ 628.184071][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.190403][T12420] RIP: 0023:0xf7f15549 [ 628.194477][T12420] Code: Bad RIP value. [ 628.198549][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 628.206982][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 628.214970][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 628.222933][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 628.230909][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 628.238903][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 628.246893][T12420] Uninit was stored to memory at: [ 628.251948][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 628.257662][T12420] __msan_chain_origin+0x50/0x90 [ 628.262611][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 628.267747][T12420] get_compat_msghdr+0x108/0x2b0 [ 628.272692][T12420] do_recvmmsg+0xdbb/0x22c0 [ 628.277235][T12420] __sys_recvmmsg+0x5dd/0x610 [ 628.281907][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.288035][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.294208][T12420] __do_fast_syscall_32+0x2af/0x480 [ 628.299403][T12420] do_fast_syscall_32+0x6b/0xd0 [ 628.304264][T12420] do_SYSENTER_32+0x73/0x90 [ 628.308779][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.315102][T12420] [ 628.317420][T12420] Uninit was stored to memory at: [ 628.322442][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 628.328178][T12420] __msan_chain_origin+0x50/0x90 [ 628.333130][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 628.338251][T12420] get_compat_msghdr+0x108/0x2b0 [ 628.343220][T12420] do_recvmmsg+0xdbb/0x22c0 [ 628.347746][T12420] __sys_recvmmsg+0x5dd/0x610 [ 628.352430][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.358509][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.364661][T12420] __do_fast_syscall_32+0x2af/0x480 [ 628.369877][T12420] do_fast_syscall_32+0x6b/0xd0 [ 628.375439][T12420] do_SYSENTER_32+0x73/0x90 [ 628.379957][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.386546][T12420] [ 628.388886][T12420] Uninit was stored to memory at: [ 628.393933][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 628.399696][T12420] __msan_chain_origin+0x50/0x90 [ 628.404658][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 628.410729][T12420] get_compat_msghdr+0x108/0x2b0 [ 628.415669][T12420] do_recvmmsg+0xdbb/0x22c0 [ 628.420168][T12420] __sys_recvmmsg+0x5dd/0x610 [ 628.424878][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.430959][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.437147][T12420] __do_fast_syscall_32+0x2af/0x480 [ 628.442359][T12420] do_fast_syscall_32+0x6b/0xd0 [ 628.447227][T12420] do_SYSENTER_32+0x73/0x90 [ 628.451757][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.458095][T12420] [ 628.460422][T12420] Uninit was stored to memory at: [ 628.466389][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 628.472113][T12420] __msan_chain_origin+0x50/0x90 [ 628.477043][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 628.482159][T12420] get_compat_msghdr+0x108/0x2b0 [ 628.487112][T12420] do_recvmmsg+0xdbb/0x22c0 [ 628.491633][T12420] __sys_recvmmsg+0x5dd/0x610 [ 628.496331][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.502418][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.508594][T12420] __do_fast_syscall_32+0x2af/0x480 [ 628.513807][T12420] do_fast_syscall_32+0x6b/0xd0 [ 628.518657][T12420] do_SYSENTER_32+0x73/0x90 [ 628.523170][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.529483][T12420] [ 628.531803][T12420] Uninit was stored to memory at: [ 628.536829][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 628.542543][T12420] __msan_chain_origin+0x50/0x90 [ 628.547495][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 628.552647][T12420] get_compat_msghdr+0x108/0x2b0 [ 628.557606][T12420] do_recvmmsg+0xdbb/0x22c0 [ 628.562129][T12420] __sys_recvmmsg+0x5dd/0x610 [ 628.566822][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.572901][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.579054][T12420] __do_fast_syscall_32+0x2af/0x480 [ 628.584273][T12420] do_fast_syscall_32+0x6b/0xd0 [ 628.589151][T12420] do_SYSENTER_32+0x73/0x90 [ 628.593666][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.599974][T12420] [ 628.602289][T12420] Uninit was stored to memory at: [ 628.607331][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 628.613087][T12420] __msan_chain_origin+0x50/0x90 [ 628.618021][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 628.623127][T12420] get_compat_msghdr+0x108/0x2b0 [ 628.628081][T12420] do_recvmmsg+0xdbb/0x22c0 [ 628.632593][T12420] __sys_recvmmsg+0x5dd/0x610 [ 628.637286][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.643383][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.649603][T12420] __do_fast_syscall_32+0x2af/0x480 [ 628.654805][T12420] do_fast_syscall_32+0x6b/0xd0 [ 628.659701][T12420] do_SYSENTER_32+0x73/0x90 [ 628.664212][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.670524][T12420] [ 628.672863][T12420] Uninit was stored to memory at: [ 628.677914][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 628.683658][T12420] __msan_chain_origin+0x50/0x90 [ 628.688623][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 628.693741][T12420] get_compat_msghdr+0x108/0x2b0 [ 628.698683][T12420] do_recvmmsg+0xdbb/0x22c0 [ 628.703177][T12420] __sys_recvmmsg+0x5dd/0x610 [ 628.707895][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 628.713983][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 628.720136][T12420] __do_fast_syscall_32+0x2af/0x480 [ 628.725358][T12420] do_fast_syscall_32+0x6b/0xd0 [ 628.730219][T12420] do_SYSENTER_32+0x73/0x90 [ 628.734713][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 628.741017][T12420] [ 628.743330][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 628.749998][T12420] do_recvmmsg+0xbf/0x22c0 [ 628.754398][T12420] do_recvmmsg+0xbf/0x22c0 [ 628.839296][ T0] NOHZ: local_softirq_pending 08 [ 629.034925][T12420] not chained 370000 origins [ 629.039576][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 629.048258][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 629.058327][T12420] Call Trace: [ 629.061672][T12420] dump_stack+0x21c/0x280 [ 629.066031][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 629.071810][T12420] ? kmsan_get_metadata+0x116/0x180 [ 629.077029][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 629.082603][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 629.088700][T12420] ? _copy_from_user+0x201/0x310 [ 629.093668][T12420] ? kmsan_get_metadata+0x116/0x180 [ 629.098888][T12420] __msan_chain_origin+0x50/0x90 [ 629.103865][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 629.109040][T12420] get_compat_msghdr+0x108/0x2b0 [ 629.114016][T12420] do_recvmmsg+0xdbb/0x22c0 [ 629.118578][T12420] ? kmsan_get_metadata+0x116/0x180 [ 629.123806][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 629.129742][T12420] ? kmsan_get_metadata+0x116/0x180 [ 629.134965][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 629.140646][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 629.145958][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 629.150741][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 629.155536][T12420] __sys_recvmmsg+0x5dd/0x610 [ 629.160292][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.166430][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.172643][T12420] __do_fast_syscall_32+0x2af/0x480 [ 629.177883][T12420] do_fast_syscall_32+0x6b/0xd0 [ 629.182749][T12420] do_SYSENTER_32+0x73/0x90 [ 629.187291][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.193627][T12420] RIP: 0023:0xf7f15549 [ 629.197695][T12420] Code: Bad RIP value. [ 629.201748][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 629.210152][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 629.218129][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 629.226121][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 629.234103][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 629.242093][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 629.250067][T12420] Uninit was stored to memory at: [ 629.255092][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 629.260805][T12420] __msan_chain_origin+0x50/0x90 [ 629.265736][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 629.271715][T12420] get_compat_msghdr+0x108/0x2b0 [ 629.276665][T12420] do_recvmmsg+0xdbb/0x22c0 [ 629.281176][T12420] __sys_recvmmsg+0x5dd/0x610 [ 629.285851][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.291916][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.298078][T12420] __do_fast_syscall_32+0x2af/0x480 [ 629.303285][T12420] do_fast_syscall_32+0x6b/0xd0 [ 629.308137][T12420] do_SYSENTER_32+0x73/0x90 [ 629.312652][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.318960][T12420] [ 629.321276][T12420] Uninit was stored to memory at: [ 629.326307][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 629.332049][T12420] __msan_chain_origin+0x50/0x90 [ 629.336995][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 629.342126][T12420] get_compat_msghdr+0x108/0x2b0 [ 629.347080][T12420] do_recvmmsg+0xdbb/0x22c0 [ 629.351596][T12420] __sys_recvmmsg+0x5dd/0x610 [ 629.356275][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.362386][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.368547][T12420] __do_fast_syscall_32+0x2af/0x480 [ 629.373755][T12420] do_fast_syscall_32+0x6b/0xd0 [ 629.378600][T12420] do_SYSENTER_32+0x73/0x90 [ 629.383093][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.389398][T12420] [ 629.391713][T12420] Uninit was stored to memory at: [ 629.396751][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 629.402464][T12420] __msan_chain_origin+0x50/0x90 [ 629.407409][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 629.412528][T12420] get_compat_msghdr+0x108/0x2b0 [ 629.417468][T12420] do_recvmmsg+0xdbb/0x22c0 [ 629.421973][T12420] __sys_recvmmsg+0x5dd/0x610 [ 629.426657][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.432754][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.438915][T12420] __do_fast_syscall_32+0x2af/0x480 [ 629.444123][T12420] do_fast_syscall_32+0x6b/0xd0 [ 629.448976][T12420] do_SYSENTER_32+0x73/0x90 [ 629.453570][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.459875][T12420] [ 629.462186][T12420] Uninit was stored to memory at: [ 629.467563][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 629.473283][T12420] __msan_chain_origin+0x50/0x90 [ 629.478226][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 629.483353][T12420] get_compat_msghdr+0x108/0x2b0 [ 629.488292][T12420] do_recvmmsg+0xdbb/0x22c0 [ 629.492822][T12420] __sys_recvmmsg+0x5dd/0x610 [ 629.497488][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.503551][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.509709][T12420] __do_fast_syscall_32+0x2af/0x480 [ 629.514908][T12420] do_fast_syscall_32+0x6b/0xd0 [ 629.519753][T12420] do_SYSENTER_32+0x73/0x90 [ 629.524269][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.530592][T12420] [ 629.532922][T12420] Uninit was stored to memory at: [ 629.537953][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 629.543657][T12420] __msan_chain_origin+0x50/0x90 [ 629.548598][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 629.553741][T12420] get_compat_msghdr+0x108/0x2b0 [ 629.558690][T12420] do_recvmmsg+0xdbb/0x22c0 [ 629.563177][T12420] __sys_recvmmsg+0x5dd/0x610 [ 629.567855][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.573961][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.580109][T12420] __do_fast_syscall_32+0x2af/0x480 [ 629.585309][T12420] do_fast_syscall_32+0x6b/0xd0 [ 629.590158][T12420] do_SYSENTER_32+0x73/0x90 [ 629.594653][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.600968][T12420] [ 629.603280][T12420] Uninit was stored to memory at: [ 629.608311][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 629.614032][T12420] __msan_chain_origin+0x50/0x90 [ 629.618985][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 629.624085][T12420] get_compat_msghdr+0x108/0x2b0 [ 629.629031][T12420] do_recvmmsg+0xdbb/0x22c0 [ 629.633526][T12420] __sys_recvmmsg+0x5dd/0x610 [ 629.638212][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.644270][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.651139][T12420] __do_fast_syscall_32+0x2af/0x480 [ 629.656356][T12420] do_fast_syscall_32+0x6b/0xd0 [ 629.665129][T12420] do_SYSENTER_32+0x73/0x90 [ 629.669623][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.675925][T12420] [ 629.678268][T12420] Uninit was stored to memory at: [ 629.683288][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 629.689009][T12420] __msan_chain_origin+0x50/0x90 [ 629.693948][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 629.699132][T12420] get_compat_msghdr+0x108/0x2b0 [ 629.704071][T12420] do_recvmmsg+0xdbb/0x22c0 [ 629.708591][T12420] __sys_recvmmsg+0x5dd/0x610 [ 629.713273][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 629.719327][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 629.725479][T12420] __do_fast_syscall_32+0x2af/0x480 [ 629.730683][T12420] do_fast_syscall_32+0x6b/0xd0 [ 629.735536][T12420] do_SYSENTER_32+0x73/0x90 [ 629.740034][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 629.746344][T12420] [ 629.748676][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 629.755365][T12420] do_recvmmsg+0xbf/0x22c0 [ 629.759774][T12420] do_recvmmsg+0xbf/0x22c0 [ 629.975715][T12420] not chained 380000 origins [ 629.980365][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 629.989045][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 629.999124][T12420] Call Trace: [ 630.002444][T12420] dump_stack+0x21c/0x280 [ 630.006819][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 630.012625][T12420] ? kmsan_get_metadata+0x116/0x180 [ 630.017846][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 630.023417][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 630.029519][T12420] ? _copy_from_user+0x201/0x310 [ 630.034492][T12420] ? kmsan_get_metadata+0x116/0x180 [ 630.039718][T12420] __msan_chain_origin+0x50/0x90 [ 630.045125][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.050289][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.055264][T12420] do_recvmmsg+0xdbb/0x22c0 [ 630.059821][T12420] ? kmsan_get_metadata+0x116/0x180 [ 630.065047][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 630.070997][T12420] ? kmsan_get_metadata+0x116/0x180 [ 630.076217][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 630.081899][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 630.087208][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 630.092337][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 630.097131][T12420] __sys_recvmmsg+0x5dd/0x610 [ 630.101872][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.107985][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.114163][T12420] __do_fast_syscall_32+0x2af/0x480 [ 630.119398][T12420] do_fast_syscall_32+0x6b/0xd0 [ 630.124292][T12420] do_SYSENTER_32+0x73/0x90 [ 630.128809][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.135125][T12420] RIP: 0023:0xf7f15549 [ 630.139176][T12420] Code: Bad RIP value. [ 630.143237][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 630.151664][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 630.159660][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 630.167639][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 630.175608][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 630.183577][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 630.191558][T12420] Uninit was stored to memory at: [ 630.196622][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 630.202370][T12420] __msan_chain_origin+0x50/0x90 [ 630.207343][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.212449][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.217395][T12420] do_recvmmsg+0xdbb/0x22c0 [ 630.221923][T12420] __sys_recvmmsg+0x5dd/0x610 [ 630.226608][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.232688][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.238853][T12420] __do_fast_syscall_32+0x2af/0x480 [ 630.244067][T12420] do_fast_syscall_32+0x6b/0xd0 [ 630.248909][T12420] do_SYSENTER_32+0x73/0x90 [ 630.253415][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.259735][T12420] [ 630.262074][T12420] Uninit was stored to memory at: [ 630.267100][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 630.272842][T12420] __msan_chain_origin+0x50/0x90 [ 630.277795][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.282919][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.287859][T12420] do_recvmmsg+0xdbb/0x22c0 [ 630.292370][T12420] __sys_recvmmsg+0x5dd/0x610 [ 630.297061][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.303150][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.309306][T12420] __do_fast_syscall_32+0x2af/0x480 [ 630.314522][T12420] do_fast_syscall_32+0x6b/0xd0 [ 630.319377][T12420] do_SYSENTER_32+0x73/0x90 [ 630.323897][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.330217][T12420] [ 630.332556][T12420] Uninit was stored to memory at: [ 630.337627][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 630.343364][T12420] __msan_chain_origin+0x50/0x90 [ 630.348305][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.353418][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.358371][T12420] do_recvmmsg+0xdbb/0x22c0 [ 630.362898][T12420] __sys_recvmmsg+0x5dd/0x610 [ 630.367593][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.373701][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.379872][T12420] __do_fast_syscall_32+0x2af/0x480 [ 630.385089][T12420] do_fast_syscall_32+0x6b/0xd0 [ 630.389958][T12420] do_SYSENTER_32+0x73/0x90 [ 630.394463][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.400788][T12420] [ 630.403108][T12420] Uninit was stored to memory at: [ 630.408169][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 630.413887][T12420] __msan_chain_origin+0x50/0x90 [ 630.418860][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.423991][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.428926][T12420] do_recvmmsg+0xdbb/0x22c0 [ 630.433430][T12420] __sys_recvmmsg+0x5dd/0x610 [ 630.438134][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.444238][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.450440][T12420] __do_fast_syscall_32+0x2af/0x480 [ 630.455658][T12420] do_fast_syscall_32+0x6b/0xd0 [ 630.460513][T12420] do_SYSENTER_32+0x73/0x90 [ 630.465033][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.471343][T12420] [ 630.473661][T12420] Uninit was stored to memory at: [ 630.478706][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 630.484461][T12420] __msan_chain_origin+0x50/0x90 [ 630.489426][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.494562][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.499499][T12420] do_recvmmsg+0xdbb/0x22c0 [ 630.504004][T12420] __sys_recvmmsg+0x5dd/0x610 [ 630.508693][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.514749][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.520912][T12420] __do_fast_syscall_32+0x2af/0x480 [ 630.526123][T12420] do_fast_syscall_32+0x6b/0xd0 [ 630.530985][T12420] do_SYSENTER_32+0x73/0x90 [ 630.535475][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.541800][T12420] [ 630.544110][T12420] Uninit was stored to memory at: [ 630.549138][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 630.554862][T12420] __msan_chain_origin+0x50/0x90 [ 630.560398][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.565505][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.570446][T12420] do_recvmmsg+0xdbb/0x22c0 [ 630.574938][T12420] __sys_recvmmsg+0x5dd/0x610 [ 630.580317][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.586377][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.593489][T12420] __do_fast_syscall_32+0x2af/0x480 [ 630.598688][T12420] do_fast_syscall_32+0x6b/0xd0 [ 630.603556][T12420] do_SYSENTER_32+0x73/0x90 [ 630.608049][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.614375][T12420] [ 630.616691][T12420] Uninit was stored to memory at: [ 630.621718][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 630.627425][T12420] __msan_chain_origin+0x50/0x90 [ 630.632368][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.637508][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.642461][T12420] do_recvmmsg+0xdbb/0x22c0 [ 630.646951][T12420] __sys_recvmmsg+0x5dd/0x610 [ 630.651626][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 630.657701][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 630.663878][T12420] __do_fast_syscall_32+0x2af/0x480 [ 630.669087][T12420] do_fast_syscall_32+0x6b/0xd0 [ 630.674630][T12420] do_SYSENTER_32+0x73/0x90 [ 630.679152][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 630.685474][T12420] [ 630.687808][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 630.694472][T12420] do_recvmmsg+0xbf/0x22c0 [ 630.698892][T12420] do_recvmmsg+0xbf/0x22c0 [ 630.918562][T12420] not chained 390000 origins [ 630.923234][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 630.931969][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 630.942047][T12420] Call Trace: [ 630.945369][T12420] dump_stack+0x21c/0x280 [ 630.949730][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 630.955510][T12420] ? kmsan_get_metadata+0x116/0x180 [ 630.960732][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 630.966300][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 630.972402][T12420] ? _copy_from_user+0x201/0x310 [ 630.977365][T12420] ? kmsan_get_metadata+0x116/0x180 [ 630.982580][T12420] __msan_chain_origin+0x50/0x90 [ 630.987610][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 630.992768][T12420] get_compat_msghdr+0x108/0x2b0 [ 630.997743][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.002296][T12420] ? kmsan_get_metadata+0x116/0x180 [ 631.007522][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 631.013463][T12420] ? kmsan_get_metadata+0x116/0x180 [ 631.018700][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 631.024357][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 631.029670][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 631.034499][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 631.039292][T12420] __sys_recvmmsg+0x5dd/0x610 [ 631.043993][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.050066][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.056258][T12420] __do_fast_syscall_32+0x2af/0x480 [ 631.061564][T12420] do_fast_syscall_32+0x6b/0xd0 [ 631.067140][T12420] do_SYSENTER_32+0x73/0x90 [ 631.071681][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.078018][T12420] RIP: 0023:0xf7f15549 [ 631.082182][T12420] Code: Bad RIP value. [ 631.086262][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 631.094703][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 631.102686][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 631.110667][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 631.118634][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 631.127615][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 631.136563][T12420] Uninit was stored to memory at: [ 631.141592][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 631.147327][T12420] __msan_chain_origin+0x50/0x90 [ 631.152279][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 631.157405][T12420] get_compat_msghdr+0x108/0x2b0 [ 631.162339][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.166858][T12420] __sys_recvmmsg+0x5dd/0x610 [ 631.171541][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.177605][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.183761][T12420] __do_fast_syscall_32+0x2af/0x480 [ 631.189570][T12420] do_fast_syscall_32+0x6b/0xd0 [ 631.194409][T12420] do_SYSENTER_32+0x73/0x90 [ 631.198901][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.205227][T12420] [ 631.207549][T12420] Uninit was stored to memory at: [ 631.212592][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 631.218315][T12420] __msan_chain_origin+0x50/0x90 [ 631.223242][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 631.228358][T12420] get_compat_msghdr+0x108/0x2b0 [ 631.233312][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.237843][T12420] __sys_recvmmsg+0x5dd/0x610 [ 631.242526][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.249468][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.255609][T12420] __do_fast_syscall_32+0x2af/0x480 [ 631.260812][T12420] do_fast_syscall_32+0x6b/0xd0 [ 631.265646][T12420] do_SYSENTER_32+0x73/0x90 [ 631.270141][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.276481][T12420] [ 631.278799][T12420] Uninit was stored to memory at: [ 631.283815][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 631.289574][T12420] __msan_chain_origin+0x50/0x90 [ 631.294504][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 631.299604][T12420] get_compat_msghdr+0x108/0x2b0 [ 631.304532][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.309038][T12420] __sys_recvmmsg+0x5dd/0x610 [ 631.313770][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.319868][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.326046][T12420] __do_fast_syscall_32+0x2af/0x480 [ 631.331256][T12420] do_fast_syscall_32+0x6b/0xd0 [ 631.336203][T12420] do_SYSENTER_32+0x73/0x90 [ 631.340702][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.347029][T12420] [ 631.349358][T12420] Uninit was stored to memory at: [ 631.354392][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 631.361058][T12420] __msan_chain_origin+0x50/0x90 [ 631.365997][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 631.371116][T12420] get_compat_msghdr+0x108/0x2b0 [ 631.376219][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.380754][T12420] __sys_recvmmsg+0x5dd/0x610 [ 631.385438][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.391498][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.397782][T12420] __do_fast_syscall_32+0x2af/0x480 [ 631.402972][T12420] do_fast_syscall_32+0x6b/0xd0 [ 631.407826][T12420] do_SYSENTER_32+0x73/0x90 [ 631.412349][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.418660][T12420] [ 631.420972][T12420] Uninit was stored to memory at: [ 631.425999][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 631.431733][T12420] __msan_chain_origin+0x50/0x90 [ 631.436676][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 631.441786][T12420] get_compat_msghdr+0x108/0x2b0 [ 631.446725][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.451234][T12420] __sys_recvmmsg+0x5dd/0x610 [ 631.455903][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.461997][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.468175][T12420] __do_fast_syscall_32+0x2af/0x480 [ 631.473394][T12420] do_fast_syscall_32+0x6b/0xd0 [ 631.478284][T12420] do_SYSENTER_32+0x73/0x90 [ 631.482778][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.489089][T12420] [ 631.491422][T12420] Uninit was stored to memory at: [ 631.496457][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 631.502190][T12420] __msan_chain_origin+0x50/0x90 [ 631.507143][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 631.512715][T12420] get_compat_msghdr+0x108/0x2b0 [ 631.517653][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.522148][T12420] __sys_recvmmsg+0x5dd/0x610 [ 631.526839][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.532923][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.539078][T12420] __do_fast_syscall_32+0x2af/0x480 [ 631.544278][T12420] do_fast_syscall_32+0x6b/0xd0 [ 631.549134][T12420] do_SYSENTER_32+0x73/0x90 [ 631.553631][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.559957][T12420] [ 631.562268][T12420] Uninit was stored to memory at: [ 631.567298][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 631.573074][T12420] __msan_chain_origin+0x50/0x90 [ 631.578020][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 631.583149][T12420] get_compat_msghdr+0x108/0x2b0 [ 631.588110][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.592633][T12420] __sys_recvmmsg+0x5dd/0x610 [ 631.597299][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 631.603367][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 631.609528][T12420] __do_fast_syscall_32+0x2af/0x480 [ 631.614732][T12420] do_fast_syscall_32+0x6b/0xd0 [ 631.619590][T12420] do_SYSENTER_32+0x73/0x90 [ 631.624103][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 631.630416][T12420] [ 631.632747][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 631.640285][T12420] do_recvmmsg+0xbf/0x22c0 [ 631.644690][T12420] do_recvmmsg+0xbf/0x22c0 [ 631.904455][T12420] not chained 400000 origins [ 631.909082][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 631.917787][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 631.927853][T12420] Call Trace: [ 631.931146][T12420] dump_stack+0x21c/0x280 [ 631.935499][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 631.941281][T12420] ? kmsan_get_metadata+0x116/0x180 [ 631.946479][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 631.952025][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 631.958095][T12420] ? _copy_from_user+0x201/0x310 [ 631.963047][T12420] ? kmsan_get_metadata+0x116/0x180 [ 631.968271][T12420] __msan_chain_origin+0x50/0x90 [ 631.973225][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 631.978349][T12420] get_compat_msghdr+0x108/0x2b0 [ 631.983286][T12420] do_recvmmsg+0xdbb/0x22c0 [ 631.987816][T12420] ? kmsan_get_metadata+0x116/0x180 [ 631.993019][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 631.998906][T12420] ? kmsan_get_metadata+0x116/0x180 [ 632.004102][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 632.009747][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 632.015055][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 632.019820][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 632.024586][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.029273][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.035342][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.041520][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.046725][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.051574][T12420] do_SYSENTER_32+0x73/0x90 [ 632.056067][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.062432][T12420] RIP: 0023:0xf7f15549 [ 632.066517][T12420] Code: Bad RIP value. [ 632.070567][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 632.078964][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 632.087044][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 632.095008][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 632.102989][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 632.110978][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 632.118960][T12420] Uninit was stored to memory at: [ 632.123992][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 632.129726][T12420] __msan_chain_origin+0x50/0x90 [ 632.134669][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 632.139767][T12420] get_compat_msghdr+0x108/0x2b0 [ 632.144693][T12420] do_recvmmsg+0xdbb/0x22c0 [ 632.149221][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.153912][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.159966][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.166107][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.171305][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.176143][T12420] do_SYSENTER_32+0x73/0x90 [ 632.180636][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.186952][T12420] [ 632.189263][T12420] Uninit was stored to memory at: [ 632.194278][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 632.199982][T12420] __msan_chain_origin+0x50/0x90 [ 632.204924][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 632.210038][T12420] get_compat_msghdr+0x108/0x2b0 [ 632.214974][T12420] do_recvmmsg+0xdbb/0x22c0 [ 632.219478][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.224141][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.230202][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.236360][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.241545][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.246395][T12420] do_SYSENTER_32+0x73/0x90 [ 632.250897][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.257214][T12420] [ 632.259528][T12420] Uninit was stored to memory at: [ 632.265692][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 632.271414][T12420] __msan_chain_origin+0x50/0x90 [ 632.276345][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 632.281451][T12420] get_compat_msghdr+0x108/0x2b0 [ 632.286380][T12420] do_recvmmsg+0xdbb/0x22c0 [ 632.290873][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.295577][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.301650][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.307801][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.312992][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.317837][T12420] do_SYSENTER_32+0x73/0x90 [ 632.322327][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.328630][T12420] [ 632.330945][T12420] Uninit was stored to memory at: [ 632.335987][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 632.341719][T12420] __msan_chain_origin+0x50/0x90 [ 632.346657][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 632.351785][T12420] get_compat_msghdr+0x108/0x2b0 [ 632.356743][T12420] do_recvmmsg+0xdbb/0x22c0 [ 632.361231][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.365895][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.371964][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.378108][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.383293][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.388129][T12420] do_SYSENTER_32+0x73/0x90 [ 632.392616][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.398919][T12420] [ 632.401228][T12420] Uninit was stored to memory at: [ 632.406241][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 632.411952][T12420] __msan_chain_origin+0x50/0x90 [ 632.416888][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 632.421992][T12420] get_compat_msghdr+0x108/0x2b0 [ 632.426912][T12420] do_recvmmsg+0xdbb/0x22c0 [ 632.431399][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.436065][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.442114][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.448263][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.453531][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.458365][T12420] do_SYSENTER_32+0x73/0x90 [ 632.462849][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.469162][T12420] [ 632.471482][T12420] Uninit was stored to memory at: [ 632.476494][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 632.482196][T12420] __msan_chain_origin+0x50/0x90 [ 632.487134][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 632.492243][T12420] get_compat_msghdr+0x108/0x2b0 [ 632.497169][T12420] do_recvmmsg+0xdbb/0x22c0 [ 632.501669][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.506348][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.512423][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.518595][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.523794][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.528634][T12420] do_SYSENTER_32+0x73/0x90 [ 632.533124][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.539438][T12420] [ 632.541748][T12420] Uninit was stored to memory at: [ 632.546777][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 632.552482][T12420] __msan_chain_origin+0x50/0x90 [ 632.557419][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 632.562512][T12420] get_compat_msghdr+0x108/0x2b0 [ 632.567435][T12420] do_recvmmsg+0xdbb/0x22c0 [ 632.571938][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.576614][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.582664][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.588804][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.594003][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.598867][T12420] do_SYSENTER_32+0x73/0x90 [ 632.603354][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.609658][T12420] [ 632.611982][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 632.618660][T12420] do_recvmmsg+0xbf/0x22c0 [ 632.623071][T12420] do_recvmmsg+0xbf/0x22c0 [ 632.692200][ T0] NOHZ: local_softirq_pending 08 [ 632.795816][T12420] not chained 410000 origins [ 632.800458][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 632.809161][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 632.819223][T12420] Call Trace: [ 632.822539][T12420] dump_stack+0x21c/0x280 [ 632.826905][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 632.832725][T12420] ? kmsan_get_metadata+0x116/0x180 [ 632.837942][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 632.843509][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 632.849604][T12420] ? _copy_from_user+0x201/0x310 [ 632.854570][T12420] ? kmsan_get_metadata+0x116/0x180 [ 632.859791][T12420] __msan_chain_origin+0x50/0x90 [ 632.864753][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 632.869910][T12420] get_compat_msghdr+0x108/0x2b0 [ 632.874991][T12420] do_recvmmsg+0xdbb/0x22c0 [ 632.879545][T12420] ? kmsan_get_metadata+0x116/0x180 [ 632.884774][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 632.890690][T12420] ? kmsan_get_metadata+0x116/0x180 [ 632.895911][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 632.901566][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 632.906874][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 632.911650][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 632.916435][T12420] __sys_recvmmsg+0x5dd/0x610 [ 632.921157][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 632.927254][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 632.933426][T12420] __do_fast_syscall_32+0x2af/0x480 [ 632.938654][T12420] do_fast_syscall_32+0x6b/0xd0 [ 632.943530][T12420] do_SYSENTER_32+0x73/0x90 [ 632.948059][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 632.954403][T12420] RIP: 0023:0xf7f15549 [ 632.958471][T12420] Code: Bad RIP value. [ 632.962542][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 632.970966][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 632.978953][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 632.986935][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 632.994915][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 633.002897][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 633.010895][T12420] Uninit was stored to memory at: [ 633.015945][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.021682][T12420] __msan_chain_origin+0x50/0x90 [ 633.026635][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.031760][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.036708][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.041222][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.045916][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.051998][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.058167][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.063368][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.068208][T12420] do_SYSENTER_32+0x73/0x90 [ 633.072695][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.078993][T12420] [ 633.081301][T12420] Uninit was stored to memory at: [ 633.086309][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.092013][T12420] __msan_chain_origin+0x50/0x90 [ 633.096936][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.102029][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.106963][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.111448][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.116112][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.122160][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.128298][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.133483][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.138319][T12420] do_SYSENTER_32+0x73/0x90 [ 633.142818][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.149155][T12420] [ 633.151565][T12420] Uninit was stored to memory at: [ 633.156595][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.162313][T12420] __msan_chain_origin+0x50/0x90 [ 633.167241][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.172345][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.177289][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.181777][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.186457][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.192523][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.198662][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.203861][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.208707][T12420] do_SYSENTER_32+0x73/0x90 [ 633.213198][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.219510][T12420] [ 633.221818][T12420] Uninit was stored to memory at: [ 633.226848][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.232566][T12420] __msan_chain_origin+0x50/0x90 [ 633.237490][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.242586][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.247512][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.252012][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.256674][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.262736][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.268875][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.274057][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.278894][T12420] do_SYSENTER_32+0x73/0x90 [ 633.283388][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.289691][T12420] [ 633.292007][T12420] Uninit was stored to memory at: [ 633.297035][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.302740][T12420] __msan_chain_origin+0x50/0x90 [ 633.307682][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.312792][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.317728][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.322212][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.326902][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.332993][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.339146][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.344344][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.349203][T12420] do_SYSENTER_32+0x73/0x90 [ 633.353711][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.360030][T12420] [ 633.362341][T12420] Uninit was stored to memory at: [ 633.367355][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.373218][T12420] __msan_chain_origin+0x50/0x90 [ 633.378179][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.383330][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.388268][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.392755][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.397422][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.403494][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.409635][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.414828][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.419692][T12420] do_SYSENTER_32+0x73/0x90 [ 633.424195][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.430505][T12420] [ 633.432834][T12420] Uninit was stored to memory at: [ 633.437857][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.443562][T12420] __msan_chain_origin+0x50/0x90 [ 633.448496][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.453610][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.458549][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.463049][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.467719][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.473789][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.479941][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.485148][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.490037][T12420] do_SYSENTER_32+0x73/0x90 [ 633.494530][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.500839][T12420] [ 633.503182][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 633.509842][T12420] do_recvmmsg+0xbf/0x22c0 [ 633.514255][T12420] do_recvmmsg+0xbf/0x22c0 [ 633.657557][T12420] not chained 420000 origins [ 633.662203][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 633.670904][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 633.680969][T12420] Call Trace: [ 633.684290][T12420] dump_stack+0x21c/0x280 [ 633.688655][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 633.694471][T12420] ? kmsan_get_metadata+0x116/0x180 [ 633.699717][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 633.705319][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 633.711414][T12420] ? _copy_from_user+0x201/0x310 [ 633.716378][T12420] ? kmsan_get_metadata+0x116/0x180 [ 633.721599][T12420] __msan_chain_origin+0x50/0x90 [ 633.726562][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.731724][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.736702][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.741257][T12420] ? kmsan_get_metadata+0x116/0x180 [ 633.746490][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 633.752410][T12420] ? kmsan_get_metadata+0x116/0x180 [ 633.757629][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 633.763281][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 633.768588][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 633.773366][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 633.778159][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.782879][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.789040][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.795221][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.800450][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.805326][T12420] do_SYSENTER_32+0x73/0x90 [ 633.809856][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.816196][T12420] RIP: 0023:0xf7f15549 [ 633.820269][T12420] Code: Bad RIP value. [ 633.824373][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 633.832811][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 633.840826][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 633.848815][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 633.856801][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 633.864823][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 633.872825][T12420] Uninit was stored to memory at: [ 633.877872][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.883603][T12420] __msan_chain_origin+0x50/0x90 [ 633.888582][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.893731][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.898689][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.903208][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.907909][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.914016][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.920195][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.925399][T12420] do_fast_syscall_32+0x6b/0xd0 [ 633.930236][T12420] do_SYSENTER_32+0x73/0x90 [ 633.934722][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 633.941022][T12420] [ 633.943333][T12420] Uninit was stored to memory at: [ 633.948362][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 633.954083][T12420] __msan_chain_origin+0x50/0x90 [ 633.959038][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 633.964131][T12420] get_compat_msghdr+0x108/0x2b0 [ 633.969061][T12420] do_recvmmsg+0xdbb/0x22c0 [ 633.973574][T12420] __sys_recvmmsg+0x5dd/0x610 [ 633.978247][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 633.984316][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 633.990458][T12420] __do_fast_syscall_32+0x2af/0x480 [ 633.995658][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.000508][T12420] do_SYSENTER_32+0x73/0x90 [ 634.005000][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.011370][T12420] [ 634.013693][T12420] Uninit was stored to memory at: [ 634.018773][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.024480][T12420] __msan_chain_origin+0x50/0x90 [ 634.029422][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.034520][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.039443][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.043938][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.048603][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.054683][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.060826][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.066027][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.070881][T12420] do_SYSENTER_32+0x73/0x90 [ 634.075392][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.081704][T12420] [ 634.084011][T12420] Uninit was stored to memory at: [ 634.089024][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.094729][T12420] __msan_chain_origin+0x50/0x90 [ 634.102354][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.107451][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.112374][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.116863][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.121539][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.127630][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.133788][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.138989][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.143842][T12420] do_SYSENTER_32+0x73/0x90 [ 634.148332][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.154648][T12420] [ 634.156957][T12420] Uninit was stored to memory at: [ 634.161987][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.167704][T12420] __msan_chain_origin+0x50/0x90 [ 634.172630][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.177740][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.182662][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.187155][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.191829][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.197899][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.204053][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.209236][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.214071][T12420] do_SYSENTER_32+0x73/0x90 [ 634.218571][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.224873][T12420] [ 634.227187][T12420] Uninit was stored to memory at: [ 634.232233][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.242203][T12420] __msan_chain_origin+0x50/0x90 [ 634.247129][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.252228][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.257186][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.261683][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.266362][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.272456][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.278621][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.283809][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.288664][T12420] do_SYSENTER_32+0x73/0x90 [ 634.293160][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.299475][T12420] [ 634.301787][T12420] Uninit was stored to memory at: [ 634.306809][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.312523][T12420] __msan_chain_origin+0x50/0x90 [ 634.317454][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.322562][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.327503][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.331991][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.336675][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.342835][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.348994][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.354212][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.359071][T12420] do_SYSENTER_32+0x73/0x90 [ 634.363580][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.369889][T12420] [ 634.372216][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 634.378894][T12420] do_recvmmsg+0xbf/0x22c0 [ 634.383295][T12420] do_recvmmsg+0xbf/0x22c0 [ 634.535019][T12420] not chained 430000 origins [ 634.539642][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 634.548444][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 634.558515][T12420] Call Trace: [ 634.561868][T12420] dump_stack+0x21c/0x280 [ 634.566202][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 634.571938][T12420] ? kmsan_get_metadata+0x116/0x180 [ 634.577147][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 634.582680][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 634.588741][T12420] ? _copy_from_user+0x201/0x310 [ 634.593692][T12420] ? kmsan_get_metadata+0x116/0x180 [ 634.598880][T12420] __msan_chain_origin+0x50/0x90 [ 634.603818][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.608943][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.613898][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.618428][T12420] ? kmsan_get_metadata+0x116/0x180 [ 634.623619][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 634.629503][T12420] ? kmsan_get_metadata+0x116/0x180 [ 634.634700][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 634.640321][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 634.645597][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 634.650360][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 634.655129][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.659846][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.665916][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.672071][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.677271][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.682148][T12420] do_SYSENTER_32+0x73/0x90 [ 634.686651][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.692976][T12420] RIP: 0023:0xf7f15549 [ 634.697031][T12420] Code: Bad RIP value. [ 634.701097][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 634.709495][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 634.717467][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 634.725434][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 634.733417][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 634.741373][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 634.749342][T12420] Uninit was stored to memory at: [ 634.754368][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.760080][T12420] __msan_chain_origin+0x50/0x90 [ 634.765008][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.770122][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.775059][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.779578][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.784263][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.790421][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.796614][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.801801][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.806638][T12420] do_SYSENTER_32+0x73/0x90 [ 634.811127][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.817449][T12420] [ 634.819757][T12420] Uninit was stored to memory at: [ 634.824803][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.830509][T12420] __msan_chain_origin+0x50/0x90 [ 634.835440][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.840535][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.845498][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.849984][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.854658][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.860725][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.866870][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.872082][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.876918][T12420] do_SYSENTER_32+0x73/0x90 [ 634.881407][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.887706][T12420] [ 634.890011][T12420] Uninit was stored to memory at: [ 634.895031][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.900761][T12420] __msan_chain_origin+0x50/0x90 [ 634.905687][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.910800][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.915723][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.920220][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.924901][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 634.930954][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 634.937100][T12420] __do_fast_syscall_32+0x2af/0x480 [ 634.942286][T12420] do_fast_syscall_32+0x6b/0xd0 [ 634.947123][T12420] do_SYSENTER_32+0x73/0x90 [ 634.951612][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 634.958001][T12420] [ 634.960315][T12420] Uninit was stored to memory at: [ 634.965343][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 634.971067][T12420] __msan_chain_origin+0x50/0x90 [ 634.976004][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 634.981111][T12420] get_compat_msghdr+0x108/0x2b0 [ 634.986041][T12420] do_recvmmsg+0xdbb/0x22c0 [ 634.990536][T12420] __sys_recvmmsg+0x5dd/0x610 [ 634.995233][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.001303][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.007460][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.012670][T12420] do_fast_syscall_32+0x6b/0xd0 [ 635.017508][T12420] do_SYSENTER_32+0x73/0x90 [ 635.021999][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.028310][T12420] [ 635.030647][T12420] Uninit was stored to memory at: [ 635.035683][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 635.041388][T12420] __msan_chain_origin+0x50/0x90 [ 635.046327][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 635.051425][T12420] get_compat_msghdr+0x108/0x2b0 [ 635.056350][T12420] do_recvmmsg+0xdbb/0x22c0 [ 635.060840][T12420] __sys_recvmmsg+0x5dd/0x610 [ 635.065510][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.071583][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.077725][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.082912][T12420] do_fast_syscall_32+0x6b/0xd0 [ 635.087748][T12420] do_SYSENTER_32+0x73/0x90 [ 635.092241][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.098558][T12420] [ 635.100865][T12420] Uninit was stored to memory at: [ 635.105879][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 635.111603][T12420] __msan_chain_origin+0x50/0x90 [ 635.116561][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 635.121713][T12420] get_compat_msghdr+0x108/0x2b0 [ 635.126652][T12420] do_recvmmsg+0xdbb/0x22c0 [ 635.131136][T12420] __sys_recvmmsg+0x5dd/0x610 [ 635.135800][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.141850][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.147988][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.153330][T12420] do_fast_syscall_32+0x6b/0xd0 [ 635.158173][T12420] do_SYSENTER_32+0x73/0x90 [ 635.162672][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.168977][T12420] [ 635.171286][T12420] Uninit was stored to memory at: [ 635.176313][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 635.182014][T12420] __msan_chain_origin+0x50/0x90 [ 635.186955][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 635.192175][T12420] get_compat_msghdr+0x108/0x2b0 [ 635.197123][T12420] do_recvmmsg+0xdbb/0x22c0 [ 635.201612][T12420] __sys_recvmmsg+0x5dd/0x610 [ 635.206276][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.212330][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.218469][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.223666][T12420] do_fast_syscall_32+0x6b/0xd0 [ 635.228513][T12420] do_SYSENTER_32+0x73/0x90 [ 635.233000][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.239300][T12420] [ 635.241609][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 635.248278][T12420] do_recvmmsg+0xbf/0x22c0 [ 635.252678][T12420] do_recvmmsg+0xbf/0x22c0 [ 635.518917][T12420] not chained 440000 origins [ 635.523563][T12420] CPU: 0 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 635.532243][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 635.542346][T12420] Call Trace: [ 635.545661][T12420] dump_stack+0x21c/0x280 [ 635.550024][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 635.555813][T12420] ? kmsan_get_metadata+0x116/0x180 [ 635.561031][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 635.566600][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 635.572692][T12420] ? _copy_from_user+0x201/0x310 [ 635.577655][T12420] ? kmsan_get_metadata+0x116/0x180 [ 635.582875][T12420] __msan_chain_origin+0x50/0x90 [ 635.587839][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 635.592999][T12420] get_compat_msghdr+0x108/0x2b0 [ 635.597971][T12420] do_recvmmsg+0xdbb/0x22c0 [ 635.602525][T12420] ? kmsan_get_metadata+0x116/0x180 [ 635.607771][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 635.613688][T12420] ? kmsan_get_metadata+0x116/0x180 [ 635.618909][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 635.624568][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 635.629878][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 635.634657][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 635.639444][T12420] __sys_recvmmsg+0x5dd/0x610 [ 635.644162][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.650264][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.656540][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.661773][T12420] do_fast_syscall_32+0x6b/0xd0 [ 635.666655][T12420] do_SYSENTER_32+0x73/0x90 [ 635.671182][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.677521][T12420] RIP: 0023:0xf7f15549 [ 635.681591][T12420] Code: Bad RIP value. [ 635.685669][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 635.694095][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 635.702095][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 635.710089][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 635.718071][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 635.726050][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 635.734049][T12420] Uninit was stored to memory at: [ 635.739096][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 635.744832][T12420] __msan_chain_origin+0x50/0x90 [ 635.749788][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 635.754914][T12420] get_compat_msghdr+0x108/0x2b0 [ 635.759863][T12420] do_recvmmsg+0xdbb/0x22c0 [ 635.764380][T12420] __sys_recvmmsg+0x5dd/0x610 [ 635.769073][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.775153][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.781322][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.786539][T12420] do_fast_syscall_32+0x6b/0xd0 [ 635.791490][T12420] do_SYSENTER_32+0x73/0x90 [ 635.796009][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.802333][T12420] [ 635.804666][T12420] Uninit was stored to memory at: [ 635.809731][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 635.815465][T12420] __msan_chain_origin+0x50/0x90 [ 635.820416][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 635.825539][T12420] get_compat_msghdr+0x108/0x2b0 [ 635.830490][T12420] do_recvmmsg+0xdbb/0x22c0 [ 635.835002][T12420] __sys_recvmmsg+0x5dd/0x610 [ 635.839697][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.845793][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.851965][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.857179][T12420] do_fast_syscall_32+0x6b/0xd0 [ 635.862045][T12420] do_SYSENTER_32+0x73/0x90 [ 635.866564][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.872883][T12420] [ 635.875244][T12420] Uninit was stored to memory at: [ 635.880286][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 635.886037][T12420] __msan_chain_origin+0x50/0x90 [ 635.890988][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 635.896132][T12420] get_compat_msghdr+0x108/0x2b0 [ 635.901081][T12420] do_recvmmsg+0xdbb/0x22c0 [ 635.905619][T12420] __sys_recvmmsg+0x5dd/0x610 [ 635.910314][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.916397][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.922565][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.927775][T12420] do_fast_syscall_32+0x6b/0xd0 [ 635.932641][T12420] do_SYSENTER_32+0x73/0x90 [ 635.937157][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 635.943483][T12420] [ 635.945813][T12420] Uninit was stored to memory at: [ 635.950855][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 635.956589][T12420] __msan_chain_origin+0x50/0x90 [ 635.961550][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 635.966674][T12420] get_compat_msghdr+0x108/0x2b0 [ 635.971642][T12420] do_recvmmsg+0xdbb/0x22c0 [ 635.976158][T12420] __sys_recvmmsg+0x5dd/0x610 [ 635.980848][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 635.986931][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 635.993097][T12420] __do_fast_syscall_32+0x2af/0x480 [ 635.998329][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.003189][T12420] do_SYSENTER_32+0x73/0x90 [ 636.007705][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.014027][T12420] [ 636.016369][T12420] Uninit was stored to memory at: [ 636.021412][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 636.027142][T12420] __msan_chain_origin+0x50/0x90 [ 636.032091][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.037213][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.042164][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.046680][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.051358][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.057414][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.063554][T12420] __do_fast_syscall_32+0x2af/0x480 [ 636.068750][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.073599][T12420] do_SYSENTER_32+0x73/0x90 [ 636.078135][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.084434][T12420] [ 636.086749][T12420] Uninit was stored to memory at: [ 636.091872][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 636.097664][T12420] __msan_chain_origin+0x50/0x90 [ 636.102597][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.107714][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.112655][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.117149][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.121813][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.127896][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.134049][T12420] __do_fast_syscall_32+0x2af/0x480 [ 636.139247][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.144096][T12420] do_SYSENTER_32+0x73/0x90 [ 636.148599][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.154919][T12420] [ 636.157250][T12420] Uninit was stored to memory at: [ 636.162280][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 636.168016][T12420] __msan_chain_origin+0x50/0x90 [ 636.172968][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.178081][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.183000][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.187500][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.192179][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.198250][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.204388][T12420] __do_fast_syscall_32+0x2af/0x480 [ 636.209589][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.214440][T12420] do_SYSENTER_32+0x73/0x90 [ 636.218946][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.226042][T12420] [ 636.228379][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 636.235055][T12420] do_recvmmsg+0xbf/0x22c0 [ 636.239455][T12420] do_recvmmsg+0xbf/0x22c0 [ 636.465638][T12420] not chained 450000 origins [ 636.470291][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 636.478980][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 636.489027][T12420] Call Trace: [ 636.492415][T12420] dump_stack+0x21c/0x280 [ 636.496744][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 636.502491][T12420] ? kmsan_get_metadata+0x116/0x180 [ 636.507680][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 636.513234][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 636.519314][T12420] ? _copy_from_user+0x201/0x310 [ 636.524251][T12420] ? kmsan_get_metadata+0x116/0x180 [ 636.529440][T12420] __msan_chain_origin+0x50/0x90 [ 636.534393][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.539574][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.544528][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.549078][T12420] ? kmsan_get_metadata+0x116/0x180 [ 636.554289][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 636.560188][T12420] ? kmsan_get_metadata+0x116/0x180 [ 636.565427][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 636.571061][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 636.576369][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 636.581122][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 636.585913][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.590605][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.596681][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.602822][T12420] __do_fast_syscall_32+0x2af/0x480 [ 636.608016][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.612871][T12420] do_SYSENTER_32+0x73/0x90 [ 636.617374][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.623699][T12420] RIP: 0023:0xf7f15549 [ 636.627762][T12420] Code: Bad RIP value. [ 636.631809][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 636.640217][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 636.648193][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 636.656158][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 636.664116][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 636.672080][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 636.680060][T12420] Uninit was stored to memory at: [ 636.685084][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 636.690806][T12420] __msan_chain_origin+0x50/0x90 [ 636.695729][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.700838][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.705773][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.710279][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.714943][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.721008][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.727151][T12420] __do_fast_syscall_32+0x2af/0x480 [ 636.732338][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.737171][T12420] do_SYSENTER_32+0x73/0x90 [ 636.741668][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.747968][T12420] [ 636.750280][T12420] Uninit was stored to memory at: [ 636.755294][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 636.761011][T12420] __msan_chain_origin+0x50/0x90 [ 636.765954][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.771073][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.776003][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.780520][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.785180][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.791236][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.797375][T12420] __do_fast_syscall_32+0x2af/0x480 [ 636.802555][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.807401][T12420] do_SYSENTER_32+0x73/0x90 [ 636.811890][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.818192][T12420] [ 636.820531][T12420] Uninit was stored to memory at: [ 636.825558][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 636.831299][T12420] __msan_chain_origin+0x50/0x90 [ 636.836226][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.841342][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.846270][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.850762][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.855477][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.861534][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.867678][T12420] __do_fast_syscall_32+0x2af/0x480 [ 636.872861][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.877713][T12420] do_SYSENTER_32+0x73/0x90 [ 636.882202][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.888502][T12420] [ 636.890812][T12420] Uninit was stored to memory at: [ 636.895837][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 636.901541][T12420] __msan_chain_origin+0x50/0x90 [ 636.906476][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.911575][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.916496][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.920994][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.925829][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 636.931899][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 636.938040][T12420] __do_fast_syscall_32+0x2af/0x480 [ 636.943228][T12420] do_fast_syscall_32+0x6b/0xd0 [ 636.948095][T12420] do_SYSENTER_32+0x73/0x90 [ 636.952587][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 636.958901][T12420] [ 636.961224][T12420] Uninit was stored to memory at: [ 636.966238][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 636.971957][T12420] __msan_chain_origin+0x50/0x90 [ 636.976915][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 636.982012][T12420] get_compat_msghdr+0x108/0x2b0 [ 636.986938][T12420] do_recvmmsg+0xdbb/0x22c0 [ 636.991424][T12420] __sys_recvmmsg+0x5dd/0x610 [ 636.996085][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.002137][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.008276][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.013460][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.018297][T12420] do_SYSENTER_32+0x73/0x90 [ 637.022809][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.029123][T12420] [ 637.031446][T12420] Uninit was stored to memory at: [ 637.036461][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 637.042171][T12420] __msan_chain_origin+0x50/0x90 [ 637.047115][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.052227][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.057154][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.061642][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.066306][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.072355][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.078510][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.083699][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.088537][T12420] do_SYSENTER_32+0x73/0x90 [ 637.093036][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.099341][T12420] [ 637.101666][T12420] Uninit was stored to memory at: [ 637.106678][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 637.112406][T12420] __msan_chain_origin+0x50/0x90 [ 637.117347][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.122441][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.127362][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.131857][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.136518][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.142598][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.148736][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.153928][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.158769][T12420] do_SYSENTER_32+0x73/0x90 [ 637.163259][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.169560][T12420] [ 637.171868][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 637.178535][T12420] do_recvmmsg+0xbf/0x22c0 [ 637.182931][T12420] do_recvmmsg+0xbf/0x22c0 [ 637.385625][T12420] not chained 460000 origins [ 637.390272][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 637.399131][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 637.409198][T12420] Call Trace: [ 637.412513][T12420] dump_stack+0x21c/0x280 [ 637.416875][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 637.422652][T12420] ? kmsan_get_metadata+0x116/0x180 [ 637.427870][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 637.433443][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 637.439543][T12420] ? _copy_from_user+0x201/0x310 [ 637.444512][T12420] ? kmsan_get_metadata+0x116/0x180 [ 637.449756][T12420] __msan_chain_origin+0x50/0x90 [ 637.454722][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.459883][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.464865][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.469418][T12420] ? kmsan_get_metadata+0x116/0x180 [ 637.474647][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 637.480594][T12420] ? kmsan_get_metadata+0x116/0x180 [ 637.485821][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 637.491484][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 637.496794][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 637.501578][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 637.506365][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.511135][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.517239][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.523423][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.528668][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.533544][T12420] do_SYSENTER_32+0x73/0x90 [ 637.538070][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.544585][T12420] RIP: 0023:0xf7f15549 [ 637.548652][T12420] Code: Bad RIP value. [ 637.552727][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 637.561150][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 637.569132][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 637.577113][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 637.585094][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 637.593075][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 637.601073][T12420] Uninit was stored to memory at: [ 637.606120][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 637.611858][T12420] __msan_chain_origin+0x50/0x90 [ 637.616815][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.621996][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.626957][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.631473][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.636170][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.642284][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.648456][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.653662][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.658507][T12420] do_SYSENTER_32+0x73/0x90 [ 637.663003][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.669344][T12420] [ 637.671669][T12420] Uninit was stored to memory at: [ 637.676703][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 637.682425][T12420] __msan_chain_origin+0x50/0x90 [ 637.687393][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.692497][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.697595][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.702082][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.706752][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.712856][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.719040][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.724238][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.729081][T12420] do_SYSENTER_32+0x73/0x90 [ 637.733575][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.739877][T12420] [ 637.742185][T12420] Uninit was stored to memory at: [ 637.747210][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 637.752938][T12420] __msan_chain_origin+0x50/0x90 [ 637.757868][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.762982][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.767937][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.772440][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.777106][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.783185][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.789362][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.794567][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.799407][T12420] do_SYSENTER_32+0x73/0x90 [ 637.803912][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.810232][T12420] [ 637.812555][T12420] Uninit was stored to memory at: [ 637.817570][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 637.823293][T12420] __msan_chain_origin+0x50/0x90 [ 637.828218][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.833317][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.838241][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.842730][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.847398][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.853459][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.859613][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.864816][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.869655][T12420] do_SYSENTER_32+0x73/0x90 [ 637.874162][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.880484][T12420] [ 637.882812][T12420] Uninit was stored to memory at: [ 637.887844][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 637.893572][T12420] __msan_chain_origin+0x50/0x90 [ 637.898500][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.903616][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.908541][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.913029][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.917726][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.923818][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 637.929959][T12420] __do_fast_syscall_32+0x2af/0x480 [ 637.935168][T12420] do_fast_syscall_32+0x6b/0xd0 [ 637.940014][T12420] do_SYSENTER_32+0x73/0x90 [ 637.944502][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 637.950830][T12420] [ 637.953142][T12420] Uninit was stored to memory at: [ 637.958157][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 637.963863][T12420] __msan_chain_origin+0x50/0x90 [ 637.968802][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 637.973916][T12420] get_compat_msghdr+0x108/0x2b0 [ 637.978851][T12420] do_recvmmsg+0xdbb/0x22c0 [ 637.983351][T12420] __sys_recvmmsg+0x5dd/0x610 [ 637.988025][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 637.994108][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.000283][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.005487][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.010350][T12420] do_SYSENTER_32+0x73/0x90 [ 638.014857][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.021171][T12420] [ 638.023493][T12420] Uninit was stored to memory at: [ 638.028518][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 638.034239][T12420] __msan_chain_origin+0x50/0x90 [ 638.039175][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.044275][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.049386][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.053891][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.058567][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.064622][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.070765][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.075966][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.080818][T12420] do_SYSENTER_32+0x73/0x90 [ 638.085310][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.091612][T12420] [ 638.093937][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 638.100610][T12420] do_recvmmsg+0xbf/0x22c0 [ 638.105048][T12420] do_recvmmsg+0xbf/0x22c0 [ 638.237466][T12420] not chained 470000 origins [ 638.242133][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 638.250902][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 638.260967][T12420] Call Trace: [ 638.264282][T12420] dump_stack+0x21c/0x280 [ 638.268643][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 638.274424][T12420] ? kmsan_get_metadata+0x116/0x180 [ 638.279645][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 638.285213][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 638.291308][T12420] ? _copy_from_user+0x201/0x310 [ 638.296273][T12420] ? kmsan_get_metadata+0x116/0x180 [ 638.301498][T12420] __msan_chain_origin+0x50/0x90 [ 638.306637][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.311794][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.316767][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.321330][T12420] ? kmsan_get_metadata+0x116/0x180 [ 638.326556][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 638.332471][T12420] ? kmsan_get_metadata+0x116/0x180 [ 638.337688][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 638.343348][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 638.348659][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 638.353572][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 638.358363][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.363109][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.369212][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.375389][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.380620][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.385501][T12420] do_SYSENTER_32+0x73/0x90 [ 638.390032][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.396378][T12420] RIP: 0023:0xf7f15549 [ 638.400562][T12420] Code: Bad RIP value. [ 638.404643][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 638.413081][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 638.421076][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 638.429070][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 638.438100][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 638.446091][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 638.454098][T12420] Uninit was stored to memory at: [ 638.459153][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 638.464929][T12420] __msan_chain_origin+0x50/0x90 [ 638.469884][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.475016][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.479979][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.484521][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.489329][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.502542][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.508743][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.513969][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.518839][T12420] do_SYSENTER_32+0x73/0x90 [ 638.523366][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.529693][T12420] [ 638.532068][T12420] Uninit was stored to memory at: [ 638.537095][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 638.542800][T12420] __msan_chain_origin+0x50/0x90 [ 638.547724][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.552819][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.557754][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.562238][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.566931][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.573009][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.579160][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.584341][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.589276][T12420] do_SYSENTER_32+0x73/0x90 [ 638.593777][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.600096][T12420] [ 638.602404][T12420] Uninit was stored to memory at: [ 638.607415][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 638.615724][T12420] __msan_chain_origin+0x50/0x90 [ 638.620648][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.625756][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.630701][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.635272][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.639937][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.646001][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.652161][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.657352][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.662204][T12420] do_SYSENTER_32+0x73/0x90 [ 638.666696][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.673006][T12420] [ 638.675316][T12420] Uninit was stored to memory at: [ 638.680338][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 638.686049][T12420] __msan_chain_origin+0x50/0x90 [ 638.690976][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.696072][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.700992][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.705477][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.710157][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.716212][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.722350][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.727547][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.732392][T12420] do_SYSENTER_32+0x73/0x90 [ 638.736883][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.743181][T12420] [ 638.745486][T12420] Uninit was stored to memory at: [ 638.750500][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 638.756211][T12420] __msan_chain_origin+0x50/0x90 [ 638.761139][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.766237][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.771160][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.775682][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.780347][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.786415][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.792558][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.797748][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.802595][T12420] do_SYSENTER_32+0x73/0x90 [ 638.807085][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.813396][T12420] [ 638.815724][T12420] Uninit was stored to memory at: [ 638.820751][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 638.826468][T12420] __msan_chain_origin+0x50/0x90 [ 638.831408][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.836516][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.841442][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.845927][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.850615][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.856684][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.862822][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.868006][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.872839][T12420] do_SYSENTER_32+0x73/0x90 [ 638.877331][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.883641][T12420] [ 638.885960][T12420] Uninit was stored to memory at: [ 638.890999][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 638.896718][T12420] __msan_chain_origin+0x50/0x90 [ 638.901728][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 638.906845][T12420] get_compat_msghdr+0x108/0x2b0 [ 638.911777][T12420] do_recvmmsg+0xdbb/0x22c0 [ 638.916272][T12420] __sys_recvmmsg+0x5dd/0x610 [ 638.920953][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 638.927022][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 638.933164][T12420] __do_fast_syscall_32+0x2af/0x480 [ 638.938353][T12420] do_fast_syscall_32+0x6b/0xd0 [ 638.943193][T12420] do_SYSENTER_32+0x73/0x90 [ 638.947684][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 638.953986][T12420] [ 638.956316][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 638.963082][T12420] do_recvmmsg+0xbf/0x22c0 [ 638.967487][T12420] do_recvmmsg+0xbf/0x22c0 [ 639.160851][T12420] not chained 480000 origins [ 639.165491][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 639.174169][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 639.184232][T12420] Call Trace: [ 639.187556][T12420] dump_stack+0x21c/0x280 [ 639.191917][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 639.197690][T12420] ? kmsan_get_metadata+0x116/0x180 [ 639.202908][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 639.208481][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 639.214575][T12420] ? _copy_from_user+0x201/0x310 [ 639.219538][T12420] ? kmsan_get_metadata+0x116/0x180 [ 639.224757][T12420] __msan_chain_origin+0x50/0x90 [ 639.229721][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 639.234904][T12420] get_compat_msghdr+0x108/0x2b0 [ 639.239878][T12420] do_recvmmsg+0xdbb/0x22c0 [ 639.244429][T12420] ? kmsan_get_metadata+0x116/0x180 [ 639.249655][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 639.255578][T12420] ? kmsan_get_metadata+0x116/0x180 [ 639.260797][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 639.266455][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 639.271757][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 639.276537][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 639.281321][T12420] __sys_recvmmsg+0x5dd/0x610 [ 639.286039][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.292141][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.298317][T12420] __do_fast_syscall_32+0x2af/0x480 [ 639.303546][T12420] do_fast_syscall_32+0x6b/0xd0 [ 639.308417][T12420] do_SYSENTER_32+0x73/0x90 [ 639.312944][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.319370][T12420] RIP: 0023:0xf7f15549 [ 639.323435][T12420] Code: Bad RIP value. [ 639.327498][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 639.335894][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 639.343868][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 639.351825][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 639.359798][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 639.367763][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 639.375747][T12420] Uninit was stored to memory at: [ 639.380777][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 639.386494][T12420] __msan_chain_origin+0x50/0x90 [ 639.391417][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 639.396514][T12420] get_compat_msghdr+0x108/0x2b0 [ 639.401433][T12420] do_recvmmsg+0xdbb/0x22c0 [ 639.405918][T12420] __sys_recvmmsg+0x5dd/0x610 [ 639.410604][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.416657][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.422800][T12420] __do_fast_syscall_32+0x2af/0x480 [ 639.427989][T12420] do_fast_syscall_32+0x6b/0xd0 [ 639.432835][T12420] do_SYSENTER_32+0x73/0x90 [ 639.437336][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.443642][T12420] [ 639.445987][T12420] Uninit was stored to memory at: [ 639.451160][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 639.456883][T12420] __msan_chain_origin+0x50/0x90 [ 639.461809][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 639.466922][T12420] get_compat_msghdr+0x108/0x2b0 [ 639.471863][T12420] do_recvmmsg+0xdbb/0x22c0 [ 639.476410][T12420] __sys_recvmmsg+0x5dd/0x610 [ 639.481077][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.487132][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.493275][T12420] __do_fast_syscall_32+0x2af/0x480 [ 639.498468][T12420] do_fast_syscall_32+0x6b/0xd0 [ 639.503306][T12420] do_SYSENTER_32+0x73/0x90 [ 639.507817][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.514118][T12420] [ 639.516435][T12420] Uninit was stored to memory at: [ 639.521466][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 639.527172][T12420] __msan_chain_origin+0x50/0x90 [ 639.532104][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 639.537204][T12420] get_compat_msghdr+0x108/0x2b0 [ 639.542140][T12420] do_recvmmsg+0xdbb/0x22c0 [ 639.546646][T12420] __sys_recvmmsg+0x5dd/0x610 [ 639.551312][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.557381][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.563520][T12420] __do_fast_syscall_32+0x2af/0x480 [ 639.568746][T12420] do_fast_syscall_32+0x6b/0xd0 [ 639.573705][T12420] do_SYSENTER_32+0x73/0x90 [ 639.578209][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.584509][T12420] [ 639.586821][T12420] Uninit was stored to memory at: [ 639.591958][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 639.597684][T12420] __msan_chain_origin+0x50/0x90 [ 639.602654][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 639.607767][T12420] get_compat_msghdr+0x108/0x2b0 [ 639.612710][T12420] do_recvmmsg+0xdbb/0x22c0 [ 639.617232][T12420] __sys_recvmmsg+0x5dd/0x610 [ 639.621913][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.628006][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.634176][T12420] __do_fast_syscall_32+0x2af/0x480 [ 639.639381][T12420] do_fast_syscall_32+0x6b/0xd0 [ 639.644216][T12420] do_SYSENTER_32+0x73/0x90 [ 639.648708][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.655024][T12420] [ 639.657384][T12420] Uninit was stored to memory at: [ 639.662424][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 639.668163][T12420] __msan_chain_origin+0x50/0x90 [ 639.673162][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 639.678260][T12420] get_compat_msghdr+0x108/0x2b0 [ 639.683184][T12420] do_recvmmsg+0xdbb/0x22c0 [ 639.687689][T12420] __sys_recvmmsg+0x5dd/0x610 [ 639.692352][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.698404][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.704560][T12420] __do_fast_syscall_32+0x2af/0x480 [ 639.709790][T12420] do_fast_syscall_32+0x6b/0xd0 [ 639.714652][T12420] do_SYSENTER_32+0x73/0x90 [ 639.719150][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.725464][T12420] [ 639.727780][T12420] Uninit was stored to memory at: [ 639.732825][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 639.738528][T12420] __msan_chain_origin+0x50/0x90 [ 639.743538][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 639.748637][T12420] get_compat_msghdr+0x108/0x2b0 [ 639.753563][T12420] do_recvmmsg+0xdbb/0x22c0 [ 639.758074][T12420] __sys_recvmmsg+0x5dd/0x610 [ 639.762738][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.768791][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.775038][T12420] __do_fast_syscall_32+0x2af/0x480 [ 639.780235][T12420] do_fast_syscall_32+0x6b/0xd0 [ 639.785082][T12420] do_SYSENTER_32+0x73/0x90 [ 639.789574][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.795890][T12420] [ 639.798198][T12420] Uninit was stored to memory at: [ 639.803222][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 639.808948][T12420] __msan_chain_origin+0x50/0x90 [ 639.813872][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 639.818974][T12420] get_compat_msghdr+0x108/0x2b0 [ 639.823895][T12420] do_recvmmsg+0xdbb/0x22c0 [ 639.828401][T12420] __sys_recvmmsg+0x5dd/0x610 [ 639.833069][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 639.839148][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 639.845290][T12420] __do_fast_syscall_32+0x2af/0x480 [ 639.850537][T12420] do_fast_syscall_32+0x6b/0xd0 [ 639.855431][T12420] do_SYSENTER_32+0x73/0x90 [ 639.859922][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 639.866223][T12420] [ 639.868546][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 639.875234][T12420] do_recvmmsg+0xbf/0x22c0 [ 639.879657][T12420] do_recvmmsg+0xbf/0x22c0 [ 640.014552][T12420] not chained 490000 origins [ 640.019206][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 640.027886][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 640.037952][T12420] Call Trace: [ 640.041268][T12420] dump_stack+0x21c/0x280 [ 640.045633][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 640.051415][T12420] ? kmsan_get_metadata+0x116/0x180 [ 640.056642][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 640.062209][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 640.068303][T12420] ? _copy_from_user+0x201/0x310 [ 640.073264][T12420] ? kmsan_get_metadata+0x116/0x180 [ 640.078482][T12420] __msan_chain_origin+0x50/0x90 [ 640.083446][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.088604][T12420] get_compat_msghdr+0x108/0x2b0 [ 640.093581][T12420] do_recvmmsg+0xdbb/0x22c0 [ 640.098158][T12420] ? kmsan_get_metadata+0x116/0x180 [ 640.103429][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 640.109343][T12420] ? kmsan_get_metadata+0x116/0x180 [ 640.114560][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 640.120213][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 640.125521][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 640.130300][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 640.135087][T12420] __sys_recvmmsg+0x5dd/0x610 [ 640.139814][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.145920][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.152097][T12420] __do_fast_syscall_32+0x2af/0x480 [ 640.157331][T12420] do_fast_syscall_32+0x6b/0xd0 [ 640.162208][T12420] do_SYSENTER_32+0x73/0x90 [ 640.166769][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.173108][T12420] RIP: 0023:0xf7f15549 [ 640.177175][T12420] Code: Bad RIP value. [ 640.181248][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 640.189673][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 640.197655][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 640.205643][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 640.213634][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 640.221642][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 640.229648][T12420] Uninit was stored to memory at: [ 640.234700][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 640.240428][T12420] __msan_chain_origin+0x50/0x90 [ 640.245409][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.250532][T12420] get_compat_msghdr+0x108/0x2b0 [ 640.255484][T12420] do_recvmmsg+0xdbb/0x22c0 [ 640.259995][T12420] __sys_recvmmsg+0x5dd/0x610 [ 640.264688][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.270768][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.276936][T12420] __do_fast_syscall_32+0x2af/0x480 [ 640.282154][T12420] do_fast_syscall_32+0x6b/0xd0 [ 640.287029][T12420] do_SYSENTER_32+0x73/0x90 [ 640.291546][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.297870][T12420] [ 640.300204][T12420] Uninit was stored to memory at: [ 640.305243][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 640.310980][T12420] __msan_chain_origin+0x50/0x90 [ 640.315932][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.321068][T12420] get_compat_msghdr+0x108/0x2b0 [ 640.326016][T12420] do_recvmmsg+0xdbb/0x22c0 [ 640.330527][T12420] __sys_recvmmsg+0x5dd/0x610 [ 640.335192][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.341244][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.347397][T12420] __do_fast_syscall_32+0x2af/0x480 [ 640.352599][T12420] do_fast_syscall_32+0x6b/0xd0 [ 640.357444][T12420] do_SYSENTER_32+0x73/0x90 [ 640.362068][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.368376][T12420] [ 640.370686][T12420] Uninit was stored to memory at: [ 640.375701][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 640.381409][T12420] __msan_chain_origin+0x50/0x90 [ 640.386339][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.391437][T12420] get_compat_msghdr+0x108/0x2b0 [ 640.396372][T12420] do_recvmmsg+0xdbb/0x22c0 [ 640.400891][T12420] __sys_recvmmsg+0x5dd/0x610 [ 640.405556][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.411611][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.417836][T12420] __do_fast_syscall_32+0x2af/0x480 [ 640.423025][T12420] do_fast_syscall_32+0x6b/0xd0 [ 640.427863][T12420] do_SYSENTER_32+0x73/0x90 [ 640.432366][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.438697][T12420] [ 640.441006][T12420] Uninit was stored to memory at: [ 640.446030][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 640.451737][T12420] __msan_chain_origin+0x50/0x90 [ 640.456665][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.461795][T12420] get_compat_msghdr+0x108/0x2b0 [ 640.466735][T12420] do_recvmmsg+0xdbb/0x22c0 [ 640.471224][T12420] __sys_recvmmsg+0x5dd/0x610 [ 640.475902][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.481970][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.488121][T12420] __do_fast_syscall_32+0x2af/0x480 [ 640.493320][T12420] do_fast_syscall_32+0x6b/0xd0 [ 640.498177][T12420] do_SYSENTER_32+0x73/0x90 [ 640.502688][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.509017][T12420] [ 640.511360][T12420] Uninit was stored to memory at: [ 640.516415][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 640.522132][T12420] __msan_chain_origin+0x50/0x90 [ 640.527081][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.532204][T12420] get_compat_msghdr+0x108/0x2b0 [ 640.537135][T12420] do_recvmmsg+0xdbb/0x22c0 [ 640.541635][T12420] __sys_recvmmsg+0x5dd/0x610 [ 640.546320][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.552387][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.558533][T12420] __do_fast_syscall_32+0x2af/0x480 [ 640.563720][T12420] do_fast_syscall_32+0x6b/0xd0 [ 640.568570][T12420] do_SYSENTER_32+0x73/0x90 [ 640.573082][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.579389][T12420] [ 640.581698][T12420] Uninit was stored to memory at: [ 640.586726][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 640.592432][T12420] __msan_chain_origin+0x50/0x90 [ 640.597372][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.602469][T12420] get_compat_msghdr+0x108/0x2b0 [ 640.607409][T12420] do_recvmmsg+0xdbb/0x22c0 [ 640.613133][T12420] __sys_recvmmsg+0x5dd/0x610 [ 640.617815][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.623882][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.630025][T12420] __do_fast_syscall_32+0x2af/0x480 [ 640.635215][T12420] do_fast_syscall_32+0x6b/0xd0 [ 640.640054][T12420] do_SYSENTER_32+0x73/0x90 [ 640.644545][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.650848][T12420] [ 640.653161][T12420] Uninit was stored to memory at: [ 640.658221][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 640.664004][T12420] __msan_chain_origin+0x50/0x90 [ 640.668943][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.674060][T12420] get_compat_msghdr+0x108/0x2b0 [ 640.678999][T12420] do_recvmmsg+0xdbb/0x22c0 [ 640.683488][T12420] __sys_recvmmsg+0x5dd/0x610 [ 640.688163][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 640.694248][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 640.700426][T12420] __do_fast_syscall_32+0x2af/0x480 [ 640.705614][T12420] do_fast_syscall_32+0x6b/0xd0 [ 640.710471][T12420] do_SYSENTER_32+0x73/0x90 [ 640.714973][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 640.721296][T12420] [ 640.723610][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 640.730300][T12420] do_recvmmsg+0xbf/0x22c0 [ 640.734706][T12420] do_recvmmsg+0xbf/0x22c0 [ 640.925481][T12420] not chained 500000 origins [ 640.930134][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 640.938824][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 640.948899][T12420] Call Trace: [ 640.952227][T12420] dump_stack+0x21c/0x280 [ 640.956598][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 640.962383][T12420] ? kmsan_get_metadata+0x116/0x180 [ 640.967614][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 640.973192][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 640.979303][T12420] ? _copy_from_user+0x201/0x310 [ 640.984291][T12420] ? kmsan_get_metadata+0x116/0x180 [ 640.989544][T12420] __msan_chain_origin+0x50/0x90 [ 640.994510][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 640.999674][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.004680][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.009247][T12420] ? kmsan_get_metadata+0x116/0x180 [ 641.014479][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 641.020399][T12420] ? kmsan_get_metadata+0x116/0x180 [ 641.025619][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 641.031282][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 641.036597][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 641.041381][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 641.046199][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.050915][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.056991][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.063161][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.068624][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.073468][T12420] do_SYSENTER_32+0x73/0x90 [ 641.077966][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.084284][T12420] RIP: 0023:0xf7f15549 [ 641.088364][T12420] Code: Bad RIP value. [ 641.092418][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 641.100833][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 641.108814][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 641.116780][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 641.124764][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 641.132740][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 641.140730][T12420] Uninit was stored to memory at: [ 641.145760][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 641.151489][T12420] __msan_chain_origin+0x50/0x90 [ 641.156425][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 641.161531][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.166482][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.171002][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.175674][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.181737][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.187916][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.193129][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.197974][T12420] do_SYSENTER_32+0x73/0x90 [ 641.202470][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.208793][T12420] [ 641.211105][T12420] Uninit was stored to memory at: [ 641.216142][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 641.221911][T12420] __msan_chain_origin+0x50/0x90 [ 641.226889][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 641.232035][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.236967][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.241467][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.246132][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.252188][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.258331][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.263518][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.268364][T12420] do_SYSENTER_32+0x73/0x90 [ 641.272872][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.279176][T12420] [ 641.281502][T12420] Uninit was stored to memory at: [ 641.286525][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 641.292241][T12420] __msan_chain_origin+0x50/0x90 [ 641.297187][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 641.302296][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.307246][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.311816][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.316488][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.322540][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.328681][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.333869][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.338720][T12420] do_SYSENTER_32+0x73/0x90 [ 641.343249][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.349574][T12420] [ 641.351896][T12420] Uninit was stored to memory at: [ 641.356915][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 641.362644][T12420] __msan_chain_origin+0x50/0x90 [ 641.367577][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 641.372705][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.377637][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.382138][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.386825][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.392921][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.399100][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.404306][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.409154][T12420] do_SYSENTER_32+0x73/0x90 [ 641.413646][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.419953][T12420] [ 641.422265][T12420] Uninit was stored to memory at: [ 641.427301][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 641.433011][T12420] __msan_chain_origin+0x50/0x90 [ 641.437943][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 641.443069][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.447995][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.452486][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.457261][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.463324][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.469480][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.474685][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.479539][T12420] do_SYSENTER_32+0x73/0x90 [ 641.484029][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.490345][T12420] [ 641.492655][T12420] Uninit was stored to memory at: [ 641.497674][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 641.503392][T12420] __msan_chain_origin+0x50/0x90 [ 641.508317][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 641.513436][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.518365][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.522865][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.527534][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.533603][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.539748][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.544944][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.549778][T12420] do_SYSENTER_32+0x73/0x90 [ 641.554264][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.560666][T12420] [ 641.562981][T12420] Uninit was stored to memory at: [ 641.568086][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 641.573810][T12420] __msan_chain_origin+0x50/0x90 [ 641.578750][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 641.583870][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.588809][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.593315][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.597987][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.604060][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.610225][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.615419][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.620266][T12420] do_SYSENTER_32+0x73/0x90 [ 641.624768][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.631080][T12420] [ 641.633396][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 641.640068][T12420] do_recvmmsg+0xbf/0x22c0 [ 641.644476][T12420] do_recvmmsg+0xbf/0x22c0 [ 641.816094][T12420] not chained 510000 origins [ 641.820750][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 641.829455][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 641.839528][T12420] Call Trace: [ 641.842851][T12420] dump_stack+0x21c/0x280 [ 641.847240][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 641.853030][T12420] ? kmsan_get_metadata+0x116/0x180 [ 641.858274][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 641.863859][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 641.869982][T12420] ? _copy_from_user+0x201/0x310 [ 641.874954][T12420] ? kmsan_get_metadata+0x116/0x180 [ 641.880188][T12420] __msan_chain_origin+0x50/0x90 [ 641.885170][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 641.890338][T12420] get_compat_msghdr+0x108/0x2b0 [ 641.896389][T12420] do_recvmmsg+0xdbb/0x22c0 [ 641.900945][T12420] ? kmsan_get_metadata+0x116/0x180 [ 641.906172][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 641.912093][T12420] ? kmsan_get_metadata+0x116/0x180 [ 641.917319][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 641.922975][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 641.928284][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 641.933067][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 641.937857][T12420] __sys_recvmmsg+0x5dd/0x610 [ 641.942582][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 641.948691][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 641.954870][T12420] __do_fast_syscall_32+0x2af/0x480 [ 641.960105][T12420] do_fast_syscall_32+0x6b/0xd0 [ 641.964980][T12420] do_SYSENTER_32+0x73/0x90 [ 641.969508][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 641.975848][T12420] RIP: 0023:0xf7f15549 [ 641.979919][T12420] Code: Bad RIP value. [ 641.983992][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 641.992425][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 642.000410][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 642.008419][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 642.016402][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 642.024389][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 642.032390][T12420] Uninit was stored to memory at: [ 642.037444][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.043189][T12420] __msan_chain_origin+0x50/0x90 [ 642.048202][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.053337][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.058291][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.062819][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.067486][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.073544][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.079686][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.084870][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.089715][T12420] do_SYSENTER_32+0x73/0x90 [ 642.094212][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.100512][T12420] [ 642.102822][T12420] Uninit was stored to memory at: [ 642.107846][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.113553][T12420] __msan_chain_origin+0x50/0x90 [ 642.118490][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.123586][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.128511][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.132997][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.137663][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.143716][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.149859][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.155047][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.159885][T12420] do_SYSENTER_32+0x73/0x90 [ 642.164390][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.170713][T12420] [ 642.173021][T12420] Uninit was stored to memory at: [ 642.178039][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.183742][T12420] __msan_chain_origin+0x50/0x90 [ 642.188685][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.194911][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.200053][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.204541][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.209205][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.215257][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.221401][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.226598][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.231436][T12420] do_SYSENTER_32+0x73/0x90 [ 642.235927][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.242251][T12420] [ 642.244611][T12420] Uninit was stored to memory at: [ 642.249665][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.255389][T12420] __msan_chain_origin+0x50/0x90 [ 642.260315][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.265414][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.270351][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.274853][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.279549][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.285607][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.291757][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.296952][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.301791][T12420] do_SYSENTER_32+0x73/0x90 [ 642.306281][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.312587][T12420] [ 642.314900][T12420] Uninit was stored to memory at: [ 642.319930][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.325680][T12420] __msan_chain_origin+0x50/0x90 [ 642.330625][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.335733][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.340654][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.345976][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.350659][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.356721][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.364259][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.369512][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.374360][T12420] do_SYSENTER_32+0x73/0x90 [ 642.378857][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.385221][T12420] [ 642.387536][T12420] Uninit was stored to memory at: [ 642.392582][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.398327][T12420] __msan_chain_origin+0x50/0x90 [ 642.403268][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.408368][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.413321][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.417810][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.422478][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.428535][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.434690][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.439890][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.444746][T12420] do_SYSENTER_32+0x73/0x90 [ 642.449238][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.455541][T12420] [ 642.457858][T12420] Uninit was stored to memory at: [ 642.462894][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.468602][T12420] __msan_chain_origin+0x50/0x90 [ 642.473536][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.478645][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.483594][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.488163][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.492854][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.498972][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.505122][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.510314][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.515152][T12420] do_SYSENTER_32+0x73/0x90 [ 642.519658][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.525986][T12420] [ 642.528317][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 642.534980][T12420] do_recvmmsg+0xbf/0x22c0 [ 642.539394][T12420] do_recvmmsg+0xbf/0x22c0 [ 642.670329][T12420] not chained 520000 origins [ 642.674991][T12420] CPU: 1 PID: 12420 Comm: syz-executor.5 Not tainted 5.8.0-rc5-syzkaller #0 [ 642.683679][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 642.693752][T12420] Call Trace: [ 642.697082][T12420] dump_stack+0x21c/0x280 [ 642.701455][T12420] kmsan_internal_chain_origin+0x6f/0x130 [ 642.707254][T12420] ? kmsan_get_metadata+0x116/0x180 [ 642.712520][T12420] ? kmsan_set_origin_checked+0x95/0xf0 [ 642.718141][T12420] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 642.724300][T12420] ? _copy_from_user+0x201/0x310 [ 642.729274][T12420] ? kmsan_get_metadata+0x116/0x180 [ 642.734504][T12420] __msan_chain_origin+0x50/0x90 [ 642.739469][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.744641][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.749616][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.754368][T12420] ? kmsan_get_metadata+0x116/0x180 [ 642.759594][T12420] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 642.765521][T12420] ? kmsan_get_metadata+0x116/0x180 [ 642.770746][T12420] ? kmsan_internal_set_origin+0x75/0xb0 [ 642.776408][T12420] ? __msan_poison_alloca+0xf0/0x120 [ 642.781722][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 642.786508][T12420] ? __sys_recvmmsg+0xbb/0x610 [ 642.791341][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.796068][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.802181][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.808370][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.813609][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.818501][T12420] do_SYSENTER_32+0x73/0x90 [ 642.823089][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.829433][T12420] RIP: 0023:0xf7f15549 [ 642.833505][T12420] Code: Bad RIP value. [ 642.837624][T12420] RSP: 002b:00000000f550f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 642.846065][T12420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 642.854054][T12420] RDX: 000000007fffffee RSI: 0000000000000000 RDI: 0000000000000000 [ 642.862044][T12420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 642.870035][T12420] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 642.878024][T12420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 642.886033][T12420] Uninit was stored to memory at: [ 642.891087][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.896831][T12420] __msan_chain_origin+0x50/0x90 [ 642.901798][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.906939][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.911899][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.916427][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.921130][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.927224][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 642.933403][T12420] __do_fast_syscall_32+0x2af/0x480 [ 642.938634][T12420] do_fast_syscall_32+0x6b/0xd0 [ 642.943505][T12420] do_SYSENTER_32+0x73/0x90 [ 642.948055][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 642.954377][T12420] [ 642.956696][T12420] Uninit was stored to memory at: [ 642.961739][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 642.967559][T12420] __msan_chain_origin+0x50/0x90 [ 642.972493][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 642.977619][T12420] get_compat_msghdr+0x108/0x2b0 [ 642.982586][T12420] do_recvmmsg+0xdbb/0x22c0 [ 642.987085][T12420] __sys_recvmmsg+0x5dd/0x610 [ 642.991777][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 642.997945][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.004187][T12420] __do_fast_syscall_32+0x2af/0x480 [ 643.009404][T12420] do_fast_syscall_32+0x6b/0xd0 [ 643.014266][T12420] do_SYSENTER_32+0x73/0x90 [ 643.018786][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.025100][T12420] [ 643.027457][T12420] Uninit was stored to memory at: [ 643.032502][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 643.038231][T12420] __msan_chain_origin+0x50/0x90 [ 643.043174][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 643.048294][T12420] get_compat_msghdr+0x108/0x2b0 [ 643.053246][T12420] do_recvmmsg+0xdbb/0x22c0 [ 643.057755][T12420] __sys_recvmmsg+0x5dd/0x610 [ 643.062434][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.068501][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.074672][T12420] __do_fast_syscall_32+0x2af/0x480 [ 643.079903][T12420] do_fast_syscall_32+0x6b/0xd0 [ 643.084770][T12420] do_SYSENTER_32+0x73/0x90 [ 643.089292][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.095627][T12420] [ 643.097952][T12420] Uninit was stored to memory at: [ 643.103010][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 643.108727][T12420] __msan_chain_origin+0x50/0x90 [ 643.113663][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 643.118785][T12420] get_compat_msghdr+0x108/0x2b0 [ 643.123720][T12420] do_recvmmsg+0xdbb/0x22c0 [ 643.128245][T12420] __sys_recvmmsg+0x5dd/0x610 [ 643.132923][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.138988][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.145145][T12420] __do_fast_syscall_32+0x2af/0x480 [ 643.150342][T12420] do_fast_syscall_32+0x6b/0xd0 [ 643.155200][T12420] do_SYSENTER_32+0x73/0x90 [ 643.159701][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.166013][T12420] [ 643.168339][T12420] Uninit was stored to memory at: [ 643.173357][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 643.179069][T12420] __msan_chain_origin+0x50/0x90 [ 643.184010][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 643.189130][T12420] get_compat_msghdr+0x108/0x2b0 [ 643.194079][T12420] do_recvmmsg+0xdbb/0x22c0 [ 643.198587][T12420] __sys_recvmmsg+0x5dd/0x610 [ 643.203269][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.209332][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.215477][T12420] __do_fast_syscall_32+0x2af/0x480 [ 643.220670][T12420] do_fast_syscall_32+0x6b/0xd0 [ 643.225508][T12420] do_SYSENTER_32+0x73/0x90 [ 643.230001][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.236319][T12420] [ 643.238627][T12420] Uninit was stored to memory at: [ 643.243644][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 643.249366][T12420] __msan_chain_origin+0x50/0x90 [ 643.254292][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 643.259405][T12420] get_compat_msghdr+0x108/0x2b0 [ 643.264344][T12420] do_recvmmsg+0xdbb/0x22c0 [ 643.268845][T12420] __sys_recvmmsg+0x5dd/0x610 [ 643.273527][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.279603][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.285755][T12420] __do_fast_syscall_32+0x2af/0x480 [ 643.290975][T12420] do_fast_syscall_32+0x6b/0xd0 [ 643.295821][T12420] do_SYSENTER_32+0x73/0x90 [ 643.300324][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.306640][T12420] [ 643.308971][T12420] Uninit was stored to memory at: [ 643.314008][T12420] kmsan_internal_chain_origin+0xad/0x130 [ 643.319737][T12420] __msan_chain_origin+0x50/0x90 [ 643.324661][T12420] __get_compat_msghdr+0x6db/0x9d0 [ 643.329763][T12420] get_compat_msghdr+0x108/0x2b0 [ 643.334708][T12420] do_recvmmsg+0xdbb/0x22c0 [ 643.339201][T12420] __sys_recvmmsg+0x5dd/0x610 [ 643.343882][T12420] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 643.349953][T12420] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 643.356137][T12420] __do_fast_syscall_32+0x2af/0x480 [ 643.361342][T12420] do_fast_syscall_32+0x6b/0xd0 [ 643.366182][T12420] do_SYSENTER_32+0x73/0x90 [ 643.370680][T12420] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 643.376989][T12420] [ 643.379315][T12420] Local variable ----msg_sys@do_recvmmsg created at: [ 643.385988][T12420] do_recvmmsg+0xbf/0x22c0 [ 643.390423][T12420] do_recvmmsg+0xbf/0x22c0 04:00:57 executing program 5: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000580)=""/143, &(0x7f0000000340)=0xfee5) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, &(0x7f00000001c0)={0x0, 0x3ff}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x8000000, 0x8, 0xfb, 0x0, 0x400000006, 0x1, 0x400000000000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x2, 0x5e22, @local}, 0x10) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:00:57 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{0x1}]}]}}, &(0x7f0000004600)=""/210, 0x2e, 0xd2, 0x8}, 0x20) 04:00:57 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x2, 0x3, 0x298, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x200, 0x200, 0x200, 0x200, 0x200, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@tcp={{0x30, 'tcp\x00'}, {[], [], 0x0, 0x0, 0x2, 0x5}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'veth0_to_batadv\x00', 'caif0\x00'}, 0x0, 0xd8, 0x138, 0x0, {}, [@common=@unspec=@physdev={{0x68, 'physdev\x00'}, {'ip6_vti0\x00', {}, 'bridge_slave_0\x00'}}]}, @common=@SET={0x60, 'SET\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2f8) 04:00:57 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x6c) 04:00:57 executing program 2: set_mempolicy(0x3, &(0x7f0000000040)=0x1f, 0x41f) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000040)='SMC_PNETID\x00') sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'rose0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x34}}, 0x0) 04:00:57 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 643.800100][T12474] BPF:[1] ENUM (anon) [ 643.804463][T12474] BPF:size=4 vlen=1 [ 643.808617][T12474] BPF: [ 643.811427][T12474] BPF:Invalid name [ 643.815194][T12474] BPF: [ 643.815194][T12474] [ 643.842976][T12478] BPF:[1] ENUM (anon) [ 643.847783][T12478] BPF:size=4 vlen=1 [ 643.851644][T12478] BPF: [ 643.854456][T12478] BPF:Invalid name [ 643.858388][T12478] BPF: [ 643.858388][T12478] [ 643.973130][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 643.973192][ T28] audit: type=1326 audit(1599451257.925:1408): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:00:58 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) socket$unix(0x1, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$kcm(0x10, 0x2, 0x0) socket$kcm(0x2b, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) socket$kcm(0x29, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="000000000000000000000f10000008000300", @ANYRES32=r6], 0x4}}, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r4, @ANYBLOB="ff830af41b0000000000", @ANYRES32=r3], 0x4}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) [ 644.002992][ T28] audit: type=1326 audit(1599451257.925:1409): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 644.026383][ T28] audit: type=1326 audit(1599451257.935:1410): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 644.049583][ T28] audit: type=1326 audit(1599451257.935:1411): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:00:58 executing program 1: r0 = socket(0x1e, 0x4, 0x0) connect$tipc(r0, &(0x7f0000000000)=@name, 0x10) 04:00:58 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x8402, 0x0) write$sequencer(r0, &(0x7f0000000080)=[@e={0xff, 0xa, 0x0, 0x0, @generic}], 0x8) 04:00:58 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x74) 04:00:58 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000580)={@cgroup, r0}, 0x10) r1 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r1, &(0x7f0000000180)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x200408c4) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0), 0x4) recvmsg$kcm(0xffffffffffffffff, 0x0, 0x40000062) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cgroup.controllers\x00', 0x26e1, 0x0) openat$cgroup_ro(r2, &(0x7f0000000640)='memory.events\x00', 0x0, 0x0) r4 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[], 0x4ea00) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)={[{0x0, 'cpu'}, {0x2b, 'pids'}]}, 0xb) sendmsg$inet(r4, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff00}], 0x1, &(0x7f0000007880)=ANY=[@ANYBLOB="1100000000000000004003000100000000000000000000001c00000000000000000000fd08000000", @ANYRES32=0x0, @ANYBLOB="ac1414bbe0000001000000001c00000000000000090000000888f800", @ANYRES32=0x0, @ANYBLOB="000000000000000000000000240000000000000000000000070000009404000044100900000000000000000000007e000000000011000000000000000000001f00"/76], 0x98}, 0x0) [ 644.814894][ T28] audit: type=1804 audit(1599451258.765:1412): pid=12496 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir525700072/syzkaller.EiNKHE/51/cgroup.controllers" dev="sda1" ino=16017 res=1 [ 645.113549][ T28] audit: type=1326 audit(1599451259.065:1413): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12499 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 645.137212][ T28] audit: type=1326 audit(1599451259.065:1414): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12499 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:00:59 executing program 4: r0 = socket(0x840000000002, 0x3, 0x200000000000ff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x30, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x200000c0, 0x20000216], 0x0, 0x0, &(0x7f00000000c0)=[{0x2}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x1}]}, 0xe0) [ 645.160494][ T28] audit: type=1326 audit(1599451259.065:1415): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12499 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 645.183760][ T28] audit: type=1326 audit(1599451259.065:1416): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12499 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:00:59 executing program 5: r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0) read$sequencer(0xffffffffffffffff, &(0x7f00000002c0)=""/70, 0x46) fcntl$setstatus(r0, 0x4, 0x46802) io_setup(0x100000000000c333, &(0x7f0000000180)=0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xb, 0x12, r2, 0x0) ftruncate(r0, 0x48280) r3 = open(&(0x7f00000004c0)='./bus\x00', 0x2, 0x0) write$P9_RATTACH(r3, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r1, 0x45, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) fchmod(0xffffffffffffffff, 0x1ba) ioctl$KVM_ASSIGN_SET_MSIX_NR(0xffffffffffffffff, 0x4008ae73, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000200)={0x100007, 0xffffffffffffffff, 0x9}) 04:00:59 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x87, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) r4 = fcntl$dupfd(r0, 0x0, r1) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x4, 0x0, r4, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0}}, 0x0) io_uring_enter(r1, 0x450c, 0x0, 0x0, 0x0, 0x0) 04:00:59 executing program 3: ioperm(0x0, 0x400, 0x5) set_mempolicy(0x1000000, 0x0, 0x0) 04:00:59 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x7a) 04:00:59 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() process_vm_readv(r2, &(0x7f0000000480)=[{&(0x7f0000000080)=""/93, 0x5d}, {0x0}, {&(0x7f00000002c0)=""/227, 0xe3}, {&(0x7f0000000200)=""/59, 0x3b}], 0x4, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/149, 0x95}, {&(0x7f00000005c0)=""/222, 0xde}, {&(0x7f0000000240)=""/43, 0x2b}], 0x3, 0x0) 04:00:59 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 646.005747][ T28] audit: type=1326 audit(1599451259.955:1417): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12516 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:00 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x16008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x100000a, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) 04:01:00 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xffffff39, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x38}}, 0x0) 04:01:00 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x6) write$binfmt_script(0xffffffffffffffff, 0x0, 0xfffffcaa) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x1) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000580)=ANY=[@ANYBLOB='#! ./file0 '], 0x191) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) syz_open_dev$vcsa(0x0, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 04:01:00 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x300) [ 646.786816][T12547] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 04:01:01 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:01 executing program 2: r0 = socket(0x25, 0x1, 0x0) sendto$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 04:01:01 executing program 5: sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)={0xbb8, 0x0, 0x5, 0x0, 0x0, 0x0, {}, [{{0x254, 0x1, {{0x0, 0x7}, 0xff, 0x0, 0x0, 0x0, 0x28, 'syz0\x00', "a198300b9f75a1e10becdfbfdd19f71ccb04ea618a770f75ddf816bd448f04a9", "b363b3f4dae8e2968760828ed0803d935fda3c91596ff733315e5d016339d145", [{0xff}, {0x0, 0x40, {0x0, 0x3}}, {0x4}, {0x9}, {0x8001}, {0x1ff}, {0x0, 0x9, {0x0, 0xc3}}, {0x2ca, 0x0, {0x2, 0x3}}, {0x7, 0xff}, {}, {}, {0x0, 0x0, {0x0, 0x1000}}, {0x0, 0x0, {0x0, 0x2}}, {0x0, 0xfff8}, {0x0, 0x70}, {0x0, 0x87}, {0x0, 0x0, {0x2, 0x101}}, {}, {}, {}, {0x0, 0x22}, {}, {0x0, 0x9}, {0x0, 0x0, {0x3}}, {0x0, 0x0, {0x2}}, {0x7ff}, {0xfff, 0x0, {0x0, 0x5}}, {}, {0x7, 0x0, {0x0, 0x10001}}, {0x0, 0x7, {0x0, 0x7f}}, {0x401}, {0x0, 0x0, {0x0, 0x5}}, {0x6, 0x0, {0x3}}, {0x0, 0x0, {0x3, 0x7fff}}, {0x0, 0x0, {0x0, 0x7}}, {0x0, 0xbfdb, {0x0, 0x4da7}}, {0x1}, {0x1, 0xf21}, {}, {0x0, 0x0, {0x3}}]}}}, {{0x254, 0x1, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', "ede555338680baf37ad91e38319dcc0905e8c3c8fa114368b7215a8856b12b0b", "200d4ca7a91bfc97f97049858be98a22d90d8daf6d22a592fda674edf428a285", [{0x0, 0x8}, {0x5, 0x0, {0x0, 0x8}}, {0x0, 0x5}, {0x0, 0x0, {0x0, 0x7f}}, {0xe1, 0x100}, {0x7, 0x0, {0x2}}, {}, {0x0, 0x8}, {0x4, 0x1}, {0x6, 0x0, {0x0, 0xffff}}, {}, {0x0, 0xb2}, {}, {}, {0x0, 0x0, {0x3}}, {0x0, 0x0, {0x3}}, {0x0, 0x9}, {}, {}, {0x0, 0x0, {0x0, 0xfffffffb}}, {0xff, 0x38}, {}, {}, {0x0, 0xfff}, {0x0, 0x5}, {0x7}, {0x0, 0x0, {0x0, 0x6}}, {}, {}, {}, {0x3ff}, {0x0, 0x90}, {0x0, 0x3f}, {0xffe0}, {0x9, 0x0, {0x3}}, {}, {0x0, 0x1f}, {}, {0x80, 0x0, {0x3}}]}}}, {{0x254, 0x1, {{0x0, 0x4a6d}, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', "608d56e01bc7147efe9301668d12c586ca0a79717887a4b727710b024fbb90b9", "0020f6619f5959ef47d7250f0420486397fb3bd4982ff7e097bcdd538bc47486", [{0x0, 0x9, {0x0, 0x1f}}, {0xffff}, {0xfa14}, {0x0, 0x0, {0x0, 0x6}}, {}, {0x0, 0x0, {0x0, 0x3ff}}, {0x3}, {}, {}, {0x0, 0x0, {0x0, 0x1ff}}, {0x0, 0x6}, {0x1, 0x0, {0x3}}, {0x0, 0x0, {0x0, 0x7}}, {0x0, 0x0, {0x0, 0x4}}, {0x0, 0x0, {0x2}}, {}, {0x0, 0x9, {0x1}}, {0xff44, 0x0, {0x1}}, {}, {0x56d, 0x1ff, {0x1}}, {0xc686, 0x0, {0x3}}, {0x0, 0x0, {0x0, 0x2}}, {0x0, 0x0, {0x0, 0x3}}, {}, {0x0, 0x8}, {}, {0x3e3, 0x0, {0x0, 0x8001}}, {0x0, 0x94}, {0x0, 0x0, {0x0, 0x9}}, {}, {0x3, 0x401}, {0x3ff}, {0x0, 0x0, {0x0, 0x3}}, {0x0, 0x8001}, {}, {0x0, 0x0, {0x3, 0x3}}, {0x9051}, {0x0, 0x9, {0x3}}, {0x3, 0x0, {0x0, 0x9}}, {0x0, 0xa57c, {0x0, 0x7}}]}}}, {{0x254, 0x1, {{}, 0x0, 0x0, 0x9, 0x0, 0x0, 'syz0\x00', "24f6cc90af7468e259d059de53774452a837014fc8a637e7c436993f6a2ed42f", "51e8fe572d2e4fe3f1dab772e55573901f062381daedfeb7e9e431c0a75f81dc", [{}, {}, {0x8, 0x2}, {0x0, 0x0, {0x0, 0x80000000}}, {0x0, 0x8}, {0xfcb0, 0x0, {0x0, 0x9}}, {0x400}, {0x0, 0x0, {0x0, 0x3}}, {0x3}, {0xae, 0xa63}, {0x0, 0x0, {0x0, 0x101}}, {0x0, 0xfc01}, {0x6, 0x0, {0x3}}, {0x0, 0x2000, {0x3, 0xfffffc00}}, {0x0, 0x0, {0x3}}, {0x0, 0x9}, {0x5, 0x7, {0x2}}, {0x2, 0x7}, {0x0, 0x0, {0x1}}, {0x0, 0x2, {0x2}}, {0x0, 0x3, {0x1}}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, {0x0, 0x9}}, {0x0, 0x9}, {}, {}, {0x0, 0x66, {0x0, 0xfff}}, {0x9, 0x3}, {0x98b}, {0x0, 0x0, {0x0, 0x2192}}, {0x6}]}}}, {{0x254, 0x1, {{}, 0x20, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', "c2c3c3f97bf547bbebee3686a9ae3a8c547cd79a55d7f56a9986e7821021f723", "f627f5c73a0e0196f4ecc498be3e6d32afc07e12b677082d2ee3d0ac33ce8237", [{}, {}, {0x0, 0x0, {0x0, 0x5f}}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, {0x3}}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}}]}, 0xbb8}}, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) 04:01:01 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x500) 04:01:01 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x3000009, 0x10032, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x70, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0x6f, &(0x7f00000001c0), &(0x7f0000000200)=0x20) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = dup2(r4, r3) dup3(r5, r2, 0x0) 04:01:02 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) r1 = socket(0x1000000010, 0x80002, 0x0) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x178, &(0x7f0000000140)="5cf249b9740c8684445afd26b76af2f3c921bf3c0f339e57f4f21016a5b60a03088024c30e478947d190ad000000000000000000000064bfa6186165224897c14ecb40aa071d905814c90761600032a3b88a1f000000970e85a63c9a4b0d8b9aad010000000000000002a7bef7fdffff9f8b01647a0200169c864e1d5f8179cba2e43112cfb22f021d3c34e36cc9509795b0e053c9d31e145c97aa793dd8ceb8281f3b812e14d71b59b83e4bc3b529f3ca0900000096e2c2a4fdca75813f78964c6fe77e39d125650da9ab14624d751e10f063962be791ca675617cc866ed67f34f39c92c2318636485b48cd8d1901000034e36d6d434409ea8d2905c48d2456252abbf71748433f88570ad2d50c2bb743c830069f192de24b696882145cbcc9b5644ce7a25dac7d3eaf1618db7f3a9b9147b2afa32b5149d23dcad5150f4a36c5fcbb65d18da32aa97691ee513fba29fbfd7dbf23529a6d7a1427b158e33ae6e2795ddc9529c54f5c5c2d69e08cd9043c686fc97b90357d"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 04:01:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$nfs(0x0, 0x0, 0x0, 0x1, &(0x7f0000000100)=[{&(0x7f0000000440)="3680ed23fe6df989e7047be684feb5c93b30cbae1fb09900a7d2dfe0ea757bd80beba0746b1f74139aa810cb7c017daac54d4a8758675fb742ab2b25d68e6cadd0d30cae4eb06256051d9600e971c98455fda16174ef7c22b0b356af35abc19cceacda3dec796f9dfb725eba640cfcb2dd3246af4ac4e53dee1cb902e821b46d6c41fac64df06ba1f0a3907c9d4816f50375684df53a4cda631a0341825157fc023073d57048469aa49238e01762b3232b11522fc1e1462be3ab0437b74cf76eb620ec80fa5b93ae90619a86a3d312b46dacc71ba7e72e3123b9f10b6ffd442391b13ded5947158f02b95193bc04e06e98341bbcd84b9f33d9fb92841d9c71b976156061a0f53dfcf4b6754190017eecb54e04d372c0eb510735a50e528e5d688e1a0155353d8d31859cd4d4ed958f6923b1e5d82e4f1135af109bbaedf1c080905e795b0f505827c612431ba594bb40009a13bb9090ae8d3562312bf64b3b540f20d639137b1dbd681e9294b4085fa2357703a9bb172fde5489b083dd4787f2edb124abf12e80f6f32d43ab68d420f86c1649c14f347c697432d5fbb54df67458ede8dd5a487be785a1c88b2a2ffb1de7ab9dbd7ab0e22b924e65f0d52511a67a7f4374c3de2b060c1cbc368976919725dc22f62cb778bc05b3075ce5e6341ed6ae6b2ffd98374597a9a341779f04d6d8ca16042630066fa0a7cf4ce22fe39aaf9872e74159437132e1db75d74e01b4f75f2b7353006ecb5182598bcefb8c6718f66c35b857bbfebb5f67af32e18523b45950b6f70ad63e6954b509407585f361376ca0b288df4f7d9e1910774cbb3095bde16f0fb7a7496d47b6d2e1c499f1c1edbe1128891a9591b049b529ac157685dbcef6e9ac7cc49047ff7c092fe06b8ed6eb6fc82f2bca8765552d855af24c3f38387c1251e6c3a11e531939d481f0cc79c49871b18b81870b32be6c7fd14c71f94e5cccd76a2b9adb50fd36eccbc9c9c1e98a37e94ede9df109cafdd2d8efd8c12f8e38a81b1922c51fa4573ee4fdd820a270e79858685f952fa4a4fcdb38933efb60694a739a609aeb2592cf9b06074c9f874c6ccbab02d888e6af95530fab02c833c88784271c361892c1cfbcb7d4e4df26cee7afff2ceb09fc5ee1aff914df11141de789deb7ad6ad6ad770417d5f246aafd0c9ad8f8bbe7710e21e31e277cf344ec51bcb84b102337ade9053246f61e81644db39c00e38846d35fb04f40c5c030d114db21ca36bf9b448615a3908630043376de0260651bed129999031d73af19bfda65dbdb221f431e45db82aab99348cd6b78acd5e539f8aef515828bdf345529203ec1e4b837290aa7d3e16c483262d8e995d24a2c700506968e0140cd6aa5a267c8a3684e74e61284c5c6a0fd6c20bdb99e0f47657087787737501422e1f2a56402cd9b3490e5f29b7033267b1c55a9e431f83c282515558dec83b2a40a1a382f985dfa67c85e0bc13ccd8eef768b12f38d9044d86ca2085366e293f6da0cdd47a3b4b23448efe2930085a77f0e0fad542c20885beee275b14edde1ebf66ddb047c3a80c708caa1f2bb93b69964349d30c2ef992786fa86ae9dfc9271697282d218041f5a6f57425fc7c945acfa79888d12968032e5f17dc9aacafde13d270e09b54756156f5c62988cfb3b8a1461a29e2ae379f533978fda76703f8c28a3ff75b5e6f48cb71bbd48e6d6704af15dde43b6cf722d6d61d61f1e59bd3b3e1b0e55ae26194aa97a35e6021cd82b3c33d5cd314f08bd7bf94104d005fed97a7f71a37d402e9a7faa5cfa6803c9d8bb53a330e589d9cef3fd65c4e7e22d75d8e92d1310ccd48c265c012156b6449c2e4103870e354e0332c631e4b0148ebe7eaf332e0daf56637dc4e1ec503f023667c2a436b0024ae2d9ececbecc93c4a3e0785920ef8cbb738180b111b85529817342daa6af7e1209adb760f40167967ecd2cbc2258df25b2b948ca436571e17298385932d145f02956ce39f159dba857c11860126bca43eb08936982e07fbc448c3a34a9e2ae033e877d7d46b6b3782ece00b35f5776f39d2ce080940dbc675e0e8df0b211b6c97dd38b7b6e98269c317ac371ba65800631c9b2e8ecc3afdfed3f7292ec570f8b3537bb13cfea1f908745fc0d3aa90c7227009a3f1c867bbe912147eae950522568932e9f717df3e3fe2ee473e2f2ca4210f8fda538a6542b5fd7b0d2c2e65af844922cf290239783af42d0a8cb2a7683c3ea444af6aa5112fade3b69d23d5515c6ebf63b183d6461e4280c26a6044b37dbc8cb875cf1f20fe1f9895d8b192bb5e188d60d9d946afa339bab727204a9e6db67b9789cc190570c0adf2049b39cb79255c29b3125f968bc7e757ffce7847a381838613977005bb7666e6c8d33f32631cd7e44b75fc16bb3b1673eb1e463750b08286f39da6d4cdc636c31754ef09d7a97b38e1e91a02ed0d1916009b7311038d415ea4337ddd396aa03508450e6b3ec23467b92b6c0911d154e7c4834ad25fa919a549fca25a9a5e9e89a381e2201a5bf9075b58dc607e73521bc9fcf44dfdc8350768548ed3dd45b0c2829b264f7b071ce1cc492638f697be50581e800a4a1bec713f4adfcc3c0e2179ed91b3234febc2b481bfba92a8c7950dfe6126bef947047f1a31c063d1c37cc3d0c30dd1a2ad92d906f3f1f67e7ca269d6d57edb8db3d8af86454d80729759f3280a752ad18a2989e29b1504fd5bc3d0d2ef90a00355636afec70282fcf7e23ac30ff3267532504f72ecd3ca43b2fc08e5c1aee67a7b27f8ffd0c8943def58c0eee2ff66c23c2681d71a070ec19091f8f895473a357c262f6f4907212c6082ac4324fa85a66060d07431fdf3594af0b16bc4e93d1bb7f8cc85b1272041d574af75ef637ecac770ee00a53435478a69c47f1af12bf2e8640248272f425167426d4ce5699c1b267ffbe0eace41eb897ccc68daab896c0625abae0737251cfdc0ed25d907435dc5dd197fe133d8308bcf05247e68e5a3599fb48cf96ba3b4cd4643a2f3937d482c210b96e97ff056b01abae2fd672ee12277e6636c46a7e3f989de984c84f314a082f1b1bfcd78749f91d6a5df62b15975cec8e487ac34a2d11260f4a830ed0ec2c924fec51d20c57dca5c9b07c360d301fad61e820dc1d9dc48c4ca788cfcfef7ec01d236706bcde8968fe129816d2d4dd3b05df02f77df6f92a6843260c06f8195e931bedf82e913c8827abb6c9e1729f68477f447a969c031c9849b075c59f39c444281d7e25b68496fbdbc26c42f5d5e747ba77a01fb7e5d71295e24c8c57e1145eb622a0c5f6a7d42f8cff66d296c85242f5ec807bc9bce85117745da4b907ddec71a0048f671d5856060bb56ec776b1716123bde36df15628706ae83419c50eb1d6969ea1706d91040a74191458d33996015bd5d460782ad46194ce2260e14442f89a54d4fa249d1ed2846df1ef121b23c817bf976a6198f7868f2b2ad2c3a5078af1a450c47ef00d21b673a241331d366cf38fef442419b1fa8d9661e65daf1da10788c4e8c462faa39440aa0d7a762471fb6f2f317ebce8a665452e746c7b64b62f51cd39330659624d26425d2fc84a04441cc8adb4e8b927dd1e1d0777969614bbe8b5c65d9178b237171c771ec8c151b1605c1b4292852bd22f8f055ef358e82a64ba29d77560670985a34fbad709ee293567ce216b077f3459cdd8a4cf9561d522152ad4d2a5a0ab45192446d038ffe4a521e7b215b74d3ef762e6d656bbc4a4783689093848d7822a17ba59ea9123cabbb41696425f5aa336cc7c57914842e57a8e6c2d3fb87f192a8f85ba9b24b66aeb23b009f7faaf46ba494ec1a91937069bc8545ab3e0de15e960c3ce0c749e442df02429b92046598bf56551ed8bce6cf8fbf0efd248886c7ca98865c4e6e10c86c75c85ade6c2f3c68bb33c9591204983b8294fe819dfd17bdd8b61fbc3de797a7fde604351dc701e136ef07eb49cd65174a5527e98355deb4e3cb4d97fb7f1d9867a53a939008207079a373beb29586d3fe68441a51d42a5036c4163d25be0a75ab35340b886", 0xb46}], 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x1c, 0x0, 0x0) modify_ldt$write2(0x11, &(0x7f0000000000)={0x94cb}, 0x10) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:01:02 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:02 executing program 5: sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)={0xbb8, 0x0, 0x5, 0x0, 0x0, 0x0, {}, [{{0x254, 0x1, {{0x0, 0x7}, 0xff, 0x0, 0x0, 0x0, 0x28, 'syz0\x00', "a198300b9f75a1e10becdfbfdd19f71ccb04ea618a770f75ddf816bd448f04a9", "b363b3f4dae8e2968760828ed0803d935fda3c91596ff733315e5d016339d145", [{0xff}, {0x0, 0x40, {0x0, 0x3}}, {0x4}, {0x9}, {0x8001}, {0x1ff}, {0x0, 0x9, {0x0, 0xc3}}, {0x2ca, 0x0, {0x2, 0x3}}, {0x7, 0xff}, {}, {}, {0x0, 0x0, {0x0, 0x1000}}, {0x0, 0x0, {0x0, 0x2}}, {0x0, 0xfff8}, {0x0, 0x70}, {0x0, 0x87}, {0x0, 0x0, {0x2, 0x101}}, {}, {}, {}, {0x0, 0x22}, {}, {0x0, 0x9}, {0x0, 0x0, {0x3}}, {0x0, 0x0, {0x2}}, {0x7ff}, {0xfff, 0x0, {0x0, 0x5}}, {}, {0x7, 0x0, {0x0, 0x10001}}, {0x0, 0x7, {0x0, 0x7f}}, {0x401}, {0x0, 0x0, {0x0, 0x5}}, {0x6, 0x0, {0x3}}, {0x0, 0x0, {0x3, 0x7fff}}, {0x0, 0x0, {0x0, 0x7}}, {0x0, 0xbfdb, {0x0, 0x4da7}}, {0x1}, {0x1, 0xf21}, {}, {0x0, 0x0, {0x3}}]}}}, {{0x254, 0x1, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', "ede555338680baf37ad91e38319dcc0905e8c3c8fa114368b7215a8856b12b0b", "200d4ca7a91bfc97f97049858be98a22d90d8daf6d22a592fda674edf428a285", [{0x0, 0x8}, {0x5, 0x0, {0x0, 0x8}}, {0x0, 0x5}, {0x0, 0x0, {0x0, 0x7f}}, {0xe1, 0x100}, {0x7, 0x0, {0x2}}, {}, {0x0, 0x8}, {0x4, 0x1}, {0x6, 0x0, {0x0, 0xffff}}, {}, {0x0, 0xb2}, {}, {}, {0x0, 0x0, {0x3}}, {0x0, 0x0, {0x3}}, {0x0, 0x9}, {}, {}, {0x0, 0x0, {0x0, 0xfffffffb}}, {0xff, 0x38}, {}, {}, {0x0, 0xfff}, {0x0, 0x5}, {0x7}, {0x0, 0x0, {0x0, 0x6}}, {}, {}, {}, {0x3ff}, {0x0, 0x90}, {0x0, 0x3f}, {0xffe0}, {0x9, 0x0, {0x3}}, {}, {0x0, 0x1f}, {}, {0x80, 0x0, {0x3}}]}}}, {{0x254, 0x1, {{0x0, 0x4a6d}, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', "608d56e01bc7147efe9301668d12c586ca0a79717887a4b727710b024fbb90b9", "0020f6619f5959ef47d7250f0420486397fb3bd4982ff7e097bcdd538bc47486", [{0x0, 0x9, {0x0, 0x1f}}, {0xffff}, {0xfa14}, {0x0, 0x0, {0x0, 0x6}}, {}, {0x0, 0x0, {0x0, 0x3ff}}, {0x3}, {}, {}, {0x0, 0x0, {0x0, 0x1ff}}, {0x0, 0x6}, {0x1, 0x0, {0x3}}, {0x0, 0x0, {0x0, 0x7}}, {0x0, 0x0, {0x0, 0x4}}, {0x0, 0x0, {0x2}}, {}, {0x0, 0x9, {0x1}}, {0xff44, 0x0, {0x1}}, {}, {0x56d, 0x1ff, {0x1}}, {0xc686, 0x0, {0x3}}, {0x0, 0x0, {0x0, 0x2}}, {0x0, 0x0, {0x0, 0x3}}, {}, {0x0, 0x8}, {}, {0x3e3, 0x0, {0x0, 0x8001}}, {0x0, 0x94}, {0x0, 0x0, {0x0, 0x9}}, {}, {0x3, 0x401}, {0x3ff}, {0x0, 0x0, {0x0, 0x3}}, {0x0, 0x8001}, {}, {0x0, 0x0, {0x3, 0x3}}, {0x9051}, {0x0, 0x9, {0x3}}, {0x3, 0x0, {0x0, 0x9}}, {0x0, 0xa57c, {0x0, 0x7}}]}}}, {{0x254, 0x1, {{}, 0x0, 0x0, 0x9, 0x0, 0x0, 'syz0\x00', "24f6cc90af7468e259d059de53774452a837014fc8a637e7c436993f6a2ed42f", "51e8fe572d2e4fe3f1dab772e55573901f062381daedfeb7e9e431c0a75f81dc", [{}, {}, {0x8, 0x2}, {0x0, 0x0, {0x0, 0x80000000}}, {0x0, 0x8}, {0xfcb0, 0x0, {0x0, 0x9}}, {0x400}, {0x0, 0x0, {0x0, 0x3}}, {0x3}, {0xae, 0xa63}, {0x0, 0x0, {0x0, 0x101}}, {0x0, 0xfc01}, {0x6, 0x0, {0x3}}, {0x0, 0x2000, {0x3, 0xfffffc00}}, {0x0, 0x0, {0x3}}, {0x0, 0x9}, {0x5, 0x7, {0x2}}, {0x2, 0x7}, {0x0, 0x0, {0x1}}, {0x0, 0x2, {0x2}}, {0x0, 0x3, {0x1}}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, {0x0, 0x9}}, {0x0, 0x9}, {}, {}, {0x0, 0x66, {0x0, 0xfff}}, {0x9, 0x3}, {0x98b}, {0x0, 0x0, {0x0, 0x2192}}, {0x6}]}}}, {{0x254, 0x1, {{}, 0x20, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', "c2c3c3f97bf547bbebee3686a9ae3a8c547cd79a55d7f56a9986e7821021f723", "f627f5c73a0e0196f4ecc498be3e6d32afc07e12b677082d2ee3d0ac33ce8237", [{}, {}, {0x0, 0x0, {0x0, 0x5f}}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, {0x3}}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}}]}, 0xbb8}}, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) 04:01:02 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x600) 04:01:02 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSFLAGS1(r0, 0x4004743d, &(0x7f00000000c0)) [ 648.209534][T12571] ptrace attach of "/root/syz-executor.5"[11365] was attempted by "_    \x09    c\x0a       \x09  \x07   \x07      \x09 \x09 f  \x09  \x09 !  T syz1 {G6:T|ךUj!#':Ę>m2~w-.Ь3΂7 _ 04:01:02 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x700) 04:01:03 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x3, 0x7, &(0x7f0000000000)=@framed={{}, [@map, @map]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x1000, &(0x7f0000000280)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 04:01:03 executing program 1: r0 = open$dir(&(0x7f00000000c0)='.\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000240)) 04:01:03 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:03 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x2, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab08, 0xffffffffffffffff) [ 648.693379][T12592] ptrace attach of "/root/syz-executor.5"[11365] was attempted by "_    \x09    c\x0a       \x09  \x07   \x07      \x09 \x09 f  \x09  \x09 !  T syz1 {G6:T|ךUj!#':Ę>m2~w-.Ь3΂7 _ [ 649.505053][ T28] kauditd_printk_skb: 39 callbacks suppressed [ 649.505111][ T28] audit: type=1326 audit(1599451263.455:1457): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12607 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 649.621882][ T28] audit: type=1326 audit(1599451263.455:1458): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12607 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 649.645159][ T28] audit: type=1326 audit(1599451263.465:1459): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12607 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 649.668426][ T28] audit: type=1326 audit(1599451263.465:1460): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12607 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=328 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 649.691695][ T28] audit: type=1326 audit(1599451263.465:1461): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12607 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 649.714986][ T28] audit: type=1326 audit(1599451263.475:1462): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12607 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 649.738343][ T28] audit: type=1326 audit(1599451263.475:1463): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12607 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 649.761600][ T28] audit: type=1326 audit(1599451263.475:1464): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12607 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:03 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000000)="b2", 0x34000}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) [ 650.240655][T12619] block nbd3: NBD_DISCONNECT [ 650.245503][T12619] block nbd3: Send disconnect failed -32 [ 650.415103][T12618] block nbd3: Disconnected due to user request. [ 650.422172][T12618] block nbd3: shutting down sockets [ 650.498892][T12619] block nbd3: NBD_DISCONNECT [ 650.503816][T12619] block nbd3: Send disconnect failed -32 [ 650.545062][T12618] block nbd3: Disconnected due to user request. [ 650.551842][T12618] block nbd3: shutting down sockets [ 651.397529][ T9480] Bluetooth: hci4: command 0x0406 tx timeout 04:01:05 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x87, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_STATX={0x15, 0x58ff346b9ab41012, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 04:01:05 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x900) 04:01:05 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="660af8c5f5b4f35a8d0afc53070000caebcabc97d1dd1d02ae98b3e06ddb", 0x1e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) 04:01:05 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:05 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 04:01:05 executing program 5: socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={0x0, 0x0}) close(r0) recvmmsg(r1, &(0x7f0000001fc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000001c0)=""/216, 0xd8}], 0x1, &(0x7f0000000500)=""/15, 0xf}}], 0x1, 0x12140, 0x0) [ 651.713170][ T28] audit: type=1326 audit(1599451265.665:1465): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12629 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 651.736755][ T28] audit: type=1326 audit(1599451265.665:1466): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12629 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:05 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xa00) 04:01:06 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:06 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 04:01:06 executing program 2: r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x109801, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) write$dsp(r0, &(0x7f0000002000)='`', 0x80000) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)) 04:01:06 executing program 5: r0 = memfd_create(&(0x7f0000000240)='zDN\xf8){\x86\x87T<\xf6i\xbe{\x14\x10\x1f\xa6J\xa3W\x03\xe3 <\t\xe9\xd2\t%\xdctr\xc65\xba\xcc\x84^\x15\x1dDR\x8c\xaf^\r\xc0V\xf5=\xf1W\x1aF\xcaX\x87\x8c\a\x8a]G5\xf8L\r\xa2\xc8\x90\xc2(hW\\\x96\xd6\xa2~%\x06\x95R\xcd\v\xd7\x98=3b1\xb30x0}) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {r0}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, 0x0) ioctl$TCSETXF(0xffffffffffffffff, 0x5434, 0x0) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, &(0x7f0000000080)) readv(r2, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) ftruncate(0xffffffffffffffff, 0x0) 04:01:08 executing program 5: r0 = memfd_create(&(0x7f0000000240)='zDN\xf8){\x86\x87T<\xf6i\xbe{\x14\x10\x1f\xa6J\xa3W\x03\xe3 <\t\xe9\xd2\t%\xdctr\xc65\xba\xcc\x84^\x15\x1dDR\x8c\xaf^\r\xc0V\xf5=\xf1W\x1aF\xcaX\x87\x8c\a\x8a]G5\xf8L\r\xa2\xc8\x90\xc2(hW\\\x96\xd6\xa2~%\x06\x95R\xcd\v\xd7\x98=3b1\xb30x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0x4, r4}, @IFLA_IFNAME={0x14, 0x3, 'team0\x00'}]}, 0x3c}}, 0x0) r5 = fcntl$dupfd(r2, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendmmsg$alg(r0, &(0x7f0000000140), 0xfffffffffffffc72, 0x0) 04:01:08 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 654.884740][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 654.884800][ T28] audit: type=1326 audit(1599451268.835:1482): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12686 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 655.044714][ T28] audit: type=1326 audit(1599451268.895:1483): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12686 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 655.068276][ T28] audit: type=1326 audit(1599451268.895:1484): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12686 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 655.091592][ T28] audit: type=1326 audit(1599451268.895:1485): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12686 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 655.114851][ T28] audit: type=1326 audit(1599451268.905:1486): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12686 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:09 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r1) close(r0) [ 655.138136][ T28] audit: type=1326 audit(1599451268.915:1487): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12686 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 655.161358][ T28] audit: type=1326 audit(1599451268.915:1488): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12686 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:09 executing program 5: r0 = memfd_create(&(0x7f0000000240)='zDN\xf8){\x86\x87T<\xf6i\xbe{\x14\x10\x1f\xa6J\xa3W\x03\xe3 <\t\xe9\xd2\t%\xdctr\xc65\xba\xcc\x84^\x15\x1dDR\x8c\xaf^\r\xc0V\xf5=\xf1W\x1aF\xcaX\x87\x8c\a\x8a]G5\xf8L\r\xa2\xc8\x90\xc2(hW\\\x96\xd6\xa2~%\x06\x95R\xcd\v\xd7\x98=3b1\xb30xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0) 04:01:12 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) syz_genetlink_get_family_id$devlink(&(0x7f0000000080)='devlink\x00') ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x541b, 0x0) 04:01:12 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x1100) 04:01:12 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:12 executing program 2: r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @remote}}, 0x1e) connect$pptp(r0, &(0x7f0000000240)={0x18, 0x2, {0x8, @empty}}, 0x1e) 04:01:12 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:12 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSNPMODE(r0, 0x4008744b, &(0x7f0000001b40)={0x21}) 04:01:13 executing program 5: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKBSZSET(r0, 0x125d, 0x0) 04:01:13 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:13 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x1200) 04:01:13 executing program 2: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/timer\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0xfffffff8}) 04:01:13 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:13 executing program 1: perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x3c) sendto$inet6(r0, &(0x7f0000000000), 0xfbb8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0xac141403}}, 0x18) [ 659.932949][ T28] kauditd_printk_skb: 19 callbacks suppressed [ 659.933006][ T28] audit: type=1326 audit(1599451273.885:1511): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12773 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 660.089829][ T28] audit: type=1326 audit(1599451273.925:1512): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12773 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 660.113904][ T28] audit: type=1326 audit(1599451273.935:1513): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12773 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 660.137222][ T28] audit: type=1326 audit(1599451273.935:1514): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12773 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 660.160595][ T28] audit: type=1326 audit(1599451273.935:1515): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12773 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:14 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0xe, 0x4, 0x4, 0x798f, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000], 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x40) 04:01:14 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) [ 660.183814][ T28] audit: type=1326 audit(1599451273.955:1516): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12773 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 660.207303][ T28] audit: type=1326 audit(1599451273.955:1517): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12773 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:14 executing program 2: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000300)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000040)='./bus\x00') r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_FIEMAP(r0, 0x2, 0x0) 04:01:14 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x2500) 04:01:14 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="f60000000000000000000040"]) 04:01:15 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x3f00) 04:01:15 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:15 executing program 1: r0 = socket$kcm(0x10, 0x800000000002, 0x0) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000140)=""/257, 0x101}, {&(0x7f0000000700)=""/60, 0x3c}, {&(0x7f0000000380)=""/203, 0xcb}, {&(0x7f0000000980)=""/203, 0xcb}, {&(0x7f0000002640)=""/4087, 0xff7}, {&(0x7f0000000a80)=""/252, 0xfc}], 0x6}, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="2e000000120081aee4050cecdb4cb90425485e510befccd77f3e9cf0758ef9000600b0eba06ac400060003000000", 0x2e}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) recvmsg(r0, &(0x7f0000006b00)={0x0, 0x0, 0x0}, 0x0) [ 661.267447][ T28] audit: type=1326 audit(1599451274.865:1518): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 661.290819][ T28] audit: type=1326 audit(1599451274.865:1519): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:15 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70200001b000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b700000000000000950000000000000056ce36b68bc5792f0232168ee3006de80f334d6c37d03057bbecee866f55e3376e4a82071d7827afd2d144b81e55b3f31672797fc00300533324f8bcea04281a5a120a5d0e36c4ff71d94768e25851d3162c1bde856ed69b673e5b8d861ff207c0eb4b60a82fc3c0e2085d6add5893b223f703b454af0805f231eb8474ff3f640e3d4905000000000000005768e34ab95b6ef820398c1ba4b81cee61a98d7df3768db9bd084623ca56c82b205eca4d90628aeacbd4654eb4371861a98abf8e94d4429449cd85af76d9929b318c98dbead2f9921120246508b2ab804b38f9ca0000cd661d21ab5d7a8b9f974b4f5da4862c01b4cbe5f279fe779d5f9f366ec0aee3344d712d35000000009296c3db7ff279c9bc5ab33161e78d0ec42c3fb99156c3471399f86005f85f37888d0b0968f5a8fcdf57cc5c00005f083aea4f07d3c3ad8d7f6502d30f5660cf1ed7be1c5c0d9aded0bee44cf77ce3590ca82c5af8561102fa23b44de4462348571190c36babeb95c03d4f51636a53c1530bb3b4c297bb42a474770292266993cb6f13911624eb58351ee7bfb723d183f6149a6a0d0000547b4916e465a6f932ec9fcb0c1dcacc808e407f30df7e30bedf4b59427cb49c1f578f07e0ef6caf7bc56e455a971418975caded9acf7c900161b62ebab94b00000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x60}, 0x48) r1 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe80, 0x3580, &(0x7f0000000280)="b95b03b700030000009e40f086dd", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 661.314201][ T28] audit: type=1326 audit(1599451274.865:1520): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:15 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0), 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:16 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x4000) 04:01:16 executing program 1: perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x44, &(0x7f0000000200), 0x4) sendmsg$TIPC_NL_PUBL_GET(0xffffffffffffffff, 0x0, 0x804) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f0000000000)=0x1, 0x4) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000640)={@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x4, 0x0, 0x2, 0x3, {0xa, 0x4e23, 0x3, @dev={0xfe, 0x80, [], 0x19}, 0x5}}}, {&(0x7f00000004c0)=""/65, 0x41}, &(0x7f0000000540)}, 0xa0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x6, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 04:01:16 executing program 2: r0 = socket(0x11, 0x2, 0x0) recvmsg$kcm(r0, &(0x7f00000007c0)={&(0x7f0000000b80)=@l2tp={0x2, 0x0, @empty}, 0xffffffffffffffe4, &(0x7f0000000340)=[{&(0x7f0000000900)=""/188, 0xbc}, {&(0x7f0000000680)=""/143, 0x8f}, {&(0x7f0000000ac0)=""/153, 0x99}], 0x3, &(0x7f0000000a00)=""/190, 0xbe}, 0x0) 04:01:16 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:16 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0), 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:16 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x4800) 04:01:16 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:16 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001240)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f00000005c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28011, r2, 0x0) r3 = socket$inet6(0xa, 0x1, 0x84) getsockopt$bt_hci(r3, 0x84, 0x0, &(0x7f0000001280)=""/4107, &(0x7f0000000040)=0x100b) 04:01:17 executing program 5: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x10, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x3c) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r0, &(0x7f0000000440)='#'}, 0x20) 04:01:17 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0), 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:17 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:17 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x4c00) 04:01:17 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x0) init_module(0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) 04:01:18 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x400086) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r1) 04:01:18 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) socket$kcm(0x11, 0xa, 0x300) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4) sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r1, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:18 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(0xffffffffffffffff) 04:01:18 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x6800) 04:01:18 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) openat$vcs(0xffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x2001, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) [ 664.938468][ T28] kauditd_printk_skb: 35 callbacks suppressed [ 664.938529][ T28] audit: type=1326 audit(1599451278.895:1556): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12861 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 665.217699][ T28] audit: type=1326 audit(1599451278.945:1557): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12861 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=328 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 665.241196][ T28] audit: type=1326 audit(1599451278.945:1558): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12861 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 665.264502][ T28] audit: type=1326 audit(1599451278.945:1559): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12861 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 665.287759][ T28] audit: type=1326 audit(1599451278.945:1560): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12861 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 665.311011][ T28] audit: type=1326 audit(1599451278.945:1561): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12861 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 665.334314][ T28] audit: type=1326 audit(1599451278.955:1562): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12861 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:19 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(0xffffffffffffffff) [ 665.357897][ T28] audit: type=1326 audit(1599451278.975:1563): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12861 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:19 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x6c00) 04:01:19 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) socket$kcm(0x11, 0xa, 0x300) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4) sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r1, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:20 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(0xffffffffffffffff) 04:01:20 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x7400) [ 666.285856][ T28] audit: type=1326 audit(1599451280.045:1564): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12879 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 666.309607][ T28] audit: type=1326 audit(1599451280.055:1565): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12879 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:20 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x100000, 0x0) mount(0x0, &(0x7f0000000080)='.', 0x0, 0x0, 0x0) mount(&(0x7f0000000000), &(0x7f00000000c0)='.', 0x0, 0x23080, 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0) mount(&(0x7f0000000080), &(0x7f00000004c0)='./file0\x00', 0x0, 0x865410, 0x0) mount(&(0x7f0000000080), &(0x7f0000000140)='.', 0x0, 0x5110, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') preadv(r0, &(0x7f0000000940)=[{&(0x7f0000000040)=""/42, 0x2}, {&(0x7f00000008c0)=""/106, 0x5b}, {&(0x7f00000007c0)=""/242, 0xf2}, {&(0x7f0000001380)=""/239, 0xfc36}], 0xd, 0x0, 0x0) 04:01:21 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000100)=ANY=[@ANYBLOB="72617700000000020000000000000000000000000000000000000000000000000200002003001979442fd80000008f15900000000000000000000000080000006801000068010000680148c8680124caf117d5b401"], 0x1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0xc) wait4(0x0, 0x0, 0x0, 0x0) 04:01:21 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002a80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@enum={0x0, 0x2, 0x0, 0x6, 0x4, [{0x4}, {0xe}]}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, &(0x7f00000029c0)=""/164, 0x3a, 0xa4, 0x8}, 0x20) 04:01:21 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) socket$kcm(0x11, 0xa, 0x300) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4) sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r1, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:21 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:21 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x7a00) 04:01:21 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, r0) r2 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f00000003c0)="585ccb01ed83b836c1a6474914dc34e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a1a0900000000000042e3308965210007c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99b2655043a2ce0d23f4d2f6b0bfb1a4ebb022b8753a1880100569f435fb3bae96efb74b50ec93c152f5e8e", 0x7b, r1) r3 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000005c0)="0658", 0x2, 0xfffffffffffffffd) r4 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f00000001c0)={r3, r4, r2}, 0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={'crc32c-intel\x00'}}) [ 667.994808][T12902] BPF: Invalid name_offset:14 [ 668.025470][T12902] BPF: Invalid name_offset:14 04:01:22 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:22 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x1fffff) 04:01:22 executing program 1: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) futex(&(0x7f00000000c0), 0x3, 0x0, 0x0, 0x0, 0x0) 04:01:22 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 668.613386][T12905] could not allocate digest TFM handle crc32c-intel [ 668.694754][T12915] could not allocate digest TFM handle crc32c-intel 04:01:22 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:23 executing program 5: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9, 0x1, 'cake\x00'}, {0xc, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x12, 0x2}]}}]}, 0x3c}}, 0x0) 04:01:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000012edffffbfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff0000000015040000000000007f000000000000006504000001ed0a0016000000170000000c44000000000000630a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d99edc3a6138d5f728d236619074d6ebdf0983c908f50ad228a40f9411fe7226a4040b96e37c4f46010400000000000029faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7bb2b1ed81d2cf370ee4a2a00ebeb476ea3caae05f13792292cb949b3aab06b1e042ff2164da0c605532b18ab1c156b97e5889685a96949e4cb4f8f67b8bb84b0e733a63784ccc214d930cbb7e090d63fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d705ba80aee6335eb811a085ca14a7989f9777f600000000000000000000000000000000000000000000000000000000000386000000b854adb4f8080064e8407c6bdb37f4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953b78a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9ef547fd6ee9760d784cb1138e8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857f78b2414aa962a055034cb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03adb83f14c8db5555c62de4f626483632a2ab547f88dd6eedc73a2655ba3a3463a0fb9ed379af0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b32572c921ac1476027772c87d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986a51f9c47f5d7a45906d1dc26c0091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe1a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c6d1b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bde466d04774b53208ad8b022719ca77a4e0a66b4928f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb16490cfdc73d02719fa0aa7fade9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a7900"/1851], &(0x7f00000001c0)='GPL\x00'}, 0x48) 04:01:24 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x400000) 04:01:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000900)=@newqdisc={0x34, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9, 0x1, 'gred\x00'}, {0x4}}]}, 0x34}}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, 0x0}, 0x0) r5 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r5, &(0x7f0000000000), 0xb, 0x0) 04:01:24 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:24 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:24 executing program 5: r0 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000000)=@secondary='builtin_and_secondary_trusted\x00') add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, r0) [ 670.338669][T12944] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 670.361838][ T28] kauditd_printk_skb: 27 callbacks suppressed [ 670.361896][ T28] audit: type=1326 audit(1599451284.315:1593): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12941 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 670.541662][T12956] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 670.581704][ T28] audit: type=1326 audit(1599451284.355:1594): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12941 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 670.605166][ T28] audit: type=1326 audit(1599451284.355:1595): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12941 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 670.628599][ T28] audit: type=1326 audit(1599451284.365:1596): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12941 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 670.651836][ T28] audit: type=1326 audit(1599451284.365:1597): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12941 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:24 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffff7fffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') r1 = socket$netlink(0x10, 0x3, 0x0) sendfile(r1, r0, 0x0, 0x7fffffff) [ 670.675105][ T28] audit: type=1326 audit(1599451284.375:1598): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12941 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 670.698537][ T28] audit: type=1326 audit(1599451284.385:1599): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12941 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:24 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:24 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x80ffff) 04:01:24 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz'}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000280)='rxrpc\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, r2) 04:01:24 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:25 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000900)=@filter={'filter\x00', 0xe, 0x4, 0x358, 0x108, 0x0, 0xd0, 0xd0, 0x0, 0x318, 0x2e0, 0x2e0, 0x2e0, 0x318, 0x4, 0x0, {[{{@ipv6={@ipv4={[], [], @local}, @remote, [], [], 'bridge_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], '\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, '~0\x00\x00\x00\x00H\x00'}}, {{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @remote, [], [], 'veth1_to_hsr\x00'}, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8) 04:01:26 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(r0) 04:01:26 executing program 1: ioprio_set$pid(0x2, 0x0, 0x2000) 04:01:26 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x1000000) [ 672.356697][ T28] audit: type=1326 audit(1599451285.695:1600): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 672.380324][ T28] audit: type=1326 audit(1599451285.745:1601): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 672.403618][ T28] audit: type=1326 audit(1599451285.745:1602): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:26 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@acquire={0x128, 0x17, 0x1, 0x0, 0x0, {{@in6=@mcast1}, @in6=@private2, {@in=@loopback, @in6=@local}, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0xa0}}}}, 0x128}}, 0x0) 04:01:26 executing program 5: r0 = fanotify_init(0x200, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) fanotify_mark(r0, 0x165, 0x4000103c, r1, 0x0) 04:01:26 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000001d80), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:26 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000400)=[{&(0x7f0000000080)=""/88, 0x46}], 0x1, 0x3ff, 0x0) 04:01:26 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r0) 04:01:27 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x2000000) 04:01:27 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1}, 0x50) ioctl$KVM_GET_FPU(0xffffffffffffffff, 0x81a0ae8c, 0x0) r2 = open(&(0x7f00000067c0)='./file0/file0\x00', 0x189141, 0x0) syz_fuse_handle_req(r0, &(0x7f0000000000)="9eda438838743bd4e9720bee57093515dc189a5ea685e9556c1c2c3cfc4df50d66d31a48aa312663b68d18c5826b5b55fb738208863dac0f10f423aee7a5d8ddc45ebdfeb7424bae859d7c37ecfc4b63914d5a56d91017dd22bc84f759a15969951aef9d5c88c96560896988fa18cd946cfcc3a0f1c993348377904eac32c980bdf7976ebca2b499cab63c4e841514277fc71d4620e29a92523402485de0e82896484c0ae497a4d686df23ca7b68c3fd5e624d3510d7f94838e54af877ca58a00c5a672bba11f5aa1ed1980dfef47b9973d0bf456ded5e72f1702b3dc5197fce39cba53a038d8dc0ec783ce70577107dc5e8b299e64a0b7f1191f0926bd25762370191710bab2f44e9069f55f8a3f87e4cb488a2fb3348c0bf3b3874291f83e4776b160ea73aafa3919c7c069c73c0052173a63158db8b65541d161f9c964926ad7f06bdd6cb6a32135b04e35701c2e13c49c1f75dc7a25d623378860692d172ec3f1e1f2d9dc77c015c13721efcb101c2390abb847e871132f472a37cc0163b39b1d575a5444e246a08a1afb1a696cabab29498a314429a3b9f44c43ba29f71fac1fbe0d01c3c16d22730932704bcfb0c1b7a432bc51dd3f5dd5afc3b342cbe6a6ff899039e28f9a51881b1d46fdcf31767cb6f5c5c69ab3c80615d77c4d1664fc4ec831b8cea2e752bbb7a9ce79df875b29f1e232751daf32a1a0c4ff8bd0688e2b8e2d668b8a77e20a9eb6ec2e2c23b94e507baeacbcfa31fb6e1ca3343668f43e3aa6d85e7c29bf0bb4dbdabddc92be7f4a6f5d21b19e6da17bfb6cc926e3847532fae29c7b62fb909130ec372d3c16cfe6aaf3ce2af0fe7610fde7aad61bc80d2f96b999c8ccf6d22cf903ca8ae8b879ec4a416f334982e9810c0140a18d4dc81b5edaae23e9f4abaf40ed71512aebbba5bb251545e188db789558a845a2877b14bdaeec3c738b7d730c0860531bf5517d4f0e8f95ed3571f8a35816d5116fcb8d7cbf42b7d5d5e65541508c898bb2e0fe96297d2ab7135662de39df099ebaed5871111f5346278cee5728cec512e6c0a0d65b51e3d627873195b84103341c2bc83b6c8fdd8ba17f5957413f61c69d618c9b9d0b1f08dc81921b6c662ee1da3bfa019b095e9a03c2db4d645ccb7364e895098cbf7d932c72d80663c7a1694d122f7348393079223c11d36c64a5856eae0397ab9a9d948204b74e56525a9d552dd0916de81cbb5af3c59b3d7f8f9154423ce2cb45a5bc808e24bef13212019a19545fe54ba84d01534358380192b8c7b0eda907810375bb66a578a58fec392b47991271c8367b91d710e8a176bc1a4e96f0e137d4c25fbb03eddc392f9f170dd744472b864fbbae7c93d86e682308b21b73c5652065d72cf02e1152b44024a90a3b52eb0bb3cb412e518d37a68aa4c7f46789c54ab30d3a73d0a8712fde612294cda2aa1ccf164930b9b1d17801d4fbb06e849d39bf2b5141330caa0d2618b616f1c67e1ca57080e79ed9092ba7a55e8121cfc825cd26a0199a479a7ab1b7b23d2a4dd82fa6d04ee41ca680435efc934f0451e865e8632ac2f1115f4cdd33b0fccb7a2326127faf20cba37c828613dba5a98f4e1ad25eb6b91078cf73d873df9ef91531476f64b83559ff7ccdc4c070d478b18196ea05fe8d4ea0216ee5273dfabbd04582f40f064c9781afd2cbf30901f28cd09cc934f1b2d50883778274177e3dba8af0a1b931d80ce1a6c4085780ea2195b65ecfd2953f78a5290fe560d0cd6a5e73890a5a82dc410b92a3ef2be05ec5607820fd4ca6b9c3aa258d59022fdcb21665f1ce4e8aad8fd918c43bd3c2afe3dc223ff9f48831d401c8b6996190793d1dd7551f8511b69283992398d8f9b4bd2b3398d3b8c6f3c5d8b802ca5282b70242df2b7be4b38e70c3065f8da888631375afcc05ce578089c4f783776b286b7a60d1b5e189e2742a3240c1036a953d886885422eef01413c38099b64505fd5a73488acb4e611820674c58ae74d6c64a885d4beda9bd7903bcdc71e3711e2a057c0eab2100c321050ab14c6e453c53182577ad3178603cd9afde40a701120e9a36074fd582428c74e02781318e6c65450f8f020bd22475696fe13b8c59260e53a06d16eabd135e887a0a6bbc8ad21be7661df76fec5b13844f68b8eed1a7379713738beac9f23c7a26520e19797a910cde9fb285179526889b908b7eb49bb06f70f6271fba8712c1a4269ebcf4b7d043e924e3d2c4c753fd7e547d95841e335179836f76424e728810d7f32b78256ea30c79d9238a6588426e1f2d4c0b03d5605bd826ed24f0f11326b4cf958632b86e017aa80e142db1580c44f76d9c98196f3f6852ab2bfc6a01a3553a130c2d171957f5a45c3550fbbc990ef8742a98a86b280a57b9f198ff436bc01161ada50e6f23026c3254adf2321bff7e20aa54080bbb57d8d52c6a6df6107706a2e5bc6da68f17b474c0edd39401d765086e885cf7992405f856557915603cbe8894676e996bbadbb649a5e7498b91f9bd2f697dd9ebbe4d386050258b9f4c94781e61c660651c3f1e3ae51f8c035eca365bf15d6db48ea9ce183515f4a208d010f7c23dcacbd6e225490d7e9c133525f5c9018d752b21b4897bf18b64b6a9936f538a0a8958fc934440aeeaad2b68ac844d76f0900a6c95bd0b353d85d4fb62eb88360112237fd8c636a80e3130b21d66ae8ec58a4b76cba0602f96da919f7e84fd37e3ec2379f58e389a39c78d2482e03c379e3c4649ad63a76e3707ecff07d2fcb0c9dfc524cab49e69a09c92e4f88714335cb57d3f6184d07bef9657280fb5c9fd2d8f940f7ac6c5407e3077aa2e4ba8e217e0ee19e302d6d90e3be05a86dade35d2e454e511afb5cf5936f1d11f2fa6be6ceaa817dbdc7a6aabf2fad8ff3efa8382a25099f0c5989d2ad56ae0f4968b2cfcfc67b4f1c161c75900b4848f59a3c0376dfcb7997bf28e9e85d6dd942a360516de38e1c1a038a796f9a77ff2b0c7e5e8f4932391a0e58e76dacc6f9764178a211dfde3e75d367d2911ff398126ffdf83cf2fbdf1ad5232bed9155f7a168638a572094a9e934d4969b358cf6e121d7fd2aeae2f499068b42c152f0e3403a230885d6f92f038ddaa23499f804ffb06abdbabb51f6c38c92fb1a6271a4b13d6d11125b8ec12efa5907dc65062797fb9cca15e2f254e76b182d3fcdb4e96ac4de36d6df7e7bba5c32f422286b1be3b79bffb6fd693761952d195a84ad9ceb07287a0fbefab9e0347b513c5f60233ccd4b52d90ec144a2f896d9dc7f279f8aa93038f3efa286e1c3006933a4d7183d952f8d28b141b28b2af355b5bd8198dfde1ffb8d09202aff0d16ca3fec194662892a49f829813970a4520f1228aa03d211a45bed3b2e05bf1f10b1a152761e7b6c6ddea863a3c02224256092c70ca70dc185c4c385dd98b09e2682661e1e66f71d9c4037048eb70e8a1cbe57de87ec43713abf5fdcf63b9c482f318e3bec37e878dadbae15a02d731e6c8574eb14c059d72f73be5174add786d06b585a28a06d349d8e434a491b34897b3c1ad786ec8280d7f57edd4fbc6aea5485d659b59d393e331cf91e6ed76f340fcf7cf460892fa7318fc42b883f61d888ad982a751accb613c66661fba5f3d6de751a6a9ef8a4700316aaad04e991aab7903f4ef012ec2a8c092234e74ef335daf360ae47bbd2bbc6ad8c1a4f81efe8bbd703cb55ef36b32b4e30cb5a3b165c02ba295d0e1c40ce6ff8f479a74f01275f113ebfa8ade37a59ce70e6ca2a6f48f1be085f61bf772e2c2da523a2cfe63e99c57bdb1ff23139d4fca49eff7547e9880eefd3f7511a677efa23b52098ba89037c48dfcda2e8c1cfb9f892161049e53f8cee55256279512aecab8c441600dae0fd957883273047cf5c66ba209f830aa2ce0cbe41ca08c0cef4aed7f4324009200661a7ce680e5a8df2d051c1d8b2f63d25d8d74d05c75c46c8f3f24d625539e63459650960498a54ec3b16225bbbf4d3930009df265839d72611f5332a904cdebada108236e4414a2909ad01ec44b9d7f75de4385ad7ca5152e890a0919b3639fd1bcbca3b737ebb8d9ae541b1271cf2166ba15830e66f3d3afd3b754a7f81ad4f0999704ae99c114907c5be4a4797f13b80564f234723a34dbe137dabfd7fa23562df679f54a6ab54def6d63deae9844f72fd73efd0413551f5c4b9ee826eb3b7faf92a59ea34a16723b4fea14d1c8815a4e2d39fc48d1dbce526a7c53f5a96d0ef6463a0cee73fd3505f5c764a264b83c4a21f80e8b61c82d24442d13da99d18dc1b2538e7a510f6093d9ef2bc5cc777d4f98411e93919eddfd69d6e20d227cb61c50f358ea227f4de941fb080c1cf6b1f6e25533768fe133dbfc3f9d29c603bed38aa3c5af5b81a706b0067b40b88f992610d04c7cc36b8f649697cd6a93fae51138161891ae75a7147780fc59af5a6e18c54f9d2a4fe7fa92314b399afba9a40d0cc24f70a2593acf8d179215e06b7a9a88224bafcb2cbf60caf5fe4ff38208a70793b5dc33cd572956260e1c86312d3ba9b3a4b2b44376f2e78c616a6c0880ac8dcbaa30b9f761d500fd03a8518dd0509157b184a2d95e0caf3ffc8ac2db6c54d80c71a1e5b9ea3bf51071e2118af204123daceeb04e4f6f31f32a4d3fbb76ee49440cabda2c121c1b99acab5b87cecc37c3f9066af34ab29d6598bbfd91047a2ac7ce3a8f3027ff5e6d743506f161087278896a98ed37122ba208b61cf54d3929555ab06b564cd5e4f46f4755a6cfa2ef2b30d29ea66f2749d4060d411fa9160c91b6f55cf071ac8222c6313df18759e2958cddfe3db4cbeb9cd39abcf5f0beaecae8437813995cb7ed0b87d42ca942ff7245ece204798d01361c5f008e0d82bdf76660515bc78f7f8f409ccf68614b2cb50f5af2615661326fd971bc57eeeade60ea906b8df1cb0dfafd318cd2c396309c329d0469ca192aa8f51d7c4227685440f073983255baf054b97b9d7be1d1470d7eabd5c09b2116b4e86b0567b7e97e088717a4fe3dbdd310a1c39136ea4d2c47492001f9885dba03bf97e7da376171d666441cdc2f999db137603d57df32b4260fa0165e82917bb1631ea314e7a7437e66fc68cef22cda8f456d6e583f6e3237e0bc79987a9103f7cf0918e26881f67ea582e1ff3a49177599d385bf6e42572a2547933aeddb826530e9adf30dd84c3a7fae5c4c26f6c6f3a9f0906decd314e2407825abef959c5416d18a92ff34e6c521a16e8a0a29937c77d4ee99b41d530a732acbe0bf5d274df9d496b47a9a624546bdcf9976cde12ec989cb2a70b33a7c8a3a77652023164695f9db30dfcf587f0cd4f73e385730bcbdd688f6dcb08ba0efbb9f579220afefa4acfea522e864fce9b1782ce9f14824d16e9d33a2609c23ba3c5a1af02549357a0dcc12e37819d778021762cf895abeac1125b744c8b8225a091e7be9ded9993cfa3ca9abb83e25c8f559009977a2ed9374a89619fae5ef6d164bb73d242004dc8428e44689b33ee3bbe88bb4962ab0a32a90e7aea044f08410752cb2d7aeaf3196648a3a99092665b478bb394b48f79b36db0efc7f50d6a5179c945f5298cfaac5e5dea715296f92abce7281d48a0c9c6b785a35ef5f1697c047ddb254fe9a8ab9f498b0c1ae09ffd01a3d8d427fee7e36c51e0e5c2fee2245fb8464626ab5c9857ebce91f7d22bf024d10c2d71021cd69268472de419e6cefd970cc3a8e4d1bbe6496799aa7f100411766e712aff08b731460f14f9d7356db12cf8e1c6121968dc68b1d81c086b325ca4ce6fe1f476707e08fa913144b757c6be17cf93150db29544d207f09a896f33b7335d9339215da751e7af2c6bdd19db6f521af2c8a5998dc607f97026d07111488741134c1c86eba123273d1fd5ee4b471e86f9ae9478a04c7482076ab34a1eca5c64f89e5106eed44bceec019c67c12fb4db4fdac153f4ac3b63ffeb6d30de58ec039e2dd3c181e254cd94d0a2b0b44490384cc5915b54ee1db2b6d059879bf8126c9ca976d0f7862da07ecd350930a081810a7afd72b2ad3f65b96ae9c7f91227a2b5513a559f36b90fe01be9ae5ad3ca65e2c26f358fc26b858a3633fda7ae49a5fb705220a5819b3cca41b1ccc21d7c40f5fa9c422288efa5394e4312675899d704a2aab62b8363f58fd4bc12a8bea6ffc45b4414237bf5f019321206dbba439acb5ef26641f30fdac20f964354bce94e4c9d73e137f9806deefaf6f4acaa0e76ad4fef9f6cb7fc01bbabda9612c05adbe46afcf94819e8a4b4b49ff764784fa432d47fb6d4230900043d1b4521cd6839fe8c5df4d1899fdfb13880e207cac73f0a29020bdd563bd9c2f6bcd1ec523b3e03ebf6164fc65af001830c51396f9df2d346f83a59cfc82201cf1150ea57259d579fc2ed199b3fbe42d5188c84e4354610743e5b23a265246313cc63913f17412fa00d98b379b80b96d936969572e11316bc8926cb23115186f3b2387b82c3898fa41bf16a308da62d5a3eb3609af1943fddde08a4036eb2a41b7292caad9eb082614b02a1fa255bc7abd4d0e3b4ec1801e131e68c7aa9da1a0ff10f9de87dec8fad1ad8bfa99caa49e203a7b9c33e044d4544a537471e7a452468b821959bc488c6b8cbf81e90081a26de273ad1203cc06adb6af242ab19f96c1c66b58c37e2c9309704fba63af99a8d9c5efc651afb631fe9f546b938cc3b8e526c4159e5c9f7afb29fd1d55fabf09367ce2a63a35e7a2062d1c772ed981fd77157a847f687a177cf9886ce41df8cc509302b46bc1e2ba896b1c1656a1bbfdf4cd9ac39cf8510d1c823075f16550fd044aacc8d42a56f03718f7b18475cdc3999faeb25ab3dd8a807ee04d8e5d831d08b4e309dff50330685138797e10c6362636f53f22bfc1f3d5090a5d369282d9de36bb4e2505411ccc6ea395afa1567b15a2fb4be2adeea7126b1a8e80034105e0d98bdd78e796ce1cdc06a4ae666fc0baec5c52614340ed997673e26ec47c88846c000bb7c9077337cd44f5c041fdcc64986e5e1c0f488148f0ee6f842c44c0b72e82109270341bba6e9080b70fcf930d0f10be5a36798e70111fed72727b72282ff164fc08319d74f1f57cde71b57cb397a9e753f87b97729bafba017a24cbfdee5dfe7fc296c112e93bb8fce560ca80a3afd8370baaa79ad783b51352b5440b144a47378c9ae22eda5794328e95bcca220fd07bb56915529b155c61858efe89ad36a79288e74c0e251addcfaf797432175a5562b46eff5e3aebeb74623e18beef85389383c604d8884431b07dc4bea0174aadc337ff41f558a63f16690feae47efa2a5d1318b7397e1e4ba398727d286791b71610e1d78d32800e7e113c12abf0f60b6ca4401ecd23b7aacd990633b2b017daf6bfef1b2361ece74b7dbcbb1a73d4bc1f9d2e5c9fb0b7980d25cc44d1b10c09ef5a6a05c84669294a5cadf0cd88ab449f9f0bcdd8c48590d416c5c1feaa494a2145949c2a3373df7c6014225f2745bbeb20ff294d22c0d96ca111e6926946207cab56a03162a49e68968e398f70690188ee3ca847ef421742d60b9a6ad029e8a3d607950b2bf8ad8ff297cb39acc94905635770436e134435e28205140331b5100d9f64469792fffac87bca0835cbc617446ff86a7b50418c305f32e658b32130e491e38709fd3697017ac8084cdf1ed81a28375aed092ab4e32ca88a933154dd3a9e99351acbada926b67b310c7070ac1a414a28c5abfe1f45476249a12f18ca2d981528d881ed3c5072e46a6eff3cdf37dcbc89c7f79c88a1f8d15d15beb66a0e4440c7b93e379c4e2bac1d5c8e85f1852887e2cfeb178fba1c67dc2adb0c87df8ca4444ca7f455509f492effb5001328b8cc696e2933207a2d78bbce8562ca34a248193c914406b161c8141479d891b0c6110ec1e25cad38299b489f2ec437017cadba67dcb58abd4933c95b3526f1d4747b8701a7d71e446e4b62e2941d4281faca0cf22914be5aad80f47100000000ceb24e82508fe55a92fb6db70d03d1c1ec09cfee31639341756a4630a0eaaecac7bfbddf9d30c42cbd45eb181d5bd341307ad26f496bb042e2b655c03ac3dcc587acbf50f79b5c239be9938b62d3251b199f8413b020605d5d0552cfd9c39c9132719d6d0a326b000e12fcb51bc274df79d11430060d05978cdd50583f1bca82c57dbee605e2d00fcb5414af13a596d35cb5ba62de6a28cbccc857d23547b1c7fd5ac8fbf6758d5b8451fa46d9acc00344dc2e565674b1dd3547eb8f8aa5fff99042f8d1d59e6ad2f53379211e6832fcb68f5777eb2db85b28f724f4e4ce6342cf55713ff7b0cb4f7f47dd12a6566b86709eaefae024373267ce72a89e7f3e42ab48edcccc96b5d0403fe93a927e5ccf470014f220b8257393226cd7b996f20e6a34f81206733a9fdce03b701943c1b560d3eab68c2c225cf7f7f2b56123be2bb173e9e5b37f4d3348f6b987764ad07c2acd44514ff264d7eda31e5e517a179414841ad4553d51c08f435e05f10aa82d74b97a9ba3a133e6c9175fdcd4f3dc9c16d3be1d5bbaf13240177081ac1d56681bfa988a93af09868afd608520c0bfd71d857a6661fdaf6f2e166987eb007449dd26334ae932c5003fefc0f983b9e49cbfcea325f2de16a9ae935caa46f5b3433957fb370971ed957f138f08a60fed5b84995e428e7ae7d5c22021ff016baef0e713a118344c016a99ad469313ba7f2452da0dd82e019f64aa229cf80a69b3e08ac5847f10d247179855546313232f23e055c2f74ecef14e0fdcc29a9bf0976fbb249bd5c7903183d2a53c70960a183630e7d4928daa7091a85ad987d2a4a5b8f6be6612fa72d9fbb33c67bb38eff19f2e784f94e0354cf6d35a5b2c62233c039de3734b38e97ec72bd673fef09fd56fec329818cc68cdf12cb52f7d37a8350c16e94208880bfcd3e895d7aa4489e3dd15db4a9026f0d2a46f1e89c35845dbd976a1992b87c15a0c7580e6424b8792a7bb7b933d7c5433d4133ba4dbbcf7995d6ed3feaa32f876a287feeb9cc6107778c1f83e0119d980b9e994c2a3ae3de24a103efb3cacb746b49d1ad85746b233ab4aaf0e988ec2a786bc93f32040d3bdc3008031634cdfded5ac95b2279e096243228296591e7ba53c4a127772cc4620e6b238ccad250629194533d0a669ff3366c52d64928693e0b0cbb0b8e2c6029089d4dfe2b4b6c5dcd85f1a02770611e65001e48a32a8b0431a3b9d77fa3a95be38a0436a704c05a8e0183f3214c25531a63796f679bf72885aa766468d42b2543542d7e82544efc5c5e81e6a91a0f5d4e68000cff687d63e45c9a11d4ef515050daa592c9a828ac7c0488e7cdb3d6fdaef5e9176ee68d981ea50d386d74df3b40660351736deb03bfceb721878cf9894b0302df15964242ab6b9f77f98ba1c7993735983d2b022600ab74a19e3636e1400d08ba45d3a5c2774cb06a1c358bbfc11d27efaf7ca53c2e7757c8c76da24707d91a4a5244262898d68083ff91c514d9b9b1ebaa0cb0b10254fda1b1e82b9a1a47f117b5b280ddbec1f6732d11117ef1a7a674699df87fe795d1243cb9c4527e364e2b711b6562a87fafc130ce0baf1701686639b05f0c8dc708f008b1e6ab89e8d623bb83f3d54b7bcdbdacd055ac4eccbd36bbe0af0f65a00e3d6dd985ae8851d176976cfb5816d1fc2a63d3546aecaa4e712ca6961d1f181315d553de6b53485faed0dcfcf819a1ba3badffe797377d3d1ddaed8e7a0acc0c3d277762262a139f94de49faca167b11bf04f2104a5ab9a73367a6461f7124c91a2c4229ef98e6ebde9aac283c7d029400d71293f488ba169b62c1e94689cf5b248ed4aea62b88d65bb764cfe27d5231a58486e7381df518f4ed81cb905108c54a5050a94ca0e94da20d3794bc5fab9127dc95b6404b1e27b4e28136fc27806f7be798444c33aca88ffd45b860eba0d5033839f5a092863954604f1952bd61dad23b11643fe14f3ade08116aa2c13eee701ccd13e506bd65a1060bf69579aea8c8143cd38c0891a3065f251eba0c20ab9c69ddf28e3bd6400cc203bac8de1882239ad4e1b97b0ae2f1abb7bac7c0d8ef82b97ebfb1f5577f06a3a1377b09ada4db87d342f20ab0eca4b9c206042471307511429cb57a578211f92d3647189861cad9145f5eb26ab696abe50a2a6c1b469df97da28aba4e79b586c348a430f5ea61c4be1032fa61d18581f05a07fb8707c8996e0fff1c3eda59b992687fa12483b9327e10224b20d42e8b3fc4670bf070ced602283273d6818acd1f6da567c44d3f5e1377065d43d87d889843ae48e7fa8ba1634815695b8c480ca271e6e833799c70da80fd79acc09b989667a2294de5da73f0363df9a33ad4dab8d27cf7bed0a06838672e3d07d52b6396e9b5576021d5e925abd533bf161c944795065fdd44e8462e3070c479f1c118276653488dd9b2f1a673f8cad3612ca1fab4388ec9c8f834a01a499adb7b3a9a977672f6d75b41bbdd7f91ceb7e7a88568d17bb432be9e4e96e115075bce197ef4754d2914c2c59e2d7f4c08f0dbe34d31f229428f211bf1d7e8f5c319ed4a8273cb6255eb318851ac4557b0278fac63107a54d407c42f300b843a12abd3b893b46c7efac2e388ab42b87aebe2543bd4c15f459bc50aad10ffe1c1196fb52c26e54bdaa7fbd52451f207ffb073ef4b3f71eedd7da40c89505019739e3fa733bcdc84ff4919e8fe2358129ef28291be1d6426b8bafe88463b1d3cd7273745381c7f65221898e6ad361e88b24c54ccc7ac9a830145b6dc096e2d71ef71ec4f03524cb870b724e08d223bdec2f6fdde6200217a13b5136004d455d66547f5a1793e0cad85677d49e5c558852107007c8136812cf021afaf6f7e8f59883371be46cda412dd9c6fcf187c31252ceb5758901d39cd5355ab386d9a7fe6ea46ebf277aaf809c3023211ea9aa189de4d422080ebb9fec50ffab6b95ba4ae5018accc497e79149ed6047ce561ccc10e9194cdccd5c9fb75175c8dbc9d0a916ad59288f010defbbb50d263041ab37aac0f93253bef6f898cd0825d99d27224f26181f9713b8979da64756c95e7505f25a2688960d6155c3613dcc31b6c337a6dbfc6b12cfde1db22b93bbd5e48534fb0bda8b212577a14dcf665c834b0bd24e5f624d2455fe048dbe930328d7cb632db3b0e244bb5d43390b420b15157a339487fc78976f867d3a361aafdd3f50a93c01882da7c220089a544381db22e2c86b228dc2be01820468460437588952a549d37498e529e62aa62bad1580546bcb1e9a6ed1870b7838d05d12f6e3a041e78b1bdb80894626f20889ccb3a468aa4fb24b9c87cbb28623ce59c6b3c6286db366d08004551a25fe4d8d194a2bb7c52e1c85a5fbe4cb15b171489da121bea1c469a6bb185d63213084e3a81ee54dc03a94dc5ecdda7bfaad1df68021aaf4627c9d529f13e5c81b5ee4dd228949ca16b9a61d186211d153294470907557e5e14ae665013f285fe4d3766e7b3d8ce5e2a14692072d4d8f79354bcc8db8a2a36c8bcd", 0x2000, &(0x7f00000069c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000066c0)={0x90, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x100}}}, 0x0, 0x0, 0x0, 0x0}) openat$dlm_control(0xffffffffffffff9c, 0x0, 0x210002, 0x0) syz_genetlink_get_family_id$nl80211(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$FUSE_DIRENT(r2, &(0x7f0000004300)={0x10}, 0xfdef) 04:01:27 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008108040f80ecdb4cb92e0a480e0037000000e8bd6efb250309000e000100240248ff060005001201", 0x2e}], 0x1}, 0x0) 04:01:27 executing program 1: sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) openat$full(0xffffffffffffff9c, 0x0, 0x580, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='lowerdir=.:file0']) getsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f0000000380), 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) lseek(r0, 0x400000000000002, 0x0) getdents64(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_REJECT(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000480)=ANY=[@ANYBLOB]) bind$l2tp(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) 04:01:27 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r0) 04:01:27 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x3000000) 04:01:27 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000001d80), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 674.159668][T13005] device vlan0 entered promiscuous mode 04:01:28 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @loopback}}) write$tun(r0, &(0x7f0000001680)={@void, @val={0x3}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "a5c268", 0xf98, 0x3a, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc]}, @mcast2, {[], @dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, "64b75e", 0x0, 0x2c, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @loopback, [], "0a0f086e7e88e7cef32a58e838e6d4f1f786344b4f0a366861acc3b9b19554fc195c3fbfc0179a45a95337d898757fd8f8263eb088cf76205e567a5012a465fe66821aad1c8f84c84c589f7d68005133853b4ed568f1b4a8a3e87d26e0af2cb4bdac5c75b4c425ae9fdf4583ce548a7e4e2eba3c2ffdf34430239ccdff37786f088708acce10a41251f1a08e6fef2a63dba8de25477b68fdcaf299cf2060964db35e52cdbd38087bc1809c24d4b2a0910ee8958c61cb72a7ef8d92bff1a5b0c9143801f719217c2d318b25ff2dfb58c34593bf299ba510754d429f0a681c53ac9c46d72c95bceb628e51813f400295d363ec7547f4086ca5aae5573df8618bc7925810991d9deba8a096ccdb424ecef10cc9125eb6fcf8cdb1b70c182ac6b838cfd06aac211a318a5bf16523114f206355d8df9e055fbe1f4b02d045b97e9d0a921a96721fbfee68d53353c85f8d992ac265e645440f92e91b95d132aa84cee76b6ddbfa73e2611447b2168d4d33ef1093f9512df4fe2493fad47d13795c5cd10042b60b168b8974f5971589aa12c78fcaf59ff1b3d05bf3ae94651e626963dd2b6c62a72c0456d4347b96bb553dc9de323732cf1a45b12a5bbb7aade3abff0350e9607cb8d5330ef5f82a440223c6c85afa83ec3dc671c29bc7c4ffd3ad5514715a3eb552c2281465e4832d873450e1de1fd8338b609304d71618bbd24b58a4709aeae93e1da88ae253824fa1b0c082e5c57e2978833e42c1c2e70b3e8550a5196baa8c9ddcf431c212554c36e546d39dc3c76d03e837aaba014f0b23ce3ef0ecbccb48827cda39e3e30f72d1fc31f30084d803d9f5de01dde89c9ee1b173a43acad364ce2cdd8614737e0a197f75c66d9fb92b04aa4bc3c10b6cc823a22f096dd2b811458f43cee732ad1688f93555f83ff33edb8cace8cb70e7282e0f112d11e4a2bc813799a84b4e12cd1eb49ce8187941ca98e1adfabcb1a2766b81f1878b8eace79340f45009a13e48026d2a4e310b269079ab1a643292c5297c7a93cf4f63a752fde1d8c2b33b5533eefd1030bc50808530bbc0f307ffb3a38d1e82043f31ec956b94db5585733bec6d73dc678d05264cb4b1c59717741373f45279d4bbe6bd984bf4b06fcde6c2140797489538d9954532ad514173621cbd688a92e31974f05c29ee4ac5fc3b40900eb9a1a1dc6204bf51ef22841e3b2007d35cc3c44c101df5a0c59d7f97a9c3deedb0a3806d4d298a61c6fa8e3d218ca9d1d1b84596d84bda463634a6b5272e7e18440685e14c71be7003af8ed0b77867942604c86f8eb112fecaf5811b1f3947b5c73ad392f72ae7cb1321b43d1d80bc51ed9b0756f473b5adfaf5f5add33ef0aa5b928580dcbba1e5b8d4ef2587b5b8a55f3e2b90e8173c1c031f10fb481b703b43095dc4ef545a2258d486561959b89c52db3b9c1ff8ad8a878ff46f9eba08e057fcb53b720007db1dbe3710ff211e986d762d50ee82df22e8c0bb9042b91597bb1ad4cf3ed3fa5ebcb74c3791e595c15cabbaf0768ee7085bc2b725f68fa4f2b96c7002f2a87bbcbdf321dc14f713db665e123cc74b42ddf97904d8a08ac2b793dea88aca3a9578de075f417eb502633d55bceb17dac76655f7bda0926ec38f18a555085d454fc37de1eea70432524c5634f241ac95f33a4a3c9272df294963c61a044c47928b08ddcbd36ab8bd1af8296b749e665bf814a8993628bc28993cc7b309a70f20785ff8beb700199c6192da64ff5738ed00312986bb21d39d3eb1dab4376a8327f3c9c8ebeb81e3704a7f4c701a4266abd692bc0020d569e6786c393bf4b5dee9918e37824ca611152689d2de8843e8599347d06dc8d94e48238bc3bca839777efc8a3c4cf24d566b35902a8a6a377690d0db367e6a878dc4d493d28d680a70fcbfa3c94fc9b6d89a1dc274bdaba2ef88140f9812789517016486b8ceeb18621300f4a3909179eb147e143168998f4762868a294ed5450393bd9aacd28d95805d0c74b7966b1fbd50d74d21fbbecaf8b96f3d0d43dd2ae795410ceef81055456ce6e35ccf5bce92e7fda5278a66156a3c3251a65c637d2e96aaca9ca9d8c1c8f0bcbf0e36d657b465f96af40c49e2f3ea66ae939e73de2f98b4a5985f464cc9f65e04e0b85773993b3165b5a324c51c9625bdbe4a070aba2a2511b92003126c4e76eab4713e3e55263865084191e92894978c842d2f1fe401bf811c585f64ff8a3f4c1cbf934f8e06ed83caee4c9151b39affaa4d483a69c6a77899874e598cd1b328b0bdd583e14561266f0e2a87021d864633bebe6871e07b74bf29f91ea2f66431cecf2378b6359ad2fde51fd99a4135e8b45e21d33201ab3a2e0537d86242c142417585662b99541a4666c20424686668376fbc61ae614290b992fdb07274762d302f1ff221fb70a76a0034d7a0884adf5d61a8fc59549f9083d015314fffb51158059ee13330fae8205895f09b8f5712b6cbd769c677f4120f4915a72842ade48f8246781182e40bda8ba1f2e1bc31a940732a379de39ef87fbaf06b57a79e038992b4bfc7d5234f7c2ebf6a6d65621f83ea9afa66ef62ff1812e8a10aa0f38f4a3b2d49bb469499e61bb0985200bb68d3d8e067eccdb8c8380159d0b8447d63eb95ce2baab346f3e9b4cab50463647029d1923e6a59b29a6263c3097194abbec87f64cf7d976a4e53476de278363d349f97a971c1dac15e8ea61e965897cc7235a7ac773f6891d5c4983dae69321ef7c1acfc122bff2d26a7af713300e30c2fb7012594fccc24b74e6534ec3986840e40a9c436f486822876561897eba17ced70efda9410d869d0f81d5f5d94d68ade5f2d4aa274f0cba6baaeee164ea8040ea922ea95b99dc5160dce140e619880ba276dac2e0d528ed204ebe0e65fc7a08d799c42bd1e9a88c683e6cf5aa88af8445fec0fe25572a0bff855f0875b2a2470565a424e606059560c62f4dc8b704e872dbe1a5de170ec2cf92c68798eb1049c202a4b7aa21e326e6c5cc77567dd023cadf29f8856d0c5ff14edc636037b4d18e1670fe865a2bfbbdbf34deb9d082030ebf89f49d13c1987a6b2ab6c6cb7825af333e63878af5d8c4ddb37704af39676bf7de1163ee6e02b5d12f1ca7f1d5bceb59630dd588d269c35d1367450872a3fed756997757740e3e04884d7e29db852de63227a6c8f597f0e952fb3d92189314c91c20d95bb1297d630f5c29f5518cc53e594753bc90a110d7db2127eb4103b7e658399f7fb2e7fa80b7f8682d7c5b1ea4760ce297efaf9d339c2816fa9a7fdef21989b12bd2a0c9698181f595e9b514afdce4313505ac0188e468b17b23ddb3b2ec308c6547269a0210a1c1f3955de0a73362bdfc57cc6b89a1e4936bf5a450f4b61e85d4117b2285cc81e1d06e08bce62b2675d791f422ed357349c659ad1027b6276d7c7a2d7cdc495578c91976a6b18415a8f65d6ffa2564afe6d28205632d39ad3053078958ea6acefb5c756820c8ea98cca84dacadf27c8f62ee48d849f48d59b370a278800f8daa808fc45f2be5245e62ee0c6932a4d2afc0d20d157e988d5e4542dede8252d2c874aa593bfd8f90902752691d63014df5ef4bd4dd97850f8c07569f0b2c07eb1b3f68ae3c73ca3fa80651bb27ce5ddf7b80d06e6055bae7d5454aba7704febd0ae22ec9617ecc9b5a8737b8e2329f5f6acf5e43cfb7f94a04333def6156e07a494341bc1e6fd25c37da58c6b8038b42f6bb49ff47c4cb6a1447d6d9880b198817e11d64dd4e151088082e6079a99f7b670a9164b4078de4408d9fe3918971e5bb25fc1d5f12b45cac3d7311dae3ac1a120c8db18c529857522cb7c92d02b0bcfd9af72c441807e4e3cf2389ee4f1551b14ccb7030475ab17ff5d9084eeb7a65ecb717bfc6eecae303a3df6c5037c4de378b1292c30ea5d9b162347686c46d5ba97b4907bc48ad0c04e93b1ba3ac35c9d767be11b533dba1047e85652efe921de5f7b508c0270a92e504d9b052583f7f3013b20cad13da63a70f7a6fe93c56ab5da55c559c5697d28eae3ad2ab5067e9ea9cfac1de3a9afd74a64851364541fb895010eb090e1140adb0c3ef003932119224844573f4c81bfba79d30c148bb73ab2437a51dec3ac85cbc277676bb97419f027b9d33cf57aed1b3eadf29d32b11710ce4567953e4621585834be51a6deaa72649c9c111fef4d91174a9bbed044dec0591db922395fb155e847424a6a4a5405990ab8d48ce266ab7d09ebc741b974381aad43d267271275797cd2b2c20fdbfa310c4cffea4f250801e0ce93c711a56f09489398492cb82b7cfa460bc390d328bfd5e6ad9824a4c57e0b4748e1704b523ed26327e1e647daccc2213116b1180d4309d52b4b4544655b7523061d5ea0fcfe80138824828c6951be3928e1f067c2fb261d434d3e627c17d19550e23306e84e636bf6dcb3b14d71f65b4378337ead534fe828e1d9d57f45fdf0b18244d510ad2c0c94e3470124d62c50f1f1837048b92a80ac8c4100da7669e8b6578a223cdcbed1c006ab236097ccd11c93285e0df40b40e729de8955374e492c594a72de8d25839a37e36df21d83cad372ffb093604d9a05d9dba42ec380c8f4e3ebc866dce7de9a269563e99184a384bff72a1d4e65eebbb0ac2fec73b3956ad11dc23abc07fe7844b412fc391f8e085468316e4a220ebc1dbf4e84a70fca7216936a839a8416672be66096fe1df0389dfc84180a41d6d8d3f8e6a46a50b1d8d8747d89883f77c1da7c80825c21789f5401d651252ab1fee6bf99b0b1b92a80fe9c871b5376eba7140d8df52ed20b59ac80a982ca6ab6a8b0edfb99a3c3e544655793fafddf5258d20f2a231a4a2374a97646103077fd493a1db7f9cad4bf155ba65dc60e13f0e92ab42be488a11fef35f633f2e8f9a27a6fdef687e5aa30263b4bbe601ba49b22fb34ba96932852dd4e736dbb23e565d01bf69de6c62997558badb2f30db12c5eb25fa667a62aec8168fddbef1fb024d41413b1a1978422d636d607f962b6fa2c02d104882031053c487b9026d758191d6891452a46d4dd5e4d33298b8c0445481ccf1436cbea5a34bc6a98038d5259a34a9292dd9fe9e531f212359ec64d133e00e66d60213d0374e8b46faf96d53e6210ff8482622ab440b1f971e09ab9c3fb2a9eeb15aaf8c4ee11d2c447f13a2483ccb8d30c00761aeccaf8d2e8542d92978ff8c8c75cc4f5fbf67d64d603d20b9d9e167585983e5041d349724491430021ccc78709b704fda105c26959ed2b563d288c3143b51ef202223cdf825554f07f2e212b687d41eda95abaf812af03cd7dfbd0b3ff9384d9d52223831be7307948171d1a7312171b89d8fcf56b1e8e5eb8a0b2391dd18fe0430b8b39b8aef1702a7f3774486d69a0b5ff94e3fc04a39d240a8b273bd66a5e5e86bb591e4c5bf35000d58463ad10a8505efdc689d9260a1f24c1fdd7b693de3d2085d175ea6bec8039ad7c2462436ea4281c2f8404b409c4ea2fd2e013b6a7d492aaef2bb6944e831622fbbea2f03309a9e367bc02a975e1bb7823"}}}}}}, 0xfca) 04:01:28 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x801) fcntl$setstatus(r1, 0x4, 0x102800) write(r1, &(0x7f0000000000)="d5", 0xfffffedf) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xe) dup3(r1, r0, 0x0) 04:01:28 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r0) 04:01:28 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x4000000) 04:01:29 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xee}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000600)={0x0, {0x2, 0x4c22, @rand_addr=0x64010104}, {0x2, 0x0, @remote}, {0x2, 0x0, @dev}, 0xef, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x400b}) mmap(&(0x7f0000011000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0xf824b000) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0xc7, 0x0, 0x0, 0x0, 0x296, 0x48a69, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4000e72, 0x0, @perf_bp={&(0x7f0000000080)}, 0x4, 0x3, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xb) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0xa0, 0xfd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2802, 0x0, 0x0, 0x8, 0x0, 0x4, 0xffff}, 0x0, 0x0, r0, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) creat(&(0x7f0000000180)='./bus\x00', 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x2703000000000000, 0x0, 0x3, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1}]) lstat(&(0x7f0000000380)='./file0\x00', 0x0) ioprio_set$uid(0x3, 0x0, 0xffc) 04:01:29 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000001d80), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 675.373115][ T28] kauditd_printk_skb: 32 callbacks suppressed [ 675.373179][ T28] audit: type=1326 audit(1599451289.325:1635): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13029 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 675.403018][ T28] audit: type=1326 audit(1599451289.325:1636): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13029 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:29 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(0xffffffffffffffff) 04:01:29 executing program 1: mlockall(0x1) mremap(&(0x7f0000394000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f000038f000/0x1000)=nil) mremap(&(0x7f000038e000/0x9000)=nil, 0x9000, 0x2000, 0x3, &(0x7f000080a000/0x2000)=nil) 04:01:29 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x5000000) [ 675.805752][ T28] audit: type=1326 audit(1599451289.385:1637): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13029 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 675.829664][ T28] audit: type=1326 audit(1599451289.385:1638): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13029 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 675.853040][ T28] audit: type=1326 audit(1599451289.385:1639): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13029 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 675.877451][ T28] audit: type=1326 audit(1599451289.385:1640): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13029 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 675.903548][ T28] audit: type=1326 audit(1599451289.385:1641): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13029 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:30 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x17}, [@ldst={0x0, 0x0, 0x2}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000080), 0xfffffffffffffffb}, 0x48) 04:01:30 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(0xffffffffffffffff) 04:01:30 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:30 executing program 2: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newlink={0x3c, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb, 0x1, 'geneve\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_ID={0x8, 0xa}]}}}]}, 0x3c}}, 0x0) 04:01:30 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x6000000) [ 676.751143][ T28] audit: type=1326 audit(1599451290.305:1642): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13051 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 676.774937][ T28] audit: type=1326 audit(1599451290.315:1643): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13051 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 676.798470][ T28] audit: type=1326 audit(1599451290.315:1644): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13051 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:30 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) close(0xffffffffffffffff) 04:01:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) [ 677.353104][T13067] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 04:01:31 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:31 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x7000000) 04:01:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000100)={@val, @val, @ipv4=@dccp={{0x1d, 0x4, 0x0, 0x0, 0x84, 0x0, 0x0, 0x0, 0x21, 0x0, @multicast2, @remote, {[@timestamp={0x44, 0x24, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x0, 0xf, "ee319c96d263d85915f4f81fd8"}, @rr={0x7, 0x17, 0x0, [@multicast2, @loopback, @dev, @remote, @empty]}, @ssrr={0x89, 0x13, 0x0, [@private, @multicast2, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "3d0635", 0x0, "b0a657"}}}}, 0x92) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = dup3(r2, r3, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000040)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000380)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) 04:01:33 executing program 1: unshare(0x40000000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x3, 0x2) write(0xffffffffffffffff, &(0x7f0000000000)="1b0b00f21c0025510a", 0x9) setsockopt$inet_int(r0, 0x0, 0xca, &(0x7f0000000000)=0x10001, 0x10) 04:01:33 executing program 3: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x4c}}, 0x0) close(r2) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$packet(0x11, 0x3, 0x300) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 04:01:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:33 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x8000000) 04:01:33 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:33 executing program 2: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x79, &(0x7f0000000040)={r2}, 0x8) 04:01:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:33 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x9000000) 04:01:33 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 679.997529][T13124] IPVS: ftp: loaded support on port[0] = 21 [ 680.516411][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 680.516470][ T28] audit: type=1326 audit(1599451294.465:1670): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13154 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 680.545898][ T28] audit: type=1326 audit(1599451294.485:1671): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13154 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 680.569203][ T28] audit: type=1326 audit(1599451294.485:1672): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13154 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 680.592701][ T28] audit: type=1326 audit(1599451294.495:1673): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13154 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 680.615910][ T28] audit: type=1326 audit(1599451294.495:1674): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13154 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 680.639174][ T28] audit: type=1326 audit(1599451294.515:1675): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13154 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) [ 680.662427][ T28] audit: type=1326 audit(1599451294.515:1676): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13154 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x8, 0x2, 0x0, 0x1, [{0x4, 0x2}]}]}, 0x20}}, 0x0) 04:01:34 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xa000000) [ 681.567564][ T28] audit: type=1326 audit(1599451295.195:1677): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13167 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 681.591029][ T28] audit: type=1326 audit(1599451295.205:1678): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13167 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 681.614824][ T28] audit: type=1326 audit(1599451295.215:1679): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13167 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 682.042115][T13124] IPVS: ftp: loaded support on port[0] = 21 [ 682.116900][ T8764] Bluetooth: hci5: command 0x0406 tx timeout [ 682.259228][T12274] tipc: TX() has been purged, node left! 04:01:37 executing program 1: openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/cpuinfo\x00', 0x0, 0x0) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) open(0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x400000, 0x0) io_setup(0x0, 0x0) io_getevents(0x0, 0x401, 0x0, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) add_key(0x0, 0x0, 0x0, 0x0, 0x0) add_key$fscrypt_provisioning(0x0, 0x0, 0x0, 0x0, 0x0) preadv(r0, &(0x7f00000017c0), 0x19c, 0x0, 0x0) open(&(0x7f0000000300)='./bus\x00', 0x1c3182, 0x102) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, 0x0, 0x0) 04:01:37 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:37 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x54, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x54}}, 0x0) 04:01:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:37 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xb000000) 04:01:37 executing program 3: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000080)={0x9, @pix={0x0, 0x0, 0x32314241}}) 04:01:37 executing program 2: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x1e, 0x2, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200)) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000000)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) 04:01:37 executing program 3: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) bind$netrom(r0, &(0x7f0000000000)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x6}}, [@netrom, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default]}, 0x48) 04:01:38 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xc000000) 04:01:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:38 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:38 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x5) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000800)={'veth1_to_hsr\x00', 0x0}) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000680)=0x2, 0x143) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/17, 0x2000, 0x1000}, 0x48) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000000c0)=0x4, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f00000002c0)=0x80, 0x4) bind$xdp(r2, &(0x7f00000001c0)={0x2c, 0x8, r1}, 0x10) 04:01:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:38 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xd000000) 04:01:38 executing program 3: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a45000/0x1000)=nil, 0x2) [ 685.092686][T12274] tipc: TX() has been purged, node left! 04:01:39 executing program 4: socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:39 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xa, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x62, 0x11, 0x30}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 04:01:39 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x6, &(0x7f0000000000)={0x12, {{0x29, 0x0, 0x4000000, @local}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) 04:01:39 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x10, 0x0, &(0x7f0000000300)=0x8) 04:01:39 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xe000000) 04:01:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) [ 686.183749][T13266] sctp: [Deprecated]: syz-executor.3 (pid 13266) Use of struct sctp_assoc_value in delayed_ack socket option. [ 686.183749][T13266] Use struct sctp_sack_info instead 04:01:40 executing program 2: write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000100)={0x7}, 0x7) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140), 0xc, 0x0}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:01:40 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00008feff0)={&(0x7f00000002c0)={0x2, 0x15, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, [@sadb_address={0x1, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@empty, @in=@remote}}, @sadb_address={0x5, 0x0, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x90}}, 0x0) [ 686.453129][ T28] kauditd_printk_skb: 31 callbacks suppressed [ 686.453181][ T28] audit: type=1326 audit(1599451300.405:1711): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13267 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:40 executing program 4: socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:40 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7c, &(0x7f00000003c0)={r3, @in6={{0xa, 0x0, 0x0, @empty}}}, &(0x7f0000000100)=0x9c) [ 686.711650][ T28] audit: type=1326 audit(1599451300.455:1712): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13267 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 686.744044][ T28] audit: type=1326 audit(1599451300.455:1713): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13267 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 686.770069][ T28] audit: type=1326 audit(1599451300.465:1714): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13267 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 686.798080][ T28] audit: type=1326 audit(1599451300.465:1715): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13267 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 686.825123][ T28] audit: type=1326 audit(1599451300.485:1716): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13267 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) [ 686.854200][ T28] audit: type=1326 audit(1599451300.485:1717): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13267 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:40 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x10000000) 04:01:41 executing program 2: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fallocate(r1, 0x0, 0x8003, 0x8020001) fallocate(r0, 0x0, 0x0, 0x8020001) 04:01:41 executing program 1: socket(0x2, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002980)={0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000004300)={&(0x7f0000003e40)=@abs={0x1}, 0x6e, 0x0, 0x0, &(0x7f00000042c0)=[@rights={{0x10}}], 0x10}, 0x0) 04:01:41 executing program 3: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000080)='-', 0x1}], 0x1) listen(r0, 0x0) 04:01:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:41 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x11000000) [ 688.062444][ T28] audit: type=1326 audit(1599451301.485:1718): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13294 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 688.089895][ T28] audit: type=1326 audit(1599451301.495:1719): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13294 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 688.119471][ T28] audit: type=1326 audit(1599451301.495:1720): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13294 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:42 executing program 4: socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:42 executing program 2: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0xc, 0x10032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000011000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x2000}) 04:01:42 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mremap(&(0x7f00003a1000/0x3000)=nil, 0x3000, 0x1000, 0xc, &(0x7f000063a000/0x1000)=nil) 04:01:42 executing program 3: unshare(0x2c020400) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000540)="85e69a3016c5db4b90"}) 04:01:42 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x12000000) 04:01:42 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:43 executing program 2: setresuid(0x0, 0xee01, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x100) 04:01:43 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:43 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f0000000180)={'syz'}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000001c0)="dee7030022cf9e5e1dbac27b0426fc0299c41fb9b9761a1b44dac894f365ae68edf335abf35ec53d6751467ebd2c187491bcab2c8d34fec505fc8a14622dba33ff9b054eb7e8a5bc4ab2719cb230328931deb95ef3fcafb1ce27743a93f4715976edec860ab49c3a4f51ab0124b50c3362201a307df03000", 0x78, r2) 04:01:43 executing program 1: socket$nl_crypto(0x10, 0x3, 0x15) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0x0) r2 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) request_key(&(0x7f0000000040)='id_resolver\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000200)='\x00', r2) r3 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x101) request_key(&(0x7f0000000040)='id_resolver\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000200)='\x00', r3) r6 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) request_key(&(0x7f00000001c0)='id_resolver\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000280)='\xe3\xfc4C9_E?S\xae,\x85\xfaF\xf1\xb6\xe8X\xab\xe7%\x99\x05\xf8\xfa\xbe\x88\xd9G\xd2\xdc\x8a\x84\x9f\xb3\xc0k\xd5\x8d\x00X\xd3\x92\xbf\x15H;\xf7\x13Z;k\xce}aO\x8fi\xf7zE_D\xa3Z\x0f\xba\x96\xa7\xadl\xbe\x16m\x9d\xf1S\xee\xed9A1\xa9\x9ad\xff~\xdc\x00S\'}\x19T~\xa8r:k\x0e\x0f\x8d\xcd+\xce\xd4\xc6\x97\b\xe4\xd0/\xf1\xdd\xca\x84\x84|\x18-F\x1c\x06\x85}w\xf4L|\xfd\x14X#\xf8\xc5\xda\xf7vo\x05Ls\xf41\x84\a\xfa\x06\x7f\xa0\xbb\fYd\xee\xcb\xb2$te', r6) ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, &(0x7f0000000180)) 04:01:43 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x25000000) 04:01:43 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:44 executing program 2: r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) ioctl$SIOCRSGCAUSE(r0, 0x89e0, &(0x7f0000000000)) 04:01:44 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7) 04:01:44 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) mq_notify(0xffffffffffffffff, &(0x7f0000000040)={0x20000000, 0x0, 0x2, @thr={0x0, 0x0}}) 04:01:44 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x3f000000) 04:01:44 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:44 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:44 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x400000000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080080002007f196be0", 0x24) pivot_root(0x0, &(0x7f0000000040)='./file0\x00') memfd_create(&(0x7f0000000080)='batadv\x00', 0x5) prctl$PR_GET_ENDIAN(0x13, &(0x7f0000000140)) shmat(0x0, &(0x7f00003ff000/0xc00000)=nil, 0x2000) 04:01:44 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c) getsockopt$inet6_int(r0, 0x29, 0x18, 0x0, &(0x7f00000002c0)) 04:01:44 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000140)={0x20}) write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a) ioctl$FIBMAP(r1, 0x1, &(0x7f00000000c0)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000380), 0x101bf) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r2, 0x660c) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000001300)={0x2880008, r1, 0x0, 0x8, 0x0, 0x13e8c980}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) 04:01:45 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:45 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x40000000) 04:01:45 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:45 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_mr_cache\x00') mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x20112, r0, 0x0) [ 691.902141][ T28] kauditd_printk_skb: 45 callbacks suppressed [ 691.902200][ T28] audit: type=1326 audit(1599451305.855:1766): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13380 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 691.932926][ T28] audit: type=1326 audit(1599451305.855:1767): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13380 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 691.956531][ T28] audit: type=1326 audit(1599451305.855:1768): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13380 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:45 executing program 3: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0xf642e7e) fcntl$addseals(r1, 0x409, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) [ 691.980428][ T28] audit: type=1326 audit(1599451305.865:1769): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13380 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 692.004381][ T28] audit: type=1326 audit(1599451305.865:1770): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13380 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:46 executing program 1: syz_emit_ethernet(0x36, &(0x7f00000013c0)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "41dab3", 0x0, 0x3b, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local}}}}, 0x0) 04:01:46 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:46 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x48000000) 04:01:46 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x2, 0x73) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69) connect(r0, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @empty}, 0x3f) sendmmsg$inet_sctp(r0, &(0x7f00000003c0), 0x3a301e0909ff6cd, 0x0) 04:01:46 executing program 4: perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:46 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x44, 0x1, 0x2, 0x3, 0x0, 0x0, {}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}]}]}, 0x44}}, 0x0) [ 692.909225][ T28] audit: type=1326 audit(1599451306.865:1771): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13397 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 693.050359][ T28] audit: type=1326 audit(1599451306.905:1772): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13397 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 693.076995][ T28] audit: type=1326 audit(1599451306.905:1773): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13397 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 693.102129][ T28] audit: type=1326 audit(1599451306.905:1774): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13397 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 693.126499][ T28] audit: type=1326 audit(1599451306.905:1775): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13397 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:47 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x4c000000) 04:01:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:47 executing program 4: perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:47 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "02000200000006b5b6c943044900cd9400"}) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000140)=0x80000004) ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0) r1 = syz_open_pts(r0, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x0) 04:01:47 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='ocfs2_dlmfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x20, 0x0) 04:01:48 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x68000000) 04:01:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:48 executing program 3: perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 04:01:49 executing program 2: set_mempolicy(0x8002, &(0x7f0000000040)=0x35e, 0xb) r0 = socket$inet6(0xa, 0x2, 0x0) flock(r0, 0x8) 04:01:49 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x6c000000) 04:01:49 executing program 4: perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:49 executing program 3: r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}}, 0x24) r1 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r1, &(0x7f00000000c0)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @ipv4={[], [], @local}}}, 0x24) 04:01:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000040)='SMC_PNETID\x00') sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000020000001400020064756d6d79300000000000000000a3000900010073"], 0x34}}, 0x0) sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000280)={0x0, 0x5, &(0x7f00000002c0)={&(0x7f0000000200)={0x14, r2, 0x1}, 0x14}}, 0x0) [ 696.017475][T13448] smc: net device dummy0 applied user defined pnetid S [ 696.123608][T13453] smc: net device dummy0 erased user defined pnetid S [ 696.186967][T13448] smc: net device dummy0 applied user defined pnetid S [ 696.195622][T13453] smc: net device dummy0 erased user defined pnetid S 04:01:50 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:50 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x74000000) 04:01:50 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0x2e, 0x2e, 0x2e, 0x600005f, 0x5f, 0x2e, 0x2e, 0x52, 0x5f, 0x5f, 0x2e, 0x2e, 0x5f]}, 0x40) 04:01:50 executing program 1: mmap(&(0x7f0000008000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) creat(0x0, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f8) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(r0, &(0x7f00000001c0), 0xfffffef3) r2 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x5) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240200005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {0x0}], 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3cusgrVex:De', 0x0) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) r3 = syz_open_dev$tty1(0xc, 0x4, 0x2) dup(r3) 04:01:50 executing program 2: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2, 0x840000000000a132, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0xb00000000065808, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000140), 0xff4d) sendfile(r2, r1, 0x0, 0xffffffff800) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000300)=ANY=[], 0x3af4701e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000100)) sendfile(r2, r1, &(0x7f0000000040), 0x100000001) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)={0x14}, 0x14}}, 0x0) write$cgroup_int(r4, &(0x7f0000000200)=0x2600, 0x4010040c000) 04:01:50 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x0, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:51 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x7a000000) 04:01:51 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm={0x3}, @sack_perm], 0xb) [ 697.103976][ T28] kauditd_printk_skb: 39 callbacks suppressed [ 697.104039][ T28] audit: type=1804 audit(1599451311.055:1815): pid=13471 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir156048963/syzkaller.TsBBpO/115/memory.events" dev="sda1" ino=16381 res=1 04:01:51 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) [ 697.136497][ T28] audit: type=1800 audit(1599451311.055:1816): pid=13471 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=16381 res=0 [ 697.159321][ T28] audit: type=1804 audit(1599451311.055:1817): pid=13469 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir156048963/syzkaller.TsBBpO/115/memory.events" dev="sda1" ino=16381 res=1 [ 697.809244][ T28] audit: type=1804 audit(1599451311.185:1818): pid=13469 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir156048963/syzkaller.TsBBpO/115/memory.events" dev="sda1" ino=16381 res=1 04:01:51 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000100)=0x4, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '~\x00 ', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)={0xdc, r2, 0xf2b, 0x0, 0x0, {0x32}, [@NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x4}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x6, 0xbd, [0x0]}, @NL80211_ATTR_STA_PLINK_STATE={0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @local}, @NL80211_ATTR_AIRTIME_WEIGHT, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_STA_SUPPORTED_RATES={0xc, 0x13, "a3a6b70f95307615"}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xc, 0xbd, [0x0, 0x0, 0x0, 0x0]}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x7c, 0xac, "7286183c1f5f1edab17e999fcb8c8d71972409f6532ccec3d538e837551c0c07c903be6aae706b7aef0cc58bb74c728f1857901ae7ecad73ebabcc96ac420a44b0f64e65e36e06f3d23ef8ed354222f70dbb243cc15ce8853c110cd7846822e25c510b2f4cbce8edb2617092802bdb305653c8b2e7e20b9e"}]}, 0xdc}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r6, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x4c, 0x64, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@filter_kind_options=@f_flower={{0xb, 0x1, 'flower\x00'}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x4, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5}]}]}]}}]}, 0x4c}}, 0x0) [ 697.839855][ T28] audit: type=1804 audit(1599451311.215:1819): pid=13469 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir156048963/syzkaller.TsBBpO/115/memory.events" dev="sda1" ino=16381 res=1 [ 697.865502][ T28] audit: type=1326 audit(1599451311.715:1820): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13479 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 697.888959][ T28] audit: type=1326 audit(1599451311.715:1821): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13479 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 697.912248][ T28] audit: type=1326 audit(1599451311.715:1822): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13479 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 697.935510][ T28] audit: type=1326 audit(1599451311.715:1823): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13479 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=328 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 697.958849][ T28] audit: type=1326 audit(1599451311.765:1824): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13479 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:52 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x0, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:52 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xa1ffffff) 04:01:52 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:52 executing program 3: iopl(0x3) setgid(0xffffffffffffffff) 04:01:52 executing program 1: creat(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_tcp(&(0x7f00000000c0)='127.0.0.1\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000000000,cache=mmap,access=clieft,noextend']) [ 698.607304][T13495] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 698.675504][T13495] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.2'. [ 698.763786][T13503] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 698.831331][T13507] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.2'. [ 698.853591][T13495] syz-executor.2 (13495) used greatest stack depth: 3432 bytes left 04:01:52 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x40000000, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x0, 0x1], 0x100000}) perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x40, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:01:52 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xeaffffff) 04:01:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:53 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x76, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0xeb}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000007c0)='bbr\x00', 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf93a1a7511bf746bec66ba", 0x7ff2, 0x20c49a, 0x0, 0x27) [ 699.241967][T13514] 9pnet: p9_fd_create_tcp (13514): problem connecting socket to 127.0.0.1 [ 699.306898][T13516] 9pnet: p9_fd_create_tcp (13516): problem connecting socket to 127.0.0.1 04:01:53 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4) sendmmsg(r0, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000b40)="f518377a1d70479d6a10101fab97cb3b3a2cdfe6f8b88cc29f4755440000000000000000000000006ee8fefd0c5600802400000000009f6a558f6453e3e7ddd364500fc8f5794c4a10e908d7283d19546e5659070803010b509a2f39f3e9376a9cf56835f4ef5bc8c0c84b4966716367e5c28d03cb851be973e341e736047d9e491eb3f4474bdac7fa46e4672e4f8b568b4bdd5ac2fe8832b73e27545d", 0x9d}, {&(0x7f0000000200)="8f31ae97c81b31e59a6321f6d6e7f21d384859a4d4112372437d5b5f5a6292c8ceb3be4422d7cf23b03f6146", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="55a63ca73d52b3f955f5250cf8e6f342d3ed59380ccace432b540b986ed7e7ce21271459842f0afec93a59a4ab6660874735b2432bb7fe14014ee6d1ab994cb87b6ecfb4d3d4c424cfbfd9a1d1fbdc98aabb8d4e23cbba6a5b1bbf2cc2f28ea2bb64ee1301dec8a325a1c55291636fabbc94c3585de3fd5371aa09b1e3df61092ad3cf89b85f", 0x86}, {&(0x7f0000001240)="b1f0d096818125e3be2eb1e50001000076e4e9712eb1556a0458812c31e058d7fed68074a1d37ea07ea46f73b15ec6a21cabb57e529f403b89639ce9b3fb661ca7a297749f71f21af2da14b25fb201ddb80e269fd2185a2d3f1dd6ebc04be0861c1bc0f9e923c33134d6d9419d512e04c1ecfb1ac4a29383fd2a0d83e0e641c75b4d9da1c1968b51df426ace85d5260a14a486f8e499aa96b37687f8b1cbd473be8c0dcb47df1aed0602edaaf46a4a2321f0576cc3e2ba1219e7a5f690d68ca017f96a30436167c066da00eae4db2d404e7adf0bf966", 0xd6}], 0x2}}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="1179c8bfd4cd9f76dca3196a84497a8312f243acd5897f232f8a3efad897b17bde88980c4582e35ec3d7e64973f3886b3e40b302f09fe9935985d60fb36e1521d688da815a0574373bc15bae7908008d9ea5ebbb9f8d72950553dd63f7bf3ef85e1c34e8e90c69cffb3f50c1884ab7ab8a8daebf53e627e2f63dd9f42887d0c729880daf554294e3ac402a1cc070", 0x8e}, {&(0x7f00000004c0)="95ddd95bc0bdf4262b0325efb9f852597b3afc76cf3231a0650e8499f69c10485cc21b2ea259901640a913355c836553392b175aab6046a0f0cd6196c4a9cc4be6209864e9750e6e2cb9e17a", 0x4c}, {&(0x7f0000000900)="ed6e1b5624fe2878010530698b9a9d906f782793d8635f4de571ecbf51ea562222f322f36fce83f198cfaf1068053f8dfdeeb29e89b99c78cbcbbce13acde18f42e3f8b417fa6c5df5e4be9e0384c5d23cd2b98c10608c09583546a2a8e9e5aa2441de574680bacc2942f3d3ff816993e12de49f89ec517d1cf5518f84bd5cbf37d15d743596eeb0faf6b968024219ec208cbe9be0dcbd704c8a437e63c91e31662faffb42df1b61392e7ef3bf0ef91c1812ceaac2021392fdf1a8fe678faa7a05c317fee3c1ea372436f865f9d4ed0800187641b0e45fdcb808994bbaf21c43ebdb0c0dfadc340b811de9353022532e111612ac6518700000000000000000", 0xff}, {&(0x7f0000000d40)="ff2c01230f6e68028ff1dfff80827d753d6c2ae64817986f06c538c41effdb5807f2122e4e4de161eb8010a3b66cfd019eab4fb8c7c8d8b49a3c2b3779f05ef3adb31e13c20a1613ab22875252e5f6abde189d20017f0f6dc8bd6719ab154dcd55b2355c5a355ca03b3e265e3d552679b15b3138c78dca9b92b279b86dbe2717ecd6787a71a9921a53043421d0c3ada3608c115a2032a4858abb33abdce34d3f2d155e01e7f262dc0f018d54ca654a1c4fc346c7e8ab247e8f5f847db8f7b9cbf754385780150df175d352f6e2b6e7fef7e7a37761142896a7c98ca8d44c31c20df2bf257d", 0xe5}], 0x4}}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f00000002c0)="ebb22d6b83b15660007575a6b10000000000000000000000000000dbc3747ee4a986e01f4b4c8c5fb5aabc18e496fb6dee9afc991a53bacaa32c1c950d577851933ce03fb37d93a52f92a88c7e749493e6bd083e0392160374e06591ab7410daa74a459786bf6bcac96aa9ce6c1ec971c917e5a129534fd34c822f134cb6f2994acc7a1d9024bd5159b534f19b48ee5714fa3198d938130e1bcfbd39c6462a01b4bdf9c1c2f8259d568a411cc09aec38cbe2f12ace7c7ea19ae947adb3a90aa05087d311b7e702", 0xc7}, {&(0x7f0000000fc0)="1569b33bb070f83600a121c7669187398da69d8b7f7d297f94ab0da950d524d6891a60", 0x23}, {&(0x7f0000001380)="e40483a796d9fcf9e7b17e29a7cd0354bae1641ea07f395c66f620c35d5a9bdce12de191aabab4b56bfc9fc511e257981b82061a5d33dc3358f409f3af099c629cdd442f270478cc9651b5776d3edda586e882b6281be88f3aaf5d5b5d711ec34877b2082348cfa03248c828934050fc5348dffefb396540c741ea8e2ca0d4ebd860de1500a44ec4154ed7c381d9d328399e7916b96653e5068f2c3798183a666420c737ada0eaf9aacc939c329e76724f08a17f27c0e0390285ba998c7ee2a5db00301885ac927fc1d28a97601ab2cec76584c040133c1fd1298e40507b432355203157c2218d5d7ea5c7316030dec771fcc45d5416dde9ee59dd99ef5256df2a8726aba4bb20628b0d3bda2582347ede088213071a56b4f1a07d757ee024836ac7d3d9f1f3751b134ef518ab01d2fdf10ac3885b366288019dbeadb7d108d5ba8d49a20386b41ba358f6480bee2d92ed275a0a5c772927372dfb90d1c3912f5f29843ed9869e1dc5c6e982ffd45977b701f854469703e6e11aa2a2e6e0a1e0e72ab938ce21977d14af6fd541590c8edcd976cd7b20d5870858a10b0d058a29884300c17d9e21775c63c09c324cf24915dd523107ce4fb44c96f3a906e6da27e3483ea220488846cb8abf4840290a61220480c4c39356e355e6a814b2c18b789343e2bedcad296d575b0e8766f4d54cd7e2ac4aef6ae663453cbfc887d200d7fb28661d23e20316d63233271f3af8fb6e06cfaddfe728cb73701223542bbccf670c961d98b82e582b451a803e308cb29b6e85c0457eae6e40e322149c52412a3bc3a3a6bb68416f266d76b302af092d1f5630776e9cac773b2eba32b6a221129770cef0e3597110d8b556a35ed4184b11c34724be13e30513e68a47dd9ab03ba49992a20efa4c6fe281dfb4853d78bd63ed44176caa54ef721ea21ededebca86c21089ed2f3ec6cd9bed00e49ebaa10110bfa28dc652d5b27babf1d0e51103bc0c7e67679d76f81fd15bf87ea57e22e6fc3463adc86884f88b618ebe91415e2c20119806911576c312ca92aed85e9c5170d599c24309230fc8492a6a0a15a3a6d9f1a5aead963902fd9d8f167fe4550e09da78ddd031c069b90ccbfa502dfd3fc9e1e555a7167e99efe0873", 0x32c}], 0x3}}], 0x4, 0x0) shutdown(r0, 0x1) 04:01:53 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x0, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:53 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xfeffffff) 04:01:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:54 executing program 1: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUTCMAP(r0, 0x4605, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x0, 0x0, 0x0}) 04:01:54 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ipv6_route\x00') r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58) r2 = accept4$alg(r1, 0x0, 0x0, 0x0) sendfile(r2, r0, 0x0, 0x5000) 04:01:54 executing program 2: r0 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000000)={0x1}, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 04:01:54 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xffff1f00) 04:01:54 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:55 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x30) sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x8944, &(0x7f0000000200)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe, 0x1, 'wireguard\x00'}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}}, 0x0) 04:01:55 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xffff8000) 04:01:55 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='timerslack_ns\x00') write$FUSE_DIRENT(r0, &(0x7f0000000280)=ANY=[@ANYBLOB='0'], 0x30) 04:01:55 executing program 2: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) renameat(r0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000240)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000400)='xfs\x00', 0x0, 0x0) syz_read_part_table(0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0xa0080, 0xc) pipe(&(0x7f00000000c0)) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) 04:01:55 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:55 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xffffff7f) 04:01:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:56 executing program 3: r0 = socket$inet6(0xa, 0x80803, 0x87) sendmmsg$inet6(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x5}}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000080)="db0429ee", 0x4}], 0x1}}, {{&(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}, 0x1c, 0x0, 0x0, &(0x7f0000000500)=[@dontfrag={{0x14, 0x29, 0x3e, 0x9922}}], 0x18}}], 0x2, 0x48104) [ 702.212811][ T28] kauditd_printk_skb: 40 callbacks suppressed [ 702.212872][ T28] audit: type=1326 audit(1599451316.165:1865): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13603 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 702.242554][ T28] audit: type=1326 audit(1599451316.165:1866): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13603 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 702.265879][ T28] audit: type=1326 audit(1599451316.175:1867): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13603 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 702.289673][ T28] audit: type=1326 audit(1599451316.175:1868): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13603 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=328 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 702.313188][ T28] audit: type=1326 audit(1599451316.175:1869): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13603 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 702.336561][ T28] audit: type=1326 audit(1599451316.175:1870): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13603 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 702.360093][ T28] audit: type=1326 audit(1599451316.185:1871): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13603 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 702.383300][ T28] audit: type=1326 audit(1599451316.185:1872): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13603 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:56 executing program 2: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000025c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x66) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9, 0x1, 'prio\x00'}, {0x18, 0x2, {0x4, "0000000000000002000000fffffffc00"}}}]}, 0x48}}, 0x0) [ 702.389517][ T3084] blk_update_request: I/O error, dev loop2, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 [ 702.526965][T13598] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0 [ 702.539148][T13598] XFS (loop2): SB validate failed with error -5. 04:01:56 executing program 1: r0 = socket$pppl2tp(0x18, 0x1, 0x1) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) copy_file_range(r0, 0x0, r1, 0x0, 0x0, 0x0) 04:01:56 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xffffffa1) 04:01:56 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 702.699015][ T3084] blk_update_request: I/O error, dev loop2, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 04:01:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) r2 = creat(&(0x7f0000000240)='./file0\x00', 0x0) write$cgroup_type(r2, &(0x7f0000000100)='threaded\x00', 0xd6f0e2de) lsetxattr$security_capability(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)='security.capability\x00', 0x0, 0x0, 0x2) fallocate(r1, 0x0, 0x0, 0x2cbd) 04:01:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) [ 703.106748][ T28] audit: type=1326 audit(1599451317.055:1873): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13626 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 703.247849][ T28] audit: type=1326 audit(1599451317.085:1874): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13626 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:01:57 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xffffffea) 04:01:57 executing program 1: write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x49, 0x0, {0x10, 0x2}}, 0x14) syz_read_part_table(0x0, 0xb784, &(0x7f0000000040)=[{&(0x7f0000000000)="0201050000000a000000ff45ac0000ffffffbf00e931190000000000000680ffffff82000000e100e2ff877700720030070085ffffff00000000008000da55aa", 0x40, 0x1c0}]) 04:01:57 executing program 2: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept4$nfc_llcp(r0, 0x0, 0x0, 0x0) 04:01:57 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:58 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0xfffffffe) 04:01:58 executing program 2: set_mempolicy(0x1, &(0x7f00000000c0)=0x476, 0x8) r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={'syz'}, &(0x7f0000000480)="b836c1a2475414dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3903dd4a71c2ffe1fd93f00000002d2550829eaa94350000000002000000000000009f435fb30000000074b50eaa3c15525e8e198a29e5c0d0c60000ce0637ce0000b4ec24c53d3f661ff5ff70e48884ca000018cea71fcfacf40d32e425561f6110fd7bc63ebe1859640ad4298a1604000000a2a9d5ba9ff3c00973f4772539000000000000000000261849a6", 0xc0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz', 0x0}, &(0x7f0000000040)='u', 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r0, r0}, &(0x7f0000000600)=""/243, 0x3e0, &(0x7f0000000080)={&(0x7f0000000180)={'crct10dif-generic\x00\x00\x00\x0f\x00\x00\x00yQ\xc56\x9f\x00'}}) 04:01:59 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:01:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:01:59 executing program 1: openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f00000023c0)=[{&(0x7f0000000180)=""/4082, 0xff2}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(r0, &(0x7f00000017c0), 0x218, 0x0, 0x0) 04:01:59 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmmsg$inet6(r3, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000000c0)="e6", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)='&', 0x1}], 0x1}}], 0x4000070, 0x8000) 04:01:59 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x3, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}, {0x7c, 0x3e, 0x5, 0x2}, {0x8, 0x8, 0x3, 0x800}]}) r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080)='gtp\x00') sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r0, 0x400, 0x70bd28, 0x25dfdbff, {}, [@GTPA_VERSION={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8800}, 0x1014) eventfd2(0x0, 0x0) 04:01:59 executing program 2: ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0105303, 0x0) symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00') r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x4e1240, 0x100) mkdirat(r0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x6, 0x0, 0x3, 0x75, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0x80000000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, &(0x7f0000000380)=[0x0, 0x1], 0x2) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23}, 0x1c) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="3000e96000010000010073797a3100120000b88c63fe3f7fede766ebf42e571b9c8cfdb2da066bbd630d2974a56fcfbd947e6ab5cf69962d500efa7955af89be9cce05000000000000001f3235f5a86a10d68178fcf272b19ceff673b325877066d925f8e3edb2fcffffffffffffff39bfb4f627b7fecd04f197117550bae7bd0cbbf966788a0c435d0b739d8246dea37adf1757da6035374080dc082bc23ed59d6f14521ab0d7f6c2875e00e9746f7c4e3b979fee7176539271ab29d0b6d52554707cc04952cc0ce19eb2b023ff3c6ac48533730b9532ca0bb0bd926ceffb860011cb6a92fdbf24c7e8f834b02981e4669d2501e039e06346ea04e3faa146c11a9df0b0974a1fa04cd4d7ac6074d030e53553d4ace8ef3e687200003768e16040e2dc4d4182e2041531d0308f5f7b7ff9cd2e5e4f9a2138899d064020c339efa2c8f0c234deda1d5862f11c9291e2b8e89fe6b74d99b5cfae0e9347c3b6f23a6d5f7c612b3552f62124baf38e307500176f45d7472498c043224b7a24234a0fcdcac463f245e8560f3e310bcbfa01a215d2420180440b07866620e78d2333ae17354b073af512f7f5f01cae87dec11ad68f4a6274ddf1357cbe6e12028d07cb689ba7000000000057c6972eb2dd37c096f9081815a06529ab469e207e5d1ec03e5b119881b0f4576807a43c07669ee3b727c86fd80f1eaefaaa7ed5eed1745b757316c8121f2069ed587b38e1736c3c0de90696f41d3586"], 0x20}, 0x1, 0x0, 0x0, 0x2404c0c5}, 0x44084) syz_open_dev$midi(0x0, 0x7, 0x284082) listen(r1, 0x200000000002) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r2 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}, 0xe750}, 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, &(0x7f0000000300)) prctl$PR_SET_FP_MODE(0x2d, 0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000003c0)={0xb, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0x72, 0xffff, 0x3, 0x2, 0x5, 0x8000, "0a57bd78e372ecbf50bcc62552914557ff97123b56c4ecb72c16726421a5244e372ffbc12e84a64de2f23d29d9aafb42ff790e5fa4268cd949efd89d799d1ae34e9c36271cff4835b0b3fa931b45d455c518280d0cea8b620d327230f7cd41450398cabf2d3e083ab99eb702a507e8e8df2f"}}, 0x18a) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) 04:02:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:02:00 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) ioctl$SNDCTL_SEQ_GETOUTCOUNT(0xffffffffffffffff, 0x80045104, &(0x7f0000000080)) open(&(0x7f0000000040)='./file0\x00', 0x20000, 0x84) eventfd2(0x0, 0x0) 04:02:00 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:00 executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000400)='cpu<0xa||!\x00\x03~\x01\x9c\xd3\x0e5\xa0\x1d=\x04\n\x1c`fo\x8d\xccm\\v\xfd.\x9e\tbk1\xde\xea\x1b\r;\x81\x84\x87-X\xb6,\xc5\xb4\"7&\xb5yt\x82\xfb\x1d\x83\xf8.- \x00\x00\x00(\xe9`D\x01i\\\x8dl\x86lh\xa8\xfc\x80\xde,Kt\xf4#\xc5]Y;\xc16v\xf9\x89\t\x06\xbe*\xaa&\xbd\x16xQ\x8e\xf3\xd6\x1a\xfd\xd0\x04\'y\x9b|\xe4\xb7\bE\xed\x97\x80s\x19W\xb7[\xf0%>MM\xf5\x98\xbe^=q!\xa6\x0fp\x012\x00\xbb\xbe\x9dX5\xafep\x10R\v&\xaf\xa8$\x7f7V\xedLJ4\xcf\a\x01\xd5T\n\xca\xc2\x86_\xc1\xce\x8d\xedbS\x8d\xe9t\x82\xf41zwr\xe6o\x88\xe5\xe3\xe7Gcx\xc0\x91I\x01\x00\x00\x00\x01\x00\x00\x00K\x9e\xe5[\xa0\n\x0f\x04\xa6\xb0sE)\x8a\xd0R\xc3\xc1,b \x1c#IRz6\xfeJ~\xda\xd7_\xfe\x1f\xe5\x86\xb1xu&\xfb\xf2\xbf\xe8\x7f\x91\x93\xab\x05\x004\x85\x86l\x8d\x00'/289) 04:02:01 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x2, 0x87, 0x8, 0x2}]}) eventfd2(0x0, 0x0) 04:02:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:02:01 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000540)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4a06b29e220dc28dac72599456d464419e5b2fc70b72c0bb8e90f61cc4e6f3fe2d1dee18f638ac947b5e036a3287c84ccc727d6ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df9858837458a4ca03767c69cee1b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6b652b1673773ae3cab8d7674c6c4dca2f1b4d745fd95c41f9d441d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e888961cb43e438c4e41ae43ea118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd9b5a759a703e71f358e11ac8e13df15d792e604a4f279b3bd6621bdf2c17bc0400000000000000ff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11a755761fe46169b2b5b8cdedb695cc425fe203d2f2655a76865c2cb4e2470fcfb1248c0add5431a7fbcb0ef4f66809af93a09fab1daae4b518d7a5d95a017864487366d6d7ee7bb00200000000000000c60fca2e2981b22d08f874e0a9cb6fca78d6f1b18fe380df4bf024f120bd505d82033f2fb7d8fc9e0d773294e097e293db58993c0024ab2fd8e5e7003af92d11de48e8b4d32972cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7ccde24f18e4bf7156edc4ef81f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f83074192c48c63384f52b8eeb70571e5bbb3e6d2b5eba52bee6f81968981811f832d064048c0e0bbe46984b2f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f088925e872ef8b4f31e6f57ba631baa729031aae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8d0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc349ab96e73d2060acfd8145e4a5851bc4a51ab87068468d3ba396d6fd6741fce0834c65c5ad939d7795f3879baa88bd0c84892c97c80987e5c7954e9f3694d116b01ce0b8ef953de70e7ce0311c8b018956f8a42ca26ab295f1ecf617a8dc38e525f415a1bd46b38845ebca04061bacbf627f798c7f520078fee48f83b5989543729e57a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a314a6f0b9352be92986d63263b1aa5264cb4a82cf083de3b4ab6368e95dd4fdf6710cd4a79651dc3e1e056c3ecd6b51f30663cc256094c840662e09ab831b7bae9aec6d7259250016795cf91f12dbb72fc321c3dfb5f9181529906b43f9d6b8ce9fad13e1085cafd41183908173e16e40037681835aa080f34b87bba0be276340295062f671e933292e32036cbd03f9a4cd660a94374b013e9f32a6bfb65417b537cd8f67f975358140384a1ca0537fd3a2a2c37006e4b30ffe469bba4251aa3ba4626acd810000000000000000ee37c63f7f295579f542b12f248f4b6ba14448abab540fb7d98a081f3d3c946455d61734855005bcc876bd15a76dd552f9bfeb091a4e82a5d11033e528b133103f5592d5684a57dd70556818ea30e03dc2a6eb69423e4f27034351809da4e5002aa346d4d3e0e2a5a9ba1130b4fe983fc344c1de9f536cff06187599523cbddcd8ffc2d11d5db7712be78ff6e65238bb23ea2a979d3e8ab83857a1607dc612f0d8449226897d4d94ef0ddf9794f01ffe2a819c3ae05ff5ff1154a20e223f1472f4f56031fec54200122473f87e6c8cf816433d5157c0184aadc21aaeca04c6f4375e9bd40bd09b00eb19f2bc16d69320895e406e6cfa20a691b610c187a15d691c1a32f5ea7b500f627a89709c0b5ac029edc213fd54c73cb5105a1516d8f771459600d2e952a02802d82935b7"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="bf16000000000000b7070000019ce0ff5070000000000000770000000000000095000200000000007ae9413df8ff0af5aa35339f4b382c4caf9db6fa7a9b857b7aabaca1d0e92b2ff50237440040fa00af1ba23d699b89e890c1000037bb00000000000000000000ac0e064c27bdfbd30100000000000000dd76bfdc995279d64072aacbb0595b95060000009ad3bf16a461e48e955a772d4062093f4cb1c3d9532abad2085401f098eb039ae4f4103699b9e079227e98cc07c09c1a72cb6d47cef1595e84d21951010f0274b1445a2ad6a7ad73827cccc21842599e0ae7b91f0b878b9267aa0b28d69a74ffdea613e892f0f9ff94e68f994b409760f359401d142f90b6ad68e4cb6dd65fd7bf3124702c6b1c2aea53ee0cb83ff1807459c7cba77cedca0bff6d8370c33e2bd9cebd29c152ff9dc8c2772fe552fecfcd1778b0838100000031d521207e5223"], &(0x7f0000000140)='GPL\x00'}, 0x48) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000630277fbac141417ee", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28) 04:02:01 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000040)={'filter\x00', 0x29, 0x4, 0x4e8, 0x108, 0x108, 0x218, 0x108, 0x400, 0x400, 0x4, 0x0, {[{{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:setfiles_exec_t:s0\x00'}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x538) 04:02:01 executing program 1: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) bpf$BPF_LSM_PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x6, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, &(0x7f0000000000)) 04:02:01 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:01 executing program 0: ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4004700c, 0x1132) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:01 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000340)='net/protocols\x00') preadv(r0, &(0x7f00000017c0), 0x315, 0x800000, 0x0) 04:02:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000180)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) 04:02:02 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x6c, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DEST={0x54, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@empty}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_TUN_PORT={0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@loopback}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6}]}, @IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x6c}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2e03000023000535d25a80648c63940d0824fc60100002400a000200051a82c137153e670402018003001700d1bd", 0x33fe0}], 0x1}, 0x0) [ 708.312474][ T28] kauditd_printk_skb: 24 callbacks suppressed [ 708.312527][ T28] audit: type=1326 audit(1599451322.265:1899): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13741 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 708.342169][ T28] audit: type=1326 audit(1599451322.275:1900): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13741 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 708.365334][ T28] audit: type=1326 audit(1599451322.275:1901): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13741 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:02 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) listen(r0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000040)={@private=0xa010101, @dev={0xac, 0x14, 0x14, 0x1e}}, 0xc) [ 708.897850][T13759] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 708.906236][T13759] netlink: 258 bytes leftover after parsing attributes in process `syz-executor.1'. [ 708.915683][T13759] netlink: 'syz-executor.1': attribute type 2 has an invalid length. 04:02:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 709.020710][ T28] audit: type=1326 audit(1599451322.365:1902): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13741 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 709.044104][ T28] audit: type=1326 audit(1599451322.365:1903): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13741 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 709.067415][ T28] audit: type=1326 audit(1599451322.365:1904): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13741 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 709.090845][ T28] audit: type=1326 audit(1599451322.375:1905): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13741 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:03 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000004000)={0x0, 0x10, &(0x7f0000003fc0)=[@in={0x2, 0x0, @dev}]}, &(0x7f0000004040)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000080)={0x1, [0x0]}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, r2}, &(0x7f0000000340)=0x10) [ 709.114082][ T28] audit: type=1326 audit(1599451322.375:1906): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13741 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:03 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) [ 709.293372][T13761] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 709.301621][T13761] netlink: 258 bytes leftover after parsing attributes in process `syz-executor.1'. [ 709.311262][T13761] netlink: 'syz-executor.1': attribute type 2 has an invalid length. 04:02:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_WRITE_FIXED={0x5, 0x0, 0x4000, @fd_index}, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x14, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x810}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000012000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, &(0x7f0000000100)="ffb10c10ba4300b0c866b94d0900000f320f0133f30f01e80f69e8650f01c883dd000f0131ba400c3ef20f2c2b66efbafc0ced", 0xfffffffffffffeb4}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000200)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000340)={[0x0, 0x0, 0x0, 0x0, 0x200000000000203, 0x0, 0x4ca]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 709.975710][ T28] audit: type=1326 audit(1599451323.585:1907): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13764 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 709.999268][ T28] audit: type=1326 audit(1599451323.595:1908): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13764 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="01000000000000000000080000000800040000000200cb66b94f15b20147dba6"], 0x1c}}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) add_key(&(0x7f0000000000)='.dead\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) 04:02:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) 04:02:04 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x2, 0x0, 0xff, 0x7ffc0001}]}) r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x3) eventfd2(0x0, 0x0) 04:02:04 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x139}, 0x48) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:04 executing program 3: r0 = getpid() r1 = socket$packet(0x11, 0x3, 0x300) r2 = dup(r1) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r0, r2, 0x0, 0x0, 0x0}, 0x30) 04:02:04 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f00000002c0)={{0x1}, 'port0\x00'}) 04:02:04 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x274, 0xec, 0x118, 0x118, 0xec, 0x118, 0x1d0, 0x1fc, 0x1fc, 0x1d0, 0x1fc, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0xa4, 0xc8}, @common=@unspec=@STANDARD={0x24}}, {{@uncond, 0x0, 0xa4, 0xe4}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "aae10f3c8ba2f95e5ce029b11252e10b99b35216c29885200fc7b0f44508"}}}], {{[], 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x2d0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000300)={0x2, &(0x7f0000000340)=[{0x200000000006, 0x7, 0xfd, 0x7ffc0009}, {0x5, 0x8, 0x4, 0x10000}]}) eventfd2(0x0, 0x0) 04:02:05 executing program 2: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10) getsockopt$inet_int(r1, 0x10d, 0x97, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 04:02:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) 04:02:05 executing program 3: r0 = openat$mice(0xffffff9c, 0x0, 0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0xa000000400000005) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2c304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x8}, 0x1, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) setpriority(0x0, r1, 0x100) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=0x0) ptrace$peekuser(0x3, r2, 0xe4) ioctl$sock_bt_bnep_BNEPGETCONNLIST(0xffffffffffffffff, 0x800442d2, &(0x7f00000000c0)={0x0, 0x0}) r3 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r3, &(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}, 0x7ff}}, 0x26) sendmmsg(r3, &(0x7f00000000c0), 0x2e9, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x0, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) clone(0x1c00ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000840)=[&(0x7f0000000600)='(\xe0\xf5\x00', &(0x7f0000000540)='system\x02\xe8\xb0C\xc5k\xe3\x06\x00\x00z2\x89\x02\xaa\xac.0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r2 = socket(0x10, 0x80002, 0x0) io_submit(r1, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e24, @multicast1}}, 0x9, 0xffff, 0x5, 0xfffffffa, 0x8, 0x5, 0x7f}, &(0x7f0000000100)=0x9c) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000140)={0x7, 0x1, 0x9, 0x6, r3}, &(0x7f00000001c0)=0x10) eventfd2(0x0, 0x0) 04:02:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)={0x1f0, r3, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x1c8, 0x8, 0x0, 0x1, [{0x1c4, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x194, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}]}, {0xa0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5, 0x3, 0x3}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3f}}, {0x5, 0x3, 0x2}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}]}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g='\xf4M\xa3g\xa8\x8e\xe6VO\x02\x02\x11Eg\'\b/\\\xeb\xee\x8b\x1b\xf5\xebs74\x1bE\x9b9\"'}]}]}]}, 0x1f0}}, 0x0) 04:02:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)) 04:02:06 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='cpuset.cpus\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x20) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0xc0c0583b, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='cgroup.controllers\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x401c5820, &(0x7f0000000080)) 04:02:06 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) fcntl$setstatus(r0, 0x4, 0x2800) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0203062110"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 04:02:06 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0xffffff77, 0x80801) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000040)={0x106, 0x12, &(0x7f00000001c0)="2990e2f6792f60ad75e805367811b9b3bf82741aa78444b033cb84613fb2e262979e21c5d93808cef4b5c966af987c269279a03b1cb78f7a0409e871c9840d4904c057c2ce816173886bc76143a4e97a3ad637e8d584c96d87c638e6d5ea83534ddf157584b22c035d168d8e9e68a950d5fbd720bab1cea92703bd138d8347d05c6193c9548fb3e9542bfa5d3d215c995a5d26c4bd48d5d36c9c3e3120446cb2f6444aeccf6b8b20a6898b7deded9a5433bfe7d06b093d2abe939b2ce8cedfc4e61d8702d37fca47f759eeaef0c198d6eb66ba15cb416f4f7eb77100fa1baaafa3c7b69f710abbd51834696bb0f4442de67c446fb64428f487e6dbcc6e5be5816ff9ca93abbaf6077261c4822f31ccb43bc643d0508d9d5e24e374c033d5b769d6eed87f45d6fd0b273a97ab516f0d1c212989b1b409cba19873a478e9c53087cc670cb92e2808e93b4aa6462ff68b81deb9e3adbf57eaab1bb062449a2802ea0a1eacb62eac56eb4a2e61d585484d07d41794f04ac273203514bb97f752881f3db4a00a1a62971db4e75ae937f19a0a66b1ebf2c1093d3bc1b490d2278dc6b8c2f6d52bd3c7cf85e48760d9c6fd10cddceded9818fbc96d533c460e06a45a929dbeae2fa2e50f9bf9331c5e0f005811d16916008733f81f7de921f9ec3d52f2fd2e9a1b13274caa5bf8a72e7412b885ef556a643441ee438b3d36c9a03b70209c46f1ac3d5425d966ea1165bf5c9741e15f680951d3d3b81edc01d5b372a4b5e611a5d72731fe354a38755f5527f0ec38682f4cb448167fa45c6976b3eb941561e4d1ac1b9c3c3b8cefca77fcc42fa11751d4d56d606161eaf9ff42f31ae6b411c0b05cdc20045f9420e7da5653dcc16c7f39543a735d89b6ce8fa18868aae4a5f5dd6d28529167d6ff7a6b3073791a98deefbdc1a9dd9b269c59246d443a9fcabd73ba74227dc6a78915d4761107008ef9dfaab09c35564c1c6d35c34a505eacf263724b45fe2684e0cae476b0f5308d74df68e0708f379eb746aae257d1b47364336b8f3b1d4d4b77475f1b48d6ad5024f35764e9fab8479a29c773e1c5aec93a413ad0c06194cd17bb24b73b8fa3df83175cb67a7fe36c0216fa339f217d5f68613c891b1acb120c8af2974c498f1ca027701897807dedbb396f7b00d794b4ee07a0576f1d2fb30dc71a6af7187a91a55487f04491c42268bb38d3e1469e9be2e480906468d4c3af7b2f73c0ce217b559000ea7a7e294309e11ab00ebdb2b044ff7e2a387f85c44e7ae1119584cb0e2fa69177f3f32ada7b77633160fb4681a5971de6ca9319e6cde2891bf9c51858ae6b33115ecd987709cdb0fc78fb121f3baf0d5606877f84aef2f37e1051247640e2ad35be65333a4078c137fecf32e42e7ef9cb778e431ff9a07e9b7c6137665f57f474cd77de01db496fece10098"}) 04:02:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)) 04:02:06 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:06 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/207, 0xcf}}], 0x1, 0x0, 0x0) clone(0x4000008006ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/udp6\x00') exit(0x0) preadv(r0, &(0x7f0000000500), 0x37d, 0x0, 0x0) 04:02:07 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc0285629, &(0x7f0000000180)) 04:02:07 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0xc074510c, 0x0) 04:02:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)) 04:02:07 executing program 0: clock_getres(0x7, &(0x7f0000000040)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:07 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:07 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) creat(&(0x7f0000000140)='./bus/file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000200)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0']) chdir(&(0x7f0000000340)='./bus\x00') setxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f0000000440)='security.capability\x00', 0x0, 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) [ 713.913223][ T28] kauditd_printk_skb: 28 callbacks suppressed [ 713.913364][ T28] audit: type=1326 audit(1599451327.865:1937): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13886 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 713.943260][ T28] audit: type=1326 audit(1599451327.875:1938): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13886 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 713.966536][ T28] audit: type=1326 audit(1599451327.875:1939): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13886 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 713.989860][ T28] audit: type=1326 audit(1599451327.885:1940): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13886 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 714.013082][ T28] audit: type=1326 audit(1599451327.885:1941): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13886 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=266 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 714.036441][ T28] audit: type=1326 audit(1599451327.885:1942): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13886 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 714.059603][ T28] audit: type=1326 audit(1599451327.885:1943): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13886 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:08 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) openat$vicodec0(0xffffff9c, &(0x7f0000000040)='/dev/video36\x00', 0x2, 0x0) 04:02:08 executing program 2: set_mempolicy(0x8002, &(0x7f0000000040)=0x35e, 0xb) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x14, r1, 0x209}, 0x14}}, 0x0) 04:02:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x81) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = dup3(r0, r1, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [0xc0000100, 0x0, 0x3, 0x2, 0xc0010001]}) dup2(r5, r4) 04:02:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000400)={0x20, r1, 0x703, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}}, 0x0) 04:02:08 executing program 3: r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x38, 0x1410, 0x1, 0x0, 0x0, "", [{{0x9, 0x10, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x6, 0x33, 'virt_wifi0\x00'}}]}, 0x38}}, 0x0) 04:02:08 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:08 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) r2 = openat$ipvs(0xffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r2, 0xc0bc5351, &(0x7f00000001c0)={0x280000, 0x1, 'client1\x00', 0x0, "0ce93f80b4b1f508", "a40624277c95166bddbbca7ed8a8bd7d02281f9d07335e3832bbaeb351f903c5", 0x3, 0xffffffff}) getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x4) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x10, 0x7ffc0001}]}) eventfd2(0x0, 0x0) [ 715.170072][ T28] audit: type=1326 audit(1599451328.665:1944): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13908 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 715.193659][ T28] audit: type=1326 audit(1599451328.665:1945): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13908 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:09 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount(&(0x7f00000014c0)=ANY=[@ANYBLOB="2550ed3a"], &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='afs\x00', 0x0, 0x0) [ 715.216991][ T28] audit: type=1326 audit(1599451328.665:1946): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=13908 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:09 executing program 3: syz_read_part_table(0x4000000000003, 0x1, &(0x7f0000000080)=[{&(0x7f0000000180)="020181000fff0a000000ff45ac0480ffffffa600e93119000000000000068017000382ffffff0a000000877700720030070063000000000000ed690000da55aa", 0x40, 0x1c0}]) 04:02:09 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000140)='tmpfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={[{@mpol={'mpol', 0x3d, {'prefer', '=relative', @void}}}]}) 04:02:09 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = msgget$private(0x0, 0x0) msgsnd(r2, &(0x7f0000000040)={0x3}, 0x8, 0x0) msgsnd(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="ce"], 0x1, 0x0) msgrcv(r2, &(0x7f0000000300)={0x0, ""/210}, 0xda, 0x0, 0x0) msgrcv(r2, 0x0, 0x0, 0x0, 0x1000) 04:02:09 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:09 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@nl=@unspec, &(0x7f00000000c0)=0x80, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000)='ethtool\x00') sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x38, r2, 0x1, 0x0, 0x0, {0xc}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000001300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x111c, r2, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x72}, @ETHTOOL_A_LINKMODES_OURS={0x1014, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "e837e083a4596fd7a9fbc3c3fbe5441b9f6455eedd6a09e6ffdeb551322c7f055ff3d523095ae38e4fe60980571bbbbe534150d6248af05457277a5ff99f240435ae7b47cf44d7b49988341eb947a3affead9a201f10683afaf5988f2911ee735c46b29758a13235021e56690680d8690d2ec6b80c0bfaf1c820b6ccedcf79b53b5f85221a631a9fc3bbe6d8654a31338423189f2a18d822cdb127a02342f36f2ad981d5de2f8da27d3fd079b706ebf941da9d16dbde37f17d01a7509bdb4e89ca8cac147144fe868ed02b8baef4be68d0146226da33cb17a93cabdb3b356d0d54af8988bf94a3eb074b332c3b29e16b2eaf35a542a4956d475aec03bae80055c97a134cca6ae22593e9dbea354d9d19233aa8ff97bcce27247e79dbce59a59d4152fa20ab2f0efc326262427d7cf1fe9962ba7655f2e3af1e5c8b16a5e726254e552e9fb6bebff0e6083d84d3fbd60aef8786573b5d614c61c57b3c86ff64e94218cca9ac795e03f4884658fbe4e4905b0181eed2449679f95acdc82236a38a3f4d33d0456fda44d0d5310ded07d07469e4fd05d1fc24c50dc6b9367496dc9d47a9fec99b841a526fd8228050b0dcda6f9a7c095e913581b2747b71a11af8095c5276efe5a6d7547c8ad13cf64d7504b1a609981a238b97d5625013364b6c1cbce1064bc541664fdc3eb10e8092e50b3780ae1004aa5da93a1e94cc12d41c52501f4f904d97b778c36a86027da44abfc6a12700c698ced2497dc7f432014e1589b32bd4263d5e1cab71d9ab4016a8b203ba4eff6d4a3d540d50115bb3ca5e6363e1219f595030b2782fbc3ffeb74d1743e4061cd676b8c6563f71199c96f6be41cf0a2ab1aa340b4824887622cb1a034d9706a914b65f5ee2a9d978847ae9448431248b48b5d2e56003da25e4def5f7cb8f24585b35c4326c4a352bac110c0523e42bcd4aa9b0be4e41e5727e1845db4ae1c91dd904be154808684b923f2338202131d4ab90c6379f09dd81f179830637220a83fbdf97a0743356be0c7002b06336c924fb35c24f52bb3bb65e677ff040d48030639d63340103ded551740210e4b8568d3f914ddbe80b974cd3fdce5d2cee362b6f848835796bbb21decc2d154c72b59945c51e5da3740875e8f06a1f29ecd90607f2540858564d14e1ad23fc618d430e93103644a0407d4c8594368d1398876343eebe770c64327728ff0d16925630d087b99b4caf3229a7663aaf1af9e9cea2e77fd25989c10056d0c7685c5648b8b2d923b392c044ec57f4757982a63ea77a7d2c65f142eb19800d0a03444cfa2eda161a26aa3baace0827821bfb8caa3c662aacf51183c97e6c71e30187f3178b75963808b39d8e60632f76cf7f3aa2100319420ac0926dd200b89404c2536bf350f2d6246775a64043c6dde56b95613b9a201ffbd0150bf2b04c3b05c69a3e9d1cb47ef0d30c23832f852d4e72aa61c2b41e7412004f647c3966cc072ab0a3dd1bd246d905bf4ba8b16e53d0debc560ad0bcd15cf3c0f4883ec1550d26002f379f476e4231460965cea7c7b95b7d109d47b8f0b97063340d8f21a1e686ad6329d4fbfb6681e29267af1b73bfd3b8ba57f768568be5c977275ca9b54f39cd25bef5df459b7dcb626c416d78796c16a44725fc1777c0e3d1a09f2253d9dc64c8dd00caaddede20fe2b18385a22472853170550cfe07deaadc36b9f1d415dcb97d4ed115fb73d360c40a1378ce64f1ffac09f2bf696eb5d7707e4de19ba53b15e2d59b9ec276ac46d93b6deae8ccf5277c34f85b70891b1abd1ec54d2e2084fc02e8643d1de4912fb7e71c8911650a8635b7721739338db756e166ea9666e93dc366e44e5acb2092de56eb3ead23e4dbb26d8fb69e64d38150ab42271043415857a05057f20afaffcaae7a640464dfb80609b3daba2433425deb642aad79d14d39dddd905cba27cfb80e18defff1275e48e98598430e0ed9db4457c48880c456e539dbc87b32f5ad2ed104c14d47825a72cc5e8344ef4d418774eee9175dbf95ab3db35335b1801601e253458e1ec75eb2b20ef8925ea42537553184571b59e59239fbeec1b90af14542aa54e383b479a3abc6ce3b941ff37631068a0e83c97d7ac9ac3de88563049cefc5a579c619158d8aa851ede6a56ddeda0c1e2f2d8ca8151da69ab61443b7fb4f86f70cd6fb28b26593239e362129068f055ca19096734d9f2af292631c73bd89e8c3e29a010a4df4fb04ea63e20dc2d9e03b7ad26a9410b19ae20d05cf47858d09107dc999551209b25014f36bba2acf722ac07e08b999d141a2d7faf66b85464e4901c82ffd687bc51eb061b06f934e7ad9419b0b5520061df3289f02c954f23984c274562503e106e187b7324e311ae665a3bd4a85d4773332a6595fd39e71f15a8ecf2eb96a26bccefa4bf4c0ff040c61adf8e4f9ec0271c550b077daa0291c7d719296ff5508cf54ad2e507d670fedff5870660058f1902086084a46c78d088e10dffe1dffda9b13a9f6b28d0e9f150333400296f59a35864fcfe6982f625fbe3291b2be286a2aa49284cf1ffeb5316b1cd9807877938b8e977196e5232a07c3b19390428d405e8461583a8cf20b7b74792dafe3efd983cd8b96bacb3920b4c8f87ff9e6d9091d0b7b18208c665ada3740f2c59c3d7646c034a61313914758938fcb044e710be88ae665b24d5cec30e4affb05e3545cca2fe9e0f48ec67e7d17fd3666bdb2bfbcac680c206364971949d803dcbdd55448f8fc72b6fcecab7efaca8365508f9841fd66d9abadcf029c9ed4500c589737b71989120bacdf07e2fc62d5472de371aab4c36f8a432ef7fda4fe45e98c2920c14a9792db8f4e7bd12b46eadae8cca774e50fc349d1bba6762fdbd065995ba33dc0d52a0cc47f51d49311fa9eb558f482d7d4e3f52dfd50e6b6c98c7744f81448fc5dad860462990a24fec14334143e61b722b7650d2639a416578b110b0c397e3709d45cd77cb7a0f53a82433d7e883b71a431049995453ee3e685180ef47f93d32fbed02bcbfd51e70e3c2b8801c099d4f655cf29a29693fa34264e41dd9c0e8aedf2d96fd735b0137ea10543d85f61a483dbeeb758a6b9f7ea57da777f4da1c9b22753a5e07db797036168eeb787b46dfc583cd1cc6ec63f68d34d0f21d13b19f85d4520e41d4bae66f45d74d45c56777b39719efb59d134976e3a7723f164d343d628df45588cb029547afd7d20125901c9e10c9a34d174d89160af500fea2b4e5fa6e843ad00f4ef0a99dfc00862280cc9fb0bc87bc3828c06e48ac7cab9e3885ccea54709ce6849607bdc5dc768f61abe2afd14409862a564d19c25a46ee7bf6cfe2c9a2eb7c4e645a910e5974d283dcc515b7681cad4353d2938c7a41e7b419ac923fbe4f37175a94330692f143667eedeced0fd686eb09ea4931b8d5f31569d4af243aa6a559dc468cb922c106fd3287fdb7b42aa29411e94e52d6c1ced4b3e9727e81d7fb267d43ea3808c592cd1d2a3ba00caa4f899d8fda6550e47e9040f7bce2914f2560a6d21be1b1a6c118faaaa921d24f1fb996cd7b1d19e8c40587fb8481d7861ce6b0e2bfd26e0adccdf64399d766ea254c3f6024041c6290edbb8c6cda8192fabf84df1f047920d4104ea0d75eae04bd554fb6321077721eb3a0876da03bb783667c334d80c628f8d4312afed9d44beccae22eca4fd1f020098e63d6968e57bdf4d705d9e43aa997ebb094eb9d3004e93954beef4b4135822524a80d0bd5b14dcded3f2822d5a7bf35f46b8c684d29bcd0dfcee3b44b21b71d3ede33167eb12573003d2b8d17d3471e8bbaa612bf7b0b1d0bedf74f500632a44200fec931c37e4bb844c037d58edc12e4fc82c6d26f166377fe33323145f78dbb20e7fb762a1b334b5510f76fee33e4ed3391e64bd0f268c48bf0f5a19955a04691a71d7cd4860ac9eb0b0013343101c473710eed7604c2645859b4ad8aa5ff4331a2a0b2df5b5c63cd4b9d7f6241567089a832c7e48888f354d13d172bbf5ae4a0af193368ea2c9a270378d6deead24bba76223d4e00f94924a68c96135c3637bf1e54629f4d811191059d51f6803ca79e2d7ae4a6a5460be2fadae2dd5d7de61f19266d3f53dae3f1baf0d263b64ec5d46594c80dda0d3b36eba5ce73e04402dec0fd0434ae52d89c94c02bda8363ffedaf781f04db7cc01a0086d3064f3eed6e8349fe3bc970789cfb50c4238a0f6958b766e5df07d11d4bd13b78bc42f5bf773c41160a8770f7ab05c62475ab757ba70df6d1fc16251e9487c9cc62039db89c57cc8df02aceae504412b7a896872843485c481e6898f3173de1c2e109e5ea36f2f3e5e89c82064e9062793f58c32a7fd2af4b0268f8eb3d339c81fef2824e2d6b3982ed452f5a0f3583e3d943ba048ec28168522181f915441d609ae472ced03c4da95a35b1db09f6149673e15379d096843e88ec8ce136962100e2e33cc91479ae0cdf6529252be674fab7edab1dbe7ec72a2a94a39015023263f11756d63374a04b4b74574189b6b2cdc748116e01b89448f1fe9081a2ec65b14be411c7d6843ecfdcf9b3819aff3b306af100d2d80bb34ee8751e2f68e83c864648aeb777648c1832acf511456ea6e338f236604bdf8a6bd2da663fdb6050e7dc92ea54aebd8ca8f670176249219e9c14808f575faf1647980e35bba5a09519e94cd988260c791fc66a20ddb44f136f9ef3eee26dfdc562fb4c14803a81c2a870cc13e3117a48d96735b44efc34a28ab5e3e0b5e013b70a745509ba4b04d71c387a894bacac3e55ef5ceb6c05165752929ca8e53fde29c3ad1d990935bda39f3c7325851c71496399e44f592dd31684423854c5714641939567597ef768fea0ba11d24cccd7b12f15562ecb948ed9114dc463114c56b2ee4c44be7be7164dc52afd80d08c561b349573102286403d5c32888bb0f45069e4742304967b75e1188de7d81fecfe79f2a2c25810ea58baa03c950e831d0b2c9af240e72bfdeb3c1ac47cf5142049e4be1924b203d39c8c2b6b4092d80426dd918472313162d0f5a4ec536efedaa8ae52100986d2b7f665b8a4f9b632408df1582798886baef0c8d0b293b3651eaf13cfea6c44bf8500a63754e547bbf1084b45f08c5349d5c501048d529c7c0daca0a73542035afe5ebc7fb3c0a2cd9308f45dbd875002aae6d8395c7786dfd833c412603024e79a9736e2f7ff9da458cbbc4bcc92d08d8cc9551576c4878130abc82ed8c4c269b37a4cd7e47516600f4e40045196504410b1ef74f5bf92334d9aff0d23fd20c771fbacc0a77e7751671094a320215547b9a84020406e529f2aa25d484a9e492f7cf07099053905969db329a38645526e131cbbacb7936b41f8bd57770e498171e1afb80463d5eaf6cdb491d5bdaaa555ef384dd80f7c07685c42f6b98a38f4cb319d015f96ed2546098df696c72f38efbaf37cab0153b02d97cca523041caaceda55d400c2e8f4fe44a81ae6aa50ab201fd6e882c93e3af6797db142b507ef9d6b736215851daafb2c24f339b66afea9fa9377a6cc8d49c9d90d28bbc8de650552be56772d4a59f4dc9d96c05e74b05e695c40a7af0be3af1ea0a5248081e0cdc12f540bf8567a6794e8b63d83e17e0d6e8b9785516ec0c20d4da32f613c03555a680481109da5d212775ead2abd075584159ae933cc0393c2b0742e88707b821ad02c82599433c3e66b35f2afa31d40987a912aabd786d16e4fe33efab510e7fcec2d09701ba4b897aaaca3bccdc46887"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xf3}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x94, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x73, 0x4, "4012b68f476f0c1245837f9859203f22477594b8410fd6ce39c3679764ec48a7b91770987cb7fd14472867340b5c537ebcab0153c25c173e1c560f36b5e639526e60184e68f31b84a4da7604423d3cb69f604c1c9f83bf8956ca664f54504a13f51a8e080be0af77a3f06c802ca233"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x5f11}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x40}]}]}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x5}, @ETHTOOL_A_LINKMODES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x1f}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x7}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x8}]}, 0x111c}, 0x1, 0x0, 0x0, 0x4040000}, 0x4040000) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000001440)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x8040}, 0xc, &(0x7f0000001400)={&(0x7f0000001380)={0x5c, 0x0, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010101}, @GTPA_O_TEI={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x1) eventfd2(0x0, 0x0) [ 715.995083][T13944] tmpfs: Bad value for 'mpol' [ 716.049029][T13943] loop3: p1 p2 p3 p4 [ 716.053328][T13943] loop3: partition table partially beyond EOD, truncated [ 716.061219][T13943] loop3: p1 start 10 is beyond EOD, truncated [ 716.067601][T13943] loop3: p2 start 25 is beyond EOD, truncated [ 716.073738][T13943] loop3: p3 start 10 is beyond EOD, truncated [ 716.080029][T13943] loop3: p4 start 3976200192 is beyond EOD, truncated [ 716.107069][T13944] tmpfs: Bad value for 'mpol' 04:02:10 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, &(0x7f00000000c0)) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000140)=@fragment={0x2e}, 0x8) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 04:02:10 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = fsopen(&(0x7f0000000080)='tracefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x6, 0x0, 0x0, 0x0) 04:02:10 executing program 2: unshare(0x28000680) socketpair(0x1e, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x32, &(0x7f0000000000), 0x4) 04:02:10 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000040)={0x0, 0x0, {0x0, 0x0, 0x0, 0x1f, 0x8, 0x96c8}}) 04:02:10 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:10 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = eventfd2(0x0, 0x0) r1 = eventfd2(0x0, 0x0) io_setup(0xfffffffd, &(0x7f0000000280)=0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r3 = socket(0x10, 0x80002, 0x9) io_submit(r2, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1, r1}]) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100)='mptcp_pm\x00') sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x50, r4, 0x4, 0x70bd27, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0xfffffffe}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x40014) io_setup(0x9, &(0x7f0000000340)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) getsockname$packet(r7, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) ioctl$CHAR_RAW_GETSIZE(r7, 0x1260, &(0x7f0000000240)) readv(r0, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r8 = socket(0x10, 0x80002, 0x0) io_submit(r5, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) getsockopt$bt_BT_VOICE(r8, 0x112, 0xb, &(0x7f0000000040)=0x101, &(0x7f0000000080)=0x2) eventfd2(0x0, 0x80001) 04:02:11 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) write$binfmt_elf64(r0, 0x0, 0x0) ioctl$EVIOCGBITSW(r0, 0x80404525, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 04:02:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) msgrcv(0xffffffffffffffff, 0x0, 0x95, 0x0, 0x0) 04:02:11 executing program 2: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) set_mempolicy(0x1, &(0x7f00000000c0)=0x6, 0x7f) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x26cc, 0x0) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000340)="0f1917e2ec40f8f03ba2749b6c8e4499020b2582f78cbf2759f7572f02912aebb55021c9bfae0c78d8f4155b6ea6de04961b70380c1e77f73b1d6d21eb5b1d13c8cc5005aa5d05c98a65e1993e292f200f1829ae13d535c53e0f77d27c443f174af5ccc2bc8dcfa5cf3c55aa6b7774b1ed86694aff235f28442136bafe47823eabacc3c64f71734027ae9ad26ae0e61a0260ddc2fc00c8ed6fb1f216bdcdd1944236bd256a86c6cebcde", 0xaa) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x70, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) [ 717.516267][T13972] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=30 sclass=netlink_audit_socket pid=13972 comm=syz-executor.0 04:02:11 executing program 5: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001380)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000001240)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000880)=[{&(0x7f0000000000)=""/12, 0xc}], 0x1}}, @rdma_args={0x24, 0x114, 0x1, {{}, {0x0}, 0x0, 0x2}}], 0x90}, 0x0) 04:02:11 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:12 executing program 2: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000000c0), 0xc, 0x0}, 0x0) sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000100), 0xc, &(0x7f0000000b40)={&(0x7f0000000340)={0x1c}, 0x1c}}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002240)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=""/167, 0xa7}], 0x1}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f00000006c0)=""/101, 0x65}, {&(0x7f0000000880)=""/249, 0xf9}, {&(0x7f00000001c0)=""/39, 0x27}, {&(0x7f0000000980)=""/102, 0x66}, {&(0x7f0000000a00)=""/150, 0x96}, {&(0x7f0000000480)=""/27, 0x1b}, {&(0x7f00000005c0)=""/55, 0x37}], 0x7}}], 0x2, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x374, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f0000000140)=""/85, 0x20a}, {&(0x7f0000000fc0)=""/4096, 0xf2}, {&(0x7f0000000400)=""/106, 0x2ce}, {&(0x7f0000000740)=""/73, 0x3b3}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x40d}, {&(0x7f0000000000)=""/22, 0xa}], 0x81, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) [ 718.239413][T13991] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=30 sclass=netlink_audit_socket pid=13991 comm=syz-executor.0 [ 718.445875][T13959] not chained 530000 origins [ 718.450526][T13959] CPU: 1 PID: 13959 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 718.459209][T13959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 718.469283][T13959] Call Trace: [ 718.472635][T13959] dump_stack+0x21c/0x280 [ 718.479970][T13959] kmsan_internal_chain_origin+0x6f/0x130 [ 718.485859][T13959] ? handle_mm_fault+0x463e/0x4940 [ 718.491012][T13959] ? kmsan_get_metadata+0x116/0x180 [ 718.496410][T13959] ? kmsan_set_origin_checked+0x95/0xf0 [ 718.501989][T13959] ? kmsan_get_metadata+0x116/0x180 [ 718.507217][T13959] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 718.513091][T13959] ? kmsan_get_metadata+0x116/0x180 [ 718.518316][T13959] ? kmsan_set_origin_checked+0x95/0xf0 [ 718.524017][T13959] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 718.530120][T13959] ? _copy_from_user+0x201/0x310 [ 718.535088][T13959] ? kmsan_get_metadata+0x116/0x180 [ 718.540312][T13959] __msan_chain_origin+0x50/0x90 [ 718.545281][T13959] __get_compat_msghdr+0x6db/0x9d0 [ 718.550439][T13959] get_compat_msghdr+0x108/0x2b0 [ 718.555412][T13959] __sys_sendmmsg+0x755/0xf70 [ 718.560145][T13959] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 718.566062][T13959] ? __msan_poison_alloca+0xf0/0x120 [ 718.571392][T13959] ? kmsan_copy_to_user+0x81/0x90 [ 718.576437][T13959] ? _copy_to_user+0x1bf/0x260 [ 718.581303][T13959] ? put_old_timespec32+0x231/0x2d0 [ 718.586527][T13959] ? kmsan_get_metadata+0x116/0x180 [ 718.591759][T13959] ? kmsan_get_metadata+0x116/0x180 [ 718.596993][T13959] ? kmsan_get_metadata+0x116/0x180 [ 718.602263][T13959] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 718.607688][T13959] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 718.613370][T13959] __do_fast_syscall_32+0x2af/0x480 [ 718.618629][T13959] do_fast_syscall_32+0x6b/0xd0 [ 718.623522][T13959] do_SYSENTER_32+0x73/0x90 [ 718.628071][T13959] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 718.634430][T13959] RIP: 0023:0xf7f27549 [ 718.638510][T13959] Code: Bad RIP value. [ 718.642601][T13959] RSP: 002b:00000000f55210cc EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 718.651046][T13959] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200092c0 [ 718.659069][T13959] RDX: 00000000000004ff RSI: 0000000000000000 RDI: 0000000000000000 [ 718.667060][T13959] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 718.675057][T13959] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 718.683078][T13959] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 718.691128][T13959] Uninit was stored to memory at: [ 718.696191][T13959] kmsan_internal_chain_origin+0xad/0x130 [ 718.701946][T13959] __msan_chain_origin+0x50/0x90 [ 718.706938][T13959] __get_compat_msghdr+0x6db/0x9d0 [ 718.712081][T13959] get_compat_msghdr+0x108/0x2b0 [ 718.717044][T13959] __sys_sendmmsg+0x755/0xf70 [ 718.721763][T13959] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 718.727183][T13959] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 718.732755][T13959] __do_fast_syscall_32+0x2af/0x480 [ 718.737980][T13959] do_fast_syscall_32+0x6b/0xd0 [ 718.743574][T13959] do_SYSENTER_32+0x73/0x90 [ 718.748107][T13959] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 718.754437][T13959] [ 718.756777][T13959] Uninit was stored to memory at: [ 718.761826][T13959] kmsan_internal_chain_origin+0xad/0x130 [ 718.767563][T13959] __msan_chain_origin+0x50/0x90 [ 718.772516][T13959] __get_compat_msghdr+0x6db/0x9d0 [ 718.777691][T13959] get_compat_msghdr+0x108/0x2b0 [ 718.782673][T13959] __sys_sendmmsg+0x755/0xf70 [ 718.787372][T13959] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 718.792761][T13959] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 718.799200][T13959] __do_fast_syscall_32+0x2af/0x480 [ 718.804422][T13959] do_fast_syscall_32+0x6b/0xd0 [ 718.809295][T13959] do_SYSENTER_32+0x73/0x90 [ 718.813823][T13959] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 718.820193][T13959] [ 718.822549][T13959] Uninit was stored to memory at: [ 718.827630][T13959] kmsan_internal_chain_origin+0xad/0x130 [ 718.834104][T13959] __msan_chain_origin+0x50/0x90 [ 718.839088][T13959] __get_compat_msghdr+0x6db/0x9d0 [ 718.844239][T13959] get_compat_msghdr+0x108/0x2b0 [ 718.849204][T13959] __sys_sendmmsg+0x755/0xf70 [ 718.853927][T13959] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 718.859324][T13959] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 718.864886][T13959] __do_fast_syscall_32+0x2af/0x480 [ 718.870115][T13959] do_fast_syscall_32+0x6b/0xd0 [ 718.874983][T13959] do_SYSENTER_32+0x73/0x90 [ 718.879510][T13959] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 718.885856][T13959] [ 718.888191][T13959] Uninit was stored to memory at: [ 718.893258][T13959] kmsan_internal_chain_origin+0xad/0x130 [ 718.898991][T13959] __msan_chain_origin+0x50/0x90 [ 718.903955][T13959] __get_compat_msghdr+0x6db/0x9d0 [ 718.909081][T13959] get_compat_msghdr+0x108/0x2b0 [ 718.914028][T13959] __sys_sendmmsg+0x755/0xf70 [ 718.918747][T13959] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 718.924162][T13959] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 718.929764][T13959] __do_fast_syscall_32+0x2af/0x480 [ 718.934985][T13959] do_fast_syscall_32+0x6b/0xd0 [ 718.939850][T13959] do_SYSENTER_32+0x73/0x90 [ 718.944377][T13959] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 718.950703][T13959] [ 718.953038][T13959] Uninit was stored to memory at: [ 718.958087][T13959] kmsan_internal_chain_origin+0xad/0x130 [ 718.964788][T13959] __msan_chain_origin+0x50/0x90 [ 718.969766][T13959] __get_compat_msghdr+0x6db/0x9d0 [ 718.974920][T13959] get_compat_msghdr+0x108/0x2b0 [ 718.979877][T13959] __sys_sendmmsg+0x755/0xf70 [ 718.984582][T13959] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 718.990002][T13959] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 718.995582][T13959] __do_fast_syscall_32+0x2af/0x480 [ 719.000809][T13959] do_fast_syscall_32+0x6b/0xd0 [ 719.005672][T13959] do_SYSENTER_32+0x73/0x90 [ 719.010187][T13959] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 719.016504][T13959] [ 719.018828][T13959] Uninit was stored to memory at: [ 719.023864][T13959] kmsan_internal_chain_origin+0xad/0x130 [ 719.029613][T13959] __msan_chain_origin+0x50/0x90 [ 719.034556][T13959] __get_compat_msghdr+0x6db/0x9d0 [ 719.039683][T13959] get_compat_msghdr+0x108/0x2b0 [ 719.044628][T13959] __sys_sendmmsg+0x755/0xf70 [ 719.049322][T13959] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 719.054721][T13959] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 719.060274][T13959] __do_fast_syscall_32+0x2af/0x480 [ 719.065479][T13959] do_fast_syscall_32+0x6b/0xd0 [ 719.070338][T13959] do_SYSENTER_32+0x73/0x90 [ 719.074847][T13959] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 719.081165][T13959] [ 719.083507][T13959] Uninit was stored to memory at: [ 719.088557][T13959] kmsan_internal_chain_origin+0xad/0x130 [ 719.094288][T13959] __msan_chain_origin+0x50/0x90 [ 719.099242][T13959] __get_compat_msghdr+0x6db/0x9d0 [ 719.104373][T13959] get_compat_msghdr+0x108/0x2b0 [ 719.109320][T13959] __sys_sendmmsg+0x755/0xf70 [ 719.114005][T13959] __se_compat_sys_sendmmsg+0xcd/0xf0 [ 719.119384][T13959] __ia32_compat_sys_sendmmsg+0x56/0x70 [ 719.124938][T13959] __do_fast_syscall_32+0x2af/0x480 [ 719.130153][T13959] do_fast_syscall_32+0x6b/0xd0 [ 719.135012][T13959] do_SYSENTER_32+0x73/0x90 [ 719.139526][T13959] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 719.145843][T13959] [ 719.148173][T13959] Local variable ----msg_sys@__sys_sendmmsg created at: [ 719.155198][T13959] __sys_sendmmsg+0xbb/0xf70 [ 719.159796][T13959] __sys_sendmmsg+0xbb/0xf70 04:02:14 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x6ec, &(0x7f0000000740)={&(0x7f0000000480)={0x18, r1, 0x703, 0x0, 0x0, {0x4}, [@ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x18}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 04:02:14 executing program 1: r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0xc1004111, &(0x7f00000001c0)={0x0, [0x80000001, 0x2, 0x5]}) 04:02:14 executing program 2: r0 = socket$inet(0x2, 0x2000000080002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@broute={'broute\x00', 0x7ffffffff003, 0x200000, 0x90, [0x20000100, 0x20000130], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0x0, 0x2}, {}, {}]}, 0xe0) 04:02:14 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_bt_bnep_BNEPGETCONNLIST(0xffffffffffffffff, 0x800442d2, &(0x7f0000000980)={0x9, &(0x7f0000000840)=[{0x0, 0x0, 0x0, @local}, {}, {0x0, 0x0, 0x0, @multicast}, {0x0, 0x0, 0x0, @local}, {0x0, 0x0, 0x0, @multicast}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @multicast}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @multicast}]}) r1 = dup(r0) r2 = syz_io_uring_complete(0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_START_SCHED_SCAN(r2, &(0x7f0000000800)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000240)={0x56c, r3, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IE={0x538, 0x2a, "e20cd19ea595a6faaa8e763986c8e46720a1e52030c70eeff41edd199dd1da6c679ffa175f079e8ee3b4e01e33ea6945ce3fb6848ac62f9e229e59b5fe30b8e2293186fd80bf4f949e894e51983944b0581b79b9cece2de8ddbfc63e01152ace975cafc6ee2b913b8c61c003d546cdf49c2ca71731fb4b0a3e7b69cb88b814095b8fc560b4b2db17a094cd26a1bffedbe7a8b0776e75d326c18822e08d8e44e60f6fbdbaeda85a03dfd3ee8e8840c5a30e354b95e0b15b327d4bd359148245e9baddab4f45c6a794aecadefffcca27926ebbccfb5fbcc76dbf583359b7aad7ac292ca8c284c62fbe93c4b5f0625b682d3c74f93635defccba29099a62d2022ceeaa6bd4ef2a6ce5aabe7f7fdd3945336508c8caa1816df962fecd006b5c9d0c516440f98010035c7fe76f8138bd75933d5e25df616b32e72a0134f2bec12d826a8669239a7308f426d511e9a57f678a2913ea03ab412d89e3fb153a2a7d8310948ff7929ce4ccb6516e3ce92aed9e99741aae1a852d0fa57d0e418abcba134e16bb15f5f576341d8d0f9ff742b0f4d18e233ebc83297f8f2b20f874d0097bb95d85fa55c10b5f6b554742de225dc6566433d1325ba2c1e3fb6fc67dfb6d22686631937ca6e1ce2c765e3518efb92ac725ee6e6bdcaadac9bd9525374fc04e32b1a0acb4b5b006249fe8984946c590fe0a1c75526ba5ead12cfd651b1a4c55b9549a3fb75e2d60119a3363d16cca7ea3943fef0477b31f986e6048c934ab9dfee4f24a7b12c56ac1586acebaaced100307325598b9e42a16f33dc02969f6023ffc394ad97c486213704c270a9b102555c0599ee387a541de2cecb6f309d6f955aae62dc45cf5a0d822cb5ead96a8b3f51ab2e1fa9f0dc3cc084f3fd6b64884651363cc141b0f05edd0cb1024b9634e703202135e9268702637729affda5e4f2764a69306c87822b967c01612087454814b05218742b3e9ed4741bb32ef750abfcc3f30402514c68aba176ff3c2583c6c2b30b3169c6b9262043ceafd946109b070124469a70a6c54d30a679f434fadfcbd3cb8139c12f2623d1206a1123b13f1f4f5f8142cf14618de5bd65d9f269686aca9539db273e097e65778f52991291a517ee4d350e22c6a850c403885e724c4da91c20076ef3c46c6dba06a254a57d295c1be8dd52ce013433e8cc65f1078d5f74bdcae275c052c3c89e689dcad3d03f02c3e7e0de49afc9cac6c843c4f1a5e5e63b0df45caff13c6ffcbba0a23b515696bac620aa26a43b367c078843bdbb1b339433d8f5de62fff05bddef5e6e5a8f6ab35add19b6ca6fb595c407f41d8684b4eaa4e57e5f206a47cfa308f9b84e9014297ce6c1f6a4b4b843ad6108e1e8eda7a59b56d24ba3388fb922cade5a653274126b89cc0892f71a4243dbe993287e3aedec79316898785cb8f4798cf090b82a792892efb7e47b98ff028fee8818835d63853c6fed5317894d9d1cab19f0cc83025fa7f809056f62b6058be44585ef8bfdac17e3bbbe9ffba439ff8d429d665774687c07d03dc2f5f14e73fc64851ff0b141a23cffe0d00b849a702a4d9dd7036f32acb976d9f5f905b53545b40d143ef20a6212d8cf95cd575913fca3dff50a8eed394b08c478e95ba68a71a36bc47bef4665634b96d7173813a6e967bd7fafe12bf85e161567c161058ef1b3ca5f2958ecd5323799983a25c662768a7835e79130743f8be24d2032a90e94390af9bf33d36cc3feb728a8b5af11ea4f331f2a69e64b473029afea9205b8fec55e8653a9fb9210ce6c0920ca40e9bfdc0a72e86b5973fb5dff157abed87bbfd405400b42ed53d18d8c59964c2efae09985db766165d689d799f48e888ac2a072dca3d7b56b25"}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x4}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xffff, 0xffffffffffffffff}}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x56c}, 0x1, 0x0, 0x0, 0x40021}, 0x24000051) getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) ioctl$SOUND_MIXER_READ_DEVMASK(r1, 0x80044dfe, &(0x7f0000000100)) eventfd2(0x4000004, 0x0) getsockopt$rose(0xffffffffffffffff, 0x104, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) r4 = openat$vimc2(0xffffff9c, &(0x7f00000000c0)='/dev/video2\x00', 0x2, 0x0) ioctl$FIONCLEX(r4, 0x5450) 04:02:14 executing program 5: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000100)) 04:02:14 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 720.521665][ T28] kauditd_printk_skb: 95 callbacks suppressed [ 720.521720][ T28] audit: type=1326 audit(1599451334.475:2042): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:14 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2a8, &(0x7f0000000440)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xee\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bi9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A'}, 0x30) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) 04:02:14 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000d40)={0x158, r3, 0x401, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x10c, 0x8, 0x0, 0x1, [{0x108, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g='\xf4M\xa3g\xa8\x8e\xe6VO\x02\x02\x11Eg\'\b/\\\xeb\xee\x8b\x1b\xf5\xebs74\x1bE\x9b9\"'}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @WGPEER_A_ALLOWEDIPS={0xcc, 0x9, 0x0, 0x1, [{0x70, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @loopback}}, {0x5}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}]}]}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}]}, 0x158}}, 0x0) 04:02:14 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x3000009, 0x10032, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x70, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x21, 0x0, 0x0) r5 = dup2(r4, r3) dup3(r5, r2, 0x0) [ 720.746564][ T28] audit: type=1326 audit(1599451334.515:2043): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 720.769895][ T28] audit: type=1326 audit(1599451334.515:2044): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 720.793418][ T28] audit: type=1326 audit(1599451334.515:2045): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 720.816879][ T28] audit: type=1326 audit(1599451334.535:2046): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 720.840192][ T28] audit: type=1326 audit(1599451334.535:2047): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 720.863511][ T28] audit: type=1326 audit(1599451334.545:2048): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 720.886834][ T28] audit: type=1326 audit(1599451334.545:2049): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 720.910125][ T28] audit: type=1326 audit(1599451334.545:2050): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 720.933474][ T28] audit: type=1326 audit(1599451334.545:2051): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:15 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:15 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$tipc(0x1e, 0x0, 0x0) 04:02:15 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:15 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETAF(r0, 0x541a, 0xffffffffffffffff) 04:02:15 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$isdn_base(0x22, 0x3, 0x0) sendmsg$unix(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x18, 0x1, 0x1, [r2, r1]}}], 0x30}, 0x0) 04:02:15 executing program 2: set_mempolicy(0x2, &(0x7f0000000080)=0xe4e, 0x6) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000000)={0x50, 0x0, r1}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000004340)="9eda438838743bd4e9720bee57093515dc189a5ea685e9556c1c2c3cfc4df50d66d31a48aa312663b68d18c5826b5b55fb738208863dac0f10f423aee7a5d8ddc45ebdfeb7424bae859d7c37ecfc4b63914d5a56d91017dd22bc84f759a15969951aef9d5c88c96560896988fa18cd946cfcc3a0f1c993348377904eac32c980bdf7976ebca2b499cab63c4e841514277fc71d4620e29a92523402485de0e82896484c0ae497a4d686df23ca7b68c3fd5e624d3510d7f94838e54af877ca58a00c5a672bba11f5aa1ed1980dfef47b9973d0bf456ded5e72f1702b3dc5197fce39cba53a038d8dc0ec783ce70577107dc5e8b299e64a0b7f1191f0926bd25762370191710bab2f44e9069f55f8a3f87e4cb488a2fb3348c0bf3b3874291f83e4776b160ea73aafa3919c7c069c73c0052173a63158db8b65541d161f9c964926ad7f06bdd6cb6a32135b04e35701c2e13c49c1f75dc7a25d623378860692d172ec3f1e1f2d9dc77c015c13721efcb101c2390abb847e871132f472a37cc0163b39b1d575a5444e246a08a1afb1a696cabab29498a314429a3b9f44c43ba29f71fac1fbe0d01c3c16d22730932704bcfb0c1b7a432bc51dd3f5dd5afc3b342cbe6a6ff899039e28f9a51881b1d46fdcf31767cb6f5c5c69ab3c80615d77c4d1664fc4ec831b8cea2e752bbb7a9ce79df875b29f1e232751daf32a1a0c4ff8bd0688e2b8e2d668b8a77e20a9eb6ec2e2c23b94e507baeacbcfa31fb6e1ca3343668f43e3aa6d85e7c29bf0bb4dbdabddc92be7f4a6f5d21b19e6da17bfb6cc926e3847532fae29c7b62fb909130ec372d3c16cfe6aaf3ce2af0fe7610fde7aad61bc80d2f96b999c8ccf6d22cf903ca8ae8b879ec4a416f334982e9810c0140a18d4dc81b5edaae23e9f4abaf40ed71512aebbba5bb251545e188db789558a845a2877b14bdaeec3c738b7d730c0860531bf5517d4f0e8f95ed3571f8a35816d5116fcb8d7cbf42b7d5d5e65541508c898bb2e0fe96297d2ab7135662de39df099ebaed5871111f5346278cee5728cec512e6c0a0d65b51e3d627873195b84103341c2bc83b6c8fdd8ba17f5957413f61c69d618c9b9d0b1f08dc81921b6c662ee1da3bfa019b095e9a03c2db4d645ccb7364e895098cbf7d932c72d80663c7a1694d122f7348393079223c11d36c64a5856eae0397ab9a9d948204b74e56525a9d552dd0916de81cbb5af3c59b3d7f8f9154423ce2cb45a5bc808e24bef13212019a19545fe54ba84d01534358380192b8c7b0eda907810375bb66a578a58fec392b47991271c8367b91d710e8a176bc1a4e96f0e137d4c25fbb03eddc392f9f170dd744472b864fbbae7c93d86e682308b21b73c5652065d72cf02e1152b44024a90a3b52eb0bb3cb412e518d37a68aa4c7f46789c54ab30d3a73d0a8712fde612294cda2aa1ccf164930b9b1d17801d4fbb06e849d39bf2b5141330caa0d2618b616f1c67e1ca57080e79ed9092ba7a55e8121cfc825cd26a0199a479a7ab1b7b23d2a4dd82fa6d04ee41ca680435efc934f0451e865e8632ac2f1115f4cdd33b0fccb7a2326127faf20cba37c828613dba5a98f4e1ad25eb6b91078cf73d873df9ef91531476f64b83559ff7ccdc4c070d478b18196ea05fe8d4ea0216ee5273dfabbd04582f40f064c9781afd2cbf30901f28cd09cc934f1b2d50883778274177e3dba8af0a1b931d80ce1a6c4085780ea2195b65ecfd2953f78a5290fe560d0cd6a5e73890a5a82dc410b92a3ef2be05ec5607820fd4ca6b9c3aa258d59022fdcb21665f1ce4e8aad8fd918c43bd3c2afe3dc223ff9f48831d401c8b6996190793d1dd7551f8511b69283992398d8f9b4bd2b3398d3b8c6f3c5d8b802ca5282b70242df2b7be4b38e70c3065f8da888631375afcc05ce578089c4f783776b286b7a60d1b5e189e2742a3240c1036a953d886885422eef01413c38099b64505fd5a73488acb4e611820674c58ae74d6c64a885d4beda9bd7903bcdc71e3711e2a057c0eab2100c321050ab14c6e453c53182577ad3178603cd9afde40a701120e9a36074fd582428c74e02781318e6c65450f8f020bd22475696fe13b8c59260e53a06d16eabd135e887a0a6bbc8ad21be7661df76fec5b13844f68b8eed1a7379713738beac9f23c7a26520e19797a910cde9fb285179526889b908b7eb49bb06f70f6271fba8712c1a4269ebcf4b7d043e924e3d2c4c753fd7e547d95841e335179836f76424e728810d7f32b78256ea30c79d9238a6588426e1f2d4c0b03d5605bd826ed24f0f11326b4cf958632b86e017aa80e142db1580c44f76d9c98196f3f6852ab2bfc6a01a3553a130c2d171957f5a45c3550fbbc990ef8742a98a86b280a57b9f198ff436bc01161ada50e6f23026c3254adf2321bff7e20aa54080bbb57d8d52c6a6df6107706a2e5bc6da68f17b474c0edd39401d765086e885cf7992405f856557915603cbe8894676e996bbadbb649a5e7498b91f9bd2f697dd9ebbe4d386050258b9f4c94781e61c660651c3f1e3ae51f8c035eca365bf15d6db48ea9ce183515f4a208d010f7c23dcacbd6e225490d7e9c133525f5c9018d752b21b4897bf18b64b6a9936f538a0a8958fc934440aeeaad2b68ac844d76f0900a6c95bd0b353d85d4fb62eb88360112237fd8c636a80e3130b21d66ae8ec58a4b76cba0602f96da919f7e84fd37e3ec2379f58e389a39c78d2482e03c379e3c4649ad63a76e3707ecff07d2fcb0c9dfc524cab49e69a09c92e4f88714335cb57d3f6184d07bef9657280fb5c9fd2d8f940f7ac6c5407e3077aa2e4ba8e217e0ee19e302d6d90e3be05a86dade35d2e454e511afb5cf5936f1d11f2fa6be6ceaa817dbdc7a6aabf2fad8ff3efa8382a25099f0c5989d2ad56ae0f4968b2cfcfc67b4f1c161c75900b4848f59a3c0376dfcb7997bf28e9e85d6dd942a360516de38e1c1a038a796f9a77ff2b0c7e5e8f4932391a0e58e76dacc6f9764178a211dfde3e75d367d2911ff398126ffdf83cf2fbdf1ad5232bed9155f7a168638a572094a9e934d4969b358cf6e121d7fd2aeae2f499068b42c152f0e3403a230885d6f92f038ddaa23499f804ffb06abdbabb51f6c38c92fb1a6271a4b13d6d11125b8ec12efa5907dc65062797fb9cca15e2f254e76b182d3fcdb4e96ac4de36d6df7e7bba5c32f422286b1be3b79bffb6fd693761952d195a84ad9ceb07287a0fbefab9e0347b513c5f60233ccd4b52d90ec144a2f896d9dc7f279f8aa93038f3efa286e1c3006933a4d7183d952f8d28b141b28b2af355b5bd8198dfde1ffb8d09202aff0d16ca3fec194662892a49f829813970a4520f1228aa03d211a45bed3b2e05bf1f10b1a152761e7b6c6ddea863a3c02224256092c70ca70dc185c4c385dd98b09e2682661e1e66f71d9c4037048eb70e8a1cbe57de87ec43713abf5fdcf63b9c482f318e3bec37e878dadbae15a02d731e6c8574eb14c059d72f73be5174add786d06b585a28a06d349d8e434a491b34897b3c1ad786ec8280d7f57edd4fbc6aea5485d659b59d393e331cf91e6ed76f340fcf7cf460892fa7318fc42b883f61d888ad982a751accb613c66661fba5f3d6de751a6a9ef8a4700316aaad04e991aab7903f4ef012ec2a8c092234e74ef335daf360ae47bbd2bbc6ad8c1a4f81efe8bbd703cb55ef36b32b4e30cb5a3b165c02ba295d0e1c40ce6ff8f479a74f01275f113ebfa8ade37a59ce70e6ca2a6f48f1be085f61bf772e2c2da523a2cfe63e99c57bdb1ff23139d4fca49eff7547e9880eefd3f7511a677efa23b52098ba89037c48dfcda2e8c1cfb9f892161049e53f8cee55256279512aecab8c441600dae0fd957883273047cf5c66ba209f830aa2ce0cbe41ca08c0cef4aed7f4324009200661a7ce680e5a8df2d051c1d8b2f63d25d8d74d05c75c46c8f3f24d625539e63459650960498a54ec3b16225bbbf4d3930009df265839d72611f5332a904cdebada108236e4414a2909ad01ec44b9d7f75de4385ad7ca5152e890a0919b3639fd1bcbca3b737ebb8d9ae541b1271cf2166ba15830e66f3d3afd3b754a7f81ad4f0999704ae99c114907c5be4a4797f13b80564f234723a34dbe137dabfd7fa23562df679f54a6ab54def6d63deae9844f72fd73efd0413551f5c4b9ee826eb3b7faf92a59ea34a16723b4fea14d1c8815a4e2d39fc48d1dbce526a7c53f5a96d0ef6463a0cee73fd3505f5c764a264b83c4a21f80e8b61c82d24442d13da99d18dc1b2538e7a510f6093d9ef2bc5cc777d4f98411e93919eddfd69d6e20d227cb61c50f358ea227f4de941fb080c1cf6b1f6e25533768fe133dbfc3f9d29c603bed38aa3c5af5b81a706b0067b40b88f992610d04c7cc36b8f649697cd6a93fae51138161891ae75a7147780fc59af5a6e18c54f9d2a4fe7fa92314b399afba9a40d0cc24f70a2593acf8d179215e06b7a9a88224bafcb2cbf60caf5fe4ff38208a70793b5dc33cd572956260e1c86312d3ba9b3a4b2b44376f2e78c616a6c0880ac8dcbaa30b9f761d500fd03a8518dd0509157b184a2d95e0caf3ffc8ac2db6c54d80c71a1e5b9ea3bf51071e2118af204123daceeb04e4f6f31f32a4d3fbb76ee49440cabda2c121c1b99acab5b87cecc37c3f9066af34ab29d6598bbfd91047a2ac7ce3a8f3027ff5e6d743506f161087278896a98ed37122ba208b61cf54d3929555ab06b564cd5e4f46f4755a6cfa2ef2b30d29ea66f2749d4060d411fa9160c91b6f55cf071ac8222c6313df18759e2958cddfe3db4cbeb9cd39abcf5f0beaecae8437813995cb7ed0b87d42ca942ff7245ece204798d01361c5f008e0d82bdf76660515bc78f7f8f409ccf68614b2cb50f5af2615661326fd971bc57eeeade60ea906b8df1cb0dfafd318cd2c396309c329d0469ca192aa8f51d7c4227685440f073983255baf054b97b9d7be1d1470d7eabd5c09b2116b4e86b0567b7e97e088717a4fe3dbdd310a1c39136ea4d2c47492001f9885dba03bf97e7da376171d666441cdc2f999db137603d57df32b4260fa0165e82917bb1631ea314e7a7437e66fc68cef22cda8f456d6e583f6e3237e0bc79987a9103f7cf0918e26881f67ea582e1ff3a49177599d385bf6e42572a2547933aeddb826530e9adf30dd84c3a7fae5c4c26f6c6f3a9f0906decd314e2407825abef959c5416d18a92ff34e6c521a16e8a0a29937c77d4ee99b41d530a732acbe0bf5d274df9d496b47a9a624546bdcf9976cde12ec989cb2a70b33a7c8a3a77652023164695f9db30dfcf587f0cd4f73e385730bcbdd688f6dcb08ba0efbb9f579220afefa4acfea522e864fce9b1782ce9f14824d16e9d33a2609c23ba3c5a1af02549357a0dcc12e37819d778021762cf895abeac1125b744c8b8225a091e7be9ded9993cfa3ca9abb83e25c8f559009977a2ed9374a89619fae5ef6d164bb73d242004dc8428e44689b33ee3bbe88bb4962ab0a32a90e7aea044f08410752cb2d7aeaf3196648a3a99092665b478bb394b48f79b36db0efc7f50d6a5179c945f5298cfaac5e5dea715296f92abce7281d48a0c9c6b785a35ef5f1697c047ddb254fe9a8ab9f498b0c1ae09ffd01a3d8d427fee7e36c51e0e5c2fee2245fb8464626ab5c9857ebce91f7d22bf024d10c2d71021cd69268472de419e6cefd970cc3a8e4d1bbe6496799aa7f100411766e712aff08b731460f14f9d7356db12cf8e1c6121968dc68b1d81c086b325ca4ce6fe1f476707e08fa913144b757c6be17cf93150db29544d207f09a896f33b7335d9339215da751e7af2c6bdd19db6f521af2c8a5998dc607f97026d07111488741134c1c86eba123273d1fd5ee4b471e86f9ae9478a04c7482076ab34a1eca5c64f89e5106eed44bceec019c67c12fb4db4fdac153f4ac3b63ffeb6d30de58ec039e2dd3c181e254cd94d0a2b0b44490384cc5915b54ee1db2b6d059879bf8126c9ca976d0f7862da07ecd350930a081810a7afd72b2ad3f65b96ae9c7f91227a2b5513a559f36b90fe01be9ae5ad3ca65e2c26f358fc26b858a3633fda7ae49a5fb705220a5819b3cca41b1ccc21d7c40f5fa9c422288efa5394e4312675899d704a2aab62b8363f58fd4bc12a8bea6ffc45b4414237bf5f019321206dbba439acb5ef26641f30fdac20f964354bce94e4c9d73e137f9806deefaf6f4acaa0e76ad4fef9f6cb7fc01bbabda9612c05adbe46afcf94819e8a4b4b49ff764784fa432d47fb6d4230900043d1b4521cd6839fe8c5df4d1899fdfb13880e207cac73f0a29020bdd563bd9c2f6bcd1ec523b3e03ebf6164fc65af001830c51396f9df2d346f83a59cfc82201cf1150ea57259d579fc2ed199b3fbe42d5188c84e4354610743e5b23a265246313cc63913f17412fa00d98b379b80b96d936969572e11316bc8926cb23115186f3b2387b82c3898fa41bf16a308da62d5a3eb3609af1943fddde08a4036eb2a41b7292caad9eb082614b02a1fa255bc7abd4d0e3b4ec1801e131e68c7aa9da1a0ff10f9de87dec8fad1ad8bfa99caa49e203a7b9c33e044d4544a537471e7a452468b821959bc488c6b8cbf81e90081a26de273ad1203cc06adb6af242ab19f96c1c66b58c37e2c9309704fba63af99a8d9c5efc651afb631fe9f546b938cc3b8e526c4159e5c9f7afb29fd1d55fabf09367ce2a63a35e7a2062d1c772ed981fd77157a847f687a177cf9886ce41df8cc509302b46bc1e2ba896b1c1656a1bbfdf4cd9ac39cf8510d1c823075f16550fd044aacc8d42a56f03718f7b18475cdc3999faeb25ab3dd8a807ee04d8e5d831d08b4e309dff50330685138797e10c6362636f53f22bfc1f3d5090a5d369282d9de36bb4e2505411ccc6ea395afa1567b15a2fb4be2adeea7126b1a8e80034105e0d98bdd78e796ce1cdc06a4ae666fc0baec5c52614340ed997673e26ec47c88846c000bb7c9077337cd44f5c041fdcc64986e5e1c0f488148f0ee6f842c44c0b72e82109270341bba6e9080b70fcf930d0f10be5a36798e70111fed72727b72282ff164fc08319d74f1f57cde71b57cb397a9e753f87b97729bafba017a24cbfdee5dfe7fc296c112e93bb8fce560ca80a3afd8370baaa79ad783b51352b5440b144a47378c9ae22eda5794328e95bcca220fd07bb56915529b155c61858efe89ad36a79288e74c0e251addcfaf797432175a5562b46eff5e3aebeb74623e18beef85389383c604d8884431b07dc4bea0174aadc337ff41f558a63f16690feae47efa2a5d1318b7397e1e4ba398727d286791b71610e1d78d32800e7e113c12abf0f60b6ca4401ecd23b7aacd990633b2b017daf6bfef1b2361ece74b7dbcbb1a73d4bc1f9d2e5c9fb0b7980d25cc44d1b10c09ef5a6a05c84669294a5cadf0cd88ab449f9f0bcdd8c48590d416c5c1feaa494a2145949c2a3373df7c6014225f2745bbeb20ff294d22c0d96ca111e6926946207cab56a03162a49e68968e398f70690188ee3ca847ef421742d60b9a6ad029e8a3d607950b2bf8ad8ff297cb39acc94905635770436e134435e28205140331b5100d9f64469792fffac87bca0835cbc617446ff86a7b50418c305f32e658b32130e491e38709fd3697017ac8084cdf1ed81a28375aed092ab4e32ca88a933154dd3a9e99351acbada926b67b310c7070ac1a414a28c5abfe1f45476249a12f18ca2d981528d881ed3c5072e46a6eff3cdf37dcbc89c7f79c88a1f8d15d15beb66a0e4440c7b93e379c4e2bac1d5c8e85f1852887e2cfeb178fba1c67dc2adb0c87df8ca4444ca7f455509f492effb5001328b8cc696e2933207a2d78bbce8562ca34a248193c914406b161c8141479d891b0c6110ec1e25cad38299b489f2ec437017cadba67dcb58abd4933c95b3526f1d4747b8701a7d71e446e4b62e2941d4281faca0cf22914be5aad80f47100000000ceb24e82508fe55a92fb6db70d03d1c1ec09cfee31639341756a4630a0eaaecac7bfbddf9d30c42cbd45eb181d5bd341307ad26f496bb042e2b655c03ac3dcc587acbf50f79b5c239be9938b62d3251b199f8413b020605d5d0552cfd9c39c9132719d6d0a326b000e12fcb51bc274df79d11430060d05978cdd50583f1bca82c57dbee605e2d00fcb5414af13a596d35cb5ba62de6a28cbccc857d23547b1c7fd5ac8fbf6758d5b8451fa46d9acc00344dc2e565674b1dd3547eb8f8aa5fff99042f8d1d59e6ad2f53379211e6832fcb68f5777eb2db85b28f724f4e4ce6342cf55713ff7b0cb4f7f47dd12a6566b86709eaefae024373267ce72a89e7f3e42ab48edcccc96b5d0403fe93a927e5ccf470014f220b8257393226cd7b996f20e6a34f81206733a9fdce03b701943c1b560d3eab68c2c225cf7f7f2b56123be2bb173e9e5b37f4d3348f6b987764ad07c2acd44514ff264d7eda31e5e517a179414841ad4553d51c08f435e05f10aa82d74b97a9ba3a133e6c9175fdcd4f3dc9c16d3be1d5bbaf13240177081ac1d56681bfa988a93af09868afd608520c0bfd71d857a6661fdaf6f2e166987eb007449dd26334ae932c5003fefc0f983b9e49cbfcea325f2de16a9ae935caa46f5b3433957fb370971ed957f138f08a60fed5b84995e428e7ae7d5c22021ff016baef0e713a118344c016a99ad469313ba7f2452da0dd82e019f64aa229cf80a69b3e08ac5847f10d247179855546313232f23e055c2f74ecef14e0fdcc29a9bf0976fbb249bd5c7903183d2a53c70960a183630e7d4928daa7091a85ad987d2a4a5b8f6be6612fa72d9fbb33c67bb38eff19f2e784f94e0354cf6d35a5b2c62233c039de3734b38e97ec72bd673fef09fd56fec329818cc68cdf12cb52f7d37a8350c16e94208880bfcd3e895d7aa4489e3dd15db4a9026f0d2a46f1e89c35845dbd976a1992b87c15a0c7580e6424b8792a7bb7b933d7c5433d4133ba4dbbcf7995d6ed3feaa32f876a287feeb9cc6107778c1f83e0119d980b9e994c2a3ae3de24a103efb3cacb746b49d1ad85746b233ab4aaf0e988ec2a786bc93f32040d3bdc3008031634cdfded5ac95b2279e096243228296591e7ba53c4a127772cc4620e6b238ccad250629194533d0a669ff3366c52d64928693e0b0cbb0b8e2c6029089d4dfe2b4b6c5dcd85f1a02770611e65001e48a32a8b0431a3b9d77fa3a95be38a0436a704c05a8e0183f3214c25531a63796f679bf72885aa766468d42b2543542d7e82544efc5c5e81e6a91a0f5d4e68000cff687d63e45c9a11d4ef515050daa592c9a828ac7c0488e7cdb3d6fdaef5e9176ee68d981ea50d386d74df3b40660351736deb03bfceb721878cf9894b0302df15964242ab6b9f77f98ba1c7993735983d2b022600ab74a19e3636e1400d08ba45d3a5c2774cb06a1c358bbfc11d27efaf7ca53c2e7757c8c76da24707d91a4a5244262898d68083ff91c514d9b9b1ebaa0cb0b10254fda1b1e82b9a1a47f117b5b280ddbec1f6732d11117ef1a7a674699df87fe795d1243cb9c4527e364e2b711b6562a87fafc130ce0baf1701686639b05f0c8dc708f008b1e6ab89e8d623bb83f3d54b7bcdbdacd055ac4eccbd36bbe0af0f65a00e3d6dd985ae8851d176976cfb5816d1fc2a63d3546aecaa4e712ca6961d1f181315d553de6b53485faed0dcfcf819a1ba3badffe797377d3d1ddaed8e7a0acc0c3d277762262a139f94de49faca167b11bf04f2104a5ab9a73367a6461f7124c91a2c4229ef98e6ebde9aac283c7d029400d71293f488ba169b62c1e94689cf5b248ed4aea62b88d65bb764cfe27d5231a58486e7381df518f4ed81cb905108c54a5050a94ca0e94da20d3794bc5fab9127dc95b6404b1e27b4e28136fc27806f7be798444c33aca88ffd45b860eba0d5033839f5a092863954604f1952bd61dad23b11643fe14f3ade08116aa2c13eee701ccd13e506bd65a1060bf69579aea8c8143cd38c0891a3065f251eba0c20ab9c69ddf28e3bd6400cc203bac8de1882239ad4e1b97b0ae2f1abb7bac7c0d8ef82b97ebfb1f5577f06a3a1377b09ada4db87d342f20ab0eca4b9c206042471307511429cb57a578211f92d3647189861cad9145f5eb26ab696abe50a2a6c1b469df97da28aba4e79b586c348a430f5ea61c4be1032fa61d18581f05a07fb8707c8996e0fff1c3eda59b992687fa12483b9327e10224b20d42e8b3fc4670bf070ced602283273d6818acd1f6da567c44d3f5e1377065d43d87d889843ae48e7fa8ba1634815695b8c480ca271e6e833799c70da80fd79acc09b989667a2294de5da73f0363df9a33ad4dab8d27cf7bed0a06838672e3d07d52b6396e9b5576021d5e925abd533bf161c944795065fdd44e8462e3070c479f1c118276653488dd9b2f1a673f8cad3612ca1fab4388ec9c8f834a01a499adb7b3a9a977672f6d75b41bbdd7f91ceb7e7a88568d17bb432be9e4e96e115075bce197ef4754d2914c2c59e2d7f4c08f0dbe34d31f229428f211bf1d7e8f5c319ed4a8273cb6255eb318851ac4557b0278fac63107a54d407c42f300b843a12abd3b893b46c7efac2e388ab42b87aebe2543bd4c15f459bc50aad10ffe1c1196fb52c26e54bdaa7fbd52451f207ffb073ef4b3f71eedd7da40c89505019739e3fa733bcdc84ff4919e8fe2358129ef28291be1d6426b8bafe88463b1d3cd7273745381c7f65221898e6ad361e88b24c54ccc7ac9a830145b6dc096e2d71ef71ec4f03524cb870b724e08d223bdec2f6fdde6200217a13b5136004d455d66547f5a1793e0cad85677d49e5c558852107007c8136812cf021afaf6f7e8f59883371be46cda412dd9c6fcf187c31252ceb5758901d39cd5355ab386d9a7fe6ea46ebf277aaf809c3023211ea9aa189de4d422080ebb9fec50ffab6b95ba4ae5018accc497e79149ed6047ce561ccc10e9194cdccd5c9fb75175c8dbc9d0a916ad59288f010defbbb50d263041ab37aac0f93253bef6f898cd0825d99d27224f26181f9713b8979da64756c95e7505f25a2688960d6155c3613dcc31b6c337a6dbfc6b12cfde1db22b93bbd5e48534fb0bda8b212577a14dcf665c834b0bd24e5f624d2455fe048dbe930328d7cb632db3b0e244bb5d43390b420b15157a339487fc78976f867d3a361aafdd3f50a93c01882da7c220089a544381db22e2c86b228dc2be01820468460437588952a549d37498e529e62aa62bad1580546bcb1e9a6ed1870b7838d05d12f6e3a041e78b1bdb80894626f20889ccb3a468aa4fb24b9c87cbb28623ce59c6b3c6286db366d08004551a25fe4d8d194a2bb7c52e1c85a5fbe4cb15b171489da121bea1c469a6bb185d63213084e3a81ee54dc03a94dc5ecdda7bfaad1df68021aaf4627c9d529f13e5c81b5ee4dd228949ca16b9a61d186211d153294470907557e5e14ae665013f285fe4d3766e7b3d8ce5e2a14692072d4d8f79354bcc8db8a2a36c8bcd", 0x2000, &(0x7f00000069c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0x0, 0x0}) syz_mount_image$ntfs(0x0, &(0x7f0000000140)='./file0/../file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000008600)=[{{0x0, 0x7f}, 0x2}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0/../file0/file0\x00'}, 0x32, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x3) 04:02:15 executing program 3: pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000040)=[{&(0x7f0000000140)="18", 0x1}, {&(0x7f0000000000)="e5", 0xfffffe6d}], 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) close(r1) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb, 0x1, 'taprio\x00'}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}]}}]}, 0x8c}}, 0x0) splice(r0, 0x0, r1, 0x0, 0x10000, 0x0) 04:02:16 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x14) 04:02:16 executing program 1: creat(&(0x7f0000000080)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'rfdno\xd9\x16u{??O\xe3\x17h\xd3\xb5\xa7\x167\x05W\x8f<\x01\xb7\xdc\xff\xbb\xdfW\x0e\xfd\xd1\x8c\x15K\x92r\xb1b\xf1\"\x02mY\xb6\xb3\xfe\xa4\xde\xb1:\xd9\xd3\xd3L\xb1\x01ZqM]\x9c\\r\x9b\".\x12\xa6.B?\xa8\x02\xc7\x1a\xf7x\xd9\xc4\x1cB\x92m\x1apIg'}}]}}) 04:02:16 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:16 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180)='batadv\x00') sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r5, 0xf, 0x0, 0x0, {0xf}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x24}}, 0x0) 04:02:16 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r2, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010007081000418e00600004fcff", 0x58}], 0x1) 04:02:17 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:17 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:17 executing program 5: r0 = syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x68001) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0x23, 0x3, 0x10, 0x0, 0x0, 0x0, 0x0}) ioctl$USBDEVFS_CLAIMINTERFACE(r0, 0x5522, 0x0) 04:02:17 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000080)}) eventfd2(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) ioctl$CHAR_RAW_BSZSET(0xffffffffffffffff, 0x40041271, &(0x7f0000000040)=0x2) 04:02:17 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:17 executing program 1: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x200200, 0x0) waitid$P_PIDFD(0x3, r0, 0x0, 0x8, 0x0) 04:02:17 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) [ 724.036429][T14095] [U] ^^ 04:02:18 executing program 5: set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x1f) r0 = io_uring_setup(0x6406, &(0x7f0000000140)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000040)=[0xffffffffffffffff], 0x1) 04:02:18 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x800) ioctl$FITHAW(r1, 0xc0045878) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f00000022c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000002280)={&(0x7f0000002200)={0x60, r2, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xc0fb}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffc0}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffff13}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000001) r3 = dup(r0) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) read$FUSE(0xffffffffffffffff, &(0x7f00000001c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_POLL(r3, &(0x7f0000000040)={0x18, 0x0, r4, {0x4}}, 0x18) 04:02:18 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:18 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f0000000080)={0x2, 0x18, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @dev}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@loopback, @in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}}}]}, 0xa0}}, 0x0) 04:02:18 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:18 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) [ 724.671233][T14106] [U] ^^ 04:02:18 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:19 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x48}, [@IFLA_MASTER={0x8, 0x4, r4}, @IFLA_IFNAME={0x14, 0x3, 'team0\x00'}]}, 0x3c}}, 0x0) 04:02:19 executing program 1: socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000000c0), 0x4) r0 = syz_open_dev$sndmidi(&(0x7f0000000180)='/dev/snd/midiC#D#\x00', 0x2, 0x141001) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000000)={0x1ff, 0x0, 0x0, 0x4}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) ioctl$PPPIOCSDEBUG(0xffffffffffffffff, 0x40047440, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'sit0\x00', 0x0, 0x29, 0x80, 0x8, 0x0, 0x50, @local, @ipv4={[], [], @broadcast}, 0x700, 0x0, 0x7, 0x3}}) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, 0x0) 04:02:19 executing program 0: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmmsg(r1, &(0x7f0000005a00)=[{{&(0x7f0000000080)=@ll={0x11, 0x0, r4}, 0x67, 0x0}}, {{&(0x7f0000000340)=@pppoe={0x18, 0x0, {0x0, @multicast, 'veth0_vlan\x00'}}, 0x80, 0x0}}], 0x2, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@private1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@mcast2}}, &(0x7f00000000c0)=0xe4) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) getsockname$packet(r8, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmmsg(r6, &(0x7f0000005a00)=[{{&(0x7f0000000080)=@ll={0x11, 0x0, r9}, 0x67, 0x0}}, {{&(0x7f0000000340)=@pppoe={0x18, 0x0, {0x0, @multicast, 'veth0_vlan\x00'}}, 0x80, 0x0}}], 0x2, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=@expire={0x11c, 0x18, 0x800, 0x70bd2a, 0x25dfdbfb, {{{@in=@local, @in=@multicast2, 0x4e24, 0x7, 0x4e22, 0x5, 0xa, 0x20, 0x10, 0x84, r4, r5}, {@in=@private=0xa010100, 0x4d5, 0x32}, @in=@rand_addr=0x64010102, {0x4, 0x6ddeb7b800000000, 0x400, 0x4924, 0x6, 0x0, 0x0, 0x4}, {0x8, 0x100000001, 0x4, 0x1}, {0x21, 0x100, 0x3}, 0x70bd2a, 0x0, 0xa, 0x0, 0x1}, 0x1f}, [@lifetime_val={0x24, 0x9, {0x100, 0x2, 0x6b, 0x3}}, @XFRMA_IF_ID={0x8, 0x1f, r9}]}, 0x11c}, 0x1, 0x0, 0x0, 0x4000000}, 0x10001) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:19 executing program 3: ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:19 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e5515"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 725.585549][T14127] [U] ^^ [ 725.714494][ T28] kauditd_printk_skb: 28 callbacks suppressed [ 725.714553][ T28] audit: type=1326 audit(1599451339.665:2080): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 725.886741][ T28] audit: type=1326 audit(1599451339.775:2081): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 725.910328][ T28] audit: type=1326 audit(1599451339.775:2082): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 725.933738][ T28] audit: type=1326 audit(1599451339.785:2083): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 725.957123][ T28] audit: type=1326 audit(1599451339.785:2084): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 725.980553][ T28] audit: type=1326 audit(1599451339.785:2085): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 726.004024][ T28] audit: type=1326 audit(1599451339.785:2086): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:20 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) [ 726.027313][ T28] audit: type=1326 audit(1599451339.785:2087): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 726.051138][ T28] audit: type=1326 audit(1599451339.785:2088): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:20 executing program 5: r0 = syz_open_dev$radio(&(0x7f0000000140)='/dev/radio#\x00', 0xffffffffffffffff, 0x2) read$hidraw(r0, 0x0, 0x0) 04:02:20 executing program 3: ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) [ 726.614991][T14153] [U] ^^ 04:02:20 executing program 1: r0 = syz_io_uring_setup(0x15a3, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000240)={0x0, 0x0, 0x0, [], [{}, {}, {}, {}, {}]}, 0x5) 04:02:20 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) ioctl$TCSETAF(0xffffffffffffffff, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:20 executing program 3: ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) [ 726.822392][ T28] audit: type=1326 audit(1599451340.045:2089): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14131 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:20 executing program 5: process_vm_writev(0x0, &(0x7f0000c22000)=[{&(0x7f0000001b40)=""/3, 0x1f80}], 0x2, &(0x7f0000001b00)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1000000000000258, 0x0) 04:02:21 executing program 3: r0 = syz_open_dev$video4linux(0x0, 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:21 executing program 1: r0 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000080), 0x8) 04:02:21 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) r0 = eventfd2(0x0, 0x0) io_setup(0x9, &(0x7f0000000340)=0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r2 = socket(0x10, 0x80002, 0x0) io_submit(r1, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) sendmmsg$inet_sctp(r2, &(0x7f0000001540)=[{&(0x7f0000000040)=@in6={0xa, 0x4e24, 0x2, @private0, 0x7}, 0x1c, &(0x7f00000011c0)=[{&(0x7f0000000080)="4f53c5f913e11248b1712d4df61b00e3636ddaadc62db2df8348ca8dc74fa05cee3c879d9ef54996d5541748570f995ee4eb274be3284bcb151802e1dd9abe8392395043b6466fc75f94c9c0", 0x4c}, {&(0x7f0000000100)="5949fd904b7332d02aec792394e641cdfc6f9cb5285e9935cfbe4686b470f9d1d88b6be8f955524e19e2f44dc9e789f47d36c43c8900ba3a97f96f0299cc135dd964d440fb63fcf358dbea0a27da4237ccc402b25359febc2d403c", 0x5b}, {&(0x7f00000001c0)="bcd0d2c837775e227020a1bcd6846923e8c0098b415fe7fa4ca1cb95913da1493ef6fdb7fdf629c8fed3421e49dadacb33a887d0a27a8dc22b7bd0a8c83535eeb74484bf443b7444e8b61f449ee1cc0c4f1a8132d8a57af32873afd8624e15502609841e0178b325f9ca552f4e186ddc889657e4ed22cbd66589c0c03ecfc14541ac3645b820cafe470a0a4d8e01b8f770ac25e9558a317be272392f70df8cbebdc6e1c6db35e7638a1576e85e95a6863e8c84729d4b91a9d20f587abeed75db8d9268438d9e9ee871d56fcab9130a0c19f0bc403dcfe9fcfdf28c772826c40557f4779b3ef87f01c3a34f2dbff460f91c13401eeebd90a61d3f31ac562147a626c67808d6e7592dce69edcdaa088f00aa2fe613cf625c5eb23ff6c025524f48712046267850bea18747e0c5e4d09963ec14de60b4e9503fdfb9d187e296f2d3fa6f66c2e577b17710dbffd86a9c6098a9e9400dd5179d3c4567a89f3ee7348848ce5319f2142635dc9b9bd8edd834c9ca0189b6272ce9dfa8193fde4bec4bc921500b94cc53274a4ae2bd36ec5c738c8095ca84b9f3ea950ed5d592b66bbf9637512bd0dd804702f34b822e4340605bca0915348bd548c975d2c6e816ab8cc18721eff24c4b12be5cb293a1444bb5c47bea80a4cb2b3c933107aac3e1026b1aa578d5a86889b31248c807a57a0a035ec3da86b0eb81aec6708b02e3f77faa4d54755c3eaf3a30c277472caacfeb078973223614beff45f3629e2734535e7988d282bb51fbc8b8aeaccc22eb0def39d93cef560b62015078db1f404fc77d9dadc1c678b2a0b04d4d333895bb910a71340ac733697439d1af333e1c3c8b773d1c697bb27884333a0e5de6237e24a80b1c49525a9579da0f73d7a8302c168e2273c0c8b986ac51f4e8b2ea3788b925b77f71a921ae0f5a1653c51b8b856b224b2ad005540ec02d37d24c2e1a737382770fb1b983037558737076a324e57c589087654e2817ad3efa4294cb01150183871457de05dc14182278471c73d1700690f670b12f39c5952a849e3c5439c499f9dbc6cb612a329904958481f8788407c9c125a5a062e6d3e439dce77460799d06e8d9d9e8fa8a40e403d2cfc1eb9845c7951bdc65c3b35ce8b6c8d268e1485e6a92788ec2f821e5c5b5a039444b12d1f490cdb48a9503e203131b2b4d00432877bac002e5677030566a8c64e4ecddd9b097fb82d00a50ce66a019200bc6441a78e74b508f82dbe191ec4d53a749d173f17d3c8f78d2e5377b97bab76d15fdb0f20e889e286d70fc90d4a28371191fabf8b1efd86b0725c0d1262fc4f3f622cbbbf41411122a265e697d3af4cd595ba80ac0dd05d376189c8e500b117c12bdb1215b88ee054f43961ea25bd3aa4d014d4ca9656373d2303c626d5b0553602ee392118c3b36e92caf2a385a73ce0ba48430312df29b3faa799cf8e107b03bb8e56393cb3ada2c372e9d5a0ca2d08a0c055f8d0ac8cb35469dfe40b6657006374d0942809c8031eff0f01abe739649e3b378100a4e362b81d4f80d7ea8debe561630b86b53657616b2a9739f1e0e4480ee75cc2f1d4194a2a1f3ceb1b90fb4d8e56223ba31978e0a96c1c93e40545e25bda24a6a07a18a4a938f3eb9703fb5390a4c2e6c939adbd335b057b6fb0735939a5db4d50150c81dbd4ac40c373f032390e003792241e040f67004654b017e6d5fe7256fc789975e616cc6645e73f10166c45312389a4c51280f65f83c3e92a0df25e1234275b2a0387ed08d925b6373b8ccbe528612822d46902888e68abe82790e6316e14af7166481776674e7428d1c93e2eab0f511981eea129b06ec2c93496cc8e2f351876b327131250db7d10e941ab76b10a5df4e6815465c2937e00cc8437af3b0d546c619748e5613ac5ae3dc8f3fdc6c7868c4856a7d8f772063c61fd7555d0cb64b4afbec855b137f88e286d74ea51817cbd486a4c69d73a5a7f99f7b7d0020f54aeaf24d8a9ba7219dbc8f501bd92dffc37010493078fdbc51862d9b1ae2f7289ebed649cc8204fb4b5d0a541eb6ba69c1f97428d628f0241cddd328db85492d92afa697892570114599e5473375fe496578f04eba1a0ba84465f3e301e38b0a7f84cdbfca1d66523b4293eeae7f4cafe6af310c2054ffac7b0f6c69bc96be8d3743fe6dbfed7cdcac8a3e6d2274290b70557fe1bc6b34cd42ea98dc71e7bd270eae266ef5231818aadeb5a4f5b7e843951d89d5cc05d05bb91e5a3d7f1bdee2d61cb1d6704bb08965c49fd9d0b52a9901f5f152cf02241e51df140dbc3178ac23e2607d4c843fb2d94929b2a2903738ed7ae756f8282b9e8b8d4113e217704e5d69d3c65b2b0d7adcf402e1fb198051e43bdb0c0bfe31f0045035a05a6910588098681dc8d957bc1267b7e5066e476d3f51674ae9ea91497b3ad3d6843cf84e0b62ed42d99037a4fc023ff7e20d1cd737287170d5c97acf37023b30b23a178994f8082e072a5ac1e14fb22150957e66deb5342476c5259ce5d6a047c3afd014cda4f9f518589302cf0bef6fe3dfd89ece2eb403d30aeefb490c7263dde9fec069d2c146461adf26cfa9afecefa982097836bd8b673261aab9890497c8382c9ae4cd9c59625e6134ce71eb198f052d610f1dacd95e57d66f0cded202f0b1ff21af657768b943e967ac6d72f6f86d278a4441cc731953716c4522b6f19595e2bea320eb197c05dffdac1fa7f87ff2bd509cc67e19238562ee86a4387dd5abefc618feaf69631eab8cd4e1df747dc7e2791c0603e6ac3ffabb82313f0c43122493b73b3deca6fd6a192b0212227c9d53c4229206b3e04d35de9e9b7dbdf7030267c22a75fb0b7ceb178cc6535709df3adafaa44139a704e7ab470febcc0447bd1d25b5fe01a77ac170faf02bbffe7d18920e42ccd01e097cb0dfa333cbf42c0c6a4e74c53d28431c34942f53a6d9dc33643959207b6051c3248bc38cb0d07ab4028e45f688a9cd849ded4d77b21714e8124a15d9bdad610bdc433adba8af4d9364a40e8b6bc7db3382f94a4cf57719bd70762e4733d4ed112c514449e3deb59435386ab0c296316c1b4afbc7aca87dd877dc2df5b71e4c61981c075c26135dd5936c4d9cef65d30fc8b3267e0833ff45f0bc0a517f6b883dfc6be8ef9ca5f573065c7d844f6aebf1d304abe4e19c7a4b120d9f913514d19bf5a76d15f439ecebb12df55862deedc712d3a17c79d77854e7a29e3781fa3d6df068c167adc11937ba7363c10912fec0f913fff5f13a4cb5fd6e8cffe8ec38c33dabcdc6affbf7cb24f4fb84a66155ad78b21f9a15d811044492bfe49b07a3135337cf5f06e1f065c75c428827a6ba12a4743de4dc454ee192b7c26a6c4ece696a738d953a61e829b5b6430bf2164164dae732aabe8788ec619359115e76b5d67d8e6cae29df75da264238748d4eb413e1d50030388d60bf0d6cf6f617f5f8dc26a54f928fe4d518bd44788757168080300a0720ec2c40bfe5b11826fb463b421ba785286eba3321f45533730ac255efe969dedfe709cc7fb74729f09ea3dc5737f6ba9c7a767e39ef32f8b80e3bf4cf48144e6594e6f73d8778ab0f7ce741dc4eb70b1e5225c63f6de652089aa0a5ca42d14736e475a39354c176496e480dba432b520b38045edf6d39ab78a5e55652ef3fbdef434d4fbbeeb6fbaf65f396344c1430dc9118da79c76f08baf018f3ba9f1a8a2769e51bcb606b9e7b2f2c8d665ab45f09e824036c0647b6c411e70f3f635a9e4c94b87a7a37f7831429fb92f1447d1bfd9eeb94f23ad659963aa192e96aade212870512d9138063b3d5df12d89ea461b100b341624d52627e9fe57996c9731c01a9a3cce762d21e3635b9215cc46be5afd03ac0a564f33c84edd67abd3c66f37b9f8877a397239c6748f7d481402db3c1bd9c9d02b822f8eb87cf0ff7a232bd6645f74ff5151c27afd75a9c8deb4f717579f2bb8baad4149a744ff60a8f74351451516ab6fb7737d17323dda1362bc0e4dcdae8aaefd245c6b45a3ae0beee0f33a7b35071ec0ccbe18d77804bf95c54b1292f3801e8e40f5d8e52baa907ed91aab30a6dc21b65a68ab42e86e322618237e8831cd63ec32da88e2eed87795aa9514434d901da92479eb049ab4cea31214e488b839f6e337c29757fa90ba4631830d6b0efd885f9bbf59eddb5e6213a0ce8f3786bd93656098a5a90f1b74cdc883ef74f94d31a10bccfcc6e4fe3095609576392cc829ea6de104c761dfc44f615a33759262239bd059afaa3acf74ca8141d5a15629ee6d0982ab6fc0bb556415eeb4e1e5baa6eae1810e180ac369cf2c44c4b1a100c3a8ea37fc658dbcc97f2705ea2bab1a03cc2fb0fe1af9211b1159da4ce84725e0c2eeb4194c912c60b140ba7eda85aa0f118c2e46990b271d6798b89aa26ed3fa3e4c5d91c8146c96047c2e997206dbf7993f38b44d02f0960130be3cf7a49daa86e6d412a5af8c8b46a9867ad8c167097b50d9cf19be930b2cc65e255a313473a860bed83069b9a8ba720649b9746725569e2e11d0cb4f51fd540aa49b029b7478eb4ac0d91985501ab6175ce0e44cc45d5d139b7e7f64c6babe57162fbbb9a1bd0d4ceb6dcadb33da8a39d0fde0c047a21bb080bdf6861795ff4b48fcb4b60f89253403c8d8d16a42fbb9b236cef751e49836d09c8d4aa5ab8f25f9e9080a9fdd12db8f65a1675aab9f36eef170273df58c5d939e7b59f377ca24198625f15947947e9e65b6dcf78a5903c2c45280a82a9963339694b53f4bed6c8448bab12c2ea044ab3798755a394e0d181fa1b035ccb949d34b90e3119d2bd3bdc53ab17948d2e68db3bdabe7d96275d353a304452df3fe16408fb2ff4754e744195360643dd7bc1f62b7ca71fc2000d95a614005306679865045194f6e0594994d4982e5664c77034d8b5bce2b080f4b4b773451cee1869da9474bab783e34af9eae48390727d6068a46f70a714fd2aa63cfc962d636e8417612898e45ef7eb28937d7a37f74b3088b4ea0dc59190cb647ea3d15ab487f21df174ae50b118ae138f4625cc27d4defdfb7f2186e3f7e9ae33639ab9baa0f926453e20ccb3115700bc9aa11abe68124f56e3f9964d20d99abe8499d39913418c9252ba778cc3eb518ee30fda1ad34c2f451ea19453a924e6a03619c0dbfae5ca5faf244768e02beb92075691004b5af51086a6248a305ff58ef4e8da8f9d10186e4d8cd41a3af6e2a8993d733d21d4ab76cf0643ff1d3c1d9b36281e05c1e451a89c5321aa4caa3382e5b8e419df841aabcdb2dcb9caf069019411c24af00b4164e115cfed934f6efd921bb38a2f43c3d35c29254fea90d60f5b7c389d0e6efc51d5213c0cf653cdba83371c3851f28bb3fcb44005c393836f05d3e41ad9683c3ca90ae2063bda7c8e36eb5f0f609583b546755ab227e6bd575b8bfa9d608bc6f448eacd6c545ae56acd7f6b8e8857d5d4f97cc8705121360cc014c2d5c673f1b8b85d598b01afa4e61f7d2b26da50cf1aa9f7e93227e757410402585e88dc1404ef785a87b248b4674a33ebed93f140e1d55add3bd6d043ee05e7ae57d98441abb0bd23c7cbc8c155a488612178836b853dc5316457663b0ab31be709705b3df6cac3c419c861c7c8aef9122350755ed9fd40e7017bcea54f85418478b7133d29dde68499f4a6441518289ff0b3cb471b235fabf74bc98a9f41e5fbf26c934cbf02519e73c32c260d159e5ab35e059a78f8f4e43c198cf9e1bad73e84d1b6f6dc48f395994f57671b", 0x1000}], 0x3, &(0x7f0000001200)=[@dstaddrv6={0x1c, 0x84, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @prinfo={0x14, 0x84, 0x5, {0x30}}, @dstaddrv4={0x10, 0x84, 0x7, @local}, @init={0x14, 0x84, 0x0, {0x7, 0x3, 0x8000, 0x8000}}, @authinfo={0x10, 0x84, 0x6, {0x8000}}], 0x64, 0x8c0}, {&(0x7f0000001280)=@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000014c0)=[{&(0x7f00000012c0)="66d02a2d3d86d89326765b5171617b180103ed8ce7ba367e01a10eef92d78cdd8f20a5176928db25a4470a44a0668745ee772274620516be3fb551f550a9f51f198d35bb55a0a05c975e166e3eae02fde26fd40d091bd50efe45a8c72d6760aca51741cfd2ad24c3cf0170b4f8ea3438fdf3b83d00cb3994a7f77ae6ed2d7123dcb5221dc7170a1bc54650bbafe1c85c3534a41c98b0ae36cc1a9e30e74d", 0x9e}, {&(0x7f0000001380)="9ef11d08eb62c38f24ac5f8ab958fb2d5fa727b7cc722108c8794fb268ed240b86dd09bc3c0f8621954de4cdd2302c1e13890de6fb1a0557a1fbf51d64b51a1a1d3334cc9e53b6b2ade39e52dfe9ba866b13e476438bd2e6a7842ac4d3f46534178992489dad89b923accfe89e93d229616e8bb8037a207ef3e3b0ab56cb49986c9276e4bd8e30fbc9115f10c9e44df252f66b8b5ae09382fed3", 0x9a}, {&(0x7f0000001440)="4da6c21a9dfcc53220bfb529e879dca7eaf92172ecbd986aa490d5f2e5c9b7f3164c31ce5c68ff49fcab68dc807e9871556693546e1a541458d481f3c83c7dba3fd8c05e14", 0x45}], 0x3, &(0x7f0000001500)=[@sndrcv={0x2c, 0x84, 0x1, {0xfff9, 0x20, 0x820a, 0xce98, 0x3, 0x6, 0x6, 0xec24}}], 0x2c, 0x40}], 0x2, 0x8000) 04:02:21 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) ioctl$TCSETAF(0xffffffffffffffff, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:21 executing program 5: remap_file_pages(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0xfffffffffffffffd, 0x0) 04:02:21 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e5515"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:21 executing program 3: r0 = syz_open_dev$video4linux(0x0, 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@ipv6_delrule={0x2c, 0x21, 0x2cca8308ba941b3d, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_FWMASK={0x8}, @FIB_RULE_POLICY=@FRA_FWMARK={0x8, 0xa, 0x8}]}, 0x2c}}, 0x0) [ 728.022457][T14188] mmap: syz-executor.5 (14188) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 04:02:22 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) ioctl$TCSETAF(0xffffffffffffffff, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:22 executing program 5: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000001200)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf200000000000001500000063a700002d0301000000000095000000000000006916000000000000bf670000000000004506000023ff07002706000020000000070300000fe60060bf050000000000000f650000000000006507f9ff01000000070700004c0000001f75000000000000bf540000000000000704000004000b607e3601000000000095000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f2278af0100008000000000b1d8a5d4601d2969571e98c5f6b8d8c31bc51429b05c45a6a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf70d742a8100000000000000810b5b40d893d98fe0185473d51b546cad3f1d5af65727546e7c955ccefa1f6ab689fde4de4e63ede20271a51445dc8da39e5b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cda32a673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbbea2040b401e3738270b315d362ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a711c8829a6c0a7b72118d46d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7eab04871bc47287cd31cc43ea0ffa567b40407d00000000000000e98a523d80bd0d0d703f37ca363f601ae899a53f6715a0a62a34b0c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe394ac000000000000000000000000000000437d57deeb70b0b27df3ad08e95062aaf10be740626609a756673ade6d4b25a8464acc46db5b40a48bf045e487efaa5aa84a6ac79b994138a60d3238ac21245b6c788a0691fa8a851d112039e0d976db881324273f74eafbc57e92774c8b7cd776874a20ecccf094f7bfa2fe57d65750078e4d184f72775c6832301fdde30d8bf2d0a3a0ce840b62fe1a5b00"/916], &(0x7f0000000100)='GPL\x00'}, 0x48) 04:02:22 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = accept4$inet(0xffffffffffffffff, &(0x7f00000005c0)={0x2, 0x0, @empty}, &(0x7f0000000600)=0x10, 0x800) r1 = openat$hwrng(0xffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x100, 0x0) sendmsg$IPSET_CMD_SWAP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x58, 0x6, 0x6, 0x3, 0x0, 0x0, {0xc}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x80}, 0x0) getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000640)=""/252, &(0x7f0000000740)=0xfc) r2 = openat$vsock(0xffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x1400, 0x0) ioctl$CAPI_GET_FLAGS(r2, 0x80044323, &(0x7f0000000080)) eventfd2(0x7, 0x0) 04:02:22 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e5515"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:22 executing program 3: r0 = syz_open_dev$video4linux(0x0, 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f00000001c0)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:02:22 executing program 2: openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) [ 729.104827][T14206] Unknown ioctl -2147204317 [ 729.205456][T14210] Unknown ioctl -2147204317 [ 729.447487][T14208] kvm [14204]: vcpu0, guest rIP: 0x145 Hyper-V unhandled rdmsr: 0x40000005 [ 729.557596][T14215] [U] ^^ 04:02:23 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:23 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x9, 0x0, 0x0, 0x7f7c0001}]}) r0 = openat$vcs(0xffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x4002, 0x0) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000140)={'veth1_to_bond\x00', 0x3}) eventfd2(0x0, 0x0) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x901) ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f00000000c0)={0x1, {0xeae6, 0x1, 0x6, 0x7fff, 0x9, 0x5}}) ioctl$SIOCAX25DELUID(r1, 0x89e2, &(0x7f0000000080)={0x3, @default, 0xffffffffffffffff}) 04:02:23 executing program 2: openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:23 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:23 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000500)=@filter={'filter\x00', 0xe, 0x4, 0x298, 0xffffffff, 0x130, 0x125, 0x0, 0xffffffff, 0xffffffff, 0x200, 0x200, 0x200, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00'}}, {{@ip={@multicast2, @local, 0x0, 0x0, 'team0\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00'}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'bond0\x00', 'team0\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @remote}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f8) [ 730.290194][T14230] [U] ^^ 04:02:24 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) write$qrtrtun(r0, &(0x7f00000000c0)="2688a73dae82d15bd625d9a1559af090491b5a", 0x13) 04:02:24 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:24 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) r0 = eventfd2(0x0, 0x0) io_setup(0x9, &(0x7f0000000340)=0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r2 = socket(0x10, 0x80002, 0x0) io_submit(r1, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) getpeername$llc(r2, &(0x7f0000000040), &(0x7f0000000080)=0x10) 04:02:24 executing program 2: openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="0400050900000000666174000404090a0200027400f801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') mkdir(&(0x7f0000000180)='./file0\x00', 0x0) unshare(0x400) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0x82307201, &(0x7f00000001c0)) 04:02:24 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 730.961235][T14241] [U] ^^ 04:02:25 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) [ 731.148634][ T28] kauditd_printk_skb: 38 callbacks suppressed [ 731.148695][ T28] audit: type=1326 audit(1599451345.105:2128): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14248 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 731.178402][ T28] audit: type=1326 audit(1599451345.105:2129): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14248 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 731.201770][ T28] audit: type=1326 audit(1599451345.105:2130): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14248 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 731.225083][ T28] audit: type=1326 audit(1599451345.105:2131): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14248 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 731.256942][ T28] audit: type=1326 audit(1599451345.105:2132): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14248 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:25 executing program 2: ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) [ 731.291738][ T28] audit: type=1326 audit(1599451345.245:2133): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14248 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:25 executing program 1: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000240012800900010069706970000000001400028008000100", @ANYRES32, @ANYBLOB="080003"], 0x44}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, 0x0}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 04:02:25 executing program 3: syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:25 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={r2, 0x0, 0xfffffff8}, 0x10) 04:02:25 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 731.904792][T14263] [U] ^^ 04:02:26 executing program 2: ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:26 executing program 3: syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) [ 732.144686][ T28] audit: type=1326 audit(1599451346.095:2134): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14272 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 732.262955][ T28] audit: type=1326 audit(1599451346.135:2135): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14272 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 732.286557][ T28] audit: type=1326 audit(1599451346.135:2136): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14272 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 732.309914][ T28] audit: type=1326 audit(1599451346.155:2137): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14272 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:26 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x4, 0x5, 0x0, 0x2}]}) eventfd2(0x0, 0x0) [ 732.587101][T14280] [U] ^^ 04:02:26 executing program 3: syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {0x3010}, [0x8]}) 04:02:26 executing program 2: ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:26 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) set_mempolicy(0x1, &(0x7f0000000040)=0xea6, 0x2003) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10) 04:02:26 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e2"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:27 executing program 0: r0 = openat$proc_capi20(0xffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x80, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='pids.events\x00', 0x0, 0x0) ioctl$TCGETS2(r1, 0x802c542a, &(0x7f0000000180)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x8, &(0x7f0000000040)=[{0x40, 0x1, 0x80, 0x6}, {0x40, 0x7f, 0x20, 0x8}, {0x2, 0x7, 0x7, 0xfffffc01}, {0x3, 0xff, 0x0, 0x1f}, {0x20, 0x0, 0x3f, 0x3}, {0x180, 0x20, 0x5, 0xdb22}, {0x3, 0x37, 0xf3, 0x7}, {0x7ff, 0x5, 0x3, 0x3}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) ioctl$USBDEVFS_DROP_PRIVILEGES(r3, 0x4004551e, &(0x7f0000000140)=0x2) eventfd2(0x0, 0x0) [ 733.268988][T14292] [U] ^^ 04:02:27 executing program 5: r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x2, 0x0, 0x4) 04:02:27 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:27 executing program 1: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0x4}}, @TCA_EGRESS_BLOCK={0x8}]}, 0x40}}, 0x0) 04:02:27 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, 0x0) 04:02:27 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) r0 = creat(&(0x7f0000000080)='./file0\x00', 0x40) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) 04:02:27 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x9, 0x4, 0x40, 0x1}, 0x40) r1 = dup(r0) unshare(0x2a000400) bpf$MAP_UPDATE_BATCH(0x19, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1}, 0x38) [ 733.958893][T14306] [U] ^^ 04:02:28 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e2"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:28 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, 0x0) 04:02:28 executing program 1: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a) write(r0, &(0x7f0000000000)="240000001a005f3814f9f407000904018000000000000006170000000800040040000000", 0x24) 04:02:28 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:28 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x50, 0x0, 0x40}]}) eventfd2(0x0, 0x0) r0 = eventfd2(0x0, 0x0) io_setup(0x9, &(0x7f0000000340)=0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r2 = socket(0x10, 0x80002, 0x0) io_submit(r1, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) r3 = eventfd2(0x0, 0x0) io_setup(0x9, &(0x7f0000000340)=0x0) readv(r3, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r5 = socket(0x10, 0x80002, 0x0) r6 = getpid() process_vm_readv(r6, &(0x7f0000000140)=[{&(0x7f00000000c0)}, {&(0x7f00000001c0)=""/204, 0xcc}], 0x2, &(0x7f0000000540)=[{&(0x7f00000002c0)=""/29, 0x1d}, {&(0x7f0000000380)=""/84, 0x54}, {&(0x7f0000000300)=""/15, 0xf}, {&(0x7f0000000400)=""/48, 0x30}, {&(0x7f0000000440)=""/208, 0xd0}], 0x5, 0x0) io_submit(r4, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x1, r3}]) r7 = openat$dlm_plock(0xffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x3, 0x0) setsockopt$RDS_CONG_MONITOR(r7, 0x114, 0x6, &(0x7f0000000100)=0x1, 0x4) [ 734.763112][T14326] [U] ^^ 04:02:28 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000)='ethtool\x00') sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x38, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x5}, @ETHTOOL_A_BITSET_VALUE={0x4}]}]}, 0x38}}, 0x0) 04:02:28 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x60, &(0x7f0000000240)="f7f249b9740c0764ca04f400befbf2f3c921bf3c0f339e57f4f21016a5b60a00088024c30e478947d190ac0000009038396bb68e4053cd0c42727a81b1af4915e96c43607a144f6543b6faf143e648fcbde4967033f51be252a22ea40c942224"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 04:02:28 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, 0x0) 04:02:28 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:29 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e2"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010000d0700000000ff03000000000010", @ANYRES32=r2, @ANYBLOB="00000000e60000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb, 0x1, 'bridge\x00'}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x3c}}, 0x0) r8 = socket$packet(0x11, 0x3, 0x300) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0x2c, 0x10, 0x825, 0x0, 0x0, {0xa, 0x0, 0x0, r9}, [@IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x2c}}, 0x0) [ 735.460868][T14343] [U] ^^ 04:02:29 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, [0x8]}) 04:02:29 executing program 2: openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:29 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be5265"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:29 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, [0x8]}) [ 735.933354][T14354] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 736.159303][T14357] bond3: (slave bridge1): making interface the new active one [ 736.174170][T14357] bond3: (slave bridge1): Enslaving as an active interface with an up link [ 736.190236][T14356] [U] ^^ [ 736.301436][T14357] netlink: 'syz-executor.1': attribute type 1 has an invalid length. 04:02:30 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, [0x8]}) [ 736.377319][T14354] bond3: (slave bridge2): Enslaving as an active interface with a down link 04:02:30 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x20, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:30 executing program 2: openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) [ 736.848854][T14406] [U] ^^ [ 737.640651][ T0] NOHZ: local_softirq_pending 08 04:02:32 executing program 5: r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'caif0\x00', &(0x7f0000000240)=ANY=[]}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_link_settings={0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}) 04:02:32 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be5265"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:32 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000000a40)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r0, 0x800455d1, &(0x7f00000005c0)) 04:02:32 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:32 executing program 2: openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:32 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000200)='/dev/v4l-subdev#\x00', 0x401, 0x0) ioctl$VIDIOC_EXPBUF(r0, 0x4020565a, &(0x7f00000001c0)) [ 738.392662][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 738.392720][ T28] audit: type=1326 audit(1599451352.345:2155): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14423 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x0 [ 738.485455][T14426] [U] ^^ 04:02:32 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="48000000100005074e00"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000024000705000000000000000000001f00", @ANYRES32=r4, @ANYBLOB="00000400f1ffffff0000000008000100687462001c0002001800020003"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)=@delchain={0x34, 0x28, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x0, 0xffff}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x4}}]}, 0x34}}, 0x0) 04:02:32 executing program 1: ioperm(0x0, 0x3fc, 0xa) prctl$PR_MCE_KILL(0x35, 0x1, 0x2) 04:02:32 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, 0x0) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:32 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be5265"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:32 executing program 5: perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000033c0)=[{{0x0, 0x0, &(0x7f0000001bc0)=[{0x0}], 0x1, 0x0, 0x0, 0x2000}}], 0x1, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.threads\x00', 0x2, 0x0) preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0, 0x0) [ 739.179063][T14442] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 739.183370][ T28] audit: type=1326 audit(1599451353.135:2156): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14423 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x0 [ 739.299317][T14441] [U] ^^ [ 739.364395][T14448] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 04:02:33 executing program 1: r0 = socket$inet(0x2, 0x2000080001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1a000}], 0x1}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x32a, &(0x7f0000000440)=[{&(0x7f00000015c0)=""/4096, 0xfffc}], 0x1}}], 0xffffff1f, 0x0, 0x0) 04:02:33 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, 0x0) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:33 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}, {0xa01c, 0x5, 0x79, 0x2}, {0x76, 0x7, 0xde, 0x81}]}) ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000200)={0x0, @reserved}) eventfd2(0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0xc0684113, &(0x7f0000000040)={0x0, 0x3720, 0x0, 0x4, 0x8, 0x5, 0x5, 0x7, 0x7, 0x8, 0x3, 0x1}) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, &(0x7f00000001c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000100), 0xffffffffffffffff, 0x402a}}, 0x18) ioctl$IMDELTIMER(0xffffffffffffffff, 0x80044941, &(0x7f0000000400)=0x1) r0 = openat$btrfs_control(0xffffff9c, &(0x7f00000002c0)='/dev/btrfs-control\x00', 0x301000, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000300)=""/170, &(0x7f00000003c0)=0xaa) 04:02:33 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) 04:02:33 executing program 5: perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() getpid() rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000100)) r0 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000180)="f5b90fbf8569fd74ed7ddb2fea193ce8d7ee2de376a563da4624443ed9c26199c2fa85b85dd60a14", 0x28, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 04:02:34 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e501"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 740.094475][T14462] [U] ^^ 04:02:34 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, 0x0) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:34 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = eventfd2(0x0, 0x801) r1 = signalfd4(r0, &(0x7f0000000040)={[0x40, 0x5]}, 0x8, 0x800) getsockopt$inet_dccp_int(r1, 0x21, 0x4, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$PPPIOCSACTIVE(r1, 0x40087446, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x9, 0x81, 0x86, 0x20}]}) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) listen(r3, 0x0) sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRES32=r2, @ANYRES16=r2, @ANYRES64=r2, @ANYRESOCT, @ANYRESDEC=r3, @ANYRESDEC=0x0]) read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r4}, 0x50) write$FUSE_IOCTL(r1, &(0x7f0000000080)={0x20, 0x0, r4, {0x2, 0x4, 0x6, 0x40}}, 0x20) 04:02:34 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0xa, 0x7, 0xfd5, 0x9}, 0x40) bpf$MAP_CREATE(0x3, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2c) [ 741.101704][T14480] [U] ^^ 04:02:35 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e501"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:35 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:35 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f00000005c0), 0x4) 04:02:35 executing program 1: r0 = socket$inet(0x2, 0x2000080001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1a000}], 0x1}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x32a, &(0x7f0000000440)=[{&(0x7f00000015c0)=""/4096, 0xfffc}], 0x1}}], 0xffffff1f, 0x0, 0x0) 04:02:35 executing program 3: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000e40)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4ac106b29e220dc28dac7259945654c4e6f3fe2d1dee18f638ac947b5e026a3287c84ccc72876ef3834293812e927c01c7daffffffdfc7f2ed1084a12f56d1cb398dff1db3df9858837458a4ca037605000000b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94615e49c0bc9a20819e02cc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e89896e0b43e438c4e41ae43ea118e14ffffffffe4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6e4af130b7d98b215ba22f43115f4d39dc7a0edb130d9f2be90133a4500000058b8c9370634060105baa664950dadbc5a09631156bc8715b985a8a63d4c9fc570de6e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8604a4f279b3bd6621bdf2c17bc0400000000000000ff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb695cc425fe203d0f2655a76865c2c34e2470fcfb1248c09af93a09fab1daae4b518d7a5d95a017864487367d66cf27409c60fca2e0004000000000000a9cb6fca7844f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf033f120bd715d82033f2fb752fc9e0d77b294e097e293db58992c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2278a03bf7700b06fa191ebd3bec2ef0058ffebd7ccde2480ae40d6156edc4ef81f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074192c48c63384f52b8eeb70571e5bbb3e6d2b5eba51aff0f00008981811f832d064048c0674053d0e160e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae46c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e87501000100000000001cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8d0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc3492bddc2000060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c84892c97c80987e5c7954e9f3694d116b01ce0b8ef953de70e7ce0311c8b018956f8a42ca26ab295f1ecf607a8dc38ff25f415a1bd46b38845ebca04061bacbf627f798c7f520078fee48f83b5989543729e36a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a314a6f0b9352be92986d63263b1aa5264cb4a82cf080d768f42237abfa56a6632624c9c3a3c88c915e1f87808d0711dd76f2977ca7f2684bfa5c14ae913dc9d61d34e4e9851e81d4a355abf43d917c16a2bb0cfb284fcfde901576954ef59e4a658ca431be123b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb463c407f87dafd6199f9ddd1f62da58ca7d3297d6a1bfc5a9aa38a05e70591d5cdab1c268ef3c1984c7c51566cfc2ab6e6fbc99ec206a54fb49056a555414178ef00d8b873c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d018e7a1d0afa285706841aac9ccc89df41c39dd58403f8972e8049c681d1185f6a01fdd70569dde45f8ad62edc65828fbb6e279f745d2872f0c08635e465ca443a6a64c7803760880af23fb3f438a5d11fffc96dd1cb951642f14f0d17289c43d4aee2127f7a343899434594cc23e1c864164e130754b337e520f285dc670a31241bfb43ac62fc7f985586168483427072a535f2cac81ec261c8aa9df6dbc47aefe821b43e38cd1480372a66effcde93715922ba8ae8979adf43629162f4f55faee515b6793e9e6799fc2319cbfcab3b01f0cb91b4ae0396b9ffed2acce2a7b6a00000000000000007557a6aadfaa0500000040526d6e200bb94d7a77bf5d5abdc14090210efdafd1dfcaba6cf1cd00d3f3b0b0601d7c7eb57a42c210cc06ccf7f31028f5810f0fd249c6fefd139cdbe0044b877ab0a84011fe7ffe9e11f76052654df20929980e7e46beafdea6467a70a3dce7f078c9005546af5d1fe687a61da9fa0de04df717526c528fff0c81c6e9dcc9c4c039d0f997cc0f205b094cb4271a00740fbb7dc6ee0652ae3d9aac8eaccdbff2e01884dfb2dc27bea6d65773765ab7fabacf8fbd06c0a03b373b8e8853da50ef2f00662e2f226f48598a0ab4251c5b3f7bd1c2b3180b07a165055b594ac7847ce9f64b27f3d899c075e4f90d7989b9c3bcd7db1110c2e55a7fdffebca72d2f5400000000000000000000001a57e5213276bd4327e56edb4dc5c53f092d7731aa878e11f191c603e26fcb75bd71d208c48f079d46f250c0986fcea9d0fd928d0c91c7c557f0d1d7af5a7ae8162d932f593ead70be49016666d524fc25509b4dced2b022eef21f4e790d84db9cbf365d09d186cb5e3f25083f96b21b51e133b1ca54d9513297df9e9b61ec4f14086c64bb5ee5236fc2b28a366844a2abd08953badfde215addda397aa1d356adb4aa6a22d1ef35d0b399060716874a84a99cb1d5302e4064acb29eaa9ace803423fda840db1dea91ebc46b6b316a5b10001b7348ffdd6841e110842533d5016ea182416c4b"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe80, 0x3f00, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000638877fbac141429e0", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28) [ 741.977213][ T28] audit: type=1326 audit(1599451355.935:2157): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14479 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:36 executing program 5: r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='mqueue\x00', &(0x7f0000000140)='mqueue\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)='ppp1[\x00', &(0x7f00000004c0)='\x15\xcc\x10\xddu\xfe\x7f\xcb\f\xc6\xc1^N\xec\x95\xa5\x9a~\x8f\xba[\xaeC(\xbf\xf31\xee\x00\xfc\xd4\xc2\x7f\xb9\x8f\x94k\x85n\x9f\x1e\xf7\xee\xb7\x00\x8bg$?OM+\x9d\x1f\x05\xf4\x8d%\xf6\xb5l\x8f\xaf<\xef\"V\x9f\xde\xf5\xa6\xe8\xa0\x99R}\xa9\x83\xd9\xe2\xfa}\xaf\xf3\xc0\xd0\x81to\xe9k4U1\xea\xa3\xa2F\x01\xf2$\xd8\xea\xe0 I\xa8\xd4\nYp\x9c-P\x90\xea?o\xc4\x17]cW\xd5\xa9Y\x8d\xffp\x9a\n;\xb8\xf1)e\x7f\xc8G\x8dv\xfb\xe3\x03\x10WV\xfa\xed\xb7\xee\x1eW\xc7\xbc\xe3S\x97\x00'/171, 0x0) dup3(r1, r0, 0x0) 04:02:36 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x0, &(0x7f0000000180)}) eventfd2(0x0, 0x0) 04:02:36 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e501"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:36 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:37 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000240)={0x38, 0x1, 0x9, 0x401, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x24, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @loopback}}}]}]}, 0x38}}, 0x0) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x24, 0x0, 0x9, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFCTH_TUPLE={0x4}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x2}}]}, 0x24}}, 0x0) 04:02:37 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) fsync(0xffffffffffffffff) eventfd2(0x2, 0x0) 04:02:37 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:37 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5c"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000100000001e6c0006000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a01050000000000000000000000000400048009000200dd387d00000000000900010073797a3000000000080003"], 0x80}}, 0x0) 04:02:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="b49915270425cbdbe1f87d3d738617f41196ad45e71a61dcaf9727e42c1f610fbe7cf4dbce06165c3d75d3261eba59f8a2fe7abac9a805214f416963811544b9a492a7c847be060de22582696cc0d0f0a96c574dbb6abe164386af60def6e8b1d22b789e691644c4604b0cab838ae6723318fb794bb113e32953a06df60666facd5ade36ea527541769ad08966ebdf246bf423343e65b000628201ce49cb1f524ab652edfd063b6cbda2021be5c13daecd43d59b445d82fb30145d5bede62e932ce2915c8f58d843ebaea70e6b0ee96fe5a2fb296ed57dd07035c5f91845842df4f81792a86fabfb6542c1218263558468d5b866a6aa3e2db7317cdba5787b1bc2d79f97f2509497f48533dda0f2f6c71d0be7d3469b49f64dbcd3453c259495a73cbc750fe28e9d8096234c0e1e70576993f46072603f30700d7c505d9e3c712e70", 0x142, 0xfffffffffffffffd) r1 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000400)={'syz', 0x0}, &(0x7f0000000480)="988a82babf2414e8c0eddbb5df11e757278f2f5352ebf3538ea4bc564ae15d5826790f121ef03e5356324359678b71d472b16b6852b98c7f175b1bf997a63ea8bf210085dc9293a11d9dad99196b22298a9f76e83125d71f973572bfca889119f6d96431cf021941f37dda3f3dc9ff90f4d403c801405d197fa186040bc7c9315451f93f645929f73b1113503ce8a95dccfd54b9614216fe9ac99cbf417a4deadf", 0xa1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f00000017c0)={r0, r0, r1}, 0x0, 0x0, &(0x7f0000001900)={&(0x7f0000001880)={'blake2b-160\x00'}}) [ 743.913097][T14520] netlink: 'syz-executor.5': attribute type 2 has an invalid length. [ 743.921497][T14520] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 743.996583][ T28] audit: type=1326 audit(1599451357.945:2158): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14517 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 744.170420][ T28] audit: type=1326 audit(1599451357.975:2159): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14517 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 744.202646][ T28] audit: type=1326 audit(1599451357.975:2160): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14517 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 744.225956][ T28] audit: type=1326 audit(1599451357.975:2161): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14517 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 744.249359][ T28] audit: type=1326 audit(1599451357.975:2162): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14517 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 744.272627][ T28] audit: type=1326 audit(1599451357.995:2163): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14517 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 744.296293][ T28] audit: type=1326 audit(1599451357.995:2164): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14517 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:38 executing program 5: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002940)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6c00000030003b05000000000000000000000000580001005400010009000100766c616e00000000280002801c000200000002"], 0x6c}}, 0x0) 04:02:38 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}, {0xfffc, 0x9, 0x6, 0x5a67}]}) eventfd2(0x0, 0x0) 04:02:38 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:38 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/1, 0x1}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x132, &(0x7f0000000240)="f7f249b9740c0764ca04b400befbf2f3c921bf3c0f339e57f4f21016a5b60a00088024c30e478947d190ac0000009038396bb68e4053cd0c65727a81b1af4915e96c43607a144f6543b6faf143e648fcbde4967033f51be252a22ea40c9422247185569bdffc58cff1685babdf7d77ac6c0ceb6e4d48ec30cd70a1a381611750c5a0848886f1e31994b00400000060d441a0b9777c243bccd3ff8bfc59a323235d9e3bc4442f31a1046924fa8bc1374961b6f2256df197e2824843e18fa643f50ef92e06c29349336b401a17576e1c42793b572195edca29ea7be8db994ce41f2cf3fc8b0bdf76758bee68eb0dff3e8e7db9c1b5ca9f42c651601f4ffdb9c29afc7d4c827cd1b7da08adbb97423b75b676838f23dce9020329912cd8a841a45b8622544643744e550768e5b2126e6401447e"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 04:02:38 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5c"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 745.056631][T14536] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. [ 745.066302][T14536] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 04:02:39 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0xfffffffffffffffe, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x200000000006, 0x8, 0x86, 0x7ffc0001}]}) r0 = openat$vcsa(0xffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x1, 0x0) bind$l2tp(r0, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) eventfd2(0x0, 0x0) r1 = openat2(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x402c0, 0x5, 0x11}, 0x18) setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f0000000680)={@pppoe={0x18, 0x0, {0x1, @dev={[], 0x11}, 'rose0\x00'}}, {&(0x7f00000005c0)=""/73, 0x49}, &(0x7f0000000640), 0x2}, 0xa0) syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f00000001c0)='./file1\x00', 0x400, 0x1, &(0x7f0000000240)=[{&(0x7f0000000200)="8206ead06134ec18f20270ff7fb64c109cf388120e79736542fdf8bd6b0fba2a516b2eda", 0x24, 0x65a8}], 0x800000, &(0x7f0000000740)=ANY=[@ANYBLOB="2c7375626a5f74797000000000000000000000000000000000000000000000c8c4f5d6fe9389a534d269a96c39ea9deab3c2fbbb6c21cb2a1c78008737e444b997590808581eee4830e8d78374dac8f37978122a946556e2c385b6c6a4d934d942564070402f9e3423a83f829198b7855b958cec7646483103799cc88e8a8e68816970eb2816042fbbf144a623bbb874a2463df8c56790b79477020678603229f306d07b3607a32a4f66ea7c86d899d78274787700"]) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000380), 0xd6, 0x0, &(0x7f0000000800)="94ee6ec31d5c2f582983f7ac8f3da8998c3ed447bae5fb241f58167785313c7135b0f79cbfa21f1a0ceaaa5fc109064a88f25609e8597086097cd35a801c84c18e032853c1b0bccdd55dd44b11ad3e2e54c1850803339520570441dbf279ce77b8e0c9a4398e59cce38e998872ae5b0f8d6af52e7c31181ef8e0c85f33c08c72ebbb32d9875af46d647e79f8f29dfbf08ec10e9f974b36e82bf7eab0f0b1730f9a2873d108eb2d80d6fd9f3252d419618f2751c3beacd0c194a9484d77d778ca6dc5f3fea449dda564356312c1b3d70dd11fed4d26d7"}) ioctl$SOUND_MIXER_READ_RECMASK(r0, 0x80044dfd, &(0x7f0000000180)) 04:02:39 executing program 5: ioctl$NBD_SET_SOCK(0xffffffffffffffff, 0xab00, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000240)="0201a5ffffff0a000000ff45ac00000000000500080000000000000035070000000000000000e10000008877007200300700a6ffffff00faffffff7f00da55aa", 0x40, 0x1c0}]) 04:02:39 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) [ 745.923005][T14553] FAT-fs (loop0): Unrecognized mount option "subj_typ" or missing value [ 746.158820][T14558] FAT-fs (loop0): Unrecognized mount option "subj_typ" or missing value 04:02:40 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) [ 746.196538][T14557] loop5: p1 p2 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p2 [ 746.196579][T14557] loop5: partition table partially beyond EOD, truncated [ 746.302320][T14557] loop5: p1 start 10 is beyond EOD, truncated [ 746.308635][T14557] loop5: p2 size 2 extends beyond EOD, truncated 04:02:40 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5c"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 746.354934][T14557] loop5: p3 start 225 is beyond EOD, truncated [ 746.361990][T14557] loop5: p4 start 4294965760 is beyond EOD, truncated [ 746.369114][T14557] loop5: p5 start 10 is beyond EOD, truncated [ 746.375309][T14557] loop5: p6 start 10 is beyond EOD, truncated [ 746.381619][T14557] loop5: p7 start 10 is beyond EOD, truncated [ 746.387924][T14557] loop5: p8 start 10 is beyond EOD, truncated [ 746.394064][T14557] loop5: p9 start 10 is beyond EOD, truncated [ 746.400376][T14557] loop5: p10 start 10 is beyond EOD, truncated [ 746.406864][T14557] loop5: p11 start 10 is beyond EOD, truncated [ 746.413108][T14557] loop5: p12 start 10 is beyond EOD, truncated [ 746.419539][T14557] loop5: p13 start 10 is beyond EOD, truncated [ 746.425779][T14557] loop5: p14 start 10 is beyond EOD, truncated [ 746.432537][T14557] loop5: p15 start 10 is beyond EOD, truncated [ 746.439306][T14557] loop5: p16 start 10 is beyond EOD, truncated [ 746.445536][T14557] loop5: p17 start 10 is beyond EOD, truncated [ 746.451980][T14557] loop5: p18 start 10 is beyond EOD, truncated [ 746.458369][T14557] loop5: p19 start 10 is beyond EOD, truncated [ 746.464636][T14557] loop5: p20 start 10 is beyond EOD, truncated [ 746.471152][T14557] loop5: p21 start 10 is beyond EOD, truncated [ 746.477546][T14557] loop5: p22 start 10 is beyond EOD, truncated [ 746.483870][T14557] loop5: p23 start 10 is beyond EOD, truncated [ 746.490339][T14557] loop5: p24 start 10 is beyond EOD, truncated [ 746.496884][T14557] loop5: p25 start 10 is beyond EOD, truncated [ 746.503117][T14557] loop5: p26 start 10 is beyond EOD, truncated [ 746.509607][T14557] loop5: p27 start 10 is beyond EOD, truncated [ 746.515832][T14557] loop5: p28 start 10 is beyond EOD, truncated [ 746.522288][T14557] loop5: p29 start 10 is beyond EOD, truncated [ 746.528696][T14557] loop5: p30 start 10 is beyond EOD, truncated [ 746.534934][T14557] loop5: p31 start 10 is beyond EOD, truncated [ 746.541348][T14557] loop5: p32 start 10 is beyond EOD, truncated [ 746.547758][T14557] loop5: p33 start 10 is beyond EOD, truncated [ 746.553988][T14557] loop5: p34 start 10 is beyond EOD, truncated [ 746.560380][T14557] loop5: p35 start 10 is beyond EOD, truncated [ 746.566935][T14557] loop5: p36 start 10 is beyond EOD, truncated [ 746.573164][T14557] loop5: p37 start 10 is beyond EOD, truncated [ 746.579565][T14557] loop5: p38 start 10 is beyond EOD, truncated [ 746.585808][T14557] loop5: p39 start 10 is beyond EOD, truncated [ 746.592240][T14557] loop5: p40 start 10 is beyond EOD, truncated [ 746.604445][T14557] loop5: p41 start 10 is beyond EOD, truncated [ 746.610844][T14557] loop5: p42 start 10 is beyond EOD, truncated [ 746.617308][T14557] loop5: p43 start 10 is beyond EOD, truncated [ 746.624683][T14557] loop5: p44 start 10 is beyond EOD, truncated [ 746.631075][T14557] loop5: p45 start 10 is beyond EOD, truncated [ 746.637474][T14557] loop5: p46 start 10 is beyond EOD, truncated [ 746.643728][T14557] loop5: p47 start 10 is beyond EOD, truncated [ 746.650118][T14557] loop5: p48 start 10 is beyond EOD, truncated [ 746.656501][T14557] loop5: p49 start 10 is beyond EOD, truncated [ 746.662725][T14557] loop5: p50 start 10 is beyond EOD, truncated [ 746.669104][T14557] loop5: p51 start 10 is beyond EOD, truncated [ 746.675359][T14557] loop5: p52 start 10 is beyond EOD, truncated [ 746.681733][T14557] loop5: p53 start 10 is beyond EOD, truncated [ 746.688158][T14557] loop5: p54 start 10 is beyond EOD, truncated [ 746.694384][T14557] loop5: p55 start 10 is beyond EOD, truncated [ 746.700787][T14557] loop5: p56 start 10 is beyond EOD, truncated [ 746.707147][T14557] loop5: p57 start 10 is beyond EOD, truncated [ 746.713380][T14557] loop5: p58 start 10 is beyond EOD, truncated [ 746.719776][T14557] loop5: p59 start 10 is beyond EOD, truncated [ 746.726000][T14557] loop5: p60 start 10 is beyond EOD, truncated [ 746.732393][T14557] loop5: p61 start 10 is beyond EOD, truncated [ 746.738785][T14557] loop5: p62 start 10 is beyond EOD, truncated [ 746.745189][T14557] loop5: p63 start 10 is beyond EOD, truncated [ 746.751575][T14557] loop5: p64 start 10 is beyond EOD, truncated [ 746.758166][T14557] loop5: p65 start 10 is beyond EOD, truncated [ 746.764405][T14557] loop5: p66 start 10 is beyond EOD, truncated [ 746.770720][T14557] loop5: p67 start 10 is beyond EOD, truncated [ 746.777036][T14557] loop5: p68 start 10 is beyond EOD, truncated [ 746.783279][T14557] loop5: p69 start 10 is beyond EOD, truncated [ 746.789613][T14557] loop5: p70 start 10 is beyond EOD, truncated [ 746.795834][T14557] loop5: p71 start 10 is beyond EOD, truncated 04:02:40 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = eventfd2(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f0000000040)={&(0x7f0000ffd000/0x1000)=nil, 0x1000}) readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r4 = socket(0x5, 0x80002, 0x0) io_submit(0x0, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1}]) r5 = eventfd2(0x0, 0x0) io_setup(0x9, &(0x7f0000000340)=0x0) readv(r5, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r7 = socket(0x10, 0x80002, 0x0) io_submit(r6, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x1, r5}]) r8 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r8, &(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r8, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) listen(r8, 0x0) sendto$inet(r8, 0x0, 0x0, 0x0, 0x0, 0x0) io_submit(0x0, 0x4, &(0x7f0000000540)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)="d57d3a07e31518c3a9a81d9c7e191cbaf66263b815d01cf73b69947e15011aa279befc3c6515060af7aeee81fd2cd6dfbe27d8829c043d2b082cc7aec428dcdb7e56cdf8c76d94985e76ed91366f5d93cc1742d2253004127b63472395e666da393707ae95e9ae852ea0d2a943a771d41be285fb4c573678f7c159bcfecca7b4e1c0095b432ef4082951fe7e7221a55ba651fed1f947478b1128fd6978ff170dea2d2ec41bb10ff1922ad126629e348bf7e826a5f4f7e31729e6e810637742980e8a1e999ddef94548d0068c719a08fbeb1e0cac7fbc29c872fde5bd24270fa9917520ad0c8b381c87e9959f3b4c7485fe7f4714d5ee", 0xf6, 0xa44b, 0x0, 0x2}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x5f63, r1, &(0x7f00000002c0)="4e4226c062a1187af95054becdc67a38c18f3ee9d8fa9dcebf530bd4e0a66401c7fb4f7c6f0c0d533a0075178f338b44e0daca22728fca829bf607b7844c1e2c967efb16ef657ec31f222ab711a05de606e9ffeaec87d159df60", 0x5a, 0xfffffffffffffffe, 0x0, 0x1}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0xb, r3, &(0x7f0000000340)="77c54d0c109e81eb0d94f041b733ddbaf7c8d5c02c4735f48ab29a300aa3026f19fb3fed08180c21d90f8dbd6b678d032fb5de7acd1bf698b943443a808e62c04d25d816b520e9cd959306262c1c1b33bce45bc7e30481584106dadb6d7ae54fe86292f96c624402012b5ebbc8b3981697bc3672686df1ec7d1adda2f7eff6dba2bb9b42223082e6445d8339c9655f6de4b225192a7bf9e1", 0x98, 0x9, 0x0, 0x3, r5}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x5, 0x2, r8, &(0x7f0000000440)="677c33b90577cc96f0c623bfa6d414985bbe83d079223264402356765b5f10755dcde39be766ef992ba3b2a0dd49834a63c28a9a1d2102e8d3c76ff1ee2ff5e804f719089c4ff65409aff0ccd716fbfd8cbd5121960a35b91fc426f1e51242d9b2fb2a142a897f873b0c863e9368c9b27f901cbd5da3768bb14b0c393a67b0b74ae9d18fcc929b7b222682bc69101fcaaf83e06a8352fca4de035f", 0x9b, 0x80000000, 0x0, 0x1, r0}]) [ 746.802169][T14557] loop5: p72 start 10 is beyond EOD, truncated [ 746.808486][T14557] loop5: p73 start 10 is beyond EOD, truncated [ 746.814738][T14557] loop5: p74 start 10 is beyond EOD, truncated [ 746.821091][T14557] loop5: p75 start 10 is beyond EOD, truncated [ 746.827458][T14557] loop5: p76 start 10 is beyond EOD, truncated [ 746.833683][T14557] loop5: p77 start 10 is beyond EOD, truncated [ 746.840038][T14557] loop5: p78 start 10 is beyond EOD, truncated [ 746.846387][T14557] loop5: p79 start 10 is beyond EOD, truncated [ 746.852628][T14557] loop5: p80 start 10 is beyond EOD, truncated [ 746.858998][T14557] loop5: p81 start 10 is beyond EOD, truncated [ 746.865231][T14557] loop5: p82 start 10 is beyond EOD, truncated [ 746.871589][T14557] loop5: p83 start 10 is beyond EOD, truncated [ 746.878029][T14557] loop5: p84 start 10 is beyond EOD, truncated [ 746.884290][T14557] loop5: p85 start 10 is beyond EOD, truncated [ 746.890648][T14557] loop5: p86 start 10 is beyond EOD, truncated [ 746.896993][T14557] loop5: p87 start 10 is beyond EOD, truncated [ 746.903237][T14557] loop5: p88 start 10 is beyond EOD, truncated [ 746.909586][T14557] loop5: p89 start 10 is beyond EOD, truncated [ 746.915899][T14557] loop5: p90 start 10 is beyond EOD, truncated [ 746.922273][T14557] loop5: p91 start 10 is beyond EOD, truncated [ 746.930904][T14557] loop5: p92 start 10 is beyond EOD, truncated [ 746.937237][T14557] loop5: p93 start 10 is beyond EOD, truncated [ 746.943489][T14557] loop5: p94 start 10 is beyond EOD, truncated [ 746.949848][T14557] loop5: p95 start 10 is beyond EOD, truncated [ 746.956203][T14557] loop5: p96 start 10 is beyond EOD, truncated [ 746.962450][T14557] loop5: p97 start 10 is beyond EOD, truncated [ 746.969503][T14557] loop5: p98 start 10 is beyond EOD, truncated [ 746.975765][T14557] loop5: p99 start 10 is beyond EOD, truncated [ 746.982155][T14557] loop5: p100 start 10 is beyond EOD, truncated [ 746.988586][T14557] loop5: p101 start 10 is beyond EOD, truncated [ 746.994930][T14557] loop5: p102 start 10 is beyond EOD, truncated [ 747.001383][T14557] loop5: p103 start 10 is beyond EOD, truncated [ 747.007830][T14557] loop5: p104 start 10 is beyond EOD, truncated [ 747.014177][T14557] loop5: p105 start 10 is beyond EOD, truncated [ 747.020602][T14557] loop5: p106 start 10 is beyond EOD, truncated [ 747.027073][T14557] loop5: p107 start 10 is beyond EOD, truncated [ 747.033402][T14557] loop5: p108 start 10 is beyond EOD, truncated [ 747.039824][T14557] loop5: p109 start 10 is beyond EOD, truncated [ 747.046289][T14557] loop5: p110 start 10 is beyond EOD, truncated [ 747.052597][T14557] loop5: p111 start 10 is beyond EOD, truncated [ 747.059024][T14557] loop5: p112 start 10 is beyond EOD, truncated [ 747.065379][T14557] loop5: p113 start 10 is beyond EOD, truncated [ 747.071811][T14557] loop5: p114 start 10 is beyond EOD, truncated [ 747.078251][T14557] loop5: p115 start 10 is beyond EOD, truncated [ 747.084577][T14557] loop5: p116 start 10 is beyond EOD, truncated [ 747.091009][T14557] loop5: p117 start 10 is beyond EOD, truncated [ 747.097470][T14557] loop5: p118 start 10 is beyond EOD, truncated [ 747.103841][T14557] loop5: p119 start 10 is beyond EOD, truncated [ 747.110291][T14557] loop5: p120 start 10 is beyond EOD, truncated [ 747.116728][T14557] loop5: p121 start 10 is beyond EOD, truncated [ 747.123062][T14557] loop5: p122 start 10 is beyond EOD, truncated [ 747.129502][T14557] loop5: p123 start 10 is beyond EOD, truncated [ 747.135859][T14557] loop5: p124 start 10 is beyond EOD, truncated [ 747.142303][T14557] loop5: p125 start 10 is beyond EOD, truncated [ 747.148735][T14557] loop5: p126 start 10 is beyond EOD, truncated [ 747.155090][T14557] loop5: p127 start 10 is beyond EOD, truncated [ 747.161721][T14557] loop5: p128 start 10 is beyond EOD, truncated [ 747.168177][T14557] loop5: p129 start 10 is beyond EOD, truncated [ 747.175308][T14557] loop5: p130 start 10 is beyond EOD, truncated [ 747.181739][T14557] loop5: p131 start 10 is beyond EOD, truncated [ 747.188181][T14557] loop5: p132 start 10 is beyond EOD, truncated [ 747.194516][T14557] loop5: p133 start 10 is beyond EOD, truncated [ 747.200925][T14557] loop5: p134 start 10 is beyond EOD, truncated [ 747.207330][T14557] loop5: p135 start 10 is beyond EOD, truncated [ 747.213657][T14557] loop5: p136 start 10 is beyond EOD, truncated [ 747.230177][T14557] loop5: p137 start 10 is beyond EOD, truncated [ 747.236641][T14557] loop5: p138 start 10 is beyond EOD, truncated [ 747.243056][T14557] loop5: p139 start 10 is beyond EOD, truncated [ 747.249790][T14557] loop5: p140 start 10 is beyond EOD, truncated [ 747.256219][T14557] loop5: p141 start 10 is beyond EOD, truncated [ 747.262528][T14557] loop5: p142 start 10 is beyond EOD, truncated [ 747.268970][T14557] loop5: p143 start 10 is beyond EOD, truncated [ 747.275297][T14557] loop5: p144 start 10 is beyond EOD, truncated [ 747.281729][T14557] loop5: p145 start 10 is beyond EOD, truncated [ 747.288155][T14557] loop5: p146 start 10 is beyond EOD, truncated [ 747.294479][T14557] loop5: p147 start 10 is beyond EOD, truncated [ 747.300936][T14557] loop5: p148 start 10 is beyond EOD, truncated [ 747.307355][T14557] loop5: p149 start 10 is beyond EOD, truncated [ 747.313768][T14557] loop5: p150 start 10 is beyond EOD, truncated [ 747.320220][T14557] loop5: p151 start 10 is beyond EOD, truncated [ 747.326657][T14557] loop5: p152 start 10 is beyond EOD, truncated [ 747.333001][T14557] loop5: p153 start 10 is beyond EOD, truncated [ 747.339471][T14557] loop5: p154 start 10 is beyond EOD, truncated [ 747.345827][T14557] loop5: p155 start 10 is beyond EOD, truncated [ 747.352260][T14557] loop5: p156 start 10 is beyond EOD, truncated [ 747.358701][T14557] loop5: p157 start 10 is beyond EOD, truncated [ 747.365025][T14557] loop5: p158 start 10 is beyond EOD, truncated [ 747.371439][T14557] loop5: p159 start 10 is beyond EOD, truncated [ 747.377889][T14557] loop5: p160 start 10 is beyond EOD, truncated [ 747.384193][T14557] loop5: p161 start 10 is beyond EOD, truncated [ 747.390609][T14557] loop5: p162 start 10 is beyond EOD, truncated [ 747.397029][T14557] loop5: p163 start 10 is beyond EOD, truncated [ 747.403377][T14557] loop5: p164 start 10 is beyond EOD, truncated [ 747.409790][T14557] loop5: p165 start 10 is beyond EOD, truncated [ 747.416201][T14557] loop5: p166 start 10 is beyond EOD, truncated [ 747.422544][T14557] loop5: p167 start 10 is beyond EOD, truncated [ 747.428982][T14557] loop5: p168 start 10 is beyond EOD, truncated [ 747.435316][T14557] loop5: p169 start 10 is beyond EOD, truncated [ 747.441764][T14557] loop5: p170 start 10 is beyond EOD, truncated [ 747.448195][T14557] loop5: p171 start 10 is beyond EOD, truncated [ 747.454514][T14557] loop5: p172 start 10 is beyond EOD, truncated [ 747.460947][T14557] loop5: p173 start 10 is beyond EOD, truncated [ 747.468161][T14557] loop5: p174 start 10 is beyond EOD, truncated [ 747.474490][T14557] loop5: p175 start 10 is beyond EOD, truncated [ 747.480932][T14557] loop5: p176 start 10 is beyond EOD, truncated [ 747.487339][T14557] loop5: p177 start 10 is beyond EOD, truncated [ 747.493673][T14557] loop5: p178 start 10 is beyond EOD, truncated [ 747.500179][T14557] loop5: p179 start 10 is beyond EOD, truncated [ 747.506603][T14557] loop5: p180 start 10 is beyond EOD, truncated [ 747.512921][T14557] loop5: p181 start 10 is beyond EOD, truncated [ 747.519347][T14557] loop5: p182 start 10 is beyond EOD, truncated [ 747.525669][T14557] loop5: p183 start 10 is beyond EOD, truncated [ 747.532093][T14557] loop5: p184 start 10 is beyond EOD, truncated [ 747.538521][T14557] loop5: p185 start 10 is beyond EOD, truncated [ 747.544895][T14557] loop5: p186 start 10 is beyond EOD, truncated [ 747.551320][T14557] loop5: p187 start 10 is beyond EOD, truncated [ 747.557750][T14557] loop5: p188 start 10 is beyond EOD, truncated [ 747.564072][T14557] loop5: p189 start 10 is beyond EOD, truncated [ 747.570490][T14557] loop5: p190 start 10 is beyond EOD, truncated [ 747.576934][T14557] loop5: p191 start 10 is beyond EOD, truncated [ 747.583257][T14557] loop5: p192 start 10 is beyond EOD, truncated [ 747.589680][T14557] loop5: p193 start 10 is beyond EOD, truncated [ 747.595983][T14557] loop5: p194 start 10 is beyond EOD, truncated [ 747.602407][T14557] loop5: p195 start 10 is beyond EOD, truncated [ 747.608822][T14557] loop5: p196 start 10 is beyond EOD, truncated [ 747.615168][T14557] loop5: p197 start 10 is beyond EOD, truncated [ 747.621582][T14557] loop5: p198 start 10 is beyond EOD, truncated [ 747.627988][T14557] loop5: p199 start 10 is beyond EOD, truncated [ 747.634304][T14557] loop5: p200 start 10 is beyond EOD, truncated [ 747.640742][T14557] loop5: p201 start 10 is beyond EOD, truncated [ 747.647149][T14557] loop5: p202 start 10 is beyond EOD, truncated [ 747.653471][T14557] loop5: p203 start 10 is beyond EOD, truncated [ 747.659894][T14557] loop5: p204 start 10 is beyond EOD, truncated [ 747.666294][T14557] loop5: p205 start 10 is beyond EOD, truncated [ 747.672599][T14557] loop5: p206 start 10 is beyond EOD, truncated [ 747.679028][T14557] loop5: p207 start 10 is beyond EOD, truncated [ 747.685342][T14557] loop5: p208 start 10 is beyond EOD, truncated [ 747.691771][T14557] loop5: p209 start 10 is beyond EOD, truncated [ 747.698182][T14557] loop5: p210 start 10 is beyond EOD, truncated [ 747.704500][T14557] loop5: p211 start 10 is beyond EOD, truncated [ 747.710917][T14557] loop5: p212 start 10 is beyond EOD, truncated [ 747.717322][T14557] loop5: p213 start 10 is beyond EOD, truncated [ 747.723645][T14557] loop5: p214 start 10 is beyond EOD, truncated [ 747.730079][T14557] loop5: p215 start 10 is beyond EOD, truncated [ 747.736481][T14557] loop5: p216 start 10 is beyond EOD, truncated [ 747.742788][T14557] loop5: p217 start 10 is beyond EOD, truncated [ 747.749203][T14557] loop5: p218 start 10 is beyond EOD, truncated [ 747.755539][T14557] loop5: p219 start 10 is beyond EOD, truncated [ 747.761971][T14557] loop5: p220 start 10 is beyond EOD, truncated [ 747.768388][T14557] loop5: p221 start 10 is beyond EOD, truncated [ 747.774697][T14557] loop5: p222 start 10 is beyond EOD, truncated [ 747.781144][T14557] loop5: p223 start 10 is beyond EOD, truncated [ 747.787567][T14557] loop5: p224 start 10 is beyond EOD, truncated [ 747.793885][T14557] loop5: p225 start 10 is beyond EOD, truncated [ 747.800317][T14557] loop5: p226 start 10 is beyond EOD, truncated [ 747.806741][T14557] loop5: p227 start 10 is beyond EOD, truncated [ 747.813043][T14557] loop5: p228 start 10 is beyond EOD, truncated [ 747.819446][T14557] loop5: p229 start 10 is beyond EOD, truncated [ 747.825770][T14557] loop5: p230 start 10 is beyond EOD, truncated [ 747.832189][T14557] loop5: p231 start 10 is beyond EOD, truncated [ 747.838614][T14557] loop5: p232 start 10 is beyond EOD, truncated [ 747.844955][T14557] loop5: p233 start 10 is beyond EOD, truncated [ 747.851389][T14557] loop5: p234 start 10 is beyond EOD, truncated [ 747.857799][T14557] loop5: p235 start 10 is beyond EOD, truncated [ 747.864121][T14557] loop5: p236 start 10 is beyond EOD, truncated [ 747.870543][T14557] loop5: p237 start 10 is beyond EOD, truncated [ 747.876942][T14557] loop5: p238 start 10 is beyond EOD, truncated [ 747.883262][T14557] loop5: p239 start 10 is beyond EOD, truncated [ 747.889687][T14557] loop5: p240 start 10 is beyond EOD, truncated [ 747.896121][T14557] loop5: p241 start 10 is beyond EOD, truncated [ 747.902434][T14557] loop5: p242 start 10 is beyond EOD, truncated [ 747.908865][T14557] loop5: p243 start 10 is beyond EOD, truncated [ 747.915182][T14557] loop5: p244 start 10 is beyond EOD, truncated [ 747.921606][T14557] loop5: p245 start 10 is beyond EOD, truncated [ 747.928044][T14557] loop5: p246 start 10 is beyond EOD, truncated [ 747.934354][T14557] loop5: p247 start 10 is beyond EOD, truncated [ 747.940786][T14557] loop5: p248 start 10 is beyond EOD, truncated [ 747.947286][T14557] loop5: p249 start 10 is beyond EOD, truncated [ 747.953606][T14557] loop5: p250 start 10 is beyond EOD, truncated [ 747.960031][T14557] loop5: p251 start 10 is beyond EOD, truncated [ 747.966433][T14557] loop5: p252 start 10 is beyond EOD, truncated [ 747.972745][T14557] loop5: p253 start 10 is beyond EOD, truncated [ 747.979182][T14557] loop5: p254 start 10 is beyond EOD, truncated [ 747.985493][T14557] loop5: p255 start 10 is beyond EOD, truncated [ 748.255509][ T4867] loop5: p1 p2 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p2 [ 748.255548][ T4867] loop5: partition table partially beyond EOD, truncated [ 748.358303][ T4867] loop5: p1 start 10 is beyond EOD, truncated [ 748.364437][ T4867] loop5: p2 size 2 extends beyond EOD, truncated [ 748.780357][ T28] audit: type=1326 audit(1599451362.735:2165): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 748.819212][ T28] audit: type=1326 audit(1599451362.765:2166): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 748.842618][ T28] audit: type=1326 audit(1599451362.765:2167): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 748.960098][ T4867] loop5: p3 start 225 is beyond EOD, truncated [ 748.966526][ T4867] loop5: p4 start 4294965760 is beyond EOD, truncated [ 748.973368][ T4867] loop5: p5 start 10 is beyond EOD, truncated [ 748.979738][ T4867] loop5: p6 start 10 is beyond EOD, truncated [ 748.985884][ T4867] loop5: p7 start 10 is beyond EOD, truncated [ 748.992160][ T4867] loop5: p8 start 10 is beyond EOD, truncated [ 748.998430][ T4867] loop5: p9 start 10 is beyond EOD, truncated [ 749.004568][ T4867] loop5: p10 start 10 is beyond EOD, truncated [ 749.012128][ T4867] loop5: p11 start 10 is beyond EOD, truncated [ 749.018470][ T4867] loop5: p12 start 10 is beyond EOD, truncated [ 749.024702][ T4867] loop5: p13 start 10 is beyond EOD, truncated [ 749.031080][ T4867] loop5: p14 start 10 is beyond EOD, truncated [ 749.037493][ T4867] loop5: p15 start 10 is beyond EOD, truncated [ 749.043721][ T4867] loop5: p16 start 10 is beyond EOD, truncated [ 749.050071][ T4867] loop5: p17 start 10 is beyond EOD, truncated [ 749.056401][ T4867] loop5: p18 start 10 is beyond EOD, truncated [ 749.062626][ T4867] loop5: p19 start 10 is beyond EOD, truncated [ 749.068961][ T4867] loop5: p20 start 10 is beyond EOD, truncated [ 749.075193][ T4867] loop5: p21 start 10 is beyond EOD, truncated [ 749.082585][ T4867] loop5: p22 start 10 is beyond EOD, truncated [ 749.088962][ T4867] loop5: p23 start 10 is beyond EOD, truncated [ 749.095222][ T4867] loop5: p24 start 10 is beyond EOD, truncated [ 749.101588][ T4867] loop5: p25 start 10 is beyond EOD, truncated [ 749.107959][ T4867] loop5: p26 start 10 is beyond EOD, truncated [ 749.114176][ T4867] loop5: p27 start 10 is beyond EOD, truncated [ 749.120525][ T4867] loop5: p28 start 10 is beyond EOD, truncated [ 749.126871][ T4867] loop5: p29 start 10 is beyond EOD, truncated [ 749.131257][ T28] audit: type=1326 audit(1599451362.815:2168): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.133130][ T4867] loop5: p30 start 10 is beyond EOD, truncated [ 749.156650][ T28] audit: type=1326 audit(1599451362.825:2169): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.162285][ T4867] loop5: p31 start 10 is beyond EOD, truncated [ 749.185211][ T28] audit: type=1326 audit(1599451362.825:2170): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.191380][ T4867] loop5: p32 start 10 is beyond EOD, truncated [ 749.214477][ T28] audit: type=1326 audit(1599451362.825:2171): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.220444][ T4867] loop5: p33 start 10 is beyond EOD, truncated [ 749.243506][ T28] audit: type=1326 audit(1599451362.825:2172): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.249774][ T4867] loop5: p34 start 10 is beyond EOD, truncated [ 749.272643][ T28] audit: type=1326 audit(1599451362.835:2173): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.278661][ T4867] loop5: p35 start 10 is beyond EOD, truncated [ 749.301734][ T28] audit: type=1326 audit(1599451362.835:2174): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=248 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.307752][ T4867] loop5: p36 start 10 is beyond EOD, truncated [ 749.330833][ T28] audit: type=1326 audit(1599451362.835:2175): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.336891][ T4867] loop5: p37 start 10 is beyond EOD, truncated [ 749.360071][ T28] audit: type=1326 audit(1599451362.835:2176): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 749.366038][ T4867] loop5: p38 start 10 is beyond EOD, truncated [ 749.394990][ T4867] loop5: p39 start 10 is beyond EOD, truncated [ 749.401381][ T4867] loop5: p40 start 10 is beyond EOD, truncated [ 749.407759][ T4867] loop5: p41 start 10 is beyond EOD, truncated [ 749.413986][ T4867] loop5: p42 start 10 is beyond EOD, truncated [ 749.420380][ T4867] loop5: p43 start 10 is beyond EOD, truncated [ 749.427039][ T4867] loop5: p44 start 10 is beyond EOD, truncated [ 749.433271][ T4867] loop5: p45 start 10 is beyond EOD, truncated [ 749.439679][ T4867] loop5: p46 start 10 is beyond EOD, truncated [ 749.445904][ T4867] loop5: p47 start 10 is beyond EOD, truncated [ 749.452345][ T4867] loop5: p48 start 10 is beyond EOD, truncated [ 749.458740][ T4867] loop5: p49 start 10 is beyond EOD, truncated [ 749.464980][ T4867] loop5: p50 start 10 is beyond EOD, truncated [ 749.471370][ T4867] loop5: p51 start 10 is beyond EOD, truncated [ 749.477739][ T4867] loop5: p52 start 10 is beyond EOD, truncated [ 749.483967][ T4867] loop5: p53 start 10 is beyond EOD, truncated [ 749.490348][ T4867] loop5: p54 start 10 is beyond EOD, truncated [ 749.496891][ T4867] loop5: p55 start 10 is beyond EOD, truncated [ 749.503128][ T4867] loop5: p56 start 10 is beyond EOD, truncated [ 749.509536][ T4867] loop5: p57 start 10 is beyond EOD, truncated [ 749.515756][ T4867] loop5: p58 start 10 is beyond EOD, truncated [ 749.522221][ T4867] loop5: p59 start 10 is beyond EOD, truncated [ 749.528601][ T4867] loop5: p60 start 10 is beyond EOD, truncated [ 749.534834][ T4867] loop5: p61 start 10 is beyond EOD, truncated [ 749.541235][ T4867] loop5: p62 start 10 is beyond EOD, truncated [ 749.547616][ T4867] loop5: p63 start 10 is beyond EOD, truncated [ 749.553832][ T4867] loop5: p64 start 10 is beyond EOD, truncated [ 749.560211][ T4867] loop5: p65 start 10 is beyond EOD, truncated [ 749.566676][ T4867] loop5: p66 start 10 is beyond EOD, truncated [ 749.572911][ T4867] loop5: p67 start 10 is beyond EOD, truncated [ 749.579297][ T4867] loop5: p68 start 10 is beyond EOD, truncated [ 749.585617][ T4867] loop5: p69 start 10 is beyond EOD, truncated [ 749.592017][ T4867] loop5: p70 start 10 is beyond EOD, truncated [ 749.598463][ T4867] loop5: p71 start 10 is beyond EOD, truncated [ 749.604688][ T4867] loop5: p72 start 10 is beyond EOD, truncated [ 749.611078][ T4867] loop5: p73 start 10 is beyond EOD, truncated [ 749.617450][ T4867] loop5: p74 start 10 is beyond EOD, truncated [ 749.623718][ T4867] loop5: p75 start 10 is beyond EOD, truncated [ 749.630096][ T4867] loop5: p76 start 10 is beyond EOD, truncated [ 749.636422][ T4867] loop5: p77 start 10 is beyond EOD, truncated [ 749.642656][ T4867] loop5: p78 start 10 is beyond EOD, truncated [ 749.649053][ T4867] loop5: p79 start 10 is beyond EOD, truncated [ 749.655271][ T4867] loop5: p80 start 10 is beyond EOD, truncated [ 749.661665][ T4867] loop5: p81 start 10 is beyond EOD, truncated [ 749.668091][ T4867] loop5: p82 start 10 is beyond EOD, truncated [ 749.674480][ T4867] loop5: p83 start 10 is beyond EOD, truncated [ 749.680839][ T4867] loop5: p84 start 10 is beyond EOD, truncated [ 749.687319][ T4867] loop5: p85 start 10 is beyond EOD, truncated [ 749.693541][ T4867] loop5: p86 start 10 is beyond EOD, truncated [ 749.699919][ T4867] loop5: p87 start 10 is beyond EOD, truncated [ 749.706316][ T4867] loop5: p88 start 10 is beyond EOD, truncated [ 749.712541][ T4867] loop5: p89 start 10 is beyond EOD, truncated [ 749.718964][ T4867] loop5: p90 start 10 is beyond EOD, truncated [ 749.725204][ T4867] loop5: p91 start 10 is beyond EOD, truncated [ 749.731603][ T4867] loop5: p92 start 10 is beyond EOD, truncated [ 749.737963][ T4867] loop5: p93 start 10 is beyond EOD, truncated [ 749.744185][ T4867] loop5: p94 start 10 is beyond EOD, truncated [ 749.750588][ T4867] loop5: p95 start 10 is beyond EOD, truncated [ 749.756906][ T4867] loop5: p96 start 10 is beyond EOD, truncated [ 749.763115][ T4867] loop5: p97 start 10 is beyond EOD, truncated [ 749.769662][ T4867] loop5: p98 start 10 is beyond EOD, truncated [ 749.775902][ T4867] loop5: p99 start 10 is beyond EOD, truncated [ 749.782215][ T4867] loop5: p100 start 10 is beyond EOD, truncated [ 749.788642][ T4867] loop5: p101 start 10 is beyond EOD, truncated [ 749.794942][ T4867] loop5: p102 start 10 is beyond EOD, truncated [ 749.801425][ T4867] loop5: p103 start 10 is beyond EOD, truncated [ 749.807847][ T4867] loop5: p104 start 10 is beyond EOD, truncated [ 749.814157][ T4867] loop5: p105 start 10 is beyond EOD, truncated [ 749.820578][ T4867] loop5: p106 start 10 is beyond EOD, truncated [ 749.826990][ T4867] loop5: p107 start 10 is beyond EOD, truncated [ 749.833299][ T4867] loop5: p108 start 10 is beyond EOD, truncated [ 749.839761][ T4867] loop5: p109 start 10 is beyond EOD, truncated [ 749.846164][ T4867] loop5: p110 start 10 is beyond EOD, truncated [ 749.852482][ T4867] loop5: p111 start 10 is beyond EOD, truncated [ 749.858916][ T4867] loop5: p112 start 10 is beyond EOD, truncated [ 749.865230][ T4867] loop5: p113 start 10 is beyond EOD, truncated [ 749.871658][ T4867] loop5: p114 start 10 is beyond EOD, truncated [ 749.878063][ T4867] loop5: p115 start 10 is beyond EOD, truncated [ 749.884363][ T4867] loop5: p116 start 10 is beyond EOD, truncated [ 749.890808][ T4867] loop5: p117 start 10 is beyond EOD, truncated [ 749.897210][ T4867] loop5: p118 start 10 is beyond EOD, truncated [ 749.903515][ T4867] loop5: p119 start 10 is beyond EOD, truncated [ 749.909994][ T4867] loop5: p120 start 10 is beyond EOD, truncated [ 749.916473][ T4867] loop5: p121 start 10 is beyond EOD, truncated [ 749.922783][ T4867] loop5: p122 start 10 is beyond EOD, truncated [ 749.929281][ T4867] loop5: p123 start 10 is beyond EOD, truncated [ 749.935593][ T4867] loop5: p124 start 10 is beyond EOD, truncated [ 749.942235][ T4867] loop5: p125 start 10 is beyond EOD, truncated [ 749.948721][ T4867] loop5: p126 start 10 is beyond EOD, truncated [ 749.955023][ T4867] loop5: p127 start 10 is beyond EOD, truncated [ 749.961490][ T4867] loop5: p128 start 10 is beyond EOD, truncated [ 749.967949][ T4867] loop5: p129 start 10 is beyond EOD, truncated [ 749.974264][ T4867] loop5: p130 start 10 is beyond EOD, truncated [ 749.980750][ T4867] loop5: p131 start 10 is beyond EOD, truncated [ 749.987212][ T4867] loop5: p132 start 10 is beyond EOD, truncated [ 749.993521][ T4867] loop5: p133 start 10 is beyond EOD, truncated [ 749.999984][ T4867] loop5: p134 start 10 is beyond EOD, truncated [ 750.006484][ T4867] loop5: p135 start 10 is beyond EOD, truncated [ 750.012790][ T4867] loop5: p136 start 10 is beyond EOD, truncated [ 750.019249][ T4867] loop5: p137 start 10 is beyond EOD, truncated [ 750.025562][ T4867] loop5: p138 start 10 is beyond EOD, truncated [ 750.032051][ T4867] loop5: p139 start 10 is beyond EOD, truncated [ 750.042281][ T4867] loop5: p140 start 10 is beyond EOD, truncated [ 750.048745][ T4867] loop5: p141 start 10 is beyond EOD, truncated [ 750.055050][ T4867] loop5: p142 start 10 is beyond EOD, truncated [ 750.061504][ T4867] loop5: p143 start 10 is beyond EOD, truncated [ 750.067936][ T4867] loop5: p144 start 10 is beyond EOD, truncated [ 750.074260][ T4867] loop5: p145 start 10 is beyond EOD, truncated [ 750.080733][ T4867] loop5: p146 start 10 is beyond EOD, truncated [ 750.087183][ T4867] loop5: p147 start 10 is beyond EOD, truncated [ 750.093503][ T4867] loop5: p148 start 10 is beyond EOD, truncated [ 750.099999][ T4867] loop5: p149 start 10 is beyond EOD, truncated [ 750.106434][ T4867] loop5: p150 start 10 is beyond EOD, truncated [ 750.112740][ T4867] loop5: p151 start 10 is beyond EOD, truncated [ 750.119214][ T4867] loop5: p152 start 10 is beyond EOD, truncated [ 750.125535][ T4867] loop5: p153 start 10 is beyond EOD, truncated [ 750.131991][ T4867] loop5: p154 start 10 is beyond EOD, truncated [ 750.138441][ T4867] loop5: p155 start 10 is beyond EOD, truncated [ 750.144763][ T4867] loop5: p156 start 10 is beyond EOD, truncated [ 750.151246][ T4867] loop5: p157 start 10 is beyond EOD, truncated [ 750.157776][ T4867] loop5: p158 start 10 is beyond EOD, truncated [ 750.164128][ T4867] loop5: p159 start 10 is beyond EOD, truncated [ 750.170614][ T4867] loop5: p160 start 10 is beyond EOD, truncated [ 750.177073][ T4867] loop5: p161 start 10 is beyond EOD, truncated [ 750.183384][ T4867] loop5: p162 start 10 is beyond EOD, truncated [ 750.189858][ T4867] loop5: p163 start 10 is beyond EOD, truncated [ 750.196303][ T4867] loop5: p164 start 10 is beyond EOD, truncated [ 750.202607][ T4867] loop5: p165 start 10 is beyond EOD, truncated [ 750.209081][ T4867] loop5: p166 start 10 is beyond EOD, truncated [ 750.215492][ T4867] loop5: p167 start 10 is beyond EOD, truncated [ 750.221958][ T4867] loop5: p168 start 10 is beyond EOD, truncated [ 750.228388][ T4867] loop5: p169 start 10 is beyond EOD, truncated [ 750.234697][ T4867] loop5: p170 start 10 is beyond EOD, truncated [ 750.241165][ T4867] loop5: p171 start 10 is beyond EOD, truncated [ 750.247605][ T4867] loop5: p172 start 10 is beyond EOD, truncated [ 750.253922][ T4867] loop5: p173 start 10 is beyond EOD, truncated [ 750.260381][ T4867] loop5: p174 start 10 is beyond EOD, truncated [ 750.266830][ T4867] loop5: p175 start 10 is beyond EOD, truncated [ 750.273150][ T4867] loop5: p176 start 10 is beyond EOD, truncated [ 750.279620][ T4867] loop5: p177 start 10 is beyond EOD, truncated [ 750.285931][ T4867] loop5: p178 start 10 is beyond EOD, truncated [ 750.292429][ T4867] loop5: p179 start 10 is beyond EOD, truncated [ 750.298892][ T4867] loop5: p180 start 10 is beyond EOD, truncated [ 750.305236][ T4867] loop5: p181 start 10 is beyond EOD, truncated [ 750.311714][ T4867] loop5: p182 start 10 is beyond EOD, truncated [ 750.318164][ T4867] loop5: p183 start 10 is beyond EOD, truncated [ 750.324487][ T4867] loop5: p184 start 10 is beyond EOD, truncated [ 750.330977][ T4867] loop5: p185 start 10 is beyond EOD, truncated [ 750.337412][ T4867] loop5: p186 start 10 is beyond EOD, truncated [ 750.343720][ T4867] loop5: p187 start 10 is beyond EOD, truncated [ 750.350181][ T4867] loop5: p188 start 10 is beyond EOD, truncated [ 750.356639][ T4867] loop5: p189 start 10 is beyond EOD, truncated [ 750.362949][ T4867] loop5: p190 start 10 is beyond EOD, truncated [ 750.369402][ T4867] loop5: p191 start 10 is beyond EOD, truncated [ 750.375718][ T4867] loop5: p192 start 10 is beyond EOD, truncated [ 750.382199][ T4867] loop5: p193 start 10 is beyond EOD, truncated [ 750.388641][ T4867] loop5: p194 start 10 is beyond EOD, truncated [ 750.394960][ T4867] loop5: p195 start 10 is beyond EOD, truncated [ 750.401439][ T4867] loop5: p196 start 10 is beyond EOD, truncated [ 750.407893][ T4867] loop5: p197 start 10 is beyond EOD, truncated [ 750.414207][ T4867] loop5: p198 start 10 is beyond EOD, truncated [ 750.420667][ T4867] loop5: p199 start 10 is beyond EOD, truncated [ 750.427122][ T4867] loop5: p200 start 10 is beyond EOD, truncated [ 750.433423][ T4867] loop5: p201 start 10 is beyond EOD, truncated [ 750.439877][ T4867] loop5: p202 start 10 is beyond EOD, truncated [ 750.446334][ T4867] loop5: p203 start 10 is beyond EOD, truncated [ 750.452652][ T4867] loop5: p204 start 10 is beyond EOD, truncated [ 750.459166][ T4867] loop5: p205 start 10 is beyond EOD, truncated [ 750.465500][ T4867] loop5: p206 start 10 is beyond EOD, truncated [ 750.471986][ T4867] loop5: p207 start 10 is beyond EOD, truncated [ 750.478487][ T4867] loop5: p208 start 10 is beyond EOD, truncated [ 750.484821][ T4867] loop5: p209 start 10 is beyond EOD, truncated [ 750.491314][ T4867] loop5: p210 start 10 is beyond EOD, truncated [ 750.497788][ T4867] loop5: p211 start 10 is beyond EOD, truncated [ 750.504132][ T4867] loop5: p212 start 10 is beyond EOD, truncated [ 750.510645][ T4867] loop5: p213 start 10 is beyond EOD, truncated [ 750.517105][ T4867] loop5: p214 start 10 is beyond EOD, truncated [ 750.523416][ T4867] loop5: p215 start 10 is beyond EOD, truncated [ 750.529911][ T4867] loop5: p216 start 10 is beyond EOD, truncated [ 750.536353][ T4867] loop5: p217 start 10 is beyond EOD, truncated [ 750.542741][ T4867] loop5: p218 start 10 is beyond EOD, truncated [ 750.549230][ T4867] loop5: p219 start 10 is beyond EOD, truncated [ 750.555640][ T4867] loop5: p220 start 10 is beyond EOD, truncated [ 750.562171][ T4867] loop5: p221 start 10 is beyond EOD, truncated [ 750.568708][ T4867] loop5: p222 start 10 is beyond EOD, truncated [ 750.575074][ T4867] loop5: p223 start 10 is beyond EOD, truncated [ 750.581603][ T4867] loop5: p224 start 10 is beyond EOD, truncated [ 750.588164][ T4867] loop5: p225 start 10 is beyond EOD, truncated [ 750.594477][ T4867] loop5: p226 start 10 is beyond EOD, truncated [ 750.600956][ T4867] loop5: p227 start 10 is beyond EOD, truncated [ 750.607445][ T4867] loop5: p228 start 10 is beyond EOD, truncated [ 750.613773][ T4867] loop5: p229 start 10 is beyond EOD, truncated [ 750.620282][ T4867] loop5: p230 start 10 is beyond EOD, truncated [ 750.626763][ T4867] loop5: p231 start 10 is beyond EOD, truncated [ 750.633109][ T4867] loop5: p232 start 10 is beyond EOD, truncated [ 750.639621][ T4867] loop5: p233 start 10 is beyond EOD, truncated [ 750.645957][ T4867] loop5: p234 start 10 is beyond EOD, truncated [ 750.652507][ T4867] loop5: p235 start 10 is beyond EOD, truncated [ 750.658980][ T4867] loop5: p236 start 10 is beyond EOD, truncated [ 750.665307][ T4867] loop5: p237 start 10 is beyond EOD, truncated [ 750.671814][ T4867] loop5: p238 start 10 is beyond EOD, truncated [ 750.678300][ T4867] loop5: p239 start 10 is beyond EOD, truncated [ 750.684615][ T4867] loop5: p240 start 10 is beyond EOD, truncated [ 750.691125][ T4867] loop5: p241 start 10 is beyond EOD, truncated [ 750.697613][ T4867] loop5: p242 start 10 is beyond EOD, truncated [ 750.703959][ T4867] loop5: p243 start 10 is beyond EOD, truncated [ 750.710462][ T4867] loop5: p244 start 10 is beyond EOD, truncated [ 750.716951][ T4867] loop5: p245 start 10 is beyond EOD, truncated [ 750.723295][ T4867] loop5: p246 start 10 is beyond EOD, truncated [ 750.729876][ T4867] loop5: p247 start 10 is beyond EOD, truncated [ 750.736373][ T4867] loop5: p248 start 10 is beyond EOD, truncated [ 750.742795][ T4867] loop5: p249 start 10 is beyond EOD, truncated [ 750.749306][ T4867] loop5: p250 start 10 is beyond EOD, truncated [ 750.755635][ T4867] loop5: p251 start 10 is beyond EOD, truncated [ 750.762138][ T4867] loop5: p252 start 10 is beyond EOD, truncated [ 750.768649][ T4867] loop5: p253 start 10 is beyond EOD, truncated [ 750.774981][ T4867] loop5: p254 start 10 is beyond EOD, truncated [ 750.781475][ T4867] loop5: p255 start 10 is beyond EOD, truncated 04:02:48 executing program 1: syz_io_uring_setup(0x6b4f, &(0x7f0000000240), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x0) 04:02:48 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r2, 0x29, 0x24, &(0x7f0000000040)=0x81, 0x4) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) r3 = socket$inet6(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$tun(r0, &(0x7f0000000280)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x8, 0x3a, 0x0, @empty, @mcast2, {[], @echo_request}}}}, 0x3a) 04:02:48 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:48 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(0xffffffffffffffff, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:48 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone3(&(0x7f0000000240)={0x240000, &(0x7f0000000040), &(0x7f0000000080)=0x0, &(0x7f00000000c0), {}, &(0x7f0000000100)=""/117, 0x75, &(0x7f00000001c0)=""/5, &(0x7f0000000200)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x3}, 0x58) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f00000002c0)=r0) eventfd2(0x0, 0x0) 04:02:48 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup2(r0, r1) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000080)=0xf, 0x4) [ 754.639922][ T28] audit: type=1326 audit(1599451368.595:2177): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 754.823686][ T28] audit: type=1326 audit(1599451368.775:2178): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 754.847250][ T28] audit: type=1326 audit(1599451368.775:2179): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:48 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(0xffffffffffffffff, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:49 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000140)={0x0, 0x0, 0x20}, &(0x7f0000000280)=0x18) [ 755.205098][ T28] audit: type=1326 audit(1599451368.835:2180): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 755.228766][ T28] audit: type=1326 audit(1599451368.835:2181): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=328 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 755.252225][ T28] audit: type=1326 audit(1599451368.835:2182): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 755.275502][ T28] audit: type=1326 audit(1599451368.835:2183): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 755.298868][ T28] audit: type=1326 audit(1599451368.835:2184): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 755.322257][ T28] audit: type=1326 audit(1599451369.085:2185): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:49 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x5e, &(0x7f0000000080)=[{0x200000000006, 0xe6, 0x0, 0x7ffc0011}, {0xffff, 0x63, 0xad, 0x9d1}, {0xec78, 0x2, 0x3, 0x2}, {0xc5, 0x6, 0x7, 0x66404e67}, {0x200, 0x6, 0x8, 0x5}, {0x6, 0x68, 0xb2, 0x9}]}) accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x80000) eventfd2(0x0, 0x0) [ 755.345563][ T28] audit: type=1326 audit(1599451369.085:2186): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14604 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:49 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:49 executing program 1: unshare(0x20040600) fsmount(0xffffffffffffffff, 0x0, 0x0) 04:02:49 executing program 5: set_mempolicy(0x8003, &(0x7f0000000300)=0xfff, 0x5) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x98, r1, 0x401, 0x0, 0x0, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_PEERS={0x68, 0x8, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x3c, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}]}, 0x98}}, 0x0) 04:02:49 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(0xffffffffffffffff, 0x5412, &(0x7f0000000000)={0x1e, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:50 executing program 3: unshare(0x400) bpf$BPF_MAP_FREEZE(0x15, 0x0, 0x0) 04:02:50 executing program 0: setsockopt$netrom_NETROM_T4(0xffffffffffffffff, 0x103, 0x6, &(0x7f0000000040)=0xfffffffa, 0x4) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:50 executing program 1: keyctl$search(0xa, 0x0, &(0x7f0000000080)='.dead\x00', 0x0, 0x0) 04:02:50 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:50 executing program 5: r0 = syz_io_uring_setup(0x1b46, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) r3 = socket$inet_sctp(0x2, 0x1, 0x84) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 04:02:50 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, 0x0) 04:02:50 executing program 1: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x4001, 0x3, 0x4d8, 0x0, 0x0, 0x148, 0x360, 0x148, 0x440, 0x240, 0x240, 0x440, 0x240, 0x3, 0x0, {[{{@ip={@local, @empty, 0x0, 0x0, 'ip6gretap0\x00', 'team_slave_0\x00'}, 0x0, 0x2f8, 0x360, 0x0, {}, [@common=@inet=@hashlimit1={{0x58, 'hashlimit\x00'}, {'lo\x00', {0x35, 0x2, 0x0, 0x0, 0x0, 0x40000ec, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @bytecode={0x2, 0x0, 0x0, [{0x0, 0x0, 0x0, 0x3d}]}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0xc0, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x538) 04:02:51 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmmsg(r0, &(0x7f0000005a00)=[{{&(0x7f0000000080)=@ll={0x11, 0x0, r3}, 0x67, 0x0}}, {{&(0x7f0000000340)=@pppoe={0x18, 0x0, {0x0, @multicast, 'veth0_vlan\x00'}}, 0x80, 0x0}}], 0x2, 0x0) r4 = eventfd2(0x0, 0x0) io_setup(0x9, &(0x7f0000000340)=0x0) readv(r4, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r6 = socket(0x10, 0x80002, 0x0) io_submit(r5, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x1, r4}]) getsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f0000000100), &(0x7f00000001c0)=0x4) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000040)={'ip6gre0\x00', r3, 0x4, 0x0, 0x4, 0x0, 0x0, @ipv4={[], [], @multicast2}, @dev={0xfe, 0x80, [], 0x2b}, 0x700, 0x1, 0x1, 0x100}}) eventfd2(0x0, 0x0) 04:02:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080)='devlink\x00') sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x4c, r1, 0x1, 0x0, 0x0, {0x3d}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd, 0x87, 'l2_drops\x00'}, {0x5}}]}, 0x4c}}, 0x0) 04:02:51 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3c) sendto$inet6(r0, 0x0, 0x0, 0x4000815, 0x0, 0x0) 04:02:51 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:51 executing program 1: ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000240)={{}, 0x0, 0x0, @inherit={0x60, 0x0}, @name="6e490d96bd27621b61a53a3c41383b77314fbe81fb76ed03037a6f4295a24f87a2bbbd82cc0d9dbdc14cff649a2bcdd34034179f06a8300517cab4ec675ae30a42f5c0360e2fddd6a6b9ce1d23d59d8ce74a04218d092c2e04b495721d700de212a879c321e3072542bb2f72469d0f0d7f4bb737c4cb7d9f4c699ecb87c0a252de9a6ad0a6e3c1083cf0f88803b1429a8c07e8800c0992af5b07d7fbbfd84331d91732e0fe916118833f38b60164d45d526ab7e63a7c6f15f9c2fe37b7fcc5d52908a698770a62e717871fdc33831274870d44f8281656fa0e538bb903ac0ba88990f1bdedf17aa91019714b3ffbef01adbc5ba5a4d9856d90f9a76fb8177a301237c3c37c59a75a98705b9d2de96a458d04796011488e9fac9b81b3893ffaafa89dc39e3fc57f39b6071d2f53c0c06c61504e8f4e9271ea83b971fdade0db32bfa53a30084ed7e7953ca6b26c6d73a53f678b3789b978daf6ead3ad935552945909916f3e89ddbdeb8f760d9c352f7b7aa576492eb1f6443a0d291ea9c65d0a10d0a2e1ffd0bb84cc4412f13742a1031b13662437a4861e3e1eea69c694d5f27c370349be873d3f27854882e87bc70448ce340de38c97c0da08c4f3af6567fb7e6ea984046d0feb706c224fd0a58d78eeac589e0bfedc6e5fba22390bc4d4a421effdb2211710eb6f0a0ce98ba7bfd2310fa2906d40ac96332f2fccd68c2f10c3fb0a7814ad96a4c5f0b36eadaa7de76a603b23149b976b1613f43bcd5738f49d365f346d1431ceb26c94933404f50f9d55136cb42fd5b103715af5ef70dd2052cc804d8ea359b7e1a2fa5ea0e65b4250e5dc5cff69c4df96c4cb561b97f9e1ee4dfd495febd5d97f302614e6cfcd84e4178b8ce52b8ce1385ad20bafebbdd23738274257cb6fb8903971c44a77999d3f2770a8892fd6d24f80317a4c1b4de4f9dc4a7454157a2dd80c3c0d3e6320bc3c81589052ebb641f4bdf865f2f55edaadc29156f1eab1da7b0a7b0b90bf73e74636a56d50810d5c550e37aa1073f76b13587cff81cc07195f574225ea4e5e61ac09700abcb4c66bf34705cbc2ced999e963f0a022ce592fd66be63031aaea817b7ae145f484c39066c3286b6b727fa7f011f9b32d7682aff336f027bedfccc002e22e874bc40f3f223d2697403fad7ea08f12005e2fd8e5ca75bc9af0de718bdcae7124271310e9b08912b2761b166d7a13a859b5a6c45c50f262f93f85dd87e667ad0f91ed8b827501e4b054e07e7521a8b5cb52646443e8568a25cc70571e2385c776d5c8b5f27102361fa425aa5843795879f760176c0ef5339ee7bfc08c4b8513d32eccef7017abbacf6391f879c6cef0961930a9a1d06aca959b2171d87f240cbf07e72eece8a52924d1edca84b8e917a53e0b06d9a068006fedb276137f797db4a308eb453749c109b9c040db98af532f92f9f4edf13cc9ed4789d321671e71d32cba8e34389b5f969699a668ef24ffe5b3046f33fc8913f910f8eb6d5349af04b20ae5e169156ffbec9383edaf0095509e5bb07f492e27b23fff12de8e422080410bc60b15fa4193261fef3586e72685d1bdb7d5da63f7bf5cf40281cdb637bcf44d12da70452d2f51787a7bbd459c1b23c2bc3def099419b54af01ccb34146afb281667b4434b7a95aa90aaeaa3d355192e7f96956b60d705ff68fa3d20d657e2bb40ad30da4b4f35e1a1aeda49ce73be04a66ea13ec0a09e3015dd91515bd5c1a511e2fca2767a8158f4a810a766638a769fbf255a69739c6b8b0aab2892a0d514de555ad2e24c8a3a9670efc9eed1c91d35c3517457ff6dda7c7d5df03fa61a483ae8aae9a2bbe3a56381e4f97462bede940a3fb3a6ef560980ec9e95915067c060c5423434236c0864ffc6d04831d1b9234538ac3a5a494bf530f71f0a510464c6a4c64ffae9811899fb427ee3424e9b3b9c77fc2a733e10a06ab0672c1b09954e1e9903cf6332dc9bf392c76a643376fc0511606dec0f1e387d5deccce7e03202df7b16a1d45862c890abdd35739ad30ee1dc71dd3b5907356d585cc7fa692a183020a71ed7f21c6de30de6798bfda718919f93d48ad51268871688585f6049861b7086ef15801ca63785461dad3a26e8fa3887c842ead976172ed81d3c2b406911c25c790d9946c3ce8304a28901ec81ed4b8d70ca0c4ac7e2f5039d1c9eb88d4d6f0c43ba906654434b4d8758d6c3ea0b53757e3ddd547ee3a5f0b87b49edca7daf68d878dd208e38d6b63acf5c6e99012d42a321d6e31be3794484eb3abcff5b8ef9b6f41a8a278edf4b4e9d4af852b7e08f3d417254390119b35210fdddcf7337d793c10ce4798f8fb04ddf1f79c84ba8adfcdf5c1e4aee3c42cb1c6f1957661a805b5980930be87df23c6b4390b14c0da2c8e0d46b4156d3cc5e767e60df23db1e04045a483cbc547fe299b821fff29317677bcbf59d3a9944a36ed9108188d6cdc326024f8d26cdb2a37c221d877525049fa45f7138716c9ab118d5518d9d3d83015ded7b8361ba012d366babd7fe7d22347e0d014001ef5a5b85454199b1c896dca5acadf9a12bc4765b2144272f8c30ace1eaa643e594a72349fee7a6e7aec9ef0095d1fc8e8a0c5343f1e9adf0d718db74e3692a3a6168560fe43ac4f4d3108f2e5c6c530aad67164e09708051cfe5f923ce9708847e1ef169e585e1fda1824a20e6d6d51efa8d1610ef92e70f27dec6e9ca8dd118242000b5a0803e0b80dcd168e7c01d11bf84739dd6925e901355daa5a575c30307874441d00a35789b078b49f86e6683d5b60eac11bafc572006924314fab3ed24819aec2e064099f6637b9a5766e92f0204a9d7e4d61593e943bad3443bcceb139a9984af24fc028bc7d9f8062801e44fa10d4bece3326a0e1bbf5a6522e8dcbe81fb976183dbf7a69bf9269a7ae54ee868e5592c5dd239459d21b2b815350f298423d7a5a76097b57b462dfe91ddc82cb2545e6fe7e2de6e770cd9d90ce82a67a8487f835bfa6f4c502675baa638ae3e04f157fb65280f8143da9b79234e490e4a84b50697bdef5d139f8a8923da54d20677c82dd091347220bf277464ba7a0eb30960feba0f96770056a40a58c6a7ce5ef05d233a816c4d24fea74b03a496554370ae59d5eeec8ac949f530cc03a34e56258e3923c11507d849fe9d326f7f3728c70b8ae12d342eb3c79f278e8a439d7261b965f752e946f243d7b8a1552572ce2019f03b3d3013459d3a6650234ade5005dd1560700aa454a7ad63477fd5b0ad178cabcb070e89131f1aa3a1df3d5ba01bb3b961766f0e0e16c51c38b57f938bd7be69aee6a80708c32301463c02c1cd0146f52d1d869c541fa59e37024962ddca2ab0fd841f6270d4f9555d6ea32c94dfb32a5a59779281cf3376fba82708998936999517f1a55ee9874972c57a0d85a6a5fa2ec64a2009f58a30cc086ffbf64f76b0d3b840fe612055f971f3458762f6fa49abaae6af5374390e3593280f256ed598e72e557cdd525a139f0e52fe6c91791ed927bdd283ed188c385182c140bf0b141b20639852f82fd473516a0d4d38b69d72f05512f59d922cf8a6ae639e27013aa402d2c5185b2b98d6b314aae66bf7ab4fcc5085edea43b02a532ad22291d6e74ad80c122f9ea01cc9cb548cbf5a2846a82227141b563415578f03bef58c4abafafa6cd28aa86e2b0568b7833c63bb957e41cfecc1db075fce324f9d5b52b06af12fa94d754c26cea01b52ea7029b70ee268933b22ca391c3e392c24272c4037065100138ca86aad5c499090eef2b5946bcf5d8ec610a29c7e81eefe315c4c4d5bc57bc56637f31c0e9535215054be5d92b226b70b3bf962e19c5aedcfe17955431af736d5c82fdf46e4d12c017c6a3bc0f7b0985778cb7e62e81c9d83219810dcc984d1720d773b678c23893909eddba54f928358796c948fee5f1d16ad3770ac096755689aa7ebf39f750d54fb4b3cbb1050f6c4bfa72e3d6d08581a94c4cd9a3c561acfe31a0fb3cda281f7b1cbf9a960e0e45b2d3cd38b49027c53cae40a74dc51dbdbbb7ec29f9a2d761faff2410de3415f15616010812bda85a45654f7d2af54148afb42578219119fa3396710dbfcd3fdf523b06e4d75cbff02fdd48215f0f1a65a3c6ddbfc7b94cd40dbe6a1ad75600e2a51c4a262dbdc1b67ad5b637a14d66651ea12e9d88143bcff7751796ae162d0e50cd62a1e58f812ec7a04bce1b214968c059057d085c8efcd830bd3afbbac7805083f2a886ded6ab537160053b19c0e82dec23e43dcf5a143281bc6d726e98ec6fc3e4444d68819d8afb9c093e54ef4a4ad73de88d475c11311f6e21b93b8bbcaa2a8dd7e1baf9a7c2a94336b118d2d491ed2463c8f6b75e994b29ef4580ed908e86f5361368fe34102c6e6190cf832dd8b02af24f65750b5096857facaef46786de876694efecc9d21e99644e0a959ba40fa36c395d5c1f19b02a3c3223542ffcdab6dabaceb34317920b1e9e70e039b953f7939a2018a5a2b447da53d050dfd8e51c46bff3a89598a96e09c1948eab6987cca0a1a5f197f2242daa44a0197425849e11c271f9f0eafe243a9142fd81d0bda76467142683ba388e72475ed3761c522ce90fda9f01c0dba1124b0cf38206fb69b7318fedb5d6bcc81cfb040631e247a40c032db26fe9076768c53eb50c5b9184cd979f8d86e970c4c73ba9d5a2f9e0f557ae2c245a38d673afd12c98e84f982eec14f48b017e666542a1ba9e4a6159c352f592dee9682a58e68782981e77f23d6df85bfc8ec2ede6c36ac9051ac4a20919e84136dfded7a1560621f58e02058db16df5c52c8e95ea5a794d76d18626f37a4cceeef55b6699ce0193d05251add5f3b4d2ee2e6fc72c912cacc6a31d769cbc33c1f54553f35b95af618e0c87c51f15e98755a384bcba4c4dd785d4c17a9fef5e5a0036fd31a148af95f8b9384afcbfa2dc7c2d876c0bd3f7c1224fbcd7928eb1171456610269ed8151c4873cea11e4a24caeacb02af678785bff98ae512197750346589b9ce4796a617914e310e52c204eedb9e5009e158ee23d05c9be437a4d28be4527353eefe8851295fc0f5e0da42d28fc9af6017f6aa8bcf97c3240a5caebafee72de6ba06c7292cc26853e01125fa7017b2487cb45107ef7d25c368ad689f9878a5ef715184a034fe1f28a8661345277ff4cf95a8191de9fa88fdd6f7c57ad87d5c1cc9b634c1208beba9abc70f41d88408545ef4eff345ed956d3e95ca306fe4ace28bd50bfca9f533878dc11a8cd55ebe962f83493c914eb0f3bb3f5c64137c22e20f846d37339e464e6c94caa6919f7176dd37bf3c5e583ff25a78e562f93bf928aaa54e80aeba3b47b2caed9ccb70aa8dccdbdd231ad6c5930c1e85ae237462e34b81cf6f769207b01c34d669b388cb947391973e59e997122a7ae1a3fd8b8094b2f587c741db37122aa9e73ac788db5a7763ecbfb2ef828f85dd8432ee9d84c185c7c5e3ac3e4d5f97225a8a1769b4afb66b472a48513da91312ed4cf9018e29d5cfa0a1cda896729ce1a5400d2f84f2622cefdfcfd20e74a28b2859e9b4e62fcda772a7a2e37c77be263f7591bee4b146e4601867362820d804f4fed85a2997bcd71d70dbc4116b4dc355931c9ec2181838655ca9f416c52511d5888ac2d8d4f691a3a11db1a78c099a9baf2cfcdac789a35bda"}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0, 0x26}, 0x20) 04:02:51 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, 0x0) 04:02:52 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0xff0f, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc, 0x1, 'macvlan\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x4c}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x1, 0x803, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc, 0x1, 'macvlan\x00'}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x44}}, 0x0) 04:02:52 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\trust\xe3cusgrVex:De', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x1, 0xa8, 0x5, 0x5, 0x7f, 0x40, 0x8, 0x1, 0x0, 0x8, 0xff, 0x9, 0x8}, {0x3, 0x1, 0x1, 0x81, 0x40, 0x3b, 0xfc, 0x3f, 0x3, 0x8, 0x0, 0x4, 0xa22}, {0x400, 0x0, 0xa2, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x5d, 0x3f, 0x4, 0x1, 0xede9}], 0x4}) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) tkill(0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000000)={0x8, 0x7fffffff}) dup(0xffffffffffffffff) 04:02:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x101}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) 04:02:52 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, 0x0) 04:02:52 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:52 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) ioctl$KVM_GET_EMULATED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f0000000040)=""/7) eventfd2(0x0, 0x0) [ 758.823068][T14702] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 758.949772][T14740] bond2: (slave macvlan2): Opening slave failed 04:02:53 executing program 5: r0 = openat$rtc(0xffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x42900) 04:02:53 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x40, 0x100) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f0000000080)) eventfd2(0x0, 0x0) [ 759.265249][T14740] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 759.333213][T14706] bond2: (slave macvlan2): Opening slave failed 04:02:53 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet6(r0, &(0x7f0000003000)=[{{&(0x7f00000006c0)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000000a80)=[@hoplimit_2292={{0x14, 0x29, 0x3e}}], 0x18}}, {{&(0x7f0000000b00)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}], 0x2, 0x0) [ 759.744380][ T28] kauditd_printk_skb: 63 callbacks suppressed [ 759.744441][ T28] audit: type=1326 audit(1599451373.695:2250): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14763 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:53 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) [ 759.925983][ T28] audit: type=1326 audit(1599451373.755:2251): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14763 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 759.949681][ T28] audit: type=1326 audit(1599451373.755:2252): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14763 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 759.973051][ T28] audit: type=1326 audit(1599451373.765:2253): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14763 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 759.996469][ T28] audit: type=1326 audit(1599451373.765:2254): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14763 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:54 executing program 3: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r1, 0x0, 0xfffffffffffffc37, 0x200087fd, &(0x7f00000000c0)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r1, &(0x7f00000012c0)='\f&', 0x2, 0x4044075, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0x7fffffff, 0x0) 04:02:54 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) open(&(0x7f0000000300)='.\x00', 0x0, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={@local, @ipv4={[0x0, 0x0, 0x8], [], @empty}, @remote={0xfe, 0x80, [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xb]}, 0x0, 0x0, 0x0, 0x0, 0x9, 0x20c301e2, r3}) sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) [ 760.019696][ T28] audit: type=1326 audit(1599451373.775:2255): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14763 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 760.042952][ T28] audit: type=1326 audit(1599451373.785:2256): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14763 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:54 executing program 0: r0 = eventfd2(0x0, 0x0) io_setup(0x9, &(0x7f0000000340)=0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000002540)=""/4108, 0x100c}], 0x1) r2 = socket(0x10, 0x80002, 0x0) io_submit(r1, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) bind$l2tp(r2, &(0x7f0000000040)={0x2, 0x0, @local, 0x3}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) 04:02:54 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:54 executing program 1: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_ifreq(r0, 0x8927, &(0x7f00000000c0)={'wg0\x00', @ifru_mtu}) [ 760.445740][T14776] [U] ^@ [ 760.578212][T14781] Dead loop on virtual device ip6_vti0, fix it urgently! [ 760.588154][T14781] Dead loop on virtual device ip6_vti0, fix it urgently! [ 760.654489][T14781] Dead loop on virtual device ip6_vti0, fix it urgently! 04:02:54 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:54 executing program 3: creat(&(0x7f0000000040)='./file0\x00', 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000300)='tmpfs\x00', 0x0, &(0x7f0000000340)=',n%\xd3\xe4\x9c\xe3\xc1\x99\x8e/}iR\xd5\v@Z\xe1\xd8\xe8\v\xe6\x87\x93\xd2,6,\xd3AO%\xda\xdb\xfb$w.HO\x1d-\xca_\xca\xff\xfe\x85\x1c\xeb$\xbb\x0f\xa5Z@]\xbd\xa8;\xf3\x95\x89(|\x9e\xb8L\x896\xdb\x89\r\xe0})D\xee\x7f\x92\xf2\x82\xe3C?\">\x85FRG\x87\xa4\x88\xd7\x10\x87~\xa5\xff\x1bP\xefqH\x80\xf0\a4I\x94h!(\x19.\xbc\xadx\a\x83\xb4\x98\xe3\x9d\x9f\x1e}\'\xcc\xf5s\x82\v\xa8\x04\xc4\xf5,3\xecZ\x8eW5\xc5\xe05\xe7\xef\xfe>\xd9E#\x00\xc1rys\x81\x80\xbc\xad\x17\xa3=H\xfah\xdf\x1e\xc7\xdb\xc1\x89\x01\x12A\x03\x00-Q[\xea!\\\n.\xc4H\xc4\xe1\xf6\x01>\x01\xaa]\xfb\xa7\x05\x99\x9ah\xf8\xdd (\xe5\x86-N\xb3Dp\x1f`/\xc9\xe2\rE>\xc9I\\\x10\xd2\xce\xdf@\xdb)Ub\x9b\xa5\xf8\xf1B\xacT,)\xc2\xa4\xa9\xe8\x92H\x88\xff\a\x00\x00\x00\x00\x00\xe3\xcdL-\x10\x83?h\xfe\xb9\x90\xc3\x1d\xf9\x1d\xfbZ\xec\b\xf1\xd3\xed\xb7\xc1,-\x00\xda\x1c\x0f7K(\xa7\x00u@%^\xe5\x86\xe0\x87\x00\x00\x00\x00\x00\x00\x00\x00\x93f\x8d\xaa\a\xf0w&\x9b|\xa6\xe4R\xf9G.\xa6nS\xdc\xe6\xbe\v\xf9!h\xc3\x03\xb4n\x06#\x95\x8b\xb1\x8f\xef\x9eT\xd0s\xd6\xd5}\xa9l\x012\xf9\xeeb\xfc\xd4\xe6\xa9h\xa0.\x92qr\x91\a\x00\x9a\xe2\xe5\x17\xc2\xa1\xd4>lp9\x05\x84D\xbeQ\xc5\x7f%\xf9\xad\a\x19iw\x16XFO\x91\"\xd2\xb0+\xc1U,\x06\xe2vN{\"l\x91\x8d\xdb\xd0\xddBp(\xed\xbf9\x15o\xfbq\xac\x1c\xc6~ua\xbc\xdf.\xe8nr\xec\xe4\x00\x00\x00\x00b\x04s\x17\xc1?w\xa0\xf7\xa8\xc7\x86@m\xfchsq%\x00\x00\x00\x00\x00\x00') [ 760.940384][ T28] audit: type=1326 audit(1599451374.795:2257): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14782 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 [ 760.964284][ T28] audit: type=1326 audit(1599451374.795:2258): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14782 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:54 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x2, @none, 0x1000}, 0xe) [ 760.987576][ T28] audit: type=1326 audit(1599451374.805:2259): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14782 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x7ffc0000 04:02:55 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:55 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x7132}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000080)={0x0, 0x4, [@link_local, @dev, @link_local, @local]}) [ 761.311134][T14796] tmpfs: Unknown parameter 'n%/}iR @Z 懓,6' 04:02:55 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x6, 0x209e20, 0x2, 0x1}, 0x40) perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000000)={r0, &(0x7f0000000000), &(0x7f0000000440)=""/130}, 0x20) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f00000000c0), &(0x7f0000000340)=""/203}, 0x20) bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000040)={r0, &(0x7f0000000000), 0x0}, 0x20) [ 761.364323][T14794] [U] ^@ [ 761.365681][T14799] tmpfs: Unknown parameter 'n%/}iR @Z 懓,6' 04:02:55 executing program 2: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0x0, "191e846b794ffc939749180400b64d15eb5f91"}) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) ioctl$TCSETAF(r1, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "5cd5b1c46e3a1d22"}) 04:02:55 executing program 5: r0 = socket(0x40000000015, 0x5, 0x0) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}, 0x20) 04:02:55 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x0, 0x0) r0 = openat$nvram(0xffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0x800, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000001c0)={0x0, {{0xa, 0x4e21, 0x8000, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x4}}, 0x1, 0x3, [{{0xa, 0x4e21, 0x9, @mcast2, 0x20}}, {{0xa, 0x4e23, 0x7f, @mcast1, 0xffffffff}}, {{0xa, 0x4e22, 0x4c2, @private1={0xfc, 0x1, [], 0x1}, 0xff}}]}, 0x20c) [ 762.105198][T14822] [U] ^@ 04:02:56 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0) ppoll(0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0) 04:02:56 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc050560f, &(0x7f00000000c0)={0x0, 0x9, 0x0, {0x0, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}}) 04:02:56 executing program 2: sendmsg$L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, 0x0, 0x8001) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000080)=0x7, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, 0x0, 0x0) 04:02:56 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:56 executing program 5: unshare(0x2c020400) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000000)="02010500000001000000ff07000000fffffffd000800000000000000", 0x1c, 0x1c0}]) 04:02:56 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) eventfd2(0x6, 0x80800) 04:02:56 executing program 3: unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0xb03881, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x0, 0x0, 0x0, r2}) 04:02:56 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x7a}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/190, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd06, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) 04:02:57 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) [ 763.497155][T14843] Dev loop5: unable to read RDB block 1 [ 763.502979][T14843] loop5: unable to read partition table [ 763.509154][T14843] loop5: partition table beyond EOD, truncated [ 763.515396][T14843] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) 04:02:57 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x7a}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/190, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd06, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) 04:02:57 executing program 2: syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x0) openat$ion(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ion\x00', 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r0) creat(&(0x7f0000000140)='./file0\x00', 0x0) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x34, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x9}]}]}, 0x34}}, 0x0) creat(&(0x7f0000000400)='./file0\x00', 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f0000000000)=[{}], 0x20000000000000f3, 0x0) 04:02:57 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x1, 0x0, 0x7ffc0001}]}) r0 = eventfd2(0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r0, 0x7}) 04:02:57 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x8, &(0x7f0000000040)='u', 0x1) getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000180)=""/237, &(0x7f0000000100)=0xed) 04:02:58 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) bind$packet(r2, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmmsg(r2, &(0x7f0000000c80), 0x400000000000345, 0x344) 04:02:58 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:58 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_SET_TIMEOUT(r0, 0x2201, &(0x7f0000000040)=0xfffff8bd) 04:02:58 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x7a}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/190, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd06, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) 04:02:58 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x1, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_x_sa2={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x70}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x1, 0x0, 0x3, 0xe, 0x0, 0x3, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_x_sa2={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x70}}, 0x0) [ 765.108365][ T28] kauditd_printk_skb: 56 callbacks suppressed [ 765.108425][ T28] audit: type=1326 audit(1599451379.065:2316): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=14862 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=40000003 syscall=265 compat=1 ip=0xf7fd6549 code=0x0 04:02:59 executing program 5: migrate_pages(0x0, 0x1f, 0x0, &(0x7f0000000100)=0x8000) 04:02:59 executing program 0: r0 = openat$procfs(0xffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f00000000c0)={0x2}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}, {0x948, 0x3, 0x4, 0x2}]}) eventfd2(0x0, 0x0) 04:02:59 executing program 3: r0 = syz_open_dev$vivid(&(0x7f00000000c0)='/dev/video#\x00', 0x1, 0x2) ioctl$VIDIOC_S_AUDIO(0xffffffffffffffff, 0x40345622, &(0x7f0000000080)={0x7, "5ca8a2cf1d72c7c8f228f080f68f440e035823c0d94da00e044eb0a1cc1ace5b"}) ioctl$VIDIOC_REQBUFS(r0, 0xc050565d, &(0x7f0000000040)={0x0, 0xa}) 04:02:59 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x7a}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/190, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd06, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) 04:02:59 executing program 2: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x28001, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000500)={0x1, 0x82}, 0x2) 04:02:59 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000008000000b70000000a00000095000000000000006458c2c62fc2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e711f5969f62c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637e48468766af540439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c0343185089a12119e31975e551558055dc2dcc473b54825ab2c3ee33af84c30761f880dd3a1b19e18e803ff18d2bf8d2d7bc324de9b9d0fb21a3a80906dad27aeca03ede937b865e264f22584ef4c04be52652bf2e9e5014d5ccc25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x74) r1 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001d80)=r0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000380)=@in={0x2, 0x4e21, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory', 0xc}]}, 0xfdef) 04:02:59 executing program 5: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r1, &(0x7f0000000080)=ANY=[], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) splice(r0, 0x0, r3, 0x0, 0x20800000003, 0x0) [ 766.082047][T14899] ===================================================== [ 766.089060][T14899] BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x81/0x90 [ 766.096572][T14899] CPU: 0 PID: 14899 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 766.105259][T14899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 766.115339][T14899] Call Trace: [ 766.118667][T14899] dump_stack+0x21c/0x280 [ 766.123028][T14899] kmsan_report+0xf7/0x1e0 [ 766.127476][T14899] kmsan_internal_check_memory+0x238/0x3d0 [ 766.133305][T14899] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 766.139496][T14899] kmsan_copy_to_user+0x81/0x90 [ 766.144384][T14899] _copy_to_user+0x18e/0x260 [ 766.149072][T14899] video_usercopy+0x24a9/0x3140 [ 766.154012][T14899] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 766.159868][T14899] video_ioctl2+0x9f/0xb0 [ 766.164224][T14899] ? video_usercopy+0x3140/0x3140 [ 766.169274][T14899] v4l2_ioctl+0x255/0x290 [ 766.173631][T14899] ? v4l2_poll+0x440/0x440 [ 766.178116][T14899] do_video_ioctl+0x9b8/0x14e70 [ 766.182996][T14899] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 766.189126][T14899] ? kmsan_get_metadata+0x116/0x180 [ 766.194351][T14899] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 766.200201][T14899] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 766.206311][T14899] ? kmsan_get_metadata+0x116/0x180 [ 766.211555][T14899] ? kmsan_get_metadata+0x116/0x180 [ 766.216878][T14899] v4l2_compat_ioctl32+0x2c0/0x370 [ 766.222488][T14899] ? v4l2_fill_pixfmt+0xa10/0xa10 [ 766.227595][T14899] __se_compat_sys_ioctl+0x55f/0x1100 [ 766.233010][T14899] ? kmsan_get_metadata+0x116/0x180 [ 766.238236][T14899] __ia32_compat_sys_ioctl+0x4a/0x70 [ 766.243554][T14899] __do_fast_syscall_32+0x2af/0x480 [ 766.248803][T14899] do_fast_syscall_32+0x6b/0xd0 [ 766.253686][T14899] do_SYSENTER_32+0x73/0x90 [ 766.258221][T14899] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 766.264561][T14899] RIP: 0023:0xf7f27549 [ 766.268628][T14899] Code: Bad RIP value. [ 766.272715][T14899] RSP: 002b:00000000f55210cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 766.281163][T14899] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c050565d [ 766.289153][T14899] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 766.297143][T14899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 766.305153][T14899] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 766.313173][T14899] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 766.321190][T14899] [ 766.323529][T14899] Local variable ----vb32.i@video_usercopy created at: [ 766.330399][T14899] video_usercopy+0x20d7/0x3140 [ 766.335283][T14899] video_usercopy+0x20d7/0x3140 [ 766.340135][T14899] [ 766.342476][T14899] Bytes 52-55 of 80 are uninitialized [ 766.347855][T14899] Memory access of size 80 starts at ffff888103bcf900 [ 766.354650][T14899] Data copied to user address 0000000020000040 [ 766.360813][T14899] ===================================================== [ 766.367776][T14899] Disabling lock debugging due to kernel taint [ 766.373947][T14899] Kernel panic - not syncing: panic_on_warn set ... [ 766.380585][T14899] CPU: 0 PID: 14899 Comm: syz-executor.3 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 766.390660][T14899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 766.400736][T14899] Call Trace: [ 766.404165][T14899] dump_stack+0x21c/0x280 [ 766.408596][T14899] panic+0x4d7/0xef7 [ 766.412538][T14899] ? add_taint+0x17c/0x210 [ 766.416983][T14899] kmsan_report+0x1df/0x1e0 [ 766.421510][T14899] kmsan_internal_check_memory+0x238/0x3d0 [ 766.427342][T14899] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 766.433526][T14899] kmsan_copy_to_user+0x81/0x90 [ 766.438398][T14899] _copy_to_user+0x18e/0x260 [ 766.443031][T14899] video_usercopy+0x24a9/0x3140 [ 766.447961][T14899] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 766.453817][T14899] video_ioctl2+0x9f/0xb0 [ 766.458174][T14899] ? video_usercopy+0x3140/0x3140 [ 766.463222][T14899] v4l2_ioctl+0x255/0x290 [ 766.467590][T14899] ? v4l2_poll+0x440/0x440 [ 766.472045][T14899] do_video_ioctl+0x9b8/0x14e70 [ 766.476931][T14899] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 766.483063][T14899] ? kmsan_get_metadata+0x116/0x180 [ 766.488291][T14899] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 766.494128][T14899] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 766.500229][T14899] ? kmsan_get_metadata+0x116/0x180 [ 766.505466][T14899] ? kmsan_get_metadata+0x116/0x180 [ 766.510720][T14899] v4l2_compat_ioctl32+0x2c0/0x370 [ 766.515891][T14899] ? v4l2_fill_pixfmt+0xa10/0xa10 [ 766.520946][T14899] __se_compat_sys_ioctl+0x55f/0x1100 [ 766.526371][T14899] ? kmsan_get_metadata+0x116/0x180 [ 766.531611][T14899] __ia32_compat_sys_ioctl+0x4a/0x70 [ 766.536935][T14899] __do_fast_syscall_32+0x2af/0x480 [ 766.542179][T14899] do_fast_syscall_32+0x6b/0xd0 [ 766.547064][T14899] do_SYSENTER_32+0x73/0x90 [ 766.551601][T14899] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 766.557967][T14899] RIP: 0023:0xf7f27549 [ 766.562039][T14899] Code: Bad RIP value. [ 766.566120][T14899] RSP: 002b:00000000f55210cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 766.574564][T14899] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c050565d [ 766.583794][T14899] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 766.591795][T14899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 766.599809][T14899] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 766.607824][T14899] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 766.617078][T14899] Kernel Offset: disabled [ 766.621534][T14899] Rebooting in 86400 seconds..