INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.50' (ECDSA) to the list of known hosts. 2018/04/17 00:17:20 fuzzer started 2018/04/17 00:17:20 dialing manager at 10.128.0.26:43021 2018/04/17 00:17:27 kcov=true, comps=false 2018/04/17 00:17:30 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) syslog(0x3, &(0x7f0000000040)=""/128, 0x80) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)={0x70, 0x9, "c64503b18bacfa51c83e1376214b92242597ec80362b214841c23e3905ccbfe5375ce26c9c41948b48e8356eb3a96d9ea3e692c64562a838c6d39b0cc3dc9a34ddb1f5c8de2b743e4b3df7a07f17a349feb88ebdf51dc60bcb5c3a337b2f6fb420cad50db918f4a5"}, &(0x7f0000000140), 0x1400) 2018/04/17 00:17:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000b17ff8)='./file0\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f000060cff8)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 2018/04/17 00:17:30 executing program 7: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1}, 0x4) sendto$inet(r0, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 2018/04/17 00:17:30 executing program 4: 2018/04/17 00:17:30 executing program 5: 2018/04/17 00:17:30 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x34123610) ftruncate(r1, 0x3) write$cgroup_subtree(r2, &(0x7f00000002c0), 0xa871f499) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000e80)=ANY=[@ANYBLOB="0400000000000000ff0f00000000000001"]) 2018/04/17 00:17:30 executing program 3: r0 = memfd_create(&(0x7f0000000140)='\x00 ', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000054ff3)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000f06f74)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f7a3a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"}) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000180)={0x0, 0xfff, 0x0, 'queue1\x00'}) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x800, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r3, 0xc08c5334, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00', 0x31}) 2018/04/17 00:17:30 executing program 6: r0 = socket$inet(0x2, 0x2, 0x0) sendmmsg(r0, &(0x7f0000001e80)=[{{&(0x7f0000000000)=@in={0x2, 0x4e20}, 0x80, &(0x7f0000000080), 0x0, &(0x7f0000000080)}}, {{&(0x7f00000002c0)=@in={0x2, 0x4e21, @broadcast=0xffffffff}, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="10000000000000000700000086040000aeeb209a7d065970d8d9a3b798d3d91f29"], 0x21}}], 0x2, 0x0) syzkaller login: [ 43.542315] ip (3775) used greatest stack depth: 54672 bytes left [ 43.608264] ip (3777) used greatest stack depth: 54312 bytes left [ 44.818680] ip (3897) used greatest stack depth: 54200 bytes left [ 45.058699] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.065190] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.099156] device bridge_slave_0 entered promiscuous mode [ 45.182508] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.188994] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.245964] device bridge_slave_0 entered promiscuous mode [ 45.272186] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.278708] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.295068] device bridge_slave_0 entered promiscuous mode [ 45.315784] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.322286] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.337823] device bridge_slave_1 entered promiscuous mode [ 45.390077] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.396574] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.429165] device bridge_slave_1 entered promiscuous mode [ 45.448872] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.455360] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.487087] device bridge_slave_0 entered promiscuous mode [ 45.512171] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.518628] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.548588] device bridge_slave_0 entered promiscuous mode [ 45.555706] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.562189] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.572182] device bridge_slave_0 entered promiscuous mode [ 45.578905] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.585484] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.599474] device bridge_slave_1 entered promiscuous mode [ 45.615369] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.627186] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.633622] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.652918] device bridge_slave_0 entered promiscuous mode [ 45.667375] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.674815] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.681307] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.721281] device bridge_slave_0 entered promiscuous mode [ 45.744289] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.750814] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.776173] device bridge_slave_1 entered promiscuous mode [ 45.785459] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.791934] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.803399] device bridge_slave_1 entered promiscuous mode [ 45.816424] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.822886] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.844305] device bridge_slave_1 entered promiscuous mode [ 45.852977] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.861599] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 45.873874] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 45.882322] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.888812] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.932179] device bridge_slave_1 entered promiscuous mode [ 45.941826] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.948342] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.993424] device bridge_slave_1 entered promiscuous mode [ 46.025506] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.035223] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.057709] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.067372] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.129820] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.214109] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.233738] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.259602] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.281578] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.351491] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.419748] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.856154] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 46.890450] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.028170] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.051689] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.132581] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.227858] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.236831] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.246889] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.263820] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.371525] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.416173] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.441914] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.450849] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.462441] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.577758] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.587069] ip (4094) used greatest stack depth: 53656 bytes left [ 47.676659] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.100267] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.182613] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.267436] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.340613] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.410155] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.419927] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.449126] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.496397] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.512229] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.531728] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.547682] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.556879] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.573790] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 48.644332] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.653604] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.660816] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.670828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 48.718622] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.730596] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.738729] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.767853] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 48.789275] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.814843] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.823612] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.831115] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.838202] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.862843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 48.903734] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 48.916012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.945747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 48.969618] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 48.977709] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.984904] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.000812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.023255] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.038969] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.059136] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.073604] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.087165] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.096142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.111275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.126609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.146453] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.154561] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.161713] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.170186] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.178298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.186525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.198665] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.207457] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.215299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.247747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.287980] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.296803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.316843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.365955] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.373377] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.388402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.452542] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.459738] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.471910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.658994] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.666714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.684743] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 51.267344] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.273968] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.280858] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.287315] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.301954] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.320850] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 51.417977] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.424490] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.431361] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.437827] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.452874] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.471265] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.477763] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.484649] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.491137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.523311] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.548890] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.555380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.562297] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.568765] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.649314] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.674507] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.680983] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.687841] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.694336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.754839] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.765084] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.771572] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.778469] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.784953] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.802858] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.832543] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.839104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.846175] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.852611] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.933998] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.174594] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.181257] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.188155] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.194612] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.218204] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.384382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.398655] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.422642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.437616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.448254] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.455696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.463470] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.606018] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 60.990261] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.010919] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.190560] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.225857] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.264792] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.366343] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.386527] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 61.392783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.403671] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.715139] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.819152] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 61.825428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.836656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.863344] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 61.881118] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.904724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.033871] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.040160] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.052627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.098077] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.105309] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.112589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.131674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.160946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.189668] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.218553] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.224845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.252132] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.619314] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.625612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.637698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/17 00:17:56 executing program 1: r0 = mq_open(&(0x7f0000000000)='-$\x00', 0x0, 0x0, &(0x7f0000664fc0)) perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000001240)=[{&(0x7f0000000180)=""/98, 0x62}], 0x1) 2018/04/17 00:17:56 executing program 1: 2018/04/17 00:17:57 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x34123610) ftruncate(r1, 0x3) write$cgroup_subtree(r2, &(0x7f00000002c0), 0xa871f499) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000e80)=ANY=[@ANYBLOB="0400000000000000ff0f00000000000001"]) 2018/04/17 00:17:57 executing program 1: 2018/04/17 00:17:57 executing program 4: 2018/04/17 00:17:57 executing program 5: 2018/04/17 00:17:57 executing program 6: 2018/04/17 00:17:57 executing program 3: 2018/04/17 00:17:57 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x34123610) ftruncate(r1, 0x3) write$cgroup_subtree(r2, &(0x7f00000002c0), 0xa871f499) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000e80)=ANY=[@ANYBLOB="0400000000000000ff0f00000000000001"]) 2018/04/17 00:17:57 executing program 7: 2018/04/17 00:17:57 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x34123610) ftruncate(r1, 0x3) write$cgroup_subtree(r2, &(0x7f00000002c0), 0xa871f499) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000e80)=ANY=[@ANYBLOB="0400000000000000ff0f00000000000001"]) 2018/04/17 00:17:57 executing program 6: 2018/04/17 00:17:57 executing program 5: r0 = socket$nl_xfrm(0x11, 0x3, 0x6) bind$packet(r0, &(0x7f0000000240)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6}, 0x14) recvmsg(r0, &(0x7f0000001400)={&(0x7f0000000380)=@pptp={0x0, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000140), 0x87, &(0x7f0000000280)=""/34, 0x22}, 0x0) 2018/04/17 00:17:57 executing program 1: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x80ffffff, 0x0, 0x1, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14}}, @icmp=@parameter_prob={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}}}}}}}, &(0x7f0000000200)) 2018/04/17 00:17:57 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000000)='cpu.weight\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f0000000100), 0x677) 2018/04/17 00:17:57 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000002fe4)={0xa}, 0x1c) sendmsg(r0, &(0x7f0000007000)={0x0, 0x0, &(0x7f0000000ff0)=[{&(0x7f000000af89)="0600", 0x2}], 0x1, &(0x7f0000026000)}, 0x2000c080) sendmsg(r0, &(0x7f000001b000)={0x0, 0x0, &(0x7f0000015000)=[{&(0x7f0000019000)="83bc", 0x2}], 0x1}, 0x0) r1 = dup(r0) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000180)) [ 69.101290] ================================================================== [ 69.108700] BUG: KMSAN: uninit-value in rawv6_sendmsg+0x4bee/0x4cc0 [ 69.115115] CPU: 0 PID: 5805 Comm: syz-executor3 Not tainted 4.16.0+ #84 [ 69.121951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.131307] Call Trace: [ 69.133900] dump_stack+0x185/0x1d0 [ 69.137537] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 69.141774] kmsan_report+0x142/0x240 [ 69.145579] __msan_warning_32+0x6c/0xb0 [ 69.149645] rawv6_sendmsg+0x4bee/0x4cc0 [ 69.153716] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 69.159084] ? rw_copy_check_uvector+0x5af/0x6c0 [ 69.163854] ? compat_rawv6_ioctl+0x30/0x30 [ 69.168175] inet_sendmsg+0x48d/0x740 [ 69.171979] ? security_socket_sendmsg+0x9e/0x210 [ 69.176826] ? inet_getname+0x500/0x500 [ 69.180810] ___sys_sendmsg+0xec0/0x1310 [ 69.184877] ? __fdget+0x4e/0x60 [ 69.188245] ? __fget_light+0x56/0x710 [ 69.192132] ? __fdget+0x4e/0x60 [ 69.195686] ? __msan_metadata_ptr_for_load_1+0x10/0x20 2018/04/17 00:17:58 executing program 6: pipe2(&(0x7f0000989000)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000bc8000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f0000000040)='./file0\x00') link(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='./control/file0\x00') dup2(r0, r1) [ 69.201053] ? __fget_light+0x6b9/0x710 [ 69.210515] SYSC_sendmsg+0x2a3/0x3d0 [ 69.214356] SyS_sendmsg+0x54/0x80 [ 69.217905] do_syscall_64+0x309/0x430 [ 69.221806] ? ___sys_sendmsg+0x1310/0x1310 [ 69.226138] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.231337] RIP: 0033:0x455329 [ 69.234523] RSP: 002b:00007f79d2e3bc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.242241] RAX: ffffffffffffffda RBX: 00007f79d2e3c6d4 RCX: 0000000000455329 [ 69.249524] RDX: 0000000000000000 RSI: 000000002001b000 RDI: 0000000000000013 [ 69.256795] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 69.264075] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 69.271349] R13: 00000000000004cc R14: 00000000006fa3c0 R15: 0000000000000000 [ 69.278666] [ 69.280293] Uninit was stored to memory at: [ 69.284625] kmsan_internal_chain_origin+0x12b/0x210 [ 69.289735] kmsan_memcpy_origins+0x11d/0x170 [ 69.294236] __msan_memcpy+0x19f/0x1f0 [ 69.298125] skb_copy_bits+0x63a/0xdb0 [ 69.302011] rawv6_sendmsg+0x427e/0x4cc0 [ 69.306073] inet_sendmsg+0x48d/0x740 [ 69.309878] ___sys_sendmsg+0xec0/0x1310 [ 69.313946] SYSC_sendmsg+0x2a3/0x3d0 [ 69.317755] SyS_sendmsg+0x54/0x80 [ 69.321298] do_syscall_64+0x309/0x430 [ 69.325190] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.330367] Uninit was created at: [ 69.333908] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 69.338918] kmsan_alloc_page+0x82/0xe0 [ 69.342891] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 69.347647] alloc_pages_current+0x6b5/0x970 2018/04/17 00:17:58 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x0, 0x0, 0x2000000}) fcntl$lock(r0, 0x400000000000007, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x100}) [ 69.352051] skb_page_frag_refill+0x3ba/0x5e0 [ 69.356550] sk_page_frag_refill+0xa4/0x340 [ 69.360874] __ip6_append_data+0x1a20/0x4bb0 [ 69.365288] ip6_append_data+0x40e/0x6b0 [ 69.369348] rawv6_sendmsg+0x2787/0x4cc0 [ 69.373405] inet_sendmsg+0x48d/0x740 [ 69.377207] ___sys_sendmsg+0xec0/0x1310 [ 69.381286] SYSC_sendmsg+0x2a3/0x3d0 [ 69.385087] SyS_sendmsg+0x54/0x80 [ 69.388624] do_syscall_64+0x309/0x430 [ 69.392511] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.397688] ================================================================== [ 69.405037] Disabling lock debugging due to kernel taint [ 69.410489] Kernel panic - not syncing: panic_on_warn set ... [ 69.410489] [ 69.417860] CPU: 0 PID: 5805 Comm: syz-executor3 Tainted: G B 4.16.0+ #84 [ 69.425997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.435350] Call Trace: [ 69.437947] dump_stack+0x185/0x1d0 [ 69.441580] panic+0x39d/0x940 [ 69.444796] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 69.449036] kmsan_report+0x238/0x240 [ 69.452847] __msan_warning_32+0x6c/0xb0 [ 69.456910] rawv6_sendmsg+0x4bee/0x4cc0 [ 69.460985] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 69.466364] ? rw_copy_check_uvector+0x5af/0x6c0 [ 69.471143] ? compat_rawv6_ioctl+0x30/0x30 [ 69.475470] inet_sendmsg+0x48d/0x740 [ 69.479275] ? security_socket_sendmsg+0x9e/0x210 [ 69.484131] ? inet_getname+0x500/0x500 [ 69.488111] ___sys_sendmsg+0xec0/0x1310 [ 69.492209] ? __fdget+0x4e/0x60 [ 69.495582] ? __fget_light+0x56/0x710 [ 69.499472] ? __fdget+0x4e/0x60 [ 69.502858] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 69.508224] ? __fget_light+0x6b9/0x710 [ 69.512213] SYSC_sendmsg+0x2a3/0x3d0 [ 69.516026] SyS_sendmsg+0x54/0x80 [ 69.519572] do_syscall_64+0x309/0x430 [ 69.523471] ? ___sys_sendmsg+0x1310/0x1310 [ 69.527800] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.532985] RIP: 0033:0x455329 [ 69.536172] RSP: 002b:00007f79d2e3bc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.543887] RAX: ffffffffffffffda RBX: 00007f79d2e3c6d4 RCX: 0000000000455329 [ 69.551164] RDX: 0000000000000000 RSI: 000000002001b000 RDI: 0000000000000013 [ 69.558526] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 69.565889] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 69.573170] R13: 00000000000004cc R14: 00000000006fa3c0 R15: 0000000000000000 [ 69.581087] Dumping ftrace buffer: [ 69.584622] (ftrace buffer empty) [ 69.588313] Kernel Offset: disabled [ 69.591922] Rebooting in 86400 seconds..