Warning: Permanently added '10.128.0.204' (ECDSA) to the list of known hosts.
2020/01/06 17:25:42 parsed 1 programs
2020/01/06 17:25:42 executed programs: 0
[   59.185264] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready
[   59.197735] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready
[   59.206141] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready
[   59.214456] IPv6: ADDRCONF(NETDEV_CHANGE): nr0: link becomes ready
[   59.224064] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready
[   59.232401] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready
[   59.252334] IPVS: Creating netns size=2712 id=2
[   59.257340] IPVS: ftp: loaded support on port[0] = 21
[   59.333561] IPVS: Creating netns size=2712 id=3
[   59.338545] IPVS: ftp: loaded support on port[0] = 21
[   59.480604] IPVS: Creating netns size=2712 id=4
[   59.482826] chnl_net:caif_netlink_parms(): no params data found
[   59.491642] IPVS: ftp: loaded support on port[0] = 21
[   59.729152] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.735771] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.745473] device bridge_slave_0 entered promiscuous mode
[   59.775275] IPVS: Creating netns size=2712 id=5
[   59.780864] IPVS: ftp: loaded support on port[0] = 21
[   59.786492] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.798840] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.808857] device bridge_slave_1 entered promiscuous mode
[   59.875953] chnl_net:caif_netlink_parms(): no params data found
[   59.955227] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   60.023524] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   60.100464] IPVS: Creating netns size=2712 id=6
[   60.113637] IPVS: ftp: loaded support on port[0] = 21
[   60.224651] chnl_net:caif_netlink_parms(): no params data found
[   60.240152] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   60.276174] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   60.284303] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.291029] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.304958] device bridge_slave_0 entered promiscuous mode
[   60.349052] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.355604] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.365372] device bridge_slave_1 entered promiscuous mode
[   60.508513] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   60.521401] IPVS: Creating netns size=2712 id=7
[   60.526375] IPVS: ftp: loaded support on port[0] = 21
[   60.532557] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   60.533325] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   60.574465] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   60.811228] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.817773] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.827750] device bridge_slave_0 entered promiscuous mode
[   60.882565] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.890981] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.900550] device bridge_slave_1 entered promiscuous mode
[   60.984952] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   61.070696] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   61.085745] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   61.109284] chnl_net:caif_netlink_parms(): no params data found
[   61.127200] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   61.308452] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   61.326312] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   61.360552] chnl_net:caif_netlink_parms(): no params data found
[   61.376316] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   61.385104] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   61.424566] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   61.700532] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.707212] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.716605] device bridge_slave_0 entered promiscuous mode
[   61.724951] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   61.744238] chnl_net:caif_netlink_parms(): no params data found
[   61.761106] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.767675] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.777269] device bridge_slave_1 entered promiscuous mode
[   61.784864] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   61.940211] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.946688] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.956365] device bridge_slave_0 entered promiscuous mode
[   62.015724] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   62.025094] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.032106] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.042983] device bridge_slave_1 entered promiscuous mode
[   62.107243] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   62.142552] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   62.236026] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   62.401915] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.412225] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.422193] device bridge_slave_0 entered promiscuous mode
[   62.436897] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   62.455162] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.465074] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   62.483189] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.490996] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.501183] device bridge_slave_1 entered promiscuous mode
[   62.540135] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   62.547410] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   62.579789] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   62.594136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.637469] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   62.646677] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   62.710092] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   62.720583] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   62.852608] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.860832] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.867434] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.889956] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   62.897191] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   62.910814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.920238] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   62.932130] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   62.951875] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   62.998242] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.006122] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.012829] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.051706] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   63.065355] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   63.237641] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   63.307651] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.316534] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   63.352036] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.360143] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   63.454091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   63.487169] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.516555] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   63.524832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.539982] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   63.553723] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.673265] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   63.680634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.746984] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.756864] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.763332] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.785126] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   63.830286] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.838867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.847147] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.853591] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.861485] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.869897] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.876287] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.912255] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.920251] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.929415] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.937117] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.968917] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   63.990374] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   64.049487] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   64.066401] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   64.090284] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.103910] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.123927] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.132169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.159794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.172402] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.202887] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.214093] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.328106] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.363582] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.384007] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.399189] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.405636] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.438390] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   64.446094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.468953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   64.477113] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.487547] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.536807] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.551092] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   64.584486] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.606734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   64.627001] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   64.666634] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.680642] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.687168] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.700272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   64.709722] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.716169] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.723612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.739196] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   64.752870] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   64.763538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   64.784309] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   64.815534] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.834902] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   64.842354] device veth0_vlan entered promiscuous mode
[   64.849438] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   64.856126] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   64.867398] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.907091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.925493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   64.950853] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   64.961319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   64.974567] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.983642] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.990242] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.015731] device veth1_vlan entered promiscuous mode
[   65.051116] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.058900] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.103069] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.115327] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.121792] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.214553] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   65.246654] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   65.305401] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.325240] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   65.345814] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.375837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
2020/01/06 17:25:49 executed programs: 6
[   65.545729] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   65.582303] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   65.590702] device veth0_vlan entered promiscuous mode
[   65.596721] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   65.605167] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   65.611788] ==================================================================
[   65.611802] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800adf90281
[   65.611804] Read of size 4 by task syz-executor.4/7705
[   65.611809] CPU: 1 PID: 7705 Comm: syz-executor.4 Not tainted 4.6.0-syzkaller #0
[   65.611811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.611817]  1ffffffff0dd577e ffff880128167878 ffffffff82c7f386 ffff8800adf9027f
[   65.611820]  ffff880128167908 ffff8800adf90268 ffff8800bb9c4f00 ffff8801281678f8
[   65.611824]  ffffffff81740207 ffff880129502a40 0000000000000286 0000000000000286
[   65.611825] Call Trace:
[   65.611832]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   65.611839]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   65.611845]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   65.611850]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   65.611853]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   65.611856]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   65.611861]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   65.611867]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   65.611875]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   65.611881]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   65.611890]  [<ffffffff813c89bf>] ? try_to_wake_up+0x5f/0xd00
[   65.611898]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   65.611903]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   65.611909]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   65.611915]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   65.611919]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   65.611923]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   65.611927]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   65.611931]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   65.611936]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   65.611941]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   65.611946]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   65.611951]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   65.611957]  [<ffffffff8147fc27>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   65.611962]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   65.611966]  [<ffffffff8147fc27>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   65.611971]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   65.611975]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   65.611981]  [<ffffffff8143565c>] ? trace_hardirqs_on_caller+0x44c/0x5e0
[   65.611987]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   65.611991]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   65.611998]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   65.612001] Object at ffff8800adf90268, in cache ip_fib_alias
[   65.612003] Object not allocated yet
[   65.612006] Memory state around the buggy address:
[   65.612011]  ffff8800adf90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.612014]  ffff8800adf90200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.612017] >ffff8800adf90280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.612020]                    ^
[   65.612023]  ffff8800adf90300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.612025]  ffff8800adf90380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.612028] ==================================================================
[   65.612060] Disabling lock debugging due to kernel taint
[   65.676142] ==================================================================
[   65.676155] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800adf90281
[   65.676158] Read of size 4 by task syz-executor.4/7709
[   65.676164] CPU: 1 PID: 7709 Comm: syz-executor.4 Tainted: G    B           4.6.0-syzkaller #0
[   65.676166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.676171]  1ffffffff0dd577e ffff8800ad87f878 ffffffff82c7f386 ffff8800adf9027f
[   65.676175]  ffff8800ad87f908 ffff8800adf90268 ffff8800bb9c4f00 ffff8800ad87f8f8
[   65.676179]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   65.676180] Call Trace:
[   65.676187]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   65.676195]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   65.676201]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   65.676204]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   65.676208]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   65.676212]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   65.676214]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   65.676220]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   65.676223]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   65.676230]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   65.676234]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   65.676240]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   65.676244]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   65.676251]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   65.676259]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   65.676263]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   65.676267]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   65.676269]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   65.676272]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   65.676274]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   65.676277]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   65.676281]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   65.676287]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   65.676290]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   65.676294]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   65.676298]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   65.676301]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   65.676305]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   65.676308]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   65.676313]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   65.676316]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   65.676324]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   65.676328]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   65.676333]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   65.676336] Object at ffff8800adf90268, in cache ip_fib_alias
[   65.676337] Object not allocated yet
[   65.676338] Memory state around the buggy address:
[   65.676341]  ffff8800adf90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.676343]  ffff8800adf90200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.676345] >ffff8800adf90280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.676347]                    ^
[   65.676349]  ffff8800adf90300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.676351]  ffff8800adf90380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.676351] ==================================================================
[   65.817773] ==================================================================
[   65.817788] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800adf90281
[   65.817791] Read of size 4 by task syz-executor.4/7713
[   65.817797] CPU: 1 PID: 7713 Comm: syz-executor.4 Tainted: G    B           4.6.0-syzkaller #0
[   65.817799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.817805]  1ffffffff0dd577e ffff8800adf77878 ffffffff82c7f386 ffff8800adf9027f
[   65.817809]  ffff8800adf77908 ffff8800adf90268 ffff8800bb9c4f00 ffff8800adf778f8
[   65.817813]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   65.817814] Call Trace:
[   65.817821]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   65.817829]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   65.817835]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   65.817839]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   65.817843]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   65.817846]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   65.817849]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   65.817855]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   65.817858]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   65.817866]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   65.817869]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   65.817878]  [<ffffffff813c89bf>] ? try_to_wake_up+0x5f/0xd00
[   65.817882]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   65.817887]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   65.817891]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   65.817895]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   65.817899]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   65.817902]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   65.817904]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   65.817906]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   65.817909]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   65.817913]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   65.817918]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   65.817922]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   65.817925]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   65.817934]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   65.817938]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   65.817942]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   65.817945]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   65.817950]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   65.817953]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   65.817961]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   65.817965]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   65.817970]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   65.817973] Object at ffff8800adf90268, in cache ip_fib_alias
[   65.817974] Object not allocated yet
[   65.817975] Memory state around the buggy address:
[   65.817979]  ffff8800adf90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.817981]  ffff8800adf90200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.817983] >ffff8800adf90280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.817984]                    ^
[   65.817986]  ffff8800adf90300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.817988]  ffff8800adf90380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.817989] ==================================================================
[   65.961211] ==================================================================
[   65.961225] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800adf90281
[   65.961228] Read of size 4 by task syz-executor.4/7717
[   65.961234] CPU: 1 PID: 7717 Comm: syz-executor.4 Tainted: G    B           4.6.0-syzkaller #0
[   65.961236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.961242]  1ffffffff0dd577e ffff8800ad87f878 ffffffff82c7f386 ffff8800adf9027f
[   65.961246]  ffff8800ad87f908 ffff8800adf90268 ffff8800bb9c4f00 ffff8800ad87f8f8
[   65.961250]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   65.961251] Call Trace:
[   65.961258]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   65.961267]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   65.961274]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   65.961277]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   65.961281]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   65.961284]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   65.961286]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   65.961292]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   65.961295]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   65.961303]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   65.961307]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   65.961315]  [<ffffffff813c89bf>] ? try_to_wake_up+0x5f/0xd00
[   65.961320]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   65.961325]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   65.961328]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   65.961333]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   65.961338]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   65.961340]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   65.961343]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   65.961345]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   65.961348]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   65.961351]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   65.961357]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   65.961361]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   65.961364]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   65.961368]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   65.961372]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   65.961376]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   65.961379]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   65.961385]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   65.961388]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   65.961393]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   65.961397]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   65.961401]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   65.961404] Object at ffff8800adf90268, in cache ip_fib_alias
[   65.961405] Object not allocated yet
[   65.961406] Memory state around the buggy address:
[   65.961409]  ffff8800adf90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.961411]  ffff8800adf90200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.961413] >ffff8800adf90280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.961415]                    ^
[   65.961416]  ffff8800adf90300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.961418]  ffff8800adf90380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.961419] ==================================================================
[   66.128725] ==================================================================
[   66.128738] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800adf90281
[   66.128741] Read of size 4 by task syz-executor.4/7721
[   66.128746] CPU: 1 PID: 7721 Comm: syz-executor.4 Tainted: G    B           4.6.0-syzkaller #0
[   66.128748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   66.128759]  1ffffffff0dd577e ffff8800adf77878 ffffffff82c7f386 ffff8800adf9027f
[   66.128763]  ffff8800adf77908 ffff8800adf90268 ffff8800bb9c4f00 ffff8800adf778f8
[   66.128767]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   66.128768] Call Trace:
[   66.128776]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   66.128785]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   66.128791]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   66.128794]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   66.128798]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   66.128801]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   66.128804]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   66.128809]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   66.128812]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   66.128818]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   66.128821]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   66.128827]  [<ffffffff813c89bf>] ? try_to_wake_up+0x5f/0xd00
[   66.128832]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   66.128837]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   66.128840]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   66.128845]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   66.128849]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   66.128852]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   66.128854]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   66.128856]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   66.128859]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   66.128863]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   66.128868]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   66.128872]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   66.128875]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   66.128879]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   66.128883]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   66.128887]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   66.128889]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   66.128894]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   66.128897]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   66.128903]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   66.128906]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   66.128911]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   66.128913] Object at ffff8800adf90268, in cache ip_fib_alias
[   66.128915] Object not allocated yet
[   66.128915] Memory state around the buggy address:
[   66.128919]  ffff8800adf90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.128921]  ffff8800adf90200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.128923] >ffff8800adf90280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.128924]                    ^
[   66.128926]  ffff8800adf90300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.128928]  ffff8800adf90380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.128929] ==================================================================
[   66.224783] ==================================================================
[   66.224796] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800adf90281
[   66.224799] Read of size 4 by task syz-executor.4/7725
[   66.224804] CPU: 1 PID: 7725 Comm: syz-executor.4 Tainted: G    B           4.6.0-syzkaller #0
[   66.224806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   66.224813]  1ffffffff0dd577e ffff880128187878 ffffffff82c7f386 ffff8800adf9027f
[   66.224816]  ffff880128187908 ffff8800adf90268 ffff8800bb9c4f00 ffff8801281878f8
[   66.224820]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   66.224821] Call Trace:
[   66.224828]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   66.224836]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   66.224841]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   66.224844]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   66.224848]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   66.224851]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   66.224854]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   66.224859]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   66.224862]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   66.224869]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   66.224873]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   66.224880]  [<ffffffff813c89bf>] ? try_to_wake_up+0x5f/0xd00
[   66.224885]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   66.224891]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   66.224894]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   66.224898]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   66.224902]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   66.224904]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   66.224907]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   66.224909]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   66.224912]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   66.224915]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   66.224920]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   66.224923]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   66.224926]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   66.224930]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   66.224933]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   66.224938]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   66.224941]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   66.224945]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   66.224948]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   66.224953]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   66.224956]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   66.224961]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   66.224964] Object at ffff8800adf90268, in cache ip_fib_alias
[   66.224965] Object not allocated yet
[   66.224966] Memory state around the buggy address:
[   66.224969]  ffff8800adf90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.224971]  ffff8800adf90200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.224973] >ffff8800adf90280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.224975]                    ^
[   66.224977]  ffff8800adf90300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.224979]  ffff8800adf90380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.224979] ==================================================================
[   67.707293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   67.748818] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   67.792610] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   67.806395] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   67.822019] device veth1_vlan entered promiscuous mode
[   67.877365] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   67.884853] device veth0_vlan entered promiscuous mode
[   67.891495] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   67.898265] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   67.954219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   67.976741] device veth1_vlan entered promiscuous mode
[   67.993031] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   68.000576] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   68.034193] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   68.057822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   68.192239] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   68.215810] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   68.236108] device veth0_vlan entered promiscuous mode
[   68.244917] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   68.254672] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   68.264873] ==================================================================
[   68.272534] BUG: KASAN: use-after-free in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800adf81a81
[   68.275648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   68.285520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   68.286217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   68.287001] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   68.309629] Read of size 4 by task syz-executor.3/7811
[   68.313828] device veth1_vlan entered promiscuous mode
[   68.320455] page:ffffea0002b7e040 count:0 mapcount:0 mapping:          (null) index:0x0
[   68.328939] flags: 0xfffe0000000000()
[   68.332736] page dumped because: kasan: bad access detected
[   68.338457] CPU: 0 PID: 7811 Comm: syz-executor.3 Tainted: G    B           4.6.0-syzkaller #0
[   68.347212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   68.356582]  1ffffffff0dd577e ffff8800ad827878 ffffffff82c7f386 ffff8800adf81a7f
[   68.364664]  ffff8800ad827908 ffff8800adf81a81 ffff8800b19862c0 ffff8800ad8278f8
[   68.372719]  ffffffff817405ba ffffffff816afd26 0000000000000286 0000000000000286
[   68.381415] Call Trace:
[   68.384000]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   68.389372]  [<ffffffff817405ba>] kasan_report_error+0x59a/0x5c0
[   68.395539]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   68.401347]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   68.407160]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   68.414013]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   68.419244] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   68.427205]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   68.431273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   68.440627]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   68.446960]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   68.453119]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   68.459281]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   68.465271]  [<ffffffff813c89bf>] ? try_to_wake_up+0x5f/0xd00
[   68.471166]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   68.476633]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   68.483667]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   68.489043]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   68.495632]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   68.501021]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   68.506315]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   68.511599]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   68.517182]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   68.520887] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   68.520947] device veth0_vlan entered promiscuous mode
[   68.521588] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   68.522221] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   68.541097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   68.541912] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   68.542769] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   68.567347]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   68.573922]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   68.579398]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   68.584926]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   68.590714]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   68.597372]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   68.603170]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   68.610287]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   68.616108]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   68.622327]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   68.628833]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   68.635544]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   68.640759]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   68.647335] Memory state around the buggy address:
[   68.652264]  ffff8800adf81980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   68.659980]  ffff8800adf81a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   68.669036] >ffff8800adf81a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   68.676607]                    ^
[   68.679971]  ffff8800adf81b00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   68.687328]  ffff8800adf81b80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   68.688247] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   68.688314] device veth0_vlan entered promiscuous mode
[   68.688891] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   68.689508] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   68.704862] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   68.705602] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   68.706455] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   68.736418] device veth1_vlan entered promiscuous mode
[   68.744428] ==================================================================
[   68.804490] device veth1_vlan entered promiscuous mode
[   69.038752] ==================================================================
[   69.046177] BUG: KASAN: use-after-free in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad955ac1
[   69.055214] Read of size 4 by task syz-executor.2/7865
[   69.060611] CPU: 1 PID: 7865 Comm: syz-executor.2 Tainted: G    B           4.6.0-syzkaller #0
[   69.069466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.078862]  1ffffffff0dd577e ffff8800ad9df878 ffffffff82c7f386 ffff8800ad955abf
[   69.087490]  ffff8800ad9df908 ffff8800ad9546c0 ffff88012bd1ab00 ffff8800ad9df8f8
[   69.095567]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   69.103812] Call Trace:
[   69.106400]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   69.111894]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   69.118032]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   69.123987]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   69.129791]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   69.136659]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   69.142881]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   69.149097]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   69.155626]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   69.161768]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   69.167934]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   69.174060]  [<ffffffff813c89bf>] ? try_to_wake_up+0x5f/0xd00
[   69.180069]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   69.185633]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   69.192641]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   69.197997]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   69.204563]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   69.209738]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   69.215014]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   69.220282]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   69.225473]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   69.231267]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   69.237902]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   69.243350]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   69.248920]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   69.254725]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   69.261394]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   69.267296]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   69.273173]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   69.278958]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   69.285180]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   69.291562]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   69.298226]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   69.303424]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   69.310002] Object at ffff8800ad9546c0, in cache task_struct
[   69.315786] Object freed, allocated with size 5888 bytes
[   69.321225] Allocation:
[   69.324131] PID = 2261
[   69.326611]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   69.332537]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   69.337939]  [<ffffffff8173f7a9>] kasan_kmalloc+0xc9/0xe0
[   69.343623]  [<ffffffff8173fbe2>] kasan_slab_alloc+0x12/0x20
[   69.349547]  [<ffffffff8173aa54>] kmem_cache_alloc_node+0x154/0x6b0
[   69.356075]  [<ffffffff81338fcd>] copy_process.part.37+0x1fd/0x5ae0
[   69.362589]  [<ffffffff8133eca8>] _do_fork+0x158/0xbb0
[   69.367993]  [<ffffffff8133f724>] kernel_thread+0x24/0x30
[   69.373962]  [<ffffffff813842db>] call_usermodehelper_exec_work+0xdb/0x1f0
[   69.381098]  [<ffffffff8139210b>] process_one_work+0x69b/0x1570
[   69.387260]  [<ffffffff813930b7>] worker_thread+0xd7/0xf10
[   69.393006]  [<ffffffff813a3a09>] kthread+0x209/0x2d0
[   69.398507]  [<ffffffff85bb8312>] ret_from_fork+0x22/0x50
[   69.404197] Deallocation:
[   69.406935] PID = 2261
[   69.409412]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   69.415326]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   69.420735]  [<ffffffff8173fc8b>] kasan_slab_free+0x9b/0xb0
[   69.426731]  [<ffffffff81738e74>] kmem_cache_free+0x94/0x500
[   69.432774]  [<ffffffff81338370>] free_task+0xd0/0x170
[   69.438413]  [<ffffffff8133858e>] __put_task_struct+0x17e/0x390
[   69.444697]  [<ffffffff813479f8>] delayed_put_task_struct+0x148/0x2b0
[   69.451439]  [<ffffffff8148c603>] rcu_process_callbacks+0xe73/0x15d0
[   69.458064]  [<ffffffff85bbb26c>] __do_softirq+0x2cc/0xa06
[   69.463813] Memory state around the buggy address:
[   69.468741]  ffff8800ad955980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   69.476295]  ffff8800ad955a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   69.483646] >ffff8800ad955a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   69.490985]                                            ^
[   69.496443]  ffff8800ad955b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   69.503788]  ffff8800ad955b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   69.511144] ==================================================================
[   69.778810] ==================================================================
[   69.786653] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad95a0c1
[   69.796015] Read of size 4 by task syz-executor.3/7879
[   69.801528] CPU: 1 PID: 7879 Comm: syz-executor.3 Tainted: G    B           4.6.0-syzkaller #0
[   69.810560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.819916]  1ffffffff0dd577e ffff8800ada47878 ffffffff82c7f386 ffff8800ad95a0bf
[   69.828066]  ffff8800ada47908 ffff8800ad95a080 ffff88012bc00200 ffff8800ada478f8
[   69.836118]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   69.844451] Call Trace:
[   69.847202]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   69.852550]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   69.858699]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   69.864553]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   69.870459]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   69.877573]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   69.883820]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   69.889983]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   69.896312]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   69.902878]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   69.909153]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   69.915126]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   69.921260]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   69.926718]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   69.933721]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   69.939075]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   69.945640]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   69.950831]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   69.956203]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   69.961613]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   69.966805]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   69.972512]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   69.979195]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   69.984649]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   69.990174]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   69.995984]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   70.002638]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   70.008355]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   70.014252]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   70.020043]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   70.026468]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   70.032854]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   70.039556]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   70.044839]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   70.051580] Object at ffff8800ad95a080, in cache kmalloc-64
[   70.057290] Object allocated with size 64 bytes.
[   70.062046] Allocation:
[   70.064629] PID = 4
[   70.066875]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   70.072818]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   70.078238]  [<ffffffff8173f7a9>] kasan_kmalloc+0xc9/0xe0
[   70.083899]  [<ffffffff8173cdd2>] kmem_cache_alloc_trace+0x142/0x6b0
[   70.090538]  [<ffffffff84991c53>] dst_cow_metrics_generic+0x43/0xb0
[   70.097057]  [<ffffffff850669ff>] ipv6_cow_metrics+0x5f/0x150
[   70.103083]  [<ffffffff85072333>] icmp6_dst_alloc+0x463/0x560
[   70.109163]  [<ffffffff8508bb33>] ndisc_send_skb+0xb13/0x1010
[   70.115169]  [<ffffffff8508f643>] ndisc_send_ns+0x283/0x6e0
[   70.121004]  [<ffffffff85056095>] addrconf_dad_work+0x645/0x980
[   70.127217]  [<ffffffff8139210b>] process_one_work+0x69b/0x1570
[   70.133404]  [<ffffffff813930b7>] worker_thread+0xd7/0xf10
[   70.139381]  [<ffffffff813a3a09>] kthread+0x209/0x2d0
[   70.144711]  [<ffffffff85bb8312>] ret_from_fork+0x22/0x50
[   70.150535] Memory state around the buggy address:
[   70.155452]  ffff8800ad959f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   70.162803]  ffff8800ad95a000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   70.170276] >ffff8800ad95a080: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   70.177878]                                            ^
[   70.183314]  ffff8800ad95a100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   70.190734]  ffff8800ad95a180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   70.198164] ==================================================================
[   70.609583] ==================================================================
[   70.617358] BUG: KASAN: use-after-free in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad958281
[   70.626433] Read of size 4 by task syz-executor.1/7924
[   70.631726] page:ffffea0002b65600 count:0 mapcount:0 mapping:          (null) index:0x0
[   70.640002] flags: 0xfffe0000000000()
[   70.643778] page dumped because: kasan: bad access detected
[   70.649482] CPU: 1 PID: 7924 Comm: syz-executor.1 Tainted: G    B           4.6.0-syzkaller #0
[   70.658348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   70.668049]  1ffffffff0dd577e ffff8800ad9ef878 ffffffff82c7f386 ffff8800ad95827f
[   70.676409]  ffff8800ad9ef908 ffff8800ad958281 ffff8800b1b76340 ffff8800ad9ef8f8
[   70.685003]  ffffffff817405ba ffffffff816afd26 0000000000000286 0000000000000286
[   70.693082] Call Trace:
[   70.695668]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   70.701020]  [<ffffffff817405ba>] kasan_report_error+0x59a/0x5c0
[   70.707169]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   70.712956]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   70.718772]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   70.725761]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   70.732072]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   70.738139]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   70.744440]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   70.750583]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   70.756736]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   70.762711]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   70.768844]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   70.774457]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   70.781457]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   70.786827]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   70.793406]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   70.798676]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   70.803939]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   70.809203]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   70.814490]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   70.820486]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   70.827418]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   70.832983]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   70.838522]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   70.844404]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   70.851083]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   70.856818]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   70.862886]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   70.868678]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   70.874909]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   70.881529]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   70.888322]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   70.893503]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   70.900066] Memory state around the buggy address:
2020/01/06 17:25:54 executed programs: 26
[   70.905419]  ffff8800ad958180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.912764]  ffff8800ad958200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.920118] >ffff8800ad958280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.927456]                    ^
[   70.930817]  ffff8800ad958300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.938156]  ffff8800ad958380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   70.945507] ==================================================================
[   71.020776] ==================================================================
[   71.028206] BUG: KASAN: use-after-free in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad959341
[   71.037174] Read of size 4 by task syz-executor.5/7934
[   71.042448] page:ffffea0002b65640 count:0 mapcount:0 mapping:          (null) index:0x0
[   71.050844] flags: 0xfffe0000000000()
[   71.054637] page dumped because: kasan: bad access detected
[   71.060343] CPU: 0 PID: 7934 Comm: syz-executor.5 Tainted: G    B           4.6.0-syzkaller #0
[   71.069076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.078419]  1ffffffff0dd577e ffff8800ad89f878 ffffffff82c7f386 ffff8800ad95933f
[   71.086470]  ffff8800ad89f908 ffff8800ad959341 ffff8800ade224c0 ffff8800ad89f8f8
[   71.094534]  ffffffff817405ba ffffffff816afd26 0000000000000286 0000000000000286
[   71.102612] Call Trace:
[   71.105190]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   71.110716]  [<ffffffff817405ba>] kasan_report_error+0x59a/0x5c0
[   71.116886]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   71.122719]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   71.128657]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   71.135501]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   71.141875]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   71.148328]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   71.154643]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   71.160776]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   71.167021]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   71.173001]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   71.179261]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   71.184731]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   71.191734]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   71.197116]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   71.203684]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   71.208863]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   71.214127]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   71.219825]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   71.225001]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   71.230701]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   71.237391]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   71.242835]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   71.248362]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   71.254151]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   71.260808]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   71.266548]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   71.272460]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   71.278437]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   71.284678]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   71.290928]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   71.297529]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   71.302856]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   71.309570] Memory state around the buggy address:
[   71.314501]  ffff8800ad959200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   71.321904]  ffff8800ad959280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   71.329291] >ffff8800ad959300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   71.336992]                                            ^
[   71.342610]  ffff8800ad959380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   71.349973]  ffff8800ad959400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   71.357369] ==================================================================
[   71.364878] ==================================================================
[   71.372496] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad95a5c1
[   71.382250] Read of size 4 by task syz-executor.4/7930
[   71.387535] CPU: 1 PID: 7930 Comm: syz-executor.4 Tainted: G    B           4.6.0-syzkaller #0
[   71.396344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.406066]  1ffffffff0dd577e ffff8800ada8f878 ffffffff82c7f386 ffff8800ad95a5bf
[   71.414261]  ffff8800ada8f908 ffff8800ad95a580 ffff88012bc00200 ffff8800ada8f8f8
[   71.422512]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   71.430555] Call Trace:
[   71.433128]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   71.438478]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   71.444605]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   71.450430]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   71.456455]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   71.463754]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   71.470178]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   71.476243]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   71.482561]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   71.488851]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   71.495310]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   71.501702]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   71.508145]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   71.513720]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   71.520901]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   71.526372]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   71.533292]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   71.538471]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   71.543734]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   71.549206]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   71.554391]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   71.560273]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   71.567394]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   71.572928]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   71.578766]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   71.584774]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   71.591598]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   71.597418]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   71.603305]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   71.609118]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   71.615352]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   71.621574]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   71.628138]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   71.633864]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   71.640437] Object at ffff8800ad95a580, in cache kmalloc-64
[   71.646275] Object allocated with size 64 bytes.
[   71.651057] Allocation:
[   71.653839] PID = 4
[   71.656242]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   71.662287]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   71.668214]  [<ffffffff8173f7a9>] kasan_kmalloc+0xc9/0xe0
[   71.674112]  [<ffffffff8173cdd2>] kmem_cache_alloc_trace+0x142/0x6b0
[   71.680741]  [<ffffffff84991c53>] dst_cow_metrics_generic+0x43/0xb0
[   71.687371]  [<ffffffff850669ff>] ipv6_cow_metrics+0x5f/0x150
[   71.693404]  [<ffffffff85072333>] icmp6_dst_alloc+0x463/0x560
[   71.699424]  [<ffffffff850b6e28>] mld_sendpack+0x578/0xb80
[   71.705158]  [<ffffffff850b83c4>] mld_send_initial_cr.part.30+0xd4/0x110
[   71.712100]  [<ffffffff850c2465>] ipv6_mc_dad_complete+0x85/0x110
[   71.718473]  [<ffffffff850556df>] addrconf_dad_completed+0x3ef/0x760
[   71.725533]  [<ffffffff8505621b>] addrconf_dad_work+0x7cb/0x980
[   71.731826]  [<ffffffff8139210b>] process_one_work+0x69b/0x1570
[   71.738015]  [<ffffffff813930b7>] worker_thread+0xd7/0xf10
[   71.743979]  [<ffffffff813a3a09>] kthread+0x209/0x2d0
[   71.749410]  [<ffffffff85bb8312>] ret_from_fork+0x22/0x50
[   71.755112] Memory state around the buggy address:
[   71.760155]  ffff8800ad95a480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   71.767701]  ffff8800ad95a500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   71.775062] >ffff8800ad95a580: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   71.782550]                                            ^
[   71.788292]  ffff8800ad95a600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   71.795640]  ffff8800ad95a680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   71.802994] ==================================================================
[   72.049816] ==================================================================
[   72.057246] BUG: KASAN: use-after-free in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad958001
[   72.066461] Read of size 4 by task syz-executor.4/7958
[   72.071992] page:ffffea0002b65600 count:0 mapcount:0 mapping:          (null) index:0x0
[   72.080279] flags: 0xfffe0000000000()
[   72.084058] page dumped because: kasan: bad access detected
[   72.089768] CPU: 1 PID: 7958 Comm: syz-executor.4 Tainted: G    B           4.6.0-syzkaller #0
[   72.098502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.107857]  1ffffffff0dd577e ffff8800ada8f878 ffffffff82c7f386 ffff8800ad957fff
[   72.116003]  ffff8800ada8f908 ffff8800ad958001 ffff8800ae6ca100 ffff8800ada8f8f8
[   72.124206]  ffffffff817405ba ffffffff816afd26 0000000000000286 0000000000000286
[   72.132330] Call Trace:
[   72.134916]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   72.140278]  [<ffffffff817405ba>] kasan_report_error+0x59a/0x5c0
[   72.146648]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   72.152452]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   72.158442]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   72.165491]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   72.171723]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   72.177798]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   72.184103]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   72.190265]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   72.196476]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   72.203863]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   72.210705]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   72.216480]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   72.223831]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   72.229581]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   72.236167]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   72.241392]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   72.246653]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   72.252131]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   72.257440]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   72.263164]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   72.269994]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   72.275555]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   72.281561]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   72.287429]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   72.294114]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   72.299837]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   72.305706]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   72.311578]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   72.317813]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   72.324156]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   72.330837]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   72.336134]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   72.342715] Memory state around the buggy address:
[   72.347908]  ffff8800ad957f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   72.355394]  ffff8800ad957f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   72.362923] >ffff8800ad958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.370629]                    ^
[   72.374123]  ffff8800ad958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.381512]  ffff8800ad958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.388984] ==================================================================
[   72.508611] ==================================================================
[   72.516319] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad95a0c1
[   72.525856] Read of size 4 by task syz-executor.3/7970
[   72.531197] CPU: 0 PID: 7970 Comm: syz-executor.3 Tainted: G    B           4.6.0-syzkaller #0
[   72.540214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.549769]  1ffffffff0dd577e ffff8800adaa7878 ffffffff82c7f386 ffff8800ad95a0bf
[   72.558158]  ffff8800adaa7908 ffff8800ad95a080 ffff88012bc00200 ffff8800adaa78f8
[   72.566427]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   72.574956] Call Trace:
[   72.577982]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   72.583730]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   72.590364]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   72.596358]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   72.602153]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   72.609278]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   72.615505]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   72.621942]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   72.628531]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   72.634672]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   72.640912]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   72.647319]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   72.653987]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   72.659493]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   72.667170]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   72.674284]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   72.684149]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   72.689881]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   72.696322]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   72.702273]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   72.707678]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   72.713812]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   72.720702]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   72.726452]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   72.732180]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   72.739867]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   72.746828]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   72.752878]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   72.758952]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   72.765029]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   72.772441]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   72.778937]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   72.785887]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   72.791512]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   72.798868] Object at ffff8800ad95a080, in cache kmalloc-64
[   72.804873] Object allocated with size 64 bytes.
[   72.809722] Allocation:
[   72.812298] PID = 4
[   72.814526]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   72.820458]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   72.826058]  [<ffffffff8173f7a9>] kasan_kmalloc+0xc9/0xe0
[   72.831901]  [<ffffffff8173cdd2>] kmem_cache_alloc_trace+0x142/0x6b0
[   72.839724]  [<ffffffff84991c53>] dst_cow_metrics_generic+0x43/0xb0
[   72.846271]  [<ffffffff850669ff>] ipv6_cow_metrics+0x5f/0x150
[   72.852374]  [<ffffffff85072333>] icmp6_dst_alloc+0x463/0x560
[   72.859393]  [<ffffffff8508bb33>] ndisc_send_skb+0xb13/0x1010
[   72.865430]  [<ffffffff8508f643>] ndisc_send_ns+0x283/0x6e0
[   72.871257]  [<ffffffff85056095>] addrconf_dad_work+0x645/0x980
[   72.877423]  [<ffffffff8139210b>] process_one_work+0x69b/0x1570
[   72.884080]  [<ffffffff813930b7>] worker_thread+0xd7/0xf10
[   72.889843]  [<ffffffff813a3a09>] kthread+0x209/0x2d0
[   72.895247]  [<ffffffff85bb8312>] ret_from_fork+0x22/0x50
[   72.900912] Memory state around the buggy address:
[   72.906446]  ffff8800ad959f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.913906]  ffff8800ad95a000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   72.921509] >ffff8800ad95a080: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   72.929298]                                            ^
[   72.934738]  ffff8800ad95a100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   72.942190]  ffff8800ad95a180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   72.949535] ==================================================================
[   73.044298] ==================================================================
[   73.051844] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad84e341
[   73.062998] Read of size 4 by task syz-executor.1/7975
[   73.070105] CPU: 0 PID: 7975 Comm: syz-executor.1 Tainted: G    B           4.6.0-syzkaller #0
[   73.080172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   73.092142]  1ffffffff0dd577e ffff8800ada87878 ffffffff82c7f386 ffff8800ad84e33f
[   73.102559]  ffff8800ada87908 ffff8800ad84e040 ffff88012bc00700 ffff8800ada878f8
[   73.111860]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   73.121104] Call Trace:
[   73.124443]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   73.130497]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   73.138025]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   73.144094]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   73.151755]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   73.164706]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   73.170929]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   73.176994]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   73.183474]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   73.189608]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   73.197549]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   73.206748]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   73.213161]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   73.218687]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   73.225701]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   73.231326]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   73.237903]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   73.243092]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   73.248540]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   73.254227]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   73.259485]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   73.265385]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   73.271975]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   73.277424]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   73.283028]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   73.288963]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   73.295818]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   73.304100]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   73.310159]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   73.316089]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   73.322317]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   73.331348]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   73.338321]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   73.343940]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   73.350782] Object at ffff8800ad84e040, in cache kmalloc-1024
[   73.358827] Object allocated with size 704 bytes.
[   73.365082] Allocation:
[   73.367661] PID = 3408
[   73.370162]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   73.376085]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   73.381657]  [<ffffffff8173f7a9>] kasan_kmalloc+0xc9/0xe0
[   73.387315]  [<ffffffff8173bb09>] __kmalloc+0x169/0x6d0
[   73.392786]  [<ffffffff849a4aea>] __neigh_create+0x1ea/0x19f0
[   73.399327]  [<ffffffff8502ccc1>] ip6_finish_output2+0x841/0x1b90
[   73.406646]  [<ffffffff85036723>] ip6_finish_output+0x353/0x700
[   73.414518]  [<ffffffff85036c37>] ip6_output+0x167/0x530
[   73.422515]  [<ffffffff8508ac79>] NF_HOOK_THRESH.constprop.24+0xc9/0x290
[   73.430401]  [<ffffffff8508b7c4>] ndisc_send_skb+0x7a4/0x1010
[   73.436468]  [<ffffffff85090046>] ndisc_send_rs+0x116/0x3d0
[   73.442431]  [<ffffffff8505516a>] addrconf_rs_timer+0x28a/0x410
[   73.449008]  [<ffffffff814a053e>] call_timer_fn+0x14e/0x620
[   73.455240]  [<ffffffff814a1007>] run_timer_softirq+0x5f7/0x9c0
[   73.461646]  [<ffffffff85bbb26c>] __do_softirq+0x2cc/0xa06
[   73.467416] Memory state around the buggy address:
[   73.472337]  ffff8800ad84e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.479738]  ffff8800ad84e280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.487114] >ffff8800ad84e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.494464]                                            ^
[   73.500147]  ffff8800ad84e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.507515]  ffff8800ad84e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.514863] ==================================================================
[   73.573976] ==================================================================
[   73.581593] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad953001
[   73.591004] Read of size 4 by task syz-executor.4/7990
[   73.596400] CPU: 0 PID: 7990 Comm: syz-executor.4 Tainted: G    B           4.6.0-syzkaller #0
[   73.605238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   73.615887]  1ffffffff0dd577e ffff8800adad7878 ffffffff82c7f386 ffff8800ad952fff
[   73.624237]  ffff8800adad7908 ffff8800ad953040 ffff8801de721300 ffff8800adad78f8
[   73.632761]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   73.641442] Call Trace:
[   73.644090]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   73.649468]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   73.655607]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   73.661600]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   73.667389]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   73.674263]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   73.680485]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   73.686542]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   73.693117]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   73.699614]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   73.706171]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   73.712423]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   73.718574]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   73.724040]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   73.731182]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   73.736642]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   73.743448]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   73.748784]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   73.754386]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   73.759652]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   73.764841]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   73.770646]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   73.777239]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   73.782698]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   73.788276]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   73.794105]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   73.800907]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   73.806630]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   73.812779]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   73.818854]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   73.825192]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   73.831574]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   73.838602]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   73.843896]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   73.850639] Object at ffff8800ad953040, in cache skbuff_head_cache
[   73.856953] Object allocated with size 232 bytes.
[   73.861772] Allocation:
[   73.864333] PID = 7990
[   73.866886]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   73.872841]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   73.878493]  [<ffffffff8173f7a9>] kasan_kmalloc+0xc9/0xe0
[   73.884173]  [<ffffffff8173fbe2>] kasan_slab_alloc+0x12/0x20
[   73.890374]  [<ffffffff8173aa54>] kmem_cache_alloc_node+0x154/0x6b0
[   73.896967]  [<ffffffff849278e8>] __alloc_skb+0xa8/0x5b0
[   73.902721]  [<ffffffff8492cd6d>] alloc_skb_with_frags+0x8d/0x4b0
[   73.909411]  [<ffffffff84918929>] sock_alloc_send_pskb+0x5c9/0x740
[   73.916175]  [<ffffffff85197063>] packet_sendmsg+0x1843/0x4eb0
[   73.922267]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   73.928095]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   73.933999]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   73.939313]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   73.946114] Memory state around the buggy address:
[   73.951026]  ffff8800ad952f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   73.959019]  ffff8800ad952f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.966356] >ffff8800ad953000: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   73.973877]                    ^
[   73.977236]  ffff8800ad953080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.984580]  ffff8800ad953100: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[   73.991921] ==================================================================
[   74.199449] ==================================================================
[   74.206881] BUG: KASAN: use-after-free in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad958281
[   74.215891] Read of size 4 by task syz-executor.3/7993
[   74.221211] page:ffffea0002b65600 count:0 mapcount:0 mapping:          (null) index:0x0
[   74.229491] flags: 0xfffe0000000000()
[   74.233285] page dumped because: kasan: bad access detected
[   74.240481] CPU: 1 PID: 7993 Comm: syz-executor.3 Tainted: G    B           4.6.0-syzkaller #0
[   74.249403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.258897]  1ffffffff0dd577e ffff8800adaf7878 ffffffff82c7f386 ffff8800ad95827f
[   74.268059]  ffff8800adaf7908 ffff8800ad958281 ffff8800b19862c0 ffff8800adaf78f8
[   74.276609]  ffffffff817405ba ffffffff816afd26 0000000000000286 0000000000000286
[   74.284838] Call Trace:
[   74.287412]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   74.292775]  [<ffffffff817405ba>] kasan_report_error+0x59a/0x5c0
[   74.298909]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   74.304690]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   74.310475]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   74.317321]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   74.323540]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   74.329580]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   74.336037]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   74.342179]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   74.348339]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   74.354303]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   74.360454]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   74.365891]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   74.374152]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   74.379656]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   74.386348]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   74.391531]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   74.396792]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   74.402068]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   74.407698]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   74.414015]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   74.420712]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   74.426169]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   74.431693]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   74.437483]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   74.444160]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   74.449982]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   74.455853]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   74.461637]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   74.467858]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   74.474089]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   74.480658]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   74.485847]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   74.492406] Memory state around the buggy address:
[   74.497416]  ffff8800ad958180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.505021]  ffff8800ad958200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.512456] >ffff8800ad958280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.520005]                    ^
[   74.523853]  ffff8800ad958300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.531256]  ffff8800ad958380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   74.539351] ==================================================================
[   74.608645] ==================================================================
[   74.616076] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad95a5c1
[   74.625362] Read of size 4 by task syz-executor.2/8011
[   74.630629] CPU: 1 PID: 8011 Comm: syz-executor.2 Tainted: G    B           4.6.0-syzkaller #0
[   74.639625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.648966]  1ffffffff0dd577e ffff8800ad997878 ffffffff82c7f386 ffff8800ad95a5bf
[   74.657217]  ffff8800ad997908 ffff8800ad95a580 ffff88012bc00200 ffff8800ad9978f8
[   74.665286]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   74.673537] Call Trace:
[   74.676113]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   74.681457]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   74.687705]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   74.693494]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   74.699314]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   74.706173]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   74.712658]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   74.718843]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   74.725318]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   74.731470]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   74.739386]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   74.745345]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   74.751480]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   74.756944]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   74.764423]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   74.769789]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   74.776362]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   74.781563]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   74.786862]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   74.792225]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   74.797436]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   74.803180]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   74.809755]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   74.815195]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   74.820718]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   74.826516]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   74.833182]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   74.838980]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   74.846478]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   74.852268]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   74.858556]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   74.864914]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   74.871504]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   74.877779]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   74.884985] Object at ffff8800ad95a580, in cache kmalloc-64
[   74.890691] Object allocated with size 64 bytes.
[   74.895433] Allocation:
[   74.898272] PID = 4
[   74.900507]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   74.906911]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   74.912347]  [<ffffffff8173f7a9>] kasan_kmalloc+0xc9/0xe0
[   74.918521]  [<ffffffff8173cdd2>] kmem_cache_alloc_trace+0x142/0x6b0
[   74.925229]  [<ffffffff84991c53>] dst_cow_metrics_generic+0x43/0xb0
[   74.931810]  [<ffffffff850669ff>] ipv6_cow_metrics+0x5f/0x150
[   74.937841]  [<ffffffff85072333>] icmp6_dst_alloc+0x463/0x560
[   74.943847]  [<ffffffff850b6e28>] mld_sendpack+0x578/0xb80
[   74.949619]  [<ffffffff850b83c4>] mld_send_initial_cr.part.30+0xd4/0x110
[   74.956642]  [<ffffffff850c2465>] ipv6_mc_dad_complete+0x85/0x110
[   74.963004]  [<ffffffff850556df>] addrconf_dad_completed+0x3ef/0x760
[   74.969783]  [<ffffffff8505621b>] addrconf_dad_work+0x7cb/0x980
[   74.976105]  [<ffffffff8139210b>] process_one_work+0x69b/0x1570
[   74.982305]  [<ffffffff813930b7>] worker_thread+0xd7/0xf10
[   74.988221]  [<ffffffff813a3a09>] kthread+0x209/0x2d0
[   74.993639]  [<ffffffff85bb8312>] ret_from_fork+0x22/0x50
[   74.999474] Memory state around the buggy address:
[   75.004396]  ffff8800ad95a480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   75.011875]  ffff8800ad95a500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   75.019354] >ffff8800ad95a580: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   75.026726]                                            ^
[   75.032171]  ffff8800ad95a600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   75.039540]  ffff8800ad95a680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   75.047021] ==================================================================
[   75.054400] ==================================================================
[   75.062420] BUG: KASAN: slab-out-of-bounds in macvlan_broadcast+0x48f/0x5b0 at addr ffff8800ad953501
[   75.071902] Read of size 4 by task syz-executor.5/8007
[   75.077407] CPU: 0 PID: 8007 Comm: syz-executor.5 Tainted: G    B           4.6.0-syzkaller #0
[   75.086659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   75.096239]  1ffffffff0dd577e ffff8801281c7878 ffffffff82c7f386 ffff8800ad9534ff
[   75.104514]  ffff8801281c7908 ffff8800ad953400 ffff8801de721300 ffff8801281c78f8
[   75.112961]  ffffffff81740207 ffffffff816afd26 0000000000000286 0000000000000286
[   75.120984] Call Trace:
[   75.123571]  [<ffffffff82c7f386>] dump_stack+0xe6/0x120
[   75.129056]  [<ffffffff81740207>] kasan_report_error+0x1e7/0x5c0
[   75.135858]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   75.142005]  [<ffffffff816afd51>] ? __might_fault+0xf1/0x1b0
[   75.148067]  [<ffffffff8174089a>] __asan_report_load_n_noabort+0x3a/0x40
[   75.155022]  [<ffffffff838f393f>] ? macvlan_broadcast+0x48f/0x5b0
[   75.161293]  [<ffffffff838f393f>] macvlan_broadcast+0x48f/0x5b0
[   75.167362]  [<ffffffff8497c43e>] ? netif_skb_features+0x30e/0x7d0
[   75.173693]  [<ffffffff838f5206>] macvlan_start_xmit+0x316/0x610
[   75.179853]  [<ffffffff8518c379>] packet_direct_xmit+0x429/0x610
[   75.185983]  [<ffffffff851977b4>] packet_sendmsg+0x1f94/0x4eb0
[   75.191952]  [<ffffffff814d2f50>] ? futex_wait_setup+0x2c0/0x2c0
[   75.198103]  [<ffffffff82c8aa59>] ? plist_del+0xe9/0x1d0
[   75.203571]  [<ffffffff81436160>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[   75.210762]  [<ffffffff813c9702>] ? wake_up_q+0x82/0xe0
[   75.216235]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   75.222990]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   75.228192]  [<ffffffff817f0402>] ? __fget+0x1c2/0x320
[   75.233595]  [<ffffffff817f041f>] ? __fget+0x1df/0x320
[   75.238896]  [<ffffffff817f0282>] ? __fget+0x42/0x320
[   75.244088]  [<ffffffff817f05f9>] ? __fget_light+0x79/0x200
[   75.249976]  [<ffffffff85195820>] ? packet_cached_dev_get+0x1a0/0x1a0
[   75.256559]  [<ffffffff8490e2a5>] sock_sendmsg+0xb5/0xf0
[   75.262264]  [<ffffffff8490f279>] SYSC_sendto+0x1c9/0x300
[   75.270856]  [<ffffffff8490f0b0>] ? SYSC_connect+0x2a0/0x2a0
[   75.276679]  [<ffffffff851a0c06>] ? packet_do_bind.part.61+0x4e6/0xad0
[   75.283619]  [<ffffffff851a1496>] ? packet_bind+0x156/0x1d0
[   75.290128]  [<ffffffff816afdc1>] ? __might_fault+0x161/0x1b0
[   75.296020]  [<ffffffff816afd26>] ? __might_fault+0xc6/0x1b0
[   75.301911]  [<ffffffff814ae682>] ? SyS_clock_gettime+0x132/0x180
[   75.308180]  [<ffffffff814ae550>] ? SyS_clock_settime+0x1b0/0x1b0
[   75.314684]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[   75.321264]  [<ffffffff84911569>] SyS_sendto+0x9/0x10
[   75.326568]  [<ffffffff85bb80c0>] entry_SYSCALL_64_fastpath+0x23/0xc1
[   75.333407] Object at ffff8800ad953400, in cache skbuff_head_cache
[   75.339740] Object freed, allocated with size 232 bytes
[   75.345178] Allocation:
[   75.347746] PID = 7843
[   75.350221]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   75.356219]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   75.361888]  [<ffffffff8173f7a9>] kasan_kmalloc+0xc9/0xe0
[   75.368415]  [<ffffffff8173fbe2>] kasan_slab_alloc+0x12/0x20
[   75.375002]  [<ffffffff8173aa54>] kmem_cache_alloc_node+0x154/0x6b0
[   75.381549]  [<ffffffff849278e8>] __alloc_skb+0xa8/0x5b0
[   75.387216]  [<ffffffff83d0e2b0>] new_skb+0x20/0x1d0
[   75.392442]  [<ffffffff83d19303>] aoecmd_cfg+0x1a3/0x580
[   75.398017]  [<ffffffff83d1dc6c>] discover_timer+0xdc/0x130
[   75.403980]  [<ffffffff814a053e>] call_timer_fn+0x14e/0x620
[   75.409929]  [<ffffffff814a1007>] run_timer_softirq+0x5f7/0x9c0
[   75.416321]  [<ffffffff85bbb26c>] __do_softirq+0x2cc/0xa06
[   75.423389] Deallocation:
[   75.426161] PID = 2415
[   75.428637]  [<ffffffff81205056>] save_stack_trace+0x26/0x50
[   75.434592]  [<ffffffff8173f3e6>] save_stack+0x46/0xd0
[   75.440004]  [<ffffffff8173fc8b>] kasan_slab_free+0x9b/0xb0
[   75.445976]  [<ffffffff81738e74>] kmem_cache_free+0x94/0x500
[   75.451913]  [<ffffffff84924f0c>] kfree_skbmem+0xac/0xd0
[   75.457495]  [<ffffffff8492c4c5>] __kfree_skb+0x15/0x20
[   75.462973]  [<ffffffff8492c560>] kfree_skb+0x90/0x2f0
[   75.468369]  [<ffffffff85260f1a>] nr_xmit+0xaa/0x100
[   75.473618]  [<ffffffff8497d9d9>] dev_hard_start_xmit+0x6b9/0x1140
[   75.480184]  [<ffffffff84980375>] __dev_queue_xmit+0x1b85/0x1f40
[   75.486460]  [<ffffffff8498073b>] dev_queue_xmit+0xb/0x10
[   75.492199]  [<ffffffff83d1dd68>] tx+0x68/0xb0
[   75.497073]  [<ffffffff83d0f5c4>] kthread+0x1c4/0x360
[   75.502390]  [<ffffffff813a3a09>] kthread+0x209/0x2d0
[   75.507843]  [<ffffffff85bb8312>] ret_from_fork+0x22/0x50
[   75.513526] Memory state around the buggy address:
[   75.518439]  ffff8800ad953400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   75.525791]  ffff8800ad953480: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   75.533348] >ffff8800ad953500: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[   75.541016]                    ^
[   75.544556]  ffff8800ad953580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   75.552245]  ffff8800ad953600: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   75.559595] ==================================================================