INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.56' (ECDSA) to the list of known hosts.
2018/04/08 13:27:16 fuzzer started
2018/04/08 13:27:17 dialing manager at 10.128.0.26:40033
2018/04/08 13:27:23 kcov=true, comps=false
2018/04/08 13:27:25 executing program 0:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$sndseq(&(0x7f000064dff3)='/dev/snd/seq\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000bb4000))
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a45320, &(0x7f0000000140)={{0x80}, "706f7274310000004000000000000000000000d600fffffff0000000070000000000000000000000000000070000000000e6ffffffffffffff001000", 0xbfffffffffffffff, 0x2})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x0, 0x0)

2018/04/08 13:27:25 executing program 2:
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x203}, 0x55)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10)
socketpair$inet_icmp(0x13, 0x400000, 0x13, &(0x7f0000000000))

2018/04/08 13:27:25 executing program 7:
syz_emit_ethernet(0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60ce648b00142f00fe8000008f4c02d5ac1798e318db00000000000000aa34163e00000000000000000000ffffac14", @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], &(0x7f0000000040))

2018/04/08 13:27:25 executing program 3:
r0 = socket(0x18, 0x0, 0x1)
sendmmsg(0xffffffffffffffff, &(0x7f0000004fc4)=[{{&(0x7f0000003000)=@in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}}, 0x80, &(0x7f0000004fa0)=[{&(0x7f0000002000)="4c5614c00401a0dbf8a669ebdedd102c4f7a79e606457dfdf09e2ec2ed253b", 0x1f}], 0x1, &(0x7f0000002d30)}}], 0x1, 0x0)
connect(r0, &(0x7f0000002000)=@sco={0x1f, {0x1}}, 0x26)
sendmmsg(r0, &(0x7f0000000f80)=[{{&(0x7f0000000ac0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}}}, 0x80, &(0x7f0000000f00), 0x0, &(0x7f00000013c0)}}], 0x1, 0x0)

2018/04/08 13:27:25 executing program 4:
r0 = syz_open_dev$tun(&(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"d202b999cf85000000000088f301e710", 0x102})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'syzkaller0\x00', 0x400})
r1 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000238ff8)=@abs, 0x6e, &(0x7f0000000040), 0x0, &(0x7f00000005c0), 0x27f}, 0x0)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000180)={0x1d4, &(0x7f0000000080)})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={"d202b999cf85000000000088f381e710", 0x106})

2018/04/08 13:27:25 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x7, 0x4, 0x80, 0x5, 0x0, 0xffffffffffffffff, 0x0, [0x140]}, 0x2c)

2018/04/08 13:27:25 executing program 5:
r0 = socket$inet(0x2, 0x1, 0x0)
r1 = dup(r0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14}}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000e9bff0)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0x0, 0x101}]}, 0x10)
connect$inet(r0, &(0x7f0000987000)={0x2, 0x4e23}, 0x10)
sendto$inet(r1, &(0x7f00004eef09)="96427feebcc603c266d2a2c2da2644124066d6c52746a66fd07a4a9370b924b494651c3febca0be535e0f30bbafe65b8b859d66972208f558b002bbc2366429da28cdb97727474f32fcce772ce439a1b5785bb74b8680705191a3d28e775b402a04cdf7881cf1c80eb042835db0e8c24fd0e3c0f396da612f44d9999de32f883521dfa4593a5772e19b5c0c27ace555870d7fe3a1819c614a8d9447cfa592c236d96bf255bf3966b0c1c34711ce489df2032a31902ae0742b79d7334ef248790fa0e3787e4b945215cddc03c4f384e6815bab43d34b8c04eb06ff00f10743a0e25f6", 0xe2, 0x4001, &(0x7f0000848ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00009df000)={&(0x7f00007cc000)=ANY=[@ANYBLOB="02"], 0x1}, 0x1}, 0x0)
sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000340)={0xac, 0x0, 0x0, 0x0, 0x0, {0x10}, [@IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x800}, 0x40005)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000266ffc), 0x4)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x14}, 0x1}, 0x0)

2018/04/08 13:27:25 executing program 1:
gettid()
perf_event_open(&(0x7f0000000280)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}}, 0x0, 0xb, 0xffffffffffffffff, 0x8)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x80000000004, 0x4000011e}, 0x2c)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0xffffffffffffff11, &(0x7f00001a7f05)=""/251}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r0, 0x50, &(0x7f00000000c0)}, 0x10)
socketpair$inet_icmp(0xf, 0x2, 0x730000, &(0x7f0000000240))

syzkaller login: [   42.171413] ip (3785) used greatest stack depth: 54312 bytes left
[   43.382844] ip (3903) used greatest stack depth: 54296 bytes left
[   44.230086] ip (3979) used greatest stack depth: 54160 bytes left
[   44.814320] ip (4031) used greatest stack depth: 53976 bytes left
[   45.430933] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   45.455580] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   45.469577] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   45.560534] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   45.637455] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   45.693152] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   45.721895] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   45.832245] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   53.958647] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   54.187814] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   54.223083] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   54.364642] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   54.455818] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   54.512937] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   54.590554] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   54.673211] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   54.762254] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   54.768498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.786715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.969095] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   54.975352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.985752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.047946] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   55.054191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   55.072358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.105897] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   55.112366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   55.122329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.269465] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   55.275693] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   55.290554] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.335128] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   55.341386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   55.351625] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.413930] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   55.421958] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   55.435915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.473528] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   55.482171] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   55.502596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/04/08 13:27:42 executing program 2:

2018/04/08 13:27:42 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000616ff8)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mmap(&(0x7f0000bfd000/0x400000)=nil, 0x400000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
sendmsg$unix(r2, &(0x7f0000bba000)={&(0x7f0000c57ff8)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r0]}], 0x18}, 0x0)
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000012c0)={{{@in6, @in=@dev={0xac, 0x14, 0x14}}}, {{}, 0x0, @in6=@mcast1={0xff, 0x1, [], 0x1}}}, 0xe8)
recvmsg(r1, &(0x7f00003d6fc8)={&(0x7f0000698000)=@generic, 0x80, &(0x7f000081afd0), 0x0, &(0x7f0000f9fff8)=""/90, 0x5a}, 0x0)

2018/04/08 13:27:42 executing program 2:
r0 = socket$inet(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg(r0, &(0x7f0000014000)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa2830007a600800000683540150024001d0004c41180b598bc593ab6821148a730de33a49868c62b2ca654a661006aabf35d4c1cbc882b0798810000000000", 0x4c}], 0x1}, 0x0)

2018/04/08 13:27:42 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c)
listen(r0, 0x43)
r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84)
sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='bridge0\x00', 0x10)
sendmsg$netlink(r1, &(0x7f00009f3fc8)={0x0, 0x0, &(0x7f000070f000)=[{&(0x7f0000a77000)={0x2300}, 0x2300}], 0x1, &(0x7f0000414000)}, 0x0)
r2 = accept4(r0, 0x0, &(0x7f0000da8ffc), 0x0)
shutdown(r2, 0x1)

2018/04/08 13:27:42 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040), 0x8)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000651ff8)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f000079efe0)={0x1}, 0x20)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00001a7fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c)
sendto$inet6(r0, &(0x7f0000aaff09)="b8", 0x1, 0x0, &(0x7f0000ab0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/08 13:27:42 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000001400)={0x2, 0x4e21, @multicast2=0xe0000002}, 0x10)
sendto$inet(r0, &(0x7f0000588fff), 0xffffffffffffff3e, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10)
connect(r0, &(0x7f00003cd000)=@ethernet, 0x80)

2018/04/08 13:27:42 executing program 5:
r0 = socket$inet(0x2, 0x1, 0x0)
r1 = dup(r0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14}}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000e9bff0)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0x0, 0x101}]}, 0x10)
connect$inet(r0, &(0x7f0000987000)={0x2, 0x4e23}, 0x10)
sendto$inet(r1, &(0x7f00004eef09)="96427feebcc603c266d2a2c2da2644124066d6c52746a66fd07a4a9370b924b494651c3febca0be535e0f30bbafe65b8b859d66972208f558b002bbc2366429da28cdb97727474f32fcce772ce439a1b5785bb74b8680705191a3d28e775b402a04cdf7881cf1c80eb042835db0e8c24fd0e3c0f396da612f44d9999de32f883521dfa4593a5772e19b5c0c27ace555870d7fe3a1819c614a8d9447cfa592c236d96bf255bf3966b0c1c34711ce489df2032a31902ae0742b79d7334ef248790fa0e3787e4b945215cddc03c4f384e6815bab43d34b8c04eb06ff00f10743a0e25f6", 0xe2, 0x4001, &(0x7f0000848ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00009df000)={&(0x7f00007cc000)=ANY=[@ANYBLOB="02"], 0x1}, 0x1}, 0x0)
sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000340)={0xac, 0x0, 0x0, 0x0, 0x0, {0x10}, [@IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x800}, 0x40005)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000266ffc), 0x4)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x14}, 0x1}, 0x0)

2018/04/08 13:27:42 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c)
connect$inet6(r0, &(0x7f000000cfe4)={0xa, 0x4e20}, 0x1c)
recvmsg(r0, &(0x7f0000000400)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000680)=[{&(0x7f00000002c0)=""/53, 0x35}, {&(0x7f0000000640)=""/21, 0x15}], 0x2, &(0x7f0000000240)=""/128, 0x80}, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001000)="8e86a4b9500a1139a0d93a78de7ed00ae239537b41a4eacfcfd438dfbe84ef20bd7e66cfb9bde86f5b1d1bae840e6c373fd2d58909d8ac8f1aca1b6e95b92948d4525d", 0x43}], 0x1, &(0x7f0000002000)}, 0x8000)
sendmsg(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000002ff0)=[{&(0x7f0000000040)="bce5", 0x2}], 0x1, &(0x7f000000ae80)}, 0x0)

2018/04/08 13:27:42 executing program 3:
r0 = socket$inet(0x2, 0x1, 0x0)
r1 = dup(r0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14}}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000e9bff0)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0x0, 0x101}]}, 0x10)
connect$inet(r0, &(0x7f0000987000)={0x2, 0x4e23}, 0x10)
sendto$inet(r1, &(0x7f00004eef09)="96427feebcc603c266d2a2c2da2644124066d6c52746a66fd07a4a9370b924b494651c3febca0be535e0f30bbafe65b8b859d66972208f558b002bbc2366429da28cdb97727474f32fcce772ce439a1b5785bb74b8680705191a3d28e775b402a04cdf7881cf1c80eb042835db0e8c24fd0e3c0f396da612f44d9999de32f883521dfa4593a5772e19b5c0c27ace555870d7fe3a1819c614a8d9447cfa592c236d96bf255bf3966b0c1c34711ce489df2032a31902ae0742b79d7334ef248790fa0e3787e4b945215cddc03c4f384e6815bab43d34b8c04eb06ff00f10743a0e25f6", 0xe2, 0x4001, &(0x7f0000848ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00009df000)={&(0x7f00007cc000)=ANY=[@ANYBLOB="02"], 0x1}, 0x1}, 0x0)
sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000340)={0xac, 0x0, 0x0, 0x0, 0x0, {0x10}, [@IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x800}, 0x40005)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000266ffc), 0x4)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x14}, 0x1}, 0x0)

[   56.749911] netlink: 44 bytes leftover after parsing attributes in process `syz-executor2'.
[   56.820979] netlink: 44 bytes leftover after parsing attributes in process `syz-executor2'.
2018/04/08 13:27:42 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000616ff8)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mmap(&(0x7f0000bfd000/0x400000)=nil, 0x400000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
sendmsg$unix(r2, &(0x7f0000bba000)={&(0x7f0000c57ff8)=@abs, 0x8, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=[@rights={0x18, 0x1, 0x1, [r0]}], 0x18}, 0x0)
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000012c0)={{{@in6, @in=@dev={0xac, 0x14, 0x14}}}, {{}, 0x0, @in6=@mcast1={0xff, 0x1, [], 0x1}}}, 0xe8)
recvmsg(r1, &(0x7f00003d6fc8)={&(0x7f0000698000)=@generic, 0x80, &(0x7f000081afd0), 0x0, &(0x7f0000f9fff8)=""/90, 0x5a}, 0x0)

2018/04/08 13:27:42 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040), 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00001a7fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c)
sendto$inet6(r0, &(0x7f0000aaff09)="b8", 0x1, 0x0, &(0x7f0000ab0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/08 13:27:42 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x7, 0x9}, 0x2c)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10)
socketpair$inet_icmp(0x7fffffffefff, 0x2, 0x1, &(0x7f0000000280))

[   57.513505] ==================================================================
[   57.521717] BUG: KMSAN: uninit-value in csum_partial_copy_to_user+0x450/0x500
[   57.528968] CPU: 1 PID: 5098 Comm: syz-executor4 Not tainted 4.16.0+ #82
[   57.535780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   57.545109] Call Trace:
[   57.547685]  dump_stack+0x185/0x1d0
[   57.551299]  ? csum_partial_copy_to_user+0x450/0x500
[   57.556379]  kmsan_report+0x142/0x240
[   57.560163]  __msan_warning_32+0x6c/0xb0
[   57.564203]  csum_partial_copy_to_user+0x450/0x500
[   57.569129]  csum_and_copy_to_iter+0x3dc/0x2140
[   57.573787]  ? kmsan_set_origin_inline+0x6b/0x120
[   57.578607]  ? __msan_poison_alloca+0x15c/0x1d0
[   57.583265]  skb_copy_and_csum_datagram+0x6d2/0x1080
[   57.588358]  skb_copy_and_csum_datagram_msg+0x557/0x960
[   57.593703]  udpv6_recvmsg+0xc65/0x29e0
[   57.597660]  ? udp6_lib_lookup_skb+0x240/0x240
[   57.602222]  inet_recvmsg+0x4c2/0x5f0
[   57.606008]  ? br_setlink+0x408/0xba0
[   57.609797]  sock_recvmsg+0x1d0/0x230
[   57.613574]  ? inet_sendpage+0x8c0/0x8c0
[   57.617616]  ___sys_recvmsg+0x3fb/0x810
[   57.621572]  ? __fget_light+0x56/0x710
[   57.625442]  ? __fdget+0x4e/0x60
[   57.628799]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[   57.634152]  ? __fget_light+0x6b9/0x710
[   57.638107]  SYSC_recvmsg+0x298/0x3c0
[   57.641887]  SyS_recvmsg+0x54/0x80
[   57.645402]  do_syscall_64+0x309/0x430
[   57.649269]  ? ___sys_recvmsg+0x810/0x810
[   57.653395]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   57.658563] RIP: 0033:0x455259
[   57.661730] RSP: 002b:00007fcf58154c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   57.669412] RAX: ffffffffffffffda RBX: 00007fcf581556d4 RCX: 0000000000455259
[   57.676656] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000013
[   57.683900] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   57.691147] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   57.698402] R13: 0000000000000496 R14: 00000000006f9eb0 R15: 0000000000000000
[   57.705655] 
[   57.707263] Uninit was created at:
[   57.710782]  kmsan_alloc_meta_for_pages+0x161/0x3a0
[   57.715775]  kmsan_alloc_page+0x82/0xe0
[   57.719723]  __alloc_pages_nodemask+0xf5b/0x5dc0
[   57.724451]  alloc_pages_current+0x6b5/0x970
[   57.728834]  skb_page_frag_refill+0x3ba/0x5e0
[   57.733304]  sk_page_frag_refill+0xa4/0x340
[   57.737604]  __ip6_append_data+0x1a20/0x4bb0
[   57.741987]  ip6_append_data+0x40e/0x6b0
[   57.746034]  udpv6_sendmsg+0xfd5/0x45b0
[   57.749991]  inet_sendmsg+0x48d/0x740
[   57.753772]  ___sys_sendmsg+0xec0/0x1310
[   57.757809]  SYSC_sendmsg+0x2a3/0x3d0
[   57.761582]  SyS_sendmsg+0x54/0x80
[   57.765111]  do_syscall_64+0x309/0x430
[   57.768975]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   57.774136] ==================================================================
[   57.781469] Disabling lock debugging due to kernel taint
[   57.786890] Kernel panic - not syncing: panic_on_warn set ...
[   57.786890] 
[   57.794239] CPU: 1 PID: 5098 Comm: syz-executor4 Tainted: G    B            4.16.0+ #82
[   57.802352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   57.811714] Call Trace:
[   57.814280]  dump_stack+0x185/0x1d0
[   57.817884]  panic+0x39d/0x940
[   57.821087]  ? csum_partial_copy_to_user+0x450/0x500
[   57.826172]  kmsan_report+0x238/0x240
[   57.829949]  __msan_warning_32+0x6c/0xb0
[   57.833989]  csum_partial_copy_to_user+0x450/0x500
[   57.838901]  csum_and_copy_to_iter+0x3dc/0x2140
[   57.843549]  ? kmsan_set_origin_inline+0x6b/0x120
[   57.848365]  ? __msan_poison_alloca+0x15c/0x1d0
[   57.853028]  skb_copy_and_csum_datagram+0x6d2/0x1080
[   57.858130]  skb_copy_and_csum_datagram_msg+0x557/0x960
[   57.863477]  udpv6_recvmsg+0xc65/0x29e0
[   57.867437]  ? udp6_lib_lookup_skb+0x240/0x240
[   57.871993]  inet_recvmsg+0x4c2/0x5f0
[   57.875776]  ? br_setlink+0x408/0xba0
[   57.879554]  sock_recvmsg+0x1d0/0x230
[   57.883334]  ? inet_sendpage+0x8c0/0x8c0
[   57.887378]  ___sys_recvmsg+0x3fb/0x810
[   57.891338]  ? __fget_light+0x56/0x710
[   57.895202]  ? __fdget+0x4e/0x60
[   57.898544]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[   57.903886]  ? __fget_light+0x6b9/0x710
[   57.907842]  SYSC_recvmsg+0x298/0x3c0
[   57.911624]  SyS_recvmsg+0x54/0x80
[   57.915141]  do_syscall_64+0x309/0x430
[   57.919011]  ? ___sys_recvmsg+0x810/0x810
[   57.923153]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   57.928327] RIP: 0033:0x455259
[   57.931492] RSP: 002b:00007fcf58154c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   57.939176] RAX: ffffffffffffffda RBX: 00007fcf581556d4 RCX: 0000000000455259
[   57.946422] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000013
[   57.953670] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   57.960916] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   57.968172] R13: 0000000000000496 R14: 00000000006f9eb0 R15: 0000000000000000
[   57.975911] Dumping ftrace buffer:
[   57.979432]    (ftrace buffer empty)
[   57.983113] Kernel Offset: disabled
[   57.986710] Rebooting in 86400 seconds..