INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.9' (ECDSA) to the list of known hosts.
2018/04/08 13:43:43 fuzzer started
2018/04/08 13:43:44 dialing manager at 10.128.0.26:40033
2018/04/08 13:43:50 kcov=true, comps=false
2018/04/08 13:43:53 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f00000005c0), &(0x7f0000000600)=0x30)

2018/04/08 13:43:53 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e13000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000972ffc)=0x1, 0x4)
connect$inet(r0, &(0x7f0000606ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
sendto$inet(r0, &(0x7f0000000980)="06", 0x1, 0x4008000, &(0x7f0000000080)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
close(r0)

2018/04/08 13:43:53 executing program 7:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x0, 0x1, [{{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}]}, 0x10c)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2c, &(0x7f0000a83000)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}}, 0x108)

2018/04/08 13:43:53 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000e91000)={0x0, 0x0, &(0x7f00000023c0)=[{&(0x7f0000002280)="8d", 0x1}], 0x1, &(0x7f0000298000)}, 0x0)
recvmsg(r1, &(0x7f0000000340)={&(0x7f00000000c0)=@ipx, 0x80, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/129, 0x81}, {&(0x7f0000000040)=""/35, 0x23}, {&(0x7f0000000280)=""/126, 0x7e}], 0x3, &(0x7f0000002400)=""/4096, 0x1000, 0x7}, 0x40)

2018/04/08 13:43:53 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002780)={<r0=>0x0, <r1=>0x0})
sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080), 0x63, &(0x7f00000000c0)}, 0x0)
perf_event_open(&(0x7f0000001180)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x10, &(0x7f0000000100), 0x4)
sendmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="dc", 0x1}], 0x1, &(0x7f0000000480)=ANY=[]}, 0x0)
recvmsg$kcm(r1, &(0x7f0000007500)={&(0x7f0000006f00)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x80, &(0x7f0000004a40)=[{&(0x7f00000039c0)=""/4096, 0x1000}], 0x1, &(0x7f0000004ac0)=""/136, 0x88}, 0x0)

2018/04/08 13:43:53 executing program 4:

2018/04/08 13:43:53 executing program 5:

2018/04/08 13:43:53 executing program 6:

syzkaller login: [   45.030403] ip (3762) used greatest stack depth: 54672 bytes left
[   45.280960] ip (3787) used greatest stack depth: 54312 bytes left
[   46.401147] ip (3894) used greatest stack depth: 54200 bytes left
[   48.588855] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.600107] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.672439] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.693140] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.735128] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.805296] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.956740] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   49.168442] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   57.532667] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.583200] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.616262] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.825668] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.874526] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.913013] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.955807] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   58.304945] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.311263] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.322629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.357784] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.367362] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.377173] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   58.385232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.403133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.438715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.472290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.605198] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.611537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.624691] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.681963] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.688389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.698919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.742742] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.752233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.766666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.937350] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.943843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.952440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.141929] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   59.148348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   59.158418] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/04/08 13:44:11 executing program 0:

2018/04/08 13:44:11 executing program 6:

2018/04/08 13:44:11 executing program 1:
syz_emit_ethernet(0x66, &(0x7f0000000000)={@random="85a970b0146b", @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff84, 0x0, 0x0, 0x0, [0x14], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x4], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0)

2018/04/08 13:44:11 executing program 3:
pipe(&(0x7f0000055000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
rt_sigprocmask(0x0, &(0x7f0000834000)={0x7fffffff}, &(0x7f00000c1000), 0x8)
write(r1, &(0x7f0000fe5000)="1d", 0x1)
dup2(r1, r0)

2018/04/08 13:44:11 executing program 2:
syz_emit_ethernet(0xfe80, &(0x7f0000000000)={@random="85a970b0146b", @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0xffffffffffffffff], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x4], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0)

2018/04/08 13:44:11 executing program 7:
r0 = socket$inet(0x2, 0x1, 0x0)
mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0xfffffffffffffffc, 0x8972, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000134000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10)
connect$inet(r0, &(0x7f00000e5000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10)
connect$inet(r0, &(0x7f00009322c4)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
connect$inet(r0, &(0x7f00000dcff0)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x40, &(0x7f0000000140)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)

2018/04/08 13:44:11 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg(r0, &(0x7f0000b97000)={&(0x7f000028afe4)=@in6={0x2, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, 0x80, &(0x7f0000f43fe8), 0x0, &(0x7f00007d8ff0)=[{0xc, 0x0, 0x2}], 0xc}, 0x0)

2018/04/08 13:44:11 executing program 4:
r0 = socket$packet(0x11, 0x800000000002, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4)
r1 = socket$inet(0x2, 0x8000000000000003, 0x6)
sendto$inet(r1, &(0x7f000014cf2c), 0x0, 0x8000, &(0x7f00005b5ff0)={0x2}, 0x10)
sendto$inet(r1, &(0x7f0000000040)="20100000", 0x4, 0x0, &(0x7f0000cf9000)={0x2}, 0x10)

[   60.364490] ==================================================================
[   60.371948] BUG: KMSAN: uninit-value in __flow_hash_from_keys+0x10d8/0x1150
[   60.379071] CPU: 1 PID: 5071 Comm: syz-executor4 Not tainted 4.16.0+ #82
[   60.385920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   60.395285] Call Trace:
[   60.397894]  dump_stack+0x185/0x1d0
[   60.401538]  ? __flow_hash_from_keys+0x10d8/0x1150
[   60.406477]  kmsan_report+0x142/0x240
[   60.410287]  __msan_warning_32+0x6c/0xb0
[   60.414361]  __flow_hash_from_keys+0x10d8/0x1150
[   60.419135]  __skb_get_hash_symmetric+0x14d/0x230
[   60.423987]  packet_rcv_fanout+0x38f/0x8d0
[   60.428238]  ? packet_direct_xmit+0xbf0/0xbf0
[   60.432734]  dev_queue_xmit_nit+0x111a/0x11e0
[   60.437247]  dev_hard_start_xmit+0x27c/0xc70
[   60.441672]  __dev_queue_xmit+0x22d9/0x2b60
[   60.446007]  dev_queue_xmit+0x4b/0x60
[   60.449815]  neigh_resolve_output+0xac6/0xb60
[   60.454324]  ? neigh_event_ns+0x360/0x360
[   60.458476]  ip_finish_output2+0x1238/0x1380
[   60.462893]  ip_finish_output+0xcb0/0xff0
[   60.467052]  ip_output+0x502/0x5c0
[   60.470596]  ? ip_mc_finish_output+0x3b0/0x3b0
[   60.475185]  ? ip_finish_output+0xff0/0xff0
[   60.479511]  ip_send_skb+0x5f3/0x820
[   60.483229]  ? __ip_local_out+0x5b0/0x5b0
[   60.487390]  ip_push_pending_frames+0x105/0x170
[   60.492063]  raw_sendmsg+0x2960/0x3ed0
[   60.495982]  ? compat_raw_ioctl+0x100/0x100
[   60.500306]  inet_sendmsg+0x48d/0x740
[   60.504112]  ? security_socket_sendmsg+0x9e/0x210
[   60.508957]  ? inet_getname+0x500/0x500
[   60.512933]  SYSC_sendto+0x6c3/0x7e0
[   60.516652]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   60.522107]  ? prepare_exit_to_usermode+0x149/0x3a0
[   60.527147]  SyS_sendto+0x8a/0xb0
[   60.530609]  do_syscall_64+0x309/0x430
[   60.534511]  ? SYSC_getpeername+0x560/0x560
[   60.538843]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   60.544034] RIP: 0033:0x455259
[   60.547227] RSP: 002b:00007f423017cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   60.554947] RAX: ffffffffffffffda RBX: 00007f423017d6d4 RCX: 0000000000455259
[   60.562225] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 0000000000000014
[   60.569513] RBP: 000000000072bea0 R08: 0000000020cf9000 R09: 0000000000000010
[   60.576790] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   60.584069] R13: 00000000000004f7 R14: 00000000006fa7c8 R15: 0000000000000000
[   60.591354] 
[   60.592974] Uninit was stored to memory at:
[   60.597307]  kmsan_internal_chain_origin+0x12b/0x210
[   60.602415]  __msan_chain_origin+0x69/0xc0
[   60.606656]  __skb_flow_dissect+0x4cbd/0x6580
[   60.611161]  __skb_get_hash_symmetric+0x10b/0x230
[   60.616019]  packet_rcv_fanout+0x38f/0x8d0
[   60.620260]  dev_queue_xmit_nit+0x111a/0x11e0
[   60.624759]  dev_hard_start_xmit+0x27c/0xc70
[   60.629168]  __dev_queue_xmit+0x22d9/0x2b60
[   60.633495]  dev_queue_xmit+0x4b/0x60
[   60.637296]  neigh_resolve_output+0xac6/0xb60
[   60.641799]  ip_finish_output2+0x1238/0x1380
[   60.646212]  ip_finish_output+0xcb0/0xff0
[   60.650366]  ip_output+0x502/0x5c0
[   60.653905]  ip_send_skb+0x5f3/0x820
[   60.657617]  ip_push_pending_frames+0x105/0x170
2018/04/08 13:44:11 executing program 5:

2018/04/08 13:44:11 executing program 3:

2018/04/08 13:44:11 executing program 6:
pipe2(&(0x7f0000002280), 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000022c0)={'bridge0\x00', {0x2, 0x4e24, @broadcast=0xffffffff}})
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000002200)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002840)={{{@in6=@mcast1, @in=@multicast1}}, {{@in=@multicast2}, 0x0, @in=@multicast2}}, &(0x7f0000002940)=0xe8)
accept4$nfc_llcp(r0, &(0x7f0000001e80), &(0x7f0000002240)=0x58, 0x800)
fstatfs(r0, &(0x7f0000002300)=""/140)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000090d8b75e67e16b394342abb5158df87ea8984e79c93df7498b2b34796068700e29fbd789f9a031f23e16c96e30baed2961953b057f7a3222943acc4b8cfa4de553f8276731ddeb811efd44ea011e1a0db9074a28a826c88566b89c57cc3cca4aec41d37fa27c8daa19030d03139d0aea71d509d9a20ba7deceb656cc1308d9d1f111b6bd1595486f55e229923be4ed8cbfb78e86280b4cacf386bfa8840afb312a4c520a03b27f805d181bd09ea208931a36e888060a2d")
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000500)={0x0, 0x363})
recvfrom(0xffffffffffffffff, &(0x7f0000000440)=""/34, 0x22, 0x0, &(0x7f00000005c0)=@ax25={0x3, {"b72c7eac35bcd4"}}, 0x80)
fsetxattr(r1, &(0x7f0000000140)=@known='user.syz\x00', &(0x7f0000000180)="363c51940180ebe7753205aff0fa0447a66dafe9356a7523588002a93724a0e1fe2d1192f3e19aec4d078b2ab1bb0365360f1339aa1b80de79356570d0a6b7a6025c471e7b8514989fa1e6746581add1157d812fd9ef438b5cd74178ad1fa3bb6cff15a3ede5d306b4f8d977fd65146e99d0c2b2c1d5f2c62577c3c094b374cc50eafec5b0a349c4b04ad425b5dd4d51856e426f359338dbcbe939c9da32b8ffb1f84e3df8dca651656e7818d949b14b5560d71c92335881a988a06f5c2b798dad13916946e32139ede4df933f525428b81464aea9a3c66c410bc4718ba27dab77cee9c682d9dcba6fdd36e36057a6bda603998e69e4aa516c825653071d26d991b749e7b19c2f076a0dc8f0240aabfae82984f0ee5172a6d18e0de0c1f674e57e4a71c0093db907000000000000000000000000000000", 0x137, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f0000000000)=@known='user.syz\x00')
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000340))
syz_genetlink_get_family_id$ipvs(&(0x7f0000000580)='IPVS\x00')
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000540)={0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000002540)=ANY=[]}, 0x1}, 0x0)
socket(0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000400), 0x4)
write(0xffffffffffffffff, &(0x7f00000eefe1), 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @rand_addr}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000001cc0), 0x0, 0x0, &(0x7f0000001dc0)={0x77359400})

2018/04/08 13:44:11 executing program 0:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000107ff8)={0x0, 0x10040000}, 0x8)
connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f00002c9000), 0x8)

2018/04/08 13:44:11 executing program 2:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x1, &(0x7f0000819000)={{}, {0x0, 0x1c9c380}}, &(0x7f0000588fe0))
timerfd_settime(r0, 0x0, &(0x7f00000a5ff0), &(0x7f000010bff0))

[   60.662288]  raw_sendmsg+0x2960/0x3ed0
[   60.666192]  inet_sendmsg+0x48d/0x740
[   60.669999]  SYSC_sendto+0x6c3/0x7e0
[   60.673717]  SyS_sendto+0x8a/0xb0
[   60.677170]  do_syscall_64+0x309/0x430
[   60.681065]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   60.686250] Uninit was stored to memory at:
[   60.690577]  kmsan_internal_chain_origin+0x12b/0x210
[   60.695689]  kmsan_memcpy_origins+0x11d/0x170
[   60.700186]  __msan_memcpy+0x19f/0x1f0
[   60.704079]  skb_copy_bits+0x63a/0xdb0
[   60.707972]  __skb_flow_dissect+0x48ea/0x6580
2018/04/08 13:44:11 executing program 1:
syz_emit_ethernet(0x7a, &(0x7f0000127eb9)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @random="7418f47bf4ae", [], {@ipv6={0x86dd, {0x0, 0x6, '\x00', 0x44, 0x11, 0x0, @empty, @empty, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}}}}}}}, &(0x7f0000000000))

[   60.712473]  __skb_get_hash_symmetric+0x10b/0x230
[   60.717319]  packet_rcv_fanout+0x38f/0x8d0
[   60.721560]  dev_queue_xmit_nit+0x111a/0x11e0
[   60.726062]  dev_hard_start_xmit+0x27c/0xc70
[   60.730478]  __dev_queue_xmit+0x22d9/0x2b60
[   60.734808]  dev_queue_xmit+0x4b/0x60
[   60.738620]  neigh_resolve_output+0xac6/0xb60
[   60.743122]  ip_finish_output2+0x1238/0x1380
[   60.747531]  ip_finish_output+0xcb0/0xff0
[   60.751679]  ip_output+0x502/0x5c0
[   60.755220]  ip_send_skb+0x5f3/0x820
[   60.758945]  ip_push_pending_frames+0x105/0x170
[   60.763624]  raw_sendmsg+0x2960/0x3ed0
[   60.767522]  inet_sendmsg+0x48d/0x740
[   60.771328]  SYSC_sendto+0x6c3/0x7e0
[   60.775054]  SyS_sendto+0x8a/0xb0
[   60.779391]  do_syscall_64+0x309/0x430
[   60.783284]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   60.788460] Uninit was created at:
[   60.792010]  kmsan_alloc_meta_for_pages+0x161/0x3a0
[   60.797042]  kmsan_alloc_page+0x82/0xe0
[   60.801038]  __alloc_pages_nodemask+0xf5b/0x5dc0
[   60.805805]  alloc_pages_current+0x6b5/0x970
[   60.810219]  skb_page_frag_refill+0x3ba/0x5e0
[   60.814723]  sk_page_frag_refill+0xa4/0x340
[   60.819048]  __ip_append_data+0x107e/0x3d10
[   60.823384]  ip_append_data+0x2fb/0x440
[   60.827368]  raw_sendmsg+0x287b/0x3ed0
[   60.831263]  inet_sendmsg+0x48d/0x740
[   60.835067]  SYSC_sendto+0x6c3/0x7e0
[   60.838782]  SyS_sendto+0x8a/0xb0
[   60.842240]  do_syscall_64+0x309/0x430
[   60.846131]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   60.851309] ==================================================================
[   60.858663] Disabling lock debugging due to kernel taint
[   60.864113] Kernel panic - not syncing: panic_on_warn set ...
[   60.864113] 
[   60.871490] CPU: 1 PID: 5071 Comm: syz-executor4 Tainted: G    B            4.16.0+ #82
[   60.879635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   60.888996] Call Trace:
[   60.891608]  dump_stack+0x185/0x1d0
[   60.895338]  panic+0x39d/0x940
[   60.898563]  ? __flow_hash_from_keys+0x10d8/0x1150
[   60.903502]  kmsan_report+0x238/0x240
[   60.907317]  __msan_warning_32+0x6c/0xb0
[   60.911393]  __flow_hash_from_keys+0x10d8/0x1150
[   60.916172]  __skb_get_hash_symmetric+0x14d/0x230
[   60.921053]  packet_rcv_fanout+0x38f/0x8d0
[   60.925303]  ? packet_direct_xmit+0xbf0/0xbf0
[   60.929807]  dev_queue_xmit_nit+0x111a/0x11e0
[   60.934327]  dev_hard_start_xmit+0x27c/0xc70
[   60.938753]  __dev_queue_xmit+0x22d9/0x2b60
[   60.943095]  dev_queue_xmit+0x4b/0x60
[   60.946910]  neigh_resolve_output+0xac6/0xb60
[   60.951415]  ? neigh_event_ns+0x360/0x360
[   60.955566]  ip_finish_output2+0x1238/0x1380
[   60.959986]  ip_finish_output+0xcb0/0xff0
[   60.964142]  ip_output+0x502/0x5c0
[   60.967688]  ? ip_mc_finish_output+0x3b0/0x3b0
[   60.972273]  ? ip_finish_output+0xff0/0xff0
[   60.976588]  ip_send_skb+0x5f3/0x820
[   60.980314]  ? __ip_local_out+0x5b0/0x5b0
[   60.984493]  ip_push_pending_frames+0x105/0x170
[   60.989169]  raw_sendmsg+0x2960/0x3ed0
[   60.993082]  ? compat_raw_ioctl+0x100/0x100
[   60.997413]  inet_sendmsg+0x48d/0x740
[   61.001222]  ? security_socket_sendmsg+0x9e/0x210
[   61.006082]  ? inet_getname+0x500/0x500
[   61.010065]  SYSC_sendto+0x6c3/0x7e0
[   61.013790]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   61.019251]  ? prepare_exit_to_usermode+0x149/0x3a0
[   61.024304]  SyS_sendto+0x8a/0xb0
[   61.027761]  do_syscall_64+0x309/0x430
[   61.031656]  ? SYSC_getpeername+0x560/0x560
[   61.035984]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   61.041174] RIP: 0033:0x455259
[   61.044365] RSP: 002b:00007f423017cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   61.052076] RAX: ffffffffffffffda RBX: 00007f423017d6d4 RCX: 0000000000455259
[   61.059347] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 0000000000000014
[   61.066621] RBP: 000000000072bea0 R08: 0000000020cf9000 R09: 0000000000000010
[   61.073897] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   61.081175] R13: 00000000000004f7 R14: 00000000006fa7c8 R15: 0000000000000000
[   61.088999] Dumping ftrace buffer:
[   61.092528]    (ftrace buffer empty)
[   61.096214] Kernel Offset: disabled
[   61.099818] Rebooting in 86400 seconds..