INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts.
2018/04/07 01:16:21 fuzzer started
2018/04/07 01:16:22 dialing manager at 10.128.0.26:38639
2018/04/07 01:16:28 kcov=true, comps=false
2018/04/07 01:16:30 executing program 0:
r0 = socket$packet(0x11, 0x800000000002, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4)
r1 = socket$inet(0x2, 0x8000000000000003, 0x2f)
sendto$inet(r1, &(0x7f000014cf2c), 0x0, 0x8000, &(0x7f00005b5ff0)={0x2}, 0x10)
sendto$inet(r1, &(0x7f0000000400)="2090000029427522", 0x8, 0x0, &(0x7f0000cf9000)={0x2}, 0x10)

2018/04/07 01:16:30 executing program 1:
r0 = socket$inet(0x2, 0x1, 0x0)
r1 = dup(r0)
bind$inet(r0, &(0x7f000012e000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000e9bff0)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0x0, 0x101}]}, 0x10)
connect$inet(r0, &(0x7f0000987000)={0x2, 0x4e23}, 0x10)
sendto$inet(r1, &(0x7f00004eef09)="96427feebcc603c266d2a2c2da2644124066d6c52746a66fd07a4a9370b924b494651c3febca0be535e0f30bbafe65b8b859d66972208f558b002bbc2366429da28cdb97727474f32fcce772ce439a1b5785bb74b8680705191a3d28e775b402a04cdf7881cf1c80eb042835db0e8c24fd0e3c0f396da612f44d9999de32f883521dfa4593a5772e19b5c0c27ace555870d7fe3a1819c614a8d9447cfa592c236d96bf255bf3966b0c1c34711ce489df2032a31902ae0742b79d7334ef248790fa0e3787e4b945215cddc03c4f384e6815bab43d34b8c04eb06ff00f10743a0e25f6", 0xe2, 0x4001, &(0x7f0000848ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
sendmsg$key(r1, &(0x7f0000e96fc8)={0x0, 0x0, &(0x7f00009df000)={&(0x7f00007cc000)={0x2, 0x0, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0)
shutdown(r0, 0x0)
shutdown(r1, 0x1)

2018/04/07 01:16:30 executing program 7:
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

2018/04/07 01:16:30 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000100)='tls\x00', 0x4)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4)

2018/04/07 01:16:30 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0xfff, 0x0, 0x0, 0xffff800000000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, &(0x7f0000560000), &(0x7f0000489000), &(0x7f0000000ffc), &(0x7f000067c000))

2018/04/07 01:16:30 executing program 3:
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
perf_event_open(&(0x7f0000001080)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12013, 0xffffffffffffffff, 0x0)
getsockopt(r0, 0x2000000000010d, 0xc, &(0x7f0000999000)=""/4, &(0x7f0000000000)=0x4)

2018/04/07 01:16:30 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7d}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}, 0x1}, 0x0)

2018/04/07 01:16:30 executing program 6:
r0 = syz_open_dev$tun(&(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'bcsh0\x00', 0x3})
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8923, &(0x7f0000000180)={'bcsh0\x00', 0x1})

syzkaller login: [   44.276745] ip (3756) used greatest stack depth: 54672 bytes left
[   44.672088] ip (3794) used greatest stack depth: 54408 bytes left
[   44.852448] ip (3808) used greatest stack depth: 54072 bytes left
[   47.918935] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   47.954710] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.057948] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.089718] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.173012] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.189198] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.204836] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.386412] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   56.836927] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   56.928788] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.058891] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.118572] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.227237] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.353617] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.363282] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.405999] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.649552] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.655827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.672673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.747621] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.753882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.765679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.800890] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.811153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.823546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.851564] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.858317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.900304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.112996] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.119262] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.129885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.155502] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.166131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.175961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.208412] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.219353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.249714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.286408] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.293252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.303912] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/04/07 01:16:48 executing program 3:
r0 = getpid()
r1 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00')
pread64(r1, &(0x7f00008af000), 0x21a, 0x0)

2018/04/07 01:16:48 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(ccm(cast6-generic))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c50400aeb995298992ea5400c2", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000003340)=[{{&(0x7f00000000c0)=@sco, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000140)=""/94, 0x5e}}, {{&(0x7f0000002f40)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003100)=""/226, 0xfffffffffffffdd9}], 0x1, &(0x7f0000000440)=""/239, 0xef}}], 0x2, 0x0, 0x0)

2018/04/07 01:16:48 executing program 1:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0)
dup3(r0, r1, 0x0)

2018/04/07 01:16:48 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x50, &(0x7f0000000540), &(0x7f0000000600)=0x30)

2018/04/07 01:16:48 executing program 3:
r0 = getpid()
r1 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00')
pread64(r1, &(0x7f00008af000), 0x21a, 0x0)

2018/04/07 01:16:48 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x8010000400000084)
bind$inet6(r0, &(0x7f00001c1000)={0xa, 0x4e20}, 0x1c)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000dacff8)=@assoc_value={0x0, 0x200}, 0x8)
sendto$inet6(r0, &(0x7f00009f1000)='G', 0x1, 0x0, &(0x7f00000005c0)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f000098effc), 0x4)
writev(r0, &(0x7f00007f2000)=[{&(0x7f0000001f40)="b6b23ebe2094b6c296b7f43c2ff9cec9a414ac8ab00820fbde9a0f4a1bd2773a23ca881cb2b8f6f7676ec3e23411c9a7b90c0d98413505ae48a6f9680b3b1c7d9d2083981adb57cc49d7c44eb888269d5ddad8a8ece4937a8c1bd5f6d54eb2fee4344a60a71f21a02b71241caa5bfb30ef20735987815557dd0712275e1cab0562f6e71d00f07d832fff291844ad8c73a6b27652f46020e42eebd5fd185751187d8455017d6e42c6492f282d3fcea50ef7e26862684165a175a262d5fdb1562a9dd53028ed11564d449b40c3dc6e1500aff5eb7c7ac29b27bcac0249c746425160e164ce64e5180f5b19b180bfa5a14ff6d6bac621a1723ffe9dbd05f91bed6ffd9ba2ca0ea7f3eca738786c6cf9be08976ab48f5ce579d5053ef537ba15f9ca286ef7299567bf2b50512cba39ca22e4eafa46593dfb19b29e524a5e0b527f06c3fd666357e9b397f2e720146853c8a4e590b620fd4f0c83a6a0d626fbc2d018596b5bd8b2b9496d3a83f8760b1fb0a6ec9de29b146334717e8cab34996e8474bbde59447f2cc876096f80b10134ed5d69027a9cdd109de0d161003880d10536725ab38afdff82208b82a05f7661bc482b841d815c35660d7f7b036d0426f3cbfcd1448782af41483936f20b09e239d53be9df805d1a4dced5167eb9b8c8c681451329adcea047a3a00461916692c523647ed2b81b1f880417072cf26db77335331fd9d49b1bea2ba448e3e7822109d5a115c5da661c65193ae60923e37b8751d7f6eb2511fc9b55963fca553c0c6d065240b94c889af1781a8671ce4ec91744820d8c3905b2eafb38d909b45175801885e1a1059a9b3db85a95f2172947697e56244fd7b4b412a33b9adc061fca8c742d05f50ce0d2b4280749ce13488259d37074ba94540a5b9cdf426fdf4563163e81c9769b7a84db101c03d88cec1eb18b7ded9b957734dde7b896b0b9c1a76e63104a02a06e917a0e3b608276ad2860a17c76e5c5a07dd6917fa497adc8ff56e2ec6f2bcc09d8061f504c5d5128b4e89bcb2207df70db9d7cceff2fc266443b6d34bb651d0def84768f750279e8b8ab42a8ba7f4f265e0051333f346bc113c56b179b81421601bd60cd071ee198d84ca6abd13eb3ecbc6aaab47aaae592f97c3747c37266e8ad2358029989919b7f5dcee8b60e1d32a0a94d91cc073174ef180d1b3cd4aedb77f1e898f6df02cf3fe57db328abb0ac8d88e5f0d3015f10e74f00e90ab3acbd2e8917e130d2961b1895b5e3252e8a74a0fe0579330407de6a6644cdb7cef78f6ebdf9ef2aa07b32c587d93be72cce852d1ccdf83d1740e0b5c2971b340d98e584b883878ebcac7c91c0c7ce6c23b459b8feb49133d78e965ece4c3f5e11f929d5ef541e2ad8311c4c7412c045b4abf9d14e0f8fd1fd5f851511519e45bee4f00ebb6fddcf38b0936c7aaec7e846631d8f0f0f032fd578dba501d6c7c63bdc858c6c80cc37ac3992b4dec23d5c2304f15849f696bf1327c3d2ad87908a529bcd398b40c1323462ae597ac24b707041063050c35c6337f02461a3c14cbb6f2a573aa4c154bebe75e8e8254c2df4106fcac6a295317cde6123d9148693790211cc12a7c3cbfaf7e5da983827f7d430c4a858842057ac860fa3891fe7f59c71b7256618198ceb0253d0f6afe9515af1d3a97a69f5d3f8def2f0b2dd0cbaddedc76ac3e57763ea544187493419bb6b0cc14df727f31e6395db760806edcdc37804870ee006fe60471f10f0313fc1f9f365038472cf978d091e94338af5dc37e12e30d4e16b13675eea7d36a18f3e39db3619cdf573058e89f95702cf8bf8ca88b4f4989e4a7086a682a13b47", 0x51f}], 0x1)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000280)="23884051f454d47608e4b1090f80d95221b6e30fcf1d452c9b7e024e9d7fde15423fb3af6700990fc5a9fed35ec9f0e64e737d6120298b435477abc3051d2a0cf1635a19e6333dddbf0ab7c74c430052eb5d6462237cb7f46bef2de05d50ce84e3db9633fdcba5790fa2f6cac36aa0d4193cd4378d53f0a4b0cbb4d69bc09739549630f8824d66cd5a9188ae787bae990eb1dd9a4f28a6a76b08de68af3568e1e617a9c00c95b77724c9c4ff2d6e0b7adeed4707c6207f5294f1f2f6dfa79d3f76085850ac27eb5c746393f08e39c3e45b83a58355250d16b2568fc7ae93d93a5b0a3a829897d5bd21092bde88e239316216523c38ae6d2c480a57657d03d0ad5817cc03335c1ba5fcdc0526b654db60fd50b16354926904b552a00e6ea5aafc4f5fbeebb920e130ed470990bdbfb6b765f6c80bcf1ebbd32f4dea95de8877b96e08f5ad2f977956f3b8c5a03fbd96df247f068b05d55905774f98b860c9d2b25872ad2af0f5425849ce2cd4a95a048c578048066862676b1159e5ed30acab882e5a3ffc848dcb359935fac9ae756bd9f79f2981063ce72a0419912acf3c79421a0b900b053404b22347eeeeb57b48d32f05eedbe38546cfb8600eac7e472db3610925310f7dab706a61fef9412f111c904e8bb18366bee4a6e91d7a60260ee02a961d4b40e57175bbc6b64fd682a88916bfb3930d88debc5a2c713781b678a1", 0x200}], 0x1)
write$binfmt_script(r0, &(0x7f0000002f80)={'#! ', './file0', [], 0xa, "67d051640b8c9481b00d55f6a726cac1510a8f36a5d8009e5774061bd2f0563bd4bbaafe7e0828872227208ba17b8fbecdda56fd84e0b9efecde1c1bd79663626e7ea2565d903656bd0839de1131e1fe70df344579e144e4ebd90ff8772703f2b9add280e6f20fa53c5fc22624000158e1830a2a4cb71b075f795e2aed158871a54003a4603d50fb1dd2a70e683fefa1d916af542c619e9e8484ef8c0724053413252ee999bbc8b6dc79c17009c2854bc59514b50e56e60b662be9454643231365fa2bac367bcdb995dc3ff7cc70fdbbba4004df57e1ef226fc2ae411b2a2733873d78f770bbe89808cdbaa1c878c3a79b86f6639ea22ed3248bd3b55d7352b8bde6480dda78b1e7e865cb9455c0932e4059a4ee03bc7df98938d8bfea43648fc34754cfcd29a69d829eea69e656aeed34657d2f9571fdceef46df083837f5f4573a3704e4da3102e16470e97aa205115002902ce6a16c8321cc6e68eeae413f5a85b78ba5f0ac2f2ea8675b00b1021517582579fc933c4bb1086e3a543f1aef1592f701f74a318836bf33cd2b4e90ff13980ee7f3928897496acec50365eb9abb303e78cf74c811dc09d746208148812605e8e4192820c7290214f49a02af73ba65459ebe707dde72627d45369e9bd9448a95f8bc639c5a5b8c7a310149119b6431c1e560f66f64fa309238076be1641c3d6a0b04441e9fe21b40fd2893a905574eba96b01fd01c3a07736f3df38a1752e14de97f5cdb15e18e28009cb9c6d48179580e10f6265af7330162fb48e28eb913b741337b60a3cb399d7350a61765f9fa32d8d5cb2eca82f36bec9306ddbb8a06485609090df942a92a726fd0fa6ce1a2669bb87b221d9076c2168fb96f9349e9bb5c63a68e04a435c43a4b57ecd7d1c157a381251a5e73d29310b5e4fde7c96c8f7be2b03a1e6653da0a648eb1fe7db5ef6b7829e846a08349e0f7e4645b79ef75b8591359b4ebec014e6e2373022ff986cfd728ce5c27eb2938f49b5a91f7c48f9256d977dc58d08d6b5abf104019472ef5350c5fba2c039be271f1ebebb21486ee47fe94f4e8eabd9a5d0c9ff48a4a2604c7ccfafb18a48c4abfaddf6e9b6b04c9ec962a3747244cbab26107ef117e8d84654d1570f22086f470997581148559afefff19961ca6741d8c237c6acc310a28fd1b13697186da66ec144eb2ebf05ed17a039f525655a9c860e6bf9aa1d21423cfbbf0f55f0e3d803302fe3bc6869069583675ac556935ad5af44933db9eb989860a4411a38f9eaa91f944213c4ef1ec157ff40aa453dbcc47abd955220170735613b31b82d73c54ac699f02010de2d60ce4ad09120fec388e3924bfe0307a1ba80643875d5347020071398a5a5573"}, 0x3de)
recvfrom$unix(r0, &(0x7f0000000480)=""/61, 0x9, 0x0, 0x0, 0x7ade03ee)
recvmsg(r0, &(0x7f0000001f00)={&(0x7f00000004c0)=ANY=[], 0x0, &(0x7f0000000980)=[{&(0x7f0000000d00)=""/4096, 0x1000}], 0x1, &(0x7f0000001e00)=""/216, 0xd8}, 0x0)
sendmmsg(r0, &(0x7f00000097c0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000003380)="356e39efbf42aa38db41f23c2c5293108bad9dcc62abf74b7fefa5945c220fa32f7298d65a7a4a34a42c62ef640e89d892c9d6871f0e287ff58cc6104995ebff1d8965a0763fc515c1247f00367286bb9546a951138906078f2993e3ca4bd94e1410b25b3d2baa91a3f89db0f5494ea7d4beaee43d7345789c7813ce12b44d43f837aa060159a375e916aa89b737899cd41014dc92db66c4460149b47ba659d6469706dd78048725608936bb3365114c307544b893c749fc0c6dd5c7d79ce3925a52e83293a3a2c9fe0bdaf21f62824691ad537c96dd5b75694571e062907f662a3ddd578f612f8ff3d8df8c2ba748c3db50ed5f8255c668260cc8a5a37b7ccd5c14a29e61f27673f2c188cc313de1a15c98a6ab748d2776daae201fabe53d5c97fb71d3f2f03d1641de3e816c3e9e7d523acd2afe2e28263b623dec77c1fce9a06a6dd8cc02abf41606cf0030f4e1522fa9f2d71fc0b61c04205e6fac1610ec010b6efb874fb6fece218d1a83af6ad3a702c1182a9bcc6680c5869393d8af75e6016fdd51145d237979d1e16a730cc82ea2a5b1a336c63d61964dddae87b905fb25f59a9b80a14fbd5af5c9a3c6d6560c47899b9b90fb212cf08e88aaa0faec534c72c3b01afc68182bfd0088a2bf86f6c63923fc444b888f6e2abbb14cffa2fb02751b0d4fc9748b651da122053de78c3f82da320427df34c58bcbb01cb3a4a8dfac59711c271da5ded814c33cdca089b9f6804c61cbb347995c24fb105655fc4bd72990fbb897f6c282d799bd84395a9163974cc25acc57b55a2ee1a419a2ebc9d814ffbcd35aa39ceaba94e7731b137b59334aa32d706d6a092a7cabed16c06999b21ac9f9925ef65d8bc13f279b999fd7d0a67e9b36ed74b6ea3d92539a4640d91b9275d07192e3b5eaa21cb1413ebc888fec799353b03f8a1a7756722a5194421cf1694c8761e196845034434f4ca4770823a2873178513dbf147d15ea66bea2c6c745219f19c9a183d1f848cfaa0230af36f69398e02cf910b4d5e6b8bda0cd3a7da0b9349f39f8e2f33ae9d4b310de07f774130f75d41998477cdb837e931dfadfb92987696a81be31c269e319ec983f20bb19338a7aa5afb1a7ce37f272ec8924ee2acabe228c7b867e56e7024fc76d06ec7121dd67a3e4671924af7737e8f3f97c524ea4364186d52a67f5f3d8295a6ac625f9666c428d3511b4d02fb51abb25c0171f31f5373b675e4c4aaf67140d404140d4407e150971fe9cbe960b72c9c1e495dd152cf62229db0fa6d4136ad849bb9b0bd4d0cf2cac9e0651acab955492976da95a7f3fbb0f58a8a1d4446b61dda78550a8c050439a6020455abaa0ff58daa15653066cc16f7f51bced27d7cd6194aca264a05d345c816d2ed01ae081c394190d12b20d6483c19e145a6351707143de1bcaed17a669ac40e4fa", 0x401}], 0x1, &(0x7f0000000600)}}], 0x1, 0x0)

[   59.538788] ==================================================================
[   59.546213] BUG: KMSAN: uninit-value in __skb_flow_dissect+0x401f/0x6580
[   59.553064] CPU: 0 PID: 5081 Comm: syz-executor0 Not tainted 4.16.0+ #81
[   59.559896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.569248] Call Trace:
[   59.571848]  dump_stack+0x185/0x1d0
[   59.575484]  ? __skb_flow_dissect+0x401f/0x6580
[   59.580160]  kmsan_report+0x142/0x240
[   59.583971]  __msan_warning_32+0x6c/0xb0
[   59.588042]  __skb_flow_dissect+0x401f/0x6580
[   59.592542]  ? __msan_chain_origin+0x69/0xc0
[   59.596958]  ? SyS_sendto+0x8a/0xb0
[   59.600594]  ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   59.605969]  ? __dev_queue_xmit+0x22d9/0x2b60
[   59.610471]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   59.615938]  __skb_get_hash_symmetric+0x10b/0x230
[   59.620793]  packet_rcv_fanout+0x38f/0x8d0
[   59.625034]  ? packet_direct_xmit+0xbf0/0xbf0
[   59.629532]  dev_queue_xmit_nit+0x111a/0x11e0
[   59.634037]  dev_hard_start_xmit+0x27c/0xc70
[   59.638457]  __dev_queue_xmit+0x22d9/0x2b60
[   59.642795]  dev_queue_xmit+0x4b/0x60
[   59.646600]  neigh_resolve_output+0xac6/0xb60
[   59.651109]  ? neigh_event_ns+0x360/0x360
[   59.655261]  ip_finish_output2+0x1238/0x1380
[   59.659683]  ip_finish_output+0xcb0/0xff0
[   59.663839]  ip_output+0x502/0x5c0
[   59.667383]  ? ip_mc_finish_output+0x3b0/0x3b0
[   59.671975]  ? ip_finish_output+0xff0/0xff0
[   59.676291]  ip_send_skb+0x5f3/0x820
[   59.680006]  ? __ip_local_out+0x5b0/0x5b0
[   59.684158]  ip_push_pending_frames+0x105/0x170
[   59.688832]  raw_sendmsg+0x2960/0x3ed0
[   59.692742]  ? compat_raw_ioctl+0x100/0x100
[   59.697067]  inet_sendmsg+0x48d/0x740
[   59.700871]  ? security_socket_sendmsg+0x9e/0x210
[   59.705715]  ? inet_getname+0x500/0x500
[   59.709699]  SYSC_sendto+0x6c3/0x7e0
[   59.713414]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   59.718871]  ? prepare_exit_to_usermode+0x149/0x3a0
[   59.723897]  SyS_sendto+0x8a/0xb0
[   59.727348]  do_syscall_64+0x309/0x430
[   59.731234]  ? SYSC_getpeername+0x560/0x560
2018/04/07 01:16:48 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000000100)={0x10, 0x0, 0x0, 0x8400880}, 0xc)
capset(&(0x7f00002d0ff8)={0x19980330}, &(0x7f0000cc0000))
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0)

2018/04/07 01:16:48 executing program 2:
openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000140)={{0xa, 0x4e20, 0x101, @remote={0xfe, 0x80, [], 0xbb}, 0x1f}, {0xa, 0x4e20, 0x80, @empty, 0x7}, 0x7f, [0xf4, 0x1, 0x20, 0x0, 0x7, 0x5, 0x5, 0x20]}, 0x5c)
clone(0x0, &(0x7f0000e02000), &(0x7f00000004c0), &(0x7f0000000400), &(0x7f0000000500))
wait4(0xffffffffffffffff, 0x0, 0x40000008, 0x0)
fcntl$getown(r0, 0x9)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0), 0x4)

[   59.735553]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   59.740732] RIP: 0033:0x455259
[   59.743909] RSP: 002b:00007f7a64f9ec68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   59.751613] RAX: ffffffffffffffda RBX: 00007f7a64f9f6d4 RCX: 0000000000455259
[   59.758880] RDX: 0000000000000008 RSI: 0000000020000400 RDI: 0000000000000014
[   59.766145] RBP: 000000000072bea0 R08: 0000000020cf9000 R09: 0000000000000010
[   59.773408] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   59.780680] R13: 00000000000004f7 R14: 00000000006fa7c8 R15: 0000000000000000
[   59.787946] 
[   59.789565] Uninit was stored to memory at:
[   59.793894]  kmsan_internal_chain_origin+0x12b/0x210
[   59.798998]  kmsan_memcpy_origins+0x11d/0x170
[   59.803496]  __msan_memcpy+0x19f/0x1f0
[   59.807386]  skb_copy_bits+0x63a/0xdb0
[   59.811276]  __skb_flow_dissect+0x3931/0x6580
[   59.815768]  __skb_get_hash_symmetric+0x10b/0x230
[   59.820616]  packet_rcv_fanout+0x38f/0x8d0
[   59.824849]  dev_queue_xmit_nit+0x111a/0x11e0
[   59.829348]  dev_hard_start_xmit+0x27c/0xc70
[   59.833758]  __dev_queue_xmit+0x22d9/0x2b60
[   59.838079]  dev_queue_xmit+0x4b/0x60
[   59.841881]  neigh_resolve_output+0xac6/0xb60
[   59.846380]  ip_finish_output2+0x1238/0x1380
[   59.850792]  ip_finish_output+0xcb0/0xff0
[   59.854939]  ip_output+0x502/0x5c0
[   59.858477]  ip_send_skb+0x5f3/0x820
[   59.862192]  ip_push_pending_frames+0x105/0x170
[   59.866863]  raw_sendmsg+0x2960/0x3ed0
[   59.870748]  inet_sendmsg+0x48d/0x740
[   59.874550]  SYSC_sendto+0x6c3/0x7e0
[   59.878269]  SyS_sendto+0x8a/0xb0
[   59.881724]  do_syscall_64+0x309/0x430
[   59.885621]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   59.890801] Uninit was created at:
[   59.894349]  kmsan_alloc_meta_for_pages+0x161/0x3a0
[   59.899363]  kmsan_alloc_page+0x82/0xe0
[   59.903345]  __alloc_pages_nodemask+0xf5b/0x5dc0
[   59.908099]  alloc_pages_current+0x6b5/0x970
[   59.912496] capability: warning: `syz-executor3' uses 32-bit capabilities (legacy support in use)
[   59.921530]  skb_page_frag_refill+0x3ba/0x5e0
[   59.921542]  sk_page_frag_refill+0xa4/0x340
[   59.921556]  __ip_append_data+0x107e/0x3d10
[   59.921566]  ip_append_data+0x2fb/0x440
[   59.921580]  raw_sendmsg+0x287b/0x3ed0
[   59.921591]  inet_sendmsg+0x48d/0x740
[   59.921621]  SYSC_sendto+0x6c3/0x7e0
[   59.950045]  SyS_sendto+0x8a/0xb0
[   59.950060]  do_syscall_64+0x309/0x430
[   59.950075]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   59.950094] Disabling lock debugging due to kernel taint
[   59.958852] : renamed from bcsh0
[   59.962571] Kernel panic - not syncing: panic_on_warn set ...
[   59.962571] 
[   59.962586] CPU: 0 PID: 5081 Comm: syz-executor0 Tainted: G    B            4.16.0+ #81
[   59.962592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.962597] Call Trace:
[   59.962620]  dump_stack+0x185/0x1d0
[   59.962636]  panic+0x39d/0x940
[   59.962678]  ? __skb_flow_dissect+0x401f/0x6580
[   60.010789]  kmsan_report+0x238/0x240
[   60.014606]  __msan_warning_32+0x6c/0xb0
[   60.018691]  __skb_flow_dissect+0x401f/0x6580
[   60.023191]  ? __msan_chain_origin+0x69/0xc0
[   60.027615]  ? SyS_sendto+0x8a/0xb0
[   60.031246]  ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   60.036612]  ? __dev_queue_xmit+0x22d9/0x2b60
[   60.041108]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   60.046567]  __skb_get_hash_symmetric+0x10b/0x230
[   60.051414]  packet_rcv_fanout+0x38f/0x8d0
[   60.055653]  ? packet_direct_xmit+0xbf0/0xbf0
[   60.060156]  dev_queue_xmit_nit+0x111a/0x11e0
[   60.064674]  dev_hard_start_xmit+0x27c/0xc70
[   60.069095]  __dev_queue_xmit+0x22d9/0x2b60
[   60.073426]  dev_queue_xmit+0x4b/0x60
[   60.077236]  neigh_resolve_output+0xac6/0xb60
[   60.081737]  ? neigh_event_ns+0x360/0x360
[   60.085886]  ip_finish_output2+0x1238/0x1380
[   60.090314]  ip_finish_output+0xcb0/0xff0
[   60.094466]  ip_output+0x502/0x5c0
[   60.098005]  ? ip_mc_finish_output+0x3b0/0x3b0
[   60.102585]  ? ip_finish_output+0xff0/0xff0
[   60.106897]  ip_send_skb+0x5f3/0x820
[   60.110606]  ? __ip_local_out+0x5b0/0x5b0
[   60.114753]  ip_push_pending_frames+0x105/0x170
[   60.119420]  raw_sendmsg+0x2960/0x3ed0
[   60.123329]  ? compat_raw_ioctl+0x100/0x100
[   60.127654]  inet_sendmsg+0x48d/0x740
[   60.131463]  ? security_socket_sendmsg+0x9e/0x210
[   60.136305]  ? inet_getname+0x500/0x500
[   60.140277]  SYSC_sendto+0x6c3/0x7e0
[   60.143990]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   60.149440]  ? prepare_exit_to_usermode+0x149/0x3a0
[   60.154469]  SyS_sendto+0x8a/0xb0
[   60.157922]  do_syscall_64+0x309/0x430
[   60.161810]  ? SYSC_getpeername+0x560/0x560
[   60.166137]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   60.171320] RIP: 0033:0x455259
[   60.174496] RSP: 002b:00007f7a64f9ec68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   60.182197] RAX: ffffffffffffffda RBX: 00007f7a64f9f6d4 RCX: 0000000000455259
[   60.189464] RDX: 0000000000000008 RSI: 0000000020000400 RDI: 0000000000000014
[   60.196729] RBP: 000000000072bea0 R08: 0000000020cf9000 R09: 0000000000000010
[   60.203991] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   60.211252] R13: 00000000000004f7 R14: 00000000006fa7c8 R15: 0000000000000000
[   60.218965] Dumping ftrace buffer:
[   60.222484]    (ftrace buffer empty)
[   60.226164] Kernel Offset: disabled
[   60.229764] Rebooting in 86400 seconds..