INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.62' (ECDSA) to the list of known hosts. 2018/04/07 09:04:43 fuzzer started 2018/04/07 09:04:43 dialing manager at 10.128.0.26:38639 2018/04/07 09:04:49 kcov=true, comps=false 2018/04/07 09:04:52 executing program 0: clock_nanosleep(0x10000007, 0x0, &(0x7f0000797000), &(0x7f0000e32ff0)) 2018/04/07 09:04:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) mmap(&(0x7f0000000000/0xeef000)=nil, 0xeef000, 0x4, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00004fe000), &(0x7f00008f2ffc)=0xb) 2018/04/07 09:04:52 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) capset(&(0x7f0000ecd4f6)={0x19980330}, &(0x7f0000032fe8)) getsockopt(r0, 0x0, 0x41, &(0x7f0000694fef)=""/17, &(0x7f0000dfeffc)=0x19e) 2018/04/07 09:04:52 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00002e9000)='task\x00') fcntl$setstatus(r0, 0x4, 0x40800) getdents(r0, &(0x7f0000583f08)=""/72, 0x48) 2018/04/07 09:04:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f00000aaff0)=[{&(0x7f0000557fa7)="580000001400192304a14b80000d8c560a0600000000e076000543d818fe5800000004ca81646454890005000100010004fbf5100002000004000000001c04ed5dfffff5000022000d000100040808000000ec6b0f536e06", 0x58}], 0x1) 2018/04/07 09:04:52 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f000058f000)="440d0503001d000000000020ec", 0xd) getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f000069d000), &(0x7f00006ccffc)) 2018/04/07 09:04:52 executing program 5: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) creat(&(0x7f0000755ff2)='./file0/file0\x00', 0x0) chdir(&(0x7f00002d7000)='./file0\x00') umount2(&(0x7f0000f66000)='.', 0x2) mount(&(0x7f000000a000)='.', &(0x7f00008a6ff8)='./file0\x00', &(0x7f0000a60000)='ramfs\x00', 0x0, &(0x7f0000882000)) 2018/04/07 09:04:52 executing program 6: clock_settime(0x123319f3cd85f1e3, &(0x7f0000286000)) syzkaller login: [ 44.229593] ip (3786) used greatest stack depth: 54672 bytes left [ 44.510394] ip (3814) used greatest stack depth: 54408 bytes left [ 45.568309] ip (3916) used greatest stack depth: 53960 bytes left [ 47.371110] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.451624] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.578678] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.597781] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.682293] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.774596] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.820310] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.843128] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 56.147823] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.409538] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.464853] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.513807] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.545715] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.689747] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.830155] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.848728] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.925220] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.931469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.945649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.207911] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.214215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.225644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.252105] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.258522] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.272869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.309811] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.319122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.341649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.369793] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.395317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.425321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.488832] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.495157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.507694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.595286] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.601527] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.611699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.767581] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.773896] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.792681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.094103] capability: warning: `syz-executor7' uses 32-bit capabilities (legacy support in use) 2018/04/07 09:05:09 executing program 7: io_setup(0xffffffff80000000, &(0x7f000017aff8)) 2018/04/07 09:05:09 executing program 2: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000006000), 0x8, 0x0) readv(r0, &(0x7f0000b28000)=[{&(0x7f000004f000)=""/128, 0x80}], 0x1) r1 = gettid() mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) setrlimit(0xb, &(0x7f000003a000)) rt_sigprocmask(0x0, &(0x7f0000037ff8)={0xfffffffffffffffe}, 0x0, 0x8) rt_sigqueueinfo(r1, 0x20, &(0x7f0000035000)) 2018/04/07 09:05:09 executing program 7: r0 = socket(0x2, 0x1, 0x0) setsockopt(r0, 0x6, 0x20, &(0x7f000023cf28)="020000006c3b172917e25462fa01a15eaf0d2cf653f13cc379ede465f40f4a95bbff850a82633574f0b31e58a98399b397e69501f03d3b3d54436fc71cbcdc6e30ac10369300aff67d07634832b8a5c0a94c470502e90000009398fc74e81b105fd02f9b14732017e2466a9fc43aea71263335960415800020ffff04ff7fffffffe41f0006d1b0e6ebcb12c7291871363e97100c4a4c2e9f5c0c14f1659ce8c8bed2e97e60a3649f93ea0c8263e464802ad72fa698807ef14a6a1813e900be1d113b514dbdc05ea1309163d6a40de8391f2ecab7bbfbcbea", 0xd8) 2018/04/07 09:05:09 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000004ffb)='task\x00') getdents64(r0, &(0x7f0000359000)=""/82, 0x52) exit(0x0) getdents(r0, &(0x7f00006c8f33)=""/205, 0xcd) 2018/04/07 09:05:10 executing program 0: mkdir(&(0x7f0000249ff8)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f00008f6ff9)='mounts\x00') r1 = epoll_create(0x1f) poll(&(0x7f0000f59fc8)=[{r1}, {r0}], 0x2, 0x80000000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000faeff4)) mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000a9eff8)='./file0\x00', &(0x7f00000db000)='ramfs\x00', 0x0, &(0x7f000000a000)) chroot(&(0x7f0000fddff8)='./file0\x00') mount(&(0x7f00008bcff8)='./file0\x00', &(0x7f0000a51ff8)='./file0\x00', &(0x7f00002d6ffd)='9p\x00', 0x5000, 0x0) pivot_root(&(0x7f0000359ff8)='./file0\x00', &(0x7f00007d7ff8)='./file0\x00') 2018/04/07 09:05:10 executing program 7: mmap(&(0x7f0000000000/0x8a0000)=nil, 0x8a0000, 0x0, 0x30031, 0xffffffffffffffff, 0x0) mount(&(0x7f00005d237c)='./file0/file0\x00', &(0x7f0000e1fff8)='./file0\x00', &(0x7f0000ec0fd1)="007609499420218294075a978c742020598573660717b6c1377904ff4c1efefc8d615ffca2f8991b6b4025fbf6d699", 0x0, &(0x7f0000608000)) 2018/04/07 09:05:10 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000973fee)='net/ip6_flowlabel\x00') close(r0) 2018/04/07 09:05:10 executing program 5: r0 = inotify_init() r1 = inotify_init1(0x0) mkdir(&(0x7f00008d6000)='./control\x00', 0x0) inotify_add_watch(r1, &(0x7f0000b43000)='./control\x00', 0x4000000) inotify_add_watch(r0, &(0x7f000003a000)='./control\x00', 0x1000802) r2 = inotify_init() r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000103000)='./control\x00', 0x40) inotify_add_watch(r2, &(0x7f0000b3b000)='./control\x00', 0x2000000001000800) 2018/04/07 09:05:10 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x7c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f0000acd000), &(0x7f000005f000)=0x4) 2018/04/07 09:05:10 executing program 1: link(&(0x7f0000ec3ff8)='./file0\x00', &(0x7f0000acfff8)='./file0\x00') prctl$setmm(0x23, 0xf, &(0x7f0000ab6000/0x3000)=nil) 2018/04/07 09:05:10 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000b25fd4)={0x2, 0x4, 0x2003, 0x400bad9}, 0x2c) 2018/04/07 09:05:10 executing program 2: mkdir(&(0x7f0000014000)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000c40000)='./file0\x00', &(0x7f0000014000)='ramfs\x00', 0x0, &(0x7f000000a000)) r0 = openat(0xffffffffffffff9c, &(0x7f000052fff8)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f000001effd)='/', r0, &(0x7f0000d06ff8)='./file0\x00') chroot(&(0x7f0000157000)='./file0\x00') renameat2(r0, &(0x7f000000bfec)='./file0/file0/file0\x00', r0, &(0x7f000016517f)='./file1\x00', 0x1) 2018/04/07 09:05:10 executing program 6: epoll_create1(0x0) memfd_create(&(0x7f0000f46000)='ceph\x00', 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000540000)='/dev/vga_arbiter\x00', 0x0, 0x0) pselect6(0x40, &(0x7f00000abfc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f00007fbfc0), &(0x7f0000f22000)={0x0, 0x989680}, &(0x7f0000f14000)={&(0x7f0000553ff8), 0x8}) 2018/04/07 09:05:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) read(r1, &(0x7f0000a8bfff)=""/1, 0x805031ae) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc)) ioctl$TCFLSH(r0, 0x540b, 0x2) 2018/04/07 09:05:10 executing program 7: r0 = socket$inet(0x2, 0x80003, 0x2) setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000000)=0x5, 0x4) close(r0) 2018/04/07 09:05:10 executing program 1: r0 = socket(0x200400000010, 0x2, 0x0) write(r0, &(0x7f0000921000)="240000002a007f0000000000000000000029f6ff01000000fffffffdffffffff0100ff10", 0x24) 2018/04/07 09:05:10 executing program 5: r0 = open(&(0x7f000001dff8)='./file0\x00', 0x80040, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000db4ff8)='./file0\x00', 0x4000010) unlink(&(0x7f0000a88ff8)='./file0\x00') fcntl$setlease(r0, 0x400, 0x1) 2018/04/07 09:05:10 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000003000)={0x1, 0x5, &(0x7f0000003fb8)=@framed={{0x18, 0x6}, [@ldst={0x0, 0x0, 0x2}], {0x95}}, &(0x7f0000000ff6)='syzkaller\x00', 0x5, 0xc1, &(0x7f0000002f3f)=""/193}, 0x48) 2018/04/07 09:05:11 executing program 4: prlimit64(0x0, 0x0, 0x0, 0x0) 2018/04/07 09:05:11 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_buf(r0, 0x6, 0x21, &(0x7f0000000ff0)="2be6000900ffff01000092c5001d8d9a", 0x10) getsockopt$inet6_tcp_int(r0, 0x6, 0x21, &(0x7f0000f8e000), &(0x7f0000000ffc)=0x4) 2018/04/07 09:05:11 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000017000)={&(0x7f0000748000)={0x10}, 0xc, &(0x7f000000b000)={&(0x7f0000b67fd0)=@ipv4_newroute={0x30, 0x18, 0x21, 0xffffffffffffffff, 0xffffffffffffffff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@RTA_MULTIPATH={0x14, 0x9, [{0x8}, {0x8, 0xfffffffffffffffd}]}]}, 0x30}, 0x1}, 0x0) 2018/04/07 09:05:11 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000fe9ff6)='/dev/ptmx\x00', 0x0, 0x0) r1 = epoll_create(0x4) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000f9e000)) r2 = syz_open_pts(r0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000fe1ff4)) dup2(r2, r0) ppoll(&(0x7f000035a000)=[{r1}], 0x1, &(0x7f0000f99000), &(0x7f0000375ff8), 0x8) 2018/04/07 09:05:11 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000710fec)={0x2, 0x4, 0x6d9939d1, 0x9}, 0x2c) 2018/04/07 09:05:11 executing program 5: mkdir(&(0x7f0000ae8000)='./file0\x00', 0x0) r0 = open(&(0x7f00001e0000)='./file0\x00', 0x0, 0x0) mkdirat(r0, &(0x7f000095f000)='./file0\x00', 0x0) mount(&(0x7f0000df2000)='./file0/file0\x00', &(0x7f0000a16ff8)='./file0\x00', &(0x7f0000df2ffd)='\tv\t', 0x1001, &(0x7f0000845000)) unlinkat(r0, &(0x7f000057d000)='./file0\x00', 0x200) mount(&(0x7f00001dbff8)='./file0\x00', &(0x7f0000249ff8)='./file0\x00', &(0x7f0000a1a000)='anon_inodefs\x00', 0x2044, &(0x7f0000691f14)) 2018/04/07 09:05:11 executing program 0: mkdir(&(0x7f0000249ff8)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f00008f6ff9)='mounts\x00') r1 = epoll_create(0x1f) poll(&(0x7f0000f59fc8)=[{r1}, {r0}], 0x2, 0x80000000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000faeff4)) mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000a9eff8)='./file0\x00', &(0x7f00000db000)='ramfs\x00', 0x0, &(0x7f000000a000)) chroot(&(0x7f0000fddff8)='./file0\x00') mount(&(0x7f00008bcff8)='./file0\x00', &(0x7f0000a51ff8)='./file0\x00', &(0x7f00002d6ffd)='9p\x00', 0x5000, 0x0) pivot_root(&(0x7f0000359ff8)='./file0\x00', &(0x7f00007d7ff8)='./file0\x00') 2018/04/07 09:05:11 executing program 3: mkdir(&(0x7f0000249ff8)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f00008f6ff9)='mounts\x00') r1 = epoll_create(0x1f) poll(&(0x7f0000f59fc8)=[{r1}, {r0}], 0x2, 0x80000000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000faeff4)) mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000a9eff8)='./file0\x00', &(0x7f00000db000)='ramfs\x00', 0x0, &(0x7f000000a000)) chroot(&(0x7f0000fddff8)='./file0\x00') mount(&(0x7f00008bcff8)='./file0\x00', &(0x7f0000a51ff8)='./file0\x00', &(0x7f00002d6ffd)='9p\x00', 0x5000, 0x0) pivot_root(&(0x7f0000359ff8)='./file0\x00', &(0x7f00007d7ff8)='./file0\x00') 2018/04/07 09:05:11 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) perf_event_open(&(0x7f000058df88)={0x2, 0x78, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x1, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000689000), &(0x7f0000cd9000)=0x10) 2018/04/07 09:05:11 executing program 7: r0 = bpf$MAP_CREATE(0x0, &(0x7f000050a000)={0x5, 0x800000000000003b, 0x7, 0x4}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f000077cfe0)={r0, &(0x7f0000ab2000), &(0x7f0000da1000)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000231000)={r0, &(0x7f0000e0bf52)="6c34b4ae6e376924628effa75cfbd7dd2de91ef47a12f5b97c3b16b6126dc01deeadebe84876a56e43a46a01b2eea4a4846dae", &(0x7f000073c655)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000bd3fe0)={r0, &(0x7f0000f3a000), &(0x7f00003f3000)}, 0x20) 2018/04/07 09:05:11 executing program 2: ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x10176e}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x1, 0xc3, &(0x7f000000a000)=""/195}, 0x48) 2018/04/07 09:05:12 executing program 1: r0 = socket$packet(0x11, 0x20000000000003, 0x300) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) setsockopt$packet_int(r0, 0x107, 0x11, &(0x7f0000247ffc), 0x4) 2018/04/07 09:05:12 executing program 6: mq_notify(0xffffffffffffffff, &(0x7f0000937000)={0x0, 0x0, 0x2, @thr={&(0x7f0000937000)="750a252525a8", &(0x7f00002bf000)}}) 2018/04/07 09:05:12 executing program 5: r0 = getpgrp(0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x24, &(0x7f00003efff0)={0x0, 0x0, 0x10000}) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000ff8)={0xfffffffffffffdb0}, 0x8, 0x0) read(r2, &(0x7f0000deefe7)=""/128, 0x80) 2018/04/07 09:05:12 executing program 4: mkdir(&(0x7f00007dcff8)='./file0\x00', 0x0) chmod(&(0x7f0000ad3ff8)='./file0\x00', 0xfffffffffffffffd) creat(&(0x7f00001ba000)='./file0/file0\x00', 0x0) 2018/04/07 09:05:12 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000f0c000)='clear_refs\x00') mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f0000c4fff0)=[{&(0x7f0000bdafff)='1', 0x1}], 0x1) 2018/04/07 09:05:12 executing program 6: linkat(0xffffffffffffffff, &(0x7f00006f1fff)='/', 0xffffffffffffffff, &(0x7f0000f73000)='./file1\x00', 0x0) 2018/04/07 09:05:12 executing program 7: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x10) r0 = socket(0x11, 0x4000000000080003, 0x0) setsockopt(r0, 0x107, 0x5, &(0x7f0000001000), 0xc5) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000af0000), 0x4) 2018/04/07 09:05:12 executing program 1: r0 = getpgrp(0x0) unlink(&(0x7f0000b04000)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f") r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000629000)={0xfffffffffffffffa}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x20, &(0x7f00003efff0)={0x0, 0x0, 0x50005}) rt_sigtimedwait(&(0x7f000031bff8)={0x80000001}, &(0x7f0000a6dff0), &(0x7f000005b000), 0x8) 2018/04/07 09:05:12 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x17, &(0x7f00003e4ffc)=0xfffffffffffffffb, 0x4) 2018/04/07 09:05:12 executing program 4: r0 = socket(0x1000000010, 0x802, 0x0) sendmsg$nl_route(r0, &(0x7f0000f72fc8)={&(0x7f0000814000)={0x10}, 0xc, &(0x7f0000180ff8)={&(0x7f0000f85000)=@bridge_delneigh={0x30, 0x1d, 0x425, 0xffffffffffffffff, 0xffffffffffffffff, {0xc}, [@NDA_DST_IPV6={0x14, 0x1, @dev={0xfe, 0x80}}]}, 0x30}, 0x1}, 0x0) 2018/04/07 09:05:12 executing program 2: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000001fe8)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000ff9)='ns/ipc\x00') setns(r0, 0x0) 2018/04/07 09:05:12 executing program 3: r0 = open(&(0x7f000084aff8)='./file0\x00', 0x400000000060842, 0x0) fsetxattr(r0, &(0x7f0000095ff7)=@known='user.syz\x00', &(0x7f00009cc000)='GpLbdev{nodevem1@\x00', 0x12, 0x0) getxattr(&(0x7f0000d61ff8)='./file0\x00', &(0x7f00004e9000)=@known='user.syz\x00', &(0x7f000002e000), 0xc) 2018/04/07 09:05:12 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000626fe1)="440dfba18de70000e00000ecfa", 0xd) 2018/04/07 09:05:12 executing program 7: r0 = socket(0x100000002, 0x1, 0x0) getsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000d99ffc), &(0x7f0000ec9ffc)=0x4) 2018/04/07 09:05:12 executing program 5: mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000ab3ff8), &(0x7f00000a4000)=0x8) 2018/04/07 09:05:12 executing program 1: epoll_create1(0x0) eventfd2(0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000d2bff3)='net/mcfilter\x00') unshare(0x400) pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000), &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8}) 2018/04/07 09:05:12 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000fef000)=0x56c, 0x4) 2018/04/07 09:05:12 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f000058d000)=0x1, 0x4) dup2(r1, r0) 2018/04/07 09:05:12 executing program 0: mkdir(&(0x7f0000508ff6)='./control\x00', 0x0) r0 = inotify_init1(0x0) mount(&(0x7f0000420ff6)='./control\x00', &(0x7f0000ceaff6)='./control\x00', &(0x7f0000619ff9)='mqueue\x00', 0x0, &(0x7f0000101f8d)) inotify_add_watch(r0, &(0x7f00007a7000)='./control\x00', 0xa4000960) open(&(0x7f00003f5000)='./control\x00', 0x0, 0x0) 2018/04/07 09:05:12 executing program 6: r0 = socket(0x10, 0x2, 0x0) write(r0, &(0x7f0000841fdc)="240000002400fff73200000800367700f4ffffff01000000000000a34e00000000000010", 0x24) 2018/04/07 09:05:13 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_int(r0, 0x0, 0x22, &(0x7f0000fa2ffc), &(0x7f00002ceffc)=0x4) 2018/04/07 09:05:13 executing program 4: r0 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f0000378000)={0x0, 0x0}) timerfd_settime(r0, 0x3, &(0x7f000000b000)={{}, {0x0, r1+10000000}}, &(0x7f000000dfe0)) read(r0, &(0x7f0000204f3b)=""/197, 0xc5) 2018/04/07 09:05:13 executing program 7: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000f51ffc), &(0x7f0000da1405)=0x4) 2018/04/07 09:05:13 executing program 3: r0 = socket$unix(0x1, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f000000f000)=@abs={0x1}, 0x3) r2 = syz_open_procfs(0x0, &(0x7f0000a96000)='net/unix\x00') sendfile(r1, r2, &(0x7f00007cf000)=0x805f, 0x2) 2018/04/07 09:05:13 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x13, &(0x7f0000451ffc)=0xffc, 0x4) 2018/04/07 09:05:13 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x20000000033, &(0x7f0000003ffd), 0x0) 2018/04/07 09:05:13 executing program 6: r0 = memfd_create(&(0x7f0000d46fed)='posix_acl_access{Y\x00', 0x0) lseek(r0, 0x7ffffffffffffffb, 0x0) read(r0, &(0x7f00001e9f55)=""/171, 0xab) 2018/04/07 09:05:13 executing program 0: pipe(&(0x7f0000992000)={0xffffffffffffffff, 0xffffffffffffffff}) flock(r1, 0x1fffffffffffe) flock(r0, 0x1) flock(r0, 0xfffffffffffffffa) 2018/04/07 09:05:13 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xd25000)=nil, 0xd25000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000a3fff3)='[', 0x1) 2018/04/07 09:05:13 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) io_setup(0xa3c, &(0x7f0000409000)=0x0) ppoll(&(0x7f0000374000)=[{r1}], 0x1, &(0x7f0000b10000)={0x77359400}, &(0x7f0000ed6ff8), 0x8) io_submit(r2, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r1}]) 2018/04/07 09:05:13 executing program 4: clone(0x30000700, &(0x7f00007acf3c), &(0x7f0000a40000), &(0x7f000097bffc), &(0x7f0000143f30)) 2018/04/07 09:05:13 executing program 6: r0 = socket$inet6(0xa, 0x80005, 0x0) getsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000ffc), &(0x7f0000000ffc)=0x4) 2018/04/07 09:05:13 executing program 1: madvise(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2) madvise(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x2) 2018/04/07 09:05:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000549ff0)=[{&(0x7f0000e7ffa6)="580000001400192340834b80040d8c560a060000ec04a200000543dfd87c5800004824ca94326400890005000000000000000004830200000000000000000003ed03fff5dd00000010000100070c090000fcff0000000405", 0x58}], 0x1) 2018/04/07 09:05:13 executing program 4: set_mempolicy(0x4001, &(0x7f0000c48000)=0x4, 0x8) r0 = socket$netlink(0x10, 0x3, 0x4) write(r0, &(0x7f0000f72fd9)="2700000014000707030e0000120f0a0010ffe400f6070000ff000000078a001f05080039007500", 0x27) 2018/04/07 09:05:14 executing program 0: pipe(&(0x7f0000992000)={0xffffffffffffffff, 0xffffffffffffffff}) flock(r1, 0x1fffffffffffe) flock(r0, 0x1) flock(r0, 0xfffffffffffffffa) 2018/04/07 09:05:14 executing program 5: perf_event_open(&(0x7f0000000f88)={0x2, 0x78, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000785000), 0x4) 2018/04/07 09:05:14 executing program 3: set_mempolicy(0x1, &(0x7f0000001ff8), 0x6) clone(0x0, &(0x7f0000211f58), &(0x7f000006dffc), &(0x7f00007aeffc), &(0x7f0000dd9ff0)) ioperm(0x0, 0x25, 0x0) 2018/04/07 09:05:14 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000f72ffc), 0x1) 2018/04/07 09:05:14 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000be1ff8)=[{&(0x7f0000fb3fc7)="390000001100094701bb61e1c30500ff070000000200000045efffff08009b0019001a000f000004000401000000000000e9ff0006000d0005", 0x39}], 0x1) 2018/04/07 09:05:14 executing program 6: pwrite64(0xffffffffffffffff, &(0x7f0000000f53), 0x0, 0xfffffffffffffffc) 2018/04/07 09:05:14 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) io_setup(0xa3c, &(0x7f0000409000)=0x0) ppoll(&(0x7f0000374000)=[{r1}], 0x1, &(0x7f0000b10000)={0x77359400}, &(0x7f0000ed6ff8), 0x8) io_submit(r2, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r1}]) 2018/04/07 09:05:14 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000c93000)=0x9, 0x4) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00002fb000), &(0x7f0000f63000)=0x4) 2018/04/07 09:05:14 executing program 1: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f0000005000)={{}, {0x0, 0x989680}}, &(0x7f0000000fe0)) timerfd_settime(r0, 0x0, &(0x7f0000aa9fe0)={{0x0, 0x1c9c380}}, &(0x7f0000164000)) 2018/04/07 09:05:14 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000427ff3)='/dev/usbmon#\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000de5000)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000cb8ff4)) 2018/04/07 09:05:14 executing program 6: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) mmap(&(0x7f0000000000/0xeef000)=nil, 0xeef000, 0x4, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00007abffc), &(0x7f0000ccfffc)=0x4) 2018/04/07 09:05:14 executing program 5: r0 = socket(0x200000000010, 0x2, 0x0) write(r0, &(0x7f0000cf6fdb)="2400000024007f00ec001201000000ee040e07ff010000000400000000000000ffff1000", 0x24) 2018/04/07 09:05:14 executing program 0: r0 = socket$inet6(0xa, 0x802, 0x0) getsockopt$sock_int(r0, 0x1, 0x28, &(0x7f000036b000), &(0x7f00005b3ffc)=0x4) 2018/04/07 09:05:14 executing program 4: unshare(0x40600) memfd_create(&(0x7f000049dfec)='\'Pvmnet0^lo-+\\wlan0\x00', 0x0) r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) syz_open_dev$vcsa(&(0x7f0000580ff5)='/dev/vcsa#\x00', 0x1f, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000)) readv(r0, &(0x7f0000266000)=[{&(0x7f000032cf93)=""/109, 0x6d}], 0x1) pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000), &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8}) 2018/04/07 09:05:14 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x7c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_opts(r0, 0x0, 0x400000000000007, &(0x7f0000937fed)=""/16, &(0x7f000021affc)=0xffe5) 2018/04/07 09:05:14 executing program 6: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x21, &(0x7f0000003000)={@multicast1=0xe0000001, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0xc) 2018/04/07 09:05:15 executing program 1: rt_sigprocmask(0x3, &(0x7f0000663000), &(0x7f000082cff8), 0x8) 2018/04/07 09:05:15 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) shutdown(r0, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000936000)=0x1, 0x4) poll(&(0x7f0000346ff8)=[{r0}], 0x1, 0x0) 2018/04/07 09:05:15 executing program 3: set_mempolicy(0x1, &(0x7f0000001ff8), 0x6) clone(0x0, &(0x7f0000211f58), &(0x7f000006dffc), &(0x7f00007aeffc), &(0x7f0000dd9ff0)) ioperm(0x0, 0x25, 0x0) 2018/04/07 09:05:15 executing program 0: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000fcf000)="240000001a0025f0006bb4040000001d020b00ff0010b500001000eb080002007fffe5b7", 0x24) 2018/04/07 09:05:15 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001000)='/dev/ptmx\x00', 0x2, 0x0) fcntl$setstatus(r0, 0x4, 0x2800) ioctl$TCXONC(r0, 0x540a, 0x0) write(r0, &(0x7f00001b1fff)='O', 0x1) fcntl$setstatus(r0, 0x4, 0x0) ioctl$TCXONC(r0, 0x540a, 0x1) 2018/04/07 09:05:15 executing program 4: clock_settime(0xffffffffffffffff, &(0x7f0000034000)) 2018/04/07 09:05:15 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) io_setup(0xa3c, &(0x7f0000409000)=0x0) ppoll(&(0x7f0000374000)=[{r1}], 0x1, &(0x7f0000b10000)={0x77359400}, &(0x7f0000ed6ff8), 0x8) io_submit(r2, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r1}]) 2018/04/07 09:05:15 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x2) capset(&(0x7f0000001000)={0x19980330}, &(0x7f0000001fe8)) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000001fe8)={@mcast1={0xff, 0x1, [], 0x1}}) 2018/04/07 09:05:15 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2=0xe0000002, @loopback=0x7f000001}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000888000)={@multicast2=0xe0000002, @loopback=0x7f000001, 0x0, 0xa, [@local={0xac, 0x14, 0xffffffffffffffff, 0xaa}, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, @multicast1=0xe0000001, @loopback=0x7f000001, @rand_addr, @multicast1=0xe0000001, @broadcast=0xffffffff, @rand_addr, @empty, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}]}, 0x38) r1 = dup(r0) setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000040ff4)={@multicast2=0xe0000002, @loopback=0x7f000001, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0xc) 2018/04/07 09:05:15 executing program 1: mkdir(&(0x7f0000dab000)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f000000aff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x1, &(0x7f000000a000)) setxattr(&(0x7f0000701000)='./file0\x00', &(0x7f0000681ff2)=@known='system.advise\x00', &(0x7f0000866000)='.\x00', 0x2, 0x0) 2018/04/07 09:05:15 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = open(&(0x7f0000014000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) fcntl$getflags(r2, 0x401) 2018/04/07 09:05:15 executing program 4: set_mempolicy(0x1, &(0x7f0000fac000), 0x5) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x5, 0x800000000009}, 0x1c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xc, 0x4, 0x4, 0x100000001, 0x0, r0}, 0x1c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00005f1000)={r1, &(0x7f0000eed000), &(0x7f0000b88000)="13"}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000df5ff0)={r1, &(0x7f0000eef000)}, 0x10) 2018/04/07 09:05:15 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) mmap(&(0x7f0000000000/0xeef000)=nil, 0xeef000, 0x4, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00009dbffc), 0x4) mprotect(&(0x7f0000569000/0x800000)=nil, 0x800000, 0x0) munmap(&(0x7f000086f000/0x2000)=nil, 0x2000) 2018/04/07 09:05:15 executing program 6: mkdir(&(0x7f00001b1000)='./file0\x00', 0x0) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000001fe8)) lgetxattr(&(0x7f0000c5fff8)='./file0\x00', &(0x7f0000bd3ff9)=@random={'os2.\x00', '{\x00'}, &(0x7f00000c4000), 0x0) 2018/04/07 09:05:16 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) io_setup(0xa3c, &(0x7f0000409000)=0x0) ppoll(&(0x7f0000374000)=[{r1}], 0x1, &(0x7f0000b10000)={0x77359400}, &(0x7f0000ed6ff8), 0x8) io_submit(r2, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r1}]) 2018/04/07 09:05:16 executing program 0: r0 = perf_event_open(&(0x7f000002ef88)={0x2, 0x78, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000de9fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0) 2018/04/07 09:05:16 executing program 2: perf_event_open(&(0x7f00000f0f88)={0x2, 0x78, 0x47, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tun(&(0x7f00009fcff3)='/dev/net/tun\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000972000)=0x7) 2018/04/07 09:05:16 executing program 3: r0 = eventfd2(0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000d4a000)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f00008e2000)) 2018/04/07 09:05:16 executing program 6: set_mempolicy(0x4003, &(0x7f0000fc5ff8)=0x6, 0x3f) futex(&(0x7f0000fc2ffc), 0xc, 0x1, &(0x7f000000d000), &(0x7f0000fc2000), 0x0) 2018/04/07 09:05:16 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = open(&(0x7f0000014000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) fcntl$getflags(r2, 0x401) 2018/04/07 09:05:16 executing program 1: r0 = socket$netlink(0x10, 0x3, 0xa) writev(r0, &(0x7f0000022000)=[{&(0x7f0000976fd7)="1c0000001800ffffffff6800000a002102000800000000070000060008000bc0fa001004", 0x24}], 0x1) 2018/04/07 09:05:16 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f000070dffc), &(0x7f0000494000)=0x4) 2018/04/07 09:05:16 executing program 3: pipe(&(0x7f00005e3000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) poll(&(0x7f00004d2000)=[{r0}], 0x1, 0x0) 2018/04/07 09:05:16 executing program 0: r0 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f000004a000)={0x77359400}, 0x10) getsockopt$sock_timeval(r0, 0x1, 0x100000015, &(0x7f0000b38ff0), &(0x7f0000c95000)=0x10) 2018/04/07 09:05:16 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x2) connect$netlink(r0, &(0x7f0000000000)=@kern={0x10}, 0x2) 2018/04/07 09:05:16 executing program 4: setrlimit(0x7, &(0x7f000018f000)) mq_open(&(0x7f0000000000)='-$\x00', 0x0, 0x0, &(0x7f0000664fc0)) 2018/04/07 09:05:16 executing program 2: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000378fda)="240000001a0025f0006bb404feff001c020b49ff6e10b500000700eb080003000100fc00", 0x24) 2018/04/07 09:05:16 executing program 6: bpf$PROG_LOAD(0x5, &(0x7f0000438000)={0x1, 0x5, &(0x7f0000519fa8)=@framed={{0x18}, [@alu={0x3, 0x0, 0xd}], {0x95}}, &(0x7f0000c43000)='syzkaller\x00', 0x8000, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48) 2018/04/07 09:05:16 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = open(&(0x7f0000014000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) fcntl$getflags(r2, 0x401) 2018/04/07 09:05:16 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000567000)='/dev/sg#\x00', 0x0, 0x40002) r1 = syz_open_procfs(0x0, &(0x7f0000256ff8)='syscall\x00') sendfile(r0, r1, &(0x7f0000ea5ff8), 0x2) 2018/04/07 09:05:17 executing program 1: mkdir(&(0x7f00000e1000)='./file0\x00', 0x0) r0 = open(&(0x7f0000851000)='./file0\x00', 0x0, 0x0) lseek(r0, 0xfffffffffffffffc, 0x0) 2018/04/07 09:05:17 executing program 0: rt_sigpending(&(0x7f0000dbfff8), 0xfffffffffffffda3) 2018/04/07 09:05:17 executing program 2: mkdir(&(0x7f0000c32000)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f", 0x0) unlink(&(0x7f0000b04000)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f") 2018/04/07 09:05:17 executing program 6: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x32, &(0x7f00009b9000)=0x1000000, 0x4) 2018/04/07 09:05:17 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) mmap(&(0x7f0000000000/0xaa1000)=nil, 0xaa1000, 0x4, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000aa2ffc), &(0x7f000008affc)=0x4) 2018/04/07 09:05:17 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) io_setup(0xa3c, &(0x7f0000409000)=0x0) io_submit(r2, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r1}]) 2018/04/07 09:05:17 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000003000)) 2018/04/07 09:05:17 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = open(&(0x7f0000014000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) fcntl$getflags(r2, 0x401) 2018/04/07 09:05:17 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) io_setup(0xa3c, &(0x7f0000409000)=0x0) io_submit(r2, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r1}]) 2018/04/07 09:05:17 executing program 0: mkdir(&(0x7f000079cff8)='./file0\x00', 0x0) r0 = open(&(0x7f0000e70000)='./file0\x00', 0x0, 0x0) lseek(r0, 0x0, 0x1) 2018/04/07 09:05:17 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f00002aaffc), 0x2) 2018/04/07 09:05:17 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00001e0ff7)='pagemap\x00') preadv(r0, &(0x7f0000233000)=[{&(0x7f00009d4000)=""/4096, 0x1000}], 0x1, 0x200000400000000) 2018/04/07 09:05:17 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = open(&(0x7f0000014000)='./file0\x00', 0x0, 0x0) fcntl$getflags(r2, 0x401) 2018/04/07 09:05:17 executing program 4: mkdir(&(0x7f0000578000)='./file0\x00', 0x0) lsetxattr(&(0x7f000022a000)='./file0\x00', &(0x7f0000faffe7)=@known='system.posix_acl_default\x00', &(0x7f00004a8fb4)="0200000022ffffabea0000000730de2d6a1f06a06113d50da1a968afad148199a1fc48ffd407080813893fd75218535017c594af85c33081ec56f6f323b0664b964851746f35f0b0f8e1d5fc", 0x4c, 0x0) 2018/04/07 09:05:17 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x1b, &(0x7f0000005ffc), &(0x7f000000dffc)=0x4) 2018/04/07 09:05:17 executing program 1: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000001fe8)) r0 = syz_open_procfs(0x0, &(0x7f00006c7ff9)='ns/pid\x00') setns(r0, 0x0) 2018/04/07 09:05:17 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00009b7000)='loginuid\x00') rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) setrlimit(0x1, &(0x7f000076f000)) ftruncate(r0, 0x3d) 2018/04/07 09:05:17 executing program 3: r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f00003c5ffc)=0x7ffd, 0x4) 2018/04/07 09:05:17 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) io_setup(0xa3c, &(0x7f0000409000)=0x0) io_submit(r2, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r1}]) 2018/04/07 09:05:17 executing program 6: r0 = gettid() process_vm_writev(r0, &(0x7f0000000f90)=[{&(0x7f0000000fc5)=""/1, 0x1}], 0x1, &(0x7f0000003000)=[{&(0x7f0000003fff)=""/2, 0x2}], 0x1, 0x0) 2018/04/07 09:05:17 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x1b, &(0x7f0000005ffc), &(0x7f000000dffc)=0x4) 2018/04/07 09:05:17 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = open(&(0x7f0000014000)='./file0\x00', 0x0, 0x0) fcntl$getflags(r2, 0x401) 2018/04/07 09:05:17 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f00001be000)=""/81, &(0x7f000017affc)=0x51) 2018/04/07 09:05:17 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000fb4000)={0x3, 0x4, 0x80000000004, 0x2040}, 0x14) close(r0) 2018/04/07 09:05:17 executing program 0: mkdir(&(0x7f0000027000)='./file0\x00', 0x0) mount(&(0x7f0000018000)='./file0\x00', &(0x7f000001c000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, &(0x7f000000a000)) open$dir(&(0x7f000001bff4)='./file0/bus\x00', 0x88040, 0x0) mount(&(0x7f0000033ff4)='./file0/bus\x00', &(0x7f000000fff8)='./file0\x00', &(0x7f0000032ffb)='fuse\x00', 0x7ffbf, &(0x7f0000032000)) truncate(&(0x7f0000032ff4)='./file0/bus\x00', 0x0) 2018/04/07 09:05:17 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f00005f1ff4)={0xfbffffffffffffff}) 2018/04/07 09:05:17 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) ppoll(&(0x7f0000374000)=[{r1}], 0x1, &(0x7f0000b10000)={0x77359400}, &(0x7f0000ed6ff8), 0x8) io_submit(0x0, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r1}]) 2018/04/07 09:05:17 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000a59ff0)='/dev/input/mice\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000028000)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f00002b8000)={0x60000004}) poll(&(0x7f000029a000)=[{r1}], 0x1, 0x0) 2018/04/07 09:05:18 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000002fe4)={&(0x7f0000016000)={0x10}, 0xc, &(0x7f000000b000)={&(0x7f000000a000)=@ipv6_newroute={0x24, 0x18, 0x781a241f, 0xffffffffffffffff, 0xffffffffffffffff, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@RTA_METRICS={0x8, 0x8, "02"}]}, 0x24}, 0x1}, 0x0) 2018/04/07 09:05:18 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = open(&(0x7f0000014000)='./file0\x00', 0x0, 0x0) fcntl$getflags(r2, 0x401) 2018/04/07 09:05:18 executing program 1: mlock2(&(0x7f0000a93000/0x3000)=nil, 0x3000, 0x0) msync(&(0x7f0000a93000/0x2000)=nil, 0x2000, 0x2) 2018/04/07 09:05:18 executing program 6: r0 = syz_open_dev$loop(&(0x7f0000cceff5)='/dev/loop#\x00', 0x0, 0x181001) mmap(&(0x7f0000000000/0xd25000)=nil, 0xd25000, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00004fb000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "acf42f48ef6ff65ec6f1b21626c8240b1655eaf512a8d15a16e87caa0f5aec8b04eb3ef9e365c6350f55010e6f736e26332f1443385abcca5c894515b8307a8a", "3ff8577d9194eb41976f5a86d4a42e53e2aa636053b1c18dadbca80a1ae0cb65adcbd3df5de03b96f78b55f6b9a12abbb783950ee77f25fcde0df5506c142cd3", "e4391ec9e07e1911372c880c0fa20f4dda1580d34e9ae8d3b26e4f60004ca719"}) 2018/04/07 09:05:18 executing program 4: r0 = socket$inet_sctp(0x2, 0x801, 0x84) getsockopt$inet_int(r0, 0x0, 0x32, &(0x7f0000276000), &(0x7f0000374000)=0x4) 2018/04/07 09:05:18 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x2, &(0x7f0000013f68)=@raw=[@ldst={0x3, 0x0, 0xe4a5453415829ecb, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000003ff6)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) 2018/04/07 09:05:18 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) fcntl$getflags(0xffffffffffffffff, 0x401) 2018/04/07 09:05:18 executing program 3: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00006f1988), &(0x7f0000290ffc)=0x8) 2018/04/07 09:05:18 executing program 2: mkdir(&(0x7f0000952000)='./file0\x00', 0x0) mount(&(0x7f0000071ff8)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000026000)='mqueue\x00', 0x0, &(0x7f0000eb6000)) symlink(&(0x7f0000704ff8)='./file0\x00', &(0x7f0000567ff2)='./file0/file1\x00') 2018/04/07 09:05:18 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000571ff7)='/dev/sg#\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2283, 0x0) 2018/04/07 09:05:18 executing program 4: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000c42000), &(0x7f00006abffc)=0xc) 2018/04/07 09:05:18 executing program 1: r0 = socket(0x1000000010, 0x802, 0x0) sendmsg$nl_route(r0, &(0x7f0000f72fc8)={&(0x7f00008d4000)={0x10}, 0xc, &(0x7f00002c9ff0)={&(0x7f0000f79000)=@ipv4_newroute={0x24, 0x18, 0x305, 0xffffffffffffffff, 0xffffffffffffffff, {0x2}, [@RTA_DST={0x8, 0x1, @multicast2=0xe0000002}]}, 0x24}, 0x1}, 0x0) 2018/04/07 09:05:18 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000c05ff8)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x8000000000000007, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x10000000}) fcntl$lock(r0, 0x24, &(0x7f0000003fe0)) 2018/04/07 09:05:18 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) fcntl$getflags(0xffffffffffffffff, 0x401) 2018/04/07 09:05:18 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) io_setup(0xa3c, &(0x7f0000409000)=0x0) ppoll(&(0x7f0000374000)=[{}], 0x1, &(0x7f0000b10000)={0x77359400}, &(0x7f0000ed6ff8), 0x8) io_submit(r1, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1}]) 2018/04/07 09:05:18 executing program 3: r0 = open(&(0x7f0000fa6ff8)='./file0\x00', 0x20007ffe, 0x0) fcntl$addseals(r0, 0x409, 0x200000080000000b) 2018/04/07 09:05:18 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x29, &(0x7f0000950ffc), 0x4) 2018/04/07 09:05:18 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000b5dfa8)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) fallocate(r2, 0x0, 0x0, 0x73e0) sendfile(r1, r2, &(0x7f0000e64ff8), 0x8e18) sendfile(r1, r2, &(0x7f00007ed000), 0x2b) 2018/04/07 09:05:18 executing program 2: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000031000), &(0x7f00005b5ffc)=0x14) 2018/04/07 09:05:18 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup2(r0, r0) bind$netlink(r1, &(0x7f0000006000)={0x10}, 0xc) 2018/04/07 09:05:18 executing program 6: perf_event_open(&(0x7f0000ff3f88)={0x1, 0x78, 0x200000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0xc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/07 09:05:18 executing program 5: r0 = open(&(0x7f0000ba0000)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ecfff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) fcntl$getflags(0xffffffffffffffff, 0x401) 2018/04/07 09:05:18 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00008f6ff9)='mounts\x00') r1 = epoll_create(0x7fb) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000faeff4)) mount(&(0x7f0000a38ff8)='./file0\x00', &(0x7f0000852000)='.', &(0x7f0000a60000)='ramfs\x00', 0x0, &(0x7f00008a7000)) epoll_pwait(r1, &(0x7f0000456000)=[{}], 0x1, 0x0, &(0x7f0000fba000), 0x8) [ 67.905735] ================================================================== [ 67.913159] BUG: KMSAN: uninit-value in sha256_generic_block_fn+0xb05f/0xb460 [ 67.920435] CPU: 1 PID: 5624 Comm: syz-executor4 Not tainted 4.16.0+ #81 [ 67.927271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.936617] Call Trace: [ 67.939212] dump_stack+0x185/0x1d0 [ 67.942854] ? sha256_generic_block_fn+0xb05f/0xb460 [ 67.947961] kmsan_report+0x142/0x240 [ 67.951772] __msan_warning_32+0x6c/0xb0 2018/04/07 09:05:18 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000745ff7)='/dev/sg#\x00', 0x0, 0x0) set_mempolicy(0x8001, &(0x7f0000cb9000)=0x1, 0x4) ioctl(r0, 0x2286, &(0x7f0000007000)) [ 67.955845] sha256_generic_block_fn+0xb05f/0xb460 [ 67.960787] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 67.966243] ? pick_next_task_fair+0x1d1e/0x1f70 [ 67.971014] ? kmsan_set_origin_inline+0x6b/0x120 [ 67.975871] ? kmsan_set_origin_inline+0x6b/0x120 [ 67.980722] ? __msan_poison_alloca+0x15c/0x1d0 [ 67.985399] ? kmsan_set_origin_inline+0x6b/0x120 [ 67.990254] ? __msan_poison_alloca+0x15c/0x1d0 [ 67.994933] ? _cond_resched+0x3c/0xd0 [ 67.998827] ? rcu_all_qs+0x32/0x1f0 [ 68.002541] ? _cond_resched+0x3c/0xd0 [ 68.006442] ? find_lock_entry+0x157/0x720 [ 68.010699] ? page_mapping+0x300/0x480 [ 68.014698] crypto_sha256_update+0x407/0x4b0 [ 68.019207] ? sha1_base_init+0x190/0x190 [ 68.023365] shash_async_update+0x290/0x360 [ 68.027704] ? shash_async_init+0x270/0x270 [ 68.032032] hash_sendpage+0x904/0xe10 [ 68.035942] ? hash_recvmsg+0xd50/0xd50 [ 68.039922] sock_sendpage+0x1de/0x2c0 [ 68.043824] pipe_to_sendpage+0x31b/0x430 [ 68.047982] ? sock_fasync+0x2b0/0x2b0 [ 68.051885] ? propagate_umount+0x3a30/0x3a30 2018/04/07 09:05:19 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc), 0x4) [ 68.056389] __splice_from_pipe+0x49a/0xf30 [ 68.060720] ? generic_splice_sendpage+0x2a0/0x2a0 [ 68.065661] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 68.071033] generic_splice_sendpage+0x1c6/0x2a0 [ 68.075811] ? iter_file_splice_write+0x1710/0x1710 [ 68.080834] ? iter_file_splice_write+0x1710/0x1710 [ 68.085864] direct_splice_actor+0x19b/0x200 [ 68.090287] splice_direct_to_actor+0x764/0x1040 [ 68.095050] ? do_splice_direct+0x540/0x540 [ 68.099386] ? security_file_permission+0x28f/0x4b0 2018/04/07 09:05:19 executing program 1: mkdir(&(0x7f00000e7ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000a9fff8)='./file0\x00', &(0x7f0000ff9fff)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1000, 0x0) mount(&(0x7f0000aa8000)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f00007e8000)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) umount2(&(0x7f00004e4000)='./file0\x00', 0x0) 2018/04/07 09:05:19 executing program 2: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f000031efdd)="220000004a000700ea091008090007000a0000000022000004000300040001008c45", 0x22) [ 68.104416] ? rw_verify_area+0x35e/0x580 [ 68.108581] do_splice_direct+0x335/0x540 [ 68.112739] do_sendfile+0x1067/0x1e40 [ 68.116644] SYSC_sendfile64+0x1b3/0x300 [ 68.120710] SyS_sendfile64+0x64/0x90 [ 68.124511] do_syscall_64+0x309/0x430 [ 68.128428] ? SYSC_sendfile+0x320/0x320 [ 68.132505] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 68.137698] RIP: 0033:0x455259 [ 68.140897] RSP: 002b:00007f66539a8c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 68.148614] RAX: ffffffffffffffda RBX: 00007f66539a96d4 RCX: 0000000000455259 [ 68.155889] RDX: 0000000020e64ff8 RSI: 0000000000000015 RDI: 0000000000000014 [ 68.163159] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 68.170431] R10: 0000000000008e18 R11: 0000000000000246 R12: 00000000ffffffff [ 68.177706] R13: 00000000000004c6 R14: 00000000006fa330 R15: 0000000000000000 [ 68.184978] [ 68.186604] Uninit was created at: [ 68.190153] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 68.195169] kmsan_alloc_page+0x82/0xe0 [ 68.199150] __alloc_pages_nodemask+0xf5b/0x5dc0 2018/04/07 09:05:19 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f000027efd4)={0x5, 0x3, 0x7f, 0x3}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00009b6fe0)={r0, &(0x7f0000124000)='_"E', &(0x7f0000ddc000)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000ba000)={r0, &(0x7f00002ae000), &(0x7f0000260ff8)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f000022cff0)={r0, &(0x7f00002a5000)}, 0x10) [ 68.203916] alloc_pages_vma+0xcc8/0x1800 [ 68.208083] shmem_alloc_and_acct_page+0x6d5/0x1000 [ 68.213115] shmem_getpage_gfp+0x35db/0x5770 [ 68.217539] shmem_fallocate+0xde2/0x1610 [ 68.221707] vfs_fallocate+0x9dc/0xde0 [ 68.225614] SYSC_fallocate+0x119/0x1d0 [ 68.229593] SyS_fallocate+0x64/0x90 [ 68.233313] do_syscall_64+0x309/0x430 [ 68.237210] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 68.242391] ================================================================== [ 68.249744] Disabling lock debugging due to kernel taint 2018/04/07 09:05:19 executing program 6: r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) fallocate(r2, 0x1e, 0x0, 0x9) [ 68.255196] Kernel panic - not syncing: panic_on_warn set ... [ 68.255196] [ 68.262577] CPU: 1 PID: 5624 Comm: syz-executor4 Tainted: G B 4.16.0+ #81 [ 68.270720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.280077] Call Trace: [ 68.282678] dump_stack+0x185/0x1d0 [ 68.286314] panic+0x39d/0x940 [ 68.289535] ? sha256_generic_block_fn+0xb05f/0xb460 [ 68.294649] kmsan_report+0x238/0x240 [ 68.298460] __msan_warning_32+0x6c/0xb0 [ 68.302530] sha256_generic_block_fn+0xb05f/0xb460 [ 68.307469] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 68.312923] ? pick_next_task_fair+0x1d1e/0x1f70 [ 68.317691] ? kmsan_set_origin_inline+0x6b/0x120 [ 68.322541] ? kmsan_set_origin_inline+0x6b/0x120 [ 68.327398] ? __msan_poison_alloca+0x15c/0x1d0 [ 68.332080] ? kmsan_set_origin_inline+0x6b/0x120 [ 68.336928] ? __msan_poison_alloca+0x15c/0x1d0 [ 68.341598] ? _cond_resched+0x3c/0xd0 [ 68.345528] ? rcu_all_qs+0x32/0x1f0 [ 68.349246] ? _cond_resched+0x3c/0xd0 [ 68.353143] ? find_lock_entry+0x157/0x720 2018/04/07 09:05:19 executing program 0: capset(&(0x7f000084eff8)={0x20080522}, &(0x7f0000305000)={0x0, 0x0, 0x0, 0x4}) [ 68.357391] ? page_mapping+0x300/0x480 [ 68.361386] crypto_sha256_update+0x407/0x4b0 [ 68.365900] ? sha1_base_init+0x190/0x190 [ 68.370054] shash_async_update+0x290/0x360 [ 68.374384] ? shash_async_init+0x270/0x270 [ 68.378713] hash_sendpage+0x904/0xe10 [ 68.382620] ? hash_recvmsg+0xd50/0xd50 [ 68.386606] sock_sendpage+0x1de/0x2c0 [ 68.390513] pipe_to_sendpage+0x31b/0x430 [ 68.394676] ? sock_fasync+0x2b0/0x2b0 [ 68.398583] ? propagate_umount+0x3a30/0x3a30 [ 68.403091] __splice_from_pipe+0x49a/0xf30 [ 68.407425] ? generic_splice_sendpage+0x2a0/0x2a0 [ 68.412364] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 68.417744] generic_splice_sendpage+0x1c6/0x2a0 [ 68.422513] ? iter_file_splice_write+0x1710/0x1710 [ 68.427539] ? iter_file_splice_write+0x1710/0x1710 [ 68.432571] direct_splice_actor+0x19b/0x200 [ 68.436997] splice_direct_to_actor+0x764/0x1040 [ 68.441760] ? do_splice_direct+0x540/0x540 [ 68.446096] ? security_file_permission+0x28f/0x4b0 [ 68.451127] ? rw_verify_area+0x35e/0x580 [ 68.455294] do_splice_direct+0x335/0x540 [ 68.459454] do_sendfile+0x1067/0x1e40 [ 68.463362] SYSC_sendfile64+0x1b3/0x300 [ 68.467440] SyS_sendfile64+0x64/0x90 [ 68.471245] do_syscall_64+0x309/0x430 [ 68.475142] ? SYSC_sendfile+0x320/0x320 [ 68.479203] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 68.484382] RIP: 0033:0x455259 [ 68.487566] RSP: 002b:00007f66539a8c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 68.495268] RAX: ffffffffffffffda RBX: 00007f66539a96d4 RCX: 0000000000455259 [ 68.502519] RDX: 0000000020e64ff8 RSI: 0000000000000015 RDI: 0000000000000014 [ 68.509775] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 68.517035] R10: 0000000000008e18 R11: 0000000000000246 R12: 00000000ffffffff [ 68.524306] R13: 00000000000004c6 R14: 00000000006fa330 R15: 0000000000000000 [ 68.532036] Dumping ftrace buffer: [ 68.535560] (ftrace buffer empty) [ 68.539248] Kernel Offset: disabled [ 68.542853] Rebooting in 86400 seconds..