Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 15.641320] random: sshd: uninitialized urandom read (32 bytes read, 33 bits of entropy available) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.963531] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 19.190883] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 20.200434] random: nonblocking pool is initialized Warning: Permanently added '10.128.0.62' (ECDSA) to the list of known hosts. 2018/01/25 00:30:47 fuzzer started 2018/01/25 00:30:47 dialing manager at 10.128.0.26:35617 2018/01/25 00:30:51 kcov=true, comps=false 2018/01/25 00:30:52 executing program 0: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000005000-0x44)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004ee000-0x76)='\x00', 0x0, 0x0, 0x0}, @ptr={0x77622a85, 0x0, &(0x7f0000008000-0x8e)='\x00', 0x0, 0x0, 0x0}], &(0x7f000000b000-0x30)=[0x0, 0x28]}}], 0x221, 0x0, &(0x7f0000009000)=""}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000003000)={0x44, 0x0, &(0x7f000012f000-0x44)=[@transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000e2a000-0x60)=[], &(0x7f0000a6c000)=[0x0]}}], 0x0, 0x0, &(0x7f0000e0b000-0x49)=""}) 2018/01/25 00:30:52 executing program 1: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000aaa000)={0x2, 0x78, 0x47, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000)=0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000001000-0xa)='net/route\x00') preadv(r0, &(0x7f0000003000)=[{&(0x7f0000001000)=""/4096, 0x888}], 0x1, 0x0) 2018/01/25 00:30:52 executing program 4: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000015000-0x78)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000)=0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000ae2000-0xa5)="", 0x0) read(0xffffffffffffffff, &(0x7f0000de2000)=""/181, 0x1) mmap(&(0x7f00002c3000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) socket(0x0, 0x0, 0x0) 2018/01/25 00:30:52 executing program 7: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000bdb000)={0x2, 0xffffffffffffffff, @local={0xac, 0x14, 0x0, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) connect$inet(r0, &(0x7f0000245000-0x10)={0x2, 0xffffffffffffffff, @multicast2=0xe0000002, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f00009af000)='stat\x00') sendfile(r0, r1, 0x0, 0x3ff) sendto$inet(r0, &(0x7f00004cb000)="eb100cd4c0c902e576b28cbc621e605b66500318421455db8affab9f880f391bcc6fed6ed94adc27cfc67a180ff754d736b6e216afb764dca26a9685ef4f8e2b749cab16d45d4c92965e1a25562390fe1ba1ba64fc6284df3c36203ed82d7cb73aff79149625e635614a3ad86859c9a15ffdac57ad48a8f796f2fa48a6f899262acac1eddfabd8225f9ae823af4f94b9e362290d8080b540e2cfab85714f38bb83d32d39106178d33999ff4237bc75e7f96c855d35a84a70c513755ef7efb21989942b16b9b6515b16b2faf52172d597f8bb6bf35063335f3d7daa77218dfa390427dc4bde6495191f6f46cfb852af91c27a8ccb41b8edbdb2ce2c02133ad73a189d167942c1d0d94e7ae44c4662e50c39550da890e31900905ba65b0af1d093db35e09533c55792b96d99ebc7d4821b75f29b885c14e2b5ca9bc9c8cb72de248b3398b5744d749f7d90bb01cdc802066a1d28c02bc82a5767d3ebb41225fc40ec84b04ea42a4ed0a1a6d02fc2a0fc063f6bc691a373ea82038f2595c1d9fbac0524ddce6c3c7bcd8ecbeac7c7aad69d9f7744c18d85d3e2b0f4f451bb872da72ef7daa3e255ccb484bb2efcef91b76019a87ff9c5a2a38b1097a7779b86c8c600b5a910366219e51c6351aec27f1da259ae373652583404e343907e85fcf0d733b4b0c333f8c6521c51dfb52cef725827f3d02a4f88433ef816c6c2a43a247ccfdc147ac3c2949f0958659a1bdadce30aab21d3b0fc44289075eb523fbcd998c1fb6d16dde80c0b276723631d2de88cabfdb8440bf63464b88d449e0a31c05438bd804690ab26da37f603962bf10565da4818df450d58309fd6cbec6f087cee1776f2e9892daea10af3904ed372816391f09cf363f906d9d04c45583ffbbbc8762ddaa0db7f9aba487ea8348c16b03262e83b8c86d0191e382550da1655d64b394b8d181fda176940cb1a4b744b864849e95bd605673508eaa5f906296b48f15f93bc151facd704d54b7010d1652828c4ac0d5759df5aafd816abf7a75ba5476c1b9c17e22b7b939ecb6640cd1ab5d4395cc13043e839a922c7d7500465abf52b552ce08bc85b7dd8f859fe7e1a221ee855394a220d325ab27eb65d89cef3657836c1db8902575bdb8b6a0dc41454d1532defbd7911484a88d2de45f11866edb4874897a9a10f54d3ff5dfcf0b9c382cec488c2fe7d69d8a964f816d1032b1d02f0c25ba116e6a7aa8422114f5514b643241f82cca22e3efdb04f9a3fa4055c997185d0b8bb8bc04669370d2dc11731bb11b536b4bd356455114673a76b3a3c65fb9dafdafb6f96aff3261ea2195c4068620bb8e14a327e3d2b802c71718b72ccf938ff015338d6afbad4bba72672885d26246088092edb94fbe031e9cd112d4da17a7994d5ace97bc3dd72a27ef945bfb1dc2a9cb50d2c88931d21c8fac2e4cc14ffa486109cbd6451c3c6e1bcc6c59eaa4ef2822f536c147f70f58447e122d3926670ad3bf34ebe032d79dda6704d14b06c1334bd073b9e6c09ef0ab5ec878504f023b64064649c68870b3563708ee084b2981fede0076a9ac101371536935fe33f4c84931c72310fff13f1ade636c824c37357e53e771c96d662ce28eed6b1b13bfc6ad9ad55a621136dc72831b15a52b591c6ec1f444d8a08423fee154fee3b5845e2db986d5a58a77265acd01585", 0x4b1, 0x0, &(0x7f000033d000-0x10)={0x2, 0xffffffffffffffff, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) 2018/01/25 00:30:52 executing program 5: 2018/01/25 00:30:52 executing program 2: 2018/01/25 00:30:52 executing program 6: 2018/01/25 00:30:52 executing program 3: [ 30.864286] IPVS: Creating netns size=2552 id=1 [ 30.933790] IPVS: Creating netns size=2552 id=2 [ 30.985640] IPVS: Creating netns size=2552 id=3 [ 31.037952] IPVS: Creating netns size=2552 id=4 [ 31.124408] IPVS: Creating netns size=2552 id=5 [ 31.214214] IPVS: Creating netns size=2552 id=6 [ 31.305200] IPVS: Creating netns size=2552 id=7 [ 31.447416] IPVS: Creating netns size=2552 id=8 [ 34.144072] audit: type=1400 audit(1516840255.365:5): avc: denied { set_context_mgr } for pid=4339 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 [ 34.200911] binder: 4339:4358 got transaction to invalid handle [ 34.227820] binder: 4339:4358 transaction failed 29201/-22, size 0-8 line 3005 2018/01/25 00:30:55 executing program 4: 2018/01/25 00:30:55 executing program 4: mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_buf(r0, 0x6, 0xb, &(0x7f0000001000)=""/50, &(0x7f0000001000)=0x32) [ 34.242854] audit: type=1400 audit(1516840255.465:6): avc: denied { call } for pid=4339 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 [ 34.265274] binder_alloc: binder_alloc_mmap_handler: 4339 20000000-20002000 already mapped failed -16 [ 34.268347] binder_alloc: 4339: binder_alloc_buf, no vma [ 34.268388] binder: 4339:4367 transaction failed 29189/-3, size 80-16 line 3128 [ 34.268497] binder: BINDER_SET_CONTEXT_MGR already set [ 34.268504] binder: 4339:4358 ioctl 40046207 0 returned -16 2018/01/25 00:30:55 executing program 1: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f000027d000-0x6e)="2400000052001f1d07000000000904000221071008000100ffffe80800460000e6000066", 0x24) 2018/01/25 00:30:55 executing program 4: 2018/01/25 00:30:55 executing program 4: 2018/01/25 00:30:55 executing program 4: 2018/01/25 00:30:55 executing program 1: 2018/01/25 00:30:55 executing program 4: [ 34.413180] binder_alloc: 4339: binder_alloc_buf, no vma [ 34.425695] binder: 4339:4349 transaction failed 29189/-3, size 80-16 line 3128 [ 34.453479] binder: undelivered TRANSACTION_ERROR: 29201 2018/01/25 00:30:55 executing program 3: mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) clock_adjtime(0x0, &(0x7f0000003000-0x25)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2018/01/25 00:30:55 executing program 6: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00005f8000-0x8)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000014000-0x10)={0x2, &(0x7f0000415000-0x10)=[{0x1c, 0x0, 0x0, 0x0}, {0x6, 0x0, 0x0, 0x0}]}, 0x8) 2018/01/25 00:30:55 executing program 0: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$netlink(r0, &(0x7f0000ad5000)={&(0x7f00005ff000)=@kern={0x10, 0x0, 0x0, 0x0}, 0xc, &(0x7f0000c48000-0x20)=[{&(0x7f00006d7000-0x1334)={0x30, 0x12, 0x201, 0xffffffffffffffff, 0xffffffffffffffff, "", [@nested={0x20, 0x1a, [@generic="200ab7a1c3cbf0095fcdc4a42b", @typed={0xc, 0x8e, @u32=0x0}]}]}, 0x30}], 0x1, 0x0, 0x0, 0x2000000004}, 0x80) 2018/01/25 00:30:55 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000eed000)={0x2, 0x1, @empty=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000aa0000-0x4)=0x2, 0x4) syz_emit_ethernet(0x6f, &(0x7f0000f5c000)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty=[0x0, 0x0, 0x14, 0x0, 0x0, 0x0], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x61, 0xffffffffffffffff, 0x0, 0x0, 0x11, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, @multicast1=0xe0000001, {[]}}, @udp={0xffffffffffffffff, 0x1, 0x4d, 0x0, "594fb9f3b08f2ec9547529e3f44d64e438e828b6d2c7a2d23ec3beab791a5a4e3a150fa31bd94330e61f9aed9f66fd9a417f61784ab92046e0bb21d095a7e59ce8507e3256"}}}}}, 0x0) 2018/01/25 00:30:55 executing program 2: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2000000000001, 0x0) r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000554000)={0x0, 0xffffffffffffffff, @multicast1=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000bb2000-0x4)=0x10, 0x80800) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000f16000)=0x0, &(0x7f0000885000)=0x4) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00001ce000-0x4)=0x0, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f000064d000-0x4)=0x0, 0x4) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000911000-0x8)=0x0, 0x0) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f00004e9000-0x8)=0x0) ioctl$sock_inet_SIOCGIFBRDADDR(0xffffffffffffffff, 0x8919, &(0x7f0000b7c000)={@common='ip6tnl0\x00', @ifru_addrs={0x2, 0xffffffffffffffff, @multicast2=0xe0000002, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}) r2 = fcntl$getown(r0, 0x9) ioprio_get$pid(0x1, r2) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000f5e000-0x4)=0x8, 0x4) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000566000-0xa)='/dev/ptmx\x00', 0x20040, 0x0) ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000941000-0x4)=0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f000071c000-0xc)='/dev/autofs\x00', 0x0, 0x0) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000460000-0x4)=0x0) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f00007ed000)={&(0x7f00009d1000/0x1000)=nil, 0x0, 0x0, 0x0, &(0x7f00009a8000/0x4000)=nil, 0x0}) getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, &(0x7f0000b58000-0x8)=0x0, &(0x7f0000a85000-0x4)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f000051e000-0x103)={0x0, 0x0, ""}, &(0x7f0000e5e000)=0x8) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00007ed000)={0x0, 0x0}, &(0x7f0000b25000-0x4)=0x8) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f0000eb3000-0x8)=0x0) r5 = fcntl$getown(r3, 0x9) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000502000)={&(0x7f00007d1000-0xc)={0x10, 0x0, 0x0, 0x0}, 0xc, &(0x7f00007cd000)={&(0x7f0000182000-0x11ac)={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, {0x0, 0x0, 0x0}, []}, 0x14}, 0x1, 0x0, 0x0, 0x0}, 0x0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000043000-0x24)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f00008c5000-0x4)={0x0}, &(0x7f0000b4a000-0x4)=0x4) openat(0xffffffffffffffff, &(0x7f0000e3e000-0x8)='./file0\x00', 0x4, 0x0) r6 = syz_open_procfs(r5, &(0x7f0000dcb000-0x8)='net/arp\x00') bind$inet6(r0, &(0x7f000008d000)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x0}, 0x1c) sendto$inet6(r0, &(0x7f0000a9c000)="", 0x0, 0xfffffefffffffffe, &(0x7f0000f63000-0x1c)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x0}, 0x1c) sendfile(r0, r6, &(0x7f0000cd2000-0x8)=0x0, 0x10001) 2018/01/25 00:30:55 executing program 4: 2018/01/25 00:30:55 executing program 7: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f000000b000)={&(0x7f00007c1000)={0x10, 0x0, 0x0, 0x0}, 0xc, &(0x7f00005a7000-0x10)={&(0x7f00002e3000)=@newsa={0x138, 0x10, 0x713, 0xffffffffffffffff, 0xffffffffffffffff, {{@in=@multicast2=0xe0000002, @in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xffffffffffffffff, 0xbb}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {@in=@loopback=0x7f000001, 0xffffffffffffffff, 0x33}, @in6=@loopback={0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0}, [@algo_auth={0x48, 0x1, {{'md5\x00'}, 0x0, ""}}]}, 0x138}, 0x1, 0x0, 0x0, 0x0}, 0x0) 2018/01/25 00:30:55 executing program 1: mmap(&(0x7f0000000000/0x5000)=nil, 0x5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1a, &(0x7f0000001000)=""/50, &(0x7f0000001000)=0xfffffffffffffeb0) 2018/01/25 00:30:55 executing program 4: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2000000000001, 0x0) r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000554000)={0x0, 0xffffffffffffffff, @multicast1=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000bb2000-0x4)=0x10, 0x80800) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000f16000)=0x0, &(0x7f0000885000)=0x4) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00001ce000-0x4)=0x0, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f000064d000-0x4)=0x0, 0x4) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000911000-0x8)=0x0, 0x0) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f00004e9000-0x8)=0x0) ioctl$sock_inet_SIOCGIFBRDADDR(0xffffffffffffffff, 0x8919, &(0x7f0000b7c000)={@common='ip6tnl0\x00', @ifru_addrs={0x2, 0xffffffffffffffff, @multicast2=0xe0000002, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}) r2 = fcntl$getown(r0, 0x9) ioprio_get$pid(0x1, r2) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000f5e000-0x4)=0x8, 0x4) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000566000-0xa)='/dev/ptmx\x00', 0x20040, 0x0) ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000941000-0x4)=0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f000071c000-0xc)='/dev/autofs\x00', 0x0, 0x0) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000460000-0x4)=0x0) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f00007ed000)={&(0x7f00009d1000/0x1000)=nil, 0x0, 0x0, 0x0, &(0x7f00009a8000/0x4000)=nil, 0x0}) getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, &(0x7f0000b58000-0x8)=0x0, &(0x7f0000a85000-0x4)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f000051e000-0x103)={0x0, 0x0, ""}, &(0x7f0000e5e000)=0x8) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00007ed000)={0x0, 0x0}, &(0x7f0000b25000-0x4)=0x8) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f0000eb3000-0x8)=0x0) r5 = fcntl$getown(r3, 0x9) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000502000)={&(0x7f00007d1000-0xc)={0x10, 0x0, 0x0, 0x0}, 0xc, &(0x7f00007cd000)={&(0x7f0000182000-0x11ac)={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, {0x0, 0x0, 0x0}, []}, 0x14}, 0x1, 0x0, 0x0, 0x0}, 0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f00008c5000-0x4)={0x0}, &(0x7f0000b4a000-0x4)=0x4) openat(0xffffffffffffffff, &(0x7f0000e3e000-0x8)='./file0\x00', 0x4, 0x0) r6 = syz_open_procfs(r5, &(0x7f0000dcb000-0x8)='net/arp\x00') bind$inet6(r0, &(0x7f000008d000)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x0}, 0x1c) sendto$inet6(r0, &(0x7f0000a9c000)="", 0x0, 0xfffffefffffffffe, &(0x7f0000f63000-0x1c)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x0}, 0x1c) sendfile(r0, r6, &(0x7f0000cd2000-0x8)=0x0, 0x10001) 2018/01/25 00:30:55 executing program 1: [ 34.678038] kasan: CONFIG_KASAN_INLINE enabled [ 34.682509] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN [ 34.695434] Dumping ftrace buffer: [ 34.698968] (ftrace buffer empty) [ 34.702671] Modules linked in: [ 34.705976] CPU: 1 PID: 4486 Comm: syz-executor0 Not tainted 4.4.113-ge70c132 #34 [ 34.713571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.722906] task: ffff8801d4fd17c0 task.stack: ffff8801d4468000 [ 34.728946] RIP: 0010:[] [] __list_del_entry+0x86/0x1d0 [ 34.737631] RSP: 0018:ffff8801d446f5a8 EFLAGS: 00010246 [ 34.743071] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff8801d50b5a10 [ 34.750322] RDX: 0000000000000000 RSI: ffffffff851c3210 RDI: ffff8801d50b5a18 [ 34.757565] RBP: ffff8801d446f5c0 R08: 0000000000000001 R09: 0000000000000000 [ 34.764805] R10: 0000000000000001 R11: 1ffff1003a88de84 R12: 0000000000000000 [ 34.772044] R13: ffff8801d50b59b9 R14: ffff8801d50b5a38 R15: 00000000ffffffde [ 34.779287] FS: 00007fe2b3899700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 34.787480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.793331] CR2: 0000000000a8a978 CR3: 00000001d5a08000 CR4: 0000000000160670 [ 34.800580] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.807819] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 34.815057] Stack: [ 34.817174] ffff8801d50b5a38 ffff8801d50b5a10 ffff8800b09219c0 ffff8801d446f5d8 [ 34.825145] ffffffff81d62add ffff8801d50b5a10 ffff8801d446f5f8 ffffffff832ae63e [ 34.833112] ffff8800b0978000 ffff8801d50b5a10 ffff8801d446f618 ffffffff832cdb93 [ 34.841083] Call Trace: [ 34.843641] [] list_del+0xd/0x70 [ 34.848631] [] xfrm_state_walk_done+0x6e/0xa0 [ 34.854745] [] xfrm_dump_sa_done+0x73/0xa0 [ 34.860600] [] ? xfrm_dump_policy_start+0x20/0x20 [ 34.867061] [] netlink_dump+0x871/0xb40 [ 34.872654] [] __netlink_dump_start+0x52e/0x7c0 [ 34.878941] [] ? __netlink_ns_capable+0xe1/0x120 [ 34.885317] [] xfrm_user_rcv_msg+0x5bd/0x6b0 [ 34.891352] [] ? xfrm_user_rcv_msg+0x6b0/0x6b0 [ 34.897554] [] ? xfrm_dump_sa_done+0xa0/0xa0 [ 34.903584] [] ? xfrm_user_rcv_msg+0x6b0/0x6b0 [ 34.909783] [] ? xfrm_dump_policy_start+0x20/0x20 [ 34.916256] [] ? avc_has_perm_noaudit+0x460/0x460 [ 34.922720] [] ? mark_held_locks+0xaf/0x100 [ 34.928662] [] ? mutex_lock_nested+0x5d4/0x850 [ 34.934862] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 34.941673] [] ? mutex_lock_nested+0x560/0x850 [ 34.947872] [] ? xfrm_netlink_rcv+0x60/0x90 [ 34.953812] [] ? netlink_lookup+0xee/0x740 [ 34.959666] [] netlink_rcv_skb+0x13e/0x370 [ 34.965522] [] ? xfrm_dump_sa_done+0xa0/0xa0 [ 34.971551] [] xfrm_netlink_rcv+0x6f/0x90 [ 34.977317] [] netlink_unicast+0x522/0x760 [ 34.983168] [] ? netlink_unicast+0x44f/0x760 [ 34.989194] [] ? netlink_attachskb+0x6c0/0x6c0 [ 34.995922] [] netlink_sendmsg+0x8e8/0xc50 [ 35.001776] [] ? netlink_unicast+0x760/0x760 [ 35.007804] [] ? selinux_socket_sendmsg+0x3f/0x50 [ 35.014267] [] ? security_socket_sendmsg+0x89/0xb0 [ 35.020815] [] ? netlink_unicast+0x760/0x760 [ 35.026842] [] sock_sendmsg+0xca/0x110 [ 35.032347] [] ___sys_sendmsg+0x6c1/0x7c0 [ 35.038113] [] ? copy_msghdr_from_user+0x550/0x550 [ 35.044662] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 35.051648] [] ? __fget+0x232/0x3b0 [ 35.056891] [] ? __fget+0x47/0x3b0 [ 35.062053] [] ? __fget_light+0xa1/0x1e0 [ 35.067732] [] ? __fdget+0x18/0x20 [ 35.072890] [] __sys_sendmsg+0xd3/0x190 [ 35.078482] [] ? SyS_shutdown+0x1b0/0x1b0 [ 35.084253] [] ? SyS_futex+0x210/0x2c0 [ 35.089758] [] ? fd_install+0x4d/0x60 [ 35.095177] [] ? move_addr_to_kernel+0x50/0x50 [ 35.101377] [] SyS_sendmsg+0x2d/0x50 [ 35.106710] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 35.113256] Code: c4 0f 84 94 00 00 00 48 b8 00 02 00 00 00 00 ad de 48 39 c3 0f 84 a5 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 e8 00 00 00 4c 8b 03 49 39 c8 0f 85 9b 00 00 [ 35.139856] RIP [] __list_del_entry+0x86/0x1d0 [ 35.146177] RSP [ 35.149802] ---[ end trace da84309b64f16f74 ]--- [ 35.154549] Kernel panic - not syncing: Fatal exception in interrupt [ 35.161439] Dumping ftrace buffer: [ 35.164951] (ftrace buffer empty) [ 35.168629] Kernel Offset: disabled [ 35.172223] Rebooting in 86400 seconds..