INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.9' (ECDSA) to the list of known hosts. 2018/04/20 14:02:55 fuzzer started 2018/04/20 14:02:56 dialing manager at 10.128.0.26:40315 2018/04/20 14:03:02 kcov=true, comps=false 2018/04/20 14:03:05 executing program 0: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000004000)='map_files\x00') getdents64(r0, &(0x7f0000000180)=""/77, 0x54) 2018/04/20 14:03:05 executing program 2: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000040)="24000000200025eff26b000420edfc00020b00080110b5004f06b7b408000100000000b7", 0x24) 2018/04/20 14:03:05 executing program 7: r0 = socket$inet(0x2b, 0x8000000001, 0x0) poll(&(0x7f0000000080)=[{r0}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x102b}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000000c0)={r1, 0x10001}, &(0x7f0000000100)=0x8) close(r0) 2018/04/20 14:03:05 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}, 0x1c) sendmmsg(r0, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f00000003c0)}}, {{&(0x7f00000004c0)=@in6={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c, &(0x7f0000000680), 0x3ba, &(0x7f0000002000)=[{0x10, 0x29}], 0x10}}], 0x2, 0x8000) 2018/04/20 14:03:05 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000000)=0x2, 0x4) recvmmsg(r0, &(0x7f00000129c0)=[{{&(0x7f0000012840)=@nfc_llcp, 0x80, &(0x7f0000012980)}}], 0x1, 0x0, &(0x7f0000012a80)) sendmsg$nl_netfilter(r0, &(0x7f0000065fc8)={&(0x7f00002dfff4)={0x10}, 0xc, &(0x7f0000fd1000)={&(0x7f0000f74000)={0x14, 0x0, 0x0, 0xfffffffffffffffd}, 0x14}, 0x1}, 0x0) 2018/04/20 14:03:05 executing program 6: r0 = syz_open_dev$loop(&(0x7f0000000540)='/dev/loop#\x00', 0x100000, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)='pids.max\x00', 0x2, 0x0) ioctl$LOOP_SET_STATUS(r0, 0xc0481273, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "000000000100000000001bf3ffffff000065000000edff00007db0e6330ee7f9b319d8000018e58d1c43473000e05026fb0000008001d1a7335d5bffff0001d7", "cea40005003500f7ff0002ff000000000000000000810000dc01867dfffe0200"}) 2018/04/20 14:03:05 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={@empty, @remote={0xfe, 0x80, [], 0xbb}, @dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8600017f}) 2018/04/20 14:03:05 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0) pread64(r1, &(0x7f0000000180)=""/160, 0xa0, 0x0) syzkaller login: [ 41.449971] ip (3759) used greatest stack depth: 54672 bytes left [ 42.716063] ip (3884) used greatest stack depth: 54560 bytes left [ 42.889428] ip (3900) used greatest stack depth: 54544 bytes left [ 42.934147] ip (3904) used greatest stack depth: 53960 bytes left [ 42.956673] ip (3901) used greatest stack depth: 53656 bytes left [ 43.223336] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.229842] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.277101] device bridge_slave_0 entered promiscuous mode [ 43.326426] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.332915] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.374358] device bridge_slave_0 entered promiscuous mode [ 43.392826] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.399276] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.433510] device bridge_slave_0 entered promiscuous mode [ 43.449509] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.456005] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.469885] device bridge_slave_0 entered promiscuous mode [ 43.480519] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.486947] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.506147] device bridge_slave_0 entered promiscuous mode [ 43.522885] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.529329] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.545445] device bridge_slave_0 entered promiscuous mode [ 43.555781] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.562215] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.582185] device bridge_slave_1 entered promiscuous mode [ 43.588677] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.595146] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.616905] device bridge_slave_0 entered promiscuous mode [ 43.627759] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.634220] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.653855] device bridge_slave_0 entered promiscuous mode [ 43.667176] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.673637] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.697244] device bridge_slave_1 entered promiscuous mode [ 43.703718] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.710190] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.726090] device bridge_slave_1 entered promiscuous mode [ 43.735717] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.742157] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.765415] device bridge_slave_1 entered promiscuous mode [ 43.779248] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.785702] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.796157] device bridge_slave_1 entered promiscuous mode [ 43.805118] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.811550] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.828775] device bridge_slave_1 entered promiscuous mode [ 43.842708] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.849186] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.869934] device bridge_slave_1 entered promiscuous mode [ 43.883667] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.893264] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.900794] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.911088] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.927849] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.934289] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.964254] device bridge_slave_1 entered promiscuous mode [ 43.973214] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.981611] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.079134] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.093715] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.102095] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.111894] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.119463] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.156768] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.170538] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.192744] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.342101] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.395535] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 45.054201] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.062506] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.070671] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.085778] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.131458] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.177390] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.249931] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.260880] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.271861] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.287732] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.334870] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.342549] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.357950] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.398946] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.570507] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.611440] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.762504] ip (4113) used greatest stack depth: 53640 bytes left [ 46.183576] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.205697] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.251604] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.262411] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.275114] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.400179] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.420267] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.432421] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.443437] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.477758] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.498364] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.533165] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.616328] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.627203] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.634779] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.646780] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.679320] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.690328] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.697931] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.705955] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.714528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.744715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.769797] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.796244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.828566] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.843241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.854550] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.862887] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.869980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.878140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.889471] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.905335] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.912876] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.920355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.949297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.970849] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.997672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.021485] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.029483] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.036758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.048653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.063164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.079269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.096268] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.106616] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.120361] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.131933] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.164880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.188586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.228615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.252212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.266922] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.280318] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.306369] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.317853] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.332973] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.358692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.385848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.408657] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.420698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.428791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.444258] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.451556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.469661] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.259311] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.265811] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.272675] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.279107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.294572] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.301262] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.322141] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.328604] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.335461] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.341914] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.382925] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.410266] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.416738] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.423585] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.430056] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.473428] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.484323] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.490762] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.497599] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.504058] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.560911] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.576468] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.582900] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.589681] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.596117] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.609966] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.622218] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.628667] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.635512] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.641949] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.693858] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.700712] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.707153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.713951] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.720375] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.730239] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.948087] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.954556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.961368] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.967815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.004786] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.336141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.349257] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.383551] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.399070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.407490] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.416145] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.423753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.462587] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.548771] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.747768] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.771154] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.783464] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.795182] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.901741] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.069235] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.313621] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.319948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.328754] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.374575] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.386666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.395909] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.525380] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.531585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.542846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.602098] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.608343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.616123] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.638083] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.649636] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.655828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.682468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.702601] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.718625] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.730524] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.766750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.797607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.958298] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.964567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.972317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/20 14:03:31 executing program 7: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916a8eacc2f96e0000a8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x7, 0xfa}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x6, 0xfffffffb, 0x0, &(0x7f0000000000)) 2018/04/20 14:03:31 executing program 1: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000040)="24000000200025eff26b000420edfc00020b00080110b5004f06b7b408710100000000b7", 0x24) 2018/04/20 14:03:31 executing program 3: r0 = socket$inet6(0xa, 0x2100000200000002, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@rand_addr, @in6=@loopback={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x0, 0x2b}, 0x0, @in, 0x0, 0x4}}, 0xe8) sendto$inet6(r0, &(0x7f00000002c0), 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) [ 65.270650] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. 2018/04/20 14:03:31 executing program 7: r0 = memfd_create(&(0x7f0000000ffe)='$\x00', 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) 2018/04/20 14:03:31 executing program 3: r0 = socket$inet6(0xa, 0x2100000200000002, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@rand_addr, @in6=@loopback={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x0, 0x2b}, 0x0, @in, 0x0, 0x4}}, 0xe8) sendto$inet6(r0, &(0x7f00000002c0), 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) 2018/04/20 14:03:31 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0) pread64(r1, &(0x7f0000000180)=""/160, 0xa0, 0x0) 2018/04/20 14:03:31 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000002fe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000ff0)=[{&(0x7f0000000040)='H\x00', 0x2}], 0x1, &(0x7f00000000c0)}, 0x2000c080) write(r0, &(0x7f00000000c0)="9701d929e7ed4a96c8eeefad2d47f178c4c20f1ca5fa6664bd526464dd948575c40418328c5aa8372355056a497b", 0x2e) 2018/04/20 14:03:31 executing program 2: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000040)="24000000200025eff26b000420edfc00020b00080110b5004f06b7b408000100000000b7", 0x24) [ 65.621659] ================================================================== [ 65.629084] BUG: KMSAN: uninit-value in rawv6_sendmsg+0x4bee/0x4cc0 [ 65.635491] CPU: 1 PID: 5788 Comm: syz-executor1 Not tainted 4.16.0+ #84 [ 65.642324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.651674] Call Trace: [ 65.654267] dump_stack+0x185/0x1d0 [ 65.657900] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 65.662135] kmsan_report+0x142/0x240 [ 65.665937] __msan_warning_32+0x6c/0xb0 [ 65.669993] rawv6_sendmsg+0x4bee/0x4cc0 [ 65.674057] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 65.679509] ? futex_wait_queue_me+0x687/0x710 [ 65.684107] ? compat_rawv6_ioctl+0x30/0x30 [ 65.688434] inet_sendmsg+0x48d/0x740 [ 65.692241] ? security_socket_sendmsg+0x9e/0x210 [ 65.697089] ? inet_getname+0x500/0x500 [ 65.701076] sock_write_iter+0x3b9/0x470 [ 65.705149] ? sock_read_iter+0x480/0x480 [ 65.709304] __vfs_write+0x719/0x910 [ 65.713032] vfs_write+0x463/0x8d0 [ 65.716583] SYSC_write+0x172/0x360 [ 65.720220] SyS_write+0x55/0x80 [ 65.723591] do_syscall_64+0x309/0x430 [ 65.727483] ? SYSC_read+0x360/0x360 [ 65.731206] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 65.736392] RIP: 0033:0x455379 [ 65.739581] RSP: 002b:00007f9d19bafc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 65.747288] RAX: ffffffffffffffda RBX: 00007f9d19bb06d4 RCX: 0000000000455379 [ 65.754559] RDX: 000000000000002e RSI: 00000000200000c0 RDI: 0000000000000013 [ 65.761822] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 65.769085] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 65.776350] R13: 00000000000006c1 R14: 00000000006fd2b8 R15: 0000000000000000 [ 65.783617] [ 65.785232] Uninit was stored to memory at: [ 65.789557] kmsan_internal_chain_origin+0x12b/0x210 [ 65.794661] kmsan_memcpy_origins+0x11d/0x170 [ 65.799152] __msan_memcpy+0x19f/0x1f0 [ 65.803039] skb_copy_bits+0x63a/0xdb0 [ 65.806927] rawv6_sendmsg+0x427e/0x4cc0 [ 65.810988] inet_sendmsg+0x48d/0x740 [ 65.814796] sock_write_iter+0x3b9/0x470 [ 65.818858] __vfs_write+0x719/0x910 [ 65.822577] vfs_write+0x463/0x8d0 [ 65.826118] SYSC_write+0x172/0x360 [ 65.829743] SyS_write+0x55/0x80 [ 65.833120] do_syscall_64+0x309/0x430 [ 65.837011] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 65.842191] Uninit was created at: [ 65.845735] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 65.850747] kmsan_alloc_page+0x82/0xe0 [ 65.854728] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 65.859483] alloc_pages_current+0x6b5/0x970 [ 65.863898] skb_page_frag_refill+0x3ba/0x5e0 [ 65.868394] sk_page_frag_refill+0xa4/0x340 [ 65.872721] __ip6_append_data+0x1a20/0x4bb0 [ 65.877132] ip6_append_data+0x40e/0x6b0 [ 65.881193] rawv6_sendmsg+0x2787/0x4cc0 [ 65.885252] inet_sendmsg+0x48d/0x740 [ 65.889057] sock_write_iter+0x3b9/0x470 [ 65.893122] __vfs_write+0x719/0x910 [ 65.896836] vfs_write+0x463/0x8d0 [ 65.900375] SYSC_write+0x172/0x360 [ 65.904003] SyS_write+0x55/0x80 [ 65.907367] do_syscall_64+0x309/0x430 [ 65.911260] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 65.916441] ================================================================== [ 65.923787] Disabling lock debugging due to kernel taint [ 65.929215] Kernel panic - not syncing: panic_on_warn set ... [ 65.929215] [ 65.936556] CPU: 1 PID: 5788 Comm: syz-executor1 Tainted: G B 4.16.0+ #84 [ 65.944672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.954002] Call Trace: [ 65.956578] dump_stack+0x185/0x1d0 [ 65.960185] panic+0x39d/0x940 [ 65.963381] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 65.967601] kmsan_report+0x238/0x240 [ 65.971383] __msan_warning_32+0x6c/0xb0 [ 65.975422] rawv6_sendmsg+0x4bee/0x4cc0 [ 65.979461] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 65.984893] ? futex_wait_queue_me+0x687/0x710 [ 65.989461] ? compat_rawv6_ioctl+0x30/0x30 [ 65.993759] inet_sendmsg+0x48d/0x740 [ 65.997542] ? security_socket_sendmsg+0x9e/0x210 [ 66.002367] ? inet_getname+0x500/0x500 [ 66.006322] sock_write_iter+0x3b9/0x470 [ 66.010365] ? sock_read_iter+0x480/0x480 [ 66.014502] __vfs_write+0x719/0x910 [ 66.018206] vfs_write+0x463/0x8d0 [ 66.021727] SYSC_write+0x172/0x360 [ 66.025335] SyS_write+0x55/0x80 [ 66.028681] do_syscall_64+0x309/0x430 [ 66.032560] ? SYSC_read+0x360/0x360 [ 66.036258] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 66.041423] RIP: 0033:0x455379 [ 66.044590] RSP: 002b:00007f9d19bafc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 66.052285] RAX: ffffffffffffffda RBX: 00007f9d19bb06d4 RCX: 0000000000455379 [ 66.059540] RDX: 000000000000002e RSI: 00000000200000c0 RDI: 0000000000000013 [ 66.066791] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 66.074045] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 66.081293] R13: 00000000000006c1 R14: 00000000006fd2b8 R15: 0000000000000000 [ 66.088977] Dumping ftrace buffer: [ 66.092501] (ftrace buffer empty) [ 66.096184] Kernel Offset: disabled [ 66.099788] Rebooting in 86400 seconds..