INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.5' (ECDSA) to the list of known hosts. 2018/04/06 23:27:30 fuzzer started 2018/04/06 23:27:30 dialing manager at 10.128.0.26:38639 2018/04/06 23:27:36 kcov=true, comps=false 2018/04/06 23:27:39 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00000011c0)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000012000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) recvmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@generic, 0xfe9f, &(0x7f00000010c0)=[{&(0x7f00000000c0)=""/4096, 0xffe4}], 0x3b5, &(0x7f0000000000)=""/115, 0x73}, 0x0) sendmsg(r0, &(0x7f0000001980)={0x0, 0xcbbfefac993b8499, &(0x7f0000000080), 0x111}, 0x0) write$binfmt_elf32(r0, &(0x7f0000001100)=ANY=[@ANYBLOB="7f"], 0x1) 2018/04/06 23:27:39 executing program 2: ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(0xffffffffffffffff, 0x402c5342, &(0x7f00000000c0)) write$sndseq(0xffffffffffffffff, &(0x7f0000000000), 0x0) clock_gettime(0x0, &(0x7f0000000180)) mknodat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0, 0x10001) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f0000000080), 0xfffffffffffffd90, 0x20020003, &(0x7f0000385ff0)={0x2, 0x20000000004e21, @loopback=0x7f000001}, 0x10) recvfrom$inet(r0, &(0x7f0000000040)=""/149, 0xfffffffffffffef3, 0x100, 0x0, 0xfd69) 2018/04/06 23:27:39 executing program 7: r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f00004b3fff), 0xfeb0, 0x0, &(0x7f00002b4000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 2018/04/06 23:27:39 executing program 1: r0 = gettid() perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capset(&(0x7f00000011c0)={0x20080522, r0}, &(0x7f0000001200)) 2018/04/06 23:27:39 executing program 4: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x440000000000002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pselect6(0x40, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f0000000180)={&(0x7f0000000140)={0x1}, 0x8}) sendmmsg$unix(r0, &(0x7f0000000140), 0x144, 0x0) 2018/04/06 23:27:39 executing program 3: r0 = socket$inet6(0xa, 0x0, 0x0) r1 = add_key$user(&(0x7f0000000640)='user\x00', &(0x7f0000000680)={0x73, 0x79, 0x7a}, &(0x7f00000006c0)="a5e559741fa1946846dc5aadbdce07aa787806f725ed4c39f089f8a8803a4c841203076a35a79d42c632331dd8ac9631b7961d4735848468c5727e4f24eabf72a6748ecd60f19726a28740798caf908cd48bff8d5e0a6227a8764cb51abb17ea70289310", 0x64, 0xfffffffffffffffc) keyctl$describe(0x6, r1, &(0x7f00000007c0)=""/14, 0xe) getpid() r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) pwrite64(0xffffffffffffffff, &(0x7f0000000500)="e9051a4b4182fbe455093d7cad6def629cd000dd5588f130555a14050927662cb37858a7cb8f477d0c1ab29aacaf7fefbbb7b0921ae91ef71f9a5a5a12ad54751827c5001c30c49f71e83f91d6515f0e9eb7842936ca395395f913300374bc3e89d7d5", 0x63, 0x0) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000400)={'mangle\x00'}, &(0x7f0000000480)=0x54) connect$ax25(0xffffffffffffffff, &(0x7f0000000200)={0x3, {"5b23ab05f451d2"}, 0xe89c}, 0x10) 2018/04/06 23:27:39 executing program 5: r0 = memfd_create(&(0x7f000001cffb)='.\x00', 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick=0x7, {}, {}, @note={0x80, 0x0, 0x0, 0x0, 0x2}}], 0xffffffffffffffed) 2018/04/06 23:27:39 executing program 6: r0 = memfd_create(&(0x7f000001cffb)='.\x00', 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @note={0x80, 0x0, 0x0, 0x0, 0x2}}], 0xffffffffffffffed) syzkaller login: [ 41.980287] ip (3706) used greatest stack depth: 54688 bytes left [ 43.161925] ip (3818) used greatest stack depth: 54544 bytes left [ 43.241436] ip (3823) used greatest stack depth: 54088 bytes left [ 43.902933] ip (3890) used greatest stack depth: 53656 bytes left [ 45.302973] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.667689] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.248728] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.334672] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.422640] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.515657] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.685373] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.763514] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.264506] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.351206] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.961418] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.967728] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.982795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.020574] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.098696] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.104958] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.121669] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.304310] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.376659] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.450964] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.585815] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.759109] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.796871] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.803137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.813547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.047798] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.054162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.066762] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.255687] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.261971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.280487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.312082] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.321188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.341189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.391699] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.399854] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.418905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.513223] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.519561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.530222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/06 23:27:56 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00000011c0)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000012000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) recvmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@generic, 0xfe9f, &(0x7f00000010c0)=[{&(0x7f00000000c0)=""/4096, 0xffe4}], 0x3b5, &(0x7f0000000000)=""/115, 0x73}, 0x0) sendmsg(r0, &(0x7f0000001980)={0x0, 0xcbbfefac993b8499, &(0x7f0000000080), 0x111}, 0x0) write$binfmt_elf32(r0, &(0x7f0000001100)=ANY=[@ANYBLOB="7f"], 0x1) 2018/04/06 23:27:56 executing program 5: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) creat(&(0x7f0000000040)='./file1\x00', 0x0) unshare(0x40000000) 2018/04/06 23:27:56 executing program 7: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getgroups(0x1, &(0x7f0000000380)=[0x0]) geteuid() sendmsg$unix(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000340), 0x0, &(0x7f0000000400), 0x0, 0x20000000}, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) sendmmsg(r0, &(0x7f0000001e80)=[{{&(0x7f0000000000)=@in={0x2, 0x4e20}, 0x10, &(0x7f0000000080), 0x0, &(0x7f0000000080)}}, {{&(0x7f00000002c0)=@in={0x2, 0x4e20, @broadcast=0xffffffff}, 0x10, &(0x7f0000000600), 0x0, &(0x7f0000000040)=[{0x10, 0x0, 0x7}], 0x7f}}], 0x3fe, 0x0) 2018/04/06 23:27:56 executing program 1: recvfrom(0xffffffffffffffff, &(0x7f0000000280)=""/191, 0xbf, 0x0, &(0x7f0000000340)=@can={0x1d}, 0x80) r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x82) r1 = memfd_create(&(0x7f00000000c0)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x81006) sendfile(r0, r0, &(0x7f0000000080), 0x102000004) ioctl$LOOP_CLR_FD(r0, 0x4c01) 2018/04/06 23:27:56 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000002400)=ANY=[@ANYBLOB="6d616e676c6500000000000000000000000000000000000000ffffffe10000001f00000006000000b806000078030000d8040000000000003801000070020000e8050000e8050000e8050000e8050000e8050000060000009fd4bbb25794b23b92f10eb78c4756076fa5fab7afb78c680bb50e320a17b21a3092e9626fdc2e9b656e2459c68f5a8b57293c4c32366bd3c9cc55a5631827a16cbc3df06f51c158ae8a12b16132874430867ccda168a24a04a4807914f54a210d40b427d5b910b9558e2a05479ea988d347af8acea944867ad211207c267c77624d21b60dbad631cad0b77dc60b759391b55b76d45f06", @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f800380100000000000000000000000000000000000000000000000030007372680000000000000000000000000000000000000000000000000000005e000903b5000800080000000000000040005450524f58590000000000000000000000000000000000000000000000010000000001000000ac1414aa0000000000000000000000004e2300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000150000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f00038010000000000000000000000000000000000000000000000002800686c0000000000000000000000000000000000000000000000000000000002000000000000004800534e50540000000000000000000000000000000000000000000000000000ac1414bb00000000000000000000000000000000000000000000000000000000181f08000000000000000000000000000000ffffe0000001ff010000000000000000000000000001ffffffff00000000ffffffffff000000000000ff00000000ff000000000000006272696467653000000000000000000069666230000000000000000000000000000000000000000000ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001100030100000000000000000000000000000000c800080100000000000000000000000000000000000000000000000040004552524f520000000000000000000000000000000000000000000000000080a85af29d43ec7e8a3113221dc0aa021c67104d596836abfb01a23588b20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000004490ace105a7af742d000000000000000000000000000000000000000020016001000000000000000000000000000000000000000000000000280069636d7036000000000000000000000000000303ff00000000003000667261670000000000000000000000000000000000000000000000000000918b000000000000000001000102000040004c4f470000000000000000000000000000000000000000000000000000000711485429688a0258853c3ca2bbf19a8bd1963afd9c6a97eb1c222b4d0d6c86fe8000000000000000000000000000bb00000000000000000000000000000000ffffff00ffffffffff000000000000ffffffffff000000ffffffffff0000000073697430000000000000000000000000626f6e643000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bf00000304000000000000000000000000000000c800106dd98a34819ccde100000000000000000000000000000000004800444e50540000000000000000000000000000000000000000000000000000ac1414bb00f1ffffffffffffff000000ac1414aa00000000000000000000000008290700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d000000000000000000000000000000000000000000000000000280000000000000000000000000000000000000000000000000000000000006ea1dbe73a5c00feffffff00000082000000000000000000000000f30b60c667228f19"], 0x2) 2018/04/06 23:27:56 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) sendfile(r0, r1, &(0x7f000000a000), 0x420000000fee) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) 2018/04/06 23:27:56 executing program 3: r0 = socket$inet(0x2, 0xc000000000000005, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @rand_addr}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x101cd, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) 2018/04/06 23:27:56 executing program 4: r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x20000003) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xf}, 0x3}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0xf}}, 0x1c) 2018/04/06 23:27:56 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet(r0, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000003e00)={0x2, 0x4e23}, 0x10) sendto$inet(r0, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e399aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0201c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x51, &(0x7f0000e66000)={0x2, 0x0, @rand_addr}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='yeah\x00', 0x5) writev(r0, &(0x7f0000df9000)=[{&(0x7f0000354ff8)='\'', 0x1}], 0x1) 2018/04/06 23:27:56 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) pwritev(r2, &(0x7f0000000b40)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) r3 = open$dir(&(0x7f0000eb6000)='./file1\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000440)="ea15", 0x2}], 0x1, 0x0) r4 = dup(r3) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x2011, r4, 0x0) 2018/04/06 23:27:56 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) sendfile(r0, r1, &(0x7f000000a000), 0x420000000fee) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) 2018/04/06 23:27:56 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) sendfile(r0, r1, &(0x7f000000a000), 0x420000000fee) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) 2018/04/06 23:27:56 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000044ff8)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000240)=@abs, 0x8) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) recvmmsg(r0, &(0x7f0000551000)=[{{&(0x7f00009c4fa0)=@nfc_llcp, 0x60, &(0x7f0000a64ffb), 0x0, &(0x7f0000000180)=""/32, 0xffe8}}], 0x1, 0x0, &(0x7f000050fff0)={0x0, 0x1c9c380}) 2018/04/06 23:27:56 executing program 5: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) creat(&(0x7f0000000040)='./file1\x00', 0x0) unshare(0x40000000) 2018/04/06 23:27:56 executing program 0: setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000002340)=ANY=[@ANYBLOB="0900000002004e21ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006284ecfacd96f162e6ec3088a1660000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000201000000000000000000000000000800000002004e21ac1414bb0000000000000000000000000000000000a8bfb1e27e667f22af5c03c7130000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e240000000100000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e240000000500000000000000000000000000000d000000000000000000000000000085f1c2e6d4130649a4cf5d31b7f9b9d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e2000000c76000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eff3ffffff0000000000000000000000000000000000000000000002004e22e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22e0000002000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000e7f75b2f1573597e50e7579578c88600000000000000000000000000000f000000000000000000000000000000000000000000000000000000000000000000000000000000000000020b4e21ac140eaa000000000000000000000000000000000000000000000000000000000000000000000000000032974b4d9c4fdc9500000000000000000000000000000000000000000000000000000071cd1a89771c081000000000000000001f00000000000000000000000000000000000000000000000000000000000002004e207f000001000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000ffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d5b0c673000000000000000000eef40fd963291fa5dc861fa6bae0c1128334d4b0ad519028951c4dd03cb23a6087636d599abdfd"], 0x1) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000440)={0x0, @in6={{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}, 0x5}, &(0x7f0000000280)=0x98) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0) write$sndseq(r0, &(0x7f00000003c0)=[{}], 0xffffff1a) 2018/04/06 23:27:56 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) pwritev(r2, &(0x7f0000000b40)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) r3 = open$dir(&(0x7f0000eb6000)='./file1\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000440)="ea15", 0x2}], 0x1, 0x0) r4 = dup(r3) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x2011, r4, 0x0) 2018/04/06 23:27:57 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) pwritev(r2, &(0x7f0000000b40)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) r3 = open$dir(&(0x7f0000eb6000)='./file1\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000440)="ea15", 0x2}], 0x1, 0x0) r4 = dup(r3) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x2011, r4, 0x0) 2018/04/06 23:27:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000480)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x0) perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x0) faccessat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x142, 0x1500) 2018/04/06 23:27:57 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) sendfile(r0, r1, &(0x7f000000a000), 0x420000000fee) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) 2018/04/06 23:27:57 executing program 0: r0 = add_key$keyring(&(0x7f0000000900)='keyring\x00', &(0x7f0000000940)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000b00)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, r0) add_key$keyring(&(0x7f0000000bc0)='keyring\x00', &(0x7f0000000b80)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, r1) 2018/04/06 23:27:57 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) pwritev(r2, &(0x7f0000000b40)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) r3 = open$dir(&(0x7f0000eb6000)='./file1\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000440)="ea15", 0x2}], 0x1, 0x0) r4 = dup(r3) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x2011, r4, 0x0) 2018/04/06 23:27:57 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000440)={0x0, 0x2}, 0x10) listen(r0, 0x43) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendto$inet6(r1, &(0x7f0000000000)='p', 0x1, 0x0, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000da8ffc), 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa}}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x98) 2018/04/06 23:27:57 executing program 4: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x7, &(0x7f000058a000)) rt_sigtimedwait(&(0x7f0000000000)={0x8d9}, &(0x7f0000000040), &(0x7f0000000080)={0x77359400}, 0x8) 2018/04/06 23:27:57 executing program 3: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={0xffffffffffffffff, &(0x7f00000000c0)="b8228339b28e7b8de711539c49d2f5916ae2fdc24e95e12a164b08121bada1e09cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x103}, 0x300) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet_icmp_raw(0xf, 0x930000, 0x1, &(0x7f0000000180)) 2018/04/06 23:27:57 executing program 5: r0 = socket(0x15, 0x80005, 0x0) getsockopt(r0, 0x114, 0x2713, &(0x7f00000000c0)=""/13, &(0x7f000033bffc)=0xd) 2018/04/06 23:27:58 executing program 0: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0xf1}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet_icmp_raw(0x400000, 0x3, 0x1, &(0x7f0000000300)) 2018/04/06 23:27:58 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) sendfile(r0, r1, &(0x7f000000a000), 0x420000000fee) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) 2018/04/06 23:27:58 executing program 4: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x13d}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0xffffffffffffff11, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet_icmp_raw(0x4, 0x730000, 0x730008, &(0x7f0000000300)) 2018/04/06 23:27:58 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) pwritev(r2, &(0x7f0000000b40)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) r3 = open$dir(&(0x7f0000eb6000)='./file1\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000440)="ea15", 0x2}], 0x1, 0x0) r4 = dup(r3) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x2011, r4, 0x0) 2018/04/06 23:27:58 executing program 5: r0 = socket(0x15, 0x80005, 0x0) getsockopt(r0, 0x114, 0x2713, &(0x7f00000000c0)=""/13, &(0x7f000033bffc)=0xd) 2018/04/06 23:27:58 executing program 2: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x13d}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0xffffffffffffff11, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f00000001c0)) 2018/04/06 23:27:58 executing program 3: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0xf1}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet_icmp_raw(0x730000, 0x3, 0x1, &(0x7f0000000300)) 2018/04/06 23:27:58 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) 2018/04/06 23:27:58 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) pwritev(r2, &(0x7f0000000b40)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) r3 = open$dir(&(0x7f0000eb6000)='./file1\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000440)="ea15", 0x2}], 0x1, 0x0) dup(r3) 2018/04/06 23:27:58 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000440)={0x0, 0x2}, 0x10) listen(r0, 0x43) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendto$inet6(r1, &(0x7f0000000000)='p', 0x1, 0x0, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000da8ffc), 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa}}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x98) 2018/04/06 23:27:58 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) connect$inet(r0, &(0x7f0000593000)={0x2, 0x0, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x34e, 0x0, 0x0, 0xfffffffffffffeae) 2018/04/06 23:27:58 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) bind$inet6(r1, &(0x7f000012afe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) accept$inet6(r1, 0x0, &(0x7f0000000040)) sendto$inet6(r0, &(0x7f0000eb9fff), 0xffffff31, 0x20000003, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) 2018/04/06 23:27:58 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) 2018/04/06 23:27:58 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) connect$inet(r0, &(0x7f0000593000)={0x2, 0x0, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x34e, 0x0, 0x0, 0xfffffffffffffeae) 2018/04/06 23:27:58 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000440)={0x0, 0x2}, 0x10) listen(r0, 0x43) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendto$inet6(r1, &(0x7f0000000000)='p', 0x1, 0x0, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000da8ffc), 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa}}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x98) 2018/04/06 23:27:58 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000a00)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) r2 = dup3(r1, r0, 0x0) pwritev(r2, &(0x7f0000000b40)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) open$dir(&(0x7f0000eb6000)='./file1\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000440)="ea15", 0x2}], 0x1, 0x0) 2018/04/06 23:27:58 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000440)={0x0, 0x2}, 0x10) listen(r0, 0x43) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendto$inet6(r1, &(0x7f0000000000)='p', 0x1, 0x0, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000da8ffc), 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa}}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x98) 2018/04/06 23:27:58 executing program 2: syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000001780)) 2018/04/06 23:27:58 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) [ 59.995206] ================================================================== [ 60.002639] BUG: KMSAN: uninit-value in __kmalloc_node_track_caller+0x843/0x11c0 [ 60.010182] CPU: 1 PID: 5214 Comm: syz-executor3 Not tainted 4.16.0+ #81 [ 60.017014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.026370] Call Trace: [ 60.028964] dump_stack+0x185/0x1d0 [ 60.032603] ? __kmalloc_node_track_caller+0x843/0x11c0 [ 60.037969] kmsan_report+0x142/0x240 2018/04/06 23:27:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000f88)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000040)) [ 60.041773] __msan_warning_32+0x6c/0xb0 [ 60.045839] __kmalloc_node_track_caller+0x843/0x11c0 [ 60.051031] ? sctp_packet_transmit+0x48a/0x42e0 [ 60.055795] __alloc_skb+0x2cf/0x9f0 [ 60.059507] ? sctp_packet_transmit+0x48a/0x42e0 [ 60.064266] sctp_packet_transmit+0x48a/0x42e0 [ 60.068860] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 60.074321] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 60.079688] ? __list_del_entry_valid+0x123/0x440 [ 60.084535] sctp_outq_flush+0x1a7a/0x6320 [ 60.088778] ? kmsan_set_origin+0x9e/0x160 [ 60.093019] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 60.098399] sctp_outq_uncork+0xd2/0xf0 [ 60.102383] sctp_do_sm+0x84ba/0x8c20 [ 60.106192] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 60.111556] ? update_load_avg+0x218c/0x2c20 [ 60.115970] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 60.121347] sctp_assoc_bh_rcv+0x6cd/0xab0 [ 60.125589] ? sctp_assoc_lookup_asconf_ack+0x2a0/0x2a0 [ 60.130959] sctp_inq_push+0x30b/0x450 [ 60.134848] sctp_backlog_rcv+0x250/0xb10 [ 60.139003] ? sctp_rcv+0x4c90/0x4c90 [ 60.142806] __release_sock+0x2d6/0x680 [ 60.146785] release_sock+0x97/0x2a0 [ 60.150504] sctp_wait_for_connect+0x3b5/0x7d0 [ 60.155108] ? init_wait_entry+0x1a0/0x1a0 [ 60.159353] sctp_sendmsg+0x5fdd/0x6020 [ 60.163332] ? __local_bh_enable_ip+0x3b/0x140 [ 60.167916] ? local_bh_enable+0x36/0x40 [ 60.172002] ? sctp_getsockopt+0x145b0/0x145b0 [ 60.176587] inet_sendmsg+0x48d/0x740 [ 60.180393] ? inet_getname+0x500/0x500 [ 60.184374] SYSC_sendto+0x6c3/0x7e0 [ 60.188118] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 60.193572] ? prepare_exit_to_usermode+0x149/0x3a0 [ 60.198600] SyS_sendto+0x8a/0xb0 [ 60.202054] do_syscall_64+0x309/0x430 [ 60.205951] ? SYSC_getpeername+0x560/0x560 [ 60.210274] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 60.215458] RIP: 0033:0x455259 [ 60.218641] RSP: 002b:00007f2059de9c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 60.226349] RAX: ffffffffffffffda RBX: 00007f2059dea6d4 RCX: 0000000000455259 [ 60.233614] RDX: 0000000000000001 RSI: 000000002087dffe RDI: 0000000000000014 [ 60.240879] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c [ 60.248146] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 60.255424] R13: 00000000000004f8 R14: 00000000006fa7e0 R15: 0000000000000000 [ 60.262693] [ 60.264313] Uninit was created at: [ 60.267865] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 60.272974] kmsan_kmalloc+0x94/0x100 [ 60.276781] kmsan_slab_alloc+0x11/0x20 [ 60.280754] __kmalloc_node_track_caller+0xaed/0x11c0 [ 60.285947] __alloc_skb+0x2cf/0x9f0 [ 60.289662] sctp_packet_transmit+0x48a/0x42e0 [ 60.294246] sctp_outq_flush+0x1a7a/0x6320 [ 60.298485] sctp_outq_uncork+0xd2/0xf0 [ 60.302463] sctp_do_sm+0x860f/0x8c20 [ 60.306268] sctp_generate_heartbeat_event+0x3cf/0x5c0 [ 60.311546] call_timer_fn+0x26a/0x5a0 [ 60.315439] __run_timers+0xda7/0x11c0 [ 60.319325] run_timer_softirq+0x43/0x70 [ 60.323393] __do_softirq+0x56d/0x93d [ 60.327195] ================================================================== [ 60.334542] Disabling lock debugging due to kernel taint [ 60.339984] Kernel panic - not syncing: panic_on_warn set ... [ 60.339984] [ 60.347353] CPU: 1 PID: 5214 Comm: syz-executor3 Tainted: G B 4.16.0+ #81 [ 60.355485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.364833] Call Trace: [ 60.367428] dump_stack+0x185/0x1d0 [ 60.371059] panic+0x39d/0x940 [ 60.374278] ? __kmalloc_node_track_caller+0x843/0x11c0 [ 60.379643] kmsan_report+0x238/0x240 [ 60.383449] __msan_warning_32+0x6c/0xb0 [ 60.387516] __kmalloc_node_track_caller+0x843/0x11c0 [ 60.392711] ? sctp_packet_transmit+0x48a/0x42e0 [ 60.397479] __alloc_skb+0x2cf/0x9f0 [ 60.401200] ? sctp_packet_transmit+0x48a/0x42e0 [ 60.405962] sctp_packet_transmit+0x48a/0x42e0 [ 60.410555] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 60.416019] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 60.421392] ? __list_del_entry_valid+0x123/0x440 [ 60.426222] sctp_outq_flush+0x1a7a/0x6320 [ 60.430448] ? kmsan_set_origin+0x9e/0x160 [ 60.434677] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 60.440049] sctp_outq_uncork+0xd2/0xf0 [ 60.444024] sctp_do_sm+0x84ba/0x8c20 [ 60.447813] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 60.453153] ? update_load_avg+0x218c/0x2c20 [ 60.457551] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 60.462913] sctp_assoc_bh_rcv+0x6cd/0xab0 [ 60.467147] ? sctp_assoc_lookup_asconf_ack+0x2a0/0x2a0 [ 60.472491] sctp_inq_push+0x30b/0x450 [ 60.476365] sctp_backlog_rcv+0x250/0xb10 [ 60.480492] ? sctp_rcv+0x4c90/0x4c90 [ 60.484271] __release_sock+0x2d6/0x680 [ 60.488228] release_sock+0x97/0x2a0 [ 60.491931] sctp_wait_for_connect+0x3b5/0x7d0 [ 60.496511] ? init_wait_entry+0x1a0/0x1a0 [ 60.500755] sctp_sendmsg+0x5fdd/0x6020 [ 60.504722] ? __local_bh_enable_ip+0x3b/0x140 [ 60.509286] ? local_bh_enable+0x36/0x40 [ 60.513333] ? sctp_getsockopt+0x145b0/0x145b0 [ 60.517907] inet_sendmsg+0x48d/0x740 [ 60.521687] ? inet_getname+0x500/0x500 [ 60.525650] SYSC_sendto+0x6c3/0x7e0 [ 60.529345] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 60.534786] ? prepare_exit_to_usermode+0x149/0x3a0 [ 60.539798] SyS_sendto+0x8a/0xb0 [ 60.543234] do_syscall_64+0x309/0x430 [ 60.547102] ? SYSC_getpeername+0x560/0x560 [ 60.551418] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 60.556585] RIP: 0033:0x455259 [ 60.559752] RSP: 002b:00007f2059de9c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 60.567439] RAX: ffffffffffffffda RBX: 00007f2059dea6d4 RCX: 0000000000455259 [ 60.574699] RDX: 0000000000000001 RSI: 000000002087dffe RDI: 0000000000000014 [ 60.581952] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c [ 60.589208] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 60.596467] R13: 00000000000004f8 R14: 00000000006fa7e0 R15: 0000000000000000 [ 60.604216] Dumping ftrace buffer: [ 60.607739] (ftrace buffer empty) [ 60.611421] Kernel Offset: disabled [ 60.615024] Rebooting in 86400 seconds..