INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.57' (ECDSA) to the list of known hosts. 2018/04/09 20:53:28 fuzzer started 2018/04/09 20:53:28 dialing manager at 10.128.0.26:36427 2018/04/09 20:53:35 kcov=true, comps=false 2018/04/09 20:53:39 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) perf_event_open(&(0x7f0000000f88)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xd25000)=nil, 0xd25000, 0x0, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_udp_int(r1, 0x11, 0x0, &(0x7f0000000480), 0x4) 2018/04/09 20:53:39 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00007a0000)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000616ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x6e, &(0x7f00006c6ff0), 0x0, &(0x7f00009dffb8)=ANY=[@ANYBLOB="1800000001000010781fdf7c"], 0xc}, 0x0) sendmsg$unix(r2, &(0x7f0000e4ffc8)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0xa, &(0x7f0000000140), 0x0, &(0x7f000053c000)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) close(r1) close(r0) 2018/04/09 20:53:39 executing program 7: r0 = socket$inet(0x2, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) mmap(&(0x7f0000000000/0xd25000)=nil, 0xd25000, 0x0, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000040)="bf", 0x1) 2018/04/09 20:53:39 executing program 2: ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000700)={{0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x0, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, 'rose0\x00'}) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000540)) prctl$intptr(0x800000004, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000ff0)='fdinfo\x00') perf_event_open(&(0x7f0000271000)={0x2, 0x70, 0x49, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents64(r0, &(0x7f0000000200)=""/74, 0x4a) 2018/04/09 20:53:39 executing program 3: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x1b, &(0x7f0000000440), &(0x7f00000004c0)=""/27, 0x800, 0x6}, 0x28) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000380)={{0x0, @multicast1=0xe0000001, 0x0, 0x0, 'fo\x00', 0x1}, {@local={0xac, 0x14, 0x14, 0xaa}, 0x0, 0x3, 0x9, 0x100}}, 0x44) socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f00000000c0)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) socket$netlink(0x10, 0x3, 0x0) sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffbb, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f000008affd)='nv\x00', 0x39d) sendto$packet(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x1) 2018/04/09 20:53:39 executing program 5: r0 = socket$inet(0x2, 0x3, 0x2) connect$inet(0xffffffffffffffff, &(0x7f0000002000)={0x2, 0x0, @multicast2=0xe0000002}, 0x10) setsockopt$inet_int(r0, 0x0, 0xd3, &(0x7f0000002000), 0x3c) 2018/04/09 20:53:39 executing program 6: perf_event_open(&(0x7f000025c000)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='selinuxfs\x00', 0x1000, &(0x7f0000000100)) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='minix\x00', 0x10020, &(0x7f0000000240)) 2018/04/09 20:53:39 executing program 4: msgget(0x1, 0x0) syzkaller login: [ 48.393733] ip (3815) used greatest stack depth: 54312 bytes left [ 49.718663] ip (3921) used greatest stack depth: 53960 bytes left [ 51.836616] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.884377] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.126132] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.287629] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.301521] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.311778] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.364513] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.520240] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 62.545989] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 62.637492] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 62.650016] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 62.995245] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 63.073839] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 63.084386] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 63.183533] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 63.202457] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 63.422380] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 63.428761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.448831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.567372] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 63.573708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.582111] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.617662] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 63.624193] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.635632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.881535] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 63.887888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.903497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.954212] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 63.963142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.002129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.040996] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 64.047328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.069750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.147676] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 64.154193] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.166816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.197589] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 64.214560] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.235903] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/09 20:53:59 executing program 7: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x2, 0x0) recvmsg$kcm(r0, &(0x7f0000001580)={&(0x7f00000001c0)=@hci, 0x80, &(0x7f0000001400), 0x0, &(0x7f0000001480)=""/208, 0xd0}, 0x12042) 2018/04/09 20:53:59 executing program 0: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet_icmp(0x13, 0x308, 0x6f2000, &(0x7f00000003c0)) 2018/04/09 20:53:59 executing program 4: 2018/04/09 20:53:59 executing program 7: mkdir(&(0x7f0000000080)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time}], 0x1c) unlink(&(0x7f00000000c0)='./control/file0\x00') chown(&(0x7f0000000200)='./control/file0\x00', 0x0, 0x0) close(r0) 2018/04/09 20:53:59 executing program 2: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') rename(&(0x7f0000000200)='./control/file0\x00', &(0x7f0000000240)='./control/file0\x00') close(r0) 2018/04/09 20:53:59 executing program 5: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet_icmp(0x13, 0x4c02, 0x6f2000, &(0x7f00000003c0)) 2018/04/09 20:53:59 executing program 6: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x1000002, 0x11, r1, 0x0) madvise(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x9) 2018/04/09 20:53:59 executing program 3: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x1b, &(0x7f0000000440), &(0x7f00000004c0)=""/27, 0x800, 0x6}, 0x28) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000380)={{0x0, @multicast1=0xe0000001, 0x0, 0x0, 'fo\x00', 0x1}, {@local={0xac, 0x14, 0x14, 0xaa}, 0x0, 0x3, 0x9, 0x100}}, 0x44) socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f00000000c0)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) socket$netlink(0x10, 0x3, 0x0) sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffbb, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f000008affd)='nv\x00', 0x39d) sendto$packet(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x1) 2018/04/09 20:53:59 executing program 1: request_key(&(0x7f0000000300)='dns_resolver\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a}, &(0x7f0000000380)='/dev/mixer\x00', 0xfffffffffffffffc) 2018/04/09 20:53:59 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000980)='bcsf0\x00') ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000000)='bcsf0\x00') 2018/04/09 20:53:59 executing program 6: 2018/04/09 20:54:00 executing program 1: 2018/04/09 20:54:00 executing program 5: 2018/04/09 20:54:00 executing program 0: 2018/04/09 20:54:00 executing program 3: 2018/04/09 20:54:00 executing program 6: 2018/04/09 20:54:00 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000980)='bcsf0\x00') ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000000)='bcsf0\x00') 2018/04/09 20:54:00 executing program 7: 2018/04/09 20:54:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000980)='bcsf0\x00') ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000000)='bcsf0\x00') 2018/04/09 20:54:00 executing program 6: 2018/04/09 20:54:00 executing program 0: 2018/04/09 20:54:00 executing program 5: 2018/04/09 20:54:00 executing program 1: 2018/04/09 20:54:00 executing program 7: 2018/04/09 20:54:00 executing program 3: 2018/04/09 20:54:00 executing program 4: 2018/04/09 20:54:00 executing program 5: 2018/04/09 20:54:00 executing program 2: 2018/04/09 20:54:01 executing program 7: 2018/04/09 20:54:01 executing program 0: 2018/04/09 20:54:01 executing program 3: 2018/04/09 20:54:01 executing program 1: 2018/04/09 20:54:01 executing program 7: 2018/04/09 20:54:01 executing program 0: 2018/04/09 20:54:01 executing program 2: 2018/04/09 20:54:01 executing program 5: 2018/04/09 20:54:01 executing program 4: 2018/04/09 20:54:01 executing program 6: 2018/04/09 20:54:01 executing program 6: 2018/04/09 20:54:01 executing program 1: 2018/04/09 20:54:01 executing program 4: 2018/04/09 20:54:01 executing program 2: 2018/04/09 20:54:01 executing program 5: 2018/04/09 20:54:01 executing program 3: 2018/04/09 20:54:01 executing program 7: 2018/04/09 20:54:01 executing program 0: 2018/04/09 20:54:01 executing program 6: 2018/04/09 20:54:01 executing program 5: 2018/04/09 20:54:01 executing program 4: 2018/04/09 20:54:01 executing program 1: 2018/04/09 20:54:01 executing program 2: 2018/04/09 20:54:01 executing program 3: 2018/04/09 20:54:01 executing program 7: 2018/04/09 20:54:01 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000707ff0)={0x0, 0x10, &(0x7f0000f3eff0)=[@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}]}, &(0x7f000045c000)=0x10) shutdown(r0, 0x2000000000000002) 2018/04/09 20:54:01 executing program 5: 2018/04/09 20:54:01 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000000100), 0x0, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/04/09 20:54:02 executing program 7: 2018/04/09 20:54:02 executing program 3: 2018/04/09 20:54:02 executing program 1: 2018/04/09 20:54:02 executing program 2: 2018/04/09 20:54:02 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f000053d000)=0x4) sendto$inet6(r0, &(0x7f0000eb9fff), 0xfffffd65, 0x20000004, &(0x7f000031e000)={0xa}, 0x1c) 2018/04/09 20:54:02 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00004c6f8b)="6d6f756e74696e666f004388f750c83d14c4a3a9ac1488a477660ae763891738ac656bb3e891941f02f1265047502f6c2dd9f655ef7131eabf3110d638f0d2e6a49a2bc4a08d63e2da7af47e6c37972352875f125bcf3ea7f04b7b505b6a06beedb2a86e30a86bc0d37a6438b99a45ea22b1f4fb05") mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x81a, &(0x7f00000001c0)="2750e35d428fe823843c88fa1acabc76c8776e7874d1d0") mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f00000000c0)='bdev\x00', 0x100000, &(0x7f00000002c0)) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000000040)='ubifs\x00', 0x1004, 0x0) mount(&(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)='.', &(0x7f0000000140)='vxfs\x00', 0x8003080, &(0x7f0000000240)) mount(&(0x7f0000000000)='.', &(0x7f0000000100)='.', &(0x7f0000753000)='mslos\x00', 0x500f, &(0x7f0000000340)) mount(&(0x7f000000a000)='.', &(0x7f0000852000)='.', &(0x7f0000a60000)='ramfs\x00', 0x0, &(0x7f0000d1cfff)="d6") preadv(r0, &(0x7f00000023c0)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, 0x0) 2018/04/09 20:54:02 executing program 6: gettid() socket$kcm(0x29, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x400000000000000a, 0x1d7, 0x7fff, 0x100000043}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000700), 0x2c) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000000400)) perf_event_open(&(0x7f0000000500)={0x0, 0x70, 0x0, 0x7, 0x0, 0xffffffff, 0x0, 0x1, 0x0, 0x0, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x7, 0x0, 0x0, 0x5, 0xd9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x400, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000780)) mkdir(&(0x7f00000006c0)='./file1\x00', 0x88) perf_event_open(&(0x7f000000a000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/09 20:54:02 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r0) socket$kcm(0xa, 0x3, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x2e, &(0x7f0000000180), 0x127) 2018/04/09 20:54:03 executing program 7: modify_ldt$write(0x1, &(0x7f0000d03ff0), 0x10) clone(0x0, &(0x7f0000000040), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000000140)) 2018/04/09 20:54:03 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='ceph\x00', 0x0, 0x0) 2018/04/09 20:54:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r0) socket$kcm(0xa, 0x3, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x14, &(0x7f0000000180), 0x127) 2018/04/09 20:54:03 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r0) socket$kcm(0xa, 0x3, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x14, &(0x7f0000000180), 0x127) 2018/04/09 20:54:03 executing program 6: r0 = socket$inet(0x2, 0x2, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f000088f000)="86", 0x1) 2018/04/09 20:54:03 executing program 3: r0 = socket$inet(0x15, 0x5, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @broadcast=0xffffffff}, 0x10) sendmsg(r0, &(0x7f0000000200)={0x0, 0x214, &(0x7f0000000080)}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 2018/04/09 20:54:03 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00004c6f8b)="6d6f756e74696e666f004388f750c83d14c4a3a9ac1488a477660ae763891738ac656bb3e891941f02f1265047502f6c2dd9f655ef7131eabf3110d638f0d2e6a49a2bc4a08d63e2da7af47e6c37972352875f125bcf3ea7f04b7b505b6a06beedb2a86e30a86bc0d37a6438b99a45ea22b1f4fb05") mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x81a, &(0x7f00000001c0)="2750e35d428fe823843c88fa1acabc76c8776e7874d1d0") mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f00000000c0)='bdev\x00', 0x100000, &(0x7f00000002c0)) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000000040)='ubifs\x00', 0x1004, 0x0) mount(&(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)='.', &(0x7f0000000140)='vxfs\x00', 0x8003080, &(0x7f0000000240)) mount(&(0x7f0000000000)='.', &(0x7f0000000100)='.', &(0x7f0000753000)='mslos\x00', 0x500f, &(0x7f0000000340)) mount(&(0x7f000000a000)='.', &(0x7f0000852000)='.', &(0x7f0000a60000)='ramfs\x00', 0x0, &(0x7f0000d1cfff)="d6") preadv(r0, &(0x7f00000023c0)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, 0x0) 2018/04/09 20:54:03 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000707ff0)={0x0, 0x10, &(0x7f0000f3eff0)=[@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}]}, &(0x7f000045c000)=0x10) shutdown(r0, 0x2000000000000002) 2018/04/09 20:54:03 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r0) socket$kcm(0xa, 0x3, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x14, &(0x7f0000000180), 0x127) 2018/04/09 20:54:03 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000780)='/dev/loop#\x00', 0xfffffffffffffffe, 0x0) fdatasync(r0) 2018/04/09 20:54:03 executing program 7: modify_ldt$write(0x1, &(0x7f0000d03ff0), 0x10) clone(0x0, &(0x7f0000000040), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000000140)) 2018/04/09 20:54:03 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000780)='/dev/loop#\x00', 0xfffffffffffffffe, 0x0) fdatasync(r0) 2018/04/09 20:54:03 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='ceph\x00', 0x0, 0x0) 2018/04/09 20:54:04 executing program 4: syslog(0x3, &(0x7f0000000300)=""/168, 0xa8) 2018/04/09 20:54:04 executing program 6: sched_setparam(0x0, &(0x7f0000000180)) 2018/04/09 20:54:04 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000780)='/dev/loop#\x00', 0xfffffffffffffffe, 0x0) fdatasync(r0) 2018/04/09 20:54:04 executing program 0: mkdir(&(0x7f0000000280)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f", 0x0) creat(&(0x7f0000000040)='./control\x00', 0x0) rename(&(0x7f0000000340)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f", &(0x7f00000003c0)='./control\x00') 2018/04/09 20:54:04 executing program 7: msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000240)=""/130) 2018/04/09 20:54:04 executing program 5: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f00000004c0)={0x10, 0xfffffff0}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=@getaddr={0x14, 0x16}, 0x14}, 0x1}, 0x0) mincore(&(0x7f0000002000/0xf000)=nil, 0xf000, &(0x7f0000000500)=""/4096) 2018/04/09 20:54:04 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_udp_int(r1, 0x11, 0x64, &(0x7f0000000000), 0x4) 2018/04/09 20:54:04 executing program 2: mlock2(&(0x7f0000007000/0x2000)=nil, 0x2000, 0x1) mlock2(&(0x7f0000006000/0x2000)=nil, 0x2000, 0x0) 2018/04/09 20:54:04 executing program 2: r0 = socket(0x10, 0x400000000003, 0x0) write(r0, &(0x7f0000000140)="170000001a001bed0000132100f404fffffd9872eff0cf", 0x17) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000003ec0)=[{&(0x7f0000002e40)=""/80, 0x50}, {&(0x7f0000002ec0)=""/4096, 0x1000}], 0x2, &(0x7f0000003f00)=""/14, 0xe}}, {{&(0x7f0000004b00)=@can, 0x80, &(0x7f0000005000), 0x0, &(0x7f0000005080)=""/188, 0xbc}}], 0x2, 0x0, &(0x7f0000000000)={0x0, r1+10000000}) 2018/04/09 20:54:04 executing program 6: r0 = syz_open_dev$loop(&(0x7f0000000440)='/dev/loop#\x00', 0x0, 0x1) r1 = memfd_create(&(0x7f0000000240)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f00001f2000)="aa", 0x1}], 0x1, 0x0) sendfile(r0, r1, &(0x7f00000ddff8), 0x102000001) 2018/04/09 20:54:04 executing program 7: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet(r0, &(0x7f0000103fa0)="88", 0x1, 0x0, &(0x7f0000ab9000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f0000000200)={0x0, r1+30000000}, &(0x7f0000000240), 0x8) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000294ff5)={0x0, 0x0, 0x0, 0x3}, 0xb) shutdown(r0, 0x1) 2018/04/09 20:54:04 executing program 1: r0 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"d202b999cf85000000000088f301e710", 0x102}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000180)={0x1d4, &(0x7f0000000080)}) 2018/04/09 20:54:04 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffbb, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) r1 = dup3(r0, r0, 0x80000) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000000)=0x1) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='nv\x00', 0x3) socket(0x0, 0x0, 0x0) shutdown(r0, 0x1) 2018/04/09 20:54:04 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) 2018/04/09 20:54:04 executing program 5: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000080)) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'}) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000c45ff8)={0xffffffffffffffff, 0xffffffffffffffff}) getrandom(&(0x7f0000000080)=""/133, 0xfffffffffffffd07, 0x0) read(r2, &(0x7f0000d48000)=""/1, 0x1) ioctl$int_in(r1, 0x5452, &(0x7f0000000140)=0x3f) fcntl$setown(r1, 0x8, r0) fcntl$setsig(r1, 0xa, 0x12) dup2(r1, r2) tkill(r0, 0x14) 2018/04/09 20:54:04 executing program 4: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000080)) pipe(&(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'}) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000c45ff8)={0xffffffffffffffff, 0xffffffffffffffff}) getrandom(&(0x7f0000000080)=""/133, 0xfffffffffffffd07, 0x0) read(r2, &(0x7f0000d48000)=""/1, 0x1) ioctl$int_in(r1, 0x5452, &(0x7f0000000140)=0x3f) fcntl$setown(r1, 0x8, r0) fcntl$setsig(r1, 0xa, 0x12) dup2(r1, r2) tkill(r0, 0x14) 2018/04/09 20:54:04 executing program 2: r0 = socket(0x10, 0x400000000003, 0x0) write(r0, &(0x7f0000000140)="170000001a001bed0000132100f404fffffd9872eff0cf", 0x17) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000003ec0)=[{&(0x7f0000002e40)=""/80, 0x50}, {&(0x7f0000002ec0)=""/4096, 0x1000}], 0x2, &(0x7f0000003f00)=""/14, 0xe}}, {{&(0x7f0000004b00)=@can, 0x80, &(0x7f0000005000), 0x0, &(0x7f0000005080)=""/188, 0xbc}}], 0x2, 0x0, &(0x7f0000000000)={0x0, r1+10000000}) 2018/04/09 20:54:04 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f000000b000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c01000010002107000000000000000000000000000000000000000000000000fe80000000000000000000000000000000000000000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004c001400736861310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffef00000000"], 0x3}, 0x1}, 0x0) 2018/04/09 20:54:04 executing program 6: r0 = socket$packet(0x11, 0x800000000002, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000ff0ffc)=0x8000000000004, 0x9c) sendto$inet(r1, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr}, 0x10) [ 71.032079] IPv4: Oversized IP packet from 127.0.0.1 [ 71.059735] IPv4: Oversized IP packet from 127.0.0.1 2018/04/09 20:54:05 executing program 4: r0 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0) write(r0, &(0x7f0000000080)="f0", 0x1) sendfile(r0, r0, &(0x7f0000000200), 0xfec) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) ppoll(&(0x7f0000000380), 0x0, &(0x7f00000003c0), &(0x7f0000000400), 0x8) 2018/04/09 20:54:05 executing program 3: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000080)) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000180)={0x0, 0xb3, 0x1000, 'queue1\x00', 0x4}) ioctl$KDDISABIO(r0, 0x4b37) r1 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000c45ff8)={0xffffffffffffffff, 0xffffffffffffffff}) getrandom(&(0x7f0000000080)=""/133, 0xfffffffffffffd07, 0x0) read(r3, &(0x7f0000d48000)=""/1, 0x1) ioctl$int_in(r2, 0x5452, &(0x7f0000000140)=0x3f) fcntl$setown(r2, 0x8, r1) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) tkill(r1, 0x14) 2018/04/09 20:54:05 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f00000002c0)) 2018/04/09 20:54:05 executing program 2: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000080)) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000180)={0x0, 0xb3, 0x1000, 'queue1\x00', 0x4}) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000c45ff8)={0xffffffffffffffff, 0xffffffffffffffff}) getrandom(&(0x7f0000000080)=""/133, 0xfffffffffffffd07, 0x0) read(r2, &(0x7f0000d48000)=""/1, 0x1) ioctl$int_in(r1, 0x5452, &(0x7f0000000140)=0x3f) fcntl$setown(r1, 0x8, r0) fcntl$setsig(r1, 0xa, 0x12) dup2(r1, r2) tkill(r0, 0x14) 2018/04/09 20:54:05 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f5ffe0)={@dev={0xfe, 0x80}, 0x400, 0x0, 0x3, 0x1}, 0x20) 2018/04/09 20:54:05 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffbb, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) r1 = dup3(r0, r0, 0x80000) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000000)=0x1) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='nv\x00', 0x3) socket(0x0, 0x0, 0x0) shutdown(r0, 0x1) 2018/04/09 20:54:05 executing program 7: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x200000000000002, &(0x7f0000690ffc)=0x77, 0xfc) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000f53fff), 0xfffffffffffffc64, 0x20000802, &(0x7f000006d000)={0x2, 0x4e23}, 0x10) recvmsg(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000000)=""/4096, 0x1000}], 0x1, &(0x7f0000001040)=""/229, 0xe5}, 0x2) 2018/04/09 20:54:05 executing program 5: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000080)) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'}) r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000c45ff8)={0xffffffffffffffff, 0xffffffffffffffff}) getrandom(&(0x7f0000000080)=""/133, 0xfffffffffffffd07, 0x0) read(r2, &(0x7f0000d48000)=""/1, 0x1) ioctl$int_in(r1, 0x5452, &(0x7f0000000140)=0x3f) fcntl$setown(r1, 0x8, r0) fcntl$setsig(r1, 0xa, 0x12) dup2(r1, r2) tkill(r0, 0x14) 2018/04/09 20:54:05 executing program 6: mq_open(&(0x7f0000000000)='-$\x00', 0x0, 0x0, &(0x7f0000664fc0)) mq_timedsend(0xffffffffffffffff, &(0x7f00009b2000), 0x0, 0x0, &(0x7f000006dff0)) mq_open(&(0x7f0000000240)='-$\x00', 0x3, 0x0, &(0x7f00000002c0)) 2018/04/09 20:54:05 executing program 1: sync() getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={0x0, 0x5}, &(0x7f00000001c0)=0x8) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000000)) 2018/04/09 20:54:06 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_mreqsrc(r0, 0x0, 0x22, &(0x7f0000000040)={@loopback, @empty, @local}, &(0x7f0000000140)=0xc) 2018/04/09 20:54:06 executing program 6: perf_event_open(&(0x7f000001d000)={0x0, 0x78, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000176000)="00640001000445") getdents(r0, &(0x7f0000000040)=""/203, 0x39) getdents64(r0, &(0x7f0000000df0)=""/528, 0xff95) 2018/04/09 20:54:06 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/fscreate\x00') write$sndseq(r0, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote={{}, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, &(0x7f0000000140)}}}}], 0x1c) 2018/04/09 20:54:06 executing program 1: sync() socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000000)) 2018/04/09 20:54:06 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f00000000c0)=0x7, 0x4) 2018/04/09 20:54:06 executing program 5: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000469ffc)=0x100, 0x4) sendto$inet(r0, &(0x7f0000edf000), 0x0, 0x0, &(0x7f0000ee9ff0)={0x2, 0x4e20}, 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) perf_event_open(&(0x7f0000000f88)={0x2, 0x78, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xd25000)=nil, 0xd25000, 0x0, 0x32, 0xffffffffffffffff, 0x0) recvfrom$inet(r0, &(0x7f0000eeff8d)=""/115, 0x73, 0x12041, &(0x7f0000898ff0)={0x2, 0x0, @rand_addr}, 0x10) ioctl$sock_netrom_SIOCGSTAMP(r1, 0x8906, &(0x7f0000bf2000)) 2018/04/09 20:54:06 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000469ffc)=0x100, 0x4) sendto$inet(r0, &(0x7f0000edf000), 0x0, 0x0, &(0x7f0000ee9ff0)={0x2, 0x4e20}, 0x10) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvfrom$inet(r0, &(0x7f0000eeff8d)=""/115, 0x73, 0x12041, &(0x7f0000898ff0)={0x2, 0x0, @rand_addr}, 0x10) 2018/04/09 20:54:06 executing program 3: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000080)) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000180)={0x0, 0xb3, 0x1000, 'queue1\x00', 0x4}) ioctl$KDDISABIO(r0, 0x4b37) r1 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000c45ff8)={0xffffffffffffffff, 0xffffffffffffffff}) getrandom(&(0x7f0000000080)=""/133, 0xfffffffffffffd07, 0x0) read(r3, &(0x7f0000d48000)=""/1, 0x1) ioctl$int_in(r2, 0x5452, &(0x7f0000000140)=0x3f) fcntl$setown(r2, 0x8, r1) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) tkill(r1, 0x14) 2018/04/09 20:54:06 executing program 7: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x200000000000002, &(0x7f0000690ffc)=0x77, 0xfc) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000f53fff), 0xfffffffffffffc64, 0x20000802, &(0x7f000006d000)={0x2, 0x4e23}, 0x10) recvmsg(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000000)=""/4096, 0x1000}], 0x1, &(0x7f0000001040)=""/229, 0xe5}, 0x2) 2018/04/09 20:54:06 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) sendto$inet6(r0, &(0x7f0000000040), 0xff5a, 0xfffffffffffffffc, &(0x7f0000000040)={0xa, 0x0, 0x200000000002, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x19) r1 = dup2(r0, r0) ioctl$sock_netrom_TIOCINQ(r1, 0x541b, &(0x7f0000000000)) 2018/04/09 20:54:06 executing program 6: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000100)={0x65, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x104) 2018/04/09 20:54:07 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'lo\x00', &(0x7f0000002d00)=ANY=[@ANYBLOB='\n']}) 2018/04/09 20:54:07 executing program 5: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='ns/ipc\x00') 2018/04/09 20:54:07 executing program 1: r0 = socket$inet(0x2, 0x1, 0x0) mmap(&(0x7f0000000000/0xd25000)=nil, 0xd25000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000040)="89", 0x1) 2018/04/09 20:54:07 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x3}, 0x1c) sendmsg(r0, &(0x7f0000007000)={0x0, 0x0, &(0x7f0000000ff0)=[{&(0x7f0000013ffe)="0600", 0x2}], 0x1, &(0x7f0000026000)}, 0x2000c080) write(r0, &(0x7f0000000100)="d019", 0x2) 2018/04/09 20:54:07 executing program 7: perf_event_open(&(0x7f0000271000)={0x2, 0x70, 0x49, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x82) r1 = memfd_create(&(0x7f00000000c0)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x81006) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, &(0x7f0000000180), 0x102000004) 2018/04/09 20:54:07 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f00007a8fff), 0x0, 0xfffffefffffffffe, &(0x7f0000f62fe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) [ 73.222781] ================================================================== [ 73.230198] BUG: KMSAN: uninit-value in rawv6_sendmsg+0x4bee/0x4cc0 [ 73.236610] CPU: 1 PID: 5466 Comm: syz-executor4 Not tainted 4.16.0+ #82 [ 73.243447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.252799] Call Trace: [ 73.255391] dump_stack+0x185/0x1d0 [ 73.259026] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 73.263265] kmsan_report+0x142/0x240 [ 73.267071] __msan_warning_32+0x6c/0xb0 [ 73.271136] rawv6_sendmsg+0x4bee/0x4cc0 [ 73.275196] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 73.280648] ? futex_wait_queue_me+0x687/0x710 [ 73.285250] ? compat_rawv6_ioctl+0x30/0x30 [ 73.289570] inet_sendmsg+0x48d/0x740 [ 73.293370] ? security_socket_sendmsg+0x9e/0x210 [ 73.298217] ? inet_getname+0x500/0x500 [ 73.302190] sock_write_iter+0x3b9/0x470 [ 73.306256] ? sock_read_iter+0x480/0x480 [ 73.310400] __vfs_write+0x719/0x910 [ 73.314127] vfs_write+0x463/0x8d0 [ 73.317675] SYSC_write+0x172/0x360 [ 73.321304] SyS_write+0x55/0x80 [ 73.324668] do_syscall_64+0x309/0x430 [ 73.328556] ? SYSC_read+0x360/0x360 [ 73.332275] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 73.337456] RIP: 0033:0x455259 [ 73.340638] RSP: 002b:00007f64f538bc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 73.348345] RAX: ffffffffffffffda RBX: 00007f64f538c6d4 RCX: 0000000000455259 [ 73.355613] RDX: 0000000000000002 RSI: 0000000020000100 RDI: 0000000000000013 [ 73.362875] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 73.370142] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 73.377416] R13: 00000000000006b6 R14: 00000000006fd1b0 R15: 0000000000000000 [ 73.384683] [ 73.386304] Uninit was stored to memory at: [ 73.390626] kmsan_internal_chain_origin+0x12b/0x210 [ 73.395724] kmsan_memcpy_origins+0x11d/0x170 [ 73.400215] __msan_memcpy+0x19f/0x1f0 [ 73.404098] skb_copy_bits+0x63a/0xdb0 [ 73.407982] rawv6_sendmsg+0x427e/0x4cc0 [ 73.412043] inet_sendmsg+0x48d/0x740 [ 73.415843] sock_write_iter+0x3b9/0x470 [ 73.419901] __vfs_write+0x719/0x910 [ 73.423613] vfs_write+0x463/0x8d0 [ 73.427151] SYSC_write+0x172/0x360 [ 73.430775] SyS_write+0x55/0x80 [ 73.434137] do_syscall_64+0x309/0x430 [ 73.438371] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 73.443550] Uninit was created at: [ 73.447088] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 73.452102] kmsan_alloc_page+0x82/0xe0 [ 73.456077] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 73.460828] alloc_pages_current+0x6b5/0x970 [ 73.465233] skb_page_frag_refill+0x3ba/0x5e0 [ 73.469724] sk_page_frag_refill+0xa4/0x340 [ 73.474042] __ip6_append_data+0x1a20/0x4bb0 [ 73.478452] ip6_append_data+0x40e/0x6b0 [ 73.482506] rawv6_sendmsg+0x2787/0x4cc0 [ 73.486563] inet_sendmsg+0x48d/0x740 [ 73.490367] sock_write_iter+0x3b9/0x470 [ 73.494430] __vfs_write+0x719/0x910 [ 73.498141] vfs_write+0x463/0x8d0 [ 73.501678] SYSC_write+0x172/0x360 [ 73.505302] SyS_write+0x55/0x80 [ 73.508663] do_syscall_64+0x309/0x430 [ 73.512548] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 73.517729] ================================================================== [ 73.525073] Disabling lock debugging due to kernel taint [ 73.530512] Kernel panic - not syncing: panic_on_warn set ... [ 73.530512] [ 73.537875] CPU: 1 PID: 5466 Comm: syz-executor4 Tainted: G B 4.16.0+ #82 [ 73.546009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.555355] Call Trace: [ 73.557948] dump_stack+0x185/0x1d0 [ 73.561578] panic+0x39d/0x940 [ 73.564787] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 73.569022] kmsan_report+0x238/0x240 [ 73.572827] __msan_warning_32+0x6c/0xb0 [ 73.576889] rawv6_sendmsg+0x4bee/0x4cc0 [ 73.580952] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 73.586403] ? futex_wait_queue_me+0x687/0x710 [ 73.591007] ? compat_rawv6_ioctl+0x30/0x30 [ 73.595329] inet_sendmsg+0x48d/0x740 [ 73.599126] ? security_socket_sendmsg+0x9e/0x210 [ 73.603974] ? inet_getname+0x500/0x500 [ 73.607951] sock_write_iter+0x3b9/0x470 [ 73.612018] ? sock_read_iter+0x480/0x480 [ 73.616170] __vfs_write+0x719/0x910 [ 73.619896] vfs_write+0x463/0x8d0 [ 73.623447] SYSC_write+0x172/0x360 [ 73.627075] SyS_write+0x55/0x80 [ 73.630443] do_syscall_64+0x309/0x430 [ 73.634337] ? SYSC_read+0x360/0x360 [ 73.638054] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 73.643236] RIP: 0033:0x455259 [ 73.646421] RSP: 002b:00007f64f538bc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 73.654127] RAX: ffffffffffffffda RBX: 00007f64f538c6d4 RCX: 0000000000455259 [ 73.661392] RDX: 0000000000000002 RSI: 0000000020000100 RDI: 0000000000000013 [ 73.668659] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 73.675927] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 73.683191] R13: 00000000000006b6 R14: 00000000006fd1b0 R15: 0000000000000000 [ 73.691220] Dumping ftrace buffer: [ 73.694751] (ftrace buffer empty) [ 73.698440] Kernel Offset: disabled [ 73.702046] Rebooting in 86400 seconds..