INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.24' (ECDSA) to the list of known hosts. 2018/04/12 13:07:08 fuzzer started 2018/04/12 13:07:09 dialing manager at 10.128.0.26:41677 2018/04/12 13:07:15 kcov=true, comps=false 2018/04/12 13:07:18 executing program 0: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setlease(r0, 0x400, 0x0) 2018/04/12 13:07:18 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x2, &(0x7f00000000c0)=0x40, 0x3f) 2018/04/12 13:07:18 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0xcc, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$getname(0x10, &(0x7f0000000040)=""/202) 2018/04/12 13:07:18 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xd43f58e118afee75}, 0x4) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r2, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) syz_emit_ethernet(0x3e, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @link_local={0x1, 0x80, 0xc2}, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @local={0xfe, 0x80, [], 0xaa}, {[], @udp={0x0, 0x0, 0x8}}}}}}, &(0x7f00000000c0)) 2018/04/12 13:07:18 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0xcc, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f00000003c0)) 2018/04/12 13:07:18 executing program 2: syslog(0x9, &(0x7f0000000080)=""/39, 0x27) 2018/04/12 13:07:18 executing program 3: syslog(0x3, &(0x7f0000000080)=""/39, 0x27) 2018/04/12 13:07:18 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0xcc, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x800000000004, 0x4, 0x9}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f00000000c0), &(0x7f0000000040)}, 0x20) syzkaller login: [ 43.426708] ip (3763) used greatest stack depth: 54672 bytes left [ 43.526177] ip (3769) used greatest stack depth: 54656 bytes left [ 44.404873] ip (3859) used greatest stack depth: 54544 bytes left [ 44.591877] ip (3876) used greatest stack depth: 53960 bytes left [ 46.527718] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.708623] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.750997] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.874336] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.893959] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.986697] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.006667] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.031261] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.419583] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.664744] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.682647] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.697182] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.729003] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.797873] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.883229] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.145545] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.151772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.168094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.191913] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.413229] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.419488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.432596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.460813] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.470799] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.483202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.506146] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.518460] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.524928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.532900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.579115] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.601606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.636262] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.646430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.669157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.837946] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.844532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.853374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.071201] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.077454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.086564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/12 13:07:35 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$addseals(r0, 0x409, 0x0) 2018/04/12 13:07:35 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c) r1 = dup2(r0, r0) connect$inet6(r0, &(0x7f000000cfe4)={0xa, 0x4e20}, 0x1c) readv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/174, 0xae}], 0x1) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001000)="8e86a4b9500a1139a0d93a78de7ed00ae239537b41a4eacfcfd438dfbe84ef20bd7e66cfb9bde86f5b1d1bae840e6c373fd2d58909d8ac8f1aca1b6e95b92948d4525d", 0x43}], 0x1, &(0x7f0000002000)}, 0x8000) sendmsg(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000002ff0)=[{&(0x7f0000000040)="bce5", 0x2}], 0x1, &(0x7f000000ae80)}, 0x0) 2018/04/12 13:07:35 executing program 6: r0 = memfd_create(&(0x7f000069bff7)='*^md5sum\x00', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00006ffff8)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000edfff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x80, 0x0) poll(&(0x7f0000a59000)=[{r2}], 0x1, 0x9bda) dup2(r0, r1) 2018/04/12 13:07:35 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x1fffe, 0x0) truncate(&(0x7f0000000080)='./file0\x00', 0x400) write(r0, &(0x7f0000000200)="387e9e991e82f7cbcde412f9ac1a6e66877bd8f3d11a59859e673fdd7bf44696dd0824b6c96b64a89cb34eaeae8c248fc24855e04547c4ae16710823d18ff403db138e9e93cea138ee2a58d538695e467518b8b3899e9f49c93800b3fdd747070399c864c8f80c3bf60c6a087aa41ebcedd378e55cf09be8d497d8bb343718131936b232206edeac691fda7b672dff48c3d522b82f80819becf7956f64af0e43b8694abc353178f9a01f8fd38085d30c8c70eab47cf7be84d693ec45c6078523bdfdf8331957bc1679dd6ad07687800ca3cfcb0d9f37ab87aac088f6bf46d74fb7d4045e0ba3a8f2688b17f8b31fd111f12f45a0b3b7d0f3d0df511d9fc1220b4672dc7354e074d9c046089284eea9fa244e8f5b2b0748b7c880a32ffc4d032068cbad40aee4ec1535dbe1b1ec4a1fb0f28f2969ad7faa8a2671aaddb096c9d2385925ccbd5ac98dc248c15cbddb23310b4238a4485d79f910415e55538819e5bbd966a54979333962bf14bc176a1f21d3f29f418b101110dec2032c8137e285821b43cd2243fd1b347b5b90a516a7f68a84b590e22ba6afecbdd357bb8e04ac4ebfb38c3aca923db887738b9f40a81b59bb7620b7eba1bc3b2d76eebf1fd0717c2d21531149c53b814ef77677553c873c598243d13639faaaf60ffbfbe40fc96d2e2e635e587f1a3210ddd47cf9e46daeadbd5dcd69d7fa73c03eb8cc8df5d3e3b6827630f6cdc5c3056c2e73e0dddbc5e396b1c88b3c72898a79076399e8e5985b7d62549933075b25248059ae8f79b06a15497c6ba6b760f09b8e7d2effb7bd1226624dab75f0e392b39f76fea299c8464ebc9eaae15f7d01f0bcf06a655bb0aadc5727402846dd233a0a70c1eea16194cc38c0a2fed2a0a29c8fb05e00fc29f7a868acf0b9adc42c71b1b8a6c6a4ced8fb8815e6f2148d3c9f2c209a1a820a1823485f836494da44930cc11ad57ac406723d2bd9145b76b83b7162e647abb4211f3f19c42698c9a536f192dddcbd44f5137d44ad319ad25a092cae8f6855bdef8ca3b1afe3a31a84717628fa2cd29e90e65de3dff46b12c87f41838b3c9dd6f96af38e4662781a0394bf3e9f998244cd6afe6eee7aa459b04b3335f8049bd9be16b00985a2b54ff45bef8ee3a58cb564691d99ff21ddc8e41be4c630fe464eb5c820ec245d0e4377e94ead4f40f0e603b3da1a1d9e46cf34af53619809e80ca4baa29d1383a1a5869475ab9a658aaa3f05075e6ff7f0c68152365774e2576d0fd47a1cacb733ad825389dad00ff38b526156e8577be01e6f0a21488278fffef3a5b9e2de73b45d4e985d0844cc26c542bd6ca6d87d75d6389ae695dbff91542bacbbb65e12761b8a7553db81071b9d5363ab4f2ad5055accd1b72874635ed887c335c142c965162eebaf435586f2d973806ece585fcf61eedc2c042da67b92511c2028761dadf386531f822ca696594c1922de30029ea591f153de0e1016b065217c48342afcf25027c288717f41f45c01e7e643804cab5eef56d49dad12bae3c8c775191a53eda5b898deab9dadf40b12958ac41fd1cf8130b6dca22323a6687ae3d1e7e3624b3b6323333f74cfcba255832ed9850d2b1e8df80e937ffee628a15aa091775316eb02ace5e6ee92c1835851e6c36318244910d0b8d987cc06b2b5af025e475e72d20f8020ea1c40464cb04463c43df1b64d0b89c76d9f7cd0a19ae4acce1f5a9810430aa8847c602520636c5eb531b318b81a25b1dc7e311346bc109c09d79931cc7e8a5def193237d410d81bb35656a2b65a0b495dd7900bfdbbdff233ed3914f4fb9d46d9a86b81048f48fa3cd294662ff8b605cad75ab8788b33e705c8cb43dc838431bbcc550bc3e3662a79cefd56fb7dd552f0c73d3081ffb397c9e69ad11cd5185000704ca2a041aca76a852d1c6de73c231b4874a65fffa1dced3c3ad464406f55752567f11167e8d24c8b3c12976e981b38da4e8de2525f08d08ed501870e1bdcb32034624f453b5ac26e3f3731cfc9dce32d3c478aa3457643d2a6900e97bd1ff8ca6dd0b98dcfcda1a51793222570192ad328e400ef4e57e765e3774ac3b6232df84abcd6a9f854a4bfe5dceb469a7f8adbea70fa9b801916e8df356b41f4f6c0d00984749da56817e9f6083cedc70dd6ee1725dd8ef2b78f68b3a53a13625015839dd2c86961b76fa9c372aedb9079466bfc962ec045a70db2ed1edb82d4380de575ae1b24db5ebc0a23981593abf9951aa5ddcef8a5a8f3dfe42b41abc02ad8e3a1b0b0efce0bf7984888ae49d945f77c029ebfc16922c41878b4708c6968c9b1a1c0c081ddd2de8be2cbc6b71f7e668bd5cd128daf1cfc487e8d3a59f60a9b79cfaa8ec939a2881c3a34f1dde2b989c6da172a17bb5475165ce4f0c9ad747a9121485a202e099615a127c1c47460421c71d64a9d5eb7b103f052f64559b08df99fcb3a831d27dcf591010543d249a22bde725e304a8acbf7d5d1de972c816d1d9d6dc84c81437d2e0d28453bf9ce7d8dd7bc3a249f03af765cc918bc0eb12a173463d621f2b6f4811f01b0c3dbd0f092543e6cad1530d6ca41d3b5b98314f5a7911dfa9b1ffad8c0caa5390134b0b63ff8bb6b2cc1e535563cf017a0f19b12c7517aeda61459ff49819b864df41e0268ef9e6c8fe201f830ac3c844c90b3ee62fd072d07bca5f5587ea8ac26923340246a1a4cf369e39aa9cfbe4f4ae9da4abc9698b179b729ebfa9e7a0b0face7d1d8a950a94261028923ee56090a2ee32ad6697b59d6be26daa232cacb2cecc8bcee378047fbfc1b46d0e90568301ae985aa0d823d336faa43ee1687c08f61918adb86811e998cedb6b2f6180f201f856ad68e2eb7998a0cf90a2f07a0a77410aea96428110ec2c51523bf1cc0035bf298eb5d914909f240a9c6097eef88d6388553fc35522479d91cd7f96ac566e608c93a4e2be86501b9efbca62d1a4f380defe0178bb87ab435e3b8f635e72df7f481bfc36d581094d8ce2c5e78dddeaec78a29ed2f08e05da4c2b3efbcaee89d0aa2a03bb707ce4751aabca25b1714c5d71feaf92cc873aeca57e277592a805ea019b6d2853f275125eebe42e552fa437ef4f09965915622ab08d025df25cc3a84cb72885a40774d589bd1ac9ca0e350255f2c74293cc2f9833e5357a2573595b67a5daff80225cddaa7299cafbd87ae81755b782010ed506cf3c17c50e1b799fc0b5a85154b583c150af0e6e8f5f2daa94c44eeb94673ee002256ef1fd04e1befa1d0f1be483f1858dab74b80e034649e0f0ac1a82ea7c0a344991900c448386331241f36b9704c55ceadd9fead97b08934a7adac5b32f0ccb1c58d84c546d1a62b8d4de0d73abd3164f1e03b71e1fb7581587bfd92f814444f2af67735ec8fd8debf8dc351fa975225e1b59f8089b98d9df7dea8651dfe1e1cec8f57159b28bb7eb007f3c7e76e878b2288b05a5e3114df11713db2000c877b2bae598543965546466a860ca5b021f58a6bac2d1aea3dedba10f4e922794689480e30e831973e885d34a231f968eedcbcfb04c9e969d5dae478fbeb6b09688477e8ebf9a662f93d0cf32a99c8173b66913b87608d9f6bd4b4aa2e57ac5ac538f847eff224d5047fb6bf48900499c8a25520bb4cbd16d8ddd95139ba455b5e28c3bcb4b0fb1eea491c8dffdb9e5203925a21da8f25dac33fb8a53dd0465d0208c5c5e91ecd1d1a60c2d66446e63ee9d6e0cd2e2c3956804f8fb55eee9affd255230da13fcdd39460dfe9c4078439bd0b58a9e5ff0b24152bdaf4e0e8cad4b32a1e4b7a06679282c7eb22c60e66d6eedac219aaa74ea9189b963cbf6d7b1d523f815870de5253b2d4a37fca4e46d9dbb4daa38c37330b207f337672676a4a72d5e4471994ca248ddd287218c3317424022ba42544ae08b6288289fc16e0c3bfd153162585288a828bac6ab7233d91f727c65c3ae63d2556e9d7718481bb73200b8c7160539a126add5d0eeba6a505f696e595e7d3424a3530f4e0fc0a8988d71cfaf778f0e17390368dd1535f88200288c5737a3b5f7c9345c23d9eed2b0a45c50eaa03912921e51dc4cef0950c5b68f3eeaebbdbf876695f4e7c1cd735e6603fc5009d7c4728f851414efd9d07f2da89a1a3eed6a36ce29f2187186cc8287d5724596d2e386f56394a11ae503420a361041df911b7f0c62a74987ef9fe3288b46847def179f4d4a5e87614f92bad814320bcc951dac7d50b50a111c3628a2806aa51d978c70beadf0df7c76dfebc6f538a84c7a34e57c184bcd1d735c14f90109283b9c06d698766307650e484674ee25a047084b63c6994fdea1cb730c50d22d61fe17e7c936b9d535e7d2a31dd68aa76389e7a3ed7ff24ee52f80e1fec8e3fa4157e196a81d393659711f67278649317fec16259b74e75ae89bcbe68f1a47970b06d219e59ba9f38ecd766046671d700950a903095f69ac8f3259df0d194613bdea0e0b1fdf6201e970c2171fe89b660814d5b932006d1a27b0942f8651b9e465554eaf48db5ff2c2162b6bfccbad778fee89308fcae0edf88e1f4ae37286827ed3cc62ed2508901d9df6437e809698197731847f944635a4765aef9fe02a451c2fb97246f27b4f415a996fc209681af8f51e49ddc37c4d4ede09141b2e78e9f048b2e35d11fada683e03d0cb02a522a3d2a076985051da2efe4cc01d6a7d03acae2c2d869110d13c83863900c79e7c6625715899d129f13c6c5e874a3b24df190cd699fcbb528970615298243efb9e3ca5a2c2121a9551c61adf1b93249b7aa3d83e9ecdb43fadf65acfa505f186bd5ab97aa46f4429211bd6d93da2472fd4861e9a5a39a7253a9b39acba2e7687af623b2e32ae72deb001ba195aa481a84add9712fcf245694a2f5da9163fbeee011c191b46687d3773dca0e8ec00491c8827c9012b4ee1a72dcd01eee50162b1716e2c9353d98319f061eb1154b9828cf6a1f14bb413f4a85b258e56ca1d388a44840989f03070e493c0c8271be7977bbda1dbe8a53f31582d6823e14b2e513ebab9816421ffcfb944624", 0xe00) 2018/04/12 13:07:35 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23}, 0x1c) connect$inet6(r0, &(0x7f0000966fe4)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x11}}}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000440)=@assoc_value={0x0, 0x3ff}, 0x8) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000d5affc), 0x4) r1 = dup(r0) write$eventfd(r1, &(0x7f0000000280), 0xff93) recvfrom(r0, &(0x7f0000000180)=""/226, 0xef9be9a72681594d, 0x0, 0x0, 0xffffffffffffff86) write$eventfd(r1, &(0x7f0000000bc0), 0x10bf0) 2018/04/12 13:07:35 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x4000000000200, &(0x7f00000006c0), &(0x7f0000c53000), &(0x7f0000f8b000), &(0x7f0000000280)) mknod(&(0x7f0000f80000)='./file0\x00', 0x0, 0x0) 2018/04/12 13:07:35 executing program 2: syslog(0x2, &(0x7f0000000080)=""/39, 0x1b) umount2(&(0x7f0000000100)='./file0\x00', 0xe) 2018/04/12 13:07:35 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key(&(0x7f00000011c0)='pkcs7_test\x00', &(0x7f0000001200)={0x73, 0x79, 0x7a}, &(0x7f0000001240), 0x0, 0xffffffffffffffff) 2018/04/12 13:07:35 executing program 5: r0 = socket$inet(0x15, 0x5, 0x0) bind$inet(r0, &(0x7f000001bff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14}}, 0x10) sendmsg(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000180)=[{0x50, 0x100000000000114, 0x8, "4d037f67d8b7b40800000000000000f7b4559556d9101709322be4c68537e918d56fc5fa0d02739b2ab80ec25d434d3e8a83e36011c57e8769315dd29005dba330"}], 0x50}, 0x0) 2018/04/12 13:07:35 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) 2018/04/12 13:07:35 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x4031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) futex(&(0x7f0000012ffc), 0x0, 0x0, &(0x7f0000060ff0)={0x0, 0x3}, &(0x7f0000034000), 0x0) mprotect(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000003ff0)={&(0x7f0000012000/0x2000)=nil, 0x2000}) [ 59.447839] ================================================================== [ 59.455263] BUG: KMSAN: uninit-value in csum_partial_copy_to_user+0x450/0x500 [ 59.462513] CPU: 0 PID: 5106 Comm: syz-executor0 Not tainted 4.16.0+ #83 [ 59.469324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.478654] Call Trace: [ 59.481229] dump_stack+0x185/0x1d0 [ 59.484838] ? csum_partial_copy_to_user+0x450/0x500 [ 59.489917] kmsan_report+0x142/0x240 [ 59.493702] __msan_warning_32+0x6c/0xb0 [ 59.497752] csum_partial_copy_to_user+0x450/0x500 [ 59.502660] csum_and_copy_to_iter+0x3dc/0x2140 [ 59.507310] ? kmsan_set_origin_inline+0x6b/0x120 [ 59.512136] ? __msan_poison_alloca+0x15c/0x1d0 [ 59.516810] skb_copy_and_csum_datagram+0x6d2/0x1080 [ 59.521895] skb_copy_and_csum_datagram_msg+0x557/0x960 [ 59.527242] udpv6_recvmsg+0xc65/0x29e0 [ 59.531200] ? udp6_lib_lookup_skb+0x240/0x240 [ 59.535770] inet_recvmsg+0x4c2/0x5f0 [ 59.539566] ? inet_sendpage+0x8c0/0x8c0 [ 59.543614] sock_read_iter+0x405/0x480 [ 59.547585] ? kernel_sock_ip_overhead+0x350/0x350 [ 59.552506] do_iter_readv_writev+0x7bb/0x970 [ 59.556988] ? kernel_sock_ip_overhead+0x350/0x350 [ 59.561898] do_iter_read+0x303/0xd70 [ 59.565690] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 59.571127] do_readv+0x295/0x5f0 [ 59.574561] ? syscall_return_slowpath+0xe9/0x700 [ 59.579385] SYSC_readv+0x9b/0xb0 [ 59.582816] SyS_readv+0x56/0x80 [ 59.586168] do_syscall_64+0x309/0x430 [ 59.590063] ? vfs_readv+0x260/0x260 [ 59.593767] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.598934] RIP: 0033:0x455279 [ 59.602097] RSP: 002b:00007fbcf5f9fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 59.609782] RAX: ffffffffffffffda RBX: 00007fbcf5fa06d4 RCX: 0000000000455279 [ 59.617025] RDX: 0000000000000001 RSI: 0000000020000280 RDI: 0000000000000013 [ 59.624271] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 59.631520] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 59.638774] R13: 000000000000048c R14: 00000000006f9dc0 R15: 0000000000000000 [ 59.646038] [ 59.647654] Uninit was created at: [ 59.651277] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 59.656288] kmsan_alloc_page+0x82/0xe0 [ 59.660269] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 59.665034] alloc_pages_current+0x6b5/0x970 [ 59.669427] skb_page_frag_refill+0x3ba/0x5e0 [ 59.673908] sk_page_frag_refill+0xa4/0x340 [ 59.678206] __ip6_append_data+0x1a20/0x4bb0 [ 59.682592] ip6_append_data+0x40e/0x6b0 [ 59.686635] udpv6_sendmsg+0xfd5/0x45b0 [ 59.690585] inet_sendmsg+0x48d/0x740 [ 59.694368] ___sys_sendmsg+0xec0/0x1310 [ 59.698402] SYSC_sendmsg+0x2a3/0x3d0 [ 59.702176] SyS_sendmsg+0x54/0x80 [ 59.705688] do_syscall_64+0x309/0x430 [ 59.709551] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.714707] ================================================================== [ 59.722039] Disabling lock debugging due to kernel taint [ 59.727466] Kernel panic - not syncing: panic_on_warn set ... [ 59.727466] [ 59.734803] CPU: 0 PID: 5106 Comm: syz-executor0 Tainted: G B 4.16.0+ #83 [ 59.742914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.752239] Call Trace: [ 59.754807] dump_stack+0x185/0x1d0 [ 59.758409] panic+0x39d/0x940 [ 59.761590] ? csum_partial_copy_to_user+0x450/0x500 [ 59.766672] kmsan_report+0x238/0x240 [ 59.770448] __msan_warning_32+0x6c/0xb0 [ 59.774486] csum_partial_copy_to_user+0x450/0x500 [ 59.779408] csum_and_copy_to_iter+0x3dc/0x2140 [ 59.784059] ? kmsan_set_origin_inline+0x6b/0x120 [ 59.788877] ? __msan_poison_alloca+0x15c/0x1d0 [ 59.793526] skb_copy_and_csum_datagram+0x6d2/0x1080 [ 59.798610] skb_copy_and_csum_datagram_msg+0x557/0x960 [ 59.803956] udpv6_recvmsg+0xc65/0x29e0 [ 59.807912] ? udp6_lib_lookup_skb+0x240/0x240 [ 59.812473] inet_recvmsg+0x4c2/0x5f0 [ 59.816252] ? inet_sendpage+0x8c0/0x8c0 [ 59.820294] sock_read_iter+0x405/0x480 [ 59.824247] ? kernel_sock_ip_overhead+0x350/0x350 [ 59.829153] do_iter_readv_writev+0x7bb/0x970 [ 59.833626] ? kernel_sock_ip_overhead+0x350/0x350 [ 59.838532] do_iter_read+0x303/0xd70 [ 59.842310] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 59.847735] do_readv+0x295/0x5f0 [ 59.851169] ? syscall_return_slowpath+0xe9/0x700 [ 59.855987] SYSC_readv+0x9b/0xb0 [ 59.859421] SyS_readv+0x56/0x80 [ 59.862760] do_syscall_64+0x309/0x430 [ 59.866625] ? vfs_readv+0x260/0x260 [ 59.870316] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.875480] RIP: 0033:0x455279 [ 59.878642] RSP: 002b:00007fbcf5f9fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 59.886322] RAX: ffffffffffffffda RBX: 00007fbcf5fa06d4 RCX: 0000000000455279 [ 59.893566] RDX: 0000000000000001 RSI: 0000000020000280 RDI: 0000000000000013 [ 59.900810] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 59.908056] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 59.915304] R13: 000000000000048c R14: 00000000006f9dc0 R15: 0000000000000000 [ 59.922983] Dumping ftrace buffer: [ 59.926503] (ftrace buffer empty) [ 59.930182] Kernel Offset: disabled [ 59.933780] Rebooting in 86400 seconds..