INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts. 2018/04/18 23:34:03 fuzzer started 2018/04/18 23:34:03 dialing manager at 10.128.0.26:44151 2018/04/18 23:34:09 kcov=true, comps=false 2018/04/18 23:34:12 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000021ff0)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffffffffffff010}, {0x6}]}, 0x10) write(r1, &(0x7f0000000280)="1a0b3b9072b6ebedd8fe7d14f0277b90758efea301840016b2994f2b83fec81bc03a687833705f654adc", 0x2a) 2018/04/18 23:34:12 executing program 1: r0 = add_key(&(0x7f0000016ff8)='keyring\x00', &(0x7f000000b000)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) keyctl$setperm(0x5, r0, 0x80004) keyctl$search(0xa, r0, &(0x7f0000000000)='id_legacy\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, r0) 2018/04/18 23:34:12 executing program 7: r0 = socket$inet6(0xa, 0x80002, 0x88) recvfrom$inet6(r0, &(0x7f0000000040)=""/185, 0xfffffffffffffe57, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x3}, 0x1c) r1 = socket$inet6(0xa, 0x8000000000000802, 0x88) sendmsg$inet_sctp(r1, &(0x7f0000a29000)={&(0x7f00006d8fe4)=@in6={0xa, 0x3, 0x0, @loopback={0x0, 0x1}}, 0x1c, &(0x7f0000fc8000)}, 0x8000) sendto$inet6(r1, &(0x7f0000b0cf6e), 0xffed, 0x0, &(0x7f000001b000)={0xa}, 0x1c) 2018/04/18 23:34:12 executing program 4: 2018/04/18 23:34:12 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0xa202, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x81, 0x8000000102, 0x0, 0x0, @time, {}, {}, @control}], 0x1c) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time={0x77359400}, {}, {}, @queue={0x0, {0x8}}}], 0x1c) 2018/04/18 23:34:12 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000008c0)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r1, 0x409, 0x0, 0x0, {0x1}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e20}]}, 0x1c}, 0x1}, 0x0) 2018/04/18 23:34:12 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) bind$inet6(r1, &(0x7f000012afe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, &(0x7f0000eb9fff), 0xffffff31, 0x20000003, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) dup2(r0, r1) 2018/04/18 23:34:12 executing program 6: syz_emit_ethernet(0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6050a09c00082f00fe8000000000000000000000000000bbfe00000000aabe88000000089078"], &(0x7f0000000040)) syzkaller login: [ 41.173992] ip (3718) used greatest stack depth: 54688 bytes left [ 41.578085] ip (3755) used greatest stack depth: 54672 bytes left [ 42.436787] ip (3841) used greatest stack depth: 54544 bytes left [ 42.574399] ip (3854) used greatest stack depth: 54200 bytes left [ 43.022766] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.029268] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.059170] device bridge_slave_0 entered promiscuous mode [ 43.083635] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.090128] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.125951] device bridge_slave_0 entered promiscuous mode [ 43.160263] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.166757] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.181801] device bridge_slave_0 entered promiscuous mode [ 43.191810] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.198268] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.227000] device bridge_slave_0 entered promiscuous mode [ 43.249080] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.255565] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.266395] device bridge_slave_0 entered promiscuous mode [ 43.276823] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.283303] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.300604] device bridge_slave_0 entered promiscuous mode [ 43.311000] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.317514] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.346107] device bridge_slave_1 entered promiscuous mode [ 43.360565] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.367087] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.380980] device bridge_slave_0 entered promiscuous mode [ 43.397468] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.403989] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.425074] device bridge_slave_1 entered promiscuous mode [ 43.435527] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.442005] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.463609] device bridge_slave_1 entered promiscuous mode [ 43.469972] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.476457] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.500925] device bridge_slave_1 entered promiscuous mode [ 43.519399] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.525880] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.533587] device bridge_slave_0 entered promiscuous mode [ 43.543561] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.551278] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.558661] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.565224] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.622455] device bridge_slave_1 entered promiscuous mode [ 43.635692] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.642228] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.668252] device bridge_slave_1 entered promiscuous mode [ 43.674615] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.681135] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.700919] device bridge_slave_1 entered promiscuous mode [ 43.710818] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.720848] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.730601] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.738295] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.746474] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.764618] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.771138] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.824959] device bridge_slave_1 entered promiscuous mode [ 43.869949] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.905725] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.940722] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.969208] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.976508] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.059122] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.071518] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.160704] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.245904] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.668814] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.678598] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.861978] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.884988] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.919084] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.928824] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.991529] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.055363] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.139735] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.161062] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.182939] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.212741] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.240321] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.268164] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.398348] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.470351] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.750721] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 45.885278] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 45.967271] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.103455] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.142275] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.163765] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.173166] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.186606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.217860] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.228071] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.326815] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.334120] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.356358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.394560] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.403238] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.414219] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.421434] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.434777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.476915] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.487608] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.501375] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.508827] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.519856] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.528780] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.543963] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.605204] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.612622] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.629596] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.669648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.710636] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.718243] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.725378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.750109] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.771103] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.799423] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.807847] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.824287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.858468] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.867404] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.875555] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.915912] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.952162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.973870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.003522] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.015102] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.028624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.057739] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.069728] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.077896] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.097524] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.105292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.125973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.173628] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.202806] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.226653] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.239351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.248183] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.256295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.293630] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.303115] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.325847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.364741] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.372169] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.388690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 48.937620] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.944127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.951014] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.957510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.042077] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.048583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.080070] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.086555] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.093367] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.099813] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.162815] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.184862] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.191366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.198256] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.204705] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.264245] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.458503] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.465070] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.471928] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.478406] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.495506] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.520075] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.526540] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.533364] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.539785] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.578973] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.586560] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.593060] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.599912] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.606378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.647527] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.691092] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.697597] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.704460] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.710927] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.802951] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.828088] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.834579] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.841443] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.847900] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.898945] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.080192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.091680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.108917] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.117298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.126372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.134832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.142582] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.431921] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.657757] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.696105] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.724714] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.998935] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.027940] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.244104] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.250408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.262322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.301227] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.392202] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.479860] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.486200] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.496610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.523441] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.533601] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.539935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.548803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.581178] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.602178] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.815282] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.823330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.830637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.857214] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.870406] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.885424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.187932] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 60.194234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.204611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.241635] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 60.247936] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.255704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.875252] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 64.983339] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 2018/04/18 23:34:39 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet_sctp(r0, &(0x7f000093eee8)=[{&(0x7f00001f6000)=@in={0xa, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10, &(0x7f0000562000), 0x0, &(0x7f00000c3000)=[@sndrcv={0x30, 0x84, 0x6}], 0x30}], 0x1, 0x0) 2018/04/18 23:34:39 executing program 0: 2018/04/18 23:34:39 executing program 5: 2018/04/18 23:34:39 executing program 4: 2018/04/18 23:34:39 executing program 2: 2018/04/18 23:34:39 executing program 3: 2018/04/18 23:34:39 executing program 6: 2018/04/18 23:34:39 executing program 7: 2018/04/18 23:34:39 executing program 1: r0 = add_key(&(0x7f0000016ff8)='keyring\x00', &(0x7f000000b000)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) keyctl$setperm(0x5, r0, 0x80004) keyctl$search(0xa, r0, &(0x7f0000000000)='id_legacy\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, r0) 2018/04/18 23:34:40 executing program 2: 2018/04/18 23:34:40 executing program 1: 2018/04/18 23:34:40 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl(r0, 0x800000000008b82, &(0x7f0000000180)) 2018/04/18 23:34:40 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl(r0, 0x800000000008b82, &(0x7f00000000c0)="48fe5d6a56e587d74f3a") 2018/04/18 23:34:40 executing program 4: 2018/04/18 23:34:40 executing program 6: 2018/04/18 23:34:40 executing program 0: 2018/04/18 23:34:40 executing program 2: 2018/04/18 23:34:40 executing program 7: 2018/04/18 23:34:40 executing program 6: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x0, 0x0) r2 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r2) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) 2018/04/18 23:34:40 executing program 0: r0 = socket$inet6(0xa, 0x80002, 0x88) recvfrom$inet6(r0, &(0x7f0000fbef6d)=""/185, 0xb9, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x3}, 0x1c) r1 = socket$inet6(0xa, 0x8000000000000802, 0x88) sendmsg$inet_sctp(r1, &(0x7f0000a29000)={&(0x7f00006d8fe4)=@in6={0xa, 0x3, 0x0, @loopback={0x0, 0x1}}, 0x1c, &(0x7f0000fc8000)}, 0x8000) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000000)=0x101, 0x4) sendto$inet6(r1, &(0x7f0000b0cf6e), 0xffed, 0x0, &(0x7f000001b000)={0xa}, 0x1c) 2018/04/18 23:34:40 executing program 7: unshare(0x40000000) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000240)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)) socket(0x0, 0x0, 0x0) 2018/04/18 23:34:40 executing program 2: mkdir(&(0x7f0000639000)='./file0\x00', 0x0) mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000)) chdir(&(0x7f00001b0000)='./file0\x00') r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) 2018/04/18 23:34:40 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000f6f000), 0x0, 0x20000004, &(0x7f0000aac000)={0xa}, 0x1c) shutdown(r0, 0x0) 2018/04/18 23:34:40 executing program 1: futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000000200)={0x77359400}, &(0x7f0000e7fffc), 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) socket$inet6_udp(0xa, 0x2, 0x0) 2018/04/18 23:34:40 executing program 3: unshare(0x40000000) r0 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) accept4$inet6(0xffffffffffffffff, &(0x7f0000002bc0)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000300)=0x1c, 0x0) dup3(r0, r0, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000240)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)) socket(0x0, 0x802, 0x0) 2018/04/18 23:34:40 executing program 5: ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f0000b23000/0x4000)=nil, 0x0, 0x0, 0x0, &(0x7f0000b1c000/0x4000)=nil}) mlock2(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x0) 2018/04/18 23:34:40 executing program 6: 2018/04/18 23:34:40 executing program 2: 2018/04/18 23:34:40 executing program 5: 2018/04/18 23:34:40 executing program 4: 2018/04/18 23:34:40 executing program 6: 2018/04/18 23:34:40 executing program 2: 2018/04/18 23:34:40 executing program 4: 2018/04/18 23:34:40 executing program 5: unshare(0x40000000) accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) accept4$inet6(0xffffffffffffffff, &(0x7f0000002bc0)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000300)=0x1c, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000240)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)) socket(0x0, 0x802, 0x0) 2018/04/18 23:34:40 executing program 7: unshare(0x40000000) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000240)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)) socket(0x0, 0x0, 0x0) 2018/04/18 23:34:41 executing program 3: 2018/04/18 23:34:41 executing program 6: unshare(0x40000000) r0 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) accept4$inet6(0xffffffffffffffff, &(0x7f0000002bc0)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000300)=0x1c, 0x80000) r1 = dup3(r0, r0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f00000002c0)={0x4}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000180)=ANY=[@ANYRES32=0x0], &(0x7f00000000c0)=0x1) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000100)={r2, 0x95}, &(0x7f0000000140)=0x8) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000240)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)) socket(0x0, 0x802, 0x0) 2018/04/18 23:34:41 executing program 1: 2018/04/18 23:34:41 executing program 4: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x5, 0x32, 0xffffffffffffffff, 0x0) mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)) 2018/04/18 23:34:41 executing program 0: clock_nanosleep(0x2, 0x0, &(0x7f0000b85000)={0x0, 0x1c9c380}, &(0x7f0000443000)) r0 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x12}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x14) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000f, 0x8031, 0xffffffffffffffff, 0x0) 2018/04/18 23:34:41 executing program 7: 2018/04/18 23:34:41 executing program 5: unshare(0x40000000) accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) accept4$inet6(0xffffffffffffffff, &(0x7f0000002bc0)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000300)=0x1c, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000240)) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)) socket(0x0, 0x802, 0x0) 2018/04/18 23:34:41 executing program 2: r0 = socket(0x10, 0x2, 0x0) write(r0, &(0x7f0000000580)="24000000210025f0071c0165ff0ffc0e020000000010000002e1000c08000b0000000000", 0x24) 2018/04/18 23:34:42 executing program 7: r0 = socket$inet(0x2, 0x5, 0x0) bind$inet(r0, &(0x7f0000000ac0)={0x2, 0x4e23, @rand_addr}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x4000006, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) 2018/04/18 23:34:42 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket(0x800000000000011, 0x800000002, 0x81) bind(r1, &(0x7f0000000040)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000180)) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000000c0), &(0x7f0000000140)=0xffffffffffffff28) 2018/04/18 23:34:42 executing program 1: 2018/04/18 23:34:42 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='/exe\x00\x00\x00\x00\x00\x00') ioctl$fiemap(r0, 0xc020660b, &(0x7f00000000c0)={0x0, 0x68, 0x2, 0x0, 0x1, [{}]}) 2018/04/18 23:34:42 executing program 2: r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2018/04/18 23:34:42 executing program 5: bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9c"}, 0x10) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) socket$kcm(0x2, 0x3, 0x2) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x8953, &(0x7f00000000c0)=0x2) 2018/04/18 23:34:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r1, r0) recvmmsg(r1, &(0x7f0000f40000)=[{{&(0x7f0000ee8000)=@nfc_llcp, 0x60, &(0x7f0000d6c000)=[{&(0x7f00004dbfde)=""/34}], 0x0, &(0x7f0000f40000)=""/7, 0x7}}], 0x638, 0x0, &(0x7f0000f40ff0)={0x77359400}) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180)) 2018/04/18 23:34:42 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x00') fsetxattr(r0, &(0x7f0000000000)=@known='user.syz\x00', &(0x7f0000002140)='selinux\x00', 0x8, 0x0) 2018/04/18 23:34:42 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB="04010000180001000000000000000000e0000002000000000000000000000000ff01000000000000000000000000000100000000000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="ff0200000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009b7b600e88e7a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000014000e00ac1414aa00000000000000000000000000"], 0x3}, 0x1}, 0x0) 2018/04/18 23:34:43 executing program 4: 2018/04/18 23:34:43 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x00') fsetxattr(r0, &(0x7f0000000000)=@known='user.syz\x00', &(0x7f0000002140)='selinux\x00', 0x8, 0x0) 2018/04/18 23:34:43 executing program 5: 2018/04/18 23:34:43 executing program 3: 2018/04/18 23:34:43 executing program 2: unshare(0x60000000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000180)={'filter\x00'}, &(0x7f0000000480)=0x54) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000380)={'nat\x00'}, &(0x7f0000000280)=0x54) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000100)={'raw\x00'}, &(0x7f0000000200)=0x54) syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) 2018/04/18 23:34:43 executing program 7: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet_sctp(r0, &(0x7f000093eee8)=[{&(0x7f00001f6000)=@in={0xa, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10, &(0x7f0000562000), 0x0, &(0x7f00000c3000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xb}}], 0x30}], 0x1, 0x0) 2018/04/18 23:34:43 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000002000)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xd25000)=nil, 0xd25000, 0x0, 0x32, 0xffffffffffffffff, 0x0) read(r0, &(0x7f0000003fa8)=""/88, 0xffffffffffffff47) 2018/04/18 23:34:43 executing program 1: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_create1(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000596000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0x8) perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f00000001c0)) read(r0, &(0x7f0000000000)=""/186, 0xba) [ 69.267929] ================================================================== [ 69.275373] BUG: KMSAN: uninit-value in sctp_sendmsg+0x1ced/0x6020 [ 69.281697] CPU: 0 PID: 5904 Comm: syz-executor7 Not tainted 4.16.0+ #84 [ 69.288625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.297988] Call Trace: [ 69.300587] dump_stack+0x185/0x1d0 [ 69.304260] ? sctp_sendmsg+0x1ced/0x6020 [ 69.308418] kmsan_report+0x142/0x240 [ 69.312230] __msan_warning_32+0x6c/0xb0 [ 69.316308] sctp_sendmsg+0x1ced/0x6020 [ 69.320292] ? __local_bh_enable_ip+0x3b/0x140 [ 69.324884] ? local_bh_enable+0x36/0x40 [ 69.328953] ? kmsan_set_origin_inline+0x6b/0x120 [ 69.333826] ? sctp_getsockopt+0x145b0/0x145b0 [ 69.338412] inet_sendmsg+0x48d/0x740 [ 69.342224] ? inet_getname+0x500/0x500 [ 69.346204] ___sys_sendmsg+0xec0/0x1310 [ 69.350275] ? __fdget+0x4e/0x60 [ 69.353649] ? __fget_light+0x56/0x710 [ 69.357540] ? __fdget+0x4e/0x60 [ 69.360918] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 69.366287] ? __fget_light+0x6b9/0x710 [ 69.370277] __sys_sendmmsg+0x42d/0x800 [ 69.374260] ? __msan_poison_alloca+0x15c/0x1d0 [ 69.378941] ? syscall_return_slowpath+0xe9/0x700 [ 69.383801] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 69.388757] SYSC_sendmmsg+0xc4/0x110 [ 69.392583] SyS_sendmmsg+0x63/0x90 [ 69.396227] do_syscall_64+0x309/0x430 [ 69.400139] ? __sys_sendmmsg+0x800/0x800 [ 69.404303] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.409497] RIP: 0033:0x455329 [ 69.412684] RSP: 002b:00007fcabcb96c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 69.420392] RAX: ffffffffffffffda RBX: 00007fcabcb976d4 RCX: 0000000000455329 [ 69.427663] RDX: 0000000000000001 RSI: 000000002093eee8 RDI: 0000000000000013 [ 69.434938] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 69.442207] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 69.449480] R13: 00000000000004c9 R14: 00000000006fa378 R15: 0000000000000000 [ 69.456753] [ 69.458377] Local variable description: ----address@___sys_sendmsg [ 69.464685] Variable was created at: [ 69.468406] ___sys_sendmsg+0xd3/0x1310 [ 69.472383] __sys_sendmmsg+0x42d/0x800 [ 69.476362] ================================================================== [ 69.483729] Disabling lock debugging due to kernel taint [ 69.489177] Kernel panic - not syncing: panic_on_warn set ... [ 69.489177] [ 69.496548] CPU: 0 PID: 5904 Comm: syz-executor7 Tainted: G B 4.16.0+ #84 [ 69.504684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.514035] Call Trace: 2018/04/18 23:34:43 executing program 0: 2018/04/18 23:34:43 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000000080), 0xfffffffffffffd90, 0x20020003, &(0x7f0000385ff0)={0x2, 0x20000000004e21, @loopback=0x7f000001}, 0x10) shutdown(r0, 0x1) 2018/04/18 23:34:43 executing program 6: 2018/04/18 23:34:43 executing program 5: [ 69.516630] dump_stack+0x185/0x1d0 [ 69.520266] panic+0x39d/0x940 [ 69.523487] ? sctp_sendmsg+0x1ced/0x6020 [ 69.527639] kmsan_report+0x238/0x240 [ 69.531444] __msan_warning_32+0x6c/0xb0 [ 69.535516] sctp_sendmsg+0x1ced/0x6020 [ 69.539584] ? __local_bh_enable_ip+0x3b/0x140 [ 69.544169] ? local_bh_enable+0x36/0x40 [ 69.548239] ? kmsan_set_origin_inline+0x6b/0x120 [ 69.553099] ? sctp_getsockopt+0x145b0/0x145b0 [ 69.557684] inet_sendmsg+0x48d/0x740 [ 69.561495] ? inet_getname+0x500/0x500 [ 69.565476] ___sys_sendmsg+0xec0/0x1310 [ 69.569550] ? __fdget+0x4e/0x60 [ 69.572921] ? __fget_light+0x56/0x710 [ 69.576813] ? __fdget+0x4e/0x60 [ 69.580184] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 69.585550] ? __fget_light+0x6b9/0x710 [ 69.589540] __sys_sendmmsg+0x42d/0x800 [ 69.593521] ? __msan_poison_alloca+0x15c/0x1d0 [ 69.598197] ? syscall_return_slowpath+0xe9/0x700 [ 69.603053] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 69.608000] SYSC_sendmmsg+0xc4/0x110 [ 69.611816] SyS_sendmmsg+0x63/0x90 [ 69.615452] do_syscall_64+0x309/0x430 [ 69.619349] ? __sys_sendmmsg+0x800/0x800 [ 69.623519] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.628710] RIP: 0033:0x455329 [ 69.631895] RSP: 002b:00007fcabcb96c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 69.639609] RAX: ffffffffffffffda RBX: 00007fcabcb976d4 RCX: 0000000000455329 [ 69.646884] RDX: 0000000000000001 RSI: 000000002093eee8 RDI: 0000000000000013 [ 69.654158] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 69.661433] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 69.668707] R13: 00000000000004c9 R14: 00000000006fa378 R15: 0000000000000000 [ 69.676447] Dumping ftrace buffer: [ 69.679978] (ftrace buffer empty) [ 69.683664] Kernel Offset: disabled [ 69.687267] Rebooting in 86400 seconds..