INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.19' (ECDSA) to the list of known hosts. 2018/04/20 07:09:30 fuzzer started 2018/04/20 07:09:31 dialing manager at 10.128.0.26:41811 2018/04/20 07:09:37 kcov=true, comps=false 2018/04/20 07:09:40 executing program 0: syz_emit_ethernet(0x66, &(0x7f00000f8000)={@random="cd390b081bf2", @dev={[0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, "08de06", 0x30, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0x0, 0x0, @loopback={0x0, 0x1}, @loopback={0x0, 0x1}}}}}}}}, 0x0) 2018/04/20 07:09:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1a, &(0x7f0000baf000)=""/1, &(0x7f0000561ffc)=0x1) 2018/04/20 07:09:40 executing program 7: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = gettid() fcntl$setownex(r0, 0xf, &(0x7f0000000040)={0x2, r1}) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000fd0000), 0xffffffffffffff3f, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x3, @loopback=0x7f000001}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000116ff8)=0x39) shutdown(r0, 0x1) 2018/04/20 07:09:40 executing program 4: 2018/04/20 07:09:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x112, &(0x7f0000000240)=ANY=[]) mkdir(&(0x7f00000000c0)='./file0//ile0\x00', 0x0) mkdir(&(0x7f0000000100)='./file0//ile0/file0\x00', 0x0) rmdir(&(0x7f0000000080)='./file0//ile0\x00') 2018/04/20 07:09:40 executing program 3: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mlockall(0x1) 2018/04/20 07:09:40 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000140)='cpuset.mem_hardwall\x00', 0x2, 0x0) fcntl$setlease(r1, 0x400, 0x2) 2018/04/20 07:09:40 executing program 6: r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000001c0)=@in6={0xa, 0x4e22, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, 0x80, &(0x7f0000000d80), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="c000000000000000290000003b0000003b15dc00000000000000000000075b798b3f934f69a8a7d74a6ccfe18b527f3713c11b2edfae1b64437549b96b05b850357ff360c21ec3c07f013296484e5e2c11960e95bb04d3a35db427b7840c83e9c19fbdcf962d83f8fe6987e16fe9d7d32467b1c008c5f1f2bd2314e38c235f5bf82547c538baf8fe136ca2aa3830e9b038ff003800a7a3995d6d97615642300000000000000000000000000000000000000000"], 0xb3}, 0x0) syzkaller login: [ 41.878523] ip (3772) used greatest stack depth: 54672 bytes left [ 42.316643] ip (3817) used greatest stack depth: 54312 bytes left [ 42.985025] ip (3879) used greatest stack depth: 54200 bytes left [ 43.335697] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.342176] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.376215] device bridge_slave_0 entered promiscuous mode [ 43.415606] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.422136] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.458276] device bridge_slave_0 entered promiscuous mode [ 43.480210] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.486723] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.499388] device bridge_slave_0 entered promiscuous mode [ 43.565189] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.571673] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.612729] device bridge_slave_0 entered promiscuous mode [ 43.633277] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.639768] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.669770] device bridge_slave_1 entered promiscuous mode [ 43.687819] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.694287] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.710325] device bridge_slave_1 entered promiscuous mode [ 43.724204] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.730663] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.746705] device bridge_slave_1 entered promiscuous mode [ 43.773856] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.780371] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.800277] device bridge_slave_0 entered promiscuous mode [ 43.821572] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.828127] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.859441] device bridge_slave_0 entered promiscuous mode [ 43.877450] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.883933] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.902181] device bridge_slave_1 entered promiscuous mode [ 43.911361] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.922577] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.929074] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.948063] device bridge_slave_0 entered promiscuous mode [ 43.964021] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.970501] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.995622] device bridge_slave_0 entered promiscuous mode [ 44.012115] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.021702] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.031679] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.038151] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.067997] device bridge_slave_1 entered promiscuous mode [ 44.076996] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.085947] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.092404] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.117581] device bridge_slave_1 entered promiscuous mode [ 44.128530] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.137175] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.143629] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.184300] device bridge_slave_1 entered promiscuous mode [ 44.194090] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.200547] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.227916] device bridge_slave_1 entered promiscuous mode [ 44.246554] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.255460] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.266707] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.276458] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.358075] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.373993] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.473850] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.493824] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.546578] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.564772] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.691635] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 45.171172] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.193956] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.210627] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.314813] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.392797] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.406560] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.425502] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.462322] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.522753] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.553981] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.578016] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.683950] ip (4080) used greatest stack depth: 53992 bytes left [ 45.688157] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.712209] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.741713] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.799305] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.902064] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 46.397553] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.406445] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.497942] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.518688] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.601510] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.626241] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.713750] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.725352] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.748935] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.759586] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.802504] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.809686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.824770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.847923] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.858926] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.874654] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.915770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.947266] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.959447] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.967111] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.984726] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.003567] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 47.011904] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 47.022730] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.029820] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.044072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.081258] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.090409] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.121160] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.146123] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 47.153855] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.168247] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.208194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.229497] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.237015] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.248243] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.262118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.272466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.305416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.322580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.338512] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.351592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.361920] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.369897] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.387124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.399416] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.417134] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 47.426378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.438784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.463212] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.471808] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.485726] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.515165] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.543755] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.578952] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.618992] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.626677] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.643197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.659001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.691090] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.718722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.776885] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.787111] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.808709] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.510239] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.516725] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.523597] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.530068] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.572929] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.579616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.637244] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.643749] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.650622] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.657144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.744897] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.755453] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.762000] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.768890] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.775346] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.788234] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.801476] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.807923] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.814790] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.821243] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.832504] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.847073] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.853516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.860341] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.866777] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.909198] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.916024] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.922521] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.929365] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.935805] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.953607] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.044916] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.051430] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.058358] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.064816] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.145712] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.202921] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.209423] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.216332] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.222801] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.304730] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.592146] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.611165] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.650711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.687406] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.703480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.729663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.748830] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.905304] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.073252] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.084451] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.210129] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.225427] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.366595] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.634774] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.667442] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.673701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.686146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.726946] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.895669] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.901926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.913097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.943625] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.957172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.974325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.999131] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 60.008713] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.038289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.073066] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 60.080230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.098676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.191374] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 60.197672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.206678] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.451565] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 60.457887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.474100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.531113] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 60.537350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.551823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/20 07:10:06 executing program 2: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x112, &(0x7f0000000240)=ANY=[]) mkdir(&(0x7f00000000c0)='./file0//ile0\x00', 0x0) mkdir(&(0x7f0000000100)='./file0//ile0/file0\x00', 0x0) rmdir(&(0x7f0000000080)='./file0//ile0\x00') 2018/04/20 07:10:06 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000100)=ANY=[], 0x1023c) fallocate(r1, 0x3, 0x0, 0x1a8) 2018/04/20 07:10:06 executing program 4: 2018/04/20 07:10:07 executing program 6: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x112, &(0x7f0000000240)=ANY=[]) mkdir(&(0x7f00000000c0)='./file0//ile0\x00', 0x0) mkdir(&(0x7f0000000100)='./file0//ile0/file0\x00', 0x0) 2018/04/20 07:10:07 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000200)={&(0x7f00009f7000)={0x10}, 0xc, &(0x7f000000d379)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000004200ff0200000000000000000000bfdb"], 0x1}, 0x1}, 0x0) recvmsg(r0, &(0x7f0000000040)={&(0x7f0000000240)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @remote}}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000001040)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/179, 0xb3}], 0x2, &(0x7f0000000100)=""/249, 0xf9}, 0x0) 2018/04/20 07:10:07 executing program 1: r0 = socket$inet(0x2, 0x840000000003, 0x82) io_setup(0x7fff, &(0x7f00000001c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000840)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000200)}]) 2018/04/20 07:10:07 executing program 2: 2018/04/20 07:10:07 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 2018/04/20 07:10:07 executing program 5: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x9}, 0x1c) 2018/04/20 07:10:07 executing program 3: r0 = mq_open(&(0x7f00000deffd)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x2}) clock_getres(0x2, &(0x7f0000000000)) mq_open(&(0x7f00000000c0)='\x00', 0x800, 0x0, &(0x7f00000001c0)={0x400, 0x100000001, 0xfc, 0x3ff, 0x90000000, 0x81, 0x5, 0xfe}) r1 = mq_open(&(0x7f0000000040)='-$\x00', 0x800, 0xc9, &(0x7f0000000080)={0x1, 0x8001, 0x1, 0x0, 0xae, 0x5, 0xffffffff, 0x3}) r2 = getpgid(0x0) fcntl$setown(r1, 0x8, r2) mq_timedsend(r0, &(0x7f0000000840), 0x0, 0x0, &(0x7f0000000880)={0x77359400}) socket$inet6(0xa, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000089000)='/dev/vga_arbiter\x00', 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000200)='/dev/input/event#\x00', 0x2a4, 0x28404) unshare(0x20000400) pselect6(0x40, &(0x7f00000abfc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000a82fc0), &(0x7f0000a8d000)={0x0, 0x989680}, &(0x7f00006ab000)={&(0x7f00001da000), 0x8}) mq_timedreceive(r1, &(0x7f0000000100)=""/131, 0x259, 0x20200000, 0x0) fcntl$getflags(r0, 0x1) 2018/04/20 07:10:07 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='attr/sockcreate\x00') pread64(r0, &(0x7f0000004280)=""/4096, 0x1000, 0x0) 2018/04/20 07:10:07 executing program 2: 2018/04/20 07:10:08 executing program 4: 2018/04/20 07:10:08 executing program 0: 2018/04/20 07:10:08 executing program 5: 2018/04/20 07:10:08 executing program 3: 2018/04/20 07:10:08 executing program 6: 2018/04/20 07:10:08 executing program 1: 2018/04/20 07:10:08 executing program 7: 2018/04/20 07:10:08 executing program 2: 2018/04/20 07:10:08 executing program 7: 2018/04/20 07:10:08 executing program 5: 2018/04/20 07:10:08 executing program 1: 2018/04/20 07:10:08 executing program 0: 2018/04/20 07:10:08 executing program 6: 2018/04/20 07:10:08 executing program 3: 2018/04/20 07:10:08 executing program 4: semtimedop(0x0, &(0x7f000001dfd6)=[{0x0, 0xfffffffffffffffb}], 0x1, &(0x7f000001fff0)={0x1fff}) semop(0x0, &(0x7f0000031000)=[{0x0, 0xfffffffffffffffa}], 0x1) semctl$GETNCNT(0x0, 0x0, 0xe, &(0x7f0000000000)=""/135) 2018/04/20 07:10:08 executing program 7: r0 = socket$inet6(0xa, 0x2000000000001, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000687000)=0x400005c802861, 0x4) shutdown(r0, 0x1) bind$inet6(r0, &(0x7f0000402000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendto$inet6(r0, &(0x7f00007a8fff), 0x0, 0x20004014, &(0x7f0000f62fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2018/04/20 07:10:08 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)="636c6561725f72656673007edb") clock_nanosleep(0x2, 0x0, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000200)='5', 0x1}], 0x1) 2018/04/20 07:10:08 executing program 5: mkdir(&(0x7f00008c9ff6)='./control\x00', 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000fc7000)='./control\x00', 0x86000006) creat(&(0x7f0000000080)='./control/file0\x00', 0x0) 2018/04/20 07:10:08 executing program 1: syz_emit_ethernet(0x42, &(0x7f0000000080)={@empty, @empty, [], {@arp={0x806, @ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x0, @link_local={0x1, 0x80, 0xc2}, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, @empty, @dev={0xfe, 0x80}}}}}, 0x0) 2018/04/20 07:10:08 executing program 0: perf_event_open(&(0x7f0000723f88)={0x2, 0x70, 0xc35, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000340), &(0x7f0000000500)=[&(0x7f0000000400)='selinux{\x00'], 0x0) 2018/04/20 07:10:08 executing program 3: 2018/04/20 07:10:09 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000a2c000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)) ioctl$TCXONC(r0, 0x540a, 0x2) r1 = syz_open_pts(r0, 0x0) ioctl$TCXONC(r1, 0x540a, 0x2) 2018/04/20 07:10:09 executing program 4: 2018/04/20 07:10:09 executing program 7: 2018/04/20 07:10:09 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)="636c6561725f72656673007edb") clock_nanosleep(0x2, 0x0, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000200)='5', 0x1}], 0x1) 2018/04/20 07:10:09 executing program 1: 2018/04/20 07:10:09 executing program 3: 2018/04/20 07:10:09 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) accept4(r0, &(0x7f0000000000)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000080)=0x80, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000f6f000), 0x0, 0x20000004, &(0x7f0000cc7fe4)={0xa, 0x4e22, 0x0, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}, 0x1c) shutdown(r1, 0x2) 2018/04/20 07:10:09 executing program 5: r0 = socket$inet6(0xa, 0x2100000000000002, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x6}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}, 0x1c) 2018/04/20 07:10:09 executing program 7: syz_emit_ethernet(0x32, &(0x7f0000000040)={@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, @random="b0f5d5dcab09", [], {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}, "", @empty, "adcfd42708436b43cdac40962d119184"}}}}, 0x0) 2018/04/20 07:10:09 executing program 1: semctl$GETNCNT(0x0, 0x0, 0xc, &(0x7f0000000000)=""/135) 2018/04/20 07:10:09 executing program 3: 2018/04/20 07:10:09 executing program 4: 2018/04/20 07:10:09 executing program 5: 2018/04/20 07:10:09 executing program 6: 2018/04/20 07:10:09 executing program 4: 2018/04/20 07:10:09 executing program 3: 2018/04/20 07:10:10 executing program 1: 2018/04/20 07:10:10 executing program 5: 2018/04/20 07:10:10 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x2}, [@NDA_LLADDR={0xa, 0x2, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}]}, 0x28}, 0x1}, 0x0) [ 69.109136] device syz_tun entered promiscuous mode [ 69.497915] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 2018/04/20 07:10:10 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x004\x00', 0x101}) 2018/04/20 07:10:10 executing program 6: r0 = memfd_create(&(0x7f0000002901)='dev ', 0x0) write(r0, &(0x7f0000000000)="1646", 0x2) sendfile(r0, r0, &(0x7f0000001000), 0xffff) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) ftruncate(r0, 0xb4bb) 2018/04/20 07:10:10 executing program 4: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f00000001c0)="220000001800070700be0200090007000200000080ff005a78ec5a860a25b433c257", 0x22) 2018/04/20 07:10:10 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)=@ipv6_newroute={0x30, 0x18, 0x501, 0x0, 0x0, {0xa}, [@RTA_GATEWAY={0x14, 0x5, @loopback={0x0, 0x2}}]}, 0x30}, 0x1}, 0x0) 2018/04/20 07:10:10 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000040)="0706000000", 0x5) 2018/04/20 07:10:10 executing program 1: syz_emit_ethernet(0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60d8652b02232100fe8000000000000000000000000000aafe8000000000000000000000000000aa000000007c3aab8dc1b6d511768231315c8e35bbe6b1346ed9f89ae1fce1d63281c55991c3c4020ed3c846cd080d75b80f3e08bd391bc26332fd8af191dbf8af00000000000000000000000000000000f31b59051c137de85392a0e2a3008e1a99d90e261c2e1c758a9268f7431c9748d6d354c62a6c3fb16cba86ad2b258ec23ea91bbc02d4a10baea4123b86903d52f47212b1c4a388fbffc6220af247337f8be806000000d33ab92d8ee4b92b08d560cb1433171f317446462503b0f53486f27609fcb35965a26963c46e1170058d0093d14efb6c45cc44cb26519b55c1108c80d44406cec366981abdea90f5e7eb454fb0c11276840ea62197", @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], &(0x7f00000002c0)) 2018/04/20 07:10:10 executing program 7: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f0000000100)='./file0\x00', &(0x7f000078eff8)='./file0\x00', &(0x7f0000982ff9)='mqueue\x00', 0x0, &(0x7f0000653fff)) creat(&(0x7f0000000500)='./file0/file0\x00', 0x0) 2018/04/20 07:10:10 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)="636c6561725f72656673007edb") clock_nanosleep(0x2, 0x0, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000200)='5', 0x1}], 0x1) [ 69.804583] device lo entered promiscuous mode 2018/04/20 07:10:10 executing program 4: [ 69.844561] device lo left promiscuous mode 2018/04/20 07:10:10 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)=@ipv6_newroute={0x30, 0x18, 0x501, 0x0, 0x0, {0xa}, [@RTA_GATEWAY={0x14, 0x5, @loopback={0x0, 0x2}}]}, 0x30}, 0x1}, 0x0) [ 69.870162] device lo entered promiscuous mode 2018/04/20 07:10:10 executing program 1: [ 70.569333] ================================================================== [ 70.576869] WARNING: memcpy-param-overlap in generic_perform_write+0x4c6/0x990 [ 70.584332] __msan_memcpy(ffff8801b28ba122, ffff8801b28ba120, 3806) [ 70.590835] CPU: 0 PID: 5923 Comm: syz-executor6 Not tainted 4.16.0+ #84 [ 70.597692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.607067] Call Trace: [ 70.609694] dump_stack+0x185/0x1d0 [ 70.613359] __msan_memcpy+0x90/0x1f0 [ 70.617206] iov_iter_copy_from_user_atomic+0xb04/0x17d0 [ 70.622679] ================================================================== [ 70.630054] BUG: KMSAN: uninit-value in kernel_text_address+0x248/0x3a0 [ 70.636804] CPU: 0 PID: 5923 Comm: syz-executor6 Not tainted 4.16.0+ #84 [ 70.643636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.652979] Call Trace: [ 70.655567] dump_stack+0x14a/0x1d0 [ 70.659203] ? kernel_text_address+0x248/0x3a0 [ 70.663780] kmsan_report+0x142/0x240 [ 70.667582] __msan_warning_32+0x6c/0xb0 [ 70.671642] kernel_text_address+0x248/0x3a0 [ 70.676067] __kernel_text_address+0x34/0xe0 [ 70.680482] show_trace_log_lvl+0x954/0x1030 [ 70.684900] ? generic_perform_write+0x4c6/0x990 [ 70.689665] show_stack+0xfc/0x150 [ 70.693206] ? print_worker_info+0x1b0/0x660 [ 70.697616] dump_stack+0x185/0x1d0 [ 70.701245] __msan_memcpy+0x90/0x1f0 [ 70.705046] iov_iter_copy_from_user_atomic+0xb04/0x17d0 [ 70.710502] generic_perform_write+0x4c6/0x990 [ 70.715083] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 70.720449] __generic_file_write_iter+0x43b/0x990 [ 70.725373] ? rcu_all_qs+0x32/0x1f0 [ 70.729084] generic_file_write_iter+0x814/0xbf0 [ 70.733843] ? __generic_file_write_iter+0x990/0x990 [ 70.738937] do_iter_readv_writev+0x7bb/0x970 [ 70.743435] ? __generic_file_write_iter+0x990/0x990 [ 70.748538] do_iter_write+0x30d/0xd40 [ 70.752427] ? kmsan_set_origin_inline+0x6b/0x120 [ 70.757271] ? __generic_file_write_iter+0x990/0x990 [ 70.762377] vfs_iter_write+0x118/0x180 [ 70.766368] iter_file_splice_write+0xbc3/0x1710 [ 70.771175] ? splice_from_pipe+0x2c0/0x2c0 [ 70.775500] ? splice_from_pipe+0x2c0/0x2c0 [ 70.779833] direct_splice_actor+0x19b/0x200 [ 70.784250] splice_direct_to_actor+0x764/0x1040 [ 70.789006] ? do_splice_direct+0x540/0x540 [ 70.793331] ? security_file_permission+0x28f/0x4b0 [ 70.798346] do_splice_direct+0x335/0x540 [ 70.802486] do_sendfile+0x1067/0x1e40 [ 70.806367] SYSC_sendfile64+0x1b3/0x300 [ 70.810419] SyS_sendfile64+0x64/0x90 [ 70.814220] do_syscall_64+0x309/0x430 [ 70.818087] ? SYSC_sendfile+0x320/0x320 [ 70.822129] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 70.827302] RIP: 0033:0x455379 [ 70.830477] RSP: 002b:00007f1228301c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 70.838174] RAX: ffffffffffffffda RBX: 00007f12283026d4 RCX: 0000000000455379 [ 70.845423] RDX: 0000000020001000 RSI: 0000000000000013 RDI: 0000000000000013 [ 70.852685] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 70.859941] R10: 000000000000ffff R11: 0000000000000246 R12: 00000000ffffffff [ 70.867194] R13: 00000000000004cf R14: 00000000006fa408 R15: 0000000000000000 [ 70.874447] [ 70.876058] Local variable description: ----filepages.i@balance_dirty_pages_ratelimited [ 70.884187] Variable was created at: [ 70.887887] balance_dirty_pages_ratelimited+0xd3/0x4880 [ 70.893316] generic_perform_write+0x836/0x990 [ 70.897880] ================================================================== [ 70.905212] Disabling lock debugging due to kernel taint [ 70.910636] Kernel panic - not syncing: panic_on_warn set ... [ 70.910636] [ 70.917980] CPU: 0 PID: 5923 Comm: syz-executor6 Tainted: G B 4.16.0+ #84 [ 70.926092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.935421] Call Trace: [ 70.937989] dump_stack+0x14a/0x1d0 [ 70.941597] panic+0x39d/0x940 [ 70.944775] ? kernel_text_address+0x248/0x3a0 [ 70.949464] kmsan_report+0x238/0x240 [ 70.953247] __msan_warning_32+0x6c/0xb0 [ 70.957285] kernel_text_address+0x248/0x3a0 [ 70.961687] __kernel_text_address+0x34/0xe0 [ 70.966084] show_trace_log_lvl+0x954/0x1030 [ 70.970470] ? generic_perform_write+0x4c6/0x990 [ 70.975205] show_stack+0xfc/0x150 [ 70.978727] ? print_worker_info+0x1b0/0x660 [ 70.983111] dump_stack+0x185/0x1d0 [ 70.986714] __msan_memcpy+0x90/0x1f0 [ 70.990500] iov_iter_copy_from_user_atomic+0xb04/0x17d0 [ 70.995948] generic_perform_write+0x4c6/0x990 [ 71.000518] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 71.005859] __generic_file_write_iter+0x43b/0x990 [ 71.010773] ? rcu_all_qs+0x32/0x1f0 [ 71.014464] generic_file_write_iter+0x814/0xbf0 [ 71.019202] ? __generic_file_write_iter+0x990/0x990 [ 71.024296] do_iter_readv_writev+0x7bb/0x970 [ 71.028771] ? __generic_file_write_iter+0x990/0x990 [ 71.033851] do_iter_write+0x30d/0xd40 [ 71.037716] ? kmsan_set_origin_inline+0x6b/0x120 [ 71.042546] ? __generic_file_write_iter+0x990/0x990 [ 71.047627] vfs_iter_write+0x118/0x180 [ 71.051586] iter_file_splice_write+0xbc3/0x1710 [ 71.056335] ? splice_from_pipe+0x2c0/0x2c0 [ 71.060633] ? splice_from_pipe+0x2c0/0x2c0 [ 71.064933] direct_splice_actor+0x19b/0x200 [ 71.069327] splice_direct_to_actor+0x764/0x1040 [ 71.074061] ? do_splice_direct+0x540/0x540 [ 71.078359] ? security_file_permission+0x28f/0x4b0 [ 71.083356] do_splice_direct+0x335/0x540 [ 71.087481] do_sendfile+0x1067/0x1e40 [ 71.091360] SYSC_sendfile64+0x1b3/0x300 [ 71.095402] SyS_sendfile64+0x64/0x90 [ 71.099183] do_syscall_64+0x309/0x430 [ 71.103049] ? SYSC_sendfile+0x320/0x320 [ 71.107088] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 71.112254] RIP: 0033:0x455379 [ 71.115418] RSP: 002b:00007f1228301c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 71.123100] RAX: ffffffffffffffda RBX: 00007f12283026d4 RCX: 0000000000455379 [ 71.130346] RDX: 0000000020001000 RSI: 0000000000000013 RDI: 0000000000000013 [ 71.137590] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 71.144835] R10: 000000000000ffff R11: 0000000000000246 R12: 00000000ffffffff [ 71.152080] R13: 00000000000004cf R14: 00000000006fa408 R15: 0000000000000000 [ 71.159839] Dumping ftrace buffer: [ 71.163358] (ftrace buffer empty) [ 71.167039] Kernel Offset: disabled [ 71.170637] Rebooting in 86400 seconds..