INIT: Entering runlevel: 2
[�[36minfo�[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.43' (ECDSA) to the list of known hosts.
2018/04/12 23:23:47 fuzzer started
2018/04/12 23:23:48 dialing manager at 10.128.0.26:44405
2018/04/12 23:23:54 kcov=true, comps=false
2018/04/12 23:23:57 executing program 0:
2018/04/12 23:23:57 executing program 1:
2018/04/12 23:23:57 executing program 7:
2018/04/12 23:23:57 executing program 2:
2018/04/12 23:23:57 executing program 3:
2018/04/12 23:23:57 executing program 5:
2018/04/12 23:23:57 executing program 4:
2018/04/12 23:23:57 executing program 6:
syzkaller login: [ 42.968286] ip (3791) used greatest stack depth: 54672 bytes left
[ 43.847427] ip (3880) used greatest stack depth: 54200 bytes left
[ 43.870510] ip (3883) used greatest stack depth: 54120 bytes left
[ 46.009142] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 46.135765] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 46.159606] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 46.167497] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 46.197808] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 46.254484] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 46.281801] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 46.483966] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 55.243951] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 55.288793] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 55.311865] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 55.374550] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 55.383291] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 55.416651] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 55.452560] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 55.865444] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 55.997879] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 56.004251] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.013941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 56.051270] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 56.063765] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.076675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 56.119127] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 56.128115] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.146775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 56.186561] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 56.192881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.204642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 56.243112] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 56.249435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.261743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 56.302365] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 56.315338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.347628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 56.389605] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 56.396232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.417259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 56.734238] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 56.740635] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.758382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/04/12 23:24:14 executing program 7:
2018/04/12 23:24:15 executing program 5:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000002480)={&(0x7f0000000200)=@ax25, 0x80, &(0x7f00000023c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000002400)=""/83, 0x53}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
recvmsg(r0, &(0x7f0000000000)={&(0x7f0000d0b000)=@ax25, 0x10, &(0x7f00002b3000), 0x0, &(0x7f0000878000)}, 0x0)
2018/04/12 23:24:15 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0xfc)
sendto$inet6(r0, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
2018/04/12 23:24:15 executing program 1:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f000067d000)=0x19, 0x4)
connect$unix(r0, &(0x7f0000932000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc)
2018/04/12 23:24:15 executing program 7:
r0 = add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f00000000c0)=']', 0x1, 0xfffffffffffffffc)
keyctl$update(0x2, r0, &(0x7f0000000100)="a6", 0x1)
2018/04/12 23:24:15 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000325f23)=""/221, &(0x7f0000108000)=0xdd)
2018/04/12 23:24:15 executing program 5:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000002480)={&(0x7f0000000200)=@ax25, 0x80, &(0x7f00000023c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000002400)=""/83, 0x53}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
recvmsg(r0, &(0x7f0000000000)={&(0x7f0000d0b000)=@ax25, 0x10, &(0x7f00002b3000), 0x0, &(0x7f0000878000)}, 0x0)
2018/04/12 23:24:15 executing program 6:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000002480)={&(0x7f0000000200)=@ax25, 0x80, &(0x7f00000023c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000002400)=""/83, 0x53}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
recvmsg(r0, &(0x7f0000000000)={&(0x7f0000d0b000)=@ax25, 0x10, &(0x7f00002b3000), 0x0, &(0x7f0000878000)}, 0x0)
2018/04/12 23:24:15 executing program 4:
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000080)=0x2, 0xa0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10)
sendto$inet6(r0, &(0x7f00000011c0), 0x0, 0x0, &(0x7f0000000400)={0xa, 0x4e21, 0x0, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x19}}}, 0x1c)
2018/04/12 23:24:15 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000002480)={&(0x7f0000000200)=@ax25, 0x80, &(0x7f00000023c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000002400)=""/83, 0x53}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
recvmsg(r0, &(0x7f0000000000)={&(0x7f0000d0b000)=@ax25, 0x10, &(0x7f00002b3000), 0x0, &(0x7f0000878000)}, 0x0)
2018/04/12 23:24:15 executing program 7:
r0 = socket(0x18, 0x0, 0x1)
connect(r0, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x2, {0xa}}}, 0x32)
setsockopt(r0, 0x402000000000111, 0x4, &(0x7f0000000240)='\x00\x00\x00\x00', 0x4)
2018/04/12 23:24:15 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r0, &(0x7f0000617fc9), 0x84, 0x20000000, &(0x7f0000deaff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
2018/04/12 23:24:15 executing program 1:
2018/04/12 23:24:15 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfe}, 0xc)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x825dfdbfe}, 0xc)
2018/04/12 23:24:15 executing program 0:
2018/04/12 23:24:15 executing program 5:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000002480)={&(0x7f0000000200)=@ax25, 0x80, &(0x7f00000023c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000002400)=""/83, 0x53}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
recvmsg(r0, &(0x7f0000000000)={&(0x7f0000d0b000)=@ax25, 0x10, &(0x7f00002b3000), 0x0, &(0x7f0000878000)}, 0x0)
2018/04/12 23:24:15 executing program 2:
2018/04/12 23:24:15 executing program 6:
2018/04/12 23:24:15 executing program 1:
2018/04/12 23:24:15 executing program 7:
r0 = open(&(0x7f0000000040)='..', 0x0, 0x0)
getdents(r0, &(0x7f0000000080)=""/84, 0x54)
2018/04/12 23:24:15 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x2, 0x3, 0x40000000000000ff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='ip_vti0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x58)
2018/04/12 23:24:16 executing program 1:
2018/04/12 23:24:16 executing program 2:
2018/04/12 23:24:16 executing program 0:
2018/04/12 23:24:16 executing program 4:
2018/04/12 23:24:16 executing program 6:
2018/04/12 23:24:16 executing program 3:
2018/04/12 23:24:16 executing program 7:
2018/04/12 23:24:16 executing program 5:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000002480)={&(0x7f0000000200)=@ax25, 0x80, &(0x7f00000023c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000002400)=""/83, 0x53}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
recvmsg(r0, &(0x7f0000000000)={&(0x7f0000d0b000)=@ax25, 0x10, &(0x7f00002b3000), 0x0, &(0x7f0000878000)}, 0x0)
2018/04/12 23:24:16 executing program 4:
r0 = socket$inet6(0xa, 0x8000000000000802, 0x0)
sendmsg(r0, &(0x7f0000000a40)={&(0x7f00000000c0)=@in6={0xa, 0x4e24, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000001e00)="ceca3d4a110048170c49fd8bbb5bb390dee8443b471c2ec9c16ab1243268941ec5a79d439f4c4c28f0b02fb0b41a989ac249e2f2918079087009301a3f5305f7c9296afe3e1ec0f9a4e9946f8b7f22f3ef1c84da2902faa243b6949e2ae14715d2df07fa40f7a76def4bafa5b2c9ed490068d41e4c69378a7e8d8fc99545d1c12f55140c0a1f84dc730ce55bd0387d71b2b62b3a11115ea17d3d72ac36b488b3227e4a407d709a3e235d64fa174ab1e52d4466fb659fdd2a1eaaf3fb1264a18b9d196a06b802d1eafaded503a825ef8488e60f2618df7824fb122f580fbf03cce194737ac62fa92e16a0ef90580d2dae1d0942b7fb61035812ba9374e07059435b2e7ca37cc5b6dd1d3e34744d5ebdf49c0829ce5e5e2d746ee85e3c095c31de7fb7981431bca40a8c42f4970a52006d7feef212ccafe07b9841e2aee0ed3109880d5c5ceff1c55ef1f4de78cb65f7654e8afbbe58b0aff363c3055b21229a8641f44ab7543363fccd27efdd6097de158fd252e8162eb93322d1f5cc514b3669f9bc7f12b90c216ede22d96d5d01cd0a0923b8e4519ccb7e142aa0f1e1ced1e1c9bf1e67d7c9b34640b5c1dddf06a0df65ac5b67a6241b5dcaed409ad8f7cdaceab6aa9704ed135696d8030b78b44ab0f634cd6893f6965835cf97a42919bbc8011520245e16f7f930d1a394e1c7ad60e9d6237f5b84799a4f74343602a5a42667da7719328dfe615b0e0b00a0792a0d993fbd100b14544951ebd23f554fa0267266dec168c0db21b25164b1b84e1c5eb032c0f6b28a61ec77d62dfebb64e066d8a0afb511ef9adb906a8fb7557c7a1aea902ddbbbfae07eabea4f453696a4c52f8bd40cbfa1c8bb3d614ec0b6d4b3786f862f91d483fd25677e4b2146f4b6a4bc2c16f2356257a9e35282aae7eae5f9b2dcae1192321591770e3d19c163f996347321f60211957067a8992c7103c2c1fd4d9a4869d16bf6fdd554ecbf261b72bf6ca79c5e4d920ba87a93f363c540cd14bed4f7013b7792e325a298504a767a060a40d88717d309641b2b67dca68b6e7f2c4f3136bcb77437a27dd9486a7bcfde3316a1eff5c29df8b36e4b80b38bd16bced5ddb90fb71d0c4e091e644205c82704467512ddfe4e2827ee7b6445d4290d818cf6a1e1e5d633e2a97371bb1bfdf224ad87265bb8778d6667860be812fd6f1b58ab161547ac9524df6f28afbfd5496633aaa072d8febde05f9da4f48a40ce585a336aec1636a39b9d581ce7b3332f079a614d788d8a685c16557446613692ae3ee2a116deefeac600629818f46e060f399d03579006855687097fb9c847202f3279a7b105f9346c03bb4f0b8a04b54705ef7bcdce381decb2b4839e3cab451155bdca1780b4dc9d46e53e9a2f3a8994d08d0322aa55b4bd93ff9a1d54809dbeee92745395e734050d0c36ae87552d9e9427fae903f82af9805de0e849e07c3a9abcc60b528d8b394d47424e6075871565dacacd654ef60f5981d2aff2fbfcf46cd96ca935341ebfcb1794200ed53e2da6eb0d98db15a7d6768b3b1e1b04d316a4080b9ff608ebc19d692baf0e7ad8e7348a381576a3baa12580e953bd591406763ebef5bc29e98f1fb5ec441bfca7ad1ac3f3450dc988074d55a738466466f0fe4cebaf650461965ad1ba54ad39d6416450d23bf16e5a7a7e55de1233defe33eaf498e4d63cf1d59bbd9f237ff7d3f53bf11b6f6c425a832dba8f0383f98ae4d9da7279f335b7690ef8a83a42f8d85c038a2022c164065e472ed02493e21638a562bf19b32164f2d6556293b488f3beb5f1a30ac4fd8fcd327e10f86f85a3c8e6fef966df01cd7ee53f84fc5b094d23d6f90a5816fb081e2cb10d821b74335b0c6616415f497398a7aacc4929f8063ccdf4f03fb39a504a26a8be208e8d028e5fdca8c50d13b825b0bff5b6edfa38eab793fdce3deebb5a0d1e1db6817948aec4ee9af03283f2c3bf89c2ee1be55d5b7c891bbd44e451d80a84fbc06e287e33a3bba5d91c41ab317bbe10c2363888137724a8a426f36ac81c65b9", 0x5ad}], 0x1, &(0x7f00000009c0)}, 0x8001)
sendmsg$inet_sctp(r0, &(0x7f0000000080)={&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x1c, &(0x7f0000000180)}, 0x0)
2018/04/12 23:24:16 executing program 2:
2018/04/12 23:24:16 executing program 1:
r0 = inotify_init1(0x800)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f00009a4000)=[{&(0x7f000022c000)=""/32, 0x20}], 0x1)
2018/04/12 23:24:16 executing program 0:
r0 = socket(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='!']})
2018/04/12 23:24:16 executing program 6:
r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f0000000100)='l', 0x1, 0xfffffffffffffffb)
keyctl$unlink(0x9, r0, 0xfffffffffffffffb)
2018/04/12 23:24:16 executing program 7:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000001500010c00000000000000000a000000", @ANYBLOB="1400020000000400001700471700000000000100"], 0x2}, 0x1}, 0x0)
2018/04/12 23:24:16 executing program 5:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000002480)={&(0x7f0000000200)=@ax25, 0x80, &(0x7f00000023c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000002400)=""/83, 0x53}, 0x0)
recvmsg(r0, &(0x7f0000000000)={&(0x7f0000d0b000)=@ax25, 0x10, &(0x7f00002b3000), 0x0, &(0x7f0000878000)}, 0x0)
2018/04/12 23:24:16 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f00000017c0)=[{&(0x7f0000000740)="eb58906d6b66732e66617400020120000200008000f80000200040000000000000000000019d", 0x26}], 0x0, &(0x7f0000000400)=ANY=[])
open(&(0x7f0000000780)='./file0/file1\x00', 0x3fffa, 0x0)
[ 59.544562] ==================================================================
[ 59.552000] BUG: KMSAN: uninit-value in raw6_local_deliver+0x259/0x1ac0
[ 59.558773] CPU: 0 PID: 5180 Comm: syz-executor4 Not tainted 4.16.0+ #83
[ 59.565618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 59.574976] Call Trace:
[ 59.577561]
[ 59.579715] dump_stack+0x185/0x1d0
[ 59.583344] ? raw6_local_deliver+0x259/0x1ac0
[ 59.587923] kmsan_report+0x142/0x240
2018/04/12 23:24:16 executing program 2:
r0 = socket$inet(0x2, 0x200000000000003, 0x6)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@nat={'nat\x00', 0x19, 0x4, 0x458, [0x20000580, 0x0, 0x0, 0x20000750, 0x20000780], 0x0, &(0x7f0000000000), &(0x7f0000000580)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x2, [{{{0x9, 0x0, 0x0, 'ipddp0\x00', 'bcsf0\x00', 'bond_slave\x00', 'syzkaller1\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0x70, 0x70, 0xa0}}, @arpreply={'arpreply\x00', 0xc, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}}}}, {{{0x1d, 0x0, 0x0, 'yam0\x00', 'team0\x00', 'ip6gretap0\x00', 'ip6_vti0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], 0x70, 0xd0, 0x100}, [@snat={'snat\x00', 0xc}, @arpreply={'arpreply\x00', 0xc}]}, @arpreply={'arpreply\x00', 0xc}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}, {0x0, '\x00', 0x2, 0xffffffffffffffff, 0x2, [{{{0x11, 0x0, 0x0, 'syzkaller1\x00', 'bpq0\x00', 'irlan0\x00', 'erspan0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], 0x108, 0x108, 0x138, [@rateest={'rateest\x00', 0x3c, {{'ip6gre0\x00', 'bridge0\x00'}}}, @statistic={'statistic\x00', 0x14}]}}, @arpreply={'arpreply\x00', 0xc, {{@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}}}}, {{{0x11, 0x0, 0x0, 'erspan0\x00', 'lo\x00', 'yam0\x00', 'bpq0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0x70, 0x98, 0xc0}, [@common=@CONNSECMARK={'CONNSECMARK\x00', 0x4}]}, @common=@CLASSIFY={'CLASSIFY\x00', 0x4}}]}, {0x0, '\x00', 0x4, 0xfffffffffffffffe}]}, 0x520)
[ 59.591722] __msan_warning_32+0x6c/0xb0
[ 59.595784] ? ip6_input_finish+0x55c/0x2110
[ 59.600194] raw6_local_deliver+0x259/0x1ac0
[ 59.604612] ip6_input_finish+0x55c/0x2110
[ 59.608853] ? ip6table_filter_hook+0xb5/0xe0
[ 59.613351] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 59.618724] ip6_mc_input+0x697/0x740
[ 59.622523] ? ip6_input+0x320/0x320
[ 59.626497] ? ip6_input_finish+0x2110/0x2110
[ 59.630992] ipv6_rcv+0x20ec/0x26d0
[ 59.634620] ? local_bh_enable+0x40/0x40
[ 59.638690] __netif_receive_skb_core+0x47cf/0x4a80
[ 59.643707] ? kmsan_set_origin_inline+0x6b/0x120
[ 59.648550] ? kmsan_internal_memset_shadow_inline+0xd0/0xd0
[ 59.654356] ? ip6_rcv_finish+0x4d0/0x4d0
[ 59.658510] process_backlog+0x62d/0xe20
[ 59.662579] ? rps_trigger_softirq+0x2f0/0x2f0
[ 59.667162] net_rx_action+0x7c1/0x1a70
[ 59.671138] ? net_tx_action+0xab0/0xab0
[ 59.675206] __do_softirq+0x56d/0x93d
[ 59.679016] do_softirq_own_stack+0x2a/0x40
[ 59.683328]
[ 59.685568] do_softirq+0xb6/0xf0
[ 59.689032] dev_loopback_xmit+0x8b0/0x900
2018/04/12 23:24:16 executing program 0:
ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000000000)={&(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil})
r0 = syz_open_dev$sg(&(0x7f0000797ff7)='/dev/sg#\x00', 0x0, 0x0)
ioctl(r0, 0x20000000002285, &(0x7f0000000000)="53000000012e2a6824")
2018/04/12 23:24:16 executing program 7:
2018/04/12 23:24:16 executing program 6:
2018/04/12 23:24:16 executing program 1:
r0 = inotify_init1(0x800)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f00009a4000)=[{&(0x7f000022c000)=""/32, 0x20}], 0x1)
[ 59.693287] ip6_finish_output2+0x5e6/0x1f20
[ 59.697705] ? validate_xmit_skb+0x1320/0x1320
[ 59.702311] ? ip6_fragment+0x327b/0x5150
[ 59.706560] ip6_fragment+0x32e6/0x5150
[ 59.710536] ? ip6_make_skb+0x1100/0x1100
[ 59.714706] ip6_finish_output+0x96c/0xc00
[ 59.718945] ip6_output+0x597/0x6c0
[ 59.722575] ? ip6_output+0x6c0/0x6c0
[ 59.726383] ? ac6_seq_show+0x200/0x200
[ 59.730370] ip6_local_out+0x573/0x640
[ 59.734271] ? __ip6_local_out+0x4f0/0x4f0
[ 59.738522] ip6_send_skb+0xfa/0x380
[ 59.742248] udp_v6_send_skb+0x116a/0x1880
[ 59.746501] udpv6_sendmsg+0x15f4/0x45b0
[ 59.750565] ? futex_wait_queue_me+0x4ee/0x710
[ 59.755166] ? rw_copy_check_uvector+0x643/0x6c0
[ 59.759926] ? __msan_poison_alloca+0x15c/0x1d0
[ 59.764604] ? ip_copy_metadata+0xac0/0xac0
[ 59.768944] ? udpv6_queue_rcv_skb+0x1c60/0x1c60
[ 59.773704] inet_sendmsg+0x48d/0x740
[ 59.777504] ? security_socket_sendmsg+0x9e/0x210
[ 59.782352] ? inet_getname+0x500/0x500
[ 59.786334] ___sys_sendmsg+0xec0/0x1310
[ 59.790400] ? __fdget+0x4e/0x60
[ 59.793772] ? __msan_metadata_ptr_for_load_1+0x10/0x20
[ 59.799141] ? __fget_light+0x6b9/0x710
[ 59.803130] SYSC_sendmsg+0x2a3/0x3d0
[ 59.806946] SyS_sendmsg+0x54/0x80
[ 59.810490] do_syscall_64+0x309/0x430
[ 59.814385] ? ___sys_sendmsg+0x1310/0x1310
[ 59.818716] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[ 59.823899] RIP: 0033:0x455279
[ 59.827084] RSP: 002b:00007f4d2a81dc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 59.834807] RAX: ffffffffffffffda RBX: 00007f4d2a81e6d4 RCX: 0000000000455279
2018/04/12 23:24:16 executing program 2:
[ 59.842082] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000013
[ 59.849354] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[ 59.856633] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 59.863915] R13: 00000000000004e8 R14: 00000000006fa660 R15: 0000000000000000
[ 59.871184]
[ 59.872799] Uninit was stored to memory at:
[ 59.877127] kmsan_internal_chain_origin+0x12b/0x210
[ 59.882232] kmsan_memcpy_origins+0x11d/0x170
[ 59.886727] kmsan_memmove_origins+0x9/0x10
[ 59.891047] __msan_memmove+0xda/0x130
[ 59.894934] ipv6_frag_rcv+0x5055/0x6970
[ 59.898998] ip6_input_finish+0xa62/0x2110
[ 59.903231] ip6_mc_input+0x697/0x740
[ 59.907031] ipv6_rcv+0x20ec/0x26d0
[ 59.910657] __netif_receive_skb_core+0x47cf/0x4a80
[ 59.915677] process_backlog+0x62d/0xe20
[ 59.916555] sd 0:0:1:0: [sg0] tag#4546 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 59.919735] net_rx_action+0x7c1/0x1a70
[ 59.919752] __do_softirq+0x56d/0x93d
[ 59.919756] Uninit was created at:
[ 59.919774] kmsan_internal_poison_shadow+0xb8/0x1b0
2018/04/12 23:24:16 executing program 5:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000002480)={&(0x7f0000000200)=@ax25, 0x80, &(0x7f00000023c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000002400)=""/83, 0x53}, 0x0)
recvmsg(r0, &(0x7f0000000000)={&(0x7f0000d0b000)=@ax25, 0x10, &(0x7f00002b3000), 0x0, &(0x7f0000878000)}, 0x0)
[ 59.919785] kmsan_kmalloc+0x94/0x100
[ 59.919797] kmsan_slab_alloc+0x11/0x20
[ 59.919809] __kmalloc_node_track_caller+0xaed/0x11c0
[ 59.919819] __alloc_skb+0x2cf/0x9f0
[ 59.919832] alloc_skb_with_frags+0x1d4/0xb20
[ 59.919841] sock_alloc_send_pskb+0xb56/0x1190
[ 59.919850] sock_alloc_send_skb+0xca/0xe0
[ 59.919862] __ip6_append_data+0x3387/0x4bb0
[ 59.919888] ip6_append_data+0x40e/0x6b0
[ 59.928648] sd 0:0:1:0: [sg0] tag#4546 CDB: Test Unit Ready
[ 59.932500] udpv6_sendmsg+0xfd5/0x45b0
[ 59.932512] inet_sendmsg+0x48d/0x740
[ 59.932525] ___sys_sendmsg+0xec0/0x1310
[ 59.932535] SYSC_sendmsg+0x2a3/0x3d0
[ 59.932546] SyS_sendmsg+0x54/0x80
[ 59.932557] do_syscall_64+0x309/0x430
[ 59.932569] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[ 59.932585] Disabling lock debugging due to kernel taint
[ 59.936461] sd 0:0:1:0: [sg0] tag#4546 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 59.939883] Kernel panic - not syncing: panic_on_warn set ...
[ 59.939883]
[ 59.939897] CPU: 0 PID: 5180 Comm: syz-executor4 Tainted: G B 4.16.0+ #83
[ 59.939903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 59.939907] Call Trace:
[ 59.939916]
[ 59.939934] dump_stack+0x185/0x1d0
[ 59.939959] panic+0x39d/0x940
[ 59.945223] sd 0:0:1:0: [sg0] tag#4546 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 59.948842] ? raw6_local_deliver+0x259/0x1ac0
[ 59.948854] kmsan_report+0x238/0x240
[ 59.948868] __msan_warning_32+0x6c/0xb0
[ 59.948880] ? ip6_input_finish+0x55c/0x2110
[ 59.948901] raw6_local_deliver+0x259/0x1ac0
[ 59.952945] sd 0:0:1:0: [sg0] tag#4546 CDB[20]: 00 00 00 00
[ 59.958044] ip6_input_finish+0x55c/0x2110
[ 59.958063] ? ip6table_filter_hook+0xb5/0xe0
[ 59.958078] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 59.958102] ip6_mc_input+0x697/0x740
[ 60.121443] ? ip6_input+0x320/0x320
[ 60.125171] ? ip6_input_finish+0x2110/0x2110
[ 60.129694] ipv6_rcv+0x20ec/0x26d0
[ 60.133341] ? local_bh_enable+0x40/0x40
[ 60.137414] __netif_receive_skb_core+0x47cf/0x4a80
[ 60.142441] ? kmsan_set_origin_inline+0x6b/0x120
[ 60.147300] ? kmsan_internal_memset_shadow_inline+0xd0/0xd0
[ 60.153109] ? ip6_rcv_finish+0x4d0/0x4d0
[ 60.157261] process_backlog+0x62d/0xe20
[ 60.161332] ? rps_trigger_softirq+0x2f0/0x2f0
[ 60.165914] net_rx_action+0x7c1/0x1a70
[ 60.169898] ? net_tx_action+0xab0/0xab0
[ 60.173964] __do_softirq+0x56d/0x93d
[ 60.177769] do_softirq_own_stack+0x2a/0x40
[ 60.182077]
[ 60.184321] do_softirq+0xb6/0xf0
[ 60.187778] dev_loopback_xmit+0x8b0/0x900
[ 60.192022] ip6_finish_output2+0x5e6/0x1f20
[ 60.196438] ? validate_xmit_skb+0x1320/0x1320
[ 60.201026] ? ip6_fragment+0x327b/0x5150
[ 60.205189] ip6_fragment+0x32e6/0x5150
[ 60.209168] ? ip6_make_skb+0x1100/0x1100
[ 60.213342] ip6_finish_output+0x96c/0xc00
[ 60.217586] ip6_output+0x597/0x6c0
[ 60.221220] ? ip6_output+0x6c0/0x6c0
[ 60.225028] ? ac6_seq_show+0x200/0x200
[ 60.229010] ip6_local_out+0x573/0x640
[ 60.232902] ? __ip6_local_out+0x4f0/0x4f0
[ 60.237142] ip6_send_skb+0xfa/0x380
[ 60.240862] udp_v6_send_skb+0x116a/0x1880
[ 60.245106] udpv6_sendmsg+0x15f4/0x45b0
[ 60.249179] ? futex_wait_queue_me+0x4ee/0x710
[ 60.253773] ? rw_copy_check_uvector+0x643/0x6c0
[ 60.258532] ? __msan_poison_alloca+0x15c/0x1d0
[ 60.263212] ? ip_copy_metadata+0xac0/0xac0
[ 60.267552] ? udpv6_queue_rcv_skb+0x1c60/0x1c60
[ 60.272310] inet_sendmsg+0x48d/0x740
[ 60.276114] ? security_socket_sendmsg+0x9e/0x210
[ 60.280773] sd 0:0:1:0: [sg0] tag#4546 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 60.280974] ? inet_getname+0x500/0x500
[ 60.289926] sd 0:0:1:0: [sg0] tag#4546 CDB: Test Unit Ready
[ 60.293587] ___sys_sendmsg+0xec0/0x1310
[ 60.293609] ? __fdget+0x4e/0x60
[ 60.293629] ? __msan_metadata_ptr_for_load_1+0x10/0x20
[ 60.293639] ? __fget_light+0x6b9/0x710
[ 60.293656] SYSC_sendmsg+0x2a3/0x3d0
[ 60.293683] SyS_sendmsg+0x54/0x80
[ 60.299472] sd 0:0:1:0: [sg0] tag#4546 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 60.303418] do_syscall_64+0x309/0x430
[ 60.303435] ? ___sys_sendmsg+0x1310/0x1310
[ 60.303454] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[ 60.303463] RIP: 0033:0x455279
[ 60.303484] RSP: 002b:00007f4d2a81dc68 EFLAGS: 00000246
[ 60.306924] sd 0:0:1:0: [sg0] tag#4546 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 60.312171] ORIG_RAX: 000000000000002e
[ 60.312178] RAX: ffffffffffffffda RBX: 00007f4d2a81e6d4 RCX: 0000000000455279
[ 60.312185] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000013
[ 60.312191] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[ 60.312197] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 60.312204] R13: 00000000000004e8 R14: 00000000006fa660 R15: 0000000000000000
[ 60.312260] Dumping ftrace buffer:
[ 60.312265] (ftrace buffer empty)
[ 60.312268] Kernel Offset: disabled
[ 60.413830] Rebooting in 86400 seconds..