INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.24' (ECDSA) to the list of known hosts.
2018/04/19 23:22:25 fuzzer started
2018/04/19 23:22:26 dialing manager at 10.128.0.26:37327
2018/04/19 23:22:33 kcov=true, comps=false
2018/04/19 23:22:36 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="8da4363a00000000000000000000000000000000000000000000000000000000ecf6f2a3299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000014300))

2018/04/19 23:22:36 executing program 1:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x89f8, &(0x7f0000000140)={'sit0\x00', @ifru_data=&(0x7f0000000080)="48803d6b61439579b6d04dd4102d09b21f8e3ef66a49b9acdf65e7fc2c583929"})

2018/04/19 23:22:36 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendmsg$key(r0, &(0x7f0000000280)={0x20480, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="0b00000007000000000000001000000005001a00ffffffff000000000000000000000000ac1414c6"], 0x28}, 0x1}, 0x0)

2018/04/19 23:22:36 executing program 2:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0)

2018/04/19 23:22:36 executing program 4:

2018/04/19 23:22:36 executing program 3:

2018/04/19 23:22:36 executing program 5:

2018/04/19 23:22:36 executing program 6:

syzkaller login: [   43.851219] ip (3744) used greatest stack depth: 54688 bytes left
[   44.660624] ip (3819) used greatest stack depth: 54408 bytes left
[   45.353559] ip (3890) used greatest stack depth: 54200 bytes left
[   45.562412] ip (3906) used greatest stack depth: 53960 bytes left
[   45.808771] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.815282] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.856139] device bridge_slave_0 entered promiscuous mode
[   45.931161] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.937702] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.977159] device bridge_slave_0 entered promiscuous mode
[   46.003343] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.009883] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.037126] device bridge_slave_0 entered promiscuous mode
[   46.069896] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.076533] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.096742] device bridge_slave_0 entered promiscuous mode
[   46.115091] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.121601] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.131200] device bridge_slave_0 entered promiscuous mode
[   46.141020] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.147532] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.157964] device bridge_slave_0 entered promiscuous mode
[   46.173286] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.179851] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.206931] device bridge_slave_0 entered promiscuous mode
[   46.227881] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.234406] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.246693] device bridge_slave_1 entered promiscuous mode
[   46.256923] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.263413] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.280321] device bridge_slave_1 entered promiscuous mode
[   46.290331] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.296819] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.316340] device bridge_slave_1 entered promiscuous mode
[   46.326818] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.333609] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.351343] device bridge_slave_0 entered promiscuous mode
[   46.371300] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.377846] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.396460] device bridge_slave_1 entered promiscuous mode
[   46.407001] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.413578] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.423460] device bridge_slave_1 entered promiscuous mode
[   46.431115] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.437582] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.464343] device bridge_slave_1 entered promiscuous mode
[   46.478840] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.488956] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.497711] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.507696] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.514575] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.579960] device bridge_slave_1 entered promiscuous mode
[   46.589414] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.599620] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.608412] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.614912] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.657807] device bridge_slave_1 entered promiscuous mode
[   46.687523] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.697307] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.707137] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.722609] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.733349] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.764604] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.791778] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.860841] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.959174] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   47.042254] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   47.054812] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   47.727935] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.745020] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.755635] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.764635] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.789756] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.952893] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.974206] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.987760] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.996249] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   48.009622] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   48.017091] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.029020] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   48.039134] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.218235] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.251205] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.258724] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.934466] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.941934] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.011770] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.101574] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.141831] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.149805] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.165799] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.181358] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.234242] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.264416] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.293743] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.316756] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.362267] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.376457] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.396430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.426646] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.439239] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.446908] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.456284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.497597] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.505697] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.512651] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.524796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.572817] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.592503] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.599979] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.607136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.618555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.637965] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.646142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.658153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.691782] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.699335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.724623] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.766437] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.778278] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.787585] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.812791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.829353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.838322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.848395] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.856503] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.864632] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.873893] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.882224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.921697] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.938140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.954583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.965748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.992505] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   50.000987] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   50.008906] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.018136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   50.037868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.059909] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   50.076996] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   50.084902] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.094552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   50.103615] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   50.110807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.128536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   50.160288] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   50.176521] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.188845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   52.112824] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.119353] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.126338] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.132840] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.172973] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.180143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.194861] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.201387] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.208324] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.214825] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.247214] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.266466] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.273025] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.279988] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.286643] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.297113] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.306301] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.312789] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.319629] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.326145] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.336376] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.428557] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.435136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.442131] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.448605] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.510767] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.533203] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.539708] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.546652] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.553174] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.615017] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.627855] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.634356] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.641276] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.647768] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.710484] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.733480] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.739988] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.746859] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.753353] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.836242] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   53.216523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.227841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.253739] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.270619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.279013] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.287106] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.294953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   61.602247] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.702890] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.937658] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   62.029829] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   62.050812] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   62.187085] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   62.359888] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   62.366319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.379945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.478731] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   62.485318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.493412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.526495] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   62.535756] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   62.679887] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   62.686195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.699954] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.740209] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   62.755631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.771991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.032612] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   63.038892] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.056506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.099562] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   63.106872] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.134647] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.361959] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   63.368394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.376760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.398785] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   63.425977] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.436132] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/04/19 23:23:04 executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="4244d6e3c559d6e3c559830000050003000001fe0000080000000800000400000015000008756e7469746c656400000000000000000000000000000000000000000000000000000000020000080000000800000000000005000000000000000200000000000000000000000000636e6500000000d9f3b8a3f275fe95482b000f01ef", 0x82, 0x400}, {&(0x7f0000015f00)="482b00040000010031302e3000000000d6e3c559d6e3c55900000000d6e3c559000000000000000000000800000001ef000001c8000001660000800000008000000000100000000000000000000000010000000000000000000000000000000000000000000000007651e3616487bcb800000000000008000000080000000001000000010000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000020000000000400000002000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000010000000000200000000600000020", 0x128, 0x8400}, {&(0x7f0000016200)="00000000000000000100000300000000000000000000000000000000000000000400000a0000000800000007000000002000000000000002", 0x38, 0x9000}, {&(0x7f0000016500)="000000000000000001000003000000010000000100000002000000010000000120000204000000080000000600000001000000cf00000006", 0x38, 0xb000}, {&(0x7f0000016700)="0000000000000000000000000000000000000000000000001ff800f80078000e0000000000000000ff010002000000160000000100080075006e007400690074006c006500640001", 0x48, 0xcfe0}, {&(0x7f0000016900)="000000000000000000000000000000000000000000000000000000a0007e000e", 0x20, 0xefe0}, {&(0x7f0000016c00)="4244d6e3c559d6e3c559830000050003000001fe0000080000000800000400000015000008756e7469746c656400000000000000000000000000000000000000000000000000000000020000080000000800000000000005000000000000000200000000000000000000000000636e6500000000d9f3b8a3f275fe95482b000f01ef000008000000000100000000000000000000080000010001000000000000", 0xa0, 0xffc00}], 0x0, &(0x7f0000016d00))
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x20000000000000)
fdatasync(r0)

2018/04/19 23:23:04 executing program 4:

2018/04/19 23:23:04 executing program 2:

2018/04/19 23:23:04 executing program 1:
syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="4244d6e3c559d6e3c559830000050003000001fe0000080000000800000400000015000008756e7469746c656400000000000000000000000000000000000000000000000000000000020000080000000800000000000005000000000000000200000000000000000000000000636e6500000000d9f3b8a3f275fe95482b000f01ef", 0x82, 0x400}, {&(0x7f0000015f00)="482b00040000010031302e3000000000d6e3c559d6e3c55900000000d6e3c559000000000000000000000800000001ef000001c8000001660000800000008000000000100000000000000000000000010000000000000000000000000000000000000000000000007651e3616487bcb800000000000008000000080000000001000000010000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000020000000000400000002000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000010000000000200000000600000020", 0x128, 0x8400}, {&(0x7f0000016200)="00000000000000000100000300000000000000000000000000000000000000000400000a0000000800000007000000002000000000000002", 0x38, 0x9000}, {&(0x7f0000016500)="000000000000000001000003000000010000000100000002000000010000000120000204000000080000000600000001000000cf00000006", 0x38, 0xb000}, {&(0x7f0000016700)="0000000000000000000000000000000000000000000000001ff800f80078000e0000000000000000ff010002000000160000000100080075006e007400690074006c006500640001", 0x48, 0xcfe0}, {&(0x7f0000016900)="000000000000000000000000000000000000000000000000000000a0007e000e", 0x20, 0xefe0}, {&(0x7f0000016c00)="4244d6e3c559d6e3c559830000050003000001fe0000080000000800000400000015000008756e7469746c656400000000000000000000000000000000000000000000000000000000020000080000000800000000000005000000000000000200000000000000000000000000636e6500000000d9f3b8a3f275fe95482b000f01ef000008000000000100000000000000000000080000010001000000000000", 0xa0, 0xffc00}], 0x0, &(0x7f0000016d00))
fdatasync(0xffffffffffffffff)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x20000000000000)
fdatasync(r0)
syz_mount_image$vfat(&(0x7f0000001640)='vfat\x00', &(0x7f0000001680)='./file0\x00', 0x200, 0x1, &(0x7f0000002900)=[{&(0x7f00000016c0)="cf029ff80a1c57176fcec2ab1bff3e9ffbe0d31231540853608f9da1c7222aad36e440f9ff9e69b8e53ae45dc736ca700022dc4ec4", 0x35, 0x9}], 0x1001, &(0x7f0000002980))

2018/04/19 23:23:04 executing program 5:

2018/04/19 23:23:04 executing program 7:

2018/04/19 23:23:04 executing program 6:
perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='wchan\x00')
bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
r2 = accept4$alg(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480), 0x0)
sendfile(r2, r1, &(0x7f0000930000), 0x8)

2018/04/19 23:23:04 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x5c5, 0x2002)
writev(r0, &(0x7f0000000780)=[{&(0x7f0000000280)}, {&(0x7f0000000580)}], 0x2)

[   69.165947] ==================================================================
[   69.173385] BUG: KMSAN: uninit-value in __save_stack_trace+0x5b2/0xa80
[   69.180066] CPU: 1 PID: 5774 Comm: syz-executor6 Not tainted 4.16.0+ #84
[   69.186993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.196442] Call Trace:
[   69.199057]  dump_stack+0x185/0x1d0
[   69.202708]  ? __save_stack_trace+0x5b2/0xa80
[   69.207232]  kmsan_report+0x142/0x240
[   69.211037]  __msan_warning_32+0x6c/0xb0
[   69.215109]  ? save_stack_trace+0xa5/0xf0
[   69.219302]  __save_stack_trace+0x5b2/0xa80
[   69.223646]  ? save_stack_trace+0xa5/0xf0
[   69.227807]  ? kmsan_set_origin+0x9e/0x160
[   69.232054]  save_stack_trace+0xa5/0xf0
[   69.236040]  ? do_splice_direct+0x335/0x540
[   69.240371]  kmsan_internal_chain_origin+0x12b/0x210
[   69.245485]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   69.250948]  ? kmsan_set_origin_inline+0x6b/0x120
[   69.255803]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   69.261251]  ? seq_putc+0xf4/0x1d0
[   69.264797]  ? proc_pid_wchan+0x19b/0x250
[   69.268942]  ? __msan_poison_alloca+0x15c/0x1d0
[   69.273718]  ? seq_read+0xc7d/0x2260
[   69.277439]  ? get_pid_task+0x3b/0x190
[   69.281324]  kmsan_memcpy_origins+0x11d/0x170
[   69.285823]  kmsan_copy_to_user+0x132/0x160
[   69.290145]  seq_read+0x1cc9/0x2260
[   69.293795]  do_iter_read+0x880/0xd70
[   69.297608]  ? seq_open+0x360/0x360
[   69.301240]  vfs_readv+0x1ec/0x260
[   69.304795]  default_file_splice_read+0xa9a/0x1120
[   69.309744]  ? security_file_permission+0x473/0x4b0
2018/04/19 23:23:04 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000200008000f8", 0x16}], 0x0, &(0x7f0000000080)={[{@codepage={'codepage', 0x3d, '949'}, 0x2c}, {@gid={'gid', 0x3d, [0x34]}, 0x2c}]})
mkdir(&(0x7f0000001940)='./file0/file0\x00', 0x30)

[   69.314775]  ? rw_verify_area+0x35e/0x580
[   69.319197]  ? SYSC_tee+0x13d0/0x13d0
[   69.322997]  splice_direct_to_actor+0x4c6/0x1040
[   69.327766]  ? do_splice_direct+0x540/0x540
[   69.332103]  ? security_file_permission+0x28f/0x4b0
[   69.337229]  ? rw_verify_area+0x35e/0x580
[   69.341400]  do_splice_direct+0x335/0x540
[   69.345570]  do_sendfile+0x1067/0x1e40
[   69.349487]  SYSC_sendfile64+0x1b3/0x300
[   69.353574]  SyS_sendfile64+0x64/0x90
[   69.357391]  do_syscall_64+0x309/0x430
[   69.361301]  ? SYSC_sendfile+0x320/0x320
2018/04/19 23:23:04 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c0000001d0001030000000000000000000000000000000000"], 0x1}, 0x1}, 0x0)

[   69.365385]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   69.370585] RIP: 0033:0x455329
[   69.373776] RSP: 002b:00007f15fd2bcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   69.381497] RAX: ffffffffffffffda RBX: 00007f15fd2bd6d4 RCX: 0000000000455329
[   69.388796] RDX: 0000000020930000 RSI: 0000000000000015 RDI: 0000000000000016
[   69.396079] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   69.403361] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000ffffffff
[   69.410648] R13: 00000000000004cf R14: 00000000006fa408 R15: 0000000000000000
[   69.417933] 
[   69.419553] Uninit was stored to memory at:
[   69.423893]  kmsan_internal_chain_origin+0x12b/0x210
[   69.428988]  __msan_chain_origin+0x69/0xc0
[   69.433232]  save_stack_trace+0xe4/0xf0
[   69.437206]  kmsan_internal_chain_origin+0x12b/0x210
[   69.442310]  kmsan_memcpy_origins+0x11d/0x170
[   69.446815]  kmsan_copy_to_user+0x132/0x160
[   69.451146]  seq_read+0x1cc9/0x2260
[   69.454784]  do_iter_read+0x880/0xd70
[   69.458586]  vfs_readv+0x1ec/0x260
[   69.462126]  default_file_splice_read+0xa9a/0x1120
2018/04/19 23:23:04 executing program 7:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="8da4363a00000000000000000000000000000000000000000000000000000000ecf6f2a3299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000014300))

[   69.467073]  splice_direct_to_actor+0x4c6/0x1040
[   69.471862]  do_splice_direct+0x335/0x540
[   69.476018]  do_sendfile+0x1067/0x1e40
[   69.479917]  SYSC_sendfile64+0x1b3/0x300
[   69.483987]  SyS_sendfile64+0x64/0x90
[   69.487780]  do_syscall_64+0x309/0x430
[   69.491678]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   69.496859] Local variable description: ----oc.i.i@__alloc_pages_nodemask
[   69.503771] Variable was created at:
[   69.507496]  __alloc_pages_nodemask+0x10f/0x5dc0
[   69.512244]  alloc_pages_current+0x6b5/0x970
[   69.516645] ==================================================================
[   69.524001] Disabling lock debugging due to kernel taint
[   69.529448] Kernel panic - not syncing: panic_on_warn set ...
[   69.529448] 
[   69.536821] CPU: 1 PID: 5774 Comm: syz-executor6 Tainted: G    B            4.16.0+ #84
[   69.545398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.554753] Call Trace:
[   69.557443]  dump_stack+0x185/0x1d0
[   69.561088]  panic+0x39d/0x940
[   69.564317]  ? __save_stack_trace+0x5b2/0xa80
[   69.568827]  kmsan_report+0x238/0x240
[   69.572643]  __msan_warning_32+0x6c/0xb0
[   69.576723]  ? save_stack_trace+0xa5/0xf0
[   69.580892]  __save_stack_trace+0x5b2/0xa80
[   69.585238]  ? save_stack_trace+0xa5/0xf0
[   69.589403]  ? kmsan_set_origin+0x9e/0x160
[   69.593663]  save_stack_trace+0xa5/0xf0
[   69.597658]  ? do_splice_direct+0x335/0x540
[   69.601993]  kmsan_internal_chain_origin+0x12b/0x210
[   69.607120]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   69.612593]  ? kmsan_set_origin_inline+0x6b/0x120
[   69.617458]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   69.622943]  ? seq_putc+0xf4/0x1d0
[   69.626508]  ? proc_pid_wchan+0x19b/0x250
[   69.630678]  ? __msan_poison_alloca+0x15c/0x1d0
[   69.635371]  ? seq_read+0xc7d/0x2260
[   69.639105]  ? get_pid_task+0x3b/0x190
[   69.643005]  kmsan_memcpy_origins+0x11d/0x170
[   69.647529]  kmsan_copy_to_user+0x132/0x160
[   69.651866]  seq_read+0x1cc9/0x2260
[   69.655536]  do_iter_read+0x880/0xd70
[   69.659362]  ? seq_open+0x360/0x360
[   69.663005]  vfs_readv+0x1ec/0x260
[   69.666657]  default_file_splice_read+0xa9a/0x1120
[   69.671614]  ? security_file_permission+0x473/0x4b0
[   69.676651]  ? rw_verify_area+0x35e/0x580
[   69.680817]  ? SYSC_tee+0x13d0/0x13d0
[   69.684645]  splice_direct_to_actor+0x4c6/0x1040
[   69.689593]  ? do_splice_direct+0x540/0x540
[   69.693933]  ? security_file_permission+0x28f/0x4b0
[   69.698971]  ? rw_verify_area+0x35e/0x580
[   69.703418]  do_splice_direct+0x335/0x540
[   69.707588]  do_sendfile+0x1067/0x1e40
[   69.711508]  SYSC_sendfile64+0x1b3/0x300
2018/04/19 23:23:04 executing program 2:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x2, 0xa, 0x0, 0xffffffffffffffff, 0x2}, 0x10}, 0x1}, 0x0)

2018/04/19 23:23:04 executing program 4:
mkdir(&(0x7f0000cb3ff8)='./file0\x00', 0x0)
chroot(&(0x7f000009a000)='./file0\x00')
r0 = syz_open_procfs(0x0, &(0x7f00004c6f8b)='mounts\x00')
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, &(0x7f00000007c0))
mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000000440)='./file0\x00', &(0x7f0000000340)='bdev\x00', 0x100000, &(0x7f0000000580))
mount(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='.', &(0x7f0000000040)="045b898f73", 0x1006, 0x0)
mount(&(0x7f0000000200)='.', &(0x7f0000000500)='./file0\x00', &(0x7f0000000600)="5a6500000b609ab4000000", 0x5010, &(0x7f0000000980))
mount(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x0, &(0x7f0000000380))
mount(&(0x7f00000008c0)='.', &(0x7f0000000080)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f0000000980))
preadv(r0, &(0x7f00000023c0)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, 0x0)
mount(&(0x7f00005b9ff8)='./file0\x00', &(0x7f0000edaff8)='./file0\x00', &(0x7f0000d9fffa)='msdos\x00', 0x1002, 0x0)
chdir(&(0x7f0000cd2ff8)='./file0\x00')
umount2(&(0x7f0000e28000)='..', 0x2)
symlink(&(0x7f00000000c0)='..', &(0x7f0000000240)='../file0\x00')
utime(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000140))

[   69.715587]  SyS_sendfile64+0x64/0x90
[   69.719400]  do_syscall_64+0x309/0x430
[   69.723296]  ? SYSC_sendfile+0x320/0x320
[   69.727372]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   69.732563] RIP: 0033:0x455329
[   69.735762] RSP: 002b:00007f15fd2bcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   69.743478] RAX: ffffffffffffffda RBX: 00007f15fd2bd6d4 RCX: 0000000000455329
[   69.750754] RDX: 0000000020930000 RSI: 0000000000000015 RDI: 0000000000000016
[   69.758041] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   69.765325] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000ffffffff
[   69.772603] R13: 00000000000004cf R14: 00000000006fa408 R15: 0000000000000000
[   69.780503] Dumping ftrace buffer:
[   69.784070]    (ftrace buffer empty)
[   69.787758] Kernel Offset: disabled
[   69.791376] Rebooting in 86400 seconds..