INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.15' (ECDSA) to the list of known hosts. 2018/04/11 11:46:10 fuzzer started 2018/04/11 11:46:10 dialing manager at 10.128.0.26:36259 2018/04/11 11:46:16 kcov=true, comps=false 2018/04/11 11:46:19 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x1000000084) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$bt_hci(r0, 0x84, 0x70, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0xac6) 2018/04/11 11:46:19 executing program 1: r0 = socket$inet(0x10, 0x3, 0x6) sendmsg(r0, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000006000)="1b0000001200030f07fffd946fa283bc04eee6d87986c497271d85", 0x1b}], 0x1}, 0x0) recvmsg(r0, &(0x7f00000014c0)={&(0x7f0000000000)=ANY=[], 0x0, &(0x7f0000001400), 0x0, &(0x7f0000001480)=""/53, 0x35}, 0x0) 2018/04/11 11:46:19 executing program 2: r0 = socket$inet6(0xa, 0x802, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa}, 0x1c) 2018/04/11 11:46:19 executing program 3: r0 = socket$inet(0x2, 0x6, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_mreqsrc(r0, 0x10d, 0x2, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000005980)=0xc) 2018/04/11 11:46:19 executing program 7: syz_emit_ethernet(0x4b, &(0x7f0000000400)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv6={0x86dd, {0x0, 0x6, '{T;', 0x15, 0x806, 0x0, @empty, @remote={0xfe, 0x80, [], 0xbb}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {'U'}}}}}}}, &(0x7f0000000080)) 2018/04/11 11:46:19 executing program 4: perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0xa, 0x5, 0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x84, 0x21, &(0x7f0000000000), 0x4) 2018/04/11 11:46:19 executing program 5: syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000010c0)='fou\x00') sendmsg$FOU_CMD_DEL(r0, &(0x7f0000001200)={&(0x7f0000001140)={0x10}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x14, r1, 0x101, 0x0, 0x0, {0x2}}, 0x14}, 0x1}, 0x0) 2018/04/11 11:46:19 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x8010000400000084) perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x12, &(0x7f0000000000), 0x4) syzkaller login: [ 42.761239] ip (3754) used greatest stack depth: 54816 bytes left [ 43.016943] ip (3775) used greatest stack depth: 54192 bytes left [ 44.579603] ip (3926) used greatest stack depth: 53960 bytes left [ 46.381604] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.453069] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.464096] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.574945] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.643845] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.823107] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.841741] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.852358] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.125526] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.316275] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.336825] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.356383] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.380859] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.580578] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.652272] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.710504] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.915970] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.922273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.934185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.005393] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.011666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.025213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.105973] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.112276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.123170] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.154923] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.167785] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.193628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.220176] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.226396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.237623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.377409] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.383690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.396744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.439312] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.445580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.454564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.656323] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.662572] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.677152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.497738] netlink: 11 bytes leftover after parsing attributes in process `syz-executor1'. [ 57.529577] netlink: 11 bytes leftover after parsing attributes in process `syz-executor1'. 2018/04/11 11:46:36 executing program 5: 2018/04/11 11:46:36 executing program 7: 2018/04/11 11:46:36 executing program 0: 2018/04/11 11:46:36 executing program 2: 2018/04/11 11:46:36 executing program 1: 2018/04/11 11:46:36 executing program 3: 2018/04/11 11:46:36 executing program 6: 2018/04/11 11:46:36 executing program 4: 2018/04/11 11:46:36 executing program 1: 2018/04/11 11:46:36 executing program 7: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000003ff0)={&(0x7f0000000f68)={0x2, 0xb, 0x0, 0x1, 0x2}, 0x10}, 0x1}, 0x0) 2018/04/11 11:46:36 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000182000)={&(0x7f0000000000)={0x2, 0x4000000000000d, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@multicast1=0xe0000001}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}}, @sadb_lifetime={0x4, 0x3, 0x813}]}, 0xa0}, 0x1}, 0x0) 2018/04/11 11:46:36 executing program 0: r0 = socket$inet6(0xa, 0x8000000000000802, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000080)={&(0x7f0000000100)=@in6={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x9}, 0x1c}, 0x0) 2018/04/11 11:46:36 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) 2018/04/11 11:46:36 executing program 5: 2018/04/11 11:46:36 executing program 6: 2018/04/11 11:46:36 executing program 4: 2018/04/11 11:46:37 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x47}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x0, 0x1, 0x28}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0xfffffffffffffffc, 0x418, &(0x7f00001a7f05)=""/251}, 0x48) 2018/04/11 11:46:37 executing program 7: 2018/04/11 11:46:37 executing program 5: 2018/04/11 11:46:37 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x84) sendmsg(r0, &(0x7f0000000600)={&(0x7f0000000000)=@nl=@kern={0x10}, 0xc, &(0x7f0000000300), 0x0, &(0x7f0000000380)}, 0x0) r1 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r1, &(0x7f0000007000)={0xa, 0x4e20}, 0x1c) 2018/04/11 11:46:37 executing program 3: r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x220, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000280)=0x7, 0x4) sendmsg(r0, &(0x7f00000003c0)={&(0x7f00000001c0)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'gcm(xeta-generic)\x00'}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000600)="d7", 0x1}], 0x1}, 0x0) 2018/04/11 11:46:37 executing program 0: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10}, 0x80, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007fbdb72d1cb2a4a280930a0600fec0a8430991000000390008001a000500000000001900a30700000000000000dc1338d54400009b84136ef75afb83de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000006000)}, 0x0) 2018/04/11 11:46:37 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f000000cfe4)={0xa, 0x4e20}, 0x1c) recvmsg(r0, &(0x7f0000000400)={&(0x7f0000000000)=@nfc, 0x10, &(0x7f0000000080), 0xfc, &(0x7f0000000100)=""/128, 0x80}, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001000)="8e86a4b9500a1139a0d93a78de7ed00ae239537b41a4eacfcfd438dfbe84ef20bd7e66cfb9bde86f5b1d1bae840e6c373fd2d58909d8ac8f1aca1b6e95b92948d4525d", 0x43}], 0x1, &(0x7f0000002000)}, 0x8000) sendmsg(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000002ff0)=[{&(0x7f0000000040)="bce5", 0x2}], 0x1, &(0x7f000000ae80)}, 0x0) 2018/04/11 11:46:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0xa) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10}, 0x1f6, &(0x7f0000000340)={&(0x7f0000000280)={0x33fe0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x33fe0}, 0x1}, 0x0) 2018/04/11 11:46:37 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) recvmsg(r0, &(0x7f0000000600)={&(0x7f0000000280)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000400)=""/69, 0x45}], 0x1, &(0x7f0000000480)=""/164, 0xa4}, 0x102) sendmsg(r0, &(0x7f00000014c0)={&(0x7f0000000240)=ANY=[], 0x0, &(0x7f0000000340)=[{&(0x7f0000001200)="a9", 0x1}], 0x1, &(0x7f00000012c0)}, 0x0) recvmsg(r0, &(0x7f00000003c0)={&(0x7f0000000180)=@alg, 0x58, &(0x7f0000000240)=[{&(0x7f0000001500)=""/4096, 0x1000}], 0x1, &(0x7f0000000300)=""/45, 0x2d}, 0x0) sendmsg(r0, &(0x7f0000000380)={&(0x7f0000000540)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @rand_addr}}}, 0x80, &(0x7f0000000200)=[{&(0x7f00000005c0)="a6", 0x1}], 0x1}, 0x1) 2018/04/11 11:46:37 executing program 7: 2018/04/11 11:46:37 executing program 2: 2018/04/11 11:46:37 executing program 0: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10}, 0x80, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007fbdb72d1cb2a4a280930a0600fec0a8430991000000390008001a000500000000001900a30700000000000000dc1338d54400009b84136ef75afb83de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000006000)}, 0x0) 2018/04/11 11:46:37 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={&(0x7f0000b9343a)={0x10}, 0xc, &(0x7f00005a1000)={&(0x7f0000f7ffa8)=@ipv4_delroute={0x24, 0x19, 0x1, 0x0, 0x0, {0x2, 0x20, 0x0, 0x0, 0xff}, [@RTA_DST={0x8, 0x1, @loopback=0x7f000001}]}, 0x24}, 0x1}, 0x0) 2018/04/11 11:46:37 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x47}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x0, 0x1, 0x28}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0xfffffffffffffffc, 0x418, &(0x7f00001a7f05)=""/251}, 0x48) 2018/04/11 11:46:37 executing program 3: syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2}, @link_local={0x1, 0x80, 0xc2}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback=0x7f000001, @remote={0xac, 0x14, 0x14, 0xbb}}, @udp={0x0, 0x0, 0x8}}}}}, &(0x7f0000000000)) 2018/04/11 11:46:37 executing program 0: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10}, 0x80, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007fbdb72d1cb2a4a280930a0600fec0a8430991000000390008001a000500000000001900a30700000000000000dc1338d54400009b84136ef75afb83de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000006000)}, 0x0) 2018/04/11 11:46:37 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000415fc8)={&(0x7f000034c000)={0x10}, 0xc, &(0x7f00000daff0)={&(0x7f0000417e08)=@newsa={0x180, 0x10, 0x203, 0x0, 0x0, {{@in, @in=@multicast1=0xe0000001}, {@in6=@loopback={0x0, 0x1}, 0x0, 0x33}, @in=@remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x90, 0x14, {{'md5\x00'}, 0x208, 0x0, "596b2e52c93ede8438070e8ace8185c67d508875c7cdf9240034e9e00daffab47bf52d0080bd05b9e6a73df622d663309cc010ab01b4abf4febc2f78fd2c07fdd4"}}]}, 0x180}, 0x1}, 0x0) 2018/04/11 11:46:37 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f0000d84ffc)=0xa0, 0x4) setsockopt$sock_int(r0, 0x1, 0x80000000009, &(0x7f0000f0fffc)=0x77a, 0x4) connect$inet(r0, &(0x7f0000000040)={0x2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000000)=0x3a, 0x4) 2018/04/11 11:46:37 executing program 3: r0 = socket$inet(0x11, 0x40000000000803, 0x0) sendmsg(r0, &(0x7f000087dfc8)={&(0x7f000005e000)=@nfc_llcp={0x27, 0x9, 0x0, 0x0, 0x0, 0x0, "f0aeec0d840130e5c5485e44a7627f9a8864abed4d4460dd5b1a0182c6c84a143e64f31d1c11349c949054860b9c131950a610e2736612827582530c3c1df9"}, 0x60, &(0x7f0000000380), 0x9c}, 0x0) 2018/04/11 11:46:37 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={&(0x7f0000b9343a)={0x10}, 0xc, &(0x7f00005a1000)={&(0x7f0000f7ffa8)=@ipv4_delroute={0x24, 0x19, 0x1, 0x0, 0x0, {0x2, 0x20, 0x0, 0x0, 0xff}, [@RTA_DST={0x8, 0x1, @loopback=0x7f000001}]}, 0x24}, 0x1}, 0x0) [ 58.991845] ================================================================== [ 58.999246] BUG: KMSAN: uninit-value in csum_partial_copy_to_user+0x450/0x500 [ 59.006505] CPU: 0 PID: 5140 Comm: syz-executor4 Not tainted 4.16.0+ #83 [ 59.013334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.022681] Call Trace: [ 59.025266] dump_stack+0x185/0x1d0 [ 59.028880] ? csum_partial_copy_to_user+0x450/0x500 [ 59.033971] kmsan_report+0x142/0x240 [ 59.037764] __msan_warning_32+0x6c/0xb0 [ 59.041817] csum_partial_copy_to_user+0x450/0x500 [ 59.046743] csum_and_copy_to_iter+0x3dc/0x2140 [ 59.051399] ? kmsan_set_origin_inline+0x6b/0x120 [ 59.056223] ? __msan_poison_alloca+0x15c/0x1d0 [ 59.060880] skb_copy_and_csum_datagram+0x6d2/0x1080 [ 59.065983] skb_copy_and_csum_datagram_msg+0x557/0x960 [ 59.071348] udpv6_recvmsg+0xc65/0x29e0 [ 59.075320] ? udp6_lib_lookup_skb+0x240/0x240 [ 59.079881] inet_recvmsg+0x4c2/0x5f0 [ 59.083670] sock_recvmsg+0x1d0/0x230 [ 59.087461] ? inet_sendpage+0x8c0/0x8c0 [ 59.091510] ___sys_recvmsg+0x3fb/0x810 [ 59.095479] ? __fget_light+0x56/0x710 [ 59.099362] ? __fdget+0x4e/0x60 [ 59.102723] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 59.108081] ? __fget_light+0x6b9/0x710 [ 59.112062] SYSC_recvmsg+0x298/0x3c0 [ 59.115858] SyS_recvmsg+0x54/0x80 [ 59.119391] do_syscall_64+0x309/0x430 [ 59.123279] ? ___sys_recvmsg+0x810/0x810 [ 59.127427] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.132613] RIP: 0033:0x455259 [ 59.135800] RSP: 002b:00007f198c0b0c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 59.143498] RAX: ffffffffffffffda RBX: 00007f198c0b16d4 RCX: 0000000000455259 [ 59.150753] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000013 [ 59.158000] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 59.165253] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 59.172499] R13: 0000000000000496 R14: 00000000006f9eb0 R15: 0000000000000000 [ 59.179746] [ 59.181349] Uninit was created at: [ 59.184871] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 59.189863] kmsan_alloc_page+0x82/0xe0 [ 59.193816] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 59.198552] alloc_pages_current+0x6b5/0x970 [ 59.202951] skb_page_frag_refill+0x3ba/0x5e0 [ 59.207434] sk_page_frag_refill+0xa4/0x340 [ 59.211743] __ip6_append_data+0x1a20/0x4bb0 [ 59.216150] ip6_append_data+0x40e/0x6b0 [ 59.220212] udpv6_sendmsg+0xfd5/0x45b0 [ 59.224174] inet_sendmsg+0x48d/0x740 [ 59.227964] ___sys_sendmsg+0xec0/0x1310 [ 59.232005] SYSC_sendmsg+0x2a3/0x3d0 [ 59.235793] SyS_sendmsg+0x54/0x80 [ 59.239310] do_syscall_64+0x309/0x430 [ 59.243177] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.248338] ================================================================== [ 59.255673] Disabling lock debugging due to kernel taint [ 59.261106] Kernel panic - not syncing: panic_on_warn set ... [ 59.261106] [ 59.268457] CPU: 0 PID: 5140 Comm: syz-executor4 Tainted: G B 4.16.0+ #83 [ 59.276576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.285918] Call Trace: [ 59.288506] dump_stack+0x185/0x1d0 [ 59.292118] panic+0x39d/0x940 [ 59.295300] ? csum_partial_copy_to_user+0x450/0x500 [ 59.300382] kmsan_report+0x238/0x240 [ 59.304174] __msan_warning_32+0x6c/0xb0 [ 59.308224] csum_partial_copy_to_user+0x450/0x500 [ 59.313143] csum_and_copy_to_iter+0x3dc/0x2140 [ 59.317792] ? kmsan_set_origin_inline+0x6b/0x120 [ 59.322615] ? __msan_poison_alloca+0x15c/0x1d0 [ 59.327275] skb_copy_and_csum_datagram+0x6d2/0x1080 [ 59.332367] skb_copy_and_csum_datagram_msg+0x557/0x960 [ 59.337715] udpv6_recvmsg+0xc65/0x29e0 [ 59.341679] ? udp6_lib_lookup_skb+0x240/0x240 [ 59.346239] inet_recvmsg+0x4c2/0x5f0 [ 59.350035] sock_recvmsg+0x1d0/0x230 [ 59.353823] ? inet_sendpage+0x8c0/0x8c0 [ 59.357870] ___sys_recvmsg+0x3fb/0x810 [ 59.361838] ? __fget_light+0x56/0x710 [ 59.365708] ? __fdget+0x4e/0x60 [ 59.369065] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 59.374420] ? __fget_light+0x6b9/0x710 [ 59.378376] SYSC_recvmsg+0x298/0x3c0 [ 59.382175] SyS_recvmsg+0x54/0x80 [ 59.385704] do_syscall_64+0x309/0x430 [ 59.389573] ? ___sys_recvmsg+0x810/0x810 [ 59.393705] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.398879] RIP: 0033:0x455259 [ 59.402055] RSP: 002b:00007f198c0b0c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 59.409757] RAX: ffffffffffffffda RBX: 00007f198c0b16d4 RCX: 0000000000455259 [ 59.417008] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000013 [ 59.424271] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 59.431530] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 59.438780] R13: 0000000000000496 R14: 00000000006f9eb0 R15: 0000000000000000 [ 59.446474] Dumping ftrace buffer: [ 59.449994] (ftrace buffer empty) [ 59.453677] Kernel Offset: disabled [ 59.457279] Rebooting in 86400 seconds..