INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.3' (ECDSA) to the list of known hosts. 2018/04/07 08:08:37 fuzzer started 2018/04/07 08:08:38 dialing manager at 10.128.0.26:38639 2018/04/07 08:08:44 kcov=true, comps=false 2018/04/07 08:08:46 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/protocols\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/179, 0xb3}], 0x1f4, 0x40000003) 2018/04/07 08:08:46 executing program 2: mkdir(&(0x7f00000e1000)='./file0\x00', 0x0) r0 = open(&(0x7f0000851000)='./file0\x00', 0x0, 0x0) mkdirat(r0, &(0x7f000003f154)='./file0\x00', 0x0) utimensat(r0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={{0x77359400}}, 0x0) 2018/04/07 08:08:46 executing program 7: 2018/04/07 08:08:46 executing program 3: 2018/04/07 08:08:46 executing program 1: 2018/04/07 08:08:46 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000205fe9)='net\x00') fstat(r0, &(0x7f0000001cc0)) 2018/04/07 08:08:46 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000100), &(0x7f0000000140)=0x8) 2018/04/07 08:08:46 executing program 6: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x0, 0x0, 0x0, 0x7}, 0x1c) syzkaller login: [ 43.194182] ip (3763) used greatest stack depth: 54672 bytes left [ 43.346788] ip (3776) used greatest stack depth: 54408 bytes left [ 43.488699] ip (3792) used greatest stack depth: 54312 bytes left [ 44.592844] ip (3898) used greatest stack depth: 54200 bytes left [ 44.732146] ip (3910) used greatest stack depth: 53960 bytes left [ 46.351650] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.603290] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.739749] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.772221] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.808665] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.839667] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.932095] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.991782] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.044348] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.280602] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.453124] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.476272] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.485675] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.549192] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.756339] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.788658] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.794895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.806609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.001983] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.042650] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.048911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.063586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.256576] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.262827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.275190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.305701] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.315244] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.321395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.333153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.347554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.361081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.377776] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.383978] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.393988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.591096] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.599095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.609478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.804575] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.810832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.820768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/07 08:09:03 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(r0, 0x541f, 0x0) 2018/04/07 08:09:03 executing program 1: r0 = socket$inet6(0xa, 0x80005, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@loopback={0x0, 0x1}}, 0x30b8d4465f12c189) 2018/04/07 08:09:03 executing program 4: unshare(0x400) pipe(&(0x7f0000000000)={0xffffffffffffffff}) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r0, &(0x7f0000000180), &(0x7f0000000280)=""/82}, 0x18) 2018/04/07 08:09:03 executing program 2: clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000313000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xfffffffffffffffc) dup2(0xffffffffffffffff, 0xffffffffffffff9c) 2018/04/07 08:09:03 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rt6_stats\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f0000011fc2)=""/62, 0x3e}], 0x2000000000000129, 0x0) 2018/04/07 08:09:03 executing program 7: r0 = add_key(&(0x7f0000943000)='keyring\x00', &(0x7f0000f02ffb)={0x73, 0x79, 0x7a}, &(0x7f00004defd8), 0x0, 0xffffffffffffffff) keyctl$setperm(0x5, r0, 0x0) keyctl$set_timeout(0xf, r0, 0x0) 2018/04/07 08:09:03 executing program 6: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x6, &(0x7f00006ec000), 0xfffffffffffffd97) 2018/04/07 08:09:03 executing program 5: mkdir(&(0x7f0000632000)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000012ff8)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f000001effd)='./file1\x00', r0, &(0x7f0000012ff8)='./file0\x00') linkat(r0, &(0x7f000001b000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000017000)='./file1\x00', 0x0) 2018/04/07 08:09:03 executing program 0: socketpair$unix(0x1, 0x1000000000005, 0x0, &(0x7f0000eac000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000021ff0)={0x2, &(0x7f0000016000)=[{0x28, 0x0, 0x0, 0xfffffffffffff010}, {0x6}]}, 0x10) write(r1, &(0x7f0000000140), 0x0) 2018/04/07 08:09:03 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000219fa8)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/04/07 08:09:03 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000bab000)={0x1, {{0x2, 0x4e20, @multicast1=0xe0000001}}}, 0xfee5) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000000)={0x100000001, {{0x2, 0x4e20, @multicast1=0xe0000001}}, {{0x2, 0x4e20, @multicast1=0xe0000001}}}, 0x108) 2018/04/07 08:09:03 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$inet_int(r0, 0x0, 0x12, &(0x7f00000010c0), &(0x7f0000001100)=0x4) 2018/04/07 08:09:03 executing program 7: syz_emit_ethernet(0x16, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2}, @dev={[0xaa, 0xaa, 0xaa, 0xaa]}, [], {@mpls_mc={0x8848, {[], @llc={@snap={0x0, 0x0, '}', "6a9b78"}}}}}}, &(0x7f0000003fec)) 2018/04/07 08:09:03 executing program 4: syz_emit_ethernet(0x195, &(0x7f0000ea7cfa)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c000e2", 0x3, 0x2b, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@echo_reply={0x81}}}}}}, 0x0) 2018/04/07 08:09:03 executing program 5: r0 = socket(0xa, 0x80003, 0x1) setsockopt(r0, 0xff, 0x0, &(0x7f0000000040), 0x0) 2018/04/07 08:09:04 executing program 1: r0 = memfd_create(&(0x7f0000002901)='dev ', 0x0) write(r0, &(0x7f0000000000)="16", 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0) nanosleep(&(0x7f00000001c0)={0x77359400}, &(0x7f0000000200)) 2018/04/07 08:09:04 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00003bc000)=[{&(0x7f0000549000)="29000000200019fff63d0014000000060200001615de0005000000040d000a000000000000f9000008", 0x29}], 0x1) 2018/04/07 08:09:04 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001b4ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) ioctl$TCSETS(r0, 0x5402, &(0x7f0000235000)) 2018/04/07 08:09:04 executing program 4: mkdir(&(0x7f000002b000)='./file0\x00', 0x0) r0 = open$dir(&(0x7f000001bff4)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000020000/0x1000)=nil, 0x1000, 0x0, 0x100000000a012, r0, 0x0) [ 58.205154] netlink: 'syz-executor7': attribute type 10 has an invalid length. [ 58.469943] mmap: syz-executor2 (5070) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. 2018/04/07 08:09:04 executing program 0: futex(&(0x7f000000cffc)=0x4, 0x9, 0x4, &(0x7f0000000000)={0x77359400}, &(0x7f0000048000), 0x2) futex(&(0x7f000000cffc), 0xa, 0x0, &(0x7f00000001c0)={0xfffffffffffffffc, 0x100000000000000}, &(0x7f0000000100), 0x20) 2018/04/07 08:09:04 executing program 5: futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000dac000)={0x77359400}, &(0x7f00000001c0), 0x0) 2018/04/07 08:09:04 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f000061c000)='setgroups\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/69, 0x45}], 0x1, 0x0) 2018/04/07 08:09:04 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000100)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(r0, &(0x7f0000000300)=[{{0x0, 0x7530}, 0x1}], 0x10) 2018/04/07 08:09:04 executing program 4: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000003fc8)={&(0x7f00000001c0)=@nl=@proc={0x10}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)="5500000018007fafb72d1cb2a4a280930206000000a8430b7526236925000f0000040149bd50ca8a9848a3c728f1c46b7b31afdc1338d54400009b84136ef75afb83de448daa7227c43ab8220000bf0cec4fab91d4", 0x55}], 0x1, &(0x7f0000004000)=[{0xd0, 0x12d, 0x8, "a1247d7fe1f1e509729e71e65bda8812d67252edf81af73fb2b344972b18d22b7dbb57b2bba208c1a162bd9ee3cb16348c7c8e0ab21d21ed7b4d833539d2b084606cac6f3b0248a70b7581f6d896f338abfce46b5071d913d133da2df6ae356352d80a7c0000614733636b56a7ba3448c31750dc4c40ba6bf150360bf404e37c819e17e19aa27660bd42276137122fcb45062d217942adeaf650b5948d5f075d9ba1bdc0fdc67c662da2a085fe19214500d7067df324ecddbd"}, {0x78, 0x1ff, 0x100000000, "eb5c080f44c766265833eef9af3cf24b5dddedf6d7a21c147e9344c88e5fc3f5c5fac66bb00d1274350555489354ca7e9071eb739181cfe61215ec2fd7d2e5ed5083d632dfad3fd100f2486f55838d756d893443acabd3614673a05bfb4cb67fc0ca5c96b3c29da1"}, {0x98, 0x10f, 0x5, "ec928f683b0ff6b3ec5a6ebe759b8308996f34e22bb8c36fdf9149b0c0beb3999f770858ce70a857d9d0aee2d1317d96d05741f7ca22899e98ad0fc4c96474e5ead8d58426323657fe2a8da9446331b6b068287cb5312f693378a220d4ee16c31b20ebfd930073ef4523b4dc478a0e5604bf7cb50c29aee1cfbda4864eeca03993f18220ed"}], 0x1e0}, 0x0) 2018/04/07 08:09:04 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f00000001c0)="290000001900ff0100000000000000020af5ffffff00ff06800800000d0009000900001961932d46d4", 0x29}], 0x1) 2018/04/07 08:09:04 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x10, &(0x7f0000000180), 0x0) 2018/04/07 08:09:04 executing program 6: r0 = socket$inet(0x2, 0x80000000003, 0x2) setsockopt$inet_dccp_buf(0xffffffffffffffff, 0x21, 0x0, &(0x7f00000000c0), 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f000024d000)=0x7fe, 0x4) sendto$inet(r0, &(0x7f00002df000), 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr}, 0x10) recvmsg(r0, &(0x7f0000000a40)={&(0x7f00000004c0)=@alg, 0x58, &(0x7f0000000940)=[{&(0x7f0000000880)=""/147, 0x93}], 0x1, &(0x7f00000009c0)=""/86, 0x56}, 0x2000) [ 58.745130] ================================================================== [ 58.752544] BUG: KMSAN: uninit-value in inet6_rtm_delroute+0x304/0x720 [ 58.759212] CPU: 1 PID: 5144 Comm: syz-executor7 Not tainted 4.16.0+ #81 [ 58.766043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.775390] Call Trace: [ 58.777977] dump_stack+0x185/0x1d0 [ 58.781607] ? inet6_rtm_delroute+0x304/0x720 [ 58.786100] kmsan_report+0x142/0x240 [ 58.789901] __msan_warning_32+0x6c/0xb0 [ 58.793965] inet6_rtm_delroute+0x304/0x720 [ 58.798314] ? inet6_rtm_newroute+0x26a0/0x26a0 [ 58.802987] rtnetlink_rcv_msg+0xa32/0x1560 [ 58.807322] ? do_iter_write+0x30d/0xd40 [ 58.811391] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 58.816751] ? do_iter_readv_writev+0x7bb/0x970 [ 58.821416] ? do_iter_write+0x30d/0xd40 [ 58.825469] ? do_writev+0x3c9/0x830 [ 58.829180] ? SYSC_writev+0x9b/0xb0 [ 58.832891] ? SyS_writev+0x56/0x80 [ 58.836512] ? do_syscall_64+0x309/0x430 2018/04/07 08:09:04 executing program 2: getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x38, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, @in6={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x80000001}]}, &(0x7f0000000200)=0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @multicast1=0xe0000001}, @in6={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80}}, @in6={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}], 0xc) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x60, &(0x7f0000000000), 0x0) [ 58.840575] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 58.845949] ? _raw_spin_unlock_bh+0x57/0x70 [ 58.850379] ? __local_bh_enable_ip+0x3b/0x140 [ 58.854961] ? _raw_spin_unlock_bh+0x57/0x70 [ 58.859370] ? kmsan_set_origin_inline+0x6b/0x120 [ 58.864215] ? kmsan_set_origin+0x9e/0x160 [ 58.868452] netlink_rcv_skb+0x355/0x5f0 [ 58.872527] ? rtnetlink_bind+0x120/0x120 [ 58.876678] rtnetlink_rcv+0x50/0x60 [ 58.880396] netlink_unicast+0x1672/0x1750 [ 58.884641] ? rtnetlink_net_exit+0xa0/0xa0 [ 58.888971] netlink_sendmsg+0x1048/0x1310 [ 58.893217] ? netlink_getsockopt+0xc80/0xc80 [ 58.897710] sock_write_iter+0x3b9/0x470 [ 58.901777] ? sock_read_iter+0x480/0x480 [ 58.905926] do_iter_readv_writev+0x7bb/0x970 [ 58.910426] ? sock_read_iter+0x480/0x480 [ 58.914572] do_iter_write+0x30d/0xd40 [ 58.918458] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 58.923918] do_writev+0x3c9/0x830 [ 58.927468] ? syscall_return_slowpath+0xe9/0x700 [ 58.932324] SYSC_writev+0x9b/0xb0 [ 58.935868] SyS_writev+0x56/0x80 [ 58.939323] do_syscall_64+0x309/0x430 [ 58.943217] ? SYSC_readv+0xb0/0xb0 [ 58.946847] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 58.952031] RIP: 0033:0x455259 [ 58.955212] RSP: 002b:00007f620902cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 58.962920] RAX: ffffffffffffffda RBX: 00007f620902d6d4 RCX: 0000000000455259 [ 58.970185] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000013 [ 58.977446] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 58.984718] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 58.991984] R13: 00000000000006cd R14: 00000000006fd3d8 R15: 0000000000000000 [ 58.999245] [ 59.000862] Uninit was created at: [ 59.004405] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 59.009510] kmsan_kmalloc+0x94/0x100 [ 59.013307] kmsan_slab_alloc+0x11/0x20 [ 59.017282] __kmalloc_node_track_caller+0xaed/0x11c0 [ 59.022642] __alloc_skb+0x2cf/0x9f0 [ 59.026358] netlink_sendmsg+0x9a6/0x1310 [ 59.030510] sock_write_iter+0x3b9/0x470 [ 59.034578] do_iter_readv_writev+0x7bb/0x970 [ 59.039069] do_iter_write+0x30d/0xd40 [ 59.042951] do_writev+0x3c9/0x830 2018/04/07 08:09:05 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x4e20, 0x0, @local={0xfe, 0x80, [], 0xaa}}}, 0x0, 0x5, 0x0, "d898760a608655cdd122b7aae6777de2b6d61f3426116a044800a28586f0363b30b2e13b4dde1df995d151c2a717f5d046be5fd4d3cae6eb6715077452ed8575a6d8b6805619337678a5377f2cc5e781"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x0, @local={0xfe, 0x80, [], 0xaa}}}, 0x0, 0x0, 0x0, "d352b4d9cc03f9f8403258a432b135175450d3afb7f5696bd65674ce2e5ebf691563cc0f27ccf799aaa609152bb58903abf50bfbc20cb05519ab8e059e15f3f754813cd073c7bf449316f1a85917f2cd"}, 0x152) close(r0) [ 59.046492] SYSC_writev+0x9b/0xb0 [ 59.050032] SyS_writev+0x56/0x80 [ 59.053485] do_syscall_64+0x309/0x430 [ 59.057372] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.062549] ================================================================== [ 59.069901] Disabling lock debugging due to kernel taint [ 59.075344] Kernel panic - not syncing: panic_on_warn set ... [ 59.075344] [ 59.082703] CPU: 1 PID: 5144 Comm: syz-executor7 Tainted: G B 4.16.0+ #81 [ 59.090830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.100173] Call Trace: [ 59.102772] dump_stack+0x185/0x1d0 [ 59.106398] panic+0x39d/0x940 [ 59.109613] ? inet6_rtm_delroute+0x304/0x720 [ 59.114103] kmsan_report+0x238/0x240 [ 59.117905] __msan_warning_32+0x6c/0xb0 [ 59.121968] inet6_rtm_delroute+0x304/0x720 [ 59.126306] ? inet6_rtm_newroute+0x26a0/0x26a0 [ 59.130978] rtnetlink_rcv_msg+0xa32/0x1560 [ 59.135313] ? do_iter_write+0x30d/0xd40 [ 59.139379] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.144744] ? do_iter_readv_writev+0x7bb/0x970 [ 59.149411] ? do_iter_write+0x30d/0xd40 [ 59.153466] ? do_writev+0x3c9/0x830 [ 59.157182] ? SYSC_writev+0x9b/0xb0 [ 59.160892] ? SyS_writev+0x56/0x80 [ 59.164514] ? do_syscall_64+0x309/0x430 [ 59.168573] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.173935] ? _raw_spin_unlock_bh+0x57/0x70 [ 59.178348] ? __local_bh_enable_ip+0x3b/0x140 [ 59.182945] ? _raw_spin_unlock_bh+0x57/0x70 [ 59.187367] ? kmsan_set_origin_inline+0x6b/0x120 [ 59.192213] ? kmsan_set_origin+0x9e/0x160 [ 59.196454] netlink_rcv_skb+0x355/0x5f0 [ 59.200526] ? rtnetlink_bind+0x120/0x120 [ 59.204680] rtnetlink_rcv+0x50/0x60 [ 59.208395] netlink_unicast+0x1672/0x1750 [ 59.212636] ? rtnetlink_net_exit+0xa0/0xa0 [ 59.216962] netlink_sendmsg+0x1048/0x1310 [ 59.221204] ? netlink_getsockopt+0xc80/0xc80 [ 59.225703] sock_write_iter+0x3b9/0x470 [ 59.229770] ? sock_read_iter+0x480/0x480 [ 59.233910] do_iter_readv_writev+0x7bb/0x970 [ 59.238408] ? sock_read_iter+0x480/0x480 [ 59.242554] do_iter_write+0x30d/0xd40 [ 59.246441] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 59.251899] do_writev+0x3c9/0x830 [ 59.255444] ? syscall_return_slowpath+0xe9/0x700 [ 59.260297] SYSC_writev+0x9b/0xb0 [ 59.264277] SyS_writev+0x56/0x80 [ 59.267729] do_syscall_64+0x309/0x430 [ 59.271617] ? SYSC_readv+0xb0/0xb0 [ 59.275245] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.280427] RIP: 0033:0x455259 [ 59.283608] RSP: 002b:00007f620902cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 2018/04/07 08:09:05 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000380)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x9}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x11, &(0x7f0000005ffc)=0x2, 0x4) [ 59.291311] RAX: ffffffffffffffda RBX: 00007f620902d6d4 RCX: 0000000000455259 [ 59.298573] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000013 [ 59.305838] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 59.313101] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 59.320366] R13: 00000000000006cd R14: 00000000006fd3d8 R15: 0000000000000000 [ 59.328045] Dumping ftrace buffer: [ 59.331566] (ftrace buffer empty) [ 59.335246] Kernel Offset: disabled [ 59.338845] Rebooting in 86400 seconds..