INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts. 2018/04/07 08:20:44 fuzzer started 2018/04/07 08:20:45 dialing manager at 10.128.0.26:38639 2018/04/07 08:20:51 kcov=true, comps=false 2018/04/07 08:20:53 executing program 0: r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000bc4ff0)=@req={0x3fc, 0x0, 0x3}, 0x7f) dup3(r1, r0, 0x0) 2018/04/07 08:20:53 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000009c0)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000016000)={0x10}, 0xc, &(0x7f000000b000)={&(0x7f0000000a00)=@setlink={0x34, 0x13, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_XDP={0x14, 0x2b, [@nested={0x10, 0x3, [@typed={0x4, 0x0, @fd}]}]}]}, 0x34}, 0x1}, 0x0) 2018/04/07 08:20:53 executing program 7: r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x89f1, &(0x7f0000000140)={'ip6tnl0\x00', @ifru_addrs=@in={0x2, 0x4e20, @rand_addr}}) 2018/04/07 08:20:53 executing program 1: r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', @ifru_addrs=@in={0x2, 0x4e20, @rand_addr}}) 2018/04/07 08:20:53 executing program 4: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$user(&(0x7f0000ef5000)='user\x00', &(0x7f00008fa000)={0x73, 0x79, 0x7a}, &(0x7f0000537ffd)='\x00', 0x1, r1) r3 = add_key$user(&(0x7f0000688000)='user\x00', &(0x7f00008d9ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000f19edc)="b33ab76079ebe0d14f729cd653e520d29ad7ef0000000000000044c249b544230b9387fb8bd6ed266ccf59ef70995bf2e8e0ecd3fff32853747eda22d2818d08ca27e0ec821620e365a0e6b9485f2d925493f62113e33e5f8c7eba67fc19a9497f5b07e5849d2e875b066cd6401d36616fe0f3c3002801b4627ee7597689525e8e81f750a86eb580fb4690ea52246bd3d32b1a91f944edb74b1f50ae08c5387ed8fd0598b600579f3af3f864e1c324f6928f6672f98f7e149bd61bd78b506e8b", 0xc0, r1) r4 = request_key(&(0x7f0000a98ffb)='user\x00', &(0x7f0000626000)={0x73, 0x79, 0x7a}, &(0x7f0000dde000)="2f6465612f7675746f66730719", 0x0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r3, r2}, &(0x7f0000000180)=""/42, 0x2a, &(0x7f0000000140)={&(0x7f0000000200)={'sha256\x00'}}) 2018/04/07 08:20:53 executing program 3: r0 = socket(0xa, 0x2000000001, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000fff)={0x10000}) getsockopt(r0, 0x0, 0x53, &(0x7f0000001000)=""/8, &(0x7f0000000ffc)=0x5) 2018/04/07 08:20:53 executing program 5: ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000080)=@add_del={0x2, &(0x7f0000000000)='dummy0\x00'}) r0 = syz_open_procfs(0x0, &(0x7f0000cdcff8)='cmdline\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f0000d7f000)=""/1, 0x1}], 0x35, 0x0) 2018/04/07 08:20:53 executing program 6: r0 = syz_open_dev$sndseq(&(0x7f0000783000)='/dev/snd/seq\x00', 0x0, 0x0) readv(r0, &(0x7f0000000200)=[{&(0x7f00000001c0)=""/13, 0xd}], 0x1) syzkaller login: [ 42.655280] ip (3737) used greatest stack depth: 54672 bytes left [ 43.550729] ip (3820) used greatest stack depth: 54104 bytes left [ 44.038997] ip (3868) used greatest stack depth: 53976 bytes left [ 44.777628] ip (3934) used greatest stack depth: 53656 bytes left [ 46.067320] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.539234] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.567695] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.592617] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.650725] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.668735] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.859948] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.955959] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.039162] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.156203] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.239877] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.306438] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.489843] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.519684] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.585875] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.720107] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.767071] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.773304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.786592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.851951] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.858214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.866659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.972215] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.978473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.991182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.091800] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.098228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.109595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.267261] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.273496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.283865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.372959] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.380989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.410182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.440016] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.448353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.467699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.534196] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.540426] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.554669] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/07 08:21:10 executing program 0: r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000bc4ff0)=@req={0x3fc, 0x0, 0x3}, 0x7f) dup3(r1, r0, 0x0) 2018/04/07 08:21:10 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x400000009, &(0x7f0000000080)=0x4, 0x389) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000bfcffc), &(0x7f0000d12ffc)=0x4) 2018/04/07 08:21:10 executing program 7: capset(&(0x7f0000a31000)={0x19980330}, &(0x7f00009b3000)) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'ip_vti0\x00', &(0x7f00000000c0)=@ethtool_dump}) 2018/04/07 08:21:10 executing program 4: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x801, 0x0) ioctl$KDGETMODE(r0, 0x4004510d, &(0x7f0000007ff8)) 2018/04/07 08:21:10 executing program 1: r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000000)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$restrict_keyring(0x1d, r0, 0x0, 0x0) add_key$user(&(0x7f0000000300)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000200)='p', 0x1, r0) 2018/04/07 08:21:10 executing program 5: mkdir(&(0x7f000000e000)='./control\x00', 0x0) r0 = open(&(0x7f0000021000)='./control\x00', 0x0, 0x0) mknodat(r0, &(0x7f000064f000)='./control\x00', 0x40000000000c085, 0x0) faccessat(r0, &(0x7f0000000000)='./control\x00', 0x3, 0x0) 2018/04/07 08:21:10 executing program 6: r0 = socket$inet6(0xa, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x8927, &(0x7f0000000000)={'vcan0\x00', @ifru_mtu}) 2018/04/07 08:21:10 executing program 3: futex(&(0x7f000000cffc)=0x4, 0x9, 0x4, &(0x7f0000000000)={0x77359400}, &(0x7f0000048000), 0x101) futex(&(0x7f000000cffc), 0xa, 0x0, &(0x7f00006f7000)={0xfffffffffffffffc, 0x100000000000000}, &(0x7f0000000080), 0x20) [ 57.648675] capability: warning: `syz-executor7' uses 32-bit capabilities (legacy support in use) 2018/04/07 08:21:10 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_dump={0x3e}}) 2018/04/07 08:21:10 executing program 4: r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_int(r0, 0x29, 0x12, &(0x7f0000000000), 0x4) sendto$inet6(r0, &(0x7f0000a05ae2), 0x0, 0x0, &(0x7f0000658fe4)={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) 2018/04/07 08:21:10 executing program 0: r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000013000)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="240000002000039c59000000000000a50a07e5000086c497271d856806000200d100737a", 0x24}], 0x1}, 0x0) 2018/04/07 08:21:10 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000240)=0xc) setreuid(0x0, r1) 2018/04/07 08:21:10 executing program 7: mq_open(&(0x7f0000000100)='.\x00', 0x0, 0x0, &(0x7f0000000140)) 2018/04/07 08:21:10 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f000001effd)='/', r0, &(0x7f0000d06ff8)='./file0\x00') chroot(&(0x7f0000157000)='./file0\x00') renameat2(r0, &(0x7f0000000000)='./file0/file0/file0\x00', r0, &(0x7f000016517f)='./file0/', 0x0) 2018/04/07 08:21:10 executing program 6: r0 = socket$inet(0x2, 0x2, 0x0) mmap(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000005ffc), &(0x7f0000000000)=0x1) 2018/04/07 08:21:11 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00') getdents(r0, &(0x7f0000000200)=""/30, 0x1e) getdents(r0, &(0x7f0000000080), 0x3b9) 2018/04/07 08:21:11 executing program 2: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt(r0, 0x114, 0xa, &(0x7f0000001000)='\x00\x00\x00\x00', 0x4) 2018/04/07 08:21:11 executing program 6: symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') readlink(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)=""/224, 0xe0) readlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=""/92, 0x5c) 2018/04/07 08:21:11 executing program 0: r0 = socket$inet(0xa, 0x6, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@broute={'broute\x00', 0x20, 0x1, 0x1b8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000080], 0x0, &(0x7f0000000040), &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000030000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000050000000000000000001c345505cf1c0a59ed621bb1ec6c149e73797a00000000000000000000000000de6b2036c42e2c5fa997f5fc00e3a27d65716c00000000000000000000000000aaaaaaaa00bb000000000000000000000000000000000000000078000000f00000002801000072656469726563740000000000000017000000000000000000000000000000000800000000000000ffffffff000000004c4544000000000000000000000000000000000000000000000000000000000028000045fa864d1f6c4919300000000000000000000000000000000000000000000000000000000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000ffffffff1b00000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff00000000"]}, 0x230) 2018/04/07 08:21:11 executing program 4: r0 = add_key(&(0x7f0000015000)='logon\x00', &(0x7f0000014000)={0x73, 0x79, 0x7a}, &(0x7f0000014000)="578ea44f6ba3a636ffe97fbf75d7f372f0e7dc32856ed7aba5b6170997cd8b3e7f4fb91f56a1d51d0440a1121990753224a83c0fabcdf91de1ac17b66df943ab65c55d35edaefad0633a", 0x4a, 0xffffffffffffffff) keyctl$read(0xb, r0, &(0x7f0000000000)=""/4096, 0x1000) 2018/04/07 08:21:11 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00004aeff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fde49f)=0x19) ppoll(&(0x7f0000000000)=[{r1}], 0x1, &(0x7f0000000040), &(0x7f0000000080), 0x8) 2018/04/07 08:21:11 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000058790)='/dev/input/event#\x00', 0x2, 0x28001) write$evdev(r0, &(0x7f00004a1000)=[{{}, 0x11, 0x100}], 0x18) 2018/04/07 08:21:11 executing program 1: r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x89f2, &(0x7f00000000c0)={'tunl0\x00', @ifru_addrs=@in={0x2, 0x4e20, @rand_addr}}) 2018/04/07 08:21:11 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000fc0000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000000)={0x20000000, 0x0, &(0x7f0000fb7ffe)}) 2018/04/07 08:21:11 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'ip6_vti0\x00', &(0x7f0000000000)=@ethtool_cmd={0x1f}}) 2018/04/07 08:21:11 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_ifreq(r0, 0x8995, &(0x7f00000000c0)={'tunl0\x00', @ifru_data=&(0x7f0000000080)="a6364e123250336d67739b0bfeed0dad2d1ea59a4050cf33e209f36cc0fb9490"}) 2018/04/07 08:21:11 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@loopback={0x0, 0x1}, 0x800, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f00001e0ffc)=0x6, 0x4) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000140)={@loopback={0x0, 0x1}, 0x0, 0x0, 0x2, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80}, 0x0, 0x0, 0x1, 0x1}, 0x20) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x800, @loopback={0x0, 0x1}}, 0x1c) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000340)={@mcast1={0xff, 0x1, [], 0x1}}, &(0x7f00000000c0)=0x20) 2018/04/07 08:21:11 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000000)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000180)={0x0, 0x0, {0x1, 0x0, 0x0, 0x803}}) 2018/04/07 08:21:11 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000002ff5)='/dev/vcsa#\x00', 0x2, 0x1) write(r0, &(0x7f0000022000)="a74f9540ff07520c5a9ec05a2c8013d53fd7c66b678f11032ee52509e872ff8ea5b03f8cd09139bf9f3a73cfd3d2c4f69f7a298b7bdb6026717234d0d056b4058205d5911c487b9fcc3b5a024073766a6fe08393a51cdba75c4823eb0651bb901c18cc6c21e1bc3dc43b98b89ee8a89e24545fcc16262c4c84f140a8affde6fb84fddee1256d7d2c6b086d1617235500326816243113750afdc7f882e8de3d063bda0ceb265b49ac2a0672a3e9eb7766593f8d22e584b37fdfa5fb3a10391c2ec2a4c76bdcf8c5b0fd558705dff9e650a23c624979e7a811640e216cf6b7732c6d223843ddfe30446e9dd5a35d272934ed268af9e3d6b57ab97f9b29a70df83c32a8814895411e6512b6a8be7c2fa70c1a5cd2279bc6896ffbbe9f462d4510e691f5fd094d7213d649edbda81dbb869f39c41f788f36271c2cf6b4be00631eaef54f244c45378b0baba2c04cc390f161acaf5a90a9d06394369dbf27e333141cf3d31927d6fd0c29f2389b2135cf07f06184564b83a136b41f04b88888a3c71f702f4010f6ca20928e4a752e5ab216eb183682c9b803e3eb481cea86d4a9af14efdf6b5a6d5e7701f29bd87ddcf0aa1ae3c661b5ae8a701e4bbfe3b9ca71fd5ff86f388b77345b1d61ba9961deafdd69891398559decb58c0aa8cb5b088681cad47bbe22ccb2c89b95a56822cee3cbedb551a3fbf0bcc76524aeaac8997fb09bcbe1c354492c7df4fc8009fe10246192894c91364c93c587000000000000000177637a6ce93b1f09e7f2649bca711bbc96b851c1bd7188231d8a05f3b1c05772c3f306187832940ed17798b19a8318d96eda700f4e3ec9d7e6edd56e50090b99b141f05a98fbddbe32f6f7eba7f70854f4b93f80b6e7013b0e18428494345dada1a11026ddbc61d5ee93d38b5b4d99669a99bbbcec57f09104c21a46840eb798f1eec89e1133a2af27a21f2af94a141ff5737211764906d44a1686dece9780c633af3383966bc7355ae37881a2731022b4573b4eb2a381e00ea262495fc4aa616767f5bec31a19209577bfe37f5d87b333eb9ff03641bcc5628e2750010cea07c8c23cca563968f16b975194b310e50adb5903a9d8fcab5d9af8ba1a372d52233651b76d2e1143c3ddc387c1d66ad4f563d9adf354914c8418085e5b523e9d0001cffb2fbfeeb6f6c0f22e631adaf444984eedeaee2dad4d8d6ca03fbf93c04a81f02306506ca4db8d8eab529df81526f583698b20226bd87cd23d2531b8de9a49f2c38cf3cabd4b29cbc05f3f1ad49671c019a05c04d88ecca252d4ee7afc8fb6bee501f378629c34c50fddd7767064484c7e726e75c7d84de6ca035e0e6707f30e9a480f8371f80de537bbadd688e24b89fbb624cc1fe739126b002469938051f5683218d335102a84d0bcfb75b0c398e930adc1a606613d7ffe938d2f7277939f450d4eae43af613b0c0340ab26cece2a77eb55c758b3b14e511c05b070dd7913e57ade34190d17345999c91597dc36cfa65559e39e4d6ba91e90485734a97022fc7aa51d2de22a802b2d3f1e2b53d982caebec8753dba46bbac7e2cb76c0255ca236166c22a9ce966ab16420254a9713266f9916f4e05d6f6c2fd6ef1e8d8a6ff052c7402c52cae16d08964d7575529bb480fe7beddad52ebf7220978c978a78d891d3f112aa056554ec5707536b6a27ce3340bd4f498909335fe6e20f21a638a6176d4b33facf45d272fb66635cc1338f513011be80104f6acbf00a8329835cafd97386a20d7a0d9ec74ebed02d190db1558909643ad344ca55cbb30ea2b1618842e164562d045caaf8dea14e68ea06b0bc5654828ec5e719db9bc1725a7d01ad0d561cfcb2972ad0f39016d22534b461971d601428af797db95e7477fe432c8e6970730433c52a8c9dedd00b6895101232bc62e3907151d12c392925f415164d21255479bf72f6ff6ed8c7d5521929067b33c2c9bca189b0a2deb7435c9b4e805581dcd9d1a3e5314399abe58166376345e414c5445b293dc04634d654454dcb736fb571aecd0491d94d15db25e57862c7bf813f9f16a6a4137f1852d55c8d2d1ea0e598ddd7345cd057fc0805a410c4c739d923b0cd0c6a032ad900ad4e84c0821ced5ce84cd1afa9e6c4a1f5e99dfc0cdd4c146eb0cce18d414b4d86ecff0fa5cdeca598ffe221a2cb3b1857ee30d3f6b7a83ca313cf60080645a94277844fbf40c84d9074fda2c7b223a4bde379b8d2da750336c5032af55d2496241a9de77a6a53703ead8036792e0f370fe774d9500f76d541b3c3be1acc60479f07db1e61e0001244cb7e5511d860f8f31f8c01a2e97d082b0ec413051e49a54e65ffa3e4af4dd0e0f0fb227ab775937a2c42a4da381f2a457ac175799bcd5556a462b2096211f7efc487567cde7287afd71039b7fbc290161987cb74a5c3d5018188af7933e12a0d3681570933a562e9e883fcc63495c5f54c446433c07689937595628b07662cee923a1500519f4f52490205befd0ac832160b43cf40725b2c6dc22ed0fdf0f619d404b9399494b6b7aebb334f621d352ea233420884db5cbf8f94474142eaa30ce8e5415b6f6aa16a7606d67fd0fe485ddfdec992d2364c281993522b587c837e4363ca79b32d52b032ccf27083cf8d438378d5012d3db1e9706fb6bab465a3da9e5ebb9cbb1bc832a5b79775b6628ed72ce45af1d34aba76f5cc9a58bfe5309f55deb7a41bf16eda03c796c144c475805a6eb481ee2e74d6a6baab144d3c53ef6f075f624aa736ea66b6956e6c46a1684195b38fa604669dc624325e0c7582030c18f6a43c7a16ef2a8704e23cfd9ecc97e72335c07702fd3868d87da30e6668db7e87fddea5f8f0cad8da479fcdaa8817cffb5b3527f494a0147674746fb89536a8e590e41c9841a4d089ee513d8f0cbf79173951e66a1244dbd9d434fbfa0d63ff049a058de101cf545b811a669b701952e96c356f17f0ee3689f26c2ce6942e8f87af57732b36c5169f30776ceb344a25f00bc401b43fb04172bf5c28688d26a41aa13c45949f1a44666e63f109b6a9fe67c2e1645e40b6f577d73e03f202d5ceac0c1477089eefad9e74cec31cf5a280d314c8b1168977ea410114b402220091e7e390263e5b4b800abb8a227e07b22d212bc392463dc58518756e7e8a6de797a78cf09ef7862ac7c71bdc14a090c71f1e14ede1c97beece6cb32f0cde8fc7b961daab53f12e3fdc42109dcd53e12a50f823cb33fc9c537de23d5997bc6e0f6e4bd9cdbdd6cba5d9cc72370485d11d011d8a54b91e19ca5349bdd07b4bc68d17824bdeb3d0529541a10e69f9f14751c732c4118f20569632df63e747552dab2e533a0c84c260f2f4f586fc355ffda0725ec822b2a099f8f4e69d206e86bf38035e85a07bb862fae491d4dd91560bc069ad9f7d990524336185a95907fdf19bea5ad62c83cfd4478c7447d68661d2e09e617e4261a0223142d9f7f151425f586cfa86421a6249556a5ac4d1a2f8869ad6921421410fafcb023abf212dfc1d666dc9dc478cc4ecf45dfaced8fc56b65141887bd6aa14ed52c42087000cb4f66f7fc339065bbbcd42848fb078a58c39fd7c3b4f091f2a98e8ebf08f4df1bcc3e889b342ca011e6253e8eb4e83fbfffe04c2fef2dd345a9df0d738d8e7b90791ea13a659056aa949a1ce3685bb6e48e2adb14d42c2e1b108ba6ebf441ccf62ccc5d9c4116a0980eb2f71797f3091cf6dfca689896100196375686869f6b4ca95a6850243e5baf4456982e237daaf7b4638503caf6b0a8efd3dd4b8c5d0d79fba0bc504b32c5e9ad4788fe3a010f477174484568f464473be0ad07fe174bd1b8f61684eb8f26e976538d0725064dc868c854978be87f659128ac72ab7ed392f1e2ab477cf5ab6e029f332709eb02ae3a51bcd30ab41a5cc7be26b3438d2cbff2b85fd4d9cf2df48049af139ee4b1d01567642948ceb1de433b78486a4657bc78dcae560cb75477b7518f3a67ab2ccf96ef009b576d4113ee3e86b5e5acc0e68e695ac4eee91d5ba8465b7f214ed884acfb10828933bcfe697170d82659299fe109c0e8bf896b40ff1e4fd7f5c1270b08c1cbdfc8f4466a6d36911aed316ed00dedb4880574638cbbe3d41da9f6d7b86e897c40f57fd03d4bf98b33fb3b32576095eba9c1b633b5d243fdfe222bfc11ff1813d8915424db4300658f2cbe76521234697be621308a565b200577b16d3bbbb01c031706b92088f5a1f6d92bfeb9cbe90e3ce193a405854f61b9c07494345f088d853f5685fda148b79dbc9a5ae1b7f9075a35c2e1079130756b30bbf339edfcae77c90fe9301794673e92b408d7c5ac371c9d6a64d66399d124957475e0162635dfa810c85f6477753b2c7a8aee95fdcbae6fc0299fe3341e31e375623c5ba281d272598a5c20c49853ff320a17eb94e75422feef69c291ca7befa0b1ed2fc8cd75e9418c04df8ddd58ccd4ece339915cf00c79063c9f9bc546032ce16eb05a1d93a5d8ba1d5bb96751ac259750c71fb3d1d15c2a64c768dce39fb21fb0823baabfd5ffc15441792fe24fff2218de4ca464ef41fc339e3a180d8235cb6d21dc9d02020632d6c1ace1a694d30e16862410403162b60d772113d5748423a32d40fcd933a24c83e9628afe16cdee8fe50b58c8b8053023353a36f19ebbe1dc55f04e605e9a1a1ce84e4873828c8dbc3004818a06efe95f83a4ab9c44d07c61a02a33c2f51cc0060f101c7ca3690777c2b17db2c5437edafea79e8f263f28c53052c0c6628a2cf14e09e761c0c03564e4bb875ba1a04e1aa5cfe83738a1022f8f5fce3012d4cd32a54ada24c2375d3ac9de1eca2d4dc943666eb84503e99473c24a3ca46d5d8cf46b2651bae2d4136fd81b1f0c7cb3345253a73888a084aa345be7924d058e4a83d64830f34cb94200ca43245a493130c062814115b366fa3aea9a2c7d6935bc596a2f55053ef105d94ae664a2767582eeca95ca9bad7c8b6caff26505c0019001f702551f00b6eb843908face8f77681ec7e750ad1a12dfdd9808d3fa1cece08333aab963a0050df400cf7c34918f2460781843b024efb8497c4c079890c0006245359b84b8338a385aae672556a922554570c9dce137ad66804046bd094b412013a6354b297110d0ce47ad06994391ce31c365281db40a13619333406b8ad065bf0d0e7aeb4188d7cbc66c5b9a87bb30dc767f6f9938176350ffadc6eaf59d2dbaeba9e4cf8ed82a619de89c7486ed60288959f53055006f0259ed9156071f5526fbfb27cabaac95d9433bb53bf4f80d1590c410a40ea671c987b90dabc546104e4fea1deaa04a23cc479a38e67f625be53f755822205fc633587a1a8b2082dea821f776b134dd527c53d43661ea66676ad3f5f4c120776dbfd3b8d0be50cba987f7c990ac3c2bae2a4c6dc34c09108ebd5bb83ba96b723fd0adc18e3ad465f60d59bee89323064e6d8c9c390b56dd7783690b0008ebe6a7895777aac7932d1bb7c07ee09adfc78261d908fec2497e865a5a97c4070b4d76d10cb80ba0a3608a0c7a36e7a4ab703a17e32d4a2054da640a5aa9535b67a328f20f8961785a8dba40e8f312c8a0bfea24deb2631a59c08bc5496ac013e854187d32545b2691882b6a1feb1ac", 0xfa3) pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="e312", 0x2}], 0x1, 0x1) writev(r0, &(0x7f0000041000)=[{&(0x7f0000000000)="9f", 0x1}], 0x1) 2018/04/07 08:21:11 executing program 5: r0 = syz_open_dev$evdev(&(0x7f00000001c0)='/dev/input/event#\x00', 0x2, 0x20000067d) write$evdev(r0, &(0x7f0000000540)=[{{}, 0x4, 0x800, 0x7}], 0x10) 2018/04/07 08:21:11 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00004aeff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fde49f)=0x19) ppoll(&(0x7f0000000000)=[{r1}], 0x1, &(0x7f0000000040), &(0x7f0000000080), 0x8) 2018/04/07 08:21:12 executing program 1: r0 = memfd_create(&(0x7f0000002000)="2f7b06003170707031253a656d30f9", 0x0) write$evdev(r0, &(0x7f0000001000)=[{{}, 0x0, 0x0, 0x8}], 0x18) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) timer_create(0x3, &(0x7f00000000c0)={0x9, 0x3, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000001000), &(0x7f0000005000)) 2018/04/07 08:21:12 executing program 4: r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x89f2, &(0x7f0000000240)={'sit0\x00', @ifru_addrs=@in={0x2, 0x4e20, @rand_addr}}) 2018/04/07 08:21:12 executing program 5: r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000240)={'sit0\x00', @ifru_addrs=@in={0x2, 0x4e20, @rand_addr}}) 2018/04/07 08:21:12 executing program 7: r0 = syz_open_dev$random(&(0x7f00002ebff4)='/dev/random\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000003ff4)={0x4}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)) ppoll(&(0x7f00005d7000)=[{r1}], 0x1, &(0x7f0000376000), &(0x7f0000e97ff8), 0x8) 2018/04/07 08:21:12 executing program 6: r0 = socket$kcm(0x29, 0x2, 0x0) r1 = dup2(r0, r0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000200)) r2 = syz_open_procfs(0x0, &(0x7f00005aeff6)='net/kcm\x00\b\x00') r3 = socket$kcm(0x29, 0x2, 0x0) sendfile(r3, r2, &(0x7f0000301ff8), 0xffffffff) 2018/04/07 08:21:12 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000811000)='/dev/input/event#\x00', 0x2, 0x0) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000fbcfd8)={0x0, 0x0, 0x0, 0x0, "df6de010f51f9c0de19f7adc11fcad5be0e54c4a89ffa1e5d5d6225b12a59011"}) 2018/04/07 08:21:12 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000ba4000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f0000014f88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00002e8000)}}, 0x0, 0x0, r1, 0x0) 2018/04/07 08:21:12 executing program 2: clock_getres(0xfffffffffffffff5, &(0x7f0000f12000)) 2018/04/07 08:21:12 executing program 5: r0 = mq_open(&(0x7f0000000000)="2d1f05", 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x2}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ppoll(&(0x7f0000000040)=[{r0, 0x8000}, {0xffffffffffffffff, 0x8010}, {0xffffffffffffffff, 0x8000}, {0xffffffffffffffff, 0x4000}, {0xffffffffffffffff, 0x89}], 0x5, &(0x7f0000000180)={r1, r2+10000000}, &(0x7f00000001c0)={0x6f}, 0x8) mq_timedsend(r0, &(0x7f0000e71fff), 0x0, 0x0, 0x0) mq_timedreceive(r0, &(0x7f0000659000)=""/131, 0xfffffffffffffef8, 0x0, 0x0) 2018/04/07 08:21:12 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-intel\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000), 0x2a4) 2018/04/07 08:21:12 executing program 4: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001400e7ff00ff03009aa127000200", 0x12, 0x0, 0x0, 0x0) 2018/04/07 08:21:12 executing program 1: r0 = socket(0x200000000010, 0x2, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000000)=0x1e, 0x4) 2018/04/07 08:21:12 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00003de000)='/dev/vhost-net\x00', 0x2, 0x0) mmap(&(0x7f0000000000/0xfd0000)=nil, 0xfd0000, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000f1dff8)) 2018/04/07 08:21:12 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rt_cache\x00') preadv(r0, &(0x7f0000331000)=[{&(0x7f0000723f20)=""/127, 0x7f}], 0x1, 0xff) 2018/04/07 08:21:12 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='gid_map\x00') preadv(r0, &(0x7f0000331000)=[{&(0x7f0000723f20)=""/127, 0x7f}], 0x1, 0xff) 2018/04/07 08:21:12 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) close(r0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000bbfe8)="ad", 0x1) r2 = accept$alg(r0, 0x0, 0x0) io_setup(0x1, &(0x7f0000e4b000)=0x0) io_submit(r3, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f000007d000)="b3", 0x1}]) 2018/04/07 08:21:12 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000000)=0x1000, 0x4) 2018/04/07 08:21:12 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000b5dfa8)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) fallocate(r2, 0x0, 0x0, 0x73e0) sendfile(r1, r2, &(0x7f00007ed000), 0x2b) [ 59.676177] ================================================================== [ 59.683594] BUG: KMSAN: uninit-value in sha256_generic_block_fn+0xb05f/0xb460 [ 59.690866] CPU: 0 PID: 5245 Comm: syz-executor6 Not tainted 4.16.0+ #81 [ 59.697700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.707048] Call Trace: [ 59.709625] dump_stack+0x185/0x1d0 [ 59.713233] ? sha256_generic_block_fn+0xb05f/0xb460 [ 59.718320] kmsan_report+0x142/0x240 [ 59.722113] __msan_warning_32+0x6c/0xb0 [ 59.726164] sha256_generic_block_fn+0xb05f/0xb460 [ 59.731086] ? kmsan_internal_chain_origin+0x12b/0x210 [ 59.736349] ? kmsan_memcpy_origins+0x11d/0x170 [ 59.741003] ? __msan_memcpy+0x19f/0x1f0 [ 59.745054] ? crypto_sha256_finup+0x1d2/0x7e0 [ 59.749610] ? shash_ahash_finup+0x468/0xa30 [ 59.753994] ? shash_ahash_digest+0x5c6/0x600 [ 59.758468] ? shash_async_digest+0x11c/0x1b0 [ 59.762940] ? crypto_ahash_op+0x89a/0xc10 [ 59.767150] ? crypto_ahash_digest+0xe4/0x160 [ 59.771623] ? hash_sendpage+0xb40/0xe10 [ 59.775667] ? sock_sendpage+0x1de/0x2c0 [ 59.779712] ? pipe_to_sendpage+0x31b/0x430 [ 59.784016] ? __splice_from_pipe+0x49a/0xf30 [ 59.788498] ? generic_splice_sendpage+0x1c6/0x2a0 [ 59.793402] ? direct_splice_actor+0x19b/0x200 [ 59.797961] ? splice_direct_to_actor+0x764/0x1040 [ 59.802888] ? do_splice_direct+0x335/0x540 [ 59.807187] ? do_sendfile+0x1067/0x1e40 [ 59.811222] ? SYSC_sendfile64+0x1b3/0x300 [ 59.815433] ? SyS_sendfile64+0x64/0x90 [ 59.819386] ? do_syscall_64+0x309/0x430 [ 59.823432] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.828787] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 59.834226] ? __save_stack_trace+0x893/0xa80 [ 59.838700] ? apic_timer_interrupt+0xa/0x20 [ 59.843104] crypto_sha256_finup+0x35e/0x7e0 [ 59.847514] ? sha256_generic_block_fn+0xb460/0xb460 [ 59.852601] shash_ahash_finup+0x468/0xa30 [ 59.856813] shash_ahash_digest+0x5c6/0x600 [ 59.861122] shash_async_digest+0x11c/0x1b0 [ 59.865422] crypto_ahash_op+0x89a/0xc10 [ 59.869461] ? __kmalloc+0x23c/0x350 [ 59.873147] ? shash_async_finup+0x1b0/0x1b0 [ 59.877531] ? shash_async_finup+0x1b0/0x1b0 [ 59.881918] crypto_ahash_digest+0xe4/0x160 [ 59.886229] hash_sendpage+0xb40/0xe10 [ 59.890104] ? hash_recvmsg+0xd50/0xd50 [ 59.894069] sock_sendpage+0x1de/0x2c0 [ 59.897946] pipe_to_sendpage+0x31b/0x430 [ 59.902076] ? sock_fasync+0x2b0/0x2b0 [ 59.905943] ? propagate_umount+0x3a30/0x3a30 [ 59.910417] __splice_from_pipe+0x49a/0xf30 [ 59.914721] ? generic_splice_sendpage+0x2a0/0x2a0 [ 59.919631] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 59.924976] generic_splice_sendpage+0x1c6/0x2a0 [ 59.929725] ? iter_file_splice_write+0x1710/0x1710 [ 59.934731] ? iter_file_splice_write+0x1710/0x1710 [ 59.939732] direct_splice_actor+0x19b/0x200 [ 59.944134] splice_direct_to_actor+0x764/0x1040 [ 59.948873] ? do_splice_direct+0x540/0x540 [ 59.953180] ? security_file_permission+0x28f/0x4b0 [ 59.958186] ? rw_verify_area+0x35e/0x580 [ 59.962322] do_splice_direct+0x335/0x540 [ 59.966450] do_sendfile+0x1067/0x1e40 [ 59.970337] SYSC_sendfile64+0x1b3/0x300 [ 59.974386] SyS_sendfile64+0x64/0x90 [ 59.978177] do_syscall_64+0x309/0x430 [ 59.982058] ? SYSC_sendfile+0x320/0x320 [ 59.986116] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 59.991287] RIP: 0033:0x455259 [ 59.994453] RSP: 002b:00007fd7c2ec5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 60.002140] RAX: ffffffffffffffda RBX: 00007fd7c2ec66d4 RCX: 0000000000455259 [ 60.009394] RDX: 00000000207ed000 RSI: 0000000000000015 RDI: 0000000000000014 [ 60.016637] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 60.023881] R10: 000000000000002b R11: 0000000000000246 R12: 00000000ffffffff [ 60.031129] R13: 00000000000004c6 R14: 00000000006fa330 R15: 0000000000000000 [ 60.038381] [ 60.039981] Uninit was stored to memory at: [ 60.044291] kmsan_internal_chain_origin+0x12b/0x210 [ 60.049367] kmsan_memcpy_origins+0x11d/0x170 [ 60.053834] __msan_memcpy+0x19f/0x1f0 [ 60.057697] crypto_sha256_finup+0x1d2/0x7e0 [ 60.062079] shash_ahash_finup+0x468/0xa30 [ 60.066300] shash_ahash_digest+0x5c6/0x600 [ 60.070605] shash_async_digest+0x11c/0x1b0 [ 60.074914] crypto_ahash_op+0x89a/0xc10 [ 60.078960] crypto_ahash_digest+0xe4/0x160 [ 60.083263] hash_sendpage+0xb40/0xe10 [ 60.087135] sock_sendpage+0x1de/0x2c0 [ 60.091002] pipe_to_sendpage+0x31b/0x430 [ 60.095152] __splice_from_pipe+0x49a/0xf30 [ 60.099477] generic_splice_sendpage+0x1c6/0x2a0 [ 60.104236] direct_splice_actor+0x19b/0x200 [ 60.108647] splice_direct_to_actor+0x764/0x1040 [ 60.113402] do_splice_direct+0x335/0x540 [ 60.117532] do_sendfile+0x1067/0x1e40 [ 60.121407] SYSC_sendfile64+0x1b3/0x300 [ 60.125468] SyS_sendfile64+0x64/0x90 [ 60.129262] do_syscall_64+0x309/0x430 [ 60.133134] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 60.138297] Uninit was created at: [ 60.141824] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 60.146816] kmsan_alloc_page+0x82/0xe0 [ 60.150770] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 60.155499] alloc_pages_vma+0xcc8/0x1800 [ 60.159623] shmem_alloc_and_acct_page+0x6d5/0x1000 [ 60.164612] shmem_getpage_gfp+0x35db/0x5770 [ 60.168998] shmem_fallocate+0xde2/0x1610 [ 60.173127] vfs_fallocate+0x9dc/0xde0 [ 60.176992] SYSC_fallocate+0x119/0x1d0 [ 60.180944] SyS_fallocate+0x64/0x90 [ 60.184631] do_syscall_64+0x309/0x430 [ 60.188493] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 60.193650] ================================================================== [ 60.200981] Disabling lock debugging due to kernel taint [ 60.206403] Kernel panic - not syncing: panic_on_warn set ... [ 60.206403] [ 60.213755] CPU: 0 PID: 5245 Comm: syz-executor6 Tainted: G B 4.16.0+ #81 [ 60.221875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.231204] Call Trace: [ 60.233779] dump_stack+0x185/0x1d0 [ 60.237402] panic+0x39d/0x940 [ 60.240593] ? sha256_generic_block_fn+0xb05f/0xb460 [ 60.245678] kmsan_report+0x238/0x240 [ 60.249464] __msan_warning_32+0x6c/0xb0 [ 60.253514] sha256_generic_block_fn+0xb05f/0xb460 [ 60.258431] ? kmsan_internal_chain_origin+0x12b/0x210 [ 60.263691] ? kmsan_memcpy_origins+0x11d/0x170 [ 60.268341] ? __msan_memcpy+0x19f/0x1f0 [ 60.272381] ? crypto_sha256_finup+0x1d2/0x7e0 [ 60.276937] ? shash_ahash_finup+0x468/0xa30 [ 60.281320] ? shash_ahash_digest+0x5c6/0x600 [ 60.285792] ? shash_async_digest+0x11c/0x1b0 [ 60.290263] ? crypto_ahash_op+0x89a/0xc10 [ 60.294475] ? crypto_ahash_digest+0xe4/0x160 [ 60.298947] ? hash_sendpage+0xb40/0xe10 [ 60.302985] ? sock_sendpage+0x1de/0x2c0 [ 60.307032] ? pipe_to_sendpage+0x31b/0x430 [ 60.311337] ? __splice_from_pipe+0x49a/0xf30 [ 60.315807] ? generic_splice_sendpage+0x1c6/0x2a0 [ 60.320713] ? direct_splice_actor+0x19b/0x200 [ 60.325272] ? splice_direct_to_actor+0x764/0x1040 [ 60.330190] ? do_splice_direct+0x335/0x540 [ 60.334506] ? do_sendfile+0x1067/0x1e40 [ 60.338562] ? SYSC_sendfile64+0x1b3/0x300 [ 60.342797] ? SyS_sendfile64+0x64/0x90 [ 60.346764] ? do_syscall_64+0x309/0x430 [ 60.350821] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 60.356188] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 60.361644] ? __save_stack_trace+0x893/0xa80 [ 60.366141] ? apic_timer_interrupt+0xa/0x20 [ 60.370558] crypto_sha256_finup+0x35e/0x7e0 [ 60.374971] ? sha256_generic_block_fn+0xb460/0xb460 [ 60.380065] shash_ahash_finup+0x468/0xa30 [ 60.384295] shash_ahash_digest+0x5c6/0x600 [ 60.388601] shash_async_digest+0x11c/0x1b0 [ 60.392901] crypto_ahash_op+0x89a/0xc10 [ 60.396938] ? __kmalloc+0x23c/0x350 [ 60.400628] ? shash_async_finup+0x1b0/0x1b0 [ 60.405018] ? shash_async_finup+0x1b0/0x1b0 [ 60.409411] crypto_ahash_digest+0xe4/0x160 [ 60.413709] hash_sendpage+0xb40/0xe10 [ 60.417572] ? hash_recvmsg+0xd50/0xd50 [ 60.421528] sock_sendpage+0x1de/0x2c0 [ 60.425405] pipe_to_sendpage+0x31b/0x430 [ 60.429539] ? sock_fasync+0x2b0/0x2b0 [ 60.433402] ? propagate_umount+0x3a30/0x3a30 [ 60.437872] __splice_from_pipe+0x49a/0xf30 [ 60.442183] ? generic_splice_sendpage+0x2a0/0x2a0 [ 60.447107] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 60.452458] generic_splice_sendpage+0x1c6/0x2a0 [ 60.457203] ? iter_file_splice_write+0x1710/0x1710 [ 60.462205] ? iter_file_splice_write+0x1710/0x1710 [ 60.467203] direct_splice_actor+0x19b/0x200 [ 60.471595] splice_direct_to_actor+0x764/0x1040 [ 60.476334] ? do_splice_direct+0x540/0x540 [ 60.480635] ? security_file_permission+0x28f/0x4b0 [ 60.485637] ? rw_verify_area+0x35e/0x580 [ 60.489783] do_splice_direct+0x335/0x540 [ 60.493913] do_sendfile+0x1067/0x1e40 [ 60.497791] SYSC_sendfile64+0x1b3/0x300 [ 60.501835] SyS_sendfile64+0x64/0x90 [ 60.505614] do_syscall_64+0x309/0x430 [ 60.509484] ? SYSC_sendfile+0x320/0x320 [ 60.513528] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 60.518695] RIP: 0033:0x455259 [ 60.521861] RSP: 002b:00007fd7c2ec5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 60.529546] RAX: ffffffffffffffda RBX: 00007fd7c2ec66d4 RCX: 0000000000455259 [ 60.536793] RDX: 00000000207ed000 RSI: 0000000000000015 RDI: 0000000000000014 [ 60.544042] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 60.551288] R10: 000000000000002b R11: 0000000000000246 R12: 00000000ffffffff [ 60.558534] R13: 00000000000004c6 R14: 00000000006fa330 R15: 0000000000000000 [ 60.566163] Dumping ftrace buffer: [ 60.569679] (ftrace buffer empty) [ 60.573358] Kernel Offset: disabled [ 60.576955] Rebooting in 86400 seconds..