[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 32.311490] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 35.698231] random: sshd: uninitialized urandom read (32 bytes read) [ 35.959436] random: sshd: uninitialized urandom read (32 bytes read) [ 37.336224] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.19' (ECDSA) to the list of known hosts. [ 42.875616] random: sshd: uninitialized urandom read (32 bytes read) 2018/05/12 17:40:53 fuzzer started 2018/05/12 17:40:53 dialing manager at 10.128.0.26:41643 [ 65.827317] can: request_module (can-proto-0) failed. [ 65.838607] can: request_module (can-proto-0) failed. 2018/05/12 17:41:17 kcov=true, comps=false 2018/05/12 17:41:22 executing program 0: futex(&(0x7f0000001340), 0x5, 0x0, &(0x7f00000013c0), &(0x7f0000001400), 0xffffffffffffffff) 2018/05/12 17:41:22 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0xffff, 0x51}) readv(r1, &(0x7f0000004400)=[{&(0x7f0000002400)=""/4096, 0x1000}], 0x1) r2 = syz_open_pts(r1, 0x2) dup3(r2, r1, 0x0) write(r1, &(0x7f0000000040), 0xffab) 2018/05/12 17:41:22 executing program 3: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000000)={0x2, 0x3, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}, @sadb_sa={0x2, 0x1}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}]}, 0x50}, 0x1}, 0x0) 2018/05/12 17:41:22 executing program 2: r0 = socket(0xa, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup\x00', 0x200002, 0x0) fchdir(r1) creat(&(0x7f0000000080)='./file0\x00', 0x0) 2018/05/12 17:41:22 executing program 7: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) semctl$SEM_STAT(0x0, 0x0, 0x12, &(0x7f0000000100)=""/155) 2018/05/12 17:41:22 executing program 4: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_buf(r1, 0x0, 0x20, &(0x7f0000002fe2)=""/30, &(0x7f0000000000)=0x1e) 2018/05/12 17:41:22 executing program 5: r0 = socket(0xa, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @broadcast=0xffffffff}, 0x10) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, &(0x7f0000000dc0), 0x0, 0x20020003, &(0x7f00000001c0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup\x00', 0x200002, 0x0) fchdir(r2) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x1a, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)=0x0) ioctl$sock_bt(r0, 0x0, &(0x7f0000000380)="34b9bf99b996e42bf44f501798e77fd8042079aef5943e068edb321ae92e69b3e8eea75fe776341108e917615b514599f7e8d4489a5205af19a77b4c") timer_gettime(r3, &(0x7f0000000180)) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000240)='fou\x00') sendmsg$FOU_CMD_DEL(r4, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r5, 0x20, 0x70bd2b, 0x25dfdbfd, {0x2}, [@FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) r6 = creat(&(0x7f0000000080)='./file0\x00', 0x0) fallocate(r6, 0x1, 0x8000, 0x1000ffff) write$cgroup_pid(r6, &(0x7f0000000100)=ANY=[], 0x1023c) get_thread_area(&(0x7f00000001c0)={0x5, 0x20001000, 0x400, 0x0, 0x4, 0x0, 0x8, 0xfffffffffffffffd, 0x7fffffff}) fallocate(r6, 0x3, 0x0, 0x1a8) ioctl$fiemap(r4, 0xc020660b, &(0x7f0000000300)={0x0, 0x100, 0x1}) 2018/05/12 17:41:22 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f000051cff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x545d, &(0x7f0000000000)) [ 73.492172] IPVS: ftp: loaded support on port[0] = 21 [ 73.535595] IPVS: ftp: loaded support on port[0] = 21 [ 73.548786] IPVS: ftp: loaded support on port[0] = 21 [ 73.553861] IPVS: ftp: loaded support on port[0] = 21 [ 73.587734] IPVS: ftp: loaded support on port[0] = 21 [ 73.590302] IPVS: ftp: loaded support on port[0] = 21 [ 73.634343] IPVS: ftp: loaded support on port[0] = 21 [ 73.651359] IPVS: ftp: loaded support on port[0] = 21 [ 75.280445] ip (4709) used greatest stack depth: 54392 bytes left [ 75.989242] ip (4764) used greatest stack depth: 54088 bytes left [ 76.926533] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.933097] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.968643] device bridge_slave_0 entered promiscuous mode [ 77.059781] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.066282] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.093194] device bridge_slave_0 entered promiscuous mode [ 77.137902] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.144403] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.177535] device bridge_slave_0 entered promiscuous mode [ 77.219383] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.225868] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.235382] device bridge_slave_0 entered promiscuous mode [ 77.255124] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.261610] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.286854] device bridge_slave_1 entered promiscuous mode [ 77.316965] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.323553] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.341670] device bridge_slave_0 entered promiscuous mode [ 77.365492] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.372121] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.380830] device bridge_slave_1 entered promiscuous mode [ 77.402676] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.409138] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.444748] device bridge_slave_1 entered promiscuous mode [ 77.461575] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.468150] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.480236] device bridge_slave_0 entered promiscuous mode [ 77.490151] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.496611] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.514107] device bridge_slave_1 entered promiscuous mode [ 77.525231] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.531706] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.550344] device bridge_slave_0 entered promiscuous mode [ 77.565662] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.572141] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.583710] device bridge_slave_0 entered promiscuous mode [ 77.599255] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 77.607968] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 77.615858] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.622303] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.655280] device bridge_slave_1 entered promiscuous mode [ 77.674255] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 77.681746] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.688229] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.724719] device bridge_slave_1 entered promiscuous mode [ 77.767219] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.773708] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.800556] device bridge_slave_1 entered promiscuous mode [ 77.817355] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 77.839675] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 77.847288] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 77.855136] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 77.862544] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.869069] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.914332] device bridge_slave_1 entered promiscuous mode [ 77.936481] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 77.950715] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 77.970685] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 78.053695] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 78.117749] ip (4911) used greatest stack depth: 53800 bytes left [ 78.157259] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 78.168560] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 78.176746] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 78.190240] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 78.373723] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 78.432251] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 78.454287] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 78.532466] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 78.651524] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 78.703958] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 78.735710] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 78.783910] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 78.816674] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 78.829936] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 78.930247] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 78.980995] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 78.988121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 79.009753] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 79.049269] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 79.059709] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 79.071682] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 79.081822] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 79.088893] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 79.159490] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 79.166520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 79.217761] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 79.236833] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 79.243827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 79.257093] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 79.269061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 79.301458] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 79.309973] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 79.318249] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 79.357791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 79.380219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 79.494445] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 79.503255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 79.529925] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 79.538792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 79.561719] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 79.573249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 79.591196] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 79.622127] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 79.665574] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 79.672577] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 79.766311] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 79.773708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 79.837621] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 79.848579] team0: Port device team_slave_0 added [ 79.884168] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 79.892243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 79.908869] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 79.932685] team0: Port device team_slave_0 added [ 79.951710] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 79.969843] team0: Port device team_slave_0 added [ 80.022157] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 80.043326] team0: Port device team_slave_1 added [ 80.088334] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 80.111100] team0: Port device team_slave_1 added [ 80.170609] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 80.199010] team0: Port device team_slave_1 added [ 80.274319] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 80.288998] team0: Port device team_slave_0 added [ 80.302516] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 80.313330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 80.347385] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.370204] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 80.380414] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 80.392140] team0: Port device team_slave_0 added [ 80.409949] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 80.422163] team0: Port device team_slave_0 added [ 80.438337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 80.451698] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.471425] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 80.487089] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 80.508831] team0: Port device team_slave_0 added [ 80.528608] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 80.542221] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 80.553409] team0: Port device team_slave_1 added [ 80.573797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 80.585428] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.605902] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 80.617993] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 80.649305] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 80.659598] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 80.672087] team0: Port device team_slave_1 added [ 80.682617] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 80.700139] team0: Port device team_slave_1 added [ 80.706997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 80.719315] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 80.748277] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 80.757128] team0: Port device team_slave_0 added [ 80.764000] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 80.772729] team0: Port device team_slave_1 added [ 80.780749] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 80.790957] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 80.812997] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 80.838910] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 80.859132] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 80.871972] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.891833] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 80.914537] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 80.923329] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 80.940566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 80.978022] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 81.001929] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.020276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 81.036078] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 81.043800] team0: Port device team_slave_1 added [ 81.049254] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 81.056450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 81.064778] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 81.097748] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 81.105763] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 81.112930] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.121891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 81.135275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 81.144137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 81.159703] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 81.167336] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 81.176319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 81.231576] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 81.246786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.263244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 81.283784] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 81.290845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 81.299803] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 81.312480] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 81.319803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.329284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 81.350087] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 81.377407] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 81.385194] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 81.392660] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 81.402746] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 81.410501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 81.429868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 81.468482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.494454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 81.533737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 81.555827] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 81.570518] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 81.578679] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 81.586491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.594808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 81.617885] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 81.631915] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 81.638914] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.649940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 81.659822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 81.668774] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 81.688671] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 81.701193] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 81.711534] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.737623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 81.766359] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.795646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 81.828368] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 81.843787] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 81.866182] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 81.877802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.896251] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 81.922884] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.939494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 81.948530] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.958116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 81.988966] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 81.997516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.019117] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.047455] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.059619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.084142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.118937] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.126479] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.164643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.825562] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.832117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.838999] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.845507] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.885359] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 83.891989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 83.976589] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.983138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.989987] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.996472] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.092699] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.129727] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.136215] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.143126] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.149588] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.230100] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.320807] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.327298] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.334169] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.340613] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.396825] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.403772] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.410252] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.417119] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.423574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.431823] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.474981] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.481480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.488365] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.494837] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.557741] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.573571] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.580105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.586963] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.593451] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.613474] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.659617] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.666156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.673083] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.679548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.763510] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.895212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.909018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.949933] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.976586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.995860] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 85.003317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 85.011197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 92.645658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.884239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.072488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.132303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.336527] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.382142] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.435926] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 93.572982] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.673567] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 93.796559] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.820582] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 94.026672] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 94.214962] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 94.224455] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 94.232156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 94.243288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 94.286865] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 94.449854] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 94.456312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 94.470336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 94.505417] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 94.707456] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 94.715091] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 94.721410] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 94.729910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 94.916758] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 94.923172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 94.937919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 94.996910] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 95.003243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 95.016909] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.060733] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.248776] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.287541] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 95.293873] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 95.308296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.353806] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 95.370508] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 95.396971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.539585] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.635238] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 95.642431] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 95.660400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.849631] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.888259] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.251482] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.292940] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.574157] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.847760] futex_wake_op: syz-executor0 tries to shift op by -1; fix this program [ 99.902624] futex_wake_op: syz-executor0 tries to shift op by -1; fix this program 2018/05/12 17:41:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = syz_open_procfs(0x0, &(0x7f0000000180)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") fchmod(r1, 0x0) 2018/05/12 17:41:51 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f000051cff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x545d, &(0x7f0000000000)) 2018/05/12 17:41:51 executing program 3: 2018/05/12 17:41:51 executing program 7: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cfb(twofish-asm)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab27191a01002356ba602dff05000bfef9b9d2a4b20079", 0x18) 2018/05/12 17:41:51 executing program 4: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f00000002c0)=ANY=[@ANYBLOB="420000001548f43d8ed61b02de5ee5d56c61d176c366d434b8b81b700084f679c1027a661a8711137b0858e22ab3e895290e8654f91758d60a"], &(0x7f0000000200)=0x1) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) readv(r1, &(0x7f0000004400)=[{&(0x7f0000002400)=""/4096, 0x1000}], 0x1) r2 = syz_open_pts(r1, 0x2) dup3(r2, r1, 0x0) write(r1, &(0x7f0000000040), 0xffab) 2018/05/12 17:41:51 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00005befdc)) r2 = syz_open_pts(r1, 0x0) fcntl$setstatus(r2, 0x4, 0x2800) close(r2) 2018/05/12 17:41:51 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") syz_open_procfs(0x0, &(0x7f0000000180)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") syz_open_procfs(0x0, &(0x7f00000012c0)='net/stat\x00') 2018/05/12 17:41:51 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) r2 = socket$can_raw(0x1d, 0x3, 0x1) close(r2) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000004000)) ioctl$sock_SIOCINQ(r2, 0x5460, &(0x7f0000000000)) 2018/05/12 17:41:51 executing program 3: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") shmat(0xffffffffffffffff, &(0x7f0000ffd000/0x1000)=nil, 0x0) 2018/05/12 17:41:51 executing program 1: r0 = socket(0x20000000000000a, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}]}, &(0x7f0000000140)=0x10) 2018/05/12 17:41:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = syz_open_procfs(0x0, &(0x7f0000000180)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") fchmod(r1, 0x0) 2018/05/12 17:41:51 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) r2 = socket$can_raw(0x1d, 0x3, 0x1) close(r2) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000004000)) ioctl$sock_SIOCINQ(r2, 0x5460, &(0x7f0000000000)) 2018/05/12 17:41:51 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f000051cff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x545d, &(0x7f0000000000)) 2018/05/12 17:41:51 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = inotify_init1(0x0) fcntl$getownex(r1, 0x10, &(0x7f000045fff8)) [ 101.506715] ================================================================== [ 101.514133] BUG: KMSAN: uninit-value in __sctp_v6_cmp_addr+0x49a/0x850 [ 101.520805] CPU: 1 PID: 6687 Comm: syz-executor1 Not tainted 4.17.0-rc3+ #88 [ 101.527983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 101.537336] Call Trace: [ 101.539918] [ 101.542070] dump_stack+0x185/0x1d0 [ 101.545758] ? __sctp_v6_cmp_addr+0x49a/0x850 [ 101.550257] kmsan_report+0x142/0x240 [ 101.554060] __msan_warning_32+0x6c/0xb0 [ 101.558128] __sctp_v6_cmp_addr+0x49a/0x850 [ 101.562454] sctp_inet6_cmp_addr+0x3dc/0x400 [ 101.566866] ? sctp_inet6_af_supported+0xf0/0xf0 [ 101.571624] sctp_bind_addr_match+0x18b/0x2f0 [ 101.576122] sctp_addrs_lookup_transport+0x904/0xa20 [ 101.581228] sctp_rcv+0x15e6/0x4d30 [ 101.584858] ? raw_local_deliver+0x63/0x1660 [ 101.589267] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 101.594718] ? raw_local_deliver+0xe2/0x1660 [ 101.599122] ? iptable_nat_ipv4_fn+0xb0/0xb0 [ 101.604198] ? kmsan_set_origin_inline+0x6b/0x120 [ 101.609056] ? sctp_v4_cmp_addr+0x250/0x250 [ 101.613376] ? sctp_csum_combine+0xa0/0xa0 [ 101.617615] ip_local_deliver_finish+0x874/0xec0 [ 101.622399] ip_local_deliver+0x43c/0x4e0 [ 101.626546] ? ip_local_deliver+0x4e0/0x4e0 [ 101.630873] ? ip_call_ra_chain+0x7c0/0x7c0 [ 101.635193] ip_rcv_finish+0xa36/0x1d00 [ 101.639162] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 101.644521] ? nf_hook_slow+0x36f/0x3d0 [ 101.648495] ip_rcv+0x118f/0x16d0 [ 101.651944] ? ip_rcv+0x16d0/0x16d0 [ 101.655577] __netif_receive_skb_core+0x47df/0x4a90 [ 101.660591] ? kmsan_set_origin_inline+0x40/0x120 [ 101.665436] ? ip_local_deliver_finish+0xec0/0xec0 [ 101.670368] process_backlog+0x62d/0xe20 [ 101.674433] ? rps_trigger_softirq+0x2f0/0x2f0 [ 101.679006] net_rx_action+0x7c1/0x1a70 [ 101.682988] ? net_tx_action+0xab0/0xab0 [ 101.687050] __do_softirq+0x56d/0x93d [ 101.690855] do_softirq_own_stack+0x2a/0x40 [ 101.695173] [ 101.697412] __local_bh_enable_ip+0x114/0x140 [ 101.701907] local_bh_enable+0x36/0x40 2018/05/12 17:41:51 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) r2 = socket$can_raw(0x1d, 0x3, 0x1) close(r2) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000004000)) ioctl$sock_SIOCINQ(r2, 0x5460, &(0x7f0000000000)) 2018/05/12 17:41:51 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f000051cff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x545d, &(0x7f0000000000)) 2018/05/12 17:41:51 executing program 7: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="c626262c8523bf012cf66f") setsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080)=0x7fffffff, 0x4) [ 101.705794] ip_finish_output2+0x135a/0x1470 [ 101.710214] ip_finish_output+0xcb2/0xff0 [ 101.714368] ip_output+0x505/0x5d0 [ 101.717912] ? ip_mc_finish_output+0x3b0/0x3b0 [ 101.722500] ? ip_finish_output+0xff0/0xff0 [ 101.726824] ip_queue_xmit+0x1a1e/0x1d10 [ 101.730886] ? __msan_poison_alloca+0x15c/0x1d0 [ 101.735554] ? sctp_chunk_put+0x29d/0x460 [ 101.739710] sctp_v4_xmit+0x188/0x210 [ 101.743511] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 101.748964] ? sctp_addr_wq_timeout_handler+0x840/0x840 [ 101.754334] sctp_packet_transmit+0x3eaa/0x4350 [ 101.759055] sctp_outq_flush+0x11e6/0x6320 [ 101.763299] ? __mod_timer+0x350/0x2c40 [ 101.767279] ? process_slab+0x830/0x1f20 [ 101.771355] sctp_outq_uncork+0xd2/0xf0 [ 101.775866] sctp_do_sm+0x8707/0x8d20 [ 101.779672] ? radix_tree_iter_tag_clear+0x64/0x460 [ 101.784781] ? idr_alloc_u32+0x4b2/0x570 [ 101.788849] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 101.794241] ? radix_tree_iter_tag_clear+0x326/0x460 [ 101.799374] ? idr_alloc_cyclic+0x40f/0x4a0 [ 101.803708] sctp_primitive_ASSOCIATE+0x172/0x1a0 [ 101.808562] __sctp_connect+0x1655/0x1b00 [ 101.812720] ? __msan_poison_alloca+0x15c/0x1d0 [ 101.817410] ? security_sctp_bind_connect+0x70/0x210 [ 101.822524] sctp_getsockopt+0x79a4/0x146a0 [ 101.826858] ? __local_bh_enable_ip+0x3b/0x140 [ 101.831452] ? release_sock+0x237/0x2a0 [ 101.835436] ? kmsan_set_origin_inline+0x6b/0x120 [ 101.840286] ? __msan_poison_alloca+0x15c/0x1d0 [ 101.844959] ? __fdget+0x4e/0x60 [ 101.848337] ? __fget_light+0x56/0x710 [ 101.852231] ? sctp_setsockopt+0x11600/0x11600 [ 101.856817] sock_common_getsockopt+0x13a/0x170 [ 101.861488] ? sock_recv_errqueue+0x990/0x990 [ 101.865982] __sys_getsockopt+0x49b/0x560 [ 101.870140] __x64_sys_getsockopt+0x15d/0x1c0 [ 101.874646] do_syscall_64+0x154/0x220 [ 101.878542] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 101.883728] RIP: 0033:0x455979 [ 101.886915] RSP: 002b:00007f1094206c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 101.894621] RAX: ffffffffffffffda RBX: 00007f10942076d4 RCX: 0000000000455979 [ 101.901892] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000013 [ 101.909161] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 101.916459] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff [ 101.923728] R13: 000000000000013b R14: 00000000006f5e28 R15: 0000000000000000 [ 101.930994] [ 101.932614] Local variable description: ----dest@sctp_rcv [ 101.938222] Variable was created at: [ 101.941940] sctp_rcv+0x13d/0x4d30 [ 101.945484] ip_local_deliver_finish+0x874/0xec0 [ 101.950231] ================================================================== [ 101.957580] Disabling lock debugging due to kernel taint [ 101.963022] Kernel panic - not syncing: panic_on_warn set ... [ 101.963022] [ 101.970392] CPU: 1 PID: 6687 Comm: syz-executor1 Tainted: G B 4.17.0-rc3+ #88 [ 101.978961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 101.988400] Call Trace: [ 101.990978] [ 101.993128] dump_stack+0x185/0x1d0 [ 101.996760] panic+0x39d/0x940 [ 101.999975] ? __sctp_v6_cmp_addr+0x49a/0x850 [ 102.004475] kmsan_report+0x238/0x240 [ 102.008281] __msan_warning_32+0x6c/0xb0 [ 102.012351] __sctp_v6_cmp_addr+0x49a/0x850 [ 102.016680] sctp_inet6_cmp_addr+0x3dc/0x400 [ 102.021093] ? sctp_inet6_af_supported+0xf0/0xf0 [ 102.025857] sctp_bind_addr_match+0x18b/0x2f0 [ 102.030368] sctp_addrs_lookup_transport+0x904/0xa20 [ 102.035483] sctp_rcv+0x15e6/0x4d30 [ 102.039117] ? raw_local_deliver+0x63/0x1660 [ 102.043526] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 102.048892] ? raw_local_deliver+0xe2/0x1660 [ 102.053300] ? iptable_nat_ipv4_fn+0xb0/0xb0 [ 102.057715] ? kmsan_set_origin_inline+0x6b/0x120 [ 102.062559] ? sctp_v4_cmp_addr+0x250/0x250 [ 102.066881] ? sctp_csum_combine+0xa0/0xa0 [ 102.071122] ip_local_deliver_finish+0x874/0xec0 [ 102.075882] ip_local_deliver+0x43c/0x4e0 [ 102.080034] ? ip_local_deliver+0x4e0/0x4e0 [ 102.084358] ? ip_call_ra_chain+0x7c0/0x7c0 [ 102.088678] ip_rcv_finish+0xa36/0x1d00 [ 102.092656] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 102.098022] ? nf_hook_slow+0x36f/0x3d0 [ 102.102000] ip_rcv+0x118f/0x16d0 [ 102.105452] ? ip_rcv+0x16d0/0x16d0 [ 102.109087] __netif_receive_skb_core+0x47df/0x4a90 [ 102.114109] ? kmsan_set_origin_inline+0x40/0x120 [ 102.118956] ? ip_local_deliver_finish+0xec0/0xec0 [ 102.123890] process_backlog+0x62d/0xe20 [ 102.127957] ? rps_trigger_softirq+0x2f0/0x2f0 [ 102.132537] net_rx_action+0x7c1/0x1a70 [ 102.136512] ? net_tx_action+0xab0/0xab0 [ 102.140576] __do_softirq+0x56d/0x93d [ 102.144379] do_softirq_own_stack+0x2a/0x40 [ 102.148691] [ 102.150933] __local_bh_enable_ip+0x114/0x140 [ 102.155427] local_bh_enable+0x36/0x40 [ 102.159312] ip_finish_output2+0x135a/0x1470 [ 102.163731] ip_finish_output+0xcb2/0xff0 [ 102.167880] ip_output+0x505/0x5d0 [ 102.171422] ? ip_mc_finish_output+0x3b0/0x3b0 [ 102.176005] ? ip_finish_output+0xff0/0xff0 [ 102.180330] ip_queue_xmit+0x1a1e/0x1d10 [ 102.184392] ? __msan_poison_alloca+0x15c/0x1d0 [ 102.189060] ? sctp_chunk_put+0x29d/0x460 [ 102.193306] sctp_v4_xmit+0x188/0x210 [ 102.197115] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 102.202567] ? sctp_addr_wq_timeout_handler+0x840/0x840 [ 102.207927] sctp_packet_transmit+0x3eaa/0x4350 [ 102.212615] sctp_outq_flush+0x11e6/0x6320 [ 102.216847] ? __mod_timer+0x350/0x2c40 [ 102.220811] ? process_slab+0x830/0x1f20 [ 102.224858] sctp_outq_uncork+0xd2/0xf0 [ 102.228815] sctp_do_sm+0x8707/0x8d20 [ 102.232601] ? radix_tree_iter_tag_clear+0x64/0x460 [ 102.237592] ? idr_alloc_u32+0x4b2/0x570 [ 102.241640] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 102.246985] ? radix_tree_iter_tag_clear+0x326/0x460 [ 102.253814] ? idr_alloc_cyclic+0x40f/0x4a0 [ 102.258138] sctp_primitive_ASSOCIATE+0x172/0x1a0 [ 102.262965] __sctp_connect+0x1655/0x1b00 [ 102.267094] ? __msan_poison_alloca+0x15c/0x1d0 [ 102.271746] ? security_sctp_bind_connect+0x70/0x210 [ 102.276828] sctp_getsockopt+0x79a4/0x146a0 [ 102.281131] ? __local_bh_enable_ip+0x3b/0x140 [ 102.285692] ? release_sock+0x237/0x2a0 [ 102.289644] ? kmsan_set_origin_inline+0x6b/0x120 [ 102.294464] ? __msan_poison_alloca+0x15c/0x1d0 [ 102.299109] ? __fdget+0x4e/0x60 [ 102.302454] ? __fget_light+0x56/0x710 [ 102.306318] ? sctp_setsockopt+0x11600/0x11600 [ 102.310883] sock_common_getsockopt+0x13a/0x170 [ 102.315540] ? sock_recv_errqueue+0x990/0x990 [ 102.320013] __sys_getsockopt+0x49b/0x560 [ 102.324153] __x64_sys_getsockopt+0x15d/0x1c0 [ 102.328637] do_syscall_64+0x154/0x220 [ 102.332504] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 102.337676] RIP: 0033:0x455979 [ 102.340842] RSP: 002b:00007f1094206c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 102.348527] RAX: ffffffffffffffda RBX: 00007f10942076d4 RCX: 0000000000455979 [ 102.355773] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000013 [ 102.363025] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 102.370281] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff [ 102.377528] R13: 000000000000013b R14: 00000000006f5e28 R15: 0000000000000000 [ 102.385284] Dumping ftrace buffer: [ 102.388800] (ftrace buffer empty) [ 102.392485] Kernel Offset: disabled [ 102.396085] Rebooting in 86400 seconds..