INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.54' (ECDSA) to the list of known hosts.
2018/04/20 01:18:16 fuzzer started
2018/04/20 01:18:17 dialing manager at 10.128.0.26:41811
2018/04/20 01:18:24 kcov=true, comps=false
2018/04/20 01:18:27 executing program 0:

2018/04/20 01:18:27 executing program 1:

2018/04/20 01:18:27 executing program 7:

2018/04/20 01:18:27 executing program 2:

2018/04/20 01:18:27 executing program 3:

2018/04/20 01:18:27 executing program 4:

2018/04/20 01:18:27 executing program 5:

2018/04/20 01:18:27 executing program 6:

syzkaller login: [   45.849837] ip (3759) used greatest stack depth: 54688 bytes left
[   46.163996] ip (3789) used greatest stack depth: 54672 bytes left
[   46.317698] ip (3800) used greatest stack depth: 54408 bytes left
[   47.229305] ip (3894) used greatest stack depth: 54200 bytes left
[   47.622335] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.628825] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.658159] device bridge_slave_0 entered promiscuous mode
[   47.676772] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.683226] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.704981] device bridge_slave_0 entered promiscuous mode
[   47.767582] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.774111] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.818767] device bridge_slave_0 entered promiscuous mode
[   47.839757] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.846230] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.870789] device bridge_slave_0 entered promiscuous mode
[   47.886450] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.892904] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.906802] device bridge_slave_0 entered promiscuous mode
[   47.924808] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.931301] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.953995] device bridge_slave_1 entered promiscuous mode
[   47.965939] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.972373] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.991569] device bridge_slave_1 entered promiscuous mode
[   47.998116] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.004586] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.015187] device bridge_slave_0 entered promiscuous mode
[   48.042173] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.048615] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.065884] device bridge_slave_1 entered promiscuous mode
[   48.072775] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.079248] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.106604] device bridge_slave_0 entered promiscuous mode
[   48.120604] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.127126] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.151202] device bridge_slave_1 entered promiscuous mode
[   48.158266] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.164686] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.174987] device bridge_slave_1 entered promiscuous mode
[   48.186490] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.192975] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.211896] device bridge_slave_0 entered promiscuous mode
[   48.223817] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.233076] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.240624] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.247125] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.280960] device bridge_slave_1 entered promiscuous mode
[   48.299105] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.309331] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.315820] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.344080] device bridge_slave_1 entered promiscuous mode
[   48.352977] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.374494] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.392784] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.399270] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.439993] device bridge_slave_1 entered promiscuous mode
[   48.464814] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   48.474825] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   48.483599] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   48.494688] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.505664] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.566875] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   48.581098] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   48.703116] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.734945] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   48.745601] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   48.936496] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   49.391907] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   49.459355] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   49.506584] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   49.538542] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   49.589116] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   49.621620] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   49.670465] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   49.696199] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   49.712518] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   49.741811] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   49.765176] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   49.830818] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   49.905651] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   49.916190] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   49.925910] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   50.128484] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   50.223177] ip (4114) used greatest stack depth: 53640 bytes left
[   50.629932] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   50.703649] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   50.721959] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   50.762681] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   50.771884] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   50.846623] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   50.905789] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   50.914756] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   50.963455] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   50.978579] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   50.989155] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   50.998517] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   51.068831] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.079373] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.099757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.135994] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.143198] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.154682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.168090] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   51.178734] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   51.190094] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.197869] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.204921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.234895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.269282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.296877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.323753] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.330877] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.353658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.365107] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   51.375902] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.388609] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.399182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.413902] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.422066] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.430102] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   51.436964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.474222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.503997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.534439] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.551943] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.559193] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.567422] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.578616] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.589257] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.609350] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.618083] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.634347] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.656409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.698010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.733941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.766588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.779192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.795593] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.804198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.819143] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.842270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.868364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.898343] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.905705] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.916694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.937479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.981962] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.017869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.780443] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.786922] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.793765] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.800200] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.833297] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   53.843437] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.849905] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.856781] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.863242] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.874900] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   53.884500] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.890961] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.897864] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.904306] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.912708] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   53.919259] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.927532] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.936214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.966939] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.973406] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.980299] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.986750] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.055968] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   54.111541] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.118018] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.124908] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.131377] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.216214] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   54.230491] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.236939] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.243731] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.250138] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.260546] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   54.342637] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.349133] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.355995] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.362451] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.438165] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   54.460522] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.466980] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.473811] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.480263] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.540583] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   54.946342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.971663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.995928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.012806] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.028669] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.943858] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.157562] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.261861] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.337264] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.483803] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.498788] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.683774] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   63.697179] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.713585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.869463] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.930763] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.952700] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   63.958945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.970765] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.052150] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   64.058358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.068736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.208891] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   64.215150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.229697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.284118] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   64.290533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.305752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.330830] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   64.357445] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.392867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.683393] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   64.689643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.700626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.724651] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   64.730865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.741533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/04/20 01:18:53 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f0000061000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f000060c000)={{0x100000001}})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000784000)='/dev/snd/seq\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000b71ff4))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
read(r2, &(0x7f0000000040)=""/104, 0x68)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000051ff4)={0x13})

2018/04/20 01:18:53 executing program 5:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0)

2018/04/20 01:18:53 executing program 7:
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x1, 0x0)

2018/04/20 01:18:54 executing program 0:
r0 = syz_open_dev$sndtimer(&(0x7f0000061000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f000060c000)={{0x100000001}})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000784000)='/dev/snd/seq\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000b71ff4))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
read(r2, &(0x7f0000000040)=""/104, 0x68)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000051ff4)={0x13})

2018/04/20 01:18:54 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
fcntl$setstatus(r1, 0x4, 0x6100)

2018/04/20 01:18:54 executing program 7:
getgroups(0x1, &(0x7f0000000380)=[<r0=>0xffffffffffffffff])
keyctl$chown(0x4, 0x0, 0x0, r0)

2018/04/20 01:18:54 executing program 4:
getgroups(0x2, &(0x7f0000000380)=[0xffffffffffffffff, <r0=>0xffffffffffffffff])
r1 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000480)={0x73, 0x79, 0x7a}, &(0x7f00000004c0)="bb", 0x1, 0xfffffffffffffffd)
keyctl$chown(0x4, r1, 0x0, r0)

2018/04/20 01:18:54 executing program 6:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
ftruncate(0xffffffffffffffff, 0x0)
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c4600170707ffff00000000000003000300ff0f0000170100000000000040000000000000005b000000000000000800000007003800020000008900ed0c04000000030000002b08000000000000ffffffff000000000700000000000000ac29000000000000200000000000000062a9000000000000020000000000000007000000000000000500000000000000000001000000000006000000000000000100008000000000faffffffffffffffab0710f662aa633577391da67d2148fa38ef300b486a1f77feeb89646683ac063ae75c1b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007efa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000022a39677171550280000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f6b952a0475280700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x8bb)

2018/04/20 01:18:54 executing program 3:
pkey_mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000004, 0xffffffffffffffff)

2018/04/20 01:18:54 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f0000061000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f000060c000)={{0x100000001}})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000784000)='/dev/snd/seq\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000b71ff4))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
read(r2, &(0x7f0000000040)=""/104, 0x68)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000051ff4)={0x13})

2018/04/20 01:18:54 executing program 1:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, r1, 0x0)

2018/04/20 01:18:54 executing program 1:
perf_event_open(&(0x7f0000271000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f00000007c0)='ns/mnt\x00')

2018/04/20 01:18:55 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f000000b000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800080012b7db3cd70000f4c663a006f54b48000000000000000002000000000000007716000000be802efc29111b929c50a2c906ae1a7f19687900e55d60d9a7f7c4ddcce8bb574ea71e2d18851a68c25f8f0fe4ae59ff54a681fe480442bff4f43b306bd2844a75fcdc08370f45f156fc07068e41cbf8d90098d258848b5a3a5659b5f4de313676d4388c003be51afafd6de0c47aa1ed6dc5da900bff31c7730cae405d880e1c9a7142f5d3131023a10cfb180fa135eedceb06fc281033ac369a0d85d8f9fa92e5c12b0ff9a1857706a422681b6505bfa327352b106acf0bf49b2ce3b185e7a10e1d2725e861d0d04b5bca9fffafc97246e806a3d57fd6f596c76d3c3804ad5d5c3a8de8b2904765069405a31075a6e4f25b8612e34801532676ef167b02428087293476428e94bb24fffff4e8d994e1ab333610ada3ffba1ccf8023acf87712ee8f89974845ac9c8ea8c513e8a9b30e89f159ffae680da5fd4e28674ef0308857dd13eeab5df67b003535761705c279b510ab4dc2a43632beb66215b39bc614f88a833d96dc96c47cfb7aa70eb9ec562cb1b0ef04ab13276daf227a19e8392f7a17b3e67f9896b750e0e81fa3d1337ac49588cef0ee459c56210d6e5c99da07f8335e417d1aacc2fbefa5d002df351cef044572438220e118e43ae6efecbef07a4c6c56fe0c6dd9cb0430f8e39958b9575959e1"], 0x1}, 0x1}, 0x0)

2018/04/20 01:18:55 executing program 6:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000d16ff8)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x492492492492875, 0x0)
recvmmsg(r1, &(0x7f0000002a40)=[{{&(0x7f0000000e00)=@sco, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000e80)=""/16, 0x10}], 0x1, &(0x7f0000000f00)=""/146, 0x92, 0x1ff}}], 0x1, 0x0, &(0x7f0000002c00)={0x77359400})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000002d40)='/dev/vga_arbiter\x00', 0x0, 0x0)
close(r0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00'})

2018/04/20 01:18:55 executing program 7:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_type(r1, &(0x7f0000000100)='threaded\x00', 0x9)
ioctl$sock_ipx_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000200)={'ip6_vti0\x00', {0x4, 0x0, 0x0, "1c35107c39d2"}})
recvmmsg(r0, &(0x7f0000000040), 0x948, 0x0, 0x0)

2018/04/20 01:18:55 executing program 4:
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000240)=ANY=[])

2018/04/20 01:18:55 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_type(r1, &(0x7f0000000040)='threaded\x00', 0x9)
recvmmsg(r0, &(0x7f0000000040), 0x948, 0x42, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)

2018/04/20 01:18:55 executing program 1:
dup(0xffffffffffffffff)

2018/04/20 01:18:55 executing program 0:
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x10000, 0x0)

2018/04/20 01:18:55 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f0000061000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f000060c000)={{0x100000001}})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000784000)='/dev/snd/seq\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000b71ff4))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
read(r2, &(0x7f0000000040)=""/104, 0x68)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000051ff4)={0x13})

2018/04/20 01:18:55 executing program 1:
r0 = socket(0x18, 0x0, 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$sock_buf(r1, 0x1, 0x1f, &(0x7f00000000c0)=""/223, &(0x7f00000001c0)=0xdf)

2018/04/20 01:18:55 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)

2018/04/20 01:18:55 executing program 0:
r0 = socket(0x18, 0x0, 0x4)
listen$netrom(r0, 0x0)

2018/04/20 01:18:55 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000d04000)='clear_refs\x00')
writev(r0, &(0x7f0000000000), 0x200000e2)

2018/04/20 01:18:55 executing program 7:
r0 = syz_open_procfs(0x0, &(0x7f0000d04000)='clear_refs\x00')
fcntl$setlease(r0, 0x400, 0x2)

2018/04/20 01:18:55 executing program 3:
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x6da6, 0x0)

2018/04/20 01:18:55 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000000)=0x1b, 0x4)

2018/04/20 01:18:55 executing program 1:
seccomp(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000200)=[{0x8}]})

2018/04/20 01:18:56 executing program 7:
syz_mount_image$gfs2(&(0x7f0000000100)='gfs2\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000580), 0x2400, &(0x7f00000005c0))

2018/04/20 01:18:56 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_type(r1, &(0x7f0000000040)='threaded\x00', 0x9)
recvmmsg(r0, &(0x7f0000000040), 0x948, 0x42, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)

2018/04/20 01:18:56 executing program 0:
r0 = socket(0x18, 0x0, 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
mq_timedreceive(r1, &(0x7f0000000300)=""/79, 0x4f, 0x0, &(0x7f0000000240))

2018/04/20 01:18:56 executing program 4:
fcntl$dupfd(0xffffffffffffffff, 0x6, 0xffffffffffffffff)

2018/04/20 01:18:56 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp6\x00')
getdents(r0, &(0x7f0000000040)=""/41, 0x29)

2018/04/20 01:18:56 executing program 3:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="02130000c459b8de99996c0268020000"], 0x10}, 0x1}, 0x0)

2018/04/20 01:18:56 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f0000061000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f000060c000)={{0x100000001}})
r1 = epoll_create1(0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000784000)='/dev/snd/seq\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000b71ff4))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
read(r2, &(0x7f0000000040)=""/104, 0x68)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000051ff4)={0x13})

2018/04/20 01:18:56 executing program 6:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f00000005c0)=""/242, 0xf2}], 0x1, 0x0)

2018/04/20 01:18:56 executing program 7:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
pwrite64(r0, &(0x7f0000000100), 0x0, 0x0)

2018/04/20 01:18:56 executing program 3:
iopl(0x0)

2018/04/20 01:18:56 executing program 4:
renameat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000100)='./file0\x00')

2018/04/20 01:18:56 executing program 6:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="021402062000000025bd7000fedbdf2519000800c805009f595c8828771b5c35002f4b98f446eb33ae46fd8766da30d26b39812a9c67b00f36beb2134df99d3b381e46240350ae11db3d8bfefc68772e7a3f23a87642c17e8e0720235ec890b65cbaa232af6a1559572617b06d226a32c25672278e410da6a5b92c48e285399f321cbd6e660bc6a1d0d87392b61f2c40a326713dbea8906c9830d901c502a99dbb2de912871fbfc98e63d67de5b71b9ee23274988b89fc1f6b42cf4b538ae6640722e08704d6abbc4ca03307e05237f4d0b91eea4c49492452d800000000000000050019000000000002004e24e0000002000000000000000002004e24ac1414"], 0x100}, 0x1}, 0x0)

2018/04/20 01:18:56 executing program 1:
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, &(0x7f00000001c0))
mknod(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)

2018/04/20 01:18:56 executing program 0:
r0 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f00000002c0)={'vcan0\x00', {0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}})

2018/04/20 01:18:56 executing program 7:
r0 = socket$key(0xf, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6tnl0\x00', 0x10)

2018/04/20 01:18:56 executing program 3:
rt_sigaction(0x0, &(0x7f0000000000), &(0x7f0000000040), 0xfffffffffffffd0d, &(0x7f0000000240))

2018/04/20 01:18:56 executing program 4:
r0 = inotify_init1(0x0)
r1 = gettid()
fcntl$setown(r0, 0x8, r1)
fcntl$getownex(r0, 0x10, &(0x7f0000000140))

2018/04/20 01:18:56 executing program 6:
socketpair$unix(0x1, 0x2001000000000005, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff})
getpeername$unix(r0, &(0x7f0000000000), &(0x7f00000000c0)=0x6e)

2018/04/20 01:18:57 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev_mcast\x00')
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)='3', 0x1}], 0x1)

2018/04/20 01:18:57 executing program 3:
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x0, 0x0)
ustat(0x5, &(0x7f0000000340))

2018/04/20 01:18:57 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
tee(r0, 0xffffffffffffffff, 0x6da6, 0x0)

2018/04/20 01:18:57 executing program 6:
syz_open_procfs(0x0, &(0x7f0000000040)='net/dev_mcast\x00')

2018/04/20 01:18:57 executing program 0:
r0 = socket(0x18, 0x0, 0x4)
getsockname$netrom(r0, &(0x7f0000000000)=@full, &(0x7f0000000080)=0x48)

2018/04/20 01:18:57 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f0000061000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f000060c000)={{0x100000001}})
r1 = epoll_create1(0x0)
syz_open_dev$sndseq(&(0x7f0000784000)='/dev/snd/seq\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000b71ff4))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000051ff4)={0x13})

2018/04/20 01:18:57 executing program 7:
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0)

2018/04/20 01:18:57 executing program 5:
msync(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xafae2562502c8f66)

2018/04/20 01:18:57 executing program 6:
r0 = syz_open_procfs(0x0, &(0x7f0000d04000)='clear_refs\x00')
ioctl$int_out(r0, 0x5460, &(0x7f00000001c0))

2018/04/20 01:18:57 executing program 4:
r0 = socket$inet(0x2, 0x2000000080002, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e23}, 0x10)
sendmsg(r0, &(0x7f0000000180)={&(0x7f0000000380)=@in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x80, &(0x7f0000001640)=[{&(0x7f0000000240)="5357916eeaa2ab6c8b755f8b2d3e7bc3ace9facabb7d29bc3bbfdef114c1209e674abb0ffd988bcf8abe472871508dc35fd94926e8e8803b4a2b9267f8ca9cf20cd01375", 0x44}], 0x1, &(0x7f0000000380)}, 0x8000)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000040)=""/53, 0x35}], 0x1)
sendmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)='z', 0x1}], 0x1, &(0x7f0000000140)}, 0x0)

2018/04/20 01:18:57 executing program 1:
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000580), 0x0, &(0x7f0000000600))

2018/04/20 01:18:57 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000400)}, 0x8f9c03c4c96afd43)

2018/04/20 01:18:57 executing program 7:
openat$autofs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/autofs\x00', 0x3, 0x0)

2018/04/20 01:18:57 executing program 3:
futex(&(0x7f0000000000), 0x3, 0x0, &(0x7f0000000100)={0x0, 0x989680}, &(0x7f0000000140), 0x0)

2018/04/20 01:18:57 executing program 0:
request_key(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a}, &(0x7f0000000280)='user\x00', 0xfffffffffffffffd)

2018/04/20 01:18:57 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f0000061000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f000060c000)={{0x100000001}})
r1 = epoll_create1(0x0)
syz_open_dev$sndseq(&(0x7f0000784000)='/dev/snd/seq\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000b71ff4))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000051ff4)={0x13})

2018/04/20 01:18:57 executing program 5:
ioperm(0x0, 0x100000001, 0x0)

2018/04/20 01:18:57 executing program 7:
keyctl$chown(0x4, 0x0, 0x0, 0x0)

2018/04/20 01:18:57 executing program 3:
add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$join(0x1, &(0x7f0000000080)={0x73, 0x79, 0x7a})

[   74.530477] ==================================================================
[   74.537872] BUG: KMSAN: uninit-value in csum_partial+0x78e/0x850
[   74.544007] CPU: 0 PID: 5966 Comm: syz-executor4 Not tainted 4.16.0+ #84
[   74.550832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.560167] Call Trace:
[   74.562746]  dump_stack+0x185/0x1d0
[   74.566356]  ? csum_partial+0x78e/0x850
[   74.570311]  kmsan_report+0x142/0x240
[   74.574095]  __msan_warning_32+0x6c/0xb0
[   74.578140]  csum_partial+0x78e/0x850
[   74.581929]  csum_partial_ext+0x89/0xa0
[   74.585886]  __skb_checksum+0x6d4/0x1010
[   74.589934]  ? skb_checksum+0x120/0x120
[   74.593894]  skb_checksum+0xec/0x120
[   74.597591]  ? skb_checksum+0x120/0x120
[   74.601548]  ? csum_partial_ext+0xa0/0xa0
[   74.605682]  __skb_checksum_complete+0x90/0x400
[   74.610344]  udp_recvmsg+0x6a3/0x1d90
[   74.614138]  ? udp_skb_dtor_locked+0x770/0x770
[   74.618725]  inet_recvmsg+0x4c2/0x5f0
[   74.622511]  ? inet_sendpage+0x8c0/0x8c0
[   74.626555]  sock_read_iter+0x405/0x480
[   74.630520]  ? kernel_sock_ip_overhead+0x350/0x350
[   74.635429]  do_iter_readv_writev+0x7bb/0x970
[   74.639914]  ? kernel_sock_ip_overhead+0x350/0x350
[   74.644825]  do_iter_read+0x303/0xd70
[   74.648609]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   74.654050]  do_readv+0x295/0x5f0
[   74.657493]  ? syscall_return_slowpath+0xe9/0x700
[   74.662323]  SYSC_readv+0x9b/0xb0
[   74.665761]  SyS_readv+0x56/0x80
[   74.669110]  do_syscall_64+0x309/0x430
[   74.672983]  ? vfs_readv+0x260/0x260
[   74.676689]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   74.681858] RIP: 0033:0x455379
[   74.685033] RSP: 002b:00007f6416085c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   74.692725] RAX: ffffffffffffffda RBX: 00007f64160866d4 RCX: 0000000000455379
[   74.699974] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000013
[   74.707223] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   74.714472] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   74.721721] R13: 0000000000000495 R14: 00000000006f9e98 R15: 0000000000000000
[   74.728974] 
[   74.730576] Uninit was created at:
[   74.734101]  kmsan_alloc_meta_for_pages+0x161/0x3a0
[   74.739099]  kmsan_alloc_page+0x82/0xe0
[   74.743057]  __alloc_pages_nodemask+0xf5b/0x5dc0
[   74.747794]  alloc_pages_current+0x6b5/0x970
[   74.752185]  skb_page_frag_refill+0x3ba/0x5e0
[   74.756671]  sk_page_frag_refill+0xa4/0x340
[   74.760981]  __ip_append_data+0x107e/0x3d10
[   74.765284]  ip_append_data+0x2fb/0x440
[   74.769244]  udp_sendmsg+0x746/0x3180
[   74.773033]  inet_sendmsg+0x48d/0x740
[   74.776824]  ___sys_sendmsg+0xec0/0x1310
[   74.780870]  SYSC_sendmsg+0x2a3/0x3d0
[   74.784655]  SyS_sendmsg+0x54/0x80
[   74.788176]  do_syscall_64+0x309/0x430
[   74.792052]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   74.797216] ==================================================================
[   74.804550] Disabling lock debugging due to kernel taint
[   74.809980] Kernel panic - not syncing: panic_on_warn set ...
[   74.809980] 
[   74.817331] CPU: 0 PID: 5966 Comm: syz-executor4 Tainted: G    B            4.16.0+ #84
[   74.825450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.834780] Call Trace:
[   74.837357]  dump_stack+0x185/0x1d0
[   74.840969]  panic+0x39d/0x940
[   74.844158]  ? csum_partial+0x78e/0x850
[   74.848115]  kmsan_report+0x238/0x240
[   74.851900]  __msan_warning_32+0x6c/0xb0
[   74.855947]  csum_partial+0x78e/0x850
[   74.859738]  csum_partial_ext+0x89/0xa0
[   74.863699]  __skb_checksum+0x6d4/0x1010
[   74.867751]  ? skb_checksum+0x120/0x120
[   74.871710]  skb_checksum+0xec/0x120
[   74.875405]  ? skb_checksum+0x120/0x120
[   74.879368]  ? csum_partial_ext+0xa0/0xa0
[   74.883504]  __skb_checksum_complete+0x90/0x400
[   74.888162]  udp_recvmsg+0x6a3/0x1d90
[   74.891956]  ? udp_skb_dtor_locked+0x770/0x770
[   74.896520]  inet_recvmsg+0x4c2/0x5f0
[   74.900307]  ? inet_sendpage+0x8c0/0x8c0
[   74.904352]  sock_read_iter+0x405/0x480
[   74.908314]  ? kernel_sock_ip_overhead+0x350/0x350
[   74.913225]  do_iter_readv_writev+0x7bb/0x970
[   74.917716]  ? kernel_sock_ip_overhead+0x350/0x350
[   74.923099]  do_iter_read+0x303/0xd70
[   74.926887]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   74.932320]  do_readv+0x295/0x5f0
[   74.935766]  ? syscall_return_slowpath+0xe9/0x700
[   74.940596]  SYSC_readv+0x9b/0xb0
[   74.944043]  SyS_readv+0x56/0x80
[   74.947390]  do_syscall_64+0x309/0x430
[   74.951264]  ? vfs_readv+0x260/0x260
[   74.954962]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   74.960135] RIP: 0033:0x455379
[   74.963308] RSP: 002b:00007f6416085c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   74.971000] RAX: ffffffffffffffda RBX: 00007f64160866d4 RCX: 0000000000455379
[   74.978267] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000013
[   74.985521] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   74.992775] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   75.000031] R13: 0000000000000495 R14: 00000000006f9e98 R15: 0000000000000000
[   75.007794] Dumping ftrace buffer:
[   75.011322]    (ftrace buffer empty)
[   75.015005] Kernel Offset: disabled
[   75.018608] Rebooting in 86400 seconds..