INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.50' (ECDSA) to the list of known hosts.
2018/04/19 22:45:56 fuzzer started
2018/04/19 22:45:56 dialing manager at 10.128.0.26:37327
2018/04/19 22:46:02 kcov=true, comps=false
2018/04/19 22:46:05 executing program 0:

2018/04/19 22:46:05 executing program 2:

2018/04/19 22:46:05 executing program 7:
perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc\x00', 0x0, 0x0)
ioctl$TUNGETFEATURES(r0, 0x80247009, &(0x7f00000000c0))

2018/04/19 22:46:05 executing program 3:
r0 = open(&(0x7f0000042ff8)='./file0\x00', 0x80040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)

2018/04/19 22:46:05 executing program 4:
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
flock(r0, 0x5)

2018/04/19 22:46:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x13, &(0x7f0000000200)=[{&(0x7f0000010000)="400000000002000019000000dc0100002c000000010000000000000000000000002000000020000040000000000000003d5cbe5a0000ffff53ef0100010000003d5cbe5a000000000000000001000000000000000b0000008000000038000000c20300006b0400008a209384fadb4e8ab59173d9af054fe3", 0x78, 0x400}, {&(0x7f0000010200)="0100000000000100150000000000000000000000040100002000000000000000", 0x20, 0x560}, {&(0x7f0000010400)="ffffff07e01f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050166696c65320000000d0000001000050166696c65330000000e0000001000050166696c65300000000d0000001000050166696c65340000000f0000001c001201d181d18ed0b7d0bad0b0d0bbd0bbd0b5d1800000100000000c0004012e646f74110000001000050266696c65310000001300000050030802564944454f5f5453000000000000000000000000", 0x4c0, 0x1800}, {&(0x7f0000010a00)="0000000000000000000000000000000000000000000000000c0000de6723c27600000000f4030000000000000000000000000000000000000000000000000000", 0x40, 0x23e0}, {&(0x7f0000010c00)="0000000000000000000000000000000000000000000000000c0000de1912178200000000f4030000000000000000000000000000000000000000000000000000", 0x40, 0x2be0}, {&(0x7f0000010e00)="0000000000000000000000000000000000000000000000000c0000de1912178200000000f4030000000000000000000000000000000000000000000000000000", 0x40, 0x33e0}, {&(0x7f0000011000)="0000000000000000000000000000000000000000000000000c0000de1912178200000000f4030000000000000000000000000000000000000000000000000000", 0x40, 0x3be0}, {&(0x7f0000011200)="0000000000000000000000000000000000000000000000000c0000de1912178200000000f4030000000000000000000000000000000000000000000000000000", 0x40, 0x43e0}, {&(0x7f0000011400)="0000000000000000000000000000000000000000000000000c0000de1912178200000000f4030000000000000000000000000000000000000000000000000000", 0x40, 0x4be0}, {&(0x7f0000011600)="504d4d00504d4dff3d5cbe5a00000000647679756b6f762d7a3834302e6d75632e636f72702e676f6f676c652e636f6d00000000000000000000000000000000000000000000000000000000000000006469736b2e72617700000000000000000000000000000000000000000000000005000000000000000000000000000000", 0x80, 0x5401}, {&(0x7f0000011c00)='how about this?\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x20, 0x6000}, {&(0x7f0000011e00)="0000000000000000000000000000000000000000000000000c0000deb697526dd181d18ed0b7d0bad0b0d0bbd0bbd0b5d1800a00000000000000000000000000", 0x40, 0x67e0}, {&(0x7f0000012000)="0000000000000000000000000000000000000000000000000c0000de218d588f", 0x20, 0x6fe0}, {&(0x7f0000012200)="00000000000000000000000000000000000000000000000000000000fd4d0000ed410000000400003d5cbe5a3d5cbe5a3d5cbe5a00000000000005000200000000000800000000000af30100040000000000000000000000010000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000083ac0000", 0xa0, 0x9860}, {&(0x7f0000012400)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00l@\x00\x00', 0x20, 0x99e0}, {&(0x7f0000012600)="000000000000000000000000000000000000000000000000000000001dcd000080810000003004043d5cbe5a3d5cbe5a3d5cbe5a0000000000000100080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001400000000000000000000000000000000000000000000000000000000000000d85e0000", 0xa0, 0x9ae0}, {&(0x7f0000012800)="0000000000000000000000000000000000000000000000000000000099090000", 0x20, 0x9c60}, {&(0x7f0000012a00)="000000000000000000000000000000000000000000000000000000008d010000ff81000000000000782bbe5a3c1ebe5af11dbe5a00000000000002000000000000000800000000000af300000400000000000000000000000000000000000000", 0x60, 0x9de0}, {&(0x7f0000012d00)="000000000000000000000000000000000000000000000000000000007c2b0000ed41000000040000601ebe5a9e1dbe5a9e1dbe5a00000000000002000200000000000800000000000af301000400000000000000000000000100000019000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bde60000a481000013000000601ebe5a9e1dbe5a9e1dbe5a00000000000001000200000000000800000000000af30100040000000000000000000000010000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006ab40000ed410000000400007220be5a7120be5a7120be5a00000000000002000200000000000800000000000af30100040000000000000000000000010000001b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c210000a481000000000000782bbe5a7120be5a7120be5a00000000000001000000000000000800000000000af300000400000000000000000000000000000000000000", 0x1e0, 0x9fe0}], 0x0, &(0x7f0000013000))

2018/04/19 22:46:05 executing program 6:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000006c0)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="bc8e77958ed7e3bf4ef572723c7b6f49427c3e5c23a2c040d0e3275b5c1fab494ff89bb9657415a15e857fd64d704f0c0ad238b28277bdf6d3c6b0363060888585f8d3edaf94544bb73bf880abec9efde167e8012ab82def38587aec106cfc8c9f4bd2856fa8bece44b4e11deef59037efdc8f7e2b4136ee8d3569ca39b7648334", 0x81)

2018/04/19 22:46:05 executing program 1:
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = dup(r0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x7fff)
sendfile(r1, r2, &(0x7f0000d83ff8), 0x8000fffffffe)

syzkaller login: [   43.223203] ip (3739) used greatest stack depth: 54688 bytes left
[   43.637672] ip (3777) used greatest stack depth: 54408 bytes left
[   44.706914] ip (3881) used greatest stack depth: 54200 bytes left
[   44.809959] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.816454] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.850297] device bridge_slave_0 entered promiscuous mode
[   45.014198] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.020726] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.063181] device bridge_slave_0 entered promiscuous mode
[   45.080014] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.086519] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.103582] device bridge_slave_0 entered promiscuous mode
[   45.129439] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.135976] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.153844] device bridge_slave_0 entered promiscuous mode
[   45.176231] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.182704] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.211241] device bridge_slave_1 entered promiscuous mode
[   45.219784] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.226308] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.265240] device bridge_slave_0 entered promiscuous mode
[   45.280965] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.287435] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.313390] device bridge_slave_1 entered promiscuous mode
[   45.333573] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.340130] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.350866] device bridge_slave_1 entered promiscuous mode
[   45.363103] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.369572] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.392983] device bridge_slave_0 entered promiscuous mode
[   45.411182] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   45.418339] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.424807] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.441976] device bridge_slave_0 entered promiscuous mode
[   45.458083] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.464594] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.498151] device bridge_slave_1 entered promiscuous mode
[   45.508269] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   45.517486] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.524140] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.535461] device bridge_slave_1 entered promiscuous mode
[   45.576861] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   45.585597] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   45.592906] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.599388] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.612966] device bridge_slave_0 entered promiscuous mode
[   45.628571] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.635125] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.657017] device bridge_slave_1 entered promiscuous mode
[   45.683485] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.689982] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.734372] device bridge_slave_1 entered promiscuous mode
[   45.743096] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   45.754078] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   45.795191] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   45.805896] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   45.823206] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.829666] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.874758] device bridge_slave_1 entered promiscuous mode
[   45.883490] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   45.930774] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   45.960871] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   45.998909] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.085841] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.128656] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.139010] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.301937] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.560745] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   46.764065] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   46.790771] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   46.830924] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   46.978424] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   46.985736] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.022759] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.031070] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.106143] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.125957] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.191546] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.198877] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.327336] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.336618] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.353962] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.563917] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.682426] ip (4094) used greatest stack depth: 53640 bytes left
[   47.797850] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   47.950560] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   47.970503] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.064834] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.164638] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   48.171880] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.183810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.214714] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.235404] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   48.249141] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   48.257258] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.270646] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.420876] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   48.442211] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   48.451067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.467679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   48.481463] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.489295] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   48.504428] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   48.511664] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   48.527363] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   48.554437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.584842] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.612826] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.637906] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.663291] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.675174] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   48.687565] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.699844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.720850] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   48.731134] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.746726] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   48.763179] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   48.778493] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   48.786841] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   48.803330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.842324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   48.869738] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.891735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.914831] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   48.924131] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   48.931772] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   48.941588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.950721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.976616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.997406] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.027449] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.054620] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.062253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.075285] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.103133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.119209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.152650] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.162430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.178275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.206818] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.216466] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.225837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.281445] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.288616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.304088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.331910] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.339579] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.380842] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.087715] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.094209] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.101123] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.107576] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.153187] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   51.161121] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   51.197766] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.204224] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.211050] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.217500] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.253390] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   51.268911] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.275401] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.282330] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.288804] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.345933] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   51.371992] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.378494] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.385394] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.391842] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.445091] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   51.459148] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.465637] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.472467] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.479991] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.504896] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   51.526089] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.532563] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.539412] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.545869] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.608812] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   51.678823] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.685311] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.692214] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.698673] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.749843] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   51.764763] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.771242] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.778106] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.784561] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.799522] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.192208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.205086] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.246522] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.272945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.302664] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.318644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.331539] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   60.461505] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   60.835812] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   60.845859] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.005310] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.131454] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.197948] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.237548] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   61.243802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.253914] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.292674] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.308679] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   61.667549] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   61.673852] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.681872] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.741147] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   61.747540] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.758612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.794146] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   61.814259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.828346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.927246] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   61.933563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.944366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.035747] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   62.042018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.055582] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.147872] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   62.154192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.165674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.195182] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   62.212740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.223656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/04/19 22:46:32 executing program 0:
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x800000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="00080000ec050000130200001200000000000000030000000001000024d96443e10000001e000000000000000010ec0302000100526549734572324673", 0x3d, 0x10000}], 0x0, &(0x7f0000000240)=ANY=[])

2018/04/19 22:46:32 executing program 2:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=ANY=[], &(0x7f0000000180), 0x0)
fdatasync(0xffffffffffffffff)
pwritev(r1, &(0x7f0000000100)=[{&(0x7f0000000200)="01ec45c0545122dd428881956f7bcfde2d20f57016bb8193406589d77305523be72bd1ff4b84c3375858e067ae38aa86099aa9a4c7d575d2364b51583d27e168357825ebb94f9ce635f3e10e53017b290d971eafc650e7d628cb1d8aadaf611bad84a2147aba15c5333573b1493f27fea83e7d8e8efd12a3adbb6390c4d747bd28cc115a75eeb56cba01925b900f3aa0e5a2134f5a44f099a0d4bca1b55054f7143c37ed66ff78fb7107", 0xaa}], 0x1, 0x30)
read(r0, &(0x7f0000000380)=""/229, 0xe5)
r2 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x1fffe, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000000))
r3 = open$dir(&(0x7f0000000500)='./file0\x00', 0x2, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1f)
write(r3, &(0x7f0000000300)="d88a8d38144e5013d473c0ac2ca61ff3b749a4f5c7e6e9c2ce586e5cfca5d60ffc9a4df71856925b300ab39b1dd592385821faecb039bcdc475ffbacb982187073fc479f1cc6ffa0000af0026e75921d8a8310071ec28e0e6292680755ec70aa73", 0x61)
sendfile(r3, r3, &(0x7f0000000040), 0x7527fb3200000000)
sendfile(r3, r2, &(0x7f0000000180), 0x12000)
ftruncate(r2, 0x0)

2018/04/19 22:46:32 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000013900)=ANY=[])
mount(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='mqueue\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f0000002600)='./file0/file0\x00', 0x0, 0x0)
pipe(&(0x7f00000015c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendfile(r1, r0, 0x0, 0x3)

2018/04/19 22:46:32 executing program 1:
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = dup(r0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x7fff)
sendfile(r1, r2, &(0x7f0000d83ff8), 0x8000fffffffe)

2018/04/19 22:46:32 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x6)
sendmmsg(r0, &(0x7f0000003f00)=[{{&(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, 0x80, &(0x7f0000000780)}}, {{&(0x7f0000000840)=@in6={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0xb25}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000001c00)}}], 0x2, 0x0)

2018/04/19 22:46:32 executing program 6:
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="4244d6e42a80d6e42a87010000050003000007fa000002000000080000040000001907d708756e7469746c656400000000000000000000000000000000000000000000000000000000030000200000002000000200000007000000020000000000000000000000000000000000636e6500000000993e0512a4e8a2b5000000000000000020000000001000000000000000000000200000100010", 0x9a, 0x400}, {&(0x7f0000010200)="00000000000000000100000300000000000000000000000000000000000000000200000700000010", 0x28, 0x800}, {&(0x7f0000010500)="00000000000000000100000300000002000000030000001400000001000000060200002500000010", 0x28, 0x2800}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000001f800f80078000e0000000200000000ff01000300000f000000000108756e7469746c65640001000000000700000002d6e42a80d6e42a86000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000020000030000000000000000000000000108756e7469746c656400000000000000000000000000000000000000000000000b00000000020566696c6530020082003f3f3f3f3f3f3f3f00000000000000000000001000000000000a0000020000000000000000000000d6e42a86d6e42a860000000000000000000000000000000000000000000000200001", 0x114, 0x29e0}, {&(0x7f0000010b00)="00000000000000000000000000000000000001aa01b0017a014400d20060000e000000000000000000020005000025000000000108756e7469746c65640000000000000000000000000000000000000000000000000000012500000000020566696c65310000000000000000000000000000000000000000000000000000000000022500000000020566696c65340000000000000000000000000000000000000000000000000000000000052500000000110566696c65300000000000000000000000000000000000000000000000000000000000042500000000140066696c6530000000000000000000000000000000000000000000000000000000000006", 0x100, 0x2de0}, {&(0x7f0000010e00)="0000000000000000000000000000000001c4018e0158012200ec00b60080000e0000000400000002ff01000500000b00000000020566696c6534020082003f3f3f3f3f3f3f3f0000000000000000000000150000000000000000000000000000000000000000d6e42a86d6e42a8600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e000000000208564944454f5f54530001000000000100000016d6e42a86d6e42a8600000000000000000000000000000000000000ff000000000000000000000000000000000000000000000000000000000000000018000000000212d181d18ed0b7d0bad0b0d0bbd0bbd0b5d18000020082003f3f3f3f3f3f3f3f0000000000000000000000180000000000100000020000000000000000000000d6e42a86d6e42a860000000000000000000000000000000000000000000000220001000000000000000000000000000000000000000000000000060000000010000004000000000000000000000000020566696c65300000000000000000000000000000000000000000000000000000060000000011000003000000000000000000000000020566696c6531000000000000000000000000000000000000000000000000", 0x1e0, 0x31e0}, {&(0x7f0000011200)="000000000000000000000000000000000000018e0158012200b0007a0044000e", 0x20, 0x35e0}, {&(0x7f0000011400)="d181d18ed0b7d0bad0b0d0bbd0bbd0b5d1800a00000000000000000000000000", 0x20, 0x4a00}, {&(0x7f0000011600)="4244d6e42a80d6e42a80010000000003000007fa000002000000080000040000001007da08756e7469746c656400000000000000000000000000000000000000000000000000000000020000200000002000000000000000000000000000000000000000000000000000000000636e6500000000993e0512a4e8a2b5000000000000000020000000001000000000000000000000200000100010000000000000", 0xa0, 0xffc00}], 0x0, &(0x7f0000011700))
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x1)
execveat(r0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000500)=[&(0x7f00000000c0)='$security\x00', &(0x7f0000000180)='\x00', &(0x7f00000001c0)='minix\x00', &(0x7f0000000400)='vmnet0\x00', &(0x7f0000000440)=']!}%#]trusted{self\x00', &(0x7f0000000480)='cgroup+\x00', &(0x7f00000004c0)='minix\x00'], &(0x7f0000000680)=[&(0x7f0000000540)='posix_acl_accessvboxnet1{\x00', &(0x7f0000000580)='hfs\x00', &(0x7f00000005c0)='ppp0vboxnet1eth1ppp1\x00', &(0x7f0000000600)='wlan1system\x00', &(0x7f0000000640)='minix\x00'], 0x1000)
open$dir(&(0x7f0000000140)='./file0/file0\x00', 0x2243, 0x2)

2018/04/19 22:46:32 executing program 4:
perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
write(r0, &(0x7f0000000080)="1f00000010000900040000000000e7fb0300000408000200000004ad06ffef", 0x1f)

2018/04/19 22:46:32 executing program 3:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
waitid(0x0, 0x0, &(0x7f0000000b00), 0x0, &(0x7f0000000b40))

[   68.055433] netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'.
2018/04/19 22:46:33 executing program 5:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a000007000000000000000000000005001a0000000000000000000000ffff7f006f85fe80000000000000ff01000000000000000014146d6033052eea"], 0x3e}, 0x1}, 0x0)

2018/04/19 22:46:33 executing program 7:
r0 = socket$nl_xfrm(0x11, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r0, 0x8955, &(0x7f0000000000)={"020081007f001e0020008ca7cc991735"})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000040)={<r1=>0x0, @in={{0x2, 0x4e21, @loopback=0x7f000001}}, 0xf1, 0x9e}, &(0x7f0000000100)=0x90)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={r1, 0x3}, &(0x7f0000000180)=0x8)

[   68.229213] netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'.
2018/04/19 22:46:33 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = memfd_create(&(0x7f0000000240)='\x00', 0x2)
r2 = socket(0xb, 0x5, 0x3)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f00000000c0)={0x0, 0x8}, 0x8)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000001c0)=@assoc_value={0x0, 0x793}, &(0x7f0000000200)=0x8)
bind$alg(r2, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(sha224-avx,xts-camellia-aesni-avx2)\x00'}, 0x58)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x2000, 0x0)
accept$inet(r3, &(0x7f0000000040)={0x0, 0x0, @remote}, &(0x7f0000000080)=0x10)

2018/04/19 22:46:33 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x200, 0x0)
getsockname$netrom(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x10)
fgetxattr(r0, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000080)=""/2, 0x2)
memfd_create(&(0x7f0000000040)='+eth1-selinuxeth0\x00', 0x3)

2018/04/19 22:46:33 executing program 0:
r0 = getpgid(0x0)
rt_sigqueueinfo(r0, 0xe, &(0x7f0000000080)={0x1c, 0x6, 0xfffffffffffffffd, 0x3})
get_mempolicy(&(0x7f0000000000), &(0x7f0000000040), 0xd3, &(0x7f0000ffb000/0x4000)=nil, 0x8)
socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000100)=r0)

[   69.008015] ==================================================================
[   69.015577] WARNING: memcpy-param-overlap in generic_perform_write+0x4c6/0x990
[   69.023082] __msan_memcpy(ffff8801c8a09061, ffff8801c8a09000, 3999)
[   69.029576] CPU: 1 PID: 5820 Comm: syz-executor2 Not tainted 4.16.0+ #84
[   69.036412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.045762] Call Trace:
[   69.048365]  dump_stack+0x185/0x1d0
[   69.052015]  __msan_memcpy+0x90/0x1f0
[   69.055836]  iov_iter_copy_from_user_atomic+0xb04/0x17d0
[   69.061304]  generic_perform_write+0x4c6/0x990
[   69.065874] ==================================================================
[   69.073218] BUG: KMSAN: uninit-value in kernel_text_address+0x248/0x3a0
[   69.079947] CPU: 1 PID: 5820 Comm: syz-executor2 Not tainted 4.16.0+ #84
[   69.086769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.096103] Call Trace:
[   69.098676]  dump_stack+0x14a/0x1d0
[   69.102290]  ? kernel_text_address+0x248/0x3a0
[   69.106852]  kmsan_report+0x142/0x240
[   69.110646]  __msan_warning_32+0x6c/0xb0
[   69.114709]  kernel_text_address+0x248/0x3a0
[   69.119098]  __kernel_text_address+0x34/0xe0
[   69.123486]  show_trace_log_lvl+0x954/0x1030
[   69.127880]  ? __generic_file_write_iter+0x43b/0x990
[   69.132969]  show_stack+0xfc/0x150
[   69.136490]  ? print_worker_info+0x1b0/0x660
[   69.140880]  dump_stack+0x185/0x1d0
[   69.144486]  __msan_memcpy+0x90/0x1f0
[   69.148268]  iov_iter_copy_from_user_atomic+0xb04/0x17d0
[   69.153709]  generic_perform_write+0x4c6/0x990
[   69.158277]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   69.163631]  __generic_file_write_iter+0x43b/0x990
[   69.168546]  ? rwsem_down_write_failed+0x2c/0x30
[   69.173287]  generic_file_write_iter+0x814/0xbf0
[   69.178044]  ? __generic_file_write_iter+0x990/0x990
[   69.183131]  do_iter_readv_writev+0x7bb/0x970
[   69.187609]  ? __generic_file_write_iter+0x990/0x990
[   69.192705]  do_iter_write+0x30d/0xd40
[   69.196574]  ? kmsan_set_origin_inline+0x6b/0x120
[   69.201399]  ? __generic_file_write_iter+0x990/0x990
[   69.206486]  vfs_iter_write+0x118/0x180
[   69.210447]  iter_file_splice_write+0xbc3/0x1710
[   69.215211]  ? splice_from_pipe+0x2c0/0x2c0
[   69.219520]  ? splice_from_pipe+0x2c0/0x2c0
[   69.223825]  direct_splice_actor+0x19b/0x200
[   69.228217]  splice_direct_to_actor+0x764/0x1040
[   69.232965]  ? do_splice_direct+0x540/0x540
[   69.237278]  ? security_file_permission+0x28f/0x4b0
[   69.242276]  ? rw_verify_area+0x35e/0x580
[   69.246405]  do_splice_direct+0x335/0x540
[   69.250535]  do_sendfile+0x1067/0x1e40
[   69.254412]  SYSC_sendfile64+0x1b3/0x300
[   69.258454]  SyS_sendfile64+0x64/0x90
[   69.262239]  do_syscall_64+0x309/0x430
[   69.266109]  ? SYSC_sendfile+0x320/0x320
[   69.270153]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   69.275321] RIP: 0033:0x455329
[   69.278497] RSP: 002b:00007f4f7a362c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   69.286199] RAX: ffffffffffffffda RBX: 00007f4f7a3636d4 RCX: 0000000000455329
[   69.293454] RDX: 0000000020000040 RSI: 0000000000000018 RDI: 0000000000000018
[   69.300706] RBP: 000000000072c180 R08: 0000000000000000 R09: 0000000000000000
[   69.307969] R10: 7527fb3200000000 R11: 0000000000000246 R12: 00000000ffffffff
[   69.315228] R13: 00000000000004cf R14: 00000000006fa408 R15: 0000000000000004
[   69.322486] 
[   69.324096] Local variable description: ----newattrs.i@file_remove_privs
[   69.330918] Variable was created at:
[   69.334614]  file_remove_privs+0x46/0x830
[   69.338739]  __generic_file_write_iter+0x1d7/0x990
[   69.343640] ==================================================================
[   69.350971] Disabling lock debugging due to kernel taint
[   69.356397] Kernel panic - not syncing: panic_on_warn set ...
[   69.356397] 
[   69.363750] CPU: 1 PID: 5820 Comm: syz-executor2 Tainted: G    B            4.16.0+ #84
[   69.371881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.381212] Call Trace:
[   69.383783]  dump_stack+0x14a/0x1d0
[   69.387389]  panic+0x39d/0x940
[   69.390570]  ? kernel_text_address+0x248/0x3a0
[   69.395130]  kmsan_report+0x238/0x240
[   69.398910]  __msan_warning_32+0x6c/0xb0
[   69.402951]  kernel_text_address+0x248/0x3a0
[   69.407337]  __kernel_text_address+0x34/0xe0
[   69.411725]  show_trace_log_lvl+0x954/0x1030
[   69.416113]  ? __generic_file_write_iter+0x43b/0x990
[   69.421199]  show_stack+0xfc/0x150
[   69.424719]  ? print_worker_info+0x1b0/0x660
[   69.429106]  dump_stack+0x185/0x1d0
[   69.432711]  __msan_memcpy+0x90/0x1f0
[   69.436493]  iov_iter_copy_from_user_atomic+0xb04/0x17d0
[   69.441925]  generic_perform_write+0x4c6/0x990
[   69.446659]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   69.452017]  __generic_file_write_iter+0x43b/0x990
[   69.456936]  ? rwsem_down_write_failed+0x2c/0x30
[   69.461671]  generic_file_write_iter+0x814/0xbf0
[   69.466408]  ? __generic_file_write_iter+0x990/0x990
[   69.471493]  do_iter_readv_writev+0x7bb/0x970
[   69.475972]  ? __generic_file_write_iter+0x990/0x990
[   69.481064]  do_iter_write+0x30d/0xd40
[   69.484938]  ? kmsan_set_origin_inline+0x6b/0x120
[   69.489765]  ? __generic_file_write_iter+0x990/0x990
[   69.494847]  vfs_iter_write+0x118/0x180
[   69.498805]  iter_file_splice_write+0xbc3/0x1710
[   69.503554]  ? splice_from_pipe+0x2c0/0x2c0
[   69.507858]  ? splice_from_pipe+0x2c0/0x2c0
[   69.512159]  direct_splice_actor+0x19b/0x200
[   69.516550]  splice_direct_to_actor+0x764/0x1040
[   69.521283]  ? do_splice_direct+0x540/0x540
[   69.525581]  ? security_file_permission+0x28f/0x4b0
[   69.530580]  ? rw_verify_area+0x35e/0x580
[   69.534710]  do_splice_direct+0x335/0x540
[   69.538836]  do_sendfile+0x1067/0x1e40
[   69.542710]  SYSC_sendfile64+0x1b3/0x300
[   69.546749]  SyS_sendfile64+0x64/0x90
[   69.550529]  do_syscall_64+0x309/0x430
[   69.554397]  ? SYSC_sendfile+0x320/0x320
[   69.558442]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   69.563610] RIP: 0033:0x455329
[   69.566783] RSP: 002b:00007f4f7a362c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   69.574467] RAX: ffffffffffffffda RBX: 00007f4f7a3636d4 RCX: 0000000000455329
[   69.581713] RDX: 0000000020000040 RSI: 0000000000000018 RDI: 0000000000000018
[   69.588961] RBP: 000000000072c180 R08: 0000000000000000 R09: 0000000000000000
[   69.596208] R10: 7527fb3200000000 R11: 0000000000000246 R12: 00000000ffffffff
[   69.603454] R13: 00000000000004cf R14: 00000000006fa408 R15: 0000000000000004
[   69.611144] Dumping ftrace buffer:
[   69.614660]    (ftrace buffer empty)
[   69.618349] Kernel Offset: disabled
[   69.621954] Rebooting in 86400 seconds..