INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts. 2018/04/14 11:43:55 fuzzer started 2018/04/14 11:43:56 dialing manager at 10.128.0.26:36243 2018/04/14 11:44:02 kcov=true, comps=false 2018/04/14 11:44:04 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x101902) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, "6df1733d7a8a242fd899e0633f5fcea8fb5a550ed80ebba4d909c7a124d8ac39add13dc93a80f22ff9fd35a844f3e8b5ade4e5935137af6fe251190634435dca", "6aaba7a936009867bd21273a08478220febadc5ca001880000833b9ff18a89a285bd40691fdaee090426b5018b540982daacf1e7a2fb27febc2e8d7b46599493", "ecd2881042e088581e6e599a5591e6c882e32e7ea6697b93d32112b2bc83d72a"}) 2018/04/14 11:44:04 executing program 1: r0 = socket$inet(0x2, 0x3, 0x5) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x2, {{0x2, 0x0, @rand_addr=0xffffffffedddb9a5}}}, 0x88) 2018/04/14 11:44:04 executing program 7: 2018/04/14 11:44:04 executing program 2: 2018/04/14 11:44:04 executing program 4: keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000940)=[{}, {&(0x7f0000000a80)="42ae95c0d5f71e5e8bd772e99abb484eba737e04885594381c878840877c6d1468e41b0791a7c21efe4f19ebe50fd271c9e06ab9160ca940f8e99744eb1fd41f2faae7b57bd007581a00fa05ee7698a7f534eb5f35a76f9da94a9fc1a741eb5893366e34c10a41e6b8306a4673e13ec27a70aaa6c051b6b43d5985828fb6c194cdf70d8ab3a51a08087b6c1ad0b59ec23be12a009b37611983c9fc9790e5f71c", 0xa0}, {&(0x7f0000000880)="58866f3c21d373aff2a7cad23b68f8e1dab61bf7ef2961788d81611c85c4830c5125f6c153136d3d0eeec84f7c1bcd88a2a317a151f76d2eb033f8a55128c1410ddf9d5340d368d1bb83f3f390d06387d5664049878bf417a381de73bf7e18bafa851842869fe8c34eee618e212ffe5da9c77ba3f87aeb778cbbca8f683ccd1eab6734e7559d282a3cd4859d140db7b17385aac089be7b84ab5c3ab9016536aed825d950857a33ba1c1032a737258711c005cd75c0769a54e86f1e", 0xbb}], 0x3, 0x0) 2018/04/14 11:44:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x0) fcntl$setstatus(r1, 0x4, 0x2800) 2018/04/14 11:44:04 executing program 5: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getpgrp(0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f0000000280), 0xfffffffffffffe74, 0x20008045, &(0x7f0000000240)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) fcntl$setsig(r0, 0xa, 0x11) 2018/04/14 11:44:04 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'lo\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="3000000000000000000000000000000000000000ac1414aae000000200000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000fe8000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000003c87aaaaaaaaaa000000000000000000000000000000000000000000000000000000000000000000000000000a"]}) syzkaller login: [ 44.321697] ip (3778) used greatest stack depth: 54672 bytes left [ 45.243080] ip (3876) used greatest stack depth: 54200 bytes left [ 45.810284] ip (3921) used greatest stack depth: 53640 bytes left [ 45.876533] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.883124] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.919545] device bridge_slave_0 entered promiscuous mode [ 45.955700] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.962213] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.003381] device bridge_slave_0 entered promiscuous mode [ 46.019285] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.025751] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.061976] device bridge_slave_0 entered promiscuous mode [ 46.080905] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.087382] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.113967] device bridge_slave_0 entered promiscuous mode [ 46.130765] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.137236] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.147626] device bridge_slave_0 entered promiscuous mode [ 46.159916] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.166374] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.189770] device bridge_slave_1 entered promiscuous mode [ 46.202128] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.208623] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.232958] device bridge_slave_1 entered promiscuous mode [ 46.240499] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.246970] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.266643] device bridge_slave_0 entered promiscuous mode [ 46.287493] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.293980] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.306534] device bridge_slave_0 entered promiscuous mode [ 46.325106] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.331571] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.345598] device bridge_slave_1 entered promiscuous mode [ 46.354266] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.360704] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.379295] device bridge_slave_1 entered promiscuous mode [ 46.388488] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.395711] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.402161] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.416476] device bridge_slave_0 entered promiscuous mode [ 46.437240] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.443672] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.455944] device bridge_slave_1 entered promiscuous mode [ 46.477530] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.486518] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.492961] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.532736] device bridge_slave_1 entered promiscuous mode [ 46.561785] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.568236] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.597942] device bridge_slave_1 entered promiscuous mode [ 46.607197] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.617078] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.627093] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.636621] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.645148] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.652363] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.658804] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.709294] device bridge_slave_1 entered promiscuous mode [ 46.739246] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.786701] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.811917] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.844598] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.856883] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.921396] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.939454] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.034516] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.176918] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.558903] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.630944] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.754454] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.765930] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.791794] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.817402] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.842332] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.927104] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.001142] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.008578] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.018125] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.058861] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.108972] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.187905] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.204767] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.292634] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.785451] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.802086] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.975955] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.984929] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.002724] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.051316] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.086419] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.167478] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.181117] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.189389] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.212529] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.221479] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.238977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.268566] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.276718] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.287287] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.299976] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.322006] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.362258] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.372459] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.380415] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.389714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.438267] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.445600] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.453692] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.466331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.488831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.528517] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.535645] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.552371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.572779] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.586348] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.593577] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.625262] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.649725] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.665180] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.680455] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.687495] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.695587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.710924] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.717996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.733783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.753169] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.772215] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.779373] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.800820] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.832632] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.839741] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.858772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.884294] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.897441] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.905858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.940558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.973526] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.999757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.025228] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.039291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.057375] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.097197] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.104350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.124720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.173935] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.181776] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.196691] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 51.767524] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.774078] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.780936] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.787406] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.840773] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.847190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.041607] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.048116] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.054986] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.061447] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.073500] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.091265] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.097732] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.104583] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.111096] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.144512] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.202612] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.209127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.215980] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.222427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.233465] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.334272] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.340770] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.347608] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.354087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.385871] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.395636] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.402135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.409008] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.415489] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.427910] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.438259] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.444695] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.451518] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.457947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.467561] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.478140] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.484592] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.491442] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.497888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.505678] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.896178] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.909942] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.929369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.941980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.950116] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.959058] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.966843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.939982] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.359733] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.466364] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.541734] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.587211] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.621302] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.759486] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 61.765864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.777586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.800237] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.810358] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 62.180160] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.186499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.203578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.233202] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.239485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.258817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.301367] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.307626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.325092] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.427556] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.434778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.447327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.472592] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.480361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.500593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.553260] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.566164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.573989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.734994] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.741328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.754907] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/14 11:44:30 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000016ffc)=0xfffff7fffffffffd, 0x4) bind$inet(r1, &(0x7f0000011ff0)={0x2, 0x4e20, @multicast2=0xe0000002}, 0x10) 2018/04/14 11:44:30 executing program 1: 2018/04/14 11:44:30 executing program 1: 2018/04/14 11:44:30 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f00000002c0)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, r1, 0x0) 2018/04/14 11:44:31 executing program 6: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x49, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x3, 0x40) 2018/04/14 11:44:31 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f00000002c0)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000240)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") pread64(r2, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) 2018/04/14 11:44:31 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000300)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) sendmmsg(r0, &(0x7f0000003ec0)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000002640)="5b5331d25a71c6a64f00d90720f785f88f9e63f90f76c48feee314083a181eefab2af8a65643ebc8c2b907fdebdd7b6aabd04ebe5b3133ae10d25c8992f969f3462f985649a0d1aeb7d535535fe9ce30e21dc14811cdff61456d7141cc19a8c86d8c80ccc6639cbb396c5307933f3d1c5a346d2d3a47311974a4970abaccab9b06afbdf003eb24b16c82af83155e9b5533db3eeb4e9c0722105fdc7585c77f5238ae3d12f08c8ab6dcf0edb2490a54ac46932250eb853d86d10cff49f40797062fee0affd74773c634", 0xc9}], 0x1, &(0x7f0000003640)}}], 0x1, 0x0) shutdown(r0, 0x1) clock_gettime(0x0, &(0x7f0000004d00)={0x0, 0x0}) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000000)={@in={{0x2, 0x0, @loopback=0x7f000001}}, 0x0, 0x40, 0x0, "bb7d979a5ee032056dff2fc639ba6368d0d71d898a4e124cf21cd30cb70965e6517b9cd90bda9821886e8cd3637def26f925ad25edc2a48d5320748f0957c324fe23baa6085747576770b4aaa4b7bab6"}, 0xd8) recvmmsg(r0, &(0x7f0000004b00)=[{{&(0x7f0000002500)=@sco, 0x80, &(0x7f0000004340)=[{&(0x7f00000041c0)=""/215, 0xd7}], 0x1, &(0x7f0000000180)=""/186, 0x2c}}, {{&(0x7f0000004600)=@nfc_llcp, 0x80, &(0x7f0000004a40), 0x0, &(0x7f0000004ac0)}}], 0x2, 0x0, &(0x7f0000000140)={0x0, r1+30000000}) 2018/04/14 11:44:31 executing program 6: perf_event_open(&(0x7f0000271000)={0x2, 0x70, 0x49, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80003, 0xef) sendto$inet6(r0, &(0x7f0000001ffe), 0x0, 0x0, &(0x7f0000003000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x7}, 0x1c) [ 68.560428] ================================================================== [ 68.567839] BUG: KMSAN: uninit-value in tcp_parse_options+0xd74/0x1a30 [ 68.574480] CPU: 0 PID: 5777 Comm: syz-executor1 Not tainted 4.16.0+ #83 [ 68.581292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.590622] Call Trace: [ 68.593200] dump_stack+0x185/0x1d0 [ 68.596818] ? tcp_parse_options+0xd74/0x1a30 [ 68.601291] kmsan_report+0x142/0x240 [ 68.605080] __msan_warning_32+0x6c/0xb0 [ 68.609130] tcp_parse_options+0xd74/0x1a30 [ 68.613450] tcp_validate_incoming+0x4f1/0x2790 [ 68.618105] tcp_rcv_state_process+0xb19/0x6490 [ 68.622752] ? kmsan_set_origin_inline+0x6b/0x120 [ 68.627579] ? _raw_spin_unlock_bh+0x10/0x70 [ 68.631966] tcp_v4_do_rcv+0xb26/0xd90 [ 68.635831] ? inet_sk_rx_dst_set+0x2c0/0x2c0 [ 68.640303] __release_sock+0x2d6/0x680 [ 68.644257] release_sock+0x97/0x2a0 [ 68.647948] tcp_recvmsg+0x365f/0x40b0 [ 68.651823] ? __msan_poison_alloca+0x80/0x1d0 [ 68.656385] ? tcp_peek_len+0x400/0x400 [ 68.660335] inet_recvmsg+0x4c2/0x5f0 [ 68.664115] sock_recvmsg_nosec+0x109/0x140 [ 68.668415] ? inet_sendpage+0x8c0/0x8c0 [ 68.672456] ___sys_recvmsg+0x3fb/0x810 [ 68.676407] ? __msan_poison_alloca+0x15c/0x1d0 [ 68.681065] ? _cond_resched+0x3c/0xd0 [ 68.684941] ? rcu_all_qs+0x32/0x1f0 [ 68.688632] ? _cond_resched+0x3c/0xd0 [ 68.692498] ? __sys_recvmmsg+0x908/0xdb0 [ 68.696624] ? rcu_all_qs+0x32/0x1f0 [ 68.700313] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 68.705740] __sys_recvmmsg+0x54e/0xdb0 [ 68.709698] SYSC_recvmmsg+0x29b/0x3e0 [ 68.713564] SyS_recvmmsg+0x76/0xa0 [ 68.717181] do_syscall_64+0x309/0x430 [ 68.721067] ? __sys_recvmmsg+0xdb0/0xdb0 [ 68.725203] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 68.730368] RIP: 0033:0x455319 [ 68.733533] RSP: 002b:00007f0105459c68 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 68.741215] RAX: ffffffffffffffda RBX: 00007f010545a6d4 RCX: 0000000000455319 [ 68.748459] RDX: 0000000000000002 RSI: 0000000020004b00 RDI: 0000000000000013 [ 68.755706] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 68.762963] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 68.770209] R13: 0000000000000495 R14: 00000000006f9e98 R15: 0000000000000000 [ 68.777455] [ 68.779058] Uninit was created at: [ 68.782589] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 68.787667] kmsan_kmalloc+0x94/0x100 [ 68.791443] kmsan_slab_alloc+0x11/0x20 [ 68.795393] __kmalloc_node_track_caller+0xaed/0x11c0 [ 68.800564] __alloc_skb+0x2cf/0x9f0 [ 68.804255] tcp_send_ack+0x18c/0x910 [ 68.808041] tcp_fin+0x298/0x8f0 [ 68.811393] tcp_data_queue+0x2cb9/0xa200 [ 68.815518] tcp_rcv_state_process+0x5c61/0x6490 [ 68.820248] tcp_v4_do_rcv+0xb26/0xd90 [ 68.824112] tcp_v4_rcv+0x5b25/0x6750 [ 68.827887] ip_local_deliver_finish+0x6ed/0xd40 [ 68.832634] ip_local_deliver+0x43c/0x4e0 [ 68.836756] ip_rcv_finish+0x1253/0x16d0 [ 68.840790] ip_rcv+0x119d/0x16f0 [ 68.844222] __netif_receive_skb_core+0x47cf/0x4a80 [ 68.849213] process_backlog+0x62d/0xe20 [ 68.853247] net_rx_action+0x7c1/0x1a70 [ 68.857210] __do_softirq+0x56d/0x93d [ 68.860989] ================================================================== [ 68.868326] Disabling lock debugging due to kernel taint [ 68.873750] Kernel panic - not syncing: panic_on_warn set ... [ 68.873750] [ 68.881096] CPU: 0 PID: 5777 Comm: syz-executor1 Tainted: G B 4.16.0+ #83 [ 68.889209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.898540] Call Trace: [ 68.901122] dump_stack+0x185/0x1d0 [ 68.904729] panic+0x39d/0x940 [ 68.907909] ? tcp_parse_options+0xd74/0x1a30 [ 68.912382] kmsan_report+0x238/0x240 [ 68.916160] __msan_warning_32+0x6c/0xb0 [ 68.920200] tcp_parse_options+0xd74/0x1a30 [ 68.924505] tcp_validate_incoming+0x4f1/0x2790 [ 68.929158] tcp_rcv_state_process+0xb19/0x6490 [ 68.933803] ? kmsan_set_origin_inline+0x6b/0x120 [ 68.938641] ? _raw_spin_unlock_bh+0x10/0x70 [ 68.943039] tcp_v4_do_rcv+0xb26/0xd90 [ 68.946915] ? inet_sk_rx_dst_set+0x2c0/0x2c0 [ 68.951388] __release_sock+0x2d6/0x680 [ 68.955354] release_sock+0x97/0x2a0 [ 68.959065] tcp_recvmsg+0x365f/0x40b0 [ 68.962940] ? __msan_poison_alloca+0x80/0x1d0 [ 68.967505] ? tcp_peek_len+0x400/0x400 [ 68.971454] inet_recvmsg+0x4c2/0x5f0 [ 68.975236] sock_recvmsg_nosec+0x109/0x140 [ 68.979536] ? inet_sendpage+0x8c0/0x8c0 [ 68.983577] ___sys_recvmsg+0x3fb/0x810 [ 68.987531] ? __msan_poison_alloca+0x15c/0x1d0 [ 68.992174] ? _cond_resched+0x3c/0xd0 [ 68.996045] ? rcu_all_qs+0x32/0x1f0 [ 68.999736] ? _cond_resched+0x3c/0xd0 [ 69.003605] ? __sys_recvmmsg+0x908/0xdb0 [ 69.007730] ? rcu_all_qs+0x32/0x1f0 [ 69.011419] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 69.016852] __sys_recvmmsg+0x54e/0xdb0 [ 69.020810] SYSC_recvmmsg+0x29b/0x3e0 [ 69.024679] SyS_recvmmsg+0x76/0xa0 [ 69.028283] do_syscall_64+0x309/0x430 [ 69.032150] ? __sys_recvmmsg+0xdb0/0xdb0 [ 69.036275] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.041440] RIP: 0033:0x455319 [ 69.044606] RSP: 002b:00007f0105459c68 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 69.052288] RAX: ffffffffffffffda RBX: 00007f010545a6d4 RCX: 0000000000455319 [ 69.059532] RDX: 0000000000000002 RSI: 0000000020004b00 RDI: 0000000000000013 [ 69.066778] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 69.074030] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 69.081284] R13: 0000000000000495 R14: 00000000006f9e98 R15: 0000000000000000 [ 69.088949] Dumping ftrace buffer: [ 69.092479] (ftrace buffer empty) [ 69.096162] Kernel Offset: disabled [ 69.099763] Rebooting in 86400 seconds..