INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.54' (ECDSA) to the list of known hosts. 2018/04/07 09:04:37 fuzzer started 2018/04/07 09:04:37 dialing manager at 10.128.0.26:38639 2018/04/07 09:04:43 kcov=true, comps=false 2018/04/07 09:04:46 executing program 0: creat(&(0x7f0000005000)='./file0\x00', 0x0) setxattr(&(0x7f0000008ff8)='./file0\x00', &(0x7f0000004000)=@known='system.posix_acl_access\x00', &(0x7f0000007ffd)='})\x00', 0x3, 0x0) 2018/04/07 09:04:46 executing program 1: r0 = syz_open_dev$tun(&(0x7f00007ff000)='/dev/net/tun\x00', 0x0, 0x0) fsetxattr(r0, &(0x7f0000262fe8)=@known='system.posix_acl_access\x00', &(0x7f000050bff4)="020000000800002000000000", 0xc, 0x0) 2018/04/07 09:04:46 executing program 7: mkdir(&(0x7f0000632000)='./file0\x00', 0x0) mount(&(0x7f0000ddd000)='./file0\x00', &(0x7f0000014ff8)='./file0\x00', &(0x7f0000014000)='proc\x00', 0x1, &(0x7f0000fd8000)) r0 = open(&(0x7f0000fd1000)='./file0\x00', 0x0, 0x0) renameat2(r0, &(0x7f0000fcf000)='./bus\x00', r0, &(0x7f0000fceffa)='./file0\x00', 0x0) 2018/04/07 09:04:46 executing program 4: timer_create(0xfffffffffffffffd, &(0x7f0000044000)={0x0, 0x14, 0x0, @thr={&(0x7f0000a85f68), &(0x7f00009d0000)}}, &(0x7f0000454000)) timer_settime(0x0, 0x0, &(0x7f0000fcf000)={{}, {0x0, 0x989680}}, &(0x7f0000046000)) timer_settime(0x0, 0x0, &(0x7f00007af000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 2018/04/07 09:04:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f00008cf000)=0x4f15, 0x4) getsockopt$sock_buf(r0, 0x1, 0x40000000000001d, &(0x7f0000861000)=""/48, &(0x7f000025bffc)=0x30) 2018/04/07 09:04:46 executing program 3: r0 = gettid() rt_sigprocmask(0x0, &(0x7f0000024000)={0xfffffffffffffffe}, 0x0, 0x8) timer_create(0x0, &(0x7f0000044000)={0x0, 0x14, 0x4, @tid=r0}, &(0x7f0000044000)) tkill(r0, 0x5) timer_settime(0x0, 0x0, &(0x7f0000011000)={{}, {0x0, 0x9}}, &(0x7f0000046000)) tkill(r0, 0x12) 2018/04/07 09:04:46 executing program 5: mkdir(&(0x7f0000ca4ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f000000aff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x1, &(0x7f000000a000)) mount(&(0x7f000012bff8)='./file0\x00', &(0x7f00006af000)='./file0\x00', &(0x7f000030fff8)='qnx6\x00', 0x203ffd, 0x0) 2018/04/07 09:04:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000892ff0)=[{&(0x7f0000499f6b)="580000001400192300a13680040d8c560a060000000000001ffffffffffffc01000004ca7f64643e8900050028635a0004fbf510000200dd1b000000160000ed5dfffff5000022000d000100040408000009ea0000000000", 0x58}], 0x1) syzkaller login: [ 43.909885] ip (3779) used greatest stack depth: 54408 bytes left [ 45.177116] ip (3903) used greatest stack depth: 54200 bytes left [ 47.040283] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.153101] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.228975] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.238891] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.268069] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.499384] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.524977] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.616711] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.811609] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.870588] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.073838] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.098979] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.113568] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.322471] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.374729] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.384713] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.579248] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.585483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.599558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.689873] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.696196] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.709144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.742981] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.750996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.770485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.803799] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.812735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.840662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.961134] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.969278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.002237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.127842] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.134318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.147607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.192188] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.198436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.226564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.262171] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.281132] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.294473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/07 09:05:02 executing program 7: unshare(0x8000400) pipe2(&(0x7f00009ffff8)={0x0}, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000ab0000)={r0, &(0x7f0000d5f000), &(0x7f0000c2d000)=""/232}, 0x18) 2018/04/07 09:05:03 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000ed4ff0)=[{&(0x7f000093cfc7)="390000001100094701bb61e1c30500ff070000000200000045efffff08009b0019001a000f000000220001070000000004e9ff0006000d0005", 0x39}], 0x1) 2018/04/07 09:05:03 executing program 4: set_mempolicy(0x1, &(0x7f0000003000), 0x101) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001000)='/dev/ptmx\x00', 0x2, 0x0) write(r0, &(0x7f000006e000)="7f", 0x1) 2018/04/07 09:05:03 executing program 2: memfd_create(&(0x7f0000003000)='wlan0*mime_type-trusted}&wlan0vmnet1.trusted{\\{GPL\x00', 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000003000), &(0x7f0000f0dffc)=0xc) prctl$getreaper(0x66, &(0x7f0000002ffc)) 2018/04/07 09:05:03 executing program 1: symlink(&(0x7f0000109000)='..', &(0x7f0000b07000)='./file0\x00') lgetxattr(&(0x7f0000194000)='./file0\x00', &(0x7f00002f5fe7)=@known='system.posix_acl_default\x00', &(0x7f000055dfc8)=""/56, 0x38) 2018/04/07 09:05:03 executing program 7: perf_event_open(&(0x7f0000272f88)={0x7, 0x78, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/07 09:05:03 executing program 0: clock_adjtime(0xe9a85802f77b326b, &(0x7f0000001f30)) 2018/04/07 09:05:03 executing program 4: r0 = socket(0x10, 0x2, 0x9) write(r0, &(0x7f0000be0ff0)="0100000000090200ba1506c507371a23", 0x10) 2018/04/07 09:05:03 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000058ff7)='/dev/sg#\x00', 0x0, 0x40002) ioctl(r0, 0x5381, &(0x7f0000978000)) 2018/04/07 09:05:03 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt(r0, 0x0, 0x41, &(0x7f0000694fef)=""/17, &(0x7f00009b3ffc)=0x11) 2018/04/07 09:05:03 executing program 7: perf_event_open(&(0x7f0000271000)={0x2, 0x78, 0x0, 0x80000002}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000057c000)={0x2, 0x78, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$void(0x20) 2018/04/07 09:05:03 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000002ef88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r0) 2018/04/07 09:05:03 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000096000)=[{&(0x7f00000ad000)="580000001400192300a14b80040d8c560a0600000000e076000543d8d8fe5800000004ca7f64643e8900050028635a0004fbf5100002000000000000001c04ed5dfffff5000022000d00010008ffffdf0001000f536e06ce", 0x58}], 0x1) 2018/04/07 09:05:03 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000c47000)=0xa, 0x4) 2018/04/07 09:05:03 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000d18ffc)=0x8001, 0x4) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000bcbffc), &(0x7f0000ff0000)=0x4) 2018/04/07 09:05:03 executing program 3: epoll_create1(0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f000030c000)='/dev/vga_arbiter\x00', 0x0, 0x0) eventfd2(0x0, 0x0) unshare(0x400) pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000), &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8}) 2018/04/07 09:05:03 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:03 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000474fec)={0x1, 0x800000000000003b, 0x7, 0x4}, 0x1c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f000077cfe0)={r0, &(0x7f0000ab2000), &(0x7f0000da1000)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000146000)={r0, &(0x7f00005da000), &(0x7f0000d30000), 0x1}, 0x20) 2018/04/07 09:05:03 executing program 7: r0 = memfd_create(&(0x7f000003affa)='posix_acl_access{Y\x00', 0x0) lseek(r0, 0x7ffffffffffffffb, 0x0) fcntl$lock(r0, 0x7, &(0x7f000003f000)={0x0, 0x1, 0x0, 0x2000000000000000}) 2018/04/07 09:05:03 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000283000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_DIRECT_IO(r0, 0x301, 0x0) 2018/04/07 09:05:03 executing program 2: futex(&(0x7f0000004000), 0x400000085, 0x0, &(0x7f0000001ff0), &(0x7f0000004000), 0x4020000002) 2018/04/07 09:05:03 executing program 0: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000216ffc), &(0x7f0000042ffc)=0x4) 2018/04/07 09:05:03 executing program 6: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x10) r0 = socket(0x11, 0x4000000000080003, 0x0) setsockopt(r0, 0x107, 0xd, &(0x7f0000001000), 0x47e) setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f0000f25000), 0x4) 2018/04/07 09:05:04 executing program 2: r0 = socket$inet6(0xa, 0x80005, 0x0) getsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000001ffc), &(0x7f0000001000)=0x4) 2018/04/07 09:05:04 executing program 4: mkdir(&(0x7f0000dda000)='./file0\x00', 0x0) mount(&(0x7f0000757000)='./file0\x00', &(0x7f0000d10000)='./file0\x00', &(0x7f0000da7ff9)='mqueue\x00', 0x0, &(0x7f0000ad5ffd)) link(&(0x7f00005e6000)='./file0\x00', &(0x7f00003bd000)='./file1\x00') 2018/04/07 09:05:04 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:04 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000edffc)=0x23, 0x7) 2018/04/07 09:05:04 executing program 7: r0 = socket$inet6(0xa, 0x3, 0xe2) getsockopt$sock_buf(r0, 0x1, 0x1f, &(0x7f0000e3cfba)=""/70, &(0x7f00005d3ffc)=0x46) 2018/04/07 09:05:04 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000851ffc), 0x2) 2018/04/07 09:05:04 executing program 6: mprotect(&(0x7f0000001000/0x5000)=nil, 0x5000, 0x0) madvise(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x10) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x10) 2018/04/07 09:05:04 executing program 5: mkdir(&(0x7f0000578000)='./file0\x00', 0x0) lsetxattr(&(0x7f000022a000)='./file0\x00', &(0x7f0000faffe7)=@known='system.posix_acl_default\x00', &(0x7f00006ef000)="0200000022ffffabea0000000730de2d6a1f06a06113d50da1a968afad148199a1fc48ffd407080813893fd75218535017c594af85c33081ec56f6f323b0664b964851746f35f0b0f8e1d5fc5fbaf6eb9631d8fd06a1f2", 0x57, 0x0) 2018/04/07 09:05:04 executing program 7: r0 = msgget$private(0x0, 0x0) msgrcv(r0, &(0x7f0000e88000)={0x0, ""/170}, 0xb2, 0x0, 0x0) msgrcv(r0, &(0x7f0000290ff8), 0x8, 0x0, 0x0) msgsnd(r0, &(0x7f0000e2d000)={0x2, "742e75946b886002d469cdfb9ebda6bf62f855141e7886520ab5fd525c4ebaba3555ea9ef76cb79f92e53c91275de93d564a4e33fc10b9e13fea237d2fbbc47eff9bce5cc92b66329699dc4163f2b279704e9faca09c9341de06f07aa227ac9a757ffa4bc5de5b346707f33b50f8add74c6bc795dcbacb24b503280725da6c6c26be0f3768d66d92edbb11d70d362dfb05186c1762fbda75154826a09c207be0521836165baf7a03c615be"}, 0xb3, 0x0) 2018/04/07 09:05:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000461000)={0x10, 0x0, 0x2}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r1, &(0x7f0000686ff4)={0x10, 0x0, 0x2}, 0xc) close(r1) 2018/04/07 09:05:04 executing program 6: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000a2bf70), &(0x7f000097c000)}}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) socketpair$unix(0x1, 0xa00000000002, 0x0, &(0x7f0000886ff8)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r2, 0x7, &(0x7f0000002000)={0x1}) unshare(0x400) fcntl$lock(r2, 0x7, &(0x7f0000010000)) tkill(r0, 0x1000000000016) dup3(r1, r2, 0x0) 2018/04/07 09:05:04 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:04 executing program 3: syz_emit_ethernet(0xe, &(0x7f00000e6000)={@random="d3b647655b1e", @empty, [], {@generic={0x8864}}}, 0x0) 2018/04/07 09:05:04 executing program 0: mkdir(&(0x7f000091a000)='./file0\x00', 0x0) mount(&(0x7f00007a3ff8)='./file0\x00', &(0x7f00004f5ff8)='./file0\x00', &(0x7f00000e1000)='ramfs\x00', 0x0, &(0x7f0000c81ffe)) mount(&(0x7f0000762ff8)='./file0\x00', &(0x7f000055b000)='./file0\x00', &(0x7f0000304000)='tracefs\x00', 0x180000, &(0x7f0000f59000)) 2018/04/07 09:05:04 executing program 5: pipe(&(0x7f00005ceff8)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f00006cffc0)=[{&(0x7f0000f2d000)="0f", 0x1}], 0x1) write(r1, &(0x7f0000e7c000)="2faf45a4c1a770c3daa9190f02e957dbeea878b050038d88884932192020ea8ca07f3f3c5c9c202437368f9f362497bbaf4af5bcdf4676fb06997bd2d24741e65a8fdf67da7fd0c91f167dac8d20572c728e447b52234df6fc40545e827ac0ae6e261c7d50b25a7e9507accd56a2b94d9b5da97aaa7a3bb304107023bb2e2e371908a8fc6871cf64ba3be800924093db2a4f1172bdff360c265469cda961f5f64193efcf5f87c9ad993221eecf79cf94536338e11d54eefbaa03820a1fa6f80a6032d159c4a688c348b070ed1843ff643a9974e34cec2ce1a9e4dcd26009400b27a78b8280b5bc8b53c0e749c94a9f81e92408da96029605b1ec525e81dae132250286cb02f5c292d3e2d759fd43970b536f07b171730f92deb3dd62b6df3c2ca485c21af5688210e617cf37d63ac9811939abc81a64960b65809419d4da0e4f9b432fd3f13eb54e8fb018ce25e59ceb49dfb72a4779e08b0415bff7bb52fc7ba9c10672cbc15e86d348c18d8a19d40e5e73cb2033f09b3e1a79267bf46fa22168555fef69cc69ff99fb0d98c472bd0feb2ecacc601feab5e5863c196b60fc300a8207b1cb2327a3195d81a7d07007b758621885d59c969c8783aa67c81e40b9cad5c0cf4ddf3905fb4a31f3de141c31f3464da1392bcac21d4320db6bb8a2b704449a101af7ece84a90bb6f9476ef33735be48ab96dc88f20b7b5a12b21f08ccec368e227fcd04311fc74836f8e75476c15f2a609fd8602209d639a67b1ac7ad6b20760b5d0773c0bcb744fa45525bf09c91df36c4f9488fa52f701a636c9aefae0199c8965a249aaa24fbe0db4cdc23d112d5db4abd432e5dd46bb7f9b9fcc9b8f8378d1b73dba351e24c2e1132eeb2322715676584ae7cf0561e2ad74a5758d9eb028bd5314d374aa185da08b2a526b5e113f35dfc76f9814cedfe00658189fca96a54c31e809cb6332ca39c38c6fbe4ffe59d4181a23e46dbc0321901f75de74e06938301b2ca33450000a816bdb16734f6a4989933e156c6eed210c4b353a9c42b512098f85fd0644b21bfe93cc0616b657105004133cb35d65d1896c31c6632b4411831a61c241a6841bfbb543f007a5853716f77b47940693296898d57a3d6fb64c91c1cfb2918a7bdd6716e7144b95544de1b12120e89dd558e5614d66944c9da928dbe748e19bc04b45b8b3d302bbb09f1f6a5336fc00d198efe6f3c5c4dd3053773ea714bd3644ff17a6f23ca240f4ece14a1b6e1280dba11e3fd270e53d66bff86930fe9f3c381d77f6bfae3966ca8d545e7a5409c3ed37afdbc6969b31037dea2e5720b1e3f3c57df2a1f856f4dd1f2cbded1e8b5bee1d363e3630c5c1c91b339eed6ca5fb461df69e7de8aa941359d36f36a6cab04570ada2d4317663b936b2882c3a22053260df1c36640569a3d5fcbe750b3a1fb013172f9e4f0ec8817a38f41e71bd5a2dd6d841c493dee801e0a81fa2e46ca96ea25cb48018b0d6f365711bf3c57987e4a8469a8c1cc7dfa8e21754de12d26cf5347f1f1b2bae5cb04c39cafbb1dc57314b4818d4a94b1e060b71b8fb9ffe83c7e23cd287763be5e2ac6f637c50ab80705f0d365308b86ae72dda795f4578579ef6ac917da54403f5c4631d56e6e2612430c6de489c8dd8a9b554816382f6a1e26ee625f19fc8d5f030309e091ca3c8d1a1057219d8c3f9e6ae521d1434676d628f654a8d307bcec6955ce6f20b434d3d014b216158a11c3822651b6df2ce88a9bbc36b2c1b99d252666da6e3e0be2750d19bff0e3343b69898fe2221410802e639b8f8bc01fbaab5d5bd068ad93e0459739f87eeed4d689c9a955cd98b2dc17cbef54d203974482031fcd5c3d7356cb3f00e37caf3681a207cf8af305f3367a9f1f37cd4285e7df1b1719c52e5578587f4c84c2631e2066d01514d06ae0f4129bbb879df38d48f308926d27a3c46829ec29780c28e1bc11df8a4eaaa10563eaad8f8e3b091776eb779eea92bf0cff435060c93a6c93b9850d775843e3e84b7ba0a911345dde82b82d2903bca451eb6ec282799f8f45a78740f9a83d5051c7460c088f837ddb5f44c5eedfa32d16bab6c7a355886307170baa8df7755048b1eef5c411e91469508dc318b961a0d2f06a520b2821a6582635fa6c5e8faeda3ac5fffad6195a965463483c65643d225fbc8632b5af012f6d8c9e192aa2415342c228fb1d6b7b3af1683d03882c87e8774df725d7336cacd87a1f3a0327b8e877bdd6092e36941572151d30525e9536466c7890d2ae0d9910252ee70e7a88d0407989f23669b34f96380a5f56fbec4093c1701fc7c0dbe20d670d9a9c9b7e6e5b525fa77179872640f278f1497af24983be6f07285ff78702050cfcecdbcfe5cc528b52528be5525ebe58aa171361a96b602022266bd90fcee36f38a8bdbc8c8e69829faae1034da3d25e37217d480868cd46ef7dc00ef489d2127d74d3faa280aa1180cb3fdca3467341ec5355e3766b04fb53a8aba1f1f3fbd30b3ef1810ae12748b46a422e23b72939044ce049eb5754e6472c63959a24bf486a1da8aaa3f888a2daeb98b6ce1bd6d26c884b56863722e6db1122e59d0e838e9eba6759607302fa2de8a8ecf9d20ee0f9a84123ab5d74c7860a117acf7efba50f52766f2564b9f8082c92cdc8447d70ff4fac0e6925e7a38261154e89c96fe1601cefbeb8686fb0c4f1cb5820640076cae6da0ed5398a53432420b018d858b1f3e45f6e38c422cda6d47ae5ef562d1c26c20b21483e4baf1014c59a05b92ec36d8a820455bbf71bb7c019e911f2c785dc604c8214b67a930a9bd3c2cf6f836c9ce1d282abf3065cc51a86d785eff1610d0033d0f9e5e10aeabb27c3863843faaa30373e3ef21bae1c97f67a24ba1114e6c7d3436c79b3a9c253e987d5baf822e1319d421131635d75da9a4ef4defaae280d3acf555ab02c08534eafcdc9c654d9d1d89418752ce6f8b4359c461ac19c47f06b3a59dac51e224f8ef1133fdc6b4f79572b6e615d7f9d9f64a7cf22b7380a638fa8ced1eafcbda73dc22b44e286ab91910f513b4ed2b0edec503ff1f673698c94d826065f8598085e78309a734a89f29fb276830f938179b836223df58914528985b4953cc3a054e214061475042aa14adb71b1c84de579d805304dc37e2a5976c298273c06e378abfbe688f0522267eebadd671622048422fa13b1d874a607e42c165a621d8525120dd98afcee4de8d019ad5c71336d66907a224480fe11bd91d0999f224dd47860f639082959bda4746fd1d60c4354a357372bb8093f546e8995aade7842db35d99ec8c6f16812fc07dd500f7c40e7482ff1e6411ba2a82fc55f0f2d60809f9456378031eddccb3971662b71238978646db2a84c68d0b82fc33282b347949c0124fedc8e7b1145b31e33914784b5d8465dfbedf2274f0ee6f82736841219f3e3d3796eb380853dd0d6054b38f07d7e30f5584a3f8b6cf2cb263b1ffb5a959d92e477b52dd2f4eb8ac1aefa6e8d34f04312aa5873856453c6afb40159655aaf0ab851dea02f239b1a083f3b07e800f8bed0cc5ff6ffcb48fc66b3f467ca594625343bd26c73cc68f5761ce0392808e1f00b0153f6a723a0591a1857e8fb81482300a6335117ee8893c1e79c90aada0dfe6182f9009df5b9fa2699164c6906df28662696bf14a62126e13598b13b4d6d520d6f8eca280e7846dcf1c3310a56fc0f1bb63a3a3bb5d2ef6df4411adb7d28860e8ae1a146d494ae7ceddfdf2ae5dd61fc436da06f4a124571d463e610bd6f365019ddc72c932e8082738e51639d0926f62bc5a446f120e77b109c636b1ade29701984205fc885991b2fe0105722ccfd32088816aacae649f684ac6d7ae824f23ab3aa6c65ed586b238080d55b3aec2e053def3afa3105f4c600ff403c26388b5af853d51398a02ff23e358a9d700957271166d34189cdd8beed47040b4bd30e5b6669c7f5881ee28b3aa21d0cc86dc4140115c90ac1c4fb349bda2026d10b203830e3f6df4247ff665a0ec8979e52b9ea480bf962b05da8b504002c6e6d9af22289d86f23caae0542f78ffaceb0628f5fe6fa8bb875e748607a4e446467cd9c893e0abb385d7374c007836358aff5898c47930b0af479190e5eb3ec128f89349917fb66dfb3a89beb2ca2ec38ebf348d528e0cf2f3f9f265dd2730a924ae53918dc7cd156ff20e6367a3dfcf3faaf3461004b720d2b01f6ff36a10399cf872aafea54e0e752faa98c7947e40216f959f10732158dbba0769ec4c8159b33813a29e330168a0917fe1c0c85016a301a0bf4b9abd46a416986354d6735f80bb0feaf6150e2403444e413ced89199a8dec78600844cbcd112d09175a92f51fd0b706e7c84ab3d5e9874bf35f53f7ad5ebb38206e1131a6a6c402e9161f6d9904d33764a4f0bb4abacc45ca96bca85b482df3e04f64c3b8cc024123330b803a0b07d80b3dda1af68cf0160c86349c5bc9ace32bc8f22a9b0e1355c6c983e3d669e571c755820f0b4feafb2149b2cf2f1b7ff5b3fc7101d00ea99c173ddee29a64e00b853f318cd97866c2821037d619e59f0ff4306b89729ee8eea7795097a1c80bdbf42b19246a1c98ee4df05cbe97731737e0d9ab43af9a87c7df06f68a1715d5963cece6eb8bc3c22ea2d263bb2945a7765ef978707aae0931ea87ff01c48698a2588e9fbacefea74b6155dbe58b4f8f30737780bbd268e4b78b03c5389beab197b207cfa2a154c4651225b046a3e2b10be5db77edc33435e75ae862165b36136bbd5dbf4bbba9a5e8e541bff66d2f76454dd2d808572845ba1a3ad770658b2ee35a7ccebd45a6f4b5eb4403d706174c47e968ce8636464039d3ae89a2ac0dcc2ff26a35e74e1a0579f6b353fcc901088af186ecad15e5da3a3b241098a8de3ea89339efadabb063d91517e9c9e9c35ade7a2dfab8eb4eff6e6766577e52f2ae33f0a0e3f061aaeae967deaedb97f961d05524dbc96cfcac7dda8cb184b72abca9b69747a77e385939920ec985494ca2272449dfdae47d299f55d37c87697dd7353d2c0ee762881171d4ca563facb7cca9a70faf726aee6e9ab5728f78defefa8ed5c186f5ea7d01ab4c0a43e6a83089c20bd360aa5ca8bdb1b2937e637fb784503fe643177e4316f5afabfe0617fcf65f057ba36461540cf9bf58a13fb27d196d5a5cf6dc4da66a82a8a35371fe51038fec9e489bcf72b00c0f7e3a23a8be1d340f341ca46fbd91339826a637006845ed9d049cdc8d131def8f1520ed019c386d2ee2423768e12ba4d1f7cc6be1d5d21ef7f7fda77aaef1860c209724d5f09b651c5448f145db640cf49b03b247fed6d9fce2ca7eff75ffb1b3eac285457c6b2825d734e71856f7cec78c5be09f362070a6279817b628d4717670f064e92957286756d6b8534a3fabb08ca9956d098dcc65a8b681864b77b9ea2562f707b893c0d5c033198e02dcbc8b123126ebf635db67800535907244e1b142955bfb7dc7c6aff1beeb6d1ed66084154ea7a8262de349b756bdc68875007daeadc28cb09e4eeea5357262099f6e4f9b3e2c8e42ad8ce5db17c945315df5856edbef5bafe9b696bb41eaef94d8c231bfc5de055aca020f8721dfd8a5a5ec1bfb3d016d14d3034a5d4f588532fc02304f0c8e1c77e1863f07ea9a5fad9c45dea86732f710b92d9ac5b5424e6f63ddcb10f89d3b223885ceeadb7e37851537bb7e3eb0bf142ec94432c9199904eff66406e78b864d065caf128549cdf29032f3d72503bfdddeb3aa", 0x1000) close(r1) close(r0) 2018/04/07 09:05:05 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000c47fec)={0x6, 0x4, 0x8008, 0x80}, 0x14) 2018/04/07 09:05:05 executing program 0: mkdir(&(0x7f0000632000)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000014ff8)='./file0\x00', &(0x7f0000014000)='proc\x00', 0x1, &(0x7f0000fc9000)) r0 = open(&(0x7f0000032ff8)='./file0\x00', 0x0, 0x0) fchownat(r0, &(0x7f0000762ffa)='./bus\x00', 0x0, 0x0, 0x0) 2018/04/07 09:05:05 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x1, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000f43000)=@assoc_value, &(0x7f000086cffc)=0x8) 2018/04/07 09:05:05 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:05 executing program 2: r0 = socket(0x1, 0x802, 0x0) connect$ax25(r0, &(0x7f00004d1ff0)={0x3, {"00c50413000006"}}, 0x0) 2018/04/07 09:05:05 executing program 5: r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000006000)="240000005200030207fffd946fa283bc32eee6d87986c497271d8568b51ba3a2d188737e", 0x24}], 0x1}, 0x0) 2018/04/07 09:05:05 executing program 7: r0 = memfd_create(&(0x7f000003affa)='posix_acl_access{Y\x00', 0x0) pwrite64(r0, &(0x7f0000bb6ffe)="02", 0x1, 0x20000) lseek(r0, 0x0, 0x3) 2018/04/07 09:05:05 executing program 6: bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18}, [@jmp={0x5, 0x0, 0xc}], {0x95}}, &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0x3f3, &(0x7f0000011000)=""/195}, 0x271) 2018/04/07 09:05:05 executing program 1: syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:05 executing program 6: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) r2 = timerfd_create(0x0, 0x0) dup2(r0, r2) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00006f6000)={0x1050000000}) 2018/04/07 09:05:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000fe6ff6)='/dev/ptmx\x00', 0x0, 0x0) r1 = epoll_create(0x30fd) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c3bff4)) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r0, 0x0) dup2(r0, r2) ioctl$TCFLSH(r2, 0x540b, 0x0) 2018/04/07 09:05:05 executing program 2: signalfd4(0xffffffffffffffff, &(0x7f0000c72000), 0x8, 0x40000) 2018/04/07 09:05:05 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) mount(&(0x7f0000037000)='./file0\x00', &(0x7f0000c4fff8)='./file0\x00', &(0x7f000002effa)='ramfs\x00', 0x100000, &(0x7f0000ce3000)) mount(&(0x7f000052f000)='./file0\x00', &(0x7f0000e71000)='.', &(0x7f00000a7ffc)='pstore\x00', 0x1000, 0x0) mount(&(0x7f0000275fff)='.', &(0x7f0000fa8ff8)='./file0\x00', &(0x7f00002e3ffa)='ocfs2\x00', 0x80000, 0x0) mount(&(0x7f0000555000)='./file0\x00', &(0x7f0000bbfff8)='./file0\x00', &(0x7f00007f1ff9)='9p\x00', 0x1000000000801000, &(0x7f00008b3fc0)) umount2(&(0x7f0000d5bfff)='.', 0x0) 2018/04/07 09:05:05 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000a9ffe0), &(0x7f000003effc)=0x20) 2018/04/07 09:05:05 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) clock_nanosleep(0x0, 0x0, &(0x7f0000011ff0)={0x77359400}, &(0x7f0000000000)={0x0}) timer_create(0x0, &(0x7f0000000fa0)={0x0, 0x0, 0x1, @thr={&(0x7f0000003f6d), &(0x7f0000003f5f)}}, &(0x7f0000000ffc)) timer_settime(0x0, 0x0, &(0x7f0000004fe0)={{r0}, {r0}}, &(0x7f0000003fe0)) 2018/04/07 09:05:05 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f00006de000)='stat\x00') r1 = syz_open_procfs(0x0, &(0x7f0000e97ff5)='projid_map\x00') sendfile(r1, r0, &(0x7f0000317ff8)=0x4b, 0x400000ff) 2018/04/07 09:05:05 executing program 4: r0 = memfd_create(&(0x7f0000ee4000)='/dev/vga_arbiter\x00', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000ff5000)='net/rt_cache\x00') sendfile(r0, r1, &(0x7f00006dbff8), 0x401) 2018/04/07 09:05:05 executing program 6: get_mempolicy(&(0x7f0000cb9ffc), &(0x7f0000f6e000), 0x51, &(0x7f0000eda000/0x2000)=nil, 0x7) 2018/04/07 09:05:05 executing program 1: syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:05 executing program 2: r0 = gettid() rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) timer_create(0xb, &(0x7f00009cefa8)={0x0, 0x12, 0x4, @tid=r0}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) timer_settime(0x0, 0x0, &(0x7f000015a000)={{}, {0x77359400}}, &(0x7f00005e6000)) 2018/04/07 09:05:05 executing program 0: getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000003000)={0x0, 0x8000}, &(0x7f0000001ffc)=0xc) prctl$getreaper(0x66, &(0x7f0000002ffc)) io_setup(0xed, &(0x7f0000d34000)) 2018/04/07 09:05:05 executing program 5: getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000003000)={0x0, 0x400000}, &(0x7f0000001ffc)=0xc) prctl$getreaper(0x66, &(0x7f0000002ffc)) mremap(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000005000/0x2000)=nil) mremap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x3000, 0x0, &(0x7f0000003000/0x3000)=nil) 2018/04/07 09:05:05 executing program 6: set_mempolicy(0x1, &(0x7f0000001ff8), 0x6) perf_event_open(&(0x7f0000b5d000)={0x1, 0x78, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/07 09:05:06 executing program 1: syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:06 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000f10ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r0, r1) rt_sigprocmask(0x0, &(0x7f00001b6ff8)={0xfffffffffffffffe}, 0x0, 0x8) write(r2, &(0x7f000027ef10), 0x0) 2018/04/07 09:05:06 executing program 5: r0 = creat(&(0x7f0000cf8000)='./file1\x00', 0x0) unshare(0x40600) mq_getsetattr(r0, &(0x7f000026efc0), 0x0) 2018/04/07 09:05:06 executing program 2: r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f00009ec000)="1f0000000104ff00fdde45c807110000f305f0f00800018001fd00dcffdf00", 0x1f) r1 = socket(0x10, 0x2, 0xc) write(r1, &(0x7f0000a6b000)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) write(r0, &(0x7f00009ec000)="1f0000000104ff00fdde45c807110000f305fbf00800018049080000ffdf00", 0x1f) 2018/04/07 09:05:06 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00005fe000)={0x5, 0x3, 0x9, 0xffffffffffffff10}, 0x1c) 2018/04/07 09:05:06 executing program 0: set_mempolicy(0x2, &(0x7f0000229000)=0xad, 0x7) r0 = open(&(0x7f0000ac1ff8)='./file0\x00', 0x4c0, 0x0) fsetxattr(r0, &(0x7f000094e000)=@random={"757365722e19", '/dev/loop-control\x00'}, &(0x7f0000d12ff4)="2f6465762f8001746f667300", 0xc, 0x0) 2018/04/07 09:05:06 executing program 6: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f000072a000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000fd4000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000953000/0x2000)=nil, 0x2000, 0x0, 0x4000032, 0xffffffffffffffff, 0x0) mmap(&(0x7f00009c9000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000fd4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) 2018/04/07 09:05:06 executing program 7: setitimer(0x0, &(0x7f0000000fe0)={{0x100000000000}, {0x77359400}}, &(0x7f0000eedfe0)) [ 61.172338] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. [ 61.202543] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. 2018/04/07 09:05:06 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x1e, &(0x7f00003e9000)=""/4096, &(0x7f0000df9000)=0xfffffe18) 2018/04/07 09:05:06 executing program 5: perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0x72f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/07 09:05:06 executing program 1: mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, 0xffffffffffffffff, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:06 executing program 4: mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000d25fef)='/dev/vga_arbiter\x00', 0x20001, 0x0) write$eventfd(r0, &(0x7f00009c2ff8), 0x8) [ 61.248411] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. 2018/04/07 09:05:06 executing program 3: symlink(&(0x7f000000bffa)='./control\x00', &(0x7f00006bb000)='./file0\x00') creat(&(0x7f0000b8cff8)='./file0\x00', 0x0) r0 = open(&(0x7f0000cd8ff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) rename(&(0x7f0000557000)='./file0\x00', &(0x7f0000473000)='./control\x00') 2018/04/07 09:05:06 executing program 6: r0 = socket$inet(0x10, 0x3, 0x0) fcntl$setownex(r0, 0xf, &(0x7f0000013000)={0x2}) fcntl$getownex(r0, 0x10, &(0x7f0000015ff8)) [ 61.305308] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. 2018/04/07 09:05:06 executing program 0: r0 = perf_event_open(&(0x7f0000000f88)={0x1, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000029000/0x3000)=nil, 0x3000, 0x0, 0x51, r0, 0x0) mremap(&(0x7f0000029000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000002000/0x1000)=nil) [ 61.381379] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. 2018/04/07 09:05:06 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000549ff0)=[{&(0x7f0000e81000)="580000001400192340834b80040d8c560a060000ec04a200000543dfd87c580000482405003263fa890005000000000000000004830200000000000000000000000000003f00000010000100040000000000000000000405", 0x58}], 0x1) 2018/04/07 09:05:06 executing program 5: mkdir(&(0x7f0000b38ff8)='./file0\x00', 0x0) r0 = inotify_init() r1 = epoll_create(0x200000a) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000b68000)) r2 = inotify_add_watch(r0, &(0x7f0000c3d000)='./file0\x00', 0x2) inotify_rm_watch(r0, r2) epoll_pwait(r1, &(0x7f0000529000)=[{}], 0x1, 0x0, &(0x7f00008e8ff8), 0x8) [ 61.446671] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. 2018/04/07 09:05:06 executing program 1: mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, 0xffffffffffffffff, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:06 executing program 6: capset(&(0x7f0000f50000)={0x20080522}, &(0x7f0000bb7fe8)) seccomp(0x1, 0x0, &(0x7f00008c1ff0)={0x1, &(0x7f0000000000)=[{}]}) 2018/04/07 09:05:06 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f000097e000)={@loopback={0x0, 0x1}, 0x400, 0x0, 0xff, 0x1, 0x62}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000e83000)={@loopback={0x0, 0x1}, 0x400, 0x0, 0x8002000000000ff}, 0x20) 2018/04/07 09:05:06 executing program 2: mkdir(&(0x7f0000d90ff8)='./file0\x00', 0x0) mount(&(0x7f0000212ff8)='./file0\x00', &(0x7f000078eff8)='./file0\x00', &(0x7f0000982ff9)='mqueue\x00', 0x0, &(0x7f0000653fff)) creat(&(0x7f0000873ff4)='./file0/bus\x00', 0x0) rename(&(0x7f0000d8c000)='./file0/bus\x00', &(0x7f0000109ff2)='./file0/file0\x00') 2018/04/07 09:05:06 executing program 0: capset(&(0x7f0000b3e000)={0x19980330}, &(0x7f0000f21fe8)) r0 = socket$netlink(0x10, 0x3, 0x40000000000c) writev(r0, &(0x7f0000644ff0)=[{&(0x7f0000ff8000)="480000001400257f09004b01fcfc8c560a880000f217e00600000000000000a2bc560300000000000000200028213ee206000000000000ffff5bf1ff00c7e5ed5e00000000620000", 0x48}], 0x1) 2018/04/07 09:05:06 executing program 7: r0 = memfd_create(&(0x7f0000a32ff6)='/dev/ptmx\x00', 0x2) fallocate(r0, 0x0, 0x0, 0x87da) fcntl$addseals(r0, 0x409, 0xf) fallocate(r0, 0x0, 0x0, 0x8) 2018/04/07 09:05:06 executing program 5: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00003d8fdc)="2400000058001f0014b241040009040002000710080001ffffffffff0800e5ffff0000f1", 0x24) 2018/04/07 09:05:06 executing program 6: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f000044affc), 0x1) 2018/04/07 09:05:06 executing program 1: mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, 0xffffffffffffffff, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:06 executing program 3: mq_timedsend(0xffffffffffffffff, &(0x7f0000a98f32), 0x0, 0xcdae, 0x0) [ 61.818242] capability: warning: `syz-executor0' uses 32-bit capabilities (legacy support in use) 2018/04/07 09:05:06 executing program 3: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000eaa000), &(0x7f00006ebffc)=0x14) 2018/04/07 09:05:06 executing program 5: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00003d8fdc)="2400000058001f0014b241040009040002000710080001ffffffffff0800e5ffff0000f1", 0x24) 2018/04/07 09:05:06 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r0, 0x10e, 0x5, &(0x7f00004ecffd), 0x0) 2018/04/07 09:05:06 executing program 6: r0 = socket(0x80000000010, 0x2, 0x0) getsockopt$sock_int(r0, 0x1, 0x2c, &(0x7f0000f6c000), &(0x7f0000b50000)=0x4) 2018/04/07 09:05:07 executing program 4: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000ba4000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, r0, 0x0) r1 = perf_event_open(&(0x7f0000014f88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00002e8000)}}, 0x0, 0x0, r0, 0x0) readv(r1, &(0x7f0000734000)=[{&(0x7f0000d42000)=""/146, 0x92}], 0x1) 2018/04/07 09:05:07 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:07 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$sock_int(r0, 0x1, 0x25, &(0x7f00007f1ffc)=0x8000027b, 0x4) 2018/04/07 09:05:07 executing program 2: seccomp(0x1, 0x0, &(0x7f000016fff0)={0x2, &(0x7f0000e5c000)=[{0x20, 0x0, 0x0, 0x2}, {0x6}]}) 2018/04/07 09:05:07 executing program 7: r0 = perf_event_open(&(0x7f0000000f88)={0x2, 0x78, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000469000)='/dev/ptmx\x00') 2018/04/07 09:05:07 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r1, 0x6, 0x22, &(0x7f00006aa000)=0x81, 0x4) 2018/04/07 09:05:07 executing program 3: r0 = socket$inet(0x11, 0x2, 0x0) bind(r0, &(0x7f0000002000)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x9) 2018/04/07 09:05:07 executing program 4: r0 = socket(0xa, 0x80001, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0}, &(0x7f0000b34ffc)=0xc) setresuid(r1, 0x0, 0x0) 2018/04/07 09:05:07 executing program 0: r0 = socket(0x10, 0x2, 0x0) write(r0, &(0x7f000026fdeb)="130000001000ffdde200f49ff60f050000230a009d0000005b0aafa73022e5f9ec3e4fe8697ae1a3490096000001e7b93c18983ae3820d1eb0f049a1b4b88ed4fc65be0602c2d3275df1f2aa09b1267c3d5f625e77e150da8ed7d56ca466a47bd87da5cd04b27dd26746ea50518c2c681bbce9093d468612f0267214ff9b20db0f7e5bf12930d837b9cb3452b6c4e2387d886959e4ebd30961933ae9f90d1ad5b56d2a917a6f575b8b76199346c8f325b8", 0xb1) 2018/04/07 09:05:07 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:07 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl(r0, 0x2276, &(0x7f0000001000)) 2018/04/07 09:05:07 executing program 2: perf_event_open(&(0x7f0000c51000)={0x6, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00005e1fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/07 09:05:07 executing program 5: mkdir(&(0x7f0000014000)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000014ff8)='./file0\x00', &(0x7f0000014000)='ramfs\x00', 0x0, &(0x7f000000a000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000012ff8)='./file0\x00', 0x0, 0x0) renameat2(0xffffffffffffffff, &(0x7f0000016000)='/', r0, &(0x7f00000f9000)='./file0\x00', 0x0) 2018/04/07 09:05:07 executing program 7: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect(r0, &(0x7f0000846ff0)=@ethernet={0xa, @local={[0xaa, 0xaa, 0xaa, 0xaa]}}, 0x10) 2018/04/07 09:05:07 executing program 6: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x7c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f00007b5000), 0x8) mkdir(&(0x7f00007b7000)='./control\x00', 0x0) signalfd(r0, &(0x7f00007b6ff8)={0x4}, 0x8) r1 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x72109c5fef5d34d3) r2 = gettid() fcntl$setown(r1, 0x8, r2) readv(r0, &(0x7f000008bfe0)=[{&(0x7f0000525000)=""/216, 0xd8}], 0x1) r3 = dup2(r1, r0) fcntl$setsig(r1, 0xa, 0x3) r4 = inotify_add_watch(r1, &(0x7f00007b4ff6)='./control\x00', 0x2000000) mmap(&(0x7f00003ef000/0xc00000)=nil, 0xc00000, 0x0, 0x32, 0xffffffffffffffff, 0x0) inotify_rm_watch(r3, r4) 2018/04/07 09:05:08 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000710fec)={0x2, 0x4, 0x2003, 0x9}, 0x1c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000198fe8)={r0, &(0x7f0000400f43), &(0x7f00002c2fe3)=""/29}, 0x10) 2018/04/07 09:05:08 executing program 0: r0 = socket$unix(0x1, 0x3, 0x0) bind$unix(r0, &(0x7f0000aa5ff8)=@abs={0x1}, 0x8) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f000059affc)=0x1c, 0x4) connect$unix(r0, &(0x7f00009c8000)=@abs={0x1}, 0x8) 2018/04/07 09:05:08 executing program 2: lstat(&(0x7f0000158ff8)='./file0\x00', &(0x7f0000e45fbc)) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00007f0000), &(0x7f00007e1000)=0x4) 2018/04/07 09:05:08 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:08 executing program 3: timer_create(0x0, &(0x7f0000000fa0)={0x0, 0x0, 0x1, @thr={&(0x7f0000c24000), &(0x7f0000000fd5)}}, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000337ff2)='timers\x00') preadv(r0, &(0x7f0000156000)=[{&(0x7f0000c80000)=""/40, 0x28}], 0x1, 0x800100000000036) 2018/04/07 09:05:08 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f00007c7000)=0x8, 0x4) 2018/04/07 09:05:08 executing program 6: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x7c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f00007b5000), 0x8) mkdir(&(0x7f00007b7000)='./control\x00', 0x0) signalfd(r0, &(0x7f00007b6ff8)={0x4}, 0x8) r1 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x72109c5fef5d34d3) r2 = gettid() fcntl$setown(r1, 0x8, r2) readv(r0, &(0x7f000008bfe0)=[{&(0x7f0000525000)=""/216, 0xd8}], 0x1) r3 = dup2(r1, r0) fcntl$setsig(r1, 0xa, 0x3) r4 = inotify_add_watch(r1, &(0x7f00007b4ff6)='./control\x00', 0x2000000) mmap(&(0x7f00003ef000/0xc00000)=nil, 0xc00000, 0x0, 0x32, 0xffffffffffffffff, 0x0) inotify_rm_watch(r3, r4) 2018/04/07 09:05:08 executing program 7: mkdir(&(0x7f0000508ff6)='./control\x00', 0x0) r0 = inotify_init1(0x0) fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3) r1 = gettid() fcntl$setown(r0, 0x8, r1) rt_sigprocmask(0x0, &(0x7f000003b000)={0xbffffffffffffffe}, 0x0, 0x8) fcntl$setsig(r0, 0xa, 0x20) inotify_add_watch(r0, &(0x7f00007a7000)='./control\x00', 0xa4000960) open(&(0x7f00003f5000)='./control\x00', 0x0, 0x0) 2018/04/07 09:05:08 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x5, 0x9}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f0000ef2000)={0x1, 0x7, &(0x7f0000ef2fa8)=@framed={{0x18}, [@map={0x18, 0x1, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x1a}], {0x95}}, &(0x7f0000ef2ff6)='syzkaller\x00', 0xa88d, 0x8b, &(0x7f0000ef2000)=""/139}, 0x48) 2018/04/07 09:05:08 executing program 7: bpf$PROG_LOAD(0x5, &(0x7f0000abf000)={0x1, 0x5, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x6c}, [@ldst={0x4, 0xf, 0x0, 0x0, 0x0, 0x0, 0x4}], {0x95}}, &(0x7f0000162000)='GPL\x00', 0x5, 0xc3, &(0x7f00001acf3d)=""/195}, 0x48) 2018/04/07 09:05:08 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000a7cff8)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r0, 0x1) poll(&(0x7f0000084ff0)=[{r1}], 0x1, 0x0) 2018/04/07 09:05:08 executing program 4: socket$inet_sctp(0x2, 0x5, 0x84) memfd_create(&(0x7f0000333ffd)='\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xd4e9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000002ef88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x9}, 0x14) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00007f2fe0)={r0, &(0x7f0000829fff), &(0x7f0000570fff)="16"}, 0x20) 2018/04/07 09:05:08 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:08 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000fc7000)={0x5, 0x4, 0x2b, 0x3}, 0x14) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000fc9fe0)={r0, &(0x7f0000e7d000), &(0x7f0000002000)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f000051e000)={r0, &(0x7f0000fc5000), &(0x7f0000950000), 0x1}, 0x20) 2018/04/07 09:05:08 executing program 3: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000816000/0x2000)=nil, 0x2000, 0x2, &(0x7f0000fbf000)=0x200000000000009, 0x3a2, 0x0) mbind(&(0x7f0000144000/0x1000)=nil, 0x1000, 0x1, &(0x7f00003afff8), 0x2, 0x0) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f000025dff8), 0xf0, 0x0) 2018/04/07 09:05:08 executing program 7: r0 = epoll_create1(0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000d36ff4)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f000001aff4)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000019000)) 2018/04/07 09:05:08 executing program 2: r0 = memfd_create(&(0x7f0000546000)='/dev/sg#\x00', 0x0) fcntl$setlease(r0, 0x400, 0x0) fcntl$setlease(r0, 0x400, 0x1) 2018/04/07 09:05:08 executing program 5: mkdir(&(0x7f0000632000)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000014ff8)='./file0\x00', &(0x7f0000014000)='proc\x00', 0x1, &(0x7f0000fc9000)) r0 = open(&(0x7f0000032ff8)='./file0\x00', 0x0, 0x0) faccessat(r0, &(0x7f0000e34000)='./bus\x00', 0x2, 0x0) 2018/04/07 09:05:08 executing program 4: mkdir(&(0x7f0000978000)='./file0\x00', 0x0) r0 = creat(&(0x7f0000068000)='./file0/file0\x00', 0x0) unshare(0x40600) fchmod(r0, 0x0) 2018/04/07 09:05:08 executing program 3: setrlimit(0x0, &(0x7f00005dbff0)={0xffffffffffffffff, 0xffffffffffffffff}) 2018/04/07 09:05:08 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:09 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f00005f2000)=0x2be, 0x4) getsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000b67000), &(0x7f00004d3ffc)=0x4) 2018/04/07 09:05:09 executing program 0: unshare(0x8000400) r0 = mq_open(&(0x7f0000000000)='*GPL[vmnet1@vmnet1{-vmnet@vboxnet0!vboxnet1+M\x00', 0x6e93ebbbcc0884ef, 0x0, &(0x7f0000664fc0)={0x0, 0x7, 0x2}) mq_getsetattr(r0, &(0x7f0000fb2000), &(0x7f0000ded000)) 2018/04/07 09:05:09 executing program 7: futex(&(0x7f000042d000), 0x109, 0x0, &(0x7f0000029000)={0x77359400}, &(0x7f0000292ffc), 0x0) 2018/04/07 09:05:09 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000f35000)={0x26, "68617368000000000000000200", 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00004e2fdd), 0x68ac015a202be15f) 2018/04/07 09:05:09 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000096000)=[{&(0x7f00000ad000)="580000001400192300a14b80040d8c560a0600000000e076000543d8d8fe580000004eca7f64643e8900050028635a0004fbf5100002000000000000001c04ed5dfffff5000022000d0001000100080000ec6b0f536e06ce", 0x58}], 0x1) 2018/04/07 09:05:09 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000a5bff7)='/dev/sg#\x00', 0x0, 0x0) ioctl(r0, 0x2285, &(0x7f0000379000)="53000000012e2e680ef7a8eaf3f568d65a00000001e52700f8fc73") 2018/04/07 09:05:09 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:09 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000adc000)="6e756d615f6d61707300b5c62eeedbc2799e2c854cfb9ead220e698a9e8de9f243640adf803c64577aa9e4e33f9f72e5185191246f8fe224cc925050e2a9e57dbf6b530a5ebbec861baf4dc4f84bb1df13f0b152aa3b6e781c81b6a8d091f88658ef4f16a21417d83d") mbind(&(0x7f0000acf000/0x3000)=nil, 0x3000, 0x4001, &(0x7f00002c9ff8)=0xc, 0x65, 0x0) pread64(r0, &(0x7f0000df6000), 0x0, 0x800000000000) 2018/04/07 09:05:09 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x0, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:09 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000004fc8)={&(0x7f000000aff4)={0x10}, 0xc, &(0x7f0000012ff0)={&(0x7f0000011000)={0x1c, 0x2000005a, 0x443, 0xffffffffffffffff, 0xffffffffffffffff, {}, [@typed={0x7, 0x2}]}, 0x1c}, 0x1}, 0x0) 2018/04/07 09:05:09 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000e31ff0)=[{&(0x7f0000e5ff2d)="290000002000190000003fffff0800000a00000000e80001040000040d00d100ea1100000005000000", 0x29}], 0x1) 2018/04/07 09:05:09 executing program 2: open(&(0x7f0000fe0ff8)='./file0\x00', 0x80042, 0x0) r0 = open(&(0x7f00009f7ff8)='./file0\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) rename(&(0x7f0000fdbff8)='./file0\x00', &(0x7f0000887ff8)='./file1\x00') link(&(0x7f0000b71ff8)='./file1\x00', &(0x7f0000f16000)='./file0\x00') 2018/04/07 09:05:09 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x17, &(0x7f0000991000)=0x1, 0x4) listen(r0, 0x0) 2018/04/07 09:05:09 executing program 6: bpf$PROG_LOAD(0x5, &(0x7f00004c0000)={0x1, 0x5, &(0x7f0000519fa8)=@framed={{0x18}, [@ldst], {0x95}}, &(0x7f0000c43000)='syzkaller\x00', 0x8000, 0xffffffffffffffaf, &(0x7f00009ab000)=""/4096}, 0x48) [ 64.515755] netlink: 'syz-executor7': attribute type 2 has an invalid length. 2018/04/07 09:05:09 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = open(&(0x7f0000bf3000)='./file0\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000033ff8)='./file0\x00', 0x0) renameat(r0, &(0x7f000011aff8)='./file0\x00', r0, &(0x7f00004fa000)='./file0/file0\x00') 2018/04/07 09:05:09 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000adc000)="6e756d615f6d61707300b5c62eeedbc2799e2c854cfb9ead220e698a9e8de9f243640adf803c64577aa9e4e33f9f72e5185191246f8fe224cc925050e2a9e57dbf6b530a5ebbec861baf4dc4f84bb1df13f0b152aa3b6e781c81b6a8d091f88658ef4f16a21417d83d") mbind(&(0x7f0000acf000/0x3000)=nil, 0x3000, 0x4001, &(0x7f00002c9ff8)=0xc, 0x65, 0x0) pread64(r0, &(0x7f0000df6000), 0x0, 0x800000000000) 2018/04/07 09:05:09 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x0, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:09 executing program 3: utimensat(0xffffffffffffffff, &(0x7f0000f8eff8)='./file0\x00', &(0x7f0000f83000)={{0x0, 0x3ffffffe}, {0x77359400}}, 0x0) 2018/04/07 09:05:09 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) mprotect(&(0x7f0000008000/0x2000)=nil, 0x2000, 0x0) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000012ffc)=0x90) 2018/04/07 09:05:09 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000adc000)="6e756d615f6d61707300b5c62eeedbc2799e2c854cfb9ead220e698a9e8de9f243640adf803c64577aa9e4e33f9f72e5185191246f8fe224cc925050e2a9e57dbf6b530a5ebbec861baf4dc4f84bb1df13f0b152aa3b6e781c81b6a8d091f88658ef4f16a21417d83d") mbind(&(0x7f0000bd4000/0x2000)=nil, 0x2000, 0x8002, &(0x7f00002aeff8)=0x9, 0x65, 0x0) pread64(r0, &(0x7f0000df6000), 0x0, 0x800000000000) 2018/04/07 09:05:09 executing program 0: madvise(&(0x7f0000b1e000/0x3000)=nil, 0x3000, 0x1) mremap(&(0x7f0000b1d000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000b24000/0x2000)=nil) madvise(&(0x7f0000b1c000/0x3000)=nil, 0x3000, 0x1) 2018/04/07 09:05:09 executing program 6: r0 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) getsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000b4fffc), &(0x7f0000bbfffc)=0x4) 2018/04/07 09:05:09 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000001000), &(0x7f0000001ffc)=0x3) 2018/04/07 09:05:09 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000df4000), 0x4) 2018/04/07 09:05:09 executing program 0: setrlimit(0x9, &(0x7f0000000ff0)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 2018/04/07 09:05:10 executing program 3: r0 = socket(0x1000000010, 0x802, 0x0) sendmsg$nl_route(r0, &(0x7f0000f72fc8)={&(0x7f0000f81000)={0x10}, 0x2f6, &(0x7f00002c9ff0)={&(0x7f0000f83000)=@ipv4_newaddr={0x17, 0x14, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, {0x2}, [@IFA_LOCAL={0x8, 0x2, @dev={0xac, 0x14}}, @IFA_FLAGS={0x8, 0x8}]}, 0xdc}, 0x1}, 0x0) 2018/04/07 09:05:10 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f00002d3ffc), &(0x7f00002c5000)=0x4) 2018/04/07 09:05:10 executing program 6: r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000ffc), &(0x7f0000000000)=0x5499905c0f8d99b7) 2018/04/07 09:05:10 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x0, r0, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:10 executing program 2: mkdir(&(0x7f0000017ff6)='./control\x00', 0x0) r0 = open(&(0x7f000003dff6)='./control\x00', 0x0, 0x0) mknodat(r0, &(0x7f0000008ff6)='./control\x00', 0xc003, 0x0) faccessat(r0, &(0x7f000003b000)='./control\x00', 0x2, 0x0) 2018/04/07 09:05:10 executing program 5: mkdir(&(0x7f0000639000)='./file0\x00', 0x0) mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, &(0x7f000000a000)) umount2(&(0x7f0000470ff8)='./file0\x00', 0x6) 2018/04/07 09:05:10 executing program 4: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_opts(r0, 0x0, 0x5, &(0x7f0000c16fff), 0x0) 2018/04/07 09:05:10 executing program 3: r0 = creat(&(0x7f000056eff8)='./file0\x00', 0x0) fcntl$lock(r0, 0x5, &(0x7f0000cc0fe0)={0x2}) 2018/04/07 09:05:10 executing program 7: r0 = socket$inet6_sctp(0xa, 0x4000000000005, 0x84) getsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000578ffc), &(0x7f0000b3effc)=0x4) 2018/04/07 09:05:10 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x7c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt(r0, 0x0, 0x41, &(0x7f0000694fef)=""/17, &(0x7f0000dfeffc)=0x19e) 2018/04/07 09:05:10 executing program 0: syz_emit_ethernet(0x6e, &(0x7f0000f7b000)={@random="cd3997030f00", @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "c8fba2", 0x38, 0x40000000003a, 0x0, @empty, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "74b3a2", 0x0, 0x2f, 0x0, @empty, @mcast1={0xff, 0x1, [], 0x1}, [], "faec22c0fc3d0e74"}}}}}}}, 0x0) 2018/04/07 09:05:10 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, 0xffffffffffffffff, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:10 executing program 2: lstat(&(0x7f0000014000)='./file0/file0\x00', &(0x7f0000018000)) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000013fe0)={0xffffffffffffffff, &(0x7f000000b000), &(0x7f0000018000)}, 0x2fe) 2018/04/07 09:05:10 executing program 5: socket$inet(0x2, 0x80a, 0x80000003) r0 = syz_open_procfs(0x0, &(0x7f0000b23000)='net/ptype\x00') pread64(r0, &(0x7f0000e61000), 0x0, 0x1fffffc) 2018/04/07 09:05:10 executing program 4: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x10) r0 = socket(0x11, 0x4000000000080003, 0x0) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000788000)=0x1, 0x4) setsockopt(r0, 0x107, 0x5, &(0x7f0000001000), 0xc5) ppoll(&(0x7f0000d77ff0)=[{r0}], 0x1, &(0x7f0000645000), &(0x7f000089dffe), 0x8) 2018/04/07 09:05:10 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = perf_event_open(&(0x7f0000271000)={0x2, 0x78, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000400) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r0) 2018/04/07 09:05:10 executing program 6: pipe(&(0x7f0000325ff8)={0xffffffffffffffff, 0xffffffffffffffff}) flock(r1, 0x2) flock(r0, 0x8000000006) 2018/04/07 09:05:10 executing program 3: r0 = socket(0xa, 0x80001, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0}, &(0x7f0000b34ffc)=0xc) fchown(r0, r1, 0x0) [ 65.480624] syz-executor5 uses obsolete (PF_INET,SOCK_PACKET) 2018/04/07 09:05:10 executing program 2: r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000c84ffc), 0x2) 2018/04/07 09:05:10 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2402) mmap(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x3, 0x11, 0xffffffffffffffff, 0x0) futex(&(0x7f0000002ffc), 0x4, 0x0, &(0x7f0000299ff8), &(0x7f000029a000), 0x0) 2018/04/07 09:05:10 executing program 0: setrlimit(0x7, &(0x7f000000f000)) inotify_init() 2018/04/07 09:05:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001000)='/dev/ptmx\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x4, 0x31, 0xffffffffffffffff, 0x0) ioctl$int_in(r0, 0x80000000005408, &(0x7f0000299ffa)) 2018/04/07 09:05:10 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00001ee000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) fallocate(r2, 0x0, 0x0, 0x73e0) sendfile(r1, r2, &(0x7f0000e64ff8), 0x8e18) sendfile(r1, r2, &(0x7f00007ed000), 0x2b) [ 65.811232] ================================================================== [ 65.818644] BUG: KMSAN: uninit-value in sha_transform+0x58ec/0x6320 [ 65.825060] CPU: 1 PID: 5674 Comm: syz-executor6 Not tainted 4.16.0+ #81 [ 65.831897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.841250] Call Trace: [ 65.843839] dump_stack+0x185/0x1d0 [ 65.847469] ? sha_transform+0x58ec/0x6320 [ 65.851704] kmsan_report+0x142/0x240 [ 65.855508] __msan_warning_32+0x6c/0xb0 [ 65.859566] sha_transform+0x58ec/0x6320 [ 65.863635] ? kmsan_set_origin_inline+0x6b/0x120 [ 65.868483] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 65.873935] ? __msan_poison_alloca+0x15c/0x1d0 [ 65.878604] ? shash_async_update+0x290/0x360 [ 65.883108] crypto_sha1_update+0x4cb/0x5b0 [ 65.887437] ? crypto_hash_walk_first+0x210/0x380 [ 65.892283] ? shash_async_update+0x225/0x360 [ 65.896785] ? rmd320_transform+0x7f10/0x7f10 [ 65.901280] shash_async_update+0x290/0x360 [ 65.905612] ? shash_async_init+0x270/0x270 [ 65.909939] hash_sendpage+0x904/0xe10 [ 65.913834] ? hash_recvmsg+0xd50/0xd50 [ 65.917816] sock_sendpage+0x1de/0x2c0 [ 65.921710] pipe_to_sendpage+0x31b/0x430 [ 65.925867] ? sock_fasync+0x2b0/0x2b0 [ 65.929767] ? propagate_umount+0x3a30/0x3a30 [ 65.934274] __splice_from_pipe+0x49a/0xf30 [ 65.938609] ? generic_splice_sendpage+0x2a0/0x2a0 [ 65.943553] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 65.948925] generic_splice_sendpage+0x1c6/0x2a0 [ 65.953673] ? iter_file_splice_write+0x1710/0x1710 [ 65.958670] ? iter_file_splice_write+0x1710/0x1710 [ 65.963670] direct_splice_actor+0x19b/0x200 [ 65.968075] splice_direct_to_actor+0x764/0x1040 [ 65.972824] ? do_splice_direct+0x540/0x540 [ 65.977138] ? security_file_permission+0x28f/0x4b0 [ 65.982148] ? rw_verify_area+0x35e/0x580 [ 65.986310] do_splice_direct+0x335/0x540 [ 65.990448] do_sendfile+0x1067/0x1e40 [ 65.994333] SYSC_sendfile64+0x1b3/0x300 [ 65.998379] SyS_sendfile64+0x64/0x90 [ 66.002186] do_syscall_64+0x309/0x430 [ 66.006061] ? SYSC_sendfile+0x320/0x320 [ 66.010104] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 66.015360] RIP: 0033:0x455259 [ 66.018532] RSP: 002b:00007f812b2bdc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 66.026233] RAX: ffffffffffffffda RBX: 00007f812b2be6d4 RCX: 0000000000455259 [ 66.033487] RDX: 0000000020e64ff8 RSI: 0000000000000015 RDI: 0000000000000014 [ 66.040744] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 66.048001] R10: 0000000000008e18 R11: 0000000000000246 R12: 00000000ffffffff [ 66.055268] R13: 00000000000004c6 R14: 00000000006fa330 R15: 0000000000000000 [ 66.062529] [ 66.064136] Uninit was created at: [ 66.067668] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 66.072666] kmsan_alloc_page+0x82/0xe0 [ 66.076620] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 66.081353] alloc_pages_vma+0xcc8/0x1800 [ 66.085491] shmem_alloc_and_acct_page+0x6d5/0x1000 [ 66.090505] shmem_getpage_gfp+0x35db/0x5770 [ 66.094893] shmem_fallocate+0xde2/0x1610 [ 66.099030] vfs_fallocate+0x9dc/0xde0 [ 66.102911] SYSC_fallocate+0x119/0x1d0 [ 66.106864] SyS_fallocate+0x64/0x90 [ 66.110558] do_syscall_64+0x309/0x430 [ 66.114426] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 66.119588] ================================================================== [ 66.126931] Disabling lock debugging due to kernel taint [ 66.132357] Kernel panic - not syncing: panic_on_warn set ... [ 66.132357] [ 66.139701] CPU: 1 PID: 5674 Comm: syz-executor6 Tainted: G B 4.16.0+ #81 [ 66.147829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.157172] Call Trace: [ 66.159746] dump_stack+0x185/0x1d0 [ 66.163358] panic+0x39d/0x940 [ 66.166541] ? sha_transform+0x58ec/0x6320 [ 66.170754] kmsan_report+0x238/0x240 [ 66.174537] __msan_warning_32+0x6c/0xb0 [ 66.178578] sha_transform+0x58ec/0x6320 [ 66.182620] ? kmsan_set_origin_inline+0x6b/0x120 [ 66.187441] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 66.192873] ? __msan_poison_alloca+0x15c/0x1d0 [ 66.197522] ? shash_async_update+0x290/0x360 [ 66.201998] crypto_sha1_update+0x4cb/0x5b0 [ 66.206307] ? crypto_hash_walk_first+0x210/0x380 [ 66.211131] ? shash_async_update+0x225/0x360 [ 66.215624] ? rmd320_transform+0x7f10/0x7f10 [ 66.220095] shash_async_update+0x290/0x360 [ 66.224400] ? shash_async_init+0x270/0x270 [ 66.228710] hash_sendpage+0x904/0xe10 [ 66.232586] ? hash_recvmsg+0xd50/0xd50 [ 66.236540] sock_sendpage+0x1de/0x2c0 [ 66.240412] pipe_to_sendpage+0x31b/0x430 [ 66.244538] ? sock_fasync+0x2b0/0x2b0 [ 66.248407] ? propagate_umount+0x3a30/0x3a30 [ 66.252883] __splice_from_pipe+0x49a/0xf30 [ 66.257185] ? generic_splice_sendpage+0x2a0/0x2a0 [ 66.262094] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 66.267436] generic_splice_sendpage+0x1c6/0x2a0 [ 66.272173] ? iter_file_splice_write+0x1710/0x1710 [ 66.277169] ? iter_file_splice_write+0x1710/0x1710 [ 66.282164] direct_splice_actor+0x19b/0x200 [ 66.286554] splice_direct_to_actor+0x764/0x1040 [ 66.291295] ? do_splice_direct+0x540/0x540 [ 66.295605] ? security_file_permission+0x28f/0x4b0 [ 66.300602] ? rw_verify_area+0x35e/0x580 [ 66.304745] do_splice_direct+0x335/0x540 [ 66.308879] do_sendfile+0x1067/0x1e40 [ 66.312755] SYSC_sendfile64+0x1b3/0x300 [ 66.316799] SyS_sendfile64+0x64/0x90 [ 66.320591] do_syscall_64+0x309/0x430 [ 66.324459] ? SYSC_sendfile+0x320/0x320 [ 66.328498] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 66.333665] RIP: 0033:0x455259 [ 66.336836] RSP: 002b:00007f812b2bdc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 66.344530] RAX: ffffffffffffffda RBX: 00007f812b2be6d4 RCX: 0000000000455259 [ 66.351775] RDX: 0000000020e64ff8 RSI: 0000000000000015 RDI: 0000000000000014 [ 66.359029] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 66.366286] R10: 0000000000008e18 R11: 0000000000000246 R12: 00000000ffffffff [ 66.373543] R13: 00000000000004c6 R14: 00000000006fa330 R15: 0000000000000000 [ 66.381247] Dumping ftrace buffer: [ 66.384764] (ftrace buffer empty) [ 66.388445] Kernel Offset: disabled [ 66.392042] Rebooting in 86400 seconds..