Warning: Permanently added '10.128.15.224' (ECDSA) to the list of known hosts.
2019/04/10 11:01:13 parsed 1 programs
2019/04/10 11:01:13 executed programs: 0
[   90.821842] IPVS: Creating netns size=2712 id=2
[   90.826856] IPVS: ftp: loaded support on port[0] = 21
[   90.906902] IPVS: Creating netns size=2712 id=3
[   90.912577] IPVS: ftp: loaded support on port[0] = 21
[   91.006953] IPVS: Creating netns size=2712 id=4
[   91.012846] IPVS: ftp: loaded support on port[0] = 21
[   91.146158] IPVS: Creating netns size=2712 id=5
[   91.167944] IPVS: ftp: loaded support on port[0] = 21
[   91.361146] IPVS: Creating netns size=2712 id=6
[   91.366267] IPVS: ftp: loaded support on port[0] = 21
[   91.662066] IPVS: Creating netns size=2712 id=7
[   91.666906] IPVS: ftp: loaded support on port[0] = 21
[   91.992504] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.999376] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.009833] device bridge_slave_0 entered promiscuous mode
[   92.070076] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.078466] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.090796] device bridge_slave_1 entered promiscuous mode
[   92.230388] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   92.292242] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   92.410426] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.416984] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.429067] device bridge_slave_0 entered promiscuous mode
[   92.488862] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.495713] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.505237] device bridge_slave_1 entered promiscuous mode
[   92.635930] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   92.690241] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   92.739301] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   92.751953] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   93.024701] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.033952] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.043738] device bridge_slave_0 entered promiscuous mode
[   93.074641] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.082047] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.104679] device bridge_slave_0 entered promiscuous mode
[   93.185344] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.193492] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.205388] device bridge_slave_1 entered promiscuous mode
[   93.215957] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.224220] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.235773] device bridge_slave_1 entered promiscuous mode
[   93.301473] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   93.312217] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   93.413221] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   93.453444] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   93.463960] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   93.475155] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   93.490872] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   93.550851] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   93.611477] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   93.711007] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.719872] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.730532] device bridge_slave_0 entered promiscuous mode
[   93.781088] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   93.824437] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.831744] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.842296] device bridge_slave_1 entered promiscuous mode
[   93.863848] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   93.886358] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   93.898994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   93.989073] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.039427] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   94.052382] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.066975] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.085911] device bridge_slave_0 entered promiscuous mode
[   94.142947] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   94.164266] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.177005] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.199404] device bridge_slave_1 entered promiscuous mode
[   94.255962] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   94.356946] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   94.415523] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   94.430710] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   94.515981] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   94.580581] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.599819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   94.620058] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   94.649137] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.670339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   94.691204] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.714507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   94.752502] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.764166] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   94.779112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   94.864279] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   95.044901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.098982] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.121070] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.127623] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.135089] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.141675] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.348872] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   95.366125] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   95.415590] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   95.440079] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   95.486028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.531722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.557372] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.563855] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.570803] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.577300] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.600815] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.607361] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.614383] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.620832] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.641988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.675881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.970416] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.976864] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.984147] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.990606] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.420579] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.427135] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.434164] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.440875] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.593359] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.599827] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.606897] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.613528] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.342443] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.596747] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   98.680754] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.693764] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.828035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   98.931841] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   98.941870] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   99.232519] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   99.267139] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   99.304513] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.566953] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   99.604308] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.816803] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.840851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   99.865186] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  100.049142] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  100.168106] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.297542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.179290] hrtimer: interrupt took 31369 ns
[  101.201992] 
[  101.204024] =========================================================
[  101.211122] [ INFO: possible irq lock inversion dependency detected ]
[  101.218402] 4.6.0-rc2+ #1 Not tainted
[  101.222293] ---------------------------------------------------------
[  101.229581] syz-executor3/7291 just changed the state of lock:
[  101.236013]  (&sctp_ep_hashtable[i].lock){++.+..}, at: [<ffffffff8524b75f>] sctp_for_each_endpoint+0x9f/0x190
[  101.247728] but this lock was taken by another, SOFTIRQ-safe lock in the past:
[  101.255836]  (slock-AF_INET){+.-...}

and interrupts could create inverse lock ordering between them.

[  101.266750] 
[  101.266750] other info that might help us debug this:
[  101.273847]  Possible interrupt unsafe locking scenario:
[  101.273847] 
[  101.281290]        CPU0                    CPU1
[  101.286136]        ----                    ----
[  101.291342]   lock(&sctp_ep_hashtable[i].lock);
[  101.296792]                                local_irq_disable();
[  101.303103]                                lock(slock-AF_INET);
[  101.309810]                                lock(&sctp_ep_hashtable[i].lock);
[  101.318216]   <Interrupt>
[  101.321262]     lock(slock-AF_INET);
[  101.326108] 
[  101.326108]  *** DEADLOCK ***
[  101.326108] 
[  101.333371] 4 locks held by syz-executor3/7291:
[  101.338465]  #0:  (sock_diag_mutex){+.+.+.}, at: [<ffffffff84719466>] sock_diag_rcv+0x16/0x40
[  101.348265]  #1:  (sock_diag_table_mutex){+.+.+.}, at: [<ffffffff84719a4c>] sock_diag_rcv_msg+0x11c/0x350
[  101.361338]  #2:  (nlk->cb_mutex){+.+.+.}, at: [<ffffffff8487b0fb>] netlink_dump+0x4b/0xa40
[  101.371931]  #3:  (inet_diag_table_mutex){+.+...}, at: [<ffffffff84ce8ddb>] inet_diag_lock_handler+0x4b/0xd0
[  101.383601] 
[  101.383601] the shortest dependencies between 2nd lock and 1st lock:
[  101.392292]  -> (slock-AF_INET){+.-...} ops: 10285 {
[  101.398680]     HARDIRQ-ON-W at:
[  101.402820]                       [<ffffffff81447884>] __lock_acquire+0x1324/0x4f90
[  101.411510]                       [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  101.420278]                       [<ffffffff857a9eaa>] _raw_spin_lock_bh+0x3a/0x50
[  101.429817]                       [<ffffffff84669f9e>] lock_sock_nested+0x3e/0x100
[  101.438127]                       [<ffffffff84b6a999>] do_tcp_setsockopt.isra.32+0x129/0x1730
[  101.448195]                       [<ffffffff84b6c01e>] tcp_setsockopt+0x7e/0xd0
[  101.456313]                       [<ffffffff84666283>] sock_common_setsockopt+0x73/0xf0
[  101.464942]                       [<ffffffff852bef00>] rds_tcp_nonagle+0x130/0x1b0
[  101.472876]                       [<ffffffff852c0ef8>] rds_tcp_listen_init+0x108/0x380
[  101.481358]                       [<ffffffff852beaec>] rds_tcp_init_net+0x1ec/0x4d0
[  101.489483]                       [<ffffffff846a3e45>] ops_init+0x95/0x360
[  101.497266]                       [<ffffffff846a46ed>] register_pernet_operations+0x21d/0x480
[  101.506773]                       [<ffffffff846a4975>] register_pernet_subsys+0x25/0x40
[  101.515525]                       [<ffffffff852be5f7>] rds_tcp_init+0x47/0xc0
[  101.523647]                       [<ffffffff810021de>] do_one_initcall+0x10e/0x330
[  101.533032]                       [<ffffffff86ff6981>] kernel_init_freeable+0x43b/0x4d2
[  101.541640]                       [<ffffffff857935be>] kernel_init+0xe/0x120
[  101.549744]                       [<ffffffff857aaf92>] ret_from_fork+0x22/0x50
[  101.557626]     IN-SOFTIRQ-W at:
[  101.561313]                       [<ffffffff81447850>] __lock_acquire+0x12f0/0x4f90
[  101.570034]                       [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  101.578057]                       [<ffffffff857a9d56>] _raw_spin_lock+0x36/0x50
[  101.586230]                       [<ffffffff84c0419f>] udp_queue_rcv_skb+0x49f/0x1650
[  101.595554]                       [<ffffffff84c058c9>] __udp4_lib_rcv+0x579/0x2f10
[  101.604058]                       [<ffffffff84c094b5>] udp_rcv+0x15/0x20
[  101.611862]                       [<ffffffff84b27662>] ip_local_deliver_finish+0x2b2/0x9b0
[  101.620699]                       [<ffffffff84b283f7>] ip_local_deliver+0x197/0x330
[  101.629086]                       [<ffffffff84b2618a>] ip_rcv_finish+0x5ba/0x17e0
[  101.637470]                       [<ffffffff84b28df7>] ip_rcv+0x867/0x1470
[  101.645090]                       [<ffffffff846c3a10>] __netif_receive_skb_core+0x1740/0x2d90
[  101.654709]                       [<ffffffff846c507f>] __netif_receive_skb+0x1f/0x150
[  101.663178]                       [<ffffffff846c7c37>] netif_receive_skb_internal+0xc7/0x300
[  101.672565]                       [<ffffffff846cc763>] napi_gro_receive+0x293/0x4a0
[  101.681545]                       [<ffffffff835a9a47>] virtnet_receive+0xa97/0x1da0
[  101.690653]                       [<ffffffff835aad6d>] virtnet_poll+0x1d/0x120
[  101.698692]                       [<ffffffff846c9a81>] net_rx_action+0x721/0xe70
[  101.706673]                       [<ffffffff857adeec>] __do_softirq+0x2cc/0xa06
[  101.715077]                       [<ffffffff81362677>] irq_exit+0x157/0x190
[  101.722753]                       [<ffffffff857ad4d2>] do_IRQ+0x92/0x1c0
[  101.732083]                       [<ffffffff857ab6cc>] ret_from_intr+0x0/0x20
[  101.741412]                       [<ffffffff81200c5f>] default_idle+0x4f/0x390
[  101.751199]                       [<ffffffff8120247a>] arch_cpu_idle+0xa/0x10
[  101.760406]                       [<ffffffff814353c8>] default_idle_call+0x48/0xa0
[  101.770767]                       [<ffffffff814359c7>] cpu_startup_entry+0x5a7/0x7e0
[  101.779701]                       [<ffffffff857935a2>] rest_init+0x152/0x160
[  101.787782]                       [<ffffffff86ff6520>] start_kernel+0x5ba/0x5e0
[  101.795808]                       [<ffffffff86ff535d>] x86_64_start_reservations+0x2a/0x2c
[  101.807721]                       [<ffffffff86ff54a9>] x86_64_start_kernel+0x14a/0x157
[  101.816158]     INITIAL USE at:
[  101.819883]                      [<ffffffff814470fe>] __lock_acquire+0xb9e/0x4f90
[  101.828990]                      [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  101.837811]                      [<ffffffff857a9eaa>] _raw_spin_lock_bh+0x3a/0x50
[  101.846665]                      [<ffffffff84669f9e>] lock_sock_nested+0x3e/0x100
[  101.855433]                      [<ffffffff84b6a999>] do_tcp_setsockopt.isra.32+0x129/0x1730
[  101.864820]                      [<ffffffff84b6c01e>] tcp_setsockopt+0x7e/0xd0
[  101.873391]                      [<ffffffff84666283>] sock_common_setsockopt+0x73/0xf0
[  101.882130]                      [<ffffffff852bef00>] rds_tcp_nonagle+0x130/0x1b0
[  101.890306]                      [<ffffffff852c0ef8>] rds_tcp_listen_init+0x108/0x380
[  101.898607]                      [<ffffffff852beaec>] rds_tcp_init_net+0x1ec/0x4d0
[  101.906782]                      [<ffffffff846a3e45>] ops_init+0x95/0x360
[  101.914500]                      [<ffffffff846a46ed>] register_pernet_operations+0x21d/0x480
[  101.923660]                      [<ffffffff846a4975>] register_pernet_subsys+0x25/0x40
[  101.932955]                      [<ffffffff852be5f7>] rds_tcp_init+0x47/0xc0
[  101.940879]                      [<ffffffff810021de>] do_one_initcall+0x10e/0x330
[  101.949267]                      [<ffffffff86ff6981>] kernel_init_freeable+0x43b/0x4d2
[  101.959680]                      [<ffffffff857935be>] kernel_init+0xe/0x120
[  101.967099]                      [<ffffffff857aaf92>] ret_from_fork+0x22/0x50
[  101.975716]   }
[  101.977581]   ... key      at: [<ffffffff88883110>] af_family_slock_keys+0x10/0x180
[  101.985685]   ... acquired at:
[  101.989217]    [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  101.995223]    [<ffffffff857aa116>] _raw_write_lock+0x36/0x50
[  102.001323]    [<ffffffff85271cdc>] sctp_unhash_endpoint+0x13c/0x290
[  102.008006]    [<ffffffff8521746a>] sctp_endpoint_free+0x8a/0xb0
[  102.014599]    [<ffffffff85252bf0>] sctp_destroy_sock+0x80/0x1d0
[  102.021121]    [<ffffffff8467362e>] sk_common_release+0x5e/0x3e0
[  102.028349]    [<ffffffff8525429f>] sctp_close+0x4bf/0x740
[  102.034888]    [<ffffffff84c2a069>] inet_release+0xd9/0x1c0
[  102.041620]    [<ffffffff8465d7d3>] sock_release+0x83/0x1a0
[  102.048076]    [<ffffffff8465d8fd>] sock_close+0xd/0x20
[  102.053951]    [<ffffffff817a8b4e>] __fput+0x20e/0x750
[  102.059958]    [<ffffffff817a90f9>] ____fput+0x9/0x10
[  102.065627]    [<ffffffff813adac2>] task_work_run+0x132/0x200
[  102.071658]    [<ffffffff81005883>] exit_to_usermode_loop+0x183/0x1c0
[  102.078340]    [<ffffffff810078a5>] syscall_return_slowpath+0x275/0x2f0
[  102.085312]    [<ffffffff857aaddc>] entry_SYSCALL_64_fastpath+0xbf/0xc1
[  102.092252] 
[  102.093854] -> (&sctp_ep_hashtable[i].lock){++.+..} ops: 6 {
[  102.100272]    HARDIRQ-ON-W at:
[  102.103650]                     [<ffffffff81447884>] __lock_acquire+0x1324/0x4f90
[  102.112940]                     [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  102.127101]                     [<ffffffff857aa116>] _raw_write_lock+0x36/0x50
[  102.134880]                     [<ffffffff85271cdc>] sctp_unhash_endpoint+0x13c/0x290
[  102.143051]                     [<ffffffff8521746a>] sctp_endpoint_free+0x8a/0xb0
[  102.150948]                     [<ffffffff85252bf0>] sctp_destroy_sock+0x80/0x1d0
[  102.158787]                     [<ffffffff8525452d>] sctp_v6_destroy_sock+0xd/0x20
[  102.166783]                     [<ffffffff8467362e>] sk_common_release+0x5e/0x3e0
[  102.174598]                     [<ffffffff8525429f>] sctp_close+0x4bf/0x740
[  102.181804]                     [<ffffffff84c2a069>] inet_release+0xd9/0x1c0
[  102.189197]                     [<ffffffff84d687c6>] inet6_release+0x46/0x60
[  102.196680]                     [<ffffffff8465d7d3>] sock_release+0x83/0x1a0
[  102.204017]                     [<ffffffff85211c3c>] sctp_ctrlsock_exit+0x5c/0x70
[  102.211855]                     [<ffffffff846a283e>] ops_exit_list.isra.4+0x8e/0x120
[  102.219930]                     [<ffffffff846a5370>] cleanup_net+0x2d0/0x540
[  102.227224]                     [<ffffffff813a0cc8>] process_one_work+0x698/0x1570
[  102.235230]                     [<ffffffff813a1c77>] worker_thread+0xd7/0xf10
[  102.242655]                     [<ffffffff813b25b9>] kthread+0x209/0x2d0
[  102.249592]                     [<ffffffff857aaf92>] ret_from_fork+0x22/0x50
[  102.256975]    HARDIRQ-ON-R at:
[  102.260360]                     [<ffffffff81446feb>] __lock_acquire+0xa8b/0x4f90
[  102.268482]                     [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  102.275997]                     [<ffffffff857aa079>] _raw_read_lock+0x39/0x50
[  102.283393]                     [<ffffffff8524b75f>] sctp_for_each_endpoint+0x9f/0x190
[  102.291564]                     [<ffffffff85281fca>] sctp_diag_dump+0x25a/0x380
[  102.299405]                     [<ffffffff84ce8ee0>] __inet_diag_dump+0x80/0x120
[  102.307381]                     [<ffffffff84ce9647>] inet_diag_dump+0x77/0xe0
[  102.314775]                     [<ffffffff8487b3dd>] netlink_dump+0x32d/0xa40
[  102.322387]                     [<ffffffff8487e291>] __netlink_dump_start+0x4a1/0x720
[  102.330611]                     [<ffffffff84ce9bd1>] inet_diag_handler_cmd+0x241/0x2f0
[  102.339084]                     [<ffffffff84719c05>] sock_diag_rcv_msg+0x2d5/0x350
[  102.347131]                     [<ffffffff848850a2>] netlink_rcv_skb+0x242/0x350
[  102.354983]                     [<ffffffff84719475>] sock_diag_rcv+0x25/0x40
[  102.362353]                     [<ffffffff84883ca5>] netlink_unicast+0x455/0x660
[  102.370079]                     [<ffffffff84884743>] netlink_sendmsg+0x893/0xb40
[  102.377897]                     [<ffffffff846603d5>] sock_sendmsg+0xb5/0xf0
[  102.385198]                     [<ffffffff846605f2>] sock_write_iter+0x1e2/0x3b0
[  102.392935]                     [<ffffffff817a2224>] do_iter_readv_writev+0x184/0x330
[  102.401200]                     [<ffffffff817a4669>] do_readv_writev+0x359/0x660
[  102.408844]                     [<ffffffff817a4e5a>] vfs_writev+0x6a/0xb0
[  102.415898]                     [<ffffffff817a4f78>] do_writev+0xd8/0x270
[  102.422970]                     [<ffffffff817a7deb>] SyS_writev+0xb/0x10
[  102.430194]                     [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  102.438744]    SOFTIRQ-ON-R at:
[  102.442126]                     [<ffffffff814478f2>] __lock_acquire+0x1392/0x4f90
[  102.450198]                     [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  102.457830]                     [<ffffffff857aa079>] _raw_read_lock+0x39/0x50
[  102.465310]                     [<ffffffff8524b75f>] sctp_for_each_endpoint+0x9f/0x190
[  102.473765]                     [<ffffffff85281fca>] sctp_diag_dump+0x25a/0x380
[  102.481316]                     [<ffffffff84ce8ee0>] __inet_diag_dump+0x80/0x120
[  102.488958]                     [<ffffffff84ce9647>] inet_diag_dump+0x77/0xe0
[  102.496485]                     [<ffffffff8487b3dd>] netlink_dump+0x32d/0xa40
[  102.503942]                     [<ffffffff8487e291>] __netlink_dump_start+0x4a1/0x720
[  102.512029]                     [<ffffffff84ce9bd1>] inet_diag_handler_cmd+0x241/0x2f0
[  102.520185]                     [<ffffffff84719c05>] sock_diag_rcv_msg+0x2d5/0x350
[  102.528002]                     [<ffffffff848850a2>] netlink_rcv_skb+0x242/0x350
[  102.536021]                     [<ffffffff84719475>] sock_diag_rcv+0x25/0x40
[  102.543310]                     [<ffffffff84883ca5>] netlink_unicast+0x455/0x660
[  102.550960]                     [<ffffffff84884743>] netlink_sendmsg+0x893/0xb40
[  102.558600]                     [<ffffffff846603d5>] sock_sendmsg+0xb5/0xf0
[  102.566124]                     [<ffffffff846605f2>] sock_write_iter+0x1e2/0x3b0
[  102.573902]                     [<ffffffff817a2224>] do_iter_readv_writev+0x184/0x330
[  102.582187]                     [<ffffffff817a4669>] do_readv_writev+0x359/0x660
[  102.589875]                     [<ffffffff817a4e5a>] vfs_writev+0x6a/0xb0
[  102.597347]                     [<ffffffff817a4f78>] do_writev+0xd8/0x270
[  102.604401]                     [<ffffffff817a7deb>] SyS_writev+0xb/0x10
[  102.618519]                     [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  102.627197]    INITIAL USE at:
[  102.630587]                    [<ffffffff814470fe>] __lock_acquire+0xb9e/0x4f90
[  102.638418]                    [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  102.645930]                    [<ffffffff857aa116>] _raw_write_lock+0x36/0x50
[  102.653381]                    [<ffffffff85271cdc>] sctp_unhash_endpoint+0x13c/0x290
[  102.661508]                    [<ffffffff8521746a>] sctp_endpoint_free+0x8a/0xb0
[  102.669341]                    [<ffffffff85252bf0>] sctp_destroy_sock+0x80/0x1d0
[  102.677000]                    [<ffffffff8525452d>] sctp_v6_destroy_sock+0xd/0x20
[  102.685046]                    [<ffffffff8467362e>] sk_common_release+0x5e/0x3e0
[  102.692869]                    [<ffffffff8525429f>] sctp_close+0x4bf/0x740
[  102.700408]                    [<ffffffff84c2a069>] inet_release+0xd9/0x1c0
[  102.707697]                    [<ffffffff84d687c6>] inet6_release+0x46/0x60
[  102.714996]                    [<ffffffff8465d7d3>] sock_release+0x83/0x1a0
[  102.722309]                    [<ffffffff85211c3c>] sctp_ctrlsock_exit+0x5c/0x70
[  102.730552]                    [<ffffffff846a283e>] ops_exit_list.isra.4+0x8e/0x120
[  102.738545]                    [<ffffffff846a5370>] cleanup_net+0x2d0/0x540
[  102.745831]                    [<ffffffff813a0cc8>] process_one_work+0x698/0x1570
[  102.753643]                    [<ffffffff813a1c77>] worker_thread+0xd7/0xf10
[  102.761290]                    [<ffffffff813b25b9>] kthread+0x209/0x2d0
[  102.768619]                    [<ffffffff857aaf92>] ret_from_fork+0x22/0x50
[  102.776003]  }
[  102.777785]  ... key      at: [<ffffffff888cca60>] __key.62716+0x0/0x40
[  102.784670]  ... acquired at:
[  102.787875]    [<ffffffff81442aea>] check_usage_backwards+0x2fa/0x330
[  102.794570]    [<ffffffff81444a5a>] mark_lock+0x76a/0x1200
[  102.800414]    [<ffffffff814478f2>] __lock_acquire+0x1392/0x4f90
[  102.806922]    [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  102.813107]    [<ffffffff857aa079>] _raw_read_lock+0x39/0x50
[  102.819091]    [<ffffffff8524b75f>] sctp_for_each_endpoint+0x9f/0x190
[  102.825982]    [<ffffffff85281fca>] sctp_diag_dump+0x25a/0x380
[  102.832265]    [<ffffffff84ce8ee0>] __inet_diag_dump+0x80/0x120
[  102.839105]    [<ffffffff84ce9647>] inet_diag_dump+0x77/0xe0
[  102.845093]    [<ffffffff8487b3dd>] netlink_dump+0x32d/0xa40
[  102.851189]    [<ffffffff8487e291>] __netlink_dump_start+0x4a1/0x720
[  102.858571]    [<ffffffff84ce9bd1>] inet_diag_handler_cmd+0x241/0x2f0
[  102.865507]    [<ffffffff84719c05>] sock_diag_rcv_msg+0x2d5/0x350
[  102.872220]    [<ffffffff848850a2>] netlink_rcv_skb+0x242/0x350
[  102.878568]    [<ffffffff84719475>] sock_diag_rcv+0x25/0x40
[  102.884555]    [<ffffffff84883ca5>] netlink_unicast+0x455/0x660
[  102.890861]    [<ffffffff84884743>] netlink_sendmsg+0x893/0xb40
[  102.897046]    [<ffffffff846603d5>] sock_sendmsg+0xb5/0xf0
[  102.902778]    [<ffffffff846605f2>] sock_write_iter+0x1e2/0x3b0
[  102.909145]    [<ffffffff817a2224>] do_iter_readv_writev+0x184/0x330
[  102.915744]    [<ffffffff817a4669>] do_readv_writev+0x359/0x660
[  102.921916]    [<ffffffff817a4e5a>] vfs_writev+0x6a/0xb0
[  102.927477]    [<ffffffff817a4f78>] do_writev+0xd8/0x270
[  102.933271]    [<ffffffff817a7deb>] SyS_writev+0xb/0x10
[  102.938760]    [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  102.945698] 
[  102.947323] 
[  102.947323] stack backtrace:
[  102.951802] CPU: 0 PID: 7291 Comm: syz-executor3 Not tainted 4.6.0-rc2+ #1
[  102.958831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  102.968166]  1ffffffff0cd5746 ffff8801cc347158 ffffffff829c2f86 ffffffff87d07c20
[  102.976368]  ffff8801cc347230 ffffffff87d07c20 ffffffff879a6e90 ffff8801cc3471b0
[  102.984369]  ffffffff8162624e ffff8801cc3471f0 00000000cc347188 ffffffff00000000
[  102.992552] Call Trace:
[  102.995331]  [<ffffffff829c2f86>] dump_stack+0xe6/0x120
[  103.000770]  [<ffffffff8162624e>] print_irq_inversion_bug.part.42+0x347/0x356
[  103.008051]  [<ffffffff81442aea>] check_usage_backwards+0x2fa/0x330
[  103.014636]  [<ffffffff814427f0>] ? check_usage_forwards+0x330/0x330
[  103.021285]  [<ffffffff8120e616>] ? save_stack_trace+0x26/0x50
[  103.027340]  [<ffffffff8143ddd0>] ? save_trace+0xe0/0x2c0
[  103.032858]  [<ffffffff81444a5a>] mark_lock+0x76a/0x1200
[  103.038293]  [<ffffffff814427f0>] ? check_usage_forwards+0x330/0x330
[  103.044771]  [<ffffffff814478f2>] __lock_acquire+0x1392/0x4f90
[  103.050895]  [<ffffffff814455b8>] ? mark_held_locks+0xc8/0x120
[  103.056841]  [<ffffffff81446560>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[  103.064362]  [<ffffffff857ab739>] ? retint_kernel+0x2d/0x2d
[  103.070051]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  103.076004]  [<ffffffff8144d416>] lock_acquire+0x196/0x480
[  103.081608]  [<ffffffff8524b75f>] ? sctp_for_each_endpoint+0x9f/0x190
[  103.088340]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  103.094295]  [<ffffffff857aa079>] _raw_read_lock+0x39/0x50
[  103.099924]  [<ffffffff8524b75f>] ? sctp_for_each_endpoint+0x9f/0x190
[  103.106497]  [<ffffffff8524b75f>] sctp_for_each_endpoint+0x9f/0x190
[  103.112965]  [<ffffffff85281fca>] sctp_diag_dump+0x25a/0x380
[  103.118759]  [<ffffffff85281d70>] ? inet_diag_msg_sctpasoc_fill+0x970/0x970
[  103.125960]  [<ffffffff84ce8ee0>] __inet_diag_dump+0x80/0x120
[  103.131919]  [<ffffffff84ce9647>] inet_diag_dump+0x77/0xe0
[  103.137525]  [<ffffffff8487b3dd>] netlink_dump+0x32d/0xa40
[  103.143144]  [<ffffffff814455b8>] ? mark_held_locks+0xc8/0x120
[  103.150188]  [<ffffffff8487e291>] __netlink_dump_start+0x4a1/0x720
[  103.156493]  [<ffffffff84ce9bd1>] inet_diag_handler_cmd+0x241/0x2f0
[  103.162984]  [<ffffffff84ce9990>] ? inet_diag_rcv_msg_compat+0x2e0/0x2e0
[  103.170274]  [<ffffffff84ce95d0>] ? inet_diag_dump_compat+0x2a0/0x2a0
[  103.176845]  [<ffffffff84719c05>] sock_diag_rcv_msg+0x2d5/0x350
[  103.182919]  [<ffffffff848850a2>] netlink_rcv_skb+0x242/0x350
[  103.188899]  [<ffffffff84719930>] ? sock_diag_bind+0x50/0x50
[  103.194796]  [<ffffffff84719475>] sock_diag_rcv+0x25/0x40
[  103.200329]  [<ffffffff84883ca5>] netlink_unicast+0x455/0x660
[  103.206367]  [<ffffffff84883c05>] ? netlink_unicast+0x3b5/0x660
[  103.212582]  [<ffffffff84883850>] ? netlink_attachskb+0x730/0x730
[  103.218791]  [<ffffffff84884743>] netlink_sendmsg+0x893/0xb40
[  103.224946]  [<ffffffff84883eb0>] ? netlink_unicast+0x660/0x660
[  103.230990]  [<ffffffff827272da>] ? selinux_socket_sendmsg+0x3a/0x50
[  103.237770]  [<ffffffff827078ea>] ? security_socket_sendmsg+0x6a/0xa0
[  103.244356]  [<ffffffff84883eb0>] ? netlink_unicast+0x660/0x660
[  103.250414]  [<ffffffff846603d5>] sock_sendmsg+0xb5/0xf0
[  103.255863]  [<ffffffff846605f2>] sock_write_iter+0x1e2/0x3b0
[  103.261734]  [<ffffffff84660410>] ? sock_sendmsg+0xf0/0xf0
[  103.267505]  [<ffffffff8271c3e0>] ? selinux_bprm_committing_creds+0x6f0/0x6f0
[  103.275366]  [<ffffffff813cc001>] ? ___might_sleep+0x431/0x440
[  103.281377]  [<ffffffff817a2224>] do_iter_readv_writev+0x184/0x330
[  103.287801]  [<ffffffff817a20a0>] ? vfs_iter_write+0x390/0x390
[  103.293953]  [<ffffffff817a39d9>] ? rw_verify_area+0xb9/0x290
[  103.300159]  [<ffffffff817a4669>] do_readv_writev+0x359/0x660
[  103.306553]  [<ffffffff817a4310>] ? vfs_write+0x4a0/0x4a0
[  103.312355]  [<ffffffff857ab739>] ? retint_kernel+0x2d/0x2d
[  103.318251]  [<ffffffff8148fca7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[  103.327275]  [<ffffffff817fa2af>] ? __fget+0x1df/0x320
[  103.332962]  [<ffffffff817fa112>] ? __fget+0x42/0x320
[  103.340448]  [<ffffffff817a4e5a>] vfs_writev+0x6a/0xb0
[  103.347655]  [<ffffffff817fc613>] ? __fdget_pos+0x13/0xb0
[  103.353444]  [<ffffffff817a4f78>] do_writev+0xd8/0x270
[  103.359982]  [<ffffffff817a4ea0>] ? vfs_writev+0xb0/0xb0
[  103.366284]  [<ffffffff81445a5c>] ? trace_hardirqs_on_caller+0x44c/0x5e0
[  103.373113]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[  103.379860]  [<ffffffff817a7deb>] SyS_writev+0xb/0x10
[  103.385266]  [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  103.440043] ==================================================================
[  103.447540] BUG: KASAN: slab-out-of-bounds in memcpy+0x1d/0x40 at addr ffff8800af82efa0
[  103.455764] Read of size 128 by task syz-executor3/7291
[  103.461135] CPU: 0 PID: 7291 Comm: syz-executor3 Not tainted 4.6.0-rc2+ #1
[  103.468320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  103.477666]  1ffffffff0cd5746 ffff8801cc3472b8 ffffffff829c2f86 0000000000000080
[  103.486176]  ffff8801cc347348 ffff8800af82ef80 ffff8801da800200 ffff8801cc347338
[  103.494410]  ffffffff8174e337 0000000000000001 0000000000000007 0000000000000286
[  103.502626] Call Trace:
[  103.505204]  [<ffffffff829c2f86>] dump_stack+0xe6/0x120
[  103.510649]  [<ffffffff8174e337>] kasan_report_error+0x1e7/0x5c0
[  103.517150]  [<ffffffff857ab739>] ? retint_kernel+0x2d/0x2d
[  103.523145]  [<ffffffff8174ea44>] kasan_report+0x34/0x40
[  103.528688]  [<ffffffff8174d9bd>] ? memcpy+0x1d/0x40
[  103.533880]  [<ffffffff8174d2fa>] __asan_loadN+0x12a/0x180
[  103.539589]  [<ffffffff8174d9bd>] memcpy+0x1d/0x40
[  103.544522]  [<ffffffff8528274e>] inet_sctp_diag_fill+0x65e/0xc60
[  103.551005]  [<ffffffff852820f0>] ? sctp_diag_dump+0x380/0x380
[  103.557281]  [<ffffffff8579ade7>] ? __schedule+0x917/0x1c10
[  103.563157]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  103.569297]  [<ffffffff852844db>] sctp_ep_dump+0x46b/0x6d0
[  103.574904]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  103.580781]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  103.586651]  [<ffffffff8524b7a4>] sctp_for_each_endpoint+0xe4/0x190
[  103.593208]  [<ffffffff85281fca>] sctp_diag_dump+0x25a/0x380
[  103.598981]  [<ffffffff85281d70>] ? inet_diag_msg_sctpasoc_fill+0x970/0x970
[  103.606282]  [<ffffffff84ce8ee0>] __inet_diag_dump+0x80/0x120
[  103.612158]  [<ffffffff84ce9647>] inet_diag_dump+0x77/0xe0
[  103.618212]  [<ffffffff8487b3dd>] netlink_dump+0x32d/0xa40
[  103.624102]  [<ffffffff814455b8>] ? mark_held_locks+0xc8/0x120
[  103.630225]  [<ffffffff8487e291>] __netlink_dump_start+0x4a1/0x720
[  103.636639]  [<ffffffff84ce9bd1>] inet_diag_handler_cmd+0x241/0x2f0
[  103.643196]  [<ffffffff84ce9990>] ? inet_diag_rcv_msg_compat+0x2e0/0x2e0
[  103.650273]  [<ffffffff84ce95d0>] ? inet_diag_dump_compat+0x2a0/0x2a0
[  103.656837]  [<ffffffff84719c05>] sock_diag_rcv_msg+0x2d5/0x350
[  103.662959]  [<ffffffff848850a2>] netlink_rcv_skb+0x242/0x350
[  103.668912]  [<ffffffff84719930>] ? sock_diag_bind+0x50/0x50
[  103.674771]  [<ffffffff84719475>] sock_diag_rcv+0x25/0x40
[  103.680282]  [<ffffffff84883ca5>] netlink_unicast+0x455/0x660
[  103.686239]  [<ffffffff84883c05>] ? netlink_unicast+0x3b5/0x660
[  103.692460]  [<ffffffff84883850>] ? netlink_attachskb+0x730/0x730
[  103.698669]  [<ffffffff84884743>] netlink_sendmsg+0x893/0xb40
[  103.704710]  [<ffffffff84883eb0>] ? netlink_unicast+0x660/0x660
[  103.710843]  [<ffffffff827272da>] ? selinux_socket_sendmsg+0x3a/0x50
[  103.717404]  [<ffffffff827078ea>] ? security_socket_sendmsg+0x6a/0xa0
[  103.724056]  [<ffffffff84883eb0>] ? netlink_unicast+0x660/0x660
[  103.730218]  [<ffffffff846603d5>] sock_sendmsg+0xb5/0xf0
[  103.735908]  [<ffffffff846605f2>] sock_write_iter+0x1e2/0x3b0
[  103.741765]  [<ffffffff84660410>] ? sock_sendmsg+0xf0/0xf0
[  103.747750]  [<ffffffff8271c3e0>] ? selinux_bprm_committing_creds+0x6f0/0x6f0
[  103.755111]  [<ffffffff813cc001>] ? ___might_sleep+0x431/0x440
[  103.761154]  [<ffffffff817a2224>] do_iter_readv_writev+0x184/0x330
[  103.767906]  [<ffffffff817a20a0>] ? vfs_iter_write+0x390/0x390
[  103.774112]  [<ffffffff817a39d9>] ? rw_verify_area+0xb9/0x290
[  103.779973]  [<ffffffff817a4669>] do_readv_writev+0x359/0x660
[  103.785831]  [<ffffffff817a4310>] ? vfs_write+0x4a0/0x4a0
[  103.791346]  [<ffffffff857ab739>] ? retint_kernel+0x2d/0x2d
[  103.797234]  [<ffffffff8148fca7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[  103.804144]  [<ffffffff817fa2af>] ? __fget+0x1df/0x320
[  103.809403]  [<ffffffff817fa112>] ? __fget+0x42/0x320
[  103.814743]  [<ffffffff817a4e5a>] vfs_writev+0x6a/0xb0
[  103.820081]  [<ffffffff817fc613>] ? __fdget_pos+0x13/0xb0
[  103.826228]  [<ffffffff817a4f78>] do_writev+0xd8/0x270
[  103.831479]  [<ffffffff817a4ea0>] ? vfs_writev+0xb0/0xb0
[  103.837014]  [<ffffffff81445a5c>] ? trace_hardirqs_on_caller+0x44c/0x5e0
[  103.843832]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[  103.850503]  [<ffffffff817a7deb>] SyS_writev+0xb/0x10
[  103.855680]  [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  103.862423] Object at ffff8800af82ef80, in cache kmalloc-64
[  103.868285] Object allocated with size 64 bytes.
[  103.873295] Allocation:
[  103.875954] PID = 7291
[  103.878424]  [<ffffffff8120e616>] save_stack_trace+0x26/0x50
[  103.884439]  [<ffffffff8174d516>] save_stack+0x46/0xd0
[  103.889816]  [<ffffffff8174d8d9>] kasan_kmalloc+0xc9/0xe0
[  103.895622]  [<ffffffff8174af72>] kmem_cache_alloc_trace+0x142/0x6b0
[  103.902724]  [<ffffffff85249d3f>] sctp_add_bind_addr+0x5f/0x240
[  103.908969]  [<ffffffff8525036f>] sctp_do_bind+0x2cf/0x4c0
[  103.914867]  [<ffffffff852506ac>] sctp_autobind+0x14c/0x1b0
[  103.920684]  [<ffffffff852562b5>] __sctp_connect+0x4f5/0xa30
[  103.926586]  [<ffffffff852569f5>] sctp_connect+0x95/0xd0
[  103.932132]  [<ffffffff84c2ace1>] inet_dgram_connect+0xf1/0x220
[  103.938540]  [<ffffffff84661142>] SYSC_connect+0x202/0x2a0
[  103.944266]  [<ffffffff84663609>] SyS_connect+0x9/0x10
[  103.949655]  [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  103.956386] Memory state around the buggy address:
[  103.961305]  ffff8800af82ee80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  103.968692]  ffff8800af82ef00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  103.976111] >ffff8800af82ef80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  103.983457]                                            ^
[  103.988990]  ffff8800af82f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  103.996412]  ffff8800af82f080: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[  104.004124] ==================================================================
[  104.025850] ==================================================================
[  104.033375] BUG: KASAN: slab-out-of-bounds in memcpy+0x1d/0x40 at addr ffff8801d7b64ca0
[  104.041493] Read of size 128 by task syz-executor3/7291
[  104.046918] CPU: 0 PID: 7291 Comm: syz-executor3 Tainted: G    B           4.6.0-rc2+ #1
[  104.055473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  104.064952]  1ffffffff0cd5746 ffff8801cc3472b8 ffffffff829c2f86 0000000000000080
[  104.072963]  ffff8801cc347348 ffff8801d7b64c80 ffff8801da800200 ffff8801cc347338
[  104.080982]  ffffffff8174e337 0000000000000001 0000000000000007 0000000000000286
[  104.088984] Call Trace:
[  104.091548]  [<ffffffff829c2f86>] dump_stack+0xe6/0x120
[  104.096889]  [<ffffffff8174e337>] kasan_report_error+0x1e7/0x5c0
[  104.103009]  [<ffffffff857ab739>] ? retint_kernel+0x2d/0x2d
[  104.108693]  [<ffffffff8174ea44>] kasan_report+0x34/0x40
[  104.114118]  [<ffffffff8174d9bd>] ? memcpy+0x1d/0x40
[  104.119211]  [<ffffffff8174d2fa>] __asan_loadN+0x12a/0x180
[  104.124815]  [<ffffffff8174d9bd>] memcpy+0x1d/0x40
[  104.129732]  [<ffffffff8528274e>] inet_sctp_diag_fill+0x65e/0xc60
[  104.135948]  [<ffffffff852820f0>] ? sctp_diag_dump+0x380/0x380
[  104.141893]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  104.147846]  [<ffffffff852844db>] sctp_ep_dump+0x46b/0x6d0
[  104.153549]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  104.159514]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  104.166942]  [<ffffffff8524b7a4>] sctp_for_each_endpoint+0xe4/0x190
[  104.173371]  [<ffffffff85281fca>] sctp_diag_dump+0x25a/0x380
[  104.179144]  [<ffffffff85281d70>] ? inet_diag_msg_sctpasoc_fill+0x970/0x970
[  104.186232]  [<ffffffff84ce8ee0>] __inet_diag_dump+0x80/0x120
[  104.192095]  [<ffffffff84ce9647>] inet_diag_dump+0x77/0xe0
[  104.197695]  [<ffffffff8487b3dd>] netlink_dump+0x32d/0xa40
[  104.203472]  [<ffffffff814455b8>] ? mark_held_locks+0xc8/0x120
[  104.209528]  [<ffffffff8487e291>] __netlink_dump_start+0x4a1/0x720
[  104.215916]  [<ffffffff84ce9bd1>] inet_diag_handler_cmd+0x241/0x2f0
[  104.222359]  [<ffffffff84ce9990>] ? inet_diag_rcv_msg_compat+0x2e0/0x2e0
[  104.229958]  [<ffffffff84ce95d0>] ? inet_diag_dump_compat+0x2a0/0x2a0
[  104.236776]  [<ffffffff84719c05>] sock_diag_rcv_msg+0x2d5/0x350
[  104.242816]  [<ffffffff848850a2>] netlink_rcv_skb+0x242/0x350
[  104.248771]  [<ffffffff84719930>] ? sock_diag_bind+0x50/0x50
[  104.254638]  [<ffffffff84719475>] sock_diag_rcv+0x25/0x40
[  104.260161]  [<ffffffff84883ca5>] netlink_unicast+0x455/0x660
[  104.266017]  [<ffffffff84883c05>] ? netlink_unicast+0x3b5/0x660
[  104.272224]  [<ffffffff84883850>] ? netlink_attachskb+0x730/0x730
[  104.278547]  [<ffffffff84884743>] netlink_sendmsg+0x893/0xb40
[  104.284404]  [<ffffffff84883eb0>] ? netlink_unicast+0x660/0x660
[  104.290534]  [<ffffffff827272da>] ? selinux_socket_sendmsg+0x3a/0x50
[  104.296999]  [<ffffffff827078ea>] ? security_socket_sendmsg+0x6a/0xa0
[  104.303657]  [<ffffffff84883eb0>] ? netlink_unicast+0x660/0x660
[  104.309691]  [<ffffffff846603d5>] sock_sendmsg+0xb5/0xf0
[  104.315125]  [<ffffffff846605f2>] sock_write_iter+0x1e2/0x3b0
[  104.321094]  [<ffffffff84660410>] ? sock_sendmsg+0xf0/0xf0
[  104.326709]  [<ffffffff8271c3e0>] ? selinux_bprm_committing_creds+0x6f0/0x6f0
[  104.333973]  [<ffffffff813cc001>] ? ___might_sleep+0x431/0x440
[  104.340095]  [<ffffffff817a2224>] do_iter_readv_writev+0x184/0x330
[  104.346391]  [<ffffffff817a20a0>] ? vfs_iter_write+0x390/0x390
[  104.352384]  [<ffffffff817a39d9>] ? rw_verify_area+0xb9/0x290
[  104.358422]  [<ffffffff817a4669>] do_readv_writev+0x359/0x660
[  104.364280]  [<ffffffff817a4310>] ? vfs_write+0x4a0/0x4a0
[  104.369793]  [<ffffffff857ab739>] ? retint_kernel+0x2d/0x2d
[  104.375562]  [<ffffffff8148fca7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[  104.382299]  [<ffffffff817fa2af>] ? __fget+0x1df/0x320
[  104.387693]  [<ffffffff817fa112>] ? __fget+0x42/0x320
[  104.392862]  [<ffffffff817a4e5a>] vfs_writev+0x6a/0xb0
[  104.398155]  [<ffffffff817fc613>] ? __fdget_pos+0x13/0xb0
[  104.403672]  [<ffffffff817a4f78>] do_writev+0xd8/0x270
[  104.408933]  [<ffffffff817a4ea0>] ? vfs_writev+0xb0/0xb0
[  104.414532]  [<ffffffff81445a5c>] ? trace_hardirqs_on_caller+0x44c/0x5e0
[  104.421365]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[  104.428025]  [<ffffffff817a7deb>] SyS_writev+0xb/0x10
[  104.433276]  [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  104.439827] Object at ffff8801d7b64c80, in cache kmalloc-64
[  104.445526] Object allocated with size 64 bytes.
[  104.450419] Allocation:
[  104.452976] PID = 7303
[  104.455445]  [<ffffffff8120e616>] save_stack_trace+0x26/0x50
[  104.461523]  [<ffffffff8174d516>] save_stack+0x46/0xd0
[  104.466991]  [<ffffffff8174d8d9>] kasan_kmalloc+0xc9/0xe0
[  104.472708]  [<ffffffff8174af72>] kmem_cache_alloc_trace+0x142/0x6b0
[  104.479475]  [<ffffffff85249d3f>] sctp_add_bind_addr+0x5f/0x240
[  104.485715]  [<ffffffff8525036f>] sctp_do_bind+0x2cf/0x4c0
[  104.491436]  [<ffffffff852506ac>] sctp_autobind+0x14c/0x1b0
[  104.497330]  [<ffffffff852562b5>] __sctp_connect+0x4f5/0xa30
[  104.503330]  [<ffffffff852569f5>] sctp_connect+0x95/0xd0
[  104.508894]  [<ffffffff84c2ace1>] inet_dgram_connect+0xf1/0x220
[  104.515249]  [<ffffffff84661142>] SYSC_connect+0x202/0x2a0
[  104.520973]  [<ffffffff84663609>] SyS_connect+0x9/0x10
[  104.526342]  [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  104.533118] Memory state around the buggy address:
[  104.538024]  ffff8801d7b64b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  104.545618]  ffff8801d7b64c00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  104.553293] >ffff8801d7b64c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  104.560623]                                            ^
[  104.566045]  ffff8801d7b64d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  104.573385]  ffff8801d7b64d80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  104.580815] ==================================================================
[  104.595954] ==================================================================
[  104.603719] BUG: KASAN: slab-out-of-bounds in memcpy+0x1d/0x40 at addr ffff8801d7b64ca0
[  104.612115] Read of size 128 by task syz-executor3/7303
[  104.617553] CPU: 0 PID: 7303 Comm: syz-executor3 Tainted: G    B           4.6.0-rc2+ #1
[  104.636762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  104.646655]  1ffffffff0cd5746 ffff8800af8a72b8 ffffffff829c2f86 0000000000000080
[  104.654745]  ffff8800af8a7348 ffff8801d7b64c80 ffff8801da800200 ffff8800af8a7338
[  104.662870]  ffffffff8174e337 ffffed0015f12597 ffff8800af892cb3 0000000000000286
[  104.670996] Call Trace:
[  104.673578]  [<ffffffff829c2f86>] dump_stack+0xe6/0x120
[  104.678929]  [<ffffffff8174e337>] kasan_report_error+0x1e7/0x5c0
[  104.685063]  [<ffffffff8174ea44>] kasan_report+0x34/0x40
[  104.690843]  [<ffffffff8174d9bd>] ? memcpy+0x1d/0x40
[  104.696039]  [<ffffffff8174d2fa>] __asan_loadN+0x12a/0x180
[  104.701740]  [<ffffffff8174d9bd>] memcpy+0x1d/0x40
[  104.706649]  [<ffffffff8528274e>] inet_sctp_diag_fill+0x65e/0xc60
[  104.712858]  [<ffffffff852820f0>] ? sctp_diag_dump+0x380/0x380
[  104.718899]  [<ffffffff857ab739>] ? retint_kernel+0x2d/0x2d
[  104.724776]  [<ffffffff852844db>] sctp_ep_dump+0x46b/0x6d0
[  104.730472]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  104.736511]  [<ffffffff85284070>] ? sctp_tsp_dump+0xcc0/0xcc0
[  104.742460]  [<ffffffff8524b7a4>] sctp_for_each_endpoint+0xe4/0x190
[  104.749107]  [<ffffffff85281fca>] sctp_diag_dump+0x25a/0x380
[  104.754884]  [<ffffffff85281d70>] ? inet_diag_msg_sctpasoc_fill+0x970/0x970
[  104.762050]  [<ffffffff84ce8ee0>] __inet_diag_dump+0x80/0x120
[  104.768471]  [<ffffffff84ce9647>] inet_diag_dump+0x77/0xe0
[  104.774473]  [<ffffffff8487b3dd>] netlink_dump+0x32d/0xa40
[  104.780267]  [<ffffffff8487e291>] __netlink_dump_start+0x4a1/0x720
[  104.787087]  [<ffffffff84ce9bd1>] inet_diag_handler_cmd+0x241/0x2f0
[  104.793730]  [<ffffffff84ce9990>] ? inet_diag_rcv_msg_compat+0x2e0/0x2e0
[  104.800892]  [<ffffffff84ce95d0>] ? inet_diag_dump_compat+0x2a0/0x2a0
[  104.807822]  [<ffffffff857a2548>] ? mutex_lock_nested+0x638/0xb30
[  104.814549]  [<ffffffff84719466>] ? sock_diag_rcv+0x16/0x40
[  104.820567]  [<ffffffff8487d894>] ? netlink_lookup+0xd4/0x630
[  104.826523]  [<ffffffff84719c05>] sock_diag_rcv_msg+0x2d5/0x350
[  104.832732]  [<ffffffff848850a2>] netlink_rcv_skb+0x242/0x350
[  104.838778]  [<ffffffff84719930>] ? sock_diag_bind+0x50/0x50
[  104.844644]  [<ffffffff84719475>] sock_diag_rcv+0x25/0x40
[  104.850588]  [<ffffffff84883ca5>] netlink_unicast+0x455/0x660
[  104.856447]  [<ffffffff84883c05>] ? netlink_unicast+0x3b5/0x660
[  104.862665]  [<ffffffff84883850>] ? netlink_attachskb+0x730/0x730
[  104.869155]  [<ffffffff84884743>] netlink_sendmsg+0x893/0xb40
[  104.875100]  [<ffffffff84883eb0>] ? netlink_unicast+0x660/0x660
[  104.881149]  [<ffffffff827272da>] ? selinux_socket_sendmsg+0x3a/0x50
[  104.887654]  [<ffffffff827078ea>] ? security_socket_sendmsg+0x6a/0xa0
[  104.894207]  [<ffffffff84883eb0>] ? netlink_unicast+0x660/0x660
[  104.900356]  [<ffffffff846603d5>] sock_sendmsg+0xb5/0xf0
[  104.905778]  [<ffffffff846605f2>] sock_write_iter+0x1e2/0x3b0
[  104.911681]  [<ffffffff84660410>] ? sock_sendmsg+0xf0/0xf0
[  104.917560]  [<ffffffff8271c3e0>] ? selinux_bprm_committing_creds+0x6f0/0x6f0
[  104.924817]  [<ffffffff813cc001>] ? ___might_sleep+0x431/0x440
[  104.930995]  [<ffffffff817a2224>] do_iter_readv_writev+0x184/0x330
[  104.937289]  [<ffffffff817a20a0>] ? vfs_iter_write+0x390/0x390
[  104.943242]  [<ffffffff817a39d9>] ? rw_verify_area+0xb9/0x290
[  104.949297]  [<ffffffff817a4669>] do_readv_writev+0x359/0x660
[  104.955156]  [<ffffffff817a4310>] ? vfs_write+0x4a0/0x4a0
[  104.960982]  [<ffffffff81446560>] ? debug_check_no_locks_freed+0x3c0/0x3c0
[  104.968059]  [<ffffffff817fa112>] ? __fget+0x42/0x320
[  104.973237]  [<ffffffff817fa2af>] ? __fget+0x1df/0x320
[  104.978760]  [<ffffffff817fa112>] ? __fget+0x42/0x320
[  104.983938]  [<ffffffff817a4e5a>] vfs_writev+0x6a/0xb0
[  104.989412]  [<ffffffff817fc613>] ? __fdget_pos+0x13/0xb0
[  104.995225]  [<ffffffff817a4f78>] do_writev+0xd8/0x270
[  105.000476]  [<ffffffff817a4ea0>] ? vfs_writev+0xb0/0xb0
[  105.006606]  [<ffffffff8100401b>] ? trace_hardirqs_on_thunk+0x1b/0x1d
[  105.013246]  [<ffffffff817a7deb>] SyS_writev+0xb/0x10
[  105.018414]  [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  105.025158] Object at ffff8801d7b64c80, in cache kmalloc-64
[  105.030842] Object allocated with size 64 bytes.
[  105.035568] Allocation:
[  105.038130] PID = 7303
[  105.040672]  [<ffffffff8120e616>] save_stack_trace+0x26/0x50
[  105.046574]  [<ffffffff8174d516>] save_stack+0x46/0xd0
[  105.052130]  [<ffffffff8174d8d9>] kasan_kmalloc+0xc9/0xe0
[  105.057761]  [<ffffffff8174af72>] kmem_cache_alloc_trace+0x142/0x6b0
[  105.064505]  [<ffffffff85249d3f>] sctp_add_bind_addr+0x5f/0x240
[  105.070781]  [<ffffffff8525036f>] sctp_do_bind+0x2cf/0x4c0
[  105.076506]  [<ffffffff852506ac>] sctp_autobind+0x14c/0x1b0
[  105.082377]  [<ffffffff852562b5>] __sctp_connect+0x4f5/0xa30
[  105.088275]  [<ffffffff852569f5>] sctp_connect+0x95/0xd0
[  105.093836]  [<ffffffff84c2ace1>] inet_dgram_connect+0xf1/0x220
[  105.100087]  [<ffffffff84661142>] SYSC_connect+0x202/0x2a0
[  105.105804]  [<ffffffff84663609>] SyS_connect+0x9/0x10
[  105.111245]  [<ffffffff857aad40>] entry_SYSCALL_64_fastpath+0x23/0xc1
[  105.118192] Memory state around the buggy address:
[  105.123097]  ffff8801d7b64b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  105.130435]  ffff8801d7b64c00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  105.137781] >ffff8801d7b64c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  105.145119]                                            ^
[  105.150670]  ffff8801d7b64d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  105.158141]  ffff8801d7b64d80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  105.165645] ==================================================================
[  105.188622] ------------[ cut here ]------------
[  105.193494] WARNING: CPU: 1 PID: 5693 at include/net/sock.h:1408 tcp_close+0x458/0xef0
[  105.201709] Kernel panic - not syncing: panic_on_warn set ...
[  105.201709] 
[  105.209083] CPU: 1 PID: 5693 Comm: syz-executor5 Tainted: G    B           4.6.0-rc2+ #1
[  105.217428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  105.226768]  1ffffffff0cd5746 ffff8800b4fbfbe8 ffffffff829c2f86 ffffffff85884a00
[  105.234966]  ffff8800b4fbfcc0 ffffffff8605d300 ffffffff84b72b28 ffff8800b4fbfcb0
[  105.242997]  ffffffff81625833 0000000041b58ab3 ffffffff8645bc17 ffffffff81625684
[  105.251063] Call Trace:
[  105.251531] ------------[ cut here ]------------
[  105.251542] WARNING: CPU: 0 PID: 5695 at include/net/sock.h:1408 tcp_close+0x458/0xef0
[  105.251545] Modules linked in:
[  105.269748]  [<ffffffff829c2f86>] dump_stack+0xe6/0x120
[  105.275275]  [<ffffffff84b72b28>] ? tcp_close+0x458/0xef0
[  105.280878]  [<ffffffff81625833>] panic+0x1af/0x348
[  105.286405]  [<ffffffff81625684>] ? set_ti_thread_flag+0xf/0xf
[  105.292444]  [<ffffffff84b72b28>] ? tcp_close+0x458/0xef0
[  105.297964]  [<ffffffff8134dafd>] __warn+0x18d/0x1b0
[  105.303139]  [<ffffffff8134dc98>] warn_slowpath_null+0x18/0x20
[  105.309355]  [<ffffffff84b72b28>] tcp_close+0x458/0xef0
[  105.314787]  [<ffffffff816c0ac1>] ? __might_fault+0x161/0x1b0
[  105.320647]  [<ffffffff816c0a26>] ? __might_fault+0xc6/0x1b0
[  105.326438]  [<ffffffff8186c3f0>] ? __fsnotify_update_child_dentry_flags.part.1+0x260/0x260
[  105.335001]  [<ffffffff84c2a069>] inet_release+0xd9/0x1c0
[  105.340789]  [<ffffffff8465d7d3>] sock_release+0x83/0x1a0
[  105.346574]  [<ffffffff8465d8fd>] sock_close+0xd/0x20
[  105.351870]  [<ffffffff817a8b4e>] __fput+0x20e/0x750
[  105.357049]  [<ffffffff817a90f9>] ____fput+0x9/0x10
[  105.362049]  [<ffffffff813adac2>] task_work_run+0x132/0x200
[  105.367748]  [<ffffffff81005883>] exit_to_usermode_loop+0x183/0x1c0
[  105.374134]  [<ffffffff810078a5>] syscall_return_slowpath+0x275/0x2f0
[  105.380689]  [<ffffffff857aaddc>] entry_SYSCALL_64_fastpath+0xbf/0xc1
[  105.387425] CPU: 0 PID: 5695 Comm: syz-executor4 Tainted: G    B           4.6.0-rc2+ #1
[  105.395640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  105.404969]  1ffffffff0cd5746 ffff8800b0457cb0 ffffffff829c2f86 0000000000000000
[  105.413101]  0000000000000000 ffffffff8605d300 ffffffff84b72b28 ffff8800b0457cf8
[  105.421369]  ffffffff8134dadd ffff8800b7fb8600 ffff880100000580 ffff8801cc2ad492
[  105.429463] Call Trace:
[  105.432066]  [<ffffffff829c2f86>] dump_stack+0xe6/0x120
[  105.437667]  [<ffffffff84b72b28>] ? tcp_close+0x458/0xef0
[  105.443184]  [<ffffffff8134dadd>] __warn+0x16d/0x1b0
[  105.448361]  [<ffffffff8134dc98>] warn_slowpath_null+0x18/0x20
[  105.454311]  [<ffffffff84b72b28>] tcp_close+0x458/0xef0
[  105.459657]  [<ffffffff816c0ac1>] ? __might_fault+0x161/0x1b0
[  105.465603]  [<ffffffff816c0a26>] ? __might_fault+0xc6/0x1b0
[  105.471617]  [<ffffffff8186c3f0>] ? __fsnotify_update_child_dentry_flags.part.1+0x260/0x260
[  105.480085]  [<ffffffff84c2a069>] inet_release+0xd9/0x1c0
[  105.485624]  [<ffffffff8465d7d3>] sock_release+0x83/0x1a0
[  105.491185]  [<ffffffff8465d8fd>] sock_close+0xd/0x20
[  105.496459]  [<ffffffff817a8b4e>] __fput+0x20e/0x750
[  105.501548]  [<ffffffff817a90f9>] ____fput+0x9/0x10
[  105.506724]  [<ffffffff813adac2>] task_work_run+0x132/0x200
[  105.512500]  [<ffffffff81005883>] exit_to_usermode_loop+0x183/0x1c0
[  105.518883]  [<ffffffff810078a5>] syscall_return_slowpath+0x275/0x2f0
[  105.525656]  [<ffffffff857aaddc>] entry_SYSCALL_64_fastpath+0xbf/0xc1
[  105.534363] Kernel Offset: disabled