INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.27' (ECDSA) to the list of known hosts. 2018/04/19 16:18:19 fuzzer started 2018/04/19 16:18:19 dialing manager at 10.128.0.26:37327 2018/04/19 16:18:26 kcov=true, comps=false 2018/04/19 16:18:29 executing program 0: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0xe9}, 0x38) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x705000, 0x0, 0x0, &(0x7f0000000000)) 2018/04/19 16:18:29 executing program 2: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x67}, 0x9) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x4, 0x2, 0xace, &(0x7f0000000000)) 2018/04/19 16:18:29 executing program 7: r0 = socket$inet(0x2, 0x3, 0x2) sendmmsg(r0, &(0x7f0000006780)=[{{&(0x7f0000000340)=@in={0x2}, 0x10, &(0x7f0000000000), 0x0, &(0x7f0000000940)}}, {{&(0x7f0000000a40)=@in={0x2, 0x0, @rand_addr}, 0x10, &(0x7f0000000c40)}}], 0x153, 0x0) 2018/04/19 16:18:29 executing program 3: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x67}, 0x9) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x3, 0xe, 0x80000001, &(0x7f0000000180)) 2018/04/19 16:18:29 executing program 5: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x67}, 0x9) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x2, 0x100000000000000, 0x1000000, &(0x7f0000000480)) 2018/04/19 16:18:29 executing program 6: r0 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x80d00) ioctl(r0, 0x4400000000001264, &(0x7f0000000000)) 2018/04/19 16:18:29 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x400000000e) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000040)) 2018/04/19 16:18:29 executing program 4: r0 = open(&(0x7f0000000200)='./bus\x00', 0x141041, 0x0) fallocate(r0, 0x11, 0x8, 0x1fffffb) fadvise64(r0, 0x0, 0x8002, 0x4) syzkaller login: [ 43.582458] ip (3755) used greatest stack depth: 54672 bytes left [ 44.895746] ip (3886) used greatest stack depth: 54544 bytes left [ 45.090353] ip (3902) used greatest stack depth: 54200 bytes left [ 45.442193] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.448810] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.451902] ip (3928) used greatest stack depth: 53656 bytes left [ 45.479943] device bridge_slave_0 entered promiscuous mode [ 45.535418] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.541966] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.580416] device bridge_slave_0 entered promiscuous mode [ 45.625931] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.632417] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.656316] device bridge_slave_0 entered promiscuous mode [ 45.672297] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.678819] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.705917] device bridge_slave_0 entered promiscuous mode [ 45.716658] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.723145] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.734533] device bridge_slave_0 entered promiscuous mode [ 45.752378] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.758847] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.777337] device bridge_slave_1 entered promiscuous mode [ 45.793160] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.799674] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.813239] device bridge_slave_0 entered promiscuous mode [ 45.829991] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.836497] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.847901] device bridge_slave_1 entered promiscuous mode [ 45.858453] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.865012] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.873747] device bridge_slave_1 entered promiscuous mode [ 45.883099] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.889575] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.899987] device bridge_slave_0 entered promiscuous mode [ 45.919121] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.925595] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.950461] device bridge_slave_1 entered promiscuous mode [ 45.959884] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.966349] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.982300] device bridge_slave_1 entered promiscuous mode [ 45.996916] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.004385] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.010852] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.034822] device bridge_slave_0 entered promiscuous mode [ 46.053946] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.060445] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.083192] device bridge_slave_1 entered promiscuous mode [ 46.092768] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.106112] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.113891] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.120376] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.145571] device bridge_slave_1 entered promiscuous mode [ 46.152583] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.162573] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.173626] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.239797] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.246289] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.306985] device bridge_slave_1 entered promiscuous mode [ 46.325299] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.335548] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.346623] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.357445] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.365768] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.398987] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.497207] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.530750] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.603679] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.666163] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.205443] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.314438] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.324607] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.365737] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.403907] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.432311] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.512106] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.541224] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.565230] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.575733] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.588971] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.664957] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.673868] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.780139] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.823151] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.857503] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.462431] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.542090] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.558966] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.578417] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.672879] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.686355] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.761715] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.770800] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.779700] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.786948] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.800447] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.879134] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.909499] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.917829] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.924976] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.936773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 48.976344] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.984817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.993568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.032642] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.041761] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.049319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.066737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.104592] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.115809] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.123992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.146635] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.177592] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.185651] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.195654] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.205199] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.227863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.238803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.253977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.280748] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.292237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.313426] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.342588] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.350148] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.357303] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.365446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.373560] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.381667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.397484] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.404642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.413735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.440603] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.452197] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.459893] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.467815] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.494538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.531817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.565727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.593339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.609398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.618707] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.625864] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.635232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.666486] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.674773] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.703307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.750092] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.785655] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.809925] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 51.659210] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.665706] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.672579] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.679080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.750275] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.757639] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 51.785945] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.792428] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.799330] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.805794] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.818627] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.827343] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.833783] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.840605] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.847111] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.896985] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.903921] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.910393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.917255] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.923704] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.933369] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.943890] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.950371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.957241] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.963663] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.014940] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.033012] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.039520] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.046368] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.052818] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.107010] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.126010] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.132527] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.139402] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.145880] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.197449] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.348470] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.354967] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.361854] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.368303] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.394212] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.768164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.778635] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.817698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.841659] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.849195] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.858268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.867206] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 61.150659] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.194599] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.349972] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.358007] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.485302] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.601507] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.838631] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.875179] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 61.989928] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 61.996252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.007670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.033288] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.042192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.052824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.073889] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.083461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.101543] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.331083] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.337357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.348685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.372158] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.378584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.401632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.479647] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.485949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.496777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.663357] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.669607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.680645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.842518] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 62.848901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.859446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/19 16:18:56 executing program 0: 2018/04/19 16:18:56 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x28}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0x0, 0x0}) setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000000), 0xe6) gettid() socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000380)) 2018/04/19 16:18:56 executing program 6: r0 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x80d00) ioctl(r0, 0x4400000000001264, &(0x7f0000000000)) 2018/04/19 16:18:56 executing program 3: 2018/04/19 16:18:56 executing program 4: r0 = open(&(0x7f0000000200)='./bus\x00', 0x141041, 0x0) fallocate(r0, 0x11, 0x8, 0x1fffffb) fadvise64(r0, 0x0, 0x8002, 0x4) 2018/04/19 16:18:56 executing program 7: 2018/04/19 16:18:56 executing program 5: 2018/04/19 16:18:56 executing program 2: 2018/04/19 16:18:56 executing program 2: 2018/04/19 16:18:56 executing program 0: 2018/04/19 16:18:56 executing program 5: 2018/04/19 16:18:56 executing program 7: 2018/04/19 16:18:56 executing program 4: 2018/04/19 16:18:56 executing program 3: 2018/04/19 16:18:56 executing program 6: 2018/04/19 16:18:56 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000002fe4)={0xa}, 0x1c) sendmsg(r0, &(0x7f0000007000)={0x0, 0x0, &(0x7f0000000ff0)=[{&(0x7f000000af89)="8100", 0x2}], 0x1, &(0x7f0000026000)}, 0x2000c080) sendmsg(r0, &(0x7f000001b000)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001000)="b46cfcec4b69", 0x6}], 0x1}, 0x0) [ 68.790235] ================================================================== [ 68.797648] BUG: KMSAN: uninit-value in rawv6_sendmsg+0x4bee/0x4cc0 [ 68.804066] CPU: 1 PID: 5802 Comm: syz-executor1 Not tainted 4.16.0+ #84 [ 68.810909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.820267] Call Trace: [ 68.822870] dump_stack+0x185/0x1d0 [ 68.826506] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 68.830744] kmsan_report+0x142/0x240 [ 68.834554] __msan_warning_32+0x6c/0xb0 [ 68.838629] rawv6_sendmsg+0x4bee/0x4cc0 [ 68.842706] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 68.848075] ? rw_copy_check_uvector+0x5af/0x6c0 [ 68.852862] ? compat_rawv6_ioctl+0x30/0x30 [ 68.857191] inet_sendmsg+0x48d/0x740 [ 68.860995] ? security_socket_sendmsg+0x9e/0x210 [ 68.865848] ? inet_getname+0x500/0x500 [ 68.869833] ___sys_sendmsg+0xec0/0x1310 [ 68.873903] ? __fdget+0x4e/0x60 [ 68.877279] ? __fget_light+0x56/0x710 [ 68.881517] ? __fdget+0x4e/0x60 [ 68.884903] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 68.890295] ? __fget_light+0x6b9/0x710 [ 68.894291] SYSC_sendmsg+0x2a3/0x3d0 [ 68.898101] SyS_sendmsg+0x54/0x80 [ 68.901640] do_syscall_64+0x309/0x430 [ 68.905526] ? ___sys_sendmsg+0x1310/0x1310 [ 68.909850] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 68.915035] RIP: 0033:0x455329 [ 68.918220] RSP: 002b:00007fc7142f3c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.925931] RAX: ffffffffffffffda RBX: 00007fc7142f46d4 RCX: 0000000000455329 [ 68.933200] RDX: 0000000000000000 RSI: 000000002001b000 RDI: 0000000000000013 [ 68.940469] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 68.947742] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 68.955010] R13: 00000000000004d5 R14: 00000000006fa498 R15: 0000000000000000 [ 68.962284] [ 68.963907] Uninit was stored to memory at: [ 68.968238] kmsan_internal_chain_origin+0x12b/0x210 [ 68.973342] kmsan_memcpy_origins+0x11d/0x170 [ 68.977840] __msan_memcpy+0x19f/0x1f0 [ 68.981731] skb_copy_bits+0x63a/0xdb0 [ 68.985619] rawv6_sendmsg+0x427e/0x4cc0 [ 68.989683] inet_sendmsg+0x48d/0x740 [ 68.993485] ___sys_sendmsg+0xec0/0x1310 [ 68.997554] SYSC_sendmsg+0x2a3/0x3d0 [ 69.001360] SyS_sendmsg+0x54/0x80 [ 69.004903] do_syscall_64+0x309/0x430 [ 69.008797] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.013974] Uninit was created at: [ 69.017520] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 69.022541] kmsan_alloc_page+0x82/0xe0 [ 69.026539] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 69.031318] alloc_pages_current+0x6b5/0x970 [ 69.035816] skb_page_frag_refill+0x3ba/0x5e0 [ 69.040318] sk_page_frag_refill+0xa4/0x340 [ 69.044653] __ip6_append_data+0x1a20/0x4bb0 [ 69.049074] ip6_append_data+0x40e/0x6b0 [ 69.053142] rawv6_sendmsg+0x2787/0x4cc0 [ 69.057217] inet_sendmsg+0x48d/0x740 [ 69.061028] ___sys_sendmsg+0xec0/0x1310 [ 69.065099] SYSC_sendmsg+0x2a3/0x3d0 [ 69.068907] SyS_sendmsg+0x54/0x80 [ 69.072451] do_syscall_64+0x309/0x430 [ 69.076353] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.081531] ================================================================== [ 69.088870] Disabling lock debugging due to kernel taint [ 69.094303] Kernel panic - not syncing: panic_on_warn set ... [ 69.094303] [ 69.101654] CPU: 1 PID: 5802 Comm: syz-executor1 Tainted: G B 4.16.0+ #84 [ 69.109775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.119108] Call Trace: [ 69.121700] dump_stack+0x185/0x1d0 [ 69.125310] panic+0x39d/0x940 [ 69.128505] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 69.132720] kmsan_report+0x238/0x240 [ 69.136515] __msan_warning_32+0x6c/0xb0 [ 69.140559] rawv6_sendmsg+0x4bee/0x4cc0 [ 69.144605] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 69.149953] ? rw_copy_check_uvector+0x5af/0x6c0 [ 69.154703] ? compat_rawv6_ioctl+0x30/0x30 [ 69.159010] inet_sendmsg+0x48d/0x740 [ 69.162800] ? security_socket_sendmsg+0x9e/0x210 [ 69.167628] ? inet_getname+0x500/0x500 [ 69.171589] ___sys_sendmsg+0xec0/0x1310 [ 69.175648] ? __fdget+0x4e/0x60 [ 69.179009] ? __fget_light+0x56/0x710 [ 69.182883] ? __fdget+0x4e/0x60 [ 69.186232] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 69.191580] ? __fget_light+0x6b9/0x710 [ 69.195553] SYSC_sendmsg+0x2a3/0x3d0 [ 69.199343] SyS_sendmsg+0x54/0x80 [ 69.202868] do_syscall_64+0x309/0x430 [ 69.206742] ? ___sys_sendmsg+0x1310/0x1310 [ 69.211052] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 69.216223] RIP: 0033:0x455329 [ 69.219395] RSP: 002b:00007fc7142f3c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.227087] RAX: ffffffffffffffda RBX: 00007fc7142f46d4 RCX: 0000000000455329 [ 69.234342] RDX: 0000000000000000 RSI: 000000002001b000 RDI: 0000000000000013 [ 69.241594] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 69.248845] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 69.256099] R13: 00000000000004d5 R14: 00000000006fa498 R15: 0000000000000000 [ 69.263821] Dumping ftrace buffer: [ 69.267341] (ftrace buffer empty) [ 69.271027] Kernel Offset: disabled [ 69.274629] Rebooting in 86400 seconds..