2019/02/07 16:29:15 fuzzer started 2019/02/07 16:29:15 dialing manager at 127.0.0.1:38891 2019/02/07 16:29:15 syscalls: 1 2019/02/07 16:29:15 code coverage: support is not implemented in syzkaller 2019/02/07 16:29:15 comparison tracing: support is not implemented in syzkaller 2019/02/07 16:29:15 extra coverage: support is not implemented in syzkaller 2019/02/07 16:29:15 setuid sandbox: support is not implemented in syzkaller 2019/02/07 16:29:15 namespace sandbox: support is not implemented in syzkaller 2019/02/07 16:29:15 Android sandbox: support is not implemented in syzkaller 2019/02/07 16:29:15 fault injection: support is not implemented in syzkaller 2019/02/07 16:29:15 leak checking: support is not implemented in syzkaller 2019/02/07 16:29:15 net packet injection: support is not implemented in syzkaller 2019/02/07 16:29:15 net device setup: support is not implemented in syzkaller 16:29:15 executing program 0: openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) openat$dev_osversion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/osversion\x00', 0xf, 0x1, 0x0) openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f0000000080)='/net/ipifc/0/status\x00', 0x14, 0x1, 0x0) openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/0/status\x00', 0x14, 0x1, 0x0) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000140)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) openat$dev_user(0xffffffffffffff9c, &(0x7f0000000180)='/dev/user\x00', 0xa, 0x3, 0x0) openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) r0 = openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f0000000200)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f0000000240)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) openat$net_tcp_0_local(0xffffffffffffff9c, &(0x7f0000000280)='/net/tcp/0/local\x00', 0x11, 0x1, 0x0) r1 = openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) openat$net_cs(0xffffffffffffff9c, &(0x7f0000000300)='/net/cs\x00', 0x8, 0x3, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0x1010, r1, 0x8001) openat$proc_self_maps(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/maps\x00', 0x10, 0x1, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000380)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_remote(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ipifc/1/remote\x00', 0x14, 0x1, 0x0) r2 = openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f0000000400)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) nmount(r0, &(0x7f0000000440)='./file0\x00', 0x8, 0x0) openat$dev_hostowner(0xffffffffffffff9c, &(0x7f0000000480)='/dev/hostowner\x00', 0xf, 0x3, 0x0) openat$proc_self_args(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/args\x00', 0x10, 0x3, 0x0) openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000500)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000540)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000580)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f00000005c0)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) openat$net_ether0_0_ifstats(0xffffffffffffff9c, &(0x7f0000000600)='/net/ether0/0/ifstats\x00', 0x16, 0x1, 0x0) openat$dev_user(0xffffffffffffff9c, &(0x7f0000000640)='/dev/user\x00', 0xa, 0x3, 0x0) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000680)='/dev/.empty\x00', 0xc, 0x3, 0x0) fwstat(r2, &(0x7f00000006c0)=""/60, 0x3c, 0x0) vmm_ctl$VMM_CTL_SET_EXITS(0x2, 0x1) 16:29:15 executing program 1: r0 = openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) abort_sysc_fd(r0) openat$net_udp_stats(0xffffffffffffff9c, &(0x7f0000000040)='/net/udp/stats\x00', 0xf, 0x1, 0x0) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) unlink(&(0x7f00000000c0)='./file0\x00', 0x8) openat$proc_self_args(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/args\x00', 0x10, 0x3, 0x0) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/status\x00', 0x12, 0x1, 0x0) openat$net_udp_stats(0xffffffffffffff9c, &(0x7f00000001c0)='/net/udp/stats\x00', 0xf, 0x1, 0x0) rmdir(&(0x7f0000000200)='./file0\x00', 0x8) vmm_ctl$VMM_CTL_SET_FLAGS(0x4, 0x6) r1 = openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000240)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f0000000280)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) openat$dev_kprint(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kprint\x00', 0xc, 0x1, 0x0) proc_yield(0x0) rmdir(&(0x7f0000000300)='./file0\x00', 0x8) openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) r2 = openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) openat$dev_config(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/config\x00', 0xc, 0x1, 0x0) openat$dev_stderr(0xffffffffffffff9c, &(0x7f0000000400)='/dev/stderr\x00', 0xc, 0x3, 0x0) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000440)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) proc_yield(0x1) openat$prof_kptrace_ctl(0xffffffffffffff9c, &(0x7f0000000480)='/prof/kptrace_ctl\x00', 0x12, 0x3, 0x0) abort_sysc_fd(r2) block(0x7) openat$net_iprouter(0xffffffffffffff9c, &(0x7f00000004c0)='/net/iprouter\x00', 0xe, 0x3, 0x0) fcntl$F_SETFD(r1, 0x2, 0x1) openat$dev_user(0xffffffffffffff9c, &(0x7f0000000500)='/dev/user\x00', 0xa, 0x3, 0x0) openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000540)='/proc/self/text\x00', 0x10, 0x1, 0x0) openat$proc_self_proc(0xffffffffffffff9c, &(0x7f0000000580)='/proc/self/proc\x00', 0x10, 0x1, 0x0) 16:29:15 executing program 2: openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) halt_core(0x0) r0 = openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f0000000040)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) fcntl$F_SETFL(r0, 0x4, 0x400) openat$net_cs(0xffffffffffffff9c, &(0x7f0000000080)='/net/cs\x00', 0x8, 0x3, 0x0) r1 = openat$prof_kpdata(0xffffffffffffff9c, &(0x7f00000000c0)='/prof/kpdata\x00', 0xd, 0x3, 0x0) openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/0/listen\x00', 0x12, 0x3, 0x0) getpcoreid() openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000140)='/prof/kptrace\x00', 0xe, 0x3, 0x0) openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f0000000180)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) openat$net_empty(0xffffffffffffff9c, &(0x7f00000001c0)='/net/.empty\x00', 0xc, 0x3, 0x0) openat$dev_user(0xffffffffffffff9c, &(0x7f0000000200)='/dev/user\x00', 0xa, 0x3, 0x0) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000240)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppid\x00', 0xa, 0x1, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) r2 = openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000300)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) openat$proc_self_note(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/note\x00', 0x10, 0x1, 0x0) openat$net_ndb(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ndb\x00', 0x9, 0x3, 0x0) openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f0000000400)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) openat$prof_mpstat(0xffffffffffffff9c, &(0x7f0000000440)='/prof/mpstat\x00', 0xd, 0x3, 0x0) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ppid\x00', 0xa, 0x1, 0x0) openat$proc_self_args(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/args\x00', 0x10, 0x3, 0x0) close(r2) openat$dev_time(0xffffffffffffff9c, &(0x7f0000000500)='/dev/time\x00', 0xa, 0x3, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000540)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) fd2path(r1, &(0x7f0000000580)=""/83, 0x53) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000600)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f0000000640)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000680)='/dev/caphash\x00', 0xd, 0x3, 0x0) 16:29:15 executing program 3: r0 = openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) fstat(r0, &(0x7f0000000040)) openat$prof_empty(0xffffffffffffff9c, &(0x7f00000000c0)='/prof/.empty\x00', 0xd, 0x3, 0x0) r1 = openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000000100)='/dev/urandom\x00', 0xd, 0x1, 0x0) fchdir(0x0, r0) openat$dev_pid(0xffffffffffffff9c, &(0x7f0000000140)='/dev/pid\x00', 0x9, 0x1, 0x0) fcntl$F_DUPFD(r0, 0x0, r1, 0x1) fchdir(0x0, r1) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000000, 0x12010, 0xffffffffffffffff, 0x14) openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) openat$dev_time(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/time\x00', 0xa, 0x3, 0x0) r2 = openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) r3 = openat$net_ndb(0xffffffffffffff9c, &(0x7f0000000240)='/net/ndb\x00', 0x9, 0x3, 0x0) r4 = openat$net_arp(0xffffffffffffff9c, &(0x7f0000000280)='/net/arp\x00', 0x9, 0x3, 0x0) openat$dev_hostowner(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/hostowner\x00', 0xf, 0x3, 0x0) llseek(r4, 0x7c9d, 0x80, &(0x7f0000000300), 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/user\x00', 0x10, 0x1, 0x0) abort_sysc_fd(r3) openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) openat$net_ether0_1_stats(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ether0/1/stats\x00', 0x14, 0x1, 0x0) openat$net_icmpv6_stats(0xffffffffffffff9c, &(0x7f0000000400)='/net/icmpv6/stats\x00', 0x12, 0x1, 0x0) openat$dev_config(0xffffffffffffff9c, &(0x7f0000000440)='/dev/config\x00', 0xc, 0x1, 0x0) fcntl$F_SETFL(r2, 0x4, 0x88000) fcntl$F_GETFL(r4, 0x3) openat$proc_self_segment(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/segment\x00', 0x13, 0x1, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/user\x00', 0x10, 0x1, 0x0) fcntl$F_SYNC(r2, 0x65) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) r5 = openat$proc_self_profile(0xffffffffffffff9c, &(0x7f0000000540)='/proc/self/profile\x00', 0x13, 0x1, 0x0) r6 = proc_create(&(0x7f0000000580)='./file0\x00', 0x8, &(0x7f00000005c0)='}\x00', 0x2, 0x0) fchdir(r6, r5) 16:29:15 executing program 4: openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) openat$dev_klog(0xffffffffffffff9c, &(0x7f0000000040)='/dev/klog\x00', 0xa, 0x1, 0x0) r0 = openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) r1 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0x8, 0x0, 0x40) r2 = openat$dev_capuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capuse\x00', 0xc, 0x3, 0x0) openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f0000000180)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) openat$net_ipifc_1_data(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ipifc/1/data\x00', 0x12, 0x3, 0x0) fstat(r2, &(0x7f0000000200)) cache_invalidate() openat$dev_osversion(0xffffffffffffff9c, &(0x7f0000000280)='/dev/osversion\x00', 0xf, 0x1, 0x0) openat$proc_self_wait(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/wait\x00', 0x10, 0x1, 0x0) openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000300)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) r3 = openat$net_ipifc_1_data(0xffffffffffffff9c, &(0x7f0000000340)='/net/ipifc/1/data\x00', 0x12, 0x3, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) openat$dev_sdctl(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sdctl\x00', 0xb, 0x3, 0x0) change_to_m() openat$dev_sysstat(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sysstat\x00', 0xd, 0x3, 0x0) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kmesg\x00', 0xb, 0x1, 0x0) openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000480)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) tap_fds(&(0x7f0000000700)=[{r3, 0x2, 0x400, 0x2, &(0x7f0000000540)={&(0x7f00000004c0)="4838d738296f715165f82f9289670fb647dbf5d9eefe7c4c6ffff913fad4dbcef4b264b6b2899ad8b9fec24c5a5f257dfa2fe7626c63e8f39a659f7b00f07753236d48881e88ef6ed129459f260822a4", 0x1, 0x1, 0x7, 0x12c, 0x4}}, {r3, 0x2, 0x140, 0x1, &(0x7f0000000600)={&(0x7f0000000580)="216e61f9a3aa0e0b29e59eff9c8543b820ddfc02ad958e6dabcfa29a9cab1188ff71be3050ec6e589661544233144641da4fb4eda8f85edeb5bbf259c92ba42eba6096256798bf87a1ca94c67f01df97", 0x483, 0x1, 0x0, 0x19f, 0x7}}, {r3, 0x1, 0x9, 0x401, &(0x7f00000006c0)={&(0x7f0000000640)="67c5194e573815c570e61c94505ce1dfeef5538388eb5ad72d2713242f65f1688914de90e1d9aa0d68e15159921494392d6f11e87d66b191eaaf106ed749b158aaf59d48a900dcd1758ac9a2852f3c00", 0x4, 0x0, 0x7, 0x1, 0x8}}], 0x3) openat$dev_sdctl(0xffffffffffffff9c, &(0x7f0000000780)='/dev/sdctl\x00', 0xb, 0x3, 0x0) r4 = proc_create(&(0x7f00000007c0)='./file0/file0\x00', 0xe, &(0x7f0000000800)='/dev/osversion\x00', 0xf, 0x1) fchdir(r4, r1) openat$net_tcp_2_status(0xffffffffffffff9c, &(0x7f0000000840)='/net/tcp/2/status\x00', 0x12, 0x1, 0x0) openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000880)='/prof/kpdata\x00', 0xd, 0x3, 0x0) openat$net_ether0_stats(0xffffffffffffff9c, &(0x7f00000008c0)='/net/ether0/stats\x00', 0x12, 0x1, 0x0) openat$net_ipifc_1_ctl(0xffffffffffffff9c, &(0x7f0000000900)='/net/ipifc/1/ctl\x00', 0x11, 0x3, 0x0) openat$net_tcp_2_status(0xffffffffffffff9c, &(0x7f0000000940)='/net/tcp/2/status\x00', 0x12, 0x1, 0x0) openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f0000000980)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) 16:29:15 executing program 5: r0 = openat$net_ipifc_1_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/1/ctl\x00', 0x11, 0x3, 0x0) fwstat(r0, &(0x7f0000000040)=""/84, 0x54, 0x0) umask(0x5) fwstat(r0, &(0x7f00000000c0)=""/42, 0x2a, 0x0) openat$net_udp_0_listen(0xffffffffffffff9c, &(0x7f0000000100)='/net/udp/0/listen\x00', 0x12, 0x3, 0x0) fork() openat$net_tcp_2_status(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/2/status\x00', 0x12, 0x1, 0x0) openat$dev_random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/random\x00', 0xc, 0x1, 0x0) r1 = openat$dev_cputime(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cputime\x00', 0xd, 0x1, 0x0) r2 = openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) llseek(r2, 0x9, 0x1, &(0x7f0000000240), 0x2) fwstat(r1, &(0x7f0000000280)=""/211, 0xd3, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) fork() openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f00000003c0)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) r3 = openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000400)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000000440)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000480)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$dev_sysname(0xffffffffffffff9c, &(0x7f0000000500)='/dev/sysname\x00', 0xd, 0x3, 0x0) openat$proc_self_mem(0xffffffffffffff9c, &(0x7f0000000540)='/proc/self/mem\x00', 0xf, 0x1, 0x0) openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000580)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) openat$dev_sdctl(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/sdctl\x00', 0xb, 0x3, 0x0) fcntl$F_GETFD(r1, 0x1) openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f0000000600)='/net/ether0/clone\x00', 0x12, 0x3, 0x0) openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f0000000640)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) openat$prof_kprintx(0xffffffffffffff9c, &(0x7f0000000680)='/prof/kprintx\x00', 0xe, 0x3, 0x0) read(r3, 0x0, 0x0) 16:29:15 executing program 6: r0 = proc_create(&(0x7f0000000000)='./file0\x00', 0x8, &(0x7f0000000040)='\x00', 0x1, 0x1) chdir(r0, &(0x7f0000000080)='./file0\x00', 0x8) exec(&(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000100)='\x00', 0x1) rename(&(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000180)='./file0\x00', 0x8) rename(&(0x7f00000001c0)='./file0\x00', 0x8, &(0x7f0000000200)='./file0\x00', 0x8) nbind(0xffffffffffffffff, 0x0, &(0x7f0000000240)='./file0\x00', 0x8, 0x1) r1 = openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f0000000280)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) tcgetattr(r1, &(0x7f00000002c0)) exec(&(0x7f0000000300)='./file0\x00', 0x8, &(0x7f0000000340)='\x00', 0x1) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kmesg\x00', 0xb, 0x1, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000400)='/prof/kptrace\x00', 0xe, 0x3, 0x0) close(r1) openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f0000000440)='/net/ether0/1/ctl\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_ctl(0xffffffffffffff9c, &(0x7f0000000480)='/net/ipifc/1/ctl\x00', 0x11, 0x3, 0x0) rename(&(0x7f00000004c0)='./file0\x00', 0x8, &(0x7f0000000500)='./file0\x00', 0x8) openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000540)='/prof/kpdata\x00', 0xd, 0x3, 0x0) openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f0000000580)='/net/tcp/1/status\x00', 0x12, 0x1, 0x0) nbind(&(0x7f00000005c0)='./file0\x00', 0x8, &(0x7f0000000600)='./file0\x00', 0x8, 0x13) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000640)='/proc/self/user\x00', 0x10, 0x1, 0x0) exec(&(0x7f0000000680)='./file0\x00', 0x8, &(0x7f00000006c0)='\xf1V-^-\x00', 0x6) openat$proc_self_profile(0xffffffffffffff9c, &(0x7f0000000700)='/proc/self/profile\x00', 0x13, 0x1, 0x0) exec(&(0x7f0000000740)='./file0\x00', 0x8, &(0x7f0000000780)='%\x00', 0x2) exec(&(0x7f00000007c0)='./file0\x00', 0x8, &(0x7f0000000800)='\x00', 0x1) openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f0000000840)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000880)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) mkdir(&(0x7f00000008c0)='./file0\x00', 0x8, 0x40) exec(&(0x7f0000000900)='./file0\x00', 0x8, &(0x7f0000000940)='}\x00', 0x2) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000980)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f00000009c0)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) 16:29:15 executing program 7: r0 = openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/user\x00', 0x10, 0x1, 0x0) close(r0) openat$dev_time(0xffffffffffffff9c, &(0x7f0000000040)='/dev/time\x00', 0xa, 0x3, 0x0) openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000080)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) r1 = openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) openat$prof_kprintx(0xffffffffffffff9c, &(0x7f0000000100)='/prof/kprintx\x00', 0xe, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000180)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) r2 = openat$net_udp_0_status(0xffffffffffffff9c, &(0x7f00000001c0)='/net/udp/0/status\x00', 0x12, 0x1, 0x0) openat$dev_cputime(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cputime\x00', 0xd, 0x1, 0x0) openat$proc_self_mem(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/mem\x00', 0xf, 0x1, 0x0) r3 = openat$net_udp_0_status(0xffffffffffffff9c, &(0x7f0000000280)='/net/udp/0/status\x00', 0x12, 0x1, 0x0) openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) openat$net_log(0xffffffffffffff9c, &(0x7f0000000300)='/net/log\x00', 0x9, 0x3, 0x0) fcntl$F_GETFD(r1, 0x1) fcntl$F_GETFD(r3, 0x1) openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f0000000340)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) openat$dev_swap(0xffffffffffffff9c, &(0x7f0000000380)='/dev/swap\x00', 0xa, 0x3, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/zero\x00', 0xa, 0x1, 0x0) openat$net_ipifc_clone(0xffffffffffffff9c, &(0x7f0000000400)='/net/ipifc/clone\x00', 0x11, 0x3, 0x0) openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000440)='/dev/drivers\x00', 0xd, 0x1, 0x0) fcntl$F_SYNC(r2, 0x65) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kmesg\x00', 0xb, 0x1, 0x0) r4 = openat$proc_self_args(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/args\x00', 0x10, 0x3, 0x0) openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000500)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_ctl(0xffffffffffffff9c, &(0x7f0000000540)='/net/ipifc/1/ctl\x00', 0x11, 0x3, 0x0) openat$dev_osversion(0xffffffffffffff9c, &(0x7f0000000580)='/dev/osversion\x00', 0xf, 0x1, 0x0) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f00000005c0)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000600)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) fcntl$F_GETFD(r4, 0x1) 16:29:16 executing program 0: r0 = openat$prof_kpctl(0xffffffffffffff9c, &(0x7f0000000040)='/prof/kpctl\x00', 0xc, 0x3, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$dev_stderr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/stderr\x00', 0xc, 0x3, 0x0) close(r0) close(r0) openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f0000000080)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) 16:29:16 executing program 0: openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/status\x00', 0x12, 0x1, 0x0) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/status\x00', 0x12, 0x1, 0x0) openat$net_ipifc_1_data(0xffffffffffffff9c, &(0x7f0000000080)='/net/ipifc/1/data\x00', 0x12, 0x3, 0x0) r0 = openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f00000000c0)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) r1 = openat$proc_self_proc(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/proc\x00', 0x10, 0x1, 0x0) fcntl$F_GETFL(r0, 0x3) openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000140)='/net/iproute\x00', 0xd, 0x3, 0x0) lstat(&(0x7f0000000180)='./file0\x00', 0x8, &(0x7f00000001c0)) rmdir(&(0x7f0000000240)='./file0\x00', 0x8) fd2path(r1, &(0x7f0000000280)=""/72, 0x48) r2 = openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000300)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) r3 = openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000380)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) r4 = proc_create(&(0x7f00000003c0)='./file0\x00', 0x8, &(0x7f0000000400)='/proc/self/status\x00', 0x12, 0x0) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000440)='/dev/caphash\x00', 0xd, 0x3, 0x0) openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f0000000480)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) lstat(&(0x7f00000004c0)='./file1\x00', 0x8, &(0x7f0000000500)) openat$dev_random(0xffffffffffffff9c, &(0x7f0000000580)='/dev/random\x00', 0xc, 0x1, 0x0) fcntl$F_GETFD(r3, 0x1) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f00000005c0)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f0000000600)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) fchdir(r4, r2) openat$proc_self_mem(0xffffffffffffff9c, &(0x7f0000000640)='/proc/self/mem\x00', 0xf, 0x1, 0x0) openat$net_udp_stats(0xffffffffffffff9c, &(0x7f0000000680)='/net/udp/stats\x00', 0xf, 0x1, 0x0) openat$net_tcp_stats(0xffffffffffffff9c, &(0x7f00000006c0)='/net/tcp/stats\x00', 0xf, 0x1, 0x0) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000700)='/dev/killkid\x00', 0xd, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000740)='/dev/sysctl\x00', 0xc, 0x3, 0x0) pop_ctx(&(0x7f0000000780)="06afe79ca45cee60a734fb5641c13a31a2f9307b733b261ce3bdef5fb19714c13fa81111c841352f8a355be9cd81970e3be023ce51e6c4d0115de24fef05c301dbae0199c7c21c7821ed2a42cc63a830ac78669fabe93d3cf01f98beeb3afed73f19a82d2abf1ded6b5199afe7c1ba8116b8131f5f2b48b6b30e587f9c29e1a92e4e94a55f53eb396c36c30e21937f16c4bb8b648989960ccd047e2ce263118d99b1f76a0a3a68fefe1f1cc89b9b2fd784c3a1caff7937b910fe43eaae8db2f92e2f44abd8da0dc015e96af3fb6f53d100f4e5a53b797726") openat$net_arp(0xffffffffffffff9c, &(0x7f0000000880)='/net/arp\x00', 0x9, 0x3, 0x0) openat(0xffffffffffffff9c, &(0x7f00000008c0)='./file1\x00', 0x8, 0x400, 0x3) bash-4.3$ Unhandled user trap in vcore context from VC 0 HW TRAP frame (partial) at 0xffffffffc89963a0 on core 3 rax 0x000000005a5a4e80 rbx 0x0000300000006e90 rcx 0x0000000000000150 rdx 0x000010000000a4c0 rbp 0x0000300000006e80 rsi 0x000010000000a5c0 rdi 0x000000005a5a4f80 r8 0x000000005a5a5a5a r9 0x000000005a5a4e80 r10 0x0000000000000000 r11 0x0000000000000200 r12 0x000000000040fec0 r13 0x000010000000a4c0 r14 0x0000000000000004 r15 0x00007f7fffa01200 trap 0x0000000e Page Fault gsbs 0x0000000000000000 fsbs 0x0000000000000000 err 0x--------00000006 rip 0x000000000040fca6 cs 0x------------0023 flag 0x0000000000010202 rsp 0x0000300000006d80 ss 0x------------001b err 0x6 (for PFs: User 4, Wr 2, Rd 1), aux 0x000000005a5a4f80 Addr 0x000000000040fca6 is in syz-executor at offset 0x000000000000fca6 VM Regions for proc 37 NR: Range: Prot, Flags, File, Off 00: (0x0000000000400000 - 0x00000000004b5000): 0x00000005, 0x00000001, 0xffff8000048f6220, 0x0000000000000000 01: (0x00000000004b5000 - 0x00000000004b6000): 0x00000005, 0x00000002, 0xffff8000048f6220, 0x00000000000b5000 02: (0x00000000006b6000 - 0x00000000006b9000): 0x00000003, 0x00000002, 0xffff8000048f6220, 0x00000000000b6000 03: (0x00000000006b9000 - 0x00000000008e5000): 0x00000003, 0x00000002, 0x0000000000000000, 0x0000000000000000 04: (0x0000000020000000 - 0x0000000021000000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 05: (0x0000100000000000 - 0x0000100000024000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 06: (0x0000300000000000 - 0x0000300000001000): 0x00000003, 0x00000002, 0xffff8000048f6220, 0x0000000000000000 16:29:21 executing program 0: r0 = openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/1/ctl\x00', 0x12, 0x3, 0x0) fcntl$F_SETFL(r0, 0x4, 0x400) openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/clone\x00', 0xfffffffffffffd51, 0x3, 0x0) 07: (0x0000300000001000 - 0x0000300000005000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 08: (0x0000300000005000 - 0x0000300000007000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 09: (0x0000300000007000 - 0x0000300000019000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 10: (0x0000300000019000 - 0x000030000003d000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 11: (0x00007f7fff8ff000 - 0x00007f7fff9ff000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 Backtrace of user context on Core 3: Offsets only matter for shared libraries #01 Addr 0x000000000040fca6 is in syz-executor at offset 0x000000000000fca6 16:29:26 executing program 0: unlink(&(0x7f0000000000)='./file0\x00', 0x8) openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) r0 = openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000080)='/dev/caphash\x00', 0xd, 0x3, 0x0) read(r0, &(0x7f00000000c0)=""/75, 0x4b) fcntl$F_SYNC(r0, 0x65) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) openat$proc_self_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/ctl\x00', 0xf, 0x3, 0x0) openat$dev_cputime(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cputime\x00', 0xd, 0x1, 0x0) openat(r0, &(0x7f0000000200)='./file0\x00', 0x8, 0x81, 0x3) mkdir(&(0x7f0000000240)='./file0\x00', 0x8, 0x10) rename(&(0x7f0000000280)='./file0\x00', 0x8, &(0x7f00000002c0)='./file0/file0\x00', 0xe) openat$prof_kprintx(0xffffffffffffff9c, &(0x7f0000000300)='/prof/kprintx\x00', 0xe, 0x3, 0x0) openat$dev_pid(0xffffffffffffff9c, &(0x7f0000000340)='/dev/pid\x00', 0x9, 0x1, 0x0) vc_entry() openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000380)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) openat$prof_mpstat(0xffffffffffffff9c, &(0x7f00000003c0)='/prof/mpstat\x00', 0xd, 0x3, 0x0) openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000400)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000440)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) r1 = openat$dev_sysstat(0xffffffffffffff9c, &(0x7f0000000480)='/dev/sysstat\x00', 0xd, 0x3, 0x0) abort_sysc_fd(r1) r2 = openat$net_ether0_2_stats(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ether0/2/stats\x00', 0x14, 0x1, 0x0) fd2path(r2, &(0x7f0000000500)=""/4096, 0x1000) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000001500)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000001540)='/dev/kmesg\x00', 0xb, 0x1, 0x0) abort_sysc_fd(r2) openat$net_tcp_1_err(0xffffffffffffff9c, &(0x7f0000001580)='/net/tcp/1/err\x00', 0xf, 0x3, 0x0) openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f00000015c0)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000001600)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) openat$net_tcp_0_status(0xffffffffffffff9c, &(0x7f0000001640)='/net/tcp/0/status\x00', 0x12, 0x1, 0x0) openat$net_iproute(0xffffffffffffff9c, &(0x7f0000001680)='/net/iproute\x00', 0xd, 0x3, 0x0) #02 Addr 0x00000000004100ce is in syz-executor at offset 0x00000000000100ce #03 Addr 0x000000000041567d is in syz-executor at offset 0x000000000001567d #04 Addr 0x0000000000407f6b is in syz-executor at offset 0x0000000000007f6b #05 Addr 0x0000000000414ad0 is in syz-executor at offset 0x0000000000014ad0 #06 Addr 0x000000000040849a is in syz-executor at offset 0x000000000000849a #07 Addr 0x0000000000403e89 is in syz-executor at offset 0x0000000000003e89 #08 Addr 0x00000000004147fc is in syz-executor at offset 0x00000000000147fc #09 Addr 0x0000000000414801 is in syz-executor at offset 0x0000000000014801 16:29:29 executing program 1: r0 = openat$net_ipifc_1_snoop(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/1/snoop\x00', 0x13, 0x1, 0x0) fcntl$F_GETFD(r0, 0x1) syz_execute_func(&(0x7f0000000040)="c21600c461fc526ff68f8878c238cd2665d9dfc4437921eb253e470f11e146d9f9f040f69affefffffc483f916c856c402910b23") kernel panic at kern/src/ns/qio.c:1355, from core 0: assertion failed: va Stack Backtrace on Core 0: #01 [<0xffffffffc200a38c>] in backtrace #02 [<0xffffffffc2009b25>] in _panic #03 [<0xffffffffc203a10b>] in read_all_blocks #04 [<0xffffffffc203c7d4>] in qread #05 [<0xffffffffc201498b>] in ipread #06 [<0xffffffffc203f713>] in rread #07 [<0xffffffffc203f8bb>] in sysread #08 [<0xffffffffc20569a1>] in sys_read #09 [<0xffffffffc205a019>] in syscall #10 [<0xffffffffc205a1f8>] in run_local_syscall #11 [<0xffffffffc205a739>] in prep_syscalls #12 [<0xffffffffc20abee2>] in sysenter_callwrapper Entering Nanwan's Dungeon on Core 0 (Ints on): Type 'help' for a list of commands.