2019/02/28 18:49:24 fuzzer started 2019/02/28 18:49:24 dialing manager at 127.0.0.1:34323 2019/02/28 18:49:24 syscalls: 1 2019/02/28 18:49:24 code coverage: support is not implemented in syzkaller 2019/02/28 18:49:24 comparison tracing: support is not implemented in syzkaller 2019/02/28 18:49:24 extra coverage: support is not implemented in syzkaller 2019/02/28 18:49:24 setuid sandbox: support is not implemented in syzkaller 2019/02/28 18:49:24 namespace sandbox: support is not implemented in syzkaller 2019/02/28 18:49:24 Android sandbox: support is not implemented in syzkaller 2019/02/28 18:49:24 fault injection: support is not implemented in syzkaller 2019/02/28 18:49:24 leak checking: support is not implemented in syzkaller 2019/02/28 18:49:24 net packet injection: support is not implemented in syzkaller 2019/02/28 18:49:24 net device setup: support is not implemented in syzkaller 18:49:24 executing program 0: openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000000)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000040)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) r0 = openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000080)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) openat$dev_sysstat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sysstat\x00', 0xd, 0x3, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000100)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/1/status\x00', 0x12, 0x1, 0x0) openat$dev_random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/random\x00', 0xc, 0x1, 0x0) r1 = openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f00000001c0)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) nmount(r0, &(0x7f0000000200)='./file0\x00', 0x8, 0x4) r2 = openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f0000000240)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f0000000280)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/0/listen\x00', 0x12, 0x3, 0x0) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000300)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8, 0x18000, 0x8) openat$dev_cputime(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/cputime\x00', 0xd, 0x1, 0x0) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000400)='/dev/killkid\x00', 0xd, 0x3, 0x0) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000440)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000480)='/dev/killkid\x00', 0xd, 0x3, 0x0) r3 = openat$net_udp_stats(0xffffffffffffff9c, &(0x7f00000004c0)='/net/udp/stats\x00', 0xf, 0x1, 0x0) fcntl$F_GETFD(r3, 0x1) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f0000000500)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) openat$net_ipifc_1_local(0xffffffffffffff9c, &(0x7f0000000540)='/net/ipifc/1/local\x00', 0x13, 0x1, 0x0) openat$dev_sysname(0xffffffffffffff9c, &(0x7f0000000580)='/dev/sysname\x00', 0xd, 0x3, 0x0) openat$proc_self_ns(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/self/ns\x00', 0xe, 0x1, 0x0) openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000600)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000640)='/dev/.empty\x00', 0xc, 0x3, 0x0) openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f0000000680)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) fcntl$F_DUPFD(r1, 0x0, r2, 0x1) openat$proc_self_ns(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/self/ns\x00', 0xe, 0x1, 0x0) 18:49:24 executing program 1: r0 = openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x2) openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000080)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) openat$dev_pid(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/pid\x00', 0x9, 0x1, 0x0) openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/net/ether0/1/ctl\x00', 0x12, 0x3, 0x0) openat$prof_mpstat(0xffffffffffffff9c, &(0x7f0000000140)='/prof/mpstat\x00', 0xd, 0x3, 0x0) openat$net_ipifc_1_snoop(0xffffffffffffff9c, &(0x7f0000000180)='/net/ipifc/1/snoop\x00', 0x13, 0x1, 0x0) openat$proc_self_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/ctl\x00', 0xf, 0x3, 0x0) r1 = openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000200)='/prof/kptrace\x00', 0xe, 0x3, 0x0) r2 = openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x9030, 0xffffffffffffffff, 0x400) abort_sysc_fd(r1) r3 = openat$net_ipselftab(0xffffffffffffff9c, &(0x7f0000000280)='/net/ipselftab\x00', 0xf, 0x1, 0x0) change_to_m() openat$dev_empty(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/.empty\x00', 0xc, 0x3, 0x0) r4 = openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$net_udp_clone(0xffffffffffffff9c, &(0x7f0000000340)='/net/udp/clone\x00', 0xf, 0x3, 0x0) r5 = openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000380)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) openat$prof_mpstat(0xffffffffffffff9c, &(0x7f00000003c0)='/prof/mpstat\x00', 0xd, 0x3, 0x0) openat$net_ether0_2_ctl(0xffffffffffffff9c, &(0x7f0000000400)='/net/ether0/2/ctl\x00', 0x12, 0x3, 0x0) openat$net_tcp_0_local(0xffffffffffffff9c, &(0x7f0000000440)='/net/tcp/0/local\x00', 0x11, 0x1, 0x0) fcntl$F_SETFD(r2, 0x2, 0x1) r6 = proc_create(&(0x7f0000000480)='./file0\x00', 0x8, &(0x7f00000004c0)='/net/udp/clone\x00', 0xf, 0x0) fchdir(r6, r5) tap_fds(&(0x7f00000005c0)=[{r3, 0x3, 0x413, 0x100000000, &(0x7f0000000580)={&(0x7f0000000500)="5307f008910176bf0a2d97d008f92279aa17c2a8aa47c025a5d53cc5d2827d20b86fa0d7cd599f260afc6e59c79ed36a48ba8b432e70378638a87e7ee1a3320d43c889b37f5719fa53b96ab0d63d5aef", 0x3, 0x0, 0x5, 0x414d, 0xffffffffffffffff}}], 0x1) openat$dev_random(0xffffffffffffff9c, &(0x7f0000000600)='/dev/random\x00', 0xc, 0x1, 0x0) openat$net_icmp_stats(0xffffffffffffff9c, &(0x7f0000000640)='/net/icmp/stats\x00', 0x10, 0x1, 0x0) openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000680)='/proc/self/text\x00', 0x10, 0x1, 0x0) tcgetattr(r4, &(0x7f00000006c0)) access(&(0x7f0000000700)='./file0\x00', 0x8, 0x8) 18:49:24 executing program 3: r0 = openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kmesg\x00', 0xb, 0x1, 0x0) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f00000000c0)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) r1 = openat$net_tcp_1_err(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/1/err\x00', 0xf, 0x3, 0x0) fcntl$F_SETFL(r1, 0x4, 0x400) fcntl$F_SETFD(r0, 0x2, 0x1) r2 = openat$net_cs(0xffffffffffffff9c, &(0x7f0000000140)='/net/cs\x00', 0x8, 0x3, 0x0) fd2path(r2, &(0x7f0000000180)=""/52, 0x34) vmm_ctl$VMM_CTL_SET_FLAGS(0x4, 0x4) openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000200)='/dev/drivers\x00', 0xd, 0x1, 0x0) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f0000000240)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000280)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ether0/clone\x00', 0x12, 0x3, 0x0) openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f0000000300)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/1/ctl\x00', 0x12, 0x3, 0x0) openat$net_arp(0xffffffffffffff9c, &(0x7f0000000380)='/net/arp\x00', 0x9, 0x3, 0x0) openat$net_log(0xffffffffffffff9c, &(0x7f00000003c0)='/net/log\x00', 0x9, 0x3, 0x0) openat$net_arp(0xffffffffffffff9c, &(0x7f0000000400)='/net/arp\x00', 0x9, 0x3, 0x0) send_event(0x0, &(0x7f00000004c0)={0x7, 0x4, 0x7, &(0x7f0000000440)="f93e9b5b4109046332da1d44585e477cb59dcf5e09017c9cf3ca6b83a9a1a63ff447e8d4678b891ea84d6836a9162a90999e9cd1efa3727904eea02a61c4c8c5b9da2ad347e2f14f4c0c8c7d00cb35e060b1d79f4fb97d95fd67a15d980a079d2e8d5d615c9ef9ea3aebc6e4a9"}, 0x10001) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f0000000500)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) openat$proc_self_core(0xffffffffffffff9c, &(0x7f0000000540)='/proc/self/core\x00', 0x10, 0x1, 0x0) openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000580)='/dev/stdout\x00', 0xc, 0x3, 0x0) openat$net_iproute(0xffffffffffffff9c, &(0x7f00000005c0)='/net/iproute\x00', 0xd, 0x3, 0x0) openat$net_ipselftab(0xffffffffffffff9c, &(0x7f0000000600)='/net/ipselftab\x00', 0xf, 0x1, 0x0) openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000640)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000680)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f00000006c0)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) openat$prof_kpctl(0xffffffffffffff9c, &(0x7f0000000700)='/prof/kpctl\x00', 0xc, 0x3, 0x0) 18:49:24 executing program 2: r0 = openat$proc_self_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/mem\x00', 0xf, 0x1, 0x0) r1 = openat$net_udp_0_listen(0xffffffffffffff9c, &(0x7f0000000040)='/net/udp/0/listen\x00', 0x12, 0x3, 0x0) r2 = proc_create(&(0x7f0000000080)='./file0\x00', 0x8, &(0x7f00000000c0)='/net/udp/0/listen\x00', 0x12, 0x0) dup_fds_to(r2, &(0x7f0000000100)=[{r1}, {r0}, {r0}, {r1}], 0x4) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppid\x00', 0xa, 0x1, 0x0) r3 = openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000180)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) r4 = openat$prof_kptrace(0xffffffffffffff9c, &(0x7f00000001c0)='/prof/kptrace\x00', 0xe, 0x3, 0x0) abort_sysc_fd(r4) r5 = openat$net_ipifc_clone(0xffffffffffffff9c, &(0x7f0000000200)='/net/ipifc/clone\x00', 0x11, 0x3, 0x0) dup_fds_to(r2, &(0x7f0000000240)=[{r1}, {r3}], 0x2) llseek(r3, 0x5, 0x79, &(0x7f0000000280), 0x3) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f00000002c0)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) chdir(r2, &(0x7f0000000300)='./file0\x00', 0x8) openat$net_udp_stats(0xffffffffffffff9c, &(0x7f0000000340)='/net/udp/stats\x00', 0xf, 0x1, 0x0) openat$proc_self_proc(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/proc\x00', 0x10, 0x1, 0x0) openat$net_udp_0_data(0xffffffffffffff9c, &(0x7f00000003c0)='/net/udp/0/data\x00', 0x10, 0x3, 0x0) openat$dev_user(0xffffffffffffff9c, &(0x7f0000000400)='/dev/user\x00', 0xa, 0x3, 0x0) openat$proc_self_note(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/note\x00', 0x10, 0x1, 0x0) r6 = openat$net_ndb(0xffffffffffffff9c, &(0x7f0000000480)='/net/ndb\x00', 0x9, 0x3, 0x0) proc_create(&(0x7f00000004c0)='./file0\x00', 0x8, &(0x7f0000000500)='-\x00', 0x2, 0x1) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000580)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) fcntl$F_SYNC(r6, 0x65) openat$prof_kpdata(0xffffffffffffff9c, &(0x7f00000005c0)='/prof/kpdata\x00', 0xd, 0x3, 0x0) write(r5, &(0x7f0000000600)="b07473462add1de8729948b5918283c31384c0e8ebc45c861b34dd2bba0d96bdcdca51f15180d49ba2f47a8816a6c100de4158e3bba5025539cca32397a7eb5149eb72b6b11ca6d9a9de64f159aa9035b7eccb3dcf110bb744cefb70cbc693f34b9de664cca31e1a17ba3f5d3b87e7d738b4a2bf2d8007d1d8b926c95cb2bcfb77f09f705050234ad492ae239f6845c78dc56e3b6c6fc6a3328708ada2cbe232925d5b489c153cb0a6a063abdf3bd2bfc4d266910928342d0ea6b6144b4bb8690e3d58b63d048e1fbd0dc5dfa49c60879afd1c08015181d0b92e296a5e4e23764bb4e4eefd2e42a98502e984d4306500fb4e0f1aa72fe43ab6c221ca4b91cfc8bf56b68faadbffea0842f8cadee9d2da20e41f2faaf7fad65f1d7ceecd813948f2e9a56d964d880b525a651bd475aaf6dafe503ffa7957370c45438019e8250865b4e9a84ce8e99385f643663b9e15c359faa6d89d7fb8fdf503d143a295b9da083a14e46268d10fc3ad82336b4275ba0c687674e6f49fececac8910b384de273ca784ab74d5609fa87b4c998e45539b8fe802922f0c6680dd6af12ad927595effe1882ea69a482bef557dc6a91753571619632ee8fa042fd4e27794e1b981049c6e4c18253fa2e075a0bd42de72bd44d4ab6e6080fc6ef20cae2698c583fa6da73fbb2e5ec8878d2cb23a9b196a7308740a6e24e56514edea30d927891491ad2e33ee60ac0e7136bcc8558aa6fc9f65b734d056103646ab2fac0d99a9387eff06745fee17cdc784e275ef932401826ce43ac2f79c79f996532b699d67221c9194e690358e6e296f5d3160637133b30497ff1d1bd0c877ed9c5e2bc92e8fd8c638cc41d0b6bb672a963eb862c62659cc5fc823ffa9beefec44a0d93d4001ff42855d5ac8f5ba9041e167359fb77584bd69958a4050762b9a6c4c9ee3407a969c87029fb4afd6e50f5f425c4bd4695c114bca1f573fb1518cf9eac5488c3c0a9ef4fd7e2fd207151be91440b31bc991bab93e2d79982c117a999b6a1af59b6d3534741bbeb0a3474385bbd1c6010a4b8833157a279d246cba143460dc67fc9d0666cf520a3a2116ba8d4edbb8635bd4567f94c4f889e13c80dd72dca0d55e65aea310eb0e5b9e5503b8f48bb13609c019fc237d6040999e81b20bdf4ee24877cd21c929bf26df237e983caf3ecdcd2318e0a400376572a8e0327ffcacf541fc725a4d8fc7f6cfb27f30952809b2006af9aa57fbebc8b092c748122d86e4006e4bb50436ba4c31c94247a9bbadb2ebf8da41d59d54414cf19c8724e74e87dd7dea71523ed7283a09b090afb2da81563ef0972dda3d3367d3db123185fee08d44644c5faf81bf11c1153a7c1d308b02f717076a72642471f401c87325f337faf0ce623de9a24ff9cbb9f5e534f85f4836fd1e37064bcb172424ad76e5abed5a694a6abb4420c1e6505b0f91fa09f4ba53b420c9fd3b053e51eb9d05e2bd72e46070c4cbace9372cc1b1219ab4bb1393a3395911706b0bc99162b2df8c513531766858b751db29c726cb34eda7f9b95651ecd88fee0f253acc0eae716439535f7a524bce05ad46d7a865a98709a2a895a7b3a62ba49ffe3d7ae22c3d2fd24231ff716e0a4613b99034743c37a65187666c538678fcd33445c81d6eb14623cfcf7d8cc0d10a2bc26bbc4fcee78858813be114e98f6e0e9f9f28a60fbb78e16a591c76bcd8fe91f89b926919cb944c243959a42d6f5e5840affe05b613ba5e328a457c756132671eb5b3d568fd12dc69bbb75a63ed7e3a187a93370594c97573f6e4beffbeecb621b026846609c1b915496cb415891284d213734a45d4da8746ff5947b19ff9d0431b5a3b00deb8fe86039f19aff145451649a65b4d8cb4a95680c9d8ae75d0210f520c161d84a58e5b80baaa7ed3dfef0095813aff94c90ef5565cb7bb2a9a28313cf55a5c8a2ac79527b5fae610c78f8e835885d78528df000e434ac39139ff3e544133d6b7ef66db024afc94eb6a86ac5711e7801c86889aff348e1daf3822b257c4605a1eef14f0f3e85e31c109709e6b4beececa947d9a7ead3c62795764de521f583c38c52be2d453c7ceb8c3c7418a63da7c4651784c93850fa86429ab8a09f145af71c06d4a2a65865112b574b410523afa504b9ab9e6a529ada1c4a675222b24e7b86f4acbb1e67becdafb1f1df58b39b5ec08a2475aaeb814c40bd2959329adc7630565893e1660b223031e41371d22ae26d2eff877d101579993943fe1029c41828414f28d7de80fb4c19b383477ba8d032f93e9c5cb2465c2f4a1d650f191ccfa9dbec9480b7d81b966a0668228935f3f479cacf69879c693fafebb503579208b413b73a4489d5c34fd44c9cfb7f31363092497526aa3b3e6c6944ed22345d428153fdeebeb0d1e0bbe5d5d7f6672d2be5743736b45342d366e4f4747d0f476d76d3c1241315467061856a258344b966b0a075ce246c1d214cb7d5876ffa0122298d9dfb9e70b87a4375df153275ff6f6958f3cc8b726575c3e78df705f212282a9cdd69bfb8fb81bb063469ec83ae05f99d9a4e828a354ea6bf4bbb05fa50449382ddca0fedb28731d4b819399dfc081c137f0ceba8cc1e48b22d4f40c8620c1023babafd235eed5d4ac0ed21908300af7f80ad74b7da6fb6be34c5fb8dec44fbc45dc5579e0ad7846c6b4499b3765a682e4bd228fbd1c7b89a9bcc1bd2872183ecea04b10486b0bd9104761ab8205d43598bb3c7cf6122d550c97d6e6d478b8f165a551fce97692d6c72acf0d22da9e360a963ba3a738b834ef9a53dac3fdfd86ed6b28652b44f4c6fdd29fcca77a9eb76e4b558cf5e6a00657aae38c0a0386d1e60aa6dedbac3c9b78d56a5e80bc99ab33d8144705bbbfc7e9b5b5b4817de60a86832526e8e760cddce32b5f2eebb6ff434b84d75d080f808eb565f60473a58a7caef7b0f65c18b2ad7f1e8bdbeb56c284c162b0a63f511ea85573d8495180ee0c6255550c9e77593f32262e06d66b5bbc2251d87fd6b37c4ace3af700c0a055c2a9f0523758a21b88d8d7986ecaccf1049f8a0e8ea5b84adc5adef7629a6b0c0c22d48341e1209acbe0d9e46c4e45083646724d68e1ff9f18f24afded048ae8282539258cabd3c88d400e9074d8a74bda2a707661ab6a33ac171b60d91d775d0053a1b924619e599a72c2e63903459a32e403a12bbf3ff3814d0719ed33bcda2a1293f2e829e3e5d02761d79f6d0caa6938754a92c173d1e94af8af33a8d1d88a1ec42165107a1d24691b288640d5297df1c859541f56b01423b31fd50659f312857dd83e63216522e6e9b08d707dace65ef5b8820b28950a237fbe9dfe8430a13ea96e384b76af0ffb7cd2cf40e6102bd4197bac69ddef38b0924750887f3932581de1919a8617c2e89774d7605979f9abd294a722c497d639377c9db703facea49d663601c304cc6ff4bdb7e35ca3fcdbdd6045266c426ebfed60042d5180b3e618a73c3eb6abaeea0b522ef8fb82f3ff71b7cb8716b614edf9ec54c395ec282fa45123daf231e8f6b352c67fa05c1a22e25fd6a0eb47155c30eb595141133a7ef44c0c37984f3be3f98a1fc2695496678e8905157ef07ca60e364f585f7150bb355ec024983afbb9571b89d2dfdc6fc6c26b591e4469b87843df2584c6c394a657f49e48e55482b4f05b9a74bdc73e681172bfdf6a79100573f4b4134264b78d3cd065bfa6a06a7482ff7a36aab708b585ae29f8126064c5affe50b54a6c9350fb02630d36b9d2630fc0330788c385b6307aeaa11b15cc28df9ce87dead528f15bc8f0bfd57116f4c41268f47988bb305544a6881f6b593f483e0e38d169055230e9ffbc80ac7594edf3366f890ea305bf977eefba007ae8e20c13ce4dbe2ce451a90f6ea39f8fec8567b721b5998cb23e32f7dc24ce8cc7ed15ed328cac7eefa62440f63ab628ef409c3a9e59775aaccb5c2e0bd7b04285e1e78eaaab917acf8c1a34d9de0c318a37820ef6a4399cc131970a2b584452171a3139012fdf2f1180e6ccf777dfdb7b5f7de26a1ef9a7984783b4dd3b67a18acedd8e564fe8d9d15bfa9ca3c43aa072dd1262c0beac9d2cd7cf91d99090eb6324b5a74c0f34d6ccd7eabfa31637ca80ed363e26dec85e5caa4f21b9bd4add8683e5c68cfa9a48028f6fde0b073dfcb6d96c0d652ad1341daaded41854df9595b36211ec241bc6649e8d8f1d372f67d512177ef449fd3d1ecddd52dcacb85c08dc3e7cb6a9bb67c0e6503204067de8125db96c6d48466afe78f9ccd30579d8c669231eba1b843e29197433bae0f03e8084a5f94ad588885c50eb4bad38a875164f44c98c1f0d5e7253079ae4b7859b4dd80fdf8a2d9e90ec8658a24a90f3f92a778b45a3e3cc6940135571fc5d413b056ae1b0d95e4a0212705687b73f8d3c0b67b8cf237e58779ce454ba4c2d774a9b14eea0f8aae550675b600f1b9441e1aea92c6bc1320f67d28a98f32a138b49437eae8786287efb98383009040dceb00e5f13ba05e9726eb5504897060d40ffcde21e5a845339025a744e4e488418436fab8d804fcae15f71ed0f9d7bb9bf5417952d98bba42dd14b13c885a27e9cf416d363ccc861dd4d382031ea88967e1c6cc91046047a2e71973bd0f24e1ad3a5c7af463657437037c6c768b8a1441b6e9cd9d1179842d7b4936dbffd5325393087bf93decbb3dbdbb8454fa8cb59ae3d630986b4529bc2131d0ad1f755e4326e7d59ebdd2c495a82e29595c645e91fe07f912eadfb3c6f7fa8730a3295cbe908291b57133c86dc39a837b14cc16e687d7ca8a156299bd80542f9126091fd6ffd2b82a3984b8924b4dd828f3aee27c5cb1831b8220ffbcfd0996994c44c6e66a36374b8b0b765588f7b7f042880e3e9490f8c417dd8fe910ab6380526d36dafcbceab7174a96c2d0a5d5411f21383258a20820d4e3efb670d37407fe92d0ba42278cd3c7aa8ef7af9a836d26b9bda481ce24d1289ab91bf39f78742eaa8d37305a051909c409fc330000619dcf98c168a7e34bcac6028778ee1a49c810c81dab121feeabe3cb4083c5320fddc34828d0f429e3d8727c8f1f9a896982c5484b6b61aa2863d5d0d0282f96e3dd6fed2cd44cc37c6582672b358fadb6269cbbfc1e649a3b0e8c87f7a99981da6c412860a6a8dcf14a2e9c50f398994835e856ae47eccc1712e7537f94b594a94f6181798bdd53a612ec5e91a113b3524dacae121ef43a4765b06db650fe3efdb91218daa6b0d4425910e01676a00d106bc680e20f5b0c75c65fc31752dee0bf251534ab84bdfbc4b691f8ebd9566be642c865464d4344dedcf814e633997cf34a9fcb954e7a12754c3a327eb1232d93fd6786a8a577cf50817731dff758a401f49f8e9d341e7beac14f079a21da54f55626111d085350cb40b764188e87cf141173accd5f1464f97a5626985544f1ba69f5ad077a4e3a56b06e90516291ada8021c3d3a1227f2ae88ab78b7f99bdca608bf1d17895f3126d1d9b96aa7920639304ade72e5ec01aba482aa0340e06581af9ea4cb6912920addf56c4a0c77fd93c4eb833a747885375c3c9384a16552b41e9db4a861617c1188d771f6cfca7d1fc6ac3eac1a18071517198765a0d82ee21715c0b96d38765586218eb3b10a2b11ec72ad18b9c9d521d8500d537b826006b844fc347e3cd835497f344439a17f5f852534b207c05ec6ffccb501efca32c948018635cb75c59d70c29fbb666913602c0ba62b399e3bd73e1150428b6ad8f66f3", 0x1000) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000001600)='/proc/self/status\x00', 0x12, 0x1, 0x0) openat$dev_time(0xffffffffffffff9c, &(0x7f0000001640)='/dev/time\x00', 0xa, 0x3, 0x0) r7 = openat$proc_self_vmstatus(0xffffffffffffff9c, &(0x7f0000001680)='/proc/self/vmstatus\x00', 0x14, 0x1, 0x0) fstat(r7, &(0x7f00000016c0)) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000001740)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) 18:49:24 executing program 6: r0 = proc_create(&(0x7f0000000000)='./file0\x00', 0x8, &(0x7f0000000040)='\x00', 0x1, 0x1) waitpid(r0, &(0x7f0000000080), 0x2) notify(r0, 0x3f, &(0x7f0000000180)={0x3f, 0x80000000, 0x7, &(0x7f00000000c0)="121bd905586816ed8a97d3de8c800a2416279399c9bf47e42accef016476fe176a487a1cc6fde5fcda6faac10e5a2fec39404574a726659f4887604482ab66e4ccaba8b3d3b37a49626b98e2ff15c14fbea3f5da8ae4a9c88643c1dc964bbeff1bd4c6bc1f44558f89e2d7a45504c6e53cca800512496b0bda60bd29dfac19755b3899597c75e6e10348169533f9a25b56c33abf3c9951f325dd95d0fbe6b428bd5bf7d91634e78e023e62a6085a8230cdbcfae622d2f7a81a9a769a", 0x2}) r1 = openat$net_iprouter(0xffffffffffffff9c, &(0x7f00000001c0)='/net/iprouter\x00', 0xe, 0x3, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) lstat(&(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000280)) r2 = openat$net_udp_stats(0xffffffffffffff9c, &(0x7f0000000300)='/net/udp/stats\x00', 0xf, 0x1, 0x0) fcntl$F_SETFL(r1, 0x4, 0x800) lstat(&(0x7f0000000340)='./file0\x00', 0x8, &(0x7f0000000380)) openat$net_tcp_stats(0xffffffffffffff9c, &(0x7f0000000400)='/net/tcp/stats\x00', 0xf, 0x1, 0x0) proc_create(&(0x7f0000000440)='./file0\x00', 0x8, &(0x7f0000000480)='{-\x00', 0x3, 0x1) rmdir(&(0x7f00000004c0)='./file0\x00', 0x8) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000500)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000540)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$net_ipifc_clone(0xffffffffffffff9c, &(0x7f0000000580)='/net/ipifc/clone\x00', 0x11, 0x3, 0x0) proc_create(&(0x7f00000005c0)='./file0\x00', 0x8, &(0x7f0000000600)='#\x00', 0x2, 0x1) openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000640)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) fcntl$F_SETFD(r2, 0x2, 0x1) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000680)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$dev_sysstat(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/sysstat\x00', 0xd, 0x3, 0x0) openat$net_empty(0xffffffffffffff9c, &(0x7f0000000700)='/net/.empty\x00', 0xc, 0x3, 0x0) r3 = openat$net_icmpv6_stats(0xffffffffffffff9c, &(0x7f0000000740)='/net/icmpv6/stats\x00', 0x12, 0x1, 0x0) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000780)='/prof/kptrace\x00', 0xe, 0x3, 0x0) fstat(r3, &(0x7f00000007c0)) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000840)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) openat$proc_self_maps(0xffffffffffffff9c, &(0x7f0000000880)='/proc/self/maps\x00', 0x10, 0x1, 0x0) openat$net_tcp_0_local(0xffffffffffffff9c, &(0x7f00000008c0)='/net/tcp/0/local\x00', 0x11, 0x1, 0x0) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f0000000900)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000940)='/proc/self/status\x00', 0x12, 0x1, 0x0) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000980)='/dev/caphash\x00', 0xd, 0x3, 0x0) 18:49:24 executing program 7: r0 = openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) close(r0) close(r0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000000, 0x10010, r0, 0x4) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) tcgetattr(r0, &(0x7f0000000080)) openat$net_iproute(0xffffffffffffff9c, &(0x7f00000000c0)='/net/iproute\x00', 0xd, 0x3, 0x0) getpcoreid() openat$net_ether0_2_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/net/ether0/2/ctl\x00', 0x12, 0x3, 0x0) openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000140)='/prof/.empty\x00', 0xd, 0x3, 0x0) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000180)='/dev/.empty\x00', 0xc, 0x3, 0x0) openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/user\x00', 0x10, 0x1, 0x0) openat$prof_kprintx(0xffffffffffffff9c, &(0x7f0000000240)='/prof/kprintx\x00', 0xe, 0x3, 0x0) openat$proc_self_proc(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/proc\x00', 0x10, 0x1, 0x0) openat$net_arp(0xffffffffffffff9c, &(0x7f00000002c0)='/net/arp\x00', 0x9, 0x3, 0x0) r1 = openat$dev_stderr(0xffffffffffffff9c, &(0x7f0000000300)='/dev/stderr\x00', 0xc, 0x3, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) close(r1) openat$dev_bintime(0xffffffffffffff9c, &(0x7f0000000380)='/dev/bintime\x00', 0xd, 0x3, 0x0) openat$dev_cputime(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/cputime\x00', 0xd, 0x1, 0x0) openat$dev_random(0xffffffffffffff9c, &(0x7f0000000400)='/dev/random\x00', 0xc, 0x1, 0x0) rename(&(0x7f0000000440)='./file0\x00', 0x8, &(0x7f0000000480)='./file0\x00', 0x8) stat(&(0x7f00000004c0)='./file0\x00', 0x8, &(0x7f0000000500)) openat$dev_capuse(0xffffffffffffff9c, &(0x7f0000000580)='/dev/capuse\x00', 0xc, 0x3, 0x0) openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f00000005c0)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) openat$proc_self_ctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/ctl\x00', 0xf, 0x3, 0x0) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f0000000640)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) openat$proc_self_wait(0xffffffffffffff9c, &(0x7f0000000680)='/proc/self/wait\x00', 0x10, 0x1, 0x0) openat$dev_klog(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/klog\x00', 0xa, 0x1, 0x0) 18:49:24 executing program 5: r0 = openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) fcntl$F_SETFL(r0, 0x4, 0x8000) r1 = openat$dev_pid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pid\x00', 0x9, 0x1, 0x0) fcntl$F_SYNC(r1, 0x65) r2 = openat$net_arp(0xffffffffffffff9c, &(0x7f0000000080)='/net/arp\x00', 0x9, 0x3, 0x0) r3 = openat$dev_osversion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/osversion\x00', 0xf, 0x1, 0x0) r4 = openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000100)='/dev/killkid\x00', 0xd, 0x3, 0x0) r5 = proc_create(&(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000180)='/dev/pid\x00', 0x9, 0x1) fchdir(r5, r3) tap_fds(&(0x7f0000000280)=[{r4, 0x3, 0x200, 0x3, &(0x7f0000000240)={&(0x7f00000001c0)="eea0b84b54ce0b09138ccf86031e37f71de95b822921d19d502ec50f31535751e5140beed5a0cf9be8649d08a507b1eb2d6827db251a14b73d88e2313663c0d5a42b8e40ead910c1e74115f61d96c3ac", 0x2fd58000, 0x1, 0x0, 0x4, 0xc6}}], 0x1) openat$net_tcp_0_err(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/0/err\x00', 0xf, 0x3, 0x0) fchdir(r5, r4) r6 = openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000300)='/dev/caphash\x00', 0xd, 0x3, 0x0) r7 = openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000340)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) openat$dev_sdctl(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sdctl\x00', 0xb, 0x3, 0x0) r8 = openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f00000003c0)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000400)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000440)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) r9 = openat(r6, &(0x7f0000000480)='./file0\x00', 0x8, 0x9003, 0x4) openat$net_icmp_stats(0xffffffffffffff9c, &(0x7f00000004c0)='/net/icmp/stats\x00', 0x10, 0x1, 0x0) openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000500)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000540)='/dev/drivers\x00', 0xd, 0x1, 0x0) r10 = openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000580)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) openat$net_ipifc_1_data(0xffffffffffffff9c, &(0x7f00000005c0)='/net/ipifc/1/data\x00', 0x12, 0x3, 0x0) tap_fds(&(0x7f0000000b40)=[{r9, 0x2, 0x80, 0x9, &(0x7f0000000680)={&(0x7f0000000600)="2c54a2779b8509cdff0738b3d0995aa9713a3e5d2a50f9242fe5df0c78eb7c10da5668491a158fe26d6ec29a3c65594ffc1e691cf47972a3d841311d92088b73334644db1d217d4bce9fa329ada7b1b1", 0x2, 0x0, 0x800, 0x3, 0x401}}, {r3, 0x3, 0x40, 0xa531, &(0x7f0000000740)={&(0x7f00000006c0)="44208e05b985b7e25e562afff8e766cab54afbc8b9f4fb8f3632ee1df38204aac066755251721527da38bac153df1f1dc520f6d941192949b64326f277f4d0c8b575372d4af7e9c2aa79898e600f6ae9", 0xfffffffffffffffa, 0x0, 0xf0, 0x1, 0x1}}, {r2, 0x3, 0x14, 0x0, &(0x7f0000000800)={&(0x7f0000000780)="ddc8e00df3f5849cc5482b2b0609c4e53d99161a386e7b6cccb10b1b8d8dd1acbd67aad2437fbcdb2436ea162befdd1632413ef2b27e097839177495b3021e6a90e7113d21e98023e3a97a8b51af62b7", 0x476, 0x1, 0x100, 0x0, 0x2}}, {r8, 0x1, 0x125, 0x5, &(0x7f00000008c0)={&(0x7f0000000840)="e3731d3586132b971946553ee57d8d221ce142e9f4d61b9819e7b90ac089894002088df3806136113ab6101ecde1eaa5efbb06fb43e034ad17c9fb5a7f1a04fc97a28210b28f85f8158c0de0e0403d35", 0x6, 0x1, 0x80, 0x1, 0x4652}}, {r9, 0x0, 0x62, 0x8787, &(0x7f0000000980)={&(0x7f0000000900)="1353eb29166e5e0c1fdc6e45f753f10974a84f87c652435fb09e171442cb932eb106f1d15882b367bb3a47b4d39ecfd9744f2b3af165b49db365b367e8593a23c6ecc5943f78da0c0dbbae50374bf226", 0x9, 0x0, 0x0, 0x6, 0x80}}, {r10, 0x3, 0x0, 0x4, &(0x7f0000000a40)={&(0x7f00000009c0)="1f68d44a316ee6507bcbee48b8979224dd89a63bc9ce936add4c4266c4217ac794ae45e5f338610486fe9893a2e6390e19d60f09476122853331e9baa057b6b4433310d76180d4c73040943f7dcd6f6b", 0x9, 0x1, 0x5, 0x3, 0x3}}, {r7, 0x1, 0x9, 0x40, &(0x7f0000000b00)={&(0x7f0000000a80)="84116a8c9f540b709d155099e3d366fd1695a2a0fcbe1c8ac540d8dd0b97a1c1ae382f6af04769580fef370049f2487db4c0b560bc936edd05b13b249749a4eace27c4f7d15e6fc3eff93b74aa65169c", 0x8, 0x1, 0x5, 0x7, 0x7fff}}], 0x7) openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f0000000c40)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) mprotect(&(0x7f00009fe000/0x600000)=nil, 0x600000, 0x0) openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000c80)='/net/iproute\x00', 0xd, 0x3, 0x0) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000cc0)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000d00)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) 18:49:24 executing program 4: umask(0x1000) r0 = openat$net_udp_0_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/udp/0/data\x00', 0x10, 0x3, 0x0) fcntl$F_SETFD(r0, 0x2, 0x1) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000100)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) r1 = openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f0000000140)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0xd, 0x1, 0x0) syz_execute_func(&(0x7f00000001c0)="c441f92e250100000044aada1e660f69cc8f4930014f00c4a259ae2c43f7eb660fc6cafe416d47638203000000") r2 = openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f0000000200)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) lstat(&(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000280)) openat$dev_swap(0xffffffffffffff9c, &(0x7f0000000300)='/dev/swap\x00', 0xa, 0x3, 0x0) r3 = openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f0000000340)='/net/tcp/0/listen\x00', 0x12, 0x3, 0x0) r4 = openat$dev_stdin(0xffffffffffffff9c, &(0x7f0000000380)='/dev/stdin\x00', 0xb, 0x3, 0x0) openat$proc_self_ns(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/ns\x00', 0xe, 0x1, 0x0) read(r1, &(0x7f0000000400)=""/52, 0x34) openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000440)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) openat$proc_self_ns(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/ns\x00', 0xe, 0x1, 0x0) vmm_ctl$VMM_CTL_GET_EXITS(0x1) fcntl$F_GETFD(r2, 0x1) openat$net_log(0xffffffffffffff9c, &(0x7f00000004c0)='/net/log\x00', 0x9, 0x3, 0x0) r5 = fcntl$F_DUPFD(r3, 0x0, r4, 0x0) fcntl$F_DUPFD(r5, 0x0, r5, 0x1) lstat(&(0x7f0000000500)='./file0\x00', 0x8, &(0x7f0000000540)) symlink(&(0x7f00000005c0)='./file0\x00', 0x8, &(0x7f0000000600)='./file0\x00', 0x8) openat$net_ether0_0_ifstats(0xffffffffffffff9c, &(0x7f0000000640)='/net/ether0/0/ifstats\x00', 0x16, 0x1, 0x0) nmount(r2, &(0x7f0000000680)='./file0\x00', 0x8, 0x2) openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f00000006c0)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) fcntl$F_GETFD(r3, 0x1) 18:49:26 executing program 0: openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000000)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/status\x00', 0x12, 0x1, 0x0) lstat(&(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000100)) openat$prof_kpctl(0xffffffffffffff9c, &(0x7f00000001c0)='/prof/kpctl\x00', 0xc, 0x3, 0x0) openat$net_tcp_1_err(0xffffffffffffff9c, &(0x7f0000000200)='/net/tcp/1/err\x00', 0xf, 0x3, 0x0) openat$proc_self_args(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/args\x00', 0x10, 0x3, 0x0) r0 = openat$net_ether0_1_stats(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/1/stats\x00', 0x14, 0x1, 0x0) close(r0) 18:49:26 executing program 0: r0 = openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) fcntl$F_SETFL(r0, 0x4, 0x80000) r1 = openat$prof_kprintx(0xffffffffffffff9c, &(0x7f0000000080)='/prof/kprintx\x00', 0xe, 0x3, 0x0) openat$dev_klog(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/klog\x00', 0xa, 0x1, 0x0) openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_snoop(0xffffffffffffff9c, &(0x7f0000000140)='/net/ipifc/1/snoop\x00', 0x13, 0x1, 0x0) openat$proc_self_fd(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fd\x00', 0xe, 0x1, 0x0) openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000200)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) nmount(r1, &(0x7f0000000240)='./file0\x00', 0x8, 0x10) openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f0000000280)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000300)='/dev/caphash\x00', 0xd, 0x3, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$proc_self_wait(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/wait\x00', 0x10, 0x1, 0x0) openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f00000003c0)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000400)='/dev/caphash\x00', 0xd, 0x3, 0x0) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000440)='/dev/killkid\x00', 0xd, 0x3, 0x0) openat$proc_self_core(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/core\x00', 0x10, 0x1, 0x0) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f00000004c0)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$dev_sysname(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sysname\x00', 0xd, 0x3, 0x0) openat$dev_sysname(0xffffffffffffff9c, &(0x7f0000000580)='/dev/sysname\x00', 0xd, 0x3, 0x0) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f00000005c0)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f0000000600)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000640)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f0000000680)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f00000006c0)='/net/tcp/1/status\x00', 0x12, 0x1, 0x0) openat$proc_self_note(0xffffffffffffff9c, &(0x7f0000000700)='/proc/self/note\x00', 0x10, 0x1, 0x0) 18:49:26 executing program 0: openat$net_ipifc_0_local(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/0/local\x00', 0x13, 0x1, 0x0) r0 = openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f0000000080)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) tcgetattr(r0, &(0x7f00000000c0)) 18:49:26 executing program 0: r0 = openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000040)='/prof/kptrace\x00', 0xe, 0x3, 0x0) openat$proc_self_fd(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fd\x00', 0xe, 0x1, 0x0) openat$proc_self_proc(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/proc\x00', 0x10, 0x1, 0x0) fcntl$F_SETFL(r0, 0x4, 0x80800) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) r1 = openat$dev_kprint(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kprint\x00', 0xc, 0x1, 0x0) r2 = openat$prof_kprintx(0xffffffffffffff9c, &(0x7f0000000180)='/prof/kprintx\x00', 0xe, 0x3, 0x0) fcntl$F_GETFD(r1, 0x1) close(r2) openat$dev_config(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/config\x00', 0xc, 0x1, 0x0) openat$dev_sdctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sdctl\x00', 0xb, 0x3, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f0000000280)='/dev/zero\x00', 0xa, 0x1, 0x0) openat$net_ipifc_1_local(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ipifc/1/local\x00', 0x13, 0x1, 0x0) openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000300)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) r3 = openat$dev_klog(0xffffffffffffff9c, &(0x7f0000000340)='/dev/klog\x00', 0xa, 0x1, 0x0) openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000380)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f00000003c0)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) openat$dev_osversion(0xffffffffffffff9c, &(0x7f0000000400)='/dev/osversion\x00', 0xf, 0x1, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000440)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$dev_kprint(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kprint\x00', 0xc, 0x1, 0x0) read(r3, &(0x7f00000004c0)=""/56, 0x38) openat$net_icmpv6_clone(0xffffffffffffff9c, &(0x7f0000000500)='/net/icmpv6/clone\x00', 0x12, 0x3, 0x0) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f0000000540)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000580)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) openat$dev_user(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/user\x00', 0xa, 0x3, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000600)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) openat$net_tcp_1_err(0xffffffffffffff9c, &(0x7f0000000640)='/net/tcp/1/err\x00', 0xf, 0x3, 0x0) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000680)='/dev/caphash\x00', 0xd, 0x3, 0x0) 18:49:26 executing program 0: openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f0000000040)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000000)='/net/iproute\x00', 0x368, 0x3, 0x0) 18:49:26 executing program 0: access(&(0x7f0000000000)='./file0\x00', 0x8, 0x65) access(&(0x7f0000000040)='./file0\x00', 0x8, 0x18a) openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000080)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) nbind(&(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000100)='./file0\x00', 0x8, 0x1) mkdir(&(0x7f0000000140)='./file0\x00', 0x8, 0x20) nbind(&(0x7f0000000180)='./file0\x00', 0x8, &(0x7f00000001c0)='./file0\x00', 0x8, 0x0) pop_ctx(&(0x7f0000000200)="222490e9a81d5b3c8483b9f1916e99f3a3534426fcee572c6b73e13a4f687aa3fd32c2c4b2987eded6299ec4d0530a93d28ccb4e5fec60379031e226acc5ab7c244846f8cba5c1321c13ec4561e714fc1b0bbda9e7ce4cd229421a18d3521ed4aa29df707f0da494cd7ba0722faa80142b5f08f2634dd405c9ee85afa2258748e77918af56a65be2459b857586f3d7b1ad0285183a598ebfbdd3668834f445d4c7999ebf64e9cc899ca32820c2b387d4995c9410c9e1c5d81c6b8935a61146983dad3e0e3cef83970e9f03100801168427ab968c99cfd79f") wstat(&(0x7f0000000300)='./file0\x00', 0x8, &(0x7f0000000340)=""/235, 0xeb, 0x0) access(&(0x7f0000000440)='./file0\x00', 0x8, 0x1) openat$net_tcp_0_err(0xffffffffffffff9c, &(0x7f0000000480)='/net/tcp/0/err\x00', 0xf, 0x3, 0x0) access(&(0x7f00000004c0)='./file0\x00', 0x8, 0x104) openat$net_tcp_stats(0xffffffffffffff9c, &(0x7f0000000500)='/net/tcp/stats\x00', 0xf, 0x1, 0x0) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f0000000540)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) openat$net_tcp_2_status(0xffffffffffffff9c, &(0x7f0000000580)='/net/tcp/2/status\x00', 0x12, 0x1, 0x0) stat(&(0x7f00000005c0)='./file0\x00', 0x8, &(0x7f0000000600)) openat$proc_self_maps(0xffffffffffffff9c, &(0x7f0000000680)='/proc/self/maps\x00', 0x10, 0x1, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000700)='/dev/sysctl\x00', 0xc, 0x3, 0x0) mkdir(&(0x7f0000000740)='./file0\x00', 0x8, 0x20) access(&(0x7f0000000780)='./file0\x00', 0x8, 0x31) wstat(&(0x7f00000007c0)='./file0\x00', 0x8, &(0x7f0000000800)=""/37, 0x25, 0x0) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f0000000840)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) openat$net_ipifc_1_remote(0xffffffffffffff9c, &(0x7f0000000880)='/net/ipifc/1/remote\x00', 0x14, 0x1, 0x0) openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f00000008c0)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f0000000900)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000940)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) exec(&(0x7f0000000980)='./file0\x00', 0x8, &(0x7f00000009c0)='\x00', 0x1) access(&(0x7f0000000a00)='./file0\x00', 0x8, 0x80) openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f0000000a40)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) nbind(&(0x7f0000000a80)='./file1\x00', 0x8, &(0x7f0000000ac0)='./file0\x00', 0x8, 0x0) bash-4.3$ Unhandled user trap in vcore context from VC 0 HW TRAP frame (partial) at 0xffffffffc8995e20 on core 1 rax 0x000000005a5a4e80 rbx 0x0000300000006e90 rcx 0x0000000000000150 rdx 0x000010000000a4c0 rbp 0x0000300000006e80 rsi 0x000010000000a5c0 rdi 0x000000005a5a4f80 18:49:27 executing program 1: openat$net_icmp_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/net/icmp/stats\x00', 0x10, 0x1, 0x0) r0 = openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/status\x00', 0x12, 0x1, 0x0) tcgetattr(r0, &(0x7f0000000040)) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/status\x00', 0x12, 0x1, 0x0) r8 0x000000005a5a5a5a r9 0x000000005a5a4e80 r10 0x0000000000000000 r11 0x0000000000000200 r12 0x000000000040feb0 r13 0x000010000000a4c0 r14 0x0000000000000004 r15 0x00007f7fffa01200 trap 0x0000000e Page Fault gsbs 0x0000000000000000 fsbs 0x0000000000000000 err 0x--------00000006 rip 0x000000000040fc96 cs 0x------------0023 flag 0x0000000000010202 rsp 0x0000300000006d80 ss 0x------------001b err 0x6 (for PFs: User 4, Wr 2, Rd 1), aux 0x000000005a5a4f80 Addr 0x000000000040fc96 is in syz-executor at offset 0x000000000000fc96 VM Regions for proc 48 NR: Range: Prot, Flags, File, Off 00: (0x0000000000400000 - 0x00000000004b5000): 0x00000005, 0x00000001, 0xffff800004895820, 0x0000000000000000 01: (0x00000000004b5000 - 0x00000000004b6000): 0x00000005, 0x00000002, 0xffff800004895820, 0x00000000000b5000 02: (0x00000000006b6000 - 0x00000000006b9000): 0x00000003, 0x00000002, 0xffff800004895820, 0x00000000000b6000 03: (0x00000000006b9000 - 0x00000000008e5000): 0x00000003, 0x00000002, 0x0000000000000000, 0x0000000000000000 04: (0x0000000020000000 - 0x0000000021000000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 05: (0x0000100000000000 - 0x0000100000024000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 06: (0x0000300000000000 - 0x0000300000001000): 0x00000003, 0x00000002, 0xffff800004895820, 0x0000000000000000 07: (0x0000300000001000 - 0x0000300000005000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 08: (0x0000300000005000 - 0x0000300000007000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 09: (0x0000300000007000 - 0x0000300000019000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 10: (0x0000300000019000 - 0x000030000003d000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 11: (0x00007f7fff8ff000 - 0x00007f7fff9ff000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 Backtrace of user context on Core 1: Offsets only matter for shared libraries #01 Addr 0x000000000040fc96 is in syz-executor at offset 0x000000000000fc96 #02 Addr 0x00000000004100be is in syz-executor at offset 0x00000000000100be #03 Addr 0x000000000041566d is in syz-executor at offset 0x000000000001566d #04 Addr 0x0000000000407f5b is in syz-executor at offset 0x0000000000007f5b 18:49:31 executing program 0: mkdir(&(0x7f0000000040)='./file2\x00', 0xfffffee7, 0xfffffffffffffffd) openat$net_tcp_0_err(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/0/err\x00', 0xffffffffffffffdf, 0x3, 0x0) openat$net_tcp_0_err(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/0/err\x00', 0x56d, 0x3, 0x0) nbind(&(0x7f0000000080)='./file2\x00', 0x6, &(0x7f00000000c0)='./file2\x00', 0xfffffffffffffee1, 0x2) #05 Addr 0x0000000000414ac0 is in syz-executor at offset 0x0000000000014ac0 18:49:31 executing program 0: openat$proc_self_note(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/note\x00', 0x10, 0x1, 0x0) r0 = openat$proc_self_core(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/core\x00', 0x10, 0x1, 0x0) openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000080)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) r1 = openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) r2 = openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000140)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_note(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/note\x00', 0x10, 0x1, 0x0) openat$proc_self_core(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/core\x00', 0x10, 0x1, 0x0) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000200)='/dev/.empty\x00', 0xc, 0x3, 0x0) openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000000240)='/dev/urandom\x00', 0xd, 0x1, 0x0) openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/net/ether0/1/ctl\x00', 0x12, 0x3, 0x0) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000300)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) r3 = openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f0000000380)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) r4 = openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f00000003c0)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) r5 = openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000400)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f0000000440)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ppid\x00', 0xa, 0x1, 0x0) openat$net_ipifc_1_ctl(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ipifc/1/ctl\x00', 0x11, 0x3, 0x0) openat$net_ipifc_1_remote(0xffffffffffffff9c, &(0x7f0000000500)='/net/ipifc/1/remote\x00', 0x14, 0x1, 0x0) tap_fds(&(0x7f0000000840)=[{r0, 0x2, 0x1, 0x1, &(0x7f00000005c0)={&(0x7f0000000540)="affd453d28ae700206e95c7a588f2d937d5c4e4f4410855c2efdb745c9d24118b8295fe43d178b0156f6a802c975ded9dc89ac1cd73b95d5c6efe26c941a95bef75f1ceeb98ae8ef79484c3f83c2cb57", 0x9, 0x0, 0x1, 0x4, 0x100000001}}, {r1, 0x3, 0x38, 0x6, &(0x7f0000000680)={&(0x7f0000000600)="02ae8ce48f379a09c3d3cef5233379fad14a19ef23bfd98a90772d04e1ebabece6c2733a02b886b8365aac9403e70820a68a26afae9d02234f99527b07f6ad577297ab5b51c988d26036fcced8eae2bd", 0x101, 0x1, 0x4, 0x7, 0x8}}, {r3, 0x0, 0x0, 0x7b, &(0x7f0000000740)={&(0x7f00000006c0)="1c0d59d4d924395a19e7114216b7e65ba0bc4fff86c21fa7a8d0ff04a5ced323ab49392aac1611a9ec775423f42227440274f7525731708cc07c63c3e1ee7d10f749bb0855cd93cf9faf0a61716f6973", 0x0, 0x1, 0x100, 0x9a4f, 0xfffffffffffff001}}, {r4, 0x1, 0x123, 0x4, &(0x7f0000000800)={&(0x7f0000000780)="3572826c7b3ba003d5653dafedd12bc594c176a1fc18b68392f91b2452dcd38ef6918d79b0e3fcc797cd71069352c715bc3a413cf6e46f526c0e7377dc21b3a93cd7a4c4e60af05931d95ff54bdb5510", 0x7, 0x0, 0x0, 0x2, 0x100000001}}], 0x4) fcntl$F_SYNC(r5, 0x65) openat$net_tcp_2_ctl(0xffffffffffffff9c, &(0x7f00000008c0)='/net/tcp/2/ctl\x00', 0xf, 0x3, 0x0) fcntl$F_SYNC(r2, 0x65) openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f0000000900)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f0000000940)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) openat$net_tcp_stats(0xffffffffffffff9c, &(0x7f0000000980)='/net/tcp/stats\x00', 0xf, 0x1, 0x0) openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f00000009c0)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f0000000a00)='/net/ipifc/0/status\x00', 0x14, 0x1, 0x0) #06 Addr 0x000000000040848a is in syz-executor at offset 0x000000000000848a #07 Addr 0x0000000000403e79 is in syz-executor at offset 0x0000000000003e79 #08 Addr 0x00000000004147ec is in syz-executor at offset 0x00000000000147ec #09 Addr 0x00000000004147f1 is in syz-executor at offset 0x00000000000147f1 18:49:31 executing program 1: r0 = openat$net_iprouter(0xffffffffffffff9c, &(0x7f0000000000)='/net/iprouter\x00', 0xe, 0x3, 0x0) fcntl$F_SETFD(r0, 0x2, 0x1) r1 = openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) r2 = proc_create(&(0x7f0000000080)='./file0\x00', 0x8, &(0x7f00000000c0)='/net/tcp/0/data\x00', 0x10, 0x0) fchdir(r2, r1) nbind(&(0x7f0000000100)='./file0\x00', 0x8, &(0x7f0000000140)='./file0\x00', 0x8, 0x1) mkdir(&(0x7f0000000180)='./file1\x00', 0x8, 0x2) r3 = openat$proc_self_wait(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/wait\x00', 0x10, 0x1, 0x0) openat$net_tcp_1_data(0xffffffffffffff9c, &(0x7f0000000200)='/net/tcp/1/data\x00', 0x10, 0x3, 0x0) r4 = openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000240)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) fchdir(r2, r3) proc_create(&(0x7f0000000280)='./file0\x00', 0x8, &(0x7f00000002c0)='/proc/self/wait\x00', 0x10, 0x1) openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000300)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kmesg\x00', 0xb, 0x1, 0x0) chdir(r2, &(0x7f0000000380)='./file2\x00', 0x8) mkdir(&(0x7f00000003c0)='./file1\x00', 0x8, 0x1) access(&(0x7f0000000400)='./file2\x00', 0x8, 0x0) openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000440)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) openat(r4, &(0x7f0000000480)='./file1\x00', 0x8, 0x0, 0x10) provision(r2, 0x0, 0xcf) openat$dev_null(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/null\x00', 0xa, 0x1, 0x0) openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000500)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) proc_create(&(0x7f0000000540)='./file0\x00', 0x8, &(0x7f0000000580)='/dev/kmesg\x00', 0xb, 0x0) lstat(&(0x7f00000005c0)='./file1\x00', 0x8, &(0x7f0000000600)) openat$net_iprouter(0xffffffffffffff9c, &(0x7f0000000680)='/net/iprouter\x00', 0xe, 0x3, 0x0) mkdir(&(0x7f00000006c0)='./file0\x00', 0x8, 0x1) rename(&(0x7f0000000700)='./file2\x00', 0x8, &(0x7f0000000740)='./file2\x00', 0x8) openat$dev_hostowner(0xffffffffffffff9c, &(0x7f0000000780)='/dev/hostowner\x00', 0xf, 0x3, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f00000007c0)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$proc_self_core(0xffffffffffffff9c, &(0x7f0000000800)='/proc/self/core\x00', 0x10, 0x1, 0x0) Which cores are provisioned to which procs: ------------------ Core 00, prov: 0(0x0000000000000000) alloc: 0(0x0000000000000000) Core 01, prov: 0(0x0000000000000000) alloc: 0(0x0000000000000000) Core 02, prov: 0(0x0000000000000000) alloc: 0(0x0000000000000000) Core 03, prov: 0(0x0000000000000000) alloc: 65(0xffff80000217b900) Which cores are provisioned to which procs: ------------------ Core 00, prov: 0(0x0000000000000000) alloc: 0(0x0000000000000000) Core 01, prov: 0(0x0000000000000000) alloc: 0(0x0000000000000000) Core 02, prov: 0(0x0000000000000000) alloc: 0(0x0000000000000000) Core 03, prov: 0(0x0000000000000000) alloc: 0(0x0000000000000000) 18:49:32 executing program 1: r0 = openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000000)='/prof/kpdata\x00', 0xd, 0x3, 0x0) tcgetattr(r0, &(0x7f0000000100)) openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) kernel warning at kern/src/event.c:374, from core 3: [kernel] Null ev_q - kernel code should check before sending! Stack Backtrace on Core 3: #01 [<0xffffffffc200a38c>] in backtrace #02 [<0xffffffffc2009bb4>] in _warn #03 [<0xffffffffc2007732>] in send_event #04 [<0xffffffffc2056a45>] in sys_send_event #05 [<0xffffffffc205a019>] in syscall #06 [<0xffffffffc205a1f8>] in run_local_syscall #07 [<0xffffffffc205a739>] in prep_syscalls #08 [<0xffffffffc20abee2>] in sysenter_callwrapper kernel panic at kern/arch/x86/trap.c:312, from core 2: Proc-ful Page Fault in the Kernel at 0x00000002deadbac6! HW TRAP frame at 0xfffffff0000d0d00 on core 2 rax 0x0000000000000001 rbx 0x00000002deadbabe rcx 0x0000000000000002 rdx 0x00000002deadbac6 rbp 0xfffffff0000d0dc8 rsi 0x00000000ffffffff rdi 0x00000002deadbac6 r8 0x0000000000000000 r9 0x0000000000000000 r10 0x000010000000a4c0 r11 0x0000000000000202 r12 0xffff800002178070 r13 0x00000000ffffffff r14 0x0000000000000007 r15 0xffff800002177d00 trap 0x0000000e Page Fault gsbs 0xffffffffc8996080 fsbs 0x0000000000000000 err 0x--------00000000 rip 0xffffffffc2007b27 cs 0x------------0008 flag 0x0000000000010206 rsp 0xfffffff0000d0dc8 ss 0x------------0010 Backtrace of kernel context on Core 2: #01 [<0xffffffffc2007b27>] in kref_put #02 [<0xffffffffc2007ea6>] in remove_fd_tap #03 [<0xffffffffc2058e1c>] in sys_tap_fds #04 [<0xffffffffc205a019>] in syscall #05 [<0xffffffffc205a1f8>] in run_local_syscall #06 [<0xffffffffc205a739>] in prep_syscalls #07 [<0xffffffffc20abee2>] in sysenter_callwrapper __get_km_tag bad canary: 00000000@0xffff80001489d018, buf 0xffff80001489d020, expected deadbabe ffff80001489d000: 00 20 00 00 00 00 00 00 01 00 00 00 00 00 00 00 . .............. ffff80001489d010: d0 a6 00 c2 ff ff ff ff 00 00 00 00 00 00 00 00 ................ ffff80001489d020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ... ffff80001489d070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ffff80001489d080: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................ ffff80001489d090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ... Entering Nanwan's Dungeon on Core 2 (Ints off): kernel panic at kern/src/kmalloc.c:138, from core 0: Bad canary Stack Backtrace on Core 0: