2019/04/30 16:50:56 fuzzer started 2019/04/30 16:50:57 dialing manager at 127.0.0.1:35507 2019/04/30 16:50:57 syscalls: 212 2019/04/30 16:50:57 code coverage: support is not implemented in syzkaller 2019/04/30 16:50:57 comparison tracing: support is not implemented in syzkaller 2019/04/30 16:50:57 extra coverage: support is not implemented in syzkaller 2019/04/30 16:50:57 setuid sandbox: support is not implemented in syzkaller 2019/04/30 16:50:57 namespace sandbox: support is not implemented in syzkaller 2019/04/30 16:50:57 Android sandbox: support is not implemented in syzkaller 2019/04/30 16:50:57 fault injection: support is not implemented in syzkaller 2019/04/30 16:50:57 leak checking: support is not implemented in syzkaller 2019/04/30 16:50:57 net packet injection: support is not implemented in syzkaller 2019/04/30 16:50:57 net device setup: support is not implemented in syzkaller 16:50:57 executing program 0: r0 = openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) openat$net_tcp_1_err(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/1/err\x00', 0xf, 0x3, 0x0) fd2path(r0, &(0x7f0000000080)=""/247, 0xf7) close(r0) block(0x7) openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f0000000180)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) r1 = openat$dev_user(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/user\x00', 0xa, 0x3, 0x0) openat$net_udp_0_status(0xffffffffffffff9c, &(0x7f0000000200)='/net/udp/0/status\x00', 0x12, 0x1, 0x0) r2 = openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000240)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) fd2path(r1, &(0x7f0000000280)=""/105, 0x69) r3 = openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f0000000300)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) openat$dev_swap(0xffffffffffffff9c, &(0x7f0000000340)='/dev/swap\x00', 0xa, 0x3, 0x0) openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/clone\x00', 0x12, 0x3, 0x0) openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) r4 = openat$net_tcp_0_status(0xffffffffffffff9c, &(0x7f0000000400)='/net/tcp/0/status\x00', 0x12, 0x1, 0x0) openat$dev_sysname(0xffffffffffffff9c, &(0x7f0000000440)='/dev/sysname\x00', 0xd, 0x3, 0x0) openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000480)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) openat$net_ipselftab(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ipselftab\x00', 0xf, 0x1, 0x0) abort_sysc_fd(r4) close(r2) openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000000500)='/dev/urandom\x00', 0xd, 0x1, 0x0) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000540)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000580)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) openat$net_udp_0_status(0xffffffffffffff9c, &(0x7f00000005c0)='/net/udp/0/status\x00', 0x12, 0x1, 0x0) close(r3) block(0x3ff) openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000600)='/dev/drivers\x00', 0xd, 0x1, 0x0) openat$net_ipifc_1_snoop(0xffffffffffffff9c, &(0x7f0000000640)='/net/ipifc/1/snoop\x00', 0x13, 0x1, 0x0) openat$net_tcp_stats(0xffffffffffffff9c, &(0x7f0000000680)='/net/tcp/stats\x00', 0xf, 0x1, 0x0) openat$dev_hostowner(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/hostowner\x00', 0xf, 0x3, 0x0) 16:50:57 executing program 1: openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) r0 = openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000080)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) abort_sysc_fd(r0) r1 = openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f00000000c0)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) r2 = openat$net_cs(0xffffffffffffff9c, &(0x7f0000000100)='/net/cs\x00', 0x8, 0x3, 0x0) openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/1/status\x00', 0x12, 0x1, 0x0) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) openat(r2, &(0x7f00000001c0)='./file0\x00', 0x8, 0x9102, 0x4) openat$net_arp(0xffffffffffffff9c, &(0x7f0000000200)='/net/arp\x00', 0x9, 0x3, 0x0) openat$dev_kprint(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kprint\x00', 0xc, 0x1, 0x0) r3 = openat$net_cs(0xffffffffffffff9c, &(0x7f0000000280)='/net/cs\x00', 0x8, 0x3, 0x0) openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000300)='/dev/caphash\x00', 0xd, 0x3, 0x0) openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000340)='/dev/drivers\x00', 0xd, 0x1, 0x0) openat$dev_bintime(0xffffffffffffff9c, &(0x7f0000000380)='/dev/bintime\x00', 0xd, 0x3, 0x0) openat$dev_ppid(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppid\x00', 0xa, 0x1, 0x0) openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f0000000400)='/net/ether0/1/ctl\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_data(0xffffffffffffff9c, &(0x7f0000000440)='/net/ipifc/1/data\x00', 0x12, 0x3, 0x0) openat$dev_user(0xffffffffffffff9c, &(0x7f0000000480)='/dev/user\x00', 0xa, 0x3, 0x0) openat$dev_drivers(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/drivers\x00', 0xd, 0x1, 0x0) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000500)='/dev/caphash\x00', 0xd, 0x3, 0x0) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f0000000540)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) fd2path(r3, &(0x7f0000000580)=""/250, 0xfa) openat$dev_hostdomain(0xffffffffffffff9c, &(0x7f0000000680)='/dev/hostdomain\x00', 0x10, 0x3, 0x0) openat$dev_capuse(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/capuse\x00', 0xc, 0x3, 0x0) tap_fds(&(0x7f00000007c0)=[{r1, 0x0, 0x80, 0x9d1a, &(0x7f0000000780)={&(0x7f0000000700)="f57a1c4c6d14b40ffb6f98b7d1f2f167454f549b08d127846b63ff0f8f14218c586461c431775c749452f50b83e6f00fe52b1fd296d2c9260916739dfed78cb8bd12602d8ead0bf28003a39b450626ef", 0x0, 0x0, 0x80, 0x3, 0x85a}}], 0x1) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000800)='/dev/kmesg\x00', 0xb, 0x1, 0x0) openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000840)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) readlink(&(0x7f0000000880)='./file0\x00', 0x8, &(0x7f00000008c0)=""/4096, 0x1000) 16:50:57 executing program 3: r0 = openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) r1 = openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) r2 = openat$dev_swap(0xffffffffffffff9c, &(0x7f0000000080)='/dev/swap\x00', 0xa, 0x3, 0x0) nmount(r0, &(0x7f00000000c0)='./file0\x00', 0x8, 0x10) r3 = openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000100)='/dev/caphash\x00', 0xd, 0x3, 0x0) fcntl$F_SYNC(r1, 0x65) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) tap_fds(&(0x7f0000000480)=[{r2, 0x0, 0x8, 0x0, &(0x7f0000000200)={&(0x7f0000000180)="ef2dba3905d7686c3f360dd0dcfbf68863e54e394744281d68b0d7ca8116406bc11948eb4184e44a7c2f7254721028d986948e76d32915b4016ba4554ff694d71b2fba5c5b597969a43ae494a9a1528c", 0x7, 0x1, 0x4, 0x5, 0x3}}, {r3, 0x3, 0x40, 0xfffffffffffffffb, &(0x7f00000002c0)={&(0x7f0000000240)="b39095c113116f2805a311f0613e857e99acb583707f409d1bfbb687ed2e5e45ed4da18b2d6ec4eaf8697fe5589a04bb7cd6bea46b22669f16e1844d3d15ca9b90ae59bc9e163840bddc98798a7124e1", 0x100000000, 0x1, 0x401, 0x4, 0xf9d}}, {r3, 0x1, 0x280, 0x2, &(0x7f0000000380)={&(0x7f0000000300)="27adfc6a59a20f0d76175c0885dfe5c9ce5dc270524bd52f9b1b7b92ab03d2c34b9aa96801ce15a33bd918e2b824ab74d65ba46cfe7bf6c857f0ea904d1c5abb441c8bd762fa5169b4dde79ed01625a4", 0x3, 0x1, 0x3f, 0x6, 0x2}}, {r1, 0x1, 0x1c8, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)="60ae0f91fec0468c371f13bab42e381450ae1378e2be32853823c0faaafd76a8ec188431e1eb317e9ee94e01505de849adf4f6cec7d0e68263597001b4bb50bdd79c0bb653bdcba6ca72024a00fc6d76", 0x6, 0x1, 0x0, 0x6, 0xff}}], 0x4) unlink(&(0x7f0000000500)='./file0\x00', 0x8) r4 = openat$net_icmpv6_stats(0xffffffffffffff9c, &(0x7f0000000540)='/net/icmpv6/stats\x00', 0x12, 0x1, 0x0) openat$net_tcp_0_status(0xffffffffffffff9c, &(0x7f0000000580)='/net/tcp/0/status\x00', 0x12, 0x1, 0x0) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f00000005c0)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/status\x00', 0x12, 0x1, 0x0) openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000640)='/prof/kpdata\x00', 0xd, 0x3, 0x0) unlink(&(0x7f0000000680)='./file0\x00', 0x8) r5 = openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f00000006c0)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000700)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000740)='/dev/ppid\x00', 0xa, 0x1, 0x0) openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f0000000780)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f00000007c0)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) fstat(r4, &(0x7f0000000800)) openat$dev_klog(0xffffffffffffff9c, &(0x7f0000000880)='/dev/klog\x00', 0xa, 0x1, 0x0) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f00000008c0)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x10, r3, 0xe4) openat$proc_self_segment(0xffffffffffffff9c, &(0x7f0000000900)='/proc/self/segment\x00', 0x13, 0x1, 0x0) mmap(&(0x7f0000fee000/0x12000)=nil, 0x12000, 0x2000003, 0x4010, r5, 0x1) openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000940)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) openat$net_udp_clone(0xffffffffffffff9c, &(0x7f0000000980)='/net/udp/clone\x00', 0xf, 0x3, 0x0) openat$prof_kpdata(0xffffffffffffff9c, &(0x7f00000009c0)='/prof/kpdata\x00', 0xd, 0x3, 0x0) openat$proc_self_ns(0xffffffffffffff9c, &(0x7f0000000a00)='/proc/self/ns\x00', 0xe, 0x1, 0x0) 16:50:57 executing program 4: populate_va(&(0x7f0000ffe000/0x2000)=nil, 0x800) populate_va(&(0x7f0000ffe000/0x2000)=nil, 0xba) fork() pop_ctx(&(0x7f0000000000)="d2236ea38b02ece646ab5bde36f98ee88c6a0000616d15b7b361d2f1e25a56630194cf6b16c573ef5532c7d617198bb154c6d25c5f7f51dbdf4b7d11a26367b1f67237215e8dcb674b8a09028f422cb135ebd3106ad3840b24e2951bc8e594fc5767cb88e72ffaa5edb5ea022049b5a6801c028313c0d4d24f278947368c0359a943ee72ec3fe66c590c0498c5c7b74d9d8de870e37d92e3b9a643c0871f72f742dad3092c38b3b346a4480747f9d5149c2b81248fc49a9863b53e538c52604d9b43cc1562d053f42c5446218e5ce562dd089a6405355289") openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000140)='/dev/stdout\x00', 0xc, 0x3, 0x0) openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000180)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) openat$dev_pid(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/pid\x00', 0x9, 0x1, 0x0) symlink(&(0x7f0000000200)='./file0\x00', 0x8, &(0x7f0000000240)='./file0\x00', 0x8) openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) r0 = openat$net_log(0xffffffffffffff9c, &(0x7f0000000300)='/net/log\x00', 0x9, 0x3, 0x0) vmm_ctl$VMM_CTL_GET_FLAGS(0x3) openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000340)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000380)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) r1 = openat$dev_sysname(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sysname\x00', 0xd, 0x3, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000400)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) syz_execute_func(&(0x7f0000000440)="f347e0ca3e0f1b7500460f116b07c4413d6b952a000000c483796011b2660f3804b700598ea667440f0f460097c46288f3dec42269aed7c4e17de12e") openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000000480)='/dev/urandom\x00', 0xd, 0x1, 0x0) openat$net_icmpv6_stats(0xffffffffffffff9c, &(0x7f00000004c0)='/net/icmpv6/stats\x00', 0x12, 0x1, 0x0) openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000500)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) fstat(r0, &(0x7f0000000540)) openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f00000005c0)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/user\x00', 0x10, 0x1, 0x0) openat$proc_self_args(0xffffffffffffff9c, &(0x7f0000000640)='/proc/self/args\x00', 0x10, 0x3, 0x0) openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f0000000680)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) fcntl$F_SYNC(r1, 0x65) openat$dev_config(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/config\x00', 0xc, 0x1, 0x0) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000700)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000740)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) 16:50:57 executing program 2: r0 = openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f0000000040)='/net/udp/0/local\x00', 0x11, 0x1, 0x0) syz_execute_func(&(0x7f0000000080)="43dac166440bac7400000000f3450faea204000000c463f917cdcf44dfc7c423b922388f0f0f41009edd368a91d91d269fc4a26503da") read(r0, &(0x7f00000000c0)=""/194, 0xc2) r1 = openat$dev_urandom(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/urandom\x00', 0xd, 0x1, 0x0) openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000200)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) r2 = openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000240)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) r3 = openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000280)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) r4 = openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f0000000300)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) llseek(r4, 0x100000000, 0x17, &(0x7f0000000340), 0x0) openat$net_ndb(0xffffffffffffff9c, &(0x7f0000000380)='/net/ndb\x00', 0x9, 0x3, 0x0) tap_fds(&(0x7f0000000540)=[{r4, 0x3, 0x78, 0x7afe, &(0x7f0000000440)={&(0x7f00000003c0)="ecb3c65d6eefddda86f553fbce01bef298d02a7bb10bc5737e92549c42ed840b95d04d3f0a7ab5292294c41894903c53c616e5862d9b68e69949a0809af4b56c7ba48d7167361d4a899f5435564dfe50", 0x1, 0x0, 0x9, 0x1}}, {r1, 0x0, 0x10, 0x80000001, &(0x7f0000000500)={&(0x7f0000000480)="538b706dd2b820461de5f577e3b1911ee12bb1467d1ec8f7846c78326cc2e18db2ed5b6eb56d0d1ebcafefc5a258c930dba72ef1b276052a59ba57b4f8dd61bd7cc5bd63e0346f1415fe914097315f2b", 0x9, 0x1, 0x3, 0x6, 0x100000001}}], 0x2) write(r4, &(0x7f0000000580)="91d08fc7cde14b5ec9bcfd04424aa8c0fc05d74abb1fb14e59173a6ae5adf2f588266145aad5e8b52d5e570b0e56ea06803878525dee03388806d9fca50057467f9b2cbb8f1182787de70e16eb5e4a748f864d7b5843aa998a3273c071294482632a809e319712f8978c96670a28199ec6aaf5f42902d6902aacc3298ca6394d77db110cddab8e77921252b121486af20258a1a6", 0x94) fcntl$F_DUPFD(r3, 0x0, r4, 0x1) proc_yield(0x0) openat$prof_kptrace_ctl(0xffffffffffffff9c, &(0x7f0000000640)='/prof/kptrace_ctl\x00', 0x12, 0x3, 0x0) fcntl$F_SETFD(r2, 0x2, 0x1) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000680)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) abort_sysc_fd(r1) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f00000006c0)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f0000000700)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) proc_yield(0x1) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000740)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) openat$net_udp_0_data(0xffffffffffffff9c, &(0x7f0000000780)='/net/udp/0/data\x00', 0x10, 0x3, 0x0) unlink(&(0x7f00000007c0)='./file0\x00', 0x8) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f0000000800)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) openat$dev_pid(0xffffffffffffff9c, &(0x7f0000000840)='/dev/pid\x00', 0x9, 0x1, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000880)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) openat$dev_pid(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/pid\x00', 0x9, 0x1, 0x0) 16:50:57 executing program 7: r0 = openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f0000000000)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) openat$net_log(0xffffffffffffff9c, &(0x7f0000000040)='/net/log\x00', 0x9, 0x3, 0x0) fcntl$F_GETFD(r0, 0x1) openat$dev_swap(0xffffffffffffff9c, &(0x7f0000000080)='/dev/swap\x00', 0xa, 0x3, 0x0) openat$dev_capuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/capuse\x00', 0xc, 0x3, 0x0) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppid\x00', 0xa, 0x1, 0x0) fcntl$F_SETFD(r0, 0x2, 0x1) openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) openat$net_ether0_stats(0xffffffffffffff9c, &(0x7f0000000180)='/net/ether0/stats\x00', 0x12, 0x1, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$net_tcp_stats(0xffffffffffffff9c, &(0x7f0000000240)='/net/tcp/stats\x00', 0xf, 0x1, 0x0) r1 = openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f0000000280)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000300)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$proc_self_ns(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/ns\x00', 0xe, 0x1, 0x0) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f00000003c0)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f0000000400)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) openat$net_ether0_0_ifstats(0xffffffffffffff9c, &(0x7f0000000440)='/net/ether0/0/ifstats\x00', 0x16, 0x1, 0x0) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000480)='/prof/kptrace\x00', 0xe, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/user\x00', 0x10, 0x1, 0x0) chdir(0x0, &(0x7f0000000540)='./file0\x00', 0x8) fcntl$F_SETFD(r1, 0x2, 0x0) openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000580)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f00000005c0)='/net/udp/0/local\x00', 0x11, 0x1, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000600)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000640)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$proc_self_ns(0xffffffffffffff9c, &(0x7f0000000680)='/proc/self/ns\x00', 0xe, 0x1, 0x0) 16:50:57 executing program 6: openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) change_vcore(0x1, 0x1) nbind(&(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000080)='./file0\x00', 0x8, 0x5) openat$net_ipifc_1_data(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/1/data\x00', 0x12, 0x3, 0x0) populate_va(&(0x7f0000ffe000/0x2000)=nil, 0xfffffffffffeffff) openat$prof_kpctl(0xffffffffffffff9c, &(0x7f0000000100)='/prof/kpctl\x00', 0xc, 0x3, 0x0) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) populate_va(&(0x7f0000ff2000/0xe000)=nil, 0xffffffff) openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) nbind(&(0x7f00000001c0)='./file0\x00', 0x8, &(0x7f0000000200)='.\x00', 0x2, 0x56a1c284bf36bdd4) openat$proc_self_args(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/args\x00', 0x10, 0x3, 0x0) r0 = openat$dev_sysstat(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sysstat\x00', 0xd, 0x3, 0x0) openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x8, 0x8) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f0000000380)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) r1 = openat$prof_kptrace_ctl(0xffffffffffffff9c, &(0x7f00000003c0)='/prof/kptrace_ctl\x00', 0x12, 0x3, 0x0) r2 = openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000400)='/dev/drivers\x00', 0xd, 0x1, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000440)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000480)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) openat$dev_cputime(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/cputime\x00', 0xd, 0x1, 0x0) openat$proc_self_mem(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/mem\x00', 0xf, 0x1, 0x0) populate_va(&(0x7f0000ffc000/0x4000)=nil, 0x7) r3 = proc_create(&(0x7f0000000540)='./file0\x00', 0x8, &(0x7f0000000580)='\x00', 0x1, 0x1) waitpid(r3, &(0x7f00000005c0), 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000600)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) chdir(r3, &(0x7f0000000640)='./file0\x00', 0x8) openat$net_ipifc_0_local(0xffffffffffffff9c, &(0x7f0000000680)='/net/ipifc/0/local\x00', 0x13, 0x1, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f00000006c0)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) tap_fds(&(0x7f0000000940)=[{r1, 0x2, 0x240, 0x8, &(0x7f0000000780)={&(0x7f0000000700)="856163afa1ac91fd30de1a0fa4580fc7b02c59f09a4977b9f6950c58dc84d95f20633359a16e7f754e8e68dea0aa74242e665fd05b4e3926710f68ed4c39d759452a688597e9017922408cb0e8559d92", 0x5f20000000000000, 0x1, 0x3, 0x3, 0x400}}, {r2, 0x2, 0x8, 0xfffffffffffff501, &(0x7f0000000840)={&(0x7f00000007c0)="28abc5ad77afee2ae6d5f5f13a4571da9807862122f77ef37beb3c939d8002c2b247b495b4debf4e76f2128e98dcfa39e6f173c4527f3e99f9debbb3ad16e6adf67eb9fc7b69f41d243c101b3675eba4", 0x71d, 0x1, 0x8, 0x100000001, 0xa91}}, {r0, 0x3, 0x400, 0x4, &(0x7f0000000900)={&(0x7f0000000880)="4a1f1d3015b32dbb75c62fe54cec956a6274a5ed71eb40a9dbdd682f3b85191661289723c403bc0bf3ba32f28d485daab927ff02bb41029551ce477c611c4a1190c45e7d705a7e43819b1fc140554bcb", 0x1000000000, 0x0, 0xfff, 0xcad8, 0x72d}}], 0x3) 16:50:57 executing program 5: r0 = openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/0/status\x00', 0x14, 0x1, 0x0) r1 = openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) tap_fds(&(0x7f0000000680)=[{r1, 0x2, 0x60, 0x76, &(0x7f0000000100)={&(0x7f0000000080)="16fab4950e2265378fb92d11b39fe8647f0c8a0f55b0d38117db87ac4419076541d7c6dd1d5eef191a7342c5a83e753d219f244fe16028248ef7be564508e2edb55218a086df43c0db6a998546563ddd", 0x7, 0x0, 0x7, 0xffffffffffffffff, 0x9}}, {r0, 0x2, 0x40, 0x47, &(0x7f00000001c0)={&(0x7f0000000140)="31e200f02b992080bfb981e7b573b1d182ed91b0a7e785a3543afd1acade410dc6602cfaa828df1a4a04351284829cb37eb6d7e725525f663f23b5a1fde7c63628d31b5ad51c4a6e8da78ce782f8ed06", 0x100, 0x1, 0x5, 0x9, 0x9b}}, {r0, 0x3, 0x48, 0x1, &(0x7f0000000280)={&(0x7f0000000200)="044ff8a2b6f70cf1474803726ef607faa06b1faa466fabbbbcc2cb4d14f02274288c7e58a56e14d8c213e8fbe6d320ff1bb75ef016621e285691dfdba0cec7302484c417e259b4daefc90f9dc25a3447", 0x38, 0x0, 0x8, 0x4, 0x2}}, {r0, 0x1, 0x4, 0x3, &(0x7f0000000340)={&(0x7f00000002c0)="830a5c96a9b51bed7d92e8458f31eff2b1c9f144c72cee8a88d687ba478b6bd179eed03fb8880c0832d31ca1cba884f61658e95201fe6891923084c61362f5210215957294f666eb1ee417dd33c473cf", 0x4, 0x0, 0x100000001, 0x1, 0x5}}, {r0, 0x2, 0x20, 0x80000000, &(0x7f0000000400)={&(0x7f0000000380)="4e0488fe31700a137df5fedaabb24e773459277e276a79d4362171ebd347fb831cba16140b5fc377dd5bd1ac0bac47aa63acde1859773e636529b6081b21fc639efbd47bcd04e0ad531420dcf4c18a3d", 0x20, 0x1, 0xff, 0x59, 0x5}}, {r0, 0x1, 0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)="541311f111446935b31efc679eca3fcbed661564f9487d36ce04fd4da5b6773c4e8834fa94b7a797dfcd7469cc966224e110b227b7cbfb596ce37ad0551c70c5d63869c867c4466623917d8c50d27889", 0x72a2, 0x0, 0x800, 0x200, 0xff}}, {r1, 0x3, 0x1, 0x9, &(0x7f0000000580)={&(0x7f0000000500)="94d26e5e403ae61e675c6832ab2349523ccdbb5fe556c36a79bd19b37ca99915ad5d2c43d9fd86c442c4c9fdd3553fe88a7e49d8341558635a135c60341de59dd3c8f64753af59d82800a9d281f9927d", 0x4, 0x1, 0xffffffff, 0x7f, 0x3}}, {r0, 0x2, 0x2, 0xe8b, &(0x7f0000000640)={&(0x7f00000005c0)="3a2e90c35daee415d304ce3953136b5850fae51111602094a3345e85c720d1abc906e32b2a6d01fbe5e756027fa5404ceb4a8e2fdc15d5e44b5b7263cf556a11e210d30042bc4a64e18a4911e9ead792", 0x100000001, 0x1, 0x2, 0x9, 0x6}}], 0x8) r2 = fcntl$F_DUPFD(r0, 0x0, r0, 0x0) openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000780)='/prof/kpdata\x00', 0xd, 0x3, 0x0) r3 = openat$net_tcp_2_status(0xffffffffffffff9c, &(0x7f00000007c0)='/net/tcp/2/status\x00', 0x12, 0x1, 0x0) openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f0000000800)='/net/ether0/clone\x00', 0x12, 0x3, 0x0) r4 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000840)='/prof/.empty\x00', 0xd, 0x3, 0x0) r5 = openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000880)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) abort_sysc_fd(r3) abort_sysc_fd(r2) openat$dev_killkid(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/killkid\x00', 0xd, 0x3, 0x0) r6 = openat$net_udp_clone(0xffffffffffffff9c, &(0x7f0000000900)='/net/udp/clone\x00', 0xf, 0x3, 0x0) write(r6, &(0x7f0000000940)="3fe250d1794c2a5698a23091af6e0ce56efa592b8d566e4696ba926f4adc79482de04baf1646bd5366317161dba4f1ab060e880592fc6a3c269a48993782e18221b0854c77d9daddd3f492f621c42ab2ca703291ffdcfd5b8d958478951861606825a9773e8a94bd8eb6d7e7f69baf341846e9", 0x73) openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f00000009c0)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000a00)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) openat$net_cs(0xffffffffffffff9c, &(0x7f0000000a40)='/net/cs\x00', 0x8, 0x3, 0x0) syz_execute_func(&(0x7f0000000a80)="c4438d79b975c2fadae7360f3806b902000000f346a5266665f2670f000044d0f4c40299475a04664714f4672665400fa98fc970970d33f4648ec462c1a7bd409c0000") openat$proc_self_note(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/note\x00', 0x10, 0x1, 0x0) openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000b40)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000b80)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000bc0)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat(r5, &(0x7f0000000c00)='./file0\x00', 0x8, 0xc2, 0x6a) r7 = openat$net_tcp_0_local(0xffffffffffffff9c, &(0x7f0000000c40)='/net/tcp/0/local\x00', 0x11, 0x1, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000c80)='/proc/self/user\x00', 0x10, 0x1, 0x0) abort_sysc_fd(r4) openat$net_ipselftab(0xffffffffffffff9c, &(0x7f0000000cc0)='/net/ipselftab\x00', 0xf, 0x1, 0x0) openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f0000000d00)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) openat$net_ether0_1_stats(0xffffffffffffff9c, &(0x7f0000000d40)='/net/ether0/1/stats\x00', 0x14, 0x1, 0x0) fcntl$F_SETFL(r7, 0x4, 0x88000) 16:50:58 executing program 0: openat$dev_urandom(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0xd, 0x1, 0x0) r0 = openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0xd, 0x1, 0x0) fstat(r0, &(0x7f0000000640)) 16:50:58 executing program 0: r0 = openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) pop_ctx(&(0x7f0000000040)="7713104b354c077367561e8a11496bd4ec94c2548fafb59fa20b160eb60d7f57439e6c49ede89fc39093b60c6be4c3c514258d41762161a963d187596423b720a4c2bac834847532503aa9f4f927100cc46c0b72f5d0b86d9950fbad98c97742f2a86def64c0cc3abbfd8a872705f0c5b2f7f677bf5a60c7c55f5d39e8892bbdf0ceb71dca226b8e875b84a4fd9b363e3373d59eb464418480d410672306400db1b85df7307f8e30f3efe44110a777fd243605fd355ad84944e7004931e0f2382f31fcb216590cc0b6ed410907f82a54e55d49d37d08e29a") openat(r0, &(0x7f0000000140)='./file0\x00', 0x8, 0x812c0, 0x181) r1 = openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000180)='/dev/.empty\x00', 0xc, 0x3, 0x0) change_vcore(0x8, 0x0) nunmount(&(0x7f00000001c0)='./file0\x00', 0x8, &(0x7f0000000200)='./file0\x00', 0x8) openat$net_ether0_2_stats(0xffffffffffffff9c, &(0x7f0000000240)='/net/ether0/2/stats\x00', 0x14, 0x1, 0x0) abort_sysc(0x10001) nmount(r1, &(0x7f0000000280)='./file0\x00', 0x8, 0x10) mkdir(&(0x7f00000002c0)='./file1\x00', 0x8, 0x88) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f0000000300)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) r2 = openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000340)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) read(r1, &(0x7f0000000380)=""/182, 0xb6) chdir(0x0, &(0x7f0000000440)='./file2\x00', 0x8) openat$dev_stdin(0xffffffffffffff9c, &(0x7f0000000480)='/dev/stdin\x00', 0xb, 0x3, 0x0) change_vcore(0xffff, 0x0) openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) openat$proc_self_wait(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/wait\x00', 0x10, 0x1, 0x0) fcntl$F_GETFL(r2, 0x3) mkdir(&(0x7f0000000540)='./file2\x00', 0x8, 0x2) openat$proc_self_wait(0xffffffffffffff9c, &(0x7f0000000580)='/proc/self/wait\x00', 0x10, 0x1, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/self/user\x00', 0x10, 0x1, 0x0) openat$dev_hostdomain(0xffffffffffffff9c, &(0x7f0000000600)='/dev/hostdomain\x00', 0x10, 0x3, 0x0) openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000640)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000680)='/dev/kmesg\x00', 0xb, 0x1, 0x0) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f00000006c0)='/prof/kptrace\x00', 0xe, 0x3, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000000, 0x812, r2, 0x4) openat$net_ipifc_1_local(0xffffffffffffff9c, &(0x7f0000000700)='/net/ipifc/1/local\x00', 0x13, 0x1, 0x0) openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f0000000740)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f0000000780)='/dev/zero\x00', 0xa, 0x1, 0x0) bash-4.3$ Unhandled user trap in vcore context from VC 1 HW TRAP frame (partial) at 0xffffffffc8e383a0 on core 3 rax 0x000000005a5a4e80 rbx 0x000030000001ae90 rcx 0x0000000000000150 rdx 0x000010000000a4c0 rbp 0x000030000001ae80 rsi 0x000010000000a5c0 rdi 0x000000005a5a4f80 r8 0x000000005a5a5a5a r9 0x000000005a5a4e80 r10 0x0000000000000000 r11 0x0000000000000200 r12 0x0000000000410050 r13 0x000010000000a4c0 r14 0x0000000000000004 r15 0x00007f7fffa01f40 trap 0x0000000e Page Fault gsbs 0x0000000000000000 fsbs 0x0000000000000000 err 0x--------00000006 rip 0x000000000040fe36 cs 0x------------0023 flag 0x0000000000010202 rsp 0x000030000001ad80 ss 0x------------001b err 0x6 (for PFs: User 4, Wr 2, Rd 1), aux 0x000000005a5a4f80 Addr 0x000000000040fe36 is in syz-executor at offset 0x000000000000fe36 VM Regions for proc 37 NR: Range: Prot, Flags, File, Off 00: (0x0000000000400000 - 0x00000000004b6000): 0x00000005, 0x00000001, 0xffff800004d57420, 0x0000000000000000 01: (0x00000000004b6000 - 0x00000000004b7000): 0x00000005, 0x00000002, 0xffff800004d57420, 0x00000000000b6000 02: (0x00000000006b6000 - 0x00000000006b9000): 0x00000003, 0x00000002, 0xffff800004d57420, 0x00000000000b6000 03: (0x00000000006b9000 - 0x00000000008e5000): 0x00000003, 0x00000002, 0x0000000000000000, 0x0000000000000000 04: (0x0000000020000000 - 0x0000000021000000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 05: (0x0000100000000000 - 0x0000100000024000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 06: (0x0000300000000000 - 0x0000300000001000): 0x00000003, 0x00000002, 0xffff800004d57420, 0x0000000000000000 07: (0x0000300000001000 - 0x0000300000005000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 08: (0x0000300000005000 - 0x0000300000007000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 09: (0x0000300000007000 - 0x0000300000019000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 10: (0x0000300000019000 - 0x000030000003d000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 11: (0x00007f7fff8ff000 - 0x00007f7fff9ff000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 Backtrace of user context on Core 3: Offsets only matter for shared libraries #01 Addr 0x000000000040fe36 is in syz-executor at offset 0x000000000000fe36 #02 Addr 0x000000000041025e is in syz-executor at offset 0x000000000001025e 16:51:03 executing program 0: r0 = openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f0000000140)='/net/ipifc/0/status\x00', 0x27480bb2ad350d1b, 0x1, 0x0) mmap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x0, 0xcfa152f92e177136, 0xffffffffffffff9c, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) fstat(r0, &(0x7f0000000080)) #03 Addr 0x000000000041580d is in syz-executor at offset 0x000000000001580d #04 Addr 0x00000000004080fb is in syz-executor at offset 0x00000000000080fb #05 Addr 0x0000000000414c60 is in syz-executor at offset 0x0000000000014c60 #06 Addr 0x000000000040862a is in syz-executor at offset 0x000000000000862a #07 Addr 0x0000000000404019 is in syz-executor at offset 0x0000000000004019 #08 Addr 0x000000000041498c is in syz-executor at offset 0x000000000001498c #09 Addr 0x0000000000414991 is in syz-executor at offset 0x0000000000014991 16:51:04 executing program 0: openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) openat$net_cs(0xffffffffffffff9c, &(0x7f0000000080)='/net/cs\x00', 0x8, 0x3, 0x0) openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) r0 = openat$dev_random(0xffffffffffffff9c, &(0x7f0000000100)='/dev/random\x00', 0xc, 0x1, 0x0) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000180)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0xa, 0x1, 0x0) openat$net_cs(0xffffffffffffff9c, &(0x7f0000000200)='/net/cs\x00', 0x8, 0x3, 0x0) openat$net_ether0_stats(0xffffffffffffff9c, &(0x7f0000000240)='/net/ether0/stats\x00', 0x12, 0x1, 0x0) openat$dev_kprint(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kprint\x00', 0xc, 0x1, 0x0) vmm_ctl$VMM_CTL_SET_FLAGS(0x4, 0x2) openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$net_ether0_stats(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/stats\x00', 0x12, 0x1, 0x0) openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x1010, 0xffffffffffffffff, 0x8) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f00000003c0)='/prof/kptrace\x00', 0xe, 0x3, 0x0) openat$dev_config(0xffffffffffffff9c, &(0x7f0000000400)='/dev/config\x00', 0xc, 0x1, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$proc_self_args(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/args\x00', 0x10, 0x3, 0x0) openat$prof_kprintx(0xffffffffffffff9c, &(0x7f00000004c0)='/prof/kprintx\x00', 0xe, 0x3, 0x0) openat$proc_self_strace(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/strace\x00', 0x12, 0x1, 0x0) openat$dev_hostdomain(0xffffffffffffff9c, &(0x7f0000000540)='/dev/hostdomain\x00', 0x10, 0x3, 0x0) openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f0000000580)='/net/ether0/clone\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f00000005c0)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f0000000600)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) openat$net_udp_stats(0xffffffffffffff9c, &(0x7f0000000640)='/net/udp/stats\x00', 0xf, 0x1, 0x0) write(r0, &(0x7f0000000680)="e94218ebdee5b6bc8ec4a97048d312b7c2519d99904b1ae7339027ff882ae883c6d3c93c7a32dcdba001e5c5d7e8368fd941fe0d1623a720122634a4a2cfa7013a89f8c6cfe5779b6410e9aeb7065c08a8015e7c833cf008427b526ec8cd599b4abc64e60708765d93bb92e07dd5e99f7159ed80c86d6e12551836c079c254d134fc214cb46dd05b17e4a91ca902768f01879e4530a68390a6c81760a1f570840ca907dbc942e35d972310c9b94238eb95495fbfcf967f30147b0bb73fd8ac59b698d58ed9c7d3244813b37e8ada4584b9b7d678a92a89dd55d93f20d31f58720de30211baf28d", 0xe7) openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f0000000780)='/net/ether0/clone\x00', 0x12, 0x3, 0x0) 16:51:04 executing program 0: r0 = openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000140)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) fcntl$F_GETFL(r0, 0x3) openat$net_icmp_stats(0xffffffffffffff9c, &(0x7f0000000000)='/net/icmp/stats\x00', 0x10, 0x1, 0x0) 16:51:04 executing program 3: mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xffffffffffffffff) openat$net_tcp_stats(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/stats\x00', 0xf, 0x1, 0x0) nbind(&(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000080)='./file0\x00', 0x8, 0x2) openat$dev_user(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/user\x00', 0xa, 0x3, 0x0) 16:51:04 executing program 7: r0 = openat$proc_self_profile(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/profile\x00', 0x1a9, 0x1, 0x0) fcntl$F_GETFD(r0, 0x1) kernel panic at kern/arch/x86/trap.c:318, from core 1: Proc-ful Page Fault in the Kernel at 0x000000000000001b! HW TRAP frame at 0xfffffff0000cad30 on core 1 rax 0x0000000000000000 rbx 0xffff800014e51ee0 rcx 0xfffffff0000caea0 rdx 0x0000000000000005 rbp 0xfffffff0000cae38 rsi 0x0000000000000000 rdi 0xfffffff0000caea0 r8 0x0000000000000001 r9 0xffffffffc8f655c0 r10 0x0000000000000030 r11 0xffff800014e4e420 r12 0xffff800002176e00 r13 0x0000000020000880 r14 0x0000000000000073 r15 0x0000000000001000 trap 0x0000000e Page Fault gsbs 0xffffffffc8e37dc0 fsbs 0x0000000000000000 err 0x--------00000000 rip 0xffffffffc20587f4 cs 0x------------0008 flag 0x0000000000010246 rsp 0xfffffff0000cadf8 ss 0x------------0010 Backtrace of kernel context on Core 1: #01 [<0xffffffffc20587f4>] in sys_readlink #02 [<0xffffffffc2059ea9>] in syscall #03 [<0xffffffffc205aa58>] in run_local_syscall #04 [<0xffffffffc205af99>] in prep_syscalls #05 [<0xffffffffc20ac882>] in sysenter_callwrapper [kernel] You tried to change vcores from uth ctx [kernel] Invalid syscall 0 for proc 63 Args: 0x0000000020000080, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000 Entering Nanwan's Dungeon on Core 1 (Ints off): SW TRAP frame (partial) at 0xffffffffc8e380e0 on core 2 Type 'help' for a list of commands. rbx 0x000030000003ce00 ROS(Core 1)> rbp 0x000030000003cef0 r12 0x0000000000000000 r13 0x000000000048585b r14 0x0000000000487438 r15 0x0000000000000000 gsbs 0x0000000000000000 fsbs 0x0000000000000000 rip 0x00000000004375ce rsp 0x000030000003cd20 mxcsr 0x00001f80 fpucw 0x037f