2019/04/01 03:42:19 fuzzer started 2019/04/01 03:42:19 dialing manager at 127.0.0.1:43191 2019/04/01 03:42:19 syscalls: 1 2019/04/01 03:42:19 code coverage: support is not implemented in syzkaller 2019/04/01 03:42:19 comparison tracing: support is not implemented in syzkaller 2019/04/01 03:42:19 extra coverage: support is not implemented in syzkaller 2019/04/01 03:42:19 setuid sandbox: support is not implemented in syzkaller 2019/04/01 03:42:19 namespace sandbox: support is not implemented in syzkaller 2019/04/01 03:42:19 Android sandbox: support is not implemented in syzkaller 2019/04/01 03:42:19 fault injection: support is not implemented in syzkaller 2019/04/01 03:42:19 leak checking: support is not implemented in syzkaller 2019/04/01 03:42:19 net packet injection: support is not implemented in syzkaller 2019/04/01 03:42:19 net device setup: support is not implemented in syzkaller 03:42:20 executing program 0: openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) r0 = openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) populate_va(&(0x7f0000ffa000/0x4000)=nil, 0xfff) munmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000) openat$net_tcp_0_status(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/0/status\x00', 0x12, 0x1, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) munmap(&(0x7f0000ffa000/0x2000)=nil, 0x2000) r1 = openat$dev_sysstat(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sysstat\x00', 0xd, 0x3, 0x0) openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f00000001c0)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$net_tcp_1_data(0xffffffffffffff9c, &(0x7f0000000240)='/net/tcp/1/data\x00', 0x10, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) fd2path(r1, &(0x7f0000000300)=""/4096, 0x1000) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000001300)='/prof/kptrace\x00', 0xe, 0x3, 0x0) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000001340)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f0000001380)='/dev/zero\x00', 0xa, 0x1, 0x0) populate_va(&(0x7f0000ffb000/0x4000)=nil, 0x2) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000001400)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) fcntl$F_GETFL(r0, 0x3) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000001440)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000001480)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f00000014c0)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) populate_va(&(0x7f0000ffb000/0x4000)=nil, 0x2) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000001500)='/dev/.empty\x00', 0xc, 0x3, 0x0) openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000001540)='/dev/urandom\x00', 0xd, 0x1, 0x0) openat$net_ether0_1_stats(0xffffffffffffff9c, &(0x7f0000001580)='/net/ether0/1/stats\x00', 0x14, 0x1, 0x0) 03:42:20 executing program 3: r0 = openat$net_udp_0_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/udp/0/data\x00', 0x10, 0x3, 0x0) r1 = openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000040)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000080)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$net_ether0_2_stats(0xffffffffffffff9c, 0xffffffffffffffff, 0x0, 0x1, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0xa, 0x1, 0x0) openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) r2 = openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000140)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000180)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) openat$net_ether0_2_stats(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ether0/2/stats\x00', 0x14, 0x1, 0x0) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000240)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000000, 0x110, r0, 0x800) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f0000000280)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) openat$net_tcp_2_status(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/2/status\x00', 0x12, 0x1, 0x0) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000300)='/prof/kptrace\x00', 0xe, 0x3, 0x0) openat$dev_hostdomain(0xffffffffffffff9c, &(0x7f0000000340)='/dev/hostdomain\x00', 0x10, 0x3, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f00000003c0)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x5, 0x20010, r1, 0x80000001) read(r2, &(0x7f0000000440)=""/166, 0xa6) openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000500)='/prof/.empty\x00', 0xd, 0x3, 0x0) openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f0000000540)='/net/udp/0/local\x00', 0x11, 0x1, 0x0) openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000580)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f00000005c0)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f0000000600)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000640)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) openat$dev_time(0xffffffffffffff9c, &(0x7f0000000680)='/dev/time\x00', 0xa, 0x3, 0x0) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f00000006c0)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f0000000700)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) 03:42:20 executing program 1: r0 = openat$dev_config(0xffffffffffffff9c, &(0x7f0000000000)='/dev/config\x00', 0xc, 0x1, 0x0) r1 = openat(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x40, 0x0) openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f0000000080)='/net/tcp/0/listen\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0xa, 0x1, 0x0) fd2path(r1, &(0x7f0000000140)=""/65, 0x41) openat$net_icmp_stats(0xffffffffffffff9c, &(0x7f00000001c0)='/net/icmp/stats\x00', 0x10, 0x1, 0x0) access(&(0x7f0000000200)='./file0\x00', 0x8, 0x100) openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000240)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) access(&(0x7f0000000280)='./file0\x00', 0x8, 0x9) openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) openat$dev_config(0xffffffffffffff9c, &(0x7f0000000340)='/dev/config\x00', 0xc, 0x1, 0x0) nmount(r0, &(0x7f0000000380)='./file0\x00', 0x8, 0x2) openat$net_iproute(0xffffffffffffff9c, &(0x7f00000003c0)='/net/iproute\x00', 0xd, 0x3, 0x0) mkdir(&(0x7f0000000400)='./file0/file0\x00', 0xe, 0x10c) openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000440)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) unlink(&(0x7f0000000480)='./file0\x00', 0x8) r2 = openat$net_udp_0_listen(0xffffffffffffff9c, &(0x7f00000004c0)='/net/udp/0/listen\x00', 0x12, 0x3, 0x0) openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000500)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) openat$net_ipselftab(0xffffffffffffff9c, &(0x7f0000000540)='/net/ipselftab\x00', 0xf, 0x1, 0x0) openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000580)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) rmdir(&(0x7f00000005c0)='./file0/file0\x00', 0xe) fcntl$F_SETFD(r1, 0x2, 0x1) openat$net_ether0_2_stats(0xffffffffffffff9c, &(0x7f0000000600)='/net/ether0/2/stats\x00', 0x14, 0x1, 0x0) openat$net_udp_0_listen(0xffffffffffffff9c, &(0x7f0000000640)='/net/udp/0/listen\x00', 0x12, 0x3, 0x0) llseek(r2, 0x0, 0x2, &(0x7f0000000680), 0x2) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f00000006c0)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000700)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000740)='/dev/.empty\x00', 0xc, 0x3, 0x0) 03:42:20 executing program 4: r0 = openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) fcntl$F_SETFL(r0, 0x4, 0x8000) r1 = openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) openat$proc_self_strace(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/strace\x00', 0x12, 0x1, 0x0) openat$proc_self_vmstatus(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/vmstatus\x00', 0x14, 0x1, 0x0) openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f0000000140)='/net/udp/0/local\x00', 0x11, 0x1, 0x0) openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) openat$prof_empty(0xffffffffffffff9c, &(0x7f00000001c0)='/prof/.empty\x00', 0xd, 0x3, 0x0) openat$net_udp_0_status(0xffffffffffffff9c, &(0x7f0000000200)='/net/udp/0/status\x00', 0x12, 0x1, 0x0) r2 = openat$net_iprouter(0xffffffffffffff9c, &(0x7f0000000240)='/net/iprouter\x00', 0xe, 0x3, 0x0) openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/text\x00', 0x10, 0x1, 0x0) close(r2) openat$net_ether0_2_stats(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ether0/2/stats\x00', 0x14, 0x1, 0x0) openat$dev_bintime(0xffffffffffffff9c, &(0x7f0000000300)='/dev/bintime\x00', 0xd, 0x3, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f00000003c0)='/net/tcp/1/status\x00', 0x12, 0x1, 0x0) openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000400)='/dev/drivers\x00', 0xd, 0x1, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000000, 0x11, 0xffffffffffffffff, 0x7f) openat$net_log(0xffffffffffffff9c, &(0x7f0000000440)='/net/log\x00', 0x9, 0x3, 0x0) openat$prof_kptrace_ctl(0xffffffffffffff9c, &(0x7f0000000480)='/prof/kptrace_ctl\x00', 0x12, 0x3, 0x0) openat$net_ether0_2_stats(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ether0/2/stats\x00', 0x14, 0x1, 0x0) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000540)='/net/iproute\x00', 0xd, 0x3, 0x0) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000580)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$net_iproute(0xffffffffffffff9c, &(0x7f00000005c0)='/net/iproute\x00', 0xd, 0x3, 0x0) openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) read(r1, &(0x7f0000000640)=""/44, 0x2c) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000680)='/dev/.empty\x00', 0xc, 0x3, 0x0) 03:42:20 executing program 2: vmm_ctl$VMM_CTL_SET_FLAGS(0x4, 0x4) r0 = openat$dev_stderr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/stderr\x00', 0xc, 0x3, 0x0) fcntl$F_SETFD(r0, 0x2, 0x1) openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) r1 = openat$proc_self_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/ctl\x00', 0xf, 0x3, 0x0) abort_sysc_fd(r1) vc_entry() openat$prof_kptrace_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/prof/kptrace_ctl\x00', 0x12, 0x3, 0x0) openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000100)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000140)='/net/ether0/ifstats\x00', 0x14, 0x1, 0x0) block(0x11) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000180)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$dev_kprint(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kprint\x00', 0xc, 0x1, 0x0) openat$proc_self_profile(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/profile\x00', 0x13, 0x1, 0x0) openat$net_udp_0_listen(0xffffffffffffff9c, &(0x7f0000000240)='/net/udp/0/listen\x00', 0x12, 0x3, 0x0) r2 = openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) fwstat(r2, &(0x7f00000002c0)=""/78, 0x4e, 0x0) openat$proc_self_maps(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/maps\x00', 0x10, 0x1, 0x0) openat$dev_klog(0xffffffffffffff9c, &(0x7f0000000380)='/dev/klog\x00', 0xa, 0x1, 0x0) vmm_add_gpcs(0x7f, &(0x7f0000000640)={&(0x7f00000003c0)="0ff43589bb77622e29d0652fe4249d", &(0x7f0000000400)="b50843866c07349cc5", &(0x7f0000000440)="209f41fc", &(0x7f0000000480)="8d686955ba9b49ece031d6f88a9473a33471e30c9eb02552a4befcdf658abcf526c33417eee15931e7bbb4118717aaf8b080db039ab2ae57b7b2bb56cb05def45af45bd0b5d1db51e0410c79221c5a0d0dc6483be6aeab998a086e687d629a1504a70adf77f9923cfe782e93bf37f7e9cedb1a23f4050e202c51dd65f2de4ae8865a6d567cc82d73d9a7dd5c242a21f93b3f865cd4d6cf2c99c181ff346ade566c35da6255f1cc23f6cbfba0d1a54f9d63a2605d8e0accf565c5b81da94ab8e24a5c713f19b0a1c926e8be4a9237", &(0x7f0000000580)="90bd9bace771dc36ca707e880a3981682effed85762d37df6fc8da89eaa7d7543e5208b9596ab5bf474d0d7adca6723c313bd34ec3906ab00f469cf1864a5967f9ed93c20b1a262adf97dcf775784a168a0355be057f3ba2d621fc53f270b2012e447e97470bc80ed39ddc818b2bcd2f86324890a0057f278febd00556f3285d554d54b894fd52063dcce7ed46ba85101170269f24f60f9bb17385e5c9012a933746e70b90936f5928ee706698e61071027297d3f8b4270e70a9823d"}) openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000680)='/dev/drivers\x00', 0xd, 0x1, 0x0) r3 = openat$net_tcp_0_local(0xffffffffffffff9c, &(0x7f00000006c0)='/net/tcp/0/local\x00', 0x11, 0x1, 0x0) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000700)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000740)='/dev/killkid\x00', 0xd, 0x3, 0x0) openat$dev_time(0xffffffffffffff9c, &(0x7f0000000780)='/dev/time\x00', 0xa, 0x3, 0x0) fcntl$F_SETFL(r3, 0x4, 0x400) openat$net_empty(0xffffffffffffff9c, &(0x7f00000007c0)='/net/.empty\x00', 0xc, 0x3, 0x0) openat$dev_stdin(0xffffffffffffff9c, &(0x7f0000000800)='/dev/stdin\x00', 0xb, 0x3, 0x0) openat$proc_self_ns(0xffffffffffffff9c, &(0x7f0000000840)='/proc/self/ns\x00', 0xe, 0x1, 0x0) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000880)='/dev/killkid\x00', 0xd, 0x3, 0x0) 03:42:20 executing program 6: r0 = openat$proc_self_segment(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/segment\x00', 0x13, 0x1, 0x0) r1 = openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000040)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000080)='/prof/kptrace\x00', 0xe, 0x3, 0x0) r2 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x8, 0x8000, 0x100) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000180)) r3 = openat(r2, &(0x7f0000000200)='./file0/file0\x00', 0xe, 0x503, 0x31) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000240)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) close(r0) r4 = openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000280)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) r5 = openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) openat$net_ipifc_1_data(0xffffffffffffff9c, &(0x7f0000000300)='/net/ipifc/1/data\x00', 0x12, 0x3, 0x0) fcntl$F_SYNC(r4, 0x65) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) tcgetattr(r3, &(0x7f0000000380)) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2, 0x28010, r5, 0x9) openat$net_icmpv6_clone(0xffffffffffffff9c, &(0x7f00000003c0)='/net/icmpv6/clone\x00', 0x12, 0x3, 0x0) openat$net_udp_0_listen(0xffffffffffffff9c, &(0x7f0000000400)='/net/udp/0/listen\x00', 0x12, 0x3, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$net_udp_stats(0xffffffffffffff9c, &(0x7f0000000480)='/net/udp/stats\x00', 0xf, 0x1, 0x0) openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000500)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) stat(&(0x7f0000000540)='./file0\x00', 0x8, 0xfffffffffffffffe) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000580)='/dev/kmesg\x00', 0xb, 0x1, 0x0) openat$dev_hostowner(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/hostowner\x00', 0xf, 0x3, 0x0) openat$dev_sysname(0xffffffffffffff9c, &(0x7f0000000600)='/dev/sysname\x00', 0xd, 0x3, 0x0) openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000640)='/prof/kpdata\x00', 0xd, 0x3, 0x0) proc_create(&(0x7f0000000680)='./file0\x00', 0x8, &(0x7f00000006c0)='/net/icmpv6/clone\x00', 0x12, 0x0) link(&(0x7f0000000700)='./file0/file0\x00', 0xe, &(0x7f0000000740)='./file0/file0\x00', 0xe) openat$proc_self_proc(0xffffffffffffff9c, &(0x7f0000000780)='/proc/self/proc\x00', 0x10, 0x1, 0x0) 03:42:20 executing program 7: openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) r0 = openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f0000000080)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) r1 = openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f0000000100)='/net/ipifc/0/status\x00', 0x14, 0x1, 0x0) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000140)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) r2 = openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000180)='/dev/drivers\x00', 0xd, 0x1, 0x0) openat$proc_self_mem(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/mem\x00', 0xf, 0x1, 0x0) openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000200)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) abort_sysc_fd(r1) close(r0) fchdir(0xffffffffffffffff, r2) openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f0000000240)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000280)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) openat$dev_stdout(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/stdout\x00', 0xc, 0x3, 0x0) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000300)='/dev/.empty\x00', 0xc, 0x3, 0x0) openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000340)='/dev/stdout\x00', 0xc, 0x3, 0x0) openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f0000000380)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) openat$net_udp_0_ctl(0xffffffffffffff9c, &(0x7f00000003c0)='/net/udp/0/ctl\x00', 0xf, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000440)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f0000000480)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000500)='/dev/stdout\x00', 0xc, 0x3, 0x0) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000540)='/dev/ppid\x00', 0xa, 0x1, 0x0) openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000580)='/proc/self/text\x00', 0x10, 0x1, 0x0) openat$dev_sdctl(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/sdctl\x00', 0xb, 0x3, 0x0) openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/text\x00', 0x10, 0x1, 0x0) openat$dev_sysstat(0xffffffffffffff9c, &(0x7f0000000640)='/dev/sysstat\x00', 0xd, 0x3, 0x0) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000680)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) 03:42:20 executing program 5: openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/text\x00', 0x10, 0x1, 0x0) openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000040)='/dev/stdout\x00', 0xc, 0x3, 0x0) openat$proc_self_core(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/core\x00', 0x10, 0x1, 0x0) r0 = openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) openat$proc_self_vmstatus(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/vmstatus\x00', 0x14, 0x1, 0x0) openat$net_log(0xffffffffffffff9c, &(0x7f0000000140)='/net/log\x00', 0x9, 0x3, 0x0) openat$net_ether0_stats(0xffffffffffffff9c, &(0x7f0000000180)='/net/ether0/stats\x00', 0x12, 0x1, 0x0) llseek(r0, 0x1, 0x7, &(0x7f00000001c0), 0x2) openat$dev_config(0xffffffffffffff9c, &(0x7f0000000200)='/dev/config\x00', 0xc, 0x1, 0x0) openat$dev_capuse(0xffffffffffffff9c, &(0x7f0000000240)='/dev/capuse\x00', 0xc, 0x3, 0x0) openat$dev_user(0xffffffffffffff9c, &(0x7f0000000280)='/dev/user\x00', 0xa, 0x3, 0x0) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000300)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000340)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) openat$dev_time(0xffffffffffffff9c, &(0x7f0000000380)='/dev/time\x00', 0xa, 0x3, 0x0) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f00000003c0)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) r1 = openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000400)='/dev/.empty\x00', 0xc, 0x3, 0x0) fcntl$F_GETFD(r1, 0x1) openat$proc_self_core(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/core\x00', 0x10, 0x1, 0x0) openat$proc_self_proc(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/proc\x00', 0x10, 0x1, 0x0) openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) openat$prof_kprintx(0xffffffffffffff9c, &(0x7f0000000500)='/prof/kprintx\x00', 0xe, 0x3, 0x0) openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000540)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) openat$net_tcp_0_status(0xffffffffffffff9c, &(0x7f0000000580)='/net/tcp/0/status\x00', 0x12, 0x1, 0x0) r2 = proc_create(&(0x7f00000005c0)='./file0\x00', 0x8, &(0x7f0000000600)='/proc/self/vmstatus\x00', 0x14, 0x1) proc_destroy(r2, 0x3) openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000640)='/dev/caphash\x00', 0xd, 0x3, 0x0) openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000680)='/dev/.empty\x00', 0xc, 0x3, 0x0) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f00000006c0)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000700)='/prof/.empty\x00', 0xd, 0x3, 0x0) 03:42:20 executing program 0: r0 = openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) r1 = openat$net_ether0_stats(0xffffffffffffff9c, &(0x7f0000000140)='/net/ether0/stats\x00', 0x12, 0x1, 0x0) r2 = openat$proc_self_ns(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/ns\x00', 0xe, 0x1, 0x0) tap_fds(&(0x7f0000000340)=[{r0, 0x3, 0x240, 0x8001, &(0x7f0000000100)={&(0x7f0000000080)="449d8ed8bd580d1b7aae32c4f8521aaf07592790456d100d2984b8cca654a2078c91edf37c752d5838dba47f3393c239377a49d91f2ad17590edd3f296a21a6a302588e07470d69dd6344528e4f7b11d", 0x8, 0x0, 0x5, 0x2}}, {r1, 0x3, 0x8, 0x0, &(0x7f0000000200)={&(0x7f0000000180)="b213016e2cf0df3859e2067c58683e0d2b05e4840f89fd86a7d0883ee555982baca1218b2162a7e1aea96c5a44174abab65e8f8b88963b194349a018712980a9c06b09d90fa5b9af28e9572aa2390353", 0x7, 0x1, 0x0, 0xfc35284}}, {r2, 0x3, 0x100, 0xfffffffffffff904, &(0x7f0000000300)={&(0x7f0000000280)="d11cbdaa1c05a393f836801a7a8ed1a5a6fd9ecc8cc6b4a4105bb6e0df878b73843f44d557a4c6823833502325619bb43bb0e29be0f44d5b5f3925782fe1d31f09ed24582ffe25b1f74cc780e4e0c708", 0x7fff, 0x1, 0x2, 0x179, 0x1f}}], 0x3) r3 = openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000400)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) fcntl$F_SETFL(r3, 0x4, 0x100000) tcgetattr(r3, &(0x7f00000003c0)) fcntl$F_SETFL(r3, 0x4, 0x0) r4 = openat$proc_self_segment(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/segment\x00', 0x13, 0x1, 0x0) openat$net_ether0_2_stats(0xffffffffffffff9c, &(0x7f0000000540)='/net/ether0/2/stats\x00', 0x14, 0x1, 0x0) fd2path(r4, &(0x7f0000000440)=""/210, 0xd2) 03:42:20 executing program 0: vmm_ctl$VMM_CTL_SET_EXITS(0x2, 0x1) r0 = openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/syscall\x00', 0x13, 0x1, 0x0) openat$net_tcp_1_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/1/data\x00', 0x10, 0x3, 0x0) openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000080)='/net/iproute\x00', 0xd, 0x3, 0x0) r1 = openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) abort_sysc_fd(r1) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000100)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) tap_fds(&(0x7f0000000200)=[{r0, 0x2, 0x100, 0xb973, &(0x7f00000001c0)={&(0x7f0000000140)="3a3f98c72daa9d3bad6f7d64e61a89352266e3e42d6fe1b04198f77a4b7929bbd873e2f65cf997b423ee1963d25f02c3a2aac16dd60de9dd807cab3d40d6fd7d82bdca6b5880f6e1250973996e6d4ec8", 0x0, 0x1, 0x5, 0x1, 0x7}}], 0x1) openat$proc_self_maps(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/maps\x00', 0x10, 0x1, 0x0) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f0000000280)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/user\x00', 0x10, 0x1, 0x0) halt_core(0xa111) openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000340)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$net_tcp_stats(0xffffffffffffff9c, &(0x7f0000000380)='/net/tcp/stats\x00', 0xf, 0x1, 0x0) r2 = openat$net_ether0_2_ctl(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ether0/2/ctl\x00', 0x12, 0x3, 0x0) abort_sysc_fd(r2) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000400)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) r3 = openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) openat$net_ipifc_1_snoop(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ipifc/1/snoop\x00', 0x13, 0x1, 0x0) openat$net_ipifc_1_ctl(0xffffffffffffff9c, &(0x7f0000000500)='/net/ipifc/1/ctl\x00', 0x11, 0x3, 0x0) nanosleep(&(0x7f0000000540)={0x5, 0x7a}, &(0x7f0000000580)) openat$dev_null(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/null\x00', 0xa, 0x1, 0x0) openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000600)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) vmm_ctl$VMM_CTL_SET_EXITS(0x2, 0x1) openat$net_icmpv6_stats(0xffffffffffffff9c, &(0x7f0000000640)='/net/icmpv6/stats\x00', 0x12, 0x1, 0x0) openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f0000000680)='/net/ether0/2/ifstats\x00', 0x16, 0x1, 0x0) pop_ctx(&(0x7f00000006c0)="3fa466019c2b0df4d027bc4b246930764e615e36da7bd98e92134d503f057c0837b8f4a05245c310fed563d1d1293fd1aa4f5ed38536e6f0e7077a1d04217f4b7a40ab0c689e4eb6bdc920058e8ba5f10f325365bfca957e221c0168a12e0b0ea2fe1b22d58695fb127ccc5c07baf47b24349c746517b7c5808a7715eeab3e742cc48acff1cac322c158c5786a32fe1165e900586e5bf78711f5e170484a82d867d0a2e76ba0fb9536849e264cc6fffa0e6ad9804f33fa89e30a01237e1acb84fa621bfa10d51fc5efbb6e9951cf19891fe2cf00bc4cbdfa") llseek(r3, 0xfff, 0x908, &(0x7f00000007c0), 0x3) bash-4.3$ Unhandled user trap in vcore context from VC 2 HW TRAP frame (partial) at 0xffffffffc8995e20 on core 1 rax 0x000000005a5a4e80 rbx 0x000030000001ce90 rcx 0x0000000000000150 rdx 0x000010000000cec0 rbp 0x000030000001ce80 rsi 0x000010000000cfc0 rdi 0x000000005a5a4f80 r8 0x000000005a5a5a5a r9 0x000000005a5a4e80 r10 0x0000000000000000 r11 0x0000000000000200 r12 0x000000000040ff00 r13 0x000010000000cec0 r14 0x0000000000000004 r15 0x00007f7fffa02c80 trap 0x0000000e Page Fault gsbs 0x0000000000000000 fsbs 0x0000000000000000 err 0x--------00000006 rip 0x000000000040fce6 cs 0x------------0023 flag 0x0000000000010202 rsp 0x000030000001cd80 ss 0x------------001b err 0x6 (for PFs: User 4, Wr 2, Rd 1), aux 0x000000005a5a4f80 Addr 0x000000000040fce6 is in syz-executor at offset 0x000000000000fce6 VM Regions for proc 39 03:42:25 executing program 0: openat$dev_hostdomain(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hostdomain\x00', 0xfffffffffffffea7, 0x3, 0x0) openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000100)='/net/ipifc/0/remote\x00', 0x3, 0x1, 0x0) NR: Range: Prot, Flags, File, Off 00: (0x0000000000400000 - 0x00000000004b5000): 0x00000005, 0x00000001, 0xffff800003033020, 0x0000000000000000 01: (0x00000000004b5000 - 0x00000000004b6000): 0x00000005, 0x00000002, 0xffff800003033020, 0x00000000000b5000 02: (0x00000000006b6000 - 0x00000000006b9000): 0x00000003, 0x00000002, 0xffff800003033020, 0x00000000000b6000 03: (0x00000000006b9000 - 0x00000000008e5000): 0x00000003, 0x00000002, 0x0000000000000000, 0x0000000000000000 04: (0x0000000020000000 - 0x0000000021000000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 05: (0x0000100000000000 - 0x0000100000024000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 06: (0x0000300000000000 - 0x0000300000001000): 0x00000003, 0x00000002, 0xffff800003033020, 0x0000000000000000 07: (0x0000300000001000 - 0x0000300000005000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 08: (0x0000300000005000 - 0x0000300000007000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 09: (0x0000300000007000 - 0x0000300000019000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 10: (0x0000300000019000 - 0x000030000005d000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 11: (0x00007f7fff8ff000 - 0x00007f7fff9ff000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 Backtrace of user context on Core 1: Offsets only matter for shared libraries #01 Addr 0x000000000040fce6 is in syz-executor at offset 0x000000000000fce6 #02 Addr 0x000000000041010e is in syz-executor at offset 0x000000000001010e #03 Addr 0x00000000004156bd is in syz-executor at offset 0x00000000000156bd #04 Addr 0x0000000000407fab is in syz-executor at offset 0x0000000000007fab #05 Addr 0x0000000000414b10 is in syz-executor at offset 0x0000000000014b10 #06 Addr 0x00000000004084da is in syz-executor at offset 0x00000000000084da #07 Addr 0x0000000000403ec9 is in syz-executor at offset 0x0000000000003ec9 #08 Addr 0x000000000041483c is in syz-executor at offset 0x000000000001483c #09 Addr 0x0000000000414841 is in syz-executor at offset 0x0000000000014841 03:42:30 executing program 0: vmm_ctl$VMM_CTL_SET_FLAGS(0x4, 0x6) exec(&(0x7f0000000000)='./file0\x00', 0x8, &(0x7f0000000040)='+\x00', 0x2) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/killkid\x00', 0xd, 0x3, 0x0) openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) halt_core(0x8001) openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f0000000100)='/net/ether0/clone\x00', 0x12, 0x3, 0x0) r0 = openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000140)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) openat$net_tcp_0_remote(0xffffffffffffff9c, &(0x7f0000000180)='/net/tcp/0/remote\x00', 0x12, 0x1, 0x0) pop_ctx(&(0x7f00000001c0)="55b2ba747fcb7be7aaa800c14d366ac44d7d35b5f222ab516ca66cb77549fa24ded6d645bf1b1bb8ac114442d3cba086814d0d3f12744ff9d399a610f877ab52c66fc5e1b59e3c38c5942997b25587736b1fca00373f6f2faa3c4a8ee8de4e162b81469a41f066d642013bb1bae42b40dfd2fe85c5d68504cdf5384841d00d33d507f74759fcfb713b60e08783e149852405f0434004836e8e333d8466940f3b6b8f7797943b97933a89850bde392f05018e075ab9b459406ce45b7e67eac8fd7db18d677f37d6904bd5ee31d1f26ac43aea0a598ba40b65") openat$proc_self_user(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/user\x00', 0x10, 0x1, 0x0) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000300)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) openat$dev_osversion(0xffffffffffffff9c, &(0x7f0000000340)='/dev/osversion\x00', 0xf, 0x1, 0x0) r1 = openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000380)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) tcgetattr(r0, &(0x7f00000003c0)) r2 = openat$proc_self_maps(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/maps\x00', 0x10, 0x1, 0x0) openat$net_ether0_1_stats(0xffffffffffffff9c, &(0x7f0000000440)='/net/ether0/1/stats\x00', 0x14, 0x1, 0x0) openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000480)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) readlink(&(0x7f00000004c0)='./file0\x00', 0x8, &(0x7f0000000500)=""/240, 0xf0) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000600)='/dev/killkid\x00', 0xd, 0x3, 0x0) r3 = openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000640)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) openat$net_ipifc_clone(0xffffffffffffff9c, &(0x7f0000000680)='/net/ipifc/clone\x00', 0x11, 0x3, 0x0) fwstat(r2, &(0x7f00000006c0)=""/140, 0x8c, 0x0) fcntl$F_SETFD(r1, 0x2, 0x1) openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000780)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) r4 = proc_create(&(0x7f00000007c0)='./file0\x00', 0x8, &(0x7f0000000800)='\x00', 0x1, 0x1) provision(r4, 0x0, 0xffffffff) openat$net_empty(0xffffffffffffff9c, &(0x7f0000000840)='/net/.empty\x00', 0xc, 0x3, 0x0) fcntl$F_GETFL(r3, 0x3) openat$dev_stdin(0xffffffffffffff9c, &(0x7f0000000880)='/dev/stdin\x00', 0xb, 0x3, 0x0) openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f00000008c0)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) Unhandled user trap in vcore context from VC 0 HW TRAP frame (partial) at 0xffffffffc89960e0 on core 2 rax 0x000000005a5a4e80 rbx 0x0000300000006e90 rcx 0x0000000000000150 rdx 0x000010000000a4c0 rbp 0x0000300000006e80 rsi 0x000010000000a5c0 rdi 0x000000005a5a4f80 r8 0x000000005a5a5a5a r9 0x000000005a5a4e80 r10 0x0000000000000000 r11 0x0000000000000200 r12 0x000000000040ff00 r13 0x000010000000a4c0 r14 0x0000000000000004 r15 0x00007f7fffa01200 trap 0x0000000e Page Fault gsbs 0x0000000000000000 fsbs 0x0000000000000000 err 0x--------00000006 rip 0x000000000040fce6 cs 0x------------0023 flag 0x0000000000010202 rsp 0x0000300000006d80 ss 0x------------001b err 0x6 (for PFs: User 4, Wr 2, Rd 1), aux 0x000000005a5a4f80 Addr 0x000000000040fce6 is in syz-executor at offset 0x000000000000fce6 VM Regions for proc 62 NR: Range: Prot, Flags, File, Off 00: (0x0000000000400000 - 0x00000000004b5000): 0x00000005, 0x00000001, 0xffff80000539f220, 0x0000000000000000 01: (0x00000000004b5000 - 0x00000000004b6000): 0x00000005, 0x00000002, 0xffff80000539f220, 0x00000000000b5000 02: (0x00000000006b6000 - 0x00000000006b9000): 0x00000003, 0x00000002, 0xffff80000539f220, 0x00000000000b6000 03: (0x00000000006b9000 - 0x00000000008e5000): 0x00000003, 0x00000002, 0x0000000000000000, 0x0000000000000000 04: (0x0000000020000000 - 0x0000000021000000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 05: (0x0000100000000000 - 0x0000100000024000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 06: (0x0000300000000000 - 0x0000300000001000): 0x00000003, 0x00000002, 0xffff80000539f220, 0x0000000000000000 07: (0x0000300000001000 - 0x0000300000005000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 08: (0x0000300000005000 - 0x0000300000007000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 09: (0x0000300000007000 - 0x0000300000019000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 10: (0x0000300000019000 - 0x000030000003d000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 11: (0x00007f7fff8ff000 - 0x00007f7fff9ff000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 Backtrace of user context on Core 2: Offsets only matter for shared libraries #01 Addr 0x000000000040fce6 is in syz-executor at offset 0x000000000000fce6 #02 Addr 0x000000000041010e is in syz-executor at offset 0x000000000001010e #03 Addr 0x00000000004156bd is in syz-executor at offset 0x00000000000156bd #04 Addr 0x0000000000407fab is in syz-executor at offset 0x0000000000007fab #05 Addr 0x0000000000414b10 is in syz-executor at offset 0x0000000000014b10 #06 Addr 0x00000000004084da is in syz-executor at offset 0x00000000000084da #07 Addr 0x0000000000403ec9 is in syz-executor at offset 0x0000000000003ec9 #08 Addr 0x000000000041483c is in syz-executor at offset 0x000000000001483c #09 Addr 0x0000000000414841 is in syz-executor at offset 0x0000000000014841 03:42:34 executing program 0: openat$dev_time(0xffffffffffffff9c, &(0x7f0000000000)='/dev/time\x00', 0xa, 0x3, 0x0) getcwd(&(0x7f0000000240)=""/176, 0xb0) 03:42:34 executing program 7: r0 = openat$prof_kprintx(0xffffffffffffff9c, &(0x7f00000000c0)='/prof/kprintx\x00', 0xe, 0x3, 0x0) fcntl$F_DUPFD(r0, 0x0, r0, 0x1) getcwd(&(0x7f0000000040)=""/102, 0x66) llseek(r0, 0x0, 0x0, &(0x7f0000000100), 0x0) openat$proc_self_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/ctl\x00', 0xffffffffffffffe6, 0x3, 0x0) openat$dev_random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/random\x00', 0xc, 0x1, 0x0) 03:42:34 executing program 2: mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3, 0x12, 0xffffffffffffffff, 0x0) r0 = openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) fcntl$F_SETFL(r0, 0x4, 0x1003fe) openat$net_ipselftab(0xffffffffffffff9c, &(0x7f0000000040)='/net/ipselftab\x00', 0xf, 0x1, 0x0) 03:42:34 executing program 3: r0 = openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/user\x00', 0xfffffffffffffe24, 0x1, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/user\x00', 0x10, 0x1, 0x0) fcntl$F_SETFD(r0, 0x2, 0x1) 03:42:34 executing program 4: r0 = proc_create(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040)='\x00', 0x1, 0x0) r1 = openat$proc_self_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/mem\x00', 0x6, 0x1, 0x0) openat$prof_kpctl(0xffffffffffffff9c, &(0x7f00000010c0)='/prof/kpctl\x00', 0xc, 0x3, 0x0) openat$net_ipifc_0_local(0xffffffffffffff9c, &(0x7f0000001180)='/net/ipifc/0/local\x00', 0x13, 0x1, 0x0) read(r1, &(0x7f0000000080)=""/4096, 0x1000) notify(r0, 0x8, &(0x7f00000000c0)={0x0, 0xfffffffffffffffd, 0x7ff, 0x0}) read(r1, &(0x7f0000001100)=""/124, 0x7c) openat$dev_zero(0xffffffffffffff9c, &(0x7f0000001080)='/dev/zero\x00', 0xa, 0x1, 0x0) openat$net_tcp_0_local(0xffffffffffffff9c, &(0x7f00000011c0)='/net/tcp/0/local\x00', 0x11, 0x1, 0x0) openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000080)='/dev/stdout\x00', 0xc, 0x3, 0x0) 03:42:34 executing program 0: r0 = openat$dev_capuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capuse\x00', 0xc, 0x3, 0x0) openat(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x100, 0x1) openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000080)='/dev/stdout\x00', 0xc, 0x3, 0x0) openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) openat$proc_self_strace(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/strace\x00', 0x12, 0x1, 0x0) r1 = openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/net/ether0/0/ctl\x00', 0x12, 0x3, 0x0) fcntl$F_SYNC(r1, 0x65) r2 = proc_create(&(0x7f0000000180)='./file0\x00', 0x8, &(0x7f00000001c0)='##-\xa6\x00', 0x5, 0x1) waitpid(r2, &(0x7f0000000200), 0x1) openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000240)='/dev/drivers\x00', 0xd, 0x1, 0x0) wstat(&(0x7f0000000280)='./file0\x00', 0x8, &(0x7f00000002c0)=""/209, 0xd1, 0x0) openat$net_ether0_0_ifstats(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ether0/0/ifstats\x00', 0x16, 0x1, 0x0) openat$net_icmpv6_stats(0xffffffffffffff9c, &(0x7f0000000400)='/net/icmpv6/stats\x00', 0x12, 0x1, 0x0) openat$dev_random(0xffffffffffffff9c, &(0x7f0000000440)='/dev/random\x00', 0xc, 0x1, 0x0) tcgetattr(r1, &(0x7f0000000480)) self_notify(0x21a, 0xd2575804b15225fc, &(0x7f00000005c0)={0x5, 0x8, 0x1, &(0x7f00000004c0)="f776aa5fe6c116b747f0ef1c25e3889dba7049b2c6114e2f16133dcdc94d9dc08b062cc20a7d29de33a2e66593d184219facd923f54c9188f4ed281263277611415c82f75dc8988e1801c67e6c99465ec740c60acbe9c943fbc5afded4684e41ab1793a69fb76664fdeb7a0c2fb78b4d63e2d330d5208e5d7d0797224f2361bef81327fbcc592bd19917986215fca494c875c433f63ca1d56ff36f7187f11dff96a9453f1abd5aba0bfb4e8cf81dec5a09e9aa7a551b5d894bfda18bdd7ce9c700a43a71e37974e1943dafbea2e7efd0c16cc57520e0e126da7f699bda6c57f5c54b5e7de5ae39c352d761bf", 0x1}, 0x1) openat$net_ipifc_1_status(0xffffffffffffff9c, &(0x7f0000000600)='/net/ipifc/1/status\x00', 0x14, 0x1, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000640)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000680)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f00000006c0)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) getvcoreid() openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000700)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) openat$dev_sysctl(0xffffffffffffff9c, &(0x7f0000000740)='/dev/sysctl\x00', 0xc, 0x3, 0x0) openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f0000000780)='/net/ipifc/0/status\x00', 0x14, 0x1, 0x0) access(&(0x7f00000007c0)='./file0\x00', 0x8, 0x4) fcntl$F_GETFL(r0, 0x3) openat$net_iprouter(0xffffffffffffff9c, &(0x7f0000000800)='/net/iprouter\x00', 0xe, 0x3, 0x0) openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000000840)='/dev/urandom\x00', 0xd, 0x1, 0x0) openat$dev_time(0xffffffffffffff9c, &(0x7f0000000880)='/dev/time\x00', 0xa, 0x3, 0x0) access(&(0x7f00000008c0)='./file0\x00', 0x8, 0x2) 03:42:34 executing program 6: r0 = openat$dev_hostowner(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hostowner\x00', 0xfffffffffffffccd, 0x3, 0x0) openat$proc_self_notepg(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/notepg\x00', 0x12, 0x1, 0x0) fcntl$F_DUPFD(r0, 0x0, r0, 0x0) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000080)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) openat$dev_hostowner(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hostowner\x00', 0xffffffffffffff63, 0x3, 0x0) kernel panic at kern/src/ns/sysfile.c:729, from core 3: assertion failed: n >= sizeof(struct kdirent) Stack Backtrace on Core 3: #01 [<0xffffffffc200a39c>] in backtrace #02 [<0xffffffffc2009b35>] in _panic #03 [<0xffffffffc203f933>] in rread #04 [<0xffffffffc203fa5b>] in sysread #05 [<0xffffffffc20590e9>] in sys_read #06 [<0xffffffffc2059a19>] in syscall #07 [<0xffffffffc205a5c8>] in run_local_syscall #08 [<0xffffffffc205ab09>] in prep_syscalls #09 [<0xffffffffc20ac422>] in sysenter_callwrapper Entering Nanwan's Dungeon on Core 3 (Ints on): Type 'help' for a list of commands.