2018/07/17 11:57:39 fuzzer started 2018/07/17 11:57:39 dialing manager at 127.0.0.1:40635 2018/07/17 11:57:39 syscalls: 213 2018/07/17 11:57:39 code coverage: support is not implemented in syzkaller 2018/07/17 11:57:39 comparison tracing: support is not implemented in syzkaller 2018/07/17 11:57:39 setuid sandbox: support is not implemented in syzkaller 2018/07/17 11:57:39 namespace sandbox: support is not implemented in syzkaller 2018/07/17 11:57:39 fault injection: support is not implemented in syzkaller 2018/07/17 11:57:39 leak checking: support is not implemented in syzkaller 2018/07/17 11:57:39 net packed injection: support is not implemented in syzkaller 2018/07/17 11:57:39 net device setup: support is not implemented in syzkaller 11:57:39 executing program 0: r0 = openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000000)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) tap_fds(&(0x7f0000000340)=[{r0, 0x3, 0x280, 0x1, &(0x7f00000000c0)={&(0x7f0000000040)="2207d54e7e2ea5ef41e0a7c91e6798a6247ac8c4858e49f514d42b01aadc8e392804e7c1787aba7aa766335b77a9c59f35dcc521e16669a8f6b292840e546db2a3a024600c9516836de0aae63f124d39", 0x4, 0x0, 0x80, 0x82, 0x3}}, {r0, 0x1, 0x201, 0x1, &(0x7f0000000180)={&(0x7f0000000100)="f655f9c2c29b5b2fb7950ec4a71dc89786a2ab30081f5ebd227354e7c91692d4957b7b2e6c452fd8758cc2e54891e1657799abe79bebfdb8d9b766ec4991fec37878fe3bd0df38d37b45bc9922a6d2c6", 0x1, 0x1, 0x2f602675, 0x4a8, 0x101}}, {r0, 0x3, 0x200, 0x5f, &(0x7f0000000240)={&(0x7f00000001c0)="1b3fbf4da454aebe4543b212f6f0253e04b59dd2d48e47cef04002c28ddcaf88a3348e5b3c64e040fe0f71f0ddf1badb21af9ceb341bb0cc994de458e119ab8c20c2f479aa82b5d913843e4136788eea", 0x8, 0x0, 0x3ff, 0x400, 0x9}}, {r0, 0x2, 0x80, 0xcdf6, &(0x7f0000000300)={&(0x7f0000000280)="ea4f69d0e2afae7a277b4b7eb59cd7e5c9e7e434330c05a012c793a52b059446d61845551c046ca735d56fed51f734b807ef6f924b3ee5e53414c887c40f9d3bec3fdfe7e115051c5fbf3e76b83568de", 0x5, 0x0, 0xf6, 0x0, 0x8}}], 0x4) r1 = openat$net_tcp_1_data(0xffffffffffffff9c, &(0x7f00000003c0)='/net/tcp/1/data\x00', 0x10, 0x3, 0x0) openat$dev_kprint(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kprint\x00', 0xc, 0x1, 0x0) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000440)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) self_notify(0x40, 0x32, &(0x7f0000000500)={0x8, 0x9, 0x40100000000000, &(0x7f0000000480)="f1cd4a16131356fbaf0e0cf91b34b940dca92919d376ad77d24618246061710e5c3483315aa1e1f2662363241f5137fb598f3ef1d0b023688524711ffbaeea1e742a17ebee50e38e", 0x1}, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000540)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) fwstat(r0, &(0x7f0000000580)=""/78, 0x4e, 0x0) r2 = openat$net_icmpv6_clone(0xffffffffffffff9c, &(0x7f0000000600)='/net/icmpv6/clone\x00', 0x12, 0x3, 0x0) fstat(r2, &(0x7f0000000640)) openat$dev_ppid(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/ppid\x00', 0xa, 0x1, 0x0) r3 = proc_create(&(0x7f0000000700)='./file0\x00', 0x8, &(0x7f0000000740)='/prof/mpstat-raw\x00', 0x11, 0x1) fchdir(r3, r2) r4 = openat$dev_drivers(0xffffffffffffff9c, &(0x7f0000000780)='/dev/drivers\x00', 0xd, 0x1, 0x0) openat$prof_kptrace(0xffffffffffffff9c, &(0x7f00000007c0)='/prof/kptrace\x00', 0xe, 0x3, 0x0) fcntl$F_GETFL(r4, 0x3) read(r1, &(0x7f0000000800)=""/60, 0x3c) openat$net_tcp_1_err(0xffffffffffffff9c, &(0x7f0000000840)='/net/tcp/1/err\x00', 0xf, 0x3, 0x0) openat$dev_swap(0xffffffffffffff9c, &(0x7f0000000880)='/dev/swap\x00', 0xa, 0x3, 0x0) openat$proc_self_core(0xffffffffffffff9c, &(0x7f00000008c0)='/proc/self/core\x00', 0x10, 0x1, 0x0) chdir(0xffffffffffffffff, &(0x7f0000000900)='./file0\x00', 0x8) openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000940)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000980)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/zero\x00', 0xa, 0x1, 0x0) openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000a00)='/prof/mpstat-raw\x00', 0x11, 0x3, 0x0) r5 = openat$net_ether0_1_stats(0xffffffffffffff9c, &(0x7f0000000a40)='/net/ether0/1/stats\x00', 0x14, 0x1, 0x0) r6 = openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000a80)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$net_log(0xffffffffffffff9c, &(0x7f0000000ac0)='/net/log\x00', 0x9, 0x3, 0x0) fcntl$F_GETFL(r4, 0x3) dup_fds_to(r3, &(0x7f0000000b00)=[{r5}, {r6}], 0x2) 11:57:39 executing program 1: r0 = openat$dev_stderr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/stderr\x00', 0xc, 0x3, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x29010, r0, 0x9) r1 = openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) openat$dev_osversion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/osversion\x00', 0xf, 0x1, 0x0) r2 = openat$dev_pid(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/pid\x00', 0x9, 0x1, 0x0) r3 = openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f0000000100)='/net/tcp/1/status\x00', 0x12, 0x1, 0x0) openat$proc_self_maps(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/maps\x00', 0x10, 0x1, 0x0) fstat(r2, &(0x7f0000000180)) openat$net_arp(0xffffffffffffff9c, &(0x7f0000000200)='/net/arp\x00', 0x9, 0x3, 0x0) abort_sysc_fd(r2) r4 = openat$dev_sdctl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sdctl\x00', 0xb, 0x3, 0x0) openat$net_ndb(0xffffffffffffff9c, &(0x7f0000000280)='/net/ndb\x00', 0x9, 0x3, 0x0) openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) r5 = openat$net_ipifc_0_ctl(0xffffffffffffff9c, &(0x7f0000000300)='/net/ipifc/0/ctl\x00', 0x11, 0x3, 0x0) r6 = proc_create(&(0x7f0000000340)='./file0\x00', 0x8, &(0x7f0000000380)='\x00', 0x1, 0x1) dup_fds_to(r6, &(0x7f00000003c0)=[{r1}, {r5}, {r3}, {r4}, {r0}], 0x5) openat$net_ipifc_1_local(0xffffffffffffff9c, &(0x7f0000000400)='/net/ipifc/1/local\x00', 0x13, 0x1, 0x0) openat$dev_bintime(0xffffffffffffff9c, &(0x7f0000000440)='/dev/bintime\x00', 0xd, 0x3, 0x0) openat$prof_kpctl(0xffffffffffffff9c, &(0x7f0000000480)='/prof/kpctl\x00', 0xc, 0x3, 0x0) openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f00000004c0)='/net/icmp/clone\x00', 0x10, 0x3, 0x0) openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000500)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) openat$dev_user(0xffffffffffffff9c, &(0x7f0000000540)='/dev/user\x00', 0xa, 0x3, 0x0) openat$proc_self_vmstatus(0xffffffffffffff9c, &(0x7f0000000580)='/proc/self/vmstatus\x00', 0x14, 0x1, 0x0) openat$net_ipifc_1_local(0xffffffffffffff9c, &(0x7f00000005c0)='/net/ipifc/1/local\x00', 0x13, 0x1, 0x0) r7 = openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000600)='/net/tcp/2/err\x00', 0xf, 0x3, 0x0) openat$dev_urandom(0xffffffffffffff9c, &(0x7f0000000640)='/dev/urandom\x00', 0xd, 0x1, 0x0) close(r7) openat$dev_null(0xffffffffffffff9c, &(0x7f0000000680)='/dev/null\x00', 0xa, 0x1, 0x0) openat$dev_osversion(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/osversion\x00', 0xf, 0x1, 0x0) unlink(&(0x7f0000000700)='./file0\x00', 0x8) 11:57:39 executing program 2: r0 = openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) r1 = openat$net_icmp_stats(0xffffffffffffff9c, &(0x7f0000000040)='/net/icmp/stats\x00', 0x10, 0x1, 0x0) fcntl$F_SYNC(r1, 0x65) openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f0000000080)='/net/tcp/0/listen\x00', 0x12, 0x3, 0x0) r2 = openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) fcntl$F_SYNC(r1, 0x65) openat$proc_self_vmstatus(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/vmstatus\x00', 0x14, 0x1, 0x0) openat$dev_sysstat(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sysstat\x00', 0xd, 0x3, 0x0) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/status\x00', 0x12, 0x1, 0x0) r3 = openat$prof_kpctl(0xffffffffffffff9c, &(0x7f00000001c0)='/prof/kpctl\x00', 0xc, 0x3, 0x0) cache_invalidate() openat$net_ipifc_1_local(0xffffffffffffff9c, &(0x7f0000000200)='/net/ipifc/1/local\x00', 0x13, 0x1, 0x0) fstat(r3, &(0x7f0000000240)) openat$net_iproute(0xffffffffffffff9c, &(0x7f00000002c0)='/net/iproute\x00', 0xd, 0x3, 0x0) r4 = openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000300)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/text\x00', 0x10, 0x1, 0x0) r5 = openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000380)='/net/tcp/2/listen\x00', 0x12, 0x3, 0x0) fcntl$F_GETFD(r2, 0x1) fcntl$F_SYNC(r4, 0x65) close(r5) openat$proc_self_args(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/args\x00', 0x10, 0x3, 0x0) openat$proc_self_ctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/ctl\x00', 0xf, 0x3, 0x0) openat$dev_time(0xffffffffffffff9c, &(0x7f0000000440)='/dev/time\x00', 0xa, 0x3, 0x0) openat$net_ipifc_1_snoop(0xffffffffffffff9c, &(0x7f0000000480)='/net/ipifc/1/snoop\x00', 0x13, 0x1, 0x0) openat$proc_self_profile(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/profile\x00', 0x13, 0x1, 0x0) r6 = openat$dev_consctl(0xffffffffffffff9c, &(0x7f0000000500)='/dev/consctl\x00', 0xd, 0x3, 0x0) fcntl$F_SYNC(r0, 0x65) openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000540)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) fcntl$F_SYNC(r6, 0x65) openat$proc_self_args(0xffffffffffffff9c, &(0x7f0000000580)='/proc/self/args\x00', 0x10, 0x3, 0x0) 11:57:39 executing program 3: r0 = openat$net_ether0_2_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/ether0/2/data\x00', 0x13, 0x3, 0x0) r1 = openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) fcntl$F_GETFL(r0, 0x3) r2 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000080)='/prof/.empty\x00', 0xd, 0x3, 0x0) r3 = openat$dev_zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0xa, 0x1, 0x0) openat$net_udp_clone(0xffffffffffffff9c, &(0x7f0000000100)='/net/udp/clone\x00', 0xf, 0x3, 0x0) r4 = proc_create(&(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000180)='/dev/zero\x00', 0xa, 0x0) dup_fds_to(r4, &(0x7f00000001c0)=[{r2}, {r3}, {r1}, {r0}, {r3}], 0x5) tcgetattr(r0, &(0x7f0000000200)) link(&(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000280)='./file0\x00', 0x8) openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ether0/2/type\x00', 0x13, 0x1, 0x0) r5 = openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000300)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) change_to_m() wstat(&(0x7f0000000340)='./file0\x00', 0x8, &(0x7f0000000380)=""/86, 0x56, 0x0) fcntl$F_SETFD(r1, 0x2, 0x1) openat$net_udp_stats(0xffffffffffffff9c, &(0x7f0000000400)='/net/udp/stats\x00', 0xf, 0x1, 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x8, 0x40) cache_invalidate() openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f0000000480)='/net/ether0/1/data\x00', 0x13, 0x3, 0x0) openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/pgrpid\x00', 0xc, 0x1, 0x0) fcntl$F_SYNC(r5, 0x65) link(&(0x7f0000000500)='./file0\x00', 0x8, &(0x7f0000000540)='\x00', 0x1) openat$dev_kprint(0xffffffffffffff9c, &(0x7f0000000580)='/dev/kprint\x00', 0xc, 0x1, 0x0) openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f00000005c0)='/net/ether0/1/ctl\x00', 0x12, 0x3, 0x0) getvcoreid() openat$net_udp_0_listen(0xffffffffffffff9c, &(0x7f0000000600)='/net/udp/0/listen\x00', 0x12, 0x3, 0x0) openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f0000000640)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0) openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000680)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) openat$net_tcp_1_err(0xffffffffffffff9c, &(0x7f00000006c0)='/net/tcp/1/err\x00', 0xf, 0x3, 0x0) openat$net_ether0_2_ctl(0xffffffffffffff9c, &(0x7f0000000700)='/net/ether0/2/ctl\x00', 0x12, 0x3, 0x0) 11:57:39 executing program 7: openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) r0 = openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/1/local\x00', 0x11, 0x1, 0x0) openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000080)='/dev/stdout\x00', 0xc, 0x3, 0x0) r1 = openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) tcgetattr(r1, &(0x7f0000000100)) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppid\x00', 0xa, 0x1, 0x0) r2 = openat$net_udp_0_listen(0xffffffffffffff9c, &(0x7f0000000180)='/net/udp/0/listen\x00', 0x12, 0x3, 0x0) openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) r3 = openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f0000000200)='/net/ipifc/0/listen\x00', 0x14, 0x3, 0x0) write(r2, &(0x7f0000000240)="588d25c0895e4e390735a4c858c6f543319024ae56db823dae3c77c15b1d302aa45e730cfaf7edc2e9f9c0d5befe49f2957636ddb22047fbb1cb3b3ed5de8dab50", 0x41) openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f00000002c0)='/net/tcp/0/listen\x00', 0x12, 0x3, 0x0) openat$net_empty(0xffffffffffffff9c, &(0x7f0000000300)='/net/.empty\x00', 0xc, 0x3, 0x0) openat$prof_kptrace_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/prof/kptrace_ctl\x00', 0x12, 0x3, 0x0) openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f0000000380)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ipifc/1/err\x00', 0x11, 0x3, 0x0) tcgetattr(r2, &(0x7f0000000400)) openat$proc_self_fpregs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/fpregs\x00', 0x12, 0x1, 0x0) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f0000000480)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/text\x00', 0x10, 0x1, 0x0) fcntl$F_SYNC(r0, 0x65) openat$dev_time(0xffffffffffffff9c, &(0x7f0000000540)='/dev/time\x00', 0xa, 0x3, 0x0) openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000580)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f00000005c0)='/net/tcp/1/remote\x00', 0x12, 0x1, 0x0) openat$net_tcp_2_remote(0xffffffffffffff9c, &(0x7f0000000600)='/net/tcp/2/remote\x00', 0x12, 0x1, 0x0) fcntl$F_SETFL(r3, 0x4, 0x100000) openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f0000000640)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000680)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) openat$dev_zero(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/zero\x00', 0xa, 0x1, 0x0) openat$proc_self_ctl(0xffffffffffffff9c, &(0x7f0000000700)='/proc/self/ctl\x00', 0xf, 0x3, 0x0) 11:57:39 executing program 5: openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) r0 = openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kmesg\x00', 0xb, 0x1, 0x0) openat$net_ipifc_1_snoop(0xffffffffffffff9c, &(0x7f0000000080)='/net/ipifc/1/snoop\x00', 0x13, 0x1, 0x0) openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) r1 = openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000100)='/dev/.empty\x00', 0xc, 0x3, 0x0) openat$dev_kprint(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kprint\x00', 0xc, 0x1, 0x0) openat$dev_random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/random\x00', 0xc, 0x1, 0x0) r2 = openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f00000001c0)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) r3 = openat$net_ether0_1_type(0xffffffffffffff9c, &(0x7f0000000200)='/net/ether0/1/type\x00', 0x13, 0x1, 0x0) openat$net_udp_0_data(0xffffffffffffff9c, &(0x7f0000000240)='/net/udp/0/data\x00', 0x10, 0x3, 0x0) r4 = openat$dev_cputime(0xffffffffffffff9c, &(0x7f0000000280)='/dev/cputime\x00', 0xd, 0x1, 0x0) r5 = openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f00000002c0)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) r6 = openat$dev_stdout(0xffffffffffffff9c, &(0x7f0000000300)='/dev/stdout\x00', 0xc, 0x3, 0x0) openat$net_ipifc_clone(0xffffffffffffff9c, &(0x7f0000000340)='/net/ipifc/clone\x00', 0x11, 0x3, 0x0) fwstat(r0, &(0x7f0000000380)=""/250, 0xfa, 0x0) r7 = openat$net_tcp_0_local(0xffffffffffffff9c, &(0x7f0000000480)='/net/tcp/0/local\x00', 0x11, 0x1, 0x0) openat$proc_self_profile(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/profile\x00', 0x13, 0x1, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x28010, r5, 0x27) tap_fds(&(0x7f0000000500), 0x0) umask(0x28) openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f0000000540)='/net/ether0/clone\x00', 0x12, 0x3, 0x0) r8 = proc_create(&(0x7f0000000580)='./file0\x00', 0x8, &(0x7f00000005c0)='/dev/cputime\x00', 0xd, 0x0) dup_fds_to(r8, &(0x7f0000000600)=[{r1}, {r4}, {r6}, {r7}, {r2}, {r3}], 0x6) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000680)='/dev/ppid\x00', 0xa, 0x1, 0x0) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f00000006c0)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) nmount(r7, &(0x7f0000000700)='./file0\x00', 0x8, 0x0) r9 = openat$net_ipifc_1_remote(0xffffffffffffff9c, &(0x7f0000000740)='/net/ipifc/1/remote\x00', 0x14, 0x1, 0x0) openat$net_ether0_0_type(0xffffffffffffff9c, &(0x7f0000000780)='/net/ether0/0/type\x00', 0x13, 0x1, 0x0) openat(r9, &(0x7f00000007c0)='./file0\x00', 0x8, 0x200, 0xa) openat$dev_ppid(0xffffffffffffff9c, &(0x7f0000000800)='/dev/ppid\x00', 0xa, 0x1, 0x0) 11:57:39 executing program 4: r0 = openat$proc_self_strace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/strace\x00', 0x12, 0x1, 0x0) openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/0/stats\x00', 0x14, 0x1, 0x0) openat$proc_self_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/mem\x00', 0xf, 0x1, 0x0) openat$proc_self_args(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/args\x00', 0x10, 0x3, 0x0) r1 = openat$net_cs(0xffffffffffffff9c, &(0x7f0000000100)='/net/cs\x00', 0x8, 0x3, 0x0) openat$net_udp_0_data(0xffffffffffffff9c, &(0x7f0000000140)='/net/udp/0/data\x00', 0x10, 0x3, 0x0) openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f0000000180)='/net/tcp/1/status\x00', 0x12, 0x1, 0x0) openat$net_udp_0_data(0xffffffffffffff9c, &(0x7f00000001c0)='/net/udp/0/data\x00', 0x10, 0x3, 0x0) openat$net_tcp_1_listen(0xffffffffffffff9c, &(0x7f0000000200)='/net/tcp/1/listen\x00', 0x12, 0x3, 0x0) openat$net_tcp_0_err(0xffffffffffffff9c, &(0x7f0000000240)='/net/tcp/0/err\x00', 0xf, 0x3, 0x0) openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000280)='/prof/.empty\x00', 0xd, 0x3, 0x0) openat$prof_kpctl(0xffffffffffffff9c, &(0x7f00000002c0)='/prof/kpctl\x00', 0xc, 0x3, 0x0) openat$dev_kmesg(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kmesg\x00', 0xb, 0x1, 0x0) openat$proc_self_status(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/status\x00', 0x12, 0x1, 0x0) r2 = openat$proc_self_fd(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/fd\x00', 0xe, 0x1, 0x0) llseek(r2, 0x8, 0x7, &(0x7f00000003c0), 0x3) r3 = openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000400)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) openat$net_ipifc_0_snoop(0xffffffffffffff9c, &(0x7f0000000440)='/net/ipifc/0/snoop\x00', 0x13, 0x1, 0x0) r4 = openat$proc_self_proc(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/proc\x00', 0x10, 0x1, 0x0) openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f00000004c0)='/net/ipifc/stats\x00', 0x11, 0x1, 0x0) fd2path(r1, &(0x7f0000000500)=""/199, 0xc7) openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000600)='/net/tcp/2/local\x00', 0x11, 0x1, 0x0) openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f0000000640)='/net/tcp/1/status\x00', 0x12, 0x1, 0x0) r5 = proc_create(&(0x7f0000000680)='./file0\x00', 0x8, &(0x7f00000006c0)='%\x00', 0x2, 0x1) dup_fds_to(r5, &(0x7f0000000700)=[{r0}], 0x1) fcntl$F_SETFL(r4, 0x4, 0x100400) fd2path(r3, &(0x7f0000000740)=""/114, 0x72) r6 = openat$dev_config(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/config\x00', 0xc, 0x1, 0x0) close(r6) openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000800)='/net/tcp/clone\x00', 0xf, 0x3, 0x0) 11:57:39 executing program 6: r0 = openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) read(r0, &(0x7f0000000040)=""/11, 0xb) openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000080)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) pop_ctx(&(0x7f00000000c0)="e8963cb872c8f6d01c575387caabccb47d33099743faa1f36989982f0404673c094a7e09224ac5c5ec8f397a09a5f4eb5d37fd61d1f4d3a74c346617814aac5c27d00b74265a432c854bc24e44c94df24a0dc02ef94bf47a177b18c216da8e5cd60b9e8a9732c6db6e79360c67ba01fe3537fdabf67297abbc68fab0d740aea526172f3bcd8c64bdebbd5ca19d4af34e73e941d2f88a7a56fb448dd853cce62c92ea508d4237df0115d4ce97375bde7522872da330cc249116a02d86218e76c294c371b8d40a41bc207ddf7921e8925ea7c5cd63f479866e") openat$net_tcp_0_err(0xffffffffffffff9c, &(0x7f00000001c0)='/net/tcp/0/err\x00', 0xf, 0x3, 0x0) r1 = openat$net_udp_stats(0xffffffffffffff9c, &(0x7f0000000200)='/net/udp/stats\x00', 0xf, 0x1, 0x0) openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000240)='/net/ether0/1/ifstats\x00', 0x16, 0x1, 0x0) r2 = openat$prof_kptrace_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/prof/kptrace_ctl\x00', 0x12, 0x3, 0x0) close(r2) openat$proc_self_proc(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/proc\x00', 0x10, 0x1, 0x0) llseek(r0, 0x2, 0x5, &(0x7f0000000300), 0x2) mkdir(&(0x7f0000000340)='./file0\x00', 0x8, 0x100) llseek(r0, 0x400, 0x1ff, &(0x7f0000000380), 0x3) openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ipifc/0/status\x00', 0x14, 0x1, 0x0) openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/user\x00', 0x10, 0x1, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000440)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) r3 = openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/user\x00', 0x10, 0x1, 0x0) fd2path(r1, &(0x7f00000004c0)=""/126, 0x7e) llseek(r2, 0x8, 0xfffffffffffff7ed, &(0x7f0000000540), 0x2) openat$dev_klog(0xffffffffffffff9c, &(0x7f0000000580)='/dev/klog\x00', 0xa, 0x1, 0x0) r4 = openat$proc_self_status(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/self/status\x00', 0x12, 0x1, 0x0) openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000600)='/net/ether0/0/data\x00', 0x13, 0x3, 0x0) openat$dev_killkid(0xffffffffffffff9c, &(0x7f0000000640)='/dev/killkid\x00', 0xd, 0x3, 0x0) fstat(r1, &(0x7f0000000680)) tcgetattr(r4, &(0x7f0000000700)) r5 = openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f0000000740)='/net/tcp/1/ctl\x00', 0xf, 0x3, 0x0) openat$net_ether0_stats(0xffffffffffffff9c, &(0x7f0000000780)='/net/ether0/stats\x00', 0x12, 0x1, 0x0) fcntl$F_DUPFD(r3, 0x0, r5, 0x0) self_notify(0x8, 0x9, &(0x7f0000000840)={0x19, 0x101, 0x3f, &(0x7f00000007c0)="ec0126a250f02a240e27d80e4e8e855db8088239daa157215ac536e1b859e744bc71861de214b65a442d6ec5cfa192ebacd465ede99a7a9b4ce95df02e84c46a0ca7e5f735d9dba4b74a", 0xceb8}, 0x1) openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000880)='/net/ipifc/0/remote\x00', 0x14, 0x1, 0x0) bash-4.3$ [kernel] Unknown mbox type 0! nbuf 78, STAT_FIX_LEN_9P 49 BIT16SZ 2, GBIT16(buf) 0 This is bad! [kernel] Unknown mbox type 0! nbuf 78, STAT_FIX_LEN_9P 49 BIT16SZ 2, GBIT16(buf) 0 This is bad! 11:57:41 executing program 0: r0 = openat$dev_null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0xa, 0x1, 0x0) openat(r0, &(0x7f0000000a40)='./file0\x00', 0x8, 0x81042, 0x0) openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/ipifc/0/data\x00', 0x12, 0x3, 0x0) 11:57:41 executing program 1: r0 = openat$dev_sdctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sdctl\x00', 0xfffffffffffffeff, 0x3, 0x0) openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/noteid\x00', 0x12, 0x3, 0x0) openat$net_udp_0_err(0xffffffffffffff9c, &(0x7f0000000080)='/net/udp/0/err\x00', 0xf, 0x3, 0x0) tcgetattr(r0, &(0x7f00000002c0)) 11:57:41 executing program 0: r0 = openat$net_tcp_1_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/1/data\x00', 0x10, 0x3, 0x0) fcntl$F_GETFD(r0, 0x1) 11:57:41 executing program 0: r0 = openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000500)='/net/tcp/0/ctl\x00', 0xf, 0x3, 0x0) close(r0) abort_sysc_fd(r0) openat$dev_pid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pid\x00', 0x9, 0x1, 0x0) openat$net_ipifc_0_err(0xffffffffffffff9c, &(0x7f0000000000)='/net/ipifc/0/err\x00', 0x11, 0x3, 0x0) 11:57:41 executing program 1: openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000040)='/net/ipifc/1/listen\x00', 0x14, 0x3, 0x0) r0 = openat$dev_config(0xffffffffffffff9c, &(0x7f0000000180)='/dev/config\x00', 0xc, 0x1, 0x0) tcgetattr(r0, &(0x7f0000000000)) 11:57:41 executing program 1: r0 = openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/net/ether0/1/ctl\x00', 0xfffffff5, 0x3, 0x0) openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000000)='/net/tcp/2/data\x00', 0x10, 0x3, 0x0) fcntl$F_GETFL(r0, 0x3) 11:57:41 executing program 0: r0 = openat$net_icmpv6_clone(0xffffffffffffff9c, &(0x7f0000000000)='/net/icmpv6/clone\x00', 0x12, 0x3, 0x0) fd2path(r0, &(0x7f0000000740)=""/224, 0xe0) openat$prof_mpstat(0xffffffffffffff9c, &(0x7f0000000040)='/prof/mpstat\x00', 0xd, 0x3, 0x0) openat$prof_mpstat(0xffffffffffffff9c, &(0x7f0000000080)='/prof/mpstat\x00', 0xd, 0x3, 0x0) 11:57:42 executing program 0: openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000080)='/prof/.empty\x00', 0xd, 0x3, 0x0) abort_sysc(0x1f) openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f00000000c0)='/net/ipifc/0/status\x00', 0x14, 0x1, 0x0) r0 = openat$net_tcp_0_data(0xffffffffffffff9c, &(0x7f0000000040)='/net/tcp/0/data\x00', 0x10, 0x3, 0x0) fd2path(r0, &(0x7f0000000140)=""/225, 0xe1) openat$net_icmpv6_stats(0xffffffffffffff9c, &(0x7f0000000000)='/net/icmpv6/stats\x00', 0x12, 0x1, 0x0) openat$net_ipifc_1_ctl(0xffffffffffffff9c, &(0x7f0000000240)='/net/ipifc/1/ctl\x00', 0x11, 0x3, 0x0) openat$net_ether0_addr(0xffffffffffffff9c, &(0x7f0000000280)='/net/ether0/addr\x00', 0x11, 0x3, 0x0) openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000100)='/net/udp/0/remote\x00', 0x12, 0x1, 0x0) 11:57:42 executing program 1: openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000000)='/dev/.empty\x00', 0x3, 0x3, 0x0) getcwd(&(0x7f0000000040)=""/23, 0x17) 11:57:42 executing program 1: openat$net_log(0xffffffffffffff9c, &(0x7f0000000040)='/net/log\x00', 0x9, 0x3, 0x0) r0 = openat$net_log(0xffffffffffffff9c, &(0x7f0000000000)='/net/log\x00', 0x9, 0x3, 0x0) abort_sysc_fd(r0) 11:57:43 executing program 0: openat$proc_self_note(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/note\x00', 0x10, 0x1, 0x0) send_event(&(0x7f00000000c0)={&(0x7f0000000000)="6f9114cd867ae2b64d406c44bae607614029d652b59f443a1cc02f7cfb8e3b54837411efa9e727cda9868f52cd50c497e7e9fc07d8f827e4e008d0ea6d8b2673651772fb66ea8243d50bb26b173aa3df", 0x2, 0x1, 0x5, 0x1ff, 0x7}, &(0x7f00000001c0)={0x3, 0x9, 0xff, &(0x7f0000000100)="97c8a57601214df8d7963c207e6bead94ed47494b10b22024522a39a8c948006e38238e24518abfed5621fb3eaadc8d65b1bf6a948b9d99ebb4f278dd03629817a0fc2a46f21b215dbe49d03ebba318e8d9bc0003ce3fdd3a43242446e334d77f8c256d2b6a6ac8d991781e07e805e4782a94d96efeaafd452b2ef2a0ca350c93f7ea42447bf670f2b086dba9d28840764fb0f4a85eb9209a68c6d5dc46bb36671a9f2692b0603102a484b7dcd8b338a004f715354e3fb550e67", 0x1}, 0x1) proc_create(&(0x7f0000000200)='./file0\x00', 0x8, &(0x7f0000000240)='&\x00', 0x2, 0x1) Unhandled user trap in vcore context from VC 0 HW TRAP frame (partial) at 0xffffffffc8667f20 on core 2 rax 0x00001000000040b8 rbx 0x00000000000000ff rcx 0x0000300000001040 rdx 0x00007f7fffad5130 rbp 0x0000300000006ef0 rsi 0x0000000000000003 rdi 0x0000300000006f00 r8 0x0000000000000000 r9 0x0000000000000000 r10 0x0000000000000000 r11 0x0000000000000200 r12 0x00007f7fffad44c0 r13 0x0000000000000000 r14 0x00000000000000ff r15 0x0000000000000000 trap 0x0000000e Page Fault gsbs 0x0000000000000000 fsbs 0x0000000000000000 err 0x--------00000004 rip 0x0000000000406e6c cs 0x------------0023 flag 0x0000000000010206 rsp 0x0000300000006ec0 ss 0x------------001b err 0x4 (for PFs: User 4, Wr 2, Rd 1), aux 0x00007f7fffad5130 Addr 0x0000000000406e6c is in syz-executor at offset 0x0000000000006e6c VM Regions for proc 52 NR: Range: Prot, Flags, File, Off 00: (0x0000000000400000 - 0x00000000004b5000): 0x00000005, 0x00000001, 0xffff8000056ca620, 0x0000000000000000 01: (0x00000000004b5000 - 0x00000000004b6000): 0x00000005, 0x00000002, 0xffff8000056ca620, 0x00000000000b5000 02: (0x00000000006b5000 - 0x00000000006b8000): 0x00000003, 0x00000002, 0xffff8000056ca620, 0x00000000000b5000 03: (0x00000000006b8000 - 0x00000000008e5000): 0x00000003, 0x00000002, 0x0000000000000000, 0x0000000000000000 04: (0x0000000020000000 - 0x0000000021000000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 05: (0x0000100000000000 - 0x0000100000024000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 06: (0x0000300000000000 - 0x0000300000001000): 0x00000003, 0x00000002, 0xffff8000056ca620, 0x0000000000000000 07: (0x0000300000001000 - 0x0000300000005000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 08: (0x0000300000005000 - 0x0000300000007000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 09: (0x0000300000007000 - 0x0000300000019000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 10: (0x0000300000019000 - 0x000030000005d000): 0x00000007, 0x00000022, 0x0000000000000000, 0x0000000000000000 11: (0x00007f7fff8ff000 - 0x00007f7fff9ff000): 0x00000003, 0x00000022, 0x0000000000000000, 0x0000000000000000 Backtrace of user context on Core 2: Offsets only matter for shared libraries #01 Addr 0x0000000000406e6c is in syz-executor at offset 0x0000000000006e6c #02 Addr 0x000000000040c82d is in syz-executor at offset 0x000000000000c82d #03 Addr 0x000000000040c8a6 is in syz-executor at offset 0x000000000000c8a6 #04 Addr 0x000000000040c9f2 is in syz-executor at offset 0x000000000000c9f2 #05 Addr 0x0000000000408028 is in syz-executor at offset 0x0000000000008028 #06 Addr 0x0000000000400389 is in syz-executor at offset 0x0000000000000389 #07 Addr 0x0000000000408345 is in syz-executor at offset 0x0000000000008345 #08 Addr 0x00000000000003e8 has no VMR #09 Addr 0x0000000000000000 has no VMR kernel panic at kern/src/rcu.c:325, from core 2: HW TRAP frame at 0xfffffff00001af40 on core 3 assertion failed: rpi->gp_acked + 1 == READ_ONCE(rsp->gpnum) rax 0x000000000000003d rbx 0xffffffffc8668140 Stack Backtrace on Core 2: rcx 0xffffffffc8668148 #01 [<0xffffffffc200a3b7>] in backtrace rdx 0x0000002505e59cd9 #02 [<0xffffffffc2009b7c>] in _panic rbp 0xfffffff0000bbfd8 #03 [<0xffffffffc20502f9>] in rcu_report_qs_rpi rsi 0x0000000000000003 #04 [<0xffffffffc2050c4c>] in rcu_report_qs rdi 0xffffffffc8668140 #05 [<0xffffffffc2054363>] in __smp_idle r8 0x0000000000000000 r9 0xffffffffc8668238 r10 0x0000000000000078 r11 0xffffffffc86681f8 r12 0xffff800002174f60 r13 0x0000000000000003 r14 0x0000000000000000 r15 0x0000000000000003 trap 0x00000008 Double Fault gsbs 0xffffffffc8668140 Entering Nanwan's Dungeon on Core 2 (Ints off): fsbs 0x0000000000000000 Type 'help' for a list of commands. err 0x--------00000000 ROS(Core 2)> rip 0xffffffffc209f2c1 cs 0x------------0008 flag 0x0000000000010246 rsp 0xfffffff0000bbfd8 ss 0x------------0010 Backtrace of kernel context on Core 3: #01 [<0xffffffffc209f2c1>] in cpu_halt #02 [<0xffffffffc205442a>] in __smp_idle kernel panic at kern/arch/x86/trap.c:541, from core 3: Double fault! Check the kernel stack pointer; you likely ran off the end of the stack. Stack Backtrace on Core 3: #01 [<0xffffffffc200a3b7>] in backtrace #02 [<0xffffffffc2009b7c>] in _panic #03 [<0xffffffffc20aa253>] in handle_double_fault Entering Nanwan's Dungeon on Core 3 (Ints off): Type 'help' for a list of commands.