2021/04/21 22:49:13 fuzzer started
2021/04/21 22:49:13 dialing manager at localhost:38183
2021/04/21 22:49:13 syscalls: 212
2021/04/21 22:49:13 code coverage: support is not implemented in syzkaller
2021/04/21 22:49:13 comparison tracing: support is not implemented in syzkaller
2021/04/21 22:49:13 extra coverage: support is not implemented in syzkaller
2021/04/21 22:49:13 setuid sandbox: support is not implemented in syzkaller
2021/04/21 22:49:13 namespace sandbox: support is not implemented in syzkaller
2021/04/21 22:49:13 Android sandbox: support is not implemented in syzkaller
2021/04/21 22:49:13 fault injection: support is not implemented in syzkaller
2021/04/21 22:49:13 leak checking: support is not implemented in syzkaller
2021/04/21 22:49:13 net packet injection: support is not implemented in syzkaller
2021/04/21 22:49:13 net device setup: support is not implemented in syzkaller
2021/04/21 22:49:13 concurrency sanitizer: support is not implemented in syzkaller
2021/04/21 22:49:13 devlink PCI setup: support is not implemented in syzkaller
2021/04/21 22:49:13 USB emulation: support is not implemented in syzkaller
2021/04/21 22:49:13 hci packet injection: support is not implemented in syzkaller
2021/04/21 22:49:13 wifi device emulation: support is not implemented in syzkaller
2021/04/21 22:49:13 802.15.4 emulation: support is not implemented in syzkaller
2021/04/21 22:49:13 fetching corpus: 50, signal 72/2028 (executing program)
2021/04/21 22:49:13 fetching corpus: 100, signal 131/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 150, signal 190/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 200, signal 247/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 250, signal 305/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 300, signal 368/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 350, signal 419/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 400, signal 475/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 450, signal 528/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 500, signal 584/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 550, signal 640/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 600, signal 704/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 650, signal 760/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 700, signal 820/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 750, signal 877/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 800, signal 941/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 850, signal 1001/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 900, signal 1061/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 950, signal 1118/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1000, signal 1180/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1050, signal 1237/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1100, signal 1297/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1150, signal 1355/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1200, signal 1414/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1250, signal 1484/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1300, signal 1549/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1350, signal 1610/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1400, signal 1664/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1450, signal 1730/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1500, signal 1785/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1550, signal 1843/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1600, signal 1898/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1650, signal 1957/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1700, signal 2011/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1750, signal 2067/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1800, signal 2128/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1850, signal 2184/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1900, signal 2242/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 1950, signal 2302/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2000, signal 2359/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2050, signal 2421/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2100, signal 2476/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2150, signal 2533/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2200, signal 2591/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2250, signal 2647/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2300, signal 2705/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2350, signal 2771/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2400, signal 2827/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2450, signal 2883/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2500, signal 2938/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2550, signal 2997/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2600, signal 3059/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2650, signal 3113/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2700, signal 3167/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2750, signal 3218/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2800, signal 3276/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2850, signal 3335/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2900, signal 3389/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 2950, signal 3449/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 3000, signal 3505/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 3050, signal 3560/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 3100, signal 3614/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 3150, signal 3669/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 3200, signal 3725/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 3206, signal 3732/3801 (executing program)
2021/04/21 22:49:13 fetching corpus: 3206, signal 3732/3801 (executing program)
2021/04/21 22:49:13 starting 8 fuzzer processes
22:49:13 executing program 0:
fd2path(0xffffffffffffff9c, &(0x7f0000000000)=""/135, 0x87)
r0 = openat$net_ether0_2_ifstats(0xffffffffffffff9c, &(0x7f00000000c0), 0x16, 0x1, 0x0)
r1 = fcntl$F_DUPFD(r0, 0x0, 0xffffffffffffff9c, 0x0)
fstat(r1, &(0x7f0000000100))
fcntl$F_SYNC(r1, 0x65)
r2 = openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000180), 0x10, 0x1, 0x0)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x24810, r2, 0xffffffff80000001)
r3 = openat$proc_self_maps(0xffffffffffffff9c, &(0x7f00000001c0), 0x10, 0x1, 0x0)
fcntl$F_DUPFD(r2, 0x0, r3, 0x0)
openat$net_ipifc_0_remote(0xffffffffffffff9c, &(0x7f0000000200), 0x14, 0x1, 0x0)
r4 = openat$net_ether0_2_type(0xffffffffffffff9c, &(0x7f0000000240), 0x13, 0x1, 0x0)
tcgetattr(r4, &(0x7f0000000280))
r5 = openat$proc_self_syscall(0xffffffffffffff9c, &(0x7f00000002c0), 0x13, 0x1, 0x0)
llseek(r5, 0x0, 0x6, &(0x7f0000000300), 0x3)
openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f0000000340), 0x12, 0x3, 0x0)
r6 = openat$prof_mpstat(0xffffffffffffff9c, &(0x7f0000000380), 0xd, 0x3, 0x0)
abort_sysc_fd(r6)
openat$dev_bintime(0xffffffffffffff9c, &(0x7f00000003c0), 0xd, 0x3, 0x0)
openat$net_tcp_0_status(0xffffffffffffff9c, &(0x7f0000000400), 0x12, 0x1, 0x0)
fcntl$F_SYNC(0xffffffffffffffff, 0x65)

22:49:13 executing program 1:
r0 = openat$net_ipifc_1_local(0xffffffffffffff9c, &(0x7f0000000000), 0x13, 0x1, 0x0)
fcntl$F_GETFL(r0, 0x3)
fd2path(r0, &(0x7f0000000040)=""/53, 0x35)
r1 = fcntl$F_DUPFD(r0, 0x0, 0xffffffffffffffff, 0x1)
openat$net_tcp_0_err(0xffffffffffffff9c, &(0x7f0000000080), 0xf, 0x3, 0x0)
r2 = fcntl$F_DUPFD(0xffffffffffffffff, 0x0, r1, 0x1)
r3 = openat$dev_zero(0xffffffffffffff9c, &(0x7f00000000c0), 0xa, 0x1, 0x0)
openat$net_log(0xffffffffffffff9c, &(0x7f0000000100), 0x9, 0x3, 0x0)
r4 = openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000140), 0xe, 0x3, 0x0)
llseek(r4, 0x101, 0x400, &(0x7f0000000180), 0x1)
r5 = openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f00000001c0), 0x10, 0x3, 0x0)
openat$proc_self_ns(0xffffffffffffff9c, &(0x7f0000000200), 0xe, 0x1, 0x0)
fcntl$F_SETFL(r5, 0x4, 0x80000)
fcntl$F_DUPFD(r0, 0x0, r2, 0x1)
fcntl$F_SETFL(r3, 0x4, 0x100000)
openat$proc_self_vmstatus(0xffffffffffffff9c, &(0x7f0000000240), 0x14, 0x1, 0x0)
openat$net_tcp_0_status(0xffffffffffffff9c, &(0x7f0000000280), 0x12, 0x1, 0x0)
r6 = openat$net_ether0_2_stats(0xffffffffffffff9c, &(0x7f00000002c0), 0x14, 0x1, 0x0)
llseek(r6, 0x400000, 0x4, &(0x7f0000000300), 0x2)
close(r0)

22:49:13 executing program 2:
r0 = openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000000), 0x10, 0x1, 0x0)
write(r0, &(0x7f0000000040)="fbb53a857036b1e71f5ebdf7dd22ab13ebe30d1cd59be71e1aee465e0e1d3a134fd311ac67ab9c7a712e8d33bce9a1810a81b574fcf38209ac87fbfe396be7a0a2c88d99908c23935d9cea1a6f93ea7114d1ea2d72d3e9db89bb92ac9097afcf59ecbe016af7fe633effdd651b55104462b6192bce5cc4146a76d88b", 0x7c)
r1 = openat$net_iproute(0xffffffffffffff9c, &(0x7f00000000c0), 0xd, 0x3, 0x0)
r2 = openat$net_tcp_2_listen(0xffffffffffffff9c, &(0x7f0000000100), 0x12, 0x3, 0x0)
llseek(r2, 0x8, 0x7, &(0x7f0000000140), 0x0)
r3 = openat$net_tcp_2_local(0xffffffffffffff9c, &(0x7f0000000180), 0x11, 0x1, 0x0)
r4 = openat$net_tcp_2_ctl(0xffffffffffffff9c, &(0x7f00000001c0), 0xf, 0x3, 0x0)
fcntl$F_GETFL(r4, 0x3)
r5 = openat$net_ipifc_1_err(0xffffffffffffff9c, &(0x7f0000000200), 0x11, 0x3, 0x0)
fcntl$F_SYNC(r1, 0x65)
fcntl$F_DUPFD(r5, 0x0, r3, 0x1)
fcntl$F_GETFL(r0, 0x3)
openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000240), 0x14, 0x1, 0x0)
openat$net_log(0xffffffffffffff9c, &(0x7f0000000280), 0x9, 0x3, 0x0)
fwstat(r0, &(0x7f00000002c0)=""/4096, 0x1000, 0x0)
r6 = openat$net_tcp_2_status(0xffffffffffffff9c, &(0x7f00000012c0), 0x12, 0x1, 0x0)
fchdir(0xffffffffffffffff, r6)
fcntl$F_DUPFD(0xffffffffffffffff, 0x0, r4, 0x0)
fcntl$F_DUPFD(r6, 0x0, r2, 0x1)
openat$proc_self_ns(0xffffffffffffff9c, &(0x7f0000001300), 0xe, 0x1, 0x0)

22:49:13 executing program 3:
r0 = openat$net_ipifc_0_data(0xffffffffffffff9c, &(0x7f0000000000), 0x12, 0x3, 0x0)
write(r0, &(0x7f0000000040)="cb68b611a93a8d2d852edace039f7355854e62dc87232239c4052c8adf6d16ad2fc6fa06e7821bb5c30fcdaace3093b4652a298c0a176d66d0919da06356e9cb7ee0cdcc9fc40e73c6a91d281d698c3aff4bf04fecab5ceab2a6c66fe9", 0x5d)
r1 = openat$dev_drivers(0xffffffffffffff9c, &(0x7f00000000c0), 0xd, 0x1, 0x0)
openat$net_ipselftab(0xffffffffffffff9c, &(0x7f0000000100), 0xf, 0x1, 0x0)
r2 = fcntl$F_DUPFD(r1, 0x0, r0, 0x0)
openat$dev_sysname(0xffffffffffffff9c, &(0x7f0000000140), 0xd, 0x3, 0x0)
openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000180), 0xc, 0x3, 0x0)
fcntl$F_SYNC(r1, 0x65)
fcntl$F_SETFL(r2, 0x4, 0x108000)
r3 = openat$net_ipifc_clone(0xffffffffffffff9c, &(0x7f00000001c0), 0x11, 0x3, 0x0)
fcntl$F_GETFD(r3, 0x1)
openat(r1, &(0x7f0000000200)='./file0\x00', 0x8, 0x200, 0x7)
r4 = openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000240), 0x10, 0x3, 0x0)
openat(r4, &(0x7f0000000280)='./file0\x00', 0x8, 0x80, 0x8)
fd2path(r1, &(0x7f00000002c0)=""/154, 0x9a)
openat$net_tcp_2_data(0xffffffffffffff9c, &(0x7f0000000380), 0x10, 0x3, 0x0)
r5 = openat$net_ether0_1_ctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x12, 0x3, 0x0)
fcntl$F_SYNC(r5, 0x65)
openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000400), 0x16, 0x1, 0x0)
openat$net_tcp_1_ctl(0xffffffffffffff9c, &(0x7f0000000440), 0xf, 0x3, 0x0)

22:49:13 executing program 4:
getcwd(&(0x7f0000000000)=""/36, 0x24)
getcwd(&(0x7f0000000040)=""/152, 0x98)
getcwd(&(0x7f0000000100)=""/216, 0xd8)
getcwd(&(0x7f0000000200)=""/235, 0xeb)
getcwd(&(0x7f0000000300)=""/61, 0x3d)
getcwd(&(0x7f0000000340)=""/4096, 0x1000)
getcwd(&(0x7f0000001340)=""/228, 0xe4)
getcwd(&(0x7f0000001440)=""/118, 0x76)
getcwd(&(0x7f00000014c0)=""/28, 0x1c)
getcwd(&(0x7f0000001500)=""/245, 0xf5)
getcwd(&(0x7f0000001600)=""/4096, 0x1000)
getcwd(&(0x7f0000002600)=""/4096, 0x1000)
getcwd(&(0x7f0000003600)=""/223, 0xdf)
getcwd(&(0x7f0000003700)=""/91, 0x5b)
getcwd(&(0x7f0000003780)=""/187, 0xbb)
getcwd(&(0x7f0000003840)=""/210, 0xd2)
getcwd(&(0x7f0000003940)=""/207, 0xcf)
getcwd(&(0x7f0000003a40)=""/229, 0xe5)
getcwd(&(0x7f0000003b40)=""/245, 0xf5)
getcwd(&(0x7f0000003c40)=""/171, 0xab)

22:49:14 executing program 5:
r0 = openat$net_ipifc_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x11, 0x1, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000040))
r1 = openat$net_ipifc_1_data(0xffffffffffffff9c, &(0x7f00000000c0), 0x12, 0x3, 0x0)
r2 = fcntl$F_DUPFD(r1, 0x0, r0, 0x1)
fcntl$F_GETFL(r0, 0x3)
r3 = openat$prof_kpctl(0xffffffffffffff9c, &(0x7f0000000100), 0xc, 0x3, 0x0)
r4 = openat$net_ipifc_0_listen(0xffffffffffffff9c, &(0x7f0000000140), 0x14, 0x3, 0x0)
r5 = openat$net_tcp_clone(0xffffffffffffff9c, &(0x7f0000000180), 0xf, 0x3, 0x0)
dup_fds_to(0xffffffffffffffff, &(0x7f00000001c0)=[{r1}, {r0}, {0xffffffffffffff9c}, {r4}, {r5}], 0x5)
r6 = openat$dev_caphash(0xffffffffffffff9c, &(0x7f0000000200), 0xd, 0x3, 0x0)
r7 = openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f0000000240), 0x12, 0x3, 0x0)
tcgetattr(r7, &(0x7f0000000280))
fcntl$F_DUPFD(r1, 0x0, r2, 0x0)
r8 = openat$net_ether0_stats(0xffffffffffffff9c, &(0x7f00000002c0), 0x12, 0x1, 0x0)
r9 = openat$net_arp(0xffffffffffffff9c, &(0x7f0000000300), 0x9, 0x3, 0x0)
dup_fds_to(0x0, &(0x7f0000000340)=[{r9}, {0xffffffffffffff9c}, {r1}, {r3}, {r8}, {r3}, {r6}], 0x7)
close(r9)
r10 = openat$prof_mpstat(0xffffffffffffff9c, &(0x7f00000003c0), 0xd, 0x3, 0x0)
fcntl$F_GETFD(r10, 0x1)
openat$net_ether0_clone(0xffffffffffffff9c, &(0x7f0000000400), 0x12, 0x3, 0x0)

22:49:14 executing program 6:
abort_sysc(0xffff)
abort_sysc(0x33)
abort_sysc(0x40)
abort_sysc(0x7)
abort_sysc(0x7aa481d1)
abort_sysc(0x4)
abort_sysc(0x9)
abort_sysc(0x4)
abort_sysc(0x8000)
abort_sysc(0x800000000)
abort_sysc(0x7933)
abort_sysc(0x8)
abort_sysc(0x4)
abort_sysc(0x1d)
abort_sysc(0xfff)
abort_sysc(0x0)
abort_sysc(0xfd)
abort_sysc(0x8a)
abort_sysc(0x3)
abort_sysc(0x8dc)

22:49:14 executing program 7:
r0 = openat$dev_sysstat(0xffffffffffffff9c, &(0x7f0000000000), 0xd, 0x3, 0x0)
openat(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x80403, 0x0)
r1 = openat$proc_self_text(0xffffffffffffff9c, &(0x7f0000000080), 0x10, 0x1, 0x0)
openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f00000000c0), 0x14, 0x1, 0x0)
r2 = openat$net_udp_0_remote(0xffffffffffffff9c, &(0x7f0000000100), 0x12, 0x1, 0x0)
fcntl$F_GETFL(r2, 0x3)
lstat(&(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000180))
openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000200), 0x14, 0x1, 0x0)
r3 = openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f0000000240), 0x12, 0x3, 0x0)
read(r1, &(0x7f0000000280)=""/63, 0x3f)
read(r3, &(0x7f00000002c0)=""/57, 0x39)
r4 = openat$proc_self_user(0xffffffffffffff9c, &(0x7f0000000300), 0x10, 0x1, 0x0)
close(r4)
r5 = openat$net_ipifc_0_status(0xffffffffffffff9c, &(0x7f0000000340), 0x14, 0x1, 0x0)
tcgetattr(r5, &(0x7f0000000380))
r6 = fcntl$F_DUPFD(r2, 0x0, r5, 0x1)
llseek(r6, 0xb00e, 0x0, &(0x7f00000003c0), 0x0)
r7 = openat$net_tcp_0_ctl(0xffffffffffffff9c, &(0x7f0000000400), 0xf, 0x3, 0x0)
fcntl$F_SYNC(r7, 0x65)
tcgetattr(r0, &(0x7f0000000440))

22:49:15 executing program 0:
r0 = openat$net_ether0_0_ctl(0xffffffffffffff9c, &(0x7f0000000140), 0x12, 0x3, 0x0)
fcntl$F_SYNC(r0, 0x65)
openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000000), 0x14, 0x1, 0x0)
close(r0)
openat$net_empty(0xffffffffffffff9c, &(0x7f0000000340), 0xc, 0x3, 0x0)
write(r0, &(0x7f0000000040)="4830bb79985bb27454bc8cbdf981b48c120d43bb297aa5bcc69fc30d22388e00000000", 0xffffffaa)
close(0xffffffffffffffff)

22:49:20 executing program 0:
r0 = openat$net_icmp_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x10, 0x1, 0x0)
fcntl$F_GETFD(r0, 0x1)
r1 = fcntl$F_DUPFD(r0, 0x0, r0, 0x1)
fcntl$F_SYNC(r1, 0x65)
fwstat(r0, &(0x7f0000000040)=""/217, 0xd9, 0x0)
r2 = openat$dev_random(0xffffffffffffff9c, &(0x7f0000000140), 0xc, 0x1, 0x0)
fcntl$F_SETFL(r2, 0x4, 0x100000)
r3 = openat$net_ether0_0_stats(0xffffffffffffff9c, &(0x7f0000000180), 0x14, 0x1, 0x0)
fcntl$F_DUPFD(r2, 0x0, r3, 0x1)
r4 = openat$net_empty(0xffffffffffffff9c, &(0x7f00000001c0), 0xc, 0x3, 0x0)
openat$proc_self_note(0xffffffffffffff9c, &(0x7f0000000200), 0x10, 0x1, 0x0)
r5 = openat$net_ipifc_1_remote(0xffffffffffffff9c, &(0x7f0000000240), 0x14, 0x1, 0x0)
fcntl$F_SYNC(r5, 0x65)
openat$net_tcp_0_err(0xffffffffffffff9c, &(0x7f0000000280), 0xf, 0x3, 0x0)
write(r2, &(0x7f00000002c0)="8b98d712a69d4e51fdc68a6d425e6d1beffd40f7462ff130207775f8aa4f2ed5f3781ee72bda7faef766c188f39bba03d13dcd6c9bc70bea231f13", 0x3b)
r6 = openat$net_tcp_0_listen(0xffffffffffffff9c, &(0x7f0000000300), 0x12, 0x3, 0x0)
tcgetattr(r6, &(0x7f0000000340))
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3000000, 0x4130, r2, 0x2b2985b1)
llseek(r4, 0xa0000000000, 0x8001, &(0x7f0000000380), 0x0)
openat$dev_sysname(0xffffffffffffff9c, &(0x7f00000003c0), 0xd, 0x3, 0x0)

22:49:25 executing program 0:
r0 = openat$net_arp(0xffffffffffffff9c, &(0x7f0000000000), 0x9, 0x3, 0x0)
fcntl$F_GETFL(r0, 0x3)
fcntl$F_DUPFD(0xffffffffffffff9c, 0x0, r0, 0x1)
r1 = openat$net_tcp_1_local(0xffffffffffffff9c, &(0x7f0000000040), 0x11, 0x1, 0x0)
r2 = openat$net_arp(0xffffffffffffff9c, &(0x7f0000000000), 0x9, 0x3, 0x0)
fcntl$F_GETFL(r2, 0x3)
llseek(r2, 0x4b27, 0x493b, &(0x7f0000000000), 0x0)
fcntl$F_GETFL(r1, 0x3)

22:49:30 executing program 0:
fcntl$F_SETFL(0xffffffffffffff9c, 0x4, 0x188000)
openat$prof_kpctl(0xffffffffffffff9c, &(0x7f0000000000), 0xc, 0x3, 0x0)
openat$prof_mpstat_raw(0xffffffffffffff9c, &(0x7f0000000040), 0x11, 0x3, 0x0)
r0 = openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000080), 0x13, 0x3, 0x0)
r1 = openat$dev_zero(0xffffffffffffff9c, &(0x7f00000000c0), 0xa, 0x1, 0x0)
r2 = openat$net_log(0xffffffffffffff9c, &(0x7f0000000100), 0x9, 0x3, 0x0)
fcntl$F_GETFL(r2, 0x3)
r3 = openat$dev_time(0xffffffffffffff9c, &(0x7f0000000140), 0xa, 0x3, 0x0)
fcntl$F_GETFL(r3, 0x3)
read(r1, &(0x7f0000000180)=""/86, 0x56)
fd2path(r0, &(0x7f0000000200)=""/241, 0xf1)
tcgetattr(r1, &(0x7f0000000300))
r4 = openat$net_ipifc_1_listen(0xffffffffffffff9c, &(0x7f0000000340), 0x14, 0x3, 0x0)
tcgetattr(r4, &(0x7f0000000380))
openat$prof_kptrace_ctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x12, 0x3, 0x0)
openat$dev_sysname(0xffffffffffffff9c, &(0x7f0000000400), 0xd, 0x3, 0x0)
openat$net_ether0_ifstats(0xffffffffffffff9c, &(0x7f0000000440), 0x14, 0x1, 0x0)
r5 = openat$net_ether0_1_ifstats(0xffffffffffffff9c, &(0x7f0000000480), 0x16, 0x1, 0x0)
fcntl$F_SETFL(r5, 0x4, 0x80400)
openat$prof_empty(0xffffffffffffff9c, &(0x7f00000004c0), 0xd, 0x3, 0x0)

22:49:35 executing program 0:
r0 = openat$dev_empty(0xffffffffffffff9c, &(0x7f0000000000), 0xc, 0x3, 0x0)
fcntl$F_SYNC(r0, 0x65)
fd2path(r0, &(0x7f00000000c0)=""/225, 0xe1)
fcntl$F_SYNC(r0, 0x65)

22:49:40 executing program 0:
r0 = openat$net_tcp_1_status(0xffffffffffffff9c, &(0x7f0000000000), 0x12, 0x1, 0x0)
abort_sysc_fd(r0)
r1 = openat$net_ipifc_clone(0xffffffffffffff9c, &(0x7f0000000040), 0x11, 0x3, 0x0)
dup_fds_to(0xffffffffffffffff, &(0x7f0000000080)=[{r0}, {}, {r0}, {r0}, {r0}, {r1}], 0x6)
openat(r0, &(0x7f0000000100)='./file0\x00', 0x8, 0x200, 0x110)
r2 = openat$proc_self_wait(0xffffffffffffff9c, &(0x7f0000000140), 0x10, 0x1, 0x0)
fcntl$F_GETFD(r2, 0x1)
read(r2, &(0x7f0000000180)=""/198, 0xc6)
openat$dev_sdctl(0xffffffffffffff9c, &(0x7f0000000280), 0xb, 0x3, 0x0)
fcntl$F_SETFL(r2, 0x4, 0x88000)
openat$net_icmp_clone(0xffffffffffffff9c, &(0x7f00000002c0), 0x10, 0x3, 0x0)
openat$net_tcp_2_err(0xffffffffffffff9c, &(0x7f0000000300), 0xf, 0x3, 0x0)
openat$dev_kprint(0xffffffffffffff9c, &(0x7f0000000340), 0xc, 0x1, 0x0)
openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000380), 0xd, 0x3, 0x0)
openat$net_ether0_1_data(0xffffffffffffff9c, &(0x7f00000003c0), 0x13, 0x3, 0x0)
fcntl$F_SETFL(0xffffffffffffff9c, 0x4, 0x100000)
openat$prof_kptrace(0xffffffffffffff9c, &(0x7f0000000400), 0xe, 0x3, 0x0)
r3 = openat$net_tcp_1_remote(0xffffffffffffff9c, &(0x7f0000000440), 0x12, 0x1, 0x0)
read(r3, &(0x7f0000000480)=""/86, 0x56)
fcntl$F_GETFD(0xffffffffffffffff, 0x1)

22:49:45 executing program 0:
r0 = openat$dev_random(0xffffffffffffff9c, &(0x7f0000000340), 0xc, 0x1, 0x0)
r1 = openat$net_arp(0xffffffffffffff9c, &(0x7f0000000000), 0x9, 0x3, 0x0)
fcntl$F_GETFL(r1, 0x3)
r2 = openat$net_ipifc_1_ctl(0xffffffffffffff9c, &(0x7f0000000080), 0x11, 0x3, 0x0)
fcntl$F_DUPFD(r1, 0x0, r2, 0x0)
fcntl$F_GETFL(r0, 0x3)
openat$net_ndb(0xffffffffffffff9c, &(0x7f0000000000), 0x9, 0x3, 0x0)
nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x0)

22:49:50 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x8, 0xd0)
nunmount(&(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000080)='./file0\x00', 0x8)
readlink(&(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000100), 0x0)
r0 = proc_create(&(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000180)='%)}\x00', 0x4, 0x1)
r1 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x8, 0x3, 0x4)
access(&(0x7f0000000200)='./file0\x00', 0x8, 0x1)
stat(&(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000280))
proc_destroy(r0, 0x3)
proc_create(&(0x7f0000000300)='./file0\x00', 0x8, &(0x7f0000000340)='%)}\x00', 0x4, 0x1)
chdir(0x0, &(0x7f0000000380)='./file0\x00', 0x8)
symlink(&(0x7f00000003c0)='./file0\x00', 0x8, &(0x7f0000000400)='./file0\x00', 0x8)
rename(&(0x7f0000000440)='./file0/file0\x00', 0xe, &(0x7f0000000480)='./file0\x00', 0x8)
nbind(&(0x7f00000004c0)='./file0\x00', 0x8, &(0x7f0000000500)='./file0\x00', 0x8, 0x4)
nmount(r1, &(0x7f0000000540)='./file0/file0\x00', 0xe, 0x4)
symlink(&(0x7f0000000580)='./file0/file0\x00', 0xe, &(0x7f00000005c0)='./file0/file0\x00', 0xe)
exec(&(0x7f0000000600)='./file0\x00', 0x8, &(0x7f0000000640)='%)}\x00', 0x4)
rename(&(0x7f0000000680)='./file0/file1\x00', 0xe, 0x0, 0x0)
r2 = openat$net_tcp_0_local(0xffffffffffffff9c, &(0x7f00000006c0), 0x11, 0x1, 0x0)
nmount(r2, &(0x7f0000000700)='./file0\x00', 0x8, 0x0)
proc_create(&(0x7f0000000740)='./file0\x00', 0x8, &(0x7f0000000780)='%)}\x00', 0x4, 0x0)

22:49:55 executing program 0:
r0 = openat$prof_kpctl(0xffffffffffffff9c, &(0x7f0000000100), 0xc, 0x3, 0x0)
r1 = openat$net_arp(0xffffffffffffff9c, &(0x7f0000000000), 0x9, 0x3, 0x0)
fcntl$F_GETFL(r1, 0x3)
fcntl$F_DUPFD(r1, 0x0, r0, 0x1)
openat$net_log(0xffffffffffffff9c, &(0x7f0000000080), 0x9, 0x3, 0x0)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000004)
openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f0000000040), 0x1b, 0x3, 0x0)
openat$net_ether0_0_data(0xffffffffffffff9c, &(0x7f0000000000), 0x13, 0x3, 0x0)

bash-4.3$ [kernel] ENOMEM, killing 40

kernel panic at /syzkaller/managers/main/kernel/kern/include/kref.h:68, from core 0: assertion failed: kref_refcnt(kref) > 0
Stack Backtrace on Core 0:
#01 [<0xffffffffc200aa6c>] in backtrace
#02 [<0xffffffffc200a205>] in _panic
#03 [<0xffffffffc204996b>] in kref_put
#04 [<0xffffffffc204d7e0>] in proc_destroy
#05 [<0xffffffffc2058f36>] in sys_proc_destroy
#06 [<0xffffffffc205a249>] in syscall
#07 [<0xffffffffc205add8>] in run_local_syscall
#08 [<0xffffffffc205b319>] in prep_syscalls
#09 [<0xffffffffc20b7a92>] in sysenter_callwrapper

Entering Nanwan's Dungeon on Core 0 (Ints on):
Type 'help' for a list of commands.

VM DIAGNOSIS:
22:51:15  Registers:
info registers vcpu 0
RAX=ffff8000000b8000 RBX=000000000000000a RCX=ffff8000000b8090 RDX=0000000000000f00
RSI=ffff8000000b80a0 RDI=0720072007200720 RBP=fffffff0010fdbe8 RSP=fffffff0010fdbe8
R8 =ffff8000000b8130 R9 =0000000000000f00 R10=ffff8000000b8f00 R11=ffff8000000b8ec0
R12=00000000000003f8 R13=00000000000003f8 R14=ffffffffc20c7088 R15=0000000000000000
RIP=ffffffffc205614b RFL=00000096 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0008 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0010 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000300000349ca0 ffffffff 00c00000
GS =0000 ffffffffc8f79b00 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0028 ffffffffc90a8a40 00000068 00008b00 DPL=0 TSS64-busy
GDT=     ffff800000100374 00000037
IDT=     ffffffffc8f72ef0 00000fff
CR0=80010033 CR2=00007f7fff9fbb28 CR3=00000000086ee000 CR4=000506b0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000501
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000000ff000000ff0000000000ff0000 XMM01=25252525252525252525252525252525
XMM02=00000000000000000100010101000000 XMM03=00000000000000000000000000000000
XMM04=000000ff000000000000000000ff0000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=0000ff00000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffffffffc8f79f08 RCX=0000000000000832 RDX=0000000000000000
RSI=0000000000000000 RDI=0000000000000832 RBP=fffffff00000ff18 RSP=fffffff00000ff18
R8 =0000000000000007 R9 =ffff80000d8b5e3c R10=00000000000000d8 R11=ffffffffc8f79e18
R12=0000000000000000 R13=ffffffffc8f79f48 R14=ffffffffc2000130 R15=0000000000000001
RIP=ffffffffc20a7b5e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0008 0000000000000000 00000000 00209900 DPL=0 CS64 [--A]
SS =0010 0000000000000000 ffffffff 00809300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000010000000ca60 ffffffff 00c00000
GS =0000 ffffffffc8f79dc0 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0028 ffff80000d94b720 00000068 00008b00 DPL=0 TSS64-busy
GDT=     ffff80000d94b792 00000037
IDT=     ffffffffc8f72ef0 00000fff
CR0=80010033 CR2=0000000084796040 CR3=00000000052ed000 CR4=000506b0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000501
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=000000000000003d RBX=ffffffffc8f7a080 RCX=ffffffffc8f7a088 RDX=00000023e8accff6
RSI=0000000000000003 RDI=ffffffffc8f7a080 RBP=fffffff001094fd8 RSP=fffffff001094fd8
R8 =0000000000000000 R9 =ffffffffc8f7a178 R10=0000000000000078 R11=ffffffffc8f7a138
R12=ffff800002199ba0 R13=0000000000000002 R14=0000000000000000 R15=0000000000000002
RIP=ffffffffc20aad51 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0008 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0010 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00001000000084a0 ffffffff 00c00000
GS =0000 ffffffffc8f7a080 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0028 ffff80000d94b820 00000068 00008b00 DPL=0 TSS64-busy
GDT=     ffff80000d94b892 00000037
IDT=     ffffffffc8f72ef0 00000fff
CR0=80010033 CR2=0000100000011e60 CR3=0000000000101000 CR4=000506b0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000501
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=000000000000003d RBX=ffffffffc8f7a340 RCX=ffffffffc8f7a348 RDX=00000023e8af2a83
RSI=0000000000000003 RDI=ffffffffc8f7a340 RBP=fffffff001091fd8 RSP=fffffff001091fd8
R8 =0000000000000000 R9 =ffffffffc8f7a438 R10=0000000000000078 R11=ffffffffc8f7a3f8
R12=ffff800002199ba0 R13=0000000000000003 R14=0000000000000000 R15=0000000000000003
RIP=ffffffffc20aad51 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0008 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0010 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000010000000a060 ffffffff 00c00000
GS =0000 ffffffffc8f7a340 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0028 ffff80000d94b920 00000068 00008b00 DPL=0 TSS64-busy
GDT=     ffff80000d94b992 00000037
IDT=     ffffffffc8f72ef0 00000fff
CR0=80010033 CR2=000010000000ee10 CR3=0000000000101000 CR4=000506b0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000501
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000000000000000000ff000000000000 XMM01=31313230385f7a7973006273755f7a79
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000