last executing test programs:

3.41943019s ago: executing program 0 (id=355):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0x1c, 0x1c, 0x3, 0x0, @empty, 0x5}, 0x1c)
cpuset_setaffinity(0x3, 0x2, 0x0, 0x6c, &(0x7f0000000040))

3.343554746s ago: executing program 0 (id=358):
r0 = socket(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0xffff, 0x200, &(0x7f0000000040)=0x1000, 0x1f)

3.269020114s ago: executing program 0 (id=369):
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x615, 0x0)
listen(r0, 0x1)

3.191234432s ago: executing program 0 (id=366):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_buf(r0, 0x0, 0xe, 0x0, &(0x7f0000001040))

3.165860296s ago: executing program 0 (id=370):
r0 = socket$inet6_udplite(0x1c, 0x2, 0x88)
sendmsg(r0, &(0x7f0000000580)={&(0x7f0000000180)=@in6={0x1c, 0x1c, 0x3, 0x3, @mcast2, 0x4c}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[{0x10, 0x0, 0x8}], 0x10}, 0x1)

3.135856146s ago: executing program 0 (id=372):
r0 = kqueue()
kevent(r0, &(0x7f00000000c0)=[{0x4, 0xfffffffffffffff9, 0x1, 0x4, 0x0, 0x0, [0x0, 0x0, 0xbffffffffffffffe]}], 0x1, 0x0, 0x0, 0x0)

2.564382524s ago: executing program 1 (id=389):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bindat$unix(0xffffffffffffff9c, r0, &(0x7f0000000280)=@file={0xfc, 0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}, 0xfc)

2.531450923s ago: executing program 1 (id=390):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000540), 0x1, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)

1.145811951s ago: executing program 1 (id=420):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setitimer(0x0, &(0x7f0000000000)={{0x101, 0x4}, {0x958, 0x1}}, &(0x7f0000000080))

889.631954ms ago: executing program 2 (id=433):
r0 = socket$inet6_tcp(0x1c, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000001f80)={0x1c, 0x1c, 0x2, 0x3, @remote={0xfe, 0x80, '\x00', 0x0}, 0xfffffbff}, 0x1c)

790.671208ms ago: executing program 1 (id=426):
open(&(0x7f0000000000)='./file0\x00', 0x200, 0x2)
extattr_list_link(&(0x7f0000000540)='./file0\x00', 0x2, 0x0, 0x0)

790.549114ms ago: executing program 2 (id=427):
freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0)
open$dir(&(0x7f00000001c0)='./file0\x00', 0x488200, 0x176)

715.567376ms ago: executing program 1 (id=428):
r0 = socket$inet6_icmp_raw(0x1c, 0x3, 0x3a)
shutdown(r0, 0x1)

530.566178ms ago: executing program 3 (id=432):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200201, 0x0)
aio_write(&(0x7f0000000240)={r0, 0xfffffffffffffffe, 0x0, 0x0, [0x3], 0x200000000000000, 0x8, 0x0, {0x6, 0x20000000008, 0x0}, {0x0, 0x20000005, @sigval_int=0x2e5562f1, @spare=[0x3, 0x6, 0xb, 0x3, 0xa251, 0x400000000000003, 0x40]}})

490.602394ms ago: executing program 3 (id=434):
rfork(0x50)
rfork(0x2050)

310.713558ms ago: executing program 3 (id=435):
openat$filemon(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sysarch$I386_SET_LDT(0x1, &(0x7f0000000040)={0xffffffff, 0x0})

230.616696ms ago: executing program 1 (id=436):
freebsd10_pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
fchmod(r0, 0x44)

230.402229ms ago: executing program 3 (id=437):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getsockname$unix(0xffffffffffffffff, 0x0, &(0x7f0000002200))

190.727456ms ago: executing program 3 (id=438):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_RXTLS_ENABLE(r0, 0x6, 0x29, &(0x7f0000000280)={&(0x7f0000000040)="01", 0x0, 0x0, 0x19, 0x1, 0x0, 0x1c, 0x0, 0x0, 0x3, 0x0, "2e090000ffffffe0"}, 0x40)

110.679948ms ago: executing program 3 (id=439):
sigaction(0x14, &(0x7f0000000100)={&(0x7f00000000c0)="0f0f28a0c4017c53c50f71e20b4229ec4069b50008000000080000c403896ae7d3c4a1ff1153076744c0584e00430f1812c4827d33de", 0x6d}, 0x0)
sigaction(0x14, 0x0, &(0x7f0000000800)={0x0})

110.478837ms ago: executing program 2 (id=440):
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2)

40.723468ms ago: executing program 2 (id=441):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_int(r0, 0x0, 0x44, 0x0, 0x0)

40.511368ms ago: executing program 2 (id=442):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$MDIOCATTACH(r0, 0xc1c07200, &(0x7f0000000240)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, [0x0, 0x800000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80]})

0s ago: executing program 2 (id=443):
r0 = open$dir(&(0x7f0000000280)='.\x00', 0x80, 0x0)
getdirentries(r0, 0x0, 0x0, &(0x7f0000000380))

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.67' (ED25519) to the list of known hosts.
Connection to 10.128.1.67 closed by remote host.

FreeBSD/amd64 (ci-freebsd-main-9.us-central1-b.c.syzkaller.internal) (ttyu0)

login: 
FreeBSD/amd64 (ci-freebsd-main-9.us-central1-b.c.syzkaller.internal) (ttyu0)

login: Jul 23 17:09:20 ci-freebsd-main-9 init[863]: getty repeating too quickly on port /dev/ttyv2, sleeping 30 secs
md0: truncating fractional last sector by 32757 bytes
VNASSERT failed: nresid != oresid || *(a)->a_eofflag == 1 not true at vnode_if.c:1824 (VOP_READDIR_APV)
0xfffffe006dfcfdc0: type VDIR state VSTATE_CONSTRUCTED op 0xffffffff83712bc0
    usecount 2, writecount 0, refcount 2 seqc users 0 mountedhere 0
    hold count flags ()
    flags (VMP_LAZYLIST)
    v_object 0xfffffe00540fc0f8 ref 0 pages 0 cleanbuf 0 dirtybuf 1
    lock type ufs: SHARED (count 1)
	nlink=2, effnlink=2, size=512, extsize 0
	generation=40d8a5b4, uid=0, gid=0, flags=0x0
	ino 309, on dev gpt/rootfs
panic: VOP_READDIR: eofflag not set
cpuid = 0
time = 6
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0056e514b0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0056e51610
vpanic() at vpanic+0x257/frame 0xfffffe0056e517d0
panic() at panic+0xb5/frame 0xfffffe0056e51890
VOP_READDIR_APV() at VOP_READDIR_APV+0x4ab/frame 0xfffffe0056e51990
kern_getdirentries() at kern_getdirentries+0x6f8/frame 0xfffffe0056e51c50
sys_getdirentries() at sys_getdirentries+0xb6/frame 0xfffffe0056e51d10
amd64_syscall() at amd64_syscall+0x4e2/frame 0xfffffe0056e51f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0056e51f30
--- syscall (198, FreeBSD ELF64, __syscall), rip = 0x3a1afa, rsp = 0x824f49f08, rbp = 0x824f49f80 ---
KDB: enter: panic
[ thread pid 1295 tid 100610 ]
Stopped at      kdb_enter+0x6e: movq    $0,0x25c5097(%rip)
db> 
db>