Sun Feb 9 22:23:05 UTC 2020 NetBSD/amd64 (ci2-netbsd-kubsan-0.c.syzkaller.internal) (console) login: Feb 9 22:23:07 ci2-netbsd-kubsan-0 getty[564]: /dev/ttyE1: Device not configured Feb 9 22:23:07 ci2-netbsd-kubsan-0 getty[533]: /dev/ttyE2: Device not configured Feb 9 22:23:07 ci2-netbsd-kubsan-0 getty[570]: /dev/ttyE3: Device not configured Warning: Permanently added '10.128.10.17' (ECDSA) to the list of known hosts. 2020/02/09 22:23:14 fuzzer started 2020/02/09 22:23:14 dialing manager at 10.128.0.105:34335 2020/02/09 22:23:15 syscalls: 215 2020/02/09 22:23:15 code coverage: enabled 2020/02/09 22:23:15 comparison tracing: enabled 2020/02/09 22:23:15 extra coverage: support is not implemented in syzkaller 2020/02/09 22:23:15 setuid sandbox: support is not implemented in syzkaller 2020/02/09 22:23:15 namespace sandbox: support is not implemented in syzkaller 2020/02/09 22:23:15 Android sandbox: support is not implemented in syzkaller 2020/02/09 22:23:15 fault injection: support is not implemented in syzkaller 2020/02/09 22:23:15 leak checking: support is not implemented in syzkaller 2020/02/09 22:23:15 net packet injection: support is not implemented in syzkaller 2020/02/09 22:23:15 net device setup: support is not implemented in syzkaller 2020/02/09 22:23:15 concurrency sanitizer: support is not implemented in syzkaller 2020/02/09 22:23:15 devlink PCI setup: support is not implemented in syzkaller 22:23:17 executing program 0: clock_nanosleep(0x0, 0x0, &(0x7f00000000c0), 0x0) 22:23:17 executing program 1: r0 = socket(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000040)="390000001000090268fe07002b00000001000a0014000000450001070300001419001a00120002000e0001000a004300"/57, 0x39}], 0x1) 22:23:17 executing program 2: mknod(&(0x7f0000000100)='./bus\x00', 0x8005, 0x5200) r0 = open$dir(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) read(r0, &(0x7f0000000000)=""/24, 0x18) 22:23:17 executing program 4: r0 = socket(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000040), 0x4) 22:23:17 executing program 3: r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x80000000000029, 0x3b, &(0x7f0000000000), 0x4) r1 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r1, 0xffff, 0x1023, 0x0, 0x0) getsockopt$sock_cred(r1, 0xffff, 0x1022, &(0x7f0000000300), &(0x7f0000000640)=0xc) geteuid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000000), 0xc) fcntl$getown(0xffffffffffffff9c, 0x5) r3 = getppid() getpgid(r3) msgget$private(0x0, 0x20000003c4) r4 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r4, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) r5 = msgget$private(0x0, 0x100) msgsnd(r5, &(0x7f0000000180)=ANY=[], 0x0, 0x800) msgsnd(r4, &(0x7f0000000e80)=ANY=[@ANYBLOB="03000000000000005aab059e7584be19de16d8a32e0c5d7858899bbc616aeade23aa38f255f2dedc7d9349f609673a9f745b6b5aae9e1e53d2b8d941319c6b5d3b16ea71c4229d0000d8e7497cf22f1cc439ea2b26fcb5355b5b24eab6423706ebfa25245e804c95574b9d3f3d263490ee4823aa6156b2bd8b46afd62f2b01573c376fabb6713c8c3fcbb5c96075498e63bb2e19117fec0866378de0a48ccf0a87d3c451df0c36b08f9d3d602aebea381e7fca35ed7142c2f0d2e5f9ce77c1ecfd58c46c50c8e10a93dcd069cb4d4575ddd417bd2c5f2470a3deaf000000000000a4a3af74e7548a3f0a1ef3e3f4358b30a130a9a062e678e5a37e21591aaa06ab276ae2868755"], 0x107, 0x40000000000800) msgsnd(r4, &(0x7f0000000080)={0x2, "53973e484c49e3f1f3dda6cfa77e40a0edf514b67a4f38e6c1bc61be1e"}, 0x25, 0x800) r6 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r6, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) socket(0x800000018, 0x3, 0x1f) msgrcv(r6, &(0x7f0000003740)={0x0, ""/181}, 0xbd, 0x3, 0x800) 22:23:18 executing program 5: msgget(0x3, 0x8de5e447c4e03e58) 22:23:20 executing program 5: mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x8ad331cb8eb827f0, 0xffffffffffffffff, 0x0, 0x0) 22:23:20 executing program 0: 22:23:20 executing program 4: 22:23:20 executing program 5: 22:23:20 executing program 2: 22:23:20 executing program 3: r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x80000000000029, 0x3b, &(0x7f0000000000), 0x4) r1 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r1, 0xffff, 0x1023, 0x0, 0x0) getsockopt$sock_cred(r1, 0xffff, 0x1022, &(0x7f0000000300), &(0x7f0000000640)=0xc) geteuid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000000), 0xc) fcntl$getown(0xffffffffffffff9c, 0x5) r3 = getppid() getpgid(r3) msgget$private(0x0, 0x20000003c4) r4 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r4, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) r5 = msgget$private(0x0, 0x100) msgsnd(r5, &(0x7f0000000180)=ANY=[], 0x0, 0x800) msgsnd(r4, &(0x7f0000000e80)=ANY=[@ANYBLOB="03000000000000005aab059e7584be19de16d8a32e0c5d7858899bbc616aeade23aa38f255f2dedc7d9349f609673a9f745b6b5aae9e1e53d2b8d941319c6b5d3b16ea71c4229d0000d8e7497cf22f1cc439ea2b26fcb5355b5b24eab6423706ebfa25245e804c95574b9d3f3d263490ee4823aa6156b2bd8b46afd62f2b01573c376fabb6713c8c3fcbb5c96075498e63bb2e19117fec0866378de0a48ccf0a87d3c451df0c36b08f9d3d602aebea381e7fca35ed7142c2f0d2e5f9ce77c1ecfd58c46c50c8e10a93dcd069cb4d4575ddd417bd2c5f2470a3deaf000000000000a4a3af74e7548a3f0a1ef3e3f4358b30a130a9a062e678e5a37e21591aaa06ab276ae2868755"], 0x107, 0x40000000000800) msgsnd(r4, &(0x7f0000000080)={0x2, "53973e484c49e3f1f3dda6cfa77e40a0edf514b67a4f38e6c1bc61be1e"}, 0x25, 0x800) r6 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r6, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) socket(0x800000018, 0x3, 0x1f) msgrcv(r6, &(0x7f0000003740)={0x0, ""/181}, 0xbd, 0x3, 0x800) 22:23:20 executing program 4: 22:23:20 executing program 1: 22:23:20 executing program 3: r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x80000000000029, 0x3b, &(0x7f0000000000), 0x4) r1 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r1, 0xffff, 0x1023, 0x0, 0x0) getsockopt$sock_cred(r1, 0xffff, 0x1022, &(0x7f0000000300), &(0x7f0000000640)=0xc) geteuid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000000), 0xc) fcntl$getown(0xffffffffffffff9c, 0x5) r3 = getppid() getpgid(r3) msgget$private(0x0, 0x20000003c4) r4 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r4, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) r5 = msgget$private(0x0, 0x100) msgsnd(r5, &(0x7f0000000180)=ANY=[], 0x0, 0x800) msgsnd(r4, &(0x7f0000000e80)=ANY=[@ANYBLOB="03000000000000005aab059e7584be19de16d8a32e0c5d7858899bbc616aeade23aa38f255f2dedc7d9349f609673a9f745b6b5aae9e1e53d2b8d941319c6b5d3b16ea71c4229d0000d8e7497cf22f1cc439ea2b26fcb5355b5b24eab6423706ebfa25245e804c95574b9d3f3d263490ee4823aa6156b2bd8b46afd62f2b01573c376fabb6713c8c3fcbb5c96075498e63bb2e19117fec0866378de0a48ccf0a87d3c451df0c36b08f9d3d602aebea381e7fca35ed7142c2f0d2e5f9ce77c1ecfd58c46c50c8e10a93dcd069cb4d4575ddd417bd2c5f2470a3deaf000000000000a4a3af74e7548a3f0a1ef3e3f4358b30a130a9a062e678e5a37e21591aaa06ab276ae2868755"], 0x107, 0x40000000000800) msgsnd(r4, &(0x7f0000000080)={0x2, "53973e484c49e3f1f3dda6cfa77e40a0edf514b67a4f38e6c1bc61be1e"}, 0x25, 0x800) r6 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r6, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) socket(0x800000018, 0x3, 0x1f) msgrcv(r6, &(0x7f0000003740)={0x0, ""/181}, 0xbd, 0x3, 0x800) 22:23:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x40, 0x0) mknod$loop(&(0x7f0000000640)='./file0/file0\x00', 0x0, 0x1) 22:23:20 executing program 5: 22:23:20 executing program 4: 22:23:20 executing program 2: 22:23:20 executing program 5: 22:23:20 executing program 2: 22:23:20 executing program 4: 22:23:20 executing program 2: 22:23:20 executing program 4: 22:23:20 executing program 1: 22:23:20 executing program 5: 22:23:20 executing program 3: r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x80000000000029, 0x3b, &(0x7f0000000000), 0x4) r1 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r1, 0xffff, 0x1023, 0x0, 0x0) getsockopt$sock_cred(r1, 0xffff, 0x1022, &(0x7f0000000300), &(0x7f0000000640)=0xc) geteuid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000000), 0xc) fcntl$getown(0xffffffffffffff9c, 0x5) r3 = getppid() getpgid(r3) msgget$private(0x0, 0x20000003c4) r4 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r4, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) r5 = msgget$private(0x0, 0x100) msgsnd(r5, &(0x7f0000000180)=ANY=[], 0x0, 0x800) msgsnd(r4, &(0x7f0000000e80)=ANY=[@ANYBLOB="03000000000000005aab059e7584be19de16d8a32e0c5d7858899bbc616aeade23aa38f255f2dedc7d9349f609673a9f745b6b5aae9e1e53d2b8d941319c6b5d3b16ea71c4229d0000d8e7497cf22f1cc439ea2b26fcb5355b5b24eab6423706ebfa25245e804c95574b9d3f3d263490ee4823aa6156b2bd8b46afd62f2b01573c376fabb6713c8c3fcbb5c96075498e63bb2e19117fec0866378de0a48ccf0a87d3c451df0c36b08f9d3d602aebea381e7fca35ed7142c2f0d2e5f9ce77c1ecfd58c46c50c8e10a93dcd069cb4d4575ddd417bd2c5f2470a3deaf000000000000a4a3af74e7548a3f0a1ef3e3f4358b30a130a9a062e678e5a37e21591aaa06ab276ae2868755"], 0x107, 0x40000000000800) msgsnd(r4, &(0x7f0000000080)={0x2, "53973e484c49e3f1f3dda6cfa77e40a0edf514b67a4f38e6c1bc61be1e"}, 0x25, 0x800) r6 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r6, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) socket(0x800000018, 0x3, 0x1f) msgrcv(r6, &(0x7f0000003740)={0x0, ""/181}, 0xbd, 0x3, 0x800) 22:23:20 executing program 0: 22:23:20 executing program 4: 22:23:20 executing program 1: 22:23:20 executing program 2: 22:23:20 executing program 5: 22:23:20 executing program 5: 22:23:20 executing program 1: 22:23:20 executing program 0: 22:23:20 executing program 5: r0 = shmget(0x1, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) semctl$GETVAL(r0, 0x0, 0xc, 0x0) 22:23:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = socket(0x2, 0x3, 0x0) connect$unix(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="82026918a56964653000"], 0x10) dup2(r1, r0) setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4) r2 = dup(r0) sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0) 22:23:20 executing program 4: r0 = socket(0x11, 0x3, 0x3) sendto$unix(r0, &(0x7f0000000200)="9b03050400000000000008000101000000000000cea1fea7fef96ecfc73fd3357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882a297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37282902e4fd89720fd3872babfbb770c1f5a872c881ff7cc53c894303b22f310b404f36a00f90006ee01be657aea800000002000000000000020208a371a3f800040000000000000001000000000000000000", 0x39b, 0x0, 0x0, 0x0) 22:23:21 executing program 0: select(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x8b763}) 22:23:21 executing program 3: r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x80000000000029, 0x3b, &(0x7f0000000000), 0x4) r1 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r1, 0xffff, 0x1023, 0x0, 0x0) getsockopt$sock_cred(r1, 0xffff, 0x1022, &(0x7f0000000300), &(0x7f0000000640)=0xc) geteuid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000000), 0xc) fcntl$getown(0xffffffffffffff9c, 0x5) r3 = getppid() getpgid(r3) msgget$private(0x0, 0x20000003c4) r4 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r4, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) r5 = msgget$private(0x0, 0x100) msgsnd(r5, &(0x7f0000000180)=ANY=[], 0x0, 0x800) msgsnd(r4, &(0x7f0000000e80)=ANY=[@ANYBLOB="03000000000000005aab059e7584be19de16d8a32e0c5d7858899bbc616aeade23aa38f255f2dedc7d9349f609673a9f745b6b5aae9e1e53d2b8d941319c6b5d3b16ea71c4229d0000d8e7497cf22f1cc439ea2b26fcb5355b5b24eab6423706ebfa25245e804c95574b9d3f3d263490ee4823aa6156b2bd8b46afd62f2b01573c376fabb6713c8c3fcbb5c96075498e63bb2e19117fec0866378de0a48ccf0a87d3c451df0c36b08f9d3d602aebea381e7fca35ed7142c2f0d2e5f9ce77c1ecfd58c46c50c8e10a93dcd069cb4d4575ddd417bd2c5f2470a3deaf000000000000a4a3af74e7548a3f0a1ef3e3f4358b30a130a9a062e678e5a37e21591aaa06ab276ae2868755"], 0x107, 0x40000000000800) msgsnd(r4, &(0x7f0000000080)={0x2, "53973e484c49e3f1f3dda6cfa77e40a0edf514b67a4f38e6c1bc61be1e"}, 0x25, 0x800) r6 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r6, &(0x7f0000000e80)=ANY=[], 0x0, 0x7fc) msgrcv(r6, &(0x7f0000003740)={0x0, ""/181}, 0xbd, 0x3, 0x800) 22:23:21 executing program 1: open$dir(&(0x7f0000000000)='./file0\x00', 0x2088611, 0x0) open$dir(&(0x7f00000000c0)='./file0\x00', 0x100, 0x0) rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') 22:23:21 executing program 5: mlock(&(0x7f0000001000/0x2000)=nil, 0x800000) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x6) [ 40.7522839] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/net/rtsock_shared.c:631:41, member access within misaligned address 0xfffffe612278e34c for type 'struct rt_msghdr50' which requires 8 byte alignment [ 40.7522839] cpu0: Begin traceback... [ 40.7823514] vpanic() at netbsd:vpanic+0x2aa [ 40.8425063] isAlreadyReported() at netbsd:isAlreadyReported [ 40.9026606] HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xcc [ 40.9628146] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x7b [ 41.0229735] compat_50_route_output() at netbsd:compat_50_route_output+0x1a4a [ 41.0831285] raw_send() at netbsd:raw_send+0x20b [ 41.1432963] compat_50_route_send_wrapper() at netbsd:compat_50_route_send_wrapper+0x9f [ 41.2034411] sosend() at netbsd:sosend+0x15ac [ 41.2535698] do_sys_sendmsg_so() at netbsd:do_sys_sendmsg_so+0x53d [ 41.3137254] do_sys_sendmsg() at netbsd:do_sys_sendmsg+0xcd [ 41.3738816] sys_sendto() at netbsd:sys_sendto+0xc9 [ 41.4340369] sys___syscall() at netbsd:sys___syscall+0x1c8 [ 41.4941911] syscall() at netbsd:syscall+0x29a [ 41.5042171] --- syscall (number 198) --- [ 41.5170294] Skipping crash dump on recursive panic [ 41.5170294] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/arch/amd64/amd64/db_machdep.c:153:24, member access within misaligned address 0x6 for type 'struct x86_64_frame' which requires 8 byte alignment [ 41.5428063] Faulted in mid-traceback; aborting... [ 41.5476664] fatal breakpoint trap in supervisor mode [ 41.5476664] trap type 1 code 0 rip 0xffffffff8021e7cd cs 0x8 rflags 0x282 cr2 0x20000200 ilevel 0x4 rsp 0xffffbe00b20375f0 [ 41.5636309] curlwp 0xfffffe6132f8d0c0 pid 130.3 lowest kstack 0xffffbe00b20352c0 Stopped in pid 130.3 (syz-executor.4) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 db_panic() at netbsd:db_panic+0xd1 vpanic() at netbsd:vpanic+0x2aa isAlreadyReported() at netbsd:isAlreadyReported HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xcc HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x7b db_nextframe() at netbsd:db_nextframe+0x6f6 db_stack_trace_print() at netbsd:db_stack_trace_print+0x2c4 db_panic() at netbsd:db_panic+0x8b vpanic() at netbsd:vpanic+0x2aa isAlreadyReported() at netbsd:isAlreadyReported HandleTypeMismatch.part.1() at netbsd:HandleTypeMismatch.part.1+0xcc HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x7b compat_50_route_output() at netbsd:compat_50_route_output+0x1a4a raw_send() at netbsd:raw_send+0x20b compat_50_route_send_wrapper() at netbsd:compat_50_route_send_wrapper+0x9f sosend() at netbsd:sosend+0x15ac do_sys_sendmsg_so() at netbsd:do_sys_sendmsg_so+0x53d do_sys_sendmsg() at netbsd:do_sys_sendmsg+0xcd sys_sendto() at netbsd:sys_sendto+0xc9 sys___syscall() at netbsd:sys___syscall+0x1c8 syscall() at netbsd:syscall+0x29a --- syscall (number 198) --- [ 41.5710062] Skipping crash dump on recursive panic [ 41.5710062] panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/arch/amd64/amd64/db_machdep.c:154:14, member access within misaligned address 0x6 for type 'struct x86_64_frame' which requires 8 byte alignment [ 41.5710062] Faulted in mid-traceback; aborting... [ 41.5710062] fatal breakpoint trap in supervisor mode [ 41.5710062] trap type 1 code 0 rip 0xffffffff8021e7cd cs 0x8 rflags 0x282 cr2 0x20000200 ilevel 0x8 rsp 0xffffbe00b20362f0 [ 41.5710062] curlwp 0xfffffe6132f8d0c0 pid 130.3 lowest kstack 0xffffbe00b20352c0 Stopped in pid 130.3 (syz-executor.4) at netbsd:breakpoint+0x5: leave