Warning: Permanently added '10.128.0.244' (ECDSA) to the list of known hosts. 2020/07/18 20:28:29 fuzzer started 2020/07/18 20:28:33 dialing manager at 10.128.15.235:36238 2020/07/18 20:28:33 syscalls: 381 2020/07/18 20:28:33 code coverage: enabled 2020/07/18 20:28:33 comparison tracing: enabled 2020/07/18 20:28:33 extra coverage: support is not implemented in syzkaller 2020/07/18 20:28:33 setuid sandbox: enabled 2020/07/18 20:28:33 namespace sandbox: support is not implemented in syzkaller 2020/07/18 20:28:33 Android sandbox: support is not implemented in syzkaller 2020/07/18 20:28:33 fault injection: support is not implemented in syzkaller 2020/07/18 20:28:33 leak checking: support is not implemented in syzkaller 2020/07/18 20:28:33 net packet injection: enabled 2020/07/18 20:28:33 net device setup: support is not implemented in syzkaller 2020/07/18 20:28:33 concurrency sanitizer: support is not implemented in syzkaller 2020/07/18 20:28:33 devlink PCI setup: support is not implemented in syzkaller 2020/07/18 20:28:33 USB emulation: support is not implemented in syzkaller 20:28:42 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bpf\x00', 0x200, 0x0) ioctl$BIOCSDIRFILT(r0, 0x8004427d, &(0x7f0000000040)=0x7) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000080)={'tap', 0x0}) shutdown(0xffffffffffffffff, 0x0) close(0xffffffffffffffff) r1 = dup2(r0, 0xffffffffffffffff) ioctl$WSKBDIO_BELL(r1, 0x20005701) r2 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8000, 0x4) ioctl$TIOCFLUSH(r2, 0x80047410, &(0x7f0000000100)=0x6) r3 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff) fcntl$dupfd(r1, 0x0, r3) getsockopt$SO_PEERCRED(r1, 0xffff, 0x1022, &(0x7f0000000140)={0x0, 0x0}, 0xc) setuid(r4) openat$pf(0xffffffffffffff9c, &(0x7f0000000180)='/dev/pf\x00', 0x800, 0x0) r5 = openat$speaker(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/speaker\x00', 0x10000, 0x0) fcntl$setflags(r5, 0x2, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0/file0\x00', 0x10000, 0x20) writev(r6, &(0x7f0000000340)=[{&(0x7f0000000240)="fc3498b39587daa732a101c9e5016045b071e9004cf74233144d55a766748b9f9fdba8d287ad5f9a7fc899e6b58633b7b46e51cca2e3a89eb39f1e77c8db5c8fc2fe79590fb19c907e3bb86d4308019bf8039bd7660b", 0x56}, {&(0x7f00000002c0)="e9a9748bda4fc5667a274f0afb4af13f22c5622f6c5d95e7ae8aff489ca8c0b8a255e12f11ddb6e37b91da870b45c421dfc2a34981896ab1a0d4cc9343c30fdb848174bf340905c97b66988b3501cabc9820dd4d42745d9c3b95271cb5487a5104bd5ae154201472c7e3dd4f57d492f0e513fb49d943124888ce3a84d9a060", 0x7f}], 0x2) getgid() msgsnd(0x0, &(0x7f0000000380)={0x2, "63d7d7b205c58efd04011b54aa1b6a40d8d1a13c6973f82c86dd1717e0af1ef2a9504537faff91587b43dd7bd36b53c150"}, 0x39, 0x800) 20:28:42 executing program 1: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) connect(r1, &(0x7f0000000040)=@in6={0x18, 0x2, 0xff, 0xd3d4}, 0xc) mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x80, 0x0) mknodat(r2, &(0x7f00000000c0)='./file0\x00', 0x8000, 0x103de70c) ioctl$TIOCCHKVERAUTH(r0, 0x2000741e) r3 = socket(0x18, 0x8000, 0x8) ioctl$FIONREAD(r3, 0x4004667f, &(0x7f0000000100)) socket(0x6, 0x5, 0x0) r4 = socket$inet(0x2, 0x5, 0x7) getsockname$inet(r4, &(0x7f0000000140), &(0x7f0000000180)=0xc) setitimer(0x0, &(0x7f00000001c0)={{0x5, 0x5}, {0x3, 0x7}}, 0x0) bind$inet(r3, &(0x7f0000000200)={0x2, 0x1}, 0xc) r5 = semget(0x2, 0x2, 0x400) semctl$IPC_RMID(r5, 0x0, 0x0) r6 = dup(0xffffffffffffffff) r7 = open$dir(&(0x7f0000000280)='./file0\x00', 0x100, 0x112) renameat(r6, &(0x7f0000000240)='./file0\x00', r7, &(0x7f00000002c0)='./file1\x00') ioctl$TIOCGETD(r0, 0x4004741a, &(0x7f0000000300)) writev(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f00000003c0)="cb5db574", 0x4}, {&(0x7f0000000400)="9f0bf1c940c3b11d53b964461c900c9ff12a246230586633f9168a54e2b31429dab6b6a629747c2f4753861f0469bfcbd5439e5f1c5eb55daebeb0d38483e1e3aa44eb8a69b3c855ab9739acc25d2352690af814abf6b55697ab8898a439a4953215", 0x62}], 0x2) 20:28:42 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000100)={'tap', 0x0}) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x7}, {0x7c}, {0x6}]}) syz_emit_ethernet(0xe, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000000000000000d7cc1317fa511385d6deedf71ddc14aed4ecab3ec0c64e9c"]) 20:28:42 executing program 1: r0 = open$dir(&(0x7f0000001240)='./file0\x00', 0x40000400000002c2, 0x0) ftruncate(r0, 0x0, 0x30000000000) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r1, 0x20004276) r2 = dup(r1) ioctl$BIOCGDLTLIST(r2, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$WSKBDIO_SETBELL(r2, 0x80105703, &(0x7f0000000000)={0x7, 0xfffff851, 0x4e9}) ftruncate(r0, 0x0, 0x20002000008) 20:28:42 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$WSKBDIO_SETENCODING(r1, 0x80045710, &(0x7f0000000080)=0xa48) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r3, 0x20004276) r4 = dup(r3) ioctl$BIOCGDLTLIST(r4, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) getpeername$inet(r4, &(0x7f0000000140), &(0x7f0000000180)=0xc) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r2, 0x20004276) sendto$unix(r4, &(0x7f00000001c0)="6b75051607ccc1f0679fff2586d5fe672efaca59431e15f6fbd7", 0x1a, 0x9, &(0x7f0000000200)=@abs={0x0, 0x0, 0x2}, 0x8) r5 = dup(r2) ioctl$BIOCGDLTLIST(r5, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) connect$unix(r5, &(0x7f0000000100)=@abs={0x1, 0x0, 0x3}, 0x8) syz_emit_ethernet(0x46, &(0x7f0000000240)=ANY=[@ANYBLOB="edfdfd59b5d94639ec8382a608004500001500e0000001030c907800000000470000000000000000000000ac1400bbe00000019406000000000000bc52b1953db96ba49e43f30cfdf86358d185b06c1cbf6966816c1b8e78d9da43746b7acdd640c90b8900"/115]) 20:28:42 executing program 1: r0 = openat$wsmouse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/wsmouse0\x00', 0x80, 0x0) write(r0, &(0x7f0000000080)="1c18ed2e73fc808559d1fcd96245d8e90c46e70e56b90a8a430e87278d3a8ea02556cc956635e138a86d58c0012f2325f534280d24d896a5a9ccbd3d5d9754a7d7480979dcdb3a28c13594a825af8ddf92c981d6f8d22933804b35fc5b0b6eb75c05a46620e852b7caeee577c529b255807872e9558523a3d5f9b3c7fcbce7ff50494f4716a7ddced55d2bb60605cbb1dffee1954c0a820cd4eac07cfbeb9ceedf42d1d9a00c78831bf9994743d6b6cbc6cdf8b9ecb761911731e89c91476663847f6070c8dc3ceb6c5de8b6", 0xcc) sysctl$hw(&(0x7f0000000240)={0x4, 0x17}, 0x2, &(0x7f0000000180)="53847bd907a98dc5f1478c8a91b3f79a0d09f93e34223aec2c22d2edeff631e9aca06310b997bbb7e2e6efad195f33620989e1606db614580495d662c5463f610f31bd0e82c2e170af6feead09c6b4be659c38500551fa0ccad2c1c0b49407137bebd567725cab039ec97e2c3352a0d9664fc663c172ea093fd28df17ed37adaa791a250239a3bef26cf864780bd1edcb2a611a67248958aa4c6222890", 0x0, 0x0, 0x0) 20:28:42 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bpf\x00', 0x4000000019, 0x0) r1 = openat$klog(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/klog\x00', 0x40, 0x0) fcntl$getown(r1, 0x5) ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f0000000080)={0x3, &(0x7f00000000c0)=[{0x6c}, {0x81}, {0x6, 0x0, 0x0, 0xfd}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000040)={'tap', 0x0}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0xd5906e0e868d487e, 0x0) ioctl$BIOCSDIRFILT(r2, 0x8004427d, &(0x7f0000000180)=0x8) write(r0, &(0x7f0000000080)="7cd23fc0aa17dddf7830faa1aaab", 0xe) 20:28:42 executing program 0: sysctl$kern(&(0x7f0000000000)={0x1, 0x54}, 0x2, &(0x7f00000000c0)="7343c9f13a1a65a5dc41e7000055b9e7c7e60c80a00111703c8ad427b38b2f8aa720381c97827991a34f07000000aa8428b796be7c3b0dec5cf124fe012d6fc07aeaae1028cd4c8391f916efee16d809a6a0b0b5f077d55f10bf208a1501000000000000c315c5459032ba78cf06e3e6dff86da9ac815ad539c221d0d8894615ff18fc678944d0f65ab486924ff505c7690ded14f9ca833b67ff074a41b9c62e63182ec537052a6472066ce21532deaac00c6ee5dd8cca0bd9c132e66331f794", 0x0, 0x0, 0x0) 20:28:42 executing program 1: ioctl$VMM_IOC_CREATE(0xffffffffffffffff, 0xc5005601, &(0x7f0000000040)={0x10, 0x0, 0x4, 0x0, [{&(0x7f0000d91000/0x4000)=nil, &(0x7f00006c5000/0x2000)=nil}, {&(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil}, {&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil}, {&(0x7f0000fee000/0x12000)=nil, &(0x7f0000cf9000/0x2000)=nil}, {&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000679000/0x2000)=nil}, {&(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil}, {&(0x7f0000762000/0x2000)=nil, &(0x7f00000a6000/0x1000)=nil}, {&(0x7f0000e56000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil}, {&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil}, {&(0x7f0000ff2000/0x2000)=nil, &(0x7f00009fd000/0x600000)=nil}, {&(0x7f0000aec000/0x4000)=nil, &(0x7f0000acd000/0x3000)=nil}, {&(0x7f0000c0e000/0x3000)=nil, &(0x7f0000c5e000/0x3000)=nil}, {&(0x7f0000e4c000/0x4000)=nil, &(0x7f0000dad000/0x4000)=nil}, {&(0x7f0000df3000/0x1000)=nil, &(0x7f0000ff0000/0x1000)=nil}, {&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000fe0000/0x1000)=nil}, {&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000e13000/0x1000)=nil}], ['./file1/file0\x00', './file0\x00', './file0\x00', './file0\x00'], './file0\x00', './file0\x00', './file0\x00', ['./file', './file', './file', './file']}) writev(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f0000000140)='#', 0x1}], 0x1) sendto$unix(0xffffffffffffffff, &(0x7f00000000c0)="b100050460000000000008000705", 0xe, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x11, 0x4003, 0x0) sendto$unix(r0, &(0x7f00000000c0)="b100050460000000000008000701000000000000cea1fea7fef96ecfc73fd3357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37282902e4fd89720fd3872babfbb770c1f5a872c881ff7cc53c894303b22f310b404f36a00f90006ee01be657aea8c500000002000000000000020208a371a3f8000400000000000000010000000000000000", 0xb1, 0x0, 0x0, 0x0) 20:28:42 executing program 0: sysctl$kern(&(0x7f0000000040)={0x1, 0x1a}, 0x2, 0x0, 0x0, 0x0, 0x0) syz_open_pts() r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="03"], 0x156, 0x0) msgrcv(r0, &(0x7f0000000ec0)={0x0, ""/4096}, 0x1008, 0x0, 0x0) msgsnd(r0, &(0x7f0000000040)={0x1, "aa11a063c2af7ab450410ea46d987b02fce2d16a32cf7b9417e03b8ce626734d04a0824994e07eee0b6bd141a0bc021cfe8e10efc9e79ebaec6a638715bfcc653fb1207395d227f54cf4ece92cb5f7e336ebac5f75a3ca20b4704cc02190e1eeff5a709c2b64b47047c33b54dcee39ad46c9b74d55"}, 0x7d, 0x800) msgctl$IPC_RMID(r0, 0x0) 20:28:42 executing program 1: sysctl$kern(&(0x7f0000000080)={0x1, 0xf}, 0x2, &(0x7f0000000180)="00b8cbc5", &(0x7f0000000000)=0x4, &(0x7f00000001c0)="bdb1629a2bd66150afd8ffff57a33204e32f5eb8f2b4c52b6709a480cad2f34dad649c8b26777a8bb3f3502091eab905da2b24313f0fa4eb1a55f25eb0e9a4f6ca5054b94fae2e7122243af323cefd4291ad813f7d3ab1a0ab07b20ceea6dfad47775a2dea734cfcfc81c710dbcd2f8e13feaec0deb45720d775e867b3fad7e63de9202d99d6d01845ec78f426227153fc4b237ad42e3c91aaf954651fa396df23fa483bb8cc1da69e85d65ee965c7657808669814f93985ca2f7272285d9a540f603358f130636bd791db77491ad883570441ff7ced853cf0e7e579aca845248a00ee17d057f8a681cea1271ea8c120582a5c41cc423e70074310f74b9f5203e8a9c2a4011aba1f42429774b9e2b1695d28fba4d99cdb7356e317b0092e824e015a1acf1edb3fc65846032cfe9b1c040193c2c0a33be928040a29a13d2e31a59b36629febf0c5f8b07f5f6eb3ec1f0e56a9183b6c362d6dacf0b6bde493e44c790000", 0x163) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) fchmodat(r1, &(0x7f0000000040)='./file0\x00', 0x8, 0x6) r2 = semget$private(0x0, 0x5, 0x46) semctl$GETVAL(r2, 0x1, 0x5, &(0x7f0000000340)=""/192) semctl$SETALL(r2, 0x0, 0x9, &(0x7f00000001c0)=[0x4, 0x6, 0x3]) semctl$GETNCNT(r2, 0x2, 0x3, &(0x7f0000000100)=""/18) 20:28:42 executing program 0: r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x80, 0x1c6) mknodat(r0, &(0x7f0000000040)='./file0\x00', 0x4, 0xb4) 20:28:42 executing program 1: r0 = openat$pf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pf\x00', 0x2, 0x0) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r1, 0x20004276) dup(r1) ioctl$FIONREAD(r1, 0x4004667f, &(0x7f0000000000)) ioctl$VMM_IOC_RUN(0xffffffffffffffff, 0xc0205602, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={{}, {[], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff], [0xffffffffffffffff, 0x0, 0x802]}}}) ioctl$FIOASYNC(r0, 0xcd604404, &(0x7f0000000240)) 20:28:42 executing program 0: sysctl$fs(&(0x7f0000000000)={0x2, 0x1}, 0x287a647042a383fa, 0x0, 0x0, 0x0, 0x687dbe722b315b5f) 20:28:43 executing program 1: sysctl$net_inet_ip(&(0x7f0000000240)={0x4, 0x2, 0x0, 0x13}, 0x4, &(0x7f0000000180)="3ab1c233cd179d0f8d04e3e7fd6e5ae4e85dc7bc5e2810528bf71779ecdda366ca18f5a5935c7264e8115b14faf2d159ce0b3044bebab099c29859643f396b002244d86b959aa57fdc02c780737db5afb70234c49ac0876315c4a92fe2a190332829a46e741885303b47cd8687c8ee6fcb0970c5b07240839eddb1d79317b9414520b16342cb072e6736497a683c999a08b227a248afc8fe237f1ad4c997bd8f5b957c0abcea94c71bd00ecc7dc99ec0dfa617be6d51434d9193a2d5c0dfbd", &(0x7f0000000340)=0xbf, &(0x7f0000000380)="539c78fea2b57e50c8eed734e4a2775cd6b401abf597635f1a7ebe167243de9bd1aed7377c4ece357c0373cbc0fa63b3bc0faca3f40a3d261e571aa86e95ea18d64b1ccf97881e4e1dd98c4021f08b93a71d0dfa0958edaa094a454cc3a5e99f652c3456d6f2b6bd9ad8104886732fa5aa2546060ccc79f483437b585ebb6e6d03ca7383f3817b46ecafce77e826652dd38184d0b9ae2726c9bf83f372f39263990ebe1712f05290d110030027425e", 0x4) r0 = semget$private(0x0, 0x5, 0x46) semctl$GETVAL(r0, 0x1, 0x5, &(0x7f0000000340)=""/192) semctl$SETALL(r0, 0x0, 0x9, &(0x7f00000001c0)=[0x4, 0x6, 0x3]) semctl$GETZCNT(r0, 0x4, 0x7, &(0x7f0000000000)=""/61) 20:28:43 executing program 0: mknod(&(0x7f00000000c0)='./bus\x00', 0x100, 0x86138) syz_open_pts() r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) kevent(0xffffffffffffffff, &(0x7f0000000180)=[{{r0}, 0xfffffffffffffff8, 0x0, 0x20000000, 0x4, 0x8000000000}], 0x0, 0x0, 0x0, 0x0) syz_extract_tcp_res(&(0x7f0000000080), 0x3f, 0x9) r1 = open(&(0x7f0000000000)='./bus\x00', 0x1, 0x0) write(r1, &(0x7f0000000040)="510fc3a038", 0x5) ioctl$VMM_IOC_READREGS(0xffffffffffffffff, 0xc2485607, &(0x7f0000000580)) pwritev(r1, &(0x7f00000002c0)=[{&(0x7f0000000180), 0xff20}], 0x100000000000005e, 0x0, 0x0) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r2, 0x20004276) r3 = dup(r2) ioctl$BIOCGDLTLIST(r3, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) r4 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r4, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r4, 0x20004276) r5 = dup(r4) ioctl$BIOCGDLTLIST(r5, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) renameat(r3, &(0x7f0000000100)='./bus\x00', r5, &(0x7f0000000140)='./bus\x00') 20:28:43 executing program 1: sysctl$kern(&(0x7f0000000040)={0x1, 0x34}, 0x2, &(0x7f0000000480)="c7ab30ac", &(0x7f00000002c0)=0x4, 0x0, 0x0) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) getsockopt$sock_timeval(r1, 0xffff, 0x1006, &(0x7f0000000000), &(0x7f0000000080)=0x10) 20:28:43 executing program 0: r0 = openat$pf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pf\x00', 0x0, 0x0) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r1, 0x20004276) r2 = dup(r1) ioctl$BIOCGDLTLIST(r2, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$WSDISPLAYIO_GETEMULTYPE(r2, 0xc014575e, &(0x7f0000000000)={0x6, './file0\x00'}) ioctl$FIOASYNC(r0, 0xc0104419, &(0x7f0000000240)=0x9) 20:28:43 executing program 1: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) setreuid(0xee00, 0x0) chmod(&(0x7f0000000200)='./file0\x00', 0x1c2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0xffff, 0x1022, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f00000000c0)=0xffffffffffffff14) chown(&(0x7f00000001c0)='./file0\x00', 0x0, r1) r2 = getuid() setreuid(0xee00, r2) unveil(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000100)='c\x00') r3 = semget$private(0x0, 0x4, 0x189) getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000300)={0x0, 0x0}, &(0x7f0000000140)=0xc) r5 = getgid() semop(r3, &(0x7f00000002c0), 0x0) semctl$IPC_SET(r3, 0x0, 0x1, &(0x7f0000000480)={{0x20000008, r4, 0x0, 0x0, r5, 0x100010024, 0x207}, 0x9, 0x7, 0x2}) semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000540)={{0x20008006, 0x0, 0x0, 0x0, r1, 0x100010024, 0x207}, 0x7, 0xc, 0x2}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x1013, 0xffffffffffffffff, 0x0, 0x200000dc) ioctl$WSMOUSEIO_SCALIBCOORDS(0xffffffffffffffff, 0x81205724, &(0x7f0000000340)={0x40, 0x838, 0xf0b, 0x10001, 0x6, 0x21d, 0x3f, 0x10, [{0x5, 0x3, 0x4, 0x200}, {0x1, 0x20, 0xfc, 0x8000}, {0x7, 0x5, 0x0, 0x64c}, {0x1, 0x10000, 0x0, 0x5a6}, {0x3ff, 0x7, 0xffff, 0x10000}, {0x1de, 0x7, 0x2, 0x7fffffff}, {0x100, 0x1, 0x8, 0x20}, {0x4, 0x7ff, 0x9, 0xfffffffc}, {0x2020, 0x6, 0x7fffffff, 0x80000001}, {0x0, 0x800059, 0x8, 0x2}, {0x7, 0x40, 0x2, 0x800}, {0x45, 0x8, 0xec89, 0xe1}, {0x81, 0x5, 0x10000, 0xa8cf}, {0xffff, 0x9, 0x10000, 0x70ef}, {0xfff, 0x0, 0x1, 0x3}, {0x4, 0x8f4, 0x7, 0xfff}]}) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$WSKBDIO_GETBELL(0xffffffffffffffff, 0x40105704, &(0x7f0000000240)) ioctl$TIOCSETAW(0xffffffffffffffff, 0x802c7415, &(0x7f0000000280)={0x3, 0x7, 0x4, 0x3f, "45a3e0c4e6d426a049ed18a432565a03050e2268", 0x1, 0x8}) 20:28:43 executing program 1: open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) pipe(&(0x7f0000001280)={0xffffffffffffffff, 0xffffffffffffffff}) read(r0, &(0x7f0000001740)=""/4096, 0x1000) preadv(0xffffffffffffffff, &(0x7f00000004c0), 0x0, 0x0, 0x0) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x611, 0x0) fcntl$setstatus(r3, 0x4, 0x80) pwritev(r3, &(0x7f00000003c0), 0x273, 0x0, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2, 0x10, r2, 0x0, 0x0) write(r1, &(0x7f0000000000)='w', 0x1) mprotect(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1) writev(r1, &(0x7f0000000200)=[{0x0}], 0x10000000000000ab) execve(0x0, 0x0, 0x0) ioctl$BIOCLOCK(0xffffffffffffffff, 0x20004276) dup(0xffffffffffffffff) r4 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r4, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r4, 0x20004276) dup(r4) dup2(r3, 0xffffffffffffffff) 20:28:43 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bpf\x00', 0x10000, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$WSDISPLAYIO_GETEMULTYPE(r1, 0xc014575e, &(0x7f0000000000)={0x3f, './file0\x00'}) sysctl$vfs_ffs(&(0x7f0000000040)={0xa, 0x3, 0x10}, 0x3, 0x0, 0x0, 0x0, 0x0) 20:28:43 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000000680)=[{&(0x7f0000000200)=""/122, 0x1ca}, {&(0x7f0000000440)=""/109, 0xffc8}, {&(0x7f0000000040)=""/202}, {&(0x7f0000000180)=""/9}, {&(0x7f00000004c0)=""/96}, {&(0x7f0000001980)=""/167, 0x28}, {&(0x7f0000000000)=""/40}], 0x2, 0x0, 0x0) mknod(&(0x7f00000001c0)='./bus\x00', 0x2003, 0xa6138) readlink(&(0x7f0000000140)='./bus\x00', &(0x7f0000000300)=""/121, 0x79) r0 = open(&(0x7f0000001ac0)='./bus\x00', 0x301, 0x0) pipe(&(0x7f0000000280)) pwritev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000380)="2d2de36fbb2570e7a87092f363494b982c52fb865a09e6867f47cd79f1c75afdb259c1c76de47bc7e84caa8f8989f87788cff2bcb32cfa17f1de2379f2f8ff390f2204f776b7ec922f643f7368e88598bca5fcab3ff738dae01b76d102d62a8f183d4c48b8359914829b0302c118d9df0f126a9af41d", 0x76}], 0x1, 0x0, 0x0) pwritev(r0, &(0x7f0000000140), 0x28f, 0x0, 0x0) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bpf\x00', 0x4000000005, 0x0) ioctl$BIOCSETWF(r1, 0x80104277, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x4d}, {0x2c}, {0x6, 0x0, 0x0, 0x87ff}]}) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) write(r1, &(0x7f0000000180)="3c9ebb8a65237a19000000000000", 0xe) ioctl$BIOCSRSIG(r0, 0x80044272, &(0x7f0000000640)=0xb3) 20:28:43 executing program 1: r0 = getuid() geteuid() r1 = getuid() setreuid(0xee00, r1) r2 = getuid() setreuid(r2, r1) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) r4 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r4, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r4, 0x20004276) dup(r4) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000100)={'tap', 0x0}) ioctl$BIOCLOCK(r3, 0x20004276) r5 = dup(r3) ioctl$BIOCGDLTLIST(r5, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) getsockopt$SO_PEERCRED(r5, 0xffff, 0x1022, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0xc) semget$private(0x0, 0x3, 0x211) semget$private(0x0, 0x3, 0x403) lchown(&(0x7f0000000000)='./file0\x00', r0, r6) syz_emit_ethernet(0x46, &(0x7f0000000180)=ANY=[@ANYBLOB="edfdfd59b5d94639ec8382a6080045000038000000000001907800009078000000000000fffc000000000000ac1400bbe0000001f5000000000000000000bf77aaaeffff832466f0b6a6b1639800d63cbdf61fa2ff4db248bff1c2b95b90537e80c41a9eed05df08ff7c675271832415aebd197378e96dc2f6160762df4ffaa9dde0837890aadee044d76677054ec87f1bd71fe5bef46c2852da91034855a78b5e66a45408c4b22033528a4162513ce61e807087ac6a694598ddf1f6b702b5442a9bf9881f9332645ec7d19dfeea"]) 20:28:43 executing program 0: sysctl$net_inet_ip(&(0x7f0000000240)={0x4, 0x2, 0x0, 0x1b}, 0x4, &(0x7f0000000180)="3ab1c233cd179d0f8d04e3e7fd6e5ae4e85dc7bc5e2810528bf71779ecdda366ca18f5a5935c7264e8115b14faf2d159ce0b3044bebab099c29859643f396b002244d86b959aa57fdc02c780737db5afb70234c49ac0876315c4a92fe2a190332829a46e741885303b47cd8687c8ee6fcb0970c5b07240839eddb1d79317b9414520b16342cb072e6736497a683c999a08b227a248afc8fe237f1ad4c997bd8f5b957c0abcea94c71bd00ecc7dc99ec0dfa617be6d51434d9193a2d5c0dfbd", &(0x7f0000000340)=0xbf, &(0x7f0000000380)="539c78fea2b57e50c8eed734e4a2775cd6b401abf597635f1a7ebe167243de9bd1aed7377c4ece357c0373cbc0fa63b3bc0faca3f40a3d261e571aa86e95ea18d64b1ccf97881e4e1dd98c4021f08b93a71d0dfa0958edaa094a454cc3a5e99f652c3456d6f2b6bd9ad8104886732fa5aa2546060ccc79f483437b585ebb6e6d03ca7383f3817b46ecafce77e826652dd38184d0b9ae2726c9bf83f372f39263990ebe1712f05290d110030027425e", 0xaf) r0 = msgget$private(0x0, 0x2) r1 = geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000400)={0x0, 0x0, 0x0}, &(0x7f0000000440)=0xc) chown(&(0x7f0000000000)='./file0\x00', 0x0, r2) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r3, 0x20004276) r4 = dup(r3) ioctl$BIOCGDLTLIST(r4, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) getsockopt$sock_cred(r4, 0xffff, 0x1022, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) sysctl$vm(&(0x7f0000000140)={0x2, 0xc}, 0x2, &(0x7f0000000280)="afa44ee462670325ac94f26f1be58b0b131f908ab73a504324168fb2d8556dc638413f9379a7e373aaf44c7147948b49df229948fc7c62983b14f67f41d43aa6e2f64775b03f55eefcd95d80fb5e620e66f19794d0e5f57b6b13b64092826ad2630c1af2ccde60268caabd12192c18e202c62ca998d1e56257a85517b9eedf3caac8a5161d2f2425d259e824bbd9628589abebe82f7ce0bb31e4d205d852a09014be", &(0x7f0000000480)=0xa2, &(0x7f00000004c0)="df611c0d0739b90a9992c5f4f56c3e7df3271876df90d8be35583e078c8474ae97a65b58929c9af98af09c43532afe7dd753d2a73c3ac3eec1d301cbf7ef5165759590be6cc4b1f899202969c3777e62a67f5724d6d7701d3eeeab66a9bbe08d1bfcbe7189cc5a2ff8509b52552dcb671c4f2cd057e58acdaf373c7562d8469913caceeb5617d2010723bb83ee39df860b9aa8916c5bdd6c477b1b4a3e6faced5de45b96dc685838eb98dffe07993e40dcd78eaea5a960f357dffafd07f6c75314f06b57b7ae93381ee730e8d21dd4878fa0", 0xd2) r6 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r6) msgctl$IPC_SET(r0, 0x1, &(0x7f00000000c0)={{0x10000, r1, r2, 0x0, 0xffffffffffffffff, 0x2b, 0xd2}, 0xffff, 0xffffffffffff3652, r5, r6, 0x4, 0x100000000, 0x6, 0x1}) msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000000)=""/35) 20:28:43 executing program 1: clock_settime(0x0, 0xffffffffffffffff) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) r2 = dup(r1) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f0000000000)={'tap', 0x0}) 20:28:43 executing program 0: syz_emit_ethernet(0xcd, &(0x7f0000000000)={@random="259bd0493f63", @random="d0eab5fb5f2e", [], {@generic={0x1989, "3117963907fb098f0301ff5728707c4bc4b7fb3a94dc625493dac348ff020ac6dea4ef201b085e90c5b2e81502b2a1ab177575bd279b7770646bf01f14fea2a4193a70883c5205bf4f45fdf3097055d6955b9e9d8a390a786b2be3060b0d36fc30472c84ee823a3cc9087b08ffde704c0963da423b4cdb99bfa77b25231aad05daadbb1433fafc2f3dc2e4f36ab3e0daddc1067bcf24dd3d2e78b2a8b4137c32161fcaa9d3913498cc4ea4c66a8ba217383b8b8b033ef73a0f7b6d8a478d8a"}}}) 20:28:43 executing program 1: kevent(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180)=[{{}, 0x0, 0x0, 0x0, 0x400000000001}], 0x0, 0x0) r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x29, 0xa, &(0x7f0000000000)="03000000", 0x4) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) lseek(0xffffffffffffffff, 0x0, 0x8, 0x1) ioctl$LIOCSFD(r1, 0x80046c7f, &(0x7f0000000080)=r0) setsockopt(r0, 0x29, 0x80000000000000d, &(0x7f0000000180), 0x14) 20:28:43 executing program 1: syz_emit_ethernet(0x4e, &(0x7f0000000100)={@broadcast, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x18, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0x0}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@ndisc_na={0x88, 0x0, 0x0, 0x0, [], @mcast2}}}}}}) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$VMM_IOC_CREATE(r1, 0xc5005601, &(0x7f0000000180)={0x10, 0x9, 0x4, 0x6, [{&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x5}, {&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x8}, {&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x1}, {&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, 0x9}, {&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x180000}, {&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0xfa}, {&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x8}, {&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x4}, {&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x2}, {&(0x7f0000ff9000/0x6000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x8954}, {&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x708e}, {&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x7ff}, {&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x7fffffff}, {&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x2}, {&(0x7f0000ff4000/0xc000)=nil, &(0x7f0000ff5000/0x1000)=nil, 0x7}, {&(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ff5000/0x2000)=nil, 0x7}], ['./file0\x00', './file0\x00', './file0\x00', './file0\x00'], './file0\x00', './file0\x00', './file0\x00', ['./file', './file', './file', './file']}) 20:28:43 executing program 0: syz_emit_ethernet(0xb6, &(0x7f0000000480)={@local, @remote, [], {@ipv4={0x800, {{0x21, 0x4, 0x0, 0x0, 0xa8, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @empty, {[@noop, @timestamp={0x44, 0x10, 0x0, 0x3, 0x8, [{[], 0x1}, {[@rand_addr=0x8], 0x80}]}, @rr={0x7, 0x27, 0x40, [@local={0xac, 0x14, 0x0}, @rand_addr=0xbf6, @empty, @remote={0xac, 0x14, 0x0}, @multicast1, @loopback, @local={0xac, 0x14, 0x0}, @empty, @empty]}, @timestamp={0x44, 0x38, 0x4, 0x1, 0x6, [{[@multicast1], 0x101}, {[@loopback], 0x1f}, {[], 0x7}, {[], 0xf449}, {[], 0x9}, {[@empty], 0xff}, {[@broadcast], 0x8}, {[@empty], 0x7}]}]}}, @icmp=@dest_unreach={0x3, 0x3, 0x0, 0x0, 0x0, 0x0, {0x7, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @local={0xac, 0x14, 0x0}, {[@lsrr={0x83, 0x7, 0x3, [@rand_addr=0x6]}]}}}}}}}) r0 = socket(0x2, 0x8001, 0x0) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000080)={'tap', 0x0}) ioctl$BIOCVERSION(r1, 0x40044271, &(0x7f0000000040)) ioctl$BIOCSETWF(r1, 0x80104277, &(0x7f00000000c0)={0x20000051, &(0x7f0000000000)=[{0x81}, {0x30, 0xfe, 0x2, 0x2}, {0x6, 0x0, 0x0, 0xfb}]}) semop(0x0, &(0x7f0000000100)=[{0x0, 0x5022, 0x1000}, {0x1, 0x0, 0x800}], 0x2) semop(0x0, &(0x7f0000000380)=[{0x0, 0xffffffffffffffff, 0x1800}, {0x2, 0x20}, {0x3, 0x0, 0x800}, {0x4, 0x5}, {0x0, 0x7, 0x1800}], 0x5) r2 = semget$private(0x0, 0x5, 0x46) semctl$GETVAL(r2, 0x1, 0x5, &(0x7f0000000340)=""/192) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) dup(r3) socket(0x18, 0x1, 0x0) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000140)={0x0, 0x0}, 0xc) setreuid(r4, 0xee01) socket(0x19, 0x4000, 0x9) semctl$SETALL(r2, 0x0, 0x9, &(0x7f00000001c0)=[0x4, 0x6, 0x3]) getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000400)={0x0, 0x0, 0x0}, &(0x7f0000000440)=0xc) chown(&(0x7f0000000000)='./file0\x00', 0x0, r5) getuid() 20:28:43 executing program 0: sysctl$kern(&(0x7f0000000000)={0x1, 0x23}, 0x2, &(0x7f00000002c0)="1defebf2b760296a9f1a9a0b9ac812d9f0ad5da3fe5dca3a4ec586447754578a342039a3240e20cebcc67027e42d10438ea897ebb37f681d9b0a9dd650c11ead85b5481c83e9f44785008471a6e5ffc43e7cc3239895e7b8330346", &(0x7f00000000c0)=0x5b, &(0x7f0000000240)="6fe9e990293de4a83bdcecc0b601cf7438e0e01eea970fb8754e618b6627792deb368d52944aaaa8714752df7ae2949c418be244b9f35165c94709c7a7577fb15ecce0f91f97539c832c1114433f8cea672c7ff36d32ce3490d12aed2bbab11935558b", 0xfffffe1a) openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r2, 0x20004276) r3 = dup(r2) ioctl$BIOCGDLTLIST(r3, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$BIOCSDLT(r3, 0x8004427a, &(0x7f0000000140)=0x3ff) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f0000000100)={'tap', 0x0}) r4 = open(&(0x7f0000000040)='./file0\x00', 0x70e, 0x0) pwritev(r4, &(0x7f0000000080)=[{&(0x7f00000004c0)="90c3fe67eb586898600425f2f573e0d1ac83c18d65c8e22066c0d389fe894a974c8d45aaf9d2e7ae9fed58938ea6ac68a0b0632688ca0fab3647175abf22fea120c9b3bb77ca60c128295bf234505356095dbf9e50a4a5079723b57fed8ef0a251b91e67e1f5d347d5b668a390a25beea3962e7c10b8d9f53f5c82b5eacc26757d14f2fa6be9a2cbb2cfacc5e906df", 0x8f}], 0x1, 0x0, 0x0) mmap(&(0x7f0000000000/0x13000)=nil, 0x13000, 0x5, 0x10, r4, 0x0, 0x0) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) socket(0x2, 0x3, 0x0) 20:28:43 executing program 1: setpgid(0x0, 0xffffffffffffffff) r0 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r0) ktrace(&(0x7f0000000100)='./file0\x00', 0x0, 0xb21e3dd01624f3d, r0) r1 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/wsmouse\x00', 0x2, 0x0) r2 = getpid() r3 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r3) ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78759a, r3) r4 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) r5 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r5, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r5, 0x20004276) dup(r5) ioctl$BIOCSETIF(r5, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r4, 0x20004276) r6 = dup(r4) ioctl$BIOCGDLTLIST(r6, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$KDSETLED(r6, 0x20004b42, &(0x7f0000000000)=0x2) fcntl$lock(r1, 0x9, &(0x7f0000000040)={0x3, 0x1, 0x3, 0x7, r2}) 20:28:43 executing program 0: ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{}, {0x2b, 0x0, 0x3}]}) ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x10000000000001}}) ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, "00000000000000000000f2ffffffffffffff4000"}) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) connect$unix(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYRES16, @ANYBLOB="c7f853ca8bd601e6a7264d7baab7ad949ae585bab7fa60a72fd8e49fa2ef575aae9c73f36881864030a4d615efb1713f6c461698547b60165cea443e6919a31f0c8873b4c65809846aa73c7e58172d69ae152e3e3b77da149ecd96ee381ec5562f552e7c240103fdccba527cab24f6074f65f8b8ec44b462575c224b2858f7d420cfc4518711f36d831ee1cb0f104c4370a6da088d5b38a1b6126984f10dbbdf7dfd0a3a84f1d6ec9d7667918c45fc06d304afe6776590402a3fc3b5a32a08a0475116b015cca3e67b9afec1c660019589f327947183903b1d5acdd926411cc78c5faec1a22b544f53b9679f5cf88dedccd32eb50796cd9fb0e181abe0659abb1fb5a66985ed66636e", @ANYRES64], 0x1) ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, "010000000000000000ffffff7f00"}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x29, 0xc, &(0x7f0000000140)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) r1 = socket(0x18, 0x1, 0x0) close(r1) r2 = socket(0x18, 0x2, 0x0) close(r2) socket(0x400000000018, 0x3, 0x3a) ioctl$BIOCGDLTLIST(0xffffffffffffffff, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) r3 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) ioctl$WSMOUSEIO_SRES(r3, 0x80045721, &(0x7f0000000100)=0x6) setsockopt(r2, 0x1000000029, 0x2e, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c) write(r2, &(0x7f0000000040)="100a2956b9223776", 0x21d) 20:28:43 executing program 0: r0 = socket(0x11, 0x4003, 0x0) sendto$unix(r0, &(0x7f00000000c0)="b100050460000000000008000001000000000000cea1fea7fef96ecfc73fd3357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d02810000000000000018e4fd89720fd3872babfbb770c1f5a872c881ff7cc53c894303b22f310b404f36a00f90006ee01be608a371a3f800040000000000000001000000000000000000000000000000000001000000000000", 0xb1, 0x0, 0x0, 0xfffffffffffffdcc) r1 = semget$private(0x0, 0x4000000009, 0x284) semop(r1, &(0x7f0000000380)=[{0x1, 0xffff}, {0x2, 0x2, 0x800}, {0x2, 0x4, 0x1800}, {0x3, 0x2, 0x800}], 0x4) semop(r1, &(0x7f0000000380), 0x1d) semctl$SETVAL(0x0, 0x4, 0x8, &(0x7f0000000100)=0x7) semop(r1, &(0x7f0000000380)=[{0x4, 0x4, 0x3000}, {0x4, 0x6, 0x1000}, {0x3}, {0x4, 0x200, 0x1800}, {0x1, 0x2e5, 0x1000}, {0x0, 0x8, 0x1800}, {0x4, 0x7}], 0x7) semctl$GETVAL(r1, 0x2, 0x5, &(0x7f0000000180)=""/71) r2 = semget$private(0x0, 0x0, 0x2ac) semctl$SETVAL(r2, 0x4, 0x8, &(0x7f0000000000)=0x2) semctl$IPC_RMID(r2, 0x0, 0x0) bind(r0, &(0x7f0000000000)=@in6={0x18, 0x1, 0x0, 0x8001}, 0xc) syz_extract_tcp_res(&(0x7f0000000040), 0x8, 0x3) semctl$GETNCNT(r1, 0x1, 0x3, &(0x7f00000000c0)=""/43) semctl$SETVAL(r2, 0x2, 0x8, &(0x7f0000000080)) semop(0x0, &(0x7f0000000100)=[{0x0, 0x5022, 0x1000}, {0x1, 0x0, 0x800}], 0x2) semop(r1, &(0x7f0000000380)=[{0x0, 0xffffffffffffffff, 0x1800}, {0x2, 0x20, 0x1000}, {0x3, 0x10, 0x800}, {0x2, 0x7f}, {0x1, 0x7, 0x800}], 0x5) semctl$SETVAL(0x0, 0x0, 0x8, &(0x7f0000000200)=0x4) semctl$GETVAL(0x0, 0x0, 0x5, &(0x7f00000003c0)=""/4096) mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1) 20:28:43 executing program 1: syz_emit_ethernet(0x42e, &(0x7f0000000940)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd600000000000000000000000000000000000000000000000feffff00"/54]) 20:28:43 executing program 1: sysctl$net_inet_carp(&(0x7f0000000000)={0x4, 0x2, 0x6c, 0x3}, 0x4, &(0x7f0000000140)="a9b0c34387f5d9b37d3e2a6c695e34461e17075343954e6371ffae9aaae150621e2672d01b5b710faf4a8ccea494a1999765272ccc718114eb0d98b716f9106bb65fd5b3b5d0375ea0b8afff8992ccae30f9ca81131ac241f2dd8df39ed0e8d26a2a25925b927cb99039ebd8015e374ae92534509a73eedc19df3f1d0a470d4d59c2839480d77d319de26e8be12ebf4b5f370ae38d16f4a399780b28c1702221e355ad5d333432475169161e6eb60a8e6d1f471789c49d344e819ca7cbe10e07b329ccb8139c68be", &(0x7f0000000240)=0xc8, 0xffffffffffffffff, 0x0) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) getpeername$inet(r1, &(0x7f0000000040), &(0x7f0000000080)=0xc) 20:28:43 executing program 0: sysctl$net_inet_gre(&(0x7f0000000000)={0x4, 0x2, 0x4, 0x1}, 0x4, &(0x7f0000000400)="c5a22f6368e10831bbc79f338b286dc9ed7fb3943cb12cb3040b9a99299e2ca58006c52d0e6c6b523537b87d0113cb6e9d16890175af893e475a752cac806e20e3f9c946f9a4f2c4136c1b5c9df87e8991b48583686f3b0cd6ed40469b894abcbbbf69ca270754aeab93d536fcd5a92b1d953beca89bd19f577741eff8f0437994158152b82c2728bcd6de343babe3dd5677ab71a3fb91e9c385144ca8771d5537dd91b9e80603264cfc335f6613c381f65d2096a130291085ded31240b692659ba7ce6a73048073c4cfad0097ebb62eeec0eba75c2684221c0faf34a0488fe3dd9c34483db04fd7600a7ad0b046c58beccedb23feafd850900a758858b1391e6c5c3adb4152ca4fabd3a4f1d3a0e11f6034d991a57fc86d048a9566b855f112dcfe3a0708f57d56fefd7610c212900ec945704b7a8002051c2a20baa71ff39629", &(0x7f0000000040)=0x88, &(0x7f00000002c0)="00355423649ebf16eaf5675f9b98913a79b8daae2b16a677451988c50e3dafc4e790687aaac584bed3d22dd6e11f609ebe3d5c1b4606f1fe9e2d7cf72d1b5422a3f242d40098e955c4fce5e9125f9575dc778a039e2b411398b66bce59f5e44411cdc8de2d821e2f9ecd965029c473f21d66c1246be302d37956b52e05a6efaebafdd7a45fcf2f99fe3394654c030424a6c00a3db501f22179c1caf12a84a699192a960a1581560a8de73e0b6effe00789ebc4c21424577c38618bcbf9a21a057f43524df3951b6ddf064af1db3e1c03818c004e70df78f407a213b42bdc66fdce310f50410c0938e3a03e2881dcd8bd909907a3e8c5d2751121f7e859082ec5501f801e595afad86214b8c8e2c398fc", 0x4) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r0, 0x20004276) r1 = dup(r0) ioctl$BIOCGDLTLIST(r1, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$TIOCMGET(r1, 0x4004746a, &(0x7f0000000080)) rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00') symlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') 20:28:43 executing program 1: setrlimit(0x2, &(0x7f0000000100)={0x60000000, 0x60000000}) r0 = syz_open_pts() r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(0xffffffffffffffff, 0x20004276) r2 = dup(r1) ioctl$BIOCGDLTLIST(r2, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) dup(r1) close(0xffffffffffffffff) syz_open_pts() ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000000)={0x8, 0x0, 0xfffffffa, 0x1fc80d8c, "ff0759d624070000001d7f00001832681fe600"}) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r3, 0x20004276) r4 = dup(r3) ioctl$BIOCGDLTLIST(r4, 0xc010427b, &(0x7f0000000000)={0x0, 0x0}) ioctl$TIOCNOTTY(r4, 0x20007471) getegid() write(r0, &(0x7f0000000240)="2078f7b678807d89e032dc19f570fe00bac871767dbcbbff8330c22685419d5e0110188e90cd9c8e50599ba24cd7c19fe1397a431644e5976fe4bce3b20b21c3f3719d1d5de4b7586a0669cedb7237b428821c1db394acba77de083c965124aeacbcf09bd3c719ed25314dc21617d8ecbbc6ffc4137067f33d5ed8d898537ed95d34e48374ae5f307c5375eaba46d8f816057b2c10d48644a50b0c5db32649dae31f197d94f0fbdb1796778ce098cc07acba65bddc0e2ce8b65297f80863914cb3909b299d190a11b262d4ce7fc1303d366eec5a6f8068fe6a22f57dc99240cfb457d5d8c128a8f11775fc4942ef5c8b31ed06eb663789084dc082cc0d78d570597f3905ed5c1ecafdf09846ae9e1d3180fc81523572e837f32808614855b34e0251adb4195025918b3b47033e7e1959c3a416156edd58af4bb2beaec78dd69a775c26eb4cc8ae4b16ef7606398659baaccb456c8b1c269324540d6d225b04e7b0c80ef9a6189700"/371, 0x173) socket(0x20, 0x8000, 0xff) 20:28:43 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f0000000180)={0xa, &(0x7f0000000100)=[{0x9, 0x81, 0xda, 0x7f}, {0x3, 0x7, 0x1, 0x7}, {0x5, 0x4, 0x20, 0x3}, {0x9, 0x9, 0x1b, 0x6}, {0x4, 0x7f, 0x80, 0x10000}, {0x7, 0x0, 0x75, 0xcd18}, {0x9, 0x3, 0xe7}, {0x1, 0x6, 0x7, 0x3}, {0x3f, 0x84, 0x4, 0x80}, {0x1ff, 0x5c, 0x5, 0x6}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) syz_emit_ethernet(0x35c, &(0x7f0000000000)) 20:28:43 executing program 0: setrlimit(0x8, &(0x7f0000000080)={0x7, 0x95}) r0 = syz_open_pts() close(r0) r1 = syz_open_pts() ioctl$TIOCSETA(r1, 0x802c7414, &(0x7f0000000000)={0xfffffffffffffffd, 0x0, 0x3ff, 0x7fffff83, "07000000577dac00"}) dup(0xffffffffffffff9c) writev(r0, &(0x7f00000034c0)=[{&(0x7f00000001c0)="e3a8f5998401035469e9411e2856712a3d64511977f55400577da9ba3ddf351b0585c48625cbe4f95e6bfebbd75d6fad43748fe6dedab8a4e277ba7daa0c7fe2bebcae5dda58fa230df6ea17293d248dec7a7ba3343d885666b94e64b6dd3bc900794c6ee4d82c33c6e0e10582d9ec891d562d70d1cec2da2cd410e0520b61ff4d1e527376dd798f51eee0c17ba5d33fab8fbfd82b69ef7d9947445084bc2902b99cb3b3cf2b39a87ae5e264ed0e62931ce16be9aa2033e8a00095b29c053bb324b39b4f650230904213eb6c66bb891b32de36cbf861e7b7780b758dbb1c43c3fa54cc38e559ffe8b4311916f889b6ea2cef4de4532878e5fc5f9d9c4d1a981412de81460e74f4c12d1795a4d5259c553d12eb1daf05cd8c1b21497fecdcce8f57fb5a43560a1798c0099c4ea5440cee4a7d7caa25c5a67e5e87b8e85150b4b7163f1c2a0e59609f2342a196e468c34dda06a73c0ec13dfa4d7ae6501e2b2ae22f833290eba25c56a8c468cd0925b51abf0742672d71c39401bf24d7dad83e0a81e563908644cfffbe82d0dafab6b9e2438a9ba18e0074570c1870f5cc41f67444628b95334fa270a47be4b255c3e01dba656b986716506d6f7f1db4e6d03e797f822813da46d854b289675678188f98278e91ba26a310a6f9713245ddbf7ffab8b2ccb6c7aaa47e6c64f755e165dc2da6b4365e8a690c822d26fc5d495fea7d73b6947dfe20d3a6528580d81efae8271787fd", 0x213}], 0x1) chflags(&(0x7f0000000040)='./file0\x00', 0x0) syz_open_pts() 20:28:43 executing program 0: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x400800, 0x0, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a6, 0x0, 0x2], [0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x1ff], [0x0, 0x0, 0x0, 0x9, 0xfffffffffffeffff], [0x0, 0x0, 0x401], [{}, {0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x0, 0x1}]}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) login: panic: tcp_output: template len != hdrlen - optlen Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *157857 52736 0 0x12 0 0 sshd db_enter() at db_enter+0x18 panic(ffffffff823f4ff4) at panic+0x15c tcp_output(ffff800000ac3760) at tcp_output+0x2ad0 tcp_usrreq(fffffd805da6e4b8,9,fffffd8059168b00,0,0,ffff80001d71c010) at tcp_usrreq+0xa54 sosend(fffffd805da6e4b8,0,ffff80001d6cdbb8,0,0,80) at sosend+0x669 dofilewritev(ffff80001d71c010,4,ffff80001d6cdbb8,0,ffff80001d6cdca0) at dofilewritev+0x1ab sys_write(ffff80001d71c010,ffff80001d6cdc50,ffff80001d6cdca0) at sys_write+0x83 syscall(ffff80001d6cdd20) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffee4d0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic tcp_output: template len != hdrlen - optlen ddb> trace db_enter() at db_enter+0x18 panic(ffffffff823f4ff4) at panic+0x15c tcp_output(ffff800000ac3760) at tcp_output+0x2ad0 tcp_usrreq(fffffd805da6e4b8,9,fffffd8059168b00,0,0,ffff80001d71c010) at tcp_usrreq+0xa54 sosend(fffffd805da6e4b8,0,ffff80001d6cdbb8,0,0,80) at sosend+0x669 dofilewritev(ffff80001d71c010,4,ffff80001d6cdbb8,0,ffff80001d6cdca0) at dofilewritev+0x1ab sys_write(ffff80001d71c010,ffff80001d6cdc50,ffff80001d6cdca0) at sys_write+0x83 syscall(ffff80001d6cdd20) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffee4d0, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80001d6cd720 rbx 0xffff80001d6cd7d0 rdx 0x2 rcx 0 rax 0x1 r8 0xffffffff81e8891f kprintf+0x15f r9 0x1 r10 0x2 r11 0x1a50c6d3ba3704b1 r12 0x3000000008 r13 0xffff80001d6cd730 r14 0x100 r15 0x1 rip 0xffffffff816d33f8 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80001d6cd710 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (sshd) pid=157857 stat=onproc flags process=12 proc=0 pri=24, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff80001d71d870,0xffff80001d71c500 process=0xffff80001d706018 user=0xffff80001d6c8000, vmspace=0xfffffd806bc09880 estcpu=0, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 7568 8046 11978 0 2 0x2 syz-executor.1 41249 141606 11978 0 3 0x82 piperd syz-executor.0 11978 410080 85507 0 2 0x2 syz-fuzzer 11978 126375 85507 0 2 0x4000002 syz-fuzzer 11978 14198 85507 0 3 0x4000082 thrsleep syz-fuzzer 11978 323836 85507 0 3 0x4000082 thrsleep syz-fuzzer 11978 509736 85507 0 3 0x4000082 thrsleep syz-fuzzer 11978 116553 85507 0 3 0x4000082 thrsleep syz-fuzzer 11978 113289 85507 0 3 0x4000082 thrsleep syz-fuzzer 11978 354352 85507 0 3 0x4000082 thrsleep syz-fuzzer 85507 48596 52736 0 3 0x10008a pause ksh *52736 157857 43587 0 7 0x12 sshd 94408 420569 1 0 3 0x100083 ttyin getty 43587 505797 1 0 3 0x80 select sshd 66260 311903 27706 73 3 0x100090 kqread syslogd 27706 183982 1 0 3 0x100082 netio syslogd 50475 310087 1 77 3 0x100090 poll dhclient 91121 142747 1 0 3 0x80 poll dhclient 65418 334844 0 0 3 0x14200 bored smr 3735 400662 0 0 2 0x14200 zerothread 4847 273753 0 0 3 0x14200 aiodoned aiodoned 99448 422808 0 0 3 0x14200 syncer update 69403 116196 0 0 3 0x14200 cleaner cleaner 16998 441126 0 0 3 0x14200 reaper reaper 85800 104114 0 0 3 0x14200 pgdaemon pagedaemon 96133 295471 0 0 3 0x14200 bored crynlk 571 114342 0 0 3 0x14200 bored crypto 23538 221313 0 0 3 0x40014200 acpi0 acpi0 87876 247374 0 0 3 0x14200 bored softnet 92513 412179 0 0 3 0x14200 bored systqmp 60081 91969 0 0 3 0x14200 bored systq 41811 182293 0 0 3 0x40014200 bored softclock 46643 57773 0 0 3 0x40014200 idle0 1 270093 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9465 6391K 6914K 78643K 10716 0 pcb 13 8K 8K 78643K 19 0 rtable 110 4K 4K 78643K 202 0 ifaddr 45 10K 11K 78643K 47 0 counters 21 16K 16K 78643K 21 0 ioctlops 0 0K 4K 78643K 19 0 iov 0 0K 12K 78643K 8 0 mount 1 1K 1K 78643K 1 0 vnodes 1223 77K 77K 78643K 1282 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 16 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 4 9K 25K 78643K 74 0 proc 48 38K 54K 78643K 364 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 3 0 in_multi 33 2K 2K 78643K 35 0 ether_multi 1 0K 0K 78643K 2 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 55 254K 254K 78643K 55 0 exec 0 0K 1K 78643K 183 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 123 23K 23K 78643K 1009 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 4 0 NDP 6 0K 0K 78643K 10 0 temp 68 3850K 3914K 78643K 1933 0 kqueue 3 4K 4K 78643K 3 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 rtpcb 80 23 0 21 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 27 0 19 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 663 0 663 1 1 0 1 0 8 0 tcpcb 544 20 0 16 1 0 1 1 0 8 0 inpcb 296 50 0 43 1 0 1 1 0 8 0 nd6 48 6 0 0 1 0 1 1 0 8 0 pfrktable 1344 3 0 1 1 0 1 1 0 8 0 pfrule 1360 2 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 188 0 0 12 0 12 12 0 8 0 art_table 32 189 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 4 1 1 0 1 0 8 0 semapl 112 14 0 4 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1466 0 68 88 0 88 88 0 8 0 ffsino 240 1466 0 68 83 0 83 83 0 8 0 nchpl 144 1748 0 147 60 0 60 60 0 8 0 uvmvnodes 72 1569 0 0 29 0 29 29 0 8 0 vnodes 208 1569 0 0 83 0 83 83 0 8 0 namei 1024 4393 0 4393 3 2 1 1 0 8 1 pfiaddrpl 120 2 0 0 1 0 1 1 0 8 0 scxspl 192 5031 0 5031 2 1 1 1 0 8 1 plimitpl 152 18 0 11 1 0 1 1 0 8 0 sigapl 424 260 0 233 4 0 4 4 0 8 0 futexpl 56 908 0 908 1 1 0 1 0 8 0 knotepl 112 61 0 42 1 0 1 1 0 8 0 kqueuepl 144 2 0 0 1 0 1 1 0 8 0 pipepl 272 76 0 66 1 0 1 1 0 8 0 fdescpl 432 246 0 233 2 0 2 2 0 8 0 filepl 120 1220 0 1125 4 0 4 4 0 8 1 lockfpl 104 16 0 15 1 0 1 1 0 8 0 lockfspl 48 7 0 6 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 17 0 7 1 0 1 1 0 8 0 ucredpl 96 85 0 78 1 0 1 1 0 8 0 zombiepl 144 233 0 233 2 1 1 1 0 8 1 processpl 928 260 0 233 4 0 4 4 0 8 0 procpl 624 310 0 276 4 1 3 4 0 8 0 sockpl 400 100 0 83 3 1 2 3 0 8 0 mcl4k 4096 9 0 9 2 2 0 1 0 8 0 mcl2k 2048 90921 0 90864 23 12 11 19 0 8 2 mtagpl 96 6 0 2 2 1 1 1 0 8 0 mbufpl 256 143842 0 143735 15 7 8 12 0 8 0 bufpl 280 3329 0 125 229 0 229 229 0 8 0 anonpl 16 40228 0 24221 71 2 69 69 0 107 0 amapchunkpl 152 1220 0 1077 7 0 7 7 0 158 0 amappl16 192 1168 0 255 47 1 46 47 0 8 0 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 71 0 63 1 0 1 1 0 8 0 amappl13 168 26 0 23 1 0 1 1 0 8 0 amappl12 160 7 0 7 2 2 0 1 0 8 0 amappl11 152 62 0 52 1 0 1 1 0 8 0 amappl10 144 15 0 7 1 0 1 1 0 8 0 amappl9 136 375 0 373 1 0 1 1 0 8 0 amappl8 128 327 0 288 2 0 2 2 0 8 0 amappl7 120 108 0 95 1 0 1 1 0 8 0 amappl6 112 41 0 35 1 0 1 1 0 8 0 amappl5 104 176 0 166 1 0 1 1 0 8 0 amappl4 96 437 0 410 1 0 1 1 0 8 0 amappl3 88 121 0 115 1 0 1 1 0 8 0 amappl2 80 1140 0 1085 2 0 2 2 0 8 0 amappl1 72 14321 0 13920 24 15 9 17 0 8 0 amappl 80 535 0 495 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 246 0 233 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 246 0 233 1 0 1 1 0 8 0 vmmpekpl 168 5770 0 5742 2 0 2 2 0 8 0 vmmpepl 168 37413 0 35503 130 12 118 121 0 357 29 vmsppl 272 245 0 233 2 1 1 2 0 8 0 pdppl 4096 498 0 466 6 1 5 6 0 8 0 pvpl 32 133624 0 114745 163 2 161 162 0 265 0 pmappl 200 245 0 233 1 0 1 1 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 250 0 29 8 1 7 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x18 panic(ffffffff823f4ff4) at panic+0x15c tcp_output(ffff800000ac3760) at tcp_output+0x2ad0 tcp_usrreq(fffffd805da6e4b8,9,fffffd8059168b00,0,0,ffff80001d71c010) at tcp_usrreq+0xa54 sosend(fffffd805da6e4b8,0,ffff80001d6cdbb8,0,0,80) at sosend+0x669 dofilewritev(ffff80001d71c010,4,ffff80001d6cdbb8,0,ffff80001d6cdca0) at dofilewritev+0x1ab sys_write(ffff80001d71c010,ffff80001d6cdc50,ffff80001d6cdca0) at sys_write+0x83 syscall(ffff80001d6cdd20) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffee4d0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x18 panic(ffffffff823f4ff4) at panic+0x15c tcp_output(ffff800000ac3760) at tcp_output+0x2ad0 tcp_usrreq(fffffd805da6e4b8,9,fffffd8059168b00,0,0,ffff80001d71c010) at tcp_usrreq+0xa54 sosend(fffffd805da6e4b8,0,ffff80001d6cdbb8,0,0,80) at sosend+0x669 dofilewritev(ffff80001d71c010,4,ffff80001d6cdbb8,0,ffff80001d6cdca0) at dofilewritev+0x1ab sys_write(ffff80001d71c010,ffff80001d6cdc50,ffff80001d6cdca0) at sys_write+0x83 syscall(ffff80001d6cdd20) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffee4d0, count: -9