last executing test programs: 23.989143728s ago: executing program 0 (id=1012): r0 = socket(0x2, 0x1, 0x0) sendto(r0, &(0x7f0000000380)="8e741440cbec08ded2c5eca7d3d5098a1eeb19d5f95476270256fe6ccc554d0112981bdcc2c23a064b7da59f4fd0571e7cbd32f04f51420be57ceeaf74a083211a0a9f05174fc729688ccbe3732a6e00", 0x50, 0x5, &(0x7f0000000440)=@in6={0x0, 0x1c, 0x1, 0x208, @rand_addr="b98f96444d2f5d933b7545df48ac4785", 0x1}, 0x53) 23.266670793s ago: executing program 0 (id=1092): r0 = openat$crypto(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$CIOCGSESSION2(r0, 0xc040636a, &(0x7f0000000040)={0x19, 0x0, 0x11, &(0x7f0000000180)="3c022e7af0ae7345e83c76d29c508b9ab0", 0x0, 0x0, 0x0, 0xfdffffff}) 19.297587594s ago: executing program 0 (id=1167): r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x105, &(0x7f00000014c0), &(0x7f0000001700)=0x4) 10.567316897s ago: executing program 0 (id=1247): r0 = socket(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_FUNCTION_BLK(r0, 0x6, 0x2000, 0x0, 0x0) connect$inet(r0, &(0x7f00000000c0)={0x34, 0x2, 0x2, @rand_addr=0xfffffffe}, 0x10) 5.657746355s ago: executing program 0 (id=1285): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) ioctl$DIOCRADDADDRS(r0, 0xc0184415, &(0x7f0000000a80)={{"df45187d7638f2f7bc836152843806587e7ee1bd3970459cb2cbee8401dfc33320b75ccfd729a25b38df20b45c678215f49f53e09510b4b6914adcbc90ab07184b0ad82cd7384ed6c40686e93601819fb0b534d30b825c4b6f32dd0aeb13594b1d5d6e18070f475c62040e767a1675dafa428bd4cd50ba75aa99251bd476be7ed22a9b2f9d35db8e7d6672a9caba297d7ca6d23a0605562b94441d0c29b7be1f9685a2536b2a38da8c2d5eb87f3c489a956ed8ee3698d520ef8089198bc3429a67e0865de9152749003cfcabeeda083606cd1decd7b9eac2f2b36dc8848d9ec57747f51da25acd9070f37b11ac8c6f031bea2d6ec44f4222f106f1fbb9711ecce444ef7ffb7edc53bef1149ead739c6452d65c392c95425e281a6d68e8a449eab0e678af021a9b565da5ab53a4d452cc890b61412baaf8ebb313f553cbf95f715ee19e907bb0caed501e48a66509799b8257d03a2298d92002049ee5b0cc7980794513eda1fe9483c9a7fe0d64bd813e7e4218d8fa8550d94e2341d21d7f410af62c9ea1827e6249af29ce2e96cfc6028576160b54a9622dc58b629276d399c1094a20683e8e091bd1ed2c7045a949309daf5aca74652701f4e26c2d530eef192c1b713216c8c677fff95d9104097a3da48d674e5fb106e6b1c79639a341f4191044ae3ae1dbc112f1c1574d3cf8fd148326dd5e7d73b6940978413f5198caa090c0a4541775bff5851e09f5d6bfc7bf5b4902a282709216bda29d6c6aa64446aaeead04633f0dcd83c4b87964564108220d13a1a11ddea1006ce04c6ab96362e9f7780b82e8627f9298430855b151bc2c8429fa6fc1c9486388103f62e96bcbd87fec7d2f8b460f5973493a987bbafe8200000000595a645af34a594644dd369be6c42dcc99d9306f5fd7f963675bfe9aa133b7ec8d578f21e878a5f29d56af3887f8b5bc09e1363848e7ad02a9b1a4ad1da369869cfc2123e13588d249b8c0aab32534c4b6f1fbce459ce19f75f5153107c2884c6740bc04843b3f844d147061f4ccbe71c0e27eb42a370756560ecd81ad1ded939926794889b64e42c16830c07c99325f0e69c9daeded96af750e3894b819592f9fe1a6ecb7a9b99253ba4e8b4673dd4b14c7da84bd4e020080f18c3d07031cb9501828b6fc6eae4e94717d8cd8d9bd7f4d16653d5ac50a53858493fd7a747e35868ad247ce1865f8397827bdb2ff4dbda235b81813214a96ffc7db32dee1656be4fa080b61aab0b70a0646ef2d98106742fc28efd8c4858c4464b2a3f2c3d9b9df3832af68b77ba8ad698eddae6c38d90709c11b4e962ae43ad62d987a7b292be9c00b44671a1fc6c921ef9a4653883602c38c1fba148f3f1e1117ba61e080eb3991d8e8205b8e999adf52ab01cec50ec27d4c11b100", "0920cb145aabe5e28416000000fbffffff000000000000001000"}, 0x0, 0x14, 0x0, 0x0, 0x20000002, 0xa, 0x0, 0xfffffffffffffffe}) 4.285439422s ago: executing program 1 (id=1295): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) select(0x40, &(0x7f0000000380), 0x0, &(0x7f0000000440)={0x9}, 0x0) close(r0) 4.20297398s ago: executing program 3 (id=1296): symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000240)='./file0\x00') symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0/file0/fi\x00') rename(&(0x7f0000000000)='./file0/file0/fi/file0\x00', &(0x7f0000000080)='./file0/file0/fi\x00') 4.031486444s ago: executing program 3 (id=1297): r0 = open(&(0x7f0000000480)='./file0\x00', 0x80400000000206, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3, 0x20011, r0, 0x0) cpuset_setaffinity(0x3, 0x0, 0x0, 0x6c, &(0x7f0000000040)) 3.888647122s ago: executing program 3 (id=1298): r0 = socket$inet6_sctp(0x1c, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000700)={0x1c, 0x1c, 0x0, 0x0, @local={0xfe, 0x80, '\x00', 0x0}}, 0x1c) getsockopt$inet6_sctp_SCTP_GET_LOCAL_ADDRESSES(r0, 0x84, 0x8004, &(0x7f0000000a40)={0x0, 0x0}, &(0x7f0000000300)=0xc) 3.777188697s ago: executing program 3 (id=1299): r0 = socket(0x1c, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000040)=0x2, 0x4) setsockopt$inet6_tcp_TCP_FUNCTION_BLK(r0, 0x6, 0x2000, &(0x7f0000000000)={'rack\x00'}, 0x24) 3.565186012s ago: executing program 0 (id=1300): procctl$PROC_REAP_ACQUIRE(0x0, 0x0, 0x2, 0x0) fork() procctl$PROC_REAP_KILL(0x0, 0x0, 0x6, &(0x7f0000000300)={0x13, 0x0, 0xffffffffffffffff}) 3.299646783s ago: executing program 1 (id=1312): r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000040)={0x10, 0x2, 0x3, @rand_addr=0x883}, 0x10) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x108, &(0x7f0000000200)={0x0, 0x7, 0xf, 0x4, 0x100}, &(0x7f0000000240)=0x18) 3.299353098s ago: executing program 3 (id=1313): setresgid(0xee00, 0x0, 0x0) r0 = getgid() setresgid(r0, 0x0, 0x0) 2.696498165s ago: executing program 1 (id=1317): r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000140)={0x10, 0x2, 0x3, @rand_addr=0xfe}, 0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x8006, &(0x7f00000001c0)={0x0, 0xfffffffe}, &(0x7f00000000c0)=0x8) 1.555458061s ago: executing program 1 (id=1324): r0 = socket(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f0000000240)={0x10, 0x2, 0x2, @remote={0xac, 0x14, 0x0}}, 0x10) shutdown(r0, 0x1) 1.552120092s ago: executing program 3 (id=1325): ktimer_create(0x0, 0x0, &(0x7f0000000180)) ktimer_create(0x0, 0x0, &(0x7f00000001c0)) procctl$PROC_REAP_KILL(0x0, 0x0, 0x6, &(0x7f0000000180)={0x13, 0x0, 0xffffffffffffffff}) 1.229356279s ago: executing program 2 (id=1328): mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x40000) mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0) mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) 1.062517589s ago: executing program 2 (id=1329): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_FUNCTION_BLK(r0, 0x6, 0x2000, &(0x7f0000003840)={'bbr\x00'}, 0x37) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x10, 0x2, 0x0, @remote={0xac, 0x14, 0x0}}, 0x10) 897.601366ms ago: executing program 2 (id=1330): r0 = socket(0x1c, 0x3, 0x1) connect$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0x1, 0x1ff, @local={0xfe, 0x80, '\x00', 0x0}, 0x2}, 0x1c) sendmsg$inet6_sctp(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[@authinfo={0x10, 0x84, 0x8, {0x1}}], 0x10, 0x3}, 0x8) 689.884484ms ago: executing program 2 (id=1331): r0 = fork() sigqueue(r0, 0x62, @sigval_int=0x9) sigqueue(r0, 0x11, @sival_ptr) 365.784314ms ago: executing program 2 (id=1332): r0 = socket(0x1c, 0x1, 0x0) setsockopt$inet_tcp_TCP_FUNCTION_BLK(r0, 0x6, 0x2000, &(0x7f0000000180)={'rack\x00'}, 0x24) sendto(r0, 0x0, 0x0, 0x20100, &(0x7f0000000340)=@in6={0x1c, 0x1c, 0x1, 0xfffffffc, @remote={0xfe, 0x80, '\x00', 0x0}, 0x2}, 0x1c) 225.557208ms ago: executing program 2 (id=1333): r0 = socket(0x1c, 0x1, 0x0) setsockopt$inet_tcp_TCP_FUNCTION_BLK(r0, 0x6, 0x2000, &(0x7f00000016c0)={'rack\x00'}, 0x24) setsockopt$inet_tcp_TCP_FASTOPEN(r0, 0x6, 0x469, &(0x7f00000000c0)={0xffffffff, "03002007b055000022481bffff3fe500"}, 0x14) 208.582686ms ago: executing program 1 (id=1334): r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x10, 0x2, 0x3, @rand_addr=0x2}, 0x10) getsockname$inet(r0, &(0x7f0000000180)={0x10, 0x2, 0xffffffffffffffff, @multicast2}, &(0x7f00000001c0)=0x10) 0s ago: executing program 1 (id=1336): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet6_sctp(0x1c, 0x1, 0x84) setsockopt$inet6_int(r0, 0x29, 0x18, &(0x7f00000020c0), 0x4) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.10.7' (ED25519) to the list of known hosts. Oct 10 06:35:14 ci-freebsd-main-7 kernel: arp: 70:a5:9c:12:92:5d attempts to modify permanent entry for 172.20.2.187 on tap2 FreeBSD/amd64 (ci-freebsd-main-7.us-central1-b.c.syzkaller.internal) (ttyu0) login: arp: packet with invalid ieee802 address length 0 received on tap1 tap3: cannot pullup VLAN header UDP6: M_MCAST is set in a unicast packet. arp: packet with unknown hardware format 0x00 received on tap3 WARNING pid 1245 (syz-executor): ioctl sign-extension ioctl 1a000a69b pid 1487 (syz-executor) is attempting to use unsafe AIO requests - not logging anymore if_delmulti_locked: detaching ifnet instance 0xfffffe0058755800 if_delmulti_locked: detaching ifnet instance 0xfffffe005832a800 pid 1889 (syz-executor), jid 0, uid 0: exited on signal 11 (no core dump - too large) pid 1933 (syz-executor), tap2: tun/tap protocol violation, non-controlling process closed last. ifaddr cache = 0xfffffe00595dba80 is deleted tap2: link state changed to DOWN if_delmulti_locked: detaching ifnet instance 0xfffffe0058327800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327800 tap2: Ethernet address: 58:9c:fc:10:8a:4f tap2: link state changed to UP pid 2231 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2230 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2160 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2159 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2158 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2111 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) ifaddr cache = 0xfffffe005408f300 is deleted tap2: link state changed to DOWN if_delmulti_locked: detaching ifnet instance 0xfffffe0058754000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058754000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058754000 pid 1852 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 1802 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 1789 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 1750 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 1729 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 1495 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 1288 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 912 (rtsol), jid 0, uid 0: exited on signal 4 (no core dump - other error) pid 907 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 767 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 765 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2234 (syz-executor), tap1: tun/tap protocol violation, non-controlling process closed last. ifaddr cache = 0xfffffe005408f480 is deleted tap1: link state changed to DOWN if_delmulti_locked: detaching ifnet instance 0xfffffe0058327000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327000 SYZFAIL: SIGILL pid 764 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) ifaddr cache = 0xfffffe00595dbc00 is deleted if_delmulti_locked: detaching ifnet instance 0xfffffe0058328800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058328800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058328800 tap0: link state changed to DOWN Connection to 10.128.10.7 closed by remote host. pid 759 (sshd), jid 0, uid 0: exited on signal 4 (no core dump - bad address) pid 737 (sleep), jid 0, uid 0: exited on signal 4 (no core dump - other error) pid 2238 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2237 (sh), jid 0, uid 0: exited on signal 4 (no core dump - too large) tap2: link state changed to UP pid 2232 (syz-executor), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2239 (sh), jid 0, uid 0: exited on signal 4 (no core dump - too large) pid 2225 (syz-executor), tap3: tun/tap protocol violation, non-controlling process closed last. ifaddr cache = 0xfffffe00595db600 is deleted tap3: link state changed to DOWN if_delmulti_locked: detaching ifnet instance 0xfffffe0058755000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058755000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058755000 pid 2239 (sh), tap2: tun/tap protocol violation, non-controlling process closed last. tap2: link state changed to DOWN pid 1047 (getty), jid 0, uid 0: exited on signal 4 (core dumped) if_delmulti_locked: detaching ifnet instance 0xfffffe0058327000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058327000 pid 781 (sh), jid 0, uid 0: exited on signal 4 (core dumped) pid 1046 (getty), jid 0, uid 0: exited on signal 4 (core dumped) pid 2236 (syz-executor), jid 0, uid 0: exited on signal 4 (core dumped) pid 1045 (getty), jid 0, uid 0: exited on signal 4 (core dumped) pid 761 (csh), jid 0, uid 0: exited on signal 4 (core dumped) pid 771 (sh), jid 0, uid 0: exited on signal 4 (core dumped) pid 1044 (getty), jid 0, uid 0: exited on signal 4 (core dumped) pid 1043 (getty), jid 0, uid 0: exited on signal 4 (core dumped) pid 1042 (getty), jid 0, uid 0: exited on signal 4 (core dumped) if_delmulti_locked: detaching ifnet instance 0xfffffe0058755000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058755000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058755000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058754000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058754000 if_delmulti_locked: detaching ifnet instance 0xfffffe0058754000 pid 1041 (getty), jid 0, uid 0: exited on signal 4 (core dumped) pid 1040 (getty), jid 0, uid 0: exited on signal 4 (core dumped) pid 1039 (getty), jid 0, uid 0: exited on signal 4 (core dumped) FreeBSD/amd64 (ci-freebsd-main-7.us-central1-b.c.syzkaller.internal) (ttyu0) login: set $maxwidth = 0 Password:if_delmulti_locked: detaching ifnet instance 0xfffffe0058328800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058328800 if_delmulti_locked: detaching ifnet instance 0xfffffe0058328800 Login incorrect login: show proc Password: Login incorrect login: show all locks Password: Login incorrect login: show uma Password: