kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Thu Jul 23 23:16:57 PDT 2020 OpenBSD/amd64 (ci-openbsd-multicore-3.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.0.239' (ECDSA) to the list of known hosts. 2020/07/23 23:17:07 fuzzer started 2020/07/23 23:17:12 dialing manager at 10.128.15.235:37964 2020/07/23 23:17:12 syscalls: 381 2020/07/23 23:17:12 code coverage: enabled 2020/07/23 23:17:12 comparison tracing: enabled 2020/07/23 23:17:12 extra coverage: support is not implemented in syzkaller 2020/07/23 23:17:12 setuid sandbox: enabled 2020/07/23 23:17:12 namespace sandbox: support is not implemented in syzkaller 2020/07/23 23:17:12 Android sandbox: support is not implemented in syzkaller 2020/07/23 23:17:12 fault injection: support is not implemented in syzkaller 2020/07/23 23:17:12 leak checking: support is not implemented in syzkaller 2020/07/23 23:17:12 net packet injection: enabled 2020/07/23 23:17:12 net device setup: support is not implemented in syzkaller 2020/07/23 23:17:12 concurrency sanitizer: support is not implemented in syzkaller 2020/07/23 23:17:12 devlink PCI setup: support is not implemented in syzkaller 2020/07/23 23:17:12 USB emulation: support is not implemented in syzkaller 23:17:20 executing program 0: r0 = accept$inet6(0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000040)=0xc) ftruncate(r0, 0x0, 0x6) fchmod(0xffffffffffffff9c, 0x40) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x10000) ioctl$BIOCGRSIG(r1, 0x40044273, &(0x7f00000000c0)) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x12, r2, 0x0, 0x5) pwrite(0xffffffffffffffff, &(0x7f0000000100)="2d8bf1b0daf9d9dcc210e7323040cb1c00d7ca3acb740495274f4f49562b843f1e6b09892a445179ac6dab64215229b672d85acf9212da5e481e7b65ecb77ea2d037264fc27c8657e748efcff8733327d0aa104b149b6a56031f9a0282af2f40ea5b55cc03b5ccceff54f299ed10c032525f2574c6d0cdfa1f370e6040d4d862a57e965da4ba0d048304d33dff2c9a1df2ab", 0x92, 0x0, 0x80) sendto(0xffffffffffffff9c, &(0x7f00000001c0)="e9372f03a626bf5337811d411675bc64fd39e504c43ae6024bd5c9960a0415c71f10d8dba9c00cf8b071dac598e48e4faf54fd8c389fc61bdc5f982ef3a6e8345cd3aa1cdf1e22b8afb3753bc5f2c2992a2ad7451bde64e694f499a45e7e4af5316fed3ac75745dfb1d7351ddd39db08aaff161c9753c02b4d18a69a23469cbb227c28d2dac9f41a3357b891387a98d398662c52bd26348f446dba72af77c74d7539f7e86d96ef6f82be07a8f8f12f1574c1df441e3443146eb7b18ce7f9d013c90d45bf3f783d6e6d432d9afc5344baf49c315f2c731a94e89bc493102cebf8", 0xe0, 0x2, &(0x7f00000002c0)=@un=@file={0x1, './file0\x00'}, 0xa) msgget$private(0x0, 0x500) r3 = open(&(0x7f0000000300)='./file0\x00', 0xb92ac2e030f778f9, 0x41) write(r3, &(0x7f0000000340)="8b1c35b01e254793ae0d0482bf6b02ecb1d15e021fa74b379e3b811b08027f1fc9c8242cc520cb413fd78c085a93483e9c2d9537078f5302e7363bb0fd7447f1a5bf9c26586861109dd628da615875fef9f75c692a1f94e7336d85af2549f15c770bc1a7a9d839ed8a1df7882d8fedbbb876", 0x72) write(r1, &(0x7f00000003c0)="a25054e6f964ccf897dba4d7455236ccc910c3d7026606874e8b1ebb07259cd81efaf654fba0e8f15804f9a7de04d9b9c3d59f8dbdb69a591e3c71b0c37ec676b0a51f87404cbd17bdc79fc452fa5caf3333b51e4a5d9e99e142fde5959536bc102a267bdadcd2ba1703b8f26e6868c2784fc9ef6b9d2f3dd17c70e05f739506a3bfdfbd99ffc5fd6bd8143aba7c7fdd469e38a7daa4b260f597569dbca438691b0806c33f3fecde6c7cf5cbd60749a864551556932f44db2c670dae58fb44e6fe4b5c9215667fb3a2529b05c93907ab7021b3484a1087afc3b2ee777939eb479635d311ca4fc391dcebb9d97391746c0c4bca01a98a8a6bb2a9dc06ab", 0xfd) r4 = socket(0x20, 0x4001, 0x8) r5 = dup2(r4, r1) fchmod(r5, 0x40) msgget$private(0x0, 0x505) pwrite(r3, &(0x7f00000004c0)="efd0849ce53463f5fabf6d8e851415fe4ae2ca4522a2", 0x16, 0x0, 0x8) getsockopt$SO_PEERCRED(r1, 0xffff, 0x1022, &(0x7f0000000540)={0x0, 0x0}, 0xc) r7 = getgid() chown(&(0x7f0000000500)='.\x00', r6, r7) 23:17:20 executing program 1: semctl$GETNCNT(0x0, 0x2, 0x3, &(0x7f0000000000)=""/242) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bpf\x00', 0x10, 0x0) ioctl$BIOCGHDRCMPLT(r0, 0x40044274, &(0x7f0000000140)) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x800, 0x0) ioctl$WSDISPLAYIO_LDFONT(r1, 0x8058574d, &(0x7f00000001c0)={'./file0\x00', 0x9cf, 0x83, 0x87e, 0x0, 0x6, 0x7fffffff, 0x0, 0x2, 0x1, 0x10000, 0x1f}) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bpf\x00', 0x8000, 0x0) ioctl$BIOCLOCK(r2, 0x20004276) getsockopt$sock_cred(r1, 0xffff, 0x1022, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) setuid(r4) semop(0xffffffffffffffff, &(0x7f0000000300)=[{0x4, 0x1f, 0x1800}], 0x1) socketpair(0x6, 0x1, 0x1, &(0x7f0000000340)={0xffffffffffffffff}) r7 = msgget(0x1, 0x111) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0xc) r10 = geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f00000003c0)={0x0}, &(0x7f0000000400)=0xc) msgctl$IPC_SET(r7, 0x1, &(0x7f0000000440)={{0x4, r8, r5, r10, r5, 0x18, 0x8}, 0x6, 0x1, r3, r11, 0xac, 0xff, 0xfff, 0x10001}) r12 = getgid() setregid(r9, r12) fchdir(r6) getgroups(0x5, &(0x7f00000004c0)=[r12, 0xffffffffffffffff, r12, r5, r12]) 23:17:20 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000280)='/dev/bpf\x00', 0x0, 0x0) r1 = socket(0x18, 0x1, 0x0) r2 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) openat$diskmap(0xffffffffffffff9c, &(0x7f0000000200)='/dev/diskmap\x00', 0x20000, 0x0) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PCIOCREAD(r3, 0x8010570e, &(0x7f0000000080)) ioctl$WSKBDIO_SETMAP(r3, 0x8010570e, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x5, 0x8, 0x2, 0xfff, 0x800}, {0xb42, 0x5, 0x8, 0x6, 0x1fe}, {0x800, 0x51a8, 0x100, 0x3, 0x20}]}) r4 = socket(0x18, 0x1, 0x0) r5 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r4) ioctl$PCIOCREAD(r6, 0x8010570e, &(0x7f0000000080)) ioctl$BIOCSETWF(r6, 0x80104277, &(0x7f0000000240)={0x3, &(0x7f0000000380)=[{0x1c, 0xb0}, {0x25, 0x0, 0x0, 0x30}, {0x6, 0x0, 0x2, 0x971}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) shutdown(0xffffffffffffff9c, 0x0) ioctl$WSKBDIO_SETBELL(r3, 0x80105703, &(0x7f0000000100)={0x3, 0x0, 0xffff, 0x7}) pwrite(r0, &(0x7f00000002c0)="0000000000000000000200000000", 0xe, 0x0, 0x0) socketpair(0x18, 0x3, 0x7f, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sysctl$net_pipex(&(0x7f0000000180)={0x4, 0x23, 0x2}, 0x3, &(0x7f00000003c0)="f87793a786dba68e42ab3e631629804dca81b63f2ac32ef1b36d29b80b726bed78463887f7942a6c5da2853d59647228a9d7c5ee24105c40f6860d274202742263a9292bd1b9ee41a524a2facc3abced3f548d6245b1f9908698056c3bccc9da703d9781c036f7879f0dde95939c86ac9e6cc5ee292d8a02b8c1048a1cf91fc987412e7090cb60fb864c55c6de04d93e3d96fdf03d304c5a099735a6c9cc41ce31f3c39221a76658c10c0702f89901eb6f48b4c36eb45354f87fec27a308baf4056d4a4fdfde41032d3d00b72a45", &(0x7f00000001c0)=0xce, &(0x7f00000004c0)="720e8903f062d9c957212cbce1bebc8df50dc6627efb651cf7d2f45d2764ea621fa6c1047f8fab8135f62c018d222b8373b0f780a441475bc51b91ac89522fb65c8fbb2e5a460ce5dc78a9eccbcb7ec6c09532cf5f9396e60437af44ab2f55b4b9513a020be74379c1ff9560bc55d25e7b39293e13ecf1c33039c87d518ca6fc28d55f057f785134504fd7b8f986ea271ad46c062a52750282b6f4a11966a64cf494e0575e58aff2724e8beb9a28e196efc8785f767cad14dc77bd791b1d56bf801b16892a13300c07a4696961d8c3e91ee0fcbfcc0eca100205656a4ace4c14244a9ac0bac35ca7", 0xe8) fcntl$setflags(0xffffffffffffffff, 0x2, 0x1) close(r7) 23:17:20 executing program 0: r0 = socket(0x18, 0x1, 0x0) r1 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PCIOCREAD(r2, 0x8010570e, &(0x7f0000000080)) r3 = accept$inet(r2, &(0x7f0000000000), &(0x7f0000000040)=0xc) getpeername$inet(r3, &(0x7f0000000080), &(0x7f00000000c0)=0xc) syz_emit_ethernet(0x4e, &(0x7f0000000100)={@random="712ff2f77594", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "f8be00", 0x18, 0x3a, 0x86ddffff, @local={0xfe, 0x80, [], 0x0}, @local={0xfe, 0x80, [], 0x0}, {[], @icmpv6=@ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x1, "f1999ce85d57"}]}}}}}}) 23:17:20 executing program 0: utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000280), 0x7) r0 = socket(0x18, 0x1, 0x0) r1 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PCIOCREAD(r2, 0x8010570e, &(0x7f0000000080)) ioctl$WSDISPLAYIO_GETEMULTYPE(r2, 0xc014575e, &(0x7f0000000000)={0x1, './file0\x00'}) 23:17:20 executing program 1: socket(0x18, 0x2, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$TIOCFLUSH(r0, 0x8080691a, &(0x7f0000000300)) r1 = socket(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$TIOCFLUSH(r2, 0x8040691a, &(0x7f0000000300)) r3 = socket(0x11, 0x4003, 0x0) sendto$unix(r3, &(0x7f00000000c0)="b100050460000000000008000a01000000000000cea1fea7fef96ecfc73fd3357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37282921e4fd89720fd3872babfbb770c1f5a872c881ff7cc53c894303b22f310b404f36a00f90006ee01be608a371a3f800040000000000000001000000000000000000000000000000000001000000000000", 0xb1, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000680)="46ea2e1891a059373e69ab3396ea61269ccd732ba8196eafd67d74419046c9caf11f7d3d7466e2ab8b2a182a2a6d6bf9b686cddb840907bdd7389d9c7636adbc07f3c70d1420057019bb8014e9e58b702d779633f5242fea80c0e09d84b08ea8971cdb8f70693cabdf86d6a7d588bc62393551bc8f22d9a1cb11cfba17676d84cabb29dcf8de2a88a4e39d99948b15448201df7437c779abd1789bc41b7d43410d385240f9b679e1531931a67abf0e13fddb8f197428f9cdad54b7b5828778ad58186d478678956853c39644", 0xcc) ioctl$TIOCEXCL(r2, 0x2000740d) getsockopt$sock_linger(r0, 0xffff, 0x80, &(0x7f00000000c0), &(0x7f0000000180)=0x8) setsockopt$sock_int(0xffffffffffffffff, 0xffff, 0x800, &(0x7f0000000280)=0x6, 0x4) r4 = openat$pf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pf\x00', 0x2, 0x0) writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000400)="095e9d59a5fe14245f58dc0eaaf7e2dbe3971ffb6b2c81320a8d6dce5eb245d6286bb517f3759d6d72563f50705bb17fb585afae146c8afd5487e3725bfe4ae6c86494db9b3c6f146db0a5297bfa94503cb12380dcb9a1e528b6ea903a3707ccbfe0c4a98aa09a21c463a5c1bd51279da60c120428a703374adca57acb2d74ef9f6e694545ca8831af18f328bf218ac3040ebd6205cf9c05ef4bb621715b7ee48676a2ba12485098dfa237d6b7e2c539b2273d2bfa83d767be6ee82bb33ba8bc1de0ee41305049ee0640cd16cdf466f7bc8c571d635d0081eca2be0732dc953c5250a3c36f3f341ac86d7c5200e6455ac1a18858a6e18c049d2fe9d716b58b807336d455e66425a3ca4a192bcf1ac00ca5db6cda4af3fa71c169f7b679317167e1eed0141d4f2f2a8075441f31fcc7d40a8d83ee35ef75f93418c4546210e252219d414eaa45b27d46201c516e85b2a0aa7affa583d9a98a9429e56952daf1e6ea2b3dceb8fddb701b03cd8f53eb522755367249f584ab5f404ff15b2964b91d3adae8b141f2981206206cf585d7769ab94fe231e89bf3d0f3ad68d67bf1084a911d72bfac9ebe888caf6970a7aa685d6899b531f2953f4b5a316916e497f739133ec8ecc2017485cb8b658732548b1208ed667d7b8d27bdeb4b0eddd2e6d64dfdaa8db4cb073125de64f365f46c8879ff4f4164116c3a675b2be7e7d59035d4afcd8ac0885bb86d10ce2fb82848df647233ce19c4ba31ff06bafebfb68bc1f257073ad5ea703e91329ca87018893e054e6e6a853e80d69b695a4fd128ad1b1c789462043b85e6d6b1bbeeb8789c9d9741c097fe3071153d98a3016d3aa8bbbbfe47d4a4a397fe08e270388f6134b6d47e0a26a9fa392fe6", 0x278}], 0x1) pipe2(&(0x7f00000001c0)={0xffffffffffffffff}, 0x4) ioctl$TIOCSTAT(r5, 0x20007465, &(0x7f0000000200)) setsockopt$sock_int(0xffffffffffffffff, 0xffff, 0x1, &(0x7f0000000080), 0x4) ioctl$FIOASYNC(r4, 0xcd60441a, &(0x7f0000000240)=0x6) r6 = openat$pf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pf\x00', 0x2, 0x0) ioctl$FIOASYNC(r6, 0xcd60441a, &(0x7f0000000240)=0x2) 23:17:20 executing program 0: r0 = socket(0x18, 0x1, 0x0) r1 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PCIOCREAD(r2, 0x8010570e, &(0x7f0000000080)) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x80, 0x0) renameat(r2, &(0x7f00000000c0)='./file1\x00', r3, &(0x7f0000000080)='./file0\x00') chflagsat(r3, &(0x7f0000000100)='./file0\x00', 0x1, 0x2) 23:17:20 executing program 1: sysctl$hw(&(0x7f0000000000)={0x7, 0x13}, 0x2, 0x0, 0x0, 0x0, 0x0) 23:17:20 executing program 1: open(&(0x7f0000000080)='./file0\x00', 0x8, 0x0) ktrace(&(0x7f0000000280)='./file0\x00', 0x14, 0x10, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) chmod(&(0x7f00000000c0)='./file0\x00', 0x152) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000ffff000001"], 0x9}, 0x0) sendmsg(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x10}, 0x0) 23:17:20 executing program 0: ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0x2ff, 0x0, "003700200b0f000005000000ac39000500"}) r0 = syz_open_pts() close(r0) ioctl$TIOCSETAF(r0, 0x802c7416, &(0x7f0000000000)={0x0, 0x0, 0xfffffffa, 0x1fc80d8c, "ff0759d624070000001d7f00001832681fe600"}) write(r0, &(0x7f0000000140)="2078f7b678807d89e032dc19f570fe00bac871767dbcbbff8330c22685419d5e0110188e90cd9c8e50599ba24cd7c19fe1397a431644e5976fe4bce3b20b21c3f3719d1d5de4b7586a0669cedb7237b428821c1db394acba77de083c965124aeacbcf09bd3c719ed25314dc21617d89aa9c6ffc4137067f33d5ed8d898537ed95d34e48374ae5f307c5375eaba46d8f816057b2c10d48644a54f695db32649dae31f197d94f0fbdb1796778ce098cc07acba65bddc0e2ce8b65297f80863914cb3909b299d190a11b262d4ce7f", 0xcd) ioctl$TIOCSETAW(r0, 0x802c7415, &(0x7f0000000040)={0x1, 0x81, 0x10000, 0x1, "bf0e915605fcfa1c240102c94f858734fb7338da", 0x8001, 0xffffffc1}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r2 = socket(0x18, 0xc002, 0x0) connect$unix(r2, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) dup2(r2, r1) setsockopt$sock_int(r1, 0xffff, 0x1001, &(0x7f0000000000)=0x43cb9, 0x4) r3 = dup(r1) sendto$inet6(r3, &(0x7f00000001c0)="348283560be1b2c4a82c37eec4e13822948983c2b76da98af16dd3dd252e31bae50a76510f236cd22369fee264439cd1bd8877c082bea869038c103df3451140388fb51f61dfb8378c3cee38e188529a4fc8a7eaa9cad1681153f9364e049752f4617fa956fe19fa1ca4268c14f31a111a5e28bb557d3bbf639fe56bd4e0f42dc911ff42d167aecee9291eb05f4c72582134000000000000000000000000000000d597c26374a5203f1415656905391dade1dccf1ee119c11350b8ef7164ad1948cebc3ab8d4b6d3bf958070fd2ebd1414236e968d7c7d34bb5ba84f56f875", 0xffa1, 0xa, 0x0, 0xffffffffffffff87) 23:17:20 executing program 1: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc], [0x0, 0x0, 0x0, 0x9, 0xffffffdfffffffff], [0x0, 0x0, 0x482]}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) 23:17:20 executing program 1: r0 = socket$inet(0x2, 0x1, 0x0) ioctl$PCIOCREAD(0xffffffffffffffff, 0x8010570e, &(0x7f0000000080)) getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f00000000c0), &(0x7f0000000100)=0xc) poll(&(0x7f0000000340)=[{r0, 0x58143e24766723b7}], 0x1, 0x8a0) socketpair(0x0, 0x4, 0x5, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r2, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) r3 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r3, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) r4 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r4, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) poll(&(0x7f0000000080)=[{r1, 0x10}, {r4, 0x4}, {r2, 0x80}, {r3, 0x4}], 0x4, 0x0) dup(r0) r5 = kqueue() kevent(r5, &(0x7f0000000000), 0x26dc, 0x0, 0xfffffffe, 0x0) r6 = open(&(0x7f0000000000)='./file0\x00', 0x40, 0x182) r7 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r7, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) msgget$private(0x0, 0x258) fcntl$dupfd(r6, 0x0, r7) 23:17:20 executing program 0: sysctl$net_inet_tcp(&(0x7f00000000c0)={0x4, 0x2, 0x6, 0x9}, 0x4, &(0x7f0000000500)="0118fff6360f9ea14fb359657f16666e9f97069815ca5835b6f65316127c991ab43afd5604c4aa10930ed14b1088b7d8414191ac61510400009a8a372208b127f29c66755d45d5ae11c6731aede78c4421cef62cac7d5ecb3a69b2e7910599897b40c8c7f4766c3bd9ca5112b32966a5c0411d0be46ebb5981ea2de4000000000020a63fde26f5ca6a157ad15000ffe6c35b55a191701155a29aabecbdada66c878f486f7e59a59a05bb689915b909800989d8d1fbe686246fa85c22ad066d2bee08f7397cfe2cae6e966e98d4c45356c7ba884245d73f252d74b0bd01000000201c3f30e790e6157cd0f6ac7354745175bd902a5f48e0a013a1dc24244ade0d510672dd77da2c8ffff2ec000000e7e3add5188fe509ca89cd00000000000000000000000009eb3881885647e6b9ecd6bff6b37cd49c4287ed75b08a58f19f470bd87e5503c733fc217eb57458e55df302e2d611ae3e030100a9edbd2d2d845b8e1f2e111835a6b788d5ff5256df19b563ef69e55e74120536a99d2a43575893f400c7c32ed7a1d4dfedd53dc24cb41b274925139f0ceb63553689a46145fc7f2c30c0d29de0815e8214f857ebd1f1e41bfb9a21624824a96d9619e00feb108d5bb60a27d465014bd7652b7e5f4a46cb83eea6b48aeb60db0242a3044bc0955254edb0450200b24c238f90402598ad960ebf7502767ebb569f48ec63dafb4bcc00"/528, &(0x7f0000000040)=0x210, 0x0, 0x0) sysctl$kern(&(0x7f0000000000)={0x1, 0x12}, 0x2, &(0x7f0000000100)="83d9f762425445751068501b842a1288d1a80cb67966a3a60c802ccb71f74fe1144f37e35e8e351da11ac36e82c929f550bcdfeba8cfce413e82300bc694d0b0b9a2ae9a912ff1eabc9cf0f5fed9ef1f6435d67ebbd34b74", &(0x7f0000000080)=0x58, &(0x7f0000000180)="1f1fa7c9a938078f9123a968b5e756eceb2915b7940b624b6890aa0fc0bcdf7ea77159d81a438fa8e03ce16cd830ca89bad1297e0e4460b1247e54885e437ff4049d497cdd8e53c37390ea755fd4b0fefede8b995531aca7b00756784fcbdd6eab0e835780ae226962d332426088b2781229d10ce9ac0b5cea1d439f6ae8214507eb2a4f7d57", 0x86) r0 = semget$private(0x0, 0x8, 0x10286) openat$tty(0xffffffffffffff9c, &(0x7f0000000300)='/dev/tty\x00', 0x2, 0x0) r1 = socket(0x18, 0x1, 0x0) r2 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r1) sync() ioctl$PCIOCREAD(r3, 0x8010570e, &(0x7f0000000080)) ioctl$BIOCSRTIMEOUT(r3, 0x8010426d, &(0x7f00000002c0)={0x8001, 0x7ff}) semop(r0, &(0x7f0000000000)=[{0x6}, {0x1, 0x1, 0x17fc}, {0x2, 0x1009, 0x1000}, {0x0, 0x2, 0x1800}], 0x4) semop(r0, &(0x7f0000000080)=[{0x2, 0xc, 0x800}, {0x5, 0x6, 0x1800}, {0x4, 0x100, 0x3c00}, {0x1, 0xffff, 0x1000}, {0x1, 0x3, 0x1000}, {0x4, 0x3, 0x800}, {0x4, 0x1ff, 0x800}, {0x1, 0x3ae9b8cc, 0x1000}, {0x2, 0xc333}, {0x3, 0x42, 0x1000}], 0xa) socket(0x6, 0x4000, 0x7f) semctl$IPC_RMID(r0, 0x0, 0x0) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000240)=""/73) login: wsmuxpoll: not open wsmuxpoll: not open wsmuxpoll: not open 23:17:21 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000040)={'tap', 0x0}) open(&(0x7f0000000000)='./file0\x00', 0x20000, 0x151) ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f00000002c0)={0x3, &(0x7f0000000180)=[{0x30}, {0x4c}, {0x16}]}) pwrite(r0, &(0x7f0000000100)="fb9be96914f6d6c73200000f33a5", 0xe, 0x0, 0x0) 23:17:21 executing program 0: r0 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r0, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) poll(&(0x7f0000000000)=[{r0, 0x96}], 0x1, 0x7f) mknodat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x178d) open$dir(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) wsmuxpoll: not open wsmuxpoll: not open wsmuxpoll: not open wsmuxpoll: not open wsmuxpoll: not open 23:17:21 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bpf\x00', 0x4000000001, 0x0) r1 = socket(0x18, 0x1, 0x0) r2 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PCIOCREAD(r3, 0x8010570e, &(0x7f0000000080)) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f0000000100)={'tap', 0x0}) r4 = socket(0x18, 0x1, 0x0) r5 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r4) readv(r1, &(0x7f0000000200)=[{&(0x7f0000000180)=""/74, 0x4a}, {&(0x7f0000000280)=""/70, 0x46}], 0x2) ioctl$PCIOCREAD(r6, 0x8010570e, &(0x7f0000000080)) ioctl$BIOCGFILDROP(r6, 0x40044278, &(0x7f0000000140)) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000040)={'tap', 0x0}) ioctl$BIOCSETWF(r3, 0x80104277, &(0x7f00000000c0)) pwrite(r0, &(0x7f0000000240)="fbaf8a8d1a029be96914f6357e3a", 0xe, 0x0, 0x0) 23:17:21 executing program 0: sysctl$kern(&(0x7f00000002c0)={0x1, 0x7}, 0x2, 0x0, 0x0, &(0x7f0000000180), 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000000)={0x0, 0x0}, 0xc) r1 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0xfffffffffffffffd) writev(r1, &(0x7f0000000100)=[{&(0x7f0000000180)='#!', 0x2}], 0x1) r2 = fcntl$dupfd(r1, 0x0, r1) write(r2, &(0x7f0000000300)="0920090000000000000014804752cd8439df6dfe4ed2848f4aaa41f6ac61371c960a", 0x22) r3 = fcntl$getown(0xffffffffffffffff, 0x5) msgsnd(0x0, &(0x7f0000000140)=ANY=[@ANYRESHEX=r3, @ANYRES32], 0x2, 0x3fb) socketpair(0x1, 0x2, 0x9, &(0x7f0000001dc0)={0xffffffffffffffff}) r5 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r5, &(0x7f00000001c0)=ANY=[@ANYRESHEX=0x0], 0x1, 0x7fc) msgsnd(r5, &(0x7f0000000040)=ANY=[@ANYRES64], 0x1, 0x800) r6 = fcntl$getown(r4, 0x5) msgsnd(r5, &(0x7f0000000140)=ANY=[@ANYRESHEX=r6, @ANYRES32], 0x2, 0x3fb) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000080)={{0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2, 0x93}, 0x7da5, 0xfffffffffffffffd, r3, r6, 0x10, 0x800, 0xdf12, 0x564f}) r7 = geteuid() r8 = getegid() sendmsg$unix(r2, &(0x7f0000000140)={&(0x7f0000000000)=@abs={0x1, 0x0, 0x3}, 0x8, &(0x7f0000000080)=[{&(0x7f00000001c0)="fa580755ae316aa831aac7959a95fe46c076f522e22cf920a7a575b40662fa172aac07f5e7fc2280da809236e49dabc26deabd89f0a51218404c6289bc1e736108573f258ed88d7a1c43c0d41f38bfd64c972b2d180972217ef4931a759f137243c9ce5f3162fa1f33fa729218843946299fe1bdfb98837db1e9898f28df902002cdd5f3bb88ba559bd4b4d4382ac2ae7bc312cdd2a3d0bfc8a40056343a00a3eba3abf1bae38efbfa71d3c5f1d69fb3165236251d0a4ff9096951d780e3864a5ae1", 0xc2}], 0x1, &(0x7f00000000c0)=[@cred={0x20, 0xffff, 0x0, r6, r7, r8}], 0x20, 0x1}, 0x4) setsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000080)={0x0, r0, r8}, 0xc) 23:17:21 executing program 1: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0xfffffffffffffffd) writev(r0, &(0x7f0000000640)=[{&(0x7f0000000140)='#!', 0x2}], 0x1) r1 = openat$diskmap(0xffffffffffffff9c, &(0x7f0000000000)='/dev/diskmap\x00', 0x8, 0x0) write(r1, &(0x7f0000000180)="09099838059d010438b171ce20000000000000000400000000000b1892aed5e1a33cbfe83824add0752bc6e69393bc16eb5f11eafaf49bbe21d2a8f79b7f54dd8509b7636078a86761c906d861c88352b3b4ab1b27f516d678235a76351200102ac03fc6ab4eaeed250a6cb8a5ef0be1e6ca45edb02e4fcb89d37cbdae181945fcdad815028ca9a542a4e50eb61ad70d27e7bdceda3a80a1008007f7514d78915aa7373216137817d3fc4ff0951eb081238dbd4a77ca5f78ba391d8cc2a6e4605e086d6a7f868f1e96b16bce8abe0e8abb77295cfcd88c98c8b5ed7ed678ac2b26cf6cfd631f716a2be981148b30bc603f35f6d6cfa9162c34bdb06a17529bef30495fa6c326d41497c70640bb4aa1f37746856f56d3b8fcb3b67b1a284a738dd4b5d4d7950000809c3bb8d3fafbf57ece3bb4c9945bddac5b6d8482629a0765dfe158dba36a3d59f5439e70f249c5d8a3920bfac577f208d9e93e64f30eb2faf8d2b51b5519cfc8655998af71176a47efd8ffea5ae13920bcf0a7bc9189bca776e0285da72129faa7795f29ae4f38ba67e81dda653792d610d9949a2ea60d64a6cbcd302d206171423e039078936a02f7d37b45facdc4ffb48ebfdbb0091184f37b7281a69b336ccef9e749fbe52ee844ab712bfc18514b43959594d49546de48583d78cf01ca4c48628e7758f79b4f122a7d7bd18b547ebfb8419b84ec00b5b2b04a482a90151103be56ad3529c61864d3ea8329cd7430d1667d72ebd45f76877d3b4e99f1aac6258690fb60fd1a5a1e37f7696f43efc68a5c5673182ec6aa08e3218b2821bded3dc72341ee3b85bac0660c285d29d2cad10c0f65df92417eec19c48fb414e58a5aaabf6a57dba90b2c65aea4cf55533c8dbbf16057f4ffc1307c80863529602473f553723398638e43a1fe143c230b4a9154cb97864c6fee6ac1e9a76eaead05b5f3445f8ad458938755b61a6475e25b981684fd68888a0e767fed3895e9279e47995fd4df", 0x2cd) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 23:17:21 executing program 0: syz_emit_ethernet(0x2b7, &(0x7f00000004c0)=ANY=[@ANYRESDEC]) r0 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r0, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) r1 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78779e, r1) r2 = getpgid(r1) fcntl$setown(r0, 0x6, r2) 23:17:21 executing program 0: r0 = socket(0x2, 0x2, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="d4020207e0000001"], 0x1) r1 = socket(0x2, 0x400000000002, 0x0) setsockopt(r1, 0x0, 0x21, &(0x7f0000000040)="b1f5d915", 0x4) r2 = dup2(r1, r0) setsockopt$sock_int(r2, 0xffff, 0x800, &(0x7f0000000080)=0x4, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) bind(r0, &(0x7f0000000000)=@un=@abs={0x0, 0xd}, 0x10) r3 = socket(0x2, 0x8002, 0x0) recvfrom$inet(r2, &(0x7f00000000c0)=""/94, 0x5e, 0x0, 0x0, 0x0) r4 = openat$klog(0xffffffffffffff9c, &(0x7f0000000180)='/dev/klog\x00', 0x8000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) ioctl$LIOCSFD(r4, 0x80046c7f, &(0x7f0000000200)=r5) connect$unix(r3, &(0x7f0000000000)=ANY=[], 0x10) truncate(&(0x7f0000000140)='./file0\x00', 0x0, 0x3f) write(r3, 0x0, 0x0) 23:17:21 executing program 1: sysctl$hw(&(0x7f0000000000)={0x2, 0x9}, 0x2, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_pts() close(r0) ioctl$TIOCSETAF(r0, 0x802c7416, &(0x7f0000000000)={0x0, 0x0, 0xfffffffa, 0x1fc80d8c, "ff0759d624070000001d7f00001832681fe600"}) r1 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r1, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) openat$bpf(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bpf\x00', 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x0, 0x0) close(r2) r3 = openat$pci(0xffffffffffffff9c, &(0x7f0000000280)='/dev/pci\x00', 0x200, 0x0) close(r3) writev(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="c4e45bc546c86fc3b1f9221247a223fc2f336f3f04ad1ecd5f66475e6fdec56b288bf02c346cb70d1623d8f4d075de64ff6b5a75a6ef66a07046c68781ff08371e0516d5d28c", 0x46}], 0x1) write(r0, &(0x7f0000000140)="2078f7b678807d89e032dc19f570fe00bac871767dbcbbff8330c22685419d5e0110188e90cd9c8e50599ba24cd7c19fe1397a431644e5976fe4bce3b20b21c3f3719d1d5de4b7586a0669cedb7237b428821c1db394acba77de083c965124aeacbcf09bd3c719ed25314dc21617d89aa9c6ffc4137067f33d5ed8d898537ed95d34e48374ae5f307c5375eaba46d8f816057b2c10d48644a54f695db32649dae31f197d94f0fbdb1796778ce098cc07acba65bddc0e2ce8b65297f80863914cb3909b299d190a11b262d4ce7f", 0xcd) ioctl$TIOCCLRVERAUTH(r0, 0x2000741d) chmod(&(0x7f0000000040)='./file0\x00', 0x15) 23:17:21 executing program 1: sysctl$hw(&(0x7f0000000040)={0x7, 0xe}, 0x1, 0x0, 0x0, 0x0, 0xfcc7) 23:17:21 executing program 1: sysctl$net_inet_gre(&(0x7f0000000000)={0x4, 0x2, 0x6, 0x9}, 0x4, &(0x7f0000000400)="c5a22f6368e10831bbc79f338b286dc9ed7fb3943cb12cb3040b9a99299e2ca58006c52d0e6c6b523537b87d0113cb6e9d16890175af893e475a752cac806e20e3f9c946f9a4f2c4136c1b5c9df87e8991b48583686f3b0cd6ed40469b894abcbbbf69ca270754aeab93d536fcd5a92b1d953beca89bd19f577741eff8f0437994158152b82c2728bcd6de343babe3dd5677ab71a3fb91e9c385144ca8771d5537dd91b9e80603264cfc335f6613c381f65d2096a130291085ded31240b692659ba7ce6a73048073c4cfad0097ebb62eeec0eba75c2684221c0faf34a0488fe3dd9c34483db04fd7600a7ad0b046c58beccedb23feafd850900a758858b1391e6c5c3adb4152ca4fabd3a4f1d3a0e11f6034d991a57fc86d048a9566b855f112dcfe3a0708f57d56fefd7610c212900ec945704b7a8002051c2a20baa71ff39629", &(0x7f0000000040)=0x2000, &(0x7f00000002c0)="00355423649ebf16eaf5675f9b98913a79b8daae2b16a677451988c50e3dafc4e790687aaac584bed3d22dd6e11f609ebe3d5c1b4606f1fe9e2d7cf72d1b5422a3f242d40098e955c4fce5e9125f9575dc778a039e2b411398b66bce59f5e44411cdc8de2d821e2f9ecd965029c473f21d66c1246be302d37956b52e05a6efaebafdd7a45fcf2f99fe3394654c030424a6c00a3db501f22179c1caf12a84a699192a960a1581560a8de73e0b6effe00789ebc4c21424577c38618bcbf9a21a057f43524df3951b6ddf064af1db3e1c03818c004e70df78f407a213b42bdc66fdce310f50410c0938e3a03e2881dcd8bd909907a3e8c5d2751121f7e859082ec5501f801e595afad86214b8c8e2c398fc", 0x4) r0 = semget$private(0x0, 0x5, 0x204) sysctl$net_inet_ah(&(0x7f0000000180)={0x4, 0x2, 0x33, 0x1}, 0x4, &(0x7f00000001c0)="4928b2c2d35e82b861aa852efd8f98eed4559d2e00250ef44ec5b389202aea7be7b5a766f3b02a4e47c7dfedef9caad483fa5971555f59e7e52f67263a506ba7e4f6099781c6321b311eb2c666c4d4d1d7b51e85d1478045226212fba8428cf452aa53b9d5fdc3d5f79fb36c78009bf94fcb2acf0fb649bae3899b52da39e24c43b8e35820dc6326e55c1737ec1ade83790c7c8219881166f9d8ea1a5ec8a0f55d74e247ed36aaea89", &(0x7f0000000280)=0xa9, &(0x7f0000000840)="5ab62fa3cfb8a25358d6605cdee20c428e60a4b61c553beba47d05c9700946e04e8d8d78fcbd6ac98988b0d92cbebd52ef28ee1f8105d644d8aa2dd6d77cc5fda2c98bbaece5f678bf4ebc70473145b1531465e9e982e8c1c28dea07c86f84b4dd5afb623f68c666f8c6fbfb9c875265c5fe9da4582db81edc9287863a6ee1b426814c7d53f4c30b65bffc4e1aef92f9a7cc1e", 0x93) r1 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x20, 0xc2) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f0000000000)={'tap', 0x0}) ioctl$BIOCSETWF(r2, 0x80104277, &(0x7f0000000180)={0x3, &(0x7f0000000140)=[{0x50}, {0x2d}, {0x6, 0x0, 0x0, 0x7cf}]}) pwrite(r2, &(0x7f0000000100)="b1e91bee8fad27050cdafd2413b0", 0xe, 0x0, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x200, 0xd4) semop(0x0, &(0x7f0000000080)=[{0x4, 0x800}, {0x0, 0x6, 0x1000}, {0x0, 0x7, 0x1800}, {0x1, 0x1, 0x1000}, {0x3, 0x97, 0x1000}, {0x0, 0x2, 0x2800}, {0x3, 0x7604, 0x1800}, {0x2, 0xad, 0x1000}, {0x1, 0x8, 0x1800}, {0x2, 0x1, 0x800}], 0xa) r4 = openat$pf(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/pf\x00', 0x80, 0x0) r5 = dup(r4) r6 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r6, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) kevent(0xffffffffffffffff, &(0x7f0000000600)=[{{}, 0xfffffffffffffffd, 0x2, 0xf0000000, 0xffffffffffff8000, 0x48332cbf}, {{r5}, 0xfffffffffffffffe, 0x0, 0x2, 0x6, 0x20}, {{r6}, 0xfffffffffffffffc, 0xf7, 0x1, 0x7, 0x4}], 0x401, &(0x7f0000000900)=[{{}, 0xfffffffffffffffa, 0x10, 0x8, 0x0, 0x40}, {{}, 0xfffffffffffffff8, 0x8, 0x1, 0x3, 0x5}, {{}, 0xfffffffffffffffe, 0x0, 0x2, 0x0, 0x3}, {{}, 0xfffffffffffffffe, 0x83, 0x80000000, 0x0, 0x6}, {{r1}, 0xfffffffffffffffd, 0xf, 0x4, 0x6, 0x3}, {{r4}, 0xfffffffffffffffd, 0x9, 0x0, 0xffffffffffff0000, 0x3}, {{r3}, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0x3}], 0xbe3, &(0x7f0000000a00)={0x5b, 0x100000000}) semop(r0, &(0x7f0000000100)=[{0x0, 0x5022, 0x1000}, {0x1, 0x0, 0x800}], 0x2) semop(r0, 0xffffffffffffffff, 0x4) kevent(0xffffffffffffffff, 0x0, 0xfffffffd, &(0x7f0000000280)=[{{}, 0xffffffffffffffff, 0x1}], 0x0, 0x0) ioctl$VMM_IOC_CREATE(0xffffffffffffffff, 0xc5005601, &(0x7f0000000a40)={0x10, 0x3, 0x4, 0x4, [{&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x3}, {&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff7000/0x9000)=nil, 0x6}, {&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff7000/0x4000)=nil, 0x38}, {&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0xc5f4}, {&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0xffffffff80000000}, {&(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x9}, {&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff5000/0x3000)=nil}, {&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fed000/0x13000)=nil, 0x30000000000}, {&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x10000}, {&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff2000/0x3000)=nil, 0x2}, {&(0x7f0000ff2000/0x4000)=nil, &(0x7f0000ff4000/0x3000)=nil}, {&(0x7f0000ff0000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil}, {&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fef000/0x1000)=nil, 0xfffffffeffffffff}, {&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x5}, {&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0xb7a9}, {&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x7f}], ['./file0\x00', './file0/file0\x00', './file0\x00', './file0\x00'], './file0\x00', './file0\x00', './file0\x00', ['./file', './file', '\x00', './file'], 0x2}) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000580)=""/10) 23:17:21 executing program 0: r0 = socket(0x18, 0x1, 0x0) r1 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) fcntl$dupfd(r1, 0x0, r0) setsockopt(r0, 0x7f, 0x5, &(0x7f0000000040)="359dcc3e0fa7019cffb1026ce9bb8fb17da6ba73b384a847254027f2c48dafa929668f07e836b36a03936a5fbfe91a599a283f29c2a9e0913e9201f24e4dd5a4fe26df201af6898aae09715b7d1cfcd16501279d9be59d58070f64a7ef5359454b8a2cfd8a468dd35d307919ea3c19526d642da44d1fa52bca0ea4bb0aa438c8cdcc8a57f789c837d13ab9f4fb8bdde96737f92d6237f00f0b0174a1807d990a0cbd732f2aaa47ff1f7e9ac5a15979f4a27926cb6eeb7324fee19c663703785c5e9df42052374527", 0xc8) r2 = open(&(0x7f00000002c0)='./file0\x00', 0x611, 0x0) mmap(&(0x7f0000005000/0x3000)=nil, 0x3000, 0x0, 0x810, r2, 0x0, 0x0) r3 = openat$speaker(0xffffffffffffff9c, &(0x7f0000000140)='/dev/speaker\x00', 0x10000, 0x0) r4 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r4, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) fcntl$dupfd(r3, 0x0, r4) r5 = open$dir(&(0x7f0000000000)='./file0\x00', 0x10682, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x2011, r5, 0x0, 0x0) 23:17:21 executing program 1: connect$unix(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="6202e57f7f000001"], 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x2, 0x1, 0x0) bind(r0, &(0x7f0000000000)=@un=@abs={0x0, 0xd}, 0x10) r1 = dup(r0) listen(r1, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0xffff, 0x0, 0x0, 0x0) r2 = socket(0x2, 0x1, 0x0) connect$unix(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="6a8bc9634e19769bbd73"], 0x10) sendto$inet(r2, &(0x7f0000000140)='--', 0x2, 0x1, 0x0, 0x0) r3 = kqueue() r4 = fcntl$dupfd(r3, 0x2, 0xffffffffffffffff) syz_open_pts() fcntl$lock(0xffffffffffffffff, 0x0, 0x0) shmat(0x0, &(0x7f00000f6000/0x4000)=nil, 0x0) shmdt(0x0) fchdir(0xffffffffffffffff) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x5811, r4, 0x0, 0xfffffffffffffffc) sendmsg(0xffffffffffffffff, 0x0, 0x0) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) close(r2) accept$unix(r1, 0x0, 0x0) recvfrom$unix(r2, &(0x7f0000001200)=""/4096, 0x1000, 0x1, 0x0, 0x0) 23:17:21 executing program 1: r0 = openat$vmm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/vmm\x00', 0x0, 0x0) ioctl$VMM_IOC_WRITEREGS(r0, 0xc5005601, &(0x7f0000000580)={0x1, 0x0, 0x1, {[0x0, 0x0, 0xffffffffffffffff, 0x1020000000, 0x200000], [0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa], [0x0, 0x0, 0x100000001], [], [{}, {0x0, 0x0, 0x20}, {}, {}, {}, {0x0, 0x0, 0x0, 0x100}]}}) 23:17:21 executing program 0: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5a], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x2, 0xb, 0xffffffffffffffff, 0xefbffffffffffffb], [0x0, 0x0, 0x9]}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) mprotect(&(0x7f000018a000/0x2000)=nil, 0x2000, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x8000, 0x22) ioctl$WSDISPLAYIO_LSFONT(r0, 0xc058574e, &(0x7f0000000080)) r1 = socket(0x18, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$TIOCFLUSH(r2, 0x8080691a, &(0x7f0000000300)) ioctl$TIOCGWINSZ(r0, 0x40087468, &(0x7f0000000100)) ioctl$TIOCGWINSZ(r2, 0x40087468, &(0x7f0000000000)) 23:17:22 executing program 1: openat$wsmuxkbd(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/wskbd\x00', 0x0, 0x0) r0 = openat$pf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pf\x00', 0x0, 0x0) ioctl$FIOASYNC(r0, 0xc0084463, &(0x7f0000000000)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) r1 = open$dir(&(0x7f00000000c0)='./bus\x00', 0x1000000381, 0x0) r2 = dup(r1) r3 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) ioctl$WSMUXIO_ADD_DEVICE(r3, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) r4 = getuid() r5 = socket(0x18, 0x1, 0x0) r6 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r5) ioctl$PCIOCREAD(r7, 0x8010570e, &(0x7f0000000080)) r8 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r9 = fcntl$dupfd(r8, 0x0, 0xffffffffffffffff) ioctl$PCIOCREAD(r9, 0x8010570e, &(0x7f0000000080)) ioctl$WSMOUSEIO_SCALIBCOORDS(r9, 0x81205724, &(0x7f00000001c0)={0x4, 0x8001, 0x1ff, 0x8, 0xc54, 0x287, 0x0, 0x10, [{0xffff, 0x0, 0x4, 0x6}, {0x7fff, 0x1, 0x1, 0x9e}, {0x1000, 0x9, 0x10001, 0xffff7fdc}, {0x200, 0xe8, 0x1, 0x2}, {0x3a6, 0x4, 0xe84, 0x4}, {0x4090, 0x8, 0x80, 0x89d5}, {0x6, 0x34, 0x3, 0x800}, {0x7, 0x1, 0x734, 0xeb9e}, {0x400, 0x5, 0x14, 0x7}, {0x9, 0xfffffffc, 0x5, 0x6}, {0x6, 0x1, 0x3f, 0xcf}, {0x400, 0x1, 0x25, 0x800}, {0x5, 0x7, 0x3c0}, {0x1, 0x958, 0x6, 0x2}, {0x6, 0x6, 0x9, 0xffffffff}, {0x2, 0x81, 0x40}]}) getsockopt$SO_PEERCRED(r7, 0xffff, 0x1022, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0xc) fchown(r3, r4, r10) ioctl$WSKBDIO_SETMODE(r2, 0x8010570e, &(0x7f0000000000)) 23:17:22 executing program 0: shmctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f00000000c0)={{0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f0000000300)="0920090000000000000014804752cd8439df6dfe4ed2848f4aaa41f6ac61371c960a", 0x22) r0 = fcntl$getown(0xffffffffffffffff, 0x5) msgsnd(0x0, &(0x7f0000000140)=ANY=[@ANYRESHEX=r0, @ANYRES32], 0x2, 0x3fb) socketpair(0x1, 0x2, 0x9, &(0x7f0000001dc0)={0xffffffffffffffff}) r2 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r2, &(0x7f00000001c0)=ANY=[@ANYRESHEX=0x0], 0x1, 0x7fc) msgsnd(r2, &(0x7f0000000040)=ANY=[@ANYRES64], 0x1, 0x800) r3 = fcntl$getown(r1, 0x5) msgsnd(r2, &(0x7f0000000140)=ANY=[@ANYRESHEX=r3, @ANYRES32], 0x2, 0x3fb) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000080)={{0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2, 0x93}, 0x7da5, 0xfffffffffffffffd, r0, r3, 0x10, 0x800, 0xdf12, 0x564f}) r4 = geteuid() r5 = getegid() sendmsg$unix(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)=@abs={0x1, 0x0, 0x3}, 0x8, &(0x7f0000000080)=[{&(0x7f00000001c0)="fa580755ae316aa831aac7959a95fe46c076f522e22cf920a7a575b40662fa172aac07f5e7fc2280da809236e49dabc26deabd89f0a51218404c6289bc1e736108573f258ed88d7a1c43c0d41f38bfd64c972b2d180972217ef4931a759f137243c9ce5f3162fa1f33fa729218843946299fe1bdfb98837db1e9898f28df902002cdd5f3bb88ba559bd4b4d4382ac2ae7bc312cdd2a3d0bfc8a40056343a00a3eba3abf1bae38efbfa71d3c5f1d69fb3165236251d0a4ff9096951d780e3864a5ae1", 0xc2}], 0x1, &(0x7f00000000c0)=[@cred={0x20, 0xffff, 0x0, r3, r4, r5}], 0x20, 0x1}, 0x4) r6 = socket(0x18, 0x1, 0x0) r7 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x1, 0x0) r8 = fcntl$dupfd(r7, 0x0, r6) ioctl$PCIOCREAD(r8, 0x8010570e, &(0x7f0000000080)) getsockopt$sock_cred(r8, 0xffff, 0x1022, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000140)={{0x0, 0x0, 0x0, 0x0, r5, 0x188, 0x5}, 0x68bb, 0x80, r9, 0xffffffffffffffff, 0x2a7, 0x9, 0x5}) 23:17:23 executing program 0: syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @random="dca72dba2417", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x14, 0x0}}, @udp={{0x2, 0x2, 0x8}, {"8a6eb665df9cd8d332d5ff918314bd9224be531920f85bd32443bcd628938eb0d50773a7dc524426472f210b"}}}}}}) r0 = msgget$private(0x0, 0xfffffffffffffffd) setreuid(0x0, 0xee01) msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000140)=""/253) r1 = openat$wsmuxmouse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/wsmouse\x00', 0x1, 0x0) r2 = syz_open_pts() ioctl$TIOCSPGRP(r2, 0x40047477, &(0x7f0000000040)) ioctl$WSMUXIO_ADD_DEVICE(r1, 0x80085761, &(0x7f0000000000)={0x2, 0x1}) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) ioctl$TIOCCDTR(r3, 0x20007478) 23:17:23 executing program 1: sysctl$kern(&(0x7f0000000040)={0x1, 0x14}, 0x2, 0x0, 0x0, &(0x7f0000000180), 0x0) socket$unix(0x1, 0x5, 0x0) sysctl$kern(&(0x7f0000000000)={0x1, 0x6}, 0x2, &(0x7f0000000080)="ecb8d1d5a238fa4d1340151bc7ea899de6eb37f5620c9a3b7c16e134a77d4bd98b6c2ef6656391fd361b8db01f8f0c68dc09529551e2c9da35d1a3c0a7ce0a0d0b6c99662eeaae7009048ef72ff8536d55c8a13467e4a578dd4343333bb4f1745607b74f1caa85c6007233026c3ae43ddf6e16c8712333ed30dbd32afc4915f116d3d42f48a6cb3f8eaf9f1456fd540e9e2f26d207154e4305c06da1b95505031ca4b78e43b4c0cef4cf8157b84ee73523440d4adf657ed099f6", &(0x7f0000000140)=0xba, &(0x7f0000000280)="3ba7ba26ac88e6bcb20e260e0050f565df8d2be69e43c82129f9d0e909b4eb0c63bd4c8bbe79d17d14552e5afda81f7dad2eef3a7d698b9668c205a08de0d3650f2a0bd8e504c25e7a7a6cec78867cb67bac5f9a34838553ee5f32abed2e8c46e46ac73f7975ceb2018d0badafb2b26e24edbd3b1eec7a4cf9db35e45d629569090b622fd4617aae9c204d84c8145029dc7416cf682ef0c9e9a41dee379cba8254d36b239da20eaf179f923cb5e3f9567b5ed175006c4d4f5355ef", 0xbb) 23:17:23 executing program 0: chdir(&(0x7f0000000040)='./file0\x00') ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f00000000c0)={0x0, &(0x7f0000000300)}) r0 = socket(0x2, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket(0x18, 0x2, 0x0) setsockopt(r2, 0xff, 0xc, &(0x7f0000000100)="000000008500", 0x6) socketpair(0x6, 0x8002, 0x1, &(0x7f0000000080)) fcntl$dupfd(r2, 0x0, r1) ioctl$TIOCFLUSH(r1, 0xc0106924, &(0x7f00000000c0)=0x6e) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) ioctl$VMM_IOC_RESETCPU(0xffffffffffffffff, 0x82405605, &(0x7f0000000340)={0x0, 0x0, {[0xa, 0x40000ffff, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x6, 0x2, 0x0, 0x0, 0xffff], [0x0, 0x3, 0x0, 0x0, 0x0, 0x5], [{0x1ff, 0x0, 0x0, 0x8}, {0x0, 0xffffffff, 0x0, 0xffffffffffffffef}, {0x0, 0xfffffffd, 0x0, 0x63}, {0x0, 0x5, 0x0, 0x4}, {0x0, 0x0, 0xaf}, {}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x80000001}], {0x0, 0x1000}, {0x0, 0x0, 0x3ffd, 0x4}}}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r3 = socket(0x18, 0x2, 0x0) ioctl$VT_ACTIVATE(r1, 0x20007605, &(0x7f0000000000)=0x7fff) fcntl$dupfd(r3, 0x0, r3) r4 = socket(0x18, 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$TIOCFLUSH(r5, 0x81206919, &(0x7f0000000300)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) accept$unix(r6, &(0x7f0000000180)=@abs, &(0x7f00000001c0)=0x8) uvm_fault(0xfffffd807effea10, 0xa, 0, 1) -> e kernel: page fault trap, code=0 Stopped at vio_rxeof+0x191: movzwl 0xa(%r15),%eax ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic kernel page fault uvm_fault(0xfffffd807effea10, 0xa, 0, 1) -> e vio_rxeof(ffff80000017c000) at vio_rxeof+0x191 end trace frame: 0xffff800020ed6f40, count: 0 ddb{0}> trace vio_rxeof(ffff80000017c000) at vio_rxeof+0x191 vio_rx_intr(ffff80000017c050) at vio_rx_intr+0x4d intr_handler(ffff800020ed6fa0,ffff800000256b80) at intr_handler+0x8f Xintr_ioapic_edge19_untramp() at Xintr_ioapic_edge19_untramp+0x19f __sanitizer_cov_trace_cmp4(8015e,8015f) at __sanitizer_cov_trace_cmp4+0x5d __mp_lock(ffffffff828c5320) at __mp_lock+0x139 pageflttrap(ffff800020ed71b0,1) at pageflttrap+0x7f usertrap(ffff800020ed71b0) at usertrap+0x21a recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x7f7ffffc2fe0, count: -9 ddb{0}> show registers rdi 0xc rsi 0xc rbp 0xffff800020ed6ee0 rbx 0xffff80000017c000 rdx 0 rcx 0xffffffff8275aff0 cpu_info_full_primary+0x1ff0 rax 0xffffffff8275aff0 cpu_info_full_primary+0x1ff0 r8 0x2 r9 0 r10 0x4ad6d6c7b5f7126f r11 0x60796062d55ff6ec r12 0xffff800000024c00 r13 0xc r14 0xfffffd806a2ad300 r15 0 rip 0xffffffff8113c191 vio_rxeof+0x191 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800020ed6e50 ss 0 vio_rxeof+0x191: movzwl 0xa(%r15),%eax ddb{0}> show proc PROC (syz-executor.0) pid=176768 stat=onproc flags process=2 proc=0 pri=65, usrpri=65, nice=20 forw=0xffffffffffffffff, list=0xffff800020ddc278,0xffff800020ddd878 process=0xffff8000fffff758 user=0xffff800020ed2000, vmspace=0xfffffd807effea10 estcpu=36, cpticks=2, pctcpu=0.10 user=0, sys=0, intr=1 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 67714 363897 87451 0 7 0 syz-executor.1 87451 130269 30517 0 3 0x82 nanosleep syz-executor.1 *19858 176768 30517 0 7 0x2 syz-executor.0 30517 506654 65376 0 3 0x82 kqread syz-fuzzer 30517 325389 65376 0 3 0x4000082 nanosleep syz-fuzzer 30517 7709 65376 0 3 0x4000082 thrsleep syz-fuzzer 30517 250743 65376 0 3 0x4000082 thrsleep syz-fuzzer 30517 453012 65376 0 3 0x4000082 nanosleep syz-fuzzer 30517 403147 65376 0 3 0x4000082 thrsleep syz-fuzzer 30517 20942 65376 0 3 0x4000082 thrsleep syz-fuzzer 30517 480103 65376 0 3 0x4000082 thrsleep syz-fuzzer 30517 499318 65376 0 3 0x4000082 thrsleep syz-fuzzer 30517 508865 65376 0 3 0x4000082 thrsleep syz-fuzzer 65376 114722 61933 0 3 0x10008a pause ksh 61933 253252 43993 0 3 0x92 select sshd 15811 482802 1 0 3 0x100083 ttyin getty 43993 27098 1 0 3 0x80 select sshd 2149 328955 56565 74 3 0x100092 bpf pflogd 56565 44354 1 0 3 0x80 netio pflogd 74004 393900 12184 73 3 0x100090 kqread syslogd 12184 32004 1 0 3 0x100082 netio syslogd 1458 84275 1 77 3 0x100090 poll dhclient 32577 480894 1 0 3 0x80 poll dhclient 17129 355283 0 0 3 0x14200 bored smr 31780 386967 0 0 2 0x14200 zerothread 91725 110 0 0 3 0x14200 aiodoned aiodoned 68571 309167 0 0 3 0x14200 syncer update 77008 245743 0 0 3 0x14200 cleaner cleaner 29604 369877 0 0 3 0x14200 reaper reaper 93555 9449 0 0 3 0x14200 pgdaemon pagedaemon 61431 431744 0 0 3 0x14200 bored crynlk 97079 449226 0 0 3 0x14200 bored crypto 38472 416778 0 0 3 0x40014200 acpi0 acpi0 22732 433991 0 0 3 0x40014200 idle1 97982 145060 0 0 3 0x14200 bored softnet 14880 146914 0 0 3 0x14200 bored systqmp 68419 8197 0 0 3 0x14200 bored systq 31348 148425 0 0 3 0x40014200 bored softclock 86332 325300 0 0 3 0x40014200 idle0 1 51807 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 19858 (syz-executor.0) thread 0xffff800020ddc758 (176768) exclusive kernel_lock &kernel_lock r = 1 (0xffffffff828c5528) #0 witness_lock+0x4c7 #1 intr_handler+0x5e #2 Xintr_ioapic_edge19_untramp+0x19f #3 __sanitizer_cov_trace_cmp4+0x5d #4 __mp_lock+0x139 #5 pageflttrap+0x7f #6 usertrap+0x21a #7 recall_trap+0x8 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9472 6401K 6523K 78643K 10605 0 pcb 13 8K 8K 78643K 19 0 rtable 105 3K 3K 78643K 201 0 ifaddr 44 10K 10K 78643K 49 0 counters 43 33K 33K 78643K 43 0 ioctlops 0 0K 4K 78643K 1473 0 mount 1 1K 1K 78643K 1 0 vnodes 1221 77K 77K 78643K 1240 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 3 0 VM map 2 1K 1K 78643K 2 0 sem 4 0K 0K 78643K 8 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1824 197K 290K 78643K 13058 0 file desc 5 13K 25K 78643K 65 0 proc 59 63K 83K 78643K 438 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 33 2K 2K 78643K 33 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 31 148K 148K 78643K 31 0 exec 0 0K 1K 78643K 209 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 115 22K 23K 78643K 1130 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 6 0K 0K 78643K 10 0 temp 80 3858K 4106K 78643K 2118 0 kqueue 3 4K 4K 78643K 3 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 21 0 19 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 33 0 23 1 0 1 1 0 8 0 syncache 264 5 0 5 2 1 1 1 0 8 1 tcpqe 32 638 0 638 1 0 1 1 0 8 1 tcpcb 544 41 0 36 1 0 1 1 0 8 0 inpcb 296 87 0 79 2 0 2 2 0 8 1 nd6 48 6 0 0 1 0 1 1 0 8 0 pfosfp 40 846 0 423 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 14 0 0 1 0 1 1 0 8 0 pfstkey 112 14 0 0 1 0 1 1 0 8 0 pfstate 328 14 0 0 2 0 2 2 0 8 0 pfrule 1360 22 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 188 0 0 12 0 12 12 0 8 0 art_table 32 189 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 sysvmsgpl 40 12 0 4 1 0 1 1 0 8 0 semupl 112 3 0 3 1 0 1 1 0 8 1 semapl 112 4 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1462 0 56 88 0 88 88 0 8 0 ffsino 272 1462 0 56 95 1 94 94 0 8 0 nchpl 144 1728 0 118 60 0 60 60 0 8 0 uvmvnodes 72 1522 0 0 28 0 28 28 0 8 0 vnodes 208 1522 0 0 81 0 81 81 0 8 0 namei 1024 4603 0 4603 2 1 1 1 0 8 1 percpumem 16 32 0 0 1 0 1 1 0 8 0 scxspl 192 5222 0 5222 8 1 7 7 0 8 7 plimitpl 152 15 0 7 1 0 1 1 0 8 0 sigapl 424 280 0 249 4 0 4 4 0 8 0 futexpl 56 577 0 577 1 0 1 1 0 8 1 knotepl 112 61 0 42 1 0 1 1 0 8 0 kqueuepl 144 6 0 4 1 0 1 1 0 8 0 pipepl 304 81 0 71 1 0 1 1 0 8 0 fdescpl 496 265 0 249 3 0 3 3 0 8 0 filepl 152 1373 0 1272 6 1 5 5 0 8 1 lockfpl 104 13 0 12 1 0 1 1 0 8 0 lockfspl 48 6 0 5 1 0 1 1 0 8 0 sessionpl 112 18 0 7 1 0 1 1 0 8 0 pgrppl 48 18 0 7 1 0 1 1 0 8 0 ucredpl 96 79 0 70 1 0 1 1 0 8 0 zombiepl 144 249 0 249 2 1 1 1 0 8 1 processpl 992 280 0 249 6 1 5 5 0 8 0 procpl 624 360 0 320 4 0 4 4 0 8 0 sockpl 400 141 0 121 4 1 3 3 0 8 0 mcl64k 65536 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 1 0 0 1 0 1 1 0 8 0 mcl4k 4096 4 0 0 1 0 1 1 0 8 0 mcl2k 2048 185 0 0 23 0 23 23 0 8 0 mtagpl 96 6 0 0 1 0 1 1 0 8 0 mbufpl 256 398 0 0 25 0 25 25 0 8 0 bufpl 280 3396 0 132 234 0 234 234 0 8 0 anonpl 16 40318 0 24977 63 1 62 62 0 124 0 amapchunkpl 152 1199 0 1064 8 0 8 8 0 158 0 amappl16 192 1066 0 234 42 0 42 42 0 8 0 amappl15 184 16 0 14 1 0 1 1 0 8 0 amappl14 176 28 0 23 1 0 1 1 0 8 0 amappl13 168 36 0 32 1 0 1 1 0 8 0 amappl12 160 5 0 5 2 1 1 1 0 8 1 amappl11 152 57 0 42 1 0 1 1 0 8 0 amappl10 144 55 0 45 1 0 1 1 0 8 0 amappl9 136 389 0 388 1 0 1 1 0 8 0 amappl8 128 339 0 314 2 0 2 2 0 8 0 amappl7 120 133 0 120 1 0 1 1 0 8 0 amappl6 112 26 0 20 1 0 1 1 0 8 0 amappl5 104 160 0 144 1 0 1 1 0 8 0 amappl4 96 492 0 462 1 0 1 1 0 8 0 amappl3 88 98 0 92 1 0 1 1 0 8 0 amappl2 80 1142 0 1067 2 0 2 2 0 8 0 amappl1 72 15936 0 15493 23 9 14 18 0 8 4 amappl 80 615 0 573 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 265 0 249 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 265 0 249 1 0 1 1 0 8 0 vmmpekpl 168 6160 0 6125 2 0 2 2 0 8 0 vmmpepl 168 40234 0 38232 123 5 118 118 0 357 29 vmsppl 368 264 0 249 2 0 2 2 0 8 0 pdppl 4096 537 0 498 7 1 6 6 0 8 1 pvpl 32 141231 0 122788 154 0 154 154 0 265 5 pmappl 232 264 0 249 2 0 2 2 0 8 1 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 274 0 7 8 0 8 8 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace vio_rxeof(ffff80000017c000) at vio_rxeof+0x191 vio_rx_intr(ffff80000017c050) at vio_rx_intr+0x4d intr_handler(ffff800020ed6fa0,ffff800000256b80) at intr_handler+0x8f Xintr_ioapic_edge19_untramp() at Xintr_ioapic_edge19_untramp+0x19f __sanitizer_cov_trace_cmp4(8015e,8015f) at __sanitizer_cov_trace_cmp4+0x5d __mp_lock(ffffffff828c5320) at __mp_lock+0x139 pageflttrap(ffff800020ed71b0,1) at pageflttrap+0x7f usertrap(ffff800020ed71b0) at usertrap+0x21a recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x7f7ffffc2fe0, count: -9 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800020d70ff0) at x86_ipi_db+0x1a x86_ipi_handler() at x86_ipi_handler+0xc6 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x6f pageflttrap(ffff8000230ed720,1) at pageflttrap+0x7f usertrap(ffff8000230ed720) at usertrap+0x21a recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x7f7fffff7740, count: -7