Warning: Permanently added '10.128.10.49' (ECDSA) to the list of known hosts. 2020/03/03 15:31:29 fuzzer started 2020/03/03 15:31:36 dialing manager at 10.128.15.235:1387 2020/03/03 15:31:36 syscalls: 337 2020/03/03 15:31:36 code coverage: enabled 2020/03/03 15:31:36 comparison tracing: enabled 2020/03/03 15:31:36 extra coverage: support is not implemented in syzkaller 2020/03/03 15:31:36 setuid sandbox: enabled 2020/03/03 15:31:36 namespace sandbox: support is not implemented in syzkaller 2020/03/03 15:31:36 Android sandbox: support is not implemented in syzkaller 2020/03/03 15:31:36 fault injection: support is not implemented in syzkaller 2020/03/03 15:31:36 leak checking: support is not implemented in syzkaller 2020/03/03 15:31:36 net packet injection: enabled 2020/03/03 15:31:36 net device setup: support is not implemented in syzkaller 2020/03/03 15:31:36 concurrency sanitizer: support is not implemented in syzkaller 2020/03/03 15:31:36 devlink PCI setup: support is not implemented in syzkaller 15:31:42 executing program 0: r0 = msgget$private(0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x1, 0x0) setsockopt$inet6_MRT6_ADD_MIF(r1, 0x29, 0x66, &(0x7f0000000040)={0x1, 0x1, 0x3, 0x3, 0xffff}, 0xc) msgrcv(r0, &(0x7f0000000080)={0x0, ""/218}, 0xe2, 0x3, 0x2000) r2 = msgget$private(0x0, 0x8) msgrcv(r2, &(0x7f0000000180)={0x0, ""/155}, 0xa3, 0x0, 0x800) msgctl$IPC_RMID(r2, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x800, 0x59) getsockopt(r1, 0x6, 0xe1a, &(0x7f0000000280)=""/4096, &(0x7f0000001280)=0x1000) r4 = getgid() r5 = getegid() getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f00000012c0)={0x0, 0x0, 0x0}, &(0x7f0000001300)=0xc) getgroups(0x4, &(0x7f0000001340)=[0x0, r4, r5, r7]) accept$inet6(r1, &(0x7f0000001380), &(0x7f00000013c0)=0xc) r9 = semget(0x1, 0x4, 0x400) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000001400)={0x0, 0x0}, 0xc) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000001440)={0x0, 0x0}, 0xc) semctl$IPC_SET(r9, 0x0, 0x1, &(0x7f0000001480)={{0x8, r10, 0x0, r11, r8, 0x1, 0x8}, 0x5d1, 0x3, 0x8}) r12 = shmget(0x2, 0x4000, 0x4db, &(0x7f0000ffb000/0x4000)=nil) r13 = getegid() r14 = getpgid(0x0) r15 = fcntl$getown(0xffffffffffffffff, 0x5) shmctl$IPC_SET(r12, 0x1, &(0x7f0000001500)={{0x0, r6, r5, r10, r13, 0x18, 0x7}, 0x1aa8, 0xffe0, r14, r15, 0x4, 0x401, 0x1}) kqueue() r16 = fcntl$dupfd(0xffffffffffffffff, 0xa, r3) connect$inet(r16, &(0x7f0000001580)={0x2, 0x1}, 0xc) link(&(0x7f00000015c0)='./file0\x00', &(0x7f0000001600)='./file0\x00') pipe2(&(0x7f0000001640)={0xffffffffffffffff}, 0x4) setsockopt$inet_opts(r17, 0x0, 0x0, &(0x7f0000001680)="e2357885cdc7380ff4a732cf08b2cb8e225e6425998bb1298f9ad5f1669fc6e96d5dad665a2a017f108b290337d6", 0x2e) msgctl$IPC_STAT(r0, 0x2, &(0x7f00000016c0)=""/215) 15:31:42 executing program 1: r0 = accept(0xffffffffffffff9c, 0x0, &(0x7f0000000000)) getsockopt(r0, 0xefda, 0x8, &(0x7f0000000040)=""/249, &(0x7f0000000140)=0xf9) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x4) ioctl$WSDISPLAYIO_LDFONT(r1, 0x8058574d, &(0x7f00000001c0)={'./file0\x00', 0x80000001, 0x5, 0xffffffff, 0x1, 0x3, 0x4, 0x200, 0x0, 0x0, 0x8, 0x4}) getpeername(0xffffffffffffffff, &(0x7f0000000240)=@in, &(0x7f0000000280)=0xc) r2 = dup(0xffffffffffffffff) getsockopt$sock_cred(r2, 0xffff, 0x1022, &(0x7f00000002c0), &(0x7f0000000300)=0xc) getsockopt$SO_PEERCRED(r0, 0xffff, 0x1022, &(0x7f0000000340), 0xc) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000380)='/dev/zero\x00', 0x0, 0x0) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) mkdirat(r4, &(0x7f00000003c0)='./file0\x00', 0x0) unlinkat(r1, &(0x7f0000000400)='./file0\x00', 0x0) r5 = open(&(0x7f0000000440)='./file0\x00', 0x800, 0x48) ioctl$WSDISPLAYIO_ADDSCREEN(r5, 0x80245753, &(0x7f0000000480)={0x8, './file0\x00', './file0\x00'}) listen(r2, 0x5) socketpair(0x6, 0x3, 0x48, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) bind$inet6(r7, &(0x7f0000000500)={0x18, 0x2, 0x4, 0x7}, 0xc) write(r6, &(0x7f0000000540)="2ba32f637a5fb6a1cfb97c576132b9c42d8040df5a709f370d53765049647811d818e215a3694ff4254cc268", 0x2c) ioctl$TIOCCDTR(r3, 0x20007478) r8 = socket(0x1a, 0x4000, 0x9) recvmsg(r8, &(0x7f0000001880)={&(0x7f0000000580)=@in, 0xc, &(0x7f0000001780)=[{&(0x7f00000005c0)=""/91, 0x5b}, {&(0x7f0000000640)=""/52, 0x34}, {&(0x7f0000000680)=""/139, 0x8b}, {&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000001740)=""/13, 0xd}], 0x5, &(0x7f0000001800)=""/113, 0x71}, 0x2) read(0xffffffffffffff9c, &(0x7f00000018c0)=""/114, 0x72) getsockopt$sock_linger(r7, 0xffff, 0x80, &(0x7f0000001940), &(0x7f0000001980)=0x8) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f00000019c0), 0xc) link(&(0x7f0000001a00)='./file0\x00', &(0x7f0000001a40)='./file0/file0\x00') r9 = open(&(0x7f0000001a80)='./file1\x00', 0x8, 0x80) fcntl$getown(r9, 0x5) openat$wsdisplay(0xffffffffffffff9c, &(0x7f0000001ac0)='/dev/ttyCcfg\x00', 0x1, 0x0) mkdirat(r9, &(0x7f0000001b00)='./file0/file0\x00', 0x4a) r10 = getgid() setegid(r10) 15:31:43 executing program 1: connect$unix(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="08ac0207e00008e2"], 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x2, 0x2, 0x0) bind(r0, &(0x7f0000000000)=@un=@abs={0x0, 0xd}, 0x10) r1 = socket(0x18, 0x2, 0x0) dup2(r0, r1) connect$unix(r1, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x10) r2 = socket(0x2, 0x3, 0x0) r3 = dup2(r0, r1) dup2(r3, r2) connect$unix(r2, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x10) write(r2, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r5, r4) getsockopt$SO_PEERCRED(r4, 0xffff, 0x1022, &(0x7f00000000c0)={0x0}, 0xc) ktrace(&(0x7f0000000040)='./file0\x00', 0x1, 0x40000100, r6) r7 = getpgid(r6) ktrace(&(0x7f0000000040)='./file0\x00', 0x0, 0x4, r7) 15:31:43 executing program 1: mknod(&(0x7f00000000c0)='./bus\x00', 0x2000, 0x100000800004502) open(&(0x7f0000000040)='./bus\x00', 0x8, 0x18) r0 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) openat$diskmap(0xffffffffffffff9c, &(0x7f0000000000)='/dev/diskmap\x00', 0x80, 0x0) ioctl$WSMUXIO_INJECTEVENT(r0, 0x80185760, &(0x7f0000000380)) 15:31:44 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = socket(0x18, 0x4003, 0x0) connect$unix(r1, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) dup2(r1, r0) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f0000000140)={'tap', 0x0}) ioctl$BIOCSETF(r2, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f00000000c0)=[{0x64}, {0x4}, {0x6}]}) syz_emit_ethernet(0xe, &(0x7f00000001c0)="174af205b6068bbc6be6634ecdd0") setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x43cbc, 0x4) r3 = dup(r0) pwrite(0xffffffffffffffff, &(0x7f0000000040)=')', 0x1, 0x0, 0x0) sendto$inet6(r3, &(0x7f0000000040), 0x43000, 0x0, 0x0, 0x0) 15:31:44 executing program 0: r0 = socket(0x2, 0x2, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="6200ef00008e0000"], 0x1) setsockopt$sock_int(r0, 0xffff, 0x200, &(0x7f0000000080)=0x7, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) bind(r0, &(0x7f0000000040)=@in={0x2, 0x1}, 0xc) r1 = socket(0x11, 0x4003, 0x0) sendto$unix(r1, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) r2 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000340)='/dev/wskbd0\x00', 0x800, 0x0) r3 = socket(0x11, 0x4003, 0x0) sendto$unix(r3, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) r4 = socket(0x11, 0x4003, 0x0) sendto$unix(r4, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) r5 = socket(0x11, 0x4003, 0x0) sendto$unix(r5, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) r6 = socket(0x11, 0x4003, 0x0) sendto$unix(r6, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) r7 = socket(0x11, 0x4003, 0x0) sendto$unix(r7, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r9, r8) r10 = socket(0x11, 0x4003, 0x0) sendto$unix(r10, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) r11 = socket(0x11, 0x4003, 0x0) sendto$unix(r11, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000540)={0x0}, 0x1) ktrace(&(0x7f0000000040)='./file0\x00', 0x1, 0x40000100, r12) r13 = open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0) r14 = kqueue() kevent(r14, &(0x7f0000000300)=[{{r13}, 0xfffffffffffffffe, 0xb}], 0x66, 0x0, 0x0, 0x0) r15 = getuid() r16 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) r17 = msgget$private(0x0, 0xfffffffffffffffd) msgrcv(r17, &(0x7f0000000400)=ANY=[@ANYBLOB="0000000000000000000000000000ffff0000000000000000000000000000000000007c63b900000000060000008bbab6e2a454"], 0x2b, 0x0, 0x1000) r18 = geteuid() getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0xcb5af0725a4de8e) r20 = geteuid() getsockopt$sock_cred(r16, 0xffff, 0x1022, &(0x7f00000007c0)={0x0, 0x0, 0x0}, &(0x7f0000000800)=0xc) r22 = getpgid(0xffffffffffffffff) r23 = getpgid(0x0) msgctl$IPC_SET(r17, 0x1, &(0x7f0000000840)={{0x6, r18, r19, r20, r21, 0x4, 0xfffffffffffffffc}, 0x3, 0x7, r22, r23, 0x80000001, 0xfff, 0x3, 0x100000000}) getgroups(0x7, &(0x7f0000000040)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, r19, 0x0]) fchownat(r13, &(0x7f0000000000)='./file0\x00', r15, r24, 0x0) r25 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) r26 = msgget$private(0x0, 0xfffffffffffffffd) msgrcv(r26, &(0x7f0000000400)=ANY=[@ANYBLOB="0000000000000000000000000000ffff0000000000000000000000000000000000007c63b900000000060000008bbab6e2a454"], 0x2b, 0x0, 0x1000) r27 = geteuid() getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0xcb5af0725a4de8e) r29 = geteuid() getsockopt$sock_cred(r25, 0xffff, 0x1022, &(0x7f00000007c0)={0x0, 0x0, 0x0}, &(0x7f0000000800)=0xc) r31 = getpgid(0xffffffffffffffff) r32 = getpgid(0x0) msgctl$IPC_SET(r26, 0x1, &(0x7f0000000840)={{0x6, r27, r28, r29, r30, 0x4, 0xfffffffffffffffc}, 0x3, 0x7, r31, r32, 0x80000001, 0xfff, 0x3, 0x100000000}) getgroups(0x7, &(0x7f0000000040)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, r28, 0x0]) r33 = socket(0x11, 0x4003, 0x0) sendto$unix(r33, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) getsockopt$SO_PEERCRED(r33, 0xffff, 0x1022, &(0x7f0000000380)={0x0}, 0xc) r35 = geteuid() getsockopt$SO_PEERCRED(r0, 0xffff, 0x1022, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0xc) sendmsg$unix(r1, &(0x7f0000000480)={&(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0xa, &(0x7f0000000300)=[{&(0x7f0000000200)="838b7c14466168a7d92b5d9c062265f8b6ec1086c93937eb4391f61bc9396b451ccec6d08236", 0x26}, {&(0x7f0000000240)="b33c2adce5a34b00119e3397ebfce85f99653d0ba9eb36b2600338e14302b1bebef1574917bf75b32c548739f2c78236d7f404b0c0087cf4f8639069d4bf0c4deb4d4efa5dc48f8bd8661d2402f25f84d7cd9d0e00a17ab8e321575791cdf2f4602ae7ab7fdb31c2f9827da620a7da4a16e3a990084f00050d95f31b5cd70ada21a4cc70c489cb6c969c203416c3dfb940bbb61579e0df57ac2c9eedeb90964e6f1601", 0xa3}], 0x2, &(0x7f0000000400)=[@rights={0x30, 0xffff, 0x1, [r2, r3, r4, r5, 0xffffffffffffffff, r6, r7, r0]}, @cred={0x20, 0xffff, 0x0, r12, r15, r28}, @cred={0x20, 0xffff, 0x0, r34, r35, r36}], 0x70}, 0x6) r37 = socket(0x2, 0x8002, 0x0) r38 = socket(0x11, 0x4003, 0x0) sendto$unix(r38, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) recvfrom(r38, &(0x7f00000000c0)=""/159, 0x9f, 0x0, &(0x7f0000000180)=@un=@file={0x0, './file0\x00'}, 0xa) connect$unix(r37, &(0x7f0000000000)=ANY=[@ANYBLOB="62020207e00000012000"], 0x10) write(r37, 0x0, 0x0) 15:31:44 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000300)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20}, {0x16}]}) syz_emit_ethernet(0xe, &(0x7f0000000180)="080934b7d000000015b668f635e9") 15:31:44 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSRTIMEOUT(r0, 0x8010426d, &(0x7f0000000040)={0x10001, 0x1000}) dup(r0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000100)={'tap', 0x0}) ioctl$BIOCSDLT(0xffffffffffffffff, 0x8004427a, &(0x7f0000000140)=0x2) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x50}, {0x64}, {0x8fe}]}) syz_emit_ethernet(0x1cb, &(0x7f0000000340)="b6") 15:31:44 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) r0 = socket(0x11, 0x4003, 0x0) sendto$unix(r0, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) bind(r0, &(0x7f0000000240)=@un=@file={0xd80f49edce43012d, './file0\x00'}, 0xa) recvfrom(r0, &(0x7f0000000040)=""/92, 0x5c, 0x800, &(0x7f00000001c0)=@un=@abs={0x1, 0x0, 0x1}, 0x8) chmod(&(0x7f0000000180)='./file0\x00', 0x23f) r1 = socket(0x11, 0x4003, 0x0) sendto$unix(r1, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) r2 = socket(0x11, 0x4003, 0x0) sendto$unix(r2, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) sendmsg$unix(r2, &(0x7f00000000c0)={&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0xa, 0x0, 0x0, 0x0, 0x0, 0xc}, 0xd) 15:31:44 executing program 0: mprotect(&(0x7f000000e000/0x4000)=nil, 0x4000, 0x2) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chmod(&(0x7f0000000180)='./file0\x00', 0x23f) getgroups(0x7, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff]) lchown(&(0x7f0000000000)='./file0\x00', 0x0, r0) r1 = socket(0x11, 0x4003, 0x0) sendto$unix(r1, &(0x7f00000000c0)="b1000513600000000000100000100000000004fecea11ea8fef96ecfc73f53357ae26caa0416fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2ca3ebbc257699a1f132e27acb5d602000d7d026ba8af63ff37281c2abff62c0a11c5db2b04fbb715d2f5a872c881ff7cc53c894303b22f310b404f366339b334b822467357aea8c500000002000000000000020208a371a3f80004000000000000000100000000000000001ca3fbf1565bcb378e21a837d44062cf24138a23484166bf12cb45ea7e6f7753fe4bdba56f4fd881", 0xb1, 0x2, 0x0, 0x1000000bc) r2 = fcntl$dupfd(r1, 0xa, 0xffffffffffffff9c) unlinkat(r2, &(0x7f0000000280)='./file2\x00', 0x8) setgroups(0x0, 0x0) setuid(0xee01) chdir(&(0x7f00000001c0)='./file0\x00') r3 = open(&(0x7f0000000040)='./file0\x00', 0x70e, 0x0) pwritev(r3, &(0x7f0000000080)=[{&(0x7f00000004c0)="90c3fe67eb586898600425f2f573e0d1ac83c18d65c8e22066c0d389fe894a974c8d45aaf9d2e7ae9fed58938ea6ac68a0b0632688ca0fab3647175abf22fea120c9b3bb77ca60c128295bf234505356095dbf9e50a4a5079723b57fed8ef0a251b91e67e1f5d347d5b668a390a25beea3962e7c10b8d9f53f5c82b5eacc26757d14f2fa6be9a2cbb2cfacc5e906dfd1e3208364bbc454327b6a1522c332ea628b8cb672e9e7247818f970e017c7cb9303e6b505059f34d3fb9df3993b7535fa269859e24b2802782224d7d5c13c21d4eee4f8621037c3d78695ad9a278978b26c46049befba997acb9ac407791cdf6046f9f71e36d09827a4493c17a0921dc38af76420c885862413c6ed4f7fe335a5547ee2d7c65d735b189214606da83f9be40faef7438cbfe1ed0439c46106672cda99d1c3471259d08198e13683ef6b08d5c54bfb991dcca6919362e1a0b65844e9194c2d7fd257281fbcae0694eb4c1e7121b6a2c19d7c82", 0x168}], 0x1, 0x0, 0x0) ioctl$TIOCMSET(0xffffffffffffff9c, 0x8004746d, &(0x7f0000000240)=0x2) mmap(&(0x7f0000000000/0x13000)=nil, 0x13000, 0x5, 0x10, r3, 0x0, 0x0) mkdir(&(0x7f00000000c0)='./file0/file0\x00', 0x0) mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x0) symlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file1\x00') 15:31:44 executing program 1: r0 = open$dir(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = semget(0x0, 0x2, 0x14) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = semget$private(0x0, 0x7, 0x286) semop(r4, &(0x7f0000000000)=[{0x6, 0x4}, {0x0, 0x1, 0x1800}, {0x2, 0xf, 0x800}, {0x0, 0xdc, 0x1800}], 0x4) semop(r4, &(0x7f0000000100)=[{0x1, 0x3, 0x1800}, {0x0, 0x800, 0x800}, {0x3, 0x6, 0x1000}, {0x1, 0x0, 0x1000}, {0x4, 0x80, 0x800}, {0x1, 0x9, 0x1800}], 0x6) semctl$SETVAL(r4, 0x1, 0x8, &(0x7f0000000140)=0xfffffffd) semop(r4, &(0x7f0000000140)=[{0x0, 0x3, 0x1800}, {0x4, 0x4, 0x1000}, {0x3, 0x4, 0x800}, {0x3, 0x1f, 0x800}, {0x7, 0x3, 0x800}], 0x5) r5 = dup2(r3, r2) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f00000000c0)={0x0}, 0xc) ktrace(&(0x7f0000000040)='./file0\x00', 0x1, 0x40000100, r6) ioctl$BIOCSBLEN(r5, 0xc0044266, &(0x7f00000001c0)) semop(r1, &(0x7f0000000280)=[{0x2, 0x3, 0x800}, {0x1, 0x6, 0x800}, {0x0, 0x9, 0x1000}, {0x1, 0x5, 0x1000}, {0x0, 0x100, 0x800}, {0x2, 0xf001, 0x800}], 0x6) kqueue() r7 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETWF(r7, 0x80104277, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x48}, {0x54}, {0x6, 0x0, 0x0, 0x108}]}) ioctl$BIOCSETIF(r7, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) pwrite(r7, &(0x7f0000000040)="fbaf8a8d1a029be96914f6357e3a", 0xe, 0x0, 0x0) r8 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x20000, 0x0) ioctl$BIOCSETWF(r8, 0x80104277, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x48}, {0x54, 0x0, 0x0, 0x3}, {0x6, 0x0, 0x0, 0x108}]}) ioctl$BIOCSETIF(r8, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) pwrite(r8, &(0x7f0000000040)="fbaf8a8d1a029be96914f6357e3a", 0xe, 0x0, 0x0) r9 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETWF(r9, 0x80104277, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x48}, {0x54}, {0x6, 0x0, 0x0, 0x108}]}) pwrite(r9, &(0x7f0000000040)="fbaf8a8d1a029be96914f6357e3a", 0xe, 0x0, 0x0) r10 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETWF(r10, 0x80104277, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x48}, {0x54}, {0x6, 0x0, 0x0, 0x108}]}) ioctl$BIOCSETIF(r10, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) pwrite(r10, &(0x7f0000000040)="fbaf8a8d1a029be96914f6357e3a", 0xe, 0x0, 0x0) dup(r2) open(&(0x7f0000000100)='./file0\x00', 0x8, 0x20) r11 = kqueue() r12 = openat$wsmuxkbd(0xffffffffffffff9c, &(0x7f0000000240)='/dev/wskbd\x00', 0x80, 0x0) kevent(r11, &(0x7f0000000180)=[{{r12}, 0xfffffffffffffffe, 0x1af, 0x0, 0x3, 0x2000000000}], 0x3, 0x0, 0x0, 0x0) mkdirat(r0, &(0x7f0000000080)='./file0\x00', 0x0) 15:31:46 executing program 0: connect$unix(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="62020207e0000001"], 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = kqueue() r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff) close(r1) r2 = socket(0x10, 0x2, 0x55) setsockopt(r2, 0x5, 0x2, &(0x7f00000001c0)="cb6ee58cb200b12324eb8b0424ab2a5fa89923272bbf8b4fd787959db9ec45c9c521c663b36d166b7ee91a39eb4617f2022c69707634547dbb99cb9be33fd03708cf5650714252276c761c7ae078fbf908ea895211496452a3d28fe54950a354b859e9e0674c3a6606b08e00e3b7a27dcfae70450faac4eddb1ea9f573545ae54d44576985dbf4fd33975f363e9caa1795fb8bbab964806a1864001cdbb24cebc7ce1ab88fc99ca789dd13dcb7d06204b65c65a4a8768db13824a0fae7cc034319a839213bab52438a65d7d0bdcab01200"/222, 0xde) r3 = socket(0x2, 0x2, 0x0) bind(r3, &(0x7f0000000000)=@un=@abs={0x0, 0xd}, 0x10) openat$klog(0xffffffffffffff9c, &(0x7f0000000100)='/dev/klog\x00', 0x1, 0x0) r4 = socket(0x2, 0x2, 0x0) r5 = dup2(r3, r4) connect$unix(r4, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x10) sendto$unix(r5, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$sock_int(r1, 0xffff, 0x1023, &(0x7f0000000080), 0x4) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$VT_ACTIVATE(r6, 0x20007605, &(0x7f00000000c0)) pckbd_enable: command error 15:31:46 executing program 1: r0 = socket(0x11, 0x3, 0x80) socket(0x11, 0x4003, 0x0) ioctl$FIOGETOWN(r0, 0x4004667b, &(0x7f0000000040)) sendto$unix(r0, &(0x7f0000000240)="b100050400000000000008000101000000800000cea1fea7fef96ecfc73fd3357ae26caa04f391d6be6336acf00b7804be781e4991f7cadf9a912b297be1aa5b23ed00f4b7b2ca3ebbc257699a1f132e23acbdd602000d7d026ba8af63ff37282902e4fdedb96f27872babfbb770c1f5a872c881ff7cc53c8943310b404f36a00f90a2921a006ee01bc43eaea8c500001502000000000000020208a371a3f8000400000000000000010000000000000000000200ba35a7a6b24b7305ec0f2492189ed4b7cd0272255c9cdc48f652d7d2bfdfcc912e59e9fd5e6aaff16b0aea32e23f478bf6cec659899610a3e1be145ef99ea431aaf42ad0555aa4578a2f9d341c82914a7f536c3db7b43020c6280e6fc5a0d0e683551dac6e821f2dac1b8a1daf0b6259b93ebc91fb321e026aa994d3654a0ff679d51a60bdd8273ea7e97548df271b2fc4bebd52d88e0b4ec291d9ab6f3146e78263cbba1e8c1777e292454619ac5a63101e5eccc8d633fad4580a066bbbd2e55b", 0xb1, 0x818, 0x0, 0x100a2) ioctl$WSDISPLAYIO_GETSCREENTYPE(0xffffffffffffff9c, 0xc028575d, &(0x7f0000000000)={0xfffffbff, 0x0, './file0\x00', 0x232, 0x4, 0x3, 0x9}) kernel: double fault trap, code=0 Stopped at __sanitizer_cov_trace_const_cmp8+0x11: pushq %r11 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace __sanitizer_cov_trace_const_cmp8(40,e0) at __sanitizer_cov_trace_const_cmp8+0x11 poison_check(fffffd806f77b520,e0,ffff800023b9a098,ffff800023b9a0a8) at poison_check+0x46 pool_cache_get(ffffffff82673638) at pool_cache_get+0x255 pool_get(ffffffff82673638,2) at pool_get+0x91 m_get(2,3) at m_get+0x4c sbappendaddr(fffffd806f6fb320,fffffd806f6fb3a8,ffff800023b9a398,fffffd80655fee00,0) at sbappendaddr+0x223 udp_sbappend(fffffd806f6fa578,fffffd80655fee00,fffffd80655feeb0,0,14,fffffd80655feec4) at udp_sbappend+0x314 udp_input(ffff800023b9a618,ffff800023b9a624,11,2) at udp_input+0x1320 ip_deliver(ffff800023b9a618,ffff800023b9a624,11,2) at ip_deliver+0x353 ip_ours(ffff800023b9a618,ffff800023b9a624,10f0,0) at ip_ours+0x412 ip_input_if(ffff800023b9a618,ffff800023b9a624,4,0,ffff800000679800) at ip_input_if+0x6ce ipv4_input(ffff800000679800,fffffd80655fee00) at ipv4_input+0x48 if_input_local(ffff800000679800,fffffd80655fee00,2) at if_input_local+0xf9 ip_output(fffffd806cb6f600,0,fffffd806f6fa5e8,0,0,fffffd806f6fa578) at ip_output+0xae5 udp_output(fffffd806f6fa578,fffffd806cb6f600,0,0) at udp_output+0x5af somove(fffffd806f6fb320,2) at somove+0xf2f sorwakeup(fffffd806f6fb320) at sorwakeup+0x79 udp_sbappend(fffffd806f6fa578,fffffd80669dca00,fffffd80669dcab0,0,14,fffffd80669dcac4) at udp_sbappend+0x336 udp_input(ffff800023b9ad08,ffff800023b9ad14,11,2) at udp_input+0x1320 ip_deliver(ffff800023b9ad08,ffff800023b9ad14,11,2) at ip_deliver+0x353 ip_ours(ffff800023b9ad08,ffff800023b9ad14,ed3,0) at ip_ours+0x412 ip_input_if(ffff800023b9ad08,ffff800023b9ad14,4,0,ffff800000679800) at ip_input_if+0x6ce ipv4_input(ffff800000679800,fffffd80669dca00) at ipv4_input+0x48 if_input_local(ffff800000679800,fffffd80669dca00,2) at if_input_local+0xf9 ip_output(fffffd8079828500,0,fffffd806f6fa5e8,0,0,fffffd806f6fa578) at ip_output+0xae5 udp_output(fffffd806f6fa578,fffffd8079828500,0,0) at udp_output+0x5af somove(fffffd806f6fb320,2) at somove+0xf2f sorwakeup(fffffd806f6fb320) at sorwakeup+0x79 udp_sbappend(fffffd806f6fa578,fffffd806cb6f600,fffffd806cb6f6b0,0,14,fffffd806cb6f6c4) at udp_sbappend+0x336 udp_input(ffff800023b9b3f8,ffff800023b9b404,11,2) at udp_input+0x1320 ip_deliver(ffff800023b9b3f8,ffff800023b9b404,11,2) at ip_deliver+0x353 ip_ours(ffff800023b9b3f8,ffff800023b9b404,cb6,0) at ip_ours+0x412 ip_input_if(ffff800023b9b3f8,ffff800023b9b404,4,0,ffff800000679800) at ip_input_if+0x6ce ipv4_input(ffff800000679800,fffffd806cb6f600) at ipv4_input+0x48 if_input_local(ffff800000679800,fffffd806cb6f600,2) at if_input_local+0xf9 ip_output(fffffd8079828300,0,fffffd806f6fa5e8,0,0,fffffd806f6fa578) at ip_output+0xae5 udp_output(fffffd806f6fa578,fffffd8079828300,0,0) at udp_output+0x5af somove(fffffd806f6fb320,2) at somove+0xf2f sorwakeup(fffffd806f6fb320) at sorwakeup+0x79 udp_sbappend(fffffd806f6fa578,fffffd8079828500,fffffd80798285b0,0,14,fffffd80798285c4) at udp_sbappend+0x336 udp_input(ffff800023b9bae8,ffff800023b9baf4,11,2) at udp_input+0x1320 ip_deliver(ffff800023b9bae8,ffff800023b9baf4,11,2) at ip_deliver+0x353 ip_ours(ffff800023b9bae8,ffff800023b9baf4,a99,0) at ip_ours+0x412 ip_input_if(ffff800023b9bae8,ffff800023b9baf4,4,0,ffff800000679800) at ip_input_if+0x6ce ipv4_input(ffff800000679800,fffffd8079828500) at ipv4_input+0x48 if_input_local(ffff800000679800,fffffd8079828500,2) at if_input_local+0xf9 ip_output(fffffd80669dd300,0,fffffd806f6fa5e8,0,0,fffffd806f6fa578) at ip_output+0xae5 udp_output(fffffd806f6fa578,fffffd80669dd300,0,0) at udp_output+0x5af somove(fffffd806f6fb320,2) at somove+0xf2f sorwakeup(fffffd806f6fb320) at sorwakeup+0x79 udp_sbappend(fffffd806f6fa578,fffffd8079828300,fffffd80798283b0,0,14,fffffd80798283c4) at udp_sbappend+0x336 udp_input(ffff800023b9c1d8,ffff800023b9c1e4,11,2) at udp_input+0x1320 ip_deliver(ffff800023b9c1d8,ffff800023b9c1e4,11,2) at ip_deliver+0x353 ip_ours(ffff800023b9c1d8,ffff800023b9c1e4,87c,0) at ip_ours+0x412 ip_input_if(ffff800023b9c1d8,ffff800023b9c1e4,4,0,ffff800000679800) at ip_input_if+0x6ce ipv4_input(ffff800000679800,fffffd8079828300) at ipv4_input+0x48 if_input_local(ffff800000679800,fffffd8079828300,2) at if_input_local+0xf9 ip_output(fffffd80669dc200,0,fffffd806f6fa5e8,0,0,fffffd806f6fa578) at ip_output+0xae5 udp_output(fffffd806f6fa578,fffffd80669dc200,0,0) at udp_output+0x5af somove(fffffd806f6fb320,2) at somove+0xf2f sorwakeup(fffffd806f6fb320) at sorwakeup+0x79 udp_sbappend(fffffd806f6fa578,fffffd80669dd300,fffffd80669dd3b0,0,14,fffffd80669dd3c4) at udp_sbappend+0x336 udp_input(ffff800023b9c8c8,ffff800023b9c8d4,11,2) at udp_input+0x1320 ip_deliver(ffff800023b9c8c8,ffff800023b9c8d4,11,2) at ip_deliver+0x353 ip_ours(ffff800023b9c8c8,ffff800023b9c8d4,65f,0) at ip_ours+0x412 ip_input_if(ffff800023b9c8c8,ffff800023b9c8d4,4,0,ffff800000679800) at ip_input_if+0x6ce ipv4_input(ffff800000679800,fffffd80669dd300) at ipv4_input+0x48 if_input_local(ffff800000679800,fffffd80669dd300,2) at if_input_local+0xf9 ip_output(fffffd806abbfd00,0,fffffd806f6fa5e8,0,0,fffffd806f6fa578) at ip_output+0xae5 udp_output(fffffd806f6fa578,fffffd806abbfd00,0,0) at udp_output+0x5af somove(fffffd806f6fb320,2) at somove+0xf2f sorwakeup(fffffd806f6fb320) at sorwakeup+0x79 udp_sbappend(fffffd806f6fa578,fffffd80669dc200,fffffd80669dc2b0,0,14,fffffd80669dc2c4) at udp_sbappend+0x336 udp_input(ffff800023b9cfb8,ffff800023b9cfc4,11,2) at udp_input+0x1320 ip_deliver(ffff800023b9cfb8,ffff800023b9cfc4,11,2) at ip_deliver+0x353 ip_ours(ffff800023b9cfb8,ffff800023b9cfc4,442,0) at ip_ours+0x412 ip_input_if(ffff800023b9cfb8,ffff800023b9cfc4,4,0,ffff800000679800) at ip_input_if+0x6ce ipv4_input(ffff800000679800,fffffd80669dc200) at ipv4_input+0x48 if_input_local(ffff800000679800,fffffd80669dc200,2) at if_input_local+0xf9 ip_output(fffffd806abbfc00,0,fffffd806f6fa5e8,0,0,fffffd806f6fa578) at ip_output+0xae5 udp_output(fffffd806f6fa578,fffffd806abbfc00,0,0) at udp_output+0x5af somove(fffffd806f6fb320,2) at somove+0xf2f sorwakeup(fffffd806f6fb320) at sorwakeup+0x79 udp_sbappend(fffffd806f6fa578,fffffd806abbfd00,fffffd806abbfdb0,0,14,fffffd806abbfdc4) at udp_sbappend+0x336 udp_input(ffff800023b9d6a8,ffff800023b9d6b4,11,2) at udp_input+0x1320 ip_deliver(ffff800023b9d6a8,ffff800023b9d6b4,11,2) at ip_deliver+0x353 ip_ours(ffff800023b9d6a8,ffff800023b9d6b4,225,0) at ip_ours+0x412 ip_input_if(ffff800023b9d6a8,ffff800023b9d6b4,4,0,ffff800000679800) at ip_input_if+0x6ce ipv4_input(ffff800000679800,fffffd806abbfd00) at ipv4_input+0x48 if_input_local(ffff800000679800,fffffd806abbfd00,2) at if_input_local+0xf9 ip_output(fffffd80669dd500,0,fffffd806f6fa5e8,0,0,fffffd806f6fa578) at ip_output+0xae5 udp_output(fffffd806f6fa578,fffffd80669dd500,0,0) at udp_output+0x5af sosend(fffffd806f6fb320,0,ffff800023b9da20,0,0,0) at sosend+0x671 sendit(ffff800020ac6eb8,4,ffff800023b9db00,0,ffff800023b9dbe0) at sendit+0x52b sys_sendto(ffff800020ac6eb8,ffff800023b9db98,ffff800023b9dbe0) at sys_sendto+0x80 syscall(ffff800023b9dc60) at syscall+0x4a4 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf39c9df7f40, count: -97 ddb{0}> show registers rdi 0x40 rsi 0xe0 rbp 0xffff800023b9a010 rbx 0xe0 rdx 0x115b __ALIGN_SIZE+0x15b rcx 0xffff800020d6c000 rax 0xffff800020d6c000 r8 0xffffffff812d70c8 sbappendaddr+0xf8 r9 0x5 r10 0x18 r11 0xda51b7c31c76ac4f r12 0xfffffd806f77b520 r13 0x40 r14 0xffff800023b9a0a8 r15 0xffff800023b9a098 rip 0xffffffff81b7b071 __sanitizer_cov_trace_const_cmp8+0x11 cs 0x8 rflags 0x10282 __ALIGN_SIZE+0xf282 rsp 0xffff800023b9a000 ss 0x10 __sanitizer_cov_trace_const_cmp8+0x11: pushq %r11 ddb{0}> show proc PROC (syz-executor.0) pid=296706 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=78, nice=20 forw=0xffffffffffffffff, list=0xffff800020ac64f8,0xffff800020ac6298 process=0xffff800020a93a60 user=0xffff800023b98000, vmspace=0xfffffd807efff5c0 estcpu=28, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 20375 510219 0 0 3 0x14200 bored sosplice 97869 107994 66264 0 7 0 syz-executor.0 97869 25478 66264 0 2 0x4000000 syz-executor.0 *97869 296706 66264 0 7 0x4000000 syz-executor.0 97869 455922 66264 0 3 0x4000000 netlock syz-executor.0 41369 192325 81571 0 3 0x82 nanosleep syz-executor.1 66264 58589 81571 0 3 0x82 nanosleep syz-executor.0 81571 255663 32921 0 3 0x82 thrsleep syz-fuzzer 81571 201634 32921 0 3 0x4000082 thrsleep syz-fuzzer 81571 351584 32921 0 3 0x4000082 thrsleep syz-fuzzer 81571 319062 32921 0 3 0x4000082 thrsleep syz-fuzzer 81571 353222 32921 0 3 0x4000082 thrsleep syz-fuzzer 81571 282391 32921 0 3 0x4000082 kqread syz-fuzzer 81571 517043 32921 0 3 0x4000082 thrsleep syz-fuzzer 81571 323700 32921 0 3 0x4000082 thrsleep syz-fuzzer 81571 250870 32921 0 3 0x4000082 thrsleep syz-fuzzer 81571 493096 32921 0 3 0x4000082 thrsleep syz-fuzzer 32921 357987 63177 0 3 0x10008a pause ksh 63177 102676 62823 0 3 0x92 select sshd 51553 137505 1 0 3 0x100083 ttyin getty 62823 464716 1 0 3 0x80 select sshd 98703 112608 29207 74 3 0x100092 bpf pflogd 29207 128710 1 0 3 0x80 netio pflogd 13725 162075 39014 73 3 0x100090 kqread syslogd 39014 207102 1 0 3 0x100082 netio syslogd 21542 479481 1 77 3 0x100090 poll dhclient 43502 352512 1 0 3 0x80 poll dhclient 18949 284327 0 0 3 0x14200 bored smr 45570 502173 0 0 2 0x14200 zerothread 18916 311642 0 0 3 0x14200 aiodoned aiodoned 97159 418970 0 0 3 0x14200 syncer update 22050 82572 0 0 3 0x14200 cleaner cleaner 1431 69376 0 0 3 0x14200 reaper reaper 74996 406686 0 0 3 0x14200 pgdaemon pagedaemon 6146 393576 0 0 3 0x14200 bored crynlk 80345 40846 0 0 3 0x14200 bored crypto 57826 215115 0 0 3 0x40014200 acpi0 acpi0 48160 501247 0 0 3 0x40014200 idle1 46909 155418 0 0 3 0x14200 bored softnet 13361 190554 0 0 3 0x14200 bored systqmp 87897 113898 0 0 3 0x14200 bored systq 47049 283310 0 0 3 0x40014200 bored softclock 83194 96904 0 0 3 0x40014200 idle0 1 98695 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 97869 (syz-executor.0) thread 0xffff800020ac6eb8 (296706) exclusive rwlock netlock r = 0 (0xffffffff824a5b48) #0 witness_lock+0x52e #1 solock+0x5a #2 sosend+0x559 #3 sendit+0x52b #4 sys_sendto+0x80 #5 syscall+0x4a4 #6 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9498 6658K 6666K 78643K 10620 0 pcb 13 8K 8K 78643K 19 0 rtable 105 3K 3K 78643K 209 0 ifaddr 44 10K 10K 78643K 45 0 counters 43 33K 33K 78643K 43 0 ioctlops 0 0K 4K 78643K 1469 0 mount 1 1K 1K 78643K 1 0 vnodes 1222 77K 77K 78643K 1235 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 4 0K 0K 78643K 4 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 196K 290K 78643K 12766 0 file desc 5 13K 25K 78643K 47 0 proc 60 63K 95K 78643K 439 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 33 2K 2K 78643K 33 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 19 95K 95K 78643K 19 0 exec 0 0K 1K 78643K 207 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 110 22K 23K 78643K 1074 0 UVM aobj 2 2K 2K 78643K 2 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 6 0K 0K 78643K 10 0 temp 72 3017K 3081K 78643K 2101 0 kqueue 3 4K 6K 78643K 4 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 51 0 49 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 45 0 35 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 87 0 87 1 0 1 1 0 8 1 tcpcb 544 10 0 6 1 0 1 1 0 8 0 inpcb 280 55 0 45 1 0 1 1 0 8 0 nd6 48 6 0 0 1 0 1 1 0 8 0 pfosfp 40 846 0 423 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 12 0 0 1 0 1 1 0 8 0 pfstkey 112 12 0 0 1 0 1 1 0 8 0 pfstate 328 12 0 0 1 0 1 1 0 8 0 pfrule 1360 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 189 0 0 12 0 12 12 0 8 0 art_table 32 190 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 112 2 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1446 0 39 46 0 46 46 0 8 0 ffsino 272 1446 0 39 95 0 95 95 0 8 1 nchpl 144 1695 0 79 61 0 61 61 0 8 0 uvmvnodes 72 1502 0 0 28 0 28 28 0 8 0 vnodes 208 1502 0 0 80 0 80 80 0 8 0 namei 1024 4352 0 4352 1 0 1 1 0 8 1 percpumem 16 32 0 0 1 0 1 1 0 8 0 scxspl 192 4963 0 4963 2 1 1 2 0 8 1 plimitpl 152 15 0 7 1 0 1 1 0 8 0 sigapl 424 263 0 231 4 0 4 4 0 8 0 futexpl 56 388 0 388 1 0 1 1 0 8 1 knotepl 112 54 0 35 1 0 1 1 0 8 0 kqueuepl 144 12 0 8 1 0 1 1 0 8 0 pipelkpl 48 77 0 67 1 0 1 1 0 8 0 pipepl 120 154 0 135 1 0 1 1 0 8 0 fdescpl 496 247 0 231 3 0 3 3 0 8 0 filepl 152 1272 0 1167 5 0 5 5 0 8 0 lockfpl 104 5 0 4 1 0 1 1 0 8 0 lockfspl 48 3 0 2 1 0 1 1 0 8 0 sessionpl 112 18 0 7 1 0 1 1 0 8 0 pgrppl 48 18 0 7 1 0 1 1 0 8 0 ucredpl 96 47 0 38 1 0 1 1 0 8 0 zombiepl 144 231 0 230 1 0 1 1 0 8 0 processpl 960 263 0 230 5 0 5 5 0 8 0 procpl 624 316 0 271 4 0 4 4 0 8 0 sosppl 128 1 0 0 1 0 1 1 0 8 0 sockpl 400 151 0 129 5 0 5 5 0 8 2 mcl64k 65536 8 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl4k 4096 3 0 0 1 0 1 1 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 150 0 0 18 0 18 18 0 8 0 mtagpl 80 4 0 0 1 0 1 1 0 8 0 mbufpl 256 252 0 0 16 0 16 16 0 8 0 bufpl 280 4080 0 174 279 0 279 279 0 8 0 anonpl 16 39313 0 23623 65 1 64 64 0 124 0 amapchunkpl 152 1251 0 1114 8 0 8 8 0 158 0 amappl16 192 1031 0 179 43 0 43 43 0 8 0 amappl15 184 21 0 19 2 1 1 1 0 8 0 amappl14 176 9 0 6 2 1 1 1 0 8 0 amappl13 168 27 0 25 1 0 1 1 0 8 0 amappl12 160 9 0 8 1 0 1 1 0 8 0 amappl11 152 71 0 53 1 0 1 1 0 8 0 amappl10 144 21 0 13 1 0 1 1 0 8 0 amappl9 136 382 0 379 1 0 1 1 0 8 0 amappl8 128 324 0 297 2 0 2 2 0 8 0 amappl7 120 126 0 114 1 0 1 1 0 8 0 amappl6 112 26 0 22 1 0 1 1 0 8 0 amappl5 104 166 0 149 1 0 1 1 0 8 0 amappl4 96 505 0 472 2 1 1 2 0 8 0 amappl3 88 107 0 100 1 0 1 1 0 8 0 amappl2 80 1060 0 989 3 1 2 3 0 8 0 amappl1 72 15323 0 14871 26 12 14 20 0 8 4 amappl 80 567 0 522 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 1 0 0 1 0 1 1 0 8 0 uaddrrnd 24 247 0 231 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 247 0 231 1 0 1 1 0 8 0 vmmpekpl 168 5924 0 5896 2 0 2 2 0 8 0 vmmpepl 168 37452 0 35441 126 5 121 121 0 357 32 vmsppl 368 246 0 231 2 0 2 2 0 8 0 pdppl 4096 502 0 462 6 0 6 6 0 8 0 pvpl 32 135418 0 116565 157 0 157 157 0 265 1 pmappl 232 246 0 231 2 0 2 2 0 8 1 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 170 0 3 5 0 5 5 0 8 0