kern.securelevel: 0 -> 1
creating runtime link editor directory cache.
preserving editor files.
starting network daemons: sshd.
starting local daemons:.
Wed Jan 23 23:13:33 PST 2019

OpenBSD/amd64 (ci-openbsd-setuid-9.c.syzkaller.internal) (tty00)

Warning: Permanently added '10.128.0.29' (ECDSA) to the list of known hosts.
2019/01/23 23:14:03 fuzzer started
2019/01/23 23:14:08 dialing manager at 10.128.15.235:45991
2019/01/23 23:14:08 syscalls: 1
2019/01/23 23:14:08 code coverage: enabled
2019/01/23 23:14:08 comparison tracing: enabled
2019/01/23 23:14:08 extra coverage: support is not implemented in syzkaller
2019/01/23 23:14:08 setuid sandbox: enabled
2019/01/23 23:14:08 namespace sandbox: support is not implemented in syzkaller
2019/01/23 23:14:08 Android sandbox: support is not implemented in syzkaller
2019/01/23 23:14:08 fault injection: support is not implemented in syzkaller
2019/01/23 23:14:08 leak checking: support is not implemented in syzkaller
2019/01/23 23:14:08 net packet injection: enabled
2019/01/23 23:14:08 net device setup: support is not implemented in syzkaller
23:14:10 executing program 0:
ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "81f310b890653d3d1c337ffda9ecd7662e909178"})
mmap(&(0x7f00003e9000/0x2000)=nil, 0x2000, 0x0, 0x1010, 0xffffffffffffffff, 0x0, 0x0)
r0 = kqueue()
kevent(r0, &(0x7f0000000000), 0x9130fbf, 0x0, 0x4000000, 0x0)
munmap(&(0x7f00001f0000/0x4000)=nil, 0x4000)
mprotect(&(0x7f00001f3000/0x3000)=nil, 0x3000, 0x0)

23:14:10 executing program 1:
r0 = socket$inet6(0x18, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000340)={&(0x7f0000000080)=@in, 0xc, 0x0, 0x0, &(0x7f0000000200)=[{0x10}], 0x359}, 0x0)

23:14:11 executing program 1:
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffb, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x400000002c5, 0x0)
r2 = kqueue()
kevent(r2, &(0x7f00000002c0)=[{{r1}, 0xffffffffffffffff, 0x11}], 0x3ff, 0x0, 0x0, 0x0)
r3 = kqueue()
kevent(r3, &(0x7f0000000040), 0x60, 0x0, 0xfffffffffffffff9, 0x0)
r4 = kqueue()
kevent(r4, &(0x7f0000000000), 0x20, 0x0, 0x10000, 0x0)
kevent(r3, &(0x7f00000000c0)=[{{r0}, 0xffffffffffffffff, 0x15}], 0x2, 0x0, 0x0, 0x0)
close(r2)

23:14:11 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$dupfd(r0, 0x0, r1)
close(r0)
kqueue()
sendmsg$unix(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="30000000ffff00000100000000000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES64=r0], 0x30}, 0x0)

23:14:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0)
ioctl$TIOCCHKVERAUTH(r0, 0x2000741e)

23:14:11 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x84)
write(r0, &(0x7f0000000100)="cc", 0x1)
write(r0, &(0x7f0000000900)="b1698f2e642d65185c8f8b39bbf5c94916fda025f589d655f51dbe3836418f811007c3ba954b51d701d8a40cf658ff842f7e9c0a55c553373c84df6b8e0767214e10a3dc271d38739b666cb8f626a48016aec8696e30da5587d2d3bfdfff3f0278ba560223fb31a839d75bc167a1b94610cf44b56ee6fdb27d495c98ff0754d0683e3276326882e73ced64deab6bae9c3f497cf0e4aaa7d45d75b1ac2ef9a5d985c4b551223a6977a479cf3dd1d35eccad5bd463b5a64f50a9a6e83a9a59915e44e72a37895fef6dd45b6561bdf66a31d25e9c23289db9b086f42a2cb9d2b34b4b744f952e626269069a7dca86829f52a00255d8a7f3183c5c0d718aa62d5b7b50df0bec6fd3a0cbf8f0fd8c04eef01af6bb2de3e8f93fed4ad5c2178a10d27da49f2095a806cd7a0674359d67c6e6c338720313413e6d4f9e57d9ac5ecdac003f6c42b519588d50fb5de1bb14e23770293513568ad9bf0e3983c9ad4ea178afaaa9b524d12c1876a1d9aa4118d33ebdd3a234096b1fe50f369323af8af5e955ec8942e28626a43c926d0b7f5d82fe2d1d05373e21090769187f6c5c057fa2e96aca77e85901d38e91e945f4582733093d5d5793c0d9e3525d044843b025b8cc78559103bd09abbe7b084b094be79fe6cdd38edcafc8a82bc8a2aba7d77d3b7d105d8050ad22e43171895ae7896f1938cb49829a04ae0c663b6f54dbfcac0379e7f40fe6e92985ab11d3630ff706fa2a819740772be9cd2a5ecb705c9089715af459de13dc55b5a286c233890375361ae28c308302e571556a880944cd8304a54cd5d1320f6046adff9b95eac1774dc38014b5eac8b39df48db466a6f97a91e8dab9637884f0f21b9dc5bc84a317ea8fad4acfaaada8820d946011e182a8544ec5965cca54bdf6e7e8dba01907897a18d4899398a7da5de0c071d99a87c4a44d3ec0e15e5b597da2cf84376383aa00b8973233e61833565b6065a825f4982aabc394607b8ef1821c2ab9c5b0e5696cc89bbd0affe9babb2907d7a04a11a0b80724ff49c14432b0e5192d80561285197ac78d4d65fa55f642a7233689e12e489efd819aa5d46d26b0e00bac25af5b79b1d5bb58c58c387a2f51f90efd6889643e11abcecad61b56a185c42c2e52fbba44b9907c06b196063c97b1efec5bb6c1828e31225fe6644f78efe7538fc76cd5a5a8a2ad7825289ca3bb71263c171df29da38b0124be697f96e48b416a95ea9487a4089c4b72c3dd3df160dc479576958f2ecde077b07b228982cafd79a7696b8cc0c9aa9d08c20d953ec287fee6b389b985163fadf0352a593ea22dee7cbe35ce8252176c381b68b72599328604fc5aaa624c57051230aaf7340ba6c1f83256fd4ef89dcc9a7301b8af4d684fa6cebf5951de9f91258df74e961257fdcd0fcdd60d5c3d6bcb4b9cc864868a86d6b46f84453e75a666cde3872bec178fb1153786fc54145a7fb7c083b5284f5c4b6727f20666bf15ce38f6f5379c0359e5076f3112a0887e937f471f43316b04ab8e79cba139e02a2895c877c5f299795c74ef8ccb11cb270ef2ca8be744c3503ccbe6bd9ab78897a2aad3ae771e801d4312477434e4022d0e8b93de6155e8d2f3064489e0821b79a12766640024e9e0bccb90781c5f51e25d22d08c118c0fcafcac0fb86292fbbafe4f700c30d4ac497533770acd3b0107608d29b80ea44926680ea60f87e5ca9b5d2b37067ce21dd59def8b07f531f704ad953e3f5845ec29694d811b94aac2f28a915aea9350676fd920e794e2e576476b836eb8c070acdec1725d0b97efba99c548ed6b4d9ce90d30d66d06b678258ddabc2844edd4120b27dbc0fb1a5dd0a24c01d3ea3c7ad834c6b730c3af1066a8d08a61fecdd8e714f99d0f93315c61ccb14364604cc4877d8ac5094058ee9edb7f1fd76f9afc7b7aa7a413ec0d65b6a09534a2aa96936a72acb67cbb78f27c15cf1dd925a8851ce8a7a751591f03aed948642d18a28e833bceae4afd195d89cd10a763fe15f01145977d4d1ea93ebf3747ad9ac074651cd637d252b85a100b20e29af32b7d5610c46668d11a95ce5fc070df230e44500ede10fd964b1824313c5f3a6928675929b34c337ebad4d6a9a880d01ec10955bf9492d5d942e43e48cbb4972699ac1b4e4d2363d96dab2192667d96ddac5aed5e299cf740df5dae5cf3b42d0013057f22ee0a8a81d0530d7d37be85b45d5093950a3e7dd90ff3b7296b164eba8338a4ca7f03851082a14fa28b36c7d8f81024d5b424c7731df06ec72c184d0cc9e6d64a5d32f9494e7fce9405a863a7035cb28b2d90df2b104121c0355755b758d3e5efb5dad3a8832237084b4dc61211c1abdf01f016d963f9a78241599083704a0d922ec94779eb36fa87b162d81e29f0af696dba860918307566cd291238810537b658a21d8fec6fe3a7aecab6496a4afe7453d6aedc06fe98fc6e4c04be85632c2202e5548677cd349ed264c69f694c5139e67fdcab9a1926b807ca515d304d1820bb40a28d3cd4dff8461a25a3576d5964c4819a6da7a8ad28f3f4a74feb51a413c7374306c7c42849b91feb337cf62355bfdd969177014b122bcdfdc40ca33dbcff57bf996dbab6aab3fc70384dd49f14a49fea1af36718960d0fa47f9869bd03972681d30a0cab088c7506b95965d0e47b349f0000c6a45b6ec1d1a894d76ebdb30851db466d12c40d372b40f4d2ac1ab66d0a97579488e0d9d5afc5e0e9a8c0d99f00aa0bbf5a743385bdf0d034d18b1cf4d387d2dad5d507d13a47b9256c2a1112cd73177ee615fb01ccbccf156fa9620f1ed908dfecf877cba4dbf1f066e61cfb2808fc09ad7244d2791c6013e667f1b12f519fd45601ae79c7c4b5595e96d164ccfb55d9d95d00b46512d1956aef588e925ae84ce000dbe10d5021ae7e1ecb2d53b50375076d99d318b5933b608323c4ce8e1fecf665a9f488149ad620d6a2f35c50664dabf393fbebbecd6262d14fd431017dac02815e4a2209e56922ed37077857c514fa7e14a4ec51da85c8e79f8e676131b9689ebcba7519bed987beee06b670540e44dc1af4762ff9276d78fb30e160cefe967dda5bf1af78999d2b1d3b7e8c38a6361417a1ada8d604be5de5a1131d9a7a87868c809187d7a67f2fbd153e2106a06eda7e6b783ea36bb199baf03ddeb5383f1c6d50b92490b404258435b7a1fc40e838463ddeb59d9dd068d732d58c01a48cefcbd456e9666ea51531382b1b889a5c08648698f1b564c3cb50586de52bcb3fa68712ede617094bc291761e7fcacbf38fca912a789a2023d1f4790959b49b7276b99d919d18c05e6268784a455c538ac8c96f93f260eb0f07557e9ef76a8c06b2bee4591b0ce6821e11f2626dd65da4499c84ee7a773fcde76fd2741f00723ded73bbf3d7a27e988f1fe3952e25590322bea8edf110e12e479c84982d719f216fa918b882d236e46dd0bbca4f1a84a84a794b933f8317ad41ca085571f4503d4324bb2146119308568467741e2a458214fb923aeaeca78bfa645d163ee8aafcdd9c4f130c16122864a10bcc844bc7fd4c549891adf73ccebb928fcc0f358520c10df602be9e465daa08d7dde04c5c19bf7489c5261e38f9c20904bffef55e6f64da9ece5117218fd4dd1ecb856412e13ba754cfbcfb86b3aed1b04f265fb7c46a5a6f6d1c6801063fcd1d810663610eb64832baf2b0ff284f1498c9ea19b35438429134484cbe81e16b2279f4d043ea066623f72bb176d5dbaca34c4bbab75d7f2aaad41028f55d9814c287779507e0d7c08c7187130202bc54ed72b41a1bbeac1646bc88c731b8d13af8d5fe7a1d93b46a94d786e53407344102bc48fc1c0607949c5579a8a505e44943601b86eecf51e7100dfbcbd97ba8e5ebc8a5d793e43fce71acf8c3736679001acd6a4d2c8617d1127f0c34838a2495836b9a82e244d7a7454709469568ecf6111b05b56b9a3762bb9ed9c35da4434b1bf5775ad3e3a54005109dcd9d68b7d84826c69f6439edcf52dd72bcc9ba49c51bfc80bda32f4e8c60795f7000ab37e389524c6647ef0aa839240ab93869de72a2a983aaef51d98b9f1c216056145a883fb3528576bbb8bfda82e9ad0f8ad239d908a5bf10e97218530a0e34fd396751cb231717ad46281155226f304bc752121e1b3b13077e9a7451298a4872656a359e32ce08a5e4881caa391d73d7380d4fd8ef3f8b81cf5299c4b0e46c68521926a47092a5a166a28b8316ccb8758d74b7bd63608dc3dc430ddbe8b07a64699a8b7b1aedffdab6a2e7bb62bddaf2bb02fe99473f096e9b2f2f8a95514219f15bdf5fd3861f2a2cbd233b84ca21f3d733f44c821056f3afbef38301af6ccbb428aac03920bddde7df387af0fd455898cc15ee860f709c42d53de25ff384e52d5c55919f4748bbef83e71d0e719c3fbb3ec6b09887d18709fd00abf7c35117e372b64f83f5dfc4afc56351c63a5a5a181e5e483da9b0f4da95578d2c9a0b3ce468f0045e6cb7a04b91c6e7100695e7ab0b17a1f182cedb18a1977e718b70378a946f94247f9d22bec6cd2f44da8970c27902fe894b815cdd261951f385dcf5b8a330c9cdc0827687367590ef625a4243ffbd73f02a490320904c60933ec2150ea1363e35f9686e9a9ccf7e63fcb27c21bd87fd303509be87cce9a4432aee92c3f5fbd397c25c9d2206c406107a854a4d335d9ba7cfa32632c15978b42c7026d82076546708ff264597ce017fcd89e7739914726611b4a21cb550e473b371abd299e6e258d33bf7b314e8bcef94770f09c3dfc12c22298c9397c82e275406042bb24fe2b64ef36bbe6cb99f84bb21f55a2e8dacc7dec8c269efcb73ee93d8c212f166850edc0de9e2a9e83400e863c586aa83ec851b10e6eed7f240478107411f8f9569ed58cabee5c1dabc892bc4da15fc371817cf6feefb4a66e950a5319eca4bb9b6510ec23d159d019b3ba09466c8f17c396e8cd16ce8a089809e235f94a994cae08a07d8902b32e66fcfc489896720c0527a4900e6080feef908ab6e18e7565bbacb38daee46a47722c2b70226a013ceea1223432cefbcca74ea7de2d86374d7cd2e4d7009c8bd4470456ca2fe9b8fdedab4f5ccdb695373b6b1fa31f282ff152e6065eb6a440471b3a14da62caed0322e226242d727e39e7e0e32ad686ae922b3474c4d554ab6d24df94847de371fffd2f30c42a329b2f0bb4ef187d51e05eec7cc85bbb0a1a16abb7033ec708f27dfed947f7950bf208c472884cd9122dc3c2334cdd70069d5f501b1e3c0c37fe5402df1bee0d3bce66cd280db42a74ccc4cbb0df6931eb45f9b2c24ab004abd2993f75f02039cd26c2a2d3646dd79ceb8f6daa6262c1cfeae889a87330b0ba0c135bc6258e2f031c3b157fa40fb141ed7b4e5d2186bbfadd53e33d3921c3192ea55e5054d95b8145ff56aa79eadbbcad1dc9baa9599cb62654cb9d645c026d720e7c8f77850919a151dd8ae0782b0a0d1ce14d31c64677838d1d6b3647653af0afc4563692473362ea8b5dd90e06a21a9a4caf07fff65deebeaaff9937cfb9bc785ca82ea727f16a42f87796a6f20feae7467dbf232873bf7b36f89d8d9fa6f327754d88027d765f286dd6fe1dfbf0a760a38c1d0772c64a8dd7bdca093d754029e69465e5a6a9732041c55b8e7ec76cfc8f67be5299f3f7585f08da1d09dd5da781399d6b9fd0d7fd28ac0fc6e123b24afa2d46debe646bba12b15990c642452a57cf6b60d1bf4f1efcf1b8e752a9a352a22152c17", 0x1000)

23:14:11 executing program 0:
syz_open_pts()
kqueue()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0))
pipe2(&(0x7f0000000540), 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0))
pipe2(&(0x7f0000000600), 0x0)
pipe(&(0x7f0000000280))
pipe(&(0x7f0000000000))
pipe2(&(0x7f0000000800), 0x0)
pipe(&(0x7f0000000840))
pipe(&(0x7f0000000880))
kqueue()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0))
syz_open_pts()
r0 = syz_open_pts()
kqueue()
syz_open_pts()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x8000000000004, 0xffffffffffffffff)
close(r2)
dup2(r0, r2)

23:14:11 executing program 1:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
close(r0)
mknod(&(0x7f0000000040)='./file0\x00', 0x1ffb, 0x0)
open$dir(&(0x7f0000000440)='./file0\x00', 0x0, 0x0)
open$dir(&(0x7f0000001940)='./file0\x00', 0x801, 0x0)
ioctl$TIOCFLUSH(r0, 0x8004667c, &(0x7f00000000c0))

23:14:11 executing program 0:
ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, "010000000000000000ffffff7f00"})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket(0x18, 0x1, 0x0)
setsockopt(r0, 0x29, 0xc, &(0x7f0000000140)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14)
setsockopt(r0, 0x29, 0x9, &(0x7f0000000080), 0x0)

23:14:11 executing program 0:
ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, "010000000000000000ffffff7f00"})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket(0x18, 0x1, 0x0)
setsockopt(r0, 0x29, 0xc, &(0x7f0000000140)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14)
setsockopt(r0, 0x29, 0xd, 0x0, 0x0)

23:14:11 executing program 0:
setsockopt$inet6_MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0x68, &(0x7f00000000c0)={{}, {}, 0x0, [0x0, 0x3, 0x7fff, 0xfffffffffffffff9]}, 0x3c)
r0 = kqueue()
kevent(r0, &(0x7f0000000000)=[{{r0}, 0xfffffffffffffffa, 0x5721b76b96d34469}, {{r0}, 0xfffffffffffffff9, 0x31}], 0x60, 0x0, 0x3f, 0x0)
kevent(r0, &(0x7f0000000040)=[{{r0}, 0xfffffffffffffffa, 0x82}], 0x7, 0x0, 0x7, 0x0)

23:14:11 executing program 1:
r0 = syz_open_pts()
fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x10000ffffffff})

23:14:11 executing program 0:
r0 = socket(0x2, 0x400000000002, 0x0)
setsockopt(r0, 0x0, 0x40000000001d, &(0x7f0000000040)='\x00\x00\x00\x00', 0x4)

23:14:11 executing program 1:
r0 = syz_open_pts()
fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x10000ffffffff})

23:14:11 executing program 0:
r0 = open(&(0x7f0000000040)='./file0\x00', 0x611, 0x0)
pwritev(r0, &(0x7f0000000480)=[{&(0x7f0000000080)='S', 0x1}], 0x1, 0x0)
bind(0xffffffffffffffff, &(0x7f00000029c0)=@in6={0x18, 0xffffffffffffffff, 0x0, 0x5}, 0xc)
pwritev(r0, &(0x7f00000003c0), 0x273, 0x0)

23:14:11 executing program 1:
r0 = syz_open_pts()
fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x10000ffffffff})

23:14:11 executing program 1:
r0 = syz_open_pts()
fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x10000ffffffff})

23:14:11 executing program 0:
r0 = open(&(0x7f0000000040)='./file0\x00', 0x611, 0x0)
pwritev(r0, &(0x7f0000000480)=[{&(0x7f0000000080)='S', 0x1}], 0x1, 0x0)
bind(0xffffffffffffffff, &(0x7f00000029c0)=@in6={0x18, 0xffffffffffffffff, 0x0, 0x5}, 0xc)
pwritev(r0, &(0x7f00000003c0), 0x273, 0x0)

23:14:11 executing program 1:
r0 = socket$inet6(0x18, 0x2, 0x0)
getsockopt(r0, 0x29, 0x38, 0x0, 0x0)

23:14:11 executing program 0:
r0 = open(&(0x7f0000000040)='./file0\x00', 0x611, 0x0)
pwritev(r0, &(0x7f0000000480)=[{&(0x7f0000000080)='S', 0x1}], 0x1, 0x0)
bind(0xffffffffffffffff, &(0x7f00000029c0)=@in6={0x18, 0xffffffffffffffff, 0x0, 0x5}, 0xc)
pwritev(r0, &(0x7f00000003c0), 0x273, 0x0)

23:14:11 executing program 1:
r0 = syz_open_pts()
fcntl$lock(r0, 0x9, &(0x7f0000000140)={0x0, 0x0, 0xfffffffffffffffa, 0x2000100000005})

23:14:11 executing program 0:
r0 = open(&(0x7f0000000040)='./file0\x00', 0x611, 0x0)
pwritev(r0, &(0x7f0000000480)=[{&(0x7f0000000080)='S', 0x1}], 0x1, 0x0)
bind(0xffffffffffffffff, &(0x7f00000029c0)=@in6={0x18, 0xffffffffffffffff, 0x0, 0x5}, 0xc)
pwritev(r0, &(0x7f00000003c0), 0x273, 0x0)

23:14:11 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x200000000000c, &(0x7f0000000040)="eaff125c00000000", 0x8)
setsockopt$inet_opts(r0, 0x0, 0x200000000000c, 0x0, 0x0)

23:14:11 executing program 0:
r0 = socket(0x11, 0x3, 0x0)
kevent(0xffffffffffffffff, &(0x7f0000000100)=[{{r0}, 0xfffffffffffffffe, 0x200033}], 0x0, 0x0, 0x0, 0x0)
r1 = kqueue()
kevent(r1, &(0x7f0000000000)=[{{r0}, 0xffffffffffbfffff, 0x2f}], 0x34, 0x0, 0xc68, 0x0)
dup2(r1, r0)

23:14:11 executing program 1:
r0 = syz_open_pts()
ioctl$TIOCSETAF(r0, 0x802c7416, &(0x7f00000000c0)={0x0, 0x0, 0x90d2, 0x0, "d730c1e7bb6fc6e23c5b00000000000000e74de4"})
write(r0, &(0x7f0000000180)='X', 0x1)
close(r0)
syz_open_pts()
r1 = socket(0x0, 0x0, 0x0)
getsockopt$sock_int(r1, 0xffff, 0x0, 0x0, 0x0)
r2 = syz_open_pts()
read(0xffffffffffffffff, 0x0, 0x0)
write(r2, 0x0, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x236, 0x0)
fchdir(0xffffffffffffffff)
read(0xffffffffffffffff, 0x0, 0x0)
close(r2)
ioctl$TIOCGFLAGS(r2, 0x4004745d, &(0x7f0000000100))
syz_open_pts()

23:14:11 executing program 0:
r0 = syz_open_pts()
ioctl$TIOCSETAF(r0, 0x802c7416, &(0x7f0000000080)={0x0, 0x0, 0x90d2, 0x0, "d730c1e7bb6fc6e23c5b00000000000000e74de4"})
write(r0, &(0x7f0000000180)="582720efabd16ebae63225259560f8e5815f73f2a044fd33055552fbd5e41789632dfc94ff334a5619515a4c8ab06198824b3da025bbd47b3bf579456fc7d4096e8c8b6b87cb2d72b8bcdb9ad8a4f5f728193ef16ab93f12fc4d5f16b136a5d00d1628b53a", 0x65)
write(r0, &(0x7f0000000000)="fdad0e614eafbd62be410bc305abc5a3b8fcc5764a4814da61e15514e1b57a01d7c7245c019fefc37d33b3fbef5b558c25c016b9820fc7be68c78aa9ab68ef1f8ef0d1a89e8e9e95649e51307c31964fcd85", 0x52)
r1 = syz_open_pts()
close(r0)
dup(r1)
r2 = syz_open_pts()
ioctl$TIOCSTOP(r2, 0x2000746f)
ioctl$TIOCSETA(r2, 0x802c7414, &(0x7f0000000140)={0x1002, 0x0, 0x3, 0xffffffffffffffff, "85495500020000000000001167f5bfa600"})
readv(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/45, 0x2d}], 0x1)

23:14:11 executing program 0:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt(r0, 0x0, 0xb, 0x0, 0x0)

23:14:11 executing program 0:
open(&(0x7f00000001c0)='./control\x00', 0x200, 0x101ffffffff)
execve(&(0x7f0000000100)='./control\x00', 0x0, 0x0)

23:14:12 executing program 1:
r0 = syz_open_pts()
fcntl$lock(r0, 0x9, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x100000000})
fcntl$lock(r0, 0x400000000000007, &(0x7f0000000080))

23:14:12 executing program 0:
r0 = socket$inet(0x2, 0xc001, 0x0)
getsockopt$inet_opts(r0, 0x0, 0x2000000000021, 0x0, 0x0)

23:14:12 executing program 0:
r0 = kqueue()
pipe2(&(0x7f0000000640)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r2, 0x4, 0xc7)
kevent(r0, &(0x7f0000000080)=[{{r1}, 0xfffffffffffffffe, 0x5}], 0x1f, 0x0, 0x0, 0x0)
close(r2)

23:14:12 executing program 1:
r0 = syz_open_pts()
ioctl$TIOCSETAF(r0, 0x802c7416, &(0x7f0000000080)={0x0, 0x0, 0x90d2, 0x0, "d730c1e7bb6fc6e23c5b00000000000000e74de4"})
write(r0, &(0x7f0000000180)="582720efabd16ebae63225259560f8e5815f73f2a044fd33055552fbd5e41789632dfc94ff334a5619515a4c8ab06198824b3da025bbd47b3bf579456fc7d4096e8c8b6b87cb2d72b8bcdb9ad8a4f5f728193ef16ab93f12fc4d5f16b136a5d00d1628b53a", 0x65)
write(r0, &(0x7f00000003c0)="3e2a7913e4bad21c714f4dd36a27e5e27b21a1de21d4c0c01b3dfaf90f05000000e552aaeefeaff0f2c85e2831c61ad449011f7828bc2d2a500a35ac1f00002049fa9da398bcd62b103434820abc4bcabba3444002007e14295fbaabbbafe214dea79d8e1736a01ed01d72f5dd1d95e8f6b9d3b39e8e2eb7ebcdb6ffd21b77581f3bc1902adddcb95afdc27b8c9831351d74122ab9bd510eb00bb2c4c7a18ef00235685c2001fc170000deee2f873c1e711d5b65d2712d93ae731ffee5a6", 0xbe)
r1 = syz_open_pts()
close(r0)
dup(r1)
r2 = syz_open_pts()
ioctl$TIOCSTOP(r2, 0x2000746f)
ioctl$TIOCSETA(r2, 0x802c7414, &(0x7f0000000000)={0x0, 0x0, 0x98b, 0xffffffffffffff81, "85fe4dbfa60200000007ad00fbffffffffffffff"})
readv(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/45, 0x2d}], 0x1)

23:14:12 executing program 0:
r0 = syz_open_pts()
fcntl$lock(r0, 0x9, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x100000000})
fcntl$lock(r0, 0x9, &(0x7f0000000040)={0x0, 0x0, 0x1000000802, 0x200000005})

23:14:12 executing program 0:
r0 = socket$inet6(0x18, 0x2, 0x0)
getsockopt$sock_int(r0, 0xffff, 0x1000, 0x0, 0x0)

23:14:12 executing program 1:
r0 = syz_open_pts()
ioctl$TIOCSETAF(r0, 0x802c7416, &(0x7f0000000080)={0x0, 0x0, 0x90d2, 0x0, "d730c1e7bb6fc6e23c5b00000000000000e74de4"})
write(r0, &(0x7f0000000180)="582720efabd16ebae63225259560f8e5815f73f2a044fd33055552fbd5e41789632dfc94ff334a5619515a4c8ab06198824b3da025bbd47b3bf579456fc7d4096e8c8b6b87cb2d72b8bcdb9ad8a4f5f728193ef16ab93f12fc4d5f16b136a5d00d1628b53a", 0x65)
write(r0, &(0x7f00000003c0)="3e2a7913e4bad21c714f4dd36a27e5e27b21a1de21d4c0c01b3dfaf90f05000000e552aaeefeaff0f2c85e2831c61ad449011f7828bc2d2a500a35ac1f00002049fa9da398bcd62b103434820abc4bcabba3444002007e14295fbaabbbafe214dea79d8e1736a01ed01d72f5dd1d95e8f6b9d3b39e8e2eb7ebcdb6ffd21b77581f3bc1902adddcb95afdc27b8c9831351d74122ab9bd510eb00bb2c4c7a18ef00235685c2001fc170000deee2f873c1e711d5b65d2712d93ae731ffee5a6", 0xbe)
r1 = syz_open_pts()
close(r0)
dup(r1)
r2 = syz_open_pts()
ioctl$TIOCSTOP(r2, 0x2000746f)
ioctl$TIOCSETA(r2, 0x802c7414, &(0x7f0000000000)={0x0, 0x0, 0x98b, 0xffffffffffffff81, "85fe4dbfa60200000007ad00fbffffffffffffff"})
readv(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/45, 0x2d}], 0x1)

23:14:12 executing program 0:
r0 = open$dir(&(0x7f0000001240)='./file0\x00', 0x40000400000002c2, 0x0)
mlockall(0x3)
writev(r0, &(0x7f0000001180)=[{&(0x7f0000000000)="de", 0x1}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x0, 0x0)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x5)
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x0, 0x0)
mprotect(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x4)

login: lock order reversal:

 1st 0xfffffd807f00c9f0 vmmaplk (&map->lock) @ /syzkaller/managers/setuid/kernel/sys/uvm/uvm_fault.c:1442

 2nd 0xfffffd8069b814e8 inode (&ip->i_lock) @ /syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547

lock order "&ip->i_lock"(rrwlock) -> "&map->lock"(rwlock) first seen at:

#0  witness_checkorder+0x6d8

#1  _rw_enter+0xbf

#2  vm_map_lock_ln+0x14e

#3  uvm_map+0x2e2

#4  km_alloc+0x19a

#5  pool_multi_alloc_ni+0xe4

#6  pool_p_alloc+0x70

#7  pool_do_get+0x127

#8  pool_get+0x104

#9  ufsdirhash_build+0x40b

#10 ufs_lookup+0x2a5

#11 VOP_LOOKUP+0x63

#12 vfs_lookup+0x552

#13 namei+0x4af

#14 start_init+0xd6

lock order "&map->lock"(rwlock) -> "&ip->i_lock"(rrwlock) first seen at:

#0  witness_checkorder+0x6d8

#1  _rw_enter+0xbf

#2  _rrw_enter+0x5c

#3  VOP_LOCK+0x55

#4  vn_lock+0x6e

#5  uvn_io+0x2ca

#6  uvn_get+0x206

#7  uvm_fault+0x12c1

#8  uvm_fault_wire+0x70

#9  uvm_map_pageable_wire+0x2fd

#10 uvm_map_protect+0x610

#11 syscall+0x5a0

#12 Xsyscall+0x128

Stopped at      db_enter+0x18:  addq    $0x8,%rsp

ddb{0}> 

ddb{0}> set $lines = 0

ddb{0}> show panic

the kernel did not panic

ddb{0}> trace

db_enter() at db_enter+0x18

witness_checkorder(356d4e48713398dc,81,fffffd8069b814d8,fffffd8069b814d8,0) at witness_checkorder+0x12f9

_rw_enter(3a79d64a42e02c62,60b,fffffd8069b814d8,ffffffff81edebdf) at _rw_enter+0xbf

_rrw_enter(664bb1d36b49049,fffffd807cd048d0,ffffffff8139fd50,0) at _rrw_enter+0x5c

VOP_LOCK(4ba72e6248c2688,fffffd807cd048d0) at VOP_LOCK+0x55

vn_lock(2672bef2adfe611e,1000) at vn_lock+0x6e

uvn_io(b16566fb5f30ed38,0,0,fffffd807ccc6378,0) at uvn_io+0x2ca

uvn_get(ed83b7d756ab5215,ffffffff8146c190,fffffd807ccc6378,fffffd806ae77020,0,5) at uvn_get+0x206

uvm_fault(b16566fb5fc4196e,20ffe000,0,5) at uvm_fault+0x12c1

uvm_fault_wire(c6afa347f5179fde,5,20ffe000,fffffd806ae77020) at uvm_fault_wire+0x70

uvm_map_pageable_wire(4ba72e624fc61b6,fffffd806ae77020,21000000,20ffc000,0,4) at uvm_map_pageable_wire+0x2fd

uvm_map_protect(42f3eb9fc8766654,10,ffff800020b92018,19dc7ae7348,0) at uvm_map_protect+0x610

syscall(2feed8fc51474d56) at syscall+0x5a0

Xsyscall(6,0,ffffffffffffffa4,0,3,19bb884e010) at Xsyscall+0x128

end of kernel

end trace frame: 0x19dc7ae73d0, count: -14

ddb{0}> show registers

rdi                              0x3

rsi                          0x3ffff    acpi_pdirpa+0x2be67

rbp               0xffff800020c9b230

rbx                              0x3

rdx                          0x40000    acpi_pdirpa+0x2be68

rcx               0xffff800000946000

rax               0xffff800000940d80

r8                0xffffffff817c727f    witness_checkorder+0x12cf

r9                               0x5

r10               0xd0112703d0ad3c62

r11               0x54c2704395d5fb7d

r12               0xfffffd80025cdc30

r13               0xffffffff81ebbd52    cmd0646_9_tim_udma+0xc96d

r14               0xffffffff8227b740    w_lodata+0x51150

r15               0xffffffff82280440    w_lodata+0x55e50

rip               0xffffffff81107618    db_enter+0x18

cs                               0x8

rflags                         0x246

rsp               0xffff800020c9b220

ss                              0x10

db_enter+0x18:  addq    $0x8,%rsp

ddb{0}> show proc

PROC (syz-executor0) pid=389758 stat=onproc

    flags process=10<SUGID> proc=4000000<THREAD>

    pri=69, usrpri=69, nice=20

    forw=0xffffffffffffffff, list=0xffff800020b924c8,0xffffffff82300be0

    process=0xffff800020b94010 user=0xffff800020c96000, vmspace=0xfffffd807f00c9d8

    estcpu=36, cpticks=0, pctcpu=0.0

    user=0, sys=0, intr=0

ddb{0}> ps

   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND

 93125   65032  87031  32767  2        0x10                syz-executor0

*93125  389758  87031  32767  7   0x4000010                syz-executor0

 72662  201552  96077  32767  2        0x10                syz-executor1

 72662  356323  96077  32767  3   0x4000090  ttyout        syz-executor1

 96077  449754  92020  32767  3        0x90  nanosleep     syz-executor1

 87031  497839  87773  32767  3        0x90  nanosleep     syz-executor0

 92020  350084  90962      0  3        0x82  wait          syz-executor1

 87773  255994  90962      0  3        0x82  wait          syz-executor0

 90962  476927  72999      0  3        0x82  thrsleep      syz-fuzzer

 90962   21264  72999      0  3   0x4000082  thrsleep      syz-fuzzer

 90962  192396  72999      0  3   0x4000082  thrsleep      syz-fuzzer

 90962  462843  72999      0  3   0x4000082  thrsleep      syz-fuzzer

 90962  158257  72999      0  3   0x4000082  thrsleep      syz-fuzzer

 90962  161521  72999      0  3   0x4000082  kqread        syz-fuzzer

 90962  114809  72999      0  3   0x4000082  thrsleep      syz-fuzzer

 90962  271219  72999      0  3   0x4000082  thrsleep      syz-fuzzer

 90962  376910  72999      0  3   0x4000082  thrsleep      syz-fuzzer

 90962  425301  72999      0  3   0x4000082  thrsleep      syz-fuzzer

 72999  465811  23908      0  3    0x10008a  pause         ksh

 23908  305281  99088      0  3        0x92  select        sshd

 62962  352534      1      0  3    0x100083  ttyin         getty

 99088  387861      1      0  3        0x80  select        sshd

 16948  513833  64281     73  7    0x100090                syslogd

 64281   68571      1      0  3    0x100082  netio         syslogd

 34872  316003      1     77  3    0x100090  poll          dhclient

  5962  166757      1      0  3        0x80  poll          dhclient

 31083  162455      0      0  2     0x14200                zerothread

 37285  226620      0      0  3     0x14200  aiodoned      aiodoned

 29621  413566      0      0  3     0x14200  syncer        update

 32777  249515      0      0  3     0x14200  cleaner       cleaner

 43985  129908      0      0  3     0x14200  reaper        reaper

 61174  493481      0      0  3     0x14200  pgdaemon      pagedaemon

 27495   98192      0      0  3     0x14200  bored         crynlk

 71056  402134      0      0  3     0x14200  bored         crypto

 44105  222360      0      0  3  0x40014200  acpi0         acpi0

  9666  445747      0      0  3  0x40014200                idle1

   646  337099      0      0  3     0x14200  bored         softnet

 36189  178268      0      0  3     0x14200  bored         systqmp

 41756  381949      0      0  3     0x14200  bored         systq

  9600   86883      0      0  3  0x40014200  bored         softclock

 78019  465291      0      0  3  0x40014200                idle0

     1  445089      0      0  3        0x82  wait          init

     0       0     -1      0  3     0x10200  scheduler     swapper