kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Thu Mar 19 11:11:11 PDT 2020 OpenBSD/amd64 (ci-openbsd-main-8.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.10.53' (ECDSA) to the list of known hosts. 2020/03/19 11:11:24 fuzzer started 2020/03/19 11:11:27 dialing manager at 10.128.15.235:5326 2020/03/19 11:11:27 syscalls: 338 2020/03/19 11:11:27 code coverage: enabled 2020/03/19 11:11:27 comparison tracing: enabled 2020/03/19 11:11:27 extra coverage: support is not implemented in syzkaller 2020/03/19 11:11:27 setuid sandbox: enabled 2020/03/19 11:11:27 namespace sandbox: support is not implemented in syzkaller 2020/03/19 11:11:27 Android sandbox: support is not implemented in syzkaller 2020/03/19 11:11:27 fault injection: support is not implemented in syzkaller 2020/03/19 11:11:27 leak checking: support is not implemented in syzkaller 2020/03/19 11:11:27 net packet injection: enabled 2020/03/19 11:11:27 net device setup: support is not implemented in syzkaller 2020/03/19 11:11:27 concurrency sanitizer: support is not implemented in syzkaller 2020/03/19 11:11:27 devlink PCI setup: support is not implemented in syzkaller 11:11:32 executing program 1: r0 = openat$tty(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty\x00', 0x20, 0x0) ioctl$TIOCMBIC(r0, 0x8004746b, &(0x7f0000000040)=0x8ae149e1) r1 = syz_open_pts() ioctl$TIOCGTSTAMP(r1, 0x4010745b, &(0x7f0000000080)) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) r4 = socket$inet6(0x18, 0x5, 0x8) r5 = openat$diskmap(0xffffffffffffff9c, &(0x7f0000000100)='/dev/diskmap\x00', 0x2, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x18000) r7 = openat$klog(0xffffffffffffff9c, &(0x7f0000000240)='/dev/klog\x00', 0x80, 0x0) kevent(r3, &(0x7f0000000180)=[{{r1}, 0x0, 0x97, 0x1, 0xd3c7, 0x1}, {{r0}, 0xffffffffffffffff, 0x41, 0x40000000, 0x806, 0x50a}, {{r4}, 0xfffffffffffffff9, 0x12, 0x1, 0x100, 0x200}, {{r5}, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0x4}, {{r6}, 0xfffffffffffffff8, 0x0, 0x1, 0x800, 0x3ff}], 0x9, &(0x7f0000000280)=[{{r0}, 0xffffffffffffffff, 0x24, 0x4, 0xc91, 0x7}, {{r1}, 0xfffffffffffffff9, 0x8, 0x2, 0x7, 0x6}, {{r7}, 0xfffffffffffffffd, 0x90, 0x10, 0x0, 0x1f3d}], 0x9, &(0x7f0000000300)={0x3, 0x3}) r8 = shmget(0x0, 0x1000, 0x386, &(0x7f0000ffd000/0x1000)=nil) shmctl$IPC_RMID(r8, 0x0) pipe(&(0x7f0000000340)) fcntl$setflags(r7, 0x2, 0x1) openat$diskmap(0xffffffffffffff9c, &(0x7f0000000380)='/dev/diskmap\x00', 0x10000, 0x0) r9 = shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffc000/0x3000)=nil) shmat(r9, &(0x7f0000ffd000/0x2000)=nil, 0x3000) getsockopt$sock_timeval(r2, 0xffff, 0x1006, &(0x7f00000003c0), &(0x7f0000000400)=0x10) sendto(0xffffffffffffffff, &(0x7f0000000440)="9dab4284046e31f0ef40fa97e61dac6e81243f5d18b274d0daf50b8a43e121b4763d6cd16423266293bfde3ac70f84e618782bcc37f8b085075bb884085c05625894d0bb8e0a90f4a2ef4ebf1e778cffe91532265a83428d3e1442ce1147a7ac42bc7d94d84ca09c6e58d95ca8f8191dc5700af4630555317b2476fa277423359f171ba045275c8b78f0cfc45d9dcfe1ccae00f1029d3c1ace028f9205d5f40db525d30391492ffc63d9bf9d14", 0xad, 0x406, 0x0, 0x0) ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f0000000580)={0x3, &(0x7f0000000540)=[{0xc3ed, 0x3f, 0x9, 0x3}, {0x7, 0x2, 0x2, 0x8}, {0x7fff, 0x8, 0x35, 0x8}]}) 11:11:32 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x138) ioctl$TIOCMBIS(r0, 0x8004746c, &(0x7f0000000040)=0xffffff00) r1 = msgget$private(0x0, 0x30) msgrcv(r1, &(0x7f0000000080), 0x8, 0x3, 0x800) r2 = msgget$private(0x0, 0x52) msgsnd(r2, &(0x7f00000000c0)={0x1, "1e822bfc76faa9f1a73e5aae4d4b14f82e848ec82c6c187568760eb565b3d216a90d22ee8fe202025ba29ca54bf3b0fa016b6835b288576c230d4177cffc12deeee5be34746c8f8ab526e4a1a6a5c1efe9da8ed0b47119b962fd561ef1eb178a5ac29d20"}, 0x6c, 0x800) pipe(&(0x7f0000000140)={0xffffffffffffffff}) ioctl$KDDISABIO(r3, 0x20004b3d) msgsnd(r1, &(0x7f0000000180)={0x3, "52a3181c89c73885520b0abf3c387eea088315bc4358beab30e043832d5abefd9814df944092bcbf5a35517a04e0321dd7e73802b80de238e306"}, 0x42, 0x800) preadv(r0, &(0x7f0000002200)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0) msgrcv(r1, &(0x7f0000002240)={0x0, ""/25}, 0x21, 0x3, 0x800) pipe2(&(0x7f0000002280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x10000) ioctl$BIOCIMMEDIATE(r4, 0x80044270, &(0x7f00000022c0)=0x4) r5 = msgget$private(0x0, 0x1) msgsnd(r5, &(0x7f0000002300)={0x1, "37427c155766ddf7d8f1ead41b7b5250598c048b64919e8a221519f3b149ff359e5d1f3c672855fb624eb46c24baf36bb35fe8dac6ee2b7515edb2d84ed44c23db32d43e"}, 0x4c, 0x800) semop(0x0, &(0x7f0000002380)=[{0x3, 0x0, 0x1000}, {0x4, 0x800, 0x800}, {0x3, 0x6, 0x1800}, {0x2, 0x2e, 0x3c00}, {0x4, 0x8, 0x800}, {0x4, 0x1, 0x800}, {0x3, 0xb07}], 0x7) msgrcv(r5, &(0x7f00000023c0)={0x0, ""/211}, 0xdb, 0x1, 0x800) msgrcv(0xffffffffffffffff, &(0x7f00000024c0)={0x0, ""/180}, 0xbc, 0x3, 0x800) bind(r0, &(0x7f0000002580)=@in={0x2, 0x0}, 0xc) ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f0000002640)={0x3, &(0x7f0000002600)=[{0x1000, 0x20, 0x0, 0x7}, {0x7, 0x8, 0x3f, 0x3}, {0x80, 0x8, 0x3, 0x1}]}) 11:11:32 executing program 0: ioctl$TIOCFLUSH(0xffffffffffffffff, 0x80206919, &(0x7f0000000300)) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35, 0x1, 0xfe, 0x4000002}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r1, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r2, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f00000001c0)=[{0x35, 0x2}, {0x74}, {0x6, 0x3f, 0x2}]}) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r3, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) kevent(0xffffffffffffffff, &(0x7f0000000100)=[{{r0}, 0xfffffffffffffffb, 0x8, 0x2, 0x662b, 0x2}, {{}, 0xfffffffffffffffb, 0x12, 0xf0000000, 0x1, 0x3}, {{r2}, 0xfffffffffffffffb, 0x8, 0x20, 0x17, 0x1f}], 0x9, &(0x7f0000000000)=[{{r3}, 0xfffffffffffffffa, 0x160a8ff262be8be8, 0x20, 0x2, 0x8}], 0x9, &(0x7f0000000180)={0x100000001}) r4 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r4, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000280)=[{0x35}, {0x74, 0x0, 0x0, 0xfffffffc}, {0x6, 0x0, 0x0, 0x200}]}) ioctl$BIOCSETIF(r4, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCLOCK(r4, 0x20004276) r5 = socket(0x2, 0x1, 0x0) getsockopt$inet_opts(r5, 0x0, 0xa, 0x0, 0x0) 11:11:32 executing program 1: r0 = kqueue() select(0x40, &(0x7f0000000140)={0x1ff}, 0x0, 0x0, 0x0) kevent(r0, &(0x7f0000000180)=[{{}, 0xfffffffffffffff9, 0x1}], 0x6, 0x0, 0x0, 0x0) socket(0x1, 0x1, 0xff) select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x2f}) 11:11:32 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x74}, {0x28}, {0x6, 0x0, 0x0, 0x100000a1}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) pwrite(r0, &(0x7f0000000240)="3818ad14f85d37fba1a1189d799b", 0xe, 0x0, 0x1000) 11:11:32 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000140)={'tap', 0x0}) pwrite(r0, &(0x7f0000000200)="7016326989304997eb5538a1c55f1fd4657750c220e2c4cfa701d1b7ab8e27e9e9671781be7d02690fe26981f34b64803e59f617daff3b3138521c9106c49a33eaea76256b474691cc4cf4fb96961ba853d6262615db7da327e1b42be21807b61870f3fa03b7024e2eb32d14abec86ad9859ff6f5f1aad4793eedf900854fadc26ce73cb95c75e7e028ad274c45454e4f5cb4b35c0b96481d41cbedb6748edf5672b52bc60a2cb4d4710dd13d80f38fff80877596ec4a07051cf451dd15bc6a1cfab989d8d04ab9c9f5293b31b53d0d610fb9686723a7df39855aaaa62d7232e0fa1ab149d3aac00ae3622faf3e1b4d3484f0f4cdf113251f1279772e4b42351d3d53bd1ba09c7dc8e905e3818cb81f8854dcb46c894ecb70c01440f294bd5cb710ab285b778e3a0816352ff62909c67f89c6030476b1badab94e7d7b3e43aa47bd64014c448815f70956bce05d79f903e742e58461fbe83fe9eb01822f92ada868e9e35abfbf4f5cff418addb671f636e9d794f006510971fe94137a4a08e75fb577776fb5e04c279b94862d296930f1ff4e0ba7341091bfb96631f1461c2adbd5273434ede7fd48bc87fc43099c4126b6252c6e09542e269e856056f648728cebd65152850904f7143d1e25aeb2ac93062b06d919bbad170a2e3dde218b7aa95ad0f6ceb8d4f684db1fdef1dc47e6ef5b104345975a4ab666132e86c7f307aa9436054aa5c3378434110abb4ec71897568be0384fbaaadb6ed59a7e929e7ebc8b7b1b870d1bfade18e238d32ba87fb096df74c62cf757e9adf3854506bf13e34bfb7a88ebf5de76bca521b706703e51adced84a683bff5f76a835a2cca360fa670deb8898fb7a9d9363f767742ce9052d750be186fcb9bf6a0abc33b025109cb861e37cd02cf207a886b34820921cdcff26f527637903c15954a4f276dc97df995194b02b9d2d667f092f9b62f0a1684e479891ecc81a7b540f361dd384fdd835e5c567ee3e3719596fc01f2f5111f81ce2cc530d597233d50d4da3754c85097a32d4534f019bc5c4316a83137fdad75e1e3cf254f0e24840c8c65380ab9e69a486e64d625c3ebbc44740af7a47f2983219dcf184bcd8547885ee1077b8e40350d054b073098490049a075fab9fff8e65f3e23f3edc458038c38856556e8979cb48194860ecf24b5bdd92c36053e3a8e430b97bac0114e0e023c36cf93b9d6ba55ada78e6d5f4d8555a29c26aec2bc5d72b7a74d7547c4aa1d4668c14d0e409a055c0837fb0f4dff49a00e54d86a4aa62bb666a3e8b07bb5615f1e18bdae9ca30f07339af79601d181635026c7fe08f228ee606bc03dd1741808b5f3e10a91a42219248513c1519bceedcfc9fd9bbe7afcad5dbc8f7b035ad6cea1a1816b0c77f9442824349811dc86b3a670ca63e845775ea0873e0b1553bf622b0af3e5ba00e92432aea4239aec03d0bdfefc1d2448ed0e4ff919072cd31249e46f7fcd4ee6e836c620a89b3fc8196bb9cd3144bea3e57a96e7c10108ece426838eb26395a6f6cb29b143561109007c5549e4c5dd49a1e8db0a2aba3686e7a646ab677fe77eee98b6f4ed3954901faef123401d2e3f785932a3381b163adffd8bc60e998b740e2b27780c222852cdab7822494817ad9251bed7ad7aaa2c379df17946169e095ed4452500d01b45077cd0861ca2c8799193adb75aed8d6b55db901a5dd7a578d1e077f022691607b48f7ff7c1715c68f5e1329450aeb8f1479128d11a06664499347b5f8baff58bc60b51aac34e3bffe64bbb5fb570aea627d5db143a475d7d5fc3605a5a147305e5b9185a140a699e797343fe2f4bd9dae065adf64ddaa082a5438d33dd8a9dc2d0133cd9809f4f1c13ae679cb7ccd98f9cf4a20d9682dc62d02baf86017e5d4b028c57bb8b5fd9778ac6f178c067da1d9665b46003cb5f25b805bf00cd16767afaf19dea2b9002081bbdb101c27281ddef01b66cb181523b44c461633b821b5fdb54f845c60680eab2321e153d6425b58b5311cf0ae0e5cc2f26d8cda7d12f670663d4f6b780a4e115f58e05364fdf1d813e4c643ff35c1d2738221b16a772e30ef2023edd1934172f782eec37e613344d1c51cc06010c61c4fe182ea49eae019155e6003b65ad92fbffd8640f066456ebe5240e585ff24a061ae6b3f6b6422f0a78fca212423a866bbf2f21972b898c0e9bacf964a5af8bb89ef856c081e7a7c7b02eaa910c549d3002ff1caee0e4749071b5bd458d1648603bd29b34c9a85f4243656d717ec753c171b2ed9216d11dae2e964ba0465fc39cbc74959c5b54deee5463b17d27134d3407ffd808faea88c4de601db87977eb3fe1dd599d013b9a49a8cee8b1702438b6dbab2365446e00865fe3aaa95cad77b5dbe4616b4f6e2631e19df694e82a86b50a310388dd57160d4c0f3b769fff927accea7b3e8be0fecb73618c826e32d47759dc5a372ce251e19ab810d8688d434257f13a0f5f39e1dfc63f9a151daf9eb383d5c5a84ecae69f82cf2d17da6f0b664025d9342a4c6cd3bc6b40b020d983deb4d140a08422980b9a92597ab7bb0b67e3af528aae333d1b8d936e6bc10da56deb33480578722f39f08149b1f850edd1ac628bcba46caa7fe11c780b808cfd941c9b880ce36fcf351e579fb5cffc261721cc0c01061cb7d6c688ab5509e4d936dfbba4e1753635439b4ab18b1eaab990c13bdc63a5bdba9c00b8e1bc07958b9aa67d95267691d78febb6656a8dd3f5636562aca1c28f718cde1a6e0a83d3373da654a5c8466d048ce541a0c1f40ee28b740bff19ff575208ab363bcb79a81a502bceaceebf69cfff81df130ed5a97798d8bc17dc538cbda6d9e07e1658524076616d2e9f3515c435f1954a7bfae9dec58b507c97d7b6d04a737986aebbbc8400f4465b291448ceaa1f20ab340c3e00bc00cfe8e81267318a0dd97073aecfeb8395cfe6399ee2815a6c5a996f7723d2a38519d7e6b37a048420f0bdae5e8b4bedaa10729230fb5890a4f074d8fdcb93177bcf913e4f137a4732c16ae2ef5668e6464263378b932a5283c0ed5005959d782e367b25c91dfde57246dcbddfbbdbbc90dde9bd47194d2c52bdfd6fd350f6c66d42b25eced5d41bf45927e332e194671652f5c372e03d9f2329bab46a476ff4b23cf0001d245b59f097bfc8d54143ea8a4d13f903871b3169c9efb54364e7fc2e856bae295ab277ce699184330d605344fb225c4a53121c898389dac4d0081c5ac2d87d0d5b46a6d2e72a33a5809ee9f68ed859efedc41c59aeef26ad4e3651eb7085e7091214410baca21966e1b659985b0715ca6448cb421db1d800f2124274d0de467280c147990770b61e15d655784bc125b1991a86544d07971e6af18c1283459dde9cce14fbe5a095b181aa47e9bb6f1561e71e14da8b3b229dfabd4b9598cd116ac8afb8e6f12bae5daa0289ac773cf498f856ee67bbf8d50ecd8d881e1ba98e2af2992f48cbc87dfcd1e51362f54e96ce9e0bf273940ef7e058f8b6332254fbe029b70427ce7fc399447d4eb0561e66365268f7a3a122dd738ed2052567b0b8b6bd241bea4a85f74bceff8e79c4abe13f01ea9e2e33d41e572871c5b5f19ce4ebbbdff037f88d0dadfc0dae70ff8b1fea12e72ce773a91f42880c13f4f5a7d7b142f67053957a69cec79e611f975f4550d91296201fba77c3de7a8e16b0385aa1880b22abc0340a2b406873afa36f135c37b5b2dde4836aa0fdda62a6f5e399dc82e48e00dbfbc354a26ae6d26dac5ae5ac46ed34a719add4b13dab17d1a4827d92712cee4bfeeaf2887d531b7cd16bf4ec221c137f61a3d22f4d88a2835ef06f9c7d77de246a566059ba379990add98982823d20bda3c6488fe960e2f3349da948e63db3dd76fd4d483e3ff9975adf8f0a7c3ac5151e845937bcac852c7ce7833437da3e805f02984f4b62e30e25f8d204e976d9e7b9594741956cd02c237ab6131cdff755170600eb8f8718aab40ec5295b031af1adf8541cf0c0eb6100a943466bd7c3a73b7f608572976008efab5fcd745f39434abdceb6c3cce68a4688a00251e100b1a3ed852331be89380c82adb4a594a5359af8da345cc23688207c6fa2dd879a081729eb3ee6d1f07f4ed387a09f3d3cf001a8118af456575855b56df9ed5299d7c0808e8a0bd6061ee66ee6c65eb3499f24ffdc04cbf223f9c344ecb533bc2383367fb8a885c5d364a9108a8a23d1c4e6bc88c152e6ccbadf2d8c7557977e22c0525548f2d7d21c51099584c85dc1c8ee0014f70a93d4d7c6a9c5a83ec3622cf0c37c2e5bc06824c12114e0da229e9636556dcf25d7697e8c9d4feb6b343241a265b62a2d55f7611fc2f118c1069073054cf75ff8a1c3a96da694387c2d82d29ab5463cd26ba11609c737fbab3d0f79e585af0d338a97fe11c1a66984e95eaabf3a958bcd453d91926b858a8aa07f14d4d0fb16f6e9e6af261df83e8da5dc8d334348f5e8e2cdc2c2a70b8e56cfc5fb442759b1f852dbc7985600157d11f2d3b759d070b0eb13eeb69da58e7f8f0e71544e835e091922863e7888f7f2e809747eaa503f44787a95920d1f7ba16811a0a7eed67d930a2bbab7fe85926e1823acc0aa102b2b39b93a66391338bc45cb253c6d2707859deea3c0d38728f5f44b0cc7d8f29c755daf51a9329db1ca5bd6e18d9495ac7ce363ec83b290b15e5201c3008db5c78a5d70fa2c6626d16ea954efe569ae45148d37eb95bd6b3affffb96dea029a3f9e389a5a044d369fb4b7f297f11e0e7ef97ff1cd93f14b6b32867c8fd8e71efe59966da6230993ab53fbc246641881d720391569b40c2299a76997d52cdbd0e6a67d02916435e3219a90c0ce3a2c9765e6a8cd2ec36beb51fa2e936d37c388de248fb2e3b744b6cd89dd4a351d742786347dd29d343f3da7e06090bf1542d3a78fc8a35a93c1263d9c878e3f0e7784849c07ae03b60e7cc259290319b7d0d9156365fbaa098a852631ac5514ae69bb9b1f8290118f1ca60c260edea2e6bcfcb2125ca40d8a2eba4d86a93eeb30c6b5f7676881a815ee1e53e4877f5a180d4d3e3141b7c895933c1ad43016e880894e08ad56174f27b8db7d69eccb15423ab1a11de6a988f52b413498c0c7a86efefaa4d3730f6103c9f5756217e3e35b6e4d6a3e61a3b3eea7d2268ed11cb2e446b744d5c214fa4373f5fee0853d64ac1a43af2c179b352ca524e49f37dd9c22233ac98869277038f96d5f4f1c635a83806869d087bfd7f6fa66978f09a878f2e6d1bb69bb8ec4a45dad3bb6e8870970b300f5cb720e6409b9c9c7485f7564901058c9907577c9788b00b3e27914c282576c6d666aca71abc19dd3911f2447411082d2673e2c94010a9f0337247f0c6e7eda6c87337046ae34ab269c348033f1691a05cb34e2e3861226ac36901dbc958006f96fe2fd13b53569bfbbf6272648ee8ae0495cfc6ec61b26aa33f8ddd79291b57a4167917d883bf197c2341208836a41373f0c8a6a5c7c533728e4cd8f81619a6f0282c4b993a07ac0d039f97177f11ac94da14e26657f5930788f951d3f9a0d41a146bc4160694563a8357422cd5b60573c630330f298e023e359a5c79fbc63d80123c32bbd6e98221642b4547991ff61e8c15452c84265991d0b98806010e52a51d762b2ce38090036792feb22f28a202ee1dcc2712b537131df34a13f60f7fe479307dcfe5bad9a43a2474eee1abc521534998ddc97139801248c5b0ac9efa6611a22e3d8b8d729e0825a9d8195050ee9", 0x1000, 0x0, 0x7fff) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x3}, {0x4c}, {0x2006}]}) syz_emit_ethernet(0xe, &(0x7f00000001c0)="441e9e3b5d174af205b606054a5a") 11:11:32 executing program 0: socket$inet6(0x1e, 0x3, 0x0) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCSRTIMEOUT(r0, 0x8010426d, &(0x7f0000000040)={0x0, 0x6a99}) 11:11:32 executing program 0: mknod(&(0x7f0000000000)='./bus\x00', 0x100000000204f, 0x5900) r0 = open(&(0x7f0000000180)='./bus\x00', 0x1, 0x0) ioctl$TIOCSETAW(r0, 0x802c7415, &(0x7f00000000c0)={0x3, 0x1, 0x0, 0x6, "1dc87aed5d756cc9fff333daf372fc477327d4fb", 0x0, 0x80000000}) recvfrom(r0, &(0x7f0000000040)=""/86, 0x56, 0x43, 0x0, 0x0) 11:11:32 executing program 1: ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{}, {0x2c}]}) ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x10000000000001}}) ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, "00000000000000000000f2ffffffffffffff4000"}) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) connect$unix(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="6ee6b32232f7c3e8bf10def72104ed46450706f94b425856880c8b404e2cd4fcd17820992e4717a6a1d7f8c47f1c5493e419149917cad9e067cffd56"], 0x1) ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, "010000000000000000ffffff7f00"}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x29, 0xc, &(0x7f0000000140)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) r1 = socket(0x18, 0x1, 0x0) close(r1) r2 = socket(0x18, 0x2, 0x0) close(r2) socket(0x400000000018, 0x3, 0x3a) setsockopt(r2, 0x1000000029, 0x2e, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) pwrite(0xffffffffffffffff, &(0x7f00000002c0)="0c11c03571009cd895122a20094209b2b3cb2e5722f482cd4fe729b6100f51ee3055adadfeb0412c94618b73fd2424ed6fdb648e88101d27fb366159a84a36bd5172b29eef17a520b2d99d928188618456cbd79be9a78c542a793ac9d717b4c998026c04c4606872b18c58f7a66c274f480ea60107f922dd46742a37deae73fc5547e8f2fd5d6e2564a0a99d229c73d7f6cdc27dad5bf4b93b8763c7b4e9b1c11d5d9b854f72f4d26701d94b857d816c037048e6088e38bbb626b61e0661efc0c62626598d45a8a5a76fdd783cd5c4b2077c238bbcbfd73f8a", 0xd9, 0x0, 0xc2) connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c) write(r2, &(0x7f0000000180)="09000000000000000b056ae3baa1992d618f7815a68ea2bb98b895e4fa3ce7ae50744ab75d7ffc7d3ee6ecf85c34cc79e4ab0113c59a60374b1184c7f5b3e3fb3afa2510c2c6fb3dc38c7443fa9a69f46b39be7dc71854baec66d1a625c337e98573dedb0566a1b738c9160868950ff2a80e7c56c57a2a7f676e033fd56cbbfcb7a7fdcacf57838dd9d40b9087432ea3a1a99d7e42db855962f0dec64186f38e12678bca50818ad081f7bed95e4fb424eafc9184a6cd8ea21f45370801a55f323c48885283a0876b0dcb8f9175c00589e20d0651ef79f36c2c72d90810994f7a7cd6957a0a1abab3086c1727554555e44c26d5c9628976c7a027bfc4006afe24657e5c30c7e5d597e10f1171af566f76db0008", 0x113) 11:11:32 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000000)={'tap', 0x0}) ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x5c, 0x0, 0x0, 0x2}, {0x40}, {0x6, 0x0, 0x0, 0x80000000001100}]}) pwrite(r0, &(0x7f0000000280)="895e654f5c1d85045229b675851d", 0xe, 0x0, 0x0) 11:11:32 executing program 1: ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000069000/0x4000)=nil, 0x4000, 0x1) r0 = socket(0x2, 0x3, 0x0) getpeername$inet6(r0, &(0x7f0000000000), &(0x7f0000000040)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000100)=0x1) setuid(r1) setreuid(r1, 0x0) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r2, 0x80104267, &(0x7f0000000080)={0x0, &(0x7f0000000040)}) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r3, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000240)=[{0x35}, {0x74}, {0x6}]}) r4 = accept$inet(r0, &(0x7f0000000100), &(0x7f0000000140)=0xc) getsockopt$sock_timeval(r4, 0xffff, 0x1005, &(0x7f0000000180), &(0x7f00000001c0)=0x10) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) r5 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r5, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r5, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) r6 = fcntl$dupfd(r3, 0x0, r2) ioctl$TIOCFLUSH(r6, 0x80206999, &(0x7f0000000300)) 11:11:32 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000001800)='/dev/null\x00', 0x0, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0xf46678c19e5e9f50, 0x0) r1 = getpid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r2, 0xffff, 0x1022, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000100)=0x1) setuid(r3) r4 = semget$private(0x0, 0x4, 0x1b2) semctl$GETNCNT(r4, 0x4, 0x3, &(0x7f0000000580)=""/170) semctl$SETVAL(r4, 0x0, 0x8, &(0x7f0000000240)=0x72) semop(r4, &(0x7f0000000400)=[{0x3, 0x100000001, 0x1000}, {0x0, 0x7fffffff, 0x1000}], 0x2) getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f0000000180)={0x0, 0x0}, 0xc) r6 = getgid() accept$unix(r0, &(0x7f00000014c0)=@file={0x0, ""/108}, &(0x7f0000001380)=0x6e) semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000080)={{0x5, 0xffffffffffffffff, 0x0, r5, r6, 0x10, 0x8}, 0x8, 0x1, 0x3ff}) lchown(&(0x7f0000000040)='./file0\x00', r3, r6) ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r1) preadv(r0, &(0x7f0000001440)=[{&(0x7f00000000c0)=""/108}, {&(0x7f0000000140)=""/14}, {&(0x7f0000000180)=""/4096}, {&(0x7f0000001180)=""/115}, {&(0x7f0000001200)=""/41}, {&(0x7f0000001240)=""/194}, {&(0x7f0000001340)=""/15}, {&(0x7f00000013c0)=""/109}], 0x395, 0x0, 0x0) 11:11:32 executing program 0: ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x10000000000001}}) ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, "00000000000000000000f2ffffffffffffff4000"}) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) connect$unix(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="233bfabcc4bf7646003c85d63d562b"], 0x1) ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, "010000000000000000ffffff7f00"}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x1, 0x8000, 0x0) setsockopt(r0, 0x29, 0xc, &(0x7f0000000140)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) r1 = socket(0x18, 0x1, 0x0) close(r1) r2 = socket(0x18, 0x2, 0x0) close(r2) socket(0x400000000018, 0x3, 0x3a) setsockopt(r2, 0x1000000029, 0x2e, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c) write(r2, &(0x7f0000000040), 0xe7) 11:11:32 executing program 1: r0 = openat$pci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pci\x00', 0xb6e, 0x0) ioctl$FIOASYNC(r0, 0x8004667d, &(0x7f0000000040)) ioctl$PCIOCREAD(r0, 0xc0107002, &(0x7f0000000000)) 11:11:32 executing program 1: r0 = socket(0x1e, 0x4003, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r2, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$DIOCMAP(r1, 0xc0106477, &(0x7f00000004c0)={&(0x7f0000000480)='./file0\x00', r2, 0x2}) r3 = open(&(0x7f0000000040)='./file0\x00', 0x611, 0x0) r4 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000026ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r5, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002440)=[{&(0x7f0000002580)="7f", 0x1}], 0x1}, 0x1) r6 = socket(0x1e, 0x4003, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) dup2(r5, r3) ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000500)={'tap', 0x0}) recvfrom(r6, &(0x7f00000000c0)=""/216, 0xd8, 0x0, &(0x7f0000000000)=@in={0x2, 0x2}, 0xc) sendmsg(r7, &(0x7f0000000440)={&(0x7f00000001c0)=@in={0x2, 0x2}, 0xc, &(0x7f0000000300)=[{&(0x7f0000000200)="b6edb775139aad877953ee0d8ab4588391600a0a33a9bcccd12544162c4a178f8a99d666543e38c541a307664b4fcd24ad1630749c343c90f775ebd588e2b3c5ac21b0b1bd029381da3febb5b11dab2127a17ca71cb96fbf8f87c125704bdae83ffbe97b01ac1e976f6999684ad06d45cdc8844e3c33b7c27518617454e4e8c674f258ea684fdd22fe7548d77003d46205062417da27e74d16960a801f60b589463dba90ebc7b3645c38cdac2cf105a8203bd2440f8adee83c8c56f2cc240f61f7b934921aa1df7e7f9f125c586c1db75014b4", 0xd3}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="d000000000000000ffff000001000000c37fbf2c07764b36385864c0334c9c044cd3d12abbc611cd4d0c6619ad4d2525c459d047d9a43c50cfddb402c646e3ac86e9cdef4df7a1eba16318f88e3f149e6d7f67962592b4bbf2805209d71c0d0045f758c42a9272e0654f1d2ad4c7d98bb511dc541fb7515da0aba9ff8ef52b6c89d0fcbc0587b72e86b919b3360648127b1c819328d4651f195c1ff6e7e89e091b390a7c379969ca04034c0cc3012ae3b9f4bed93e5c2e2dcc779ed852f85c906700"/208], 0xd0}, 0x0) 11:11:32 executing program 0: ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f0000000000)={0x0, &(0x7f0000001180)}) mknod(&(0x7f0000000100)='./bus\x00', 0x80002005, 0x4300) r0 = open$dir(&(0x7f00000000c0)='./bus\x00', 0x1000000381, 0x44) r1 = dup(r0) ioctl$WSKBDIO_SETMODE(r1, 0xc0105715, &(0x7f0000000000)=0x1) 11:11:32 executing program 0: r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x30202, 0x0) r1 = socket(0x1e, 0x4003, 0x0) fcntl$dupfd(r1, 0x0, r1) recvfrom$unix(r1, &(0x7f0000000180)=""/246, 0xf6, 0x801, 0x0, 0x0) truncate(&(0x7f0000000000)='./file0\x00', 0x0, 0x10001) truncate(&(0x7f0000000280)='./file0\x00', 0x0, 0x10000) pledge(&(0x7f0000000080)='+^\xef$\x00', &(0x7f00000000c0)=']-[\x00') unlink(&(0x7f0000000040)='./file0\x00') r2 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r2) fcntl$lock(r0, 0x9, &(0x7f0000000100)={0x2, 0x0, 0x812, 0x14c17aac, r2}) minherit(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1) 11:11:32 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000017c0)={0xffffffffffffffff}) r1 = socket(0x1, 0x2, 0x81) recvmsg(r1, &(0x7f0000000080)={&(0x7f0000000040)=@in, 0xc, &(0x7f0000001800)=[{&(0x7f00000003c0)=""/217, 0xd9}, {&(0x7f0000002700)=""/4096, 0x1000}, {&(0x7f00000004c0)=""/169, 0xa9}, {&(0x7f0000001680)=""/179, 0xb3}, {&(0x7f0000000600)=""/73, 0x49}, {&(0x7f0000001740)=""/113, 0x71}], 0x6, &(0x7f0000001880)=""/205, 0xcd}, 0x81) sendmsg$unix(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000240)="b7d45bdc157e888b47fc2156acf55b73d64e7628631d36b6bf7ebae66b528d3d", 0x20}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffdc8, &(0x7f00000001c0)=[{&(0x7f0000000680)=""/4091}, {&(0x7f0000000380)=""/32}, {&(0x7f00000002c0)=""/71}, {&(0x7f00000000c0)=""/38}, {&(0x7f0000000100)=""/141}], 0xd, 0x0, 0xffffffffffffff3f}, 0x0) 11:11:33 executing program 0: mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xc0e99db6de761f86, 0x0) ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) syz_emit_ethernet(0x7e, &(0x7f00000000c0)="312efb203d071bacd8e9785af426d20900c78da70fb51d7df7281d519ee6836ad9029f954114818f103124614666972f561eea9b218f351cfc51203970ee74d82ab2d46ffa7d70e0f199c90dc4d7f1a8ce3d32f9025dc15873a1343d6abf024bd8b0442661f9111f415501ffcaf8b0fe072d34ebdd265c593a865ea75d15") select(0x40, &(0x7f0000000140)={0x9}, 0x0, 0x0, 0x0) 11:11:33 executing program 1: r0 = socket(0x11, 0x4003, 0x0) sendto$unix(r0, &(0x7f0000000240)="b100050460000000000008000501000000f96eefc73fd3357ae26caa0416fa76d06336acf00b7804be781e4991f7c8df5f882b2b7bcbb59f83ed00f4c8b2ca3ebbc257699a1f132e27ecb5d602000d7d026ba8af63ff37282921e4fd89720fd3872babfbb770c1abda71601a8bfee8aca4911faff5a872c881ff7cc53c894303b22f310b4a4f36a00f9000fcfff0ffe608a371a3f80004000000000000000100"/177, 0xb1, 0x0, 0x0, 0x0) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r1, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) r2 = socket(0x1e, 0x4003, 0x0) fcntl$dupfd(r2, 0x0, r2) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000100), 0xc) ioctl$FIOGETOWN(r1, 0x4004667b, &(0x7f0000000000)) 11:11:33 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f000052fff8)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f0000000580)='/', r0, &(0x7f0000000540)='./file0\x00') chroot(&(0x7f00000001c0)='.\x00') unveil(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='x\x00') open(&(0x7f0000000040)='./file0/file0/file0/file0/file0\x00', 0x80, 0x0) execve(&(0x7f0000000080)='./file0/file0/file0/file0\x00', 0x0, 0x0) 11:11:33 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000400)={0x3, &(0x7f0000000040)=[{0x20}, {0x28}, {0x6}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000000)={'tap', 0x0}) syz_emit_ethernet(0x33d, &(0x7f00000001c0)="0c516d3f70e19318ca9bc32c1b26") syz_emit_ethernet(0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa7289b75c479b86dd6045040002000600000008000000000008000081fcabf185fe8000000000000000000000000000aa"]) syz_emit_ethernet(0x400e, &(0x7f0000000000)="c7a895006f53dd000005ffff86dd") r1 = semget$private(0x0, 0x9, 0x0) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$SETALL(r1, 0x0, 0x9, &(0x7f0000000080)=[0x7, 0x8, 0x1f, 0xfff, 0x7, 0x20, 0x8ce8, 0x3f, 0x2]) 11:11:33 executing program 0: open(&(0x7f00000000c0)='./file0\x00', 0x200, 0x0) ktrace(&(0x7f0000000180)='./file0\x00', 0x4, 0xf14, 0x0) r0 = syz_open_pts() fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x300000000}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) fcntl$lock(r0, 0x9, &(0x7f0000000180)) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)) 11:11:33 executing program 1: ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "0000ffff00001040dcc3ffffffffffdd00"}) r0 = socket(0x18, 0x2, 0x0) connect$unix(r0, &(0x7f0000000000)=@abs={0x682eb13985c518e6, 0x7}, 0x8) 11:11:33 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0xffff, 0x1022, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xfffffe7b) setuid(r1) r2 = semget$private(0x0, 0x4, 0x1b2) semctl$GETNCNT(r2, 0x4, 0x3, &(0x7f0000000580)=""/170) semctl$SETVAL(r2, 0x0, 0x8, &(0x7f0000000240)=0x72) semop(r2, &(0x7f0000000400)=[{0x3, 0x100000001, 0x1000}, {0x0, 0x7fffffff, 0x1000}], 0x2) getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f0000000180)={0x0, 0x0}, 0xc) r4 = getgid() semctl$IPC_SET(r2, 0x0, 0x1, &(0x7f0000000080)={{0x5, 0xffffffffffffffff, 0x0, r3, r4, 0x10, 0x8}, 0x8, 0x1, 0x3ff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r5, 0xffff, 0x1022, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000100)=0x1) setuid(r6) setreuid(r3, r6) munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r7 = geteuid() lchown(&(0x7f0000000000)='./file0\x00', r7, r4) 11:11:33 executing program 0: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000006]}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) kevent(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x11, 0x0, 0x0) setsockopt(r0, 0x0, 0x0, &(0x7f0000000000)="1a7b", 0x2) r1 = socket(0x2, 0x3, 0x0) r2 = kqueue() r3 = fcntl$dupfd(r1, 0x0, r2) r4 = socket(0x2, 0x3, 0x0) openat$bpf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bpf\x00', 0x8000, 0x0) r5 = fcntl$dupfd(r3, 0x0, r4) ioctl$BIOCSETWF(0xffffffffffffffff, 0x80104277, 0x0) ioctl$BIOCSETWF(0xffffffffffffffff, 0x80104277, 0x0) ioctl$TIOCFLUSH(r5, 0x8020691f, &(0x7f0000000300)) 11:11:33 executing program 1: r0 = openat$vmm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/vmm\x00', 0x0, 0x0) sendto$unix(0xffffffffffffff9c, &(0x7f0000000000)="3000abe85c0b632d6b613ad05ae3fc6e5d7a14f8ffe528dfb40b492e4d1e4202082e2ca673f754eb64e8188b5fc2111d9cfebc5560879ddef63befe8b85cfdcb378d2c750d8cf705594ba89dc543327c3b86107fcca3645f4c73aa812aba947a0d0eb11af4d3122e64c5cd6fd58f7ca0cd9dd7956e26cb2086ec58b869f3a0d351ed2a3140abcfd01424c486f7dd175578f2b3d3e81bd98a08213022a9462f1bc9d5deacff2dcad4c167ab5f85e4c6d70b42baa03e566890591a55c004e7168b268eff642f3943a1054821a9b4567e1f39be3c53388f96d176879def12a897275ed78e610b30b06609ca756427b483d7098bc17dbae97cb528b82929884e791dede9cc3dc792dcbc80cc25652448b881b219e88b4e490a424fb3e1449455c7341874dfda8439543c42ca67842a0cf420691344f5f11f97da92ab67ff2157d76b92c189bdc1f0927e5e6629a044af5424b869706774811a28b8f175685541c941e809bb7654f24c0492e62c4206b619715ed51560eaf18f701c84b0fd696178ddbd3b07c59b12971c862244831f8a401272b744990a8f39eba9ab86b2b4705cfb23a076074485b695ddd23515a1a340f8963fbd5d99dad374e81abd0611a53b0ec62a6129da3f2db6eb805e46cc1a1d1bd2f37d0c29728865bc2c0d9590d3cd9053659701e687b08e37d896d4f6a27d491fcb0cc1beec74de496a23365a30bf3996b1f18ab17ab8c1dd34994ef54ca56ab8fe09ec8afdf9c82444fc67dd2faecf7161384cbb6f5a0276698e2a7a79b24ca915c5e3cafc2a4a6faacd969fd34cdfc4beada78e209fe815a65e909237be69d77acddfbf362a8722c4025f6696c38478c21df978a732cd3391deb43ed9979c4ada", 0x272, 0xa, 0x0, 0x0) ioctl$VMM_IOC_WRITEREGS(r0, 0xc5005601, &(0x7f0000000580)={0x1, 0x0, 0x1, {[0x0, 0x0, 0x0, 0x20000000, 0x200000], [], [0x0, 0x0, 0x3]}}) 11:11:33 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000040)={'tap', 0x0}) syz_extract_tcp_res$synack(&(0x7f00000000c0), 0x1, 0x0) ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f0000000140)={0x3, &(0x7f0000000080)=[{0x20}, {0x24}, {0x6, 0x0, 0x0, 0x100}]}) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r1, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x75, 0x0, 0x6}, {0x74, 0x0, 0x0, 0x9}, {0x2}]}) ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) dup(r1) ioctl$BIOCSRSIG(r1, 0x80044272, &(0x7f0000000000)=0x4) pwrite(r0, &(0x7f0000000240)="fbaf8a8d1a029be96914f6357e3a", 0xe, 0x0, 0x0) 11:11:33 executing program 0: ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x81}, {0x45, 0x0, 0x0, 0xffffffff}, {0x20000000000006, 0x0, 0x10}]}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000000)={'tap', 0x0}) syz_emit_ethernet(0xe, &(0x7f0000000740)="44582ae93e5211b870b77e0e002d") r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) r1 = shmget(0x0, 0x3000, 0x480, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0x4) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCSRTIMEOUT(r0, 0x8010426d, &(0x7f0000000080)={0x100000001, 0x100}) 11:11:33 executing program 1: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) poll(&(0x7f0000000000)=[{r0, 0x160}], 0x1, 0x606dca73) preadv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000001640)=""/247, 0xf7}], 0x1, 0x0, 0x2) r2 = open(&(0x7f00000002c0)='./file0\x00', 0x611, 0x9b) pwritev(r2, &(0x7f00000003c0), 0x273, 0x0, 0x0) openat$diskmap(0xffffffffffffff9c, &(0x7f0000000100)='/dev/diskmap\x00', 0xad4f3f120c2e20b6, 0x0) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x2, 0x0) ioctl$BIOCSETF(r3, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x10}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCFLUSH(r3, 0x20004268) pwritev(r3, &(0x7f0000000600), 0x9, 0x0, 0x9) r4 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x10000, 0x0) ioctl$BIOCSETF(r4, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r4, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCSETWF(r4, 0x80104277, &(0x7f00000009c0)={0x1, &(0x7f0000000980)=[{0x0, 0x1f, 0x51, 0xff}]}) mmap(&(0x7f000000d000/0x2000)=nil, 0x2000, 0x2, 0x10, r2, 0x0, 0x5) mmap(&(0x7f000000d000/0x3000)=nil, 0x3000, 0x2, 0x11, r3, 0x0, 0x3) ioctl$BIOCSBLEN(r0, 0xc0044266, &(0x7f0000000480)=0x2) dup2(r1, 0xffffffffffffffff) close(r2) 11:11:33 executing program 0: open(&(0x7f0000000040)='./file0\x00', 0x8000, 0x0) r0 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r0) 11:11:33 executing program 0: connect$unix(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="2b025c9f65aa8e7a3701804c53911da0c5a2d75700001a0500adbd"], 0x1) ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x3}}) r0 = socket(0x18, 0x1, 0x0) ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0x1ff, 0x0, "000000000000000100002000"}) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) close(r0) r1 = socket(0x18, 0x3, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) setsockopt(r1, 0x1000000029, 0x2e, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) connect$unix(r1, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0xa) connect$unix(r0, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c) write(r1, &(0x7f0000000100)="8c65", 0x6d2) 11:11:33 executing program 0: r0 = socket(0x1e, 0x4003, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) getsockname$inet(r0, &(0x7f0000000000), &(0x7f0000000040)=0xc) syz_open_pts() semctl$SETALL(0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000000)) madvise(&(0x7f0000ff9000/0x5000)=nil, 0x5000, 0x5) getsockopt$sock_timeval(r1, 0xffff, 0x0, &(0x7f0000000080), &(0x7f00000000c0)=0x10) 11:11:34 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x7}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCGRSIG(r0, 0x40044273, &(0x7f0000000000)) ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[0x0, 0x7, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6418214c], [0x0, 0x0, 0x0, 0x9, 0xffff], [0x0, 0x0, 0x5], [{0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0xbb}, {}, {}, {0x0, 0x0, 0x398b}]}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r1 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r1, 0x0, r1) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r2, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6, 0x0, 0x1}]}) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r3, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35}, {0x74}, {0x6}]}) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCSETF(r3, 0x80104267, &(0x7f0000000140)={0x3, &(0x7f0000000100)=[{0x4, 0x4, 0x40, 0x6}, {0x3ff, 0x9, 0x20}, {0x4, 0x5, 0x0, 0x7ff}]}) dup2(r2, r1) 11:11:34 executing program 0: r0 = syz_open_pts() ioctl$TIOCSWINSZ(r0, 0x80087467, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x2}) setrlimit(0x7, &(0x7f0000000000)={0xfffffffe, 0x4}) 11:11:34 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000000)={'tap', 0x0}) r1 = semget$private(0x0, 0x4, 0x120) semctl$GETZCNT(r1, 0x3, 0x7, &(0x7f0000000340)=""/119) semctl$GETZCNT(r1, 0x1, 0x7, &(0x7f0000000240)=""/203) ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x3d}, {0x25}, {0x6, 0x0, 0x0, 0x7d2}]}) pwrite(r0, &(0x7f0000000100)="b1e91bee8fad27050cdafd2413b0", 0xe, 0x0, 0x0) 11:11:34 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f0000000000)={0xd, &(0x7f0000000140)=[{0xff, 0x5, 0x1, 0x1}, {0x1, 0x18, 0x5, 0x4}, {0xff48, 0x20, 0x5, 0x1000000}, {0xffff, 0xff, 0xe0, 0x2f5c}, {0x4, 0x20, 0x7, 0xbd6d}, {0x1000, 0x20, 0x30, 0x100}, {0x480, 0x9, 0xfe, 0x1}, {0x2, 0x40, 0x5, 0x5}, {0x40, 0x4, 0x7, 0x401}, {0x8, 0x1f, 0x3, 0xffff3950}, {0x81, 0x7, 0x8, 0x4}, {0x8000, 0x3, 0x1f, 0x101}, {0x3ff, 0x0, 0x0, 0x8}]}) pwrite(r0, &(0x7f0000000280)="d000"/14, 0xe, 0x0, 0x0) 11:11:34 executing program 1: getuid() select(0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0) r0 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r0) wait4(r0, &(0x7f0000000000), 0x1, &(0x7f0000000040)) 11:11:34 executing program 0: ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x10000000000001}}) ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0xffffffffffffffff, 0x40000000, "00000000000000000000f2ffffffffffffff4000"}) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000140)={0x6, 0x0, 0x0, 0x0, "01e365de162e00000000000000001b00004000", 0xfffffffd, 0x9}) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$TIOCFLUSH(r0, 0x80206919, &(0x7f0000000300)) ioctl$TIOCSETD(r0, 0x8004741b, &(0x7f0000000100)=0x6) kevent(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)=[{{}, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}], 0x0, 0x0) faccessat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x10a, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r1 = socket(0x18, 0x1, 0x0) setsockopt(r1, 0x29, 0xc, &(0x7f0000000140)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) r2 = socket(0x18, 0x1, 0x0) close(r2) r3 = socket(0x18, 0x2, 0x0) close(r3) socket(0x400000000018, 0x3, 0x3a) setsockopt(r3, 0x1000000029, 0x2e, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) connect$unix(r2, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c) write(r3, &(0x7f0000000040)="100a2956b9223776", 0x14a) 11:11:34 executing program 1: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea, 0x2], [0x0, 0x0, 0x0, 0x9, 0x7fffffff], [0x0, 0x0, 0x405, 0x4, 0x0, 0x2], [{}, {}, {}, {0x0, 0x6}, {}, {0x0, 0x8000}], {0x7, 0x100, 0xf9f}}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$WSDISPLAYIO_GVIDEO(r1, 0x40045744, &(0x7f00000000c0)) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) close(r0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)) login: uvm_fault(0xfffffd8057474cc8, 0x8d23, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pool_do_put+0x12e: movq 0x8(%rbx),%rbx ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd8057474cc8, 0x8d23, 0, 1) -> e pool_do_put(ffffffff82592790,fffffd8063039a00) at pool_do_put+0x12e end trace frame: 0xffff80001d403b30, count: 0 ddb> trace pool_do_put(ffffffff82592790,fffffd8063039a00) at pool_do_put+0x12e pool_put(ffffffff82592790,fffffd8063039a00) at pool_put+0x4b m_free(fffffd8063039a00) at m_free+0x119 rt_ifa_del(ffff800000a08a00,800100,ffff800000a08a40,0) at rt_ifa_del+0x402 in6_unlink_ifa(ffff800000a08a00,ffff800000a07000) at in6_unlink_ifa+0x571 in6_update_ifa(ffff800000a07000,ffff80001d404090,0) at in6_update_ifa+0x13f7 in6_ioctl_change_ifaddr(8080691a,ffff80001d404090,ffff800000a07000) at in6_ioctl_change_ifaddr+0x40c ifioctl(fffffd805e5657d0,8080691a,ffff80001d404090,ffff80001d33a868) at ifioctl+0xe60 sys_ioctl(ffff80001d33a868,ffff80001d4041a8,ffff80001d4041f0) at sys_ioctl+0x4a1 syscall(ffff80001d404270) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1e36c866aa0, count: -11 ddb> show registers rdi 0xffffffff8133ca05 pool_do_put+0x125 rsi 0x154 rbp 0xffff80001d403ae0 rbx 0x8d1b __ALIGN_SIZE+0x7d1b rdx 0x155 rcx 0xffff80001f633000 rax 0xffff80001f633000 r8 0x4 r9 0x5 r10 0x2ab039060bf18aa3 r11 0xebfdd6585b67fa76 r12 0xfffffd8063039a00 r13 0xba97c7d49c998d1b r14 0xffffffff82592790 mbpool r15 0xfffffd80536a1bf0 rip 0xffffffff8133ca0e pool_do_put+0x12e cs 0x8 rflags 0x10292 __ALIGN_SIZE+0xf292 rsp 0xffff80001d403a30 ss 0x10 pool_do_put+0x12e: movq 0x8(%rbx),%rbx ddb> show proc PROC (syz-executor.1) pid=221698 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=61, nice=20 forw=0xffffffffffffffff, list=0xffff80001d339c38,0xffffffff82599f18 process=0xffff8000ffffa740 user=0xffff80001d3ff000, vmspace=0xfffffd8057474cc8 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 86321 378987 20888 0 2 0 syz-executor.1 *86321 221698 20888 0 7 0x4000000 syz-executor.1 34203 372879 22897 0 3 0x2 biowait syz-executor.0 20888 305671 22897 0 3 0x82 nanosleep syz-executor.1 22897 28053 5191 0 3 0x82 thrsleep syz-fuzzer 22897 283433 5191 0 3 0x4000082 nanosleep syz-fuzzer 22897 128227 5191 0 3 0x4000082 kqread syz-fuzzer 22897 23636 5191 0 3 0x4000082 thrsleep syz-fuzzer 22897 351857 5191 0 3 0x4000082 thrsleep syz-fuzzer 22897 195704 5191 0 3 0x4000082 thrsleep syz-fuzzer 22897 370940 5191 0 3 0x4000082 thrsleep syz-fuzzer 22897 127820 5191 0 3 0x4000082 thrsleep syz-fuzzer 5191 161274 61423 0 3 0x10008a pause ksh 61423 508503 97298 0 3 0x92 select sshd 8939 151895 1 0 3 0x100083 ttyin getty 97298 57944 1 0 3 0x80 select sshd 69042 243942 28527 73 3 0x100090 kqread syslogd 28527 167368 1 0 3 0x100082 netio syslogd 69783 143609 1 77 3 0x100090 poll dhclient 44461 159401 1 0 3 0x80 poll dhclient 73493 409947 0 0 3 0x14200 bored smr 16917 145385 0 0 2 0x14200 zerothread 18225 365773 0 0 3 0x14200 aiodoned aiodoned 99529 500790 0 0 3 0x14200 syncer update 23450 500887 0 0 3 0x14200 cleaner cleaner 44666 412831 0 0 3 0x14200 reaper reaper 21311 13574 0 0 3 0x14200 pgdaemon pagedaemon 94416 300538 0 0 3 0x14200 bored crynlk 82295 508728 0 0 3 0x14200 bored crypto 65805 487932 0 0 3 0x40014200 acpi0 acpi0 75590 49472 0 0 3 0x14200 bored softnet 76944 362919 0 0 3 0x14200 bored systqmp 23327 279926 0 0 3 0x14200 bored systq 42016 420082 0 0 3 0x40014200 bored softclock 60105 145448 0 0 3 0x40014200 idle0 1 517076 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9449 6324K 7357K 78643K 10780 0 pcb 13 8K 8K 78643K 27 0 rtable 101 2K 3K 78643K 201 0 ifaddr 39 10K 10K 78643K 42 0 counters 21 16K 16K 78643K 21 0 ioctlops 0 0K 2K 78643K 17 0 iov 0 0K 16K 78643K 8 0 mount 1 1K 1K 78643K 1 0 vnodes 1223 77K 77K 78643K 1274 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 3 0 VM map 2 0K 0K 78643K 2 0 sem 8 0K 0K 78643K 10 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1794 195K 288K 78643K 12646 0 file desc 5 13K 25K 78643K 73 0 proc 47 38K 54K 78643K 361 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 1 0 in_multi 29 1K 2K 78643K 41 0 ether_multi 1 0K 0K 78643K 2 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 31 148K 148K 78643K 31 0 exec 0 0K 1K 78643K 183 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 90 37K 37K 78643K 979 0 UVM aobj 4 2K 2K 78643K 6 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 12 0 NDP 5 0K 0K 78643K 10 0 temp 66 3028K 3092K 78643K 2919 0 kqueue 3 4K 5K 78643K 7 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 rtpcb 80 21 0 19 1 0 1 1 0 8 0 rtentry 112 50 0 8 2 0 2 2 0 8 0 unpcb 120 45 0 37 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 106 0 106 1 0 1 1 0 8 1 tcpcb 544 20 0 16 1 0 1 1 0 8 0 inpcb 280 64 0 55 1 0 1 1 0 8 0 nd6 48 8 0 3 1 0 1 1 0 8 0 pkpcb 40 12 0 12 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 215 0 40 13 0 13 13 0 8 0 art_table 32 216 0 40 2 0 2 2 0 8 0 art_node 16 49 0 10 1 0 1 1 0 8 0 sysvmsgpl 40 6 0 3 1 0 1 1 0 8 0 semupl 112 2 0 2 1 0 1 1 0 8 1 semapl 112 8 0 2 1 0 1 1 0 8 0 shmpl 112 4 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1469 0 71 46 0 46 46 0 8 0 ffsino 240 1469 0 71 83 0 83 83 0 8 0 nchpl 144 1750 0 143 60 0 60 60 0 8 0 uvmvnodes 72 1562 0 0 29 0 29 29 0 8 0 vnodes 208 1562 0 0 83 0 83 83 0 8 0 namei 1024 4249 0 4249 1 0 1 1 0 8 1 vcpupl 1984 2 0 0 1 0 1 1 0 8 0 vmpool 528 2 0 0 1 0 1 1 0 8 0 scsiplug 64 1 0 1 1 0 1 1 0 8 1 scxspl 192 4949 0 4948 1 0 1 1 0 8 0 plimitpl 152 14 0 7 1 0 1 1 0 8 0 sigapl 424 259 0 231 4 0 4 4 0 8 0 futexpl 56 783 0 783 1 0 1 1 0 8 1 knotepl 112 55 0 36 1 0 1 1 0 8 0 kqueuepl 144 6 0 4 1 0 1 1 0 8 0 pipelkpl 16 75 0 65 1 0 1 1 0 8 0 pipepl 120 150 0 131 1 0 1 1 0 8 0 fdescpl 432 245 0 231 2 0 2 2 0 8 0 filepl 120 1227 0 1130 4 0 4 4 0 8 1 lockfpl 104 17 0 16 1 0 1 1 0 8 0 lockfspl 48 9 0 8 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 17 0 7 1 0 1 1 0 8 0 ucredpl 96 64 0 57 1 0 1 1 0 8 0 zombiepl 144 231 0 231 1 0 1 1 0 8 1 processpl 920 259 0 231 4 0 4 4 0 8 0 procpl 624 311 0 275 4 0 4 4 0 8 1 sockpl 400 142 0 123 3 0 3 3 0 8 1 mcl64k 65536 2 0 2 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 0 1 1 0 8 1 mcl4k 4096 11 0 11 1 0 1 1 0 8 1 mcl2k 2048 60635 0 60588 20 6 14 18 0 8 7 mtagpl 80 12 0 2 2 1 1 1 0 8 0 mbufpl 256 96259 0 96085 12 1 11 11 0 8 0 mbufpl: pool(0xffffffff82592790:mbufpl): free list modified: page 0xfffffd8063039000; item ordinal 0; addr 0xfffffd8063039b00 (p 0xfffffd80536a1000); offset 0x0=0x0 mbufpl: pool(0xffffffff82592790:mbufpl): page inconsistency: page 0xfffffd8063039000; item ordinal 1; addr 0x8d1b bufpl 280 4033 0 161 277 0 277 277 0 8 0 anonpl 16 36491 0 22858 57 2 55 55 0 107 0 amapchunkpl 152 1072 0 945 8 0 8 8 0 158 1 amappl16 192 1021 0 282 37 0 37 37 0 8 0 amappl15 184 3 0 1 1 0 1 1 0 8 0 amappl14 176 30 0 27 2 1 1 1 0 8 0 amappl13 168 23 0 22 1 0 1 1 0 8 0 amappl12 160 2 0 2 1 1 0 1 0 8 0 amappl11 152 63 0 51 1 0 1 1 0 8 0 amappl10 144 16 0 10 1 0 1 1 0 8 0 amappl9 136 393 0 389 1 0 1 1 0 8 0 amappl8 128 276 0 266 1 0 1 1 0 8 0 amappl7 120 107 0 95 1 0 1 1 0 8 0 amappl6 112 22 0 19 1 0 1 1 0 8 0 amappl5 104 189 0 179 1 0 1 1 0 8 0 amappl4 96 436 0 408 1 0 1 1 0 8 0 amappl3 88 108 0 100 1 0 1 1 0 8 0 amappl2 80 1155 0 1090 3 0 3 3 0 8 1 amappl1 72 14152 0 13746 27 10 17 20 0 8 8 amappl 80 537 0 496 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 5 0 2 1 0 1 1 0 8 0 uaddrrnd 24 247 0 231 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 247 0 231 1 0 1 1 0 8 0 vmmpekpl 168 5722 0 5695 2 0 2 2 0 8 0 vmmpepl 168 36201 0 34424 130 6 124 124 0 357 46 vmsppl 272 246 0 231 2 0 2 2 0 8 0 pdppl 4096 500 0 464 6 0 6 6 0 8 1 pvpl 32 128317 0 111749 134 0 134 134 0 265 0 pmappl 200 246 0 231 1 0 1 1 0 8 0 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 153 0 9 5 0 5 5 0 8 0