Warning: Permanently added '10.128.0.155' (ECDSA) to the list of known hosts. 2020/05/25 07:32:55 fuzzer started 2020/05/25 07:32:56 dialing manager at 10.128.15.235:9682 2020/05/25 07:32:56 syscalls: 364 2020/05/25 07:32:56 code coverage: enabled 2020/05/25 07:32:56 comparison tracing: enabled 2020/05/25 07:32:56 extra coverage: support is not implemented in syzkaller 2020/05/25 07:32:56 setuid sandbox: enabled 2020/05/25 07:32:56 namespace sandbox: support is not implemented in syzkaller 2020/05/25 07:32:56 Android sandbox: support is not implemented in syzkaller 2020/05/25 07:32:56 fault injection: support is not implemented in syzkaller 2020/05/25 07:32:56 leak checking: support is not implemented in syzkaller 2020/05/25 07:32:56 net packet injection: enabled 2020/05/25 07:32:56 net device setup: support is not implemented in syzkaller 2020/05/25 07:32:56 concurrency sanitizer: support is not implemented in syzkaller 2020/05/25 07:32:56 devlink PCI setup: support is not implemented in syzkaller 2020/05/25 07:32:56 USB emulation: support is not implemented in syzkaller 07:33:01 executing program 0: readlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/95, 0x5f) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x800, 0x20) ioctl$WSDISPLAYIO_GETSCREEN(r0, 0xc0245755, &(0x7f0000000100)={0xc6d, './file0\x00', './file1\x00'}) r1 = msgget(0x1, 0x360) msgrcv(r1, &(0x7f0000000140)={0x0, ""/145}, 0x99, 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x8240, 0x10) r3 = openat$klog(0xffffffffffffff9c, &(0x7f0000000240)='/dev/klog\x00', 0x100, 0x0) r4 = accept(0xffffffffffffff9c, &(0x7f0000000300)=@un=@abs, &(0x7f0000000340)=0x8) r5 = dup(0xffffffffffffffff) kevent(r2, &(0x7f0000000280)=[{{}, 0xfffffffffffffffb, 0x21, 0x1, 0xffffffff, 0x8000}, {{r3}, 0xfffffffffffffffd, 0xb1, 0x1, 0x2, 0x1f}, {{r0}, 0xfffffffffffffffc, 0x30, 0x8, 0x4, 0x1ff}], 0x8000, &(0x7f0000000380)=[{{}, 0xfffffffffffffffb, 0x0, 0x4, 0x2, 0x8001}, {{r4}, 0xfffffffffffffffb, 0x8, 0x2, 0x5}, {{0xffffffffffffff9c}, 0xfffffffffffffff9, 0x42, 0x2, 0x9, 0x6}, {{r0}, 0xfffffffffffffffc, 0x40, 0x20, 0x1f}, {{}, 0xfffffffffffffffc, 0x2, 0x1, 0x7f}, {{r0}, 0xfffffffffffffffc, 0x58, 0x4, 0x5e1, 0x7fffffff}, {{r5}, 0xfffffffffffffffd, 0x40, 0x80, 0x200, 0x8}], 0x3, &(0x7f0000000480)={0x1}) shmget$private(0x0, 0x600000, 0x0, &(0x7f00009ff000/0x600000)=nil) ioctl$WSDISPLAYIO_GVIDEO(r0, 0x40045744, &(0x7f00000004c0)) mkdirat(r5, &(0x7f0000000500)='./file1\x00', 0x7c) ioctl$TIOCMSET(r5, 0x8004746d, &(0x7f0000000540)=0x9) accept$inet6(0xffffffffffffffff, &(0x7f0000000580), &(0x7f00000005c0)=0xc) chdir(&(0x7f0000000600)='./file1\x00') getsockopt(r0, 0x8, 0x800, &(0x7f0000000640)=""/41, &(0x7f0000000680)=0x29) r6 = openat$null(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/null\x00', 0x80, 0x0) ioctl$VT_ACTIVATE(r6, 0x20007605, &(0x7f0000000700)=0xfffffffc) connect(0xffffffffffffffff, &(0x7f0000000740)=@in6={0x18, 0x1, 0x3}, 0xc) 07:33:01 executing program 1: r0 = socket$unix(0x1, 0x2, 0x0) connect$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x2}, 0x8) truncate(&(0x7f0000000040)='./file0\x00', 0x0, 0x100000000) r1 = open(&(0x7f0000000080)='./file0\x00', 0x80, 0x0) ioctl$BIOCGRSIG(r1, 0x40044273, &(0x7f00000000c0)) getpeername(r1, &(0x7f0000000100)=@in6, &(0x7f0000000140)=0xc) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f00000001c0)={0x0, 0x0}, 0xc) chown(&(0x7f0000000180)='./file0\x00', r2, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0xc) recvfrom(r0, &(0x7f0000000280)=""/254, 0xfe, 0x42, &(0x7f0000000380)=@un=@abs={0x1, 0x0, 0x2}, 0x8) r6 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/zero\x00', 0x80, 0x0) renameat(r6, &(0x7f0000000400)='./file0/file0\x00', r1, &(0x7f0000000440)='./file0\x00') r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000480)='/dev/zero\x00', 0x2, 0x0) setreuid(r4, r4) ioctl$BIOCSRTIMEOUT(r6, 0x8010426d, &(0x7f00000004c0)={0x1ff, 0x5}) r8 = accept$unix(r0, &(0x7f0000000500)=@file={0x0, ""/73}, &(0x7f0000000580)=0x4b) socketpair(0x10, 0x4000, 0x80, &(0x7f0000000700)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000740)={0x0}, &(0x7f0000000780)=0xc) r11 = getgid() sendmsg$unix(r8, &(0x7f0000000ac0)={&(0x7f00000005c0)=@file={0x0, './file0/file0\x00'}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000600)="dee1f4e8f2b12390a40a4ea82b6c4b4b9feadc488a8b8d84d71ecc7b6d761150d4c28d5fb4768a31312ac7ba9e1d6798bb2a9326fe767e41c43b885a67542eb5a0ac1128c56f2119076054b6bffea4ccc5c9c9e8987557714ebb897f8c44ef1f4f9f6e8abd16607c7a14cf4fd0951ca1477f96aec48b2cb2a304bc3498fdf0034914c9e665522a6dab4a89e48a7712", 0x8f}], 0x1, &(0x7f00000009c0)=[@rights={0x20, 0xffff, 0x1, [r7, r1, r9]}, @cred={0x20, 0xffff, 0x0, r10, r2, r5}, @cred={0x20, 0xffff, 0x0, r3, r4, r11}, @rights={0x28, 0xffff, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, r6, r6]}, @rights={0x20, 0xffff, 0x1, [0xffffffffffffff9c, 0xffffffffffffffff, 0xffffffffffffffff, r0]}, @rights={0x28, 0xffff, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}], 0xd0, 0x418}, 0x2) 07:33:01 executing program 1: r0 = open$dir(&(0x7f00000003c0)='./file0\x00', 0x8000, 0x0) getpid() ktrace(&(0x7f0000000000)='./file0\x00', 0x0, 0x6ef3da44cbffa5b6, 0x0) r1 = kqueue() kevent(r1, &(0x7f0000000000), 0x66, 0x0, 0x81, 0x0) r2 = getppid() ktrace(0x0, 0x1, 0x6e90cb2ee28ae046, 0x0) wait4(0x0, &(0x7f0000000280), 0x1, &(0x7f00000001c0)) r3 = openat$wsmouse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/wsmouse0\x00', 0x80, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x10, 0x0) recvfrom$inet(r4, &(0x7f0000000100)=""/31, 0x1f, 0x3, &(0x7f0000000140)={0x2, 0x2}, 0xc) fcntl$setown(r3, 0x6, r2) fcntl$setown(r1, 0x6, r2) fsync(r0) open$dir(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) kevent(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0) getppid() openat$wsmouse(0xffffffffffffff9c, 0x0, 0x800, 0x0) r5 = openat$wsmouse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/wsmouse0\x00', 0x81, 0x0) fcntl$setown(r5, 0x6, 0x0) 07:33:01 executing program 1: openat$bpf(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bpf\x00', 0x1, 0x0) r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r0, 0x80104267, 0x0) pipe2(0x0, 0x10004) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r1 = getpid() fcntl$setown(0xffffffffffffffff, 0x6, r1) preadv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000001640)=""/247, 0xffffffcc}], 0x10000221, 0x0, 0x0) r2 = open(&(0x7f00000000c0)='./file0\x00', 0x3fd, 0x0) pwritev(r2, &(0x7f00000003c0), 0x273, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x10, r2, 0x0, 0x8000000000000000) r3 = openat(0xffffffffffffffff, &(0x7f000060cff8)='/', 0x0, 0x0) getdents(r3, &(0x7f00000010c0)=""/4096, 0x1000) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) write(0xffffffffffffffff, &(0x7f0000000140)="09917b2f2d25", 0x6) r4 = dup(0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r5, 0xffff, 0x1022, &(0x7f0000000140)={0x0}, &(0x7f0000000100)=0x1) ktrace(0x0, 0x1, 0x6e90cb2ee28ae046, r6) fcntl$setown(r4, 0x6, r6) 07:33:02 executing program 0: r0 = open(&(0x7f0000000080)='./bus\x00', 0x5, 0x0) write(r0, &(0x7f0000000000)='g\t\x00', 0x3) write(r0, &(0x7f0000000140)="09917b2f2d25", 0x6) r1 = socket(0x20, 0x3, 0x3f) r2 = open(&(0x7f0000000080)='./bus\x00', 0x5, 0x0) write(r2, &(0x7f0000000000)='g\t\x00', 0x3) write(r2, &(0x7f0000000140)="09917b2f2d25", 0x6) ioctl$TIOCCLRVERAUTH(r2, 0x2000741d) r3 = fcntl$dupfd(r0, 0x0, r1) r4 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bpf\x00', 0x0, 0x0) openat(r3, &(0x7f0000000040)='./bus\x00', 0x80, 0x104) ioctl$BIOCSETF(r4, 0x80104267, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x64}, {0x4}, {0x6}]}) r5 = open(&(0x7f0000000180)='./bus\x00', 0x20000, 0x2) close(r5) ioctl$BIOCSETIF(r4, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0}) syz_emit_ethernet(0xe, &(0x7f0000000300)) ioctl$TIOCSTOP(r2, 0x2000746f) 07:33:02 executing program 1: socketpair$unix(0x1, 0x1, 0x0, 0xffffffffffffffff) r0 = socket(0x10000000002, 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x1023, &(0x7f00000000c0)=0x3, 0x4) write(0xffffffffffffffff, &(0x7f0000000000)="87", 0x1) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x40}], 0x1, 0x0) 07:33:02 executing program 1: connect$unix(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="82028180ffffffff"], 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x2, 0x3, 0x0) connect$unix(r0, &(0x7f0000000000)=ANY=[], 0x10) r1 = semget$private(0x0, 0x4000000009, 0x82) semop(r1, &(0x7f0000000380)=[{0x1, 0xffff, 0xe5ce97ab354d86be}, {0x0, 0x2, 0x800}, {0x0, 0x4, 0x1800}, {0x3, 0x2, 0x800}], 0x4) semctl$SETVAL(r1, 0x5, 0x8, &(0x7f0000000100)=0x7) semop(r1, &(0x7f00000000c0)=[{0x0, 0x1, 0x800}, {0x1, 0x1, 0x1000}], 0x2) semctl$SETALL(r1, 0x0, 0x9, &(0x7f0000000100)=[0x6, 0x2000]) semop(r1, &(0x7f0000000200)=[{0x0, 0x9, 0x1800}, {0x0, 0x3cec, 0xc00}, {0x3, 0x40, 0x1000}, {0x3, 0x6, 0x800}], 0x4) semop(r1, &(0x7f0000000000)=[{0x4, 0xa83}, {0x4, 0x0, 0x1400}, {0x1, 0x9, 0x800}, {0x2, 0x1, 0x1800}], 0x4) semctl$SETVAL(r1, 0x1, 0x8, &(0x7f0000001140)=0x3) r2 = socket(0x2, 0x3, 0x0) sysctl$vfs_nfs(&(0x7f0000000040)={0xa, 0x2, 0x3}, 0xc, &(0x7f0000000080)="88595f71215644c9c6be55648244dfb4d56d730fc8181387534c1a4faa519b935683661180fa4fb9b31801f0d4e93a28825c6323a23c120ec3ce004c970c3c9d1eeb3e4e7efbb2994485f395524a60907c53fa", &(0x7f0000000100)=0x53, &(0x7f0000000140)="0fcdbb0c5132ddb72be61d60f105410f320408677b6afe2dc78857ccbe34eb7a1c1241f85807e9d531953b6a72f2a0d112e1edec642d6944537d03db57a73c40d617b3b7420cb0ccbec3d2fbb6184512de0e4fac7c18ec9384855ef040a07cb67aa602a95e95d8306c489c6164a5ddc75c9343a704ddd820e53a29292f1b6bfeff58a46a8ce74c14e9320ce55e947c7e031b0f8208d9de61e5217f8de4e75bf9c8e23e21ab2e5369529b97938fd1dedbcc77f23dfe5f8fb8ea83706aeccd6bd902211c04e12c99ec19164f4bcbf98ecb0127e694c88012ae9620887fc1cf53afb0cd3fe3ea94d2c3ba2fbd976baad95f2f54cd26c6978e5b76ae8fbca3ac0261c1992c5ba08020668abf509abb0402d5efd58521eea426b17dd9476c89d7d62447fd69d7c83fb7cf41537c0c8e0ba61ca7d9b3dd34c17450265d1166f0aed962494af6c068a465899fe77003866f79f90ef54e36757000b3c9f9947393fac396c51d2d13c4fedf7c136a0e32130489ffa30c241836c9aeab34128d7e205c06c12b4cbfa88bee85cd910f41b0e46e92a9f0d6b71b70bc7d15c40761dfac9eb4fa4abb32d98715cd3402a365b48aa817e423d60a97cb33ac8ef7565b5a34dae903e91669b0d4c71e5bc01e8ac827486bd6faf5a92b896cea9bdf746712709282b45fc0a56702e39c0050c3d48ec8af0f38f10d0e98ea2a3c5aee7c40e5b1032ae1f08ae3477b6b23e2e3cf0d01defaf1cb277fef91dee460d43bf8325f62d41889293bf0d5cc3f40b907003f58ed84268fd860ff59abb17adf519eb6a0afca1eb4e076d9007440fe126f129c5fe5ec6173a6ce3e8c13b205f506f3e2cd12140689c6ca01a06852272c9ae7598578d50af59bce85a97dc32ba6056b36cc67ff7fa512e5047d201f9ee040707c0071c02d19a3183823d5f532d94a95ea995721af68c1a38dfa2721883bd9970317f8f2b193089a67aff174a851ba6093a555075f918b2680682da36318d693b8bf0012a246972dbe6e8eace70496ea47b9e392476b2f9e603513d680d4cdeb59c5a6ed1185cf6e43ad41e1458221d051b87623a8d71b302eb9c73e938ff6850fd0b790def758e3c8e2a70b230d66543af9ce49d3f4ed4484d0bd77d179eb8b43fe58f09f19b010d0b855deeed7da907f01274133d75d1743e9ed7d75340e0e35214b89294d08ad9ca097039c74c0ffcf400ce84d220dd32ade0c33198fb5568d9ed114e9f55f4cebef448e03a506e154e35d4ffa52f304a54de834926cfa8278c5d70d1c267fc5c2383e9470c43d52d66daf4a22766499d9a0c83a7ed2c1ba997108d11abe5d10d9036a28d551346d0a9612bb8977b036ad2cadd1f0bbbbc893a7aade07039eaf3fb631dc4f972b6411d91c07d4cd9256d5495d147a7913d89a2c28763c3742e7b9d1f190ec45db2fcb06645be75c410248cbc30e1547258785dc618d08ccae25c8f9ed73cc8ae652e044aba093c70ec2939ca9c566e42cf01d61423920cdea966f0e3da713b1ed529db391daa5ffd95678d29bf2df3f9aae1e48b0377925e46bb02e142ad863b04ff3e725756a1ad8ecf5180cbae67f43cd00ad3afeb474a2fc6409c26c085588e8b5ef72ea9e13304f21b72f84480ba5453a416783ded2b2f35d51ff6214e30bb022278ff5c2fc9d59c537793da6dfd7dab1bc5910bec945a225ec53ce3085c6a388ab850e5ae0885eb0415591556f398ef3836c1cb1244635e02befd977f627f294faa6298319e8a22c5fd5d0bc8f07a765829a492078e5ca79aa3f90edc40ffe71f24dd7defddbd0e1e1f27acbc5ddde47c4f816eef0f6a9b13a3f6b60cfa8b92ddae3c11f93f22e8df59d508ca31d9e12e0564de72af5cc30214991cafdce73aa01f489a5506b4acc83e5be7be19d471844a0a260746e1c04b9b3e174000fec67946c580e95551225786da7b9cee9c01fab77036cc3fda0ce9c232fc84cd47dc6cef70df2a1b927cd218094e5f4e0cbe70de011034f23010777961d5b229b254661829b5b3ceaf6dc4bce749722f140d26eb1b943caaa3af95c3b15b167dea61bbea4a633cc9c708032206c5de6db534159c06f04b92c744ef5d059375b508d7150d3666ea528ec83c860824571789fb76c07c35003deabdb6bf34595fae1de1514cdbdc08411be6b42e5be62ae7fa87079c367953c0eb5d34b09c7cc0033e7755980818d9f27a4d55f0b30271b983b60d7b8ebc5be4331e4bfd2ece8b7072f782ee72a1a7981ca158d35c30aded5699fd27730c1e737241cbe13d1035710694d7d9f88fea276b6e8c7c8c9299a8895c9c9227524bdbb1e0c12ec3a329f21ca04cb4c0bcb7a85913c78628a13f43df1df090817dbdc3729360ac99345d3477e7f78e88511dda69bd3a369755df6d1ba6ef799fcc13fa79b25f175a6d84772e528f7e31cd31bb7a05205172195f534df5355bc581bd6c90179429e29c2e6ce9043b3445f8235084d2b7d791865dda08acfd9d4b1382098863d822b746551229bc74762cabfed5ca4e255a89a256cd4939b6e258c87052637aabf10154329520754f5881e481e9bbef728dc5e37058e266be17631a6d4d507cfc53883264e0e2c3607013c04ad606f91ba8f8e7cef5f6db2127708a2ff44fa74551d238819dd465bedaa562e9db718060f38df97e035582d46938d79f54b28f027332899d153b56fad8b420817eb4913aa6378dd4f3e33aa5a183336c046b6b286092d87e268e7f3d392ad67462704ac1bc84574e21a5fc2201b49fa7ffaaa558784de766ce3394fdb4fa8921752cd1392982f75c2079190a0fb50dfd0bc853c7635df6e6973fbad4a63aefad4fd9622f9d7841da2b1b69e24c548aea53610c5c29ad53b0102e7ec51752fee231775d20bf7c2975791f4097800a594692756001e6b5a020412ef523f1558582476a76acb2c6efc1e7c936114648dd87492e9b3c78213ba889300773e47e5d6cfc058d02f477ef49feec5983eca513fe3593cdb850024885ece74817fd0378db4bdb03d591380d208c14dc01f5540933c528a6310d605dfcbc8abb2adc8212ca0992088fc585a44310db38d289850004b49d009e5974b2fe57fb661928532acb78a5c44e849130b5c4b07ba6a0354949f6b43c3bfedcc9c854b67dc62a81aeb7135e2721d51ad78fe02ac03725074654d355fe0ffcccace968c0b5ddcabc7cb6561f8fd9f0049d3ab5b5204b5623e8b32fe33a0ec8d1d576421312f86aad72554410ab32f38f8cc0cbb71df854d366e96bf3c6648b2d00a093db9ecec94d3c14c097a5b173f004f36e366450e98312f2125efea08f4ee54cbafc047a574e7c2e1c2be662de0e7f05b1362da4bf080066f55fddafba4adcf163ab50dfa088a3f9c873c91831f26915df169e3a60b573db4ec686f4d6f56a9240f1542483d9d5e2efb49b3406f0e0a6ef2348d28df6ef501a769e6c07f7fa9525e43bb8e649cfd61bbda8a9874133a8f5231c9d99a2832f1b2ffb1620cd22de9a2a7f565c132f14cb77152fc9e85add2dd79ae70ef210f3699260aa546ea7fccb471598eb5588c509748094378aa1a0cca3766750fe287121c147e06cc872b3b934e259763ca85b336aa4f693102ff71c4e4514ad0a45620ff9691380dae64b0460b4c2f2de04dc063d3ceff772892119bcd5ae83d74a47dd246f091f7ad6ac23291b1a8bd92062cb748e9c18d129106814de40dee238df9f1878001031be8f34200b44f7adea41de42809d1be3c05610b432e0da09df467f2885afddd222aa34d43a9f8ff647cb35b56339bbc6c7526b8712aa7d61512f018ae10355429969e6f6973d40eb63db65978982d3f741e9718f68285e0a480579e975f8bbdfd710903d4b1991128ddf0a1ef59c5e3dedaef3663c64aa5546e43d61a8129017e50757e8f2776921cc2a957222263008a1c8c7f429af2deb6a4d520a02ea18ea8909ac32cc9eca8bc9a126e60fdc81ad8e377434eb929ebf869f0f7f9693c35ce874bd9a146f965bb168c0271b4e2e686ad675c497d9ca3932d831f43d39bca45bf1f1df8aa06af08d90676cfe6f0dacb59c615364713e749c40460583476dee577b237b0d48ee41377ce03a5b6b8f9cf28a46522860286e97463594a70bca1c945421bf830c3e162e9fde14da099fe2d580e0a9352422a2e85a1a3455f2889103724e600179f8f98f6d4ae7fdcf11d4584a90149b56455142593b334743ddb0f8a584d25f18a0f1f400793301a7fb14e5a6373e67bbcf14fdcc958113dc91b8d03ea0478ab03e70383698d895af0370cec42aa0bb806e5881d69123de3a2e2a9dd7ad03ad0fe8edc1760b0ab38a2b4c937e3cb8c056415daae4c1220c3099a47c1861e39b37a5cdd44206249f508c1e3a165c58712351b74f2b0b30d17facd655262d9b6d732f530e3c4cc29874b46e4528957846ebae8371af51bf5d6b3780506ec153bcdaadd6cfcfbaeafc16678de573b9689fba4333b33776594dec4675e806eafb151b4e2d4aad8362849e7e434dbe11075e06d3785dfbb44d1de974768f08a9fbb3c0fd5305b3ce98c07ed3a1b17b871cb0e05c21c92e85c2f81df0c0638c7a9b5993043f93209bbbc053279e070969c7c32922803863290ed2df8a1dcf2a8a61cdf7b206d0238208cacf93590b4bb5b2f208219f9f49b189ebfae19ceaa5cac1de0c6bd233e77e1ab6b22160141f57152c0b1a30f33b6f70f36f69f26d23bb77c26168cf2cb503c6be5a6e87537f8e9e48358cecb201a3be373f786125820f5ecfea452dd1e4ad2d6701785e9f2d2a473a8b5e99a050464faca15f3d77f15b6217116778249895618bdf18c5b7d4a3ace65b9a2465df3f518ebf735002931dddd82616049c736e91977c44b15c6dcb72d4ef5470f57c91c0ac4132da354f9daba7b9075118c568b2ac2b962a02f05c1e7ce23589a34bb951d02e5d2b1cd4e694559f21939eb958d13e87baf35aa9ee92fb71f19b75d8b542c79a7fcbf228c8fcc3f14f41101688030862b25faebfc3bf95f09aaa60ea67d80b4360a6cb49abc73ceaf1a0fcea31af48fdcf39e77aca5618135dbe2b7f1ac56e84631a15a8f1b63ddd0d0e316c6e6128ee844fa8a45223339176669bc246179350133eb5f3b7095e86b5c5234aea495d4ab037355032baef2e42c70473087b57853c16363c30d7572379200fab6b09d9d7fde2bba4ba2bb8586f125cf5baa192258394de29b83ed49c196e667bf3deb20addad665eeb9ef139ed653fa7a44001444299e779f938e6043252ad423f3a3550bf87f2dab7e487564c78f07a74b62de3abf698c44418f91ac905595e36a56847bc32aed64d765e98d2d4db1502a6bd84fd92fa35a4f3ae39af3c39094b49e135ddcd7a0320170397699d4cd46395fc8cd9416858ab77708343a05e3f832846def5121252666ca7890ccacf72ad29cd49ce32c6521613e92c42f0dec72aeb2886126a238f60b4ef505d45716a7b3130a30c436a3316201ae5a8568a1dcb00e736a92e8a7ba6b9117016551ed4d4c6344ee79aecf01200b75b0076ae729dbf2d88e550359d415ce261546c5b7f2c5e7933da5b16672c7c8d21279bd760bc78fc00bcd7046cc800646188cb701a2a3b0e2a6c033f65bdbb794657bf49dcc50b5189a2d1c701c123b4449de2b2f391ebdb949e27895e3cdef5fece711195ec009536a963cb3c613a64933f3ed488bfb564eb97bed5bca415ac64ad7f5839a6aa12f2365a00c5a889d2f2baa4a8dad9e78b2400131d07aed7d00af88262b58", 0x1000) bind(r2, &(0x7f0000000000)=@un=@abs={0x0, 0xd}, 0x10) r3 = socket(0x2, 0x2, 0x0) dup2(r2, r3) connect$unix(r3, &(0x7f0000000000)=ANY=[], 0x10) sendmsg$unix(r3, &(0x7f0000001540)={0x0, 0x0, 0x0}, 0x0) 07:33:02 executing program 0: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[0x0, 0xffffffffffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbed], [0x0, 0x0, 0x0, 0x9, 0xfffffffeefffffff], [0x0, 0x0, 0x401, 0x0, 0x3, 0xffffffffffffffff], [{0x0, 0x0, 0x0, 0x800}, {}, {0x0, 0x0, 0x9}, {}, {}, {}, {0x85}], {0x0, 0x0, 0x0, 0x589}}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) login: uvm_fault(0xffffffff8251ff08, 0xfffffdd6433e1db6, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pool_do_put+0x12e: movq 0x8(%rbx),%rbx ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xffffffff8251ff08, 0xfffffdd6433e1db6, 0, 1) -> e pool_do_put(ffffffff82598f58,fffffd80599f6400) at pool_do_put+0x12e end trace frame: 0xffff80001fa30370, count: 0 ddb> trace pool_do_put(ffffffff82598f58,fffffd80599f6400) at pool_do_put+0x12e pool_put(ffffffff82598f58,fffffd80599f6400) at pool_put+0x4b m_free(fffffd80599f6400) at m_free+0x119 rt_ifa_del(ffff800000a0a200,800100,ffff800000a0a240,0) at rt_ifa_del+0x402 in6_unlink_ifa(ffff800000a0a200,ffff8000009f8800) at in6_unlink_ifa+0x571 in6_update_ifa(ffff8000009f8800,ffff80001fa308d0,0) at in6_update_ifa+0x13f7 in6_ioctl_change_ifaddr(8080691a,ffff80001fa308d0,ffff8000009f8800) at in6_ioctl_change_ifaddr+0x40c ifioctl(fffffd805e553960,8080691a,ffff80001fa308d0,ffff80001d739008) at ifioctl+0xe60 sys_ioctl(ffff80001d739008,ffff80001fa309e8,ffff80001fa30a30) at sys_ioctl+0x4a1 syscall(ffff80001fa30ab0) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa716bf3170, count: -11 ddb> show registers rdi 0xffffffff81248555 pool_do_put+0x125 rsi 0x131 rbp 0xffff80001fa30320 rbx 0xfffffdd6433e1dae rdx 0x132 rcx 0xffff80001d80d000 rax 0xffff80001d80d000 r8 0x4 r9 0x5 r10 0x21106c45fa874865 r11 0xd9a64d31a03fe3ae r12 0xfffffd80599f6400 r13 0xcaf792d6433e1dae r14 0xffffffff82598f58 mbpool r15 0xfffffd8069083b90 rip 0xffffffff8124855e pool_do_put+0x12e cs 0x8 rflags 0x10293 __ALIGN_SIZE+0xf293 rsp 0xffff80001fa30270 ss 0x10 pool_do_put+0x12e: movq 0x8(%rbx),%rbx ddb> show proc PROC (syz-executor.0) pid=56224 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=58, nice=20 forw=0xffffffffffffffff, list=0xffff80001d73a118,0xffffffff825a7868 process=0xffff8000ffff8e78 user=0xffff80001fa2b000, vmspace=0xfffffd806bc0a880 estcpu=35, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 19543 239842 35170 0 2 0 syz-executor.0 *19543 56224 35170 0 7 0x4000000 syz-executor.0 23099 142988 0 0 3 0x14200 bored sosplice 40903 1566 58199 0 3 0x2 biowait syz-executor.1 35170 267285 58199 0 3 0x82 nanosleep syz-executor.0 58199 489993 89819 0 3 0x82 thrsleep syz-fuzzer 58199 385244 89819 0 3 0x4000082 nanosleep syz-fuzzer 58199 263457 89819 0 3 0x4000082 thrsleep syz-fuzzer 58199 105620 89819 0 3 0x4000082 thrsleep syz-fuzzer 58199 236708 89819 0 3 0x4000082 kqread syz-fuzzer 58199 207973 89819 0 3 0x4000082 thrsleep syz-fuzzer 58199 337183 89819 0 3 0x4000082 thrsleep syz-fuzzer 89819 296270 2864 0 3 0x10008a pause ksh 2864 283759 90920 0 3 0x92 select sshd 54553 213302 1 0 3 0x100083 ttyin getty 90920 162858 1 0 3 0x80 select sshd 42969 425083 9702 73 3 0x100090 kqread syslogd 9702 351758 1 0 3 0x100082 netio syslogd 81282 106337 1 77 3 0x100090 poll dhclient 15770 414577 1 0 3 0x80 poll dhclient 20914 231953 0 0 3 0x14200 bored smr 97980 168555 0 0 2 0x14200 zerothread 60208 299191 0 0 3 0x14200 aiodoned aiodoned 27811 262747 0 0 3 0x14200 syncer update 20212 209624 0 0 3 0x14200 cleaner cleaner 61283 459244 0 0 3 0x14200 reaper reaper 69374 176370 0 0 3 0x14200 pgdaemon pagedaemon 57309 408912 0 0 3 0x14200 bored crynlk 81394 70066 0 0 3 0x14200 bored crypto 41010 281436 0 0 3 0x40014200 acpi0 acpi0 82504 337740 0 0 3 0x14200 bored softnet 27114 174152 0 0 3 0x14200 bored systqmp 81020 95841 0 0 3 0x14200 bored systq 77303 296462 0 0 3 0x40014200 bored softclock 83919 333944 0 0 3 0x40014200 idle0 1 71288 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9460 6461K 6461K 78643K 10561 0 pcb 13 8K 8K 78643K 13 0 rtable 105 3K 3K 78643K 189 0 ifaddr 40 10K 10K 78643K 40 0 counters 21 16K 16K 78643K 21 0 ioctlops 0 0K 2K 78643K 15 0 iov 0 0K 12K 78643K 2 0 mount 1 1K 1K 78643K 1 0 vnodes 1218 77K 77K 78643K 1225 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 0K 0K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 5 13K 25K 78643K 41 0 proc 47 38K 63K 78643K 358 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 33 2K 2K 78643K 33 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 19 95K 95K 78643K 19 0 exec 0 0K 1K 78643K 181 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 119 22K 23K 78643K 937 0 UVM aobj 4 4K 4K 78643K 4 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 5 0K 0K 78643K 9 0 temp 62 3027K 3091K 78643K 1780 0 kqueue 3 4K 4K 78643K 3 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 rtpcb 80 19 0 17 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 33 0 25 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 162 0 162 1 0 1 1 0 8 1 tcpcb 544 10 0 6 1 0 1 1 0 8 0 inpcb 280 35 0 27 1 0 1 1 0 8 0 nd6 48 6 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 188 0 0 12 0 12 12 0 8 0 art_table 32 189 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 shmpl 112 2 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1426 0 28 88 0 88 88 0 8 0 ffsino 240 1426 0 28 83 0 83 83 0 8 0 nchpl 144 1662 0 62 60 0 60 60 0 8 0 uvmvnodes 72 1473 0 0 27 0 27 27 0 8 0 vnodes 208 1473 0 0 78 0 78 78 0 8 0 namei 1024 4066 0 4066 1 0 1 1 0 8 1 scxspl 192 4214 0 4213 1 0 1 1 0 8 0 plimitpl 152 14 0 7 1 0 1 1 0 8 0 sigapl 424 228 0 199 4 0 4 4 0 8 0 futexpl 56 215 0 215 1 0 1 1 0 8 1 knotepl 112 61 0 42 1 0 1 1 0 8 0 kqueuepl 144 4 0 2 1 0 1 1 0 8 0 pipelkpl 16 70 0 60 1 0 1 1 0 8 0 pipepl 120 140 0 121 1 0 1 1 0 8 0 fdescpl 432 213 0 199 2 0 2 2 0 8 0 filepl 120 1065 0 969 4 0 4 4 0 8 1 lockfpl 104 11 0 10 1 0 1 1 0 8 0 lockfspl 48 5 0 4 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 17 0 7 1 0 1 1 0 8 0 ucredpl 96 48 0 41 1 0 1 1 0 8 0 zombiepl 144 199 0 199 1 0 1 1 0 8 1 processpl 920 228 0 199 4 0 4 4 0 8 0 procpl 624 245 0 209 4 0 4 4 0 8 1 sosppl 128 1 0 1 1 0 1 1 0 8 1 sockpl 400 87 0 69 3 0 3 3 0 8 1 mcl12k 12288 1 0 1 1 0 1 1 0 8 1 mcl4k 4096 9 0 9 2 1 1 1 0 8 1 mcl2k 2048 68336 0 68290 18 2 16 16 0 8 8 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 108305 0 108160 12 2 10 10 0 8 0 mbufpl: pool(0xffffffff82598f58:mbufpl): free list modified: page 0xfffffd80599f6000; item ordinal 2; addr 0xfffffd80599f6500 (p 0xfffffd8069083000); offset 0x0=0x0 mbufpl: pool(0xffffffff82598f58:mbufpl): page inconsistency: page 0xfffffd80599f6000; item ordinal 3; addr 0xfffffdd6433e1dae bufpl 280 3286 0 126 226 0 226 226 0 8 0 anonpl 16 34212 0 21536 54 2 52 52 0 107 1 amapchunkpl 152 993 0 869 8 0 8 8 0 158 3 amappl16 192 832 0 150 35 0 35 35 0 8 0 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 25 0 20 1 0 1 1 0 8 0 amappl13 168 35 0 31 1 0 1 1 0 8 0 amappl12 160 11 0 10 2 1 1 1 0 8 0 amappl11 152 54 0 43 1 0 1 1 0 8 0 amappl10 144 17 0 11 1 0 1 1 0 8 0 amappl9 136 362 0 359 1 0 1 1 0 8 0 amappl8 128 317 0 281 2 0 2 2 0 8 0 amappl7 120 108 0 97 1 0 1 1 0 8 0 amappl6 112 22 0 19 2 1 1 1 0 8 0 amappl5 104 178 0 168 1 0 1 1 0 8 0 amappl4 96 413 0 390 1 0 1 1 0 8 0 amappl3 88 103 0 96 1 0 1 1 0 8 0 amappl2 80 870 0 807 2 0 2 2 0 8 0 amappl1 72 13457 0 13048 24 7 17 17 0 8 8 amappl 80 469 0 430 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 3 0 0 1 0 1 1 0 8 0 uaddrrnd 24 213 0 199 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 213 0 199 1 0 1 1 0 8 0 vmmpekpl 168 5717 0 5689 2 0 2 2 0 8 0 vmmpepl 168 32707 0 30962 112 10 102 102 0 357 26 vmsppl 272 212 0 199 2 0 2 2 0 8 1 pdppl 4096 432 0 398 6 0 6 6 0 8 1 pvpl 32 121555 0 105939 130 0 130 130 0 265 3 pmappl 200 212 0 199 1 0 1 1 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 238 0 7 7 0 7 7 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pool_do_put(ffffffff82598f58,fffffd80599f6400) at pool_do_put+0x12e pool_put(ffffffff82598f58,fffffd80599f6400) at pool_put+0x4b m_free(fffffd80599f6400) at m_free+0x119 rt_ifa_del(ffff800000a0a200,800100,ffff800000a0a240,0) at rt_ifa_del+0x402 in6_unlink_ifa(ffff800000a0a200,ffff8000009f8800) at in6_unlink_ifa+0x571 in6_update_ifa(ffff8000009f8800,ffff80001fa308d0,0) at in6_update_ifa+0x13f7 in6_ioctl_change_ifaddr(8080691a,ffff80001fa308d0,ffff8000009f8800) at in6_ioctl_change_ifaddr+0x40c ifioctl(fffffd805e553960,8080691a,ffff80001fa308d0,ffff80001d739008) at ifioctl+0xe60 sys_ioctl(ffff80001d739008,ffff80001fa309e8,ffff80001fa30a30) at sys_ioctl+0x4a1 syscall(ffff80001fa30ab0) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa716bf3170, count: -11 ddb> machine ddbcpu 1 No such command ddb> trace pool_do_put(ffffffff82598f58,fffffd80599f6400) at pool_do_put+0x12e pool_put(ffffffff82598f58,fffffd80599f6400) at pool_put+0x4b m_free(fffffd80599f6400) at m_free+0x119 rt_ifa_del(ffff800000a0a200,800100,ffff800000a0a240,0) at rt_ifa_del+0x402 in6_unlink_ifa(ffff800000a0a200,ffff8000009f8800) at in6_unlink_ifa+0x571 in6_update_ifa(ffff8000009f8800,ffff80001fa308d0,0) at in6_update_ifa+0x13f7 in6_ioctl_change_ifaddr(8080691a,ffff80001fa308d0,ffff8000009f8800) at in6_ioctl_change_ifaddr+0x40c ifioctl(fffffd805e553960,8080691a,ffff80001fa308d0,ffff80001d739008) at ifioctl+0xe60 sys_ioctl(ffff80001d739008,ffff80001fa309e8,ffff80001fa30a30) at sys_ioctl+0x4a1 syscall(ffff80001fa30ab0) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa716bf3170, count: -11