kern.securelevel: 0 -> 1
creating runtime link editor directory cache.
preserving editor files.
starting network daemons: sshd.
starting local daemons:.
Sun Dec 30 02:02:23 PST 2018

OpenBSD/amd64 (ci-openbsd-multicore-0.c.syzkaller.internal) (tty00)

Warning: Permanently added '10.128.0.42' (ECDSA) to the list of known hosts.
2018/12/30 02:02:47 fuzzer started
2018/12/30 02:02:51 dialing manager at 10.128.15.235:20380
2018/12/30 02:02:51 syscalls: 1
2018/12/30 02:02:51 code coverage: enabled
2018/12/30 02:02:51 comparison tracing: support is not implemented in syzkaller
2018/12/30 02:02:51 setuid sandbox: enabled
2018/12/30 02:02:51 namespace sandbox: support is not implemented in syzkaller
2018/12/30 02:02:51 Android sandbox: support is not implemented in syzkaller
2018/12/30 02:02:51 fault injection: support is not implemented in syzkaller
2018/12/30 02:02:51 leak checking: support is not implemented in syzkaller
2018/12/30 02:02:51 net packet injection: enabled
2018/12/30 02:02:51 net device setup: support is not implemented in syzkaller
02:02:53 executing program 0:
r0 = accept(0xffffffffffffff9c, &(0x7f0000000000)=@in, &(0x7f0000000040)=0xc)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x3}, 0xc)
r1 = fcntl$getown(r0, 0x5)
wait4(r1, &(0x7f00000000c0), 0xb, &(0x7f0000000100))
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
wait4(r1, &(0x7f0000000200), 0x8, &(0x7f0000000240))
r4 = dup(r2)
getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000300)={0x0, <r5=>0x0}, 0xc)
kevent(r3, &(0x7f0000000340)=[{{r2}, 0xfffffffffffffffe, 0xa1, 0xf0000080, 0x1, 0x4}], 0x4, &(0x7f0000000380)=[{{r3}, 0xfffffffffffffffc, 0x14, 0xf0000000, 0x6, 0xfa}], 0x4000000000000000, &(0x7f00000003c0)={0x7, 0x80})
kqueue()
socketpair(0x6, 0x7, 0x6, &(0x7f0000000400)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_timeval(r3, 0xffff, 0x1007, &(0x7f0000000440)={0x1ff, 0x1}, 0x10)
chmod(&(0x7f0000000480)='./file0\x00', 0x100)
symlink(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='./file0\x00')
connect$inet6(r6, &(0x7f0000000540)={0x18, 0x2, 0x7ff, 0x5}, 0xc)
mknod$loop(&(0x7f0000000580)='./file0\x00', 0x6000, 0x0)
syz_extract_tcp_res$synack(&(0x7f00000005c0), 0x1, 0x0)
fcntl$setflags(r4, 0x2, 0x1)
pwritev(r0, &(0x7f0000000a00)=[{&(0x7f0000000600)="bfe79005c9651912e934d99e6f0f195ad2822fa7fb1f8e4774f49e85054dc274857d25f7a00fad66294a2772c336a119b3db41c5d6e3414fd598c111243e3e782559f8b39cae4124d0494dfb72e933", 0x4f}, {&(0x7f0000000680)="d4d75c60b9f3adcb49bc104570f6da53f5eb8c1cac2997b833edaea1a132a9bdcc08ff4b557370e06f192372308b6c5bef96ef586ac4932be71db5d597aafdfb60a103b81ce5f449f9b0df86114f58c380c3629703ee53c3ee1ec1ffc4cac14d86587bae534a0745c60c829efe8ce7fa7717c65bb313577c5ff3776f1aeb4b932b1c6629fa4652860a4ffe71dfd6c227177a9c8e935669882ea75d97b2a7ab5abb7ff33fcb5f03c3ba8a6cb96755a3aa50f5241644f8203338f95242e728bbea9cf4b0a707096725cd944caa3a9a76040f10c7db0fe6d77ecb1fb5f3fd7393790bb8d5a3e92e5a9255d268b3f96acf953b316a91001338c8c03d8085c792ab", 0xff}, {&(0x7f0000000780)="08859b3db9685bc1207dc3c8b76f487f53183a10b324383eff0becdaf7ede1b750b5b69adef317483470bc868d6fae1a46df6d93b047adcbc139f5bab0fc7ff44d15daa6512cc58c0686e516c4db0498f39b08553c73e5d8bd9328722d97423e05", 0x61}, {&(0x7f0000000800)="e003fbd5e2a66931e69a6db989bf8755fc0ca4c8b9944417c3dc84b5511761b7292b126f3d511f4da36e930600efef10d9857531f749199d9b804dc7a972ba7829120ae46c1c36458e043f9eb7184f9adde4acc970a66827dc383d7f8b39ad618ba287809932260d", 0x68}, {&(0x7f0000000880)="4ac42ce6387cfa2befcc8ef010f7cd646f0ef6facdd6bc49a5d669f1", 0x1c}, {&(0x7f00000008c0)="2137614c7e1d1fe3619720ddbc8852e72b8238ac99973f3916bc9c00d486793b1f49c6219885719207cad03ad7964be616439fe260ae0451aa3d8cc17f72571ce482c6fe1ce0e40566db7fd58a6f61ce3484fe882e422b7158d20affb11a14a8b01ba28f39aaef9f2838763a00b41698b2", 0x71}, {&(0x7f0000000940)="8fb621862ff51e2d8903c62382cf5ab1237c2013f1a97684d813eeb3a36c04de32f7366c25c83ae91fb073b272740dbbdbf5e31149c744d4fc1d48040f97be1cd4e35ad23555b8099972601c43b05fac600d3b1831cbe430e7f892155cba4c0a6257e0a3f02f686f325022534f04da3f4c05deea96fef0b31d71a1b8888273bf7338be874a2960ab64b2380f4800fda14d64560564a73d89109cd5b2f114772dab81e1d96dce5187336032a3dc", 0xad}], 0x7, 0x0)
ioctl$TIOCCBRK(r4, 0x2000747a)
syz_extract_tcp_res$synack(&(0x7f0000000a80), 0x1, 0x0)
sendto(r6, &(0x7f0000000ac0)="5af6de1faec8372ccf715f318a3512eb63d5ba25af2c76723ad8ce8e784059049dff9e16fe9b670aecafd957d1915d33940ab9a13eccf3134a6048b53903b7235e18057a33bd42db59c42f000b0880f1a7dad284114b0270385c251a320a66829ccde94b7171e33fe338e70230a4cfadf2a7bf8ae8612d21a89e4f4e2aeac0f84d9d0332c77210573faaf2e8e07bc609a25a48ab4415411136ed", 0x9a, 0x2, 0x0, 0x0)
fcntl$getown(r3, 0x5)
readlink(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)=""/245, 0xf5)
chmod(&(0x7f0000000cc0)='./file1\x00', 0x1c2)
syz_extract_tcp_res$synack(&(0x7f0000000d00), 0x1, 0x0)
write(r6, &(0x7f0000000d40)="ff3286d7f173b819767760ead0c373ce9fa01551a82dc7c788668ea3de74b9af0f987022688946de2f5d52f8cc9b2591b6fc8d60f5fbd706a8fad62df4e1651ccc1cfeca04d41a7c9f", 0x49)
setuid(r5)
syz_open_pts()
mknod(&(0x7f0000000dc0)='./file0\x00', 0x1000, 0x6)

02:02:53 executing program 1:
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040))
r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c)
r1 = fcntl$getown(0xffffffffffffff9c, 0x5)
fcntl$setown(r0, 0x6, r1)
read(r0, &(0x7f00000000c0)=""/119, 0x77)
fcntl$setflags(r0, 0x2, 0x0)
poll(&(0x7f0000000140)=[{r0, 0x26}, {r0}, {r0, 0x4}, {r0, 0x101}, {r0, 0x48}, {r0, 0x4}, {r0, 0x4}, {r0}], 0x8, 0x8)
recvfrom(r0, &(0x7f0000000180)=""/118, 0x76, 0x1, &(0x7f0000000200)=@un=@file={0x0, './file0\x00'}, 0xa)
rename(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00')
faccessat(r0, &(0x7f00000002c0)='./file0/file1\x00', 0x5d, 0x1)
readv(r0, &(0x7f0000000400)=[{&(0x7f0000000300)=""/238, 0xee}], 0x1)
mlockall(0x1)
pipe2(&(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4)
sendmsg(r2, &(0x7f0000001a80)={&(0x7f0000000480)=@in={0x2, 0x1}, 0xc, &(0x7f00000008c0)=[{&(0x7f00000004c0)="3a448e015d6acccb0bde43ac8fafac4d8a2c4a2240b8e6b379c46086935097e0ed879bcf3abfa3dcafefd98adf6765a9b5dcee4053179be4e3d9de0cd1170b896f44a04d6f6064791b9332723acda873a742c1f9a1235e05a8a4ac6139bdbd5792186e94abfe0573a3b632bd4bebb14c9dbb809a1749cb47255bbe0ccbeb0bdb8207c2df00fc04b4c7ece3c97a8f3c0ec7754373d613fe85891f3a4737444cd9c2047934671c31eadf9f53e36287e9777951691586dfa8ab92f8017442c3b6c6f2", 0xc1}, {&(0x7f00000005c0)="7b66570f93871bb44bfb31065a28f2b7b6fac07b3889a8a27df91bded592e23c2b9080d4190e7d246475433331062f", 0x2f}, {&(0x7f0000000600)="bf6612522307e6bedc5686456e76adb2193798ac6226d821756f2a1c7c32cd04183ac3cb1eb463ac2ba1ca0f5ba14f5430668039578e981604853c697a5a024bf49f38f8ec49658474bd1205", 0x4c}, {&(0x7f0000000680)="50cf690089ad45cdba0c3a7612fde5d15623247ecd2f626bc4f8b42aa026a04f01d5fe3c50ee1ac091826593b1024531c318198369cbb45cea62b443a6a4eca902b4ed1483970690bd6e376ef72114767f0b0f0cfe7737dc580d8ec34326c01f02f39d7b0e253ca37139f4bb3ac49d6fc8532e32eb8ce003617466f5e35567a58fef0d760656faf5a65a95a33bb0649829a1cd27b85f518e42bf5e12c66f6c341d47affc2e4233bb277c3b029742e4aa1a5999bfaef7676af4fabbb0a7", 0xbd}, {&(0x7f0000000740)="27d44f30aaccf4996cfcc55747ec926d3ad6771d0c50322b17e103101f689861d437538c883835d1f69e2596a20103129854a872228b159172ac2f0d1c26687f76dba88eec", 0x45}, {&(0x7f00000007c0)="cdee5eb6fd9da02b6b13d60b0b59b2382f7c477f04145a4f9d222e02c27abf12171282e175c2665836b44ec39dd7826a58726fed2f813c04d5a0c7085cf4aa1cc294189131e7f70345e798c6f38f691e9b46de7b0e449074dbf926a33f70b10485ccb4d1853cc8e37d079c4128705ef961c9cb0c2ace709c753cf6e565a9d7ccb5ae1221757e6cb071d71568341221e60182dd9d661ab0619dde68ba0a82dae0ca5086d35639468033a3d1cf37767a7708013e3f7ccca900db04393813925aee536c740d19bde550edd36748321f0eb74f33ef85257668f9c4496afe38c19b2e5d1e3c2c02d71e93215070dd352bb62eecd474b779de2d94926c6db6ef47", 0xfe}], 0x6, &(0x7f0000000940)=[{0x100, 0xffff, 0x20, "fbb1f46b4bdb2475a424744b5244a2ab826d3131d3ad9fa663fc37e25f68d8e6f92077de6b3db8dc923c1612bb899c35881b2b70986fddaed9678a8487f975d9c0f5a5592e907fa71d6b05a548d3afe82274385d232bd6bdf179f315e797ff77f4d2a1db76fd39f655f7258cc9b97c44ed304230f07cc65d7d0e700034b48ebf60b01906c22e69f1b9c562276f645eeb99003ba2de5438f0d4be7a91306caceb6731415e33ee5914c9fa17584974d01edff4731aebb1fcbd79041a3b72530a3725c5f395bb62ba6258638163753ffa4a6d9e2d15b411e5d72b358a0f919b9270225e8a4fddedbb31039c6f0c3c"}, {0x1010, 0xffff, 0x3, "28d70cfa5d8847ee2c2c1cae56b1e58590568695ade9578a8e0e98c7a68dd848a07cbd90b7e18529bcc0b8d3a05d49b5b1b0c6cb9598b697bc656f315649d40a634e7e944028aa10310f571330bde2459eebcb00d009fa63a103c54482a4271cef36a4bb0c30105ba9baf37b26708d9f7256c205d442b309c5013a6e91b4f388801b6c175e7ec27e073fe2c4b2ad8962ecb38cff4b75d6d47c971c545a35c85746fb22a0bd656c56fd25df29695a3e2533b4fe184eef6c29924f2ad7e246e3ffa22a9a05c2fad6501012474f536d7bb47c09e74874b6b0ae4aef9dce9dc04a6975dbd8d6cf31d44c55637e80bf131637ef823d46e6ebac70034c7ba5396b1a2e748e883ce2ef3fdfac9f84159adfeedfe96853d8a35e644c276440ae08450551fa9e70447afed62bf1d740b7d55ddd0b3825a134f9b1a5cf93bbf97a6ecfba68f2deb29dea28b90707999a9ae88435a87e1bc75dc1d5bb177ee8ff9f04bb918823d4286e2f8548d8519db5b9b0ce7f4c92935b18065e74b3072c2825adfa1e2c46d552f9e733ab8cefbe22b14cfdf1ab641258822a19085eb38f5b0e344b1c6711c51a1783d36e4bad3c8cc2ae88c647fe6466274605381b3e1f9917868d8514e2252df22e35876ca18622ccb359431df6f721c0928cb35295fd438a8044e94111fa185748a86b3e6eab9fb6d45feeb45b2ea13afd3e963338ee64ba239e684e28c340b7d71657595b6a7dbd036c5973433e899f952b6310fe8b94f72f8590eb9c636c6d1315b26e844c2a3443c3a8bfb35201f1a7f03dd1755e756ecc8a6fc3e2635b2c448a4c3740b61983ca4cbc7699f57a22aa26038a54a6b90381c62f5e7f8a1525e509c4e7439a965550e94122dea96ad658870fd7e6e9655b47891620c84f2412fa8b873173c0ffc982f7afd0dc0da1e8919eca67f15ef078fa200755fae3a799abd429396e0ba38bcb1790bb52dcc5ea217e36104e72810e66d5a5b57ea31f72585660e2d6319bc088132df76ba42a0235e23e4d6ddcf5b480a6e1c339620f7f3e540abb9277c1f5370aa6d5f49ef963cd1e7ce7d68bfff9ec9db735af7ece5e9f6a9593581717ce1461c39b0327dc8fa7443feaa986426003e76bfc9edd444b9a6b7c732346dbe864aa3a0df584abe123c3c4fd5e211bc7f48e2d1d9a8b28d1227c3c9335f4df3581e3c25e4520a94117f0fa5084bb5b53efe47a310521325c12e906af2ad8bb53e370a619c6d262b9844a56eb4c84489e9b563a3cc04eeee4d42fb301ae27a13ab824954f466a831dc49f5b1aec6c3a6e983d5fa2ae8fab8b104ba6d2008cf9d8fd30c98570c240696f67eca7226daaa8475da0b4907a4bf570695688ad042c31dde6223748d9bc25d1cd09680eff5648baa64074cdbd9d1235e06e2e0c908d41b2725245d692e5399946b3bd4bed85f6415471b79b0fb67c373b6a2a23624dad81b2e4b69a16a61464d886d3b3f22e9e5c9a76a6c031190bc42eb0e171cb52f5b9470561f4bf9ed6d74ebd117166d05c2c4eec4c080ddcf48a8f0233a8fdd8f027e342884b3cc52610b8b0758199ae02d3e931ea2286d780576f4a56bb01795fbf4858be6f8ec1c78875fa043bbed0ebd8735b427c334075ce36b9db3876b88c624315ee8ec24096d51200286024956ec528e778b2a196c7a810d79bd106f004ba55b4f99728b155b214d5fa78b98f7a9f2d8e481085e82672334f3042b8c3fb91897f7e5efa50a37d80413d71125f73bbf307ea866cecb6b158fe7d280dc8d93f6a771c826ea52fb10048608dfc088862b9c74d297d2b910ec38021c8ef78500ed110c39461fad7fa6d4bb89da471b38326686259b989fe6bc5ba5c054fb2b6b28992e14aeb334eed037c1ebd6680d39c9a0a3ec4033fdc2ae2094f88325c0866d324e1ea0171a9120776d8bea7f7c58dde18f2071a9b6590a54c098c9968c36397853511fe157fc59759f3dcfd627d462b45f69bb3da5b3304e91d4a17a63495128150c728146439933317fd543eac1a9060b079b794621212a5361c3f5a175187862d985ce3adb8a3605c572c59dfe93586b91ac985c33eb8c3ffd3340c72ea4547551b723f6c70c91f9bb48a575e51ccc540cd4cdf25d23081ef65134d189850434d550a89b0560d73eae9637b61179f0c25ac2dfab67a57d348ed86d506b82b3f371069e79bf8fb6aa38e7397c0adae86a03edf566b4051f6f9bcc9d64e9aa55eb03c16df5acb752dc95b5b976d5df2fe5f9ee8fe692f5c3288ae4ba83245efe0e1d1a93dd923dda0553d0d299d5dd88bbff1a07ea8e47d31993b0b5578787294b308ad2fff3d167900fbbb37c45dd93d46662b0adaae7579cabf2ff31cc44c8d39b63989b1a9f1165a841b74d383825e895ea31c9ef33cc6db15d54465905d18abed3fdda41bc38727d0cb412e018372a9b370dd3b1c03f91b5dd08b192842f3f547dc910d3939bdffbea31fe5e64688c3885be80da22aa457126d17b9a167ba54030ee2b437d358e114fa8112407fc8f6efebd131c02ea844f0da6836b6cb98a44e5e82acca4f514b027c007533477350bdf8905ace472bad5c516e28492d2de49a8f82d4eb818e680b1c3c9142a190e41d28cd91b3c9f256d62434d7d7d40f80cd4417af6977bcbf85b7d30aec0c3c095ffc3a4c9ca4fe6844b65e376f6d9c1f21eb7879163036ce3eadbfd99fe0d5ee6c92ab9ac4f8737e4fad72e94ef0ba8832997af7dd2a93363140028fb6ce8b513cf616b394b3419e8de124daa6a763498bcf4c2fa5691484830c9ad144a94f1fc588a46e4a67cc14c0388fa4c586b883a7c9efa2d276f6d619c04dd2446e398fa82137c4122356081765d8b5f868974feb9cbf22a1d641a1ab511a32490117330b9770f5c6dc0975206e12d29ac7ad6052d3998ad4218a00714aba526c3c84b36dd322c1658e4f247f0fefebba7a9c8fc3fc650023ede3e037b3afbff40e6dfb317ab455046c71f37b5934d5e185efe5efa7d8249e27b4dcb952854c77e4fabbaec8fb92063dc0a9465bbd8b352c444c734698334707478ddbdb760be6f60edafe7856b8ca0c29f39814fc597ffe9111054cec770ff1c1ced9e61ad0db4c4f59703002a95310b24282d972477e97af5cfb7acf3a9134087eacb77f81b2316754ea0a7731acd7035090d9841343d95c58cdf587e284c367c7d0f7fced7e03cd1eafb1a39d184c40b6050ddc121fd1a7efc931d3e1b6287eda238b385b3757f2f5f2083bb25e67b25677f0b7aa9062ad0472e93b8bb84e03da41629c13560c7060d02f0eb68dce3de8d0fd63e3945f31cc8ffee15bfa228e0ec89ff5d631433e24eaac0a082bc745f64d4f6d5126af627109132eeb285d4d85eefd6c7554a97bdfd1c0d99952476ca5b622893b170f8848193174c6e25889c32647d0f0d3a97c024503a0667b72b4a3de4a04c03813daa86a814c413a5974350fd5a53efb0fe2ae39d2dea041024898f30ebef2a4eacd1d9e88df6c210fcf37f955e45f54bba00e5936c66cdf8f9d4c340aefeeee4e50884062838d61e2a541fe4fb224f318c8c9ea788f4bdaf841b67542e14bdd398bffb729a981c8ab8371f6079d93e1aa23e4e6e0e46794f7c70bbb4766df039aa07dc43f37e11c73ec366212c1fb53e082738c175785f38562c312d007619a0e901829bfd2e12c84a457a81ecfa751cdefdaeec7c3f37f512ba573a054ed3ec8922ac1aaceabde6c69f0476781b7533ee26e087a08f5c832d36ef300d0063c010aceb26a4badbbdd47ddef7074f5789cc3f51c3bf3da55317d09d216328b6b6f3840feaa04c3535e53ec578e09f9cea60f0c231ed651aeac4df08e44aa87c4eaf5d15512f67cc7f5de02eb785a35d69fa67be59a1ae6a9e1b91593b6e1198c98081455f1690d73261c7928ab15d5e5fc294f00971b4e9a8bd53d55faa93222852acd15d7f09f3d9cc71a9d9012bd972c92fb30b9d3fc917bed054b694f1c2a91061f5eb51a759c9c7673c33bc919106aef8b873c71e3b81fc47d0fe72505d5af38506814f9dc495a4d33bb0fbd8565672c3fcacd5dea2d6d3ba9648531ef79f8bdb80bc1a8791cfd2c4e31acfb8b4430be8532fd5d2d1391c3e0e1fe11111a004255584406c144cc0d14d090142612ad62dafec020d87cf8c518da52530855aa6852f4fd97edfde43f45a8c7ec64cea99423ec09b32f8b9855a03bc4df30a83117181f520affaefc313bedfab9ff3140c9c6922eac49c3339a942474b472455fe8bfac5a60fc3e32a5df5c63a7b4c3089a4d17f557e48027cafbc32d6b4ee9c0a593d04dd956a80ec0e512fb38a441053363a0f47731a18635ba295c83b7a8654a31830f26f40c61b2e75a2fc9a3d7cba060552421f90539e9ab7db229b76861f32fee0bcad2c55d60c2ccc20c191e9d7923c8f860d4d58a11c2759d5a9abef067e469734f2696b0de32b1011812999ddca398f0293c71e309e896978bfe26e5ae83c469de79a000c726f2a3fa65f19c74cf6cb0caf946a79020e5d7f2ae34a2c58c9ad1a14d5d204f6e36aaf9a5d64584561ab7f1163f288ab3e5fcb52b2d60d356cebab5919cf4899c07bc7c326e8ba020932847d232816a253cbd00f6013b0f7b31dedc67270a108905986a2c0e085505fba035b62dbb3b78f68fee1223fc4999f81bb8ab43d3132289cc263af5f8ccc8b2a79e8702f5fe4e29bc83fd8f37d7897697703f267f88203284915a574ee12fcb9ef6cfd5c577459d3b49553cdfdff551be32952022b2125693880fb491b0f4c70a5a645e9b9bb6bc75f42f9e486a8ffab9989d709ca5af53885af2c751ec979e3c6fe0a184b52a9b001d42a3a0bc3b59b366c5d9e856cc235fb09c69157036bf364c9698657dd60e18a8cf142aecdde4668d135493da4b2fa35d571661e28f5af8bbceba98cab4f46799739e93fe9018c2310d146b77bb60e187f95cebe606532be8c8235fd56a9b19ce9632b1e0f86599ea8b9e40963bb550e313a363160d3b52b65860ed22ebdc59a0c0d6765b4903938d329a6d00e33fe2f4bdbcb82035a2ab4a444498734fe668fdcf6b0d11eb1abda74d833430ec49e2bcb43e58fd6ab822e03472c114ac95e6f6d7b93f0e8e8a2c9a34027aa5d4a945ef0c5ed62df6eaa9a2b2bceb1d7540c1e271cf59258141a06002731e80aeb2f51a3635d2ac0b8372ea3924a656ce0bd63f025811836fa7c4307c42546b105965a3f40e430011607bad6cfec293d47e4d1718fd5c455e418a0912f3f9274a991b31c76c8e4db5d5443a629d66564fe98a3e1c477d464b02a91e517f99ca7bb50c7a32107b37978141fea2f11d530e52ecdfaede0a6fab6f31a588c9ea86c80d967ebf33a7814da82f9230332e607c13a8ff18b668f0b1dedd9f1379b05c5995d5fe76055acc7500f4a9cd5b2421e6e0f50e211e8f0eeef0573de739ce357b0b629a6b5a0b2da4146290dacfee596da94ad9bdf04dd42f489589083e834b1944ff1304df0e45092ebfe2c8f03ef29c6398571309a7702512a355e586d00da74266fcd76a9b22d829e02763f7726ca96b35f3a96d0c5b22a2f3b111b9acc689539d30965139414e0d9d940642b99a094ba3bbdfd4ed3852d09210cd8fb1d5ea68065ccbaaae510c699cee67ae8fb0e4c08e4acf10d71d486f6de2abfe4315a9d7437d056e3315e487728abfd635c3667bd34f1dd3ccb6904ae707d78a48ea776e038849c34f402fe1bcc73ded46c194e0b66593e9208465b33542e7c40d7a8f1f71ff157a98f84a"}], 0x1110}, 0x0)
getsockopt$sock_timeval(r0, 0xffff, 0x1007, &(0x7f0000001ac0), &(0x7f0000001b00)=0x10)
close(r2)
accept$unix(r3, 0x0, &(0x7f0000001b40))
lstat(&(0x7f0000001b80)='./file0\x00', &(0x7f0000001bc0))
rename(&(0x7f0000001c40)='./file0\x00', &(0x7f0000001c80)='./file0\x00')
syz_open_pts()
getpeername$unix(r3, &(0x7f0000001cc0)=@abs, &(0x7f0000001d00)=0x8)
r4 = geteuid()
setuid(r4)
flock(r2, 0xc)
geteuid()
getsockopt$sock_cred(r2, 0xffff, 0x1022, &(0x7f0000001d40), &(0x7f0000001d80)=0xc)
mknod$loop(&(0x7f0000001dc0)='./file0\x00', 0x1001, 0x0)
getuid()
fsync(r3)
setuid(r4)

02:02:53 executing program 0:
r0 = socket$inet6(0x18, 0x2, 0x0)
getpeername(r0, &(0x7f0000000000)=@in, &(0x7f0000000040)=0xc)
getsockopt(r0, 0x200000029, 0x28, 0x0, 0x0)

02:02:53 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
fchdir(r0)
getsockopt$sock_int(r0, 0xffff, 0x4, 0x0, 0x0)

02:02:53 executing program 0:
mknod(&(0x7f0000000000)='./bus\x00', 0x80002002, 0x2a22)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
r1 = accept(r0, &(0x7f0000000080)=@in, &(0x7f0000000140)=0xffffffffffffffd3)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x10088, 0x2)
open(&(0x7f0000000100)='./bus\x00', 0x10002, 0x1)
r3 = getgid()
getsockopt$sock_cred(r2, 0xffff, 0x1022, &(0x7f0000000180)={0x0, <r4=>0x0}, &(0x7f00000001c0)=0xc)
fchown(r1, r4, r3)

02:02:53 executing program 1:
r0 = socket(0x18, 0x400000001002, 0x0)
write(r0, &(0x7f0000000080)="dac47fa1bce2a0ba59a70651551221801746d517f1a3bda9b7efcc1341451dcb1fc75d60d3de160cf754069a1d1c68c4851b86a509ad82b9eacfbb3715905aaf117ed22136d659a9ed97e04d1b5d641a5d8d4693c0e3fbf3c8ec2bf276bf1a5c3b625917419a6c2636d4f3dc8ce1326da716cc757caf0592be61e94acdd7466713992c749d88acc2d12f215e7ae13db7bda613e511b739ed2013679951ba04fd705cc54447b0583c46894da157d702288d7973a3da17cd6a0e442168b3752b56aaaa917312219ba025aafc99f195080065e4da7ed69ac0a9cd", 0xd9)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x73)
fcntl$dupfd(r0, 0x0, r0)
setsockopt$sock_int(r0, 0xffff, 0x1009, &(0x7f0000000000)=0x250b, 0x4)

02:02:53 executing program 0:
mknod(&(0x7f0000000040)='./bus\x00', 0x80002005, 0x4300)
stat(&(0x7f0000000100)='./bus\x00', &(0x7f0000000140))
r0 = open$dir(&(0x7f0000000000)='./bus\x00', 0x381, 0x0)
open$dir(&(0x7f00000000c0)='./bus\x00', 0x80, 0x1)
poll(&(0x7f0000000080)=[{r0}], 0x1, 0x0)

02:02:54 executing program 1:
mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0)
r0 = open(&(0x7f0000000380)='./bus\x00', 0x0, 0x102)
r1 = open(&(0x7f00009b7000)='./bus\x00', 0x4010b885, 0x0)
poll(&(0x7f0000000000)=[{r0}, {r0, 0x1}], 0x2, 0x0)
readv(r1, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/138, 0x8a}, {&(0x7f0000000100)=""/195, 0xc3}, {&(0x7f0000000200)=""/132, 0x84}], 0x3)

login: pckbd_enable: command error
02:02:54 executing program 0:
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x2000, 0xffffffffffffffff)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
munlock(&(0x7f0000fef000/0x10000)=nil, 0x10000)
ioctl$TIOCCONS(r0, 0x80047462, &(0x7f00000000c0))

02:02:54 executing program 1:
r0 = socket$inet(0x2, 0x5, 0x6)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x4810, r0, 0x0, 0x0)
r1 = kqueue()
r2 = dup(r1)
r3 = getpgid(0x0)
fcntl$setown(r2, 0x6, r3)
r4 = getpid()
ioctl$TIOCSDTR(r2, 0x20007479)
ioctl$TIOCSTOP(r2, 0x2000746f)
r5 = semget(0x2, 0x6, 0x620)
linkat(r2, &(0x7f0000000040)='./file0\x00', r2, &(0x7f0000000080)='./file0\x00', 0x4)
semop(r5, &(0x7f0000000000)=[{0x3, 0x2, 0x800}, {}, {0x3, 0x1, 0x1000}, {0x3, 0x40, 0x800}, {0x3, 0x703, 0x800}, {0x3, 0xffffffff, 0x1800}, {0x5, 0x4a9, 0x1800}, {0x4, 0x1, 0x1000}], 0x8)
fcntl$setown(r2, 0x6, r4)


panic: pool_do_get: semupl free list modified: page 0xffffff00785f8000; item addr 0xffffff00785f8ee0; offset 0x10=0xdeadbef1

Stopped at      db_enter+0xa:   popq    %rbp

    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND

 289206  27676      0           0          0    0  syz-executor1

*410451  27676      0           0  0x4000000    1K syz-executor1

db_enter() at db_enter+0xa

panic() at panic+0x147

pool_do_get(2,ffffffff81ed80f8,0) at pool_do_get+0x3e9

pool_get(ffff800021185d28,ffff8000210d8e28) at pool_get+0xb6

semundo_adjust(1,ffff800021185d28,ffff8000210d8e28,ffffff00785f9af0,ffff8000211

85d3a) at semundo_adjust+0xd5

sys_semop(1220,ffff8000210d8e28,0) at sys_semop+0x5a8

syscall(0) at syscall+0x489

Xsyscall(6,0,ffffffffffffffd2,0,3,3a279f49010) at Xsyscall+0x128

end of kernel

end trace frame: 0x3a528537540, count: 7

https://www.openbsd.org/ddb.html describes the minimum info required in bug

reports.  Insufficient info makes it difficult to find and fix bugs.

ddb{1}> 

ddb{1}> set $lines = 0

ddb{1}> show panic

pool_do_get: semupl free list modified: page 0xffffff00785f8000; item addr 0xffffff00785f8ee0; offset 0x10=0xdeadbef1

ddb{1}> trace

db_enter() at db_enter+0xa

panic() at panic+0x147

pool_do_get(2,ffffffff81ed80f8,0) at pool_do_get+0x3e9

pool_get(ffff800021185d28,ffff8000210d8e28) at pool_get+0xb6

semundo_adjust(1,ffff800021185d28,ffff8000210d8e28,ffffff00785f9af0,ffff800021185d3a) at semundo_adjust+0xd5

sys_semop(1220,ffff8000210d8e28,0) at sys_semop+0x5a8

syscall(0) at syscall+0x489

Xsyscall(6,0,ffffffffffffffd2,0,3,3a279f49010) at Xsyscall+0x128

end of kernel

end trace frame: 0x3a528537540, count: -8

ddb{1}> show registers

rdi               0xffffffff81e208b8    kprintf_mutex

rsi               0xffffffff8125fcb9    db_enter+0x9

rbp               0xffff800021185ad0

rbx               0xffff800021185b70

rdx               0xffff800002ad8000

rcx                           0x2c65    __ALIGN_SIZE+0x1c65

rax               0xffff800002ad8000

r8                0xffff800021185aa0

r9                0x8080808080808080

r10               0x139c1fcf270df12e

r11               0xffffffff816da490    x86_bus_space_io_read_1

r12                     0x3000000008

r13               0xffff800021185ae0

r14                            0x100

r15               0xffffffff81c3b433    apollo_udma100_tim+0xe293

rip               0xffffffff8125fcba    db_enter+0xa

cs                               0x8

rflags                         0x206

rsp               0xffff800021185ad0

ss                              0x10

db_enter+0xa:   popq    %rbp

ddb{1}> show proc

PROC (syz-executor1) pid=410451 stat=onproc

    flags process=0 proc=4000000<THREAD>

    pri=53, usrpri=53, nice=20

    forw=0xffffffffffffffff, list=0xffff8000210d92d8,0xffff8000210d9090

    process=0xffff800021070fd0 user=0xffff800021180000, vmspace=0xffffff007f125d68

    estcpu=3, cpticks=2, pctcpu=0.0

    user=0, sys=2, intr=0

ddb{1}> ps

   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND

 27676  289206   4314      0  7           0                syz-executor1

*27676  410451   4314      0  7   0x4000000                syz-executor1

 27676  472364   4314      0  2   0x4000080                syz-executor1

  4314  140894  81845      0  3        0x82  nanosleep     syz-executor1

  6571   93529  81845      0  3        0x82  nanosleep     syz-executor0

 81845  257619  42182      0  3        0x82  thrsleep      syz-fuzzer

 81845  220893  42182      0  3   0x4000082  nanosleep     syz-fuzzer

 81845  283532  42182      0  3   0x4000082  thrsleep      syz-fuzzer

 81845  327198  42182      0  3   0x4000082  thrsleep      syz-fuzzer

 81845  425135  42182      0  3   0x4000082  thrsleep      syz-fuzzer

 81845  504522  42182      0  3   0x4000082  thrsleep      syz-fuzzer

 81845  112322  42182      0  3   0x4000082  thrsleep      syz-fuzzer

 81845   11552  42182      0  3   0x4000082  thrsleep      syz-fuzzer

 81845  518251  42182      0  3   0x4000082  kqread        syz-fuzzer

 81845  336790  42182      0  3   0x4000082  thrsleep      syz-fuzzer

 42182  429307  90252      0  3    0x10008a  pause         ksh

 90252  372351  20089      0  3        0x92  select        sshd

 72061  104636      1      0  3    0x100083  ttyin         getty

 20089   60949      1      0  3        0x80  select        sshd

 64780  117239  31217     73  3    0x100090  kqread        syslogd

 31217   28944      1      0  3    0x100082  netio         syslogd

 45086  282644      1     77  3    0x100090  poll          dhclient

 91036  427372      1      0  3        0x80  poll          dhclient

 49190   28639      0      0  3     0x14200  pgzero        zerothread

 13445  450669      0      0  3     0x14200  aiodoned      aiodoned

 10551  237805      0      0  3     0x14200  syncer        update

 14873   15206      0      0  3     0x14200  cleaner       cleaner

 59555  469370      0      0  3     0x14200  reaper        reaper

 32115  331654      0      0  3     0x14200  pgdaemon      pagedaemon

 84486  158338      0      0  3     0x14200  bored         crynlk

  7343  246673      0      0  3     0x14200  bored         crypto

  6452  204626      0      0  3  0x40014200  acpi0         acpi0

 88553    2436      0      0  3  0x40014200                idle1

 95585  506136      0      0  3     0x14200  bored         softnet

 98037  336523      0      0  3     0x14200  bored         systqmp

 60509  225302      0      0  3     0x14200  bored         systq

 95056   41688      0      0  3  0x40014200  bored         softclock

 50971  258351      0      0  3  0x40014200                idle0

     1  483025      0      0  3        0x82  wait          init

     0       0     -1      0  3     0x10200  scheduler     swapper