Warning: Permanently added '10.128.0.127' (ECDSA) to the list of known hosts. 2020/08/01 20:21:09 fuzzer started 2020/08/01 20:21:13 dialing manager at 10.128.15.235:20965 2020/08/01 20:21:13 syscalls: 381 2020/08/01 20:21:13 code coverage: enabled 2020/08/01 20:21:13 comparison tracing: enabled 2020/08/01 20:21:13 extra coverage: support is not implemented in syzkaller 2020/08/01 20:21:13 setuid sandbox: enabled 2020/08/01 20:21:13 namespace sandbox: support is not implemented in syzkaller 2020/08/01 20:21:13 Android sandbox: support is not implemented in syzkaller 2020/08/01 20:21:13 fault injection: support is not implemented in syzkaller 2020/08/01 20:21:13 leak checking: support is not implemented in syzkaller 2020/08/01 20:21:13 net packet injection: enabled 2020/08/01 20:21:13 net device setup: support is not implemented in syzkaller 2020/08/01 20:21:13 concurrency sanitizer: support is not implemented in syzkaller 2020/08/01 20:21:13 devlink PCI setup: support is not implemented in syzkaller 2020/08/01 20:21:13 USB emulation: support is not implemented in syzkaller 2020/08/01 20:21:13 hci packet injection: support is not implemented in syzkaller 20:21:20 executing program 1: ioctl$VMM_IOC_CREATE(0xffffffffffffff9c, 0xc5005601, &(0x7f0000000000)={0x10, 0x3, 0x4, 0x0, [{&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x1ff}, {&(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x1000}, {&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff6000/0x4000)=nil, 0x1}, {&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x8}, {&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x1000}, {&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil}, {&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x3f}, {&(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0xfad}, {&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff2000/0xd000)=nil, 0x3ff}, {&(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ff8000/0x1000)=nil, 0x10001}, {&(0x7f0000ff4000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil}, {&(0x7f0000ff1000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil}, {&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff8000/0x2000)=nil, 0x9}, {&(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil}, {&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff7000/0x3000)=nil, 0x200}, {&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x2}], ['./file0\x00', './file0\x00', './file0\x00', './file0\x00'], './file0\x00', './file0\x00', './file0\x00', ['./file', './file', './file', './file'], 0xffffffff}) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000500)='/dev/zero\x00', 0x80, 0x0) getsockname$inet(r0, &(0x7f0000000540), &(0x7f0000000580)=0xc) getrusage(0xffffffffffffffff, &(0x7f00000005c0)) getrusage(0x0, &(0x7f0000000680)) getsockopt$SO_PEERCRED(r0, 0xffff, 0x1022, &(0x7f0000000740)={0x0, 0x0}, 0xc) seteuid(r1) connect$unix(r0, &(0x7f0000000780)=@abs={0x1, 0x0, 0x0}, 0x8) sysctl$net_inet_ah(&(0x7f00000007c0)={0x4, 0x2, 0x33, 0x3}, 0x4, &(0x7f0000000800)="e12744a652a014f69f23bfe947b540025a8722ea1b9541b18d38a836130cba0df7aa8978add8b91397a97c545cb6d821b631ac5a9188b8a8028bff", &(0x7f0000000840)=0x3b, &(0x7f0000000880)="75e20d6551aef426b9b2c471fdac38bb37246daa90cbc4014b2d1ef5b2271f8719a35d7c547ba9ca47eade6c925a2aab168c7ccf8a662ce84196719bc30df78ab796929d14743f959f3dc2d986dae5ce4911c229e89c8342e7cb2e931b42126238f798a9113c59d8b696e5214bbb72af6782f7f00753ad96d5a9259f73968ac43a3b52de8cdcd6cb68a3d5c16ab0940c73ce81ace5b21e06354cbbc2aa8c59780f6614c523e31d40a2e604f8e6c7a951c94f28a2144a8ae2f506dd88ee5dbfe5da557e2b9fcc3514dc9a4aee9f2661", 0xcf) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000980)='/dev/bpf\x00', 0x20000, 0x0) ioctl$BIOCSDLT(r2, 0x8004427a, &(0x7f00000009c0)=0x1) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/zero\x00', 0x10000, 0x0) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f0000000a40)={'tap', 0x0}) r4 = dup2(0xffffffffffffff9c, r3) ioctl$WSKBDIO_SETMAP(r4, 0x8010570e, &(0x7f0000000b00)={0x7, &(0x7f0000000a80)=[{0x1, 0x100, 0x6, 0x401}, {0x6, 0x81, 0x1, 0x0, 0x8001}, {0x3ff, 0x58b, 0x5, 0x8, 0x1}, {0x54a, 0x3, 0x6, 0xf7}, {0x400, 0x8, 0x101, 0x6, 0x40}, {0x101, 0x20, 0x8, 0x100, 0xff}, {0x7ff, 0x20, 0x1f, 0x1, 0xdb}]}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff}) setsockopt(r5, 0x5, 0xf7, &(0x7f0000000b80)="a2a114abdb0c749ea7071efcb9615e6c97fe27209fc3d3e41de10d4f10819dab136bcf9452135904ed49de1aad944a68b5d39eae4b0d40882d91b95dcd5597f8178be2f04527a8822ac93ccc5584fc07a6f6f0e862ba94f3719d75f75ecca5cdccee6ce98b9e022817ea899493a98a34", 0x70) ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000c00)={0x1, 0x3, 0x2, {[0x7, 0x95, 0x8001, 0x7fff, 0x4, 0x1, 0x1, 0x4, 0x0, 0x21, 0xfffffffffffffff9, 0x9, 0x2, 0x8000, 0x1ff, 0x0, 0x2, 0x1], [0xee, 0xe9c, 0x3, 0x8, 0x0, 0x8, 0xc6, 0x7, 0x9, 0x6], [0x5, 0x0, 0x3, 0x400, 0x4c8, 0x1f, 0x6], [0x1, 0x4, 0x100, 0x0, 0x20, 0x9], [{0x8, 0x2, 0x7, 0xd37}, {0x80, 0x8001, 0x1e2a, 0x3}, {0x9, 0x0, 0x80000000, 0x6}, {0x4, 0x2, 0x200, 0xd2}, {0x1000, 0x8, 0xec50}, {0x401, 0x2, 0xf607, 0xffffffffffffd04e}, {0xffff, 0x3, 0x2, 0x8}, {0x7ff, 0x8, 0x20}], {0xd148, 0x78f4fb41, 0x2, 0x40}, {0x8, 0x9, 0x20, 0x1}}}) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000e80)='/dev/null\x00', 0x40, 0x0) accept(r6, &(0x7f0000000ec0)=@in, &(0x7f0000000f00)=0xc) 20:21:20 executing program 0: r0 = msgget(0x3, 0x10) msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000000)=""/105) msgsnd(r0, &(0x7f0000000080)={0x1, "9f55d310ac36fb71049f57ff029ea81c9e326da1558b05364f7b89f95659ef519a0e643d9feb611285422a8c82f2d49441037e3a4f94202676f1ac7def4f854572bcdc5390182bcf013ff5b294ffb463bb9d70371a8f7eca798bf4d96b86837485b9121a6c8ea4a0650b9e79e46c98e129ea7c1c1de199ce448462de768acc3150db4bf64ae7ad8330f799dd86243b198db8"}, 0x9a, 0x800) r1 = semget(0x1, 0x2, 0x80) semop(r1, &(0x7f0000000140)=[{0x4, 0x9825, 0x1000}, {0x2, 0x0, 0x800}, {0x5, 0xdf, 0x800}, {0x3, 0x94, 0x800}, {0x4, 0x40, 0x800}, {0x0, 0xfff8, 0x800}], 0x6) r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bpf\x00', 0x2c1, 0x0) ioctl$BIOCGSTATS(r2, 0x4008426f, &(0x7f00000001c0)) msgsnd(0x0, &(0x7f0000000200)={0x0, "b34aedba2ec9a8013a03222d774430d807df7f771ada394f8d6e4fda9aa538ca5cc6682a57c5584975b954004acf8f1fe891cf10dc2ade3c7f7d011a648db85cd8e89a4e8d9fa219300feda295b532370ad85ecf8eff46fa1ad9a33099"}, 0x65, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x8, 0x8) recvfrom$inet6(r3, &(0x7f00000002c0)=""/253, 0xfd, 0x41, &(0x7f00000003c0)={0x18, 0x3, 0x4, 0xb392}, 0xc) ioctl$WSMOUSEIO_SRES(r3, 0x80045721, &(0x7f0000000400)=0x1) ioctl$TIOCSTOP(r3, 0x2000746f) sendto(r3, &(0x7f0000000440)="a3fbefa5097d970ed3626a696bc1", 0xe, 0x1, 0x0, 0x0) ioctl$BIOCGDIRFILT(0xffffffffffffffff, 0x4004427c, &(0x7f0000000480)) r4 = openat$wsdisplay(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/ttyCcfg\x00', 0x20, 0x0) ioctl$WSDISPLAYIO_GETSCREEN(r4, 0xc0245755, &(0x7f0000000500)={0x419f, './file0\x00', './file0\x00'}) semctl$GETPID(r1, 0x2, 0x4, &(0x7f0000000540)=""/41) syz_extract_tcp_res$synack(&(0x7f0000000580)={0x41424344}, 0x1, 0x0) syz_emit_ethernet(0xef, &(0x7f00000005c0)={@broadcast, @broadcast, [], {@ipv4={0x800, {{0x13, 0x4, 0x1, 0x31, 0xe1, 0x67, 0x0, 0x62, 0xff, 0x0, @loopback, @loopback, {[@generic={0x89, 0x9, "6a6be800ff324a"}, @ssrr={0x89, 0xf, 0x6, [@multicast1, @empty, @rand_addr=0xffffff60]}, @rr={0x7, 0xb, 0x3, [@empty, @empty]}, @rr={0x7, 0x13, 0x3f, [@local={0xac, 0x14, 0x0}, @multicast2, @loopback, @local={0xac, 0x14, 0x0}]}]}}, @tcp={{0x3, 0x2, 0x41424344, r5, 0x0, 0x0, 0x18, 0x2, 0x100, 0x0, 0x6, {[@md5sig={0x13, 0x12, "23e3d087ac87771492da241f77b1ea2e"}, @sack={0x5, 0x22, [0x5, 0x0, 0x8, 0x800, 0x9a0, 0x2, 0x5, 0xc000000]}, @window={0x3, 0x3, 0x4}, @sack={0x5, 0x12, [0x6, 0x4, 0x10000, 0x20]}, @nop]}}, {"6dbf5162799c4e3316afc977694c36ca1b773566ccb0c530f7090399d7c3eb010eb47317612d184a1a7f6f6dbd24e7b0bcf3178200"}}}}}}) fsync(0xffffffffffffff9c) 20:21:20 executing program 0: sysctl$hw(&(0x7f0000000000)={0x6, 0x18}, 0x2, &(0x7f0000000040), 0x0, 0x0, 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x8, 0x0) dup(r0) 20:21:20 executing program 1: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@remote, @remote, [], {@ipv4={0x800, {{0xa, 0x4, 0x1, 0x18, 0x30, 0x66, 0xff, 0x1, 0x2b, 0x0, @remote={0xac, 0x14, 0x0}, @broadcast, {[@end, @generic={0x44, 0xa, "3fbd0def043cbfaf"}, @end, @noop, @ssrr={0x89, 0x7, 0x1f, [@multicast2]}]}}, @icmp=@info_reply={0x10, 0x0, 0x0, 0x2d, 0x9}}}}}) r0 = socket(0x18, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) ioctl$WSDISPLAYIO_LDFONT(r1, 0x8058574d, &(0x7f00000000c0)={'./file0\x00', 0x9, 0x8, 0x101, 0x0, 0xffff3981, 0x9, 0x53d, 0x2, 0x2, 0x5, 0x7ff}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x8000, 0x0) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000080), 0xc) 20:21:20 executing program 0: r0 = getpid() ktrace(&(0x7f0000000080)='./file1\x00', 0x4, 0xfcfc96ac7f78659a, r0) chmod(&(0x7f0000000340)='./file0\x00', 0x102) ktrace(&(0x7f0000000040)='./file0\x00', 0x4, 0x12, 0x0) sysctl$net_inet_carp(&(0x7f0000000000)={0x4, 0x2, 0x70, 0x1}, 0x4, &(0x7f00000000c0)="d42c460b63fc99404230566305cdedf36d5b05f94617dddc6538a6fba64095be315e274ea1a8247f7cbad4aae8f507a68e4ebf1f1a64d051bbc672cf901af994134b1dc19c08ff77cedd43fd6675395c528381903f7cc7f6964de09da9659d1c4c4ef9", &(0x7f0000000140)=0x63, &(0x7f00000001c0)="2aa7788a031fd58293760f73be7ff5f04a691e2142a33196b72918b6cebb4969800ff4715b51d39b9c0a6c42393710b1b063bc6aabaf59eee2d9d728e56274d1594977bbf7239f74ed", 0x49) nanosleep(&(0x7f0000000180)={0x5}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)) r1 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r1, 0x0, r1) bind$inet6(r1, &(0x7f00000003c0)={0x18, 0x0, 0x2, 0x7}, 0xc) r2 = socket(0x18, 0x4000, 0x2) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$TIOCFLUSH(r3, 0x8080691a, &(0x7f0000000300)) ioctl$BIOCGRSIG(r3, 0x40044273, &(0x7f0000000380)) munlockall() r4 = socket(0x18, 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$VT_RELDISP(r5, 0x20007604, &(0x7f00000002c0)) ioctl$TIOCFLUSH(r5, 0x8080691a, &(0x7f0000000300)) ioctl$BIOCGDLTLIST(r5, 0xc010427b, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[0x1]}) 20:21:20 executing program 1: mknod(&(0x7f00000000c0)='./bus\x00', 0x2000, 0x86138) r0 = open(&(0x7f0000000040)='./bus\x00', 0x2, 0x0) write(r0, &(0x7f0000000140)="220e22", 0x3) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000180)={{}, 0x5000000000004, 0x120000000019d4, 0x0, 0xffffffffffffffff}) sysctl$fs(&(0x7f0000000000), 0x2, &(0x7f0000000200)="4333c1752470346190843c7eb683d5da1b02bb7bc8fb7d988939dea9bf8af63f9d0246023e7a2addc0ecf0ad6c552207d6459f0913afd5399f85dcf7b85fc0b8abaf380ea79ceeaebd9b113a6ae014fa2c02ff05c2cf7357d81f4e1876f05d346610bf6d8fcb27f14218cf72fedffd5d7d1de3232167443afc0b8541cabec55542d01d9bd338bf718032c6d592866c022c87ed13f179646939fc213b80534394", &(0x7f0000000080)=0xa0, &(0x7f0000000300)="02906900ae399432e0d4c00cc549807aa78a404103117a3bb251000b7e98e1077aa639f5475d1a66b892f5faf5010d30153995a20906000000000000eb8971113939d1948c03e9facd9aa614066e590cc1f084883a6c2cecc38cca523561c80e7733bf0dbcba1f091de2e94c7d2136e5c6", 0x71) getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000180), &(0x7f00000001c0)=0xc) pwritev(r0, &(0x7f00000002c0)=[{&(0x7f0000000180), 0xff20}], 0x100000000000005e, 0x0, 0x0) 20:21:20 executing program 1: syz_emit_ethernet(0x2b6, &(0x7f0000000140)={@broadcast, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "10fb7f", 0x280, 0x3a, 0xff, @rand_addr="0000000000000db74c00", @mcast2, {[@dstopts={0xa7, 0x1, [], [@jumbo={0xc2, 0x4, 0x4c00}, @ra={0x5, 0x2, 0x8}]}, @dstopts={0x32, 0x12, [], [@padn={0x1, 0x2, [0x0, 0x0]}, @ra={0x5, 0x2, 0x7}, @generic={0x80, 0x17, "1ce74abe60974605ea8fe3952586398c70b543bdc0619a"}, @generic={0x6, 0x48, "c4d574cc2b6689ce8909a12770e43e15050b522082b3f1bbbabf81652fc9cbcbe179abf169beeb2edbb0fbb911ffdee1ae94feabd8f2b0064c4315bb8b34be9b9ed2884e249712e1"}, @padn={0x1, 0x1, [0x0]}, @enc_lim={0x4, 0x1, 0x9}, @generic={0x1f, 0x18, "6fa9af96f56187be9478652b4b69d8845f24339afa3e23e6"}, @jumbo={0xc2, 0x4, 0x7d4}, @padn={0x1, 0x1, [0x0]}]}, @dstopts={0x0, 0x36, [], [@generic={0x2, 0xff, "cdfd11975062cfef296bd9c4337cea6952aaf435322cee819aa11e680300f71100c9230570eb7519272db0abb6d36a9047f27843749bed4c9f13f032098a63d717735b058a2f449ab3e8e28fbcd5606015ec046bfc989e94000c0dbf30e90b679dd953bb8dd93622221ee82f92d8a8f3c7a70572795a0b86679f08ff6f94411a3e7f7e7680d0156904534a173e8bf1bbcb9ea7a474602f56bf47cbe1e4a7eeb61d42a8d373de943305c703b42c44ac528908f8c0e57f87e48128b0a95844023fc145096574551aa07514ad4b43acd1ecc1b48b063fc5bbe52e97927aee1f1a56635266d73ca79d4bb5e4fa57deb753bd729eb477fede658f092ff1682589e2"}, @generic={0x9, 0xa7, "5dcbc819c961f958009a890d3f14a9cb9e81402976575c1584640f8ba03b924d92a7138f9c136911300c4b966c5002de79c5b5bf599b3528e4a4c9188605475e96bae74528f6a0639624c89cfb9672b61b08267e3b18f085e4d793d5fac1261ca1bb76ea598ae167ced2ce278143b40e772af4241531a3e382972508de2634e93a3185ec3d3d3f3fd570d63af7fee5e1e578709c57c0b6e6f52e8828f3a35459a3a052440ed4d8"}, @padn={0x1, 0x2, [0x0, 0x0]}, @pad1]}], @icmpv6=@ndisc_rs}}}}}) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10, 0x0) ioctl$WSKBDIO_GETENCODINGS(r0, 0xc0105715, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00']) 20:21:20 executing program 1: r0 = socket(0x18, 0x4000, 0x0) r1 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x8, &(0x7f0000000100)=0x8, 0x4) r2 = socket(0x18, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$TIOCFLUSH(r3, 0x8080691a, &(0x7f0000000300)) ioctl$WSMOUSEIO_SRES(r3, 0x80045721, &(0x7f0000000140)=0x100) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x800, 0x0) r4 = socket(0x18, 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$TIOCFLUSH(r5, 0x8080691a, &(0x7f0000000300)) r6 = socket(0x18, 0x2, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$TIOCFLUSH(r7, 0x8080691a, &(0x7f0000000300)) ioctl$VMM_IOC_READREGS(r7, 0xc2485607, &(0x7f0000000340)) r8 = fcntl$dupfd(r0, 0x0, r1) ioctl$TIOCFLUSH(r8, 0x8080691a, &(0x7f0000000300)) listen(r8, 0x7) sysctl$fs(&(0x7f0000000040)={0xa}, 0x8, 0x0, 0x0, 0x0, 0x0) login: pckbd_enable: command error 20:21:22 executing program 0: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[], [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1fe], [0x0, 0x0, 0x0, 0x9, 0xffffffffffefdfff], [0x0, 0x0, 0x482, 0x0, 0x400000000]}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) r2 = socket(0x18, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$TIOCFLUSH(r3, 0x8080691a, &(0x7f0000000300)) ioctl$TIOCMBIC(r3, 0x8004746b, &(0x7f0000000000)=0xd64) 20:21:22 executing program 1: sysctl$fs(&(0x7f0000000000)={0x3, 0x1}, 0x3, 0x0, 0x0, 0x0, 0x0) socket(0x18, 0x2, 0x0) r0 = socket(0x18, 0x2, 0x0) ioctl$TIOCFLUSH(0xffffffffffffffff, 0x8080691a, &(0x7f0000000300)) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) getsockopt(r1, 0x1, 0x6b1a23ea, &(0x7f0000000040)=""/117, &(0x7f00000000c0)=0x75) ioctl$BIOCGBLEN(r1, 0x40044266, &(0x7f00000001c0)) r2 = openat$wsdisplay(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyCcfg\x00', 0x909, 0x0) ioctl$KDSETMODE(r2, 0x20004b0a, &(0x7f0000000180)) r3 = getpid() sysctl$net_inet_ip(&(0x7f00000005c0)={0x4, 0x2, 0x0, 0x10}, 0x4, &(0x7f00000002c0)="88a0006ab55fd74b557ada08c3d022f8cfe426a55e9c08ee27ff30117f87751b72860b6b0a578d97c9c20cf4a5528cd860a21cdc", &(0x7f0000000200)=0x34, &(0x7f0000000500)="bd91d9906bd3b0a619fe040cadbcf52a2dc2448e7f5ef0ae9a10d96c70dbec114fe2c349c628927150cc99d5ac5af5b0ee14b96d72f626f533697f9b7c9de882b17c1d6d0399606281ede435eeb3c4369ec1b5cbf5e8955ee8d353df4f502ffb377a27fdee79d09eb96dc74b9b9d856b24786c5fc05dd748c4b8d3bd04fafe5ea99dd9d3500c23fd5383aed0f7efc3929075b51cfb347f804f59fb000000", 0x9e) ioctl$WSDISPLAYIO_SMODE(0xffffffffffffffff, 0x8004574c, &(0x7f0000000280)) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$TIOCFLUSH(r4, 0x8080691a, &(0x7f0000000100)) ioctl$WSDISPLAYIO_SMODE(r4, 0x8004574c, &(0x7f0000000240)=0x1) sendsyslog(&(0x7f0000000340)="446adf41c022dff174cd0985e8b1bc4d4bbca36a61aed5d24cf400082a2cdc1f0963dbe43e3908163901387a9159d16bbf2c0732b308718c850b3fe9990a6d94feb6d67a7b63802ae0175c820fe12a79972f1d5827b5a08fe93a558ad2ec0b8ea1576b624e94c9a86b2bc3305840232a659b5c589055e9e9d8cc878c216a3bb463567adb0e02da088711552bf559dbe5ee4339ce5afd125fe939c06e336192c8efea35cdfad1ab5e1cd5691b1ae6fd003123166de55c19faad442055d1d8468ef665e6751e9673db51e7bb38de84b16858f74154d94a2c1cdf8fff2e3ad403ce39d25843eb35ca8d3a205bb7", 0xec, 0x15) ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f7861ba, r3) getpgid(r3) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000440)={{0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x4, 0x3a70, 0x0, 0x0, 0x1, 0x9, 0x9}) pckbd_enable: command error 20:21:22 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000280)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000100)={'tap', 0x0}) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x44}, {0x1d}, {0x4006}]}) syz_emit_ethernet(0x12, &(0x7f00000000c0)={@empty, @empty, [{[], {0x8100, 0x3, 0x1, 0x1}}]}) panic: tcp_output: template len != hdrlen - optlen Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 82578 14530 0 0x12 0 0 sshd db_enter() at db_enter+0x18 panic(ffffffff823ff6ee) at panic+0x164 tcp_output(ffff800000ac5030) at tcp_output+0x2ad0 tcp_usrreq(fffffd805da74328,9,fffffd805e0a8700,0,0,ffff80001d702500) at tcp_usrreq+0xa54 sosend(fffffd805da74328,0,ffff80001d6c9528,0,0,80) at sosend+0x669 dofilewritev(ffff80001d702500,4,ffff80001d6c9528,0,ffff80001d6c9610) at dofilewritev+0x1ab sys_write(ffff80001d702500,ffff80001d6c95c0,ffff80001d6c9610) at sys_write+0x83 syscall(ffff80001d6c9690) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffc6dc0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic tcp_output: template len != hdrlen - optlen ddb> trace db_enter() at db_enter+0x18 panic(ffffffff823ff6ee) at panic+0x164 tcp_output(ffff800000ac5030) at tcp_output+0x2ad0 tcp_usrreq(fffffd805da74328,9,fffffd805e0a8700,0,0,ffff80001d702500) at tcp_usrreq+0xa54 sosend(fffffd805da74328,0,ffff80001d6c9528,0,0,80) at sosend+0x669 dofilewritev(ffff80001d702500,4,ffff80001d6c9528,0,ffff80001d6c9610) at dofilewritev+0x1ab sys_write(ffff80001d702500,ffff80001d6c95c0,ffff80001d6c9610) at sys_write+0x83 syscall(ffff80001d6c9690) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffc6dc0, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80001d6c9090 rbx 0xffff80001d6c9140 rdx 0x8b rcx 0x2 rax 0x1 r8 0xffff80001d6c9050 r9 0xffffffff815b7cff kprintf+0x15f r10 0x1 r11 0xd5bfde72bd575770 r12 0x3000000008 r13 0xffff80001d6c90a0 r14 0x100 r15 0x1 rip 0xffffffff82254f08 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80001d6c9080 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (sshd) pid=82578 stat=onproc flags process=12 proc=0 pri=24, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff80001d703158,0xffff80001d702298 process=0xffff80001d7043c8 user=0xffff80001d6c4000, vmspace=0xfffffd806bc0abb0 estcpu=0, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 31166 216433 88792 0 2 0 syz-executor.1 31166 497644 88792 0 2 0x4000000 syz-executor.1 90439 198304 50363 0 2 0x2 syz-executor.0 88792 405511 50363 0 2 0x482 syz-executor.1 50363 341969 29394 0 3 0x82 thrsleep syz-fuzzer 50363 2294 29394 0 2 0x4000482 syz-fuzzer 50363 166909 29394 0 2 0x4000002 syz-fuzzer 50363 402085 29394 0 3 0x4000082 thrsleep syz-fuzzer 50363 253413 29394 0 3 0x4000082 thrsleep syz-fuzzer 50363 231410 29394 0 3 0x4000082 thrsleep syz-fuzzer 50363 127844 29394 0 3 0x4000082 thrsleep syz-fuzzer 29394 428860 14530 0 3 0x10008a pause ksh *14530 82578 93669 0 7 0x12 sshd 2788 211661 1 0 3 0x100083 ttyin getty 93669 27072 1 0 3 0x80 select sshd 3544 18789 71203 73 3 0x100090 kqread syslogd 71203 359111 1 0 3 0x100082 netio syslogd 98905 47807 1 77 3 0x100090 poll dhclient 95239 112493 1 0 3 0x80 poll dhclient 74676 264048 0 0 3 0x14200 bored smr 9198 296408 0 0 2 0x14200 zerothread 22386 112839 0 0 3 0x14200 aiodoned aiodoned 66522 237425 0 0 3 0x14200 syncer update 63767 242733 0 0 3 0x14200 cleaner cleaner 97999 43142 0 0 3 0x14200 reaper reaper 84945 301966 0 0 3 0x14200 pgdaemon pagedaemon 28426 119453 0 0 3 0x14200 bored crynlk 35815 89886 0 0 3 0x14200 bored crypto 54933 444315 0 0 3 0x40014200 acpi0 acpi0 47103 150843 0 0 3 0x14200 bored softnet 27248 128911 0 0 3 0x14200 bored systqmp 95408 26899 0 0 3 0x14200 bored systq 56401 327197 0 0 3 0x40014200 bored softclock 28251 397001 0 0 3 0x40014200 idle0 1 23740 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9451 6325K 6333K 78643K 10555 0 pcb 13 8K 8K 78643K 13 0 rtable 105 3K 3K 78643K 191 0 ifaddr 44 10K 10K 78643K 48 0 counters 21 16K 16K 78643K 21 0 ioctlops 0 0K 2K 78643K 17 0 iov 0 0K 2K 78643K 2 0 mount 1 1K 1K 78643K 1 0 vnodes 1218 77K 77K 78643K 1224 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 0K 0K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 5 13K 25K 78643K 45 0 proc 47 38K 54K 78643K 358 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 33 2K 2K 78643K 33 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 19 95K 95K 78643K 19 0 exec 0 0K 1K 78643K 181 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 136 23K 24K 78643K 965 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 6 0K 0K 78643K 10 0 temp 66 3851K 3915K 78643K 1786 0 kqueue 3 4K 4K 78643K 3 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 rtpcb 88 19 0 17 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 31 0 23 1 0 1 1 0 8 0 syncache 272 4 0 4 1 1 0 1 0 8 0 tcpqe 32 173 0 173 1 0 1 1 0 8 1 tcpcb 592 10 0 6 1 0 1 1 0 8 0 inpcb 296 52 0 45 2 0 2 2 0 8 1 nd6 48 6 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 188 0 0 12 0 12 12 0 8 0 art_table 32 189 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1428 0 32 88 0 88 88 0 8 0 ffsino 240 1428 0 32 83 0 83 83 0 8 0 nchpl 144 1664 0 64 60 0 60 60 0 8 0 uvmvnodes 72 1473 0 0 27 0 27 27 0 8 0 vnodes 208 1473 0 0 78 0 78 78 0 8 0 namei 1024 4094 0 4094 1 0 1 1 0 8 1 scxspl 200 4590 0 4590 1 0 1 1 0 8 1 plimitpl 152 14 0 7 1 0 1 1 0 8 0 sigapl 424 231 0 203 4 0 4 4 0 8 0 futexpl 56 263 0 263 1 0 1 1 0 8 1 knotepl 112 62 0 42 1 0 1 1 0 8 0 kqueuepl 152 2 0 0 1 0 1 1 0 8 0 pipepl 272 69 0 58 1 0 1 1 0 8 0 fdescpl 432 217 0 203 2 0 2 2 0 8 0 filepl 120 1060 0 963 4 0 4 4 0 8 1 lockfpl 104 9 0 8 1 0 1 1 0 8 0 lockfspl 48 4 0 3 1 0 1 1 0 8 0 sessionpl 120 17 0 7 1 0 1 1 0 8 0 pgrppl 48 17 0 7 1 0 1 1 0 8 0 ucredpl 96 48 0 41 1 0 1 1 0 8 0 zombiepl 144 203 0 203 1 0 1 1 0 8 1 processpl 944 231 0 203 4 0 4 4 0 8 0 procpl 632 251 0 216 4 0 4 4 0 8 0 sockpl 400 102 0 85 4 0 4 4 0 8 2 mcl8k 8192 1 0 1 1 0 1 1 0 8 1 mcl4k 4096 10 0 10 2 1 1 1 0 8 1 mcl2k 2048 94697 0 94648 18 2 16 16 0 8 7 mtagpl 96 2 0 2 1 1 0 1 0 8 0 mbufpl 256 149379 0 149295 10 1 9 9 0 8 0 bufpl 280 3231 0 116 223 0 223 223 0 8 0 anonpl 16 37125 0 21165 67 2 65 65 0 107 0 amapchunkpl 152 1143 0 965 10 0 10 10 0 158 1 amappl16 192 988 0 162 42 0 42 42 0 8 0 amappl15 184 6 0 4 1 0 1 1 0 8 0 amappl14 176 2 0 1 1 0 1 1 0 8 0 amappl13 168 35 0 31 1 0 1 1 0 8 0 amappl12 160 28 0 22 1 0 1 1 0 8 0 amappl11 152 41 0 32 1 0 1 1 0 8 0 amappl10 144 23 0 18 1 0 1 1 0 8 0 amappl9 136 338 0 337 1 0 1 1 0 8 0 amappl8 128 330 0 284 2 0 2 2 0 8 0 amappl7 120 108 0 96 1 0 1 1 0 8 0 amappl6 112 23 0 20 1 0 1 1 0 8 0 amappl5 104 180 0 169 1 0 1 1 0 8 0 amappl4 96 427 0 399 1 0 1 1 0 8 0 amappl3 88 117 0 108 1 0 1 1 0 8 0 amappl2 80 923 0 858 2 0 2 2 0 8 0 amappl1 72 13803 0 13387 23 8 15 17 0 8 6 amappl 80 490 0 439 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 217 0 203 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 217 0 203 1 0 1 1 0 8 0 vmmpekpl 168 5659 0 5636 2 0 2 2 0 8 0 vmmpepl 168 34261 0 32313 159 6 153 153 0 357 68 vmsppl 272 216 0 203 2 0 2 2 0 8 1 pdppl 4096 440 0 406 6 0 6 6 0 8 1 pvpl 32 125404 0 106512 156 0 156 156 0 265 3 pmappl 200 216 0 203 1 0 1 1 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 235 0 7 7 0 7 7 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x18 panic(ffffffff823ff6ee) at panic+0x164 tcp_output(ffff800000ac5030) at tcp_output+0x2ad0 tcp_usrreq(fffffd805da74328,9,fffffd805e0a8700,0,0,ffff80001d702500) at tcp_usrreq+0xa54 sosend(fffffd805da74328,0,ffff80001d6c9528,0,0,80) at sosend+0x669 dofilewritev(ffff80001d702500,4,ffff80001d6c9528,0,ffff80001d6c9610) at dofilewritev+0x1ab sys_write(ffff80001d702500,ffff80001d6c95c0,ffff80001d6c9610) at sys_write+0x83 syscall(ffff80001d6c9690) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffc6dc0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x18 panic(ffffffff823ff6ee) at panic+0x164 tcp_output(ffff800000ac5030) at tcp_output+0x2ad0 tcp_usrreq(fffffd805da74328,9,fffffd805e0a8700,0,0,ffff80001d702500) at tcp_usrreq+0xa54 sosend(fffffd805da74328,0,ffff80001d6c9528,0,0,80) at sosend+0x669 dofilewritev(ffff80001d702500,4,ffff80001d6c9528,0,ffff80001d6c9610) at dofilewritev+0x1ab sys_write(ffff80001d702500,ffff80001d6c95c0,ffff80001d6c9610) at sys_write+0x83 syscall(ffff80001d6c9690) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffc6dc0, count: -9