Warning: Permanently added '10.128.10.1' (ECDSA) to the list of known hosts.
2020/07/09 03:50:08 fuzzer started
2020/07/09 03:50:13 dialing manager at 10.128.15.235:17096
2020/07/09 03:50:13 syscalls: 381
2020/07/09 03:50:13 code coverage: enabled
2020/07/09 03:50:13 comparison tracing: enabled
2020/07/09 03:50:13 extra coverage: support is not implemented in syzkaller
2020/07/09 03:50:13 setuid sandbox: enabled
2020/07/09 03:50:13 namespace sandbox: support is not implemented in syzkaller
2020/07/09 03:50:13 Android sandbox: support is not implemented in syzkaller
2020/07/09 03:50:13 fault injection: support is not implemented in syzkaller
2020/07/09 03:50:13 leak checking: support is not implemented in syzkaller
2020/07/09 03:50:13 net packet injection: enabled
2020/07/09 03:50:13 net device setup: support is not implemented in syzkaller
2020/07/09 03:50:13 concurrency sanitizer: support is not implemented in syzkaller
2020/07/09 03:50:13 devlink PCI setup: support is not implemented in syzkaller
2020/07/09 03:50:13 USB emulation: support is not implemented in syzkaller
03:50:20 executing program 0:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffff9c)
getsockname(r0, &(0x7f0000000000)=@in, &(0x7f0000000040)=0xc)
r1 = geteuid()
seteuid(r1)
sendto$inet6(r0, &(0x7f0000000080)="0c6c1a2dc176bb4017adbd5ccd4f891f014c866f3529a2aaafde1924c2a69a3b4f80e5d3a49238747adb6839ed4ed40c3e2978", 0x33, 0xd, &(0x7f00000000c0)={0x18, 0x1, 0xfffffffb, 0x3}, 0xc)
r2 = getegid()
chown(&(0x7f0000000100)='./file0\x00', r1, r2)
sysctl$net_inet_esp(&(0x7f0000000140)={0x4, 0x2, 0x32, 0x2}, 0x4, &(0x7f0000000180)="183b82d3545e428131bca4861018d4030f3265021b04da0253be84e9b4ebf70b287aabdbb3c608301eebe176de0a3184a2db99e1493c0f24206a8ec40bdbed102bf5896dfe986a64f28ae635588699bd12b257e7c656ae4a2a8c4729f75980da5f93a793c6a3abf248cdade8ee7cd540741d9afeacc7363785b4f8ba0128675a05467c2f33b94e13f9", &(0x7f0000000240)=0x89, &(0x7f0000000280)="79e53f004b5703c5f1642b2164117a9b", 0x10)
r3 = shmget(0x2, 0x4000, 0x10, &(0x7f0000ff9000/0x4000)=nil)
shmat(r3, &(0x7f0000fff000/0x1000)=nil, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x80, 0xa)
ioctl$BIOCSRTIMEOUT(r4, 0x8010426d, &(0x7f0000000300)={0x80000001, 0x1})
ioctl$WSKBDIO_SETDEFAULTKEYREPEAT(r0, 0x800c5709, &(0x7f0000000340)={0x7ff, 0x1, 0xf25})
getsockopt$sock_cred(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f00000003c0)={<r5=>0x0}, &(0x7f0000000400)=0xc)
ktrace(&(0x7f0000000380)='./file1\x00', 0x2, 0x0, r5)
sysctl$net_inet6_ip6(&(0x7f0000000440)={0x4, 0x18, 0x29, 0x30}, 0x4, &(0x7f0000000480)="c16108116392e7f8b7b2afea0ed36167c5583c99e23af7f8babfccae42448589e1892bbdcdf5a545f1082d798b5e14215d4a514c95bb0db9d4eb5ed0492973dc6acfe1fd34e0501087a0af24e2a9c5f12fe4ee0f55c6deee052da81db75fb47f5533a6d45e6c78d454a160975ab95e11dee63de626f6669d586812e06f331080a6dd131d90f1e83c748232ae6f574e3df137e3064d232d62d509e7f3dee07ccb534cd11014fdab2e1b769dbfca08ef3ca4f39e1ff583ae36836904b71bea137d466cdf6b2bf0fab0ad4c80219529dd7c953deb59a5adeeb502208152976ac5c3b8a8786a7ef306add9a3ec192a1cac43774d3ed417f5", &(0x7f0000000580)=0xf6, &(0x7f00000005c0)="319c083df8d5177a8439b68f933ee34e66e2e7ba43883d5c40799bda513600b483d0374ecad1c45ba09eff8e991752ba4073d4cb599ab37ae15265245a05842e4e1802a39a96f4b1a893cdc678b13fe40433d3595bd8df85d3bbff879fd5fa3b8ca72f0b2471cde3aaf73f73b2bf64e338d9a1593b4e609f6fb5f87ed60799607d4ea886afe77fdd7ea84b19804dd2b0eeac9d81e667676d34c168ba7d2f666bdbb288cfebf5d1b7da8ff895f1db4bc385bc3353fd16caff1308479ab1a3e81c9f", 0xc1)
r6 = openat(0xffffffffffffffff, &(0x7f00000006c0)='./file1\x00', 0x20, 0x21)
connect$inet6(r6, &(0x7f0000000700)={0x18, 0x0, 0xc79, 0x1}, 0xc)
semctl$GETVAL(0xffffffffffffffff, 0x4, 0x5, &(0x7f0000000740)=""/192)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001140)={&(0x7f0000000800)=@abs={0x0, 0x0, 0x0}, 0x8, &(0x7f0000001080)=[{&(0x7f0000000840)="8c3228392fb45b86fb6477f9baecdafab0f1f9fd8923e0a83fc2e4c8c2c105e4ff9e101e47b3fd32e8b70499929c158dfb91e6a74771c0e17599af7f501c39e797364ee7805688a9269a7a9172e9c9097c8d31366b6c7f30927a1d27e31cd78b5c3dab9dc4c710c6d908adbca70c32d02a136358d25439308038d5105e5037486b68a2b9cb05cf1590be5b4ec11ad9c0c73055d684f608f3e13d1ce8d2524a71d47274c06e064448b4fabe78e02e52a9bed2e2988c76469473521d079cdc499429ee357f8aca8e5df696d10cc59ca072f66e66351b", 0xd5}, {&(0x7f0000000940)="fd1647e7d42d8dcdd1e4a83609035e35692b8208b8e662c15a80fb743a6406d95f8f8ef521b07599e3861c40d9c6cbbbe9477e69d478a3312e31e017ef31d4dcd993ce3dbc739553642ee5ffaa63c7ccc16adf910b390f43b81794415246752fcef0f4fd6eaa1799c7b1207ae52bc027c45c53f2088d787a6132109f1e800b0b7a5de8456237456aa77b1bcb4ebe27c0a3674576c19796b8dec26105a349f55fdedcac47539bbddb64f8dadb0911393d63539130e93dd60a046af0418ec5405c", 0xc0}, {&(0x7f0000000a00)="7fc08efd84b707a30896e8da40cd8296573632f1ba26cdf04ac80767c2965d806d5f5f0cd05109ec62e65e26354011d4046f034a7d5692a9b3aff0366a107f66bc0297547b01ee04571066ddcf7c316944fe9f2da0d5187f5adaf120fd3a83fad17324be0ead8c6f1951bbf8eac457acc460a2bcd4dd7ad4714c040ff235a8cf28d26369c47337eb2457c83c0c43459ca97eb83465fef00acde6420e2746dae522002e749bbb7e1a75de27eee9d3b0945e05282172c50dda39f920f3727c50b437584e6205ac8a6c3f53", 0xca}, {&(0x7f0000000b00)="6ff157a3313d31", 0x7}, {&(0x7f0000000b40)="79a5ee2e666682882f0838c77b9657eee0a9b8a07cdd16e3753ee46829b86c4b9f214dcaf3aed712d3e14d23256d4052527098166f67f638503d698a987911e93e0f7415196dbaeba97a730dbe4ef7d26bb511d8ce40ca44192879923036e4b561beb71f8ea76d16213354a64cb5e5f84b74b87f06c6296cce27d7dc571bab57c5884e195abe0c98193b964810021249d9ee601f3ad5f8f8fbdbffc6ce7ce19024", 0xa1}, {&(0x7f0000000c00)="4f6c3de15e49a0a937e6c313fa5e3bdb62058806b595c472d55f33da6c063ea18839228b2c70d70b86054aa72614d145787853c8e39d0962efce1cb7f255dae5004e7961a5b50f7bc104f8e14eb400c5dcddb9fbba89affc7f91368da15b712856e09a3e2e1416c790962441a02408b5fb28d0621a3b41480b34adec3033ef2ed04bce0be0e4e8fb02f0698cc5844d0df2b70b2b05db6f", 0x97}, {&(0x7f0000000cc0)="9f51f270f1a322e9c5df7db374aef43ff52db48ccd9cd5bcd400616b120ac59d1058d70efe0738ac1d768b6dc3366d942ebf906bd0f05df2faff470b702bb15120d63ada3af9dbc386f3eb8fb5d4610e224e5f5b7028592741a3f0506d870337cf0394a1f6c7e1d13278655b3b0c972086cdf30b5ab6cd907d11e6ce4dea278d786cc7a94e7245", 0x87}, {&(0x7f0000000d80)="c3b72c18edd64e38317d6d1c70046b8bcf2b0f04ac5c1ec9010006f242b3fb4d9957c2c8719d5a8cd04410d2cfc4a526250658cb4f9f7fcc529ab90fb8118588238cec18c1f3c822b1f823ad349a2536e7accd4a2c8f862f0f876716dd4103b6851b69b6e3c6b2c8610f5ade18a3fb626ae60c0a6dc7fd44c6bfa5407f6f08c0625d2ad1cb4a110c9046eaf8aa92db1c83aff1a6a450e16fd2a2ba3403584504089a338da11d8bf10190af7ae54e8f93b570d5ecefd9e0cee0dd36c49f3505cee1942e9698f2a47246d2f1a961d2fbd73055194d4e73f8605ed47189961412eb1e635d2cd6fa093ab9a67ac408ab15", 0xef}, {&(0x7f0000000e80)="ed6b427cd5e78caa2ae95d3ba69f443b759aa00d86c4e17f2954386ede54169a948334982e14c08097c8db7c9d85c665742007bea6f7b7621f40c83aabf728991d9045522e7f8860dc603e0ca6046fc6b08fb112b2792b8e751c1541183a1ee8ffc278f4cd3529f099ace7572552a7beb853507636ad43e1ccdf8f3009e6548e7e5985ff7da51d3cf45b2c9105a1187961ce0e66a84bf8c685811e396ac2491259a96202d7b268016e41d944d009309976823cc9928193da58b65cd3bb603f4ae23ec14e09bc25f1be7fc5b35a70779d6bd7dd5866a5522eeb287bab600aaa", 0xdf}, {&(0x7f0000000f80)="1d384396e23876139326b1798ba5040e8d44a0aced2b7047466a147457306e23c9e653e049b7aeb2712622a1b964155a00713b66535d9b88dc583aeeaab56626ebc0e3c09e1b790418be62cae3cb6ff69257e78d7031a8f1f01c208dd534ed7757d6c23a99ad2a0111fab3115263a5b4b0cb20218be216a9f0bc1e8dd2bcb1d71c297e79237900bb8e9a30dcf24b01ec99c62cffb2960c0ab052e2f47db7c364af6e3f38ae49d30f928b7da33d1657eff7e08b4ee92e0ec320d1b72ba77044b16d8e33fbe6b2d53d93a3c2", 0xcb}], 0xa, 0x0, 0x0, 0x404}, 0x40c)

03:50:20 executing program 1:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x800, 0x0)
ioctl$VMM_IOC_READREGS(r0, 0xc2485607, &(0x7f0000000080))
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)
fcntl$getflags(r0, 0x1)
ioctl$VMM_IOC_CREATE(r0, 0xc5005601, &(0x7f0000000300)={0x10, 0x100, 0x4, 0x3, [{&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x893}, {&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x9}, {&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x3}, {&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x2fd}, {&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fed000/0x12000)=nil, 0x3}, {&(0x7f0000fef000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x1ff}, {&(0x7f0000ff2000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x7}, {&(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, 0x3}, {&(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3}, {&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fe9000/0x13000)=nil, 0x6}, {&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000fee000/0x1000)=nil, 0x3f}, {&(0x7f0000ff1000/0xa000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x10000}, {&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, 0x401}, {&(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff6000/0x1000)=nil, 0xbf}, {&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000c00000/0x400000)=nil}, {&(0x7f0000d97000/0x1000)=nil, &(0x7f0000fc7000/0x1000)=nil, 0x2}], ['./file0\x00', './file0\x00', './file0\x00', './file0\x00'], './file0\x00', './file0\x00', './file0/file0\x00', ['./file', './file', './file', './file'], 0x883})
r1 = socket(0x1, 0x1, 0x0)
ioctl$WSMOUSEIO_SRES(0xffffffffffffffff, 0x80045721, &(0x7f0000000800)=0x24f)
r2 = accept$unix(0xffffffffffffffff, &(0x7f0000000840)=@abs, &(0x7f0000000880)=0x8)
accept$unix(r2, &(0x7f00000008c0)=@file={0x0, ""/4096}, &(0x7f0000001900)=0x1002)
r3 = openat$pci(0xffffffffffffff9c, &(0x7f0000001940)='/dev/pci\x00', 0x80, 0x0)
pwritev(r3, &(0x7f00000019c0)=[{&(0x7f0000001980)="49c6b27399354c7b5f6a480783f5fae93210ee3faa0624337c1a9a33e4685b248e3c94c6f71497dc0909a9ca1e9dfeb6808091b8e460558ef02f", 0x3a}], 0x1, 0x0, 0x2)
r4 = open(&(0x7f0000001a00)='./file0/file0\x00', 0x20000, 0x45)
pwritev(r4, &(0x7f0000001ac0)=[{&(0x7f0000001a40)="1b19ae41fa2637ef08f1db0db5686be3fa9da15c32743d434a32a5e3bd98ccee0c31a2ebf65653f068459ae28171333589ff5bd215b29aa238ead683d7336c7b75", 0x41}], 0x1, 0x0, 0x9930)
r5 = socket$inet(0x2, 0x4000, 0x0)
ioctl$FIONREAD(r5, 0x4004667f, &(0x7f0000001b00))
close(r1)
r6 = openat(r0, &(0x7f0000001b40)='./file\x00', 0x10, 0x94)
ioctl$WSDISPLAYIO_ADDSCREEN(r6, 0x80245753, &(0x7f0000001b80)={0x0, './file1\x00', './file0/file0\x00'})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

03:50:20 executing program 0:
faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
clock_gettime(0x5, &(0x7f0000000400))
r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x80, 0x41)
r1 = syz_open_pts()
close(r1)
close(r1)
r2 = syz_open_pts()
ioctl$TIOCSETA(r2, 0x802c7414, &(0x7f0000000080)={0x0, 0x0, 0xfffffffe, 0xfffffffffffffffd, "d200efffffffffff6030ac8fc9e5510900000002"})
read(r2, &(0x7f0000000100)=""/3, 0x3)
r3 = syz_open_pts()
ioctl$TIOCSETA(r3, 0x802c7414, &(0x7f0000000080)={0x0, 0x0, 0xfffffffe, 0xfffffffffffffffd, "d200efffffffffff6030ac8fc9e5510900000002"})
read(r3, &(0x7f0000000100)=""/3, 0x3)
r4 = syz_open_pts()
ioctl$TIOCSETA(r4, 0x802c7414, &(0x7f0000000080)={0x0, 0x0, 0xfffffffe, 0xfffffffffffffffd, "d200efffffffffff6030ac8fc9e5510900000002"})
read(r4, &(0x7f0000000100)=""/3, 0x3)
pipe(&(0x7f0000000180)={<r5=>0xffffffffffffffff})
r6 = syz_open_pts()
write(r6, &(0x7f00000014c0)="8fc3c1f9ea6e15b7e080f7588caf9f8abbe1d3daf1b5e0615d6475c96023c9dd67452432e1d643870f7bfaa82a7c43d54408f402443678f6ceae9613432995bd76565cdaa921d977f1f2496a403a3a0dbf1172e80b7f983e32d1fcd7308e7023af6a6c03416c5f39b7cd56a54f38617821846d4a7748f0587578c89b70f7cade5775b276a28e89a8755b2408281adfe3bc1d54a084a1b58d0d3071887d6dae94cea0cc2d26ceb2f96a1432d061d1c7b123b36bf58cb8098b0faf44736d54f3bd02a924d58876713618659c4b2fae8e4489f37e1c2f48776bc3e355522a6de700a6cfedb677f099e93ae477ba243a022877697c95e3d2", 0xf6)
kevent(0xffffffffffffffff, &(0x7f00000000c0)=[{{}, 0xfffffffffffffffb, 0x8, 0xf0000000, 0x5}, {{}, 0xfffffffffffffffd, 0x70, 0x10, 0x3f, 0x2}, {{}, 0xfffffffffffffffc, 0xb7, 0x40, 0x2, 0x6}, {{}, 0xfffffffffffffffb, 0x40, 0x1, 0x4, 0x80000001}, {{r0}, 0xfffffffffffffffc, 0x0, 0x4, 0x1, 0xed}], 0xfffffffd, &(0x7f00000001c0)=[{{r1}, 0xfffffffffffffffe, 0x14, 0x20000000, 0x29, 0xffff}, {{r2}, 0xfffffffffffffffc, 0x0, 0x20, 0x9c0, 0x2e}, {{r3}, 0x2, 0x9, 0x2, 0xe05, 0x7}, {{r4}, 0xfffffffffffffffc, 0xdc, 0x80, 0x4, 0x3f6}, {{}, 0xfffffffffffffffe, 0x85, 0x10, 0x4, 0x401}, {{r5}, 0x2, 0x2e, 0x1, 0x80000000, 0xff}, {{r6}, 0xfffffffffffffff8, 0x80, 0x1, 0x2, 0x1}], 0x7f, &(0x7f00000002c0)={0x7, 0x1})
shmget$private(0x0, 0x4000, 0x204, &(0x7f0000ff9000/0x4000)=nil)

03:50:20 executing program 1:
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0)
r1 = syz_open_pts()
write(r1, &(0x7f00000014c0)="8fc3c1f9ea6e15b7e080f7588caf9f8abbe1d3daf1b5e0615d6475c96023c9dd67452432e1d643870f7bfaa82a7c43d54408f402443678f6ceae9613432995bd76565cdaa921d977f1f2496a403a3a0dbf1172e80b7f983e32d1fcd7308e7023af6a6c03416c5f39b7cd56a54f38617821846d4a7748f0587578c89b70f7cade5775b276a28e89a8755b2408281adfe3bc1d54a084a1b58d0d3071887d6dae94cea0cc2d26ceb2f96a1432d061d1c7b123b36bf58cb8098b0faf44736d54f3bd02a924d58876713618659c4b2fae8e4489f37e1c2f48776bc3e355522a6de700a6cfedb677f099e93ae477ba243a022877697c95e3d2", 0xf6)
ioctl$TIOCSBRK(r1, 0x2000747b)
kevent(0xffffffffffffffff, &(0x7f0000000300)=[{{r0}, 0xfffffffffffffffe, 0xb}], 0x0, 0x0, 0x0, 0x0)
r2 = kqueue()
kevent(r2, &(0x7f0000000000), 0x81, 0x0, 0x730, 0x0)
dup2(r0, r2)
ioctl$KDGETLED(r0, 0x40044b41, &(0x7f0000000000)=0x1)
r3 = kqueue()
kevent(r3, &(0x7f0000000100), 0x0, 0x0, 0x0, &(0x7f0000000140))

03:50:25 executing program 1:
r0 = openat$speaker(0xffffffffffffff9c, &(0x7f0000000600)='/dev/speaker\x00', 0x82, 0x0)
pwritev(r0, &(0x7f0000000000)=[{&(0x7f0000000680)="945c037bba14670db419f996be0f72dfc9d8bcf018fe24c940717e2e2ee8b573cbb63271e27acce3e53e727fb459d7370b1527737e05db4b8042df592ba4b27ed3a7045627bce342ffdfd97d742f362abcaa379ad95260a03f3accfb6780f8fb5cb6c6316ed7409e34bdf980a8cf8e4123ed0a922e7afca21cc7c5c09ab5d337245b95e74aef1f1a02fa0f2b879ce2c8d02d940503e4e64e39", 0x99}, {&(0x7f0000000300)='.', 0x1}], 0x2, 0x0, 0x0)
execve(0x0, 0x0, 0x0)
r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bpf\x00', 0x4000000001, 0x0)
ioctl$BIOCSETIF(r1, 0x8020426c, &(0x7f0000000040)={'tap', 0x0})
ioctl$BIOCSETWF(r1, 0x80104277, &(0x7f00000000c0)={0x3, &(0x7f0000000000)=[{0x24}, {0x2}, {0x6, 0x0, 0x0, 0x10000103}]})
pwrite(r1, &(0x7f0000000240)="fbaf8a8d1a029be96914f6357e3a", 0xe, 0x0, 0x0)
ioctl$BIOCSETWF(r1, 0x80104277, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x3d93, 0x0, 0x9, 0x49e4}, {0x4, 0x9, 0xaa, 0xa97f}]})

03:50:25 executing program 1:
ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f00000000c0)={0x0, &(0x7f0000000300)})
r0 = socket(0x2, 0x3, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TIOCFLUSH(r1, 0xc0106924, &(0x7f00000000c0)=0x6e)
ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0})
ioctl$VMM_IOC_RESETCPU(0xffffffffffffffff, 0x82405605, &(0x7f0000000340)={0x0, 0x0, {[0xa, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40, 0x3, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x3, 0x1069, 0x7fe, 0x5], [0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x1], [0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x3], [0x2, 0x3, 0x1, 0x0, 0x0, 0x2001], [{0x0, 0x10000, 0x36b, 0x8008}, {0x5, 0xffffffff}, {0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x4}, {0x1aca, 0x0, 0xf4}, {0x1, 0x0, 0x0, 0x20005}, {0x80}], {0x0, 0x1000, 0x0, 0x100000000}, {0x0, 0x0, 0x9, 0x4}}})
mprotect(&(0x7f000054c000/0x4000)=nil, 0x4000, 0x5)
r2 = socket(0x18, 0x2, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
r4 = socket(0x18, 0x2, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
r6 = syz_open_pts()
ioctl$TIOCSETA(r6, 0x802c7414, &(0x7f0000000080)={0x0, 0x0, 0xfffffffe, 0xfffffffffffffffd, "d200efffffffffff6030ac8fc9e5510900000002"})
read(r6, &(0x7f0000000100)=""/3, 0x3)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
bind(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x0}, 0xc)
mmap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x4, 0x12, r6, 0x0, 0x7fffffff)
ioctl$TIOCFLUSH(r5, 0x81206919, &(0x7f0000000300))
ioctl$TIOCFLUSH(r3, 0x8080691a, &(0x7f0000000300))
pipe2(&(0x7f0000000000), 0x0)

03:50:30 executing program 0:
r0 = socket(0x400000000018, 0x3, 0x3a)
pipe(&(0x7f0000000080))
openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x1, 0x0)
r1 = open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0)
kevent(0xffffffffffffffff, &(0x7f0000000300)=[{{r1}, 0xfffffffffffffffe, 0xb}], 0x0, 0x0, 0x0, 0x0)
r2 = kqueue()
kevent(r2, &(0x7f0000000000), 0x81, 0x0, 0x730, 0x0)
dup2(r1, r2)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x20000, 0x0)
ioctl$WSMUXIO_REMOVE_DEVICE(r3, 0x80085762, &(0x7f0000000040)={0x1})
setsockopt(r0, 0x29, 0x6c, &(0x7f0000000040), 0x4)
writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000100)="7d4172a2", 0x4}], 0x1)
setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0x66, &(0x7f0000000140)={0x3f, 0x0, 0x0, 0x1}, 0xc)
setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0x66, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x5}, 0xc)
setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0x68, &(0x7f00000000c0)={{0x18, 0xffffffffffffffff, 0x6, 0x20}, {0x18, 0x3}}, 0x3c)

03:50:30 executing program 1:
r0 = socket(0x2, 0x2, 0x0)
connect$unix(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="820289823019c591ff767db540de040ce6163c782afed3caf03a09835464e5c01dd0fc9c991343138322659b700a6dd7cc06ed0ce4bbbd4d85083bd21b5bf324947f80a1988a594d9c8081c5221269bab8f71633bcf9ca032b348b080db040536825f4e00755aece8a8448db8dde6287f133e04fb55fdbf23731bb22079ce69c"], 0x10)
connect(r0, &(0x7f0000000000)=@in6={0x18, 0x2}, 0x8)
sendmsg(r0, &(0x7f00000008c0)={&(0x7f00000001c0)=@un=@file={0x6b2f841e542302b3, './file0/file0\x00'}, 0x10, 0x0, 0x0, 0x0}, 0x0)

03:50:30 executing program 0:
ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[0x100, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc], [0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1ff], [0x0, 0x0, 0x0, 0x9, 0xf7ffffffffffffff], [0x0, 0x0, 0x482]}})
ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket(0x18, 0x3, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0)
kevent(0xffffffffffffffff, &(0x7f0000000300)=[{{r2}, 0xfffffffffffffffe, 0xb}], 0x0, 0x0, 0x0, 0x0)
r3 = kqueue()
kevent(r3, &(0x7f0000000000), 0x81, 0x0, 0x730, 0x0)
dup2(r2, r3)
r4 = accept(r2, &(0x7f0000000000)=@in, &(0x7f0000000040)=0xc)
r5 = open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0)
kevent(0xffffffffffffffff, &(0x7f0000000300)=[{{r5}, 0xfffffffffffffffe, 0xb}], 0x0, 0x0, 0x0, 0x0)
r6 = kqueue()
kevent(r6, &(0x7f0000000000), 0x81, 0x0, 0x730, 0x0)
dup2(r5, r6)
getpeername(r5, &(0x7f0000000100)=@un=@abs, &(0x7f0000000140)=0x8)
getpeername$inet(r4, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300))

03:50:30 executing program 1:
preadv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000001640)=""/247, 0xffffffcc}], 0x10000221, 0x0, 0x0)
r0 = open(&(0x7f00000002c0)='./file0\x00', 0x611, 0x0)
pwritev(r0, &(0x7f00000003c0), 0x273, 0x0, 0x0)
mmap(&(0x7f0000000000/0x10000)=nil, 0x10000, 0x2, 0x11, r0, 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000580)='/dev/zero\x00', 0x0, 0x0)
pread(r1, &(0x7f00000000c0)="a60e9be3716b5826c0d31b5da18f2fd9e2b778c6f85877b93f09000000ce644f6a097c0a638eee579b6d7510cc87f6a7693520cd0e33fdb01a873a3cbca5ab9253927bc34e195237c6a53aa40cd440fa88dbf73b34dab7205dbf0c9f9cfcfd38b444514557", 0xff56, 0x0, 0xfffffff7fffffffc)
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x800000000009031, 0xffffffffffffffff, 0x0, 0x0)

03:50:30 executing program 0:
preadv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000001640)=""/247, 0xffffffcc}], 0x1, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x611, 0x0)
r1 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x611, 0x0)
fcntl$setstatus(r2, 0x4, 0x80)
pwritev(r2, &(0x7f00000003c0), 0x273, 0x0, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10, r1, 0x0, 0x0)
write(r1, &(0x7f0000000080)="55463f12693d53dc78b337617c543e92078a20281615054971b0b41940", 0x1d)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
pwritev(0xffffffffffffffff, &(0x7f0000002380)=[{&(0x7f00000000c0)}], 0x1, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000002380)=[{0x0}], 0x1, 0x0, 0x0)
ioctl$TIOCSTAT(r0, 0x20007465, &(0x7f0000000000))
r3 = syz_open_pts()
write(r3, &(0x7f00000014c0)="8fc3c1f9ea6e15b7e080f7588caf9f8abbe1d3daf1b5e0615d6475c96023c9dd67452432e1d643870f7bfaa82a7c43d54408f402443678f6ceae9613432995bd76565cdaa921d977f1f2496a403a3a0dbf1172e80b7f983e32d1fcd7308e7023af6a6c03416c5f39b7cd56a54f38617821846d4a7748f0587578c89b70f7cade5775b276a28e89a8755b2408281adfe3bc1d54a084a1b58d0d3071887d6dae94cea0cc2d26ceb2f96a1432d061d1c7b123b36bf58cb8098b0faf44736d54f3bd02a924d58876713618659c4b2fae8e4489f37e1c2f48776bc3e355522a6de700a6cfedb677f099e93ae477ba243a022877697c95e3d2", 0xf6)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x8040, 0x0)
fcntl$dupfd(r3, 0x0, r4)

03:50:30 executing program 1:
r0 = open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0)
kevent(0xffffffffffffffff, &(0x7f0000000300)=[{{r0}, 0xfffffffffffffffe, 0xb}], 0x0, 0x0, 0x0, 0x0)
r1 = kqueue()
kevent(r1, &(0x7f0000000000), 0x81, 0x0, 0x730, 0x0)
dup2(r0, r1)
ioctl$VMM_IOC_INFO(r0, 0xc0185603, &(0x7f0000000040)={0x94, 0x0, &(0x7f0000000240)=""/148})
r2 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0)
ioctl$BIOCSETWF(r2, 0x80104277, &(0x7f00000001c0)={0x3, &(0x7f0000000000)=[{0x3}, {0x5c}, {0x6, 0x0, 0x0, 0x10000}]})
ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f00000000c0)={'tap', 0x0})
pwrite(r2, &(0x7f0000000180)="e16914f6357e3a00000015000000", 0xe, 0x0, 0x0)

03:50:30 executing program 1:
r0 = open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0)
kevent(0xffffffffffffffff, &(0x7f0000000180)=[{{}, 0xfffffffffffffffa, 0x0, 0x20, 0xffffffffffffffff, 0x7}, {{}, 0xfffffffffffffff8, 0x18, 0x80000000, 0x8, 0x1ff}, {{}, 0xfffffffffffffffb, 0x42, 0x4, 0x1, 0x400000000000}], 0x3, 0x0, 0x1, 0x0)
r1 = kqueue()
kevent(r1, &(0x7f0000000000), 0x81, 0x0, 0x730, 0x0)
dup2(r0, r1)
ioctl$VMM_IOC_TERM(r0, 0x80045604, &(0x7f0000000100)={0xfffffff9})
ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x10000000000001}})
ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, "00000000000000000000f2ffffffffffffff4000"})
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c)
r2 = syz_open_pts()
ioctl$TIOCSETAF(r2, 0x802c7416, &(0x7f0000000080)={0xffffffffffffffff, 0x7, 0x0, 0x0, "0100100000000000000000000000000000000001", 0x0, 0xfffffffe})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r3 = socket(0x18, 0x1, 0x0)
setsockopt(r3, 0x29, 0xc, &(0x7f0000000140)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14)
r4 = socket(0x18, 0x1, 0x0)
close(r4)
r5 = socket(0x18, 0x2, 0x0)
setsockopt(r5, 0x1000000029, 0x2e, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14)
connect$unix(r4, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c)
write(r5, 0x0, 0x0)

03:50:30 executing program 1:
r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bpf\x00', 0x4000000019, 0x0)
ioctl$BIOCSETWF(r0, 0x80104277, &(0x7f0000000440)={0x3, &(0x7f0000000000)=[{0x84}, {0x20}, {0x6, 0x0, 0x0, 0x8000000000100}]})
mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
setrlimit(0x2, &(0x7f0000000080)={0x60000000, 0x60000000})
ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000040)={'tap', 0x0})
pwrite(r0, &(0x7f0000000180)="fbaf8a8d1a029be96914f6357e3a", 0xe, 0x0, 0x0)

03:50:34 executing program 0:
mknod(&(0x7f00000000c0)='./bus\x00', 0x2000, 0x86138)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x2, 0x0)
write(r0, &(0x7f0000000140)="220e22", 0x3)
r1 = getgid()
r2 = semget$private(0x0, 0x4, 0x1b2)
semctl$GETNCNT(r2, 0x4, 0x3, &(0x7f0000000580)=""/170)
semctl$SETVAL(r2, 0x0, 0x8, &(0x7f0000000240)=0x72)
semctl$GETVAL(r2, 0x4, 0x5, &(0x7f0000000800)=""/210)
semop(r2, &(0x7f0000000400)=[{0x3, 0x100000001, 0x1000}, {0x0, 0x4, 0x1000}], 0x2)
semop(r2, &(0x7f0000000040)=[{0x0, 0x40, 0x1000}], 0x1)
getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f0000000000)={0x0, <r3=>0x0}, 0xc)
semctl$IPC_SET(r2, 0x0, 0x1, &(0x7f0000000080)={{0x5, 0xffffffffffffffff, r1, r3, 0x0, 0x10, 0x409}, 0x8, 0x0, 0x9})
r4 = msgget$private(0x0, 0x0)
msgsnd(r4, &(0x7f0000001200)={0x3, "2e1100b0df6d7fcf409def1a1fc1ed34135533b89b0603ae37c860fe2c09c110ff00f45709d664539e1e381f35071f061ac0e16f328dca5d39656da02489672db6d19f37405111e97aa998473f0e8d1e8f3b32b99730931041cfd6c2df99a9d60031c125814bb6ee11e303000000b33d0000000049ad4ae8d462fcf5fa3b57806356cdb615f058b0fed6706a4d152ed0cea438f8387c3440ba6ba9cc08452fc04250db61cf3bcacfe9d34b6a31de9d05a5615416a1e222dcba8dee9f0cdc7527d27e8a15b712000000000000000000000000000000cd846e9ea6bfe963e86814a576b24813ddfa8130a04b4ad6d8791c698df63e5e23fa327326484829f3f7769669e325cd2485e172bf120763e2ce23d1fb7cf63c9dbc6a87869b8ed7fe114d70adee7d696a5fa50d515e2714fab1fb6f1ef5e2ee86a0738d95934e84357ed214ae041c228e609fb27bd54d86080f76a08dca519d53d20cd99fc0e03dd76407ae51adbb71981029aeca137eaa9049710bebce9939b3922299a460f3eab037a5d2cba6bd4272495cd7049a7d7b01e1206d3b57d1fccc089aa0b0d4cfd8ccc85cc9db643f529ef3ebf17616907fb01c6b8c9a309319c606ad4bd8169d5176363749cfd308abc55fdd6d69134ecb558aa9a58fb0e85a6be806954bd6968dd632de372d"}, 0x4a4, 0x0)
msgrcv(r4, &(0x7f0000000100)={0x0, ""/29}, 0x25, 0x2, 0x0)
msgsnd(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="0300000000000000741f7bf64bf956669e624fd3c5086d5fc3eac60deb6ce545e64fd79b359514845e57bac77ec74569415a9e96f9ab2c6f5d3879074b794b21c545ac3690d06b5273a2b460219cee17b46bd018031d2b33edeabcfa51f845d8504f0888868e4c4e27ec1e8a467edb0929464396b4599fb7a31be60cdb2b26baf3a5ac6802bed03a27a378"], 0x50, 0x800)
msgrcv(r4, &(0x7f0000000180)={0x0, ""/72}, 0x50, 0x1, 0x800)
msgctl$IPC_SET(r4, 0x1, &(0x7f0000000180)={{0x0, r3}, 0x5000000000004, 0x19d4, 0x0, 0xffffffffffffffff})
getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000180), &(0x7f00000001c0)=0xc)
pwritev(r0, &(0x7f00000002c0)=[{&(0x7f0000000180), 0xff20}], 0x100000000000005e, 0x0, 0x0)

03:50:34 executing program 1:
r0 = syz_open_pts()
r1 = syz_open_pts()
ioctl$TIOCSETA(r1, 0x802c7414, &(0x7f0000000080)={0x0, 0x0, 0xfffffffe, 0xfffffffffffffffd, "d200efffffffffff6030ac8fc9e5510900000002"})
read(r1, &(0x7f0000000100)=""/3, 0x3)
r2 = syz_open_pts()
ioctl$TIOCSETA(r2, 0x802c7414, &(0x7f0000000080)={0x0, 0x0, 0xfffffffe, 0xfffffffffffffffd, "d200efffffffffff6030ac8fc9e5510900000002"})
read(r2, &(0x7f0000000100)=""/3, 0x3)
r3 = syz_open_pts()
write(r3, &(0x7f00000014c0)="8fc3c1f9ea6e15b7e080f7588caf9f8abbe1d3daf1b5e0615d6475c96023c9dd67452432e1d643870f7bfaa82a7c43d54408f402443678f6ceae9613432995bd76565cdaa921d977f1f2496a403a3a0dbf1172e80b7f983e32d1fcd7308e7023af6a6c03416c5f39b7cd56a54f38617821846d4a7748f0587578c89b70f7cade5775b276a28e89a8755b2408281adfe3bc1d54a084a1b58d0d3071887d6dae94cea0cc2d26ceb2f96a1432d061d1c7b123b36bf58cb8098b0faf44736d54f3bd02a924d58876713618659c4b2fae8e4489f37e1c2f48776bc3e355522a6de700a6cfedb677f099e93ae477ba243a022877697c95e3d2", 0xf6)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="2000000000000000ffff000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000002000000000000000ffff000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000002000000000000000ffff000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000002000000000000000ffff000000000000", @ANYRES64=r3, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000003000000000000000ffff000001000000", @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000000d00000000000000ffff000001000000", @ANYRES32, @ANYRESOCT, @ANYBLOB="200000b92caefbce020d81673c7c000028e4a13365476234910dd014b3a50cae3aa138a8d36f3626543cc6fcf8f4b0a94c7c65e8fb01bcb9bb3e040d0b81456c20171985a031c75181895a4b66236af6c49c94e4acb5aa8a802a73562847523d02d83ff5e30f8a9090e8727f167f0918b02411d63468b8cd4e6891a01066b6c16df1df6e29ffdf3e2172f97df0d1164a7a3d7230422b60d081c21e0aa634c97937cf301e00ef13b6a55bd928361ff2def47748c5969bbb36d8746614aea21d8a9864bf9cfe0674eb4a4a3ba65891db4661f46f23034ba6c6f50076391d9e70b32d8cad26ca165b5bc8ef09d78b3bc536fdbaf6d5a3d7cb034582211fb27888b59a2f6642c2c55eedb2aab3e176ca19ff0743761220563f6611b26ca7fe172cf8051a40a54ab93452dbda4d17c05c3059d811e21fa1eaf935ec2baecaa8ab51a86d6d5003c73adbcee2bc77bd9da228f9443867ab45e35c90a440637fc4000000000000", @ANYRES32, @ANYRES32, @ANYRESOCT=r1, @ANYBLOB="000000003000000000000000ffff00000100", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32], 0x118}, 0x0)
r4 = openat$pf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pf\x00', 0x2, 0x0)
ioctl$FIOASYNC(r4, 0xcd60441a, &(0x7f0000000240)=0x6)
r5 = openat$pf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pf\x00', 0x2, 0x0)
ioctl$FIOASYNC(r5, 0xcd60441a, &(0x7f0000000240)=0x2)

panic: receive 1a: so 0xfffffd806f680320, so_type 3, m 0xfffffd806aadd400, m_type 0

Stopped at      db_enter+0x18:  addq    $0x8,%rsp

    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND

   1334   8826      0           0          0    0  syz-executor.1

*158492  20537      0           0          0    1K dhclient

db_enter() at db_enter+0x18

panic(ffffffff823e977b) at panic+0x15c

soreceive(fffffd806f680320,0,ffff800020e1e998,0,0,ffff800020e1e8a4) at soreceive+0x174a

soo_read(fffffd80753f6260,ffff800020e1e998,0) at soo_read+0x53

dofilereadv(ffff800020ddcc38,6,ffff800020e1e998,0,ffff800020e1ea80) at dofilereadv+0x1a1

sys_read(ffff800020ddcc38,ffff800020e1ea30,ffff800020e1ea80) at sys_read+0x83

syscall(ffff800020e1eb00) at syscall+0x4a4

Xsyscall() at Xsyscall+0x128

end of kernel

end trace frame: 0x7f7ffffc1cc0, count: 7

https://www.openbsd.org/ddb.html describes the minimum info required in bug

reports.  Insufficient info makes it difficult to find and fix bugs.

ddb{1}> 

ddb{1}> set $lines = 0

ddb{1}> set $maxwidth = 0

ddb{1}> show panic

receive 1a: so 0xfffffd806f680320, so_type 3, m 0xfffffd806aadd400, m_type 0

ddb{1}> trace

db_enter() at db_enter+0x18

panic(ffffffff823e977b) at panic+0x15c

soreceive(fffffd806f680320,0,ffff800020e1e998,0,0,ffff800020e1e8a4) at soreceive+0x174a

soo_read(fffffd80753f6260,ffff800020e1e998,0) at soo_read+0x53

dofilereadv(ffff800020ddcc38,6,ffff800020e1e998,0,ffff800020e1ea80) at dofilereadv+0x1a1

sys_read(ffff800020ddcc38,ffff800020e1ea30,ffff800020e1ea80) at sys_read+0x83

syscall(ffff800020e1eb00) at syscall+0x4a4

Xsyscall() at Xsyscall+0x128

end of kernel

end trace frame: 0x7f7ffffc1cc0, count: -8

ddb{1}> show registers

rdi                                0

rsi                              0x1

rbp               0xffff800020e1e6e0

rbx               0xffff800020e1e790

rdx                             0x8b

rcx                              0x2

rax                              0x1

r8                0xffffffff812cad1f    kprintf+0x16f

r9                               0x1

r10                              0x2

r11               0x32f16c6b8906b45a

r12                     0x3000000008

r13               0xffff800020e1e6f0

r14                            0x100

r15                              0x1

rip               0xffffffff81ae9b98    db_enter+0x18

cs                               0x8

rflags                         0x246

rsp               0xffff800020e1e6d0

ss                              0x10

db_enter+0x18:  addq    $0x8,%rsp

ddb{1}> show proc

PROC (dhclient) pid=158492 stat=onproc

    flags process=0 proc=0

    pri=24, usrpri=50, nice=20

    forw=0xffffffffffffffff, list=0xffff800020ddc008,0xffff800020ddceb8

    process=0xffff800020df0010 user=0xffff800020e19000, vmspace=0xfffffd807efff170

    estcpu=0, cpticks=1, pctcpu=0.0

    user=0, sys=1, intr=0

ddb{1}> ps

   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND

 67740  133906  72585      0  2           0                syz-executor.0

 67740  113482  72585      0  3   0x4000080  fsleep        syz-executor.0

  8826    1334  92968      0  7           0                syz-executor.1

  8826  127303  92968      0  3   0x4000080  ttyin         syz-executor.1

 92968  230174  37674      0  3        0x82  nanosleep     syz-executor.1

 72585   71760  37674      0  3        0x82  nanosleep     syz-executor.0

 37674   28892  71508      0  3        0x82  thrsleep      syz-fuzzer

 37674  125023  71508      0  3   0x4000082  thrsleep      syz-fuzzer

 37674  354020  71508      0  3   0x4000082  thrsleep      syz-fuzzer

 37674  270104  71508      0  3   0x4000082  thrsleep      syz-fuzzer

 37674  234108  71508      0  3   0x4000082  thrsleep      syz-fuzzer

 37674  477582  71508      0  3   0x4000082  thrsleep      syz-fuzzer

 37674  383121  71508      0  3   0x4000082  thrsleep      syz-fuzzer

 37674  266722  71508      0  3   0x4000082  thrsleep      syz-fuzzer

 37674   17981  71508      0  3   0x4000082  thrsleep      syz-fuzzer

 37674  395284  71508      0  3   0x4000082  kqread        syz-fuzzer

 71508   38049   8067      0  3    0x10008a  pause         ksh

  8067  359145  26663      0  3        0x92  select        sshd

 40616  169672      1      0  3    0x100083  ttyin         getty

 26663  391186      1      0  3        0x80  select        sshd

 25120  275121  55006     74  3    0x100092  bpf           pflogd

 55006  188986      1      0  3        0x80  netio         pflogd

 48982  178803  25452     73  3    0x100090  kqread        syslogd

 25452   92529      1      0  3    0x100082  netio         syslogd

 90176  219903      1     77  3    0x100090  poll          dhclient

*20537  158492      1      0  7           0                dhclient

 14323  316376      0      0  3     0x14200  bored         smr

 55933  464593      0      0  2     0x14200                zerothread

 32158  144016      0      0  3     0x14200  aiodoned      aiodoned

 78817  158040      0      0  3     0x14200  syncer        update

  9670  404198      0      0  3     0x14200  cleaner       cleaner

 66944  487168      0      0  3     0x14200  reaper        reaper

 89962  212212      0      0  3     0x14200  pgdaemon      pagedaemon

 10386  486844      0      0  3     0x14200  bored         crynlk

 85478  314377      0      0  3     0x14200  bored         crypto

 85751  115116      0      0  3  0x40014200  acpi0         acpi0

 87510  453075      0      0  3  0x40014200                idle1

 46996  492673      0      0  3     0x14200  bored         softnet

 41935  131421      0      0  3     0x14200  bored         systqmp

   423  190111      0      0  3     0x14200  bored         systq

 28381  470710      0      0  3  0x40014200  bored         softclock

 34934  339472      0      0  3  0x40014200                idle0

     1   31815      0      0  3        0x82  wait          init

     0       0     -1      0  3     0x10200  scheduler     swapper

ddb{1}> show all locks

Process 20537 (dhclient) thread 0xffff800020ddcc38 (158492)

exclusive kernel_lock &kernel_lock r = 0 (0xffffffff829062a8)

#0  witness_lock+0x4c7

#1  solock+0x66

#2  soreceive+0x114

#3  soo_read+0x53

#4  dofilereadv+0x1a1

#5  sys_read+0x83

#6  syscall+0x4a4

#7  Xsyscall+0x128

ddb{1}> show malloc

           Type InUse  MemUse  HighUse   Limit  Requests Type Lim

         devbuf  9485   6402K    6528K  78643K     10607        0

            pcb    13      8K       8K  78643K        23        0

         rtable   105      3K       3K  78643K       202        0

         ifaddr    49     11K      11K  78643K        52        0

       counters    43     33K      33K  78643K        43        0

       ioctlops     0      0K       4K  78643K      1474        0

            iov     0      0K      12K  78643K         6        0

          mount     1      1K       1K  78643K         1        0

         vnodes  1220     77K      77K  78643K      1234        0

      UFS quota     1     32K      32K  78643K         1        0

      UFS mount     5     36K      36K  78643K         5        0

            shm     2      1K       5K  78643K         3        0

         VM map     2      1K       1K  78643K         2        0

            sem     2      0K       0K  78643K         2        0

        dirhash    12      2K       2K  78643K        12        0

           ACPI  1824    197K     290K  78643K     13058        0

      file desc     6     17K      25K  78643K        50        0

           proc    59     63K      95K  78643K       438        0

        subproc    32      2K       2K  78643K        34        0

    NFS srvsock     1      0K       0K  78643K         1        0

     NFS daemon     1     16K      16K  78643K         1        0

    ip_moptions     0      0K       0K  78643K         2        0

       in_multi    33      2K       2K  78643K        36        0

    ether_multi     1      0K       0K  78643K         2        0

            mrt     0      0K       0K  78643K         2        0

    ISOFS mount     1     32K      32K  78643K         1        0

  MSDOSFS mount     1     16K      16K  78643K         1        0

           ttys    55    254K     254K  78643K        55        0

           exec     0      0K       1K  78643K       209        0

        pagedep     1      8K       8K  78643K         1        0

       inodedep     1     32K      32K  78643K         1        0

         newblk     1      0K       0K  78643K         1        0

        VM swap     7     26K      26K  78643K         7        0

       UVM amap   111     22K      36K  78643K      1068        0

       UVM aobj     5      2K       2K  78643K         5        0

        memdesc     1      4K       4K  78643K         1        0

    crypto data     1      1K       1K  78643K         1        0

    ip6_options     0      0K       0K  78643K         4        0

            NDP     7      0K       0K  78643K        11        0

           temp    73   3860K    3923K  78643K      2053        0

         kqueue     3      4K       4K  78643K         3        0

      SYN cache     2     16K      16K  78643K         2        0

ddb{1}> show all pools

Name      Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle

arp         64        6    0        0     1     0     1     1     0     8    0

plcache    128       20    0        0     1     0     1     1     0     8    0

rtpcb       80       19    0       17     1     0     1     1     0     8    0

rtentry    112       45    0        1     2     0     2     2     0     8    0

unpcb      120       27    0       17     1     0     1     1     0     8    0

syncache   264        4    0        4     1     1     0     1     0     8    0

tcpqe       32      499    0      499     1     1     0     1     0     8    0

tcpcb      544       14    0       10     1     0     1     1     0     8    0

inpcb      296       57    0       50     2     0     2     2     0     8    1

nd6         48        6    0        0     1     0     1     1     0     8    0

pfosfp      40      846    0      423     5     0     5     5     0     8    0

pfosfpen   112     1428    0      714    21     0    21    21     0     8    0

pfstitem    24       13    0        3     1     0     1     1     0     8    0

pfstkey    112       13    0        3     1     0     1     1     0     8    0

pfstate    328       13    0        3     2     0     2     2     0     8    0

pfrule     1360      21    0       16     2     1     1     2     0     8    0

art_heap8  4096       1    0        0     1     0     1     1     0     8    0

art_heap4  256      189    0        0    12     0    12    12     0     8    0

art_table   32      190    0        0     2     0     2     2     0     8    0

art_node    16       44    0        4     1     0     1     1     0     8    0

shmpl      112        2    0        0     1     0     1     1     0     8    0

dirhash    1024      17    0        0     3     0     3     3     0     8    0

dino2pl    256     1452    0       45    89     0    89    89     0     8    1

ffsino     272     1452    0       45    94     0    94    94     0     8    0

nchpl      144     1700    0       88    60     0    60    60     0     8    0

uvmvnodes   72     1502    0        0    28     0    28    28     0     8    0

vnodes     208     1502    0        0    80     0    80    80     0     8    0

namei      1024    4518    0     4518     1     0     1     1     0     8    1

percpumem   16       32    0        0     1     0     1     1     0     8    0

scxspl     192     5256    0     5256     8     5     3     7     0     8    3

plimitpl   152       17    0        9     1     0     1     1     0     8    0

sigapl     424      265    0      233     4     0     4     4     0     8    0

futexpl     56      316    0      315     1     0     1     1     0     8    0

knotepl    112       63    0       44     1     0     1     1     0     8    0

kqueuepl   144       16    0       14     1     0     1     1     0     8    0

pipepl     304       81    0       71     2     0     2     2     0     8    1

fdescpl    496      250    0      233     3     0     3     3     0     8    0

filepl     152     1304    0     1200     5     0     5     5     0     8    0

lockfpl    104       19    0       18     1     0     1     1     0     8    0

lockfspl    48        7    0        6     1     0     1     1     0     8    0

sessionpl  112       18    0        7     1     0     1     1     0     8    0

pgrppl      48       18    0        7     1     0     1     1     0     8    0

ucredpl     96      113    0      104     1     0     1     1     0     8    0

zombiepl   144      233    0      233     1     0     1     1     0     8    1

processpl  992      265    0      233     5     0     5     5     0     8    1

procpl     624      310    0      267     4     0     4     4     0     8    0

sockpl     400      103    0       84     3     0     3     3     0     8    1

mcl8k      8192       1    0        0     1     0     1     1     0     8    0

mcl4k      4096       3    0        0     1     0     1     1     0     8    0

mcl2k      2048     191    0        0    23     0    23    23     0     8    0

mtagpl      96        4    0        0     1     0     1     1     0     8    0

mbufpl     256      211    0        0    13     0    13    13     0     8    0

bufpl      280     3509    0      133   242     0   242   242     0     8    0

anonpl      16    38776    0    24637    59     1    58    58     0   124    0

amapchunkpl 152    1288    0     1133    14     1    13    13     0   158    5

amappl16   192      962    0      205    39     0    39    39     0     8    0

amappl15   184       12    0        8     1     0     1     1     0     8    0

amappl14   176       31    0       26     1     0     1     1     0     8    0

amappl13   168       30    0       27     1     0     1     1     0     8    0

amappl12   160        9    0        9     1     1     0     1     0     8    0

amappl11   152       57    0       42     1     0     1     1     0     8    0

amappl10   144       28    0       21     1     0     1     1     0     8    0

amappl9    136      393    0      389     1     0     1     1     0     8    0

amappl8    128      376    0      341     2     0     2     2     0     8    0

amappl7    120      119    0      106     1     0     1     1     0     8    0

amappl6    112       22    0       20     1     0     1     1     0     8    0

amappl5    104      148    0      131     1     0     1     1     0     8    0

amappl4     96      481    0      455     1     0     1     1     0     8    0

amappl3     88       98    0       93     1     0     1     1     0     8    0

amappl2     80     1020    0      936     2     0     2     2     0     8    0

amappl1     72    15832    0    15374    23    13    10    18     0     8    0

amappl      80      562    0      516     2     0     2     2     0    84    0

dma4096    4096       1    0        1     1     1     0     1     0     8    0

dma256     256        6    0        6     1     1     0     1     0     8    0

dma128     128      253    0      253     1     1     0     1     0     8    0

dma64       64        6    0        6     1     1     0     1     0     8    0

dma32       32        7    0        7     1     1     0     1     0     8    0

dma16       16       18    0       17     1     0     1     1     0     8    0

aobjpl      64        4    0        0     1     0     1     1     0     8    0

uaddrrnd    24      250    0      233     1     0     1     1     0     8    0

uaddrbest   32        2    0        0     1     0     1     1     0     8    0

uaddr       24      250    0      233     1     0     1     1     0     8    0

vmmpekpl   168     6094    0     6062     2     0     2     2     0     8    0

vmmpepl    168    37950    0    35931   113    14    99   108     0   357   11

vmsppl     368      249    0      233     2     0     2     2     0     8    0

pdppl      4096     507    0      466     7     1     6     6     0     8    0

pvpl        32   137106    0   119750   147     0   147   147     0   265    4

pmappl     232      249    0      233     2     1     1     2     0     8    0

extentpl    40       53    0       36     1     0     1     1     0     8    0

phpool     112      259    0        4     8     0     8     8     0     8    0

ddb{1}> machine ddbcpu 0

Stopped at      x86_ipi_db+0x1a:        addq    $0x8,%rsp

x86_ipi_db(ffffffff826f9ff0) at x86_ipi_db+0x1a

x86_ipi_handler() at x86_ipi_handler+0xc6

Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23

__mp_lock(ffffffff829060a0) at __mp_lock+0x12e

softintr_dispatch(0) at softintr_dispatch+0x4e

Xsoftclock() at Xsoftclock+0x1f

pvclock_get_timecount(ffffffff82762bc8) at pvclock_get_timecount+0x8e

nanouptime(ffff800020ecd708) at nanouptime+0x67

clock_gettime(ffff800020e0a398,3,ffff800020ecd708) at clock_gettime+0x88

sys_clock_gettime(ffff800020e0a398,ffff800020ecd770,ffff800020ecd7c0) at sys_clock_gettime+0x4c

syscall(ffff800020ecd840) at syscall+0x4a4

Xsyscall() at Xsyscall+0x128

end of kernel

end trace frame: 0x7f7ffffd8dd0, count: 3

ddb{0}> trace

x86_ipi_db(ffffffff826f9ff0) at x86_ipi_db+0x1a

x86_ipi_handler() at x86_ipi_handler+0xc6

Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23

__mp_lock(ffffffff829060a0) at __mp_lock+0x12e

softintr_dispatch(0) at softintr_dispatch+0x4e

Xsoftclock() at Xsoftclock+0x1f

pvclock_get_timecount(ffffffff82762bc8) at pvclock_get_timecount+0x8e

nanouptime(ffff800020ecd708) at nanouptime+0x67

clock_gettime(ffff800020e0a398,3,ffff800020ecd708) at clock_gettime+0x88

sys_clock_gettime(ffff800020e0a398,ffff800020ecd770,ffff800020ecd7c0) at sys_clock_gettime+0x4c

syscall(ffff800020ecd840) at syscall+0x4a4

Xsyscall() at Xsyscall+0x128

end of kernel

end trace frame: 0x7f7ffffd8dd0, count: -12

ddb{0}> machine ddbcpu 1

Stopped at      db_enter+0x18:  addq    $0x8,%rsp

db_enter() at db_enter+0x18

panic(ffffffff823e977b) at panic+0x15c

soreceive(fffffd806f680320,0,ffff800020e1e998,0,0,ffff800020e1e8a4) at soreceive+0x174a

soo_read(fffffd80753f6260,ffff800020e1e998,0) at soo_read+0x53

dofilereadv(ffff800020ddcc38,6,ffff800020e1e998,0,ffff800020e1ea80) at dofilereadv+0x1a1

sys_read(ffff800020ddcc38,ffff800020e1ea30,ffff800020e1ea80) at sys_read+0x83

syscall(ffff800020e1eb00) at syscall+0x4a4

Xsyscall() at Xsyscall+0x128

end of kernel

end trace frame: 0x7f7ffffc1cc0, count: 7

ddb{1}> trace

db_enter() at db_enter+0x18

panic(ffffffff823e977b) at panic+0x15c

soreceive(fffffd806f680320,0,ffff800020e1e998,0,0,ffff800020e1e8a4) at soreceive+0x174a

soo_read(fffffd80753f6260,ffff800020e1e998,0) at soo_read+0x53

dofilereadv(ffff800020ddcc38,6,ffff800020e1e998,0,ffff800020e1ea80) at dofilereadv+0x1a1

sys_read(ffff800020ddcc38,ffff800020e1ea30,ffff800020e1ea80) at sys_read+0x83

syscall(ffff800020e1eb00) at syscall+0x4a4

Xsyscall() at Xsyscall+0x128

end of kernel

end trace frame: 0x7f7ffffc1cc0, count: -8