ASan bug

[syzbot]

Hello,

syzbot found the following crash on:

HEAD commit: af876e934dda Register kUBSan and KCOV in kernel=GENERIC of..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1514a30ac00000
dashboard link: https://syzkaller.appspot.com/bug?extid=9eaf98dad6ca738c250d

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+9eaf98...@syzkaller.appspotmail.com

login: [ 99.9437293] ASan: Unauthorized Access In 0xffffffff80a7f1be: Addr
0xffffa60012fd828c [4 bytes, read]
[ 99.9437293] #0 0xffffffff80a7f1be in in6_print <netbsd>
[ 99.9580096] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 99.9580096] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 99.9580096] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 99.9580096] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 99.9729085] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 99.9729085] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 99.9865704] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 99.9865704] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 100.0053139] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 100.0153768] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 100.0153768] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 100.0338596] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 100.0436897] #13 0xffffffff80265b1e in syscall <netbsd>
[ 100.0436897] ASan: Unauthorized Access In 0xffffffff80a7f68c: Addr
0xffffa60012fd8290 [4 bytes, read]
[ 100.0647710] #0 0xffffffff80a7f68c in in6_print <netbsd>
[ 100.0735636] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 100.0735636] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 100.0921452] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 100.1014806] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 100.1014806] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 100.1198193] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 100.1293675] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 100.1293675] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 100.1479465] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 100.1580172] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 100.1580172] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 100.1764895] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 100.1864872] #13 0xffffffff80265b1e in syscall <netbsd>
[ 100.1864872] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd828c [2 bytes, read]
[ 100.2073424] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 100.2160466] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 100.2160466] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 100.2345625] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 100.2439063] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 100.2439063] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 100.2623392] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 100.2721656] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 100.2721656] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 100.2906041] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 100.3008332] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 100.3008332] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 100.3193697] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 100.3292854] #13 0xffffffff80265b1e in syscall <netbsd>
[ 100.3292854] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd828e [2 bytes, read]
[ 100.3502796] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 100.3590789] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 100.3590789] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 100.3776472] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 100.3870109] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 100.3870109] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 100.4054458] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 100.4149626] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 100.4149626] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 100.4335252] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 100.4436373] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 100.4436373] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 100.4622080] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 100.4720838] #13 0xffffffff80265b1e in syscall <netbsd>
[ 100.4720838] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd8290 [2 bytes, read]
[ 100.4931171] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 100.5018668] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 100.5018668] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 100.5204688] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 100.5298559] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 100.5298559] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 100.5483559] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 100.5578922] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 100.5578922] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 100.5765841] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 100.5866848] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 100.5866848] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 100.6052815] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 100.6148838] #13 0xffffffff80265b1e in syscall <netbsd>
[ 100.6148838] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd8292 [2 bytes, read]
[ 100.6362189] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 100.6450377] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 100.6450377] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 100.6637400] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 100.6731044] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 100.6731044] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 100.6915334] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 100.7010080] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 100.7010080] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 100.7196926] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 100.7297981] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 100.7297981] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 100.7483217] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 100.7577138] #13 0xffffffff80265b1e in syscall <netbsd>
[ 100.7577138] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd8294 [2 bytes, read]
[ 100.7792947] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 100.7879962] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 100.7879962] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 100.8066193] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 100.8159290] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 100.8159290] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 100.8343238] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 100.8438455] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 100.8438455] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 100.8625170] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 100.8725978] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 100.8725978] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 100.8910988] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 100.9004931] #13 0xffffffff80265b1e in syscall <netbsd>
[ 100.9004931] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd8296 [2 bytes, read]
[ 100.9220860] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 100.9308275] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 100.9308275] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 100.9494075] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 100.9587436] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 100.9587436] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 100.9771731] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 100.9866905] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 100.9866905] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 101.0053427] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 101.0155432] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 101.0155432] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 101.0341806] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 101.0435378] #13 0xffffffff80265b1e in syscall <netbsd>
[ 101.0435378] sockaddr_checklen: 0xffffa60012fd8280 bad len af=24
socklen=12 len=28 [inet6: ::]
[ 101.0642478] sockaddr_checklen: 0xffffa6016f0235b0 bad len af=24
socklen=12 len=28 [inet6: [800:0:ffff:ffff:1:e13:a6:ffff]:20018]
[ 101.0807187] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd8292 [1 byte, read]
[ 101.0936106] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 101.1021576] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 101.1021576] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 101.1222450] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 101.1314251] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 101.1314251] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 101.1503052] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 101.1594699] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 101.1594699] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 101.1789210] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 101.1878640] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 101.1878640] #11 0xffffffff80265b1e in syscall <netbsd>
[ 101.2057709] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd8294 [1 byte, read]
[ 101.2186533] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 101.2186533] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 101.2362434] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 101.2472625] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 101.2574753] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 101.2574753] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 101.2752716] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 101.2752716] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 101.2946196] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 101.3039038] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 101.3039038] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 101.3220982] #11 0xffffffff80265b1e in syscall <netbsd>
[ 101.3305788] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd8294 [1 byte, read]
[ 101.3434693] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 101.3434693] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 101.3611259] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 101.3721627] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 101.3721627] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 101.3907554] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 101.4002753] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 101.4002753] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 101.4195277] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 101.4289876] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 101.4289876] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 101.4472026] #11 0xffffffff80265b1e in syscall <netbsd>
[ 101.4472026] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd8297 [1 byte, read]
[ 101.4687561] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 101.4774028] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 101.4864965] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 101.4864965] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 101.5067362] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 101.5161656] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
00:00:26 executing program 3:
mlockall(0x1)
mincore(&(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/204)
r0 = getuid()
setuid(r0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
readlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/190, 0xbe)
chmod(&(0x7f0000000240)='./file0\x00', 0x80)
r1 = open$dir(&(0x7f0000000280)='./file0\x00', 0x8410, 0x20)
recvfrom$inet6(r1, &(0x7f00000002c0)=""/133, 0x85, 0x2, 0x0, 0x0)
r2 = getegid()
lchown(&(0x7f0000000380)='./file0\x00', r0, r2)
r3 = fcntl$dupfd(r1, 0xc, r1)
setuid(r0)
chown(&(0x7f00000003c0)='./file0\x00', r0, r2)
getsockopt$SO_PEERCRED(r3, 0xffff, 0x11, &(0x7f0000000400)={0x0, <r4=>0x0},
0xc)
symlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00')
chown(&(0x7f0000000900)='./file0\x00', r4, r2)

00:00:26 executing program 5:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
semget$private(0x0, 0x3, 0x1)
connect(0xffffffffffffffff, &(0x7f0000000300)=@in={0x2, 0x2}, 0xc)

00:00:26 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff,
<r1=>0xffffffffffffffff})
r2 = dup2(r0, r1)
accept$inet(r2, &(0x7f0000000000), &(0x7f0000000040)=0xc)

00:00:26 executing program 2:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
r1 = semget$private(0x0, 0x3, 0x1)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x400000)
accept$unix(r2, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)
mkdirat(r2, &(0x7f0000000180)='./file0\x00', 0x48)
semctl$IPC_RMID(r1, 0x0, 0x0)

[ 101.5161656] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 101.5347608] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 101.5447638] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 101.5447638] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 101.5631066] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 101.5723964] #11 0xffffffff80265b1e in syscall <netbsd>
[ 101.8572922] ASan: Unauthorized Access In 0xffffffff80a7f1be: Addr
0xffffa60012fd82fc [4 bytes, read]
[ 101.8715107] #0 0xffffffff80a7f1be in in6_print <netbsd>
[ 101.8715107] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 101.8878702] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 101.8878702] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 101.9069946] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 101.9160972] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 101.9160972] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 101.9348218] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 101.9442474] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 101.9442474] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 101.9634718] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 101.9729259] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 101.9729259] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 101.9913748] #13 0xffffffff80265b1e in syscall <netbsd>
[ 101.9913748] ASan: Unauthorized Access In 0xffffffff80a7f68c: Addr
0xffffa60012fd8300 [4 bytes, read]
[ 102.0143091] #0 0xffffffff80a7f68c in in6_print <netbsd>
[ 102.0143091] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 102.0305674] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 102.0305674] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 102.0495943] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 102.0586957] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 102.0586957] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 102.0774774] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 102.0869358] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 102.0869358] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 102.1061337] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 102.1155991] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 102.1155991] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 102.1345736] #13 0xffffffff80265b1e in syscall <netbsd>
[ 102.1430849] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd82fc [2 bytes, read]
[ 102.1571117] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 102.1571117] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 102.1737712] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 102.1737712] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 102.1929168] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 102.2020702] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 102.2020702] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 102.2213745] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 102.2308484] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 102.2308484] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 102.2501841] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 102.2596840] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 102.2596840] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 102.2782860] #13 0xffffffff80265b1e in syscall <netbsd>
[ 102.2868990] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd82fe [2 bytes, read]
[ 102.2999388] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 102.2999388] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 102.3180038] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 102.3284656] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 102.3284656] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 102.3461833] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 102.3461833] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 102.3650013] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 102.3744849] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 102.3744849] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 102.3937177] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 102.4031715] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 102.4031715] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 102.4216346] #13 0xffffffff80265b1e in syscall <netbsd>
[ 102.4302930] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd8300 [2 bytes, read]
[ 102.4432950] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 102.4432950] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 102.4608671] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 102.4712647] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 102.4712647] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 102.4889851] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 102.4889851] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 102.5078002] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 102.5172482] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 102.5172482] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 102.5365589] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 102.5460033] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 102.5460033] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 102.5644517] #13 0xffffffff80265b1e in syscall <netbsd>
[ 102.5730322] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd8302 [2 bytes, read]
[ 102.5860349] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 102.5860349] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 102.6036252] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 102.6140767] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 102.6140767] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 102.6318105] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 102.6318105] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 102.6506303] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 102.6600598] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 102.6600598] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 102.6793096] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 102.6887324] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 102.6887324] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 102.7071561] #13 0xffffffff80265b1e in syscall <netbsd>
[ 102.7157531] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd8304 [2 bytes, read]
[ 102.7287573] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 102.7287573] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 102.7462938] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 102.7568590] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 102.7568590] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 102.7745568] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 102.7745568] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 102.7933613] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 102.8027936] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 102.8027936] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 102.8221042] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 102.8315326] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 102.8315326] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 102.8498892] #13 0xffffffff80265b1e in syscall <netbsd>
[ 102.8584583] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd8306 [2 bytes, read]
[ 102.8714578] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 102.8714578] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 102.8891672] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 102.8996582] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 102.8996582] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 102.9173544] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 102.9173544] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 102.9361844] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 102.9456073] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 102.9456073] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 102.9648774] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 102.9743056] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 102.9743056] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 102.9927907] #13 0xffffffff80265b1e in syscall <netbsd>
[ 103.0013680] sockaddr_checklen: 0xffffa60012fd82f0 bad len af=24
socklen=12 len=28 [inet6: ::]
[ 103.0013680] sockaddr_checklen: 0xffffa6016ef475b0 bad len af=24
socklen=12 len=28 [inet6: [800:0:1a6:ffff::7eef:d00]:20018]
[ 103.0293614] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd8302 [1 byte, read]
[ 103.0424612] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 103.0424612] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 103.0599637] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 103.0710324] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 103.0710324] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 103.0896664] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 103.0995757] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 103.0995757] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 103.1183633] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 103.1281399] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 103.1281399] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 103.1460148] #11 0xffffffff80265b1e in syscall <netbsd>
[ 103.1460148] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd8304 [1 byte, read]
[ 103.1674819] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 103.1760937] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 103.1852551] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 103.1852551] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 103.2055490] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 103.2150112] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 103.2150112] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 103.2337033] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 103.2437822] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 103.2437822] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 103.2621104] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 103.2714641] #11 0xffffffff80265b1e in syscall <netbsd>
[ 103.2714641] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd8304 [1 byte, read]
[ 103.2928934] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 103.3014752] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 103.3014752] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 103.3217343] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 103.3310326] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 103.3310326] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 103.3499364] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 103.3591422] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 103.3591422] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 103.3784640] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 103.3873955] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 103.3873955] #11 0xffffffff80265b1e in syscall <netbsd>
[ 103.4053572] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd8307 [1 byte, read]
[ 103.4182248] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 103.4280139] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 103.4280139] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 103.4469553] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 103.4565728] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 103.4565728] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 103.4751080] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 103.4851330] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 103.4851330] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
00:00:28 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
accept$inet(r0, &(0x7f0000000000), &(0x7f0000000040)=0xc)

00:00:28 executing program 4:
r0 = socket(0x18, 0x3, 0xd4b4)
sendto(r0,
&(0x7f0000000000)="17ac7e246709ab033324e604bf3064c481dd2616e3c45640dc797bfec36dd014",
0x20, 0x0, &(0x7f0000000040)=@un=@abs={0x1, 0x0, 0x1}, 0x8)
r1 = semget$private(0x0, 0x3, 0x201)
semctl$SETALL(r1, 0x0, 0x9, &(0x7f0000000080)=[0x6e7, 0x7, 0x7, 0x7fff,
0x7])
r2 = semget$private(0x0, 0x1, 0x2)
semctl$IPC_RMID(r1, 0x0, 0x0)
semctl$GETALL(r1, 0x0, 0x6, &(0x7f00000000c0)=""/199)
semget(0x1, 0x0, 0x400)
getsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f00000001c0),
&(0x7f0000000200)=0x4)
r3 = dup(r0)
unlinkat(r3, &(0x7f0000000240)='./file0\x00', 0x800)
r4 = semget(0x1, 0x3, 0x1)
semctl$GETVAL(r1, 0x3, 0x5, &(0x7f0000000280)=""/233)
execve(&(0x7f0000000380)='./file0\x00',
&(0x7f0000000500)=[&(0x7f00000003c0)='\x00', &(0x7f0000000400)='\x00',
&(0x7f0000000440)='\x00', &(0x7f0000000480)='--$\x00',
&(0x7f00000004c0)=')\x00'], &(0x7f0000000680)=[&(0x7f0000000540)='\x00',
&(0x7f0000000580)='\\^\x00', &(0x7f00000005c0)='[:@/.--\x00',
&(0x7f0000000600)='\x00', &(0x7f0000000640)='\x00'])
semop(r2, &(0x7f00000006c0)=[{0x4, 0x8, 0x1800}, {0x0, 0xaae2, 0x800},
{0x0, 0x7, 0x1000}, {0x2, 0x8000, 0x1000}, {0x1, 0x5, 0x1000}, {0x0,
0x80000000, 0x800}, {0x5, 0x4, 0x1000}], 0x7)
getsockopt(r0, 0x1da8, 0x0, &(0x7f0000000700)=""/174,
&(0x7f00000007c0)=0xae)
getsockname$inet6(r0, &(0x7f0000000800), &(0x7f0000000840)=0xc)
semget$private(0x0, 0x0, 0x490)
connect$inet6(r0, &(0x7f0000000880)={0x18, 0x2, 0x6, 0x8}, 0xc)
getsockopt(r3, 0x1, 0x400, &(0x7f00000008c0)=""/172, &(0x7f0000000980)=0xac)
utimes(&(0x7f00000009c0)='./file0/file0\x00', &(0x7f0000000a00)={{0x3c24,
0x5}, {0x8ebc, 0x9}})
recvfrom$unix(r3, &(0x7f0000000a40)=""/157, 0x9d, 0x840,
&(0x7f0000000b00)=@file={0x1, './file0\x00'}, 0xa)
semget$private(0x0, 0x7, 0x1)
semctl$IPC_RMID(r4, 0x0, 0x0)
getdents(r3, &(0x7f0000000b40)=""/13, 0xd)
r5 = semget$private(0x0, 0x0, 0x400)
semop(r5, &(0x7f0000000b80)=[{0x4, 0x100000000, 0x800}], 0x1)
semget$private(0x0, 0x1, 0x404)
connect(r0, &(0x7f0000000bc0)=@in={0x2, 0x1}, 0xc)
setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0x66, &(0x7f0000000c00)={0xfff,
0x1, 0x9, 0x1f, 0x1}, 0xc)

00:00:28 executing program 5:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
semget$private(0x0, 0x3, 0x1)
connect(0xffffffffffffffff, &(0x7f0000000300)=@in={0x2, 0x2}, 0xc)

00:00:28 executing program 1:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
r1 = semget$private(0x0, 0x3, 0x1)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x400000)
accept$unix(r2, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)
mkdirat(r2, &(0x7f0000000180)='./file0\x00', 0x48)
semctl$IPC_RMID(r1, 0x0, 0x0)

00:00:28 executing program 3:
mlockall(0x1)
mincore(&(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/204)
r0 = getuid()
setuid(r0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
readlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/190, 0xbe)
chmod(&(0x7f0000000240)='./file0\x00', 0x80)
r1 = open$dir(&(0x7f0000000280)='./file0\x00', 0x8410, 0x20)
recvfrom$inet6(r1, &(0x7f00000002c0)=""/133, 0x85, 0x2, 0x0, 0x0)
r2 = getegid()
lchown(&(0x7f0000000380)='./file0\x00', r0, r2)
fcntl$dupfd(r1, 0xc, r1)
setuid(r0)
chown(&(0x7f00000003c0)='./file0\x00', r0, r2)
symlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00')
chown(&(0x7f0000000900)='./file0\x00', 0x0, r2)

00:00:28 executing program 2:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
r1 = semget$private(0x0, 0x3, 0x1)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x400000)
accept$unix(r2, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)
mkdirat(r2, &(0x7f0000000180)='./file0\x00', 0x48)
semctl$IPC_RMID(r1, 0x0, 0x0)

00:00:28 executing program 1:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
semget$private(0x0, 0x3, 0x1)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x400000)
accept$unix(r1, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)
mkdirat(r1, &(0x7f0000000180)='./file0\x00', 0x48)

[ 103.5039213] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 103.5136920] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 103.5136920] #11 0xffffffff80265b1e in syscall <netbsd>
00:00:28 executing program 1:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
semget$private(0x0, 0x3, 0x1)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x400000)
accept$unix(r1, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)

00:00:28 executing program 5:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
semget$private(0x0, 0x3, 0x1)
connect(0xffffffffffffffff, &(0x7f0000000300)=@in={0x2, 0x2}, 0xc)

00:00:28 executing program 3:
mlockall(0x1)
mincore(&(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/204)
r0 = getuid()
setuid(r0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
readlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/190, 0xbe)
chmod(&(0x7f0000000240)='./file0\x00', 0x80)
r1 = open$dir(&(0x7f0000000280)='./file0\x00', 0x8410, 0x20)
recvfrom$inet6(r1, &(0x7f00000002c0)=""/133, 0x85, 0x2, 0x0, 0x0)
r2 = getegid()
lchown(&(0x7f0000000380)='./file0\x00', r0, r2)
fcntl$dupfd(r1, 0xc, r1)
setuid(r0)
symlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00')
chown(&(0x7f0000000900)='./file0\x00', 0x0, r2)

00:00:28 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
accept$inet(r0, &(0x7f0000000000), &(0x7f0000000040)=0xc)

00:00:28 executing program 2:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
r1 = semget$private(0x0, 0x3, 0x1)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x400000)
accept$unix(r2, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)
mkdirat(r2, &(0x7f0000000180)='./file0\x00', 0x48)
semctl$IPC_RMID(r1, 0x0, 0x0)

[ 103.6850664] ASan: Unauthorized Access In 0xffffffff80a7f1be: Addr
0xffffa60012fd84f4 [4 bytes, read]
[ 103.7066902] #0 0xffffffff80a7f1be in in6_print <netbsd>
[ 103.7155630] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 103.7155630] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 103.7341559] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 103.7435511] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 103.7435511] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 103.7621273] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 103.7717313] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 103.7717313] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 103.7904684] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 103.8005521] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 103.8005521] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 103.8190803] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 103.8284497] #13 0xffffffff80265b1e in syscall <netbsd>
[ 103.8284497] ASan: Unauthorized Access In 0xffffffff80a7f68c: Addr
0xffffa60012fd84f8 [4 bytes, read]
[ 103.8500141] #0 0xffffffff80a7f68c in in6_print <netbsd>
[ 103.8587634] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 103.8587634] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 103.8773909] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 103.8867478] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 103.8867478] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 103.9051424] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 103.9145956] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 103.9145956] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 103.9334058] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 103.9434795] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 103.9434795] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 103.9620212] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 103.9714362] #13 0xffffffff80265b1e in syscall <netbsd>
[ 103.9714362] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd84f4 [2 bytes, read]
[ 103.9930491] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 104.0018012] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 104.0018012] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 104.0203911] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 104.0297150] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 104.0297150] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 104.0481567] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 104.0576514] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 104.0576514] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 104.0763777] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 104.0864657] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 104.0864657] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 104.1050482] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 104.1143592] #13 0xffffffff80265b1e in syscall <netbsd>
[ 104.1143592] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd84f6 [2 bytes, read]
[ 104.1359805] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 104.1447308] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 104.1447308] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 104.1633886] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 104.1727175] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 104.1727175] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 104.1911496] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 104.2006877] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 104.2006877] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 104.2193835] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 104.2294716] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 104.2294716] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 104.2480186] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 104.2574056] #13 0xffffffff80265b1e in syscall <netbsd>
[ 104.2574056] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd84f8 [2 bytes, read]
[ 104.2799279] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 104.2886691] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 104.2886691] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 104.3072783] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 104.3166377] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 104.3166377] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 104.3351008] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 104.3445650] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 104.3445650] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 104.3632700] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 104.3733994] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 104.3733994] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 104.3920674] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 104.4015383] #13 0xffffffff80265b1e in syscall <netbsd>
[ 104.4015383] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd84fa [2 bytes, read]
[ 104.4232741] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 104.4320389] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 104.4418827] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 104.4418827] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 104.4599271] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 104.4599271] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 104.4783704] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 104.4878767] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 104.4878767] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 104.5064975] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 104.5165861] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 104.5165861] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 104.5351470] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 104.5444584] #13 0xffffffff80265b1e in syscall <netbsd>
[ 104.5444584] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd84fc [2 bytes, read]
[ 104.5660192] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 104.5747293] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 104.5846840] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 104.5846840] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 104.6025525] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 104.6025525] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 104.6209662] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 104.6304410] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 104.6304410] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 104.6491273] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 104.6591833] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 104.6591833] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 104.6776918] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 104.6870544] #13 0xffffffff80265b1e in syscall <netbsd>
[ 104.6870544] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd84fe [2 bytes, read]
[ 104.7086244] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 104.7173556] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 104.7274839] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 104.7274839] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 104.7452820] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 104.7452820] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 104.7637302] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 104.7731986] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 104.7731986] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 104.7918564] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 104.8019161] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 104.8019161] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 104.8204456] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 104.8297988] #13 0xffffffff80265b1e in syscall <netbsd>
[ 104.8297988] sockaddr_checklen: 0xffffa60012fd84e8 bad len af=24
socklen=12 len=28 [inet6: ::]
[ 104.8505186] sockaddr_checklen: 0xffffa6016f19f5b0 bad len af=24
socklen=12 len=28 [inet6: [800:0:1a6:ffff::bab1:d400]:20018]
[ 104.8664942] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd84fa [1 byte, read]
[ 104.8793799] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 104.8879743] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 104.8879743] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 104.9081271] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 104.9172932] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 104.9274068] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 104.9274068] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 104.9453232] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 104.9559640] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 104.9559640] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 104.9736989] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 104.9845209] #11 0xffffffff80265b1e in syscall <netbsd>
[ 104.9845209] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd84fc [1 byte, read]
[ 105.0050747] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 105.0137325] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 105.0137325] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 105.0338257] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 105.0430172] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 105.0430172] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 105.0619210] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 105.0711218] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 105.0711218] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 105.0904788] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 105.0994579] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 105.0994579] #11 0xffffffff80265b1e in syscall <netbsd>
[ 105.1173204] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd84fc [1 byte, read]
[ 105.1302061] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 105.1302061] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 105.1478100] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 105.1589114] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 105.1589114] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 105.1778782] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 105.1873813] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 105.1873813] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 105.2067860] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 105.2161278] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 105.2161278] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 105.2344577] #11 0xffffffff80265b1e in syscall <netbsd>
[ 105.2429929] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd84ff [1 byte, read]
[ 105.2558703] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 105.2558703] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 105.2736027] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 105.2846670] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 105.2846670] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 105.3033008] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 105.3129582] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 105.3129582] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 105.3319949] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
00:00:30 executing program 1:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
semget$private(0x0, 0x3, 0x1)
accept$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)

[ 105.3415178] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 105.3415178] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 105.3596390] #11 0xffffffff80265b1e in syscall <netbsd>
00:00:30 executing program 4:
r0 = socket(0x18, 0x3, 0xd4b4)
sendto(r0,
&(0x7f0000000000)="17ac7e246709ab033324e604bf3064c481dd2616e3c45640dc797bfec36dd014",
0x20, 0x0, &(0x7f0000000040)=@un=@abs={0x1, 0x0, 0x1}, 0x8)
r1 = semget$private(0x0, 0x3, 0x201)
semctl$SETALL(r1, 0x0, 0x9, &(0x7f0000000080)=[0x6e7, 0x7, 0x7, 0x7fff,
0x7])
r2 = semget$private(0x0, 0x1, 0x2)
semctl$IPC_RMID(r1, 0x0, 0x0)
semctl$GETALL(r1, 0x0, 0x6, &(0x7f00000000c0)=""/199)
semget(0x1, 0x0, 0x400)
getsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f00000001c0),
&(0x7f0000000200)=0x4)
r3 = dup(r0)
unlinkat(r3, &(0x7f0000000240)='./file0\x00', 0x800)
r4 = semget(0x1, 0x3, 0x1)
semctl$GETVAL(r1, 0x3, 0x5, &(0x7f0000000280)=""/233)
execve(&(0x7f0000000380)='./file0\x00',
&(0x7f0000000500)=[&(0x7f00000003c0)='\x00', &(0x7f0000000400)='\x00',
&(0x7f0000000440)='\x00', &(0x7f0000000480)='--$\x00',
&(0x7f00000004c0)=')\x00'], &(0x7f0000000680)=[&(0x7f0000000540)='\x00',
&(0x7f0000000580)='\\^\x00', &(0x7f00000005c0)='[:@/.--\x00',
&(0x7f0000000600)='\x00', &(0x7f0000000640)='\x00'])
semop(r2, &(0x7f00000006c0)=[{0x4, 0x8, 0x1800}, {0x0, 0xaae2, 0x800},
{0x0, 0x7, 0x1000}, {0x2, 0x8000, 0x1000}, {0x1, 0x5, 0x1000}, {0x0,
0x80000000, 0x800}, {0x5, 0x4, 0x1000}], 0x7)
getsockopt(r0, 0x1da8, 0x0, &(0x7f0000000700)=""/174,
&(0x7f00000007c0)=0xae)
getsockname$inet6(r0, &(0x7f0000000800), &(0x7f0000000840)=0xc)
semget$private(0x0, 0x0, 0x490)
connect$inet6(r0, &(0x7f0000000880)={0x18, 0x2, 0x6, 0x8}, 0xc)
getsockopt(r3, 0x1, 0x400, &(0x7f00000008c0)=""/172, &(0x7f0000000980)=0xac)
utimes(&(0x7f00000009c0)='./file0/file0\x00', &(0x7f0000000a00)={{0x3c24,
0x5}, {0x8ebc, 0x9}})
recvfrom$unix(r3, &(0x7f0000000a40)=""/157, 0x9d, 0x840,
&(0x7f0000000b00)=@file={0x1, './file0\x00'}, 0xa)
semget$private(0x0, 0x7, 0x1)
semctl$IPC_RMID(r4, 0x0, 0x0)
getdents(r3, &(0x7f0000000b40)=""/13, 0xd)
r5 = semget$private(0x0, 0x0, 0x400)
semop(r5, &(0x7f0000000b80)=[{0x4, 0x100000000, 0x800}], 0x1)
semget$private(0x0, 0x1, 0x404)
connect(r0, &(0x7f0000000bc0)=@in={0x2, 0x1}, 0xc)
setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0x66, &(0x7f0000000c00)={0xfff,
0x1, 0x9, 0x1f, 0x1}, 0xc)

00:00:30 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
accept$inet(r0, &(0x7f0000000000), &(0x7f0000000040)=0xc)

00:00:30 executing program 1:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
semget$private(0x0, 0x3, 0x1)
accept$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)

00:00:30 executing program 5:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x400000)
connect(r1, &(0x7f0000000300)=@in={0x2, 0x2}, 0xc)

00:00:30 executing program 2:
getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x11,
&(0x7f0000000040)={0x0, <r0=>0x0}, &(0x7f0000000080)=0xc)
getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x11,
&(0x7f00000000c0)={0x0, <r1=>0x0}, 0xc)
setreuid(r0, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff,
<r3=>0xffffffffffffffff})
recvfrom(r2, &(0x7f0000000d40)=""/180, 0xb4, 0x0, 0x0, 0x0)
sendmsg(r3, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x8)

00:00:30 executing program 3:
mlockall(0x1)
mincore(&(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/204)
r0 = getuid()
setuid(r0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
readlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/190, 0xbe)
chmod(&(0x7f0000000240)='./file0\x00', 0x80)
r1 = open$dir(&(0x7f0000000280)='./file0\x00', 0x8410, 0x20)
recvfrom$inet6(r1, &(0x7f00000002c0)=""/133, 0x85, 0x2, 0x0, 0x0)
r2 = getegid()
lchown(&(0x7f0000000380)='./file0\x00', r0, r2)
fcntl$dupfd(r1, 0xc, r1)
symlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00')
chown(&(0x7f0000000900)='./file0\x00', 0x0, r2)

00:00:30 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff,
<r0=>0xffffffffffffffff})
r1 = dup2(0xffffffffffffffff, r0)
accept$inet(r1, &(0x7f0000000000), &(0x7f0000000040)=0xc)

00:00:30 executing program 1:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
semget$private(0x0, 0x3, 0x1)
accept$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)

00:00:30 executing program 3:
mlockall(0x1)
mincore(&(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/204)
r0 = getuid()
setuid(r0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
readlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/190, 0xbe)
chmod(&(0x7f0000000240)='./file0\x00', 0x80)
r1 = open$dir(&(0x7f0000000280)='./file0\x00', 0x8410, 0x20)
recvfrom$inet6(r1, &(0x7f00000002c0)=""/133, 0x85, 0x2, 0x0, 0x0)
r2 = getegid()
lchown(&(0x7f0000000380)='./file0\x00', r0, r2)
symlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00')
chown(&(0x7f0000000900)='./file0\x00', 0x0, r2)

00:00:30 executing program 1:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
semctl$GETNCNT(r0, 0x7, 0x3, &(0x7f0000000040)=""/12)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x400000)
accept$unix(r1, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)

00:00:30 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff,
<r0=>0xffffffffffffffff})
r1 = dup2(0xffffffffffffffff, r0)
accept$inet(r1, &(0x7f0000000000), &(0x7f0000000040)=0xc)

00:00:30 executing program 5:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x400000)
connect(r1, &(0x7f0000000300)=@in={0x2, 0x2}, 0xc)

[ 105.7270697] ASan: Unauthorized Access In 0xffffffff80a7f1be: Addr
0xffffa60012fd83a4 [4 bytes, read]
[ 105.7529962] #0 0xffffffff80a7f1be in in6_print <netbsd>
[ 105.7618652] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 105.7707532] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 105.7707532] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 105.7898561] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 105.7989807] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 105.7989807] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 105.8178338] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 105.8273614] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 105.8273614] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 105.8466375] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 105.8560609] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 105.8560609] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 105.8745813] #13 0xffffffff80265b1e in syscall <netbsd>
[ 105.8745813] ASan: Unauthorized Access In 0xffffffff80a7f68c: Addr
0xffffa60012fd83a8 [4 bytes, read]
[ 105.8961594] #0 0xffffffff80a7f68c in in6_print <netbsd>
[ 105.9049869] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 105.9138053] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 105.9138053] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 105.9328577] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 105.9420099] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 105.9420099] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 105.9607966] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 105.9702288] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 105.9702288] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 105.9896449] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 105.9992181] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 105.9992181] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 106.0177186] #13 0xffffffff80265b1e in syscall <netbsd>
[ 106.0177186] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd83a4 [2 bytes, read]
[ 106.0392740] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 106.0479942] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 106.0569063] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 106.0569063] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 106.0759291] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 106.0850228] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 106.0850228] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 106.1038427] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 106.1133386] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 106.1133386] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 106.1326532] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 106.1421914] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 106.1421914] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 106.1606233] #13 0xffffffff80265b1e in syscall <netbsd>
[ 106.1606233] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd83a6 [2 bytes, read]
[ 106.1821546] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 106.1909397] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 106.1997877] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 106.1997877] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 106.2188452] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 106.2279056] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 106.2279056] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 106.2466823] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 106.2561196] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 106.2561196] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 106.2754767] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 106.2849951] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 106.2849951] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 106.3035480] #13 0xffffffff80265b1e in syscall <netbsd>
[ 106.3035480] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd83a8 [2 bytes, read]
[ 106.3251380] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 106.3340006] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 106.3428467] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 106.3428467] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 106.3619209] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 106.3710543] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 106.3710543] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 106.3899228] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 106.3994037] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 106.3994037] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 106.4186793] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 106.4281289] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 106.4281289] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 106.4465372] #13 0xffffffff80265b1e in syscall <netbsd>
[ 106.4465372] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd83aa [2 bytes, read]
[ 106.4696261] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 106.4696261] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 106.4858223] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 106.4858223] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 106.5048678] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 106.5139663] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 106.5139663] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 106.5327839] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 106.5422987] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 106.5422987] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 106.5615819] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 106.5710511] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 106.5710511] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 106.5895563] #13 0xffffffff80265b1e in syscall <netbsd>
[ 106.5981792] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd83ac [2 bytes, read]
[ 106.6124250] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 106.6124250] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 106.6287968] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 106.6287968] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 106.6478670] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 106.6570020] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 106.6570020] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 106.6758635] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 106.6853259] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 106.6853259] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 106.7046378] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 106.7140985] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 106.7140985] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 106.7324936] #13 0xffffffff80265b1e in syscall <netbsd>
[ 106.7410552] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffa60012fd83ae [2 bytes, read]
[ 106.7552199] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 106.7552199] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 106.7715964] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 106.7715964] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 106.7906365] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 106.7997739] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 106.7997739] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 106.8185668] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 106.8279853] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 106.8279853] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 106.8472601] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 106.8567439] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 106.8567439] #12 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 106.8752020] #13 0xffffffff80265b1e in syscall <netbsd>
[ 106.8837880] sockaddr_checklen: 0xffffa60012fd8398 bad len af=24
socklen=12 len=28 [inet6: ::]
[ 106.8837880] sockaddr_checklen: 0xffffa6016ef735b0 bad len af=24
socklen=12 len=28 [inet6: [800:0:1a6:ffff::d698:3d01]:20018]
[ 106.9119142] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd83aa [1 byte, read]
[ 106.9248000] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 106.9334114] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 106.9425036] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 106.9425036] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 106.9627099] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 106.9721556] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 106.9721556] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 106.9907348] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 107.0008004] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 107.0008004] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 107.0191182] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 107.0284391] #11 0xffffffff80265b1e in syscall <netbsd>
[ 107.0284391] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd83ac [1 byte, read]
[ 107.0498302] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 107.0584122] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 107.0584122] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 107.0786057] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 107.0878089] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 107.0979369] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 107.0979369] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 107.1158201] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 107.1264984] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 107.1264984] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 107.1441926] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 107.1441926] #11 0xffffffff80265b1e in syscall <netbsd>
[ 107.1620481] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd83ac [1 byte, read]
[ 107.1749261] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 107.1840256] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 107.1840256] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 107.2040683] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 107.2132523] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 107.2132523] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 107.2321428] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 107.2413923] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 107.2413923] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 107.2608275] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 107.2697838] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 107.2697838] #11 0xffffffff80265b1e in syscall <netbsd>
[ 107.2876509] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffa60012fd83af [1 byte, read]
[ 107.3005394] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 107.3005394] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 107.3181861] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 107.3292839] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 107.3292839] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 107.3478941] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 107.3573418] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 107.3573418] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 107.3765744] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 107.3858757] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 107.3858757] #10 0xffffffff80ebbb34 in sys___syscall <netbsd>
[ 107.4041761] #11 0xffffffff80265b1e in syscall <netbsd>
00:00:32 executing program 3:
mlockall(0x1)
mincore(&(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/204)
r0 = getuid()
setuid(r0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
readlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/190, 0xbe)
chmod(&(0x7f0000000240)='./file0\x00', 0x80)
r1 = open$dir(&(0x7f0000000280)='./file0\x00', 0x8410, 0x20)
recvfrom$inet6(r1, &(0x7f00000002c0)=""/133, 0x85, 0x2, 0x0, 0x0)
r2 = getegid()
symlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00')
chown(&(0x7f0000000900)='./file0\x00', 0x0, r2)

00:00:32 executing program 1:
r0 = semget$private(0x0, 0x3, 0x110)
semctl$SETVAL(r0, 0x7, 0x8, &(0x7f0000000000)=0x1)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x400000)
accept$unix(r1, &(0x7f00000000c0)=@file={0x0, ""/108},
&(0x7f0000000140)=0x6e)

00:00:32 executing program 4:
r0 = paccept(0xffffffffffffff9c, &(0x7f0000000000)=@in,
&(0x7f0000000040)=0xc, 0x20000000)
getsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000080)=""/71,
&(0x7f0000000100)=0x47)
r1 = accept(r0, &(0x7f0000000140)=@in6, &(0x7f0000000180)=0xc)
bind$unix(r0, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0xa)
poll(&(0x7f0000000200)=[{r0, 0x10}, {r1, 0x1}, {r0, 0x2c}, {r1, 0x40}, {r0,
0xac}], 0x5, 0x0)
accept(r1, &(0x7f0000000240)=@un=@file={0x0, ""/4096},
&(0x7f0000001280)=0x1002)
pipe2(&(0x7f00000012c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff},
0x0)
close(r1)
getsockname$inet(r3, &(0x7f0000001300), &(0x7f0000001340)=0xc)
r4 = openat(r3, &(0x7f0000001380)='./file0\x00', 0x2, 0x10)
write(r4,
&(0x7f00000013c0)="03dcc1b2faf2f67451e40bfa34fa84d3732f85b2e2a1d65df428237a8a1f8ebae4912a51e389163240174d14b5569825f8f63f15a93bec50dab58ac4c064075ef5a0d9017ee3e56fffe7586e57316639658d209894e471f0e43ce1bfde3122f77f4be0cde47ad3c010624364ab9cc96082a12af75d3cefbe90e07435525475e05b4217c36e308abc7f62d53e40582fbaba2e50fdfc75d9bbfa090e9c69a21d8842114860b40fe0fbeab62b32a14fe9451b3332dd8024007a6dd38e190b1e66c45a681a75cf76815af6ade88a04d831a92638aef04e3d8b4863186232b9",
0xdd)
sendmsg$unix(r1, &(0x7f0000001880)={&(0x7f00000014c0)=@abs={0x0, 0x0, 0x2},
0x8,
&(0x7f0000001800)=[{&(0x7f0000001500)="547a8c41c3864f7e11dc35322808fb1b705d03b45b94059b13d568fdfb66d4ab9881d3b4cf03b33a416dddef0a8f31ee5eafe88ba1e388d61d05b80ae5298606ee4d64385ea3ba3f802e4d08c2416b53bd40f0f4df76947eeca6e9032ce64643924f2dda9a3eb960bf03f492990d8bc3d353d6dca7ed5df9880e6117b48f2dea089c71e2c7d138dd02651faf86b1cb45b8d4803ab073f022b736bc9f4ea2cb1eba331bebd7663b5a4b92b75913e6c01ff220ccbd96",
0xb5},
{&(0x7f00000015c0)="099818376e39dbb33a849048d2f6cf6e9e267da0a52aa82d1f7e6e789e02c68afe714b203adfd188db51f69cc16edde7416a2b5d03c4540ef1b81838114718380ae8cc9194b358006784e7081b2865773099f9e162505a1b43eda29943da53bf4144762c8ebcd980bcb7814cb08cafc700062c0a9cef2e09fa8d380877c527acef165bbb195dedf9836785ca70d7a169a47a3a2c9b440acb5b3331e7da89a69866ebd5400469e1114709a73118f63ceb18535b4394b19b092270520a9c4c39ab573454d99e94428547a6c7066259d0ffcfe503893a2e1a4c78",
0xd9}, {&(0x7f00000016c0)="0c18", 0x2},
{&(0x7f0000001700)="34a537fc9a6621dedecc7679c61c2b0e0710722a126330251928bbc4d9e51f40ba929eb1813ef1852c8559de2e64c34bf97d55192d170dd63203dc28a0db4a425f37e0e309d645f680000fa3955f027abd012c94703125fdbbac38b484dd0e71feea8d324205ac3dab7347890e448e11c6e2d59f311dfb1eefc7f8507bdc74582c83b00d95f2a9048809d5cc215b77c0bbb24abaa7c8f7e78011e966255b26485afcd9f327f3063ba3b471b6681464383779731e4b17bbf49acc1eb7c88af53d134f278ad9fa5f45e775f46e2907b7759c1dfd49ff85526f4bbd02c51e9250c0805057aa685d348af624210e4f877a1834245f",
0xf3}], 0x4, &(0x7f0000001840), 0x0, 0x8}, 0x3)
sendto(r3,
&(0x7f00000018c0)="350999dcfbdfa5c75835f0403c687968ee2362ced3aced0d4409d1f80b3c597155f57f53f3c2fa7e3aa423354d2cac3d4511455c082d473c28edd2ac1032e4461820a94714cbae607dddaf610fbd91ae4f8f1977bab18293b71739365

---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with
syzbot.

[Dmitry Vyukov]

It would be nice to have symbolization (file/line number).
Also, linux has an option to abort after first kasan report because
this wall of errors is... too wall. I guess subsequent errors will
generally point to roughty the same stack anyways.
Also need better bug title. Currently syzbot will glue _all_ kasan
reports into the same bug. There can be hundreds of different bugs,
but we will not know.

> --
> You received this message because you are subscribed to the Google Groups "syzkaller-netbsd-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-netbsd...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-netbsd-bugs/0000000000006a19a3058293e51b%40google.com.
> For more options, visit https://groups.google.com/d/optout.

[Kamil Rytarowski]

Right now we are down to addr2line(1).

We build it with "./build.sh tools" and name it x86_64--netbsd-addr2line
(for NetBSD/amd64).

Can we process this through host's netbsd.gdb and x86_64--netbsd-addr2line?

There are plans for DWARF/CTF/ORC symbolizing in the kernel, but it
probably won't be done in close time.

> Also, linux has an option to abort after first kasan report because
> this wall of errors is... too wall. I guess subsequent errors will
> generally point to roughty the same stack anyways.

We can could change printf(9) with panic(9) in the source code. We have
deliberately followed Linux with making issues non-fatal and gather from
dmesg(8).

> Also need better bug title. Currently syzbot will glue _all_ kasan
> reports into the same bug. There can be hundreds of different bugs,
> but we will not know.
>

Can we output C reproducer in the reports to make the triaging process
of them much more convenient?

[syzbot]

syzbot has found a reproducer for the following crash on:

HEAD commit: af876e934dda Register kUBSan and KCOV in kernel=GENERIC of..
git tree: netbsd

console output: https://syzkaller.appspot.com/x/log.txt?x=16b64ba2c00000
dashboard link: https://syzkaller.appspot.com/bug?extid=9eaf98dad6ca738c250d
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16d9f900c00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=128e8a70c00000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+9eaf98...@syzkaller.appspotmail.com

[ 43.3935063] ASan: Unauthorized Access In 0xffffffff80a7f1be: Addr
0xffffd78012d19aac [4 bytes, read]
[ 43.4061735] #0 0xffffffff80a7f1be in in6_print <netbsd>
[ 43.4061735] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 43.4061735] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 43.4061735] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 43.4161343] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 43.4161343] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 43.4161343] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 43.4161343] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 43.4294017] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 43.4294017] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 43.4436870] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 43.4506092] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 43.4506092] #12 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 43.4645312] #13 0xffffffff80265b1e in syscall <netbsd>
[ 43.4645312] ASan: Unauthorized Access In 0xffffffff80a7f68c: Addr
0xffffd78012d19ab0 [4 bytes, read]
[ 43.4811310] #0 0xffffffff80a7f68c in in6_print <netbsd>
[ 43.4877080] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 43.4942812] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 43.4942812] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 43.5083405] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 43.5083405] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 43.5219567] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 43.5288722] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 43.5288722] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 43.5424988] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 43.5499077] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 43.5499077] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 43.5634994] #12 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 43.5634994] #13 0xffffffff80265b1e in syscall <netbsd>
[ 43.5763837] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffd78012d19aac [2 bytes, read]
[ 43.5865078] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 43.5865078] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 43.5993223] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 43.6064425] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 43.6064425] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 43.6199483] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 43.6271157] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 43.6271157] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 43.6408118] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 43.6408118] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 43.6550187] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 43.6619434] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 43.6619434] #12 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 43.6753410] #13 0xffffffff80265b1e in syscall <netbsd>
[ 43.6753410] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffd78012d19aae [2 bytes, read]
[ 43.6917426] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 43.6981411] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 43.7049838] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 43.7049838] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 43.7185870] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 43.7185870] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 43.7321603] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 43.7390701] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 43.7390701] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 43.7527486] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 43.7606057] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 43.7606057] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 43.7737889] #12 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 43.7737889] #13 0xffffffff80265b1e in syscall <netbsd>
[ 43.7867084] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffd78012d19ab0 [2 bytes, read]
[ 43.7968310] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 43.7968310] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 43.8097938] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 43.8169765] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 43.8169765] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 43.8305582] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 43.8305582] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 43.8443019] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 43.8512205] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 43.8512205] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 43.8654838] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 43.8724242] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 43.8724242] #12 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 43.8860637] #13 0xffffffff80265b1e in syscall <netbsd>
[ 43.8860637] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffd78012d19ab2 [2 bytes, read]
[ 43.9024273] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 43.9089211] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 43.9089211] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 43.9225325] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 43.9294892] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 43.9294892] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 43.9431976] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 43.9501035] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 43.9501035] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 43.9640809] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 43.9719673] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 43.9719673] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 43.9855515] #12 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 43.9855515] #13 0xffffffff80265b1e in syscall <netbsd>
[ 43.9985346] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffd78012d19ab4 [2 bytes, read]
[ 44.0086598] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 44.0086598] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 44.0214448] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 44.0285781] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 44.0285781] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 44.0423275] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 44.0498366] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 44.0498366] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 44.0632679] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 44.0632679] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 44.0776180] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 44.0845917] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 44.0845917] #12 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 44.0980243] #13 0xffffffff80265b1e in syscall <netbsd>
[ 44.0980243] ASan: Unauthorized Access In 0xffffffff80a7f480: Addr
0xffffd78012d19ab6 [2 bytes, read]
[ 44.1147709] #0 0xffffffff80a7f480 in in6_print <netbsd>
[ 44.1211998] #1 0xffffffff80a7f87f in sin6_print <netbsd>
[ 44.1277511] #2 0xffffffff80f4e421 in sockaddr_checklen <netbsd>
[ 44.1277511] #3 0xffffffff80f4e4ea in sockaddr_alloc <netbsd>
[ 44.1417997] #4 0xffffffff80f4e64f in sockaddr_dup <netbsd>
[ 44.1417997] #5 0xffffffff8105fd90 in rtcache_setdst <netbsd>
[ 44.1553667] #6 0xffffffff810601a7 in rtcache_lookup2 <netbsd>
[ 44.1622980] #7 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 44.1622980] #8 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 44.1760291] #9 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 44.1840886] #10 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 44.1840886] #11 0xffffffff80f693ef in sys_connect <netbsd>
[ 44.1980718] #12 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 44.1980718] #13 0xffffffff80265b1e in syscall <netbsd>
[ 44.2111286] sockaddr_checklen: 0xffffd78012d19aa0 bad len af=24
socklen=12 len=28 [inet6: ::]
[ 44.2205771] sockaddr_checklen: 0xffffd7816ee375b0 bad len af=24
socklen=12 len=28 [inet6: [800::]:20002]
[ 44.2311010] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffd78012d19ab2 [1 byte, read]
[ 44.2411089] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 44.2411089] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 44.2546780] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 44.2631461] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 44.2631461] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 44.2768431] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 44.2843884] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 44.2843884] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 44.2986621] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 44.3056945] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 44.3056945] #10 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 44.3189332] #11 0xffffffff80265b1e in syscall <netbsd>
[ 44.3189332] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffd78012d19ab4 [1 byte, read]
[ 44.3355048] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 44.3419161] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 44.3419161] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 44.3578004] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 44.3645919] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 44.3645919] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 44.3786288] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 44.3856321] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 44.3856321] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 44.4002019] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 44.4068169] #10 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 44.4068169] #11 0xffffffff80265b1e in syscall <netbsd>
[ 44.4200553] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffd78012d19ab4 [1 byte, read]
[ 44.4303230] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 44.4303230] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 44.4439385] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 44.4522335] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 44.4522335] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 44.4660843] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 44.4731405] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[ 44.4731405] #7 0xffffffff80aa7b7f in rip6_connect_wrapper <netbsd>
[ 44.4879203] #8 0xffffffff80f69206 in do_sys_connect <netbsd>
[ 44.4952562] #9 0xffffffff80f693ef in sys_connect <netbsd>
[ 44.4952562] #10 0xffffffff80ebb98e in sys_syscall <netbsd>
[ 44.5092973] #11 0xffffffff80265b1e in syscall <netbsd>
[ 44.5092973] ASan: Unauthorized Access In 0xffffffff8105a3bf: Addr
0xffffd78012d19ab7 [1 byte, read]
[ 44.5258232] #0 0xffffffff8105a3bf in rn_match <netbsd>
[ 44.5322067] #1 0xffffffff81062e5d in rt_matchaddr <netbsd>
[ 44.5393026] #2 0xffffffff8105e333 in rtalloc1_locked.constprop.15
<netbsd>
[ 44.5393026] #3 0xffffffff8105ed8b in _rtcache_init <netbsd>
[ 44.5539328] #4 0xffffffff81060272 in rtcache_lookup2 <netbsd>
[ 44.5539328] #5 0xffffffff80a8002f in in6_selectroute <netbsd>
[ 44.5677783] #6 0xffffffff80a80437 in in6_selectsrc <netbsd>
[

[maxv]

It appears that certain protocols lack length checks on sa_len.

For example, in rip6_connect(), there should be:

    if (addr->sin6_len != sizeof(*addr))
        return EINVAL;

I see this mistake in: STCP*, DCCP*, DDP, RIP, RIP6.

I think we should fix RIP and RIP6. The rest is disabled by default and likely broken in many other ways, not sure we should touch them actually...