kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Mon Feb 17 11:03:09 PST 2020 OpenBSD/amd64 (ci-openbsd-main-3.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.10.19' (ECDSA) to the list of known hosts. 2020/02/17 11:03:21 fuzzer started 2020/02/17 11:03:24 dialing manager at 10.128.15.235:22818 2020/02/17 11:03:24 syscalls: 337 2020/02/17 11:03:24 code coverage: enabled 2020/02/17 11:03:24 comparison tracing: enabled 2020/02/17 11:03:24 extra coverage: support is not implemented in syzkaller 2020/02/17 11:03:24 setuid sandbox: enabled 2020/02/17 11:03:24 namespace sandbox: support is not implemented in syzkaller 2020/02/17 11:03:24 Android sandbox: support is not implemented in syzkaller 2020/02/17 11:03:24 fault injection: support is not implemented in syzkaller 2020/02/17 11:03:24 leak checking: support is not implemented in syzkaller 2020/02/17 11:03:24 net packet injection: enabled 2020/02/17 11:03:24 net device setup: support is not implemented in syzkaller 2020/02/17 11:03:24 concurrency sanitizer: support is not implemented in syzkaller 2020/02/17 11:03:24 devlink PCI setup: support is not implemented in syzkaller 11:03:28 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) getgroups(0x5, &(0x7f00000000c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0]) lchown(&(0x7f0000000000)='./file0\x00', r1, r3) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000100)={0x0, 0x0}, 0xc) r5 = geteuid() getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0xc) r7 = getpgid(0x0) msgctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000000180)={{0x4a, r4, r2, r5, r6, 0x1, 0x6}, 0x6, 0x4, r7, r0, 0xf1f00000000000, 0x7ff, 0x0, 0x148f}) faccessat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x100, 0x2) r8 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x1, 0x0) lseek(r8, 0x0, 0x3, 0x0) r9 = open$dir(&(0x7f0000000280)='./file0\x00', 0x80, 0xe4) dup2(r9, r8) r10 = getppid() wait4(r10, &(0x7f00000002c0), 0x0, &(0x7f0000000300)) ioctl$BIOCIMMEDIATE(r8, 0x80044270, &(0x7f00000003c0)=0x80000001) fcntl$getown(r8, 0x5) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BIOCSRSIG(r11, 0x80044272, &(0x7f0000000440)) getgroups(0x1, &(0x7f0000000480)=[0xffffffffffffffff]) setgid(r12) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)) ioctl$WSKBDIO_GETMODE(r8, 0x40045714, &(0x7f0000000500)) ioctl$BIOCIMMEDIATE(r8, 0x80044270, &(0x7f0000000540)=0x8) r13 = openat$null(0xffffffffffffff9c, &(0x7f0000000580)='/dev/null\x00', 0x400, 0x0) getsockopt$sock_cred(r13, 0xffff, 0x1022, &(0x7f00000005c0), &(0x7f0000000600)=0xc) ioctl$BIOCSETIF(0xffffffffffffff9c, 0x8020426c, &(0x7f0000000640)={'tap', 0x0}) r14 = socket$inet6(0x18, 0x8000, 0x3f) getsockopt$sock_cred(r14, 0xffff, 0x1022, &(0x7f0000000680), &(0x7f00000006c0)=0xc) r15 = semget(0x0, 0x0, 0xf8) semctl$GETPID(r15, 0x4, 0x4, &(0x7f0000000700)=""/207) 11:03:28 executing program 0: r0 = open(&(0x7f0000000040)='./file0\x00', 0x80, 0x0) symlinkat(&(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000080)='./file0\x00') r1 = socket(0x20, 0x4000, 0xa5) setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0x69, &(0x7f00000000c0)={{0x18, 0x2, 0xff, 0x8000}, {0x18, 0x3, 0x3, 0x4e74}, 0x5, [0x3, 0x3, 0x6834, 0x80000000, 0x7fff, 0x401, 0x1, 0x4]}, 0x3c) getsockname(r0, &(0x7f0000000100)=@un=@file={0x0, ""/4096}, &(0x7f0000001140)=0x1002) socket(0x6, 0x4, 0x2e) getsockopt$sock_timeval(0xffffffffffffffff, 0xffff, 0x1006, &(0x7f0000001180), &(0x7f00000011c0)=0x10) openat$bpf(0xffffffffffffff9c, &(0x7f0000001200)='/dev/bpf\x00', 0x20, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001240)='/dev/zero\x00', 0x8, 0x0) ioctl$BIOCSETIF(r2, 0x8020426c, &(0x7f0000001280)={'tap', 0x0}) r3 = accept$unix(r2, 0x0, &(0x7f00000012c0)) setsockopt$sock_timeval(r3, 0xffff, 0x1006, &(0x7f0000001300)={0x4470ab1e, 0x8}, 0x10) r4 = socket$inet(0x2, 0x8000, 0x5) getsockopt$sock_cred(r4, 0xffff, 0x1022, &(0x7f0000001340), &(0x7f0000001380)=0xc) r5 = openat$bpf(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/bpf\x00', 0x1, 0x0) ioctl$BIOCSETIF(r5, 0x8020426c, &(0x7f0000001400)={'tap', 0x0}) r6 = accept$inet(r1, 0x0, &(0x7f0000001440)) getsockname$inet(r6, &(0x7f0000001480), &(0x7f00000014c0)=0xc) bind(r2, &(0x7f0000001500)=@in6={0x18, 0x2, 0x7f, 0x5}, 0xc) r7 = openat(0xffffffffffffff9c, &(0x7f0000001540)='./file0\x00', 0x2, 0xf2) write(r7, &(0x7f0000001580), 0x0) ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f00000015c0)={0xff, 0x5, 0x5, {[0x20, 0x1ff, 0x3, 0x2, 0x100000001, 0x1, 0x10001, 0x0, 0x7f, 0x5, 0xc30, 0x2a, 0x400, 0x6, 0x0, 0x0, 0x5, 0xf98], [0x6, 0x7ce, 0x2, 0x3, 0x200, 0x3f, 0x2, 0x17df1461, 0x3, 0x3ff], [0xfffffffffffff3b2, 0x5, 0x96, 0x40, 0x5fc6, 0x7, 0x8], [0x3, 0x8000, 0x0, 0x3, 0x3, 0x8], [{0x61c, 0x3, 0xff, 0x9}, {0x0, 0x80000000, 0xff7f, 0xfffffffffffffe00}, {0x2, 0x10000, 0x3, 0x5}, {0xb008, 0x10000, 0x101, 0x1}, {0xfc01, 0x101, 0x9, 0x4}, {0x9, 0x20, 0x40, 0x100}, {0x401, 0x1, 0xfffffff9, 0x1}, {0x6, 0xf385, 0x9, 0x400}], {0x9, 0x2, 0x3, 0x3}, {0x3, 0x7, 0x1, 0x4}}}) ioctl$FIOASYNC(0xffffffffffffffff, 0x8004667d, &(0x7f0000001840)=0x1) lseek(0xffffffffffffffff, 0x0, 0x1, 0x0) r8 = semget(0x1, 0x2, 0x4) semop(r8, &(0x7f0000001880)=[{0x3, 0x9, 0xc60321e8426f3dc5}, {0x3, 0x1c, 0x1000}, {0x3, 0x3ff, 0x1800}, {0x4, 0x40, 0x1800}, {}, {0x0, 0x4, 0x800}, {0x3, 0x7, 0x800}, {0x0, 0x1000}, {0x3, 0x3, 0x1000}, {0x0, 0x8, 0x800}], 0xa) syz_open_pts() r9 = openat$null(0xffffffffffffff9c, &(0x7f00000018c0)='/dev/null\x00', 0x2, 0x0) ioctl$BIOCSETIF(r9, 0x8020426c, &(0x7f0000001900)={'tap', 0x0}) r10 = openat$null(0xffffffffffffff9c, &(0x7f0000001940)='/dev/null\x00', 0x20, 0x0) fcntl$dupfd(r10, 0xa, r9) 11:03:28 executing program 1: pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x10000) ioctl$TIOCFLUSH(r0, 0x80047410, &(0x7f00000000c0)=0x8) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$BIOCSFILDROP(r1, 0x80044279, &(0x7f0000000040)=0x2) r2 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x5, 0x10, r2, 0x0, 0x0) ioctl$VMM_IOC_WRITEREGS(r2, 0x82485608, &(0x7f0000000240)={0x0, 0x7, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffc], [0x40000000000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1fd, 0x0, 0x0, 0x1], [0x2, 0x0, 0x0, 0x9, 0xdfffffffffffffff, 0xfffffeffffffbfff], [0x0, 0xfffffffffffffffd, 0x3696a8fd], [{}, {}, {}, {}, {0x800}, {}, {}, {0x0, 0xbffffffe}], {0x2, 0x20000}}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r3 = socket(0x18, 0x2, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$TIOCFLUSH(r4, 0x8080691a, &(0x7f0000000300)) 11:03:28 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x20000, 0xb0) ioctl$WSDISPLAYIO_SETSCREEN(r0, 0x80045756, &(0x7f00000000c0)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) open$dir(&(0x7f0000000200)='./file0\x00', 0x40000400000002c2, 0x0) r2 = getpid() ktrace(&(0x7f0000000080)='./file0\x00', 0x0, 0xfcfc96ac7f78659a, r2) sendmsg$unix(r1, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001200)=[{0x0}], 0x1}, 0x0) 11:03:28 executing program 0: mknod(&(0x7f0000000000)='./file0\x00', 0x80002005, 0x2d94) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r1 = kqueue() r2 = openat(r0, &(0x7f00000007c0)='./file0\x00', 0x100, 0x0) ioctl$TIOCSTOP(r2, 0x2000746f) kevent(r1, &(0x7f00000004c0)=[{{r0}, 0xfffffffffffffffe, 0x63}], 0x7, 0x0, 0x0, 0x0) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f0000000480)={'tap', 0x0}) ioctl$BIOCSETWF(r3, 0x80104277, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{}, {0x2}, {0x6, 0x0, 0x0, 0x20003ff}]}) pwrite(r3, &(0x7f00000000c0)="f9b3f3b4bb6c070e832d737816fc", 0xe, 0x0, 0x0) open(&(0x7f0000000780)='./file0\x00', 0x20, 0x4) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x5010, r3, 0x0, 0x800) kevent(r1, 0x0, 0x0, &(0x7f00000002c0), 0x9, 0x0) r4 = kqueue() kevent(r4, &(0x7f0000000280), 0xf8b3, 0x0, 0x10000fe, 0x0) pwritev(0xffffffffffffff9c, &(0x7f0000000300)=[{&(0x7f0000000080)="8c6cbc6eee78fd74b527f177dc9604cc9e8818f71f8c6cf23ee480e40ddea0412419f01f6ea62846cd4f7d0008c438274007c58e686cf6f04b3d8e193c8f384f11368f2de996c863bc60a1e7da7e38b4e752898e4af0", 0x56}, {&(0x7f0000000100)="beac75dac538e95ee4f13121a6410b3867a2bb717692b0b5642b7db2e637b2ffd697e58762b932c6beda3a5012d1c6d0c230ea", 0x33}, {&(0x7f0000000140)="74ae246f913bde356bf1ff84465c3ba39141f3cf71506d66018dc8965196f5ec8efe959a94a447ef340c70759f6fd0b91d141a8006412cbb6e3d160814fdbad3cd2718470a9ad6312c0a29314158a2993b7505fc3a2551d7ed20ccb6b326f1ebbf18b3c0a272bd13818db3c6a34929206bab4b745dcf528754ffe960162b9a573db5af83e12c508b9619a1e276d390797c0038175951ef256eacdc96796c9f56c8903831bb4d2c5e53503535f8f62d34ba27099184dd44f2e870beb5d4b9c80dabbf710039c2cb116757b0d932553185503ef852363abda4446ef58ec55573755b4afca8c24ef40cb0507b10c5002d05be5602b094ceba47", 0xf8}, {&(0x7f0000000240)="1f3f09edde46b0e2b990f014b6192158fe2a624e218c1d8f1482b83ab76843c4ebd70699518be87de23f83b9359d43cee58ca608c811ec10181c74f320eef077c61abf124735c2f9d79688461d0d50dd71ad7dd85c5142129fcaa016985109d5051287020eb40f509f0cbd5bf7a12481e4cb72e04e291461c2b5283aabdb357576b3260eabcc65cee2d273df1d071800341d6d968cfb2fbc7044b2bff7fe78b221d718947247", 0xa6}], 0x4, 0x0, 0x1) r5 = semget$private(0x0, 0x4, 0x316) execve(&(0x7f0000000500)='./file0\x00', &(0x7f00000005c0)=[&(0x7f0000000540)='#+\\$,\x00', &(0x7f0000000580)='-*)\x00'], &(0x7f0000000740)=[&(0x7f0000000600)='\x00', &(0x7f0000000640)='\x00', &(0x7f0000000680)='{.@:\x00', &(0x7f00000006c0)='\x00', &(0x7f0000000700)='\x00']) semctl$IPC_STAT(r5, 0x0, 0x2, &(0x7f0000000200)=""/254) semctl$IPC_STAT(r5, 0x0, 0x2, &(0x7f0000000340)=""/252) r6 = getuid() r7 = getuid() setreuid(r6, r7) semget(0x0, 0x1, 0x8) pwritev(r1, &(0x7f0000000480)=[{&(0x7f0000000440)="c3b073bcad94", 0x6}], 0x1, 0x0, 0x3) 11:03:28 executing program 1: mknod(&(0x7f0000000100)='./bus\x00', 0x2000, 0x86138) r0 = open(&(0x7f0000000040)='./bus\x00', 0x2, 0x0) r1 = socket(0x18, 0x1, 0x0) close(r1) connect$unix(r1, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff) ioctl$WSDISPLAYIO_GETSCREEN(r2, 0xc0245755, &(0x7f0000000000)={0xbfd, './bus\x00', './bus\x00'}) r3 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x4000000001, 0x0) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f0000000480)={'tap', 0x0}) ioctl$BIOCSETWF(r3, 0x80104277, &(0x7f0000000280)={0x2, &(0x7f0000000580)=[{0x9, 0x20, 0x3, 0x80}, {0xffff, 0x1, 0x1, 0xeb47}]}) pwrite(r3, &(0x7f00000000c0)="f9b3f3b4bb6c070e832d737816fc", 0xe, 0x0, 0x0) getsockopt$SO_PEERCRED(r2, 0xffff, 0x1022, &(0x7f0000000200)={0x0, 0x0}, 0xc) r5 = semget$private(0x0, 0x0, 0x80000100) semop(r5, &(0x7f0000000240)=[{0x0, 0xfffe, 0x1800}, {0x4, 0x200, 0xc00}, {0x1, 0x4, 0xcab2bfc5c2d47ec2}], 0x3) getsockopt$sock_cred(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f00000003c0)={0x0, 0x0, 0x0}, &(0x7f0000000380)=0xb) semctl$IPC_SET(r5, 0x0, 0x1, &(0x7f00000000c0)={{0x400, r6, r7, r6, r7, 0x82, 0xfffffffffffff7f5}, 0x8, 0x2}) fchown(r3, r4, r7) r8 = semget(0x2, 0x0, 0x399) semctl$GETNCNT(r8, 0x9, 0x3, &(0x7f0000000300)=""/214) write(r0, &(0x7f0000000140)="220e22", 0x3) r9 = semget$private(0x0, 0x0, 0x80000100) semop(r9, &(0x7f0000000440)=[{0x0, 0x0, 0x1800}, {0x1, 0x3, 0x1800}, {0x3, 0x2}, {0x4, 0x8001, 0x1000}, {0x3, 0x4, 0x1800}, {0x0, 0x7, 0x1000}], 0x6) semop(r9, &(0x7f0000000240)=[{0x0, 0xfffe, 0x1800}, {0x4, 0x200, 0xc00}, {0x1, 0x4, 0xcab2bfc5c2d47ec2}], 0x3) getsockopt$sock_cred(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f00000003c0)={0x0, 0x0, 0x0}, &(0x7f0000000380)=0xb) semctl$IPC_SET(r9, 0x0, 0x1, &(0x7f00000000c0)={{0x400, r10, r11, r10, r11, 0x82, 0xfffffffffffff7f5}, 0x8, 0x1ff}) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000180)={{0x3, 0x0, r11}, 0x5000000000004, 0x6, 0x0, 0x0, 0x0, 0x57, 0x5}) r12 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x5, 0x10, r12, 0x0, 0x0) setsockopt$sock_timeval(r12, 0xffff, 0x1006, &(0x7f0000000400)={0x77f, 0xffffffff}, 0x10) r13 = semget$private(0x0, 0x2, 0x308) semctl$SETVAL(r13, 0xeb0945194ffedfb, 0x8, &(0x7f0000000080)=0x5) pwritev(r0, &(0x7f00000002c0)=[{&(0x7f0000000180), 0xff20}], 0x100000000000005e, 0x0, 0x0) r14 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x5, 0x10, r14, 0x0, 0x0) setsockopt(r14, 0x0, 0x1, &(0x7f00000004c0)="8b5f832b950014c1a1ac93e655b88cf4130b0f8ea4b14a384c6dcbf3d4bd63d4b0b6f8a6052ca94f4e93d5625bc0efb3a8999ef41853c1e5b8d47323fab2128b3964703207ca48d44b335f93e78cd1b872fabf626ed2a51a02576439d8ce5e3f", 0x60) login: panic: receive 3: so 0xfffffd805e560190, so_type 3, m 0xfffffd805eb63c00, m_type 0 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *159999 14667 0 0 0 0 dhclient db_enter() at db_enter+0x18 panic(ffffffff821ac6e6) at panic+0x15c soreceive(fffffd805e560190,0,ffff80001d372248,0,0,ffff80001d372154) at soreceive+0x16e7 soo_read(fffffd805eb10690,ffff80001d372248,0) at soo_read+0x53 dofilereadv(ffff80001d3399c8,6,ffff80001d372248,0,ffff80001d372330) at dofilereadv+0x1a1 sys_read(ffff80001d3399c8,ffff80001d3722e0,ffff80001d372330) at sys_read+0x83 syscall(ffff80001d3723b0) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffc3d30, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic receive 3: so 0xfffffd805e560190, so_type 3, m 0xfffffd805eb63c00, m_type 0 ddb> trace db_enter() at db_enter+0x18 panic(ffffffff821ac6e6) at panic+0x15c soreceive(fffffd805e560190,0,ffff80001d372248,0,0,ffff80001d372154) at soreceive+0x16e7 soo_read(fffffd805eb10690,ffff80001d372248,0) at soo_read+0x53 dofilereadv(ffff80001d3399c8,6,ffff80001d372248,0,ffff80001d372330) at dofilereadv+0x1a1 sys_read(ffff80001d3399c8,ffff80001d3722e0,ffff80001d372330) at sys_read+0x83 syscall(ffff80001d3723b0) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffc3d30, count: -8 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80001d371f90 rbx 0xffff80001d372040 rdx 0x2 rcx 0 rax 0 r8 0xffff80001d371f50 r9 0x1 r10 0 r11 0x42f5e49ed2b3c6a3 r12 0x3000000008 r13 0xffff80001d371fa0 r14 0x100 r15 0x1 rip 0xffffffff81704528 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80001d371f80 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (dhclient) pid=159999 stat=onproc flags process=0 proc=0 pri=24, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff80001d33a868,0xffff80001d339768 process=0xffff8000ffffaa90 user=0xffff80001d36d000, vmspace=0xfffffd806bc09880 estcpu=0, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 24094 195193 99873 0 2 0 syz-executor.1 24094 478488 99873 0 2 0x4000000 syz-executor.1 53956 344335 33966 0 2 0 syz-executor.0 53956 54656 33966 0 3 0x4000080 fsleep syz-executor.0 33966 241578 17533 0 2 0x482 syz-executor.0 99873 445495 17533 0 3 0x82 nanosleep syz-executor.1 17533 344535 13880 0 3 0x82 thrsleep syz-fuzzer 17533 197752 13880 0 3 0x4000082 thrsleep syz-fuzzer 17533 93686 13880 0 3 0x4000082 thrsleep syz-fuzzer 17533 324966 13880 0 3 0x4000082 thrsleep syz-fuzzer 17533 393471 13880 0 3 0x4000082 thrsleep syz-fuzzer 17533 122001 13880 0 3 0x4000082 kqread syz-fuzzer 17533 237090 13880 0 3 0x4000082 thrsleep syz-fuzzer 13880 465662 55432 0 3 0x10008a pause ksh 55432 306918 76229 0 3 0x92 select sshd 85200 432316 1 0 3 0x100083 ttyin getty 76229 162566 1 0 3 0x80 select sshd 52753 12915 92381 73 3 0x100090 kqread syslogd 92381 500411 1 0 3 0x100082 netio syslogd 48118 333355 1 77 2 0x100010 dhclient *14667 159999 1 0 7 0 dhclient 63345 138707 0 0 2 0x14200 zerothread 31488 286306 0 0 3 0x14200 aiodoned aiodoned 20473 245319 0 0 3 0x14200 syncer update 42611 115266 0 0 3 0x14200 cleaner cleaner 56714 452732 0 0 3 0x14200 reaper reaper 24986 375893 0 0 3 0x14200 pgdaemon pagedaemon 31030 405064 0 0 3 0x14200 bored crynlk 75179 45230 0 0 3 0x14200 bored crypto 76622 484028 0 0 3 0x40014200 acpi0 acpi0 50943 477910 0 0 3 0x14200 bored softnet 3261 476548 0 0 3 0x14200 bored systqmp 26991 43416 0 0 3 0x14200 bored systq 12863 228826 0 0 3 0x40014200 bored softclock 44139 220959 0 0 3 0x40014200 idle0 4154 354784 0 0 3 0x14200 bored smr 1 87569 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9464 6456K 6456K 78643K 10561 0 pcb 13 8K 8K 78643K 13 0 rtable 105 3K 3K 78643K 192 0 ifaddr 44 10K 10K 78643K 46 0 counters 21 16K 16K 78643K 21 0 ioctlops 0 0K 2K 78643K 15 0 mount 1 1K 1K 78643K 1 0 vnodes 1221 77K 77K 78643K 1227 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 0K 0K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1794 195K 288K 78643K 12646 0 file desc 6 17K 25K 78643K 40 0 proc 47 38K 63K 78643K 358 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 33 2K 2K 78643K 33 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 31 148K 148K 78643K 31 0 exec 0 0K 1K 78643K 181 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 96 21K 21K 78643K 914 0 UVM aobj 2 2K 2K 78643K 2 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 10 0K 0K 78643K 10 0 temp 65 3015K 3079K 78643K 1943 0 kqueue 3 4K 4K 78643K 3 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 rtpcb 80 19 0 17 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 31 0 23 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 121 0 121 1 0 1 1 0 8 1 tcpcb 544 10 0 6 1 0 1 1 0 8 0 inpcb 280 34 0 27 1 0 1 1 0 8 0 nd6 48 6 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 189 0 0 12 0 12 12 0 8 0 art_table 32 190 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1427 0 26 46 0 46 46 0 8 0 ffsino 240 1427 0 26 83 0 83 83 0 8 0 nchpl 144 1666 0 53 60 0 60 60 0 8 0 uvmvnodes 72 1474 0 0 27 0 27 27 0 8 0 vnodes 208 1474 0 0 78 0 78 78 0 8 0 namei 1024 3965 0 3965 1 0 1 1 0 8 1 scxspl 192 4716 0 4716 1 0 1 1 0 8 1 plimitpl 152 14 0 7 1 0 1 1 0 8 0 sigapl 432 211 0 197 2 0 2 2 0 8 0 futexpl 56 169 0 168 1 0 1 1 0 8 0 knotepl 112 53 0 34 1 0 1 1 0 8 0 kqueuepl 144 2 0 0 1 0 1 1 0 8 0 pipelkpl 16 71 0 61 1 0 1 1 0 8 0 pipepl 120 142 0 123 1 0 1 1 0 8 0 fdescpl 432 212 0 197 2 0 2 2 0 8 0 filepl 120 1040 0 943 4 0 4 4 0 8 1 lockfpl 104 12 0 11 1 0 1 1 0 8 0 lockfspl 48 6 0 5 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 17 0 7 1 0 1 1 0 8 0 ucredpl 96 46 0 39 1 0 1 1 0 8 0 zombiepl 144 197 0 197 1 0 1 1 0 8 1 processpl 896 226 0 197 4 0 4 4 0 8 0 procpl 624 240 0 203 3 0 3 3 0 8 0 sockpl 400 84 0 67 3 0 3 3 0 8 1 mcl4k 4096 11 0 11 1 0 1 1 0 8 1 mcl2k 2048 63142 0 63097 16 2 14 14 0 8 6 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 99818 0 99738 10 1 9 9 0 8 1 bufpl 280 3972 0 161 273 0 273 273 0 8 0 anonpl 16 37252 0 21220 68 2 66 66 0 107 0 amapchunkpl 152 986 0 843 9 0 9 9 0 158 0 amappl16 192 1015 0 139 44 0 44 44 0 8 0 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 3 0 2 2 1 1 1 0 8 0 amappl13 168 28 0 25 1 0 1 1 0 8 0 amappl12 160 9 0 9 1 1 0 1 0 8 0 amappl11 152 63 0 49 1 0 1 1 0 8 0 amappl10 144 17 0 13 1 0 1 1 0 8 0 amappl9 136 369 0 365 1 0 1 1 0 8 0 amappl8 128 269 0 254 1 0 1 1 0 8 0 amappl7 120 106 0 96 1 0 1 1 0 8 0 amappl6 112 29 0 21 1 0 1 1 0 8 0 amappl5 104 162 0 153 1 0 1 1 0 8 0 amappl4 96 438 0 408 1 0 1 1 0 8 0 amappl3 88 110 0 103 1 0 1 1 0 8 0 amappl2 80 892 0 821 3 0 3 3 0 8 1 amappl1 72 13621 0 13193 26 9 17 20 0 8 8 amappl 80 469 0 425 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 1 0 0 1 0 1 1 0 8 0 uaddrrnd 24 212 0 197 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 212 0 197 1 0 1 1 0 8 0 vmmpekpl 168 5646 0 5621 2 0 2 2 0 8 0 vmmpepl 168 33255 0 31229 126 5 121 121 0 357 32 vmsppl 272 211 0 197 2 0 2 2 0 8 1 pdppl 4096 430 0 394 6 0 6 6 0 8 1 pvpl 32 123875 0 104850 157 0 157 157 0 265 2 pmappl 200 211 0 197 1 0 1 1 0 8 0 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 144 0 5 4 0 4 4 0 8 0