Warning: Permanently added '10.128.0.161' (ECDSA) to the list of known hosts. 2020/02/05 00:08:01 fuzzer started 2020/02/05 00:08:01 dialing manager at 10.128.0.248:48526 2020/02/05 00:08:01 syscalls: 496 2020/02/05 00:08:01 code coverage: enabled 2020/02/05 00:08:01 comparison tracing: enabled 2020/02/05 00:08:01 extra coverage: support is not implemented in syzkaller 2020/02/05 00:08:01 setuid sandbox: support is not implemented in syzkaller 2020/02/05 00:08:01 namespace sandbox: support is not implemented in syzkaller 2020/02/05 00:08:01 Android sandbox: support is not implemented in syzkaller 2020/02/05 00:08:01 fault injection: support is not implemented in syzkaller 2020/02/05 00:08:01 leak checking: support is not implemented in syzkaller 2020/02/05 00:08:01 net packet injection: enabled 2020/02/05 00:08:01 net device setup: support is not implemented in syzkaller 2020/02/05 00:08:01 concurrency sanitizer: support is not implemented in syzkaller 2020/02/05 00:08:01 devlink PCI setup: support is not implemented in syzkaller 00:08:33 executing program 0: r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@un=@abs={0x8}, &(0x7f0000000040)=0x8, 0x20000000) getsockopt$inet6_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffff9c, 0x84, 0x105, &(0x7f0000000080)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000000c0)=0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f0000000100)={@in={{0x10, 0x2, 0x0, @remote={0xac, 0x14, 0x0}}}, r1, 0x8, 0x1, 0xa, 0x8, 0x4000, 0x3}, 0xa0) socketpair(0x17, 0x5, 0x1, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000200)={@loopback, @rand_addr, 0x0}, &(0x7f0000000240)=0xc) setsockopt$inet_mreqn(r3, 0x0, 0xd, &(0x7f0000000280)={@local={0xac, 0x14, 0x0}, @remote={0xac, 0x14, 0x0}, r4}, 0xc) accept(r0, &(0x7f00000002c0)=@in={0x10, 0x2, 0xffffffffffffffff, @rand_addr}, &(0x7f0000000300)=0x10) r5 = accept4(0xffffffffffffffff, &(0x7f0000000340)=@in={0x10, 0x2, 0xffffffffffffffff, @local}, &(0x7f0000000380)=0x10, 0x20000000) getsockopt$inet6_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x900, &(0x7f00000003c0)={0x0, 0x7fffffff}, &(0x7f0000000400)=0x8) getsockopt$inet6_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0xa, &(0x7f0000000440)={@in={{0x10, 0x2, 0x2, @broadcast}}, r6, 0x6, 0xae7d, 0x80, 0xfffffffa, 0x3, 0x3c}, &(0x7f0000000500)=0xa0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xb, &(0x7f0000000540)={0x8, 0x9, 0x4a00, 0x9, 0x6, 0x2, 0x8, 0x5, 0x0}, &(0x7f0000000580)=0x20) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x21, &(0x7f00000005c0)={0x1, 0x800, 0x3ff, 0x9c7, r7}, &(0x7f0000000600)=0x10) r8 = socket$inet6_udplite(0x1c, 0x2, 0x88) r9 = getpid() fcntl$setown(r8, 0x6, r9) getsockopt$inet6_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x29, &(0x7f0000000640)={0x0, 0xe51}, &(0x7f0000000680)=0x8) setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0xf, &(0x7f00000006c0)={r10, 0x6, 0x7}, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={0xffffffffffffffff, 0xffffffffffffffff}) accept4(r11, &(0x7f0000000740)=@in={0x10, 0x2, 0xffffffffffffffff, @broadcast}, &(0x7f0000000780)=0x10, 0x20000000) getsockopt(r2, 0x401, 0x0, &(0x7f00000007c0)=""/231, &(0x7f00000008c0)=0xe7) r12 = openat(0xffffffffffffffff, &(0x7f0000000900)='./file0\x00', 0x200, 0x10) setsockopt$inet6_sctp_SCTP_DEFAULT_PRINFO(r12, 0x84, 0x22, &(0x7f0000000940)={0x0, 0x81, r6}, 0xc) r13 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000980)={0x10, 0x2, 0xffffffffffffffff, @multicast1}, &(0x7f00000009c0)=0x10, 0x20000000) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x7, 0x11, r13, 0x4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000a00)="696bee7bccaf8f51d0cd2848184c589a9906ba55a27cf13789be134a132e8d45f0c73d6060db7d583fa2ee8ace122f870d2b42d38929ca830e88ee5386a711d92c35ec3c1b996e079327ceee5a3bbbf869272664b1e9f8f0", 0x58, 0x0, &(0x7f0000000a80)={0x1c, 0x1c, 0x2, 0x81, @ipv4={[], [], @multicast1}, 0x100}, 0x1c) socket$inet6_sctp(0x1c, 0x5, 0x84) fstat(0xffffffffffffff9c, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) freebsd11_lstat(&(0x7f0000000bc0)='./file0\x00', &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r14, r15) getsockopt$inet_sctp_SCTP_MAX_BURST(r12, 0x84, 0x19, &(0x7f0000000c80)={0x0, 0xa}, &(0x7f0000000cc0)=0x8) 00:08:33 executing program 1: utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={{0x2c, 0x9}, {0x1ff, 0x9}}) readlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/209, 0xd1) r0 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x40, 0x104) r1 = accept4$unix(r0, 0x0, &(0x7f0000000200), 0x20000000) r2 = open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x55) fstat(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) freebsd11_stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r2, &(0x7f0000000280)='./file0\x00', r3, r5, 0x0) r6 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000480)={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @loopback}, &(0x7f00000004c0)=0x1c, 0x30000000) setsockopt$inet6_sctp_SCTP_PARTIAL_DELIVERY_POINT(r6, 0x84, 0x11, &(0x7f0000000500)=0x7ff, 0x4) r7 = shmget(0x2, 0x4000, 0x21, &(0x7f0000ffa000/0x4000)=nil) getgroups(0x3, &(0x7f0000000540)=[0x0, 0x0, 0x0]) fstat(r6, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r11 = getpgid(0xffffffffffffffff) shmctl$IPC_SET(r7, 0x1, &(0x7f0000000780)={{0x70, r4, r8, r9, r10, 0x2, 0x7ff}, 0x9, 0x934, 0x80000001, 0xbd9, r11}) r12 = open(&(0x7f0000000800)='./file0\x00', 0x8000, 0x20) linkat(r12, &(0x7f0000000840)='./file0\x00', r0, &(0x7f0000000880)='./file0\x00', 0x0) r13 = socket$inet(0x2, 0x10000000, 0x7) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x107, &(0x7f00000008c0)={0x0, 0x8, 0x1, 0x1, 0x7fffffff}, &(0x7f0000000900)=0x18) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r13, 0x84, 0x22, &(0x7f0000000940)={0x3, 0x4, r14}, &(0x7f0000000980)=0xc) r15 = semget$private(0x0, 0x0, 0x8) __semctl$SETALL(r15, 0x0, 0x9, &(0x7f00000009c0)) clock_gettime(0xe, &(0x7f0000000a00)) r16 = shmget(0x1, 0x1000, 0x603, &(0x7f0000ffd000/0x1000)=nil) shmctl$IPC_RMID(r16, 0x0) ioctl$DIOCXBEGIN(r0, 0xc0104451, &(0x7f0000000a40)="e64913b2220f6a8cf0ba89f448828b00c2bad996dbfc911a449a95764cc84e6dd4a782b47b7ad3fb0d8d05c707776fabab8ce5a3436dd02cf68d12e5165a26f62579f10b053538b1658f152beebd3b182651beee39bea2cb59c25dc1c52e793cac274b37c2b26670260f5d58424434b88ebe0aa8863d54258054e7dc3da972bbd73dbada99b0e3787649f9e8622674764e5637d4d8e349bb6bdf3cad9119327e41df26b64960b72edcda1d286191a7de4cf05231dcf2a388fb9af1d1ecd05a741631ff4c2d901e0f") getsockopt$inet_mreq(r12, 0x0, 0xc, &(0x7f0000000b40)={@multicast1, @local}, &(0x7f0000000b80)=0x8) freebsd10_pipe(&(0x7f0000000bc0)={0xffffffffffffffff, 0xffffffffffffffff}) freebsd11_getdents(r17, &(0x7f0000000c00)=""/176, 0xb0) 00:08:33 executing program 2: r0 = accept4(0xffffffffffffff9c, &(0x7f0000000000)=@in={0x10, 0x2, 0xffffffffffffffff, @multicast2}, &(0x7f0000000040)=0x10, 0x10000000) setsockopt$inet6_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0xf, &(0x7f0000000080)={0x0, 0xfa5, 0x101}, 0xc) r1 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x4, 0x40) setsockopt$inet6_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x20, &(0x7f0000000100)=0x800, 0x4) r2 = socket$inet6(0x1c, 0x4, 0x1) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRESSES(0xffffffffffffffff, 0x84, 0x8003, &(0x7f0000000240)={0x0, &(0x7f0000000140)=[@in6={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @loopback}, @in={0x10, 0x2, 0xffffffffffffffff, @local}, @in={0x10, 0x2, 0xffffffffffffffff, @local}, @in6={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @local}, @in6={0x1c}, @in={0x10, 0x2, 0xffffffffffffffff, @loopback}, @in={0x10, 0x2, 0xffffffffffffffff, @remote}, @in6={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @remote}, @in={0x10, 0x2, 0xffffffffffffffff, @remote}, @in={0x10, 0x2, 0xffffffffffffffff, @loopback}]}, &(0x7f0000000280)=0x8) getsockopt$inet6_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x29, &(0x7f00000002c0)={r3, 0x2}, &(0x7f0000000300)=0x8) r4 = socket$inet_udp(0x2, 0x2, 0x0) getpeername$inet(r4, &(0x7f0000000340)={0x10, 0x2, 0xffffffffffffffff, @local}, &(0x7f0000000380)=0x10) shmget(0x1, 0x4000, 0x207, &(0x7f0000ffa000/0x4000)=nil) mkdir(&(0x7f00000003c0)='./file0\x00', 0x104) r5 = fcntl$dupfd(r4, 0x0, 0xffffffffffffffff) getsockopt$inet6_sctp_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x21, &(0x7f0000000400)={0xe47d, 0xf00, 0x80, 0xfcbc, r3}, &(0x7f0000000440)=0x10) socket$inet6_icmp(0x1c, 0x2, 0x3a) sendto(0xffffffffffffffff, &(0x7f0000000480)="fce43fc54cb37fe0bed0aa470ba584", 0xf, 0x47376a6a614fc5c5, 0x0, 0x0) r7 = semget$private(0x0, 0x0, 0x400) freebsd11_lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) __semctl$IPC_SET(r7, 0x0, 0x1, &(0x7f0000000580)={{0x9f, 0xffffffffffffffff, 0xffffffffffffffff, r8, 0x0, 0x8, 0x8}, 0x8, 0x1, 0x1ff}) r9 = socket$inet_icmp(0x2, 0x2, 0x1) recvfrom(r9, &(0x7f00000005c0)=""/171, 0xab, 0x0, &(0x7f0000000680)=@un=@file={0xa, 0x1, './file0\x00'}, 0xa) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x903, &(0x7f00000006c0)={0x0, 0x5, 0x8001}, 0x8) r10 = accept$inet6(0xffffffffffffffff, &(0x7f0000000700)={0x1c}, &(0x7f0000000740)=0x1c) getsockopt$inet6_sctp_SCTP_PR_SUPPORTED(r10, 0x84, 0x26, &(0x7f0000000780)={r6, 0x1}, &(0x7f00000007c0)=0x8) getsockopt$inet6_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000800)={0x0, 0x4c8}, &(0x7f0000000840)=0x8) setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x903, &(0x7f0000000880)={r11, 0x2, 0x7}, 0x8) getsockopt$sock_linger(r9, 0xffff, 0x80, &(0x7f00000008c0), &(0x7f0000000900)=0x8) r12 = accept4$inet6(r10, &(0x7f0000000940)={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @ipv4={[], [], @remote}}, &(0x7f0000000980)=0x1c, 0x20000000) sendmsg$inet6_sctp(r12, &(0x7f0000000fc0)={&(0x7f00000009c0)=@in6={0x1c, 0x1c, 0x2, 0x0, @remote={0xfe, 0x80, [], 0x0}, 0x8}, 0x1c, &(0x7f0000000f40)=[{&(0x7f0000000a00)="c86a256aaf3b78d53e1488db46eb57f79927f5fbd0b53a3939f69ef5ff6cc0bd0be6e42b2965414e140e016389f1abb0548ae56b9336d9477a4e54fba2e7b3bbb1e00b695b588b36693f73b724b87fe127b3d69f4a48466ec1fc61e03b135197d7845b79888bf9ddd3aac7dbfdf76898f1310755b2959799ff90700a96c7c57079146332100ac6aea1dac7fac2cb0e195766f15c6e0335405ff3b28eb7c0fbde590aa81f613f4a26e7d57298b99ac4d1eb5f1e2b0828cf2327c4d6a58acaba1491bc50d25b88bc908d84c98ec7c58cc823d8c8296308d60f91b78d6ad1cc1ed5e0", 0xe1}, {&(0x7f0000000b00)="48bb1fd7d0313a8b02a8d61789809d5318ccacb4c649f1708dde661ba2063c2be1df13197b5ea43edc8c55f1bb303fa2bef6fcccf0cbc5328d959d4c1ac3cc50366c3fdd13f72f48a5c4190ec7646edb517ef6c8ded9083d96899bdd696487c9ab58838dc65a0c25a6e9f259405a4bb94eff26062e5c7577277ce58d9fb3ea235f5bf2bded63501d8266e7f2d3f6a45d1d5fe819332322f5229ad98ac41c07a049f470aad35bbf72c363617281f5da8548bd0edfa26e9b6bbe7acbf9ad67634dc3a89981908098263a0f2af42d49220d366600ec66156199e847811342acdf", 0xdf}, {&(0x7f0000000c00)="5f0924702ba8f61906244bb107954945c636a54dfc0290b2f1a3ef3345cfb6be504d8384ad23c093908784af88d09e0cde0321a1ed003ce8d8dfb35eef7275b94a908a283e66f183a787999b88a5132bb9c806387d1f1c67ceb07fc1d1f14dcdce37683ba7db7fce3f46101ae52d7deb253dd5ec555b8deabd367132eaf0d5598c894baedf342478a1338f674c6a582d2e4e2544783c82fbcbbac365c5faf4c7d5641ab637bc637e747fb494afbad999952cb38c585089", 0xb7}, {&(0x7f0000000cc0)="d9b721cec35fadfc283586abe7ce4a2e14a9879ad7233beaf828576259761e12538d5f35ded3f4771e1626c0243d5cf2ad8307ae9609165a7ef261d3398ca6027889c3aa993044d4962ef15e9151e073444901927cd0505f99957ac16fbc8a8039afe3189f0ff368106d47bfce9fcb480ae090b4d3ecffaf41351265e3bc72ea922dcfea10e832c6d9943aa69a00b9c33ed28af89a45dd715461cdc831ac973844ea6de42ed0bc464cd0c644e4a92ff28948eb35f923dc5feff5a679a79da41f27c2f92ee99dc3f56f0f785703630246b60f8502bd820d52d23c1e6d128a93443acc932d496b47aaacca8355c9d8ec87eb02", 0xf2}, {&(0x7f0000000dc0)="f093c530e0e9c55100cb8e4280e5e5261877a923e3d4fe15a351ec564793734cb9278bd530731d3583acb3929b7332f35ab10244054dfd4b4bd05f6d9e46ae3504d922d3938e4d3c09cafca697a7660a88c704becf10e339207e7af91ce7e009814978f7b82414f96bdba48f4ce94b86ec7b24bb59073d24d12e0c7613342bd5adef96d6acd9063a9a9979b06e2e535c6c6e8f30d95c4d740eb09f33b43a055110d499db3a2d23ee1c13fb701db9c2affa4e01e27f09c4e238d0e3e94c7fb729f506629349d357f7d54d1f25ce17a2f4497160e39d18660c382428cfb093973ac7a1e4975c0fb440db42b5a5a681fbbc07", 0xf1}, {&(0x7f0000000ec0)="11a310f1b9122de0c272a75903334de229eaa0bc98886b49bdf35551bf28fb00d8bb68949147dba928ae63d04b564c96783f61e9d2d9c21e403768ccd842733ab5659795d7b73b1bde05cb6022a8d747bd42d0f8170693c532993a750a69f4d90b4ff1cbb1897e91555180ffa0b57b90171f99265e1258321aea", 0x7a}], 0x6, &(0x7f0000000f80)=[@init={0x14, 0x84, 0x1, {0x7f, 0x2, 0xd000, 0x800}}, @dstaddrv4={0x10, 0x84, 0x9, @local={0xac, 0x14, 0x0}}], 0x24, 0x8}, 0x20101) r13 = accept$inet(0xffffffffffffff9c, 0x0, &(0x7f0000001000)) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x108, &(0x7f0000001040)={0x0, 0x101, 0x3, 0x1, 0x3f}, &(0x7f0000001080)=0x18) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r13, 0x84, 0x15, &(0x7f00000010c0)={r14, 0x200}, 0x8) login: panic: mutex process lock not owned at /syzkaller/managers/i386/kernel/sys/kern/kern_time.c:261 cpuid = 0 time = 1580861314 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00244ec8b0 vpanic() at vpanic+0x1ce/frame 0xfffffe00244ec920 panic() at panic+0x43/frame 0xfffffe00244ec980 __mtx_assert() at __mtx_assert+0x196/frame 0xfffffe00244ec9c0 kern_thread_cputime() at kern_thread_cputime+0xaa/frame 0xfffffe00244eca10 kern_clock_gettime() at kern_clock_gettime+0x277/frame 0xfffffe00244eca70 freebsd32_clock_gettime() at freebsd32_clock_gettime+0x25/frame 0xfffffe00244ecab0 ia32_syscall() at ia32_syscall+0x48c/frame 0xfffffe00244ecbf0 int0x80_syscall_common() at int0x80_syscall_common+0x9c/frame 0x8142581 KDB: enter: panic [ thread pid 794 tid 100115 ] Stopped at kdb_enter+0x67: movq $0,0x14669d6(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b ll+0x1a es 0x3b ll+0x1a fs 0x13 gs 0x1b ss 0 rax 0x12 rcx 0xfffffe0025e00000 rdx 0x3ffff rbx 0 rsp 0xfffffe00244ec890 rbp 0xfffffe00244ec8b0 rsi 0x40001 rdi 0xffffffff810ba616 vprintf+0x176 r8 0 r9 0xffffffff r10 0 r11 0xfffff8003adbdbd0 r12 0xffffffff82068d90 ddb_dbbe r13 0 r14 0xffffffff81938d3c r15 0xffffffff81938d3c rip 0xffffffff810af6c7 kdb_enter+0x67 rflags 0x200086 kernphys+0x86 kdb_enter+0x67: movq $0,0x14669d6(%rip) db> show proc Process 794 (syz-executor.1) at 0xfffff800032ffa60: state: NORMAL uid: 0 gids: 0, 0, 5 parent: pid 769 at 0xfffff8003a35b000 ABI: FreeBSD ELF32 arguments: /root/syz-executor.1 reaper: 0xfffff80003300a60 reapsubtree: 1 sigparent: 20 vmspace: 0xfffff8003acdd000 (map 0xfffff8003acdd000) (map.pmap 0xfffff8003acdd0c0) (pmap 0xfffff8003acdd120) threads: 2 100075 RunQ syz-executor.1 100115 Run CPU 0 syz-executor.1 db> ps pid ppid pgrp uid state wmesg wchan cmd 794 769 769 0 R (threaded) syz-executor.1 100075 RunQ syz-executor.1 100115 Run CPU 0 syz-executor.1 793 780 780 0 R CPU 1 ifconfig 792 768 768 0 RE arp 790 778 422 0 R sysctl 780 766 780 0 Ss wait 0xfffff8003a6f8530 syz-executor.2 778 772 422 0 S wait 0xfffff8003a6f8a60 sh 772 422 422 0 S wait 0xfffff8003a6f5000 sh 769 766 769 0 Ss nanslp 0xffffffff824feca0 syz-executor.1 768 766 768 0 Ss wait 0xfffff8003a458a60 syz-executor.0 766 764 764 0 R (threaded) syz-fuzzer 100091 S uwait 0xfffff800031bd880 syz-fuzzer 100102 S uwait 0xfffff80003a45b80 syz-fuzzer 100103 S uwait 0xfffff80003a45c80 syz-fuzzer 100104 S kqread 0xfffff800031fb900 syz-fuzzer 100105 S uwait 0xfffff80003a45180 syz-fuzzer 100106 S uwait 0xfffff80003d8ca00 syz-fuzzer 100107 S uwait 0xfffff80003d8cb00 syz-fuzzer 100108 S uwait 0xfffff80003d8cc00 syz-fuzzer 100109 RunQ syz-fuzzer 100110 S uwait 0xfffff80003a45380 syz-fuzzer 764 762 764 0 Ss pause 0xfffff8003a6f5b08 csh 762 680 762 0 Ss select 0xfffff80003de41c0 sshd 746 1 746 0 Ss+ ttyin 0xfffff800034384b0 getty 745 1 745 0 Ss+ ttyin 0xfffff80003b388b0 getty 744 1 744 0 Ss+ ttyin 0xfffff80003b38cb0 getty 743 1 743 0 Ss+ ttyin 0xfffff80003b370b0 getty 742 1 742 0 Ss+ ttyin 0xfffff80003b374b0 getty 741 1 741 0 Ss+ ttyin 0xfffff80003b378b0 getty 740 1 740 0 Ss+ ttyin 0xfffff80003b37cb0 getty 739 1 739 0 Ss+ ttyin 0xfffff80003b3a0b0 getty 738 1 738 0 Ss+ ttyin 0xfffff80003b3a4b0 getty 736 1 22 0 S+ piperd 0xfffff80003d8f000 logger 735 734 22 0 S+ nanslp 0xffffffff824feca0 sleep 734 1 22 0 S+ wait 0xfffff80003e10a60 sh 684 1 684 0 Ss nanslp 0xffffffff824feca0 cron 680 1 680 0 Ss select 0xfffff80003a45740 sshd 493 1 493 0 Ss select 0xfffff80003d8cf40 syslogd 422 1 422 0 Ss wait 0xfffff80003e10000 devd 421 1 421 65 Ss select 0xfffff80003a457c0 dhclient 336 1 336 0 Ss select 0xfffff80003d8cec0 dhclient 333 1 333 0 Ss select 0xfffff80003a45e40 dhclient 21 0 0 0 DL vlruwt 0xfffff80003b15a60 [vnlru] 20 0 0 0 DL syncer 0xffffffff825d5158 [syncer] 19 0 0 0 DL (threaded) [bufdaemon] 100065 D qsleep 0xffffffff825d4658 [bufdaemon] 100066 D - 0xffffffff8200a980 [bufspacedaemon-0] 100081 D sdflush 0xfffff80003d074e8 [/ worker] 18 0 0 0 DL psleep 0xffffffff825f00c8 [vmdaemon] 17 0 0 0 DL (threaded) [pagedaemon] 100063 D psleep 0xffffffff8261cfd8 [dom0] 100069 D launds 0xffffffff8261cfe4 [laundry: dom0] 100070 D umarcl 0xffffffff8153f880 [uma] 16 0 0 0 DL - 0xffffffff82359530 [rand_harvestq] 15 0 0 0 DL waiting 0xffffffff826625a0 [sctp_iterator] 9 0 0 0 DL - 0xffffffff825d405c [soaiod4] 8 0 0 0 DL - 0xffffffff825d405c [soaiod3] 7 0 0 0 DL - 0xffffffff825d405c [soaiod2] 6 0 0 0 DL - 0xffffffff825d405c [soaiod1] 5 0 0 0 DL (threaded) [cam] 100031 D - 0xffffffff82234940 [doneq0] 100062 D - 0xffffffff82234808 [scanner] 4 0 0 0 DL crypto_ 0xfffff80003338190 [crypto returns 1] 3 0 0 0 DL crypto_ 0xfffff80003338130 [crypto returns 0] 2 0 0 0 DL crypto_ 0xffffffff825ea138 [crypto] 14 0 0 0 DL seqstat 0xfffff8000337a088 [sequencer 00] 13 0 0 0 DL (threaded) [geom] 100022 D - 0xffffffff8261b608 [g_event] 100023 D - 0xffffffff8261b618 [g_up] 100024 D - 0xffffffff8261b610 [g_down] 12 0 0 0 WL (threaded) [intr] 100006 I [swi5: fast taskq] 100010 I [swi6: task queue] 100011 I [swi6: Giant taskq] 100017 I [swi3: vm] 100018 I [swi4: clock (0)] 100019 I [swi4: clock (1)] 100020 I [swi1: netisr 0] 100032 I [irq24: virtio_pci0] 100033 I [irq25: virtio_pci0] 100034 I [irq26: virtio_pci0] 100035 I [irq27: virtio_pci0] 100036 I [irq28: virtio_pci1] 100037 I [irq29: virtio_pci1] 100038 I [irq30: virtio_pci1] 100039 I [irq31: virtio_pci1] 100040 I [irq32: virtio_pci1] 100045 I [irq10: virtio_pci2] 100047 I [irq1: atkbd0] 100048 I [irq12: psm0] 100049 I [swi0: uart uart++] 11 0 0 0 RL (threaded) [idle] 100003 CanRun [idle: cpu0] 100004 CanRun [idle: cpu1] 1 0 1 0 SLs wait 0xfffff80003300a60 [init] 10 0 0 0 DL audit_w 0xffffffff82663230 [audit] 0 0 0 0 DLs (threaded) [kernel] 100000 D swapin 0xffffffff82609c48 [swapper] 100005 D - 0xfffff80003200b00 [thread taskq] 100007 D - 0xfffff80003200700 [kqueue_ctx taskq] 100008 D - 0xfffff800031fc000 [config_0] 100009 D - 0xfffff80003200400 [aiod_kick taskq] 100012 D - 0xfffff800031fbe00 [if_config_tqg_0] 100013 D - 0xfffff800031fbd00 [if_io_tqg_0] 100014 D - 0xfffff800031fbc00 [if_io_tqg_1] 100015 D - 0xfffff800031fbb00 [softirq_0] 100016 D - 0xfffff800031fba00 [softirq_1] 100021 D - 0xfffff800031ff400 [firmware taskq] 100026 D - 0xfffff800031fed00 [crypto_0] 100027 D - 0xfffff800031fed00 [crypto_1] 100041 D - 0xfffff800031fe000 [vtnet0 rxq 0] 100042 D - 0xfffff800031fde00 [vtnet0 txq 0] 100043 D - 0xfffff800031fdd00 [vtnet0 rxq 1] 100044 D - 0xfffff800031fdc00 [vtnet0 txq 1] 100046 D vtbslp 0xfffff80003579880 [virtio_balloon] 100050 D - 0xfffff8000380ce00 [mca taskq] 100054 D - 0xffffffff81cdce21 [deadlkres] 100057 D - 0xfffff80003a50700 [acpi_task_0] 100058 D - 0xfffff80003a50700 [acpi_task_1] 100059 D - 0xfffff80003a50700 [acpi_task_2] 100061 D - 0xfffff800031fe600 [CAM taskq] db> show all locks Process 792 (arp) thread 0xfffff8003a70e000 (100101) exclusive rw pmap pv list (pmap pv list) r = 0 (0xfffffe0003603840) locked @ /syzkaller/managers/i386/kernel/sys/amd64/amd64/pmap.c:7312 exclusive sleep mutex pmap (pmap) r = 0 (0xfffff8003a6e3120) locked @ /syzkaller/managers/i386/kernel/sys/amd64/amd64/pmap.c:7232 Process 790 (sysctl) thread 0xfffff8003a422000 (100093) shared lockmgr ufs (ufs) r = 0 (0xfffff80003a0d438) locked @ /syzkaller/managers/i386/kernel/sys/kern/vfs_lookup.c:751 db> show malloc Type InUse MemUse Requests devbuf 4213 4851K 4238 vtbuf 24 1968K 46 sysctloid 26737 1565K 26801 kobj 332 1328K 488 newblk 520 1154K 575 vfscache 4 1025K 4 pcb 22 537K 74 inodedep 29 526K 85 ufs_quota 1 512K 1 vfs_hash 1 512K 1 callout 2 512K 2 intr 4 388K 4 subproc 114 243K 856 acpica 1674 185K 49750 vnet_data 1 168K 1 pagedep 15 132K 25 tfo_ccache 1 128K 1 sem 4 106K 4 DEVFS1 103 103K 116 filedesc 14 97K 34 linker 222 89K 250 temp 27 81K 1672 bus 976 79K 3316 mtx_pool 2 72K 2 syncache 1 68K 1 acpitask 1 64K 1 ddb_capture 1 64K 1 module 494 62K 494 gtaskqueue 22 34K 22 hostcache 1 32K 1 shm 1 32K 1 kdtrace 166 32K 1650 DEVFS3 122 31K 132 msg 4 30K 4 umtx 240 30K 240 DEVFS_RULE 56 27K 56 kbdmux 6 22K 6 vmem 3 19K 4 BPF 12 18K 12 ifaddr 49 17K 51 ufs_mount 3 17K 4 proc 3 17K 3 tty 16 16K 16 tidhash 1 16K 1 ithread 89 15K 89 bus-sc 30 14K 1394 KTRACE 100 13K 100 kenv 95 12K 99 eventhandler 122 11K 122 pfs_nodes 20 10K 20 GEOM 60 10K 487 rman 82 10K 423 lltable 27 10K 27 bmsafemap 2 9K 53 ifnet 5 9K 5 devstat 4 9K 4 UART 12 9K 12 ether_multi 101 9K 106 rpc 2 8K 2 shmfd 1 8K 1 pfs_vncache 1 8K 1 audit_evclass 231 8K 289 cred 27 7K 195 in6_multi 51 7K 51 routetbl 42 7K 46 CAM DEV 3 6K 510 kqueue 55 6K 799 vt 11 6K 11 sglist 5 6K 5 CAM queue 5 6K 1528 plimit 20 5K 326 ufs_dirhash 24 5K 24 taskqueue 42 5K 42 memdesc 1 4K 1 MCA 32 4K 32 evdev 4 4K 4 UMA 236 4K 236 DEVFSP 53 4K 55 hhook 13 4K 13 kcovinfo 49 4K 51 diradd 23 3K 52 session 23 3K 32 pgrp 23 3K 32 acpisem 22 3K 22 terminal 11 3K 11 proc-args 47 3K 497 uidinfo 4 3K 4 indirdep 9 3K 9 mkdir 17 3K 30 local_apic 1 2K 1 io_apic 1 2K 1 ipsec-saq 2 2K 2 ip6ndp 11 2K 12 select 16 2K 16 CAM XPT 22 2K 543 lockf 15 2K 22 Unitno 25 2K 41 newdirblk 11 2K 15 acpidev 20 2K 20 crypto 2 2K 2 sctp_ifa 10 2K 10 msi 9 2K 9 softdep 1 1K 1 dirrem 4 1K 28 ipsecpolicy 1 1K 1 sahead 1 1K 1 secasvar 1 1K 1 in_multi 4 1K 5 clone 8 1K 8 vnodemarker 2 1K 8 NFSD session 1 1K 1 CAM periph 4 1K 271 toponodes 6 1K 6 isadev 6 1K 6 mount 16 1K 86 pci_link 10 1K 10 tun 5 1K 5 CAM SIM 2 1K 2 mld 4 1K 4 sctp_ifn 4 1K 4 igmp 4 1K 4 pfil 4 1K 4 chacha20random 1 1K 1 epoch 4 1K 4 cdev 2 1K 2 encap_export_host 8 1K 8 osd 3 1K 9 freefile 2 1K 22 inpcbpolicy 8 1K 140 vnodes 1 1K 1 NFSD lckfile 1 1K 1 NFSD V4client 1 1K 1 DEVFS 9 1K 10 feeder 7 1K 7 loginclass 3 1K 3 CAM path 4 1K 1034 apmdev 1 1K 1 atkbddev 2 1K 2 pmchooks 1 1K 1 prison 4 1K 4 CAM dev queue 2 1K 2 CAM I/O Scheduler 1 1K 1 soname 4 1K 5714 filecaps 4 1K 66 nexusdev 5 1K 5 entropy 2 1K 35 tcpfunc 1 1K 1 sctp_vrf 1 1K 1 vnet 1 1K 1 acpiintr 1 1K 1 pmc 1 1K 1 cpus 2 1K 2 freework 1 1K 26 vnet_data_free 1 1K 1 Per-cpu 1 1K 1 p1003.1b 1 1K 1 CAM CCB 0 0K 1872 madt_table 0 0K 2 PUC 0 0K 0 ppbusdev 0 0K 0 agtiapi_MemAlloc malloc 0 0K 0 osti_cacheable 0 0K 0 tempbuff 0 0K 0 tempbuff 0 0K 0 pvscsi 0 0K 0 smartpqi 0 0K 0 ag_tgt_map_t malloc 0 0K 0 ag_slr_map_t malloc 0 0K 0 lDevFlags * malloc 0 0K 0 tiDeviceHandle_t * malloc 0 0K 0 ag_portal_data_t malloc 0 0K 0 ag_device_t malloc 0 0K 0 STLock malloc 0 0K 0 CCB List 0 0K 0 iavf 0 0K 0 ixl 0 0K 0 sr_iov 0 0K 0 OCS 0 0K 0 OCS 0 0K 0 nvme 0 0K 0 nvd 0 0K 0 netmap 0 0K 0 mwldev 0 0K 0 MVS driver 0 0K 0 fpukern_ctx 0 0K 0 xen_intr 0 0K 0 CAM ccb queue 0 0K 0 xen_hvm 0 0K 0 legacydrv 0 0K 0 qpidrv 0 0K 0 mrsasbuf 0 0K 0 mpt_user 0 0K 0 dmar_idpgtbl 0 0K 0 dmar_dom 0 0K 0 dmar_ctx 0 0K 0 dmar_dmamap 0 0K 0 mps_user 0 0K 0 MPSSAS 0 0K 0 isci 0 0K 0 bxe_ilt 0 0K 0 xenbus 0 0K 0 vm_fictitious 0 0K 0 mps 0 0K 0 mpr_user 0 0K 0 MPRSAS 0 0K 0 UMAHash 0 0K 0 vm_pgdata 0 0K 0 jblocks 0 0K 0 savedino 0 0K 13 sentinel 0 0K 0 jfsync 0 0K 0 jtrunc 0 0K 0 sbdep 0 0K 3 jsegdep 0 0K 0 jseg 0 0K 0 jfreefrag 0 0K 0 jfreeblk 0 0K 0 jnewblk 0 0K 0 jmvref 0 0K 0 jremref 0 0K 0 jaddref 0 0K 0 freedep 0 0K 0 freeblks 0 0K 25 freefrag 0 0K 5 allocindir 0 0K 0 allocdirect 0 0K 0 ufs_trim 0 0K 0 mactemp 0 0K 0 audit_trigger 0 0K 0 audit_pipe_presel 0 0K 0 audit_pipeent 0 0K 0 audit_pipe 0 0K 0 audit_evname 0 0K 0 audit_bsm 0 0K 0 audit_gidset 0 0K 0 audit_text 0 0K 0 audit_path 0 0K 0 audit_data 0 0K 0 audit_cred 0 0K 0 xform 0 0K 0 NLM 0 0K 0 nfsclient_nlminfo 0 0K 0 nfsclient_lock 0 0K 0 NFS FHA 0 0K 0 ipsec-spdcache 0 0K 0 ipsec-reg 0 0K 0 ipsec-misc 0 0K 0 ipsecrequest 0 0K 0 ip6opt 0 0K 3 ip6_msource 0 0K 0 ip6_moptions 0 0K 0 in6_mfilter 0 0K 0 frag6 0 0K 0 tcplog 0 0K 0 LRO 0 0K 0 sctp_mcore 0 0K 0 sctp_socko 0 0K 0 sctp_iter 0 0K 6 sctp_mvrf 0 0K 0 sctp_timw 0 0K 0 sctp_cpal 0 0K 0 sctp_cmsg 0 0K 0 sctp_stre 0 0K 0 sctp_athi 0 0K 0 sctp_athm 0 0K 0 sctp_atky 0 0K 0 sctp_atcl 0 0K 0 sctp_a_it 0 0K 6 sctp_aadr 0 0K 0 sctp_stro 0 0K 0 sctp_stri 0 0K 0 sctp_map 0 0K 0 newreno data 0 0K 0 ip_msource 0 0K 0 ip_moptions 0 0K 0 in_mfilter 0 0K 0 ipid 0 0K 0 80211scan 0 0K 0 80211ratectl 0 0K 0 80211power 0 0K 0 80211nodeie 0 0K 0 80211node 0 0K 0 80211mesh_gt 0 0K 0 80211mesh_rt 0 0K 0 80211perr 0 0K 0 80211prep 0 0K 0 80211preq 0 0K 0 80211dfs 0 0K 0 80211crypto 0 0K 0 80211vap 0 0K 0 iflib 0 0K 0 vlan 0 0K 0 gif 0 0K 0 ifdescr 0 0K 0 zlib 0 0K 0 fadvise 0 0K 0 mpr 0 0K 0 statfs 0 0K 189 export_host 0 0K 0 cl_savebuf 0 0K 2 biobuf 0 0K 0 aios 0 0K 0 lio 0 0K 0 acl 0 0K 0 mfibuf 0 0K 0 mbuf_tag 0 0K 60 accf 0 0K 0 pts 0 0K 0 iov 0 0K 13260 ioctlops 0 0K 90 Witness 0 0K 0 stack 0 0K 0 md_sectors 0 0K 0 sbuf 0 0K 288 md_disk 0 0K 0 compressor 0 0K 0 malodev 0 0K 0 SWAP 0 0K 0 LED 0 0K 0 sysctltmp 0 0K 565 sysctl 0 0K 1 ekcd 0 0K 0 dumper 0 0K 0 rctl 0 0K 0 ix_sriov 0 0K 0 aacraidcam 0 0K 0 ix 0 0K 0 ipsbuf 0 0K 0 iirbuf 0 0K 0 cache 0 0K 0 aacraid_buf 0 0K 0 prison_racct 0 0K 0 Fail Points 0 0K 0 sigio 0 0K 1 filedesc_to_leader 0 0K 0 tty console 0 0K 0 aaccam 0 0K 0 aacbuf 0 0K 0 zstd 0 0K 0 nvlist 0 0K 0 SCSI ENC 0 0K 0 SCSI sa 0 0K 0 isofs_node 0 0K 0 isofs_mount 0 0K 0 tr_raid5_data 0 0K 0 tr_raid1e_data 0 0K 0 tr_raid1_data 0 0K 0 tr_raid0_data 0 0K 0 tr_concat_data 0 0K 0 md_sii_data 0 0K 0 md_promise_data 0 0K 0 md_nvidia_data 0 0K 0 md_jmicron_data 0 0K 0 md_intel_data 0 0K 0 md_ddf_data 0 0K 0 raid_data 0 0K 72 geom_flashmap 0 0K 0 newnfsmnt 0 0K 0 newnfsclient_req 0 0K 0 NFSCL layrecall 0 0K 0 NFSCL session 0 0K 0 NFSCL sockreq 0 0K 0 NFSCL devinfo 0 0K 0 NFSCL flayout 0 0K 0 NFSCL layout 0 0K 0 NFSD rollback 0 0K 0 NFSCL diroffdiroff 0 0K 0 NEWdirectio 0 0K 0 NEWNFSnode 0 0K 0 NFSCL lck 0 0K 0 NFSCL lckown 0 0K 0 NFSCL client 0 0K 0 NFSCL deleg 0 0K 0 NFSCL open 0 0K 0 NFSCL owner 0 0K 0 NFS fh 0 0K 0 NFS req 0 0K 0 NFSD usrgroup 0 0K 0 NFSD string 0 0K 0 NFSD V4lock 0 0K 0 NFSD V4state 0 0K 0 NFSD srvcache 0 0K 0 msdosfs_fat 0 0K 0 msdosfs_mount 0 0K 0 msdosfs_node 0 0K 0 DEVFS4 0 0K 0 DEVFS2 0 0K 0 gntdev 0 0K 0 privcmd_dev 0 0K 0 evtchn_dev 0 0K 0 xenstore 0 0K 0 scsi_pass 0 0K 0 ciss_data 0 0K 0 xnb 0 0K 0 xbbd 0 0K 0 xbd 0 0K 0 Balloon 0 0K 0 sysmouse 0 0K 0 vtfont 0 0K 0 ath_hal 0 0K 0 athdev 0 0K 0 ata_pci 0 0K 0 ata_dma 0 0K 0 ata_generic 0 0K 0 amr 0 0K 0 scsi_da 0 0K 69 ata_da 0 0K 0 scsi_ch 0 0K 0 scsi_cd 0 0K 0 USBdev 0 0K 0 USB 0 0K 0 AHCI driver 0 0K 0 agp 0 0K 0 nvme_da 0 0K 0 acpipwr 0 0K 0 twsbuf 0 0K 0 twe_commands 0 0K 0 twa_commands 0 0K 0 tcp_log_dev 0 0K 0 midi buffers 0 0K 0 mixer 0 0K 0 ac97 0 0K 0 hdacc 0 0K 0 hdac 0 0K 0 hdaa 0 0K 0 acpi_perf 0 0K 0 acpicmbat 0 0K 0 SIIS driver 0 0K 0 db> show ktr No such command; use "help" to list available commands