Warning: Permanently added '10.128.0.97' (ECDSA) to the list of known hosts. 2019/01/26 21:23:38 parsed 1 programs 2019/01/26 21:23:43 executed programs: 0 panic: vmmaplk: lock not shared Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 23829 12980 0 0x1000 0x4080000 0K syz-executor1 126393 19992 0 0x14000 0x200 1 reaper db_enter() at db_enter+0x18 panic() at panic+0x16c _rw_exit_read(ffff800020be4970,2b4,ffff800020c7eee8) at _rw_exit_read+0x12b uvm_fault(a3135900ceed07de,ffff800020be4970,0,ffffffff81156dd0) at uvm_fault+0x 23bb pageflttrap() at pageflttrap+0x216 kerntrap(5e1d10d99cfe8708) at kerntrap+0xeb alltraps_kern(6,7f7fdfffbfc0,20000040,0,ffff800020be4970,ffff800020c7f440) at a lltraps_kern+0x7b copyinstr(f8e0b697feec4fa6,ffff800020c7f400,201,0,0,4c) at copyinstr+0x50 vn_open(786d718768b9529a,201,205) at vn_open+0x147 doopenat(2507b7bc03de4628,0,ffff800020be4970,dc8a1e85b48,0,50) at doopenat+0x2b 9 syscall(77cf57e6203dcffd) at syscall+0x5a0 Xsyscall(6,0,ffffffffffffffac,0,3,dc67ee0a010) at Xsyscall+0x128 end of kernel end trace frame: 0xdc8a1e85bd0, count: 3 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> show panic vmmaplk: lock not shared ddb{0}> trace db_enter() at db_enter+0x18 panic() at panic+0x16c _rw_exit_read(ffff800020be4970,2b4,ffff800020c7eee8) at _rw_exit_read+0x12b uvm_fault(a3135900ceed07de,ffff800020be4970,0,ffffffff81156dd0) at uvm_fault+0x23bb pageflttrap() at pageflttrap+0x216 kerntrap(5e1d10d99cfe8708) at kerntrap+0xeb alltraps_kern(6,7f7fdfffbfc0,20000040,0,ffff800020be4970,ffff800020c7f440) at alltraps_kern+0x7b copyinstr(f8e0b697feec4fa6,ffff800020c7f400,201,0,0,4c) at copyinstr+0x50 vn_open(786d718768b9529a,201,205) at vn_open+0x147 doopenat(2507b7bc03de4628,0,ffff800020be4970,dc8a1e85b48,0,50) at doopenat+0x2b9 syscall(77cf57e6203dcffd) at syscall+0x5a0 Xsyscall(6,0,ffffffffffffffac,0,3,dc67ee0a010) at Xsyscall+0x128 end of kernel end trace frame: 0xdc8a1e85bd0, count: -12 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff800020c7ed50 rbx 0xffff800020c7edf0 rdx 0xffffffff81f31836 cy_pio_rec+0x3821 rcx 0x201 rax 0x1 r8 0xffffffff81d43064 kprintf+0x174 r9 0x1 r10 0x1400ded5664061e9 r11 0x4321904dc1b2cba7 r12 0x3000000008 r13 0xffff800020c7ed60 r14 0x100 r15 0x1 rip 0xffffffff81724178 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800020c7ed40 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor1) pid=23829 stat=onproc flags process=1000 proc=4080000 pri=32, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff800020b75070,0xffff800020be59e8 process=0xffff800020b94010 user=0xffff800020c7a000, vmspace=0xfffffd807f00cca8 estcpu=0, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 12980 290188 44993 0 3 0x3000 suspend syz-executor1 *12980 23829 44993 0 7 0x4081000 syz-executor1 12980 5261 44993 0 2 0x4081000 syz-executor1 91278 499211 66513 0 3 0x80 nanosleep syz-executor0 91278 246246 66513 0 3 0x4000080 fsleep syz-executor0 91278 161812 66513 0 3 0x4000080 fsleep syz-executor0 44993 226592 51315 0 3 0x82 nanosleep syz-executor1 66513 377546 51315 0 3 0x82 nanosleep syz-executor0 51315 7350 13370 0 3 0x82 thrsleep syz-execprog 51315 368707 13370 0 3 0x4000082 thrsleep syz-execprog 51315 167860 13370 0 3 0x4000082 thrsleep syz-execprog 51315 98025 13370 0 3 0x4000082 thrsleep syz-execprog 51315 158400 13370 0 3 0x4000082 thrsleep syz-execprog 51315 486233 13370 0 3 0x4000082 kqread syz-execprog 51315 449386 13370 0 3 0x4000082 thrsleep syz-execprog 51315 26736 13370 0 3 0x4000082 thrsleep syz-execprog 13370 304069 63843 0 3 0x10008a pause ksh 63843 290392 27292 0 3 0x92 select sshd 46016 521108 1 0 3 0x100083 ttyin getty 27292 414550 1 0 3 0x80 select sshd 54602 399140 21501 73 3 0x100090 kqread syslogd 21501 48578 1 0 3 0x100082 netio syslogd 21397 399170 1 77 3 0x100090 poll dhclient 50790 114446 1 0 3 0x80 poll dhclient 37925 448278 0 0 2 0x14200 zerothread 25954 176002 0 0 3 0x14200 aiodoned aiodoned 68042 460847 0 0 3 0x14200 syncer update 50284 78232 0 0 3 0x14200 cleaner cleaner 19992 126393 0 0 7 0x14200 reaper 16155 189160 0 0 3 0x14200 pgdaemon pagedaemon 5095 404182 0 0 3 0x14200 bored crynlk 52383 438754 0 0 3 0x14200 bored crypto 9613 513226 0 0 3 0x40014200 acpi0 acpi0 17201 160958 0 0 3 0x40014200 idle1 83327 445836 0 0 3 0x14200 bored softnet 76527 356774 0 0 3 0x14200 bored systqmp 31774 227163 0 0 3 0x14200 bored systq 58435 168303 0 0 3 0x40014200 bored softclock 17308 419364 0 0 3 0x40014200 idle0 1 294538 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 12980 (syz-executor1) thread 0xffff800020be4970 (23829) exclusive kernel_lock &kernel_lock r = 1 (0xffffffff822d2378) locked @ /syzkaller/managers/multicore/kernel/sys/kern/sched_bsd.c:429 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9452 6320K 6320K 78643K 10539 0 0 pcb 23 9K 9K 78643K 55 0 0 rtable 97 3K 3K 78643K 167 0 0 ifaddr 34 9K 9K 78643K 34 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 2K 78643K 15 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1166 73K 73K 78643K 1171 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 1K 78643K 2 0 0 VM map 2 1K 1K 78643K 2 0 0 sem 2 0K 0K 78643K 2 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1792 194K 288K 78643K 12592 0 0 file desc 6 17K 25K 78643K 20 0 0 proc 40 38K 70K 78643K 241 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 in_multi 33 2K 2K 78643K 33 0 0 ether_multi 1 0K 0K 78643K 1 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 18 79K 79K 78643K 18 0 0 exec 0 0K 1K 78643K 165 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 74 19K 20K 78643K 796 0 0 UVM aobj 2 2K 2K 78643K 2 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 NDP 9 0K 0K 78643K 9 0 0 temp 46 2346K 2409K 78643K 2690 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{0}>