Autoloading module: intpm.ko Starting background file system checks in 60 seconds. Wed Oct 9 04:59 FreeBSD/amd64 (ci-freebsd-i386-3.c.syzkaller.internal) (ttyu0) Warning: Permanently added '10.128.10.33' (ECDSA) to the list of known hosts. 2019/10/09 05:00:09 fuzzer started 2019/10/09 05:00:09 dialing manager at 10.128.0.248:59871 2019/10/09 05:00:09 syscalls: 496 2019/10/09 05:00:09 code coverage: enabled 2019/10/09 05:00:09 comparison tracing: enabled 2019/10/09 05:00:09 extra coverage: support is not implemented in syzkaller 2019/10/09 05:00:09 setuid sandbox: support is not implemented in syzkaller 2019/10/09 05:00:09 namespace sandbox: support is not implemented in syzkaller 2019/10/09 05:00:09 Android sandbox: support is not implemented in syzkaller 2019/10/09 05:00:09 fault injection: support is not implemented in syzkaller 2019/10/09 05:00:09 leak checking: support is not implemented in syzkaller 2019/10/09 05:00:09 net packet injection: enabled 2019/10/09 05:00:09 net device setup: support is not implemented in syzkaller 2019/10/09 05:00:09 concurrency sanitizer: support is not implemented in syzkaller 05:00:09 executing program 0: freebsd11_mknod(0x0, 0x0, 0x0) poll(&(0x7f00000003c0), 0x16, 0xc7) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000200)={{0xffffffff2840029c}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000200)={{0xffffffff2840029b}}) 05:00:09 executing program 1: clock_nanosleep(0x7, 0x1, &(0x7f0000000040), 0x0) 05:00:09 executing program 2: r0 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x10382, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f00000006c0), 0x100000}], 0x3, 0x0) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000000)={{0xffffffff284002b1}}) fstat(0xffffffffffffff9c, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000280)={{0xffffffff284002de, r1, 0x0, 0x0, 0x0, 0x0, 0x2000000000002}}) r2 = getegid() fchown(0xffffffffffffff9c, r1, r2) semget(0x2, 0x1, 0x390) getgid() geteuid() msgget(0x3, 0x40) r3 = socket$inet6_sctp(0x1c, 0x0, 0x84) r4 = dup(r3) fchmodat(r4, &(0x7f0000000240)='./file0\x00', 0x149) freebsd11_lstat(&(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = fcntl$getown(r4, 0x5) r8 = msgget$private(0x0, 0x12) msgsnd(r8, &(0x7f0000000240)=ANY=[], 0x0, 0x801) msgsnd(r8, &(0x7f0000000500)=ANY=[], 0x0, 0x800) msgctl$IPC_INFO(r8, 0x3, &(0x7f0000000140)=""/10) r9 = open$dir(&(0x7f0000000300)='./file0\x00', 0x4000040000010e82, 0x0) pwritev(r9, &(0x7f0000000080)=[{&(0x7f00000006c0), 0x100000}], 0x1, 0x0) freebsd11_fstat(r9, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000540)={{0x2, r10, r6, r5, r6, 0x101, 0x280}, 0x6, 0xf91, 0x0, 0x8, 0x0, 0x7, 0x0, r7}) socket$inet6_icmp(0x1c, 0x2, 0x3a) r11 = open$dir(&(0x7f0000000300)='./file0\x00', 0x4000040000010e82, 0x0) pwritev(r11, &(0x7f0000000080)=[{&(0x7f00000006c0), 0x100000}], 0x1, 0x0) fstat(r11, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000280)={{0xffffffff284002de, r12, 0x0, 0x0, 0x0, 0x0, 0x2000000000002}}) r13 = getegid() fchown(0xffffffffffffff9c, r12, r13) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r15 = socket$inet6_sctp(0x1c, 0x0, 0x84) r16 = dup(r15) fchmodat(r16, &(0x7f0000000240)='./file0\x00', 0x149) freebsd11_lstat(&(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r19 = fcntl$getown(r16, 0x5) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000540)={{0x7, 0x0, r18, r17, r18, 0x101, 0x80}, 0x6, 0xf91, 0x0, 0x8, 0x0, 0x7, 0x0, r19}) fcntl$setown(r14, 0x6, r19) pipe2(&(0x7f0000000100), 0x0) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000100)={{0xffffffff2840029d, 0x0, 0x0, r1, 0x0, 0x13}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000200)={{0xffffff7f2840029b}}) 05:00:09 executing program 3: r0 = open(&(0x7f0000000000)='./file0\x00', 0xa00, 0x0) poll(&(0x7f00000000c0)=[{}, {}, {r0}], 0x3, 0x200) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000380)={{0xffffffff2840029e}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000080)={{0xffffffff284002cb}}) login: panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/i386/kernel/sys/net/if.c:3827 cpuid = 1 time = 1570597209 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00242e55b0 vpanic() at vpanic+0x1e0/frame 0xfffffe00242e5610 panic() at panic+0x43/frame 0xfffffe00242e5670 if_setlladdr() at if_setlladdr+0x34c/frame 0xfffffe00242e56e0 ifhwioctl() at ifhwioctl+0x9e0/frame 0xfffffe00242e5770 ifioctl() at ifioctl+0x4c2/frame 0xfffffe00242e5840 kern_ioctl() at kern_ioctl+0x465/frame 0xfffffe00242e58b0 sys_ioctl() at sys_ioctl+0x267/frame 0xfffffe00242e5980 amd64_syscall() at amd64_syscall+0x477/frame 0xfffffe00242e5ab0 fast_syscall_common() at fast_syscall_common+0x101/frame 0xfffffe00242e5ab0 --- syscall (54, FreeBSD ELF64, sys_ioctl), rip = 0x8004882ca, rsp = 0x7fffffffe428, rbp = 0x7fffffffe470 --- KDB: enter: panic [ thread pid 774 tid 100111 ] Stopped at kdb_enter+0x6a: movq $0,kdb_why