Warning: Permanently added '10.128.0.157' (ECDSA) to the list of known hosts. 2020/04/26 13:07:07 fuzzer started 2020/04/26 13:07:07 dialing manager at 10.128.0.248:46281 2020/04/26 13:07:07 syscalls: 522 2020/04/26 13:07:07 code coverage: enabled 2020/04/26 13:07:07 comparison tracing: enabled 2020/04/26 13:07:07 extra coverage: support is not implemented in syzkaller 2020/04/26 13:07:07 setuid sandbox: support is not implemented in syzkaller 2020/04/26 13:07:07 namespace sandbox: support is not implemented in syzkaller 2020/04/26 13:07:07 Android sandbox: support is not implemented in syzkaller 2020/04/26 13:07:07 fault injection: support is not implemented in syzkaller 2020/04/26 13:07:07 leak checking: support is not implemented in syzkaller 2020/04/26 13:07:07 net packet injection: enabled 2020/04/26 13:07:07 net device setup: support is not implemented in syzkaller 2020/04/26 13:07:07 concurrency sanitizer: support is not implemented in syzkaller 2020/04/26 13:07:07 devlink PCI setup: support is not implemented in syzkaller 2020/04/26 13:07:07 USB emulation: support is not implemented in syzkaller 13:07:09 executing program 0: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept4$inet6(r0, 0x0, 0x0, 0x0) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f00000002c0)={{0x284002ad}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000000)={{0xffffffff2840029e}}) 13:07:09 executing program 1: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) recvmsg(r0, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000000)={{0xffffffff284002cb}}) 13:07:09 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:09 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:10 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:10 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:10 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:10 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) ftruncate(r2, 0x0) 13:07:10 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) ftruncate(r2, 0x0) 13:07:10 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept$inet6(r0, 0x0, 0x0) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000200)={{0xffffffff284002a9}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000300)={{0xffffffff284002d2}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000000)={{0xffffffff284002a6}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000200)={{0x2840029d}}) 13:07:10 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:10 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:10 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) ftruncate(r2, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:11 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept$inet6(r0, 0x0, 0x0) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000080)={{0xffffffff284002a1}}) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000080)={{0x2840029b, 0xffffffffffffffff}}) 13:07:11 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:11 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:11 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(0xffffffffffffffff, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:12 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(0xffffffffffffffff, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:12 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept(r0, 0x0, 0x0) __semctl$IPC_SET(0x0, 0x0, 0xa, &(0x7f0000000180)={{0xffffffff2840029d, 0x0, 0x0, 0x0, 0xffffffffffffffff}}) 13:07:12 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:12 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:12 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(0xffffffffffffffff, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:12 executing program 3: r0 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, 0xffffffffffffffff, 0x0) ftruncate(r0, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:12 executing program 3: r0 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, 0xffffffffffffffff, 0x0) ftruncate(r0, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:12 executing program 3: r0 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, 0xffffffffffffffff, 0x0) ftruncate(r0, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:12 executing program 3: r0 = open(0x0, 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:13 executing program 1: nanosleep(&(0x7f0000000040), &(0x7f0000000080)) 13:07:13 executing program 3: r0 = open(0x0, 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:13 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:13 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) 13:07:13 executing program 3: r0 = open(0x0, 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:13 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:13 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept4(r0, 0x0, 0x0, 0x0) accept4$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @remote}, &(0x7f0000000040)=0x1c, 0x20000000) r1 = socket$inet6_sctp(0x1c, 0x1, 0x84) bind(r1, &(0x7f0000000000)=@in6={0x1c, 0x1c, 0x2, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000180)={0xffffffffffffff5f, 0x1c, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000100)={0x0, 0x2}, 0x8) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000080)={0x0, 0x5af7, 0x2, [0x9, 0x0]}, 0xc) socket(0x2, 0x5, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x105, 0x0, &(0x7f0000000000)) 13:07:13 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:13 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:13 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:14 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) 13:07:14 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:14 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:14 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:14 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:14 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept4(r0, 0x0, 0x0, 0x0) accept4$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @remote}, &(0x7f0000000040)=0x1c, 0x20000000) r1 = socket$inet6_sctp(0x1c, 0x1, 0x84) bind(r1, &(0x7f0000000000)=@in6={0x1c, 0x1c, 0x2, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000180)={0xffffffffffffff5f, 0x1c, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000100)={0x0, 0x2}, 0x8) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000080)={0x0, 0x5af7, 0x2, [0x9, 0x0]}, 0xc) socket(0x2, 0x5, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x105, 0x0, &(0x7f0000000000)) 13:07:14 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:14 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:15 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) 13:07:15 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:15 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x10, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:15 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept4(r0, 0x0, 0x0, 0x0) accept4$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @remote}, &(0x7f0000000040)=0x1c, 0x20000000) r1 = socket$inet6_sctp(0x1c, 0x1, 0x84) bind(r1, &(0x7f0000000000)=@in6={0x1c, 0x1c, 0x2, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000180)={0xffffffffffffff5f, 0x1c, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000100)={0x0, 0x2}, 0x8) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000080)={0x0, 0x5af7, 0x2, [0x9, 0x0]}, 0xc) socket(0x2, 0x5, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x105, 0x0, &(0x7f0000000000)) 13:07:15 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x10, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:15 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x10, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:15 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, 0xffffffffffffffff, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:15 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, 0xffffffffffffffff, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:15 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) read(0xffffffffffffffff, &(0x7f0000000380)=""/4096, 0x72b) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:15 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, 0xffffffffffffffff, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:15 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) read(0xffffffffffffffff, &(0x7f0000000380)=""/4096, 0x72b) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:16 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(0xffffffffffffffff, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:16 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept4(r0, 0x0, 0x0, 0x0) accept4$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @remote}, &(0x7f0000000040)=0x1c, 0x20000000) r1 = socket$inet6_sctp(0x1c, 0x1, 0x84) bind(r1, &(0x7f0000000000)=@in6={0x1c, 0x1c, 0x2, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000180)={0xffffffffffffff5f, 0x1c, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000100)={0x0, 0x2}, 0x8) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000080)={0x0, 0x5af7, 0x2, [0x9, 0x0]}, 0xc) socket(0x2, 0x5, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x105, 0x0, &(0x7f0000000000)) 13:07:16 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) read(0xffffffffffffffff, &(0x7f0000000380)=""/4096, 0x72b) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:16 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) read(0xffffffffffffffff, &(0x7f0000000380)=""/4096, 0x72b) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:16 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(0xffffffffffffffff, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:16 executing program 0: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) read(0xffffffffffffffff, &(0x7f0000000380)=""/4096, 0x72b) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:16 executing program 2: freebsd11_mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) read(0xffffffffffffffff, &(0x7f0000000380)=""/4096, 0x72b) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:16 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(0xffffffffffffffff, 0xfffffffe) r1 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r1, 0x0) ftruncate(r1, 0x0) 13:07:16 executing program 0: r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:16 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) listen(r0, 0x0) accept4(r0, 0x0, 0x0, 0x0) accept4$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0xffffffffffffffff, 0x0, @remote}, &(0x7f0000000040)=0x1c, 0x20000000) r1 = socket$inet6_sctp(0x1c, 0x1, 0x84) bind(r1, &(0x7f0000000000)=@in6={0x1c, 0x1c, 0x2, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000180)={0xffffffffffffff5f, 0x1c, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000100)={0x0, 0x2}, 0x8) setsockopt$inet6_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x901, &(0x7f0000000080)={0x0, 0x5af7, 0x2, [0x9, 0x0]}, 0xc) socket(0x2, 0x5, 0x0) 13:07:16 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0x0) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:16 executing program 2: r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:16 executing program 0: r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) read(r0, &(0x7f0000000380)=""/4096, 0x72b) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013) 13:07:16 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0x0) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:16 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0x0) r2 = open$dir(&(0x7f0000000700)='./file0\x00', 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:16 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(0x0, 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) 13:07:16 executing program 3: r0 = open(&(0x7f0000000480)='./file0\x00', 0x80000000000206, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x12, r0, 0x0) ftruncate(r1, 0xfffffffe) r2 = open$dir(0x0, 0x202, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x7, 0x11, r2, 0x0) ftruncate(r2, 0x0) login: Fatal trap 9: general protection fault while in kernel mode cpuid = 1; apic id = 01 instruction pointer = 0x20:0xffffffff813f638f stack pointer = 0x0:0xfffffe0025a8f280 frame pointer = 0x0:0xfffffe0025a8f2d0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 936 (syz-executor.1) trap number = 9 panic: general protection fault cpuid = 1 time = 1587906437 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe0025a8ef50 vpanic() at vpanic+0x1c7/frame 0xfffffe0025a8efb0 panic() at panic+0x43/frame 0xfffffe0025a8f010 trap_fatal() at trap_fatal+0x4ca/frame 0xfffffe0025a8f090 trap() at trap+0xda/frame 0xfffffe0025a8f1b0 calltrap() at calltrap+0x8/frame 0xfffffe0025a8f1b0 --- trap 0x9, rip = 0xffffffff813f638f, rsp = 0xfffffe0025a8f280, rbp = 0xfffffe0025a8f2d0 --- in6_selecthlim() at in6_selecthlim+0x4f/frame 0xfffffe0025a8f2d0 sctp_lowlevel_chunk_output() at sctp_lowlevel_chunk_output+0x1651/frame 0xfffffe0025a8f420 sctp_med_chunk_output() at sctp_med_chunk_output+0x1916/frame 0xfffffe0025a8fe10 sctp_chunk_output() at sctp_chunk_output+0x1c45/frame 0xfffffe0025a90760 sctp_disconnect() at sctp_disconnect+0x5fb/frame 0xfffffe0025a907e0 soclose() at soclose+0xe5/frame 0xfffffe0025a90860 _fdrop() at _fdrop+0x38/frame 0xfffffe0025a90890 closef() at closef+0x28b/frame 0xfffffe0025a90920 fdescfree_fds() at fdescfree_fds+0xb4/frame 0xfffffe0025a90970 fdescfree() at fdescfree+0x582/frame 0xfffffe0025a90a30 exit1() at exit1+0x6c5/frame 0xfffffe0025a90aa0 sys_sys_exit() at sys_sys_exit+0xd/frame 0xfffffe0025a90ab0 ia32_syscall() at ia32_syscall+0x24e/frame 0xfffffe0025a90bf0 int0x80_syscall_common() at int0x80_syscall_common+0x9c KDB: enter: panic [ thread pid 936 tid 100121 ] Stopped at kdb_enter+0x67: movq $0,0x14a9b06(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b ll+0x1a es 0x3b ll+0x1a fs 0x13 gs 0x1b ss 0 rax 0x12 rcx 0xffffffff810b8ab0 vprintf+0x140 rdx 0x1 rbx 0 rsp 0xfffffe0025a8ef30 rbp 0xfffffe0025a8ef50 rsi 0 rdi 0xffffffff810b8ae6 vprintf+0x176 r8 0 r9 0xffffffff r10 0x264e ll+0x262d r11 0x264e ll+0x262d r12 0xffffffff82068ea0 ddb_dbbe r13 0 r14 0xffffffff81942f65 r15 0xffffffff81942f65 rip 0xffffffff810add67 kdb_enter+0x67 rflags 0x200086 kernphys+0x86 kdb_enter+0x67: movq $0,0x14a9b06(%rip) db> show proc Process 936 (syz-executor.1) at 0xfffff8003b6e4000: state: NORMAL uid: 0 gids: 0, 0, 5 parent: pid 771 at 0xfffff80003ca2a40 ABI: FreeBSD ELF32 arguments: /root/syz-executor.1 reaper: 0xfffff8000331a000 reapsubtree: 1 sigparent: 20 vmspace: 0xfffffe00257fd9e8 (map 0xfffffe00257fd9e8) (map.pmap 0xfffffe00257fdaa8) (pmap 0xfffffe00257fdb08) threads: 1 100121 Run CPU 1 syz-executor.1 db> ps pid ppid pgrp uid state wmesg wchan cmd 936 771 771 0 RE CPU 1 syz-executor.1 869 1 869 0 Ss select 0xfffff8003b4e9b40 rtsol 868 1 868 0 Ss select 0xfffff8003b4e9bc0 rtsol 867 1 867 0 Ss select 0xfffff8003b4e9c40 rtsol 864 784 424 0 S kqread 0xfffff8000320b700 rtsol 784 775 424 0 S wait 0xfffff80003ca4a40 sh 783 768 783 0 Ss piperd 0xfffff80003cb65f0 syz-executor.2 781 768 781 0 Ss piperd 0xfffff80003cac8e8 syz-executor.3 775 424 424 0 S wait 0xfffff80003d40520 sh 771 768 771 0 Ss nanslp 0xffffffff8252c1f0 syz-executor.1 770 768 770 0 Ss piperd 0xfffff80003ca7000 syz-executor.0 768 766 766 0 S (threaded) syz-fuzzer 100103 S uwait 0xfffff80003539180 syz-fuzzer 100104 S uwait 0xfffff800030f4b00 syz-fuzzer 100105 S uwait 0xfffff800030f4c00 syz-fuzzer 100106 S uwait 0xfffff800030f4d00 syz-fuzzer 100107 S uwait 0xfffff80003539280 syz-fuzzer 100108 S uwait 0xfffff80003a36200 syz-fuzzer 100109 S uwait 0xfffff80003a36300 syz-fuzzer 100110 S uwait 0xfffff80003a36400 syz-fuzzer 100112 S kqread 0xfffff8000320b400 syz-fuzzer 100113 S uwait 0xfffff80003a37e80 syz-fuzzer 100114 S uwait 0xfffff80003a36000 syz-fuzzer 766 764 766 0 Ss pause 0xfffff8003b6d35c8 csh 764 682 764 0 Ss select 0xfffff8003b4e8140 sshd 748 1 748 0 Ss+ ttyin 0xfffff8000356f8b0 getty 747 1 747 0 Ss+ ttyin 0xfffff80003b6fcb0 getty 746 1 746 0 Ss+ ttyin 0xfffff80003b6e4b0 getty 745 1 745 0 Ss+ ttyin 0xfffff80003b6ecb0 getty 744 1 744 0 Ss+ ttyin 0xfffff800033b74b0 getty 743 1 743 0 Ss+ ttyin 0xfffff800033b7cb0 getty 742 1 742 0 Ss+ ttyin 0xfffff800033b64b0 getty 741 1 741 0 Ss+ ttyin 0xfffff800033b6cb0 getty 740 1 740 0 Ss+ ttyin 0xfffff800033b94b0 getty 738 1 24 0 S+ piperd 0xfffff80003cb62f8 logger 737 736 24 0 S+ nanslp 0xffffffff8252c1f1 sleep 736 1 24 0 S+ wait 0xfffff8003b34c520 sh 686 1 686 0 Ss nanslp 0xffffffff8252c1f0 cron 682 1 682 0 Ss select 0xfffff80003c03140 sshd 495 1 495 0 Ss select 0xfffff800030846c0 syslogd 424 1 424 0 Ss wait 0xfffff80003ca4000 devd 423 1 423 65 Ss select 0xfffff80003084840 dhclient 338 1 338 0 Ss select 0xfffff80003c04dc0 dhclient 335 1 335 0 Ss select 0xfffff80003c030c0 dhclient 23 0 0 0 DL vlruwt 0xfffff800033e0520 [vnlru] 22 0 0 0 DL syncer 0xffffffff82618118 [syncer] 21 0 0 0 DL (threaded) [bufdaemon] 100069 D qsleep 0xffffffff82617438 [bufdaemon] 100076 D - 0xffffffff8200aa00 [bufspacedaemon-0] 100087 D sdflush 0xfffff80003c25ce8 [/ worker] 20 0 0 0 DL psleep 0xffffffff8263e308 [vmdaemon] 19 0 0 0 DL (threaded) [pagedaemon] 100067 D psleep 0xffffffff826328d8 [dom0] 100074 D launds 0xffffffff826328e4 [laundry: dom0] 100075 D umarcl 0xffffffff81544e70 [uma] 18 0 0 0 DL - 0xffffffff8235fe20 [rand_harvestq] 17 0 0 0 DL pftm 0xffffffff82b533a0 [pf purge] 16 0 0 0 DL waiting 0xffffffff8261a890 [sctp_iterator] 15 0 0 0 DL - 0xffffffff82616a2c [soaiod4] 9 0 0 0 DL - 0xffffffff82616a2c [soaiod3] 8 0 0 0 DL - 0xffffffff82616a2c [soaiod2] 7 0 0 0 DL - 0xffffffff82616a2c [soaiod1] 6 0 0 0 DL (threaded) [cam] 100033 D - 0xffffffff82237b40 [doneq0] 100066 D - 0xffffffff82237a10 [scanner] 5 0 0 0 DL crypto_ 0xfffff8000320cd90 [crypto returns 1] 4 0 0 0 DL crypto_ 0xfffff8000320cd30 [crypto returns 0] 3 0 0 0 DL crypto_ 0xffffffff826300c0 [crypto] 14 0 0 0 DL seqstat 0xfffff80003363488 [sequencer 00] 13 0 0 0 DL (threaded) [geom] 100024 D - 0xffffffff8250b180 [g_event] 100025 D - 0xffffffff8250b188 [g_up] 100026 D - 0xffffffff8250b190 [g_down] 2 0 0 0 DL (threaded) [KTLS] 100017 D - 0xfffff80003084a00 [thr_0] 100018 D - 0xfffff80003084a40 [thr_1] 12 0 0 0 WL (threaded) [intr] 100010 I [swi6: Giant taskq] 100013 I [swi5: fast taskq] 100016 I [swi6: task queue] 100019 I [swi3: vm] 100020 I [swi4: clock (0)] 100021 I [swi4: clock (1)] 100022 I [swi1: netisr 0] 100034 I [irq24: virtio_pci0] 100035 I [irq25: virtio_pci0] 100036 I [irq26: virtio_pci0] 100037 I [irq27: virtio_pci0] 100038 I [irq28: virtio_pci1] 100039 I [irq29: virtio_pci1] 100040 I [irq30: virtio_pci1] 100041 I [irq31: virtio_pci1] 100042 I [irq32: virtio_pci1] 100047 I [irq10: virtio_pci2] 100049 I [irq1: atkbd0] 100050 I [irq12: psm0] 100051 I [swi0: uart uart++] 100060 I [swi1: pf send] 100072 I [swi1: hpts] 100073 I [swi1: hpts] 11 0 0 0 RL (threaded) [idle] 100003 Run CPU 0 [idle: cpu0] 100004 CanRun [idle: cpu1] 1 0 1 0 SLs wait 0xfffff8000331a000 [init] 10 0 0 0 DL audit_w 0xffffffff82630598 [audit] 0 0 0 0 DLs (threaded) [kernel] 100000 D swapin 0xffffffff8250b710 [swapper] 100005 D - 0xfffff80003338000 [if_config_tqg_0] 100006 D - 0xfffff80003339e00 [softirq_0] 100007 D - 0xfffff80003339d00 [softirq_1] 100008 D - 0xfffff80003339c00 [if_io_tqg_0] 100009 D - 0xfffff80003339b00 [if_io_tqg_1] 100011 D - 0xfffff8000333e000 [in6m_free taskq] 100012 D - 0xfffff8000333fe00 [thread taskq] 100014 D - 0xfffff8000333fc00 [kqueue_ctx taskq] 100015 D - 0xfffff8000333fb00 [aiod_kick taskq] 100023 D - 0xfffff8000333f900 [firmware taskq] 100028 D - 0xfffff8000333f800 [crypto_0] 100029 D - 0xfffff8000333f800 [crypto_1] 100043 D - 0xfffff8000333f500 [vtnet0 rxq 0] 100044 D - 0xfffff8000333f400 [vtnet0 txq 0] 100045 D - 0xfffff8000333f300 [vtnet0 rxq 1] 100046 D - 0xfffff8000333f200 [vtnet0 txq 1] 100048 D vtbslp 0xfffff800034fc580 [virtio_balloon] 100052 D - 0xfffff8000333f100 [mca taskq] 100057 D - 0xffffffff81ce6670 [deadlkres] 100062 D - 0xfffff80003b5e300 [acpi_task_0] 100063 D - 0xfffff80003b5e300 [acpi_task_1] 100064 D - 0xfffff80003b5e300 [acpi_task_2] 100065 D - 0xfffff8000333f700 [CAM taskq] db> show all locks Process 936 (syz-executor.1) thread 0xfffffe00257b0800 (100121) exclusive sleep mutex sctp-tcb (tcb) r = 0 (0xfffffe0025898380) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_usrreq.c:713 exclusive sleep mutex sctp-inp (inp) r = 0 (0xfffff8003bca8e68) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_usrreq.c:695 db> show malloc Type InUse MemUse Requests pf_hash 5 11524K 5 devbuf 4213 4851K 4238 tcp_hpts 5 3201K 5 vtbuf 24 1968K 46 sysctloid 28335 1653K 28399 kobj 332 1328K 488 newblk 545 1160K 783 vfscache 4 1025K 4 inodedep 70 547K 241 pcb 31 542K 125 ufs_quota 1 512K 1 vfs_hash 1 512K 1 callout 2 512K 2 intr 4 388K 4 subproc 130 265K 1016 acpica 1674 185K 52709 vnet_data 1 168K 1 pagedep 26 135K 110 tfo_ccache 1 128K 1 sem 4 106K 4 DEVFS1 105 105K 122 filedesc 15 101K 223 linker 244 92K 277 bus 992 79K 3376 mtx_pool 2 72K 2 syncache 1 68K 1 acpitask 1 64K 1 ddb_capture 1 64K 1 module 497 63K 497 umtx 288 36K 288 kdtrace 181 35K 2068 temp 35 33K 1829 hostcache 1 32K 1 shm 1 32K 1 DEVFS3 124 31K 134 msg 4 30K 4 DEVFS_RULE 56 27K 56 gtaskqueue 18 26K 18 ifaddr 70 23K 72 vmem 3 22K 4 kbdmux 6 22K 6 BPF 14 19K 14 lltable 47 18K 47 ufs_mount 3 17K 4 proc 3 17K 3 tty 16 16K 16 tidhash 1 16K 1 ithread 98 16K 98 ether_multi 172 14K 177 bus-sc 30 14K 1431 KTRACE 100 13K 100 ifnet 7 13K 7 kenv 95 12K 99 eventhandler 132 12K 132 in6_multi 89 11K 89 pfs_nodes 20 10K 20 GEOM 60 10K 486 rman 82 10K 423 bmsafemap 4 9K 233 UART 12 9K 12 devstat 4 9K 4 kqueue 61 9K 949 rpc 2 8K 2 shmfd 1 8K 1 pfs_vncache 1 8K 1 audit_evclass 233 8K 291 routetbl 57 7K 61 CAM DEV 3 6K 510 diradd 48 6K 209 vt 11 6K 11 cred 22 6K 196 plimit 21 6K 333 sglist 5 6K 5 CAM queue 5 6K 1528 taskqueue 45 5K 45 ufs_dirhash 24 5K 24 dirrem 18 5K 178 DEVFSP 70 5K 74 pf_ifnet 10 5K 19 memdesc 1 4K 1 MCA 32 4K 32 UMA 249 4K 249 evdev 4 4K 4 kcovinfo 64 4K 68 freework 15 4K 173 session 27 4K 36 pgrp 27 4K 36 hhook 13 4K 13 indirdep 11 3K 78 acpisem 22 3K 22 terminal 11 3K 11 proc-args 49 3K 536 mkdir 21 3K 200 select 21 3K 21 uidinfo 3 3K 7 sctp_ifa 17 3K 17 local_apic 1 2K 1 io_apic 1 2K 1 newdirblk 16 2K 100 ipsec-saq 2 2K 2 sctp_atcl 4 2K 25 ip6ndp 12 2K 21 CAM XPT 22 2K 543 Unitno 27 2K 45 lockf 15 2K 22 in_multi 6 2K 7 sctp_timw 5 2K 5 acpidev 20 2K 20 msi 9 2K 9 tun 7 2K 7 softdep 1 1K 1 ipsecpolicy 1 1K 1 sahead 1 1K 1 secasvar 1 1K 1 sctp_stro 1 1K 6 clone 8 1K 8 vnodemarker 2 1K 6 NFSD session 1 1K 1 CAM periph 4 1K 271 mld 6 1K 6 sctp_ifn 6 1K 6 igmp 6 1K 6 nhops 6 1K 6 toponodes 6 1K 6 isadev 6 1K 6 mount 16 1K 86 pci_link 10 1K 10 crypto 3 1K 3 freeblks 2 1K 136 sctp_stri 1 1K 10 pfil 4 1K 4 chacha20random 1 1K 1 CAM SIM 2 1K 2 epoch 4 1K 4 cdev 2 1K 2 encap_export_host 8 1K 8 inpcbpolicy 11 1K 191 osd 3 1K 9 freefile 2 1K 159 vnodes 1 1K 14 NFSD lckfile 1 1K 1 NFSD V4client 1 1K 1 DEVFS 9 1K 10 feeder 7 1K 7 sctp_atky 5 1K 36 tcpfunc 3 1K 3 loginclass 3 1K 6 CAM dev queue 2 1K 2 CAM I/O Scheduler 1 1K 1 apmdev 1 1K 1 atkbddev 2 1K 2 CAM path 4 1K 1034 ktls 1 1K 1 pmchooks 1 1K 1 prison 4 1K 4 soname 4 1K 5776 filecaps 4 1K 78 nexusdev 5 1K 5 entropy 2 1K 37 sctp_vrf 1 1K 1 sctp_athm 4 1K 30 vnet 1 1K 1 acpiintr 1 1K 1 pmc 1 1K 1 cpus 2 1K 2 sctp_map 2 1K 12 vnet_data_free 1 1K 1 Per-cpu 1 1K 1 p1003.1b 1 1K 1 pf_table 0 0K 0 pf_rule 0 0K 0 pf_altq 0 0K 0 pf_osfp 0 0K 0 pf_temp 0 0K 0 ath_hal 0 0K 0 madt_table 0 0K 2 athdev 0 0K 0 ata_pci 0 0K 0 ata_dma 0 0K 0 ata_generic 0 0K 0 amr 0 0K 0 scsi_da 0 0K 69 ata_da 0 0K 0 pvscsi 0 0K 0 smartpqi 0 0K 0 scsi_ch 0 0K 0 scsi_cd 0 0K 0 USBdev 0 0K 0 USB 0 0K 0 AHCI driver 0 0K 0 agp 0 0K 0 iavf 0 0K 0 ixl 0 0K 0 nvme_da 0 0K 0 acpipwr 0 0K 0 twsbuf 0 0K 0 twe_commands 0 0K 0 twa_commands 0 0K 0 tcp_log_dev 0 0K 0 midi buffers 0 0K 0 fpukern_ctx 0 0K 0 mixer 0 0K 0 xen_intr 0 0K 0 ac97 0 0K 0 xen_hvm 0 0K 0 legacydrv 0 0K 0 qpidrv 0 0K 0 hdacc 0 0K 0 hdac 0 0K 0 dmar_idpgtbl 0 0K 0 dmar_dom 0 0K 0 dmar_ctx 0 0K 0 dmar_dmamap 0 0K 0 hdaa 0 0K 0 acpi_perf 0 0K 0 acpicmbat 0 0K 0 isci 0 0K 0 bxe_ilt 0 0K 0 xenbus 0 0K 0 SIIS driver 0 0K 0 vm_fictitious 0 0K 0 CAM CCB 0 0K 1993 PUC 0 0K 0 ppbusdev 0 0K 0 agtiapi_MemAlloc malloc 0 0K 0 osti_cacheable 0 0K 0 tempbuff 0 0K 0 tempbuff 0 0K 0 UMAHash 0 0K 0 ag_tgt_map_t malloc 0 0K 0 ag_slr_map_t malloc 0 0K 0 vm_pgdata 0 0K 0 jblocks 0 0K 0 savedino 0 0K 30 sentinel 0 0K 0 jfsync 0 0K 0 jtrunc 0 0K 0 sbdep 0 0K 2 jsegdep 0 0K 0 jseg 0 0K 0 jfreefrag 0 0K 0 jfreeblk 0 0K 0 jnewblk 0 0K 0 jmvref 0 0K 0 jremref 0 0K 0 jaddref 0 0K 0 freedep 0 0K 0 freefrag 0 0K 5 allocindir 0 0K 0 allocdirect 0 0K 0 ufs_trim 0 0K 0 mactemp 0 0K 0 audit_trigger 0 0K 0 audit_pipe_presel 0 0K 0 audit_pipeent 0 0K 0 audit_pipe 0 0K 0 audit_evname 0 0K 0 audit_bsm 0 0K 0 audit_gidset 0 0K 0 audit_text 0 0K 0 audit_path 0 0K 0 audit_data 0 0K 0 audit_cred 0 0K 0 xform 0 0K 0 NLM 0 0K 0 ipsec-spdcache 0 0K 0 ipsec-reg 0 0K 0 ipsec-misc 0 0K 0 ipsecrequest 0 0K 0 ip6opt 0 0K 5 ip6_msource 0 0K 0 ip6_moptions 0 0K 0 in6_mfilter 0 0K 0 frag6 0 0K 0 tcplog 0 0K 0 lDevFlags * malloc 0 0K 0 LRO 0 0K 0 sctp_mcore 0 0K 0 sctp_socko 0 0K 12 sctp_iter 0 0K 9 sctp_mvrf 0 0K 0 sctp_cpal 0 0K 0 sctp_cmsg 0 0K 0 sctp_stre 0 0K 0 sctp_athi 0 0K 0 sctp_a_it 0 0K 9 sctp_aadr 0 0K 0 newreno data 0 0K 0 ip_msource 0 0K 0 ip_moptions 0 0K 0 in_mfilter 0 0K 0 ipid 0 0K 0 80211scan 0 0K 0 80211ratectl 0 0K 0 80211power 0 0K 0 80211nodeie 0 0K 0 80211node 0 0K 0 80211mesh_gt 0 0K 0 80211mesh_rt 0 0K 0 80211perr 0 0K 0 80211prep 0 0K 0 80211preq 0 0K 0 80211dfs 0 0K 0 80211crypto 0 0K 0 80211vap 0 0K 0 iflib 0 0K 0 vlan 0 0K 0 gif 0 0K 0 ifdescr 0 0K 0 zlib 0 0K 0 fadvise 0 0K 0 tiDeviceHandle_t * malloc 0 0K 0 statfs 0 0K 274 export_host 0 0K 0 cl_savebuf 0 0K 2 ag_portal_data_t malloc 0 0K 0 ag_device_t malloc 0 0K 0 STLock malloc 0 0K 0 CCB List 0 0K 0 sr_iov 0 0K 0 OCS 0 0K 0 OCS 0 0K 0 nvme 0 0K 0 nvd 0 0K 0 netmap 0 0K 0 mwldev 0 0K 0 MVS driver 0 0K 0 CAM ccb queue 0 0K 0 mrsasbuf 0 0K 0 mpt_user 0 0K 0 mps_user 0 0K 0 biobuf 0 0K 0 aios 0 0K 0 lio 0 0K 0 acl 0 0K 0 MPSSAS 0 0K 0 mbuf_tag 0 0K 109 accf 0 0K 0 pts 0 0K 0 iov 0 0K 13426 ioctlops 0 0K 99 Witness 0 0K 0 stack 0 0K 0 mps 0 0K 0 mpr_user 0 0K 0 MPRSAS 0 0K 0 mpr 0 0K 0 mfibuf 0 0K 0 md_sectors 0 0K 0 sbuf 0 0K 288 md_disk 0 0K 0 compressor 0 0K 0 malodev 0 0K 0 SWAP 0 0K 0 LED 0 0K 0 sysctltmp 0 0K 572 sysctl 0 0K 1 ekcd 0 0K 0 dumper 0 0K 0 sendfile 0 0K 0 rctl 0 0K 0 ix_sriov 0 0K 0 aacraidcam 0 0K 0 ix 0 0K 0 ipsbuf 0 0K 0 iirbuf 0 0K 0 cache 0 0K 0 aacraid_buf 0 0K 0 prison_racct 0 0K 0 Fail Points 0 0K 0 sigio 0 0K 1 filedesc_to_leader 0 0K 0 pwd 0 0K 0 tty console 0 0K 0 aaccam 0 0K 0 aacbuf 0 0K 0 zstd 0 0K 0 nvlist 0 0K 0 SCSI ENC 0 0K 0 SCSI sa 0 0K 0 isofs_node 0 0K 0 isofs_mount 0 0K 0 tr_raid5_data 0 0K 0 tr_raid1e_data 0 0K 0 tr_raid1_data 0 0K 0 tr_raid0_data 0 0K 0 tr_concat_data 0 0K 0 md_sii_data 0 0K 0 md_promise_data 0 0K 0 md_nvidia_data 0 0K 0 md_jmicron_data 0 0K 0 md_intel_data 0 0K 0 md_ddf_data 0 0K 0 raid_data 0 0K 72 geom_flashmap 0 0K 0 NFS FHA 0 0K 0 newnfsmnt 0 0K 0 newnfsclient_req 0 0K 0 NFSCL layrecall 0 0K 0 NFSCL session 0 0K 0 NFSCL sockreq 0 0K 0 NFSCL devinfo 0 0K 0 NFSCL flayout 0 0K 0 NFSCL layout 0 0K 0 NFSD rollback 0 0K 0 NFSCL diroffdiroff 0 0K 0 NEWdirectio 0 0K 0 NEWNFSnode 0 0K 0 NFSCL lck 0 0K 0 NFSCL lckown 0 0K 0 NFSCL client 0 0K 0 NFSCL deleg 0 0K 0 NFSCL open 0 0K 0 NFSCL owner 0 0K 0 NFS fh 0 0K 0 NFS req 0 0K 0 NFSD usrgroup 0 0K 0 NFSD string 0 0K 0 NFSD V4lock 0 0K 0 NFSD V4state 0 0K 0 NFSD srvcache 0 0K 0 msdosfs_fat 0 0K 0 msdosfs_mount 0 0K 0 msdosfs_node 0 0K 0 DEVFS4 0 0K 0 DEVFS2 0 0K 0 gntdev 0 0K 0 privcmd_dev 0 0K 0 evtchn_dev 0 0K 0 xenstore 0 0K 0 scsi_pass 0 0K 0 ciss_data 0 0K 0 xnb 0 0K 0 xbbd 0 0K 0 xbd 0 0K 0 Balloon 0 0K 0 sysmouse 0 0K 0 vtfont 0 0K 0 db> show ktr No such command; use "help" to list available commands