kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Thu Feb 4 05:57:27 PST 2021 OpenBSD/amd64 (ci-openbsd-main-5.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.0.76' (ECDSA) to the list of known hosts. 2021/02/04 05:57:46 fuzzer started 2021/02/04 05:57:47 dialing manager at 10.128.15.235:2224 2021/02/04 05:57:48 syscalls: 383 2021/02/04 05:57:48 code coverage: enabled 2021/02/04 05:57:48 comparison tracing: enabled 2021/02/04 05:57:48 extra coverage: enabled 2021/02/04 05:57:48 setuid sandbox: enabled 2021/02/04 05:57:48 namespace sandbox: support is not implemented in syzkaller 2021/02/04 05:57:48 Android sandbox: support is not implemented in syzkaller 2021/02/04 05:57:48 fault injection: support is not implemented in syzkaller 2021/02/04 05:57:48 leak checking: support is not implemented in syzkaller 2021/02/04 05:57:48 net packet injection: enabled 2021/02/04 05:57:48 net device setup: support is not implemented in syzkaller 2021/02/04 05:57:48 concurrency sanitizer: support is not implemented in syzkaller 2021/02/04 05:57:48 devlink PCI setup: support is not implemented in syzkaller 2021/02/04 05:57:48 USB emulation: support is not implemented in syzkaller 2021/02/04 05:57:48 hci packet injection: support is not implemented in syzkaller 2021/02/04 05:57:48 wifi device emulation: support is not implemented in syzkaller 2021/02/04 05:57:48 fetching corpus: 0, signal 0/2000 (executing program) 2021/02/04 05:57:49 fetching corpus: 50, signal 10943/14823 (executing program) 2021/02/04 05:57:49 fetching corpus: 100, signal 21438/27092 (executing program) 2021/02/04 05:57:49 fetching corpus: 150, signal 23626/31107 (executing program) 2021/02/04 05:57:49 fetching corpus: 200, signal 32191/41279 (executing program) 2021/02/04 05:57:49 fetching corpus: 250, signal 37960/48637 (executing program) 2021/02/04 05:57:49 fetching corpus: 300, signal 39503/51909 (executing program) 2021/02/04 05:57:49 fetching corpus: 350, signal 42988/56991 (executing program) 2021/02/04 05:57:49 fetching corpus: 400, signal 50232/65651 (executing program) 2021/02/04 05:57:49 fetching corpus: 450, signal 51085/68205 (executing program) 2021/02/04 05:57:49 fetching corpus: 500, signal 52941/71651 (executing program) 2021/02/04 05:57:49 fetching corpus: 550, signal 56733/76887 (executing program) 2021/02/04 05:57:49 fetching corpus: 600, signal 59566/81193 (executing program) 2021/02/04 05:57:49 fetching corpus: 650, signal 61580/84694 (executing program) 2021/02/04 05:57:50 fetching corpus: 700, signal 62990/87602 (executing program) 2021/02/04 05:57:50 fetching corpus: 750, signal 65607/91591 (executing program) 2021/02/04 05:57:50 fetching corpus: 800, signal 68382/95741 (executing program) 2021/02/04 05:57:50 fetching corpus: 850, signal 70035/98811 (executing program) 2021/02/04 05:57:50 fetching corpus: 900, signal 72355/102499 (executing program) 2021/02/04 05:57:50 fetching corpus: 950, signal 78572/109439 (executing program) 2021/02/04 05:57:50 fetching corpus: 1000, signal 81135/113257 (executing program) 2021/02/04 05:57:50 fetching corpus: 1050, signal 84537/117825 (executing program) 2021/02/04 05:57:50 fetching corpus: 1100, signal 88088/122434 (executing program) 2021/02/04 05:57:50 fetching corpus: 1150, signal 89578/125188 (executing program) 2021/02/04 05:57:50 fetching corpus: 1200, signal 91659/128446 (executing program) 2021/02/04 05:57:50 fetching corpus: 1250, signal 93038/131106 (executing program) 2021/02/04 05:57:50 fetching corpus: 1300, signal 94419/133751 (executing program) 2021/02/04 05:57:50 fetching corpus: 1350, signal 101056/140680 (executing program) 2021/02/04 05:57:50 fetching corpus: 1400, signal 101620/142570 (executing program) 2021/02/04 05:57:50 fetching corpus: 1450, signal 102514/144736 (executing program) 2021/02/04 05:57:50 fetching corpus: 1500, signal 104530/147752 (executing program) 2021/02/04 05:57:50 fetching corpus: 1550, signal 107968/151911 (executing program) 2021/02/04 05:57:50 fetching corpus: 1600, signal 111830/156365 (executing program) 2021/02/04 05:57:50 fetching corpus: 1650, signal 113002/158652 (executing program) 2021/02/04 05:57:51 fetching corpus: 1700, signal 117234/163334 (executing program) 2021/02/04 05:57:51 fetching corpus: 1750, signal 118797/165913 (executing program) 2021/02/04 05:57:51 fetching corpus: 1800, signal 119698/167960 (executing program) 2021/02/04 05:57:51 fetching corpus: 1850, signal 120559/169911 (executing program) 2021/02/04 05:57:51 fetching corpus: 1900, signal 122671/172921 (executing program) 2021/02/04 05:57:51 fetching corpus: 1950, signal 124237/175406 (executing program) 2021/02/04 05:57:51 fetching corpus: 2000, signal 124813/177142 (executing program) 2021/02/04 05:57:51 fetching corpus: 2050, signal 126744/179842 (executing program) 2021/02/04 05:57:51 fetching corpus: 2100, signal 128217/182223 (executing program) 2021/02/04 05:57:51 fetching corpus: 2150, signal 130638/185257 (executing program) 2021/02/04 05:57:51 fetching corpus: 2200, signal 131534/187142 (executing program) 2021/02/04 05:57:51 fetching corpus: 2250, signal 132286/188932 (executing program) 2021/02/04 05:57:51 fetching corpus: 2300, signal 132699/190427 (executing program) 2021/02/04 05:57:51 fetching corpus: 2350, signal 135695/193724 (executing program) 2021/02/04 05:57:51 fetching corpus: 2400, signal 136317/195403 (executing program) 2021/02/04 05:57:52 fetching corpus: 2450, signal 136977/197062 (executing program) 2021/02/04 05:57:52 fetching corpus: 2500, signal 137665/198747 (executing program) 2021/02/04 05:57:52 fetching corpus: 2550, signal 138711/200668 (executing program) 2021/02/04 05:57:52 fetching corpus: 2600, signal 139253/202250 (executing program) 2021/02/04 05:57:52 fetching corpus: 2650, signal 139866/203830 (executing program) 2021/02/04 05:57:52 fetching corpus: 2700, signal 142670/206906 (executing program) 2021/02/04 05:57:52 fetching corpus: 2750, signal 143974/208995 (executing program) 2021/02/04 05:57:52 fetching corpus: 2800, signal 145245/210977 (executing program) 2021/02/04 05:57:52 fetching corpus: 2850, signal 146853/213237 (executing program) 2021/02/04 05:57:52 fetching corpus: 2900, signal 148600/215520 (executing program) 2021/02/04 05:57:52 fetching corpus: 2950, signal 150438/217798 (executing program) 2021/02/04 05:57:52 fetching corpus: 3000, signal 151738/219768 (executing program) 2021/02/04 05:57:52 fetching corpus: 3050, signal 152450/221379 (executing program) 2021/02/04 05:57:52 fetching corpus: 3100, signal 153834/223359 (executing program) 2021/02/04 05:57:52 fetching corpus: 3150, signal 154990/225187 (executing program) 2021/02/04 05:57:52 fetching corpus: 3200, signal 155367/226567 (executing program) 2021/02/04 05:57:52 fetching corpus: 3250, signal 156476/228327 (executing program) 2021/02/04 05:57:53 fetching corpus: 3300, signal 157282/229982 (executing program) 2021/02/04 05:57:53 fetching corpus: 3350, signal 158111/231563 (executing program) 2021/02/04 05:57:53 fetching corpus: 3400, signal 160091/233840 (executing program) 2021/02/04 05:57:53 fetching corpus: 3450, signal 161311/235545 (executing program) 2021/02/04 05:57:53 fetching corpus: 3500, signal 161709/236819 (executing program) 2021/02/04 05:57:53 fetching corpus: 3550, signal 162077/238129 (executing program) 2021/02/04 05:57:53 fetching corpus: 3600, signal 162610/239523 (executing program) 2021/02/04 05:57:53 fetching corpus: 3650, signal 163672/241191 (executing program) 2021/02/04 05:57:53 fetching corpus: 3700, signal 165859/243492 (executing program) 2021/02/04 05:57:53 fetching corpus: 3750, signal 166443/244870 (executing program) 2021/02/04 05:57:53 fetching corpus: 3800, signal 167012/246211 (executing program) 2021/02/04 05:57:53 fetching corpus: 3850, signal 167816/247687 (executing program) 2021/02/04 05:57:53 fetching corpus: 3900, signal 168184/248925 (executing program) 2021/02/04 05:57:53 fetching corpus: 3950, signal 168933/250358 (executing program) 2021/02/04 05:57:53 fetching corpus: 4000, signal 169989/251933 (executing program) 2021/02/04 05:57:54 fetching corpus: 4050, signal 170538/253235 (executing program) 2021/02/04 05:57:54 fetching corpus: 4100, signal 171582/254804 (executing program) 2021/02/04 05:57:54 fetching corpus: 4150, signal 171837/255977 (executing program) 2021/02/04 05:57:54 fetching corpus: 4200, signal 172726/257366 (executing program) 2021/02/04 05:57:54 fetching corpus: 4250, signal 172990/258461 (executing program) 2021/02/04 05:57:54 fetching corpus: 4300, signal 173425/259664 (executing program) 2021/02/04 05:57:54 fetching corpus: 4350, signal 173920/260905 (executing program) 2021/02/04 05:57:54 fetching corpus: 4400, signal 174159/262016 (executing program) 2021/02/04 05:57:54 fetching corpus: 4450, signal 174512/263168 (executing program) 2021/02/04 05:57:54 fetching corpus: 4500, signal 174977/264357 (executing program) 2021/02/04 05:57:54 fetching corpus: 4550, signal 175327/265501 (executing program) 2021/02/04 05:57:55 fetching corpus: 4600, signal 175658/266627 (executing program) 2021/02/04 05:57:55 fetching corpus: 4650, signal 177280/268279 (executing program) 2021/02/04 05:57:55 fetching corpus: 4700, signal 178497/269771 (executing program) 2021/02/04 05:57:55 fetching corpus: 4750, signal 179851/271362 (executing program) 2021/02/04 05:57:55 fetching corpus: 4800, signal 180525/272623 (executing program) 2021/02/04 05:57:55 fetching corpus: 4850, signal 180749/273664 (executing program) 2021/02/04 05:57:55 fetching corpus: 4900, signal 181183/274835 (executing program) 2021/02/04 05:57:55 fetching corpus: 4950, signal 181604/275962 (executing program) 2021/02/04 05:57:55 fetching corpus: 5000, signal 182484/277264 (executing program) 2021/02/04 05:57:55 fetching corpus: 5050, signal 182870/278352 (executing program) 2021/02/04 05:57:55 fetching corpus: 5100, signal 184774/280665 (executing program) 2021/02/04 05:57:55 fetching corpus: 5150, signal 185381/281813 (executing program) 2021/02/04 05:57:55 fetching corpus: 5200, signal 185787/282873 (executing program) 2021/02/04 05:57:55 fetching corpus: 5250, signal 186982/284226 (executing program) 2021/02/04 05:57:55 fetching corpus: 5300, signal 187247/285246 (executing program) 2021/02/04 05:57:56 fetching corpus: 5350, signal 187733/286331 (executing program) 2021/02/04 05:57:56 fetching corpus: 5400, signal 188036/287350 (executing program) 2021/02/04 05:57:56 fetching corpus: 5450, signal 189168/288672 (executing program) 2021/02/04 05:57:56 fetching corpus: 5500, signal 191574/290422 (executing program) 2021/02/04 05:57:56 fetching corpus: 5550, signal 191903/291430 (executing program) 2021/02/04 05:57:56 fetching corpus: 5600, signal 194011/292951 (executing program) 2021/02/04 05:57:56 fetching corpus: 5650, signal 194285/293915 (executing program) 2021/02/04 05:57:56 fetching corpus: 5700, signal 195415/295139 (executing program) 2021/02/04 05:57:56 fetching corpus: 5750, signal 195998/296177 (executing program) 2021/02/04 05:57:56 fetching corpus: 5800, signal 196722/297274 (executing program) 2021/02/04 05:57:56 fetching corpus: 5850, signal 197592/298370 (executing program) 2021/02/04 05:57:56 fetching corpus: 5900, signal 198020/299337 (executing program) 2021/02/04 05:57:56 fetching corpus: 5950, signal 198518/300356 (executing program) 2021/02/04 05:57:56 fetching corpus: 6000, signal 199709/301963 (executing program) 2021/02/04 05:57:56 fetching corpus: 6050, signal 199977/302883 (executing program) 2021/02/04 05:57:56 fetching corpus: 6100, signal 200377/303866 (executing program) 2021/02/04 05:57:56 fetching corpus: 6150, signal 202243/305232 (executing program) 2021/02/04 05:57:56 fetching corpus: 6200, signal 202629/306195 (executing program) 2021/02/04 05:57:56 fetching corpus: 6250, signal 204105/307407 (executing program) 2021/02/04 05:57:57 fetching corpus: 6300, signal 206385/308787 (executing program) 2021/02/04 05:57:57 fetching corpus: 6350, signal 207356/309857 (executing program) 2021/02/04 05:57:57 fetching corpus: 6400, signal 207694/310751 (executing program) 2021/02/04 05:57:57 fetching corpus: 6450, signal 208238/311735 (executing program) 2021/02/04 05:57:57 fetching corpus: 6500, signal 208952/312730 (executing program) 2021/02/04 05:57:57 fetching corpus: 6550, signal 209206/313570 (executing program) 2021/02/04 05:57:57 fetching corpus: 6600, signal 209745/314469 (executing program) 2021/02/04 05:57:57 fetching corpus: 6650, signal 210085/315309 (executing program) 2021/02/04 05:57:57 fetching corpus: 6700, signal 211876/316471 (executing program) 2021/02/04 05:57:57 fetching corpus: 6750, signal 213401/317491 (executing program) 2021/02/04 05:57:57 fetching corpus: 6800, signal 213608/318302 (executing program) 2021/02/04 05:57:57 fetching corpus: 6850, signal 214597/319210 (executing program) 2021/02/04 05:57:57 fetching corpus: 6900, signal 215181/320148 (executing program) 2021/02/04 05:57:57 fetching corpus: 6950, signal 215464/320984 (executing program) 2021/02/04 05:57:57 fetching corpus: 7000, signal 215703/321780 (executing program) 2021/02/04 05:57:57 fetching corpus: 7050, signal 216230/322613 (executing program) 2021/02/04 05:57:57 fetching corpus: 7100, signal 216633/323422 (executing program) 2021/02/04 05:57:57 fetching corpus: 7150, signal 217046/324199 (executing program) 2021/02/04 05:57:57 fetching corpus: 7200, signal 217603/325001 (executing program) 2021/02/04 05:57:57 fetching corpus: 7250, signal 218310/325839 (executing program) 2021/02/04 05:57:57 fetching corpus: 7300, signal 219065/326705 (executing program) 2021/02/04 05:57:57 fetching corpus: 7350, signal 220565/327599 (executing program) 2021/02/04 05:57:58 fetching corpus: 7400, signal 221065/328370 (executing program) 2021/02/04 05:57:58 fetching corpus: 7450, signal 222392/329259 (executing program) 2021/02/04 05:57:58 fetching corpus: 7500, signal 223194/330430 (executing program) 2021/02/04 05:57:58 fetching corpus: 7550, signal 223405/331172 (executing program) 2021/02/04 05:57:58 fetching corpus: 7600, signal 223866/331899 (executing program) 2021/02/04 05:57:58 fetching corpus: 7650, signal 224176/332658 (executing program) 2021/02/04 05:57:58 fetching corpus: 7700, signal 224406/333391 (executing program) 2021/02/04 05:57:58 fetching corpus: 7750, signal 225087/334478 (executing program) 2021/02/04 05:57:58 fetching corpus: 7800, signal 225447/335216 (executing program) 2021/02/04 05:57:58 fetching corpus: 7850, signal 225775/336026 (executing program) 2021/02/04 05:57:58 fetching corpus: 7900, signal 226229/336720 (executing program) 2021/02/04 05:57:58 fetching corpus: 7950, signal 226602/337454 (executing program) 2021/02/04 05:57:58 fetching corpus: 8000, signal 227308/338333 (executing program) 2021/02/04 05:57:58 fetching corpus: 8050, signal 227516/339060 (executing program) 2021/02/04 05:57:58 fetching corpus: 8100, signal 228304/339750 (executing program) 2021/02/04 05:57:58 fetching corpus: 8150, signal 228729/340539 (executing program) 2021/02/04 05:57:58 fetching corpus: 8200, signal 229555/341320 (executing program) 2021/02/04 05:57:58 fetching corpus: 8250, signal 230944/342004 (executing program) 2021/02/04 05:57:58 fetching corpus: 8300, signal 231290/342660 (executing program) 2021/02/04 05:57:58 fetching corpus: 8350, signal 231947/342666 (executing program) 2021/02/04 05:57:58 fetching corpus: 8400, signal 232189/342678 (executing program) 2021/02/04 05:57:58 fetching corpus: 8450, signal 232422/342683 (executing program) 2021/02/04 05:57:59 fetching corpus: 8500, signal 232847/342690 (executing program) 2021/02/04 05:57:59 fetching corpus: 8550, signal 233539/342718 (executing program) 2021/02/04 05:57:59 fetching corpus: 8600, signal 234332/342721 (executing program) 2021/02/04 05:57:59 fetching corpus: 8650, signal 234788/342728 (executing program) 2021/02/04 05:57:59 fetching corpus: 8700, signal 237756/342731 (executing program) 2021/02/04 05:57:59 fetching corpus: 8750, signal 238163/342735 (executing program) 2021/02/04 05:57:59 fetching corpus: 8800, signal 238395/342750 (executing program) 2021/02/04 05:57:59 fetching corpus: 8850, signal 238733/342763 (executing program) 2021/02/04 05:57:59 fetching corpus: 8900, signal 238983/342769 (executing program) 2021/02/04 05:57:59 fetching corpus: 8950, signal 239282/342778 (executing program) 2021/02/04 05:57:59 fetching corpus: 9000, signal 240019/342779 (executing program) 2021/02/04 05:57:59 fetching corpus: 9050, signal 240234/342779 (executing program) 2021/02/04 05:57:59 fetching corpus: 9100, signal 240779/342787 (executing program) 2021/02/04 05:57:59 fetching corpus: 9150, signal 241008/342789 (executing program) 2021/02/04 05:57:59 fetching corpus: 9200, signal 241316/342789 (executing program) 2021/02/04 05:57:59 fetching corpus: 9250, signal 241444/342794 (executing program) 2021/02/04 05:57:59 fetching corpus: 9300, signal 241693/342796 (executing program) 2021/02/04 05:57:59 fetching corpus: 9350, signal 241972/342802 (executing program) 2021/02/04 05:58:01 fetching corpus: 9400, signal 242456/342803 (executing program) 2021/02/04 05:58:01 fetching corpus: 9450, signal 242905/342810 (executing program) 2021/02/04 05:58:01 fetching corpus: 9500, signal 243098/342816 (executing program) 2021/02/04 05:58:01 fetching corpus: 9550, signal 243322/342875 (executing program) 2021/02/04 05:58:01 fetching corpus: 9600, signal 243610/342958 (executing program) 2021/02/04 05:58:01 fetching corpus: 9650, signal 244572/342959 (executing program) 2021/02/04 05:58:01 fetching corpus: 9700, signal 244813/342987 (executing program) 2021/02/04 05:58:01 fetching corpus: 9750, signal 244965/342990 (executing program) 2021/02/04 05:58:01 fetching corpus: 9800, signal 245165/342993 (executing program) 2021/02/04 05:58:02 fetching corpus: 9850, signal 245336/343000 (executing program) 2021/02/04 05:58:02 fetching corpus: 9900, signal 246212/343005 (executing program) 2021/02/04 05:58:02 fetching corpus: 9950, signal 246467/343079 (executing program) 2021/02/04 05:58:02 fetching corpus: 10000, signal 246768/343096 (executing program) 2021/02/04 05:58:02 fetching corpus: 10050, signal 246983/343097 (executing program) 2021/02/04 05:58:02 fetching corpus: 10100, signal 247281/343112 (executing program) 2021/02/04 05:58:02 fetching corpus: 10150, signal 247527/343116 (executing program) 2021/02/04 05:58:02 fetching corpus: 10200, signal 247992/343123 (executing program) 2021/02/04 05:58:02 fetching corpus: 10250, signal 248238/343124 (executing program) 2021/02/04 05:58:02 fetching corpus: 10300, signal 251520/343222 (executing program) 2021/02/04 05:58:02 fetching corpus: 10350, signal 251682/343224 (executing program) 2021/02/04 05:58:02 fetching corpus: 10400, signal 251982/343225 (executing program) 2021/02/04 05:58:02 fetching corpus: 10450, signal 252379/343229 (executing program) 2021/02/04 05:58:02 fetching corpus: 10500, signal 252557/343231 (executing program) 2021/02/04 05:58:02 fetching corpus: 10550, signal 253271/343269 (executing program) 2021/02/04 05:58:02 fetching corpus: 10600, signal 253383/343270 (executing program) 2021/02/04 05:58:02 fetching corpus: 10650, signal 254669/343270 (executing program) 2021/02/04 05:58:02 fetching corpus: 10687, signal 254826/343288 (executing program) 2021/02/04 05:58:02 fetching corpus: 10687, signal 254826/343288 (executing program) 2021/02/04 05:58:02 starting 2 fuzzer processes 05:58:03 executing program 1: r0 = socket(0x18, 0x1, 0x0) r1 = socket(0x18, 0x1, 0x0) setsockopt(r1, 0x29, 0xa, &(0x7f0000000080)='\x00\x00\x00\x00', 0x4) dup2(r1, r0) setsockopt(r0, 0x80000000000029, 0xc, 0x0, 0x0) 05:58:03 executing program 0: setrlimit(0x8, &(0x7f0000000000)={0x8, 0x95}) r0 = syz_open_pts() close(r0) r1 = syz_open_pts() ioctl$TIOCSETA(r1, 0x802c7414, &(0x7f0000000040)={0x0, 0xcb, 0x4000000000005, 0xffff64ad, "90a400000000000104400000000000004000"}) writev(r0, &(0x7f0000000200)=[{&(0x7f0000000100)="035df5a72ee8415fdf13d3825bf20d06f56324a708bf0b880a605565252d40643b621e145511a1e89d7cb15b7b4fc887c9e38e10a951e0eb6fd2804aec72631adc301f42594775e9c1b5ec25d2e3d5102704", 0x52}], 0x1) login: vrele: bad writecount: 0xfffffd807e1525c8, type VCHR, use 0, write 1, hold 0, tag VT_UFS, ino 2678, on dev 4, 0 flags 0x180, effnlink 1, nlink 1 mode 020620, owner 0, group 4, size 0 panic: vrele: v_writecount != 0 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 49880 84196 0 0 0x4000000 0 syz-executor.0 db_enter() at db_enter+0x18 panic(ffffffff8243627a) at panic+0x15e vrele(fffffd807e1525c8) at vrele+0x187 ptmioctl(5100,40287401,ffff80002273b860,3,ffff800021697cf0) at ptmioctl+0x5b9 VOP_IOCTL(fffffd807b446050,40287401,ffff80002273b860,3,fffffd807f7b7ae0,ffff800021697cf0) at VOP_IOCTL+0x91 vn_ioctl(fffffd807d996b58,40287401,ffff80002273b860,ffff800021697cf0) at vn_ioctl+0xb5 sys_ioctl(ffff800021697cf0,ffff80002273b970,ffff80002273b9c0) at sys_ioctl+0x4ac syscall(ffff80002273ba40) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbe594a3d0d0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic vrele: v_writecount != 0 ddb> trace db_enter() at db_enter+0x18 panic(ffffffff8243627a) at panic+0x15e vrele(fffffd807e1525c8) at vrele+0x187 ptmioctl(5100,40287401,ffff80002273b860,3,ffff800021697cf0) at ptmioctl+0x5b9 VOP_IOCTL(fffffd807b446050,40287401,ffff80002273b860,3,fffffd807f7b7ae0,ffff800021697cf0) at VOP_IOCTL+0x91 vn_ioctl(fffffd807d996b58,40287401,ffff80002273b860,ffff800021697cf0) at vn_ioctl+0xb5 sys_ioctl(ffff800021697cf0,ffff80002273b970,ffff80002273b9c0) at sys_ioctl+0x4ac syscall(ffff80002273ba40) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbe594a3d0d0, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80002273b2a0 rbx 0xffff80002273b2b0 rdx 0x8b rcx 0x2 rax 0x1 r8 0xffffffff820e50f5 kprintf+0x155 r9 0x1 r10 0x805cdaf9f30f57dd r11 0xf23ef6342d969db7 r12 0x3000000008 r13 0xffff80002273b350 r14 0x100 r15 0x1 rip 0xffffffff81ab85c8 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80002273b290 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.0) pid=49880 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff800021697a50,0xffff800021671a50 process=0xffff80002165d408 user=0xffff800022736000, vmspace=0xfffffd807effc330 estcpu=36, cpticks=3, pctcpu=0.0 user=0, sys=3, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 6917 331414 45026 0 2 0 syz-executor.1 6917 284627 45026 0 3 0x4000080 fsleep syz-executor.1 84196 303412 29979 0 2 0 syz-executor.0 *84196 49880 29979 0 7 0x4000000 syz-executor.0 29979 262381 36872 0 2 0x482 syz-executor.0 45026 417809 36872 0 2 0x482 syz-executor.1 36872 314068 82000 0 3 0x82 thrsleep syz-fuzzer 36872 440627 82000 0 3 0x4000082 thrsleep syz-fuzzer 36872 380727 82000 0 3 0x4000082 thrsleep syz-fuzzer 36872 116579 82000 0 3 0x4000082 thrsleep syz-fuzzer 36872 458183 82000 0 3 0x4000082 thrsleep syz-fuzzer 36872 89546 82000 0 3 0x4000082 kqread syz-fuzzer 36872 145360 82000 0 3 0x4000082 thrsleep syz-fuzzer 82000 350466 52287 0 3 0x10008a sigsusp ksh 52287 202174 41262 0 3 0x92 select sshd 14018 366307 1 0 3 0x100083 ttyin getty 41262 521102 1 0 3 0x80 select sshd 22548 511249 11668 73 3 0x100090 kqread syslogd 11668 307318 1 0 3 0x100082 netio syslogd 53339 205128 1 77 3 0x100090 poll dhclient 62894 263954 1 0 3 0x80 poll dhclient 83083 173261 0 0 3 0x14200 bored smr 28170 219257 0 0 2 0x14200 zerothread 19839 36845 0 0 3 0x14200 aiodoned aiodoned 42585 462422 0 0 3 0x14200 syncer update 24782 518058 0 0 3 0x14200 cleaner cleaner 58193 343135 0 0 3 0x14200 reaper reaper 83893 37428 0 0 3 0x14200 pgdaemon pagedaemon 40586 519377 0 0 3 0x14200 bored crynlk 92049 477592 0 0 3 0x14200 bored crypto 19169 472871 0 0 3 0x14200 bored viomb 86983 456239 0 0 3 0x40014200 acpi0 acpi0 78522 132556 0 0 3 0x14200 bored softnet 14930 30748 0 0 3 0x14200 bored systqmp 15122 396886 0 0 3 0x14200 bored systq 56826 69918 0 0 3 0x40014200 bored softclock 38546 308977 0 0 3 0x40014200 idle0 1 168734 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9466 6342K 6342K 78643K 10556 0 pcb 13 8K 8K 78643K 13 0 rtable 105 3K 3K 78643K 189 0 ifaddr 39 10K 10K 78643K 39 0 counters 21 16K 16K 78643K 21 0 ioctlops 0 0K 2K 78643K 15 0 mount 1 1K 1K 78643K 1 0 vnodes 1216 76K 76K 78643K 1221 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 0K 0K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12598 0 file desc 6 17K 25K 78643K 36 0 proc 47 38K 54K 78643K 364 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 1 0K 0K 78643K 1 0 in_multi 33 2K 2K 78643K 33 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 37 175K 175K 78643K 37 0 exec 0 0K 2K 78643K 317 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 112 25K 26K 78643K 700 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 9 0K 0K 78643K 9 0 temp 61 3963K 4025K 78643K 1795 0 kqueue 3 4K 4K 78643K 3 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 rtpcb 120 19 0 17 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 23 0 15 1 0 1 1 0 8 0 syncache 296 4 0 4 1 1 0 1 0 8 0 tcpqe 32 910 0 910 1 0 1 1 0 8 1 tcpcb 736 12 0 6 1 0 1 1 0 8 0 inpcb 304 34 0 26 1 0 1 1 0 8 0 nd6 48 6 0 0 1 0 1 1 0 8 0 kcovpl 48 2 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 188 0 0 12 0 12 12 0 8 0 art_table 32 189 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1417 0 21 88 0 88 88 0 8 0 ffsino 240 1417 0 21 83 0 83 83 0 8 0 nchpl 144 1636 0 36 60 0 60 60 0 8 0 uvmvnodes 72 1460 0 0 27 0 27 27 0 8 0 vnodes 224 1460 0 0 86 0 86 86 0 8 0 namei 1024 3982 0 3982 2 1 1 1 0 8 1 scxspl 216 4691 0 4691 9 1 8 8 0 8 8 plimitpl 152 16 0 8 1 0 1 1 0 8 0 sigapl 424 223 0 193 4 0 4 4 0 8 0 futexpl 56 12 0 11 1 0 1 1 0 8 0 knotepl 112 62 0 42 1 0 1 1 0 8 0 kqueuepl 168 2 0 0 1 0 1 1 0 8 0 pipepl 304 69 0 58 2 1 1 1 0 8 0 fdescpl 432 208 0 193 2 0 2 2 0 8 0 filepl 120 971 0 869 4 0 4 4 0 8 0 lockfpl 104 5 0 4 1 0 1 1 0 8 0 lockfspl 48 3 0 2 1 0 1 1 0 8 0 sessionpl 144 17 0 7 1 0 1 1 0 8 0 pgrppl 48 17 0 7 1 0 1 1 0 8 0 ucredpl 96 57 0 50 1 0 1 1 0 8 0 zombiepl 144 193 0 193 3 2 1 1 0 8 1 processpl 1016 223 0 193 5 0 5 5 0 8 1 procpl 672 231 0 193 4 0 4 4 0 8 0 sockpl 432 76 0 58 4 1 3 3 0 8 0 mcl4k 4096 8 0 8 1 1 0 1 0 8 0 mcl2k 2048 173521 0 173436 39 9 30 30 0 8 16 mtagpl 96 2 0 2 1 1 0 1 0 8 0 mbufpl 256 187618 0 187455 19 3 16 16 0 8 5 bufpl 280 3245 0 169 220 0 220 220 0 8 0 anonpl 24 40046 0 20464 122 3 119 119 0 188 1 amapchunkpl 152 1303 0 898 18 0 18 18 0 158 2 amappl16 200 926 0 96 44 0 44 44 0 8 0 amappl15 192 5 0 0 1 0 1 1 0 8 0 amappl14 184 24 0 18 1 0 1 1 0 8 0 amappl13 176 25 0 22 2 1 1 1 0 8 0 amappl12 168 9 0 8 1 0 1 1 0 8 0 amappl11 160 50 0 39 1 0 1 1 0 8 0 amappl10 152 12 0 7 1 0 1 1 0 8 0 amappl9 144 289 0 287 2 1 1 1 0 8 0 amappl8 136 109 0 82 2 0 2 2 0 8 1 amappl7 128 218 0 208 1 0 1 1 0 8 0 amappl6 120 64 0 54 1 0 1 1 0 8 0 amappl5 112 348 0 333 1 0 1 1 0 8 0 amappl4 104 242 0 219 1 0 1 1 0 8 0 amappl3 96 110 0 101 1 0 1 1 0 8 0 amappl2 88 897 0 825 4 2 2 3 0 8 0 amappl1 80 14026 0 13554 27 15 12 20 0 8 1 amappl 88 484 0 410 2 0 2 2 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 208 0 193 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 208 0 193 1 0 1 1 0 8 0 vmmpekpl 168 5800 0 5780 1 0 1 1 0 8 0 vmmpepl 168 33796 0 31730 132 16 116 116 0 357 26 vmsppl 272 207 0 193 2 0 2 2 0 8 1 rwobjpl 24 9393 0 7887 14 4 10 10 0 8 0 pdppl 4096 422 0 386 58 18 40 40 0 8 4 pvpl 32 130108 0 107573 187 3 184 184 0 265 1 pmappl 200 207 0 193 1 0 1 1 0 8 0 extentpl 40 58 0 40 1 0 1 1 0 8 0 phpool 112 317 0 34 9 0 9 9 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x18 panic(ffffffff8243627a) at panic+0x15e vrele(fffffd807e1525c8) at vrele+0x187 ptmioctl(5100,40287401,ffff80002273b860,3,ffff800021697cf0) at ptmioctl+0x5b9 VOP_IOCTL(fffffd807b446050,40287401,ffff80002273b860,3,fffffd807f7b7ae0,ffff800021697cf0) at VOP_IOCTL+0x91 vn_ioctl(fffffd807d996b58,40287401,ffff80002273b860,ffff800021697cf0) at vn_ioctl+0xb5 sys_ioctl(ffff800021697cf0,ffff80002273b970,ffff80002273b9c0) at sys_ioctl+0x4ac syscall(ffff80002273ba40) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbe594a3d0d0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x18 panic(ffffffff8243627a) at panic+0x15e vrele(fffffd807e1525c8) at vrele+0x187 ptmioctl(5100,40287401,ffff80002273b860,3,ffff800021697cf0) at ptmioctl+0x5b9 VOP_IOCTL(fffffd807b446050,40287401,ffff80002273b860,3,fffffd807f7b7ae0,ffff800021697cf0) at VOP_IOCTL+0x91 vn_ioctl(fffffd807d996b58,40287401,ffff80002273b860,ffff800021697cf0) at vn_ioctl+0xb5 sys_ioctl(ffff800021697cf0,ffff80002273b970,ffff80002273b9c0) at sys_ioctl+0x4ac syscall(ffff80002273ba40) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbe594a3d0d0, count: -9