Warning: Permanently added '10.128.0.40' (ED25519) to the list of known hosts. 2024/04/09 01:45:10 fuzzer started 2024/04/09 01:45:15 dialing manager at 10.128.15.235:30002 2024/04/09 01:45:15 syscalls: 389 2024/04/09 01:45:15 code coverage: enabled 2024/04/09 01:45:15 comparison tracing: enabled 2024/04/09 01:45:15 extra coverage: enabled 2024/04/09 01:45:15 delay kcov mmap: enabled 2024/04/09 01:45:15 setuid sandbox: enabled 2024/04/09 01:45:15 namespace sandbox: support is not implemented in syzkaller 2024/04/09 01:45:15 Android sandbox: support is not implemented in syzkaller 2024/04/09 01:45:15 fault injection: support is not implemented in syzkaller 2024/04/09 01:45:15 leak checking: support is not implemented in syzkaller 2024/04/09 01:45:15 net packet injection: enabled 2024/04/09 01:45:15 net device setup: support is not implemented in syzkaller 2024/04/09 01:45:15 concurrency sanitizer: support is not implemented in syzkaller 2024/04/09 01:45:15 devlink PCI setup: support is not implemented in syzkaller 2024/04/09 01:45:15 NIC VF setup: support is not implemented in syzkaller 2024/04/09 01:45:15 USB emulation: support is not implemented in syzkaller 2024/04/09 01:45:15 hci packet injection: support is not implemented in syzkaller 2024/04/09 01:45:15 wifi device emulation: support is not implemented in syzkaller 2024/04/09 01:45:15 802.15.4 emulation: support is not implemented in syzkaller 2024/04/09 01:45:15 swap file: support is not implemented in syzkaller 2024/04/09 01:45:15 starting 8 executor processes 01:45:16 executing program 1: sysctl$vfs_ffs(&(0x7f0000000000)={0x7, 0x4, 0x300}, 0x3, 0x0, 0x0, 0x0, 0x0) r0 = semget$private(0x0, 0x7, 0x3c0) semctl$SETALL(r0, 0x0, 0x9, &(0x7f0000000200)=[0xc59, 0x7]) semop(r0, &(0x7f0000000180)=[{0x0, 0x43, 0x800}, {0x4, 0xe6, 0x800}, {0x1, 0x101, 0x800}, {0x1, 0x20, 0x1000}, {0x2, 0x5, 0x1800}, {0x1, 0x9e, 0x800}, {0x2, 0xfffb, 0x1000}, {0x0, 0x3f, 0x800}], 0x8) semop(r0, &(0x7f00000001c0), 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = syz_open_pts() open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) fcntl$lock(r1, 0x8, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000300000000}) flock(r1, 0x1) fcntl$lock(r1, 0x8, &(0x7f0000000080)={0x0, 0x0, 0x6, 0x100000001}) semctl$SETALL(r0, 0x0, 0x9, &(0x7f00000000c0)=[0x9, 0x0, 0x6, 0x5, 0x1f, 0x200, 0xf7, 0xffff]) sysctl$vfs_ffs(&(0x7f0000000100)={0x4, 0x1, 0x2}, 0x3, 0x0, 0x0, 0x0, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x400, 0x80) 01:45:16 executing program 2: r0 = shmget(0x2, 0xfffffffffeffffff, 0xa00, &(0x7f0000ffc000/0x4000)=nil) sendmsg$unix(0xffffffffffffffff, &(0x7f0000002a40)={&(0x7f0000000000)=ANY=[@ANYBLOB="0102", @ANYRES64], 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0xc) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0xc) getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0xc) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc) r11 = socket$unix(0x1, 0x6, 0x0) r12 = socket$inet6(0x18, 0x4, 0xc0) r13 = openat$speaker(0xffffffffffffff9c, &(0x7f00000003c0), 0x80, 0x0) getsockopt$sock_cred(r12, 0xffff, 0x1022, &(0x7f0000000500)={0x0, 0x0}, &(0x7f0000000540)=0xc) getsockopt$sock_cred(r11, 0xffff, 0x1022, &(0x7f0000000580)={0x0}, &(0x7f0000000680)=0xc) shmctl$IPC_SET(r0, 0x1, &(0x7f00000006c0)={{0x0, r14, r6, r2, r8, 0x9, 0xb6}, 0x0, 0x101, r1, r15, 0x80000000, 0x64a, 0xffffffffffffff01}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r11, &(0x7f0000000440)={&(0x7f0000000280)=@abs={0x1, 0x0, 0x2}, 0x8, &(0x7f0000000380)=[{&(0x7f00000002c0)="f605bc7ead07e94f14c095148ab2a24ffae54b7eabcba4dc6e28315214383b84acaa5132921d92291ace24a01efbf04e4d35246f13de45714b777878a4a77d0ebb82ca1e83d6ccffa9b5cf328a5f8e9ac1dc9fc6d829420d95ed48ef26a1bd84c8bc333c5e72dca99beefeaf8b7e5f105b34684b9147ea917403c3", 0x7b}, {&(0x7f0000000340)="b107863a5e330ce62326ef1ebf178ce34ca9b6ed5428426807", 0x19}], 0x2, &(0x7f00000005c0)=[@rights={0x20, 0xffff, 0x1, [r12, r13, r16]}, @cred={0x20, 0xffff, 0x0, r4, r7, r6}, @cred={0x20, 0xffff, 0x0, r1, r2, r6}, @cred={0x20, 0xffff, 0x0, r1, r5, r6}, @cred={0x20, 0xffff, 0x0, r1, r5, r10}, @cred={0x20, 0xffff, 0x0, r4, r2, r6}], 0xc0, 0x8}, 0x1) r17 = fcntl$getown(0xffffffffffffffff, 0x5) getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000040)=0xc) r19 = getpgrp() getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000480)={{0xf594, 0x0, r20, 0x0, r18, 0x12, 0x6}, 0x7, 0xb38, r19, r19, 0x1, 0xea79, 0x8001, 0x3f}) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000200)={{0x0, r5, r3, r2, r3, 0x1, 0x9}, 0x5, 0x1c, r19, r17, 0x1, 0x2, 0x81}) r21 = socket$inet6(0x18, 0x5, 0x1) setsockopt(r21, 0x8000, 0x40, &(0x7f00000001c0)="1696b5b80f4659ecdd9104cbc5a04aca", 0x10) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000140)={{0x356a, r2, r6, r7, 0x0, 0x151, 0x5}, 0xe4e, 0xfff, r9, r17, 0x7, 0x6308, 0x2}) r22 = socket(0x2, 0x2, 0x0) bind(r22, &(0x7f0000000000)=ANY=[], 0x10) sendmsg$unix(r22, &(0x7f0000002a40)={0x0, 0x0, 0x0}, 0x0) r23 = msgget$private(0x0, 0xfffffffffffffffd) msgsnd(r23, &(0x7f0000001180)={0x1, "658a5d81ce75adb5b10eac918a2349d2ff5c352fd389f4223864f706183b00f1245146955b84e3c261d985a3057c107b6beff52d4164b475b3672581be9867a72f9107624a3b05124c1211fd0bef97a7fb5243d2296fd07388c6b1133f721f1eff78309b886d3f"}, 0x6f, 0x800) 01:45:16 executing program 6: r0 = socket(0x18, 0x3, 0x0) r1 = socket(0x11, 0x3, 0x0) setsockopt(r1, 0x11, 0x4, &(0x7f0000000340)="12000000", 0x4) setsockopt(r1, 0x11, 0x1, &(0x7f0000000200)="12000001", 0x4) sendto$unix(r0, &(0x7f0000000000)="b1000504000004000000000001000000331c13fecea10500fef96ec0c72fd3357ae30200004e3003000000acf20b7804be38164991f7c8cf5f882b297be1aa0500000051e2f0ad3ebbc257699a1f139b672f4d335c223e7d0c032bfa896443a42102000000720fd18bfbb670c1f5a872c881ea6e2ec5890400000000008000361b4cc702fac500002021fbfa0c0f00008abfba221554f4e0f668246c0900000008e371a3f8343712051eea040000000000", 0xb1, 0x0, 0x0, 0x0) 01:45:16 executing program 2: r0 = open(&(0x7f0000000080)='./file0\x00', 0x611, 0x0) sysctl$kern(&(0x7f0000000080)={0x1, 0x54}, 0x4000000000000003, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x2011, r0, 0x0) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4) sysctl$kern(&(0x7f00000000c0)={0x1, 0x4e}, 0x3, &(0x7f0000000040)="71f91e3471ac0058bc5a91501d94a34b8e5f84cf71b59c7afec37082", &(0x7f0000000080)=0x30, 0x0, 0x72aae6d85ca100ee) 01:45:16 executing program 6: kevent(0xffffffffffffff9c, &(0x7f0000000000)=[{{}, 0x0, 0x0, 0x0, 0x800}], 0x0, 0x0, 0x0, 0x0) sysctl$kern(&(0x7f0000000000)={0x1, 0x4e}, 0x2, 0x0, 0x0, 0x0, 0x0) getrlimit(0x0, 0x0) 01:45:16 executing program 0: sysctl$kern(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)="55f8f5782087a072a82ec35f78d14780f518", 0x12) sysctl$kern(&(0x7f0000000000)={0x1, 0x3a}, 0x2, &(0x7f0000000040)="4ea929c00abb19c4196f7a6fbb369836749867a474b6ea14d99ebb81e64564d269b001da89ea2a32eea872340ba8019fef4c78cca96ddbe001e1e744379e619f36f65222", &(0x7f00000000c0)=0x44, &(0x7f0000000200)="8040402dc74d935bfb6110bdec1481c3ba7f5be824d2c0b11f76e2896f8946833110e4a294b0a73b9f4e70a0324c7a9b0554c70c42c587cfc915bbdeac56f4c45f1219ef906667c9046e43801d5c897a7c9518029f949bb33b75c3615fc85400d1bf7cd3adce986378b9a2d17b35e14a5a4a03d1f89dae1bad41326b1451068be5d95dac5629ab1912e60904672781518af8e3625978a6f385f4b10e629eaa4d6edd5999e72801ac4082b343776d7b6cefae5e7fdc459f9b906c9e7fa509c4a9a19428a7059b04b07ecbf6bef308fdf1868bf63624358f5da32dd447a24e622017a2ffd053d55528dce6f5036892dcc9353c132192ad657ea12a80c7cd43", 0xfffffffffffffebf) r0 = socket(0x2, 0x2, 0x0) r1 = dup(r0) connect$unix(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="780230"], 0x10) poll(&(0x7f0000000040)=[{r0, 0x4}], 0x1, 0x0) r2 = socket(0x18, 0x2, 0x0) r3 = socket(0x18, 0x2, 0x0) dup2(r2, r3) setsockopt$sock_int(r3, 0xffff, 0x1023, &(0x7f0000000000)=0x3, 0x4) setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000680)="8c09982b476be8c76e685e3c6d91734d37", 0x11) recvmmsg(r1, &(0x7f0000000640)={0x0}, 0x10, 0x0, 0x0) connect$unix(r2, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) syz_emit_ethernet(0x4f, &(0x7f00000022c0)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "801f3f", 0x19, 0x0, 0x0, @rand_addr="330828d6f1369338c9ad2ca948fffc07", @local={0xfe, 0x80, '\x00', 0x0}, {[@fragment={0xc, 0x0, 0x5}], @generic="b1a6949a1f05d2c6b24022b47a2aa0a1f8"}}}}}) r4 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0) sysctl$kern(&(0x7f0000000180)={0x1, 0x48}, 0x2, &(0x7f0000000300)="ba1221dc67d2f4a75d0d99082b5d0948d4a98e0c6450542aa4c3b45580ffec4f64085fc060ef9e59b3d3eaef6e83321c9241e40454e18f868248a946177589fc3de1476507d270160c6ecb217bf440964a8f57bfa4511f4ed73646fd847b02832ed9fa049ca4", &(0x7f0000000380)=0x66, &(0x7f00000003c0)="f530b42a92d310e3307a6c545744b9f5ed6e3f7ea68044bffb261415", 0x1c) ioctl$BIOCSETIF(r4, 0x8020426c, &(0x7f0000000100)={'tap', 0x0}) socket(0x18, 0x2, 0x0) sysctl$hw(&(0x7f0000000280)={0x6, 0xf}, 0x2, &(0x7f0000000100), 0x0, 0x0, 0x0) msgget(0x0, 0x2c) getgid() r5 = semget$private(0x0, 0x400000000e, 0x82) semop(r5, &(0x7f0000000440)=[{0x0, 0x3, 0x1800}, {0x0, 0x3ff, 0x400}, {0x4, 0x2a8, 0x1800}], 0x3) geteuid() getegid() semctl$GETVAL(r5, 0x3, 0x5, &(0x7f0000000280)=""/80) getsockopt$sock_cred(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f0000000300), &(0x7f0000000340)=0xc) r6 = getegid() semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000005c0)={{0x10001, 0x0, 0x0, 0x0, r6, 0x10, 0x37f}, 0xff, 0x100000001, 0x8d6d}) semctl$SETALL(r5, 0x0, 0x9, &(0x7f0000000400)) 01:45:16 executing program 6: mknod(&(0x7f0000000000)='./file0\x00', 0x1ffa, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x82, 0x0) readv(r0, &(0x7f0000000440)=[{0x0}], 0x1) sysctl$net_inet_divert(&(0x7f00000000c0)={0x4, 0x2, 0xf0}, 0x8, 0x0, 0x0, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x0, 0xffffffffffffffff}}) r1 = socket(0x18, 0x2, 0x0) close(r1) r2 = socket(0x800000018, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r3, 0xffff, 0x1022, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0xc) semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x0, r4}}) bind$unix(r2, &(0x7f0000000080)=@abs={0x1f95d27d48731892, 0x7}, 0x1c) connect$unix(r1, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) r5 = socket(0x800000018, 0x1, 0x0) setsockopt$sock_int(r5, 0xffff, 0x4, &(0x7f0000000040)=0x80, 0x4) bind$unix(r5, &(0x7f0000000080)=@abs={0x1f95d27d48731892, 0x7}, 0x1c) setrlimit(0x8, &(0x7f0000000980)={0x7, 0x51}) r6 = syz_open_pts() r7 = kqueue() ioctl$BIOCSETWF(0xffffffffffffffff, 0x80104277, 0x0) kevent(r7, &(0x7f0000000140), 0x537b, 0x0, 0x0, 0x0) getrusage(0x1, &(0x7f0000000180)) close(r6) r8 = syz_open_pts() readv(r8, &(0x7f00000015c0)=[{&(0x7f0000000000)=""/83, 0x53}], 0x1) writev(r6, &(0x7f0000000480)=[{&(0x7f00000000c0)="7fd1483ff857fa97e517ed6752b9dd2e715fb1463ab823869c913d10dc8546fd5736505c982f793d5b949b003a228cd65a01c5ebfcdae89550e8987b62f07fd3553cda456c2ea7c8ce87b81ed8428b45a8f2cda03366441c0a", 0x59}], 0x1) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000080)=@file={0x0, './file0/file0\x00'}, 0xa, 0xfffffffffffffffe, 0x2, &(0x7f0000000500)=[@rights={0x66}, @cred={0x20}, @cred={0x20}, @cred={0x20}, @cred={0x20}, @cred={0x20}, @cred={0x20}, @cred], 0xfffffffffffffc28, 0x405}, 0x0) r9 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) unveil(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='c\x00') mkdirat(r9, &(0x7f0000000280)='./file0\x00', 0x0) 01:45:16 executing program 0: r0 = socket$inet6(0x18, 0x4000, 0x1f) setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0x69, &(0x7f0000000040)={{0x18, 0x2, 0x8ccb, 0xfffffffa}, {0x18, 0x1, 0x0, 0x3ff}, 0x8001, [0x4, 0x800008, 0x7fff, 0x0, 0x7, 0xfffffffe, 0x0, 0x2a92f61e]}, 0x3c) write(r0, &(0x7f0000000080)="b61d6628ba261f0380b648df09d13c3314d9c0fe7d47f1f673234f04a5c6479f5973fbc702e3b21dcaad64e30a1656bdcfdca91b01e64ddec8c0809ff12123490e69069ba3d628519879d2dc95863df7d827b6b686ab25cef623b3eda00bcf6d369cb164df7301aca0869a518f5f37153fcab0214437926b0e559931439f0dd2b45bbf7196bd9388ec4bf51f79447a7558ac84de2f23139c777f9290de2bb81f3e577f3aa06bcf143016c7d0e15cc8738e005ff641a55084f1ed8399642fccd1c610dc6d376d10f65dc52e8d5ae0bdcc88a9de500bb2a6b56dd53f55a98df116cfffdcf7faba3db2aeb9ea625288b5916955fa6055b14133708cd27c5671279dad4eaec9a9e1cfe9c2f1613a14a9cbd6461da171dd9b501c3c41745a2e80348aba56c8186a090898b49ac6dc00f3de860e41b09e96c6d276dcde28b2d642a9bf20b1aa9fc57bca34a23776a1723db067bcdf8ea2af612e1908894f468ec0d31fd20ec5f479d7fafd30c5b6a14c052dfd7a62492238909c6b5a0f69b3180cda94deeb46493447bfdfbae6f9f268f91f6198e0c1634b47c7eb1e640aabc6fcbe45e791895f5e420f083f693fd74f6bca131d1c5f3de71b2c86143ddf6f5ded030c6d68a0b081de520c001b4cc4ece11e2ef3a6e0ede57f7b805e1720f8a9ded0147c496dd325e0fc39b0e70f3ff94f9b577473ff3fb122643ab59b8cad438b85f627347f3d1f72c194bebabadd238d65772d106fd67685cb5c3600c6017f0de6d568ed36370bfb5561c14a3185a16701c5d499b0693b8da13105f46a3ab657f9d42e000f0084472c9b3f52188a0bebd2ac10b8b5d26fb7708b0f6abb7848a77c6685220748c8cf64afcf51685818caf3e8f9930c423c6bce6e2180ca5c6794a5867076294c06eaae6619bef374ca6fcaa97187074730822688a03a86eb138c432dcb9f7b653973985f64f0419f3103f4966d9d48100b8310052cf356e0e21ed800afce803fb0e9c7cd0daf8f6fcf950243d71d8ae5e7144a61619a4c9064f9b4d289b21876ab780768cb5337993d245428c001289cf6397c73b84377ed6bb26fd9aff4ad9faa803694517c6b6e0a0cff13f6872ac0e370f7b38141541e0df05f2c880a7ea643877b2821648e21e23cd96e7e473d42e9b2b0c237009fdb13927ed0c4b090aa23784050ebf056bdc26be86229296065b2c67a9d2712cf6ffb32887ffabf815fb43fa1337c71a4cf21137ec3832694e5e419eba1f044ab97d84c55ad3ec1ab774c45048208e85ccb4f451ab4c82114c012d8618a454170c9b7732feb5a1c27ccc3fab6c8bf17dbf928c3f3ff0d59412bc7678ca1e9b336cf600523c7a43292c1e8058141cbe294a3e60f1b5362f9f1b8d04c5422dc7762a87ca929e02e1d67bf2ca7f404475b8cb589835b4db34b1563be726325ccd6fffe96fb693bba4a6186df0642bcddf81ac75835c58cf50e3195bad7074bd230ecc95b0d196c7c9638ac9f357cf7cece0540002b1f52d368f76326be07d940415d3800b25156b7eb1a6322e5ec60a9473f992aaeeaf244c3f041cc87b3f5ec789e9a4947621097a9667fd8745a3858e1eff3fd61aab6906a95f8e47f9bd733437224dd07e9e7b1ba5da0e0397bacec21ca4dffda112947ef2be605ed76097673221322491a49b4d82299083f74a1dd5ecc7bb4891f40a410ef97843385c6337a8f23a1a52a792214a209fa2c165cf3520b4f9a53ed1c5ab075ce2db674a3c1953efc378b968cc98c45f7a37eb26de0cfeb2d1846529b6836649741522f943ece46a041cdb126ec2fb04ed756d2c8160d7531018a91d6d8025b6c09ef0b6eaf33d9fce63136755b764ee17e82a415fa629fbb5e5d50f08a067b1fc1e996de911b5e693ab4fea805ebdfa2dc2d26d32d77db9b5d54db1157df88119c9f59a5a32135ab4b9a8899e7f2629ac2031c047158e6a8a6485b5897c16949efcf27dc7aac00fce45c8d32c00e11d97f60a8bd3cc2645461b776672feffc475390fcb3ac8bfddedf7dabd6dad7994f5e453e61f9cc30e57f0aac4372153dd45f82dc9cb3accdc7ae3d091a00266fa3d626660137d84ab1371f69aea0b6f98622e5ce07a09feae49bef012cde0528c11331397c8b1d608e4252405faede4d58cf0509f8af5199a3a04731adb790022791f81beeac19c76e6335ccbe7f2d5a77b663f8bc7b4cddd536255236096ac343728b30d75143d6bf0c0285996e4c2f1e2dd2a4818c5c0a1b65873e7f0df1c5a7c7b5edde391dd1e8ed9601b1f31a4f9d154052f3a92d757196c78f955cb8666717de5c369ebee98ee111277ea818871d72ca4eef345e2141b6c0b5d7eecf6e087f6bc6f6aa7fed002803ae619bb7723798873ae8ff9afa6407b20d2d534a521f2d3ff1a5faec24278dca70ef99ca1966d6113a2ad997677a2de11a43ecd8941549babb347ea2a0ca2959f39984961e542272fe9a44aafc28b920071a68fe57dac09e92ba296bece9bfad19491b09eb2daf893baff0ae3183d75c9bf437d077559744a6e6567bcd4d2cc088d5bda627865b17be4e693b3d68148eafeed3213654a3cdbfeb0e879b77292441ace77e38f1fae62ef26d90400d4ba28f4f26b443d39de0408551788a2262b723a6b5728907faf74a2bac80bd13b59ebceee0a46926f4e80868001f5e77fc289e6797b7247057234d0b6a77bacfbf178682f5f6fa059f16df4851d41a7f9f07b040de69ef2ff1154a571209e928b526abb44c7a5a4f64bf5a675fda3558b9e2c4650ddb5befbf87e594c72f9870c2156457e1fc65db69f316ac82c0400dc38839b205562283e4709636e07e9f8427b78bb3a8956f9eb4cb2f3a5da9ff5edf3088360a6545aa6abc513e452649cc666a83f321b5584a72edeb357c2193b08d83a00d0975a5d7d874e0599324437c8b35da89fc2d49feacc218f627b4ed75887d3c4fa5cda8593971d4608af86c37662b5020b20f3f4b223363ba10ce1e825f8b023d2d730d13d8a6d8f0d7ea1b2a6a9365da36b89a1bff16e6f64574ee2148825d3c1b3b1b2089eca484b5ddf5949c4e5ea7d25bfb96fb88fa9e4f4136c7d245b1f5cf241528d843976ba55bf07f07dd87be32a411b6e5dff48475e3f2d6beb7d89fce9b186f90b7b20494d54bcc1f4877201d734373ce1bbe8353b1bd7981e9930c706919d7a5b8e24a0aa301f6cd78602881735fa1efab6741b5ce7fc787d618276b1bcc0825eeb32ed5580e0610ed5ddb805c8473ea5b624b2a6a4ed696d75a1dbd3a1c2f5cac17c5cde49bc192a8c68de69e8bee9194a85efc33ef6cd57ecf5f1f1a826c70aa5d5da024dca7968f98a54dfda768f7cb2bfdcc77e22be57f756c299d3ceed55ee353684151f5dffa80390ea5c8a4577f8d2f6ca43847eaf36923815e3ff632be65503283dd03aff771315e528fbfee49d7b20b51551fb8defb45250a4cf57d297a682e8f4e826a6194d7aa12f7b20819c9e8e32f7e52372a843d30bbab0cae2f0ba10433f6a7757ba5b84438c20c579820b324f34d48f5bdb00ed842e49a961b2628fa0d807d91086c88036a6fb8ed8500341f2422a1fe7eb93f9271a351b73a02794a9ef634ed338a64a1c56b31c7805613080bb0c7e8d4526bb7dc4c44fbcff02a7ac3db10ecfa2e3c192216862372599a850df15e4acc5bcbe408226f5f28ca89dd9bb81623613278f48fb83637a0e5ba069f82bcd71fc5a20a93a71224490a7124154349956973962282e8aedbc1936075fcf2df797f088aaeb37ca01938d82053b021c37dc57c6550cb5cecb84ab48c0420f86580ec4716fe06acc930c2aa62ab7789bb4b09ffae5565566f28e0e48a364c11ae0d6c9ec24ab726d059e10aa0d3ff59e8e69c04bbf5cbd7ab2294255015f2543f2ad2b7c1f35f594cf8fb1cd5911a88ea975465826ad3d9df2391b9756931d452c242fe3bad189347fc85f0a58f0fa4297f853cebe3a4288930acbe775d3d75b5ecc6d35900ba35fbe87985ebe854d8d0105ff570dffa4f1a5fb95243db373c5dfa80079fa532f9bc3e06bd643e8704bfd7aaf4dd3f43aa121ac7697f585c633fec3c889d94c197de25ebcebb1214a592a935fa46ff8f07926e869435dc72ecda20f08630d13eb2445bf386604410be8487400dee2839a20d34c197d554421cf6424d249b80d238cd9716a755b0e1c78ff519919513a66fa4955cc076d98ea36e3bc076294c91532ccd0b344ccc8742f0a98ea5ac67135c7e4fe61176450b4644db50bf851a34c1096988e457d4f2f604379b031613831f4795d0ae2827e63941c992998b8db7c856099ef9e805b8b33eb4571aa94da5cb9c61c56dd4d40e62db5404c26da78fb0d6b83b4dc2aa53e4ea30927e1791c2c68c93082caade359ccd8ec06ecdb3c395e63586e14d515bb5ce6666090a0a14eae7413e3adc896128023e90e9864ee394624c1d40b41e4e91517377a02a63fff25e5f7cfed7c6c3dc8e67fca1b2224bd302625eb10ff8b782d8d44f2c9f53e7c5d5b6b48e0b6d366e0850e30cf1f74aa90236ff4b75710c59405774c6192b3909706d7cd0aef4339d9faebabb9c28bbb893ed9fcee48c1dd738d7ae5798ab343f2fed606ba949be66bc70b2185460e3b375b62806642666cec40a58b6105176217a541e14e977cd5876f07eb1021dbf4c500a40325aa0b0a1854ac840eef0e326f037ed2930341667c1ab521964617475247e6b6540d32ef6487758bfb8387e3ad36bde8c63b5ff930fbce8537277eb0ebf88b0debdc466203321f343d9a18ca3b978effc4b7f26ae771064a1b6239d5ce66c32e4caec2d8ba8887b7bcd2a766cc40e0a959ef193037d1747d0a1e498fadad8e567e72c9e93eced5d6c80ad716633bbb5a28c4735157c58dbeed2d24da403db7319cc9272f646b345c04c34a15dc4c99f7fa3d1d44c467ce0125adac2182f5b3c37e3c29ac546d5a901bb2c2f4e261a81d5ab5778f7f7295ddf28d75d789b2373c1b0ba0743eefc7da0408e02f1e8374efd5aa7435c11112ff336e28944b890fb73c5ca3f5c4d908213c5a88c63e1adcbb60ce8431fdd46c0f18c80440ff4fc6c3af5b77707104f50ff8177bdf2c50a8fe1aa4c1a73d29837ded9ecfa87a45b50356056ab03caaac0fe66f59632a48f37d906a4fea7e9c6bb7ed09069e3ac5772d70104326562ce2a0eef5cee39bdacda07b9d84e08dfac4ae8235cdb4c25ff5bcd40f2d67e3410965e6264ab258ee3058f461dc86b21ac5c2b204443579cb99d02f3e8fc037be361e6f8e7bc34e642154fa22dbb7434d69ccc0e2fc803a9e10a549df26326bfbd1d0a7559cd2178ab5913fea69e282d43765b2306ff32b085cb91cd63d950cc4655fd33109c332e50b17f2ee6290f94d1086e988b380428e783c36f670183b485d7481e70ecf9b13561a968f867df0b084b1f3c81612050817bb04329c07cf68c9d599dc0c073fc55681683b41e3378c267a55f652b33a9ee11f408101bde7d2a4f4730500d75dbc37039ad2eae22f4495cc21b2642e63ce5c29279b64683f2b107aa6eb4b65a1b9981a20c176bf410b5e88f6f63d212b728111bdbe7cf9680376c0221a197aeb8038cbe823f85e53a1c6309d64d736aae3ec1c353ad3dfc8d14ef35ccade7fccf8bb5e8821a967313e08518099543a3a11826e03bcfb863fdaf526af6849c8d11b477a84631f5e13d078ebfef0d54a8fa5d12403f9c3a8b168bb0f708946c32ed652757d8027856a9a83528cf80b4a00ea1697e12a0dc6fc2d99154a3", 0x1000) sysctl$vfs_ffs(&(0x7f0000000000)={0x4, 0x1, 0x5}, 0x3, 0x0, 0x0, 0x0, 0x0) sysctl$kern(&(0x7f0000000000)={0x1, 0x2c}, 0x2, &(0x7f0000000040), 0x0, 0x0, 0x0) 01:45:16 executing program 2: r0 = socket(0x2, 0x2, 0x0) ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x100000000000000, 0x2}}) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x1ff}) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r1 = socket(0x18, 0x1, 0x0) close(r1) r2 = socket(0x18, 0x2, 0x0) setsockopt(r1, 0x1000000029, 0x2e, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c) sendmsg(r2, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) connect$unix(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="f8be4317ea9dbf2dae205dea8a8e61a8780230"], 0x10) getsockname$unix(r0, &(0x7f0000000000)=@abs, &(0x7f0000001200)=0x8) r3 = socket(0x2, 0x1, 0x0) bind(r3, &(0x7f0000000000)=ANY=[], 0x10) listen(0xffffffffffffffff, 0x0) r4 = socket(0x2, 0x1, 0x0) connect$unix(r4, &(0x7f0000000000)=ANY=[], 0x10) shutdown(r4, 0x0) close(r4) 01:45:16 executing program 6: r0 = socket(0x6, 0x1, 0x84) setsockopt(r0, 0x1000000000029, 0x1b, &(0x7f0000000040)="0d2a2ce8", 0x4) ioctl$BIOCSETF(0xffffffffffffffff, 0x80104267, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{}, {0x0, 0x0, 0x0, 0x7fff}, {0x6, 0x0, 0x0, 0x3}]}) sysctl$net_inet_ip(&(0x7f0000000000)={0x4, 0x11}, 0x22, &(0x7f0000000080)="ae215599fed2fce97f573b9c553a0e622d29cd093849cd4fe42e0f5d2d06a4e744f0713d1fcaa1b8274dffd067d413ef9d2224d3fddc171f73a295b6ed18b3d0588be75e78a1d734e15bfe", 0x0, 0x0, 0x0) 01:45:16 executing program 0: r0 = open(&(0x7f0000000040)='./file0\x00', 0x70e, 0x0) writev(r0, &(0x7f0000001580)=[{&(0x7f00000000c0)='\x00', 0xfffffeb0}], 0x1) semget$private(0x0, 0x2, 0x8) getuid() getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f0000000680), 0xc) getgid() setrlimit(0x8, &(0x7f0000000980)={0x7, 0x54}) r1 = syz_open_pts() close(r1) r2 = syz_open_pts() poll(&(0x7f0000000040)=[{r1, 0x9e178c87381114ef}], 0x1, 0x0) ioctl$TIOCSETA(r2, 0x802c7414, &(0x7f0000000080)={0x5b, 0x6, 0x5, 0x2, "8e65ff71d45892b4d11b02630c8c582ee0d26528", 0x4}) syz_open_pts() r3 = kqueue() r4 = socket$inet6(0x18, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = getpid() fcntl$setown(r6, 0x6, r7) fcntl$setown(r4, 0x6, r7) fcntl$getown(r5, 0x5) ioctl$TIOCOUTQ(r2, 0x40047473, &(0x7f00000000c0)=0x8001) dup2(r3, r4) r8 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x1198, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2, 0x0) ioctl$FIONBIO(r9, 0x8004667e, &(0x7f0000000080)) symlinkat(&(0x7f0000000300)='./file0\x00', r8, &(0x7f0000000c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') mkdirat(r8, &(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) symlinkat(&(0x7f0000000800)='./file0\x00', r8, &(0x7f0000000200)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') mkdirat(r8, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) panic: vop_pgaenniecr:i c _ b a kdoerpn eStopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 310149 81192 32767 0x8000010 0 0 syz-executor.2 * 67806 60923 32767 0x8000010 0 1 syz-executor.0 db_enter() at db_enter+0x1c panic(ffffffff8288f85e) at panic+0x17b vop_generic_badop(ffff80002d6b3ea8) at vop_generic_badop+0x1f VOP_STRATEGY(fffffd806b8a8370,fffffd807e0306c0) at VOP_STRATEGY+0x9f bwrite(fffffd807e0306c0) at bwrite+0x1d0 VOP_BWRITE(fffffd807e0306c0) at VOP_BWRITE+0x4e ufs_mkdir(ffff80002d6b4120) at ufs_mkdir+0x445 VOP_MKDIR(fffffd80686cdb30,ffff80002d6b4280,ffff80002d6b42b0,ffff80002d6b41b0) at VOP_MKDIR+0xc3 domkdirat(ffff8000ffff6a58,ffffff9c,76371139fb50,1ff) at domkdirat+0x125 syscall(ffff80002d6b4430) at syscall+0x854 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x76371139fbc0, count: 4 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic cpu0: kernel diagnostic assertion "rw_write_held(uobj->vmobjlock)" failed: file "/syzkaller/managers/setuid/kernel/sys/uvm/uvm_aobj.c", line 1002 *cpu1: vop_generic_badop ddb{1}> trace db_enter() at db_enter+0x1c panic(ffffffff8288f85e) at panic+0x17b vop_generic_badop(ffff80002d6b3ea8) at vop_generic_badop+0x1f VOP_STRATEGY(fffffd806b8a8370,fffffd807e0306c0) at VOP_STRATEGY+0x9f bwrite(fffffd807e0306c0) at bwrite+0x1d0 VOP_BWRITE(fffffd807e0306c0) at VOP_BWRITE+0x4e ufs_mkdir(ffff80002d6b4120) at ufs_mkdir+0x445 VOP_MKDIR(fffffd80686cdb30,ffff80002d6b4280,ffff80002d6b42b0,ffff80002d6b41b0) at VOP_MKDIR+0xc3 domkdirat(ffff8000ffff6a58,ffffff9c,76371139fb50,1ff) at domkdirat+0x125 syscall(ffff80002d6b4430) at syscall+0x854 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x76371139fbc0, count: -11 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff80002d6b3dd0 rbx 0xffff800029ceccbf rdx 0 rcx 0xffff8000ffff6a58 rax 0xffff800029cebff0 r8 0x101010101010101 r9 0x8080808080808080 r10 0x103e36c8e051e97e r11 0xf04d67cb1ff57a9 r12 0xffff800029cecac0 r13 0 r14 0 r15 0x1 rip 0xffffffff817d3dfc db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff80002d6b3dc0 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor.0) tid=67806 pid=60923 tcnt=1 stat=onproc flags process=8000010 proc=0 runpri=17, usrpri=51, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff8000ffff62a8,0xffff80002a1fe7e0 process=0xffff80002a1591c8 user=0xffff80002d6af000, vmspace=0xfffffd806f2646e8 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 62859 43012 56576 0 2 0x8100000 sh 81192 310149 92714 32767 7 0x8000010 syz-executor.2 81192 443638 92714 32767 3 0xc000090 fsleep syz-executor.2 84424 39118 0 0 3 0x14200 bored sosplice 25366 36497 75936 0 3 0x8000080 wait syz-executor.3 56576 125876 65121 0 3 0x810008a sigsusp sh 77452 266579 29224 0 2 0x8100002 sh 72240 307383 3509 32767 3 0x8000090 nanoslp syz-executor.1 72240 267049 3509 32767 3 0xc000090 lockf syz-executor.1 72240 2878 3509 32767 3 0xc000090 fsleep syz-executor.1 67392 43435 81042 0 2 0x18100002 arp 81042 389920 86772 0 3 0x810008a sigsusp sh 29224 400864 62900 0 3 0x8000080 wait syz-executor.7 15753 9129 71707 32767 2 0x8000010 syz-executor.6 62900 236277 73713 0 3 0x8000082 wait syz-executor.7 65121 359550 57186 0 3 0x8000080 wait syz-executor.4 71707 423510 73713 0 3 0x8000082 wait syz-executor.6 86772 157963 90836 0 3 0x8000080 wait syz-executor.5 92714 354066 65453 32767 3 0x8000090 nanoslp syz-executor.2 75936 361612 73713 0 3 0x8000082 wait syz-executor.3 90836 277391 73713 0 3 0x8000082 wait syz-executor.5 57186 291949 73713 0 3 0x8000082 wait syz-executor.4 *60923 67806 44139 32767 7 0x8000010 syz-executor.0 65453 476883 73713 0 3 0x8000082 wait syz-executor.2 3509 81333 32737 32767 3 0x8000090 nanoslp syz-executor.1 32737 422446 73713 0 3 0x8000082 wait syz-executor.1 44139 326120 73713 0 3 0x8000082 wait syz-executor.0 73713 508883 49351 0 3 0x1a000082 thrsleep syz-fuzzer 73713 396270 49351 0 3 0x1e000082 nanoslp syz-fuzzer 73713 63177 49351 0 3 0x1e000082 wait syz-fuzzer 73713 283305 49351 0 3 0x1e000082 wait syz-fuzzer 73713 415589 49351 0 3 0x1e000082 thrsleep syz-fuzzer 73713 47751 49351 0 3 0x1e000082 wait syz-fuzzer 73713 303990 49351 0 3 0x1e000082 wait syz-fuzzer 73713 421873 49351 0 3 0x1e000082 wait syz-fuzzer 73713 227239 49351 0 3 0x1e000082 wait syz-fuzzer 73713 256000 49351 0 3 0x1e000082 wait syz-fuzzer 73713 163771 49351 0 3 0x1e000082 thrsleep syz-fuzzer 73713 488138 49351 0 3 0x1e000082 wait syz-fuzzer 73713 330354 49351 0 3 0x1e000082 thrsleep syz-fuzzer 73713 114761 49351 0 3 0x1e000082 thrsleep syz-fuzzer 73713 79759 49351 0 3 0x1e000082 kqread syz-fuzzer 49351 87484 27454 0 3 0x810008a sigsusp ksh 27454 349591 5958 0 3 0x1800009a kqread sshd 62380 107353 1 0 3 0x18100083 ttyin getty 5958 120891 1 0 3 0x18000088 kqread sshd 65754 130090 92415 73 3 0x19100090 kqread syslogd 92415 265722 1 0 3 0x18100082 sbwait syslogd 7173 411783 1 0 3 0x18100080 kqread resolvd 1726 455324 56646 77 3 0x18100092 kqread dhcpleased 40791 329147 56646 77 3 0x18100092 kqread dhcpleased 56646 140632 1 0 3 0x18000080 kqread dhcpleased 2244 491275 0 0 3 0x14200 bored smr 79733 332287 0 0 2 0x14200 zerothread 97213 226574 0 0 3 0x14200 aiodoned aiodoned 68394 328201 0 0 3 0x14200 syncer update 6944 507012 0 0 3 0x14200 cleaner cleaner 30722 480492 0 0 2 0x14200 reaper 46547 74779 0 0 3 0x14200 pgdaemon pagedaemon 31053 444582 0 0 3 0x14200 bored viomb 77921 320034 0 0 3 0x40014200 acpi0 acpi0 86316 517526 0 0 3 0x40014200 idle1 65040 315377 0 0 3 0x14200 bored softnet3 1721 95030 0 0 3 0x14200 bored softnet2 17531 183506 0 0 3 0x14200 bored softnet1 56497 388835 0 0 3 0x14200 bored softnet0 15199 244915 0 0 3 0x14200 bored systqmp 57879 83529 0 0 3 0x14200 bored systq 54141 497954 0 0 3 0x14200 tmoslp softclockmp 574 57358 0 0 3 0x40014200 tmoslp softclock 99478 422155 0 0 3 0x40014200 idle0 1 330276 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks CPU 0: exclusive sched_lock &sched_lock r = 0 (0xffffffff82e2bdd8) #0 witness_lock+0x446 #1 sleep_finish+0x13f #2 rwsleep+0xb3 #3 futex_wait+0x28f #4 sys_futex+0xfb #5 syscall+0x8cf #6 Xsyscall+0x128 Process 15753 (syz-executor.6) thread 0xffff8000ffff4548 (9129) exclusive rrwlock inode r = 0 (0xfffffd807e06a3d0) #0 witness_lock+0x446 #1 rw_enter+0x32a #2 rrw_enter+0x8e #3 VOP_LOCK+0x8b #4 vn_lock+0x85 #5 vget+0x1fd #6 ufs_ihashget+0x121 #7 ffs_vget+0x7c #8 ufs_lookup+0x1373 #9 VOP_LOOKUP+0x5c #10 vfs_lookup+0x6e5 #11 namei+0x56a #12 dounlinkat+0x9d #13 syscall+0x854 #14 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd807e06a5f0) #0 witness_lock+0x446 #1 rw_enter+0x32a #2 rrw_enter+0x8e #3 VOP_LOCK+0x8b #4 vn_lock+0x85 #5 vfs_lookup+0xd3 #6 namei+0x56a #7 dounlinkat+0x9d #8 syscall+0x854 #9 Xsyscall+0x128 Process 60923 (syz-executor.0) thread 0xffff8000ffff6a58 (67806) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82d6ff78) #0 witness_lock+0x446 #1 __mp_acquire_count+0x48 #2 mi_switch+0x489 #3 sleep_finish+0x194 #4 biowait+0x91 #5 bwrite+0x1fb #6 ffs_update+0x27f #7 ufs_mkdir+0x430 #8 VOP_MKDIR+0xc3 #9 domkdirat+0x125 #10 syscall+0x854 #11 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd807e06a700) #0 witness_lock+0x446 #1 rw_enter+0x32a #2 rrw_enter+0x8e #3 VOP_LOCK+0x8b #4 vn_lock+0x85 #5 vget+0x1fd #6 ufs_ihashget+0x121 #7 ffs_vget+0x7c #8 ffs_inode_alloc+0x1e4 #9 ufs_mkdir+0xe6 #10 VOP_MKDIR+0xc3 #11 domkdirat+0x125 #12 syscall+0x854 #13 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd8069a89f88) #0 witness_lock+0x446 #1 rw_enter+0x32a #2 rrw_enter+0x8e #3 VOP_LOCK+0x8b #4 vn_lock+0x85 #5 vfs_lookup+0xd3 #6 namei+0x56a #7 domkdirat+0x79 #8 syscall+0x854 #9 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10169 6407K 6419K 166960K 11247 0 pcb 15 10K 10K 166960K 15 0 rtable 158 4K 4K 166960K 236 0 pf 29 8K 8K 166960K 29 0 ifaddr 34 13K 13K 166960K 36 0 ifgroup 50 2K 2K 166960K 50 0 counters 64 36K 36K 166960K 64 0 ioctlops 0 0K 2K 166960K 25 0 iov 0 0K 1K 166960K 1 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1363 86K 86K 166960K 1380 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 1K 166960K 2 0 VM map 2 1K 1K 166960K 2 0 sem 4 0K 0K 166960K 4 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 25 93K 113K 166960K 123 0 proc 56 78K 103K 166960K 425 0 subproc 104 6K 6K 166960K 104 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 in_multi 57 4K 4K 166960K 57 0 ether_multi 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 31 148K 148K 166960K 31 0 exec 0 0K 1K 166960K 326 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 281 77K 78K 166960K 3261 0 UVM aobj 3 2K 2K 166960K 3 0 pinsyscall 46 92K 103K 166960K 1148 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 NDP 19 1K 1K 166960K 19 0 temp 34 6798K 6862K 166960K 3807 0 kqueue 12 18K 20K 166960K 23 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 27 0 23 1 0 1 1 0 8 0 rtentry 112 73 0 1 3 0 3 3 0 8 0 unpcb 144 35 0 22 1 0 1 1 0 8 0 syncache 336 4 0 4 1 0 1 1 0 8 1 tcpqe 32 97 0 97 1 1 0 1 0 8 0 tcpcb 808 14 0 8 1 0 1 1 0 8 0 arp 120 12 0 0 1 0 1 1 0 8 0 inpcb 392 65 0 55 2 0 2 2 0 8 0 nd6 136 12 0 0 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 282 0 0 18 0 18 18 0 8 0 art_table 32 283 0 0 3 0 3 3 0 8 0 art_node 16 72 0 6 1 0 1 1 0 8 0 sysvmsgpl 40 1 0 1 1 0 1 1 0 8 1 semupl 112 2 0 2 1 0 1 1 0 8 1 semapl 112 2 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1573 0 62 95 0 95 95 0 8 0 ffsino 272 1573 0 62 101 0 101 101 0 8 0 nchpl 144 1844 0 80 66 0 66 66 0 8 0 uvmvnodes 80 1686 0 0 35 0 35 35 0 8 0 vnodes 216 1686 0 0 94 0 94 94 0 8 0 namei 1024 5983 0 5982 3 0 3 3 0 8 2 percpumem 16 46 0 0 1 0 1 1 0 8 0 kstatmem 264 22 0 0 2 0 2 2 0 8 0 scxspl 216 7113 0 7113 3 1 2 2 1 8 2 plimitpl 152 42 0 19 1 0 1 1 0 8 0 sigapl 424 411 0 355 7 0 7 7 0 8 0 futexpl 64 94 0 92 1 0 1 1 0 8 0 knotepl 120 106 0 0 4 0 4 4 0 8 0 kqueuepl 216 20 0 12 1 0 1 1 0 8 0 pipepl 320 131 0 103 3 0 3 3 0 8 0 fdescpl 496 392 0 356 7 1 6 6 0 8 0 filepl 152 1634 0 1395 10 0 10 10 0 8 0 lockfpl 104 11 0 6 1 0 1 1 0 8 0 lockfspl 48 6 0 3 1 0 1 1 0 8 0 sessionpl 144 23 0 7 1 0 1 1 0 8 0 pgrppl 48 23 0 7 1 0 1 1 0 8 0 ucredpl 104 72 0 58 1 0 1 1 0 8 0 zombiepl 144 356 0 355 1 0 1 1 0 8 0 processpl 1136 411 0 355 5 0 5 5 0 8 0 procpl 656 435 0 362 7 0 7 7 0 8 0 sosppl 168 2 0 2 1 0 1 1 0 8 1 sockpl 584 128 0 101 3 0 3 3 0 8 1 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 2 0 0 1 0 1 1 0 8 0 mcl4k 4096 4 0 0 1 0 1 1 0 8 0 mcl2k 2048 255 0 0 32 0 32 32 0 8 0 mtagpl 96 3 0 0 1 0 1 1 0 8 0 mbufpl 256 273 0 0 18 0 18 18 0 8 0 bufpl 280 4310 0 183 295 0 295 295 0 8 0 anonpl 24 187107 0 181892 55 1 54 54 0 186 22 amapchunkpl 152 10866 0 10189 31 0 31 31 0 158 3 amappl16 200 5234 0 5157 5 0 5 5 0 8 0 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 136 0 124 2 0 2 2 0 8 1 amappl13 176 17 0 15 2 1 1 1 0 8 0 amappl12 168 971 0 931 2 0 2 2 0 8 0 amappl11 160 50 0 39 1 0 1 1 0 8 0 amappl10 152 44 0 35 1 0 1 1 0 8 0 amappl9 144 184 0 184 2 1 1 1 0 8 1 amappl8 136 131 0 95 2 0 2 2 0 8 0 amappl7 128 49 0 39 1 0 1 1 0 8 0 amappl6 120 309 0 289 2 0 2 2 0 8 1 amappl5 112 160 0 148 1 0 1 1 0 8 0 amappl4 104 492 0 458 3 0 3 3 0 8 0 amappl3 96 2594 0 2512 3 0 3 3 0 8 0 amappl2 88 757 0 677 4 0 4 4 0 8 2 amappl1 80 9149 0 8604 22 2 20 22 0 8 8 amappl 88 2769 0 2572 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 392 0 355 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 392 0 355 1 0 1 1 0 8 0 vmmpekpl 168 8051 0 7991 3 0 3 3 0 8 0 vmmpepl 168 45216 0 43190 116 1 115 115 0 357 23 vmsppl 440 391 0 355 5 0 5 5 0 8 0 rwobjpl 56 20401 0 17627 47 0 47 47 0 8 7 pdppl 4096 791 0 710 101 12 89 89 0 8 8 pvpl 32 48228 0 0 390 1 389 389 0 265 0 pmappl 248 391 0 355 4 1 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 382 0 14 11 0 11 11 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp x86_ipi_db(ffffffff82cedff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 db_putchar(6c) at db_putchar+0x1f kprintf() at kprintf+0x21c1 db_printf(ffffffff828f71c9) at db_printf+0x89 panic(ffffffff829573c7) at panic+0xdb __assert(ffffffff82909485,ffffffff8288fb47,3ea,ffffffff82886f15) at __assert+0x29 uao_get(fffffd807e8b1e58,0,ffff8000373b68b0,ffff8000373b672c,0,4,47596cf285c4a6e9,0) at uao_get+0x70c uvm_fault_lower_lookup(ffff8000373b6930,ffff8000373b6968,ffff8000373b68b0) at uvm_fault_lower_lookup+0xf3 uvm_fault_lower(ffff8000373b6930,ffff8000373b6968,ffff8000373b68b0,0) at uvm_fault_lower+0x62 uvm_fault(fffffd806611ec20,9a3418ab000,0,4) at uvm_fault+0x255 upageflttrap(ffff8000373b6ab0,9a3418ab000) at upageflttrap+0x8b usertrap(ffff8000373b6ab0) at usertrap+0x227 end trace frame: 0xffff8000373b6b30, count: 0 ddb{0}> trace x86_ipi_db(ffffffff82cedff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 db_putchar(6c) at db_putchar+0x1f kprintf() at kprintf+0x21c1 db_printf(ffffffff828f71c9) at db_printf+0x89 panic(ffffffff829573c7) at panic+0xdb __assert(ffffffff82909485,ffffffff8288fb47,3ea,ffffffff82886f15) at __assert+0x29 uao_get(fffffd807e8b1e58,0,ffff8000373b68b0,ffff8000373b672c,0,4,47596cf285c4a6e9,0) at uao_get+0x70c uvm_fault_lower_lookup(ffff8000373b6930,ffff8000373b6968,ffff8000373b68b0) at uvm_fault_lower_lookup+0xf3 uvm_fault_lower(ffff8000373b6930,ffff8000373b6968,ffff8000373b68b0,0) at uvm_fault_lower+0x62 uvm_fault(fffffd806611ec20,9a3418ab000,0,4) at uvm_fault+0x255 upageflttrap(ffff8000373b6ab0,9a3418ab000) at upageflttrap+0x8b usertrap(ffff8000373b6ab0) at usertrap+0x227 recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x7f2036ff4400, count: -15 ddb{0}> machine ddbcpu 1 Stopped at db_enter+0x1c: addq $0x8,%rsp db_enter() at db_enter+0x1c panic(ffffffff8288f85e) at panic+0x17b vop_generic_badop(ffff80002d6b3ea8) at vop_generic_badop+0x1f VOP_STRATEGY(fffffd806b8a8370,fffffd807e0306c0) at VOP_STRATEGY+0x9f bwrite(fffffd807e0306c0) at bwrite+0x1d0 VOP_BWRITE(fffffd807e0306c0) at VOP_BWRITE+0x4e ufs_mkdir(ffff80002d6b4120) at ufs_mkdir+0x445 VOP_MKDIR(fffffd80686cdb30,ffff80002d6b4280,ffff80002d6b42b0,ffff80002d6b41b0) at VOP_MKDIR+0xc3 domkdirat(ffff8000ffff6a58,ffffff9c,76371139fb50,1ff) at domkdirat+0x125 syscall(ffff80002d6b4430) at syscall+0x854 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x76371139fbc0, count: 4 ddb{1}> trace db_enter() at db_enter+0x1c panic(ffffffff8288f85e) at panic+0x17b vop_generic_badop(ffff80002d6b3ea8) at vop_generic_badop+0x1f VOP_STRATEGY(fffffd806b8a8370,fffffd807e0306c0) at VOP_STRATEGY+0x9f bwrite(fffffd807e0306c0) at bwrite+0x1d0 VOP_BWRITE(fffffd807e0306c0) at VOP_BWRITE+0x4e ufs_mkdir(ffff80002d6b4120) at ufs_mkdir+0x445 VOP_MKDIR(fffffd80686cdb30,ffff80002d6b4280,ffff80002d6b42b0,ffff80002d6b41b0) at VOP_MKDIR+0xc3 domkdirat(ffff8000ffff6a58,ffffff9c,76371139fb50,1ff) at domkdirat+0x125 syscall(ffff80002d6b4430) at syscall+0x854 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x76371139fbc0, count: -11