Warning: Permanently added '10.128.0.65' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program panic: vmmaplk: lock not shared Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 272167 86181 0 0 0x4000000 0 syz-executor5349 *458595 86181 0 0 0x4000000 1K syz-executor5349 db_enter() at db_enter+0x18 panic() at panic+0x16c _rw_exit_read(ffff800020be4268,2a4,ffff800020c3b9b8) at _rw_exit_read+0x12b uvm_fault(b139956407eb0b2,ffff800020be4268,0,ffffffff8167c690) at uvm_fault+0x2 3bb pageflttrap() at pageflttrap+0x216 kerntrap(32c9c977baf18ce4) at kerntrap+0xeb alltraps_kern(6,14,c014575e,0,fffffd807a9f0980,20000000) at alltraps_kern+0x7b copyin(ac266adfd581996c,0,ffff800020be4268,da98e9b5b78,0,360) at copyin+0x4b syscall(d47e3fa3a6c3d5de) at syscall+0x5a0 Xsyscall(6,0,da722aec170,0,da722aec150,da722aec148) at Xsyscall+0x128 end of kernel end trace frame: 0xda98e9b5b90, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic vmmaplk: lock not shared ddb{1}> trace db_enter() at db_enter+0x18 panic() at panic+0x16c _rw_exit_read(ffff800020be4268,2a4,ffff800020c3b9b8) at _rw_exit_read+0x12b uvm_fault(b139956407eb0b2,ffff800020be4268,0,ffffffff8167c690) at uvm_fault+0x23bb pageflttrap() at pageflttrap+0x216 kerntrap(32c9c977baf18ce4) at kerntrap+0xeb alltraps_kern(6,14,c014575e,0,fffffd807a9f0980,20000000) at alltraps_kern+0x7b copyin(ac266adfd581996c,0,ffff800020be4268,da98e9b5b78,0,360) at copyin+0x4b syscall(d47e3fa3a6c3d5de) at syscall+0x5a0 Xsyscall(6,0,da722aec170,0,da722aec150,da722aec148) at Xsyscall+0x128 end of kernel end trace frame: 0xda98e9b5b90, count: -10 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff800020c3b820 rbx 0xffff800020c3b8c0 rdx 0xffffffff81f323f3 cy_pio_rec+0x25c rcx 0x201 rax 0x1 r8 0xffffffff81d8b924 kprintf+0x174 r9 0x1 r10 0xbf460727fd0673bd r11 0xc5a383bfe0fcfa68 r12 0x3000000008 r13 0xffff800020c3b830 r14 0x100 r15 0x1 rip 0xffffffff81202148 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800020c3b810 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor5349) pid=458595 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff800020b759d0,0xffffffff822f0c88 process=0xffff800020bca9f0 user=0xffff800020c36000, vmspace=0xfffffd806e929440 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 86181 324693 16851 0 2 0 syz-executor5349 86181 265288 16851 0 3 0x4000080 fsleep syz-executor5349 86181 272167 16851 0 7 0x4000000 syz-executor5349 86181 335292 16851 0 3 0x4000080 fsleep syz-executor5349 *86181 458595 16851 0 7 0x4000000 syz-executor5349 95573 292941 16164 0 3 0x80 nanosleep syz-executor5349 95573 410965 16164 0 3 0x4000080 fsleep syz-executor5349 95573 90381 16164 0 3 0x4000080 fsleep syz-executor5349 16851 467787 93284 0 3 0x80 nanosleep syz-executor5349 16164 230987 93284 0 3 0x80 nanosleep syz-executor5349 93284 317182 41067 0 3 0x82 nanosleep syz-executor5349 41067 435881 25486 0 3 0x10008a pause ksh 25486 446325 10014 0 3 0x92 select sshd 85512 36591 1 0 3 0x100083 ttyin getty 10014 370123 1 0 3 0x80 select sshd 26336 40635 53338 73 3 0x100090 kqread syslogd 53338 200128 1 0 3 0x100082 netio syslogd 2416 217780 1 77 3 0x100090 poll dhclient 11796 283976 1 0 3 0x80 poll dhclient 43079 62033 0 0 3 0x14200 pgzero zerothread 85179 220332 0 0 3 0x14200 aiodoned aiodoned 72486 399641 0 0 3 0x14200 syncer update 60697 441444 0 0 3 0x14200 cleaner cleaner 14001 523589 0 0 3 0x14200 reaper reaper 411 288416 0 0 3 0x14200 pgdaemon pagedaemon 74030 415480 0 0 3 0x14200 bored crynlk 36538 39048 0 0 3 0x14200 bored crypto 87340 416537 0 0 3 0x40014200 acpi0 acpi0 78219 52430 0 0 3 0x40014200 idle1 10023 7576 0 0 3 0x14200 bored softnet 13739 419554 0 0 3 0x14200 bored systqmp 32048 216604 0 0 3 0x14200 bored systq 24376 521205 0 0 3 0x40014200 bored softclock 877 404101 0 0 3 0x40014200 idle0 1 477967 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 86181 (syz-executor5349) thread 0xffff800020be4268 (458595) exclusive kernel_lock &kernel_lock r = 1 (0xffffffff823166a8) locked @ /syzkaller/managers/multicore/kernel/sys/kern/sched_bsd.c:436 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9442 6315K 6316K 78643K 10529 0 0 pcb 23 9K 9K 78643K 55 0 0 rtable 61 2K 2K 78643K 115 0 0 ifaddr 21 7K 7K 78643K 21 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 2K 78643K 13 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1168 73K 73K 78643K 1221 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 1K 78643K 2 0 0 VM map 2 1K 1K 78643K 2 0 0 sem 2 0K 0K 78643K 2 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1792 194K 288K 78643K 12592 0 0 file desc 1 0K 0K 78643K 1 0 0 proc 40 38K 46K 78643K 201 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 in_multi 11 0K 0K 78643K 11 0 0 ether_multi 1 0K 0K 78643K 1 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 18 79K 79K 78643K 18 0 0 exec 0 0K 1K 78643K 149 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 65 19K 19K 78643K 811 0 0 UVM aobj 2 2K 2K 78643K 2 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 NDP 3 0K 0K 78643K 3 0 0 temp 30 2347K 2411K 78643K 1756 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 2 0 0 1 0 1 1 0 8 0 inpcbpl 280 92 0 82 1 0 1 1 0 8 0 plimitpl 152 15 0 8 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtentry 112 23 0 1 1 0 1 1 0 8 0 syncache 264 5 0 5 2 1 1 1 0 8 1 tcpcb 544 78 0 71 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 96 0 0 6 0 6 6 0 8 0 art_table 32 97 0 0 1 0 1 1 0 8 0 art_node 16 22 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1503 0 132 45 0 45 45 0 8 0 ffsino 272 1503 0 132 92 0 92 92 0 8 0 nchpl 144 1710 0 179 57 0 57 57 0 8 0 uvmvnodes 72 1512 0 0 28 0 28 28 0 8 0 vnodes 200 1512 0 0 80 0 80 80 0 8 0 namei 1024 3603 0 3603 2 1 1 1 0 8 1 percpumem 16 30 0 0 1 0 1 1 0 8 0 scxspl 192 2746 0 2746 8 2 6 6 0 8 6 sigapl 432 210 0 196 2 0 2 2 0 8 0 futexpl 56 238 0 234 1 0 1 1 0 8 0 knotepl 112 5 0 0 1 0 1 1 0 8 0 kqueuepl 104 1 0 0 1 0 1 1 0 8 0 pipepl 112 114 0 107 2 1 1 1 0 8 0 fdescpl 488 211 0 196 2 0 2 2 0 8 0 filepl 152 980 0 932 2 0 2 2 0 8 0 lockfpl 104 6 0 6 1 1 0 1 0 8 0 lockfspl 32 3 0 3 1 1 0 1 0 8 0 sessionpl 112 19 0 9 1 0 1 1 0 8 0 pgrppl 48 19 0 9 1 0 1 1 0 8 0 ucredpl 96 47 0 40 1 0 1 1 0 8 0 zombiepl 144 196 0 196 2 1 1 1 0 8 1 processpl 840 225 0 196 4 0 4 4 0 8 0 procpl 600 297 0 262 3 0 3 3 0 8 0 sockpl 384 134 0 114 3 0 3 3 0 8 1 mcl4k 4096 2 0 0 1 0 1 1 0 8 0 mcl2k 2048 73 0 0 9 0 9 9 0 8 0 mtagpl 80 1 0 0 1 0 1 1 0 8 0 mbufpl 256 92 0 0 6 0 6 6 0 8 0 bufpl 256 2052 0 261 112 0 112 112 0 8 0 anonpl 16 19336 0 18076 7 1 6 6 0 125 0 amapchunkpl 152 700 0 649 2 0 2 2 0 158 0 amappl16 192 146 0 132 1 0 1 1 0 8 0 amappl15 184 1 0 1 1 1 0 1 0 8 0 amappl14 176 1 0 1 1 1 0 1 0 8 0 amappl13 168 16 0 13 1 0 1 1 0 8 0 amappl12 160 8 0 8 2 1 1 1 0 8 1 amappl11 152 171 0 162 1 0 1 1 0 8 0 amappl10 144 43 0 43 2 1 1 1 0 8 1 amappl9 136 207 0 206 1 0 1 1 0 8 0 amappl8 128 110 0 100 1 0 1 1 0 8 0 amappl7 120 31 0 26 1 0 1 1 0 8 0 amappl6 112 42 0 38 1 0 1 1 0 8 0 amappl5 104 169 0 157 1 0 1 1 0 8 0 amappl4 96 254 0 233 1 0 1 1 0 8 0 amappl3 88 113 0 107 1 0 1 1 0 8 0 amappl2 80 883 0 826 2 0 2 2 0 8 0 amappl1 72 12588 0 12124 15 5 10 15 0 8 0 amappl 72 485 0 454 1 0 1 1 0 75 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 1 0 0 1 0 1 1 0 8 0 uaddrrnd 24 211 0 196 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 211 0 196 1 0 1 1 0 8 0 vmmpekpl 168 5334 0 5314 2 0 2 2 0 8 0 vmmpepl 168 26306 0 25390 55 15 40 43 0 357 0 vmsppl 360 210 0 196 2 0 2 2 0 8 0 pdppl 4096 429 0 392 5 0 5 5 0 8 0 pvpl 32 74702 0 71623 32 6 26 26 0 265 1 pmappl 224 210 0 196 1 0 1 1 0 8 0 extentpl 40 39 0 25 1 0 1 1 0 8 0 phpool 112 240 0 3 7 0 7 7 0 8 0 ddb{1}>