Warning: Permanently added '10.128.0.133' (ECDSA) to the list of known hosts. 2020/02/13 20:12:37 fuzzer started 2020/02/13 20:12:43 dialing manager at 10.128.15.235:41720 2020/02/13 20:12:43 syscalls: 337 2020/02/13 20:12:43 code coverage: enabled 2020/02/13 20:12:43 comparison tracing: enabled 2020/02/13 20:12:43 extra coverage: support is not implemented in syzkaller 2020/02/13 20:12:43 setuid sandbox: enabled 2020/02/13 20:12:43 namespace sandbox: support is not implemented in syzkaller 2020/02/13 20:12:43 Android sandbox: support is not implemented in syzkaller 2020/02/13 20:12:43 fault injection: support is not implemented in syzkaller 2020/02/13 20:12:43 leak checking: support is not implemented in syzkaller 2020/02/13 20:12:43 net packet injection: enabled 2020/02/13 20:12:43 net device setup: support is not implemented in syzkaller 2020/02/13 20:12:43 concurrency sanitizer: support is not implemented in syzkaller 2020/02/13 20:12:43 devlink PCI setup: support is not implemented in syzkaller 20:12:47 executing program 1: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VMM_IOC_INFO(r0, 0xc0185603, &(0x7f00000000c0)={0x42, 0x0, &(0x7f0000000040)=""/66}) clock_gettime(0x2, &(0x7f0000000100)) ioctl$BIOCGETIF(0xffffffffffffffff, 0x4020426b, &(0x7f0000000140)={""/16, @ifru_dstaddr=@un=@abs}) r2 = syz_open_pts() ioctl$TIOCSETAF(r2, 0x802c7416, &(0x7f0000000180)={0x20, 0xb3, 0xe5c, 0xcfc1, "2f0669870d957d0827ef3e7a771b8f229ea29fa3", 0x0, 0x2}) ioctl$TIOCGETA(r2, 0x402c7413, &(0x7f00000001c0)) r3 = semget$private(0x0, 0x4, 0x42) semctl$SETVAL(r3, 0x2, 0x8, &(0x7f0000000200)=0x1) r4 = openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x80, 0x2) ioctl$TIOCDRAIN(r4, 0x2000745e) semget(0x0, 0x3, 0x8) shmget$private(0x0, 0x2000, 0x80, &(0x7f0000ffb000/0x2000)=nil) fchdir(0xffffffffffffffff) ioctl$TIOCSTAT(r0, 0x20007465, &(0x7f0000000280)) r5 = open(&(0x7f00000002c0)='./file0\x00', 0x40, 0x154) ioctl$TIOCDRAIN(r5, 0x2000745e) r6 = open$dir(&(0x7f0000000300)='./file0\x00', 0x80, 0x10) getdents(r6, &(0x7f0000000340)=""/31, 0x1f) getsockopt$SO_PEERCRED(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000380)={0x0}, 0xc) fcntl$lock(r1, 0x9, &(0x7f00000003c0)={0x2, 0x0, 0x9, 0x101, r7}) r8 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) ioctl$WSDISPLAYIO_GETSCREEN(r8, 0xc0245755, &(0x7f0000000400)={0x7fff, './file0\x00', './file0\x00'}) setsockopt$sock_int(r5, 0xffff, 0x4, &(0x7f0000000440)=0x3, 0x4) r9 = accept$inet(0xffffffffffffffff, &(0x7f0000000480), &(0x7f00000004c0)=0xc) getsockopt$SO_PEERCRED(r9, 0xffff, 0x1022, &(0x7f0000000500), 0xc) flock(r9, 0x8) symlink(&(0x7f0000000540)='.\x00', &(0x7f0000000580)='./file0\x00') shmget(0x1, 0x2000, 0x300, &(0x7f0000ffc000/0x2000)=nil) r10 = openat$wsmuxkbd(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/wskbd\x00', 0x10000, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x10, r10, 0x0, 0xfffffffffffffff9) 20:12:47 executing program 0: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x10000) r2 = fcntl$dupfd(0xffffffffffffffff, 0xa, 0xffffffffffffffff) getsockopt$inet_opts(r2, 0x0, 0x1, &(0x7f0000000040)=""/192, &(0x7f0000000100)=0xc0) r3 = accept$unix(r0, &(0x7f0000000140)=@abs, &(0x7f0000000180)=0x8) dup2(r3, r2) r4 = openat$wsmouse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/wsmouse0\x00', 0x40, 0x0) ioctl$WSMOUSEIO_GCALIBCOORDS(r4, 0x41205725, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}) r5 = semget(0x0, 0x3, 0x10) semctl$GETNCNT(r5, 0x0, 0x3, &(0x7f0000000340)=""/4096) link(&(0x7f0000001340)='./file0\x00', &(0x7f0000001380)='./file0\x00') r6 = getpgid(0x0) ktrace(&(0x7f00000013c0)='./file0\x00', 0x2, 0x0, r6) socketpair(0x2, 0x5, 0x0, &(0x7f0000001400)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r7, 0xffff, 0x10, &(0x7f0000001440)=0x20, 0x4) ioctl$TIOCFLUSH(r1, 0x80047410, &(0x7f0000001480)=0x9) setpgid(r6, r6) r8 = getppid() getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f00000014c0)={0x0, 0x0}, &(0x7f0000001500)=0xc) r10 = getegid() setsockopt$sock_cred(r7, 0xffff, 0x1022, &(0x7f0000001540)={r8, r9, r10}, 0xc) r11 = getpid() getpgid(r11) setuid(0xffffffffffffffff) r12 = openat$wsmouse(0xffffffffffffff9c, &(0x7f0000001580)='/dev/wsmouse0\x00', 0x200, 0x0) r13 = accept(r7, &(0x7f0000001600)=@in, &(0x7f0000001640)=0xc) kevent(0xffffffffffffff9c, &(0x7f00000015c0)=[{{r12}, 0xfffffffffffffffb, 0x24, 0x2, 0x42, 0x3}, {{r0}, 0xfffffffffffffffb, 0x0, 0x3, 0x3, 0x9}], 0x31c1, &(0x7f0000001680)=[{{r0}, 0xa1558dc35b07614d, 0x40, 0x80000000, 0x0, 0x66c}, {{r13}, 0xfffffffffffffffe, 0x1d, 0x1, 0x9}], 0x8, &(0x7f00000016c0)={0x5, 0x9}) r14 = kqueue() r15 = kqueue() r16 = openat$wsmouse(0xffffffffffffff9c, &(0x7f0000001700)='/dev/wsmouse0\x00', 0x100, 0x0) r17 = accept$inet6(0xffffffffffffff9c, &(0x7f0000001740), &(0x7f0000001780)=0xc) r18 = socket$inet6(0x18, 0x5, 0x6) r19 = syz_open_pts() r20 = openat$tty(0xffffffffffffff9c, &(0x7f0000001880)='/dev/tty\x00', 0x20000, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000018c0)={0xffffffffffffffff, 0xffffffffffffffff}) r22 = accept$inet(0xffffffffffffffff, &(0x7f0000001900), &(0x7f0000001940)=0xc) r23 = dup(0xffffffffffffffff) r24 = openat$vmm(0xffffffffffffff9c, &(0x7f0000001980)='/dev/vmm\x00', 0x10000, 0x0) r25 = open$dir(&(0x7f00000019c0)='./file0\x00', 0x8000, 0x6) kevent(r14, &(0x7f00000017c0)=[{{r15}, 0xffffffffffffffff, 0x48, 0x4, 0x80000000, 0x8}, {{r16}, 0xfffffffffffffffd, 0x9, 0x52ee7d0f6ed3894, 0x0, 0xfffffffffffffffe}, {{r17}, 0xfffffffffffffffd, 0x14, 0x80, 0x1, 0x9a1}, {{r18}, 0x0, 0x20, 0x4, 0x5, 0x100000000}, {{r19}, 0xffffffffffffffff, 0x0, 0x80000000, 0x6, 0x20}], 0x1, &(0x7f0000001a00)=[{{r20}, 0xfffffffffffffffe, 0x2, 0x1, 0x600000000000, 0xb47}, {{r21}, 0xfffffffffffffffe, 0x0, 0x1, 0x7f4, 0x8}, {{r22}, 0xffffffffffffffff, 0x40, 0x2, 0x60a9fdb1, 0xfffffffffffff001}, {{r7}, 0xfffffffffffffff8, 0x22, 0x2, 0x0, 0xb}, {{r23}, 0xfffffffffffffffb, 0x0, 0x10, 0x1, 0x21c52db5}, {{r24}, 0xfffffffffffffff8, 0xc, 0x20000000, 0x6b, 0xa2}, {{r25}, 0xfffffffffffffffd, 0xaa, 0x1, 0x2, 0xffffffff}], 0xfffff485, &(0x7f0000001b00)={0x345bcf06, 0x6241}) 20:12:49 executing program 0: r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x100, 0x10) r1 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) ioctl$WSKBDIO_SETMODE(r1, 0x80045710, &(0x7f0000000000)=0x8000080000210) r2 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) clock_settime(0x2, &(0x7f00000000c0)={0x7, 0x4}) ioctl$WSKBDIO_SETMODE(r2, 0x80045710, &(0x7f0000000000)=0x8000080000210) poll(&(0x7f0000000040)=[{r0, 0x88}, {r1, 0x100}, {r2, 0x80}], 0x3, 0x80000) pckbd_enable: command error 20:12:49 executing program 1: r0 = kqueue() select(0x40, &(0x7f0000000140)={0x1ff}, 0x0, 0x0, 0x0) kevent(r0, &(0x7f0000000180)=[{{}, 0xfffffffffffffff9, 0x1, 0x0, 0x0, 0x1800000000000}], 0x6, 0x0, 0x3, 0x0) r1 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) ioctl$WSKBDIO_SETMODE(r1, 0x80045710, &(0x7f0000000000)=0x8000080000210) ioctl$BIOCGETIF(r1, 0x4020426b, &(0x7f0000000000)={""/16, @ifru_addr=@in6}) select(0x21, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0xd956}) 20:12:49 executing program 1: ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x10000000000001}}) ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, "00000000000000000000f2ffffffffffffff4000"}) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) connect$unix(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="0b1a"], 0x1) ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, "010000000000000000ffffff7f00"}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x29, 0xc, &(0x7f0000000140)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) r1 = socket(0x18, 0x1, 0x0) close(r1) r2 = socket(0x18, 0x2, 0x0) close(r2) socket(0x400000000018, 0x3, 0x3a) setsockopt(r2, 0x1000000029, 0x2e, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14) connect$unix(r1, &(0x7f00000000c0)=@abs={0x1, 0x7}, 0x66) write(r2, &(0x7f0000000040)="100a2956b9223776", 0x21d) 20:12:49 executing program 1: r0 = openat$vmm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vmm\x00', 0x0, 0x0) ioctl$VMM_IOC_RESETCPU(r0, 0x80045604, &(0x7f0000000240)={0x0, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff], [0x0, 0x0, 0x4000000000000000]}}) r1 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) pipe2(&(0x7f0000000100)={0xffffffffffffffff}, 0x10000) ioctl$WSDISPLAYIO_GMODE(r2, 0x4004574b, &(0x7f0000000140)) r3 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) ioctl$WSKBDIO_SETMODE(r3, 0x80045710, &(0x7f0000000000)=0x8000080000210) r4 = dup2(r0, r3) nanosleep(&(0x7f00000000c0)={0x7ff, 0x2}, 0x0) fcntl$getown(r4, 0x5) ioctl$WSKBDIO_SETMODE(r1, 0x80045710, &(0x7f0000000000)=0x8000080000210) r5 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) ioctl$WSKBDIO_SETMODE(r5, 0x80045710, &(0x7f0000000000)=0x8000080000210) accept(r5, 0x0, &(0x7f0000000040)) ioctl$VMM_IOC_CREATE(r1, 0xc5005601, &(0x7f0000000480)={0x10, 0x100000001, 0x4, 0x1, [{&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x1ff}, {&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x10000}, {&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0xffffffffffff8000}, {&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x1}, {&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x8}, {&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0xe1}, {&(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0xc}, {&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x7}, {&(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x10001}, {&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, 0x8}, {&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x401}, {&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x8}, {&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x7}, {&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x6}, {&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x6}, {&(0x7f0000ffb000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x80}], ['./file0\x00', './file0\x00', './file0\x00', './file0\x00'], './file0\x00', './file0\x00', './file0\x00', ['./file', './file', './file', './file'], 0x7fff}) 20:12:49 executing program 0: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[0x0, 0x5300035f], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff], [0x0, 0x0, 0x0, 0x9, 0xffffffffffffffff, 0x3fffffffeff], [0x0, 0x0, 0x401], [{}, {0x0, 0xfffffffd}, {}, {0x5}, {0xd2}], {}, {0x0, 0x0, 0x9}}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x442, 0x0) fchmodat(r0, &(0x7f0000000200)='./file0\x00', 0x108, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r1 = socket(0x18, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$TIOCFLUSH(r2, 0x8080691a, &(0x7f0000000300)) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000000)="949d3da4925d0ad989a9bcd6f30346993cc19a82e09f3ec935db57bf229f58edf864f26d049db51bedf0b8d56605cef1de61729bcbd0ef8160ee1500e873eed260186f766f74b92117b786af10aa705acdc87e72ea3d829c56e252ffc5e54f9aa6194e7c1acc4d111ceba337fca1cd9f416de745461981cf5039956ffbe4682e8839efb6886fd7d8123cceaae634e23294b06334855651b7816e19b3257c926511", 0xa1}, {&(0x7f00000000c0)="28b6e4bf62120fc84637338ee987b4e8277efda1806d23842a24fe5b8a22c2bb9091140fe486a5a15fe3c1c8dcafacf12a11dda28f393f528f13540727a09f3401c276c9a11d607d7e1b1293ecd50760a11c5edc8f868090055de7926331cc16a12c365e627d5dd844b271d08355b2aad7cdb1faa33f599b32eae1fbd22a8fd866b18f1d1f", 0x85}], 0x2) 20:12:50 executing program 0: r0 = kqueue() r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x810, r1, 0x0, 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) ioctl$WSKBDIO_SETMODE(r2, 0x80045710, &(0x7f0000000000)=0x8000080000210) close(r2) 20:12:50 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000280)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x5}, {0x48}, {0x6}]}) syz_emit_ethernet(0x0, &(0x7f0000000080)) r1 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) ioctl$WSKBDIO_SETMODE(r1, 0x80045710, &(0x7f0000000000)=0x8000080000210) ioctl$KDDISABIO(r1, 0x20004b3d) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000100)={'tap', 0x0}) syz_emit_ethernet(0xe, &(0x7f0000000180)="080d34413fb2c507153a05b8a2a9") 20:12:50 executing program 1: sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="2000000000000000ffff00000000000000e5005b67071b542a538706000000b81800000029000000310000000724c20100000000000000afa9"], 0x39}, 0x0) r0 = socket(0x18, 0x4003, 0x0) connect$unix(r0, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) chdir(&(0x7f0000000000)='./file0\x00') sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) 20:12:50 executing program 0: sendmsg$unix(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="2000000000000000ffff00000000000094b52e6404cebf825e447f72c7b58edf27478647296a382c5761868e2dedd8d3d48529752dba3e3a7b3acb372538fab0f312a030d2724edd9af3caf1eb83e4bc3a15581379010fd9399dfb80a4cba863f5af2b04e7b776aca52b578534bf9755194c20403e8f43a55ee980449b1df4e13f31662d0dc5ca933626c015c0f06b41411b5188df0000"], 0x97}, 0x0) mknod(&(0x7f0000000140)='./bus\x00', 0x2000, 0x108613a) r0 = open(&(0x7f0000000100)='./bus\x00', 0x2, 0x0) r1 = open(&(0x7f0000000080)='./bus\x00', 0x1, 0x100) ioctl$WSKBDIO_SETMODE(r1, 0x80045710, &(0x7f0000000000)=0x8000080000210) getsockopt(r1, 0xae, 0x800, &(0x7f0000000080)=""/124, &(0x7f00000001c0)=0x7c) write(r0, &(0x7f0000000000)="220e22", 0x3) chmod(&(0x7f0000000040)='./bus\x00', 0x40) pwritev(r0, &(0x7f00000002c0)=[{&(0x7f0000000180), 0xff20}], 0x100000000000005e, 0x0, 0x0) panic: receive 1a: so 0xfffffd805e54f000, so_type 3, m 0xfffffd805bc12900, m_type 0 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *378830 99170 0 0 0 0 dhclient db_enter() at db_enter+0x18 panic(ffffffff8219ec4f) at panic+0x15c soreceive(fffffd805e54f000,0,ffff80001d382548,0,0,ffff80001d382454) at soreceive+0x170a soo_read(fffffd80663fb5a0,ffff80001d382548,0) at soo_read+0x53 dofilereadv(ffff80001d349008,6,ffff80001d382548,0,ffff80001d382630) at dofilereadv+0x1a1 sys_read(ffff80001d349008,ffff80001d3825e0,ffff80001d382630) at sys_read+0x83 syscall(ffff80001d3826b0) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffc51c0, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic receive 1a: so 0xfffffd805e54f000, so_type 3, m 0xfffffd805bc12900, m_type 0 ddb> trace db_enter() at db_enter+0x18 panic(ffffffff8219ec4f) at panic+0x15c soreceive(fffffd805e54f000,0,ffff80001d382548,0,0,ffff80001d382454) at soreceive+0x170a soo_read(fffffd80663fb5a0,ffff80001d382548,0) at soo_read+0x53 dofilereadv(ffff80001d349008,6,ffff80001d382548,0,ffff80001d382630) at dofilereadv+0x1a1 sys_read(ffff80001d349008,ffff80001d3825e0,ffff80001d382630) at sys_read+0x83 syscall(ffff80001d3826b0) at syscall+0x507 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffc51c0, count: -8 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80001d382290 rbx 0xffff80001d382340 rdx 0x2 rcx 0 rax 0 r8 0xffff80001d382250 r9 0x1 r10 0 r11 0xbb916570d68600ac r12 0x3000000008 r13 0xffff80001d3822a0 r14 0x100 r15 0x1 rip 0xffffffff818ca838 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80001d382280 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (dhclient) pid=378830 stat=onproc flags process=0 proc=0 pri=24, usrpri=51, nice=20 forw=0xffffffffffffffff, list=0xffff80001d34a868,0xffff80001d349288 process=0xffff8000ffffa390 user=0xffff80001d37d000, vmspace=0xfffffd806bc09440 estcpu=1, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 93061 215692 28473 0 2 0 syz-executor.0 93061 381580 28473 0 2 0x4000000 syz-executor.0 28473 496817 5284 0 2 0x482 syz-executor.0 36261 410476 5284 0 2 0x2 syz-executor.1 5284 432121 66173 0 3 0x82 thrsleep syz-fuzzer 5284 190604 66173 0 2 0x4000002 syz-fuzzer 5284 26932 66173 0 3 0x4000082 kqread syz-fuzzer 5284 452219 66173 0 3 0x4000082 thrsleep syz-fuzzer 5284 235823 66173 0 3 0x4000082 thrsleep syz-fuzzer 5284 156205 66173 0 3 0x4000082 thrsleep syz-fuzzer 5284 32509 66173 0 3 0x4000082 thrsleep syz-fuzzer 66173 230683 24497 0 3 0x10008a pause ksh 24497 255592 61816 0 3 0x92 select sshd 60162 79571 1 0 3 0x100083 ttyin getty 61816 516742 1 0 3 0x80 select sshd 90852 458571 5152 73 3 0x100090 kqread syslogd 5152 102437 1 0 3 0x100082 netio syslogd 45984 286784 1 77 2 0x100010 dhclient *99170 378830 1 0 7 0 dhclient 44869 49871 0 0 2 0x14200 zerothread 44237 216530 0 0 3 0x14200 aiodoned aiodoned 95282 410618 0 0 3 0x14200 syncer update 45029 229521 0 0 3 0x14200 cleaner cleaner 71082 480017 0 0 3 0x14200 reaper reaper 73250 133646 0 0 3 0x14200 pgdaemon pagedaemon 616 50895 0 0 3 0x14200 bored crynlk 90230 370123 0 0 3 0x14200 bored crypto 18321 347908 0 0 3 0x40014200 acpi0 acpi0 23187 136020 0 0 3 0x14200 bored softnet 74216 353091 0 0 3 0x14200 bored systqmp 24691 98997 0 0 3 0x14200 bored systq 25165 92974 0 0 3 0x40014200 bored softclock 83756 39726 0 0 3 0x40014200 idle0 5389 40080 0 0 3 0x14200 bored smr 1 217740 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9456 6326K 6453K 78643K 10565 0 pcb 13 8K 8K 78643K 17 0 rtable 105 3K 3K 78643K 191 0 ifaddr 44 10K 10K 78643K 46 0 counters 21 16K 16K 78643K 21 0 ioctlops 0 0K 2K 78643K 17 0 mount 1 1K 1K 78643K 1 0 vnodes 1217 76K 76K 78643K 1222 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 0K 0K 78643K 2 0 sem 4 0K 0K 78643K 4 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1794 195K 288K 78643K 12646 0 file desc 5 13K 25K 78643K 44 0 proc 48 38K 54K 78643K 359 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 2 0 in_multi 33 2K 2K 78643K 36 0 ether_multi 1 0K 0K 78643K 2 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 31 148K 148K 78643K 31 0 exec 0 0K 1K 78643K 181 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 99 21K 21K 78643K 956 0 UVM aobj 5 2K 2K 78643K 5 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 4 0 NDP 6 0K 0K 78643K 10 0 temp 66 3003K 3067K 78643K 1854 0 kqueue 3 4K 5K 78643K 7 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 rtpcb 80 19 0 17 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 23 0 15 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 182 0 182 1 0 1 1 0 8 1 tcpcb 544 14 0 10 1 0 1 1 0 8 0 inpcb 280 42 0 35 1 0 1 1 0 8 0 nd6 48 4 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 212 0 0 14 0 14 14 0 8 0 art_table 32 213 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 semapl 112 2 0 0 1 0 1 1 0 8 0 shmpl 112 3 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1430 0 29 46 0 46 46 0 8 0 ffsino 240 1430 0 29 83 0 83 83 0 8 0 nchpl 144 1680 0 66 60 0 60 60 0 8 0 uvmvnodes 72 1475 0 0 27 0 27 27 0 8 0 vnodes 208 1475 0 0 78 0 78 78 0 8 0 namei 1024 4037 0 4037 1 0 1 1 0 8 1 scxspl 192 4755 0 4755 1 0 1 1 0 8 1 plimitpl 152 14 0 7 1 0 1 1 0 8 0 sigapl 432 215 0 202 2 0 2 2 0 8 0 futexpl 56 282 0 282 1 0 1 1 0 8 1 knotepl 112 55 0 36 1 0 1 1 0 8 0 kqueuepl 104 10 0 8 1 0 1 1 0 8 0 pipelkpl 16 71 0 61 1 0 1 1 0 8 0 pipepl 120 142 0 123 1 0 1 1 0 8 0 fdescpl 432 216 0 202 2 0 2 2 0 8 0 filepl 120 1106 0 1010 4 0 4 4 0 8 1 lockfpl 104 5 0 4 1 0 1 1 0 8 0 lockfspl 48 3 0 2 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 19 0 9 1 0 1 1 0 8 0 ucredpl 96 53 0 46 1 0 1 1 0 8 0 zombiepl 144 202 0 202 1 0 1 1 0 8 1 processpl 896 230 0 202 4 0 4 4 0 8 0 procpl 624 251 0 216 4 0 4 4 0 8 1 sockpl 400 84 0 67 3 0 3 3 0 8 1 mcl4k 4096 10 0 10 2 1 1 1 0 8 1 mcl2k 2048 59951 0 59887 18 2 16 16 0 8 5 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 95091 0 94954 13 2 11 11 0 8 0 bufpl 280 4038 0 178 276 0 276 276 0 8 0 anonpl 16 36817 0 21813 62 1 61 61 0 107 0 amapchunkpl 152 1060 0 931 8 0 8 8 0 158 1 amappl16 192 942 0 124 42 0 42 42 0 8 0 amappl15 184 50 0 46 1 0 1 1 0 8 0 amappl14 176 30 0 27 1 0 1 1 0 8 0 amappl13 168 8 0 6 2 1 1 1 0 8 0 amappl12 160 9 0 8 2 1 1 1 0 8 0 amappl11 152 47 0 35 1 0 1 1 0 8 0 amappl10 144 14 0 12 1 0 1 1 0 8 0 amappl9 136 569 0 565 1 0 1 1 0 8 0 amappl8 128 104 0 87 1 0 1 1 0 8 0 amappl7 120 91 0 80 1 0 1 1 0 8 0 amappl6 112 54 0 50 1 0 1 1 0 8 0 amappl5 104 142 0 132 1 0 1 1 0 8 0 amappl4 96 423 0 396 1 0 1 1 0 8 0 amappl3 88 125 0 114 1 0 1 1 0 8 0 amappl2 80 945 0 877 3 0 3 3 0 8 1 amappl1 72 13559 0 13137 27 11 16 20 0 8 7 amappl 80 494 0 454 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 4 0 0 1 0 1 1 0 8 0 uaddrrnd 24 216 0 202 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 216 0 202 1 0 1 1 0 8 0 vmmpekpl 168 5659 0 5635 2 0 2 2 0 8 0 vmmpepl 168 33836 0 31940 155 7 148 148 0 357 65 vmsppl 272 215 0 202 2 0 2 2 0 8 1 pdppl 4096 438 0 404 6 0 6 6 0 8 1 pvpl 32 123064 0 105107 149 0 149 149 0 265 3 pmappl 200 215 0 202 1 0 1 1 0 8 0 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 153 0 7 5 0 5 5 0 8 0