kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Sun Feb 16 07:52:33 PST 2020 OpenBSD/amd64 (ci-openbsd-multicore-0.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.0.181' (ECDSA) to the list of known hosts. 2020/02/16 07:52:44 fuzzer started 2020/02/16 07:52:49 dialing manager at 10.128.15.235:34732 2020/02/16 07:52:49 syscalls: 337 2020/02/16 07:52:49 code coverage: enabled 2020/02/16 07:52:49 comparison tracing: enabled 2020/02/16 07:52:49 extra coverage: support is not implemented in syzkaller 2020/02/16 07:52:49 setuid sandbox: enabled 2020/02/16 07:52:49 namespace sandbox: support is not implemented in syzkaller 2020/02/16 07:52:49 Android sandbox: support is not implemented in syzkaller 2020/02/16 07:52:49 fault injection: support is not implemented in syzkaller 2020/02/16 07:52:49 leak checking: support is not implemented in syzkaller 2020/02/16 07:52:49 net packet injection: enabled 2020/02/16 07:52:49 net device setup: support is not implemented in syzkaller 2020/02/16 07:52:49 concurrency sanitizer: support is not implemented in syzkaller 2020/02/16 07:52:49 devlink PCI setup: support is not implemented in syzkaller 07:52:54 executing program 0: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSDIRFILT(r0, 0x8004427d, &(0x7f0000000040)=0x81) r1 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bpf\x00', 0x20000, 0x0) ioctl$BIOCSDIRFILT(r1, 0x8004427d, &(0x7f00000000c0)=0x5) r2 = getuid() r3 = getegid() lchown(&(0x7f0000000100)='./file0\x00', r2, r3) r4 = accept$unix(0xffffffffffffffff, &(0x7f0000000140)=@abs, &(0x7f0000000180)=0x8) getsockopt$SO_PEERCRED(r4, 0xffff, 0x1022, &(0x7f00000001c0), 0xc) r5 = dup2(0xffffffffffffff9c, r4) ioctl$BIOCGSTATS(r5, 0x4008426f, &(0x7f0000000200)) r6 = semget(0x2, 0x4, 0x1ac) r7 = geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0xc) semctl$IPC_SET(r6, 0x0, 0x1, &(0x7f00000002c0)={{0x1, r7, r8, 0xffffffffffffffff, r3, 0x83, 0xf4b}, 0x3f, 0xf3a, 0x72}) clock_settime(0x4, &(0x7f0000000340)={0x5, 0x7fffffff}) bind(r4, &(0x7f0000000380)=@in6={0x18, 0x2, 0xea, 0x10000}, 0xc) r9 = socket$inet6(0x18, 0x1, 0x2) listen(r9, 0x2) openat$tty(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/tty\x00', 0x800, 0x0) semctl$GETPID(r6, 0x4, 0x4, &(0x7f0000000400)=""/4096) semget$private(0x0, 0x2, 0x20) r10 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) connect(r10, &(0x7f0000001400)=@in6={0x18, 0x1, 0x80, 0xfffeffff}, 0xc) r11 = openat$wsdisplay(0xffffffffffffff9c, &(0x7f0000001440)='/dev/ttyCcfg\x00', 0x80, 0x0) ioctl$WSDISPLAYIO_WSMOUSED(r11, 0x80185758, &(0x7f0000001480)={0x18, 0x3f, {0xfffffffffffffff8, 0xbb6f}}) r12 = msgget(0x1, 0x100) msgctl$IPC_RMID(r12, 0x0) ioctl$KDENABIO(0xffffffffffffffff, 0x20004b3c) r13 = semget(0x3, 0x1, 0x10) semctl$SETALL(r13, 0x0, 0x9, &(0x7f00000014c0)=[0x2, 0x6, 0x1, 0x5, 0x6, 0x7, 0x7]) 07:52:54 executing program 1: r0 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000000)='/dev/wskbd0\x00', 0x2, 0x0) ioctl$FIOGETOWN(r0, 0x4004667b, &(0x7f0000000040)) r1 = openat$wsdisplay(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyCcfg\x00', 0x2, 0x0) ioctl$VT_GETMODE(r1, 0x40087603, &(0x7f00000000c0)) readlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=""/147, 0x93) r2 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x0, 0x140) ioctl$WSKBDIO_GETMODE(r2, 0x40045714, &(0x7f0000000240)) r3 = open$dir(&(0x7f0000000280)='./file0\x00', 0x80, 0x250) writev(r3, &(0x7f0000000380)=[{&(0x7f00000002c0)="2621f6eb102a6464c38380beb24f7f0f0345f4068e12ca5a8f5073d451f59e9a94b3f520479694141115733da788d90ca6bbe3c066fbf1d5e2eaa2d3ce519bdf54b0d1f3f660f0bf00b1034be6572da106b6e126a0a3e357a3f5243883d23d5fcf92bf312098bdb2e49770f4a3cbe7ffd19756fff0e3ac2f86b9bbe00093481fdd92f6aeb12b3c89aa22bd867a2032b31755288617d1", 0x96}], 0x1) r4 = fcntl$dupfd(0xffffffffffffff9c, 0xa, 0xffffffffffffffff) ioctl$VT_OPENQRY(r4, 0x40047601, &(0x7f00000003c0)) mkdir(&(0x7f0000000400)='./file0\x00', 0x20) fcntl$getown(r2, 0x5) lseek(r2, 0x0, 0x2, 0x0) open(&(0x7f0000000440)='./file0\x00', 0x80, 0x101) rename(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file0\x00') readlink(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)=""/184, 0xb8) pipe(&(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$WSDISPLAYIO_GBURNER(r5, 0x400c5752, &(0x7f0000000640)) rmdir(&(0x7f0000000680)='./file0\x00') getsockname$inet6(r2, &(0x7f00000006c0), &(0x7f0000000700)=0xc) r7 = openat$diskmap(0xffffffffffffff9c, &(0x7f0000000740)='/dev/diskmap\x00', 0x200, 0x0) ioctl$FIOSETOWN(r7, 0x8004667c, &(0x7f0000000780)=0xfffffff8) bind$inet(r6, &(0x7f00000007c0)={0x2, 0x0}, 0xc) r8 = semget$private(0x0, 0x3, 0x2) semctl$GETZCNT(r8, 0x0, 0x7, &(0x7f0000000800)=""/108) pwrite(0xffffffffffffffff, &(0x7f0000000880)="80eca8f18427449043141ac06a20c831bbefe9562d5cf241ca7d75e121d11a4bb932b2c65afee8393f15e5662d8974474cc9cf93507ceb5a8d9e5ef3304b0ba8688b4ef42faaa4e7fa3580d2568c64491eba6dec6d2b4e29d1f4db07272d264c212bdbddce0ae113b29a2aed73e8af6dc24d5437e06c92d96fc3", 0x7a, 0x0, 0xbcf) r9 = open(&(0x7f0000000900)='./file0\x00', 0x10, 0x101) ioctl$WSDISPLAYIO_SVIDEO(r9, 0x80045745, &(0x7f0000000940)=0x1) r10 = semget$private(0x0, 0x4, 0x400) semctl$SETALL(r10, 0x0, 0x9, &(0x7f0000000980)=[0x7c, 0x2, 0xff00, 0x9, 0xf4]) 07:52:55 executing program 0: openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x0, 0xd6, &(0x7f0000000000)="eb", 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) unveil(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='W\x00') unveil(&(0x7f0000000000)='./file0\x00', &(0x7f0000001580)='c\x00') getrusage(0x0, &(0x7f0000000100)) ioctl$TIOCSETVERAUTH(0xffffffffffffffff, 0x8004741c, &(0x7f0000000040)=0x7) 07:52:55 executing program 0: r0 = geteuid() r1 = getuid() setreuid(r1, r0) r2 = getgid() lchown(&(0x7f0000000080)='./file0\x00', r1, r2) semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000001c0)={{0x140, r1, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x5}) r3 = semget(0x2, 0x2, 0x31) semctl$GETNCNT(r3, 0x1, 0x3, &(0x7f00000000c0)=""/232) r4 = socket(0x11, 0x3, 0x0) sendto$unix(r4, &(0x7f0000002780)="5001050100000000c600000123070000081010fecea11ea8fef96eefc73fd3357ae26caa1016fa4f376336acf00b7804be781e4991f7c8df5f882b297be1aa5b23ed00f4c8b2b23ebbc257000000002e27acb5d602000d7d026ba8af63ff37282902e4fd89720fd3872babfb6a000000000000c12b310b404f36a00f900064e0629616b0a8e7000000020000000000000e0208b31fd3f80004ffff00000000000000009aeeff0000008539cda74d1467802813c67be2313927b913cebdbb7e563c73891d41f638837f11c34b0cceb2024d080000000640906fa45d709da9d158d945a2a5050000006e27749bbd97bb0d03fe2d04a1b9ff59865f1fde95d68896dc7ed7b187050098e04e34248daaf9231f0de030323b4125ce41203583671ac5e51a7a3dc1a0c21d548f2de6c031b7b303757e60642b45cbc5737b8e24017571fd97e58110ecaa340065f3482e093de7", 0x150, 0x0, 0x0, 0xfffffffffffffff3) getsockopt$sock_timeval(r4, 0xffff, 0x1005, &(0x7f0000000500), &(0x7f0000000540)=0x10) connect$unix(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000300000000"], 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r5 = socket(0x2, 0x1, 0x0) bind(r5, &(0x7f0000000000)=@un=@abs={0x0, 0xd}, 0x10) r6 = dup(r5) listen(r6, 0x0) setsockopt$sock_int(r5, 0xffff, 0x1002, &(0x7f00000001c0), 0x4) r7 = socket(0x2, 0x1, 0x0) socket(0x0, 0x0, 0x0) connect$unix(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="ff000000000200000784"], 0x10) openat$tty(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCMSET(0xffffffffffffffff, 0x8004746d, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) symlinkat(0x0, 0xffffffffffffffff, 0x0) ioctl$BIOCSETWF(0xffffffffffffffff, 0x80104277, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) sendto$unix(r7, &(0x7f00000011c0)='\x00', 0x14a, 0x1, 0x0, 0xfffffd7e) r8 = accept$unix(r6, 0x0, &(0x7f0000000580)=0xfffffffffffffd2c) recvfrom$unix(r8, &(0x7f0000001200)=""/4123, 0x13d0, 0x862, 0x0, 0x0) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000040)=[&(0x7f0000000280)='\x00', &(0x7f00000002c0)='\x00', &(0x7f0000000300)='-]\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='{\\.&!+\x00'], &(0x7f00000004c0)=[&(0x7f0000000400)='-]\x00', &(0x7f0000000440)='^$&]\xa9[.\x00', &(0x7f0000000480)='\x00']) 07:52:55 executing program 1: r0 = openat$bpf(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bpf\x00', 0x0, 0x0) ioctl$BIOCSETF(r0, 0x80104267, &(0x7f0000000380)={0x3, &(0x7f0000000040)=[{0x40}, {0x54}, {0x4006}]}) ioctl$BIOCSETIF(r0, 0x8020426c, &(0x7f0000000000)={'tap', 0x0}) syz_emit_ethernet(0xffffffef, &(0x7f0000000100)="ac01f600000000006b0e8b2210498838b204ed011210e19264d1fb0f53aa9ae65e46e4dedebf743efe85df999afc85cae8a0516e7cdbf09c4d926db8e24a1141a4a52a5973d39a029fefdc6740382579e3c5b7b1c59b720793c3e0566bd686a454d188d90cdca5fffb1f3b3dd43423ae6a634c177fb928a836ee4673169a474b54fffa549fdc112ebf523d5ecaafeb0a7a2c2d5fe883ca44ed84c125eae1a8cfc300d4aeaf0779ca53c861b1df") close(r0) r1 = semget(0x2, 0x0, 0x9) semctl$GETPID(r1, 0x3, 0x4, &(0x7f0000000080)=""/111) 07:52:56 executing program 1: r0 = open(&(0x7f0000001640)='./file1\x00', 0x9b67fcd6540aae6c, 0xd0) pwritev(r0, &(0x7f00000002c0)=[{&(0x7f0000000240)="5108bee10418", 0xfffffdd6}], 0x283, 0x0, 0x0) mmap(&(0x7f0000000000/0x13000)=nil, 0x13000, 0x5, 0x10, r0, 0x0, 0x0) ioctl$PCIOCREAD(r0, 0xc0107002, &(0x7f0000000040)) r1 = socket(0x2, 0x8002, 0x0) r2 = socket(0x18, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$TIOCFLUSH(r3, 0x8080691a, &(0x7f0000000300)) pwrite(r3, &(0x7f0000000080)="de5dd14255a76ea057656a535502b27e6ea0e8716b049dde6d4f39fe9ee69b3798003ff523d7034e6044629a4c84d17a8f27888a53f4789ddb53879bf0299f04a6c343233f76a4dda4eb9c8d0d9b83c35bcad6aa1e6e14d461f3cdabe9c5635b7f626641ff90732a55d767107ab577dc2c227d7801fd7025efe46c30dd34903f5d1e6862f3aa559b", 0x88, 0x0, 0x5) ioctl$FIONBIO(r1, 0x8004667e, &(0x7f0000000000)) r4 = socket(0x18, 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$TIOCFLUSH(r5, 0x8080691a, &(0x7f0000000300)) r6 = dup2(r5, 0xffffffffffffff9c) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, 0x3010, r6, 0x0, 0x8000) 07:52:56 executing program 1: kevent(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)=[{{}, 0xffffffffffffbffe}], 0x0, 0x0) r0 = socket(0x18, 0x1, 0x0) close(r0) r1 = socket(0x800000018, 0x1, 0x0) r2 = dup2(r0, r1) ioctl$TIOCSETAF(r2, 0x802c7416, &(0x7f0000000080)={0x0, 0x0, 0x1fd, 0x0, "00000000e74de40000000400000000000600", 0xffffffff}) bind$unix(r1, &(0x7f0000000080)=@abs={0x1f95d27d48731892}, 0x1c) connect$unix(r0, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) 07:52:56 executing program 0: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[0x0, 0xfffffffffffffffa, 0x0, 0x140000000000000, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1000000000000], [0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3], [0x0, 0x0, 0x0, 0x9, 0x3ff], [0x0, 0x0, 0x4], [{0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4000000000000000}], {0x0, 0x0, 0xfffffffe}}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket(0x18, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) nanosleep(&(0x7f0000000000)={0x2, 0x77d}, 0x0) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) 07:52:56 executing program 1: mknod(&(0x7f0000000140)='./bus\x00', 0x2000, 0x4000000005bcd) unveil(&(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='r\x00') r0 = socket(0x18, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCFLUSH(r1, 0x8080691a, &(0x7f0000000300)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r3 = socket(0x18, 0x2, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$TIOCFLUSH(r4, 0x8080691a, &(0x7f0000000300)) r5 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r5, 0x0, r5) fcntl$dupfd(r4, 0xa, r5) r6 = socket(0x18, 0x2, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$TIOCFLUSH(r7, 0x8080691a, &(0x7f0000000300)) r8 = openat$pci(0xffffffffffffff9c, &(0x7f0000000180)='/dev/pci\x00', 0x10000, 0x0) r9 = openat$pci(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/pci\x00', 0x200, 0x0) r10 = socket(0x1, 0x4, 0x40) r11 = openat$klog(0xffffffffffffff9c, &(0x7f0000000200)='/dev/klog\x00', 0x8, 0x0) r12 = openat$wskbd(0xffffffffffffff9c, &(0x7f0000000340)='/dev/wskbd0\x00', 0x40, 0x0) r13 = socket(0x18, 0x2, 0x0) r14 = fcntl$dupfd(r13, 0x0, r13) ioctl$TIOCFLUSH(r14, 0x8080691a, &(0x7f0000000300)) r15 = socket(0x18, 0x2, 0x0) r16 = fcntl$dupfd(r15, 0x0, r15) ioctl$TIOCFLUSH(r16, 0x8080691a, &(0x7f0000000300)) r17 = fcntl$dupfd(r16, 0xa, 0xffffffffffffff9c) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r19 = socket(0x18, 0x2, 0x0) r20 = fcntl$dupfd(r19, 0x0, r19) ioctl$TIOCFLUSH(r20, 0x8080691a, &(0x7f0000000300)) r21 = socket(0x18, 0x2, 0x0) r22 = fcntl$dupfd(r21, 0x0, r21) ioctl$TIOCFLUSH(r22, 0x8080691a, &(0x7f0000000300)) r23 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r23, 0x0, r23) r24 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r24, 0x0, r24) r25 = fcntl$dupfd(r23, 0x0, r24) r26 = fcntl$dupfd(0xffffffffffffff9c, 0xa, r24) r27 = dup(0xffffffffffffff9c) r28 = openat$speaker(0xffffffffffffff9c, &(0x7f0000000500)='/dev/speaker\x00', 0x200, 0x0) kevent(r1, &(0x7f0000000240)=[{{r2}, 0xfffffffffffffffe, 0x2, 0x20000000, 0x0, 0x3}, {{r28}, 0xfffffffffffffffa, 0x0, 0x80, 0x3, 0x1}, {{r7}, 0xfffffffffffffffc, 0x0, 0x10, 0x5, 0x7f}, {{r8}, 0xffffffffffffffff, 0xd, 0x4, 0x7, 0x4}, {{r9}, 0xfffffffffffffffd, 0x20, 0x40, 0x9, 0x10000}, {{r10}, 0xfffffffffffffffd, 0x5, 0x20000000, 0x2, 0x6}, {{r11}, 0xfffffffffffffffa, 0x0, 0x2, 0x5, 0x8}], 0x81, &(0x7f00000003c0)=[{{r12}, 0xfffffffffffffff9, 0x14, 0x20, 0x4, 0x9}, {{r14}, 0xffffffffffffffff, 0x1b, 0x20000010, 0x7, 0x3ff000000000}, {{r17}, 0xfffffffffffffff8, 0xa2, 0x1, 0x44, 0x8}, {{r18}, 0xfffffffffffffffb, 0x0, 0x40, 0x7, 0x7}, {{r27}, 0xffffffffffffffff, 0x4, 0x4, 0x7ff, 0xfff}, {{r26}, 0xfffffffffffffffd, 0x0, 0xb6a3939304874c67, 0xfffffffffffff001, 0x67ad}, {{r25}, 0xfffffffffffffffd, 0xe, 0x4, 0x2}], 0xff, &(0x7f00000004c0)={0x200, 0x8}) r29 = open(&(0x7f0000000000)='./bus\x00', 0x80, 0x0) ioctl$TIOCFLUSH(r29, 0x82907003, &(0x7f0000000080)) 07:52:56 executing program 0: r0 = socket(0x2, 0x1, 0x0) connect$unix(r0, &(0x7f0000000c80)=ANY=[@ANYBLOB="82022e2fac1400bb7d81b0a5ed56c0c0c7a8c14017c92a3953ff2b0f80981ade61efa008e59e940e6d8ccf9b1bcc9d5d0cdb02000000c75b3202000000a2aacf1b001553e098973c85ceb7d135bfd18a07634d3910e956ea948281d66d7250432ad91508000cf85f8783602a67897cff7f000000000000f371e8cfaa1d4ab424b614911f88d3525e34e763128666ee7877bf9753b6bdae4c5b436e445960fa6b980ac1fa4aab44f0323348f261b51f15e3fdbe4feb82017eec1358441dd3ee1620b4d2009fe508376b6399752fd96cb58d127addb390071baff955a58c179770ce1f000000d940682065385ec5c9762c34c7881a9506ffc85e43782e717e29127ca8c256b248000000009b9787677d4c5c02fe750a8cb46e306bea130879264ab70bf9c0aa0eb72598cb90fd03b162460c683ff8a85a93ad6fb2ca6263184a05cc059fef6bef339f78b4f9da521ee1e53fd26f52249c901f022f19975028aed2b700c9076d0612112dd4db4a40bb3c7f82fdea31227c8d54e904d389e61651a28671f6aaacfcff282f7ec1a852494e378081f231927b35672f0c21405cac7db956b7fa3158d2dc0f679159e040bc31a8529000b88e516881ccf0cfef49b6348ce400095bb49d06bf62577f46c840d34b6362e9f9810cfec14d447dadc21aa457b780274e6e68e9c11aafa3f23f0e31941c0a490c909efad7e776a2b1f04e2a71c4d06bcc2a72bb272a9eb7d255410a663e9196ef274484fffad868e059f2804a365f01f67028865569ce3e0104000000000000900000009137e3f0e7a5f89b68cf7c65b7adaf2c808d24a768318e4fa7cb04cace50d549e7e752a3828ceec5948c15b42139f49354a211039146905d202634626670e584885cd5c53ac73465afaab1cd39be95373a87ca277d106467be6f22eb2f861d9f834c274a19392429d476bde11689127431fcd756a8c3371a5f12beabd87b043e8b70cf9081e0b2f13f03a0776ec2eed29ed2709c068fb3ea586bee5c3bc1dec12052fa12fc688f7de2efba940f8e65918932829c630000000000000000f003d28b86e5b8f9983f49000000000000000073ab30cba944b5927efd33d319ed0d4573b4000000000000e2eaf9ba91b98365d6d337561564d2c4c7b45d87639f69c2b83d9fb892f6aea66ac2c632eee0bb5b086a0edda19af759e4905cdcddfb02696fd79769fb05347de39d9fa81504ce2ddd948b0ddab3f47e15c7f51c88a73831148eb67f88a113f50deb0a7a5a8132ef2b6d9aca7b2a6906d871a780b2e7548681231afafc3c752f2661acd9aad49386d95cecbced71693f00000000000000e4053a5103684be538c40e46b0993641250b7e69860f55da25404e6489500fef1f90532eb9e0840618fdc7f9fb467638f83d401fe57ee86fa642e9bad7ed751d79d3cbb15058810b243e38c7723358643889de02d97da9d096637071666cfbf0259fc5b9321f5a3b0552cea32380954ff38932dd10b70cb044cb97cf201ab4fa56e9f41d447f5ff588520f3f7cbf229cc322f1fcbea40a9be720dcb67df99ae37b51b9020000000000000070a08059947700000000f282ebea0ea0e3cff50258a2b04c9cdebab09df2ebf0ceaa8d264282aba8256155ba5529eb2f1c311d3fdb2a50ff294204e837acead22c5099d8104cb4e5cf2bd7376bdcc99d2e10e5eb5df707d876bb598905401311ce35b2a002422837255932851bac20b69e28e45e6ea829361de1dcfedfd6ba7e79a4ac39ff715897c07bc44a581387dc8c6ddcf01fa61e6e50f7c51a2d8aa8f88f265b5600d841f85fe4e98cefb0ad1cb2147e154be17a6ca5c9ca702bbb4772cabbbbb70209affa17f984de08d718027ab9d940f0b0c1e54ff0f998c8a4c8e382591cd37534df534a458c97b7e6d9cee07c6f8537ef699461e520d70614d848744d33dc8f90eb5ac109c57e97cdb0c78092b66fa03fb49b242fd3f9e6bb80dfc78c2d674f364ed79f70034a59c4692e711c671274276e0c128435721d84e5d8398ad78f9735cdc7deba70a6982fe7660713d7be4b5ec92f418c373a9e04d40cde7314b50dda5c30146906d84d65e2ff02e77dcca8cc7722a84bb0431a1c0be11ca979d5cd1975741f226167ba662fa6c3297f779e2511b3b9112fa7eb9787463da03047e267a0d232f4381b8e4030905938a64abc812d6d90ece6f0704406cdb53701e315f6a434f822ccdc9e14acec8c824d5db4cf9adfba5620f6d61ed51c7023696eb0a79222189068ad203a59277c1c148fde018da47e3b65c570b26fb81768d1d2c04083451b393b06997c812f920c4b36659780bb73b057c7fa673296bfd14a111245905b98c4dd6a7b8366e3f94730ae2d575ddf11d564612561ec7ff1799c2e1262d58c91c38c993d3fb78e178e101d966f3dd063d08a49abd7e488033857d6c223f777b0c66eacd993277e97da00fcdaaa01cb9d29bb57918cb58c0cd9b22f16c707b3c2a3c08eadeb955a6a6ccaebf5d45b0ff87fbcbfc74fabdc3884b001546d71eb3ce6fb48c51e5c4f0cefe6c39bf18547d972a74734ed5d325c146da0f3e8bc42591c4e6318f2ef4771d50c5004e7229375080492b9b8e6bf25f09806513abc794c152b1971812437d267ab0241beab877114b9e089466770499457a3d325255f2f46187407247f36000000000000"], 0x10) 07:52:56 executing program 1: ioctl$WSMUXIO_INJECTEVENT(0xffffffffffffffff, 0x80185760, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x10000000000001}}) ioctl$DIOCMAP(0xffffffffffffffff, 0xc0106477, &(0x7f0000000040)={0x0}) ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x6, 0x4b, 0xffffffffffffffff, 0x0, "00000000000000000000f2ffffffffffffff4000"}) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0/file0\x00'}, 0x10) r0 = socket(0x2, 0x3, 0x1) connect$unix(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="00012e2f66696c6d3000"], 0x10) sendto$unix(r0, &(0x7f0000000100)="749703170f000000", 0x8, 0x0, 0x0, 0x0) fsync(r0) pipe2(&(0x7f0000000080), 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6}, 0x1c) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) mkdir(&(0x7f00000000c0)='./file0/file0\x00', 0x0) mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') connect$unix(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRES16=r0], 0x1) ioctl$TIOCSETAF(0xffffffffffffffff, 0x802c7416, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, "010000000000000000ffffff7f00"}) 07:52:56 executing program 1: r0 = syz_open_pts() r1 = socket(0x18, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$TIOCFLUSH(r2, 0x8080691a, &(0x7f0000000300)) ioctl$TIOCMGET(r2, 0x4004746a, &(0x7f00000001c0)) ioctl$TIOCSETAF(r0, 0x802c7416, &(0x7f0000000000)={0x0, 0x0, 0x90d4, 0x0, "d70500e7ffffff14006bffca0000000000e74de4"}) select(0x40, &(0x7f0000000140)={0x25}, 0x0, 0x0, 0x0) syz_open_pts() ioctl$FIOASYNC(r0, 0x8004667d, &(0x7f0000000100)=0x9) r3 = openat$wsdisplay(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyCcfg\x00', 0x400, 0x0) ioctl$VT_OPENQRY(r3, 0x40047601, &(0x7f00000000c0)) ioctl$TIOCSETAW(r0, 0x802c7415, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, "c7a49c245e1cbc944b683354391ce853ac5787f9"}) ioctl$KDSETLED(r3, 0x20004b42, &(0x7f0000000180)=0x6) 07:52:57 executing program 0: ioctl$VMM_IOC_WRITEREGS(0xffffffffffffffff, 0x82485608, &(0x7f0000000240)={0x0, 0x0, 0x0, {[0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000002], [0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xff, 0x0, 0x0, 0x0, 0x8000000000000000], [0x0, 0x0, 0x0, 0x9, 0xff7fffffffffffff], [0x0, 0x0, 0x401, 0x0, 0x200], [{0x400, 0xfffffff9}, {}, {}, {}, {}, {}, {0xbee, 0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x2}]}}) ioctl$BIOCSETIF(0xffffffffffffffff, 0x8020426c, &(0x7f0000000300)={'tap', 0x0}) r0 = socket(0x11, 0x4003, 0x0) sendto$unix(r0, &(0x7f0000000100)="b100050460000000000008000501000000000000ce24fea7fef96eefc73fd3357ae26caa0416fa76d06336acf00b7804be781e4991f7c8df5f882b2b7be1aa5b23ed00f4c8b2ca3ebbc657699a1f132e27ecb5d602000d7d026ba8af63ff37282921e4fd89720fd3872babfbb770c1abda71601a8bfee8aca4911faff5a872c881ff7ca93c894303b22f310b404f36a00f9000fcffe0ffe608a371a3f80004000000000000000100"/177, 0xb1, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r1 = socket(0x18, 0x2, 0x0) r2 = socket(0x18, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$TIOCFLUSH(r3, 0x8080691a, &(0x7f0000000300)) ioctl$BIOCSETF(r3, 0x80104267, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0xfffe, 0x1f, 0x9e, 0x6}, {0x1f, 0x9, 0x0, 0x7}, {0x8e0, 0x40}]}) ioctl$BIOCSETIF(r3, 0x8020426c, &(0x7f0000000080)={'tap', 0x0}) r4 = fcntl$dupfd(r1, 0x0, r1) mprotect(&(0x7f0000780000/0x4000)=nil, 0x4000, 0x4) ioctl$TIOCFLUSH(r4, 0x8080691a, &(0x7f0000000300)) 07:52:57 executing program 0: r0 = semget$private(0x0, 0x5, 0x20e) r1 = semget$private(0x0, 0x5, 0x20e) semop(r1, &(0x7f0000001640)=[{0x0, 0x5022, 0x1000}, {0x1, 0x10001, 0x7351d18524d2e3a2}], 0x2) semctl$SETVAL(0xffffffffffffffff, 0x3, 0x8, &(0x7f0000000480)=0x7) semop(r1, &(0x7f0000000140)=[{0x3, 0x7fffffff, 0x1000}, {0x0, 0x800, 0x1000}, {0x0, 0xd78d, 0x3400}, {0x4, 0x401, 0x3000}, {0x1}, {0x8b736a9ac564d422, 0x7f, 0x1c00}, {0x2, 0x42c, 0x1800}, {0x3, 0x5}, {0x0, 0xffffffffffffff80, 0x1400}], 0x9) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$SETVAL(r1, 0x2, 0x8, &(0x7f0000000100)=0x5) semop(r0, &(0x7f0000000180)=[{0x0, 0x5022, 0x1000}, {0x1, 0x10001}], 0x2) semctl$SETVAL(r0, 0x3, 0x8, &(0x7f0000000480)=0x7) semop(r0, &(0x7f0000000140)=[{0x3, 0x7fffffff, 0x1000}, {0x0, 0x800, 0x1000}, {0x0, 0xd78d, 0x3400}, {0x4, 0x401, 0x3000}, {0x1}, {0x8b736a9ac564d422, 0x7f, 0x1c00}, {0x2, 0x42c, 0x1800}, {0x3, 0x5}, {0x0, 0xffffffffffffff80, 0x1400}], 0x9) semctl$IPC_RMID(r0, 0x0, 0x0) semctl$GETNCNT(r0, 0x0, 0x3, &(0x7f0000000000)=""/132) r2 = open(&(0x7f0000000040)='./bus\x00', 0x1, 0x0) write(r2, &(0x7f0000000200)="220e2a", 0x3) msgget$private(0x0, 0x40) ioctl$KDENABIO(r2, 0x20004b3c) r3 = socket(0x18, 0x1, 0x0) close(r3) r4 = socket(0x18, 0x1, 0x0) setsockopt(r4, 0x29, 0x36, &(0x7f0000000140), 0x4) shutdown(r4, 0x0) ioctl$TIOCSETA(0xffffffffffffffff, 0x802c7414, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, "0000000000000200"}) connect$unix(r3, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) 07:52:57 executing program 1: r0 = socket(0x2, 0x10000000000003, 0x0) close(r0) r1 = socket(0x1, 0x8000, 0x2f) mlock(&(0x7f0000001000/0x2000)=nil, 0x800000) execve(&(0x7f0000001cc0)='./file0\x00', &(0x7f0000001980)=[&(0x7f0000001c80)='&#@,@\\{(/[\x00', &(0x7f0000001c40)='\x00', &(0x7f0000001940)='}^-.@\x00'], &(0x7f0000001b40)=[&(0x7f00000019c0)='@:\x00', &(0x7f0000001a00)='[(\x00', &(0x7f0000001ac0)='^\x00', &(0x7f0000001b00)=':.\x00']) r2 = open$dir(&(0x7f0000000000)='./file0\x00', 0x10202, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1, 0x10, r2, 0x0, 0x0) r3 = syz_open_pts() pwritev(r2, &(0x7f0000001bc0)=[{&(0x7f0000000140)="04", 0x1}], 0x1, 0x0, 0x0) r4 = syz_open_pts() mkdir(&(0x7f0000001b80)='./file0\x00', 0xf9) openat$wsdisplay(0xffffffffffffff9c, &(0x7f0000001880)='/dev/ttyCcfg\x00', 0x81, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r6 = dup(r5) ioctl$WSDISPLAYIO_GETEMULTYPE(r6, 0x40047309, &(0x7f00000000c0)={0x0, './file0\x00'}) ioctl$WSDISPLAYIO_LSFONT(r6, 0xc058574e, &(0x7f0000001d80)) r7 = open$dir(&(0x7f0000000200)='./file0\x00', 0x8080, 0x0) close(r2) r8 = dup(r2) semget$private(0x0, 0x4, 0x303) r9 = syz_open_pts() ioctl$WSDISPLAYIO_LDFONT(r8, 0x8058574d, &(0x7f0000001780)={'./file0\x00', 0x2, 0x8, 0x5, 0x2, 0x5, 0x2, 0xffffffff, 0x1, 0x0, 0x7f, 0x4}) ioctl$TIOCSETA(r9, 0x802c7414, &(0x7f0000002480)={0x0, 0x0, 0x0, 0x0, "855c55000267a7230000001a0000000000000040"}) getsockopt$sock_timeval(r7, 0xffff, 0x1006, &(0x7f0000001800), &(0x7f0000001840)=0x10) ioctl$TIOCEXCL(r8, 0x2000740d) utimes(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={{0xba0f, 0xfffffffffffff11d}, {0x493, 0x100000001}}) ioctl$TIOCFLUSH(r4, 0x80047410, &(0x7f00000001c0)=0xff80000000000000) readv(r3, 0x0, 0x0) ioctl$TIOCCDTR(r8, 0x20007478) r10 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r10, 0x0, r10) r11 = socket(0x18, 0x2, 0x0) r12 = fcntl$dupfd(r11, 0x0, r11) ioctl$TIOCFLUSH(r12, 0x8080691a, &(0x7f0000000300)) dup2(r10, r12) fcntl$dupfd(r1, 0x0, r5) ioctl$KDGKBMODE(r6, 0x40044b06) 07:52:57 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x200000000000c, &(0x7f0000000040)="eaff125c00000000", 0x8) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r1, 0x0, 0x200000000000c, &(0x7f0000000040)="eaff125c00000000", 0x8) r2 = open(&(0x7f00000000c0)='./file0\x00', 0x100, 0xb) setsockopt$inet_opts(r0, 0x0, 0x1, &(0x7f0000000200)="700835d7880d03940773b7b50ce10fbc7a17910167dfdb2976e9ed2fa7c6b4ffddd40d3ecb0117273a7c6d2760b4a61c19e7132baa93ce2359984b84367ed79ac99877f49dd59f25a8736f8cdb61890d6bcc160d984c8c2dfe620828bae2cceb34c5f690de2246a6b73f5f79a40b7eaa0ea0d947", 0x74) r3 = socket(0x18, 0x2, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$TIOCFLUSH(r4, 0x8080691a, &(0x7f0000000300)) renameat(r2, &(0x7f0000000100)='./file0\x00', r4, &(0x7f0000000140)='./file0\x00') setsockopt$inet_opts(r1, 0x0, 0x200000000000c, &(0x7f0000000000)="ea00005c00000000", 0x8) setsockopt$inet_opts(r1, 0x0, 0x200000000000c, &(0x7f0000000080)="eaef125c00000000", 0x8) setsockopt$inet_opts(r1, 0x0, 0x200000000000d, &(0x7f0000000040)="eaff125c00000000", 0x8) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x80, 0x0) r6 = socket(0x18, 0x2, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$TIOCFLUSH(r7, 0x8080691a, &(0x7f0000000300)) mknodat(r7, &(0x7f0000000280)='./file0\x00', 0x2000, 0x3) bind$inet(r5, &(0x7f00000001c0)={0x2, 0x1}, 0xc) 07:52:57 executing program 0: mknod(&(0x7f0000000080)='./bus\x00', 0x2080, 0x28af) r0 = semget$private(0x0, 0x4, 0x408) semop(r0, &(0x7f00000003c0)=[{0x8, 0x8, 0x1000000}, {0x2, 0xfffffffffffffffd, 0x1000}, {0x2000000003, 0x100, 0x7fc}], 0x3) semop(r0, &(0x7f0000000400)=[{0x1, 0x0, 0x3400}, {0x0, 0x4, 0x800}, {0x1, 0x2, 0xc00}, {0x3, 0x4, 0x800}, {0x1, 0x40, 0x9286000ee7827ecc}], 0xa4) semctl$SETALL(r0, 0x0, 0x9, &(0x7f00000000c0)=[0x83, 0x10001, 0xd]) semctl$SETALL(r0, 0x0, 0x9, &(0x7f0000000180)=[0xfffffffffffffff8, 0x81, 0x7fffffff, 0x6b12, 0x8, 0x1f, 0x9]) semop(r0, &(0x7f0000000240)=[{0x1, 0x6, 0x1000}, {0x0, 0x40, 0x1800}, {0x0, 0x3, 0x7fc}, {0x3, 0x7, 0x1000}, {0x3, 0x68, 0x1000}, {0x3, 0xfffffffffffffffc, 0x1000}, {0x1, 0xfffffffffffffff8, 0x1000}, {0x2, 0xad, 0x1000}], 0x8) semop(r0, &(0x7f0000000240), 0x6) getsockopt$SO_PEERCRED(0xffffffffffffff9c, 0xffff, 0x1022, &(0x7f0000000000)={0x0, 0x0}, 0xc) r2 = getegid() socketpair(0x1, 0x2, 0xa1, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$SO_PEERCRED(r3, 0xffff, 0x1022, &(0x7f0000000200)={0x0, 0x0}, 0xfffffffffffffdf7) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r7 = socket(0x18, 0x2, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$TIOCFLUSH(r8, 0x8080691a, &(0x7f0000000300)) r9 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r9, 0x0, r9) r10 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x8000, 0x0) r11 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r11, 0x0, r11) r12 = socket(0x18, 0x2, 0x0) fcntl$dupfd(r12, 0x0, r12) poll(&(0x7f0000000280)=[{r8, 0x81}, {r9, 0x40}, {0xffffffffffffffff, 0x4}, {r10, 0x10}, {r11, 0x8}, {r12, 0x86}, {0xffffffffffffff9c, 0x1a}, {r4, 0x40}], 0x8, 0x8) ioctl$TIOCSETVERAUTH(r6, 0xc0107002, &(0x7f0000000000)=0x280000) getsockopt$sock_cred(r6, 0xffff, 0x1022, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f00000000c0)=0xc) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000100)={{0x3, r1, r2, r5, r13, 0x4}, 0x200, 0x401, 0x2}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r14, 0xffff, 0x1022, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f00000000c0)=0xffffff80) lchown(&(0x7f0000000000)='./file0\x00', 0x0, r15) getgroups(0x1, &(0x7f0000000180)=[r15]) chown(&(0x7f0000000040)='./bus\x00', r1, r15) r16 = open(&(0x7f0000000140)='./bus\x00', 0x1, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x8000, 0x47) pwritev(r16, &(0x7f0000002380)=[{&(0x7f0000000180)="000000024c8a44e1caa5b30bdfc982955d37c1c103287f07", 0x6f}], 0x1, 0x0, 0x0) login: panic: receive 3: so 0xfffffd806f6ec190, so_type 3, m 0xfffffd80679ee700, m_type 0 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 414296 92542 0 0 0x4000080 1 syz-executor.0 * 88809 38834 0 0 0 0K dhclient db_enter() at db_enter+0x18 panic(ffffffff821cfef0) at panic+0x15c soreceive(fffffd806f6ec190,0,ffff800020aad778,0,0,ffff800020aad684) at soreceive+0x1727 soo_read(fffffd8073df1390,ffff800020aad778,0) at soo_read+0x53 dofilereadv(ffff800020a6cc38,6,ffff800020aad778,0,ffff800020aad860) at dofilereadv+0x1a1 sys_read(ffff800020a6cc38,ffff800020aad810,ffff800020aad860) at sys_read+0x83 syscall(ffff800020aad8e0) at syscall+0x4a4 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffbf200, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic receive 3: so 0xfffffd806f6ec190, so_type 3, m 0xfffffd80679ee700, m_type 0 ddb{0}> trace db_enter() at db_enter+0x18 panic(ffffffff821cfef0) at panic+0x15c soreceive(fffffd806f6ec190,0,ffff800020aad778,0,0,ffff800020aad684) at soreceive+0x1727 soo_read(fffffd8073df1390,ffff800020aad778,0) at soo_read+0x53 dofilereadv(ffff800020a6cc38,6,ffff800020aad778,0,ffff800020aad860) at dofilereadv+0x1a1 sys_read(ffff800020a6cc38,ffff800020aad810,ffff800020aad860) at sys_read+0x83 syscall(ffff800020aad8e0) at syscall+0x4a4 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffbf200, count: -8 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff800020aad4c0 rbx 0xffff800020aad570 rdx 0xffff800020a6cc38 rcx 0 rax 0 r8 0xffffffff8162977f kprintf+0x16f r9 0x1 r10 0x25 r11 0x366394b43681b68e r12 0x3000000008 r13 0xffff800020aad4d0 r14 0x100 r15 0x1 rip 0xffffffff81844358 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800020aad4b0 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{0}> show proc PROC (dhclient) pid=88809 stat=onproc flags process=0 proc=0 pri=24, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff800020a6c758,0xffff800020a6d128 process=0xffff800020a812d0 user=0xffff800020aa8000, vmspace=0xfffffd807f000170 estcpu=0, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 49802 345160 72181 0 3 0x3000 suspend syz-executor.1 49802 445107 72181 0 2 0x4081080 syz-executor.1 49802 173336 72181 0 2 0x4081080 syz-executor.1 92542 410363 6184 0 2 0 syz-executor.0 92542 414296 6184 0 7 0x4000080 syz-executor.0 92542 62243 6184 0 3 0x4000080 fsleep syz-executor.0 72181 373095 30291 0 2 0x482 syz-executor.1 6184 188557 30291 0 3 0x82 nanosleep syz-executor.0 30291 280717 94565 0 3 0x82 thrsleep syz-fuzzer 30291 304647 94565 0 3 0x4000082 thrsleep syz-fuzzer 30291 85725 94565 0 3 0x4000082 thrsleep syz-fuzzer 30291 449525 94565 0 3 0x4000082 thrsleep syz-fuzzer 30291 265107 94565 0 3 0x4000082 thrsleep syz-fuzzer 30291 475184 94565 0 3 0x4000082 thrsleep syz-fuzzer 30291 468256 94565 0 3 0x4000082 kqread syz-fuzzer 30291 382709 94565 0 3 0x4000082 thrsleep syz-fuzzer 30291 28821 94565 0 3 0x4000082 thrsleep syz-fuzzer 30291 167938 94565 0 3 0x4000082 thrsleep syz-fuzzer 30291 99604 94565 0 3 0x4000082 thrsleep syz-fuzzer 94565 510579 92543 0 3 0x10008a pause ksh 92543 423272 51726 0 3 0x92 select sshd 78045 358572 1 0 3 0x100083 ttyin getty 51726 375608 1 0 3 0x80 select sshd 96474 14652 39473 74 3 0x100092 bpf pflogd 39473 77587 1 0 3 0x80 netio pflogd 42885 159598 42316 73 3 0x100090 kqread syslogd 42316 129877 1 0 3 0x100082 netio syslogd 95489 191436 1 77 3 0x100090 poll dhclient *38834 88809 1 0 7 0 dhclient 80484 397774 0 0 2 0x14200 zerothread 80872 118488 0 0 3 0x14200 aiodoned aiodoned 31672 121358 0 0 3 0x14200 syncer update 53999 348805 0 0 3 0x14200 cleaner cleaner 79567 496210 0 0 3 0x14200 reaper reaper 99858 123650 0 0 3 0x14200 pgdaemon pagedaemon 39375 338746 0 0 3 0x14200 bored crynlk 39820 196707 0 0 3 0x14200 bored crypto 52951 99957 0 0 3 0x40014200 acpi0 acpi0 47962 253320 0 0 3 0x40014200 idle1 87862 275327 0 0 3 0x14200 bored softnet 27566 494085 0 0 3 0x14200 bored systqmp 91064 429693 0 0 3 0x14200 bored systq 97291 33795 0 0 3 0x40014200 bored softclock 45870 399673 0 0 3 0x40014200 idle0 34924 301335 0 0 3 0x14200 bored smr 1 479137 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 38834 (dhclient) thread 0xffff800020a6cc38 (88809) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82653868) #0 witness_lock+0x52e #1 solock+0x66 #2 soreceive+0x114 #3 soo_read+0x53 #4 dofilereadv+0x1a1 #5 sys_read+0x83 #6 syscall+0x4a4 #7 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9477 6401K 6527K 78643K 10583 0 pcb 13 8K 8K 78643K 17 0 rtable 108 11K 12K 78643K 216 0 ifaddr 49 11K 11K 78643K 56 0 counters 45 34K 34K 78643K 45 0 ioctlops 0 0K 4K 78643K 1471 0 iov 0 0K 12K 78643K 2 0 mount 1 1K 1K 78643K 1 0 vnodes 1220 77K 77K 78643K 1230 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 11 0K 0K 78643K 19 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 196K 290K 78643K 12766 0 file desc 6 17K 25K 78643K 51 0 proc 59 63K 95K 78643K 446 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 8 0K 0K 78643K 8 0 in_multi 36 2K 2K 78643K 36 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 43 201K 201K 78643K 43 0 exec 0 0K 1K 78643K 211 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 115 22K 31K 78643K 1082 0 UVM aobj 2 2K 2K 78643K 2 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 7 0K 0K 78643K 11 0 temp 74 3020K 3084K 78643K 2105 0 kqueue 3 4K 4K 78643K 3 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 23 0 21 1 0 1 1 0 8 0 rtentry 112 45 0 1 2 0 2 2 0 8 0 unpcb 120 29 0 19 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 270 0 270 2 0 2 2 0 8 2 tcpcb 544 24 0 20 1 0 1 1 0 8 0 inpcb 280 105 0 88 2 0 2 2 0 8 0 nd6 48 6 0 0 1 0 1 1 0 8 0 pfosfp 40 846 0 423 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 13 0 0 1 0 1 1 0 8 0 pfstkey 112 13 0 0 1 0 1 1 0 8 0 pfstate 328 13 0 0 2 0 2 2 0 8 0 pfrule 1360 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 188 0 0 12 0 12 12 0 8 0 art_table 32 189 0 0 2 0 2 2 0 8 0 art_node 16 44 0 4 1 0 1 1 0 8 0 semupl 112 4 0 3 1 0 1 1 0 8 0 semapl 112 13 0 4 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1456 0 48 46 0 46 46 0 8 0 ffsino 272 1456 0 48 95 0 95 95 0 8 0 nchpl 144 1719 0 98 61 0 61 61 0 8 0 uvmvnodes 72 1504 0 0 28 0 28 28 0 8 0 vnodes 208 1504 0 0 80 0 80 80 0 8 0 namei 1024 4414 0 4414 1 0 1 1 0 8 1 percpumem 16 33 0 0 1 0 1 1 0 8 0 scxspl 192 4985 0 4985 2 1 1 2 0 8 1 plimitpl 152 15 0 7 1 0 1 1 0 8 0 sigapl 432 250 0 234 3 0 3 3 0 8 1 futexpl 56 517 0 514 1 0 1 1 0 8 0 knotepl 112 53 0 34 1 0 1 1 0 8 0 kqueuepl 144 2 0 0 1 0 1 1 0 8 0 pipelkpl 48 80 0 70 1 0 1 1 0 8 0 pipepl 120 160 0 141 1 0 1 1 0 8 0 fdescpl 496 251 0 234 3 0 3 3 0 8 0 filepl 152 1318 0 1205 6 0 6 6 0 8 1 lockfpl 104 5 0 4 1 0 1 1 0 8 0 lockfspl 48 3 0 2 1 0 1 1 0 8 0 sessionpl 112 18 0 7 1 0 1 1 0 8 0 pgrppl 48 18 0 7 1 0 1 1 0 8 0 ucredpl 96 72 0 63 1 0 1 1 0 8 0 zombiepl 144 235 0 234 1 0 1 1 0 8 0 processpl 960 266 0 234 5 0 5 5 0 8 1 procpl 624 323 0 277 4 0 4 4 0 8 0 sockpl 400 157 0 128 5 0 5 5 0 8 2 mcl4k 4096 3 0 0 1 0 1 1 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 281 0 0 35 0 35 35 0 8 0 mtagpl 80 1 0 0 1 0 1 1 0 8 0 mbufpl 256 285 0 0 18 0 18 18 0 8 0 bufpl 280 4080 0 173 280 0 280 280 0 8 0 anonpl 16 41370 0 25642 72 1 71 71 0 124 7 amapchunkpl 152 1377 0 1223 11 0 11 11 0 158 3 amappl16 192 1071 0 217 43 0 43 43 0 8 0 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 5 0 3 2 1 1 1 0 8 0 amappl13 168 25 0 24 1 0 1 1 0 8 0 amappl12 160 2 0 1 1 0 1 1 0 8 0 amappl11 152 71 0 53 1 0 1 1 0 8 0 amappl10 144 26 0 19 1 0 1 1 0 8 0 amappl9 136 393 0 389 1 0 1 1 0 8 0 amappl8 128 322 0 298 2 0 2 2 0 8 0 amappl7 120 136 0 123 1 0 1 1 0 8 0 amappl6 112 23 0 20 1 0 1 1 0 8 0 amappl5 104 146 0 130 1 0 1 1 0 8 0 amappl4 96 506 0 472 2 1 1 2 0 8 0 amappl3 88 104 0 99 1 0 1 1 0 8 0 amappl2 80 1041 0 962 3 1 2 3 0 8 0 amappl1 72 15749 0 15283 26 11 15 20 0 8 5 amappl 80 578 0 527 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 1 0 0 1 0 1 1 0 8 0 uaddrrnd 24 251 0 234 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 251 0 234 1 0 1 1 0 8 0 vmmpekpl 168 5949 0 5917 2 0 2 2 0 8 0 vmmpepl 168 37957 0 35843 160 5 155 155 0 357 63 vmsppl 368 250 0 234 2 0 2 2 0 8 0 pdppl 4096 510 0 468 6 0 6 6 0 8 0 pvpl 32 138547 0 119617 173 0 173 173 0 265 20 pmappl 232 250 0 234 2 0 2 2 0 8 1 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 188 0 3 6 0 6 6 0 8 0