SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 32: Broken pipe) OpenBSD/amd64 (ci-openbsd-setuid-3.us-central1-b.c.syzkaller.internal) (tty00) login: pWAanRNIiNGc:: mSutPeL xN O0xT fLffOWffEdR8E06Dbf c2OdN80 SnYot ShCeAlLL d 2i5n 6 m5t3x6_8le70a9v1e2 EXSItTop 0p ea d at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 178450 98802 32767 0x10 0x4000000 1 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff83078e14) at panic+0x1e5 sys/kern/subr_prf.c:198 mtx_leave(fffffd806bfc2d80) at mtx_leave+0x17c sys/kern/kern_lock.c:335 msleep(fffffd806bfc2c98,fffffd806bfc2d80,4,ffffffff832a21d0,0) at msleep+0x125 sys/kern/kern_synch.c:249 vm_map_lock_ln(fffffd806bfc2c68,a1e22e1000,0) at vm_map_lock_ln+0xd4 sys/uvm/uvm_map.c:5250 uvm_map_protect(fffffd806bfc2c68,a1e20e2000,a1e22e1000,1,0,0,b043382443aac699) at uvm_map_protect+0xe1 sys/uvm/uvm_map.c:3059 sys_mprotect(ffff80002f3822b8,ffff80002a05c380,ffff80002a05c2d0) at sys_mprotect+0x34c sys/uvm/uvm_mmap.c:585 syscall(ffff80002a05c380) at syscall+0xbb6 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a05c380) at syscall+0xbb6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7557d56dd600, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: mutex 0xfffffd806bfc2d80 not held in mtx_leave ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff83078e14) at panic+0x1e5 sys/kern/subr_prf.c:198 mtx_leave(fffffd806bfc2d80) at mtx_leave+0x17c sys/kern/kern_lock.c:335 msleep(fffffd806bfc2c98,fffffd806bfc2d80,4,ffffffff832a21d0,0) at msleep+0x125 sys/kern/kern_synch.c:249 vm_map_lock_ln(fffffd806bfc2c68,a1e22e1000,0) at vm_map_lock_ln+0xd4 sys/uvm/uvm_map.c:5250 uvm_map_protect(fffffd806bfc2c68,a1e20e2000,a1e22e1000,1,0,0,b043382443aac699) at uvm_map_protect+0xe1 sys/uvm/uvm_map.c:3059 sys_mprotect(ffff80002f3822b8,ffff80002a05c380,ffff80002a05c2d0) at sys_mprotect+0x34c sys/uvm/uvm_mmap.c:585 syscall(ffff80002a05c380) at syscall+0xbb6 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a05c380) at syscall+0xbb6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7557d56dd600, count: -9 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff80002a05bf80 rbx 0xffffffff834aedbf cpu_info_full_primary+0x2dbf rdx 0 rcx 0xffff80002f3822b8 rax 0xffffffff834adff0 cpu_info_full_primary+0x1ff0 r8 0x101010101010101 r9 0x8080808080808080 r10 0xc0f8f8b282c878ca r11 0x52d9e58bdf5aa9c5 r12 0xffffffff834aebc0 cpu_info_full_primary+0x2bc0 r13 0 r14 0 r15 0x1 rip 0xffffffff816a99e5 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80002a05bf70 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor) tid=467297 pid=98802 tcnt=3 stat=sleep flags process=10 proc=20 runpri=50, usrpri=86, slppri=4, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000ffffd6d8,0xffff80002f3827d8 process=0xffff80002a14e448 user=0xffff80002a057000, vmspace=0xfffffd806bfc2c68 estcpu=36, cpticks=3, pctcpu=0.0, user=0, sys=3, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND *98802 467297 10925 32767 3 0x30 syz-executor 98802 178450 10925 32767 7 0x4000010 syz-executor 98802 57931 10925 32767 3 0x4000090 fsleep syz-executor 89237 400184 48325 0 3 0x2 smrbar ifconfig 48325 192509 46634 0 3 0x10008a sigsusp sh 46634 281744 94060 0 3 0x80 wait syz-executor 26670 264600 51497 0 3 0x2 clonelk ifconfig 1757 183841 32155 0 3 0x2 clonelk ifconfig 51497 333794 76782 0 3 0x10008a sigsusp sh 94060 236363 1 0 3 0x82 wait syz-executor 76782 237862 55596 0 3 0x80 wait syz-executor 5217 459980 64494 0 3 0 clonelk syz-executor 32155 223489 40897 0 3 0x10008a sigsusp sh 40897 450697 39473 0 3 0x80 wait syz-executor 3161 191048 67282 0 3 0 clonelk syz-executor 800 189642 4051 0 3 0x2 clonelk ifconfig 4051 329582 36028 0 3 0x10008a sigsusp sh 36028 261196 75251 0 3 0x80 wait syz-executor 64494 117750 1 0 3 0x82 wait syz-executor 13151 212281 88771 0 3 0x2 clonelk ifconfig 88771 516584 73317 0 3 0x10008a sigsusp sh 73317 78827 87758 0 3 0x80 wait syz-executor 10925 131023 29271 32767 3 0x90 nanoslp syz-executor 75251 175525 1 0 3 0x82 wait syz-executor 39473 339161 1 0 3 0x82 wait syz-executor 87758 44457 1 0 3 0x82 wait syz-executor 29271 325495 1 0 3 0x82 wait syz-executor 55596 201123 1 0 3 0x82 wait syz-executor 67282 78688 1 0 3 0x82 wait syz-executor 25699 510127 0 0 3 0x14200 bored sosplice 24508 421528 1 0 3 0x100083 ttyin getty 95105 271912 1 0 3 0x88 kqread sshd 56795 292245 3571 73 3 0x1100010 ffs_fsync syslogd 3571 368639 1 0 3 0x100082 sbwait syslogd 41957 37215 1 0 3 0x100080 kqread resolvd 53807 145204 58393 77 3 0x100092 kqread dhcpleased 79375 519736 58393 77 3 0x100092 kqread dhcpleased 58393 411967 1 0 3 0x80 kqread dhcpleased 29101 245872 0 0 3 0x14200 bored smr 98499 349972 0 0 3 0x14200 pgzero zerothread 34732 318021 0 0 3 0x14200 aiodoned aiodoned 37300 360046 0 0 3 0x14200 syncer update 9453 520285 0 0 3 0x14200 cleaner cleaner 79364 145107 0 0 3 0x14200 reaper reaper 53163 374258 0 0 3 0x14200 pgdaemon pagedaemon 81618 343257 0 0 3 0x14200 bored viomb 65373 350549 0 0 3 0x40014200 acpi0 acpi0 13610 240083 0 0 3 0x40014200 idle1 81901 492054 0 0 3 0x14200 bored softnet3 1674 70489 0 0 3 0x14200 bored softnet2 2870 51925 0 0 3 0x14200 bored softnet1 51006 442430 0 0 3 0x14200 bored softnet0 48583 315822 0 0 3 0x14200 bored systqmp 72550 502121 0 0 3 0x14200 bored systq 65943 236505 0 0 3 0x14200 tmoslp softclockmp 20478 91113 0 0 3 0x40014200 tmoslp softclock 930 266634 0 0 3 0x40014200 idle0 1 85138 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks CPU 0: exclusive mutex &map->flags_lock r = 0 (0xfffffd806bfc2dc0) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 mtx_enter_try+0x178 #2 mtx_enter+0x60 sys/kern/kern_lock.c:239 #3 vm_map_lock_ln+0x153 sys/uvm/uvm_map.c:5258 #4 uvm_map_protect+0xe1 sys/uvm/uvm_map.c:3059 #5 sys_mprotect+0x34c sys/uvm/uvm_mmap.c:585 #6 syscall+0xbb6 mi_syscall sys/sys/syscall_mi.h:179 [inline] #6 syscall+0xbb6 sys/arch/amd64/amd64/trap.c:577 #7 Xsyscall+0x128 CPU 1: exclusive mutex &uvm.pageqlock r = 0 (0xffffffff83512f78) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 mtx_enter_try+0x178 #2 mtx_enter+0x60 sys/kern/kern_lock.c:239 #3 uvn_flush+0x1fd #4 uvm_map_clean+0x87e sys/uvm/uvm_map.c:4578 #5 syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] #5 syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 #6 Xsyscall+0x128 Process 98802 (syz-executor) thread 0xffff80002f3827c8 (178450) exclusive rwlock uobjlk r = 0 (0xfffffd805a03c4e8) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_enter+0x41b sys/kern/kern_rwlock.c:309 #2 uvm_map_clean+0x845 sys/uvm/uvm_map.c:4578 #3 syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] #3 syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 #4 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 0 (0xffffffff835a2200) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 syscall+0xad6 mi_syscall sys/sys/syscall_mi.h:179 [inline] #1 syscall+0xad6 sys/arch/amd64/amd64/trap.c:577 #2 Xsyscall+0x128 Process 89237 (ifconfig) thread 0xffff8000ffffd6d8 (400184) exclusive rwlock clonelk r = 0 (0xffffffff834288f0) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_enter+0x41b sys/kern/kern_rwlock.c:309 #2 if_clone_destroy+0x67 #3 ifioctl+0x5c5 #4 sys_ioctl+0x67c #5 syscall+0xbb6 mi_syscall sys/sys/syscall_mi.h:179 [inline] #5 syscall+0xbb6 sys/arch/amd64/amd64/trap.c:577 #6 Xsyscall+0x128 Process 56795 (syslogd) thread 0xffff8000ffffd1c8 (292245) exclusive rrwlock inode r = 0 (0xfffffd806e27a4e0) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_enter+0x41b sys/kern/kern_rwlock.c:309 #2 rrw_enter+0xbe sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0xa6 sys/kern/vfs_vops.c:524 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:564 #5 sys_fsync+0x152 sys/kern/vfs_syscalls.c:2926 #6 syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] #6 syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 #7 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10200 11042K 11059K 166960K 11376 0 pcb 17 12K 12K 166960K 17 0 rtable 148 4K 7K 166960K 1267 0 pf 23 15K 16K 166960K 87 0 ifaddr 26 4K 7K 166960K 157 0 ifgroup 34 1K 2K 166960K 162 0 sysctl 4 1K 1K 166960K 4 0 counters 56 35K 36K 166960K 120 0 ioctlops 0 0K 2K 166960K 71 0 iov 0 0K 16K 166960K 78 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1455 91K 92K 166960K 2112 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 18 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 54 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1690 195K 286K 166960K 12468 0 file desc 33 128K 157K 166960K 1454 0 sigio 0 0K 0K 166960K 120 0 proc 93 140K 176K 166960K 1336 0 subproc 169 10K 12K 166960K 728 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 176 0 in_multi 55 4K 7K 166960K 448 0 ether_multi 1 0K 0K 166960K 9 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 241 1076K 1076K 166960K 241 0 exec 0 0K 1K 166960K 804 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 218 112K 130K 166960K 12701 0 UVM aobj 26 2K 4K 166960K 29 0 pinsyscall 49 98K 126K 166960K 3247 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 97 0 NDP 9 0K 2K 166960K 109 0 temp 84 6822K 6886K 166960K 11741 0 kqueue 10 14K 30K 166960K 170 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}>