[ 434.3660131] panic: netbsd:panic+0x9e 1970/01/01 00:02:37 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 434.4860125] lockdebug_abort1() at netbsd:lockdebug_abort1+0x150 sys/kern/subr_lockdebug.c:388 [ 434.5260113] lockdebug_wantlock() at netbsd:lockdebug_wantlock+0x336 sys/kern/subr_lockdebug.c:489 [ 434.5560130] rw_enter() at netbsd:rw_enter+0x788 sys/kern/kern_rwlock.c:300 [ 434.5960112] genfs_lock() at netbsd:genfs_lock+0x160 sys/miscfs/genfs/genfs_vnops.c:397 [ 434.6260108] VOP_LOCK() at netbsd:VOP_LOCK+0x1e0 sys/kern/vnode_if.c:1632 [ 434.6560107] vn_lock() at netbsd:vn_lock+0x1d0 sys/kern/vfs_vnops.c:1388 [ 434.6860123] union_getattr() at netbsd:union_getattr+0x2b2 sys/fs/union/union_vnops.c:872 [ 434.7160115] VOP_GETATTR() at netbsd:VOP_GETATTR+0xe9 sys/kern/vnode_if.c:711 [ 434.7460107] vn_stat() at netbsd:vn_stat+0x9d sys/kern/vfs_vnops.c:762 [ 434.7860104] do_sys_statat() at netbsd:do_sys_statat+0x25c sys/kern/vfs_syscalls.c:3220 [ 434.8160104] sys___lstat50() at netbsd:sys___lstat50+0x94 sys/kern/vfs_syscalls.c:3260 [ 434.8460107] syscall() at netbsd:syscall+0x246 sy_call sys/sys/syscallvar.h:65 [inline] [ 434.8460107] syscall() at netbsd:syscall+0x246 sy_invoke sys/sys/syscallvar.h:94 [inline] [ 434.8460107] syscall() at netbsd:syscall+0x246 sys/arch/x86/x86/syscall.c:137 [ 434.8560121] --- syscall (number 441) --- [ 434.8660102] netbsd:syscall+0x246: [ 434.8760106] cpu1: End traceback... [ 434.8760106] fatal breakpoint trap in supervisor mode [ 434.8760106] trap type 1 code 0 rip 0xffffffff8023240d cs 0x8 rflags 0x286 cr2 0x71ee965e98f0 ilevel 0 rsp 0xffffc6824c450430 [ 434.8860102] curlwp 0xffffc68012c7b340 pid 7558.7558 lowest kstack 0xffffc6824c4492c0 Stopped in pid 7558.7558 (syz-executor.5) at netbsd:breakpoint+0x5: leave ? breakpoint() at netbsd:breakpoint+0x5 db_panic() at netbsd:db_panic+0x105 sys/ddb/db_panic.c:71 vpanic() at netbsd:vpanic+0x282 sys/kern/subr_prf.c:288 panic() at netbsd:panic+0x9e sys/kern/subr_prf.c:1084 lockdebug_abort1() at netbsd:lockdebug_abort1+0x150 sys/kern/subr_lockdebug.c:388 lockdebug_wantlock() at netbsd:lockdebug_wantlock+0x336 sys/kern/subr_lockdebug.c:489 rw_enter() at netbsd:rw_enter+0x788 sys/kern/kern_rwlock.c:300 genfs_lock() at netbsd:genfs_lock+0x160 sys/miscfs/genfs/genfs_vnops.c:397 VOP_LOCK() at netbsd:VOP_LOCK+0x1e0 sys/kern/vnode_if.c:1632 vn_lock() at netbsd:vn_lock+0x1d0 sys/kern/vfs_vnops.c:1388 union_getattr() at netbsd:union_getattr+0x2b2 sys/fs/union/union_vnops.c:872 VOP_GETATTR() at netbsd:VOP_GETATTR+0xe9 sys/kern/vnode_if.c:711 vn_stat() at netbsd:vn_stat+0x9d sys/kern/vfs_vnops.c:762 do_sys_statat() at netbsd:do_sys_statat+0x25c sys/kern/vfs_syscalls.c:3220 sys___lstat50() at netbsd:sys___lstat50+0x94 sys/kern/vfs_syscalls.c:3260 syscall() at netbsd:syscall+0x246 sy_call sys/sys/syscallvar.h:65 [inline] syscall() at netbsd:syscall+0x246 sy_invoke sys/sys/syscallvar.h:94 [inline] syscall() at netbsd:syscall+0x246 sys/arch/x86/x86/syscall.c:137 --- syscall (number 441) --- netbsd:syscall+0x246: Panic string: LOCKDEBUG: Reader / writer lock error: rw_vector_enter,300: locking against myself PID LID S CPU FLAGS STRUCT LWP * NAME WAIT 7871 7871 2 0 0 ffffc68012c0b680 ifconfig 9297 9297 3 1 180 ffffc68012d19700 syz-executor.2 pipe_rd 8071 8071 2 0 0 ffffc68013497180 syz-executor.1 7820 7820 3 0 180 ffffc68014597640 syz-executor.4 parked 11596 11596 3 1 0 ffffc680133a6200 syz-executor.3 vm_map address 0x1ffff8d0491a6d7c is invalid -2118668970 11596 3 1 0 1ffff8d0491a6d7c RmI vm_map 7558 > 7558 7 1 0 ffffc68012c7b340 syz-executor.5 8094 8094 3 1 180 ffffc6801333a980 syz-executor.0 wait 12598 12598 3 0 180 ffffc68012c8f040 init nanoslp 5616 5616 3 1 180 ffffc68012b76100 syz-executor.4 parked 11211 11211 3 1 180 ffffc68013420b40 syz-executor.2 parked 4085 4085 3 0 180 ffffc680133a6a80 syz-executor.3 parked 5076 5076 3 0 180 ffffc68012c0b240 syz-executor.3 parked 3457 6504 2 1 1140000 ffffc68013393600 syz-executor.0 3457 3457 2 1 11000040 ffffc68013e38ac0 syz-executor.0 3390 3390 3 0 180 ffffc6801335a9c0 syz-executor.1 parked 5581 2291 2 1 1140000 ffffc680143ee5c0 syz-executor.1 5581 5581 2 1 11000040 ffffc6801333a540 syz-executor.1 1859 1859 3 1 180 ffffc68012d03680 syz-executor.3 parked 658 658 3 0 180 ffffc6801426a540 syz-executor.4 parked 4800 4800 3 0 180 ffffc68012d5c340 syz-executor.3 parked 3525 3525 3 1 180 ffffc6801411a900 syz-executor.5 parked 4075 4075 3 1 180 ffffc68013f83340 syz-executor.5 parked 3560 3560 3 1 180 ffffc6801345b500 syz-executor.2 parked 3166 3166 3 1 180 ffffc68013fef040 syz-executor.4 parked 3047 3047 3 1 180 ffffc68012cb2500 syz-executor.3 parked 3149 3149 3 0 180 ffffc68012c7bbc0 syz-executor.4 parked 720 720 3 0 180 ffffc68012c8f480 syz-executor.0 parked 1200 1200 3 1 180 ffffc68012ca0080 syz-executor.5 parked 1080 1435 2 0 0 ffffc68012d0fb00 syz-fuzzer 1080 1623 3 1 0 ffffc68012cf8200 syz-fuzzer vm_map 1080 1207 3 1 180 ffffc68013e8d2c0 syz-fuzzer wait 1080 1073 3 0 180 ffffc68013e6cb00 syz-fuzzer parked 1080 1240 3 1 180 ffffc68013e6c6c0 syz-fuzzer parked 1080 989 2 1 0 ffffc68013e6c280 syz-fuzzer 1080 1247 3 0 180 ffffc68013e38680 syz-fuzzer wait 1080 1120 3 1 180 ffffc68013dd0a40 syz-fuzzer parked 1080 829 3 0 180 ffffc68013dd01c0 syz-fuzzer parked 1080 1242 3 1 180 ffffc6801343ebc0 syz-fuzzer parked 1080 449 3 0 180 ffffc6801343e780 syz-fuzzer parked 1080 1224 3 0 180 ffffc6801343e340 syz-fuzzer parked 1080 1226 3 0 180 ffffc680126d7740 syz-fuzzer wait 1080 1233 2 0 0 ffffc680126d9340 syz-fuzzer 1080 1080 3 0 180 ffffc68012a6b8c0 syz-fuzzer wait 1237 1237 3 0 180 ffffc68012a92080 sshd select 1223 1223 3 0 180 ffffc68013465100 getty nanoslp 1222 1222 3 0 180 ffffc680126db480 getty nanoslp 1195 1195 3 0 180 ffffc680134809c0 getty nanoslp 1103 1103 3 0 180 ffffc68013393a40 sshd select 1056 1056 3 0 180 ffffc68012d2a740 powerd kqueue 702 702 3 0 180 ffffc680133c9b00 syslogd kqueue 746 746 3 1 180 ffffc68012c1db00 dhcpcd poll 742 742 3 1 180 ffffc68012cb20c0 dhcpcd poll 466 466 2 0 0 ffffc68012c1d6c0 dhcpcd 598 598 3 0 180 ffffc68012c2fb40 dhcpcd poll 292 292 3 0 180 ffffc68012d94900 dhcpcd poll 485 485 3 0 180 ffffc68012d944c0 dhcpcd poll 291 > 291 7 0 0 ffffc68012d94080 dhcpcd 1 1 3 1 180 ffffc68012870180 init wait 0 11465 3 0 200 ffffc68013fef480 poolthread pooljob 0 5700 3 1 200 ffffc6801335a140 ktrace ktrwait 0 10554 3 0 200 ffffc6801333a100 ktrace ktrwait 0 8114 3 0 200 ffffc680147b8740 ktrace ktrwait 0 6094 3 0 200 ffffc680143cc580 ktrace ktrwait 0 1934 3 1 200 ffffc68012c60740 ktrace ktrwait 0 1574 3 1 200 ffffc68012b919c0 ktrace ktrwait 0 1271 3 1 200 ffffc6801411a080 acctwatch actwat 0 5558 3 1 200 ffffc6801411a4c0 ktrace ktrwait 0 673 3 0 200 ffffc680129bf6c0 physiod physiod 0 196 3 0 200 ffffc680129c1700 pooldrain pooldrain 0 195 3 1 200 ffffc680129c12c0 ioflush syncer 0 194 3 0 200 ffffc680129bfb00 pgdaemon pgdaemon 0 167 3 1 200 ffffc68012976ac0 usb7 usbevt 0 172 3 1 200 ffffc68012976680 usb6 usbevt 0 170 3 0 200 ffffc68012976240 usb5 usbevt 0 168 3 0 200 ffffc6801291ea80 usb4 usbevt 0 166 3 0 200 ffffc6801291e640 usb3 usbevt 0 165 3 0 200 ffffc6801291e200 usb2 usbevt 0 31 3 1 200 ffffc680128caa40 usb1 usbevt 0 63 3 0 200 ffffc680128ca600 usb0 usbevt 0 126 3 1 200 ffffc680128ca1c0 usbtask-dr usbtsk 0 125 3 1 200 ffffc68012870a00 usbtask-hc usbtsk 0 124 3 0 200 ffffc68010d66b00 swwreboot swwreboot 0 123 3 1 200 ffffc680128705c0 npfgc0 npfgcw 0 122 3 1 200 ffffc680128669c0 rt_free rt_free 0 121 3 1 200 ffffc68012866580 unpgc unpgc 0 120 3 1 200 ffffc68012866140 key_timehandler key_timehandler 0 119 3 1 200 ffffc68012703980 icmp6_wqinput/1 icmp6_wqinput 0 118 3 0 200 ffffc68012703540 icmp6_wqinput/0 icmp6_wqinput 0 117 2 1 200 ffffc68012703100 nd6_timer 0 116 3 1 200 ffffc680126fc940 carp6_wqinput/1 carp6_wqinput 0 115 3 0 200 ffffc680126fc500 carp6_wqinput/0 carp6_wqinput 0 114 3 1 200 ffffc680126fc0c0 carp_wqinput/1 carp_wqinput 0 113 3 0 200 ffffc680126ed900 carp_wqinput/0 carp_wqinput 0 112 3 1 200 ffffc680126ed4c0 icmp_wqinput/1 icmp_wqinput 0 111 3 0 200 ffffc680126ed080 icmp_wqinput/0 icmp_wqinput 0 110 3 1 200 ffffc680126d9780 rt_timer rt_timer 0 109 3 0 200 ffffc680126db8c0 vmem_rehash vmem_rehash 0 100 3 1 200 ffffc680126d7300 entbutler entropy 0 99 3 0 200 ffffc680120bdb40 viomb balloon 0 98 3 1 200 ffffc680120bd700 vioif0_txrx/1 vioif0_txrx 0 97 3 0 200 ffffc680120bd2c0 vioif0_txrx/0 vioif0_txrx 0 30 3 0 200 ffffc68010d666c0 scsibus0 sccomp 0 29 3 0 200 ffffc68010d66280 pms0 pmsreset 0 28 3 1 200 ffffc68010cacac0 xcall/1 xcall 0 27 1 1 200 ffffc68010cac680 softser/1 0 26 1 1 200 ffffc68010cac240 softclk/1 0 25 1 1 200 ffffc68010ca9a80 softbio/1 0 24 1 1 200 ffffc68010ca9640 softnet/1 0 23 1 1 201 ffffc68010ca9200 idle/1 0 22 3 0 200 ffffc6800fb55a40 lnxsyswq lnxsyswq 0 21 3 0 200 ffffc6800fb55600 lnxubdwq lnxubdwq 0 20 3 0 200 ffffc6800fb551c0 lnxpwrwq lnxpwrwq 0 19 3 0 200 ffffc6800fb54a00 lnxlngwq lnxlngwq 0 18 3 0 200 ffffc6800fb545c0 lnxhipwq lnxhipwq 0 17 3 0 200 ffffc6800fb54180 lnxrcugc lnxrcugc 0 16 3 0 200 ffffc6800fb4d9c0 sysmon smtaskq 0 15 3 0 200 ffffc6800fb4d580 pmfsuspend pmfsuspend 0 14 3 0 200 ffffc6800fb4d140 pmfevent pmfevent 0 13 3 0 200 ffffc6800fb4a980 sopendfree sopendfr 0 12 3 0 200 ffffc6800fb4a540 ifwdog ifwdog 0 11 3 1 200 ffffc6800fb4a100 iflnkst iflnkst 0 10 3 0 200 ffffc6800fb3b940 nfssilly nfssilly 0 9 3 0 200 ffffc6800fb3b500 pooldisp pooldisp 0 8 3 1 200 ffffc6800fb3b0c0 modunload mod_unld 0 7 3 0 200 ffffc6800fb32900 xcall/0 xcall 0 6 1 0 200 ffffc6800fb324c0 softser/0 0 5 1 0 200 ffffc6800fb32080 softclk/0 0 4 1 0 200 ffffc6800fb308c0 softbio/0 0 3 1 0 200 ffffc6800fb30480 softnet/0 0 2 1 0 201 ffffc6800fb30040 idle/0 0 0 2 1 240 ffffffff83350200 swapper [Locks tracked through LWPs] ****** LWP 8071.8071 (syz-executor.1) @ 0xffffc68013497180, l_stat=2 *** Locks held: * Lock 0 (initialized at netbsd:kcov_open+0x40 sys/kern/subr_kcov.c:461) lock address : ffffc680147a54c0 type : sleep/adaptive initialized : netbsd:kcov_open+0x40 shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffc68013497180 last held: 0xffffc68013497180 last locked* : netbsd:kcov_fops_ioctl+0x28 unlocked : 0 owner field : 0xffffc68013497180 wait/spin: 0/0 Turnstile: no active turnstile for this lock. * Lock 1 (initialized at netbsd:uvm_obj_init+0x9a sys/uvm/uvm_object.c:70) lock address : ffffc680148b5700 type : sleep/adaptive initialized : netbsd:uvm_obj_init+0x9a shared holds : 0 exclusive: 1 shares wanted: 0 exclusive: 0 relevant cpu : 0 last held: 0 relevant lwp : 0xffffc68013497180 last held: 0xffffc68013497180 last locked* : netbsd:uvm_fault_internal+0x1e72 unlocked : netbsd:uvm_fault_lower_enter+0x579 owner/count : 0xffffc68013497180 flags : 0x0000000000000004 Turnstile: no active turnstile for this lock. *** Locks wanted: none [ 434.8960127] fatal protection fault in supervisor mode [ 434.8960127] trap type 4 code 0 rip 0xffffffff81c19d25 cs 0x8 rflags 0x10282 cr2 0x71ee965e98f0 ilevel 0x8 rsp 0xffffc6824c44fab0 [ 434.8960127] curlwp 0xffffc68012c7b340 pid 7558.7558 lowest kstack 0xffffc6824c4492c0 kernel: protection fault trap, code=0 Faulted in DDB; continuing...