panic: Assertion done != job_total_nbytes failed at /syzkaller/managers/main/kernel/sys/kern/sys_socket.c:678 cpuid = 0 time = 7 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe00570498d0 kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0057049a30 vpanic() at vpanic+0x257/frame 0xfffffe0057049bf0 panic() at panic+0xb5/frame 0xfffffe0057049cb0 soaio_process_sb() at soaio_process_sb+0x11e2/frame 0xfffffe0057049ea0 soaio_kproc_loop() at soaio_kproc_loop+0x17b/frame 0xfffffe0057049ef0 fork_exit() at fork_exit+0xcc/frame 0xfffffe0057049f30 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0057049f30 --- trap 0xc, rip = 0x3a723a, rsp = 0x820e9e458, rbp = 0x820e9e460 --- KDB: enter: panic [ thread pid 968 tid 100152 ] Stopped at kdb_enter+0x6e: movq $0,0x25898a7(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b es 0x3b fs 0x13 gs 0x1b ss 0x28 rax 0x12 rcx 0xfffffe0002bf1850 rdx 0 rbx 0xffffffff82826ba0 .str.27 rsp 0xfffffe0057049a10 rbp 0xfffffe0057049a30 rsi 0 rdi 0xffffffff8165b309 printf+0x149 r8 0 r9 0xffffffff r10 0x1 r11 0x17 r12 0xfffffe0058720780 r13 0xfffffffffffffffe r14 0xffffffff82826ba0 .str.27 r15 0 rip 0xffffffff816446ee kdb_enter+0x6e rflags 0x46 kdb_enter+0x6e: movq $0,0x25898a7(%rip) db> show proc Process 968 (soaiod3) at 0xfffffe00586d2568: state: NORMAL uid: 0 gid: 0 supp gids: 0 parent: pid 0 at 0xffffffff83b58040 ABI: null flag: 0x10000204 flag2: 0 reaper: 0xffffffff83b58040 reapsubtree: 968 sigparent: 20 vmspace: 0xfffffe0058710490 (map 0xfffffe0058710490) (map.pmap 0xfffffe0058710530) (pmap 0xfffffe00587105a0) threads: 1 100152 Run CPU 0 [soaiod3] db> ps pid ppid pgrp uid state wmesg wchan cmd 1180 763 763 0 R (threaded) syz-executor 100701 RunQ syz-executor 100702 RunQ syz-executor 1179 766 766 0 R (threaded) syz-executor 100543 S nanslp 0xffffffff83baf001 syz-executor 100699 RunQ syz-executor 100700 S uwait 0xfffffe005858c680 syz-executor 1177 0 0 0 DL mdwait 0xfffffe00077fe000 [md32] 1174 1169 764 0 S uwait 0xfffffe0058306880 syz-executor 1172 1169 764 0 S uwait 0xfffffe0058306d80 syz-executor 1171 1 765 0 S uwait 0xfffffe0058306e80 syz-executor 1169 764 764 0 T (threaded) syz-executor 100114 s syz-executor 100686 Run CPU 1 syz-executor 100688 RunQ syz-executor 100690 RunQ syz-executor 100692 RunQ syz-executor 1166 0 0 0 DL mdwait 0xfffffe0078af0000 [md0] 1162 1 764 -1 S uwait 0xfffffe0058306980 syz-executor 1160 1 764 0 S uwait 0xfffffe0058306c80 syz-executor 1158 1 766 0 S uwait 0xfffffe0058305180 syz-executor 1154 0 0 0 DL mdwait 0xfffffe006e792000 [md512] 1137 1 766 0 T syz-executor 1128 1 764 0 S uwait 0xfffffe005858cf00 syz-executor 1125 0 0 0 DL (threaded) [so_splice] 100103 D - 0xfffffe0007787a00 [thr_0] 100575 D - 0xfffffe0007787a40 [thr_1] 1120 1 764 0 S uwait 0xfffffe0058305200 syz-executor 1101 1 764 0 S uwait 0xfffffe0058306380 syz-executor 1065 1 766 0 SV uwait 0xfffffe005858ce00 syz-executor 1022 1 763 0 S uwait 0xfffffe0058306680 syz-executor 1009 1 766 0 S uwait 0xfffffe0058589380 syz-executor 1005 1 763 0 SV uwait 0xfffffe00785df580 syz-executor 988 1 765 0 S uwait 0xfffffe0058305300 syz-executor 985 1 764 0 T uwait 0xfffffe005858ab00 syz-executor 983 1 764 0 S uwait 0xfffffe005858a080 syz-executor 976 1 760 0 S uwait 0xfffffe00084f7300 syz-executor 975 1 764 0 S uwait 0xfffffe00785dfa80 syz-executor 972 1 765 0 S uwait 0xfffffe0058305800 syz-executor 971 1 765 0 S uwait 0xfffffe00785e0100 syz-executor 969 0 0 0 DL - 0xffffffff83ccf200 [soaiod4] 968 0 0 0 RL CPU 0 [soaiod3] 967 0 0 0 DL - 0xffffffff83ccf200 [soaiod2] 966 0 0 0 DL - 0xffffffff83ccf200 [soaiod1] 959 1 766 0 S uwait 0xfffffe00785dec00 syz-executor 954 1 766 0 S uwait 0xfffffe00785df780 syz-executor 951 1 765 0 S uwait 0xfffffe00084f7a00 syz-executor 945 1 766 0 S uwait 0xfffffe005858b800 syz-executor 937 0 0 0 DL (threaded) [KTLS] 100193 D - 0xfffffe006e741200 [thr_0] 100283 D - 0xfffffe006e741280 [thr_1] 100284 D - 0xffffffff83cd0a28 [reclaim_0] 936 1 765 0 S uwait 0xfffffe0058589d00 syz-executor 926 1 766 0 S uwait 0xfffffe0058589a80 syz-executor 917 1 766 60928 S uwait 0xfffffe0058305400 syz-executor 902 1 765 0 S uwait 0xfffffe00084f7f00 syz-executor 901 1 765 0 S uwait 0xfffffe005858a900 syz-executor 898 896 766 0 S uwait 0xfffffe00084f7900 syz-executor 896 894 766 0 SV uwait 0xfffffe00084f7800 syz-executor 894 1 766 0 DV ppwait 0xfffffe0058730508 syz-executor 890 1 766 0 S uwait 0xfffffe00084f7400 syz-executor 889 1 766 0 S uwait 0xfffffe0058589480 syz-executor 886 1 765 0 S uwait 0xfffffe005858ad00 syz-executor 871 1 765 0 S uwait 0xfffffe005858af00 syz-executor 869 1 765 0 S uwait 0xfffffe005858a600 syz-executor 863 1 766 0 S uwait 0xfffffe0058589580 syz-executor 835 0 0 0 DL aiordy 0xfffffe0058708000 [aiod4] 834 0 0 0 DL aiordy 0xfffffe005870a010 [aiod3] 833 0 0 0 DL aiordy 0xfffffe005870aac0 [aiod2] 832 0 0 0 DL aiordy 0xfffffe005870a568 [aiod1] 766 762 766 0 S nanslp 0xffffffff83baf001 syz-executor 765 762 765 0 R syz-executor 764 762 764 0 R syz-executor 763 762 763 0 R syz-executor 762 1 760 0 S select 0xfffffe0007788040 syz-executor 747 1 747 0 Ts+ getty 746 1 746 0 Ts+ getty 745 1 745 0 Ts+ getty 744 1 744 0 Ts+ getty 743 1 743 0 Ts+ getty 742 1 742 0 Ts+ getty 741 1 741 0 Ts+ getty 740 1 740 0 Ts+ getty 739 1 739 0 Ts+ getty 736 1 17 0 S+ nanslp 0xffffffff83baf000 sleep 494 1 494 0 Ss select 0xfffffe0054232f40 syslogd 16 0 0 0 DL syncer 0xffffffff83cdcc20 [syncer] 15 0 0 0 DL vlruwt 0xfffffe000780a018 [vnlru] 14 0 0 0 DL (threaded) [bufdaemon] 100079 D psleep 0xffffffff83cdb160 [bufdaemon] 100082 D - 0xffffffff83001ec0 [bufspacedaemon-0] 100093 D sdflush 0xfffffe005808a4e8 [/ worker] 9 0 0 0 DL psleep 0xffffffff83d1c040 [vmdaemon] 8 0 0 0 DL (threaded) [pagedaemon] 100077 D psleep 0xffffffff83d02108 [dom0] 100080 D launds 0xffffffff83d02114 [laundry: dom0] 100081 D umarcl 0xffffffff81e2b7d0 [uma] 7 0 0 0 DL - 0xffffffff839275b0 [rand_harvestq] 6 0 0 0 DL pftm 0xffffffff844a6f60 [pf purge] 5 0 0 0 DL waiting 0xffffffff84894700 [sctp_iterator] 4 0 0 0 DL (threaded) [cam] 100045 D - 0xffffffff838f1340 [doneq0] 100046 D - 0xffffffff838f12c0 [async] 100075 D - 0xffffffff838f1140 [scanner] 3 0 0 0 DL (threaded) [crypto] 100042 D crypto_ 0xffffffff83cfd9e0 [crypto] 100043 D crypto_ 0xfffffe0007b17030 [crypto returns 0] 100044 D crypto_ 0xfffffe0007b17080 [crypto returns 1] 13 0 0 0 DL (threaded) [geom] 100037 D - 0xffffffff83b57600 [g_event] 100038 D - 0xffffffff83b57620 [g_up] 100039 D - 0xffffffff83b57640 [g_down] 2 0 0 0 WL (threaded) [clock] 100031 I [clock (0)] 100032 I [clock (1)] 12 0 0 0 WL (threaded) [intr] 100013 I [swi6: task queue] 100014 I [swi6: Giant taskq] 100016 I [swi5: fast taskq] 100033 I [swi1: netisr 0] 100034 I [swi1: hpts] 100035 I [swi1: hpts] 100047 I [irq24: virtio_pci0] 100048 I [irq25: virtio_pci0] 100049 I [irq26: virtio_pci0] 100050 I [irq27: virtio_pci0] 100051 I [irq28: virtio_pci1] 100052 I [irq29: virtio_pci1] 100053 I [irq30: virtio_pci1] 100054 I [irq31: virtio_pci1] 100055 I [irq32: virtio_pci1] 100060 I [irq10: virtio_pci2] 100062 I [irq1: atkbd0] 100063 I [irq12: psm0] 100064 I [swi0: uart uart++] 100068 I [swi1: pf send] 11 0 0 0 RL (threaded) [idle] 100003 CanRun [idle: cpu0] 100004 CanRun [idle: cpu1] 1 0 1 0 SLs wait 0xfffffe0007809010 [init] 10 0 0 0 DL audit_w 0xffffffff83cfe480 [audit] 0 0 0 0 DLs (threaded) [kernel] 100000 D parked 0xffffffff84c53ff0 [swapper] 100005 D - 0xfffffe00077f7a00 [softirq_0] 100006 D - 0xfffffe00077f7800 [softirq_1] 100007 D - 0xfffffe00077f7600 [if_io_tqg_0] 100008 D - 0xfffffe00077f7400 [if_io_tqg_1] 100009 D - 0xfffffe00077f7200 [if_config_tqg_0] 100010 D - 0xfffffe00077f7000 [kqueue_ctx taskq] 100011 D - 0xfffffe00077f6d00 [jail_remove taskq] 100012 D - 0xfffffe00077f6b00 [bus taskq] 100015 D - 0xfffffe00077f6500 [thread taskq] 100017 D - 0xfffffe00077f6100 [aiod_kick taskq] 100018 D - 0xfffffe00077f5e00 [deferred_unmount ta] 100019 D - 0xfffffe00077f5c00 [inm_free taskq] 100020 D - 0xfffffe00077f5a00 [in6m_free taskq] 100021 D - 0xfffffe00077f5800 [linuxkpi_irq_wq] 100022 D - 0xfffffe00077f5600 [linuxkpi_short_wq_0] 100023 D - 0xfffffe00077f5600 [linuxkpi_short_wq_1] 100024 D - 0xfffffe00077f5600 [linuxkpi_short_wq_2] 100025 D - 0xfffffe00077f5600 [linuxkpi_short_wq_3] 100026 D - 0xfffffe00077f5100 [linuxkpi_long_wq_0] 100027 D - 0xfffffe00077f5100 [linuxkpi_long_wq_1] 100028 D - 0xfffffe00077f5100 [linuxkpi_long_wq_2] 100029 D - 0xfffffe00077f5100 [linuxkpi_long_wq_3] 100036 D - 0xfffffe00077f4400 [firmware taskq] 100040 D - 0xfffffe0007bcc100 [crypto_0] 100041 D - 0xfffffe0007bcc100 [crypto_1] 100056 D - 0xfffffe00077f8200 [vtnet0 rxq 0] 100057 D - 0xfffffe00541f1500 [vtnet0 txq 0] 100058 D - 0xfffffe00541f1400 [vtnet0 rxq 1] 100059 D - 0xfffffe00541f1300 [vtnet0 txq 1] 100061 D vtbslp 0xfffffe00580bb200 [virtio_balloon] 100065 D - 0xffffffff8282b281 [deadlkres] 100069 D - 0xfffffe0058590000 [acpi_task_0] 100070 D - 0xfffffe0058590000 [acpi_task_1] 100071 D - 0xfffffe0058590000 [acpi_task_2] 100073 D - 0xfffffe00077f8100 [mca taskq] 100074 D - 0xfffffe0007bcba00 [CAM taskq] 100076 D - 0xfffffe005858f700 [ipsec_offload] 100287 D - 0xfffffe006e740800 [system_taskq_0] 100288 D - 0xfffffe006e740800 [system_taskq_1] 100289 D - 0xfffffe006e73fd00 [system_delay_taskq_] 100290 D - 0xfffffe006e73fd00 [system_delay_taskq_] 100291 D - 0xfffffe006e740200 [zvol_tq-0_0] 100292 D - 0xfffffe006e740200 [zvol_tq-0_1] 100293 D - 0xfffffe006e740200 [zvol_tq-0_2] 100294 D - 0xfffffe006e740200 [zvol_tq-0_3] 100295 D - 0xfffffe006e740200 [zvol_tq-0_4] 100296 D - 0xfffffe006e740200 [zvol_tq-0_5] 100297 D - 0xfffffe006e740200 [zvol_tq-0_6] 100298 D - 0xfffffe006e740200 [zvol_tq-0_7] 100299 D - 0xfffffe006e740200 [zvol_tq-0_8] 100300 D - 0xfffffe006e740200 [zvol_tq-0_9] 100301 D - 0xfffffe006e740200 [zvol_tq-0_10] 100302 D - 0xfffffe006e740200 [zvol_tq-0_11] 100303 D - 0xfffffe006e740200 [zvol_tq-0_12] 100304 D - 0xfffffe006e740200 [zvol_tq-0_13] 100305 D - 0xfffffe006e740200 [zvol_tq-0_14] 100306 D - 0xfffffe006e740200 [zvol_tq-0_15] 100307 D - 0xfffffe006e740200 [zvol_tq-0_16] 100308 D - 0xfffffe006e740200 [zvol_tq-0_17] 100309 D - 0xfffffe006e740200 [zvol_tq-0_18] 100310 D - 0xfffffe006e740200 [zvol_tq-0_19] 100311 D - 0xfffffe006e740200 [zvol_tq-0_20] 100312 D - 0xfffffe006e740200 [zvol_tq-0_21] 100313 D - 0xfffffe006e740200 [zvol_tq-0_22] 100314 D - 0xfffffe006e740200 [zvol_tq-0_23] 100315 D - 0xfffffe006e740200 [zvol_tq-0_24] 100316 D - 0xfffffe006e740200 [zvol_tq-0_25] 100317 D - 0xfffffe006e740200 [zvol_tq-0_26] 100318 D - 0xfffffe006e740200 [zvol_tq-0_27] 100319 D - 0xfffffe006e740200 [zvol_tq-0_28] 100320 D - 0xfffffe006e740200 [zvol_tq-0_29] 100321 D - 0xfffffe006e740200 [zvol_tq-0_30] 100322 D - 0xfffffe006e740200 [zvol_tq-0_31] 100328 D - 0xfffffe005858e000 [arc_prune] 100329 D - 0xfffffe005858dd00 [arc_flush_0] 100330 D - 0xfffffe005858dd00 [arc_flush_1] 100358 D - 0xfffffe00541f1d00 [dbu_evict] 100387 D - 0xfffffe005858d500 [z_vdev_file_0] 100388 D - 0xfffffe005858d500 [z_vdev_file_1] 100389 D - 0xfffffe005858d500 [z_vdev_file_2] 100390 D - 0xfffffe005858d500 [z_vdev_file_3] 100391 D - 0xfffffe005858d500 [z_vdev_file_4] 100392 D - 0xfffffe005858d500 [z_vdev_file_5] 100393 D - 0xfffffe005858d500 [z_vdev_file_6] 100394 D - 0xfffffe005858d500 [z_vdev_file_7] 100395 D - 0xfffffe005858d500 [z_vdev_file_8] 100396 D - 0xfffffe005858d500 [z_vdev_file_9] 100397 D - 0xfffffe005858d500 [z_vdev_file_10] 100398 D - 0xfffffe005858d500 [z_vdev_file_11] 100399 D - 0xfffffe005858d500 [z_vdev_file_12] 100400 D - 0xfffffe005858d500 [z_vdev_file_13] 100401 D - 0xfffffe005858d500 [z_vdev_file_14] 100402 D - 0xfffffe005858d500 [z_vdev_file_15] 100427 D - 0xfffffe005858d700 [zfsvfs] 100459 D - 0xfffffe00786bdc00 [netlink_socket (PID] 1176 765 765 60928 Z syz-executor 895 894 766 0 Z syz-executor db> show all locks Process 1179 (syz-executor) thread 0xfffffe00586ce000 (100699) shared lockmgr ufs (ufs) r = 0 (0xfffffe005994ac78) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_vnops.c:1244 Process 1169 (syz-executor) thread 0xfffffe005877f000 (100686) exclusive sleep mutex process lock (process lock) r = 0 (0xfffffe00586f5128) locked @ /syzkaller/managers/main/kernel/sys/kern/kern_thr.c:374 Process 1169 (syz-executor) thread 0xfffffe0058726780 (100688) exclusive sx so_snd_sx (so_snd_sx) r = 0 (0xfffffe006b7ccd80) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4838 db>