panic: rack_output: IP version incorrect: 0
0 views
Skip to first unread message
syzbot
May 7, 2021, 1:50:26 AM5/7/21
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=14cbb993d00000
dashboard link: https://syzkaller.appspot.com/bug?extid=c5e2c7ad830b19d91f3d
userspace arch: i386
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c5e2c7...@syzkaller.appspotmail.com
panic: rack_output: IP version incorrect: 0
cpuid = 0
time = 1620366608
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00885795d0
vpanic() at vpanic+0x1c7/frame 0xfffffe0088579630
panic() at panic+0x43/frame 0xfffffe0088579690
rack_output() at rack_output+0xc843/frame 0xfffffe00885799c0
tcp_hpts_thread() at tcp_hpts_thread+0xe34/frame 0xfffffe0088579b10
ithread_loop() at ithread_loop+0x33f/frame 0xfffffe0088579bb0
fork_exit() at fork_exit+0xb3/frame 0xfffffe0088579bf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0088579bf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 12 tid 100085 ]
Stopped at kdb_enter+0x67: movq $0,0x163a54e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0xffffffff81137c10 vprintf+0x140
rdx 0x1
rbx 0
rsp 0xfffffe00885795b0
rbp 0xfffffe00885795d0
rsi 0
rdi 0xffffffff81137c46 vprintf+0x176
r8 0
r9 0x8080808080808080
r10 0xfffffe00885794a0
r11 0x1ff77fff59c
r12 0xffffffff82267ac0 ddb_dbbe
r13 0
r14 0xffffffff81a73d95
r15 0xffffffff81a73d95
rip 0xffffffff8112ec37 kdb_enter+0x67
rflags 0x82
kdb_enter+0x67: movq $0,0x163a54e(%rip)
db> show proc
Process 12 (intr) at 0xfffff80004579a70:
state: NORMAL
uid: 0 gids: 0
parent: pid 0 at 0xffffffff8271c6b0
ABI: null
flag: 0x10000284 flag2: 0
reaper: 0xffffffff8271c6b0 reapsubtree: 12
sigparent: 20
vmspace: 0xffffffff8271d330
(map 0xffffffff8271d330)
(map.pmap 0xffffffff8271d3f0)
(pmap 0xffffffff8271d450)
threads: 23
100011 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100018 I [swi5: fast taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 Run CPU 0 [swi1: hpts]
db> ps
pid ppid pgrp uid state wmesg wchan cmd
7215 7214 785 0 S uwait 0xfffff8001596da00 syz-executor.1
7214 785 785 0 S (threaded) syz-executor.1
106681 S nanslp 0xffffffff8273c8e1 syz-executor.1
109702 S wait 0xfffff80015ec2000 syz-executor.1
7213 7212 794 0 S uwait 0xfffff8002c056a80 syz-executor.2
7212 794 794 0 S (threaded) syz-executor.2
108551 S nanslp 0xffffffff8273c8e0 syz-executor.2
109701 S wait 0xfffff8002c347a70 syz-executor.2
7211 7210 804 0 S uwait 0xfffff8002c010600 syz-executor.3
7210 804 804 0 S (threaded) syz-executor.3
109697 S nanslp 0xffffffff8273c8e1 syz-executor.3
109698 S wait 0xfffff8002c2de538 syz-executor.3
7206 1 785 0 S uwait 0xfffff8002c056300 syz-executor.1
7205 1 794 0 S uwait 0xfffff8002c010400 syz-executor.2
7201 1 804 0 S uwait 0xfffff8002c056100 syz-executor.3
7197 1 785 0 S uwait 0xfffff80015f7fb80 syz-executor.1
7192 1 804 0 S uwait 0xfffff8002c010500 syz-executor.3
7187 1 804 0 S uwait 0xfffff8002c2add80 syz-executor.3
7179 1 804 0 S uwait 0xfffff80015740180 syz-executor.3
6617 1 804 0 S uwait 0xfffff80015082000 syz-executor.3
6611 1 804 0 S uwait 0xfffff8002c056680 syz-executor.3
6607 1 804 0 S umtxn 0xfffff8002c056200 syz-executor.3
6602 1 804 0 S uwait 0xfffff8002c010e80 syz-executor.3
6600 1 804 0 S uwait 0xfffff80015740100 syz-executor.3
6395 1 794 0 S uwait 0xfffff80015740800 syz-executor.2
6393 1 794 0 S uwait 0xfffff80015bb1000 syz-executor.2
6391 1 794 0 S uwait 0xfffff8002c2adc80 syz-executor.2
6388 1 794 0 S uwait 0xfffff8002c010b80 syz-executor.2
6387 1 794 0 S uwait 0xfffff8002c010a00 syz-executor.2
6243 1 804 0 S uwait 0xfffff8002c056000 syz-executor.3
6240 1 785 0 S uwait 0xfffff80015bb1700 syz-executor.1
6237 1 804 0 S uwait 0xfffff8002c056e80 syz-executor.3
6232 1 785 0 S uwait 0xfffff8002c056d80 syz-executor.1
6227 1 804 0 S uwait 0xfffff8001596d200 syz-executor.3
6223 1 785 0 S uwait 0xfffff80015bb1100 syz-executor.1
6219 1 785 0 S uwait 0xfffff80015740000 syz-executor.1
6211 1 785 0 S uwait 0xfffff80015740600 syz-executor.1
6203 1 785 0 S uwait 0xfffff80015bb1600 syz-executor.1
6191 1 785 0 S uwait 0xfffff80015bb1200 syz-executor.1
6182 1 785 0 S uwait 0xfffff80015bb1500 syz-executor.1
6177 1 785 0 S uwait 0xfffff80030ae1200 syz-executor.1
6171 1 785 0 S uwait 0xfffff8001596d900 syz-executor.1
5697 1 785 0 S uwait 0xfffff80015bb1e00 syz-executor.1
5693 1 785 0 S uwait 0xfffff80015082100 syz-executor.1
5683 1 785 0 S uwait 0xfffff80015740380 syz-executor.1
5679 1 785 0 S uwait 0xfffff80015740880 syz-executor.1
5674 1 785 0 S uwait 0xfffff80015bb1800 syz-executor.1
5336 1 784 0 S uwait 0xfffff80015bb1d00 syz-executor.0
5334 1 804 0 S uwait 0xfffff8001596d400 syz-executor.3
5330 1 784 0 S uwait 0xfffff8002c056980 syz-executor.0
5328 1 804 0 S uwait 0xfffff800158f0b80 syz-executor.3
5324 1 784 0 S uwait 0xfffff80030ca6180 syz-executor.0
5319 1 804 0 S uwait 0xfffff8001596dd80 syz-executor.3
5316 1 804 0 S uwait 0xfffff80015bb1900 syz-executor.3
5308 1 804 0 S umtxn 0xfffff8002c056c80 syz-executor.3
5202 1 804 0 S uwait 0xfffff80015740700 syz-executor.3
5200 1 794 0 S uwait 0xfffff8001596d500 syz-executor.2
5194 1 804 0 S uwait 0xfffff80015082500 syz-executor.3
5191 1 794 0 S uwait 0xfffff80015740480 syz-executor.2
5183 1 804 0 S uwait 0xfffff8001596db80 syz-executor.3
5181 1 794 0 S uwait 0xfffff80015270800 syz-executor.2
5179 1 794 0 S uwait 0xfffff80015bb1c00 syz-executor.2
5172 1 794 0 S uwait 0xfffff80015740d80 syz-executor.2
5006 1 785 0 S uwait 0xfffff8001596d300 syz-executor.1
5001 1 785 0 S uwait 0xfffff80015740980 syz-executor.1
4996 1 785 0 S uwait 0xfffff80015bb1f00 syz-executor.1
4994 1 785 0 S uwait 0xfffff800158f0680 syz-executor.1
4990 1 785 0 S uwait 0xfffff80015740e80 syz-executor.1
4763 1 804 0 S uwait 0xfffff80015270a00 syz-executor.3
4754 1 804 0 S uwait 0xfffff80015270300 syz-executor.3
4745 1 804 0 S uwait 0xfffff80015270f00 syz-executor.3
4740 1 804 0 S uwait 0xfffff80015270400 syz-executor.3
4732 1 804 0 S uwait 0xfffff8001596d600 syz-executor.3
4650 1 784 0 S uwait 0xfffff800158f0d80 syz-executor.0
4642 1 794 0 S uwait 0xfffff80015270d00 syz-executor.2
4637 1 784 0 S umtxn 0xfffff80030ca6500 syz-executor.0
4635 1 794 0 S uwait 0xfffff800158f0980 syz-executor.2
4629 1 784 0 S uwait 0xfffff800158f0200 syz-executor.0
4625 1 794 0 S uwait 0xfffff8001596d700 syz-executor.2
4623 1 794 0 S uwait 0xfffff800158f0780 syz-executor.2
4615 1 794 0 S uwait 0xfffff80015740a80 syz-executor.2
4415 1 784 0 S uwait 0xfffff80015740b80 syz-executor.0
4413 1 784 0 S uwait 0xfffff800158f0100 syz-executor.0
3983 1 794 0 S uwait 0xfffff800158f0880 syz-executor.2
3979 1 784 0 S uwait 0xfffff800158f0400 syz-executor.0
3974 1 785 0 S uwait 0xfffff800158f0600 syz-executor.1
3973 1 794 0 S uwait 0xfffff800158f0500 syz-executor.2
3970 1 784 0 S uwait 0xfffff80015740c80 syz-executor.0
3969 1 804 0 S uwait 0xfffff80015270600 syz-executor.3
3966 1 785 0 S uwait 0xfffff80030ddde00 syz-executor.1
3965 1 794 0 S uwait 0xfffff800158f0300 syz-executor.2
3964 1 784 0 S uwait 0xfffff800158f0a80 syz-executor.0
3961 1 804 0 S uwait 0xfffff80015082600 syz-executor.3
3958 1 785 0 S uwait 0xfffff80030ae1a80 syz-executor.1
3956 1 784 0 S uwait 0xfffff8001596de80 syz-executor.0
3954 1 804 0 S uwait 0xfffff80030ca6800 syz-executor.3
3951 1 784 0 S uwait 0xfffff80015270000 syz-executor.0
3946 1 784 0 S uwait 0xfffff80015270200 syz-executor.0
3941 1 784 0 S uwait 0xfffff80015082800 syz-executor.0
3939 1 784 0 S uwait 0xfffff80030ddd800 syz-executor.0
3903 1 794 0 S uwait 0xfffff80030ca6600 syz-executor.2
3901 1 785 0 S uwait 0xfffff80030ca6080 syz-executor.1
3900 1 794 0 S uwait 0xfffff80030ca6c00 syz-executor.2
3899 1 785 0 S uwait 0xfffff80015082b80 syz-executor.1
3897 1 785 0 S uwait 0xfffff80015270100 syz-executor.1
3894 1 794 0 S uwait 0xfffff800158f0c80 syz-executor.2
3893 1 794 0 S uwait 0xfffff80030ddda00 syz-executor.2
3891 1 785 0 S uwait 0xfffff80015082300 syz-executor.1
3890 1 794 0 S uwait 0xfffff80015082400 syz-executor.2
3889 1 794 0 S uwait 0xfffff80030ae1100 syz-executor.2
3884 1 785 0 S uwait 0xfffff80015082a00 syz-executor.1
3883 1 785 0 S uwait 0xfffff80004f5e380 syz-executor.1
3880 1 794 0 S uwait 0xfffff80030ddd000 syz-executor.2
3878 1 794 0 S uwait 0xfffff80030ae1500 syz-executor.2
3877 1 794 0 S uwait 0xfffff800158f0e80 syz-executor.2
3704 1 3704 65 Ss select 0xfffff800157407c0 dhclient
3465 1 804 0 S uwait 0xfffff80015270e00 syz-executor.3
3458 1 785 0 S uwait 0xfffff80004f5e480 syz-executor.1
3455 1 804 0 S uwait 0xfffff80030ddd700 syz-executor.3
3452 1 785 0 S umtxn 0xfffff80015082900 syz-executor.1
3449 1 804 0 S uwait 0xfffff80030ca6b00 syz-executor.3
3445 1 785 0 S uwait 0xfffff80015082b00 syz-executor.1
3442 1 785 0 S uwait 0xfffff80004f5e280 syz-executor.1
3435 1 785 0 S uwait 0xfffff80030ae1600 syz-executor.1
3106 1 785 0 S uwait 0xfffff80015270b00 syz-executor.1
3104 1 804 0 S uwait 0xfffff80030ae1f00 syz-executor.3
3100 1 785 0 S uwait 0xfffff80015270700 syz-executor.1
3099 1 804 0 S uwait 0xfffff80015082700 syz-executor.3
3092 1 785 0 S uwait 0xfffff80030ca6e00 syz-executor.1
3091 1 804 0 S uwait 0xfffff80030ddd200 syz-executor.3
3086 1 804 0 S uwait 0xfffff80015270900 syz-executor.3
3081 1 804 0 S uwait 0xfffff80030ae1700 syz-executor.3
3048 1 3048 0 Ss select 0xfffff800152704c0 dhclient
3045 1 3045 0 Ss select 0xfffff800150820c0 dhclient
3034 1 3034 65 Ss select 0xfffff80015270540 dhclient
2773 1 794 0 S uwait 0xfffff80030ddd300 syz-executor.2
2772 1 794 0 S uwait 0xfffff80030dddc00 syz-executor.2
2737 1 794 0 S uwait 0xfffff80030ddd900 syz-executor.2
2728 1 794 0 S uwait 0xfffff80030dddf00 syz-executor.2
2723 1 804 0 S uwait 0xfffff80030ddd100 syz-executor.3
2721 1 804 0 S uwait 0xfffff80030ca6700 syz-executor.3
2718 1 804 0 S uwait 0xfffff80004f5ee00 syz-executor.3
2715 1 794 0 S uwait 0xfffff80004cfc680 syz-executor.2
2714 1 804 0 S uwait 0xfffff80030dddb00 syz-executor.3
2708 1 804 0 S uwait 0xfffff80030ae1000 syz-executor.3
2704 1 804 0 S uwait 0xfffff80030ca6a00 syz-executor.3
2702 1 804 0 S uwait 0xfffff80030ae1800 syz-executor.3
2694 1 804 0 S uwait 0xfffff80030ddd600 syz-executor.3
2325 1 2325 0 Ss select 0xfffff80015082d40 dhclient
2322 1 2322 0 Ss select 0xfffff800152705c0 dhclient
2295 1 2295 65 Ss select 0xfffff80030ca62c0 dhclient
1819 1 804 0 S uwait 0xfffff80004f5e080 syz-executor.3
1813 1 804 0 S uwait 0xfffff80004f5e580 syz-executor.3
1802 1 804 0 S uwait 0xfffff80030ca6400 syz-executor.3
1797 1 804 0 S uwait 0xfffff80030ddd400 syz-executor.3
1792 1 804 0 S uwait 0xfffff80030ae1b80 syz-executor.3
1569 1 785 0 S uwait 0xfffff800304d1380 syz-executor.1
1560 1 785 0 S uwait 0xfffff80004f5ed00 syz-executor.1
1521 1 1521 0 Ss select 0xfffff80015082dc0 dhclient
1518 1 1518 0 Ss select 0xfffff80015082cc0 dhclient
1499 1 1499 65 Ss select 0xfffff80015082e40 dhclient
1358 1 784 0 S uwait 0xfffff800304d1580 syz-executor.0
1357 1 784 0 S uwait 0xfffff80004f5ef00 syz-executor.0
1019 1 784 0 S uwait 0xfffff800304d1680 syz-executor.0
1018 1 784 0 S uwait 0xfffff80030dddd00 syz-executor.0
831 1 831 0 Ss select 0xfffff80030ca6ec0 dhclient
821 1 821 0 Ss select 0xfffff80030ae1940 dhclient
804 782 804 0 Rs syz-executor.3
794 782 794 0 Rs syz-executor.2
785 782 785 0 Ss nanslp 0xffffffff8273c8e1 syz-executor.1
784 782 784 0 Rs CPU 1 syz-executor.0
782 780 780 0 S (threaded) syz-fuzzer
100115 S uwait 0xfffff80004cfc380 syz-fuzzer
100116 S uwait 0xfffff800304d1c80 syz-fuzzer
100117 S uwait 0xfffff800304d1d80 syz-fuzzer
100118 S uwait 0xfffff800304d1080 syz-fuzzer
100119 S uwait 0xfffff800304d1180 syz-fuzzer
100120 S uwait 0xfffff80004cfc480 syz-fuzzer
100121 S uwait 0xfffff80004cfc580 syz-fuzzer
100122 S uwait 0xfffff800304d1280 syz-fuzzer
101004 S kqread 0xfffff80004beda00 syz-fuzzer
780 778 780 0 Ss pause 0xfffff800306b45e8 csh
778 694 778 0 Ss select 0xfffff800304d1840 sshd
760 1 760 0 Ss+ ttyin 0xfffff800049d7cb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80004ced8b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80004cedcb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80004cf40b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80004cf44b0 getty
755 1 755 0 Ss+ ttyin 0xfffff80004cf48b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80004cf4cb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80004c6e0b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80004c6e4b0 getty
698 1 698 0 Ss nanslp 0xffffffff8273c8e0 cron
694 1 694 0 Ss select 0xfffff80004f5e740 sshd
507 1 507 0 Ss select 0xfffff80004f5eac0 syslogd
436 1 436 0 Ss select 0xfffff800304d1a40 devd
435 1 435 65 Ss select 0xfffff8002300c6c0 dhclient
350 1 350 0 Ss select 0xfffff8002300c740 dhclient
347 1 347 0 Ss select 0xfffff800304d19c0 dhclient
23 0 0 0 DL syncer 0xffffffff8282bd50 [syncer]
22 0 0 0 DL vlruwt 0xfffff80004e8da70 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282ae00 [bufdaemon]
100088 D - 0xffffffff8220ae00 [bufspacedaemon-0]
100098 D sdflush 0xfffff80023022ce8 [/ worker]
20 0 0 0 DL psleep 0xffffffff82852c08 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82847078 [dom0]
100086 D launds 0xffffffff82847084 [laundry: dom0]
100087 D umarcl 0xffffffff815c9360 [uma]
18 0 0 0 DL - 0xffffffff82570c78 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff82eb8828 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff830c13c0 [pf purge]
15 0 0 0 DL - 0xffffffff8282845c [soaiod4]
9 0 0 0 DL - 0xffffffff8282845c [soaiod3]
8 0 0 0 DL - 0xffffffff8282845c [soaiod2]
7 0 0 0 DL - 0xffffffff8282845c [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82448140 [doneq0]
100045 D - 0xffffffff824480c0 [async]
100078 D - 0xffffffff82447f90 [scanner]
14 0 0 0 DL seqstat 0xfffff8000463c888 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffff8000462ed80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff8000462ed30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff828445a0 [crypto]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff8271c120 [g_event]
100036 D - 0xffffffff8271c128 [g_up]
100037 D - 0xffffffff8271c130 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100028 D - 0xfffff80004574600 [thr_0]
100029 D - 0xfffff80004574680 [thr_1]
12 0 0 0 RL (threaded) [intr]
100011 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100018 I [swi5: fast taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 Run CPU 0 [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff8000452a538 [init]
10 0 0 0 DL audit_w 0xffffffff82844ab0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8271c6b0 [swapper]
100005 D - 0xfffff80004144800 [if_config_tqg_0]
100006 D - 0xfffff80004144700 [softirq_0]
100007 D - 0xfffff80004144600 [softirq_1]
100008 D - 0xfffff80004144500 [if_io_tqg_0]
100009 D - 0xfffff80004144400 [if_io_tqg_1]
100010 D - 0xfffff8000457a600 [pci_hp taskq]
100012 D - 0xfffff8000457a300 [inm_free taskq]
100014 D - 0xfffff8000457a000 [linuxkpi_irq_wq]
100015 D - 0xfffff80004574e00 [thread taskq]
100016 D - 0xfffff80004574d00 [in6m_free taskq]
100017 D - 0xfffff80004574c00 [aiod_kick taskq]
100019 D - 0xfffff80004574900 [kqueue_ctx taskq]
100020 D - 0xfffff80004574800 [linuxkpi_short_wq_0]
100021 D - 0xfffff80004574800 [linuxkpi_short_wq_1]
100022 D - 0xfffff80004574800 [linuxkpi_short_wq_2]
100023 D - 0xfffff80004574800 [linuxkpi_short_wq_3]
100024 D - 0xfffff80004574700 [linuxkpi_long_wq_0]
100025 D - 0xfffff80004574700 [linuxkpi_long_wq_1]
100026 D - 0xfffff80004574700 [linuxkpi_long_wq_2]
100027 D - 0xfffff80004574700 [linuxkpi_long_wq_3]
100034 D - 0xfffff80004574000 [firmware taskq]
100038 D - 0xfffff800045c1d00 [crypto_0]
100039 D - 0xfffff800045c1d00 [crypto_1]
100055 D - 0xfffff800045c1700 [vtnet0 rxq 0]
100056 D - 0xfffff800045c1600 [vtnet0 txq 0]
100057 D - 0xfffff800045c1500 [vtnet0 rxq 1]
100058 D - 0xfffff800045c1400 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80004972100 [virtio_balloon]
100064 D - 0xfffff80004973a00 [mca taskq]
100066 D - 0xffffffff81e206a1 [deadlkres]
100073 D - 0xfffff80004c3c700 [acpi_task_0]
100074 D - 0xfffff80004c3c700 [acpi_task_1]
100075 D - 0xfffff80004c3c700 [acpi_task_2]
100077 D - 0xfffff800045c1c00 [CAM taskq]
db> show all locks
Process 784 (syz-executor.0) thread 0xfffffe0055767ac0 (100113)
exclusive sleep mutex pmap (pmap) r = 0 (0xfffffe0094c05500) locked @ /syzkaller/managers/i386/kernel/sys/amd64/amd64/pmap.c:6476
exclusive sx vm map (user) (vm map (user)) r = 0 (0xfffffe009c474060) locked @ /syzkaller/managers/i386/kernel/sys/vm/vm_map.c:4301
exclusive sx vm map (user) (vm map (user)) r = 0 (0xfffffe0094c05440) locked @ /syzkaller/managers/i386/kernel/sys/vm/vm_map.c:4297
Process 12 (intr) thread 0xfffffe0055368740 (100085)
exclusive rw tcpinp (tcpinp) r = 0 (0xfffff8002c3bf9a8) locked @ /syzkaller/managers/i386/kernel/sys/netinet/tcp_hpts.c:1536
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
devbuf 4216 4340K 4244
tcp_hpts 5 3201K 5
filedesc 306 2445K 12619
sysctloid 33718 1992K 33785
vtbuf 24 1968K 46
kobj 332 1328K 492
newblk 47 1036K 12834
vfscache 3 1025K 3
subproc 428 915K 7442
pcb 361 888K 12704
inodedep 61 535K 6996
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
acpica 1674 184K 55406
vnet_data 1 168K 1
sctp_stro 156 156K 3047
tidhash 3 141K 3
pagedep 16 132K 6274
tfo_ccache 1 128K 1
sctp_atcl 314 118K 9413
DEVFS1 107 107K 124
sem 4 106K 4
linker 294 102K 370
BPF 46 88K 46
kdtrace 504 87K 16928
bus 995 81K 3509
umtx 638 80K 638
mtx_pool 2 72K 2
shm 20 70K 41
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
temp 36 35K 3085
hostcache 1 32K 1
DEVFS3 126 32K 136
msg 4 30K 4
vmem 3 28K 6
gtaskqueue 18 26K 18
kbdmux 6 22K 6
ifaddr 70 20K 72
DEVFS_RULE 56 20K 56
sctp_atky 470 20K 12863
routetbl 139 19K 482
ufs_mount 5 17K 6
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
lltable 49 16K 191
kqueue 210 16K 7378
bus-sc 33 14K 1719
sctp_timw 55 14K 55
pwddesc 207 13K 7223
ksem 33 13K 135
KTRACE 100 13K 100
ifnet 7 13K 7
ether_multi 152 13K 170
kenv 93 12K 93
dirrem 45 12K 6612
eventhandler 133 12K 133
rman 84 10K 425
GEOM 60 10K 489
in6_multi 65 9K 65
bmsafemap 2 9K 6898
UART 12 9K 12
devstat 4 9K 4
rpc 2 8K 2
shmfd 1 8K 12
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 236 8K 294
cred 27 7K 392
lockf 64 7K 982
taskqueue 60 7K 60
sglist 5 7K 5
CAM DEV 3 6K 510
plimit 24 6K 486
freefile 46 6K 6489
pf_ifnet 14 6K 63
CAM queue 5 6K 1528
DEVFSP 80 5K 339
sctp_athm 314 5K 9695
sctp_map 312 5K 5980
ufs_dirhash 24 5K 24
freework 19 5K 8609
session 35 5K 54
UMA 265 5K 265
vt 11 5K 11
pf_table 2 4K 15
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
kcovinfo 64 4K 68
acpisem 28 4K 28
selfd 55 4K 90877
hhook 13 4K 13
fpukern_ctx 3 3K 3
proc-args 52 3K 662
terminal 11 3K 11
select 19 3K 280
uidinfo 3 3K 75
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
ip6ndp 12 2K 13
inpcbpolicy 57 2K 2402
Unitno 30 2K 47
sctp_ifa 13 2K 14
CAM XPT 22 2K 543
freeblks 6 2K 6439
in_multi 6 2K 12
newdirblk 11 2K 6169
ipsecpolicy 2 2K 2
acpidev 20 2K 20
tcp_fsb 19 2K 236
msi 9 2K 9
clone 9 2K 9
tun 7 2K 7
sctp_stri 2 1K 858
softdep 1 1K 1
mkdir 8 1K 12338
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 278
NFSD session 1 1K 1
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_ifn 6 1K 14
mld 6 1K 6
igmp 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
ip_msource 11 1K 45
crypto 4 1K 4
encap_export_host 12 1K 12
procdesc 5 1K 14
diradd 4 1K 6652
pfil 4 1K 4
CAM SIM 2 1K 2
cdev 2 1K 2
chacha20random 1 1K 1
osd 3 1K 10
filedesc_to_leader 5 1K 9
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
indirdep 1 1K 2715
vnodes 1 1K 67
ktls 1 1K 1
feeder 7 1K 7
pf_osfp 2 1K 2
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
linux 5 1K 6
aesni_data 2 1K 2
pf_rule 1 1K 71
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
xform 2 1K 314
CAM path 4 1K 1034
pmchooks 1 1K 1
nexusdev 7 1K 7
soname 4 1K 9470
filecaps 5 1K 100
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 46
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
pf_altq 0 0K 0
pf_temp 0 0K 0
mqdata 0 0K 0
tcp_do 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 4322
sctp_iter 0 0K 33
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 23
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 10
sctp_aadr 0 0K 13
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
axgbe 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
amr 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
vm_fictitious 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
agp 0 0K 0
nvme_da 0 0K 0
UMAHash 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 4258
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 137
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 34
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
twsbuf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 56
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 0
ip_moptions 0 0K 30
in_mfilter 0 0K 102
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 28
twa_commands 0 0K 0
statfs 0 0K 6385
namei_tracker 0 0K 19
export_host 0 0K 0
cl_savebuf 0 0K 36
tcp_log_dev 0 0K 44
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 14219
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 190
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 18965
ioctlops 0 0K 377
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 780
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 44
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 17
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8321 960 214339 0 254 38014976 0
mbuf 256 9079 1901 1070810 0 254 2810880 0
malloc-16384 16384 156 2 6488 0 1 2588672 0
pbuf 2624 0 957 0 0 2 2511168 0
RADIX NODE 144 8890 7067 229811 0 62 2297808 0
tcp_log 416 0 5085 19706 0 254 2115360 0
BUF TRIE 144 187 13281 7450 0 62 1939392 0
malloc-384 384 4116 4 4116 0 30 1582080 0
malloc-128 128 11110 50 11732 0 126 1428480 0
mbuf_cluster 2048 675 1 675 0 254 1384448 0
malloc-4096 4096 332 2 567 0 2 1368064 0
UMA Slabs 0 112 10975 2 10975 0 126 1229424 0
MAP ENTRY 96 9524 178 416449 0 126 931392 0
malloc-4096 4096 218 2 7228 0 2 901120 0
VM OBJECT 264 3149 31 107071 0 30 839520 0
tcp_bbr_map 128 0 6293 160416 0 126 805504 0
FFS inode 1160 637 21 7206 0 8 763280 0
sctp_asoc 2288 156 124 2990 0 254 640640 0
THREAD 1808 294 25 9708 0 8 576752 0
VMSPACE 2544 186 6 7202 0 4 488448 0
sctp_ep 1280 156 162 5710 0 254 407040 0
malloc-2048 2048 158 28 5713 0 8 380928 0
lkpimm 160 1 2324 1 0 62 372000 0
lkpicurr 160 2 2323 2 0 62 372000 0
256 Bucket 2048 161 13 12387 0 8 356352 0
VNODE 448 675 72 7246 0 30 334656 0
PROC 1336 208 11 7218 0 8 292584 0
malloc-64 64 4359 177 15847 0 254 290304 0
sctp_raddr 736 176 198 4925 0 254 275264 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-384 384 550 60 9675 0 30 234240 0
filedesc0 1072 207 10 7223 0 8 232624 0
malloc-16 16 14070 430 23566 0 254 232000 0
malloc-32768 32768 0 7 2385 0 1 229376 0
malloc-128 128 1367 400 54846 0 126 226176 0
DEVCTL 1024 0 216 132 0 0 221184 0
malloc-256 256 179 646 26849 0 62 211200 0
malloc-65536 65536 1 2 391 0 1 196608 0
malloc-65536 65536 0 3 44 0 1 196608 0
malloc-32 32 5531 391 14934 0 254 189504 0
malloc-1024 1024 162 22 3044 0 16 188416 0
UMA Zones 768 237 2 237 0 16 183552 0
malloc-128 128 1345 50 2943 0 126 178560 0
mbuf_packet 256 161 514 31593 0 254 172800 0
malloc-384 384 101 349 7086 0 30 172800 0
FFS2 dinode 256 637 23 7204 0 62 168960 0
socket 944 80 96 10255 0 254 166144 0
malloc-32768 32768 0 5 146 0 1 163840 0
malloc-32768 32768 2 3 18 0 1 163840 0
vmem btag 56 2720 76 2720 0 254 156576 0
S VFS Cache 104 1034 331 7749 0 126 141960 0
sctp_chunk 152 117 793 7325 0 254 138320 0
128 Bucket 1024 97 34 2677 0 16 134144 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-256 256 379 131 10669 0 62 130560 0
malloc-256 256 33 477 4805 0 62 130560 0
clpbuf 2624 0 48 108 0 16 125952 0
malloc-2048 2048 4 54 14236 0 8 118784 0
ksiginfo 112 202 842 769 0 126 116928 0
malloc-1024 1024 108 4 139 0 16 114688 0
malloc-8192 8192 9 3 143 0 1 98304 0
malloc-4096 4096 23 0 555 0 2 94208 0
g_bio 408 0 220 53894 0 30 89760 0
UMA Kegs 384 222 1 222 0 30 85632 0
malloc-256 256 183 117 12942 0 62 76800 0
malloc-4096 4096 16 2 115 0 2 73728 0
64 Bucket 512 90 54 8268 0 30 73728 0
tcp_inpcb 488 29 107 1592 0 254 66368 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-2048 2048 25 7 46 0 8 65536 0
malloc-256 256 112 128 6986 0 62 61440 0
tcpcb 1064 27 22 1592 0 254 52136 0
malloc-256 256 156 39 261 0 62 49920 0
32 Bucket 256 66 129 12606 0 62 49920 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-64 64 570 186 17797 0 254 48384 0
malloc-128 128 117 255 498 0 126 47616 0
TURNSTILE 136 320 16 320 0 62 45696 0
malloc-2048 2048 4 18 511 0 8 45056 0
malloc-128 128 300 41 486 0 126 43648 0
malloc-256 256 32 133 8758 0 62 42240 0
malloc-8192 8192 5 0 5 0 1 40960 0
malloc-2048 2048 11 9 264 0 8 40960 0
pcpu-8 8 4747 373 6077 0 254 40960 0
DIRHASH 1024 34 2 34 0 16 36864 0
NAMEI 1024 0 36 41813 0 16 36864 0
malloc-4096 4096 4 5 6384 0 2 36864 0
malloc-512 512 6 66 1344 0 30 36864 0
malloc-64 64 452 115 14694 0 254 36288 0
malloc-64 64 504 63 1188 0 254 36288 0
Files 80 297 153 25725 0 126 36000 0
pipe 744 23 22 784 0 16 33480 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
pcpu-64 64 480 32 480 0 254 32768 0
SLEEPQUEUE 88 320 32 320 0 126 30976 0
tcp_bbr_pcb 832 0 36 493 0 16 29952 0
tcp_rack_pcb 832 19 17 236 0 16 29952 0
malloc-64 64 237 204 91346 0 254 28224 0
KNOTE 160 28 147 74280 0 62 28000 0
8 Bucket 80 48 302 2387 0 126 28000 0
malloc-1024 1024 10 14 1411 0 16 24576 0
malloc-1024 1024 18 6 22 0 16 24576 0
PWD 32 135 621 6254 0 254 24192 0
16 Bucket 144 69 99 661 0 62 24192 0
ttyinq 160 135 15 300 0 62 24000 0
udplite_inpcb 488 17 31 355 0 254 23424 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-384 384 52 8 52 0 30 23040 0
malloc-384 384 27 33 554 0 30 23040 0
malloc-256 256 76 14 904 0 62 23040 0
malloc-2048 2048 2 8 283
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=14cbb993d00000
dashboard link: https://syzkaller.appspot.com/bug?extid=c5e2c7ad830b19d91f3d
userspace arch: i386
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c5e2c7...@syzkaller.appspotmail.com
panic: rack_output: IP version incorrect: 0
cpuid = 0
time = 1620366608
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00885795d0
vpanic() at vpanic+0x1c7/frame 0xfffffe0088579630
panic() at panic+0x43/frame 0xfffffe0088579690
rack_output() at rack_output+0xc843/frame 0xfffffe00885799c0
tcp_hpts_thread() at tcp_hpts_thread+0xe34/frame 0xfffffe0088579b10
ithread_loop() at ithread_loop+0x33f/frame 0xfffffe0088579bb0
fork_exit() at fork_exit+0xb3/frame 0xfffffe0088579bf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0088579bf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 12 tid 100085 ]
Stopped at kdb_enter+0x67: movq $0,0x163a54e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0xffffffff81137c10 vprintf+0x140
rdx 0x1
rbx 0
rsp 0xfffffe00885795b0
rbp 0xfffffe00885795d0
rsi 0
rdi 0xffffffff81137c46 vprintf+0x176
r8 0
r9 0x8080808080808080
r10 0xfffffe00885794a0
r11 0x1ff77fff59c
r12 0xffffffff82267ac0 ddb_dbbe
r13 0
r14 0xffffffff81a73d95
r15 0xffffffff81a73d95
rip 0xffffffff8112ec37 kdb_enter+0x67
rflags 0x82
kdb_enter+0x67: movq $0,0x163a54e(%rip)
db> show proc
Process 12 (intr) at 0xfffff80004579a70:
state: NORMAL
uid: 0 gids: 0
parent: pid 0 at 0xffffffff8271c6b0
ABI: null
flag: 0x10000284 flag2: 0
reaper: 0xffffffff8271c6b0 reapsubtree: 12
sigparent: 20
vmspace: 0xffffffff8271d330
(map 0xffffffff8271d330)
(map.pmap 0xffffffff8271d3f0)
(pmap 0xffffffff8271d450)
threads: 23
100011 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100018 I [swi5: fast taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 Run CPU 0 [swi1: hpts]
db> ps
pid ppid pgrp uid state wmesg wchan cmd
7215 7214 785 0 S uwait 0xfffff8001596da00 syz-executor.1
7214 785 785 0 S (threaded) syz-executor.1
106681 S nanslp 0xffffffff8273c8e1 syz-executor.1
109702 S wait 0xfffff80015ec2000 syz-executor.1
7213 7212 794 0 S uwait 0xfffff8002c056a80 syz-executor.2
7212 794 794 0 S (threaded) syz-executor.2
108551 S nanslp 0xffffffff8273c8e0 syz-executor.2
109701 S wait 0xfffff8002c347a70 syz-executor.2
7211 7210 804 0 S uwait 0xfffff8002c010600 syz-executor.3
7210 804 804 0 S (threaded) syz-executor.3
109697 S nanslp 0xffffffff8273c8e1 syz-executor.3
109698 S wait 0xfffff8002c2de538 syz-executor.3
7206 1 785 0 S uwait 0xfffff8002c056300 syz-executor.1
7205 1 794 0 S uwait 0xfffff8002c010400 syz-executor.2
7201 1 804 0 S uwait 0xfffff8002c056100 syz-executor.3
7197 1 785 0 S uwait 0xfffff80015f7fb80 syz-executor.1
7192 1 804 0 S uwait 0xfffff8002c010500 syz-executor.3
7187 1 804 0 S uwait 0xfffff8002c2add80 syz-executor.3
7179 1 804 0 S uwait 0xfffff80015740180 syz-executor.3
6617 1 804 0 S uwait 0xfffff80015082000 syz-executor.3
6611 1 804 0 S uwait 0xfffff8002c056680 syz-executor.3
6607 1 804 0 S umtxn 0xfffff8002c056200 syz-executor.3
6602 1 804 0 S uwait 0xfffff8002c010e80 syz-executor.3
6600 1 804 0 S uwait 0xfffff80015740100 syz-executor.3
6395 1 794 0 S uwait 0xfffff80015740800 syz-executor.2
6393 1 794 0 S uwait 0xfffff80015bb1000 syz-executor.2
6391 1 794 0 S uwait 0xfffff8002c2adc80 syz-executor.2
6388 1 794 0 S uwait 0xfffff8002c010b80 syz-executor.2
6387 1 794 0 S uwait 0xfffff8002c010a00 syz-executor.2
6243 1 804 0 S uwait 0xfffff8002c056000 syz-executor.3
6240 1 785 0 S uwait 0xfffff80015bb1700 syz-executor.1
6237 1 804 0 S uwait 0xfffff8002c056e80 syz-executor.3
6232 1 785 0 S uwait 0xfffff8002c056d80 syz-executor.1
6227 1 804 0 S uwait 0xfffff8001596d200 syz-executor.3
6223 1 785 0 S uwait 0xfffff80015bb1100 syz-executor.1
6219 1 785 0 S uwait 0xfffff80015740000 syz-executor.1
6211 1 785 0 S uwait 0xfffff80015740600 syz-executor.1
6203 1 785 0 S uwait 0xfffff80015bb1600 syz-executor.1
6191 1 785 0 S uwait 0xfffff80015bb1200 syz-executor.1
6182 1 785 0 S uwait 0xfffff80015bb1500 syz-executor.1
6177 1 785 0 S uwait 0xfffff80030ae1200 syz-executor.1
6171 1 785 0 S uwait 0xfffff8001596d900 syz-executor.1
5697 1 785 0 S uwait 0xfffff80015bb1e00 syz-executor.1
5693 1 785 0 S uwait 0xfffff80015082100 syz-executor.1
5683 1 785 0 S uwait 0xfffff80015740380 syz-executor.1
5679 1 785 0 S uwait 0xfffff80015740880 syz-executor.1
5674 1 785 0 S uwait 0xfffff80015bb1800 syz-executor.1
5336 1 784 0 S uwait 0xfffff80015bb1d00 syz-executor.0
5334 1 804 0 S uwait 0xfffff8001596d400 syz-executor.3
5330 1 784 0 S uwait 0xfffff8002c056980 syz-executor.0
5328 1 804 0 S uwait 0xfffff800158f0b80 syz-executor.3
5324 1 784 0 S uwait 0xfffff80030ca6180 syz-executor.0
5319 1 804 0 S uwait 0xfffff8001596dd80 syz-executor.3
5316 1 804 0 S uwait 0xfffff80015bb1900 syz-executor.3
5308 1 804 0 S umtxn 0xfffff8002c056c80 syz-executor.3
5202 1 804 0 S uwait 0xfffff80015740700 syz-executor.3
5200 1 794 0 S uwait 0xfffff8001596d500 syz-executor.2
5194 1 804 0 S uwait 0xfffff80015082500 syz-executor.3
5191 1 794 0 S uwait 0xfffff80015740480 syz-executor.2
5183 1 804 0 S uwait 0xfffff8001596db80 syz-executor.3
5181 1 794 0 S uwait 0xfffff80015270800 syz-executor.2
5179 1 794 0 S uwait 0xfffff80015bb1c00 syz-executor.2
5172 1 794 0 S uwait 0xfffff80015740d80 syz-executor.2
5006 1 785 0 S uwait 0xfffff8001596d300 syz-executor.1
5001 1 785 0 S uwait 0xfffff80015740980 syz-executor.1
4996 1 785 0 S uwait 0xfffff80015bb1f00 syz-executor.1
4994 1 785 0 S uwait 0xfffff800158f0680 syz-executor.1
4990 1 785 0 S uwait 0xfffff80015740e80 syz-executor.1
4763 1 804 0 S uwait 0xfffff80015270a00 syz-executor.3
4754 1 804 0 S uwait 0xfffff80015270300 syz-executor.3
4745 1 804 0 S uwait 0xfffff80015270f00 syz-executor.3
4740 1 804 0 S uwait 0xfffff80015270400 syz-executor.3
4732 1 804 0 S uwait 0xfffff8001596d600 syz-executor.3
4650 1 784 0 S uwait 0xfffff800158f0d80 syz-executor.0
4642 1 794 0 S uwait 0xfffff80015270d00 syz-executor.2
4637 1 784 0 S umtxn 0xfffff80030ca6500 syz-executor.0
4635 1 794 0 S uwait 0xfffff800158f0980 syz-executor.2
4629 1 784 0 S uwait 0xfffff800158f0200 syz-executor.0
4625 1 794 0 S uwait 0xfffff8001596d700 syz-executor.2
4623 1 794 0 S uwait 0xfffff800158f0780 syz-executor.2
4615 1 794 0 S uwait 0xfffff80015740a80 syz-executor.2
4415 1 784 0 S uwait 0xfffff80015740b80 syz-executor.0
4413 1 784 0 S uwait 0xfffff800158f0100 syz-executor.0
3983 1 794 0 S uwait 0xfffff800158f0880 syz-executor.2
3979 1 784 0 S uwait 0xfffff800158f0400 syz-executor.0
3974 1 785 0 S uwait 0xfffff800158f0600 syz-executor.1
3973 1 794 0 S uwait 0xfffff800158f0500 syz-executor.2
3970 1 784 0 S uwait 0xfffff80015740c80 syz-executor.0
3969 1 804 0 S uwait 0xfffff80015270600 syz-executor.3
3966 1 785 0 S uwait 0xfffff80030ddde00 syz-executor.1
3965 1 794 0 S uwait 0xfffff800158f0300 syz-executor.2
3964 1 784 0 S uwait 0xfffff800158f0a80 syz-executor.0
3961 1 804 0 S uwait 0xfffff80015082600 syz-executor.3
3958 1 785 0 S uwait 0xfffff80030ae1a80 syz-executor.1
3956 1 784 0 S uwait 0xfffff8001596de80 syz-executor.0
3954 1 804 0 S uwait 0xfffff80030ca6800 syz-executor.3
3951 1 784 0 S uwait 0xfffff80015270000 syz-executor.0
3946 1 784 0 S uwait 0xfffff80015270200 syz-executor.0
3941 1 784 0 S uwait 0xfffff80015082800 syz-executor.0
3939 1 784 0 S uwait 0xfffff80030ddd800 syz-executor.0
3903 1 794 0 S uwait 0xfffff80030ca6600 syz-executor.2
3901 1 785 0 S uwait 0xfffff80030ca6080 syz-executor.1
3900 1 794 0 S uwait 0xfffff80030ca6c00 syz-executor.2
3899 1 785 0 S uwait 0xfffff80015082b80 syz-executor.1
3897 1 785 0 S uwait 0xfffff80015270100 syz-executor.1
3894 1 794 0 S uwait 0xfffff800158f0c80 syz-executor.2
3893 1 794 0 S uwait 0xfffff80030ddda00 syz-executor.2
3891 1 785 0 S uwait 0xfffff80015082300 syz-executor.1
3890 1 794 0 S uwait 0xfffff80015082400 syz-executor.2
3889 1 794 0 S uwait 0xfffff80030ae1100 syz-executor.2
3884 1 785 0 S uwait 0xfffff80015082a00 syz-executor.1
3883 1 785 0 S uwait 0xfffff80004f5e380 syz-executor.1
3880 1 794 0 S uwait 0xfffff80030ddd000 syz-executor.2
3878 1 794 0 S uwait 0xfffff80030ae1500 syz-executor.2
3877 1 794 0 S uwait 0xfffff800158f0e80 syz-executor.2
3704 1 3704 65 Ss select 0xfffff800157407c0 dhclient
3465 1 804 0 S uwait 0xfffff80015270e00 syz-executor.3
3458 1 785 0 S uwait 0xfffff80004f5e480 syz-executor.1
3455 1 804 0 S uwait 0xfffff80030ddd700 syz-executor.3
3452 1 785 0 S umtxn 0xfffff80015082900 syz-executor.1
3449 1 804 0 S uwait 0xfffff80030ca6b00 syz-executor.3
3445 1 785 0 S uwait 0xfffff80015082b00 syz-executor.1
3442 1 785 0 S uwait 0xfffff80004f5e280 syz-executor.1
3435 1 785 0 S uwait 0xfffff80030ae1600 syz-executor.1
3106 1 785 0 S uwait 0xfffff80015270b00 syz-executor.1
3104 1 804 0 S uwait 0xfffff80030ae1f00 syz-executor.3
3100 1 785 0 S uwait 0xfffff80015270700 syz-executor.1
3099 1 804 0 S uwait 0xfffff80015082700 syz-executor.3
3092 1 785 0 S uwait 0xfffff80030ca6e00 syz-executor.1
3091 1 804 0 S uwait 0xfffff80030ddd200 syz-executor.3
3086 1 804 0 S uwait 0xfffff80015270900 syz-executor.3
3081 1 804 0 S uwait 0xfffff80030ae1700 syz-executor.3
3048 1 3048 0 Ss select 0xfffff800152704c0 dhclient
3045 1 3045 0 Ss select 0xfffff800150820c0 dhclient
3034 1 3034 65 Ss select 0xfffff80015270540 dhclient
2773 1 794 0 S uwait 0xfffff80030ddd300 syz-executor.2
2772 1 794 0 S uwait 0xfffff80030dddc00 syz-executor.2
2737 1 794 0 S uwait 0xfffff80030ddd900 syz-executor.2
2728 1 794 0 S uwait 0xfffff80030dddf00 syz-executor.2
2723 1 804 0 S uwait 0xfffff80030ddd100 syz-executor.3
2721 1 804 0 S uwait 0xfffff80030ca6700 syz-executor.3
2718 1 804 0 S uwait 0xfffff80004f5ee00 syz-executor.3
2715 1 794 0 S uwait 0xfffff80004cfc680 syz-executor.2
2714 1 804 0 S uwait 0xfffff80030dddb00 syz-executor.3
2708 1 804 0 S uwait 0xfffff80030ae1000 syz-executor.3
2704 1 804 0 S uwait 0xfffff80030ca6a00 syz-executor.3
2702 1 804 0 S uwait 0xfffff80030ae1800 syz-executor.3
2694 1 804 0 S uwait 0xfffff80030ddd600 syz-executor.3
2325 1 2325 0 Ss select 0xfffff80015082d40 dhclient
2322 1 2322 0 Ss select 0xfffff800152705c0 dhclient
2295 1 2295 65 Ss select 0xfffff80030ca62c0 dhclient
1819 1 804 0 S uwait 0xfffff80004f5e080 syz-executor.3
1813 1 804 0 S uwait 0xfffff80004f5e580 syz-executor.3
1802 1 804 0 S uwait 0xfffff80030ca6400 syz-executor.3
1797 1 804 0 S uwait 0xfffff80030ddd400 syz-executor.3
1792 1 804 0 S uwait 0xfffff80030ae1b80 syz-executor.3
1569 1 785 0 S uwait 0xfffff800304d1380 syz-executor.1
1560 1 785 0 S uwait 0xfffff80004f5ed00 syz-executor.1
1521 1 1521 0 Ss select 0xfffff80015082dc0 dhclient
1518 1 1518 0 Ss select 0xfffff80015082cc0 dhclient
1499 1 1499 65 Ss select 0xfffff80015082e40 dhclient
1358 1 784 0 S uwait 0xfffff800304d1580 syz-executor.0
1357 1 784 0 S uwait 0xfffff80004f5ef00 syz-executor.0
1019 1 784 0 S uwait 0xfffff800304d1680 syz-executor.0
1018 1 784 0 S uwait 0xfffff80030dddd00 syz-executor.0
831 1 831 0 Ss select 0xfffff80030ca6ec0 dhclient
821 1 821 0 Ss select 0xfffff80030ae1940 dhclient
804 782 804 0 Rs syz-executor.3
794 782 794 0 Rs syz-executor.2
785 782 785 0 Ss nanslp 0xffffffff8273c8e1 syz-executor.1
784 782 784 0 Rs CPU 1 syz-executor.0
782 780 780 0 S (threaded) syz-fuzzer
100115 S uwait 0xfffff80004cfc380 syz-fuzzer
100116 S uwait 0xfffff800304d1c80 syz-fuzzer
100117 S uwait 0xfffff800304d1d80 syz-fuzzer
100118 S uwait 0xfffff800304d1080 syz-fuzzer
100119 S uwait 0xfffff800304d1180 syz-fuzzer
100120 S uwait 0xfffff80004cfc480 syz-fuzzer
100121 S uwait 0xfffff80004cfc580 syz-fuzzer
100122 S uwait 0xfffff800304d1280 syz-fuzzer
101004 S kqread 0xfffff80004beda00 syz-fuzzer
780 778 780 0 Ss pause 0xfffff800306b45e8 csh
778 694 778 0 Ss select 0xfffff800304d1840 sshd
760 1 760 0 Ss+ ttyin 0xfffff800049d7cb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80004ced8b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80004cedcb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80004cf40b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80004cf44b0 getty
755 1 755 0 Ss+ ttyin 0xfffff80004cf48b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80004cf4cb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80004c6e0b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80004c6e4b0 getty
698 1 698 0 Ss nanslp 0xffffffff8273c8e0 cron
694 1 694 0 Ss select 0xfffff80004f5e740 sshd
507 1 507 0 Ss select 0xfffff80004f5eac0 syslogd
436 1 436 0 Ss select 0xfffff800304d1a40 devd
435 1 435 65 Ss select 0xfffff8002300c6c0 dhclient
350 1 350 0 Ss select 0xfffff8002300c740 dhclient
347 1 347 0 Ss select 0xfffff800304d19c0 dhclient
23 0 0 0 DL syncer 0xffffffff8282bd50 [syncer]
22 0 0 0 DL vlruwt 0xfffff80004e8da70 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282ae00 [bufdaemon]
100088 D - 0xffffffff8220ae00 [bufspacedaemon-0]
100098 D sdflush 0xfffff80023022ce8 [/ worker]
20 0 0 0 DL psleep 0xffffffff82852c08 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82847078 [dom0]
100086 D launds 0xffffffff82847084 [laundry: dom0]
100087 D umarcl 0xffffffff815c9360 [uma]
18 0 0 0 DL - 0xffffffff82570c78 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff82eb8828 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff830c13c0 [pf purge]
15 0 0 0 DL - 0xffffffff8282845c [soaiod4]
9 0 0 0 DL - 0xffffffff8282845c [soaiod3]
8 0 0 0 DL - 0xffffffff8282845c [soaiod2]
7 0 0 0 DL - 0xffffffff8282845c [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82448140 [doneq0]
100045 D - 0xffffffff824480c0 [async]
100078 D - 0xffffffff82447f90 [scanner]
14 0 0 0 DL seqstat 0xfffff8000463c888 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffff8000462ed80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff8000462ed30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff828445a0 [crypto]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff8271c120 [g_event]
100036 D - 0xffffffff8271c128 [g_up]
100037 D - 0xffffffff8271c130 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100028 D - 0xfffff80004574600 [thr_0]
100029 D - 0xfffff80004574680 [thr_1]
12 0 0 0 RL (threaded) [intr]
100011 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100018 I [swi5: fast taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 Run CPU 0 [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff8000452a538 [init]
10 0 0 0 DL audit_w 0xffffffff82844ab0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8271c6b0 [swapper]
100005 D - 0xfffff80004144800 [if_config_tqg_0]
100006 D - 0xfffff80004144700 [softirq_0]
100007 D - 0xfffff80004144600 [softirq_1]
100008 D - 0xfffff80004144500 [if_io_tqg_0]
100009 D - 0xfffff80004144400 [if_io_tqg_1]
100010 D - 0xfffff8000457a600 [pci_hp taskq]
100012 D - 0xfffff8000457a300 [inm_free taskq]
100014 D - 0xfffff8000457a000 [linuxkpi_irq_wq]
100015 D - 0xfffff80004574e00 [thread taskq]
100016 D - 0xfffff80004574d00 [in6m_free taskq]
100017 D - 0xfffff80004574c00 [aiod_kick taskq]
100019 D - 0xfffff80004574900 [kqueue_ctx taskq]
100020 D - 0xfffff80004574800 [linuxkpi_short_wq_0]
100021 D - 0xfffff80004574800 [linuxkpi_short_wq_1]
100022 D - 0xfffff80004574800 [linuxkpi_short_wq_2]
100023 D - 0xfffff80004574800 [linuxkpi_short_wq_3]
100024 D - 0xfffff80004574700 [linuxkpi_long_wq_0]
100025 D - 0xfffff80004574700 [linuxkpi_long_wq_1]
100026 D - 0xfffff80004574700 [linuxkpi_long_wq_2]
100027 D - 0xfffff80004574700 [linuxkpi_long_wq_3]
100034 D - 0xfffff80004574000 [firmware taskq]
100038 D - 0xfffff800045c1d00 [crypto_0]
100039 D - 0xfffff800045c1d00 [crypto_1]
100055 D - 0xfffff800045c1700 [vtnet0 rxq 0]
100056 D - 0xfffff800045c1600 [vtnet0 txq 0]
100057 D - 0xfffff800045c1500 [vtnet0 rxq 1]
100058 D - 0xfffff800045c1400 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80004972100 [virtio_balloon]
100064 D - 0xfffff80004973a00 [mca taskq]
100066 D - 0xffffffff81e206a1 [deadlkres]
100073 D - 0xfffff80004c3c700 [acpi_task_0]
100074 D - 0xfffff80004c3c700 [acpi_task_1]
100075 D - 0xfffff80004c3c700 [acpi_task_2]
100077 D - 0xfffff800045c1c00 [CAM taskq]
db> show all locks
Process 784 (syz-executor.0) thread 0xfffffe0055767ac0 (100113)
exclusive sleep mutex pmap (pmap) r = 0 (0xfffffe0094c05500) locked @ /syzkaller/managers/i386/kernel/sys/amd64/amd64/pmap.c:6476
exclusive sx vm map (user) (vm map (user)) r = 0 (0xfffffe009c474060) locked @ /syzkaller/managers/i386/kernel/sys/vm/vm_map.c:4301
exclusive sx vm map (user) (vm map (user)) r = 0 (0xfffffe0094c05440) locked @ /syzkaller/managers/i386/kernel/sys/vm/vm_map.c:4297
Process 12 (intr) thread 0xfffffe0055368740 (100085)
exclusive rw tcpinp (tcpinp) r = 0 (0xfffff8002c3bf9a8) locked @ /syzkaller/managers/i386/kernel/sys/netinet/tcp_hpts.c:1536
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
devbuf 4216 4340K 4244
tcp_hpts 5 3201K 5
filedesc 306 2445K 12619
sysctloid 33718 1992K 33785
vtbuf 24 1968K 46
kobj 332 1328K 492
newblk 47 1036K 12834
vfscache 3 1025K 3
subproc 428 915K 7442
pcb 361 888K 12704
inodedep 61 535K 6996
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
acpica 1674 184K 55406
vnet_data 1 168K 1
sctp_stro 156 156K 3047
tidhash 3 141K 3
pagedep 16 132K 6274
tfo_ccache 1 128K 1
sctp_atcl 314 118K 9413
DEVFS1 107 107K 124
sem 4 106K 4
linker 294 102K 370
BPF 46 88K 46
kdtrace 504 87K 16928
bus 995 81K 3509
umtx 638 80K 638
mtx_pool 2 72K 2
shm 20 70K 41
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
temp 36 35K 3085
hostcache 1 32K 1
DEVFS3 126 32K 136
msg 4 30K 4
vmem 3 28K 6
gtaskqueue 18 26K 18
kbdmux 6 22K 6
ifaddr 70 20K 72
DEVFS_RULE 56 20K 56
sctp_atky 470 20K 12863
routetbl 139 19K 482
ufs_mount 5 17K 6
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
lltable 49 16K 191
kqueue 210 16K 7378
bus-sc 33 14K 1719
sctp_timw 55 14K 55
pwddesc 207 13K 7223
ksem 33 13K 135
KTRACE 100 13K 100
ifnet 7 13K 7
ether_multi 152 13K 170
kenv 93 12K 93
dirrem 45 12K 6612
eventhandler 133 12K 133
rman 84 10K 425
GEOM 60 10K 489
in6_multi 65 9K 65
bmsafemap 2 9K 6898
UART 12 9K 12
devstat 4 9K 4
rpc 2 8K 2
shmfd 1 8K 12
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 236 8K 294
cred 27 7K 392
lockf 64 7K 982
taskqueue 60 7K 60
sglist 5 7K 5
CAM DEV 3 6K 510
plimit 24 6K 486
freefile 46 6K 6489
pf_ifnet 14 6K 63
CAM queue 5 6K 1528
DEVFSP 80 5K 339
sctp_athm 314 5K 9695
sctp_map 312 5K 5980
ufs_dirhash 24 5K 24
freework 19 5K 8609
session 35 5K 54
UMA 265 5K 265
vt 11 5K 11
pf_table 2 4K 15
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
kcovinfo 64 4K 68
acpisem 28 4K 28
selfd 55 4K 90877
hhook 13 4K 13
fpukern_ctx 3 3K 3
proc-args 52 3K 662
terminal 11 3K 11
select 19 3K 280
uidinfo 3 3K 75
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
ip6ndp 12 2K 13
inpcbpolicy 57 2K 2402
Unitno 30 2K 47
sctp_ifa 13 2K 14
CAM XPT 22 2K 543
freeblks 6 2K 6439
in_multi 6 2K 12
newdirblk 11 2K 6169
ipsecpolicy 2 2K 2
acpidev 20 2K 20
tcp_fsb 19 2K 236
msi 9 2K 9
clone 9 2K 9
tun 7 2K 7
sctp_stri 2 1K 858
softdep 1 1K 1
mkdir 8 1K 12338
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 278
NFSD session 1 1K 1
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_ifn 6 1K 14
mld 6 1K 6
igmp 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
ip_msource 11 1K 45
crypto 4 1K 4
encap_export_host 12 1K 12
procdesc 5 1K 14
diradd 4 1K 6652
pfil 4 1K 4
CAM SIM 2 1K 2
cdev 2 1K 2
chacha20random 1 1K 1
osd 3 1K 10
filedesc_to_leader 5 1K 9
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
indirdep 1 1K 2715
vnodes 1 1K 67
ktls 1 1K 1
feeder 7 1K 7
pf_osfp 2 1K 2
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
linux 5 1K 6
aesni_data 2 1K 2
pf_rule 1 1K 71
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
xform 2 1K 314
CAM path 4 1K 1034
pmchooks 1 1K 1
nexusdev 7 1K 7
soname 4 1K 9470
filecaps 5 1K 100
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 46
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
pf_altq 0 0K 0
pf_temp 0 0K 0
mqdata 0 0K 0
tcp_do 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 4322
sctp_iter 0 0K 33
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 23
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 10
sctp_aadr 0 0K 13
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
axgbe 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
amr 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
vm_fictitious 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
agp 0 0K 0
nvme_da 0 0K 0
UMAHash 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 4258
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 137
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 34
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
twsbuf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 56
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 0
ip_moptions 0 0K 30
in_mfilter 0 0K 102
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 28
twa_commands 0 0K 0
statfs 0 0K 6385
namei_tracker 0 0K 19
export_host 0 0K 0
cl_savebuf 0 0K 36
tcp_log_dev 0 0K 44
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 14219
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 190
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 18965
ioctlops 0 0K 377
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 780
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 44
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 17
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8321 960 214339 0 254 38014976 0
mbuf 256 9079 1901 1070810 0 254 2810880 0
malloc-16384 16384 156 2 6488 0 1 2588672 0
pbuf 2624 0 957 0 0 2 2511168 0
RADIX NODE 144 8890 7067 229811 0 62 2297808 0
tcp_log 416 0 5085 19706 0 254 2115360 0
BUF TRIE 144 187 13281 7450 0 62 1939392 0
malloc-384 384 4116 4 4116 0 30 1582080 0
malloc-128 128 11110 50 11732 0 126 1428480 0
mbuf_cluster 2048 675 1 675 0 254 1384448 0
malloc-4096 4096 332 2 567 0 2 1368064 0
UMA Slabs 0 112 10975 2 10975 0 126 1229424 0
MAP ENTRY 96 9524 178 416449 0 126 931392 0
malloc-4096 4096 218 2 7228 0 2 901120 0
VM OBJECT 264 3149 31 107071 0 30 839520 0
tcp_bbr_map 128 0 6293 160416 0 126 805504 0
FFS inode 1160 637 21 7206 0 8 763280 0
sctp_asoc 2288 156 124 2990 0 254 640640 0
THREAD 1808 294 25 9708 0 8 576752 0
VMSPACE 2544 186 6 7202 0 4 488448 0
sctp_ep 1280 156 162 5710 0 254 407040 0
malloc-2048 2048 158 28 5713 0 8 380928 0
lkpimm 160 1 2324 1 0 62 372000 0
lkpicurr 160 2 2323 2 0 62 372000 0
256 Bucket 2048 161 13 12387 0 8 356352 0
VNODE 448 675 72 7246 0 30 334656 0
PROC 1336 208 11 7218 0 8 292584 0
malloc-64 64 4359 177 15847 0 254 290304 0
sctp_raddr 736 176 198 4925 0 254 275264 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-384 384 550 60 9675 0 30 234240 0
filedesc0 1072 207 10 7223 0 8 232624 0
malloc-16 16 14070 430 23566 0 254 232000 0
malloc-32768 32768 0 7 2385 0 1 229376 0
malloc-128 128 1367 400 54846 0 126 226176 0
DEVCTL 1024 0 216 132 0 0 221184 0
malloc-256 256 179 646 26849 0 62 211200 0
malloc-65536 65536 1 2 391 0 1 196608 0
malloc-65536 65536 0 3 44 0 1 196608 0
malloc-32 32 5531 391 14934 0 254 189504 0
malloc-1024 1024 162 22 3044 0 16 188416 0
UMA Zones 768 237 2 237 0 16 183552 0
malloc-128 128 1345 50 2943 0 126 178560 0
mbuf_packet 256 161 514 31593 0 254 172800 0
malloc-384 384 101 349 7086 0 30 172800 0
FFS2 dinode 256 637 23 7204 0 62 168960 0
socket 944 80 96 10255 0 254 166144 0
malloc-32768 32768 0 5 146 0 1 163840 0
malloc-32768 32768 2 3 18 0 1 163840 0
vmem btag 56 2720 76 2720 0 254 156576 0
S VFS Cache 104 1034 331 7749 0 126 141960 0
sctp_chunk 152 117 793 7325 0 254 138320 0
128 Bucket 1024 97 34 2677 0 16 134144 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-256 256 379 131 10669 0 62 130560 0
malloc-256 256 33 477 4805 0 62 130560 0
clpbuf 2624 0 48 108 0 16 125952 0
malloc-2048 2048 4 54 14236 0 8 118784 0
ksiginfo 112 202 842 769 0 126 116928 0
malloc-1024 1024 108 4 139 0 16 114688 0
malloc-8192 8192 9 3 143 0 1 98304 0
malloc-4096 4096 23 0 555 0 2 94208 0
g_bio 408 0 220 53894 0 30 89760 0
UMA Kegs 384 222 1 222 0 30 85632 0
malloc-256 256 183 117 12942 0 62 76800 0
malloc-4096 4096 16 2 115 0 2 73728 0
64 Bucket 512 90 54 8268 0 30 73728 0
tcp_inpcb 488 29 107 1592 0 254 66368 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-2048 2048 25 7 46 0 8 65536 0
malloc-256 256 112 128 6986 0 62 61440 0
tcpcb 1064 27 22 1592 0 254 52136 0
malloc-256 256 156 39 261 0 62 49920 0
32 Bucket 256 66 129 12606 0 62 49920 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-64 64 570 186 17797 0 254 48384 0
malloc-128 128 117 255 498 0 126 47616 0
TURNSTILE 136 320 16 320 0 62 45696 0
malloc-2048 2048 4 18 511 0 8 45056 0
malloc-128 128 300 41 486 0 126 43648 0
malloc-256 256 32 133 8758 0 62 42240 0
malloc-8192 8192 5 0 5 0 1 40960 0
malloc-2048 2048 11 9 264 0 8 40960 0
pcpu-8 8 4747 373 6077 0 254 40960 0
DIRHASH 1024 34 2 34 0 16 36864 0
NAMEI 1024 0 36 41813 0 16 36864 0
malloc-4096 4096 4 5 6384 0 2 36864 0
malloc-512 512 6 66 1344 0 30 36864 0
malloc-64 64 452 115 14694 0 254 36288 0
malloc-64 64 504 63 1188 0 254 36288 0
Files 80 297 153 25725 0 126 36000 0
pipe 744 23 22 784 0 16 33480 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
pcpu-64 64 480 32 480 0 254 32768 0
SLEEPQUEUE 88 320 32 320 0 126 30976 0
tcp_bbr_pcb 832 0 36 493 0 16 29952 0
tcp_rack_pcb 832 19 17 236 0 16 29952 0
malloc-64 64 237 204 91346 0 254 28224 0
KNOTE 160 28 147 74280 0 62 28000 0
8 Bucket 80 48 302 2387 0 126 28000 0
malloc-1024 1024 10 14 1411 0 16 24576 0
malloc-1024 1024 18 6 22 0 16 24576 0
PWD 32 135 621 6254 0 254 24192 0
16 Bucket 144 69 99 661 0 62 24192 0
ttyinq 160 135 15 300 0 62 24000 0
udplite_inpcb 488 17 31 355 0 254 23424 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-384 384 52 8 52 0 30 23040 0
malloc-384 384 27 33 554 0 30 23040 0
malloc-256 256 76 14 904 0 62 23040 0
malloc-2048 2048 2 8 283
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
May 7, 2021, 8:16:16 AM5/7/21
to syzkaller-f...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=1216440dd00000
dashboard link: https://syzkaller.appspot.com/bug?extid=c5e2c7ad830b19d91f3d
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13e61d79d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1392b345d00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c5e2c7...@syzkaller.appspotmail.com
login: panic: rack_output: IP version incorrect: 0
cpuid = 0
time = 1620389608
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00516dc5d0
vpanic() at vpanic+0x1c7/frame 0xfffffe00516dc630
panic() at panic+0x43/frame 0xfffffe00516dc690
rack_output() at rack_output+0xc843/frame 0xfffffe00516dc9c0
tcp_hpts_thread() at tcp_hpts_thread+0xe34/frame 0xfffffe00516dcb10
ithread_loop() at ithread_loop+0x33f/frame 0xfffffe00516dcbb0
fork_exit() at fork_exit+0xb3/frame 0xfffffe00516dcbf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe00516dcbf0
rax 0x12
rcx 0x80
rdx 0xffffffff819c28f7
rbx 0
rsp 0xfffffe00516dc5b0
rbp 0xfffffe00516dc5d0
rsi 0x1
rdi 0
r8 0
r9 0x8080808080808080
r10 0xfffffe00516dc4a0
r11 0x1ffaefff59c
r15 0xffffffff81a73d13
100084 Run CPU 0 [swi1: hpts]
100085 I [swi1: hpts]
792 785 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
791 789 783 0 S connec 0xfffff80030632bf0 syz-executor1092967
790 787 783 0 S connec 0xfffff80030632490 syz-executor1092967
789 785 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
788 786 783 0 S connec 0xfffff800304120e0 syz-executor1092967
787 785 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
786 785 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
785 783 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
783 781 783 0 Ss pause 0xfffff800309e25e8 csh
781 694 781 0 Ss select 0xfffff80030556840 sshd
760 1 760 0 Ss+ ttyin 0xfffff800049dccb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80004cf78b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80004cf7cb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80004cfe0b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80004cfe4b0 getty
755 1 755 0 Ss+ ttyin 0xfffff80004cfe8b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80004cfecb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80004c780b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80004c784b0 getty
750 1 24 0 S+ piperd 0xfffff80004ed25d0 logger
749 748 24 0 S+ nanslp 0xffffffff8273c8e0 sleep
748 1 24 0 S+ wait 0xfffff80030573538 sh
698 1 698 0 Ss nanslp 0xffffffff8273c8e1 cron
694 1 694 0 Ss select 0xfffff80030556bc0 sshd
507 1 507 0 Ss select 0xfffff80030556c40 syslogd
436 1 436 0 Ss select 0xfffff800240599c0 devd
435 1 435 65 Ss select 0xfffff80024059940 dhclient
350 1 350 0 Ss select 0xfffff80024059840 dhclient
347 1 347 0 Ss select 0xfffff80024059bc0 dhclient
100099 D sdflush 0xfffff8002405ece8 [/ worker]
100088 D umarcl 0xffffffff815c9360 [uma]
16 0 0 0 DL pftm 0xffffffff82dbc3c0 [pf purge]
5 0 0 0 DL crypto_ 0xfffff80004633d80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff80004633d30 [crypto returns 0]
100084 Run CPU 0 [swi1: hpts]
100085 I [swi1: hpts]
100038 D - 0xfffff80004588d00 [crypto_0]
100039 D - 0xfffff80004588d00 [crypto_1]
100055 D - 0xfffff80004588700 [vtnet0 rxq 0]
100056 D - 0xfffff80004588600 [vtnet0 txq 0]
100057 D - 0xfffff80004588500 [vtnet0 rxq 1]
100058 D - 0xfffff80004588400 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80004977100 [virtio_balloon]
100064 D - 0xfffff80004978a00 [mca taskq]
100074 D - 0xfffff80004c46700 [acpi_task_1]
100075 D - 0xfffff80004c46700 [acpi_task_2]
100077 D - 0xfffff80004588c00 [CAM taskq]
db> show all locks
Process 12 (intr) thread 0xfffffe0055364000 (100084)
exclusive rw tcpinp (tcpinp) r = 0 (0xfffff800304c39a8) locked @ /syzkaller/managers/main/kernel/sys/netinet/tcp_hpts.c:1536
tcp_hpts 5 3201K 5
vfscache 3 1025K 3
pcb 27 537K 81
inodedep 26 522K 71
pagedep 8 130K 18
tfo_ccache 1 128K 1
sem 4 106K 4
DEVFS1 103 103K 112
linker 294 102K 318
bus 995 81K 3509
mtx_pool 2 72K 2
umtx 286 36K 286
temp 18 33K 1605
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 122 31K 132
msg 4 30K 4
vmem 3 26K 5
BPF 10 18K 10
KTRACE 100 13K 100
kenv 93 12K 93
eventhandler 133 12K 133
ifaddr 30 12K 32
routetbl 50 11K 176
UMA 265 5K 265
plimit 17 5K 322
vt 11 5K 11
ifnet 3 5K 3
acpisem 28 4K 28
kqueue 54 4K 796
pwddesc 54 4K 794
hhook 13 4K 13
ether_multi 40 4K 50
lltable 11 4K 11
pf_ifnet 5 3K 6
fpukern_ctx 3 3K 3
in6_multi 25 3K 25
terminal 11 3K 11
session 20 3K 31
uidinfo 3 3K 8
proc-args 39 2K 488
freefile 13 2K 22
Unitno 27 2K 39
dirrem 4 1K 28
ipsec 3 1K 3
indirdep 3 1K 3
nhops 6 1K 6
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
newdirblk 4 1K 8
mkdir 4 1K 16
in_multi 2 1K 4
sctp_ifn 2 1K 6
DEVFS 9 1K 10
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
ktls 1 1K 1
soname 8 1K 3235
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 7
tun 3 1K 3
p1003.1b 1 1K 1
tcp_do 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 3
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 3
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
savedino 0 0K 15
freefrag 0 0K 7
ip6opt 0 0K 3
ip_moptions 0 0K 0
in_mfilter 0 0K 0
twa_commands 0 0K 0
statfs 0 0K 196
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 6
tcp_log_dev 0 0K 0
ioctlops 0 0K 86
mbuf_jumbo_page 4096 8320 763 13316 0 254 37203968 0
pbuf 2624 0 989 0 0 2 2595136 0
mbuf 256 8578 812 15523 0 254 2403840 0
BUF TRIE 144 170 13298 453 0 62 1939392 0
malloc-4096 4096 332 1 492 0 2 1363968 0
UMA Slabs 0 112 9887 10 9887 0 126 1108464 0
FFS inode 1160 486 32 509 0 8 600880 0
malloc-64 64 4028 67 5022 0 254 262080 0
THREAD 1808 130 13 130 0 8 258544 0
VM OBJECT 264 943 17 12756 0 30 253440 0
VNODE 448 516 33 541 0 30 245952 0
256 Bucket 2048 101 17 10110 0 8 241664 0
malloc-16 16 13756 244 13827 0 254 224000 0
DEVCTL 1024 0 216 116 0 0 221184 0
malloc-65536 65536 1 2 183 0 1 196608 0
malloc-32 32 5219 73 6016 0 254 169344 0
malloc-256 256 640 20 1014 0 62 168960 0
malloc-128 128 972 20 1951 0 126 126976 0
ksiginfo 112 49 995 65 0 126 116928 0
MAP ENTRY 96 924 294 38131 0 126 116928 0
malloc-1024 1024 104 8 116 0 16 114688 0
vmem btag 56 1902 102 1902 0 254 112224 0
malloc-2048 2048 2 52 1796 0 8 110592 0
S VFS Cache 104 966 87 1007 0 126 109512 0
malloc-16384 16384 4 2 181 0 1 98304 0
malloc-8192 8192 9 2 138 0 1 90112 0
PROC 1336 53 13 793 0 8 88176 0
g_bio 408 0 180 4632 0 30 73440 0
filedesc0 1072 54 9 794 0 8 67536 0
mbuf_cluster 2048 30 2 30 0 254 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-4096 4096 14 2 110 0 2 65536 0
malloc-256 256 191 19 767 0 62 53760 0
128 Bucket 1024 40 11 610 0 16 52224 0
32 Bucket 256 47 133 3768 0 62 46080 0
malloc-64 64 526 167 14821 0 254 44352 0
malloc-128 128 292 49 451 0 126 43648 0
malloc-256 256 140 25 157 0 62 42240 0
clpbuf 2624 0 16 20 0 16 41984 0
malloc-512 512 4 68 512 0 30 36864 0
pcpu-8 8 4190 418 4218 0 254 36864 0
malloc-64 64 489 78 706 0 254 36288 0
malloc-384 384 83 7 83 0 30 34560 0
malloc-128 128 118 130 419 0 126 31744 0
malloc-384 384 45 35 102 0 30 30720 0
malloc-256 256 83 22 138 0 62 26880 0
malloc-1024 1024 10 14 1078 0 16 24576 0
socket 944 22 2 1257 0 254 22656 0
malloc-4096 4096 3 2 200 0 2 20480 0
malloc-2048 2048 6 4 83 0 8 20480 0
Mountpoints 2752 2 5 2 0 4 19264 0
SLEEPQUEUE 88 144 48 144 0 126 16896 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-2048 2048 3 5 268 0 8 16384 0
malloc-2048 2048 6 2 6 0 8 16384 0
malloc-1024 1024 12 4 12 0 16 16384 0
malloc-1024 1024 11 5 11 0 16 16384 0
malloc-32 32 336 168 434 0 254 16128 0
8 Bucket 80 42 158 417 0 126 16000 0
malloc-256 256 13 47 346 0 62 15360 0
tcp_rack_pcb 832 4 14 4 0 16 14976 0
tcpcb 1064 7 7 11 0 254 14896 0
pipe 744 7 13 284 0 16 14880 0
malloc-2048 2048 5 1 196 0 8 12288 0
malloc-1024 1024 5 7 21 0 16 12288 0
malloc-1024 1024 8 4 9 0 16 12288 0
malloc-64 64 131 58 1638 0 254 12096 0
malloc-64 64 127 62 155 0 254 12096 0
Files 80 75 75 6505 0 126 12000 0
udp_inpcb 488 6 18 126 0 254 11712 0
kenv 258 15 30 1049 0 30 11610 0
malloc-256 256 14 31 102 0 62 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-2048 2048 3 1 3 0 8 8192 0
malloc-1024 1024 0 8 4 0 16 8192 0
malloc-512 512 3 13 189 0 30 8192 0
malloc-512 512 6 10 14 0 30 8192 0
malloc-512 512 8 8 8 0 30 8192 0
rtentry 176 13 33 17 0 62 8096 0
PGRP 88 20 72 31 0 126 8096 0
rl_entry 40 36 166 36 0 254 8080 0
tcp_rack_map 112 12 60 12 0 126 8064 0
udpcb 32 6 246 126 0 254 8064 0
PWD 32 10 242 100 0 254 8064 0
malloc-64 64 8 118 9 0 254 8064 0
malloc-64 64 65 61 9413 0 254 8064 0
malloc-64 64 28 98 296 0 254 8064 0
malloc-32 32 6 246 11 0 254 8064 0
malloc-32 32 37 215 769 0 254 8064 0
malloc-32 32 78 174 3972 0 254 8064 0
malloc-32 32 30 222 189 0 254 8064 0
16 Bucket 144 36 20 201 0 62 8064 0
4 Bucket 48 5 163 54 0 254 8064 0
2 Bucket 32 40 212 503 0 254 8064 0
vtnet_tx_hdr 24 0 334 1370 0 254 8016 0
malloc-16 16 1 499 4 0 254 8000 0
malloc-16 16 20 480 59 0 254 8000 0
malloc-16 16 298 202 504 0 254 8000 0
malloc-16 16 24 476 25 0 254 8000 0
malloc-16 16 188 312 1443 0 254 8000 0
malloc-16 16 26 474 25396 0 254 8000 0
malloc-16 16 14 486 20 0 254 8000 0
malloc-128 128 5 57 11 0 126 7936 0
malloc-128 128 39 23 55 0 126 7936 0
malloc-128 128 10 52 79 0 126 7936 0
ripcb 488 1 15 4 0 254 7808 0
tcp_inpcb 488 7 9 11 0 254 7808 0
routing nhops 256 10 20 17 0 62 7680 0
unpcb 256 7 23 1099 0 254 7680 0
mbuf_packet 256 0 30 93 0 254 7680 0
malloc-384 384 0 20 19 0 30 7680 0
malloc-384 384 5 15 352 0 30 7680 0
malloc-384 384 20 0 20 0 30 7680 0
malloc-256 256 20 10 617 0 62 7680 0
malloc-256 256 15 15 293 0 62 7680 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 7 55 7 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
malloc-4096 4096 0 1 3 0 2 4096 0
malloc-2048 2048 1 1 1 0 8 4096 0
malloc-512 512 0 8 2 0 30 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
sctp_laddr 48 0 84 4 0 254 4032 0
hostcache 64 1 62 1 0 254 4032 0
syncache 168 0 24 5 0 254 4032 0
malloc-32 32 0 126 2 0 254 4032 0
malloc-32 32 103 23 227 0 254 4032 0
KNOTE 160 0 25 8 0 62 4000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
malloc-384 384 1 9 2 0 30 3840 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 12 27 12 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
FFS1 dinode 128 0 0 0 0 126 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2288 0 0 0 0 254 0 0
sctp_ep 1280 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 296 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 48 0 0 0 0 254 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
udplite_inpcb 488 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIO 208 0 0 0 0 62 0 0
TMPFS node 224 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
NCLNODE 584 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 24 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls_session 192 0 0 0 0 62 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 64 0 0
mdpbuf 2624 0 0 0 0 3 0 0
nfspbuf 2624 0 0 0 0 16 0 0
swwbuf 2624 0 0 0 0 8 0 0
swrbuf 2624 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
git tree: https://github.com/freebsd/freebsd-src.git main
dashboard link: https://syzkaller.appspot.com/bug?extid=c5e2c7ad830b19d91f3d
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13e61d79d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1392b345d00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c5e2c7...@syzkaller.appspotmail.com
cpuid = 0
time = 1620389608
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00516dc5d0
vpanic() at vpanic+0x1c7/frame 0xfffffe00516dc630
panic() at panic+0x43/frame 0xfffffe00516dc690
rack_output() at rack_output+0xc843/frame 0xfffffe00516dc9c0
tcp_hpts_thread() at tcp_hpts_thread+0xe34/frame 0xfffffe00516dcb10
ithread_loop() at ithread_loop+0x33f/frame 0xfffffe00516dcbb0
fork_exit() at fork_exit+0xb3/frame 0xfffffe00516dcbf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe00516dcbf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 12 tid 100084 ]
KDB: enter: panic
Stopped at kdb_enter+0x67: movq $0,0x163a54e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
rax 0x12
rcx 0x80
rdx 0xffffffff819c28f7
rbx 0
rsp 0xfffffe00516dc5b0
rbp 0xfffffe00516dc5d0
rsi 0x1
rdi 0
r8 0
r9 0x8080808080808080
r10 0xfffffe00516dc4a0
r11 0x1ffaefff59c
r12 0xffffffff82267ac0 ddb_dbbe
r13 0
r14 0xffffffff81a73d13
r13 0
r15 0xffffffff81a73d13
100085 I [swi1: hpts]
db> ps
pid ppid pgrp uid state wmesg wchan cmd
793 792 783 0 S connec 0xfffff80030632840 syz-executor1092967
pid ppid pgrp uid state wmesg wchan cmd
792 785 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
791 789 783 0 S connec 0xfffff80030632bf0 syz-executor1092967
790 787 783 0 S connec 0xfffff80030632490 syz-executor1092967
789 785 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
788 786 783 0 S connec 0xfffff800304120e0 syz-executor1092967
787 785 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
786 785 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
785 783 783 0 S nanslp 0xffffffff8273c8e1 syz-executor1092967
783 781 783 0 Ss pause 0xfffff800309e25e8 csh
781 694 781 0 Ss select 0xfffff80030556840 sshd
760 1 760 0 Ss+ ttyin 0xfffff800049dccb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80004cf78b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80004cf7cb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80004cfe0b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80004cfe4b0 getty
755 1 755 0 Ss+ ttyin 0xfffff80004cfe8b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80004cfecb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80004c780b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80004c784b0 getty
750 1 24 0 S+ piperd 0xfffff80004ed25d0 logger
749 748 24 0 S+ nanslp 0xffffffff8273c8e0 sleep
748 1 24 0 S+ wait 0xfffff80030573538 sh
698 1 698 0 Ss nanslp 0xffffffff8273c8e1 cron
694 1 694 0 Ss select 0xfffff80030556bc0 sshd
507 1 507 0 Ss select 0xfffff80030556c40 syslogd
436 1 436 0 Ss select 0xfffff800240599c0 devd
435 1 435 65 Ss select 0xfffff80024059940 dhclient
350 1 350 0 Ss select 0xfffff80024059840 dhclient
347 1 347 0 Ss select 0xfffff80024059bc0 dhclient
23 0 0 0 DL syncer 0xffffffff8282bd50 [syncer]
22 0 0 0 DL vlruwt 0xfffff80004e97a70 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282ae00 [bufdaemon]
100086 D - 0xffffffff8220ae00 [bufspacedaemon-0]
100081 D qsleep 0xffffffff8282ae00 [bufdaemon]
100099 D sdflush 0xfffff8002405ece8 [/ worker]
20 0 0 0 DL psleep 0xffffffff82852c08 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82847078 [dom0]
100087 D launds 0xffffffff82847084 [laundry: dom0]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82847078 [dom0]
100088 D umarcl 0xffffffff815c9360 [uma]
18 0 0 0 DL - 0xffffffff82570c78 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff82f6c828 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff82dbc3c0 [pf purge]
15 0 0 0 DL - 0xffffffff8282845c [soaiod4]
9 0 0 0 DL - 0xffffffff8282845c [soaiod3]
8 0 0 0 DL - 0xffffffff8282845c [soaiod2]
7 0 0 0 DL - 0xffffffff8282845c [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82448140 [doneq0]
100045 D - 0xffffffff824480c0 [async]
100078 D - 0xffffffff82447f90 [scanner]
14 0 0 0 DL seqstat 0xfffff80004641888 [sequencer 00]
9 0 0 0 DL - 0xffffffff8282845c [soaiod3]
8 0 0 0 DL - 0xffffffff8282845c [soaiod2]
7 0 0 0 DL - 0xffffffff8282845c [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82448140 [doneq0]
100045 D - 0xffffffff824480c0 [async]
100078 D - 0xffffffff82447f90 [scanner]
5 0 0 0 DL crypto_ 0xfffff80004633d80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff80004633d30 [crypto returns 0]
100085 I [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 Run CPU 1 [idle: cpu1]
100003 CanRun [idle: cpu0]
100039 D - 0xfffff80004588d00 [crypto_1]
100055 D - 0xfffff80004588700 [vtnet0 rxq 0]
100056 D - 0xfffff80004588600 [vtnet0 txq 0]
100057 D - 0xfffff80004588500 [vtnet0 rxq 1]
100058 D - 0xfffff80004588400 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80004977100 [virtio_balloon]
100064 D - 0xfffff80004978a00 [mca taskq]
100066 D - 0xffffffff81e206a1 [deadlkres]
100073 D - 0xfffff80004c46700 [acpi_task_0]
100074 D - 0xfffff80004c46700 [acpi_task_1]
100075 D - 0xfffff80004c46700 [acpi_task_2]
100077 D - 0xfffff80004588c00 [CAM taskq]
db> show all locks
Process 12 (intr) thread 0xfffffe0055364000 (100084)
exclusive rw tcpinp (tcpinp) r = 0 (0xfffff800304c39a8) locked @ /syzkaller/managers/main/kernel/sys/netinet/tcp_hpts.c:1536
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
devbuf 4216 4340K 4241
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 5 3201K 5
sysctloid 33718 1992K 33785
vtbuf 24 1968K 46
kobj 332 1328K 492
newblk 557 1163K 602
vtbuf 24 1968K 46
kobj 332 1328K 492
vfscache 3 1025K 3
pcb 27 537K 81
inodedep 26 522K 71
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 121 242K 861
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
acpica 1674 184K 55406
vnet_data 1 168K 1
tidhash 3 141K 3
vnet_data 1 168K 1
pagedep 8 130K 18
tfo_ccache 1 128K 1
sem 4 106K 4
DEVFS1 103 103K 112
linker 294 102K 318
bus 995 81K 3509
mtx_pool 2 72K 2
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
kdtrace 185 37K 925
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
umtx 286 36K 286
temp 18 33K 1605
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 122 31K 132
msg 4 30K 4
vmem 3 26K 5
gtaskqueue 18 26K 18
kbdmux 6 22K 6
DEVFS_RULE 56 20K 56
kbdmux 6 22K 6
BPF 10 18K 10
ufs_mount 5 17K 6
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
bus-sc 33 14K 1719
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
KTRACE 100 13K 100
kenv 93 12K 93
eventhandler 133 12K 133
ifaddr 30 12K 32
routetbl 50 11K 176
rman 84 10K 425
GEOM 60 10K 489
bmsafemap 2 9K 41
GEOM 60 10K 489
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 1
devstat 4 9K 4
rpc 2 8K 2
shmfd 1 8K 1
shmfd 1 8K 1
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 236 8K 294
pfs_nodes 20 8K 20
audit_evclass 236 8K 294
taskqueue 60 7K 60
sglist 5 7K 5
CAM DEV 3 6K 510
cred 23 6K 234
sglist 5 7K 5
CAM DEV 3 6K 510
CAM queue 5 6K 1528
ufs_dirhash 24 5K 24
UMA 265 5K 265
plimit 17 5K 322
vt 11 5K 11
ifnet 3 5K 3
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
filedesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
acpisem 28 4K 28
kqueue 54 4K 796
pwddesc 54 4K 794
hhook 13 4K 13
ether_multi 40 4K 50
lltable 11 4K 11
pf_ifnet 5 3K 6
fpukern_ctx 3 3K 3
in6_multi 25 3K 25
terminal 11 3K 11
session 20 3K 31
uidinfo 3 3K 8
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
selfd 27 2K 9346
io_apic 1 2K 1
ipsec-saq 2 2K 2
proc-args 39 2K 488
freefile 13 2K 22
Unitno 27 2K 39
CAM XPT 22 2K 543
lockf 15 2K 22
ipsecpolicy 2 2K 2
acpidev 20 2K 20
acpidev 20 2K 20
msi 9 2K 9
clone 9 2K 9
softdep 1 1K 1
clone 9 2K 9
dirrem 4 1K 28
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 10
secasvar 1 1K 1
NFSD session 1 1K 1
diradd 7 1K 36
CAM periph 4 1K 271
select 7 1K 29
ipsec 3 1K 3
indirdep 3 1K 3
nhops 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
sctp_ifa 5 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
newdirblk 4 1K 8
mkdir 4 1K 16
in_multi 2 1K 4
pfil 4 1K 4
CAM SIM 2 1K 2
cdev 2 1K 2
inpcbpolicy 14 1K 141
CAM SIM 2 1K 2
cdev 2 1K 2
chacha20random 1 1K 1
osd 3 1K 10
tcp_fsb 4 1K 4
osd 3 1K 10
sctp_ifn 2 1K 6
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFSP 4 1K 9
NFSD V4client 1 1K 1
DEVFS 9 1K 10
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
ktls 1 1K 1
soname 8 1K 3235
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
linux 5 1K 6
aesni_data 2 1K 2
linux 5 1K 6
aesni_data 2 1K 2
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
xform 2 1K 49
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
procdesc 1 1K 6
pmchooks 1 1K 1
nexusdev 7 1K 7
filecaps 4 1K 66
nexusdev 7 1K 7
tun 3 1K 3
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 35
vnet 1 1K 1
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
freework 1 1K 26
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
tcp_do 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 3
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_athm 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 3
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 3
jfsync 0 0K 0
jtrunc 0 0K 0
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 25
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 7
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 0
ip_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
twa_commands 0 0K 0
statfs 0 0K 196
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 6
tcp_log_dev 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 1794
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 27
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 13508
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
ioctlops 0 0K 86
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 618
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
kcovinfo 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
pbuf 2624 0 989 0 0 2 2595136 0
mbuf 256 8578 812 15523 0 254 2403840 0
BUF TRIE 144 170 13298 453 0 62 1939392 0
malloc-384 384 4116 4 4116 0 30 1582080 0
malloc-128 128 11051 16 11062 0 126 1416576 0
malloc-4096 4096 332 1 492 0 2 1363968 0
UMA Slabs 0 112 9887 10 9887 0 126 1108464 0
FFS inode 1160 486 32 509 0 8 600880 0
lkpimm 160 1 2324 1 0 62 372000 0
lkpicurr 160 2 2323 2 0 62 372000 0
RADIX NODE 144 2099 138 20215 0 62 322128 0
lkpicurr 160 2 2323 2 0 62 372000 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-4096 4096 64 0 804 0 2 262144 0
malloc-64 64 4028 67 5022 0 254 262080 0
THREAD 1808 130 13 130 0 8 258544 0
VM OBJECT 264 943 17 12756 0 30 253440 0
VNODE 448 516 33 541 0 30 245952 0
256 Bucket 2048 101 17 10110 0 8 241664 0
malloc-16 16 13756 244 13827 0 254 224000 0
DEVCTL 1024 0 216 116 0 0 221184 0
malloc-65536 65536 1 2 183 0 1 196608 0
UMA Zones 768 237 2 237 0 16 183552 0
malloc-128 128 1277 56 29063 0 126 170624 0
malloc-32 32 5219 73 6016 0 254 169344 0
malloc-256 256 640 20 1014 0 62 168960 0
malloc-65536 65536 2 0 2 0 1 131072 0
FFS2 dinode 256 486 24 508 0 62 130560 0
malloc-128 128 972 20 1951 0 126 126976 0
ksiginfo 112 49 995 65 0 126 116928 0
MAP ENTRY 96 924 294 38131 0 126 116928 0
malloc-1024 1024 104 8 116 0 16 114688 0
vmem btag 56 1902 102 1902 0 254 112224 0
malloc-2048 2048 2 52 1796 0 8 110592 0
S VFS Cache 104 966 87 1007 0 126 109512 0
malloc-16384 16384 4 2 181 0 1 98304 0
malloc-8192 8192 9 2 138 0 1 90112 0
PROC 1336 53 13 793 0 8 88176 0
UMA Kegs 384 222 1 222 0 30 85632 0
VMSPACE 2544 31 2 772 0 4 83952 0
g_bio 408 0 180 4632 0 30 73440 0
filedesc0 1072 54 9 794 0 8 67536 0
mbuf_cluster 2048 30 2 30 0 254 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 0 2 130 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-4096 4096 14 2 110 0 2 65536 0
malloc-256 256 191 19 767 0 62 53760 0
128 Bucket 1024 40 11 610 0 16 52224 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-2048 2048 4 20 511 0 8 49152 0
32 Bucket 256 47 133 3768 0 62 46080 0
malloc-64 64 526 167 14821 0 254 44352 0
malloc-128 128 292 49 451 0 126 43648 0
malloc-256 256 140 25 157 0 62 42240 0
clpbuf 2624 0 16 20 0 16 41984 0
malloc-8192 8192 5 0 5 0 1 40960 0
DIRHASH 1024 34 2 34 0 16 36864 0
NAMEI 1024 0 36 11997 0 16 36864 0
malloc-512 512 4 68 512 0 30 36864 0
pcpu-8 8 4190 418 4218 0 254 36864 0
malloc-64 64 489 78 706 0 254 36288 0
malloc-384 384 83 7 83 0 30 34560 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
malloc-4096 4096 7 1 539 0 2 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
pcpu-64 64 480 32 480 0 254 32768 0
64 Bucket 512 58 6 1337 0 30 32768 0
malloc-128 128 118 130 419 0 126 31744 0
malloc-384 384 45 35 102 0 30 30720 0
malloc-256 256 83 22 138 0 62 26880 0
malloc-1024 1024 10 14 1078 0 16 24576 0
malloc-1024 1024 18 6 22 0 16 24576 0
ttyinq 160 135 15 300 0 62 24000 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-384 384 52 8 52 0 30 23040 0
TURNSTILE 136 144 24 144 0 62 22848 0
malloc-384 384 52 8 52 0 30 23040 0
socket 944 22 2 1257 0 254 22656 0
malloc-4096 4096 3 2 200 0 2 20480 0
malloc-2048 2048 6 4 83 0 8 20480 0
Mountpoints 2752 2 5 2 0 4 19264 0
SLEEPQUEUE 88 144 48 144 0 126 16896 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-2048 2048 3 5 268 0 8 16384 0
malloc-2048 2048 6 2 6 0 8 16384 0
malloc-1024 1024 12 4 12 0 16 16384 0
malloc-1024 1024 11 5 11 0 16 16384 0
malloc-32 32 336 168 434 0 254 16128 0
8 Bucket 80 42 158 417 0 126 16000 0
malloc-256 256 13 47 346 0 62 15360 0
tcp_rack_pcb 832 4 14 4 0 16 14976 0
tcpcb 1064 7 7 11 0 254 14896 0
pipe 744 7 13 284 0 16 14880 0
malloc-2048 2048 5 1 196 0 8 12288 0
malloc-1024 1024 5 7 21 0 16 12288 0
malloc-1024 1024 8 4 9 0 16 12288 0
malloc-64 64 131 58 1638 0 254 12096 0
malloc-64 64 127 62 155 0 254 12096 0
Files 80 75 75 6505 0 126 12000 0
udp_inpcb 488 6 18 126 0 254 11712 0
kenv 258 15 30 1049 0 30 11610 0
malloc-256 256 14 31 102 0 62 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-2048 2048 3 1 3 0 8 8192 0
malloc-1024 1024 0 8 4 0 16 8192 0
malloc-512 512 3 13 189 0 30 8192 0
malloc-512 512 6 10 14 0 30 8192 0
malloc-512 512 8 8 8 0 30 8192 0
rtentry 176 13 33 17 0 62 8096 0
PGRP 88 20 72 31 0 126 8096 0
rl_entry 40 36 166 36 0 254 8080 0
tcp_rack_map 112 12 60 12 0 126 8064 0
udpcb 32 6 246 126 0 254 8064 0
PWD 32 10 242 100 0 254 8064 0
malloc-64 64 8 118 9 0 254 8064 0
malloc-64 64 65 61 9413 0 254 8064 0
malloc-64 64 28 98 296 0 254 8064 0
malloc-32 32 6 246 11 0 254 8064 0
malloc-32 32 37 215 769 0 254 8064 0
malloc-32 32 78 174 3972 0 254 8064 0
malloc-32 32 30 222 189 0 254 8064 0
16 Bucket 144 36 20 201 0 62 8064 0
4 Bucket 48 5 163 54 0 254 8064 0
2 Bucket 32 40 212 503 0 254 8064 0
vtnet_tx_hdr 24 0 334 1370 0 254 8016 0
malloc-16 16 1 499 4 0 254 8000 0
malloc-16 16 20 480 59 0 254 8000 0
malloc-16 16 298 202 504 0 254 8000 0
malloc-16 16 24 476 25 0 254 8000 0
malloc-16 16 188 312 1443 0 254 8000 0
malloc-16 16 26 474 25396 0 254 8000 0
malloc-16 16 14 486 20 0 254 8000 0
malloc-128 128 5 57 11 0 126 7936 0
malloc-128 128 39 23 55 0 126 7936 0
malloc-128 128 10 52 79 0 126 7936 0
ripcb 488 1 15 4 0 254 7808 0
tcp_inpcb 488 7 9 11 0 254 7808 0
routing nhops 256 10 20 17 0 62 7680 0
unpcb 256 7 23 1099 0 254 7680 0
mbuf_packet 256 0 30 93 0 254 7680 0
malloc-384 384 0 20 19 0 30 7680 0
malloc-384 384 5 15 352 0 30 7680 0
malloc-384 384 20 0 20 0 30 7680 0
malloc-256 256 20 10 617 0 62 7680 0
malloc-256 256 15 15 293 0 62 7680 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 7 55 7 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
malloc-4096 4096 0 1 3 0 2 4096 0
malloc-2048 2048 1 1 1 0 8 4096 0
malloc-512 512 0 8 2 0 30 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
sctp_laddr 48 0 84 4 0 254 4032 0
hostcache 64 1 62 1 0 254 4032 0
syncache 168 0 24 5 0 254 4032 0
malloc-32 32 0 126 2 0 254 4032 0
malloc-32 32 103 23 227 0 254 4032 0
KNOTE 160 0 25 8 0 62 4000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
malloc-384 384 1 9 2 0 30 3840 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 12 27 12 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
FFS1 dinode 128 0 0 0 0 126 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2288 0 0 0 0 254 0 0
sctp_ep 1280 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 296 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 48 0 0 0 0 254 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
udplite_inpcb 488 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIO 208 0 0 0 0 62 0 0
TMPFS node 224 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
NCLNODE 584 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 24 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls_session 192 0 0 0 0 62 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 64 0 0
mdpbuf 2624 0 0 0 0 3 0 0
nfspbuf 2624 0 0 0 0 16 0 0
swwbuf 2624 0 0 0 0 8 0 0
swrbuf 2624 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
syzbot
Aug 6, 2021, 1:20:14 PM8/6/21
to syzkaller-f...@googlegroups.com, tue...@freebsd.org
This bug is marked as fixed by commit:
#syz fix: Fix a UDP tunneling issue with rack. Basically there are two
But I can't find it in any tested tree for more than 90 days.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
new crashes with the same signature are ignored.
#syz fix: Fix a UDP tunneling issue with rack. Basically there are two
But I can't find it in any tested tree for more than 90 days.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
new crashes with the same signature are ignored.
syzbot
Aug 20, 2021, 1:21:19 PM8/20/21
to syzkaller-f...@googlegroups.com, tue...@freebsd.org
syzbot
Sep 3, 2021, 1:21:23 PM9/3/21
to syzkaller-f...@googlegroups.com, tue...@freebsd.org
syzbot
Sep 17, 2021, 1:22:14 PM9/17/21
to syzkaller-f...@googlegroups.com, tue...@freebsd.org
Mark Johnston
Sep 17, 2021, 5:05:52 PM9/17/21
to syzbot, syzkaller-f...@googlegroups.com
On Thu, May 06, 2021 at 10:50:25PM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
> git tree: https://github.com/freebsd/freebsd-src.git main
> console output: https://syzkaller.appspot.com/x/log.txt?x=14cbb993d00000
> dashboard link: https://syzkaller.appspot.com/bug?extid=c5e2c7ad830b19d91f3d
> userspace arch: i386
>
> Unfortunately, I don't have any reproducer for this issue yet.
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+c5e2c7...@syzkaller.appspotmail.com
>
> panic: rack_output: IP version incorrect: 0
> cpuid = 0
> time = 1620366608
> KDB: stack backtrace:
> db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00885795d0
> vpanic() at vpanic+0x1c7/frame 0xfffffe0088579630
> panic() at panic+0x43/frame 0xfffffe0088579690
> rack_output() at rack_output+0xc843/frame 0xfffffe00885799c0
> tcp_hpts_thread() at tcp_hpts_thread+0xe34/frame 0xfffffe0088579b10
> ithread_loop() at ithread_loop+0x33f/frame 0xfffffe0088579bb0
> fork_exit() at fork_exit+0xb3/frame 0xfffffe0088579bf0
> fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0088579bf0
> --- trap 0, rip = 0, rsp = 0, rbp = 0 ---
#syz invalid
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
> git tree: https://github.com/freebsd/freebsd-src.git main
> console output: https://syzkaller.appspot.com/x/log.txt?x=14cbb993d00000
> dashboard link: https://syzkaller.appspot.com/bug?extid=c5e2c7ad830b19d91f3d
> userspace arch: i386
>
> Unfortunately, I don't have any reproducer for this issue yet.
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+c5e2c7...@syzkaller.appspotmail.com
>
> panic: rack_output: IP version incorrect: 0
> cpuid = 0
> time = 1620366608
> KDB: stack backtrace:
> db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00885795d0
> vpanic() at vpanic+0x1c7/frame 0xfffffe0088579630
> panic() at panic+0x43/frame 0xfffffe0088579690
> rack_output() at rack_output+0xc843/frame 0xfffffe00885799c0
> tcp_hpts_thread() at tcp_hpts_thread+0xe34/frame 0xfffffe0088579b10
> ithread_loop() at ithread_loop+0x33f/frame 0xfffffe0088579bb0
> fork_exit() at fork_exit+0xb3/frame 0xfffffe0088579bf0
> fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0088579bf0
> --- trap 0, rip = 0, rsp = 0, rbp = 0 ---
Fixed by
https://cgit.freebsd.org/src/commit/?id=a16cee0218652230d94a73690201e76baab0bba1
but the commit message is poorly formatted.
Reply all
Reply to author
Forward
0 new messages