Fatal trap NUM: page fault in __asan_load8_noabort (2)
0 views
Skip to first unread message
syzbot
Apr 8, 2024, 6:20:44 PMApr 8
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: d80a97def9a1 unix: new implementation of unix/stream & uni..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=11df9225180000
dashboard link: https://syzkaller.appspot.com/bug?extid=121f108c176a2d295d64
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+121f10...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xfffff7bfe0000000
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff8157b347
stack pointer = 0x28:0xfffffe0077c146d0
frame pointer = 0x28:0xfffffe0077c146d0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 1457 (syz-executor.3)
rdi: ffffffff00000001 rsi: 0000003fe0000000 rdx: 0000020000000000
rcx: ffffffff00000008 r8: ffffffff00000004 r9: 0000000000000001
rax: fffff78000000000 rbx: ffffffff00000001 rbp: fffffe0077c146d0
r10: 0000000000000000 r11: fffffe006d6d8520 r12: fffffe0077c14870
r13: fffffe0077c148b0 r14: ffffffff00000001 r15: 000000000000002d
trap number = 12
panic: page fault
cpuid = 1
time = 10
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0077c13df0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0077c13f50
vpanic() at vpanic+0x26a/frame 0xfffffe0077c14110
panic() at panic+0xb5/frame 0xfffffe0077c141d0
trap_fatal() at trap_fatal+0x7f2/frame 0xfffffe0077c142f0
trap_pfault() at trap_pfault+0x179/frame 0xfffffe0077c14410
trap() at trap+0x648/frame 0xfffffe0077c14600
calltrap() at calltrap+0x8/frame 0xfffffe0077c14600
--- trap 0xc, rip = 0xffffffff8157b347, rsp = 0xfffffe0077c146d0, rbp = 0xfffffe0077c146d0 ---
__asan_load8_noabort() at __asan_load8_noabort+0xb7/frame 0xfffffe0077c146d0
m_free() at m_free+0x1e/frame 0xfffffe0077c14710
m_freem() at m_freem+0x48/frame 0xfffffe0077c14730
uipc_sosend_stream_or_seqpacket() at uipc_sosend_stream_or_seqpacket+0x126d/frame 0xfffffe0077c149a0
sousrsend() at sousrsend+0x117/frame 0xfffffe0077c14a30
kern_sendit() at kern_sendit+0x4fc/frame 0xfffffe0077c14b90
sendit() at sendit+0x15f/frame 0xfffffe0077c14bf0
sys_sendmsg() at sys_sendmsg+0x181/frame 0xfffffe0077c14d10
amd64_syscall() at amd64_syscall+0x4cb/frame 0xfffffe0077c14f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0077c14f30
--- syscall (198, FreeBSD ELF64, __syscall), rip = 0x2aeb2a, rsp = 0x827fc4f08, rbp = 0x827fc4f80 ---
KDB: enter: panic
[ thread pid 1457 tid 100628 ]
Stopped at kdb_enter+0x6e: movq $0,0x23c8477(%rip)
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe0074200000
rdx 0x3ffff
rbx 0xffffffff826ed680 .str.27
rsp 0xfffffe0077c13f30
rbp 0xfffffe0077c13f50
rsi 0x40001
rdi 0xffffffff815c0059 printf+0x149
r8 0
r9 0xffffffff
r10 0
r11 0x17
r12 0xfffffe006d6d8000
r13 0xfffffffffffffffd
r14 0xffffffff826ed680 .str.27
r15 0
rip 0xffffffff815acc1e kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x23c8477(%rip)
db> show proc
Process 1457 (syz-executor.3) at 0xfffffe00760e75a0:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 869 at 0xfffffe006d0d2000
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.3 exec
reaper: 0xfffffe005420b040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe0058af3268
(map 0xfffffe0058af3268)
(map.pmap 0xfffffe0058af3328)
(pmap 0xfffffe0058af3398)
threads: 2
100556 RunQ syz-executor.3
100628 Run CPU 1 syz-executor.3
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1457 869 869 0 R (threaded) syz-executor.3
100556 RunQ syz-executor.3
100628 Run CPU 1 syz-executor.3
1440 771 771 0 R (threaded) syz-executor.1
100545 RunQ syz-executor.1
100614 S connec 0xfffffe006a83449a syz-executor.1
1355 1 771 60928 S uwait 0xfffffe006d6dc000 syz-executor.1
1346 1 771 60928 S uwait 0xfffffe0007980580 syz-executor.1
1340 1 869 60928 S uwait 0xfffffe0057370a00 syz-executor.3
1338 1 869 60928 S uwait 0xfffffe005736de80 syz-executor.3
1326 1320 1326 0 Ss select 0xfffffe006ce2f340 dhclient
1323 1 1323 0 Ss select 0xfffffe006ce2f4c0 dhclient
1320 1309 424 65 S select 0xfffffe006ce2fbc0 dhclient
1309 424 424 0 S wait 0xfffffe006d68b020 sh
1281 1 869 0 S uwait 0xfffffe005736d380 syz-executor.3
1272 1271 1271 0 D ifnet_d 0xffffffff83a74340 ifconfig
1271 768 1271 0 Ss wait 0xfffffe00724df5a0 syz-executor.2
1237 1 869 0 S uwait 0xfffffe006d6dd080 syz-executor.3
1229 1 869 0 S uwait 0xfffffe006d6dd180 syz-executor.3
1223 1 869 0 S uwait 0xfffffe006d6dad80 syz-executor.3
1214 1 771 0 S uwait 0xfffffe006d6dc900 syz-executor.1
1212 1 783 0 SV uwait 0xfffffe005736d680 syz-executor.2
1205 1 771 0 S uwait 0xfffffe00578c9c80 syz-executor.1
1112 1111 1111 0 D tun_con 0xfffffe006d02bb28 ifconfig
1111 768 1111 0 Ss wait 0xfffffe00724deae0 syz-executor.0
1070 1 771 0 S uwait 0xfffffe006d6dc200 syz-executor.1
1054 1 1053 0 SV uwait 0xfffffe006d6db200 syz-executor.0
966 1 869 60929 S uwait 0xfffffe006d6dba80 syz-executor.3
957 1 771 60929 S uwait 0xfffffe006d6db680 syz-executor.1
948 1 771 60929 S uwait 0xfffffe006d6dbd80 syz-executor.1
878 0 0 0 DL aiordy 0xfffffe006d68c040 [aiod4]
877 0 0 0 DL aiordy 0xfffffe006d68c5a0 [aiod3]
876 0 0 0 DL aiordy 0xfffffe006d0d3ae0 [aiod2]
875 0 0 0 DL aiordy 0xfffffe006a8aab00 [aiod1]
869 768 869 0 Rs syz-executor.3
771 768 771 0 Rs syz-executor.1
768 766 766 0 S (threaded) syz-fuzzer
100107 S uwait 0xfffffe0007980f00 syz-fuzzer
100112 S uwait 0xfffffe00578ca700 syz-fuzzer
100113 S kqread 0xfffffe0007c83000 syz-fuzzer
100114 S wait 0xfffffe00579ef5c0 syz-fuzzer
100115 S uwait 0xfffffe00578caa00 syz-fuzzer
100116 S uwait 0xfffffe00578c9880 syz-fuzzer
100117 S wait 0xfffffe00579ef5c0 syz-fuzzer
100118 S uwait 0xfffffe00578c9a80 syz-fuzzer
100120 S uwait 0xfffffe005736d280 syz-fuzzer
100124 S wait 0xfffffe00579ef5c0 syz-fuzzer
100125 S uwait 0xfffffe0007980e00 syz-fuzzer
100141 S uwait 0xfffffe006d6dd280 syz-fuzzer
100201 S wait 0xfffffe00579ef5c0 syz-fuzzer
766 764 766 0 Ss pause 0xfffffe006d68a0b0 csh
764 682 764 0 Ss select 0xfffffe0007877240 sshd
748 1 748 0 Rs+ CPU 0 getty
747 1 747 0 Ss+ ttyin 0xfffffe00587478b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00587480b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe00587488b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe0056ec00b0 getty
743 1 743 0 Ss+ ttyin 0xfffffe0056ec08b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe0056ec10b0 getty
741 1 741 0 Ss+ ttyin 0xfffffe0056ec18b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe0056ec20b0 getty
738 1 18 0 S+ piperd 0xfffffe0058af0000 logger
737 736 18 0 S+ nanslp 0xffffffff83956480 sleep
736 1 18 0 S+ wait 0xfffffe005420c5c0 sh
686 1 686 0 Ss nanslp 0xffffffff83956481 cron
682 1 682 0 Ss select 0xfffffe006ce2fe40 sshd
495 1 495 0 Ds biowr 0xfffffe0007e19260 syslogd
424 1 424 0 Ss wait 0xfffffe00579ed580 devd
423 1 423 65 Ss select 0xfffffe006ce30140 dhclient
338 1 338 0 Ss select 0xfffffe0007877dc0 dhclient
335 1 335 0 Ss select 0xfffffe0007877a40 dhclient
17 0 0 0 DL syncer 0xffffffff83a73ba0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe0007cea060 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100079 D psleep 0xffffffff83a72180 [bufdaemon]
100082 D - 0xffffffff82e02140 [bufspacedaemon-0]
100094 D sdflush 0xfffffe00589dfce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83abb680 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff83aa34f8 [dom0]
100080 D launds 0xffffffff83aa3504 [laundry: dom0]
100081 D umarcl 0xffffffff81d508d0 [uma]
7 0 0 0 DL - 0xffffffff836d3cb0 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff841a7bb0 [pf purge]
5 0 0 0 DL waiting 0xffffffff844f8760 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff8369e340 [doneq0]
100045 D - 0xffffffff8369e2c0 [async]
100076 D - 0xffffffff8369e140 [scanner]
3 0 0 0 DL (threaded) [crypto]
100041 D crypto_ 0xffffffff83a9ed20 [crypto]
100042 D crypto_ 0xfffffe0007c85030 [crypto returns 0]
100043 D crypto_ 0xfffffe0007c85080 [crypto returns 1]
14 0 0 0 DL seqstat 0xfffffe0056f60c88 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff838fee00 [g_event]
100036 D - 0xffffffff838fee20 [g_up]
100037 D - 0xffffffff838fee40 [g_down]
2 0 0 0 WL (threaded) [clock]
100029 I [clock (0)]
100030 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100015 I [swi5: fast taskq]
100031 I [swi1: netisr 0]
100032 I [swi1: hpts]
100033 I [swi1: hpts]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq33: virtio_pci2]
100060 I [irq34: virtio_pci2]
100061 I [irq35: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe005420b040 [init]
10 0 0 0 DL audit_w 0xffffffff83a9f780 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff838ff7e0 [swapper]
100005 D - 0xfffffe00085f7d00 [softirq_0]
100006 D - 0xfffffe00085f7c00 [softirq_1]
100007 D - 0xfffffe00085f7b00 [if_io_tqg_0]
100008 D - 0xfffffe00085f7a00 [if_io_tqg_1]
100009 D - 0xfffffe00085f7900 [if_config_tqg_0]
100010 D - 0xfffffe00085f7800 [pci_hp taskq]
100011 D - 0xfffffe00085f7700 [kqueue_ctx taskq]
100014 D - 0xfffffe00085f7400 [thread taskq]
100016 D - 0xfffffe00085f7200 [aiod_kick taskq]
100017 D - 0xfffffe00085f7100 [deferred_unmount ta]
100018 D - 0xfffffe00085f7000 [inm_free taskq]
100019 D - 0xfffffe00085f6e00 [in6m_free taskq]
100020 D - 0xfffffe00085f6d00 [linuxkpi_irq_wq]
100021 D - 0xfffffe00085f6c00 [linuxkpi_short_wq_0]
100022 D - 0xfffffe00085f6c00 [linuxkpi_short_wq_1]
100023 D - 0xfffffe00085f6c00 [linuxkpi_short_wq_2]
100024 D - 0xfffffe00085f6c00 [linuxkpi_short_wq_3]
100025 D - 0xfffffe00085f6b00 [linuxkpi_long_wq_0]
100026 D - 0xfffffe00085f6b00 [linuxkpi_long_wq_1]
100027 D - 0xfffffe00085f6b00 [linuxkpi_long_wq_2]
100028 D - 0xfffffe00085f6b00 [linuxkpi_long_wq_3]
100034 D - 0xfffffe00085f6a00 [firmware taskq]
100039 D - 0xfffffe00085f6700 [crypto_0]
100040 D - 0xfffffe00085f6700 [crypto_1]
100055 D - 0xfffffe00085f6500 [vtnet0 rxq 0]
100056 D - 0xfffffe00085f6400 [vtnet0 txq 0]
100057 D - 0xfffffe00085f6300 [vtnet0 rxq 1]
100058 D - 0xfffffe00085f6200 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe0007cbc380 [virtio_balloon]
100066 D - 0xffffffff826f28c0 [deadlkres]
100070 D - 0xfffffe005797ab00 [acpi_task_0]
100071 D - 0xfffffe005797ab00 [acpi_task_1]
100072 D - 0xfffffe005797ab00 [acpi_task_2]
100074 D - 0xfffffe00085f8100 [mca taskq]
100075 D - 0xfffffe00085f6600 [CAM taskq]
db> show all locks
Process 1112 (ifconfig) thread 0xfffffe006d004740 (100110)
exclusive sx ifnet_detach_sx (ifnet_detach_sx) r = 0 (0xffffffff83a74340) locked @ /syzkaller/managers/main/kernel/sys/net/if.c:3039
Process 495 (syslogd) thread 0xfffffe0058b5e000 (100096)
exclusive lockmgr bufwait (bufwait) r = 0 (0xfffffe0007e192e0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:4012
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe006cfea5b0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_syscalls.c:3581
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
linker 371 4934K 505
tcp_hpts 7 4801K 7
devbuf 4192 4324K 4217
sysctloid 34865 2055K 34936
vtbuf 24 1968K 46
kobj 326 1304K 488
newblk 891 1247K 1640
vfscache 3 1025K 3
pcb 74 725K 962
inodedep 272 614K 647
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
filedesc 50 393K 1162
subproc 172 326K 1558
vnet_data 2 224K 2
acpitask 1 224K 1
KTRACE 101 201K 3063
acpica 1674 184K 60830
tidhash 3 141K 3
vmem 3 138K 5
pagedep 40 138K 449
tfo_ccache 1 128K 1
IP reass 1 128K 1
DEVFS1 110 110K 129
sem 4 106K 4
gtaskqueue 18 98K 18
bus 985 81K 5155
mtx_pool 2 72K 2
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 513 65K 513
ddb_capture 1 64K 1
dirrem 200 50K 557
kdtrace 245 48K 2087
umtx 368 46K 368
temp 34 39K 2069
BPF 22 36K 27
filemon 4 32K 44
hostcache 1 32K 1
shm 1 32K 4
DEVFS3 128 32K 139
msg 4 30K 4
kbdmux 6 28K 6
freefile 175 22K 499
routetbl 191 21K 573
LRO 20 21K 22
DEVFS_RULE 56 20K 56
ifaddr 68 20K 79
ufs_mount 4 17K 5
proc 3 17K 3
sctp_stro 16 16K 122
tty 16 16K 16
ithread 97 16K 97
sctp_atcl 41 16K 576
freework 60 15K 573
bus-sc 34 15K 1687
lltable 45 14K 53
eventhandler 162 14K 162
ether_multi 157 13K 197
ifnet 7 13K 8
kenv 95 12K 95
GEOM 61 11K 481
rman 86 11K 451
CAM queue 5 11K 1528
ksem 13 10K 33
in6_multi 71 9K 81
bmsafemap 3 9K 593
rpc 4 9K 4
devstat 4 9K 4
UART 12 9K 12
shmfd 1 8K 9
cred 32 8K 294
pfs_vncache 1 8K 1
sctp_timw 30 8K 30
audit_evclass 238 8K 300
kqueue 74 7K 1486
taskqueue 63 7K 63
sglist 6 7K 6
plimit 24 6K 372
DEVFSP 96 6K 212
CAM DEV 3 6K 510
diradd 47 6K 588
freeblks 23 6K 456
pfs_nodes 22 6K 22
hhook 15 5K 17
pf_ifnet 13 5K 27
kcovinfo 78 5K 91
ufs_dirhash 24 5K 39
pwddesc 72 5K 1478
UMA 267 5K 267
tcp_fsb_rack 2 5K 88
vt 11 5K 11
pf_table 2 4K 3
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
lockf 37 4K 208
newdirblk 30 4K 433
indirdep 14 4K 115
session 28 4K 53
acpisem 28 4K 28
proc-args 100 4K 2614
terminal 11 3K 11
mkdir 20 3K 866
uidinfo 5 3K 25
sctp_atky 57 3K 725
CC Mem 9 3K 228
clone 9 3K 9
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
ip6ndp 12 2K 17
sctp_ifa 14 2K 17
selfd 26 2K 18018
CAM XPT 22 2K 543
Unitno 25 2K 53
msi 12 2K 12
crypto 7 2K 42
in_multi 6 2K 10
tun 4 2K 5
toponodes 6 2K 6
ipsecpolicy 2 2K 2
select 10 2K 41
acpidev 20 2K 20
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 10
NFSD session 1 1K 1
inpcbpolicy 28 1K 481
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_ifn 6 1K 17
mld 6 1K 7
igmp 6 1K 7
pfil 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
sctp_athm 41 1K 589
encap_export_host 12 1K 12
cryptodev 8 1K 175
osd 14 1K 233
sctp_map 32 1K 244
netlink 2 1K 34
cdev 2 1K 2
lkpikmalloc 8 1K 9
chacha20random 1 1K 1
biobuf 1 1K 1
tcp_pcm_rack 1 1K 44
vnodes 1 1K 3
procdesc 2 1K 12
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
pf_rule 1 1K 1
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
aio 4 1K 4
soname 5 1K 3805
pmchooks 1 1K 1
filecaps 5 1K 90
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
sctp_vrf 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
entropy 2 1K 42
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
iov 1 1K 15340
p1003.1b 1 1K 1
tcp_do_rack 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 232
sctp_iter 0 0K 15
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 15
sctp_aadr 0 0K 13
sctp_stri 0 0K 26
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
ixl 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
fpukern_ctx 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
aesni_data 0 0K 0
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 141
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 3
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 39
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
ktls_ocf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpimhi 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 12
ip6_msource 0 0K 0
ip6_moptions 0 0K 7
in6_mfilter 0 0K 21
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 2
in_mfilter 0 0K 2
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 19
fadvise 0 0K 0
VN POLL 0 0K 1
statfs 0 0K 197
namei_tracker 0 0K 4
export_host 0 0K 0
cl_savebuf 0 0K 17
lio 0 0K 127
acl 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 1
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
ioctlops 0 0K 213
eventfd 0 0K 1
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 290
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 664
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
cache 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 2
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 24
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
md_sectors 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 25713 0 254 38494208 0
mbuf 256 8805 858 90867 0 254 2473728 0
tcp_log 416 0 5337 10540 0 254 2220192 0
BUF TRIE 144 240 11548 819 0 62 1697472 0
malloc-4096 4096 409 5 2554 0 2 1695744 0
malloc-384 384 4263 57 4816 0 30 1658880 0
mbuf_cluster 2048 762 0 762 0 254 1560576 0
malloc-128 128 11447 147 11513 0 126 1484032 0
UMA Slabs 0 112 11005 5 11005 0 126 1233120 0
sctp_asoc 2256 16 494 122 0 254 1150560 0
RADIX NODE 144 7311 216 42632 0 62 1083888 0
malloc-65536 65536 15 0 18 0 1 983040 0
vmem btag 56 17284 35 17284 0 254 969864 0
FFS inode 1168 564 31 1067 0 8 694960 0
sctp_ep 1144 25 486 441 0 254 584584 0
malloc-16384 16384 28 5 582 0 1 540672 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 198 0 0 2 519552 0
socket 960 63 445 2176 0 254 487680 0
256 Bucket 2048 195 23 1314 0 8 446464 0
VM OBJECT 264 1388 82 21401 0 30 388080 0
sctp_raddr 736 16 501 141 0 254 380512 0
THREAD 1824 172 12 628 0 8 335616 0
VNODE 448 604 89 1110 0 30 310464 0
malloc-64 64 3881 214 3927 0 254 262080 0
malloc-256 256 902 103 1797 0 62 257280 0
malloc-2048 2048 106 14 208 0 8 245760 0
malloc-16 16 14409 91 14734 0 254 232000 0
malloc-32768 32768 1 6 99 0 1 229376 0
tcp_bbr_map 128 0 1767 6981 0 126 226176 0
DEVCTL 1024 34 186 161 0 0 225280 0
mbuf_packet 256 4 758 13852 0 254 195072 0
malloc-128 128 1301 218 29721 0 126 194432 0
MAP ENTRY 96 1766 250 63971 0 126 193536 0
malloc-256 256 618 132 2150 0 62 192000 0
ertt_txseginfo 40 0 4646 43233 0 254 185840 0
UMA Zones 768 239 0 239 0 16 183552 0
malloc-32 32 5279 391 5310 0 254 181440 0
malloc-1024 1024 154 22 299 0 16 180224 0
FPU_save_area 832 174 42 2374 0 16 179712 0
FFS2 dinode 256 564 126 1066 0 62 176640 0
lkpimm 56 1 3095 1 0 254 173376 0
malloc-32768 32768 3 2 5 0 1 163840 0
S VFS Cache 104 1021 383 1573 0 126 146016 0
malloc-384 384 284 76 659 0 30 138240 0
PROC 1376 71 28 1457 0 8 136224 0
malloc-65536 65536 0 2 80 0 1 131072 0
malloc-65536 65536 0 2 4 0 1 131072 0
malloc-65536 65536 0 2 110 0 1 131072 0
malloc-8192 8192 10 6 51 0 1 131072 0
malloc-128 128 844 179 2409 0 126 130944 0
unpcb 256 13 497 1223 0 254 130560 0
ksiginfo 112 81 963 2093 0 126 116928 0
malloc-2048 2048 13 43 1140 0 8 114688 0
128 Bucket 1024 66 33 349 0 16 101376 0
malloc-2048 2048 27 21 443 0 8 98304 0
filedesc0 1072 72 19 1478 0 8 97552 0
malloc-8192 8192 9 2 11 0 1 90112 0
malloc-4096 4096 16 6 38 0 2 90112 0
UMA Kegs 384 226 7 226 0 30 89472 0
malloc-128 128 464 187 1064 0 126 83328 0
sctp_readq 152 0 520 15 0 254 79040 0
sctp_chunk 152 5 515 39 0 254 79040 0
g_bio 408 4 176 7332 0 30 73440 0
64 Bucket 512 80 56 2394 0 30 69632 0
malloc-64 64 643 428 16311 0 254 68544 0
malloc-128 128 325 202 939 0 126 67456 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-256 256 161 94 2393 0 62 65280 0
sctp_stream_msg_out 112 0 540 25 0 254 60480 0
malloc-8192 8192 1 6 30 0 1 57344 0
malloc-4096 4096 10 4 25 0 2 57344 0
tcp_inpcb 1304 9 33 220 0 8 54768 0
malloc-64 64 484 335 3687 0 254 52416 0
malloc-64 64 476 343 962 0 254 52416 0
VMSPACE 616 51 33 1313 0 16 51744 0
malloc-256 256 75 120 203 0 62 49920 0
malloc-256 256 100 95 1126 0 62 49920 0
32 Bucket 256 76 119 3832 0 62 49920 0
DIRHASH 1024 35 13 45 0 16 49152 0
NAMEI 1024 0 48 16351 0 16 49152 0
malloc-16384 16384 0 3 160 0 1 49152 0
malloc-2048 2048 17 7 34 0 8 49152 0
malloc-1024 1024 10 38 1620 0 16 49152 0
malloc-384 384 101 19 444 0 30 46080 0
syncache 168 0 264 4 0 254 44352 0
malloc-8192 8192 3 2 29 0 1 40960 0
pcpu-8 8 4785 335 5138 0 254 40960 0
pipe 728 26 29 380 0 16 40040 0
da_ccb 544 1 69 1968 0 16 38080 0
udp_inpcb 416 11 79 209 0 30 37440 0
hostcache 64 2 565 2 0 254 36288 0
malloc-64 64 38 529 18054 0 254 36288 0
malloc-64 64 101 466 814 0 254 36288 0
malloc-64 64 93 474 1774 0 254 36288 0
malloc-64 64 25 542 29 0 254 36288 0
tcp_rack_map 128 2 277 55 0 126 35712 0
malloc-128 128 5 274 6 0 126 35712 0
malloc-128 128 64 215 3540 0 126 35712 0
malloc-128 128 65 214 73 0 126 35712 0
routing nhops 256 27 108 39 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-256 256 79 56 647 0 62 34560 0
malloc-256 256 16 119 590 0 62 34560 0
malloc-256 256 50 85 736 0 62 34560 0
TURNSTILE 136 185 67 185 0 62 34272 0
SLEEPQUEUE 88 185 199 185 0 126 33792 0
malloc-16384 16384 2 0 2 0 1 32768 0
malloc-2048 2048 6 10 19 0 8 32768 0
malloc-2048 2048 0 16 40 0 8 32768 0
malloc-2048 2048 3 13 195 0 8 32768 0
malloc-1024 1024 2 30 42 0 16 32768 0
malloc-1024 1024 1 31 12 0 16 32768 0
malloc-1024 1024 5 27 14 0 16 32768 0
malloc-1024 1024 10 22 175 0 16 32768 0
malloc-512 512 9 55 132 0 30 32768 0
malloc-512 512 7 57 54 0 30 32768 0
malloc-512 512 4 60 42 0 30 32768 0
malloc-512 512 1 63 6 0 30 32768 0
malloc-512 512 6 58 60 0 30 32768 0
pcpu-64 64 488 24 488 0 254 32768 0
PWD 40 33 775 509 0 254 32320 0
KNOTE 160 34 166 7713 0 62 32000 0
ttyinq 160 135 65 300 0 62 32000 0
Files 80 282 118 9673 0 126 32000 0
PGRP 120 28 236 54 0 126 31680 0
clpbuf 2624 0 12 35 0 4 31488 0
tcp_bbr_pcb 832 1 35 42 0 16 29952 0
sctp_laddr 48 20 568 104 0 254 28224 0
malloc-32 32 277 605 3301 0 254 28224 0
16 Bucket 144 60 136 326 0 62 28224 0
4 Bucket 48 5 583 9 0 254 28224 0
AIO 208 0 133 135 0 62 27664 0
udplite_inpcb 416 1 62 18 0 30 26208 0
cpuset 200 7 121 7 0 62 25600 0
malloc-8192 8192 1 2 102 0 1 24576 0
malloc-8192 8192 3 0 3 0 1 24576 0
malloc-4096 4096 2 4 203 0 2 24576 0
tcp_rack_pcb 1216 1 19 44 0 8 24320 0
rl_entry 40 61 545 63 0 254 24240 0
rtentry 168 31 113 39 0 62 24192 0
8 Bucket 80 57 243 442 0 126 24000 0
ripcb 384 7 53 34 0 30 23040 0
malloc-384 384 1 59 3 0 30 23040 0
malloc-384 384 2 58 45 0 30 23040 0
malloc-384 384 23 37 38 0 30 23040 0
domainset 40 0 567 3 0 254 22680 0
udp_inpcb ports 32 3 627 41 0 254 20160 0
tcp_inpcb ports 32 4 626 59 0 254 20160 0
ertt 72 9 271 220 0 126 20160 0
malloc-32 32 82 548 90 0 254 20160 0
malloc-32 32 248 382 1792 0 254 20160 0
malloc-32 32 159 471 1385 0 254 20160 0
malloc-32 32 35 595 1728 0 254 20160 0
malloc-32 32 59 571 959 0 254 20160 0
malloc-32 32 30 600 88 0 254 20160 0
2 Bucket 32 67 563 474 0 254 20160 0
cryptop 280 0 70 13 0 30 19600 0
L VFS Cache 320 0 60 23 0 30 19200 0
AIOLIO 272 0 70 127 0 30 19040 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 3 1 3 0 2 16384 0
malloc-1024 1024 8 8 8 0 16 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
sctp_asconf_ack 48 0 336 3 0 254 16128 0
vtnet_tx_hdr 24 0 668 43865 0 254 16032 0
malloc-16 16 238 762 5145 0 254 16000 0
kenv 258 17 43 1076 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
malloc-16 16 28 722 67 0 254 12000 0
malloc-16 16 310 440 499 0 254 12000 0
malloc-16 16 119 631 1088 0 254 12000 0
malloc-16 16 3 747 2045 0 254 12000 0
malloc-16 16 29 721 27897 0 254 12000 0
malloc-16 16 16 734 17 0 254 12000 0
AIOCB 552 0 21 5 0 16 11592 0
malloc-384 384 11 19 11 0 30 11520 0
Mountpoints 2816 2 2 2 0 4 11264 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 1 1 1 0 2 8192 0
pcpu-16 16 4 252 4 0 254 4096 0
UMA Slabs 1 176 9 13 9 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 360 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
ripcb ports 32 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: d80a97def9a1 unix: new implementation of unix/stream & uni..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=11df9225180000
dashboard link: https://syzkaller.appspot.com/bug?extid=121f108c176a2d295d64
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+121f10...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xfffff7bfe0000000
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff8157b347
stack pointer = 0x28:0xfffffe0077c146d0
frame pointer = 0x28:0xfffffe0077c146d0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 1457 (syz-executor.3)
rdi: ffffffff00000001 rsi: 0000003fe0000000 rdx: 0000020000000000
rcx: ffffffff00000008 r8: ffffffff00000004 r9: 0000000000000001
rax: fffff78000000000 rbx: ffffffff00000001 rbp: fffffe0077c146d0
r10: 0000000000000000 r11: fffffe006d6d8520 r12: fffffe0077c14870
r13: fffffe0077c148b0 r14: ffffffff00000001 r15: 000000000000002d
trap number = 12
panic: page fault
cpuid = 1
time = 10
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0077c13df0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0077c13f50
vpanic() at vpanic+0x26a/frame 0xfffffe0077c14110
panic() at panic+0xb5/frame 0xfffffe0077c141d0
trap_fatal() at trap_fatal+0x7f2/frame 0xfffffe0077c142f0
trap_pfault() at trap_pfault+0x179/frame 0xfffffe0077c14410
trap() at trap+0x648/frame 0xfffffe0077c14600
calltrap() at calltrap+0x8/frame 0xfffffe0077c14600
--- trap 0xc, rip = 0xffffffff8157b347, rsp = 0xfffffe0077c146d0, rbp = 0xfffffe0077c146d0 ---
__asan_load8_noabort() at __asan_load8_noabort+0xb7/frame 0xfffffe0077c146d0
m_free() at m_free+0x1e/frame 0xfffffe0077c14710
m_freem() at m_freem+0x48/frame 0xfffffe0077c14730
uipc_sosend_stream_or_seqpacket() at uipc_sosend_stream_or_seqpacket+0x126d/frame 0xfffffe0077c149a0
sousrsend() at sousrsend+0x117/frame 0xfffffe0077c14a30
kern_sendit() at kern_sendit+0x4fc/frame 0xfffffe0077c14b90
sendit() at sendit+0x15f/frame 0xfffffe0077c14bf0
sys_sendmsg() at sys_sendmsg+0x181/frame 0xfffffe0077c14d10
amd64_syscall() at amd64_syscall+0x4cb/frame 0xfffffe0077c14f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0077c14f30
--- syscall (198, FreeBSD ELF64, __syscall), rip = 0x2aeb2a, rsp = 0x827fc4f08, rbp = 0x827fc4f80 ---
KDB: enter: panic
[ thread pid 1457 tid 100628 ]
Stopped at kdb_enter+0x6e: movq $0,0x23c8477(%rip)
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe0074200000
rdx 0x3ffff
rbx 0xffffffff826ed680 .str.27
rsp 0xfffffe0077c13f30
rbp 0xfffffe0077c13f50
rsi 0x40001
rdi 0xffffffff815c0059 printf+0x149
r8 0
r9 0xffffffff
r10 0
r11 0x17
r12 0xfffffe006d6d8000
r13 0xfffffffffffffffd
r14 0xffffffff826ed680 .str.27
r15 0
rip 0xffffffff815acc1e kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x23c8477(%rip)
db> show proc
Process 1457 (syz-executor.3) at 0xfffffe00760e75a0:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 869 at 0xfffffe006d0d2000
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.3 exec
reaper: 0xfffffe005420b040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe0058af3268
(map 0xfffffe0058af3268)
(map.pmap 0xfffffe0058af3328)
(pmap 0xfffffe0058af3398)
threads: 2
100556 RunQ syz-executor.3
100628 Run CPU 1 syz-executor.3
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1457 869 869 0 R (threaded) syz-executor.3
100556 RunQ syz-executor.3
100628 Run CPU 1 syz-executor.3
1440 771 771 0 R (threaded) syz-executor.1
100545 RunQ syz-executor.1
100614 S connec 0xfffffe006a83449a syz-executor.1
1355 1 771 60928 S uwait 0xfffffe006d6dc000 syz-executor.1
1346 1 771 60928 S uwait 0xfffffe0007980580 syz-executor.1
1340 1 869 60928 S uwait 0xfffffe0057370a00 syz-executor.3
1338 1 869 60928 S uwait 0xfffffe005736de80 syz-executor.3
1326 1320 1326 0 Ss select 0xfffffe006ce2f340 dhclient
1323 1 1323 0 Ss select 0xfffffe006ce2f4c0 dhclient
1320 1309 424 65 S select 0xfffffe006ce2fbc0 dhclient
1309 424 424 0 S wait 0xfffffe006d68b020 sh
1281 1 869 0 S uwait 0xfffffe005736d380 syz-executor.3
1272 1271 1271 0 D ifnet_d 0xffffffff83a74340 ifconfig
1271 768 1271 0 Ss wait 0xfffffe00724df5a0 syz-executor.2
1237 1 869 0 S uwait 0xfffffe006d6dd080 syz-executor.3
1229 1 869 0 S uwait 0xfffffe006d6dd180 syz-executor.3
1223 1 869 0 S uwait 0xfffffe006d6dad80 syz-executor.3
1214 1 771 0 S uwait 0xfffffe006d6dc900 syz-executor.1
1212 1 783 0 SV uwait 0xfffffe005736d680 syz-executor.2
1205 1 771 0 S uwait 0xfffffe00578c9c80 syz-executor.1
1112 1111 1111 0 D tun_con 0xfffffe006d02bb28 ifconfig
1111 768 1111 0 Ss wait 0xfffffe00724deae0 syz-executor.0
1070 1 771 0 S uwait 0xfffffe006d6dc200 syz-executor.1
1054 1 1053 0 SV uwait 0xfffffe006d6db200 syz-executor.0
966 1 869 60929 S uwait 0xfffffe006d6dba80 syz-executor.3
957 1 771 60929 S uwait 0xfffffe006d6db680 syz-executor.1
948 1 771 60929 S uwait 0xfffffe006d6dbd80 syz-executor.1
878 0 0 0 DL aiordy 0xfffffe006d68c040 [aiod4]
877 0 0 0 DL aiordy 0xfffffe006d68c5a0 [aiod3]
876 0 0 0 DL aiordy 0xfffffe006d0d3ae0 [aiod2]
875 0 0 0 DL aiordy 0xfffffe006a8aab00 [aiod1]
869 768 869 0 Rs syz-executor.3
771 768 771 0 Rs syz-executor.1
768 766 766 0 S (threaded) syz-fuzzer
100107 S uwait 0xfffffe0007980f00 syz-fuzzer
100112 S uwait 0xfffffe00578ca700 syz-fuzzer
100113 S kqread 0xfffffe0007c83000 syz-fuzzer
100114 S wait 0xfffffe00579ef5c0 syz-fuzzer
100115 S uwait 0xfffffe00578caa00 syz-fuzzer
100116 S uwait 0xfffffe00578c9880 syz-fuzzer
100117 S wait 0xfffffe00579ef5c0 syz-fuzzer
100118 S uwait 0xfffffe00578c9a80 syz-fuzzer
100120 S uwait 0xfffffe005736d280 syz-fuzzer
100124 S wait 0xfffffe00579ef5c0 syz-fuzzer
100125 S uwait 0xfffffe0007980e00 syz-fuzzer
100141 S uwait 0xfffffe006d6dd280 syz-fuzzer
100201 S wait 0xfffffe00579ef5c0 syz-fuzzer
766 764 766 0 Ss pause 0xfffffe006d68a0b0 csh
764 682 764 0 Ss select 0xfffffe0007877240 sshd
748 1 748 0 Rs+ CPU 0 getty
747 1 747 0 Ss+ ttyin 0xfffffe00587478b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00587480b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe00587488b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe0056ec00b0 getty
743 1 743 0 Ss+ ttyin 0xfffffe0056ec08b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe0056ec10b0 getty
741 1 741 0 Ss+ ttyin 0xfffffe0056ec18b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe0056ec20b0 getty
738 1 18 0 S+ piperd 0xfffffe0058af0000 logger
737 736 18 0 S+ nanslp 0xffffffff83956480 sleep
736 1 18 0 S+ wait 0xfffffe005420c5c0 sh
686 1 686 0 Ss nanslp 0xffffffff83956481 cron
682 1 682 0 Ss select 0xfffffe006ce2fe40 sshd
495 1 495 0 Ds biowr 0xfffffe0007e19260 syslogd
424 1 424 0 Ss wait 0xfffffe00579ed580 devd
423 1 423 65 Ss select 0xfffffe006ce30140 dhclient
338 1 338 0 Ss select 0xfffffe0007877dc0 dhclient
335 1 335 0 Ss select 0xfffffe0007877a40 dhclient
17 0 0 0 DL syncer 0xffffffff83a73ba0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe0007cea060 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100079 D psleep 0xffffffff83a72180 [bufdaemon]
100082 D - 0xffffffff82e02140 [bufspacedaemon-0]
100094 D sdflush 0xfffffe00589dfce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83abb680 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff83aa34f8 [dom0]
100080 D launds 0xffffffff83aa3504 [laundry: dom0]
100081 D umarcl 0xffffffff81d508d0 [uma]
7 0 0 0 DL - 0xffffffff836d3cb0 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff841a7bb0 [pf purge]
5 0 0 0 DL waiting 0xffffffff844f8760 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff8369e340 [doneq0]
100045 D - 0xffffffff8369e2c0 [async]
100076 D - 0xffffffff8369e140 [scanner]
3 0 0 0 DL (threaded) [crypto]
100041 D crypto_ 0xffffffff83a9ed20 [crypto]
100042 D crypto_ 0xfffffe0007c85030 [crypto returns 0]
100043 D crypto_ 0xfffffe0007c85080 [crypto returns 1]
14 0 0 0 DL seqstat 0xfffffe0056f60c88 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff838fee00 [g_event]
100036 D - 0xffffffff838fee20 [g_up]
100037 D - 0xffffffff838fee40 [g_down]
2 0 0 0 WL (threaded) [clock]
100029 I [clock (0)]
100030 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100015 I [swi5: fast taskq]
100031 I [swi1: netisr 0]
100032 I [swi1: hpts]
100033 I [swi1: hpts]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq33: virtio_pci2]
100060 I [irq34: virtio_pci2]
100061 I [irq35: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe005420b040 [init]
10 0 0 0 DL audit_w 0xffffffff83a9f780 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff838ff7e0 [swapper]
100005 D - 0xfffffe00085f7d00 [softirq_0]
100006 D - 0xfffffe00085f7c00 [softirq_1]
100007 D - 0xfffffe00085f7b00 [if_io_tqg_0]
100008 D - 0xfffffe00085f7a00 [if_io_tqg_1]
100009 D - 0xfffffe00085f7900 [if_config_tqg_0]
100010 D - 0xfffffe00085f7800 [pci_hp taskq]
100011 D - 0xfffffe00085f7700 [kqueue_ctx taskq]
100014 D - 0xfffffe00085f7400 [thread taskq]
100016 D - 0xfffffe00085f7200 [aiod_kick taskq]
100017 D - 0xfffffe00085f7100 [deferred_unmount ta]
100018 D - 0xfffffe00085f7000 [inm_free taskq]
100019 D - 0xfffffe00085f6e00 [in6m_free taskq]
100020 D - 0xfffffe00085f6d00 [linuxkpi_irq_wq]
100021 D - 0xfffffe00085f6c00 [linuxkpi_short_wq_0]
100022 D - 0xfffffe00085f6c00 [linuxkpi_short_wq_1]
100023 D - 0xfffffe00085f6c00 [linuxkpi_short_wq_2]
100024 D - 0xfffffe00085f6c00 [linuxkpi_short_wq_3]
100025 D - 0xfffffe00085f6b00 [linuxkpi_long_wq_0]
100026 D - 0xfffffe00085f6b00 [linuxkpi_long_wq_1]
100027 D - 0xfffffe00085f6b00 [linuxkpi_long_wq_2]
100028 D - 0xfffffe00085f6b00 [linuxkpi_long_wq_3]
100034 D - 0xfffffe00085f6a00 [firmware taskq]
100039 D - 0xfffffe00085f6700 [crypto_0]
100040 D - 0xfffffe00085f6700 [crypto_1]
100055 D - 0xfffffe00085f6500 [vtnet0 rxq 0]
100056 D - 0xfffffe00085f6400 [vtnet0 txq 0]
100057 D - 0xfffffe00085f6300 [vtnet0 rxq 1]
100058 D - 0xfffffe00085f6200 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe0007cbc380 [virtio_balloon]
100066 D - 0xffffffff826f28c0 [deadlkres]
100070 D - 0xfffffe005797ab00 [acpi_task_0]
100071 D - 0xfffffe005797ab00 [acpi_task_1]
100072 D - 0xfffffe005797ab00 [acpi_task_2]
100074 D - 0xfffffe00085f8100 [mca taskq]
100075 D - 0xfffffe00085f6600 [CAM taskq]
db> show all locks
Process 1112 (ifconfig) thread 0xfffffe006d004740 (100110)
exclusive sx ifnet_detach_sx (ifnet_detach_sx) r = 0 (0xffffffff83a74340) locked @ /syzkaller/managers/main/kernel/sys/net/if.c:3039
Process 495 (syslogd) thread 0xfffffe0058b5e000 (100096)
exclusive lockmgr bufwait (bufwait) r = 0 (0xfffffe0007e192e0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:4012
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe006cfea5b0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_syscalls.c:3581
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
linker 371 4934K 505
tcp_hpts 7 4801K 7
devbuf 4192 4324K 4217
sysctloid 34865 2055K 34936
vtbuf 24 1968K 46
kobj 326 1304K 488
newblk 891 1247K 1640
vfscache 3 1025K 3
pcb 74 725K 962
inodedep 272 614K 647
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
filedesc 50 393K 1162
subproc 172 326K 1558
vnet_data 2 224K 2
acpitask 1 224K 1
KTRACE 101 201K 3063
acpica 1674 184K 60830
tidhash 3 141K 3
vmem 3 138K 5
pagedep 40 138K 449
tfo_ccache 1 128K 1
IP reass 1 128K 1
DEVFS1 110 110K 129
sem 4 106K 4
gtaskqueue 18 98K 18
bus 985 81K 5155
mtx_pool 2 72K 2
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 513 65K 513
ddb_capture 1 64K 1
dirrem 200 50K 557
kdtrace 245 48K 2087
umtx 368 46K 368
temp 34 39K 2069
BPF 22 36K 27
filemon 4 32K 44
hostcache 1 32K 1
shm 1 32K 4
DEVFS3 128 32K 139
msg 4 30K 4
kbdmux 6 28K 6
freefile 175 22K 499
routetbl 191 21K 573
LRO 20 21K 22
DEVFS_RULE 56 20K 56
ifaddr 68 20K 79
ufs_mount 4 17K 5
proc 3 17K 3
sctp_stro 16 16K 122
tty 16 16K 16
ithread 97 16K 97
sctp_atcl 41 16K 576
freework 60 15K 573
bus-sc 34 15K 1687
lltable 45 14K 53
eventhandler 162 14K 162
ether_multi 157 13K 197
ifnet 7 13K 8
kenv 95 12K 95
GEOM 61 11K 481
rman 86 11K 451
CAM queue 5 11K 1528
ksem 13 10K 33
in6_multi 71 9K 81
bmsafemap 3 9K 593
rpc 4 9K 4
devstat 4 9K 4
UART 12 9K 12
shmfd 1 8K 9
cred 32 8K 294
pfs_vncache 1 8K 1
sctp_timw 30 8K 30
audit_evclass 238 8K 300
kqueue 74 7K 1486
taskqueue 63 7K 63
sglist 6 7K 6
plimit 24 6K 372
DEVFSP 96 6K 212
CAM DEV 3 6K 510
diradd 47 6K 588
freeblks 23 6K 456
pfs_nodes 22 6K 22
hhook 15 5K 17
pf_ifnet 13 5K 27
kcovinfo 78 5K 91
ufs_dirhash 24 5K 39
pwddesc 72 5K 1478
UMA 267 5K 267
tcp_fsb_rack 2 5K 88
vt 11 5K 11
pf_table 2 4K 3
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
lockf 37 4K 208
newdirblk 30 4K 433
indirdep 14 4K 115
session 28 4K 53
acpisem 28 4K 28
proc-args 100 4K 2614
terminal 11 3K 11
mkdir 20 3K 866
uidinfo 5 3K 25
sctp_atky 57 3K 725
CC Mem 9 3K 228
clone 9 3K 9
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
ip6ndp 12 2K 17
sctp_ifa 14 2K 17
selfd 26 2K 18018
CAM XPT 22 2K 543
Unitno 25 2K 53
msi 12 2K 12
crypto 7 2K 42
in_multi 6 2K 10
tun 4 2K 5
toponodes 6 2K 6
ipsecpolicy 2 2K 2
select 10 2K 41
acpidev 20 2K 20
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 10
NFSD session 1 1K 1
inpcbpolicy 28 1K 481
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_ifn 6 1K 17
mld 6 1K 7
igmp 6 1K 7
pfil 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
sctp_athm 41 1K 589
encap_export_host 12 1K 12
cryptodev 8 1K 175
osd 14 1K 233
sctp_map 32 1K 244
netlink 2 1K 34
cdev 2 1K 2
lkpikmalloc 8 1K 9
chacha20random 1 1K 1
biobuf 1 1K 1
tcp_pcm_rack 1 1K 44
vnodes 1 1K 3
procdesc 2 1K 12
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
pf_rule 1 1K 1
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
aio 4 1K 4
soname 5 1K 3805
pmchooks 1 1K 1
filecaps 5 1K 90
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
sctp_vrf 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
entropy 2 1K 42
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
iov 1 1K 15340
p1003.1b 1 1K 1
tcp_do_rack 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 232
sctp_iter 0 0K 15
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 15
sctp_aadr 0 0K 13
sctp_stri 0 0K 26
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
ixl 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
fpukern_ctx 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
aesni_data 0 0K 0
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 141
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 3
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 39
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
ktls_ocf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpimhi 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 12
ip6_msource 0 0K 0
ip6_moptions 0 0K 7
in6_mfilter 0 0K 21
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 2
in_mfilter 0 0K 2
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 19
fadvise 0 0K 0
VN POLL 0 0K 1
statfs 0 0K 197
namei_tracker 0 0K 4
export_host 0 0K 0
cl_savebuf 0 0K 17
lio 0 0K 127
acl 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 1
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
ioctlops 0 0K 213
eventfd 0 0K 1
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 290
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 664
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
cache 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 2
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 24
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
md_sectors 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 25713 0 254 38494208 0
mbuf 256 8805 858 90867 0 254 2473728 0
tcp_log 416 0 5337 10540 0 254 2220192 0
BUF TRIE 144 240 11548 819 0 62 1697472 0
malloc-4096 4096 409 5 2554 0 2 1695744 0
malloc-384 384 4263 57 4816 0 30 1658880 0
mbuf_cluster 2048 762 0 762 0 254 1560576 0
malloc-128 128 11447 147 11513 0 126 1484032 0
UMA Slabs 0 112 11005 5 11005 0 126 1233120 0
sctp_asoc 2256 16 494 122 0 254 1150560 0
RADIX NODE 144 7311 216 42632 0 62 1083888 0
malloc-65536 65536 15 0 18 0 1 983040 0
vmem btag 56 17284 35 17284 0 254 969864 0
FFS inode 1168 564 31 1067 0 8 694960 0
sctp_ep 1144 25 486 441 0 254 584584 0
malloc-16384 16384 28 5 582 0 1 540672 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 198 0 0 2 519552 0
socket 960 63 445 2176 0 254 487680 0
256 Bucket 2048 195 23 1314 0 8 446464 0
VM OBJECT 264 1388 82 21401 0 30 388080 0
sctp_raddr 736 16 501 141 0 254 380512 0
THREAD 1824 172 12 628 0 8 335616 0
VNODE 448 604 89 1110 0 30 310464 0
malloc-64 64 3881 214 3927 0 254 262080 0
malloc-256 256 902 103 1797 0 62 257280 0
malloc-2048 2048 106 14 208 0 8 245760 0
malloc-16 16 14409 91 14734 0 254 232000 0
malloc-32768 32768 1 6 99 0 1 229376 0
tcp_bbr_map 128 0 1767 6981 0 126 226176 0
DEVCTL 1024 34 186 161 0 0 225280 0
mbuf_packet 256 4 758 13852 0 254 195072 0
malloc-128 128 1301 218 29721 0 126 194432 0
MAP ENTRY 96 1766 250 63971 0 126 193536 0
malloc-256 256 618 132 2150 0 62 192000 0
ertt_txseginfo 40 0 4646 43233 0 254 185840 0
UMA Zones 768 239 0 239 0 16 183552 0
malloc-32 32 5279 391 5310 0 254 181440 0
malloc-1024 1024 154 22 299 0 16 180224 0
FPU_save_area 832 174 42 2374 0 16 179712 0
FFS2 dinode 256 564 126 1066 0 62 176640 0
lkpimm 56 1 3095 1 0 254 173376 0
malloc-32768 32768 3 2 5 0 1 163840 0
S VFS Cache 104 1021 383 1573 0 126 146016 0
malloc-384 384 284 76 659 0 30 138240 0
PROC 1376 71 28 1457 0 8 136224 0
malloc-65536 65536 0 2 80 0 1 131072 0
malloc-65536 65536 0 2 4 0 1 131072 0
malloc-65536 65536 0 2 110 0 1 131072 0
malloc-8192 8192 10 6 51 0 1 131072 0
malloc-128 128 844 179 2409 0 126 130944 0
unpcb 256 13 497 1223 0 254 130560 0
ksiginfo 112 81 963 2093 0 126 116928 0
malloc-2048 2048 13 43 1140 0 8 114688 0
128 Bucket 1024 66 33 349 0 16 101376 0
malloc-2048 2048 27 21 443 0 8 98304 0
filedesc0 1072 72 19 1478 0 8 97552 0
malloc-8192 8192 9 2 11 0 1 90112 0
malloc-4096 4096 16 6 38 0 2 90112 0
UMA Kegs 384 226 7 226 0 30 89472 0
malloc-128 128 464 187 1064 0 126 83328 0
sctp_readq 152 0 520 15 0 254 79040 0
sctp_chunk 152 5 515 39 0 254 79040 0
g_bio 408 4 176 7332 0 30 73440 0
64 Bucket 512 80 56 2394 0 30 69632 0
malloc-64 64 643 428 16311 0 254 68544 0
malloc-128 128 325 202 939 0 126 67456 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-256 256 161 94 2393 0 62 65280 0
sctp_stream_msg_out 112 0 540 25 0 254 60480 0
malloc-8192 8192 1 6 30 0 1 57344 0
malloc-4096 4096 10 4 25 0 2 57344 0
tcp_inpcb 1304 9 33 220 0 8 54768 0
malloc-64 64 484 335 3687 0 254 52416 0
malloc-64 64 476 343 962 0 254 52416 0
VMSPACE 616 51 33 1313 0 16 51744 0
malloc-256 256 75 120 203 0 62 49920 0
malloc-256 256 100 95 1126 0 62 49920 0
32 Bucket 256 76 119 3832 0 62 49920 0
DIRHASH 1024 35 13 45 0 16 49152 0
NAMEI 1024 0 48 16351 0 16 49152 0
malloc-16384 16384 0 3 160 0 1 49152 0
malloc-2048 2048 17 7 34 0 8 49152 0
malloc-1024 1024 10 38 1620 0 16 49152 0
malloc-384 384 101 19 444 0 30 46080 0
syncache 168 0 264 4 0 254 44352 0
malloc-8192 8192 3 2 29 0 1 40960 0
pcpu-8 8 4785 335 5138 0 254 40960 0
pipe 728 26 29 380 0 16 40040 0
da_ccb 544 1 69 1968 0 16 38080 0
udp_inpcb 416 11 79 209 0 30 37440 0
hostcache 64 2 565 2 0 254 36288 0
malloc-64 64 38 529 18054 0 254 36288 0
malloc-64 64 101 466 814 0 254 36288 0
malloc-64 64 93 474 1774 0 254 36288 0
malloc-64 64 25 542 29 0 254 36288 0
tcp_rack_map 128 2 277 55 0 126 35712 0
malloc-128 128 5 274 6 0 126 35712 0
malloc-128 128 64 215 3540 0 126 35712 0
malloc-128 128 65 214 73 0 126 35712 0
routing nhops 256 27 108 39 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-256 256 79 56 647 0 62 34560 0
malloc-256 256 16 119 590 0 62 34560 0
malloc-256 256 50 85 736 0 62 34560 0
TURNSTILE 136 185 67 185 0 62 34272 0
SLEEPQUEUE 88 185 199 185 0 126 33792 0
malloc-16384 16384 2 0 2 0 1 32768 0
malloc-2048 2048 6 10 19 0 8 32768 0
malloc-2048 2048 0 16 40 0 8 32768 0
malloc-2048 2048 3 13 195 0 8 32768 0
malloc-1024 1024 2 30 42 0 16 32768 0
malloc-1024 1024 1 31 12 0 16 32768 0
malloc-1024 1024 5 27 14 0 16 32768 0
malloc-1024 1024 10 22 175 0 16 32768 0
malloc-512 512 9 55 132 0 30 32768 0
malloc-512 512 7 57 54 0 30 32768 0
malloc-512 512 4 60 42 0 30 32768 0
malloc-512 512 1 63 6 0 30 32768 0
malloc-512 512 6 58 60 0 30 32768 0
pcpu-64 64 488 24 488 0 254 32768 0
PWD 40 33 775 509 0 254 32320 0
KNOTE 160 34 166 7713 0 62 32000 0
ttyinq 160 135 65 300 0 62 32000 0
Files 80 282 118 9673 0 126 32000 0
PGRP 120 28 236 54 0 126 31680 0
clpbuf 2624 0 12 35 0 4 31488 0
tcp_bbr_pcb 832 1 35 42 0 16 29952 0
sctp_laddr 48 20 568 104 0 254 28224 0
malloc-32 32 277 605 3301 0 254 28224 0
16 Bucket 144 60 136 326 0 62 28224 0
4 Bucket 48 5 583 9 0 254 28224 0
AIO 208 0 133 135 0 62 27664 0
udplite_inpcb 416 1 62 18 0 30 26208 0
cpuset 200 7 121 7 0 62 25600 0
malloc-8192 8192 1 2 102 0 1 24576 0
malloc-8192 8192 3 0 3 0 1 24576 0
malloc-4096 4096 2 4 203 0 2 24576 0
tcp_rack_pcb 1216 1 19 44 0 8 24320 0
rl_entry 40 61 545 63 0 254 24240 0
rtentry 168 31 113 39 0 62 24192 0
8 Bucket 80 57 243 442 0 126 24000 0
ripcb 384 7 53 34 0 30 23040 0
malloc-384 384 1 59 3 0 30 23040 0
malloc-384 384 2 58 45 0 30 23040 0
malloc-384 384 23 37 38 0 30 23040 0
domainset 40 0 567 3 0 254 22680 0
udp_inpcb ports 32 3 627 41 0 254 20160 0
tcp_inpcb ports 32 4 626 59 0 254 20160 0
ertt 72 9 271 220 0 126 20160 0
malloc-32 32 82 548 90 0 254 20160 0
malloc-32 32 248 382 1792 0 254 20160 0
malloc-32 32 159 471 1385 0 254 20160 0
malloc-32 32 35 595 1728 0 254 20160 0
malloc-32 32 59 571 959 0 254 20160 0
malloc-32 32 30 600 88 0 254 20160 0
2 Bucket 32 67 563 474 0 254 20160 0
cryptop 280 0 70 13 0 30 19600 0
L VFS Cache 320 0 60 23 0 30 19200 0
AIOLIO 272 0 70 127 0 30 19040 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 3 1 3 0 2 16384 0
malloc-1024 1024 8 8 8 0 16 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
sctp_asconf_ack 48 0 336 3 0 254 16128 0
vtnet_tx_hdr 24 0 668 43865 0 254 16032 0
malloc-16 16 238 762 5145 0 254 16000 0
kenv 258 17 43 1076 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
malloc-16 16 28 722 67 0 254 12000 0
malloc-16 16 310 440 499 0 254 12000 0
malloc-16 16 119 631 1088 0 254 12000 0
malloc-16 16 3 747 2045 0 254 12000 0
malloc-16 16 29 721 27897 0 254 12000 0
malloc-16 16 16 734 17 0 254 12000 0
AIOCB 552 0 21 5 0 16 11592 0
malloc-384 384 11 19 11 0 30 11520 0
Mountpoints 2816 2 2 2 0 4 11264 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 1 1 1 0 2 8192 0
pcpu-16 16 4 252 4 0 254 4096 0
UMA Slabs 1 176 9 13 9 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 360 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
ripcb ports 32 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages