Fatal trap NUM: page fault in in_pcbbind_setup
3 views
Skip to first unread message
syzbot
Sep 22, 2023, 4:22:53 PM9/22/23
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 366ef17bb6ce UPDATING: add entry for the new loader tunnab..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=15acc30e680000
dashboard link: https://syzkaller.appspot.com/bug?extid=49e2532b9c11ffaa450f
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15baa70e680000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17384cfa680000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+49e253...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xb8
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff819340c8
stack pointer = 0x28:0xfffffe006a2a9a20
frame pointer = 0x28:0xfffffe006a2a9b60
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
executing program
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 38596 (syz-executor3993880)
rdi: 00000000000000b8 rsi: 0000000000000000 rdx: fffff78000000000
rcx: fffffe00033eee30 r8: 0000000000000000 r9: 0000000000000001
rax: fffffe00033eee30 rbx: fffffe006d318380 rbp: fffffe006a2a9b60
r10: 0000000000000000 r11: fffffe006d2ef540 r12: fffffe006a2a9ae0
r13: fffffe006d318380 r14: 0000000000000000 r15: 0000000000002d4e
trap number = 12
panic: page fault
cpuid = 1
time = 1695414029
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe006a2a9150
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe006a2a92b0
vpanic() at vpanic+0x271/frame 0xfffffe006a2a9450
panic() at panic+0xb5/frame 0xfffffe006a2a9510
trap_fatal() at trap_fatal+0x7ee/frame 0xfffffe006a2a9630
trap_pfault() at trap_pfault+0x17b/frame 0xfffffe006a2a9770
trap() at trap+0x5f3/frame 0xfffffe006a2a9950
calltrap() at calltrap+0x8/frame 0xfffffe006a2a9950
--- trap 0xc, rip = 0xffffffff819340c8, rsp = 0xfffffe006a2a9a20, rbp = 0xfffffe006a2a9b60 ---
in_pcbbind_setup() at in_pcbbind_setup+0x898/frame 0xfffffe006a2a9b60
in_pcbbind() at in_pcbbind+0x169/frame 0xfffffe006a2a9ba0
udp_bind() at udp_bind+0x15f/frame 0xfffffe006a2a9be0
sobind() at sobind+0xcb/frame 0xfffffe006a2a9c30
kern_bindat() at kern_bindat+0x275/frame 0xfffffe006a2a9cf0
sys_bind() at sys_bind+0xfe/frame 0xfffffe006a2a9d30
amd64_syscall() at amd64_syscall+0x427/frame 0xfffffe006a2a9f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe006a2a9f30
--- syscall (0, FreeBSD ELF64, syscall), rip = 0x2466ea, rsp = 0x820a8d538, rbp = 0x820a8d560 ---
KDB: enter: panic
[ thread pid 38596 tid 100135 ]
Stopped at kdb_enter+0x6e: movq $0,0x2179eb7(%rip)
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe00033eee30
rdx 0xdffff7c000000000
rbx 0xffffffff826e08a0 .str.28
rsp 0xfffffe006a2a9290
rbp 0xfffffe006a2a92b0
rsi 0x1
rdi 0
r8 0
r9 0xffffffff
r10 0x1
r11 0x1
r12 0
r13 0xfffffe006d2ef020
r14 0xffffffff826e08a0 .str.28
r15 0
rip 0xffffffff815c59de kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x2179eb7(%rip)
db> show proc
Process 38596 (syz-executor3993880) at 0xfffffe006d37a020:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 787 at 0xfffffe0058b3eac0
ABI: FreeBSD ELF64
flag: 0x10000000 flag2: 0
arguments: ./syz-executor3993880381
reaper: 0xfffffe005422b040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe006ce684d0
(map 0xfffffe006ce684d0)
(map.pmap 0xfffffe006ce68590)
(pmap 0xfffffe006ce68600)
threads: 1
100135 Run CPU 1 syz-executor3993880
db> ps
pid ppid pgrp uid state wmesg wchan cmd
38598 778 778 0 L *udphash 0xfffffe0057ad7c00 syz-executor3993880
38597 1 778 0 LE *udphash 0xfffffe0057ad7c00 syz-executor3993880
38596 787 787 0 R CPU 1 syz-executor3993880
38595 776 776 0 L *udphash 0xfffffe0057ad7c00 syz-executor3993880
38594 1 787 0 LE *udphash 0xfffffe0057ad7c00 syz-executor3993880
38591 775 775 0 LE *udphash 0xfffffe0057ad7c00 syz-executor3993880
787 774 787 0 Ss nanslp 0xffffffff83720c41 syz-executor3993880
778 774 778 0 Ss nanslp 0xffffffff83720c40 syz-executor3993880
776 774 776 0 Ss nanslp 0xffffffff83720c40 syz-executor3993880
775 774 775 0 Rs syz-executor3993880
774 772 772 0 S nanslp 0xffffffff83720c41 syz-executor3993880
772 770 772 0 Ss pause 0xfffffe0007c02650 csh
770 682 770 0 Ss select 0xfffffe006cc83f40 sshd
748 1 748 0 Rs+ CPU 0 getty
747 1 747 0 Ss+ ttyin 0xfffffe005876a0b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe005876a4b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe005876a8b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe005876acb0 getty
743 1 743 0 Ss+ ttyin 0xfffffe005876b0b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe005876b4b0 getty
741 1 741 0 Ss+ ttyin 0xfffffe005876b8b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe005876bcb0 getty
686 1 686 0 Ss nanslp 0xffffffff83720c40 cron
682 1 682 0 Ss select 0xfffffe006cc843c0 sshd
495 1 495 0 Ds biowr 0xfffffe0007e0d410 syslogd
424 1 424 0 Ss select 0xfffffe006cc845c0 devd
423 1 423 65 Ss select 0xfffffe006cc84540 dhclient
338 1 338 0 Ss select 0xfffffe006cc844c0 dhclient
335 1 335 0 Ss select 0xfffffe005756d240 dhclient
17 0 0 0 DL syncer 0xffffffff8383e360 [syncer]
16 0 0 0 DL vlruwt 0xfffffe00571d7040 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100079 D psleep 0xffffffff8383c980 [bufdaemon]
100080 D - 0xffffffff82c0a140 [bufspacedaemon-0]
100092 D sdflush 0xfffffe00085fd8e8 [/ worker]
9 0 0 0 DL psleep 0xffffffff838af540 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff838973f8 [dom0]
100081 D launds 0xffffffff83897404 [laundry: dom0]
100082 D umarcl 0xffffffff81d50130 [uma]
7 0 0 0 DL - 0xffffffff834b5c28 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff83f7b3d0 [pf purge]
5 0 0 0 DL waiting 0xffffffff8429b4e0 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff83480340 [doneq0]
100045 D - 0xffffffff834802c0 [async]
100076 D - 0xffffffff83480140 [scanner]
3 0 0 0 DL (threaded) [crypto]
100041 D crypto_ 0xffffffff83892c60 [crypto]
100042 D crypto_ 0xfffffe00540c6d30 [crypto returns 0]
100043 D crypto_ 0xfffffe00540c6d80 [crypto returns 1]
14 0 0 0 DL seqstat 0xfffffe00570f5488 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff836c95e0 [g_event]
100036 D - 0xffffffff836c9600 [g_up]
100037 D - 0xffffffff836c9620 [g_down]
2 0 0 0 WL (threaded) [clock]
100029 I [clock (0)]
100030 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100015 I [swi5: fast taskq]
100031 I [swi1: netisr 0]
100032 I [swi1: hpts]
100033 I [swi1: hpts]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq33: virtio_pci2]
100060 I [irq34: virtio_pci2]
100061 I [irq35: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe005422b040 [init]
10 0 0 0 DL audit_w 0xffffffff838936a0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff836c9fa0 [swapper]
100005 D - 0xfffffe00540da700 [softirq_0]
100006 D - 0xfffffe00540da600 [softirq_1]
100007 D - 0xfffffe00540da500 [if_io_tqg_0]
100008 D - 0xfffffe00540da400 [if_io_tqg_1]
100009 D - 0xfffffe00540da300 [if_config_tqg_0]
100010 D - 0xfffffe00079eee00 [pci_hp taskq]
100011 D - 0xfffffe00079eec00 [kqueue_ctx taskq]
100014 D - 0xfffffe00079ee600 [thread taskq]
100016 D - 0xfffffe00079ee200 [aiod_kick taskq]
100017 D - 0xfffffe00079ee000 [deferred_unmount ta]
100018 D - 0xfffffe00079edd00 [inm_free taskq]
100019 D - 0xfffffe00079edb00 [in6m_free taskq]
100020 D - 0xfffffe00079ed900 [linuxkpi_irq_wq]
100021 D - 0xfffffe00079ed700 [linuxkpi_short_wq_0]
100022 D - 0xfffffe00079ed700 [linuxkpi_short_wq_1]
100023 D - 0xfffffe00079ed700 [linuxkpi_short_wq_2]
100024 D - 0xfffffe00079ed700 [linuxkpi_short_wq_3]
100025 D - 0xfffffe00079ed200 [linuxkpi_long_wq_0]
100026 D - 0xfffffe00079ed200 [linuxkpi_long_wq_1]
100027 D - 0xfffffe00079ed200 [linuxkpi_long_wq_2]
100028 D - 0xfffffe00079ed200 [linuxkpi_long_wq_3]
100034 D - 0xfffffe00079ec600 [firmware taskq]
100039 D - 0xfffffe0054368900 [crypto_0]
100040 D - 0xfffffe0054368900 [crypto_1]
100055 D - 0xfffffe0057232500 [vtnet0 rxq 0]
100056 D - 0xfffffe0057232400 [vtnet0 txq 0]
100057 D - 0xfffffe0057232300 [vtnet0 rxq 1]
100058 D - 0xfffffe0057232200 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe005756f000 [virtio_balloon]
100066 D - 0xffffffff826e59e1 [deadlkres]
100070 D - 0xfffffe00079ec000 [acpi_task_0]
100071 D - 0xfffffe00079ec000 [acpi_task_1]
100072 D - 0xfffffe00079ec000 [acpi_task_2]
100074 D - 0xfffffe00079efa00 [mca taskq]
100075 D - 0xfffffe0054367c00 [CAM taskq]
38599 38591 775 0 Z syz-executor3993880
db> show all locks
Process 38598 (syz-executor3993880) thread 0xfffffe006d2ed3a0 (100139)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006a5b0e20) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1545
Process 38597 (syz-executor3993880) thread 0xfffffe006d2d8c80 (100119)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe0058acb1e0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1621
Process 38596 (syz-executor3993880) thread 0xfffffe006d2ef020 (100135)
exclusive sleep mutex udphash (udphash) r = 0 (0xfffffe0054089e28) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1546
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006cc55e20) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1545
Process 38595 (syz-executor3993880) thread 0xfffffe0058a02000 (100116)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006d316720) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1545
Process 38594 (syz-executor3993880) thread 0xfffffe0058a02720 (100115)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006d3183a0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1621
Process 38591 (syz-executor3993880) thread 0xfffffe006d2ee1e0 (100137)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe0058acb3a0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1621
Process 748 (getty) thread 0xfffffe006a5e91e0 (100110)
exclusive sleep mutex ttymtx (ttymtx) r = 0 (0xfffffe00576c2c08) locked @ /syzkaller/managers/main/kernel/sys/kern/tty_ttydisc.c:487
Process 495 (syslogd) thread 0xfffffe0058a06740 (100095)
exclusive lockmgr bufwait (bufwait) r = 0 (0xfffffe0007e0d490) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:4004
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe006cd8b770) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_syscalls.c:3549
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 7 4801K 7
devbuf 4192 4324K 4220
sysctloid 34926 2058K 34997
vtbuf 24 1968K 46
kobj 326 1304K 488
newblk 123 1055K 851
vfscache 3 1025K 3
pcb 29 675K 37864
inodedep 3 513K 73
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
vnet_data 2 224K 2
acpitask 1 224K 1
subproc 126 222K 38678
acpica 1674 184K 60310
tidhash 3 141K 3
vmem 3 134K 4
linker 352 130K 385
pagedep 1 128K 19
tfo_ccache 1 128K 1
IP reass 1 128K 1
sem 4 106K 4
DEVFS1 105 105K 114
gtaskqueue 18 98K 18
bus 985 81K 5155
mtx_pool 2 72K 2
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 512 64K 512
ddb_capture 1 64K 1
filemon 6 48K 37819
umtx 308 39K 308
kdtrace 189 39K 38741
temp 18 37K 1581
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 124 31K 134
msg 4 30K 4
kbdmux 6 28K 6
DEVFS_RULE 56 20K 56
BPF 10 18K 10
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 97 16K 97
bus-sc 34 15K 1687
eventhandler 161 14K 161
KTRACE 100 13K 100
kenv 95 12K 95
ifaddr 30 12K 32
rman 88 11K 431
GEOM 61 11K 481
routetbl 50 11K 176
CAM queue 5 11K 1528
rpc 4 9K 4
devstat 4 9K 4
UART 12 9K 12
ksem 1 8K 1
bmsafemap 1 8K 44
shmfd 1 8K 1
pfs_vncache 1 8K 1
audit_evclass 238 8K 300
taskqueue 63 7K 63
sglist 6 7K 6
CAM DEV 3 6K 510
cred 22 6K 284
plimit 20 5K 362
pfs_nodes 20 5K 20
hhook 15 5K 17
ufs_dirhash 24 5K 24
UMA 268 5K 268
ifnet 3 5K 3
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
filedesc 1 4K 1
evdev 4 4K 4
acpisem 28 4K 28
ether_multi 40 4K 50
lltable 11 4K 11
pf_ifnet 5 3K 6
kqueue 48 3K 38602
in6_multi 25 3K 25
session 23 3K 36
terminal 11 3K 11
pwddesc 44 3K 38600
clone 9 3K 9
uidinfo 3 3K 9
proc-args 66 3K 39533
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
lockf 16 2K 26
Unitno 27 2K 41
CAM XPT 22 2K 543
msi 12 2K 12
CC Mem 6 2K 18918
toponodes 6 2K 6
selfd 22 2K 246057
ipsecpolicy 2 2K 2
acpidev 20 2K 20
sctp_atcl 3 2K 18911
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 26
NFSD session 1 1K 1
select 7 1K 29
CAM periph 4 1K 271
ipsec 3 1K 3
nhops 6 1K 6
pfil 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
sctp_ifa 5 1K 6
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
DEVFSP 10 1K 37828
inpcbpolicy 19 1K 37961
in_multi 2 1K 4
cdev 2 1K 2
osd 11 1K 18931
chacha20random 1 1K 1
biobuf 1 1K 1
sctp_ifn 2 1K 6
indirdep 1 1K 3
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
lkpikmalloc 5 1K 6
soname 7 1K 60135
cryptodev 2 1K 49
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
freefrag 1 1K 8
netlink 1 1K 1
procdesc 1 1K 6
pmchooks 1 1K 1
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
sctp_atky 3 1K 18911
tun 3 1K 3
sctp_vrf 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
entropy 2 1K 35
acpiintr 1 1K 1
sctp_athm 3 1K 18911
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
freework 1 1K 26
p1003.1b 1 1K 1
filecaps 1 1K 66
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
tcp_do 0 0K 0
tcp_fsb 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 4
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
ixl 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
fpukern_ctx 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
aesni_data 0 0K 0
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 17
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 6
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
newdirblk 0 0K 8
dirrem 0 0K 28
mkdir 0 0K 16
diradd 0 0K 37
freefile 0 0K 26
freeblks 0 0K 25
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
ktls_ocf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpimhi 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 3
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
LRO 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
statfs 0 0K 201
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 8
aio 0 0K 0
lio 0 0K 0
acl 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 0
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
iov 0 0K 32542
ioctlops 0 0K 86
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 288
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 650
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
cache 0 0K 0
kcovinfo 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
md_sectors 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 24798 0 254 38494208 0
mbuf 256 8578 1084 64445 0 254 2473472 0
BUF TRIE 144 184 11632 619 0 62 1701504 0
malloc-384 384 4173 27 4519 0 30 1612800 0
malloc-128 128 11461 257 11510 0 126 1499904 0
malloc-4096 4096 326 2 488 0 2 1343488 0
UMA Slabs 0 112 10647 3 10647 0 126 1192800 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
vmem btag 56 15682 125 15682 0 254 885192 0
socket 960 30 734 58048 0 254 733440 0
FFS inode 1160 487 31 514 0 8 600880 0
sctp_ep 1176 3 507 18911 0 254 599760 0
lkpimm 168 1 3095 1 0 62 520128 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 198 0 0 2 519552 0
RADIX NODE 144 3258 237 145989 0 62 503280 0
malloc-65536 65536 5 2 161 0 1 458752 0
256 Bucket 2048 139 21 1169 0 8 327680 0
malloc-256 256 542 643 2177 0 62 303360 0
malloc-64 64 4063 536 42665 0 254 294336 0
THREAD 1824 140 14 140 0 8 280896 0
malloc-2048 2048 7 129 514 0 8 278528 0
VM OBJECT 264 938 82 217022 0 30 269280 0
VNODE 448 518 58 547 0 30 258048 0
malloc-4096 4096 50 8 38602 0 2 237568 0
malloc-16 16 14456 294 14537 0 254 236000 0
DEVCTL 1024 0 220 123 0 0 225280 0
malloc-32 32 5331 591 44414 0 254 189504 0
UMA Zones 768 240 4 240 0 16 187392 0
malloc-128 128 1188 207 28156 0 126 178560 0
malloc-1024 1024 121 39 1712 0 16 163840 0
FFS2 dinode 256 487 83 513 0 62 145920 0
FPU_save_area 832 142 20 163 0 16 134784 0
S VFS Cache 104 974 313 1015 0 126 133848 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-65536 65536 1 1 9 0 1 131072 0
unpcb 256 7 503 1159 0 254 130560 0
mbuf_packet 256 0 508 19029 0 254 130048 0
malloc-8192 8192 8 7 37821 0 2 122880 0
MAP ENTRY 96 942 318 570166 0 126 120960 0
ksiginfo 112 63 981 18993 0 126 116928 0
malloc-128 128 741 158 1731 0 126 115072 0
PROC 1376 47 30 38599 0 8 105952 0
malloc-128 128 541 234 3901 0 126 99200 0
malloc-32768 32768 3 0 3 0 1 98304 0
malloc-32768 32768 3 0 3 0 1 98304 0
UMA Kegs 384 227 6 227 0 30 89472 0
64 Bucket 512 83 85 4834 0 30 86016 0
128 Bucket 1024 45 38 392 0 16 84992 0
malloc-64 64 569 754 323803 0 254 84672 0
malloc-64 64 562 761 40231 0 254 84672 0
malloc-16384 16384 4 1 164 0 1 81920 0
tcp_inpcb 1304 6 54 18918 0 9 78240 0
filedesc0 1072 47 23 38600 0 8 75040 0
g_bio 408 4 176 5010 0 30 73440 0
malloc-128 128 155 372 433 0 126 67456 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-4096 4096 14 2 226 0 2 65536 0
32 Bucket 256 67 188 2664 0 62 65280 0
malloc-384 384 82 68 18990 0 30 57600 0
malloc-8192 8192 5 2 132 0 1 57344 0
udp_inpcb 424 12 114 19039 0 30 53424 0
malloc-256 256 92 103 742 0 62 49920 0
malloc-256 256 13 182 37835 0 62 49920 0
malloc-256 256 23 172 401 0 62 49920 0
DIRHASH 1024 35 13 35 0 16 49152 0
NAMEI 1024 0 48 163445 0 16 49152 0
malloc-8192 8192 6 0 6 0 1 49152 0
malloc-2048 2048 8 16 19107 0 8 49152 0
malloc-2048 2048 1 23 524 0 8 49152 0
tcp_bbr_pcb 832 3 51 18911 0 16 44928 0
syncache 168 0 264 5 0 254 44352 0
malloc-8192 8192 5 0 5 0 1 40960 0
malloc-4096 4096 8 2 12 0 2 40960 0
VMSPACE 616 30 36 38584 0 16 40656 0
pipe 728 9 46 19192 0 16 40040 0
da_ccb 544 1 69 1389 0 16 38080 0
pcpu-8 8 4291 317 4319 0 254 36864 0
malloc-64 64 33 534 13581 0 254 36288 0
malloc-64 64 160 407 160 0 254 36288 0
malloc-64 64 15 552 22 0 254 36288 0
malloc-128 128 90 189 103 0 126 35712 0
malloc-128 128 2 277 186 0 126 35712 0
malloc-128 128 11 268 11 0 126 35712 0
routing nhops 256 10 125 17 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 9 81 81 0 30 34560 0
malloc-256 256 4 131 447 0 62 34560 0
malloc-256 256 14 121 19 0 62 34560 0
malloc-256 256 24 111 338 0 62 34560 0
malloc-256 256 6 129 25 0 62 34560 0
malloc-8192 8192 3 1 5 0 1 32768 0
malloc-4096 4096 5 3 559 0 2 32768 0
malloc-2048 2048 7 9 16 0 8 32768 0
malloc-2048 2048 4 12 90 0 8 32768 0
malloc-2048 2048 4 12 5 0 8 32768 0
malloc-1024 1024 2 30 13 0 16 32768 0
malloc-1024 1024 16 16 16 0 16 32768 0
malloc-1024 1024 14 18 14 0 16 32768 0
malloc-512 512 1 63 11 0 30 32768 0
malloc-512 512 3 61 179 0 30 32768 0
malloc-512 512 2 62 26 0 30 32768 0
malloc-512 512 9 55 9 0 30 32768 0
pcpu-64 64 487 25 487 0 254 32768 0
ertt_txseginfo 40 1 807 18432 0 254 32320 0
ttyinq 160 135 65 300 0 62 32000 0
Files 80 94 306 233474 0 126 32000 0
PGRP 120 23 241 36 0 126 31680 0
clpbuf 2624 0 12 30 0 4 31488 0
udp_inpcb ports 32 6 876 18753 0 254 28224 0
ertt 72 6 386 18918 0 126 28224 0
malloc-32 32 61 821 38025 0 254 28224 0
malloc-32 32 185 697 1443 0 254 28224 0
malloc-32 32 306 576 381 0 254 28224 0
malloc-32 32 26 856 21862 0 254 28224 0
16 Bucket 144 58 138 1001 0 62 28224 0
4 Bucket 48 7 581 10 0 254 28224 0
TURNSTILE 136 155 34 155 0 62 25704 0
cpuset 200 7 121 7 0 62 25600 0
ripcb 392 1 62 4 0 30 24696 0
malloc-4096 4096 6 0 6 0 2 24576 0
rl_entry 40 27 579 27 0 254 24240 0
PWD 40 10 596 101 0 254 24240 0
rtentry 168 13 131 17 0 62 24192 0
8 Bucket 80 58 242 1827 0 126 24000 0
malloc-384 384 1 59 22 0 30 23040 0
malloc-384 384 28 32 29 0 30 23040 0
Mountpoints 2816 2 6 2 0 4 22528 0
SLEEPQUEUE 88 155 101 155 0 126 22528 0
hostcache 64 1 314 1 0 254 20160 0
malloc-64 64 2 313 19 0 254 20160 0
malloc-64 64 2 313 2 0 254 20160 0
malloc-32 32 6 624 20 0 254 20160 0
malloc-32 32 6 624 19 0 254 20160 0
malloc-32 32 2 628 5 0 254 20160 0
2 Bucket 32 51 579 8124 0 254 20160 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-4096 4096 1 3 2 0 2 16384 0
malloc-2048 2048 0 8 2 0 8 16384 0
malloc-2048 2048 2 6 2 0 8 16384 0
malloc-1024 1024 5 11 5 0 16 16384 0
malloc-1024 1024 8 8 8 0 16 16384 0
malloc-1024 1024 1 15 1 0 16 16384 0
malloc-1024 1024 2 14 2 0 16 16384 0
malloc-512 512 2 30 2 0 30 16384 0
malloc-512 512 0 32 1 0 30 16384 0
malloc-512 512 1 31 1 0 30 16384 0
malloc-512 512 2 30 2 0 30 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
sctp_laddr 48 0 336 4 0 254 16128 0
vtnet_tx_hdr 24 0 668 20541 0 254 16032 0
malloc-16 16 508 492 3545 0 254 16000 0
malloc-16 16 33 967 46427 0 254 16000 0
kenv 258 17 43 1069 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
tcp_inpcb ports 32 1 377 1 0 254 12096 0
KNOTE 160 0 75 8 0 62 12000 0
malloc-16 16 33 717 77109 0 254 12000 0
malloc-16 16 11 739 14 0 254 12000 0
malloc-16 16 2 748 114 0 254 12000 0
malloc-16 16 6 744 18916 0 254 12000 0
malloc-384 384 11 19 11 0 30 11520 0
malloc-384 384 1 29 1 0 30 11520 0
malloc-384 384 13 17 13 0 30 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 0 2 2 0 2 8192 0
pcpu-16 16 8 504 8 0 254 8192 0
malloc-16 16 1 499 1 0 254 8000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 352 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tcp_rack_pcb 1024 0 0 0 0 16 0 0
tcp_rack_map 128 0 0 0 0 126 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2256 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
udplite_inpcb 424 0 0 0 0 30 0 0
ripcb ports 32 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
netlink 2048 0 0 0 0 8 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIO 208 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 232 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 104 0 0 0 0 126 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 16 0 0
nfspbuf 2624 0 0 0 0 4 0 0
swwbuf 2624 0 0 0 0 2 0 0
swrbuf 2624 0 0 0 0 4 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 366ef17bb6ce UPDATING: add entry for the new loader tunnab..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=15acc30e680000
dashboard link: https://syzkaller.appspot.com/bug?extid=49e2532b9c11ffaa450f
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15baa70e680000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17384cfa680000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+49e253...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xb8
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff819340c8
stack pointer = 0x28:0xfffffe006a2a9a20
frame pointer = 0x28:0xfffffe006a2a9b60
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
executing program
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 38596 (syz-executor3993880)
rdi: 00000000000000b8 rsi: 0000000000000000 rdx: fffff78000000000
rcx: fffffe00033eee30 r8: 0000000000000000 r9: 0000000000000001
rax: fffffe00033eee30 rbx: fffffe006d318380 rbp: fffffe006a2a9b60
r10: 0000000000000000 r11: fffffe006d2ef540 r12: fffffe006a2a9ae0
r13: fffffe006d318380 r14: 0000000000000000 r15: 0000000000002d4e
trap number = 12
panic: page fault
cpuid = 1
time = 1695414029
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe006a2a9150
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe006a2a92b0
vpanic() at vpanic+0x271/frame 0xfffffe006a2a9450
panic() at panic+0xb5/frame 0xfffffe006a2a9510
trap_fatal() at trap_fatal+0x7ee/frame 0xfffffe006a2a9630
trap_pfault() at trap_pfault+0x17b/frame 0xfffffe006a2a9770
trap() at trap+0x5f3/frame 0xfffffe006a2a9950
calltrap() at calltrap+0x8/frame 0xfffffe006a2a9950
--- trap 0xc, rip = 0xffffffff819340c8, rsp = 0xfffffe006a2a9a20, rbp = 0xfffffe006a2a9b60 ---
in_pcbbind_setup() at in_pcbbind_setup+0x898/frame 0xfffffe006a2a9b60
in_pcbbind() at in_pcbbind+0x169/frame 0xfffffe006a2a9ba0
udp_bind() at udp_bind+0x15f/frame 0xfffffe006a2a9be0
sobind() at sobind+0xcb/frame 0xfffffe006a2a9c30
kern_bindat() at kern_bindat+0x275/frame 0xfffffe006a2a9cf0
sys_bind() at sys_bind+0xfe/frame 0xfffffe006a2a9d30
amd64_syscall() at amd64_syscall+0x427/frame 0xfffffe006a2a9f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe006a2a9f30
--- syscall (0, FreeBSD ELF64, syscall), rip = 0x2466ea, rsp = 0x820a8d538, rbp = 0x820a8d560 ---
KDB: enter: panic
[ thread pid 38596 tid 100135 ]
Stopped at kdb_enter+0x6e: movq $0,0x2179eb7(%rip)
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe00033eee30
rdx 0xdffff7c000000000
rbx 0xffffffff826e08a0 .str.28
rsp 0xfffffe006a2a9290
rbp 0xfffffe006a2a92b0
rsi 0x1
rdi 0
r8 0
r9 0xffffffff
r10 0x1
r11 0x1
r12 0
r13 0xfffffe006d2ef020
r14 0xffffffff826e08a0 .str.28
r15 0
rip 0xffffffff815c59de kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x2179eb7(%rip)
db> show proc
Process 38596 (syz-executor3993880) at 0xfffffe006d37a020:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 787 at 0xfffffe0058b3eac0
ABI: FreeBSD ELF64
flag: 0x10000000 flag2: 0
arguments: ./syz-executor3993880381
reaper: 0xfffffe005422b040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe006ce684d0
(map 0xfffffe006ce684d0)
(map.pmap 0xfffffe006ce68590)
(pmap 0xfffffe006ce68600)
threads: 1
100135 Run CPU 1 syz-executor3993880
db> ps
pid ppid pgrp uid state wmesg wchan cmd
38598 778 778 0 L *udphash 0xfffffe0057ad7c00 syz-executor3993880
38597 1 778 0 LE *udphash 0xfffffe0057ad7c00 syz-executor3993880
38596 787 787 0 R CPU 1 syz-executor3993880
38595 776 776 0 L *udphash 0xfffffe0057ad7c00 syz-executor3993880
38594 1 787 0 LE *udphash 0xfffffe0057ad7c00 syz-executor3993880
38591 775 775 0 LE *udphash 0xfffffe0057ad7c00 syz-executor3993880
787 774 787 0 Ss nanslp 0xffffffff83720c41 syz-executor3993880
778 774 778 0 Ss nanslp 0xffffffff83720c40 syz-executor3993880
776 774 776 0 Ss nanslp 0xffffffff83720c40 syz-executor3993880
775 774 775 0 Rs syz-executor3993880
774 772 772 0 S nanslp 0xffffffff83720c41 syz-executor3993880
772 770 772 0 Ss pause 0xfffffe0007c02650 csh
770 682 770 0 Ss select 0xfffffe006cc83f40 sshd
748 1 748 0 Rs+ CPU 0 getty
747 1 747 0 Ss+ ttyin 0xfffffe005876a0b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe005876a4b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe005876a8b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe005876acb0 getty
743 1 743 0 Ss+ ttyin 0xfffffe005876b0b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe005876b4b0 getty
741 1 741 0 Ss+ ttyin 0xfffffe005876b8b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe005876bcb0 getty
686 1 686 0 Ss nanslp 0xffffffff83720c40 cron
682 1 682 0 Ss select 0xfffffe006cc843c0 sshd
495 1 495 0 Ds biowr 0xfffffe0007e0d410 syslogd
424 1 424 0 Ss select 0xfffffe006cc845c0 devd
423 1 423 65 Ss select 0xfffffe006cc84540 dhclient
338 1 338 0 Ss select 0xfffffe006cc844c0 dhclient
335 1 335 0 Ss select 0xfffffe005756d240 dhclient
17 0 0 0 DL syncer 0xffffffff8383e360 [syncer]
16 0 0 0 DL vlruwt 0xfffffe00571d7040 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100079 D psleep 0xffffffff8383c980 [bufdaemon]
100080 D - 0xffffffff82c0a140 [bufspacedaemon-0]
100092 D sdflush 0xfffffe00085fd8e8 [/ worker]
9 0 0 0 DL psleep 0xffffffff838af540 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff838973f8 [dom0]
100081 D launds 0xffffffff83897404 [laundry: dom0]
100082 D umarcl 0xffffffff81d50130 [uma]
7 0 0 0 DL - 0xffffffff834b5c28 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff83f7b3d0 [pf purge]
5 0 0 0 DL waiting 0xffffffff8429b4e0 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff83480340 [doneq0]
100045 D - 0xffffffff834802c0 [async]
100076 D - 0xffffffff83480140 [scanner]
3 0 0 0 DL (threaded) [crypto]
100041 D crypto_ 0xffffffff83892c60 [crypto]
100042 D crypto_ 0xfffffe00540c6d30 [crypto returns 0]
100043 D crypto_ 0xfffffe00540c6d80 [crypto returns 1]
14 0 0 0 DL seqstat 0xfffffe00570f5488 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff836c95e0 [g_event]
100036 D - 0xffffffff836c9600 [g_up]
100037 D - 0xffffffff836c9620 [g_down]
2 0 0 0 WL (threaded) [clock]
100029 I [clock (0)]
100030 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100015 I [swi5: fast taskq]
100031 I [swi1: netisr 0]
100032 I [swi1: hpts]
100033 I [swi1: hpts]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq33: virtio_pci2]
100060 I [irq34: virtio_pci2]
100061 I [irq35: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe005422b040 [init]
10 0 0 0 DL audit_w 0xffffffff838936a0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff836c9fa0 [swapper]
100005 D - 0xfffffe00540da700 [softirq_0]
100006 D - 0xfffffe00540da600 [softirq_1]
100007 D - 0xfffffe00540da500 [if_io_tqg_0]
100008 D - 0xfffffe00540da400 [if_io_tqg_1]
100009 D - 0xfffffe00540da300 [if_config_tqg_0]
100010 D - 0xfffffe00079eee00 [pci_hp taskq]
100011 D - 0xfffffe00079eec00 [kqueue_ctx taskq]
100014 D - 0xfffffe00079ee600 [thread taskq]
100016 D - 0xfffffe00079ee200 [aiod_kick taskq]
100017 D - 0xfffffe00079ee000 [deferred_unmount ta]
100018 D - 0xfffffe00079edd00 [inm_free taskq]
100019 D - 0xfffffe00079edb00 [in6m_free taskq]
100020 D - 0xfffffe00079ed900 [linuxkpi_irq_wq]
100021 D - 0xfffffe00079ed700 [linuxkpi_short_wq_0]
100022 D - 0xfffffe00079ed700 [linuxkpi_short_wq_1]
100023 D - 0xfffffe00079ed700 [linuxkpi_short_wq_2]
100024 D - 0xfffffe00079ed700 [linuxkpi_short_wq_3]
100025 D - 0xfffffe00079ed200 [linuxkpi_long_wq_0]
100026 D - 0xfffffe00079ed200 [linuxkpi_long_wq_1]
100027 D - 0xfffffe00079ed200 [linuxkpi_long_wq_2]
100028 D - 0xfffffe00079ed200 [linuxkpi_long_wq_3]
100034 D - 0xfffffe00079ec600 [firmware taskq]
100039 D - 0xfffffe0054368900 [crypto_0]
100040 D - 0xfffffe0054368900 [crypto_1]
100055 D - 0xfffffe0057232500 [vtnet0 rxq 0]
100056 D - 0xfffffe0057232400 [vtnet0 txq 0]
100057 D - 0xfffffe0057232300 [vtnet0 rxq 1]
100058 D - 0xfffffe0057232200 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe005756f000 [virtio_balloon]
100066 D - 0xffffffff826e59e1 [deadlkres]
100070 D - 0xfffffe00079ec000 [acpi_task_0]
100071 D - 0xfffffe00079ec000 [acpi_task_1]
100072 D - 0xfffffe00079ec000 [acpi_task_2]
100074 D - 0xfffffe00079efa00 [mca taskq]
100075 D - 0xfffffe0054367c00 [CAM taskq]
38599 38591 775 0 Z syz-executor3993880
db> show all locks
Process 38598 (syz-executor3993880) thread 0xfffffe006d2ed3a0 (100139)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006a5b0e20) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1545
Process 38597 (syz-executor3993880) thread 0xfffffe006d2d8c80 (100119)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe0058acb1e0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1621
Process 38596 (syz-executor3993880) thread 0xfffffe006d2ef020 (100135)
exclusive sleep mutex udphash (udphash) r = 0 (0xfffffe0054089e28) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1546
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006cc55e20) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1545
Process 38595 (syz-executor3993880) thread 0xfffffe0058a02000 (100116)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006d316720) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1545
Process 38594 (syz-executor3993880) thread 0xfffffe0058a02720 (100115)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006d3183a0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1621
Process 38591 (syz-executor3993880) thread 0xfffffe006d2ee1e0 (100137)
exclusive rw udpinp (udpinp) r = 0 (0xfffffe0058acb3a0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1621
Process 748 (getty) thread 0xfffffe006a5e91e0 (100110)
exclusive sleep mutex ttymtx (ttymtx) r = 0 (0xfffffe00576c2c08) locked @ /syzkaller/managers/main/kernel/sys/kern/tty_ttydisc.c:487
Process 495 (syslogd) thread 0xfffffe0058a06740 (100095)
exclusive lockmgr bufwait (bufwait) r = 0 (0xfffffe0007e0d490) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:4004
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe006cd8b770) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_syscalls.c:3549
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 7 4801K 7
devbuf 4192 4324K 4220
sysctloid 34926 2058K 34997
vtbuf 24 1968K 46
kobj 326 1304K 488
newblk 123 1055K 851
vfscache 3 1025K 3
pcb 29 675K 37864
inodedep 3 513K 73
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
vnet_data 2 224K 2
acpitask 1 224K 1
subproc 126 222K 38678
acpica 1674 184K 60310
tidhash 3 141K 3
vmem 3 134K 4
linker 352 130K 385
pagedep 1 128K 19
tfo_ccache 1 128K 1
IP reass 1 128K 1
sem 4 106K 4
DEVFS1 105 105K 114
gtaskqueue 18 98K 18
bus 985 81K 5155
mtx_pool 2 72K 2
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 512 64K 512
ddb_capture 1 64K 1
filemon 6 48K 37819
umtx 308 39K 308
kdtrace 189 39K 38741
temp 18 37K 1581
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 124 31K 134
msg 4 30K 4
kbdmux 6 28K 6
DEVFS_RULE 56 20K 56
BPF 10 18K 10
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 97 16K 97
bus-sc 34 15K 1687
eventhandler 161 14K 161
KTRACE 100 13K 100
kenv 95 12K 95
ifaddr 30 12K 32
rman 88 11K 431
GEOM 61 11K 481
routetbl 50 11K 176
CAM queue 5 11K 1528
rpc 4 9K 4
devstat 4 9K 4
UART 12 9K 12
ksem 1 8K 1
bmsafemap 1 8K 44
shmfd 1 8K 1
pfs_vncache 1 8K 1
audit_evclass 238 8K 300
taskqueue 63 7K 63
sglist 6 7K 6
CAM DEV 3 6K 510
cred 22 6K 284
plimit 20 5K 362
pfs_nodes 20 5K 20
hhook 15 5K 17
ufs_dirhash 24 5K 24
UMA 268 5K 268
ifnet 3 5K 3
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
filedesc 1 4K 1
evdev 4 4K 4
acpisem 28 4K 28
ether_multi 40 4K 50
lltable 11 4K 11
pf_ifnet 5 3K 6
kqueue 48 3K 38602
in6_multi 25 3K 25
session 23 3K 36
terminal 11 3K 11
pwddesc 44 3K 38600
clone 9 3K 9
uidinfo 3 3K 9
proc-args 66 3K 39533
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
lockf 16 2K 26
Unitno 27 2K 41
CAM XPT 22 2K 543
msi 12 2K 12
CC Mem 6 2K 18918
toponodes 6 2K 6
selfd 22 2K 246057
ipsecpolicy 2 2K 2
acpidev 20 2K 20
sctp_atcl 3 2K 18911
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 26
NFSD session 1 1K 1
select 7 1K 29
CAM periph 4 1K 271
ipsec 3 1K 3
nhops 6 1K 6
pfil 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
sctp_ifa 5 1K 6
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
DEVFSP 10 1K 37828
inpcbpolicy 19 1K 37961
in_multi 2 1K 4
cdev 2 1K 2
osd 11 1K 18931
chacha20random 1 1K 1
biobuf 1 1K 1
sctp_ifn 2 1K 6
indirdep 1 1K 3
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
lkpikmalloc 5 1K 6
soname 7 1K 60135
cryptodev 2 1K 49
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
freefrag 1 1K 8
netlink 1 1K 1
procdesc 1 1K 6
pmchooks 1 1K 1
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
sctp_atky 3 1K 18911
tun 3 1K 3
sctp_vrf 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
entropy 2 1K 35
acpiintr 1 1K 1
sctp_athm 3 1K 18911
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
freework 1 1K 26
p1003.1b 1 1K 1
filecaps 1 1K 66
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
tcp_do 0 0K 0
tcp_fsb 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 4
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
ixl 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
fpukern_ctx 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
aesni_data 0 0K 0
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 17
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 6
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
newdirblk 0 0K 8
dirrem 0 0K 28
mkdir 0 0K 16
diradd 0 0K 37
freefile 0 0K 26
freeblks 0 0K 25
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
ktls_ocf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpimhi 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 3
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
LRO 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
statfs 0 0K 201
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 8
aio 0 0K 0
lio 0 0K 0
acl 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 0
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
iov 0 0K 32542
ioctlops 0 0K 86
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 288
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 650
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
cache 0 0K 0
kcovinfo 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
md_sectors 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 24798 0 254 38494208 0
mbuf 256 8578 1084 64445 0 254 2473472 0
BUF TRIE 144 184 11632 619 0 62 1701504 0
malloc-384 384 4173 27 4519 0 30 1612800 0
malloc-128 128 11461 257 11510 0 126 1499904 0
malloc-4096 4096 326 2 488 0 2 1343488 0
UMA Slabs 0 112 10647 3 10647 0 126 1192800 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
vmem btag 56 15682 125 15682 0 254 885192 0
socket 960 30 734 58048 0 254 733440 0
FFS inode 1160 487 31 514 0 8 600880 0
sctp_ep 1176 3 507 18911 0 254 599760 0
lkpimm 168 1 3095 1 0 62 520128 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 198 0 0 2 519552 0
RADIX NODE 144 3258 237 145989 0 62 503280 0
malloc-65536 65536 5 2 161 0 1 458752 0
256 Bucket 2048 139 21 1169 0 8 327680 0
malloc-256 256 542 643 2177 0 62 303360 0
malloc-64 64 4063 536 42665 0 254 294336 0
THREAD 1824 140 14 140 0 8 280896 0
malloc-2048 2048 7 129 514 0 8 278528 0
VM OBJECT 264 938 82 217022 0 30 269280 0
VNODE 448 518 58 547 0 30 258048 0
malloc-4096 4096 50 8 38602 0 2 237568 0
malloc-16 16 14456 294 14537 0 254 236000 0
DEVCTL 1024 0 220 123 0 0 225280 0
malloc-32 32 5331 591 44414 0 254 189504 0
UMA Zones 768 240 4 240 0 16 187392 0
malloc-128 128 1188 207 28156 0 126 178560 0
malloc-1024 1024 121 39 1712 0 16 163840 0
FFS2 dinode 256 487 83 513 0 62 145920 0
FPU_save_area 832 142 20 163 0 16 134784 0
S VFS Cache 104 974 313 1015 0 126 133848 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-65536 65536 1 1 9 0 1 131072 0
unpcb 256 7 503 1159 0 254 130560 0
mbuf_packet 256 0 508 19029 0 254 130048 0
malloc-8192 8192 8 7 37821 0 2 122880 0
MAP ENTRY 96 942 318 570166 0 126 120960 0
ksiginfo 112 63 981 18993 0 126 116928 0
malloc-128 128 741 158 1731 0 126 115072 0
PROC 1376 47 30 38599 0 8 105952 0
malloc-128 128 541 234 3901 0 126 99200 0
malloc-32768 32768 3 0 3 0 1 98304 0
malloc-32768 32768 3 0 3 0 1 98304 0
UMA Kegs 384 227 6 227 0 30 89472 0
64 Bucket 512 83 85 4834 0 30 86016 0
128 Bucket 1024 45 38 392 0 16 84992 0
malloc-64 64 569 754 323803 0 254 84672 0
malloc-64 64 562 761 40231 0 254 84672 0
malloc-16384 16384 4 1 164 0 1 81920 0
tcp_inpcb 1304 6 54 18918 0 9 78240 0
filedesc0 1072 47 23 38600 0 8 75040 0
g_bio 408 4 176 5010 0 30 73440 0
malloc-128 128 155 372 433 0 126 67456 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-4096 4096 14 2 226 0 2 65536 0
32 Bucket 256 67 188 2664 0 62 65280 0
malloc-384 384 82 68 18990 0 30 57600 0
malloc-8192 8192 5 2 132 0 1 57344 0
udp_inpcb 424 12 114 19039 0 30 53424 0
malloc-256 256 92 103 742 0 62 49920 0
malloc-256 256 13 182 37835 0 62 49920 0
malloc-256 256 23 172 401 0 62 49920 0
DIRHASH 1024 35 13 35 0 16 49152 0
NAMEI 1024 0 48 163445 0 16 49152 0
malloc-8192 8192 6 0 6 0 1 49152 0
malloc-2048 2048 8 16 19107 0 8 49152 0
malloc-2048 2048 1 23 524 0 8 49152 0
tcp_bbr_pcb 832 3 51 18911 0 16 44928 0
syncache 168 0 264 5 0 254 44352 0
malloc-8192 8192 5 0 5 0 1 40960 0
malloc-4096 4096 8 2 12 0 2 40960 0
VMSPACE 616 30 36 38584 0 16 40656 0
pipe 728 9 46 19192 0 16 40040 0
da_ccb 544 1 69 1389 0 16 38080 0
pcpu-8 8 4291 317 4319 0 254 36864 0
malloc-64 64 33 534 13581 0 254 36288 0
malloc-64 64 160 407 160 0 254 36288 0
malloc-64 64 15 552 22 0 254 36288 0
malloc-128 128 90 189 103 0 126 35712 0
malloc-128 128 2 277 186 0 126 35712 0
malloc-128 128 11 268 11 0 126 35712 0
routing nhops 256 10 125 17 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 9 81 81 0 30 34560 0
malloc-256 256 4 131 447 0 62 34560 0
malloc-256 256 14 121 19 0 62 34560 0
malloc-256 256 24 111 338 0 62 34560 0
malloc-256 256 6 129 25 0 62 34560 0
malloc-8192 8192 3 1 5 0 1 32768 0
malloc-4096 4096 5 3 559 0 2 32768 0
malloc-2048 2048 7 9 16 0 8 32768 0
malloc-2048 2048 4 12 90 0 8 32768 0
malloc-2048 2048 4 12 5 0 8 32768 0
malloc-1024 1024 2 30 13 0 16 32768 0
malloc-1024 1024 16 16 16 0 16 32768 0
malloc-1024 1024 14 18 14 0 16 32768 0
malloc-512 512 1 63 11 0 30 32768 0
malloc-512 512 3 61 179 0 30 32768 0
malloc-512 512 2 62 26 0 30 32768 0
malloc-512 512 9 55 9 0 30 32768 0
pcpu-64 64 487 25 487 0 254 32768 0
ertt_txseginfo 40 1 807 18432 0 254 32320 0
ttyinq 160 135 65 300 0 62 32000 0
Files 80 94 306 233474 0 126 32000 0
PGRP 120 23 241 36 0 126 31680 0
clpbuf 2624 0 12 30 0 4 31488 0
udp_inpcb ports 32 6 876 18753 0 254 28224 0
ertt 72 6 386 18918 0 126 28224 0
malloc-32 32 61 821 38025 0 254 28224 0
malloc-32 32 185 697 1443 0 254 28224 0
malloc-32 32 306 576 381 0 254 28224 0
malloc-32 32 26 856 21862 0 254 28224 0
16 Bucket 144 58 138 1001 0 62 28224 0
4 Bucket 48 7 581 10 0 254 28224 0
TURNSTILE 136 155 34 155 0 62 25704 0
cpuset 200 7 121 7 0 62 25600 0
ripcb 392 1 62 4 0 30 24696 0
malloc-4096 4096 6 0 6 0 2 24576 0
rl_entry 40 27 579 27 0 254 24240 0
PWD 40 10 596 101 0 254 24240 0
rtentry 168 13 131 17 0 62 24192 0
8 Bucket 80 58 242 1827 0 126 24000 0
malloc-384 384 1 59 22 0 30 23040 0
malloc-384 384 28 32 29 0 30 23040 0
Mountpoints 2816 2 6 2 0 4 22528 0
SLEEPQUEUE 88 155 101 155 0 126 22528 0
hostcache 64 1 314 1 0 254 20160 0
malloc-64 64 2 313 19 0 254 20160 0
malloc-64 64 2 313 2 0 254 20160 0
malloc-32 32 6 624 20 0 254 20160 0
malloc-32 32 6 624 19 0 254 20160 0
malloc-32 32 2 628 5 0 254 20160 0
2 Bucket 32 51 579 8124 0 254 20160 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-4096 4096 1 3 2 0 2 16384 0
malloc-2048 2048 0 8 2 0 8 16384 0
malloc-2048 2048 2 6 2 0 8 16384 0
malloc-1024 1024 5 11 5 0 16 16384 0
malloc-1024 1024 8 8 8 0 16 16384 0
malloc-1024 1024 1 15 1 0 16 16384 0
malloc-1024 1024 2 14 2 0 16 16384 0
malloc-512 512 2 30 2 0 30 16384 0
malloc-512 512 0 32 1 0 30 16384 0
malloc-512 512 1 31 1 0 30 16384 0
malloc-512 512 2 30 2 0 30 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
sctp_laddr 48 0 336 4 0 254 16128 0
vtnet_tx_hdr 24 0 668 20541 0 254 16032 0
malloc-16 16 508 492 3545 0 254 16000 0
malloc-16 16 33 967 46427 0 254 16000 0
kenv 258 17 43 1069 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
tcp_inpcb ports 32 1 377 1 0 254 12096 0
KNOTE 160 0 75 8 0 62 12000 0
malloc-16 16 33 717 77109 0 254 12000 0
malloc-16 16 11 739 14 0 254 12000 0
malloc-16 16 2 748 114 0 254 12000 0
malloc-16 16 6 744 18916 0 254 12000 0
malloc-384 384 11 19 11 0 30 11520 0
malloc-384 384 1 29 1 0 30 11520 0
malloc-384 384 13 17 13 0 30 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 0 2 2 0 2 8192 0
pcpu-16 16 8 504 8 0 254 8192 0
malloc-16 16 1 499 1 0 254 8000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 352 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tcp_rack_pcb 1024 0 0 0 0 16 0 0
tcp_rack_map 128 0 0 0 0 126 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2256 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
udplite_inpcb 424 0 0 0 0 30 0 0
ripcb ports 32 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
netlink 2048 0 0 0 0 8 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIO 208 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 232 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 104 0 0 0 0 126 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 16 0 0
nfspbuf 2624 0 0 0 0 4 0 0
swwbuf 2624 0 0 0 0 2 0 0
swrbuf 2624 0 0 0 0 4 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Gleb Smirnoff
Jan 25, 2024, 11:29:42 AMJan 25
to syzkaller-freebsd-bugs
#syz fix: inpcb: reoder inpcb destruction
пятница, 22 сентября 2023 г. в 13:22:53 UTC-7, syzbot:
Reply all
Reply to author
Forward
0 new messages