panic: in_pcblookup_hash_locked: invalid local address (2)
3 views
Skip to first unread message
syzbot
Mar 7, 2023, 6:31:45 PM3/7/23
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: d71a00e9f5db arm64: ofw: respect the nonposted-mmio prop i..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=16d70c92c80000
dashboard link: https://syzkaller.appspot.com/bug?extid=81ccc423a2737ed031ac
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+81ccc4...@syzkaller.appspotmail.com
panic: in_pcblookup_hash_locked: invalid local address
cpuid = 1
time = 1678231845
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe00995d5dd0
kdb_backtrace() at kdb_backtrace+0xd1/frame 0xfffffe00995d5f30
vpanic() at vpanic+0x254/frame 0xfffffe00995d6010
panic() at panic+0xb5/frame 0xfffffe00995d60d0
in_pcblookup_hash_locked() at in_pcblookup_hash_locked+0xf32/frame 0xfffffe00995d6210
in_pcb_lport_dest() at in_pcb_lport_dest+0x476/frame 0xfffffe00995d62d0
in_pcbconnect_setup() at in_pcbconnect_setup+0x7e5/frame 0xfffffe00995d6430
udp_send() at udp_send+0x18a2/frame 0xfffffe00995d6650
udp6_send() at udp6_send+0x76d/frame 0xfffffe00995d6940
sosend_dgram() at sosend_dgram+0x69b/frame 0xfffffe00995d69c0
sousrsend() at sousrsend+0x115/frame 0xfffffe00995d6a50
kern_sendit() at kern_sendit+0x596/frame 0xfffffe00995d6bc0
sendit() at sendit+0x14b/frame 0xfffffe00995d6c10
sys_sendto() at sys_sendto+0x182/frame 0xfffffe00995d6d30
amd64_syscall() at amd64_syscall+0x410/frame 0xfffffe00995d6f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00995d6f30
--- syscall (198, FreeBSD ELF64, __syscall), rip = 0x28e66a, rsp = 0x82fb82f08, rbp = 0x82fb82f70 ---
KDB: enter: panic
[ thread pid 57995 tid 165348 ]
Stopped at kdb_enter+0x6b: movq $0,0x25788aa(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe009608c000
rdx 0x3ffff
rbx 0
rsp 0xfffffe00995d5f10
rbp 0xfffffe00995d5f30
rsi 0x40001
rdi 0xffffffff817283b8 printf+0x158
r8 0
r9 0xffffffff
r10 0
r11 0x790863d9
r12 0
r13 0xfffffe009af69560
r14 0xffffffff82af7b00 .str.26
r15 0xffffffff82af7b00 .str.26
rip 0xffffffff817181eb kdb_enter+0x6b
rflags 0x46
kdb_enter+0x6b: movq $0,0x25788aa(%rip)
db> show proc
Process 57995 (syz-executor.3) at 0xfffffe009b089568:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 780 at 0xfffffe0058d12008
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.3 exec
reaper: 0xfffffe00541ea010 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe009b01f000
(map 0xfffffe009b01f000)
(map.pmap 0xfffffe009b01f0c0)
(pmap 0xfffffe009b01f130)
threads: 2
165240 RunQ syz-executor.3
165348 Run CPU 1 syz-executor.3
db> ps
pid ppid pgrp uid state wmesg wchan cmd
57995 780 780 0 R (threaded) syz-executor.3
165240 RunQ syz-executor.3
165348 Run CPU 1 syz-executor.3
57994 777 777 0 RE CPU 0 syz-executor.0
57992 782 782 0 R (threaded) syz-executor.2
165336 RunQ syz-executor.2
165342 S uwait 0xfffffe0099602900 syz-executor.2
165346 RunQ syz-executor.2
55859 1 777 0 S uwait 0xfffffe0099602a80 syz-executor.0
55708 1 782 0 S uwait 0xfffffe00574a4200 syz-executor.2
54977 1 782 0 S uwait 0xfffffe009a359a00 syz-executor.2
54913 1 780 0 S uwait 0xfffffe005789bc00 syz-executor.3
52850 1 777 0 SV uwait 0xfffffe0099602300 syz-executor.0
52841 1 777 0 SV uwait 0xfffffe009a37c980 syz-executor.0
52831 1 777 0 SV uwait 0xfffffe0099601800 syz-executor.0
52738 1 782 0 S uwait 0xfffffe009a37ca80 syz-executor.2
52734 1 782 0 S uwait 0xfffffe009a357100 syz-executor.2
52727 1 782 0 S uwait 0xfffffe005789b400 syz-executor.2
52725 1 782 0 S uwait 0xfffffe009a359900 syz-executor.2
52719 1 782 0 S uwait 0xfffffe009a359800 syz-executor.2
52715 1 782 0 S uwait 0xfffffe0099601c80 syz-executor.2
52707 1 782 0 S uwait 0xfffffe0056fe0a00 syz-executor.2
52702 1 782 0 S uwait 0xfffffe005789bb00 syz-executor.2
52696 1 782 0 S uwait 0xfffffe0099602b80 syz-executor.2
52676 1 782 0 S uwait 0xfffffe0056fe0e80 syz-executor.2
52671 1 782 0 S uwait 0xfffffe005789b800 syz-executor.2
52666 1 782 0 S uwait 0xfffffe0099602c80 syz-executor.2
52659 1 782 0 S uwait 0xfffffe00574a3500 syz-executor.2
52649 1 782 0 S uwait 0xfffffe0099601b80 syz-executor.2
52642 1 782 0 S uwait 0xfffffe009a359500 syz-executor.2
52583 1 777 0 S uwait 0xfffffe0099601500 syz-executor.0
52579 1 777 0 S uwait 0xfffffe005789b500 syz-executor.0
52576 1 777 0 S uwait 0xfffffe00574a3000 syz-executor.0
52569 1 777 0 S uwait 0xfffffe0099602100 syz-executor.0
43266 1 782 0 S uwait 0xfffffe005789c280 syz-executor.2
43261 1 782 0 S uwait 0xfffffe0099601600 syz-executor.2
43259 1 782 0 S uwait 0xfffffe0099601100 syz-executor.2
40408 1 777 0 S uwait 0xfffffe00574a5b80 syz-executor.0
40397 1 777 0 S uwait 0xfffffe0099601000 syz-executor.0
40389 1 777 0 S uwait 0xfffffe00574a3100 syz-executor.0
27142 0 0 0 DL - 0xffffffff83c35e40 [accounting]
15080 1 782 0 S uwait 0xfffffe00574a5d80 syz-executor.2
15077 1 782 0 S uwait 0xfffffe005789ba00 syz-executor.2
15073 1 782 0 S uwait 0xfffffe0099602500 syz-executor.2
15072 1 782 0 S uwait 0xfffffe0056fe0c80 syz-executor.2
15069 1 782 0 S uwait 0xfffffe0056fe0b00 syz-executor.2
12480 1 777 0 S uwait 0xfffffe005789c400 syz-executor.0
11491 1 11491 65 Ss select 0xfffffe0092351f40 dhclient
8657 1 8657 0 Ss select 0xfffffe0058b18dc0 dhclient
8654 1 8654 0 Ss select 0xfffffe0058b18d40 dhclient
8635 1 8635 65 Ss select 0xfffffe00578797c0 dhclient
7301 1 7301 0 Ss select 0xfffffe0092571840 dhclient
7298 1 7298 0 Ss select 0xfffffe00923510c0 dhclient
7279 1 7279 65 Ss select 0xfffffe0092571ec0 dhclient
6120 1 780 0 S uwait 0xfffffe0099602800 syz-executor.3
6110 1 780 0 S uwait 0xfffffe0056fe0800 syz-executor.3
6105 1 780 0 S uwait 0xfffffe0056fe0700 syz-executor.3
3654 1 3654 0 Ss select 0xfffffe0092350ac0 dhclient
3651 1 3651 0 Ss select 0xfffffe00923507c0 dhclient
3621 1 3621 65 Ss select 0xfffffe00925718c0 dhclient
1550 1 1550 0 Ss select 0xfffffe00923506c0 dhclient
1543 1 1543 0 Ss select 0xfffffe0092572340 dhclient
859 0 0 0 DL aiordy 0xfffffe0058d13ac0 [aiod4]
858 0 0 0 DL aiordy 0xfffffe0058d13568 [aiod3]
857 0 0 0 DL aiordy 0xfffffe00579b2560 [aiod2]
856 0 0 0 DL aiordy 0xfffffe00579b3010 [aiod1]
782 774 782 0 Ss nanslp 0xffffffff83c5e201 syz-executor.2
780 774 780 0 Ss nanslp 0xffffffff83c5e201 syz-executor.3
778 774 778 0 Ss nanslp 0xffffffff83c5e201 syz-executor.1
777 774 777 0 Ss nanslp 0xffffffff83c5e201 syz-executor.0
774 772 772 0 S (threaded) syz-fuzzer
100113 S uwait 0xfffffe00574a3d80 syz-fuzzer
100114 S uwait 0xfffffe005789d480 syz-fuzzer
100115 S wait 0xfffffe0058d14570 syz-fuzzer
100116 S uwait 0xfffffe005789c800 syz-fuzzer
100117 S uwait 0xfffffe00574a3e80 syz-fuzzer
100118 S uwait 0xfffffe00574a4000 syz-fuzzer
100119 S wait 0xfffffe0058d14570 syz-fuzzer
100120 S wait 0xfffffe0058d14570 syz-fuzzer
100121 S wait 0xfffffe0058d14570 syz-fuzzer
100122 S uwait 0xfffffe005789cb00 syz-fuzzer
100130 S uwait 0xfffffe00574a5c80 syz-fuzzer
100142 S uwait 0xfffffe005789c700 syz-fuzzer
101491 S kqread 0xfffffe00085f4600 syz-fuzzer
159100 S uwait 0xfffffe0099601a80 syz-fuzzer
772 770 772 0 Ss pause 0xfffffe00579b4620 csh
770 688 770 0 Ss select 0xfffffe0092571d40 sshd
754 1 754 0 Ss+ ttyin 0xfffffe00574794b0 getty
753 1 753 0 Ss+ ttyin 0xfffffe00586ef8b0 getty
752 1 752 0 Ss+ ttyin 0xfffffe00586f00b0 getty
751 1 751 0 Ss+ ttyin 0xfffffe00586f08b0 getty
750 1 750 0 Ss+ ttyin 0xfffffe0007b500b0 getty
749 1 749 0 Ss+ ttyin 0xfffffe0007b508b0 getty
748 1 748 0 Ss+ ttyin 0xfffffe0007b520b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe0007b528b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe0007b530b0 getty
692 1 692 0 Ss nanslp 0xffffffff83c5e200 cron
688 1 688 0 Ss select 0xfffffe0092572140 sshd
501 1 501 0 Ss select 0xfffffe0092572540 syslogd
430 1 430 0 Ss select 0xfffffe00925729c0 devd
429 1 429 65 Ss select 0xfffffe00925725c0 dhclient
344 1 344 0 Ss select 0xfffffe0092572840 dhclient
341 1 341 0 Ss select 0xfffffe00923522c0 dhclient
17 0 0 0 DL syncer 0xffffffff83d836a0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe0056f91000 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100079 D psleep 0xffffffff83d81cc0 [bufdaemon]
100082 D - 0xffffffff83012180 [bufspacedaemon-0]
100095 D sdflush 0xfffffe0058c67ce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83db9400 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff83dad2b8 [dom0]
100080 D launds 0xffffffff83dad2c4 [laundry: dom0]
100081 D umarcl 0xffffffff81e7c390 [uma]
7 0 0 0 DL - 0xffffffff83a2be48 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff8438c270 [pf purge]
5 0 0 0 DL waiting 0xffffffff84814f80 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff838ce340 [doneq0]
100045 D - 0xffffffff838ce2c0 [async]
100076 D - 0xffffffff838ce140 [scanner]
14 0 0 0 DL seqstat 0xfffffe0056ee5c88 [sequencer 00]
3 0 0 0 DL (threaded) [crypto]
100040 D crypto_ 0xffffffff83da8b60 [crypto]
100041 D crypto_ 0xfffffe0007b63030 [crypto returns 0]
100042 D crypto_ 0xfffffe0007b63080 [crypto returns 1]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff83c33640 [g_event]
100036 D - 0xffffffff83c33660 [g_up]
100037 D - 0xffffffff83c33680 [g_down]
2 0 0 0 WL (threaded) [clock]
100030 I [clock (0)]
100031 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100010 I [swi5: fast taskq]
100013 I [swi6: task queue]
100018 I [swi6: Giant taskq]
100029 I [swi1: netisr 0]
100032 I [swi1: hpts]
100033 I [swi1: hpts]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq33: virtio_pci2]
100060 I [irq34: virtio_pci2]
100061 I [irq35: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe00541ea010 [init]
10 0 0 0 DL audit_w 0xffffffff83da95a0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff83c34060 [swapper]
100005 D - 0xfffffe005409e000 [if_config_tqg_0]
100006 D - 0xfffffe005409de00 [softirq_0]
100007 D - 0xfffffe005409dd00 [softirq_1]
100008 D - 0xfffffe005409dc00 [if_io_tqg_0]
100009 D - 0xfffffe005409db00 [if_io_tqg_1]
100011 D - 0xfffffe00085f2500 [kqueue_ctx taskq]
100012 D - 0xfffffe00085f2400 [pci_hp taskq]
100014 D - 0xfffffe00085f2100 [inm_free taskq]
100015 D - 0xfffffe00085f2000 [aiod_kick taskq]
100016 D - 0xfffffe00085f1e00 [in6m_free taskq]
100017 D - 0xfffffe00085f1d00 [deferred_unmount ta]
100019 D - 0xfffffe00085f1a00 [thread taskq]
100020 D - 0xfffffe00085f1900 [linuxkpi_irq_wq]
100021 D - 0xfffffe00085f1800 [linuxkpi_short_wq_0]
100022 D - 0xfffffe00085f1800 [linuxkpi_short_wq_1]
100023 D - 0xfffffe00085f1800 [linuxkpi_short_wq_2]
100024 D - 0xfffffe00085f1800 [linuxkpi_short_wq_3]
100025 D - 0xfffffe00085f1700 [linuxkpi_long_wq_0]
100026 D - 0xfffffe00085f1700 [linuxkpi_long_wq_1]
100027 D - 0xfffffe00085f1700 [linuxkpi_long_wq_2]
100028 D - 0xfffffe00085f1700 [linuxkpi_long_wq_3]
100034 D - 0xfffffe00085f1200 [firmware taskq]
100038 D - 0xfffffe00085f0700 [crypto_0]
100039 D - 0xfffffe00085f0700 [crypto_1]
100055 D - 0xfffffe0056fdbe00 [vtnet0 rxq 0]
100056 D - 0xfffffe0056fdbd00 [vtnet0 txq 0]
100057 D - 0xfffffe0056fdbc00 [vtnet0 rxq 1]
100058 D - 0xfffffe0056fdbb00 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe0056f45000 [virtio_balloon]
100066 D - 0xffffffff82afca41 [deadlkres]
100070 D - 0xfffffe00085f4100 [mca taskq]
100071 D - 0xfffffe00085f0200 [acpi_task_0]
100072 D - 0xfffffe00085f0200 [acpi_task_1]
100073 D - 0xfffffe00085f0200 [acpi_task_2]
100075 D - 0xfffffe00085f0000 [CAM taskq]
57993 778 778 0 Z syz-executor.1
db> show all locks
Process 57995 (syz-executor.3) thread 0xfffffe009af69560 (165348)
exclusive sleep mutex udphash (udphash) r = 0 (0xfffffe0054049da8) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1254
exclusive rw udpinp (udpinp) r = 0 (0xfffffe0058d891d0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1098
Process 57994 (syz-executor.0) thread 0xfffffe009b09aac0 (164992)
shared sx filedesc structure (filedesc structure) r = 0 (0xfffffe009b05f450) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_mqueue.c:2478
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 7 4801K 7
devbuf 4216 4323K 4244
sysctloid 34725 2046K 34796
vtbuf 24 1968K 46
kobj 330 1320K 493
newblk 16 1028K 58238
vfscache 3 1025K 3
pcb 299 847K 244649
inodedep 749 793K 57285
filedesc 98 778K 113933
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 225 458K 58124
vmem 3 274K 6
dirrem 737 185K 57161
acpica 1674 184K 58126
tidhash 3 141K 3
pagedep 11 131K 57009
tfo_ccache 1 128K 1
IP reass 1 128K 1
linker 324 127K 361
sctp_stro 121 121K 26290
vnet_data 1 112K 1
DEVFS1 109 109K 126
sem 4 106K 4
sctp_atcl 259 98K 149904
freefile 737 93K 57117
BPF 46 88K 879
bus 1000 82K 5215
mtx_pool 2 72K 2
NFSD srvcache 3 68K 3
syncache 1 68K 1
module 513 65K 513
acpitask 1 64K 1
ddb_capture 1 64K 1
kdtrace 309 58K 123345
umtx 462 58K 462
temp 36 53K 3667
shm 7 44K 137
sctp_timw 163 41K 163
DEVFS3 128 32K 138
hostcache 1 32K 1
msg 4 30K 4
kbdmux 6 28K 6
gtaskqueue 18 26K 18
ifaddr 70 20K 72
DEVFS_RULE 56 20K 56
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
sctp_atky 380 16K 177987
routetbl 130 16K 410
ithread 97 16K 97
bus-sc 34 15K 1682
lltable 44 14K 156
eventhandler 154 13K 154
KTRACE 102 13K 3975
ifnet 7 13K 7
ether_multi 152 13K 167
kenv 95 12K 95
rman 88 11K 431
GEOM 61 11K 481
CAM queue 5 11K 1528
kqueue 105 9K 58026
in6_multi 65 9K 65
bmsafemap 2 9K 57255
rpc 4 9K 4
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 95
shmfd 1 8K 351
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 237 8K 296
cred 28 7K 347
taskqueue 63 7K 63
pwddesc 102 7K 58219
sglist 5 7K 5
CAM DEV 3 6K 510
plimit 24 6K 523
ufs_dirhash 24 5K 24
pf_ifnet 11 5K 20
session 35 5K 56
UMA 267 5K 267
DEVFSP 68 5K 2485
vt 11 5K 11
proc-args 132 5K 59458
sctp_athm 259 5K 153718
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
sctp_map 242 4K 52230
acpisem 28 4K 28
selfd 55 4K 763671
lockf 32 4K 462
hhook 15 4K 17
kcovinfo 52 4K 52
terminal 11 3K 11
CC Mem 21 3K 8681
select 19 3K 107
uidinfo 4 3K 21
clone 9 3K 9
local_apic 1 2K 1
io_apic 1 2K 1
fpukern_ctx 2 2K 2
ipsec-saq 2 2K 2
ip6ndp 12 2K 13
Unitno 31 2K 61
sctp_ifa 13 2K 14
CAM XPT 22 2K 543
msi 12 2K 12
in_multi 6 2K 9
ipsecpolicy 2 2K 2
acpidev 20 2K 20
tcp_fsb 9 2K 2981
tun 7 2K 7
freework 5 2K 56997
inpcbpolicy 33 2K 12317
NFSD session 1 1K 1
softdep 1 1K 1
mkdir 8 1K 113974
freeblks 4 1K 56974
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 128
CAM periph 4 1K 271
sctp_ifn 6 1K 14
ipsec 3 1K 3
newdirblk 6 1K 56987
mld 6 1K 6
igmp 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
osd 25 1K 8688
crypto 4 1K 687
encap_export_host 12 1K 12
procdesc 5 1K 18
diradd 4 1K 57202
pfil 4 1K 4
cdev 2 1K 2
pf_rule 3 1K 33
chacha20random 1 1K 1
sctp_aadr 4 1K 13
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
indirdep 1 1K 23
vnodes 1 1K 1
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
soname 5 1K 79424
cryptodev 2 1K 2198
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
netlink 1 1K 1
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
aio 4 1K 23
pmchooks 1 1K 1
filecaps 5 1K 130
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 48
pmc 1 1K 1
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
mqdata 0 0K 0
tcp_do 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 73682
sctp_iter 0 0K 137
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 125
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 12
sctp_stri 0 0K 2616
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
pf_table 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
filemon 0 0K 182
newnfsclient_req 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
ixl 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
xen_intr 0 0K 0
NFSD V4lock 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
NFSD V4state 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
msdosfs_node 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
DEVFS4 0 0K 0
vm_fictitious 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
scsi_pass 0 0K 0
ciss_data 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
UMAHash 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 50342
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 62
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 136
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
ktls_ocf 0 0K 0
scsi_cd 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 122
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
LRO 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 19
in_mfilter 0 0K 1
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 71
VN POLL 0 0K 0
USB 0 0K 0
statfs 0 0K 57435
namei_tracker 0 0K 6
export_host 0 0K 0
cl_savebuf 0 0K 31
agp 0 0K 0
nvme_da 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
twsbuf 0 0K 0
twe_commands 0 0K 0
tcp_log_dev 0 0K 448
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
biobuf 0 0K 0
lio 0 0K 141
acl 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 54946
ioctlops 0 0K 1078
eventfd 0 0K 104
Witness 0 0K 0
stack 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
MPRSAS 0 0K 0
SWAP 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sysctltmp 0 0K 1037
sysctl 0 0K 3
md_sectors 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
cache 0 0K 0
aacraidcam 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 4
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
boottrace 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8361 1037 1150475 0 254 38494208 0
sctp_asoc 2256 121 1659 26115 0 254 4015680 0
malloc-2048 2048 144 1356 121878 0 9 3072000 0
mbuf 256 9041 1628 1987459 0 254 2731264 0
malloc-384 384 4865 1555 61416 0 30 2465280 0
sctp_ep 1176 138 1902 121872 0 254 2399040 0
RADIX NODE 144 15351 352 1019947 0 66 2261232 0
tcp_log 416 14 5323 14267 0 254 2220192 0
mbuf_cluster 2048 1016 0 1016 0 254 2080768 0
pbuf 2624 0 778 0 0 2 2041472 0
BUF TRIE 144 203 11585 1870 0 62 1697472 0
malloc-128 128 11465 253 68888 0 126 1499904 0
malloc-1024 1024 124 1284 26276 0 16 1441792 0
malloc-4096 4096 332 4 510 0 2 1376256 0
UMA Slabs 0 112 12182 16 12182 0 126 1366176 0
sctp_raddr 736 121 1661 26160 0 254 1311552 0
vmem btag 56 21353 70 21353 0 254 1199688 0
malloc-384 384 260 2590 149905 0 30 1094400 0
malloc-16384 16384 49 5 56965 0 1 884736 0
VM OBJECT 264 3042 78 1124185 0 30 823680 0
socket 960 76 688 136617 0 254 733440 0
FFS inode 1160 559 36 57677 0 8 690200 0
malloc-256 256 212 2338 116320 0 62 652800 0
malloc-256 256 869 1621 115307 0 62 637440 0
256 Bucket 2048 255 17 4861 0 8 557056 0
MAP ENTRY 96 4768 398 2905576 0 126 495936 0
malloc-4096 4096 110 4 58005 0 2 466944 0
THREAD 1824 205 26 65348 0 8 421344 0
malloc-256 256 225 1395 236249 0 62 414720 0
malloc-65536 65536 6 0 6 0 1 393216 0
lkpimm 168 1 2327 1 0 62 391104 0
lkpicurr 168 2 2326 2 0 62 391104 0
VNODE 448 600 93 57720 0 30 310464 0
malloc-128 128 771 1647 114484 0 126 309504 0
malloc-64 64 3855 240 3892 0 254 262080 0
mbuf_packet 256 157 859 103641 0 254 260096 0
malloc-16 16 14385 615 23103 0 254 240000 0
malloc-256 256 210 720 67760 0 62 238080 0
VMSPACE 2560 80 13 57972 0 4 238080 0
malloc-32768 32768 2 5 11 0 1 229376 0
DEVCTL 1024 0 220 152 0 0 225280 0
tcp_inpcb 1288 21 141 8676 0 8 208656 0
FPU_save_area 832 207 36 72383 0 16 202176 0
malloc-65536 65536 1 2 142 0 1 196608 0
malloc-128 128 1237 282 14722 0 126 194432 0
sctp_chunk 152 129 1145 4713 0 254 193648 0
UMA Zones 768 239 0 239 0 16 183552 0
malloc-32 32 5262 408 5320 0 254 181440 0
malloc-128 128 1205 190 27380 0 126 178560 0
PROC 1368 102 19 57995 0 8 165528 0
malloc-2048 2048 6 74 513 0 8 163840 0
malloc-1024 1024 134 26 151 0 16 163840 0
FFS2 dinode 256 559 71 57676 0 62 161280 0
malloc-64 64 764 1567 88823 0 254 149184 0
S VFS Cache 104 1029 375 59497 0 126 146016 0
filedesc0 1072 102 24 58219 0 8 135072 0
128 Bucket 1024 88 43 11363 0 16 134144 0
malloc-65536 65536 0 2 442 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
unpcb 256 20 490 2369 0 254 130560 0
64 Bucket 512 165 67 16694 0 30 118784 0
sctp_stream_msg_out 112 116 928 6577 0 254 116928 0
ksiginfo 112 111 933 7248 0 126 116928 0
malloc-32 32 370 3032 212496 0 254 108864 0
malloc-4096 4096 22 4 74 0 2 106496 0
ertt_txseginfo 40 0 2626 80965 0 254 105040 0
pipe 728 23 109 2601 0 16 96096 0
malloc-256 256 215 160 58863 0 62 96000 0
32 Bucket 256 225 150 17615 0 62 96000 0
malloc-8192 8192 5 6 214 0 1 90112 0
UMA Kegs 384 225 8 225 0 30 89472 0
syncache 168 0 528 6 0 254 88704 0
clpbuf 2624 0 32 54 0 16 83968 0
tcp_bbr_map 128 0 651 2243 0 126 83328 0
malloc-128 128 352 299 114891 0 126 83328 0
malloc-16384 16384 3 2 5 0 1 81920 0
malloc-384 384 187 23 302 0 30 80640 0
sctp_readq 152 0 520 404 0 254 79040 0
malloc-8192 8192 8 1 10 0 1 73728 0
g_bio 408 0 180 11861 0 30 73440 0
udplite_inpcb 448 0 153 593 0 30 68544 0
malloc-65536 65536 0 1 8 0 1 65536 0
Files 80 256 544 222975 0 126 64000 0
ripcb 416 5 148 1535 0 30 63648 0
malloc-16 16 617 3133 236751 0 254 60000 0
malloc-4096 4096 14 0 25 0 2 57344 0
udp_inpcb 448 7 119 1513 0 30 56448 0
malloc-16 16 441 3059 112122 0 254 56000 0
malloc-64 64 282 537 881511 0 254 52416 0
malloc-64 64 514 305 1166 0 254 52416 0
DIRHASH 1024 35 13 35 0 16 49152 0
NAMEI 1024 0 48 252488 0 16 49152 0
malloc-16384 16384 3 0 13 0 1 49152 0
malloc-2048 2048 9 15 569 0 8 49152 0
malloc-512 512 22 74 992 0 30 49152 0
tcp_rack_pcb 896 9 45 2981 0 16 48384 0
16 Bucket 144 235 101 1879 0 62 48384 0
tcp_bbr_pcb 832 6 48 1922 0 16 44928 0
TURNSTILE 136 232 83 232 0 62 42840 0
pcpu-8 8 4708 412 10674 0 254 40960 0
da_ccb 544 0 70 3092 0 16 38080 0
malloc-64 64 61 506 1852 0 254 36288 0
malloc-64 64 36 531 22520 0 254 36288 0
malloc-64 64 219 348 241 0 254 36288 0
malloc-64 64 182 385 2618 0 254 36288 0
8 Bucket 80 71 379 12263 0 126 36000 0
malloc-128 128 51 228 926 0 126 35712 0
malloc-128 128 42 237 6372 0 126 35712 0
malloc-128 128 57 222 313 0 126 35712 0
routing nhops 256 27 108 34 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 52 38 374 0 30 34560 0
malloc-256 256 7 128 481 0 62 34560 0
malloc-256 256 30 105 1458 0 62 34560 0
malloc-256 256 27 108 283 0 62 34560 0
SLEEPQUEUE 88 232 152 232 0 126 33792 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 0 1 120 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-8192 8192 4 0 4 0 1 32768 0
malloc-8192 8192 2 2 144 0 1 32768 0
malloc-8192 8192 1 3 13 0 1 32768 0
malloc-4096 4096 4 4 25 0 2 32768 0
malloc-4096 4096 2 6 58060 0 2 32768 0
malloc-2048 2048 3 13 755 0 8 32768 0
malloc-2048 2048 9 7 22 0 8 32768 0
malloc-2048 2048 3 13 204 0 8 32768 0
malloc-1024 1024 2 30 37 0 16 32768 0
malloc-1024 1024 12 20 13 0 16 32768 0
malloc-1024 1024 7 25 2211 0 16 32768 0
malloc-1024 1024 2 30 19 0 16 32768 0
malloc-1024 1024 8 24 8 0 16 32768 0
malloc-1024 1024 4 28 354 0 16 32768 0
malloc-512 512 1 63 289 0 30 32768 0
malloc-512 512 0 64 445 0 30 32768 0
malloc-512 512 2 62 2667 0 30 32768 0
pcpu-64 64 497 15 497 0 254 32768 0
KNOTE 160 28 172 403637 0 62 32000 0
ttyinq 160 135 65 300 0 62 32000 0
tcp_rack_map 120 0 264 924 0 126 31680 0
cpuset 104 7 272 34 0 126 29016 0
sctp_laddr 48 108 480 7435 0 254 28224 0
tcp_inpcb ports 32 2 880 1492 0 254 28224 0
ertt 72 21 371 8676 0 126 28224 0
PWD 32 60 822 57031 0 254 28224 0
malloc-32 32 298 584 14009 0 254 28224 0
4 Bucket 48 7 581 1315 0 254 28224 0
AIO 208 0 133 150 0 62 27664 0
malloc-8192 8192 3 0 3 0 1 24576 0
malloc-8192 8192 1 2 5 0 1 24576 0
PGRP 88 35 241 56 0 126 24288 0
rl_entry 40 118 488 118 0 254 24240 0
rtentry 168 30 114 34 0 62 24192 0
itimer 352 0 66 41 0 30 23232 0
malloc-384 384 23 37 148 0 30 23040 0
malloc-384 384 12 48 12 0 30 23040 0
malloc-384 384 0 60 349 0 30 23040 0
domainset 40 0 567 21 0 254 22680 0
hostcache 64 2 313 2 0 254 20160 0
udplite_inpcb ports 32 0 630 17 0 254 20160 0
udp_inpcb ports 32 3 627 120 0 254 20160 0
malloc-32 32 113 517 361 0 254 20160 0
malloc-32 32 173 457 53583 0 254 20160 0
malloc-32 32 34 596 8138 0 254 20160 0
malloc-32 32 47 583 966 0 254 20160 0
malloc-32 32 16 614 17 0 254 20160 0
2 Bucket 32 64 566 6071 0 254 20160 0
cryptop 280 0 70 58 0 30 19600 0
AIOCB 552 0 35 538 0 16 19320 0
AIOLIO 272 0 70 141 0 30 19040 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 0 1 160 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 2 2 6 0 2 16384 0
malloc-2048 2048 0 8 573 0 8 16384 0
malloc-2048 2048 2 6 4 0 8 16384 0
malloc-512 512 2 30 2 0 30 16384 0
malloc-512 512 0 32 1 0 30 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
vtnet_tx_hdr 24 0 668 623515 0 254 16032 0
kenv 258 15 45 1054 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
malloc-16 16 10 740 456 0 254 12000 0
malloc-16 16 13 737 26294 0 254 12000 0
malloc-16 16 81 669 24849 0 254 12000 0
malloc-16 16 32 718 155 0 254 12000 0
malloc-16 16 4 746 6 0 254 12000 0
L VFS Cache 320 0 36 1 0 30 11520 0
malloc-384 384 1 29 1 0 30 11520 0
Mountpoints 2816 2 2 2 0 4 11264 0
pcpu-16 16 4 252 4 0 254 4096 0
UMA Slabs 1 176 9 13 9 0 62 3872 0
KMAP ENTRY 96 12 27 14 0
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: d71a00e9f5db arm64: ofw: respect the nonposted-mmio prop i..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=16d70c92c80000
dashboard link: https://syzkaller.appspot.com/bug?extid=81ccc423a2737ed031ac
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+81ccc4...@syzkaller.appspotmail.com
panic: in_pcblookup_hash_locked: invalid local address
cpuid = 1
time = 1678231845
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe00995d5dd0
kdb_backtrace() at kdb_backtrace+0xd1/frame 0xfffffe00995d5f30
vpanic() at vpanic+0x254/frame 0xfffffe00995d6010
panic() at panic+0xb5/frame 0xfffffe00995d60d0
in_pcblookup_hash_locked() at in_pcblookup_hash_locked+0xf32/frame 0xfffffe00995d6210
in_pcb_lport_dest() at in_pcb_lport_dest+0x476/frame 0xfffffe00995d62d0
in_pcbconnect_setup() at in_pcbconnect_setup+0x7e5/frame 0xfffffe00995d6430
udp_send() at udp_send+0x18a2/frame 0xfffffe00995d6650
udp6_send() at udp6_send+0x76d/frame 0xfffffe00995d6940
sosend_dgram() at sosend_dgram+0x69b/frame 0xfffffe00995d69c0
sousrsend() at sousrsend+0x115/frame 0xfffffe00995d6a50
kern_sendit() at kern_sendit+0x596/frame 0xfffffe00995d6bc0
sendit() at sendit+0x14b/frame 0xfffffe00995d6c10
sys_sendto() at sys_sendto+0x182/frame 0xfffffe00995d6d30
amd64_syscall() at amd64_syscall+0x410/frame 0xfffffe00995d6f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00995d6f30
--- syscall (198, FreeBSD ELF64, __syscall), rip = 0x28e66a, rsp = 0x82fb82f08, rbp = 0x82fb82f70 ---
KDB: enter: panic
[ thread pid 57995 tid 165348 ]
Stopped at kdb_enter+0x6b: movq $0,0x25788aa(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe009608c000
rdx 0x3ffff
rbx 0
rsp 0xfffffe00995d5f10
rbp 0xfffffe00995d5f30
rsi 0x40001
rdi 0xffffffff817283b8 printf+0x158
r8 0
r9 0xffffffff
r10 0
r11 0x790863d9
r12 0
r13 0xfffffe009af69560
r14 0xffffffff82af7b00 .str.26
r15 0xffffffff82af7b00 .str.26
rip 0xffffffff817181eb kdb_enter+0x6b
rflags 0x46
kdb_enter+0x6b: movq $0,0x25788aa(%rip)
db> show proc
Process 57995 (syz-executor.3) at 0xfffffe009b089568:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 780 at 0xfffffe0058d12008
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.3 exec
reaper: 0xfffffe00541ea010 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe009b01f000
(map 0xfffffe009b01f000)
(map.pmap 0xfffffe009b01f0c0)
(pmap 0xfffffe009b01f130)
threads: 2
165240 RunQ syz-executor.3
165348 Run CPU 1 syz-executor.3
db> ps
pid ppid pgrp uid state wmesg wchan cmd
57995 780 780 0 R (threaded) syz-executor.3
165240 RunQ syz-executor.3
165348 Run CPU 1 syz-executor.3
57994 777 777 0 RE CPU 0 syz-executor.0
57992 782 782 0 R (threaded) syz-executor.2
165336 RunQ syz-executor.2
165342 S uwait 0xfffffe0099602900 syz-executor.2
165346 RunQ syz-executor.2
55859 1 777 0 S uwait 0xfffffe0099602a80 syz-executor.0
55708 1 782 0 S uwait 0xfffffe00574a4200 syz-executor.2
54977 1 782 0 S uwait 0xfffffe009a359a00 syz-executor.2
54913 1 780 0 S uwait 0xfffffe005789bc00 syz-executor.3
52850 1 777 0 SV uwait 0xfffffe0099602300 syz-executor.0
52841 1 777 0 SV uwait 0xfffffe009a37c980 syz-executor.0
52831 1 777 0 SV uwait 0xfffffe0099601800 syz-executor.0
52738 1 782 0 S uwait 0xfffffe009a37ca80 syz-executor.2
52734 1 782 0 S uwait 0xfffffe009a357100 syz-executor.2
52727 1 782 0 S uwait 0xfffffe005789b400 syz-executor.2
52725 1 782 0 S uwait 0xfffffe009a359900 syz-executor.2
52719 1 782 0 S uwait 0xfffffe009a359800 syz-executor.2
52715 1 782 0 S uwait 0xfffffe0099601c80 syz-executor.2
52707 1 782 0 S uwait 0xfffffe0056fe0a00 syz-executor.2
52702 1 782 0 S uwait 0xfffffe005789bb00 syz-executor.2
52696 1 782 0 S uwait 0xfffffe0099602b80 syz-executor.2
52676 1 782 0 S uwait 0xfffffe0056fe0e80 syz-executor.2
52671 1 782 0 S uwait 0xfffffe005789b800 syz-executor.2
52666 1 782 0 S uwait 0xfffffe0099602c80 syz-executor.2
52659 1 782 0 S uwait 0xfffffe00574a3500 syz-executor.2
52649 1 782 0 S uwait 0xfffffe0099601b80 syz-executor.2
52642 1 782 0 S uwait 0xfffffe009a359500 syz-executor.2
52583 1 777 0 S uwait 0xfffffe0099601500 syz-executor.0
52579 1 777 0 S uwait 0xfffffe005789b500 syz-executor.0
52576 1 777 0 S uwait 0xfffffe00574a3000 syz-executor.0
52569 1 777 0 S uwait 0xfffffe0099602100 syz-executor.0
43266 1 782 0 S uwait 0xfffffe005789c280 syz-executor.2
43261 1 782 0 S uwait 0xfffffe0099601600 syz-executor.2
43259 1 782 0 S uwait 0xfffffe0099601100 syz-executor.2
40408 1 777 0 S uwait 0xfffffe00574a5b80 syz-executor.0
40397 1 777 0 S uwait 0xfffffe0099601000 syz-executor.0
40389 1 777 0 S uwait 0xfffffe00574a3100 syz-executor.0
27142 0 0 0 DL - 0xffffffff83c35e40 [accounting]
15080 1 782 0 S uwait 0xfffffe00574a5d80 syz-executor.2
15077 1 782 0 S uwait 0xfffffe005789ba00 syz-executor.2
15073 1 782 0 S uwait 0xfffffe0099602500 syz-executor.2
15072 1 782 0 S uwait 0xfffffe0056fe0c80 syz-executor.2
15069 1 782 0 S uwait 0xfffffe0056fe0b00 syz-executor.2
12480 1 777 0 S uwait 0xfffffe005789c400 syz-executor.0
11491 1 11491 65 Ss select 0xfffffe0092351f40 dhclient
8657 1 8657 0 Ss select 0xfffffe0058b18dc0 dhclient
8654 1 8654 0 Ss select 0xfffffe0058b18d40 dhclient
8635 1 8635 65 Ss select 0xfffffe00578797c0 dhclient
7301 1 7301 0 Ss select 0xfffffe0092571840 dhclient
7298 1 7298 0 Ss select 0xfffffe00923510c0 dhclient
7279 1 7279 65 Ss select 0xfffffe0092571ec0 dhclient
6120 1 780 0 S uwait 0xfffffe0099602800 syz-executor.3
6110 1 780 0 S uwait 0xfffffe0056fe0800 syz-executor.3
6105 1 780 0 S uwait 0xfffffe0056fe0700 syz-executor.3
3654 1 3654 0 Ss select 0xfffffe0092350ac0 dhclient
3651 1 3651 0 Ss select 0xfffffe00923507c0 dhclient
3621 1 3621 65 Ss select 0xfffffe00925718c0 dhclient
1550 1 1550 0 Ss select 0xfffffe00923506c0 dhclient
1543 1 1543 0 Ss select 0xfffffe0092572340 dhclient
859 0 0 0 DL aiordy 0xfffffe0058d13ac0 [aiod4]
858 0 0 0 DL aiordy 0xfffffe0058d13568 [aiod3]
857 0 0 0 DL aiordy 0xfffffe00579b2560 [aiod2]
856 0 0 0 DL aiordy 0xfffffe00579b3010 [aiod1]
782 774 782 0 Ss nanslp 0xffffffff83c5e201 syz-executor.2
780 774 780 0 Ss nanslp 0xffffffff83c5e201 syz-executor.3
778 774 778 0 Ss nanslp 0xffffffff83c5e201 syz-executor.1
777 774 777 0 Ss nanslp 0xffffffff83c5e201 syz-executor.0
774 772 772 0 S (threaded) syz-fuzzer
100113 S uwait 0xfffffe00574a3d80 syz-fuzzer
100114 S uwait 0xfffffe005789d480 syz-fuzzer
100115 S wait 0xfffffe0058d14570 syz-fuzzer
100116 S uwait 0xfffffe005789c800 syz-fuzzer
100117 S uwait 0xfffffe00574a3e80 syz-fuzzer
100118 S uwait 0xfffffe00574a4000 syz-fuzzer
100119 S wait 0xfffffe0058d14570 syz-fuzzer
100120 S wait 0xfffffe0058d14570 syz-fuzzer
100121 S wait 0xfffffe0058d14570 syz-fuzzer
100122 S uwait 0xfffffe005789cb00 syz-fuzzer
100130 S uwait 0xfffffe00574a5c80 syz-fuzzer
100142 S uwait 0xfffffe005789c700 syz-fuzzer
101491 S kqread 0xfffffe00085f4600 syz-fuzzer
159100 S uwait 0xfffffe0099601a80 syz-fuzzer
772 770 772 0 Ss pause 0xfffffe00579b4620 csh
770 688 770 0 Ss select 0xfffffe0092571d40 sshd
754 1 754 0 Ss+ ttyin 0xfffffe00574794b0 getty
753 1 753 0 Ss+ ttyin 0xfffffe00586ef8b0 getty
752 1 752 0 Ss+ ttyin 0xfffffe00586f00b0 getty
751 1 751 0 Ss+ ttyin 0xfffffe00586f08b0 getty
750 1 750 0 Ss+ ttyin 0xfffffe0007b500b0 getty
749 1 749 0 Ss+ ttyin 0xfffffe0007b508b0 getty
748 1 748 0 Ss+ ttyin 0xfffffe0007b520b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe0007b528b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe0007b530b0 getty
692 1 692 0 Ss nanslp 0xffffffff83c5e200 cron
688 1 688 0 Ss select 0xfffffe0092572140 sshd
501 1 501 0 Ss select 0xfffffe0092572540 syslogd
430 1 430 0 Ss select 0xfffffe00925729c0 devd
429 1 429 65 Ss select 0xfffffe00925725c0 dhclient
344 1 344 0 Ss select 0xfffffe0092572840 dhclient
341 1 341 0 Ss select 0xfffffe00923522c0 dhclient
17 0 0 0 DL syncer 0xffffffff83d836a0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe0056f91000 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100079 D psleep 0xffffffff83d81cc0 [bufdaemon]
100082 D - 0xffffffff83012180 [bufspacedaemon-0]
100095 D sdflush 0xfffffe0058c67ce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83db9400 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff83dad2b8 [dom0]
100080 D launds 0xffffffff83dad2c4 [laundry: dom0]
100081 D umarcl 0xffffffff81e7c390 [uma]
7 0 0 0 DL - 0xffffffff83a2be48 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff8438c270 [pf purge]
5 0 0 0 DL waiting 0xffffffff84814f80 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff838ce340 [doneq0]
100045 D - 0xffffffff838ce2c0 [async]
100076 D - 0xffffffff838ce140 [scanner]
14 0 0 0 DL seqstat 0xfffffe0056ee5c88 [sequencer 00]
3 0 0 0 DL (threaded) [crypto]
100040 D crypto_ 0xffffffff83da8b60 [crypto]
100041 D crypto_ 0xfffffe0007b63030 [crypto returns 0]
100042 D crypto_ 0xfffffe0007b63080 [crypto returns 1]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff83c33640 [g_event]
100036 D - 0xffffffff83c33660 [g_up]
100037 D - 0xffffffff83c33680 [g_down]
2 0 0 0 WL (threaded) [clock]
100030 I [clock (0)]
100031 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100010 I [swi5: fast taskq]
100013 I [swi6: task queue]
100018 I [swi6: Giant taskq]
100029 I [swi1: netisr 0]
100032 I [swi1: hpts]
100033 I [swi1: hpts]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq33: virtio_pci2]
100060 I [irq34: virtio_pci2]
100061 I [irq35: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe00541ea010 [init]
10 0 0 0 DL audit_w 0xffffffff83da95a0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff83c34060 [swapper]
100005 D - 0xfffffe005409e000 [if_config_tqg_0]
100006 D - 0xfffffe005409de00 [softirq_0]
100007 D - 0xfffffe005409dd00 [softirq_1]
100008 D - 0xfffffe005409dc00 [if_io_tqg_0]
100009 D - 0xfffffe005409db00 [if_io_tqg_1]
100011 D - 0xfffffe00085f2500 [kqueue_ctx taskq]
100012 D - 0xfffffe00085f2400 [pci_hp taskq]
100014 D - 0xfffffe00085f2100 [inm_free taskq]
100015 D - 0xfffffe00085f2000 [aiod_kick taskq]
100016 D - 0xfffffe00085f1e00 [in6m_free taskq]
100017 D - 0xfffffe00085f1d00 [deferred_unmount ta]
100019 D - 0xfffffe00085f1a00 [thread taskq]
100020 D - 0xfffffe00085f1900 [linuxkpi_irq_wq]
100021 D - 0xfffffe00085f1800 [linuxkpi_short_wq_0]
100022 D - 0xfffffe00085f1800 [linuxkpi_short_wq_1]
100023 D - 0xfffffe00085f1800 [linuxkpi_short_wq_2]
100024 D - 0xfffffe00085f1800 [linuxkpi_short_wq_3]
100025 D - 0xfffffe00085f1700 [linuxkpi_long_wq_0]
100026 D - 0xfffffe00085f1700 [linuxkpi_long_wq_1]
100027 D - 0xfffffe00085f1700 [linuxkpi_long_wq_2]
100028 D - 0xfffffe00085f1700 [linuxkpi_long_wq_3]
100034 D - 0xfffffe00085f1200 [firmware taskq]
100038 D - 0xfffffe00085f0700 [crypto_0]
100039 D - 0xfffffe00085f0700 [crypto_1]
100055 D - 0xfffffe0056fdbe00 [vtnet0 rxq 0]
100056 D - 0xfffffe0056fdbd00 [vtnet0 txq 0]
100057 D - 0xfffffe0056fdbc00 [vtnet0 rxq 1]
100058 D - 0xfffffe0056fdbb00 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe0056f45000 [virtio_balloon]
100066 D - 0xffffffff82afca41 [deadlkres]
100070 D - 0xfffffe00085f4100 [mca taskq]
100071 D - 0xfffffe00085f0200 [acpi_task_0]
100072 D - 0xfffffe00085f0200 [acpi_task_1]
100073 D - 0xfffffe00085f0200 [acpi_task_2]
100075 D - 0xfffffe00085f0000 [CAM taskq]
57993 778 778 0 Z syz-executor.1
db> show all locks
Process 57995 (syz-executor.3) thread 0xfffffe009af69560 (165348)
exclusive sleep mutex udphash (udphash) r = 0 (0xfffffe0054049da8) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1254
exclusive rw udpinp (udpinp) r = 0 (0xfffffe0058d891d0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1098
Process 57994 (syz-executor.0) thread 0xfffffe009b09aac0 (164992)
shared sx filedesc structure (filedesc structure) r = 0 (0xfffffe009b05f450) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_mqueue.c:2478
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 7 4801K 7
devbuf 4216 4323K 4244
sysctloid 34725 2046K 34796
vtbuf 24 1968K 46
kobj 330 1320K 493
newblk 16 1028K 58238
vfscache 3 1025K 3
pcb 299 847K 244649
inodedep 749 793K 57285
filedesc 98 778K 113933
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 225 458K 58124
vmem 3 274K 6
dirrem 737 185K 57161
acpica 1674 184K 58126
tidhash 3 141K 3
pagedep 11 131K 57009
tfo_ccache 1 128K 1
IP reass 1 128K 1
linker 324 127K 361
sctp_stro 121 121K 26290
vnet_data 1 112K 1
DEVFS1 109 109K 126
sem 4 106K 4
sctp_atcl 259 98K 149904
freefile 737 93K 57117
BPF 46 88K 879
bus 1000 82K 5215
mtx_pool 2 72K 2
NFSD srvcache 3 68K 3
syncache 1 68K 1
module 513 65K 513
acpitask 1 64K 1
ddb_capture 1 64K 1
kdtrace 309 58K 123345
umtx 462 58K 462
temp 36 53K 3667
shm 7 44K 137
sctp_timw 163 41K 163
DEVFS3 128 32K 138
hostcache 1 32K 1
msg 4 30K 4
kbdmux 6 28K 6
gtaskqueue 18 26K 18
ifaddr 70 20K 72
DEVFS_RULE 56 20K 56
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
sctp_atky 380 16K 177987
routetbl 130 16K 410
ithread 97 16K 97
bus-sc 34 15K 1682
lltable 44 14K 156
eventhandler 154 13K 154
KTRACE 102 13K 3975
ifnet 7 13K 7
ether_multi 152 13K 167
kenv 95 12K 95
rman 88 11K 431
GEOM 61 11K 481
CAM queue 5 11K 1528
kqueue 105 9K 58026
in6_multi 65 9K 65
bmsafemap 2 9K 57255
rpc 4 9K 4
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 95
shmfd 1 8K 351
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 237 8K 296
cred 28 7K 347
taskqueue 63 7K 63
pwddesc 102 7K 58219
sglist 5 7K 5
CAM DEV 3 6K 510
plimit 24 6K 523
ufs_dirhash 24 5K 24
pf_ifnet 11 5K 20
session 35 5K 56
UMA 267 5K 267
DEVFSP 68 5K 2485
vt 11 5K 11
proc-args 132 5K 59458
sctp_athm 259 5K 153718
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
sctp_map 242 4K 52230
acpisem 28 4K 28
selfd 55 4K 763671
lockf 32 4K 462
hhook 15 4K 17
kcovinfo 52 4K 52
terminal 11 3K 11
CC Mem 21 3K 8681
select 19 3K 107
uidinfo 4 3K 21
clone 9 3K 9
local_apic 1 2K 1
io_apic 1 2K 1
fpukern_ctx 2 2K 2
ipsec-saq 2 2K 2
ip6ndp 12 2K 13
Unitno 31 2K 61
sctp_ifa 13 2K 14
CAM XPT 22 2K 543
msi 12 2K 12
in_multi 6 2K 9
ipsecpolicy 2 2K 2
acpidev 20 2K 20
tcp_fsb 9 2K 2981
tun 7 2K 7
freework 5 2K 56997
inpcbpolicy 33 2K 12317
NFSD session 1 1K 1
softdep 1 1K 1
mkdir 8 1K 113974
freeblks 4 1K 56974
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 128
CAM periph 4 1K 271
sctp_ifn 6 1K 14
ipsec 3 1K 3
newdirblk 6 1K 56987
mld 6 1K 6
igmp 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
osd 25 1K 8688
crypto 4 1K 687
encap_export_host 12 1K 12
procdesc 5 1K 18
diradd 4 1K 57202
pfil 4 1K 4
cdev 2 1K 2
pf_rule 3 1K 33
chacha20random 1 1K 1
sctp_aadr 4 1K 13
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
indirdep 1 1K 23
vnodes 1 1K 1
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
soname 5 1K 79424
cryptodev 2 1K 2198
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
netlink 1 1K 1
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
aio 4 1K 23
pmchooks 1 1K 1
filecaps 5 1K 130
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 48
pmc 1 1K 1
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
mqdata 0 0K 0
tcp_do 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 73682
sctp_iter 0 0K 137
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 125
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 12
sctp_stri 0 0K 2616
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
pf_table 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
filemon 0 0K 182
newnfsclient_req 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
ixl 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
xen_intr 0 0K 0
NFSD V4lock 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
NFSD V4state 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
msdosfs_node 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
DEVFS4 0 0K 0
vm_fictitious 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
scsi_pass 0 0K 0
ciss_data 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
UMAHash 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 50342
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 62
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 136
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
ktls_ocf 0 0K 0
scsi_cd 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 122
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
LRO 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 19
in_mfilter 0 0K 1
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 71
VN POLL 0 0K 0
USB 0 0K 0
statfs 0 0K 57435
namei_tracker 0 0K 6
export_host 0 0K 0
cl_savebuf 0 0K 31
agp 0 0K 0
nvme_da 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
twsbuf 0 0K 0
twe_commands 0 0K 0
tcp_log_dev 0 0K 448
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
biobuf 0 0K 0
lio 0 0K 141
acl 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 54946
ioctlops 0 0K 1078
eventfd 0 0K 104
Witness 0 0K 0
stack 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
MPRSAS 0 0K 0
SWAP 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sysctltmp 0 0K 1037
sysctl 0 0K 3
md_sectors 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
cache 0 0K 0
aacraidcam 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 4
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
boottrace 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8361 1037 1150475 0 254 38494208 0
sctp_asoc 2256 121 1659 26115 0 254 4015680 0
malloc-2048 2048 144 1356 121878 0 9 3072000 0
mbuf 256 9041 1628 1987459 0 254 2731264 0
malloc-384 384 4865 1555 61416 0 30 2465280 0
sctp_ep 1176 138 1902 121872 0 254 2399040 0
RADIX NODE 144 15351 352 1019947 0 66 2261232 0
tcp_log 416 14 5323 14267 0 254 2220192 0
mbuf_cluster 2048 1016 0 1016 0 254 2080768 0
pbuf 2624 0 778 0 0 2 2041472 0
BUF TRIE 144 203 11585 1870 0 62 1697472 0
malloc-128 128 11465 253 68888 0 126 1499904 0
malloc-1024 1024 124 1284 26276 0 16 1441792 0
malloc-4096 4096 332 4 510 0 2 1376256 0
UMA Slabs 0 112 12182 16 12182 0 126 1366176 0
sctp_raddr 736 121 1661 26160 0 254 1311552 0
vmem btag 56 21353 70 21353 0 254 1199688 0
malloc-384 384 260 2590 149905 0 30 1094400 0
malloc-16384 16384 49 5 56965 0 1 884736 0
VM OBJECT 264 3042 78 1124185 0 30 823680 0
socket 960 76 688 136617 0 254 733440 0
FFS inode 1160 559 36 57677 0 8 690200 0
malloc-256 256 212 2338 116320 0 62 652800 0
malloc-256 256 869 1621 115307 0 62 637440 0
256 Bucket 2048 255 17 4861 0 8 557056 0
MAP ENTRY 96 4768 398 2905576 0 126 495936 0
malloc-4096 4096 110 4 58005 0 2 466944 0
THREAD 1824 205 26 65348 0 8 421344 0
malloc-256 256 225 1395 236249 0 62 414720 0
malloc-65536 65536 6 0 6 0 1 393216 0
lkpimm 168 1 2327 1 0 62 391104 0
lkpicurr 168 2 2326 2 0 62 391104 0
VNODE 448 600 93 57720 0 30 310464 0
malloc-128 128 771 1647 114484 0 126 309504 0
malloc-64 64 3855 240 3892 0 254 262080 0
mbuf_packet 256 157 859 103641 0 254 260096 0
malloc-16 16 14385 615 23103 0 254 240000 0
malloc-256 256 210 720 67760 0 62 238080 0
VMSPACE 2560 80 13 57972 0 4 238080 0
malloc-32768 32768 2 5 11 0 1 229376 0
DEVCTL 1024 0 220 152 0 0 225280 0
tcp_inpcb 1288 21 141 8676 0 8 208656 0
FPU_save_area 832 207 36 72383 0 16 202176 0
malloc-65536 65536 1 2 142 0 1 196608 0
malloc-128 128 1237 282 14722 0 126 194432 0
sctp_chunk 152 129 1145 4713 0 254 193648 0
UMA Zones 768 239 0 239 0 16 183552 0
malloc-32 32 5262 408 5320 0 254 181440 0
malloc-128 128 1205 190 27380 0 126 178560 0
PROC 1368 102 19 57995 0 8 165528 0
malloc-2048 2048 6 74 513 0 8 163840 0
malloc-1024 1024 134 26 151 0 16 163840 0
FFS2 dinode 256 559 71 57676 0 62 161280 0
malloc-64 64 764 1567 88823 0 254 149184 0
S VFS Cache 104 1029 375 59497 0 126 146016 0
filedesc0 1072 102 24 58219 0 8 135072 0
128 Bucket 1024 88 43 11363 0 16 134144 0
malloc-65536 65536 0 2 442 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
unpcb 256 20 490 2369 0 254 130560 0
64 Bucket 512 165 67 16694 0 30 118784 0
sctp_stream_msg_out 112 116 928 6577 0 254 116928 0
ksiginfo 112 111 933 7248 0 126 116928 0
malloc-32 32 370 3032 212496 0 254 108864 0
malloc-4096 4096 22 4 74 0 2 106496 0
ertt_txseginfo 40 0 2626 80965 0 254 105040 0
pipe 728 23 109 2601 0 16 96096 0
malloc-256 256 215 160 58863 0 62 96000 0
32 Bucket 256 225 150 17615 0 62 96000 0
malloc-8192 8192 5 6 214 0 1 90112 0
UMA Kegs 384 225 8 225 0 30 89472 0
syncache 168 0 528 6 0 254 88704 0
clpbuf 2624 0 32 54 0 16 83968 0
tcp_bbr_map 128 0 651 2243 0 126 83328 0
malloc-128 128 352 299 114891 0 126 83328 0
malloc-16384 16384 3 2 5 0 1 81920 0
malloc-384 384 187 23 302 0 30 80640 0
sctp_readq 152 0 520 404 0 254 79040 0
malloc-8192 8192 8 1 10 0 1 73728 0
g_bio 408 0 180 11861 0 30 73440 0
udplite_inpcb 448 0 153 593 0 30 68544 0
malloc-65536 65536 0 1 8 0 1 65536 0
Files 80 256 544 222975 0 126 64000 0
ripcb 416 5 148 1535 0 30 63648 0
malloc-16 16 617 3133 236751 0 254 60000 0
malloc-4096 4096 14 0 25 0 2 57344 0
udp_inpcb 448 7 119 1513 0 30 56448 0
malloc-16 16 441 3059 112122 0 254 56000 0
malloc-64 64 282 537 881511 0 254 52416 0
malloc-64 64 514 305 1166 0 254 52416 0
DIRHASH 1024 35 13 35 0 16 49152 0
NAMEI 1024 0 48 252488 0 16 49152 0
malloc-16384 16384 3 0 13 0 1 49152 0
malloc-2048 2048 9 15 569 0 8 49152 0
malloc-512 512 22 74 992 0 30 49152 0
tcp_rack_pcb 896 9 45 2981 0 16 48384 0
16 Bucket 144 235 101 1879 0 62 48384 0
tcp_bbr_pcb 832 6 48 1922 0 16 44928 0
TURNSTILE 136 232 83 232 0 62 42840 0
pcpu-8 8 4708 412 10674 0 254 40960 0
da_ccb 544 0 70 3092 0 16 38080 0
malloc-64 64 61 506 1852 0 254 36288 0
malloc-64 64 36 531 22520 0 254 36288 0
malloc-64 64 219 348 241 0 254 36288 0
malloc-64 64 182 385 2618 0 254 36288 0
8 Bucket 80 71 379 12263 0 126 36000 0
malloc-128 128 51 228 926 0 126 35712 0
malloc-128 128 42 237 6372 0 126 35712 0
malloc-128 128 57 222 313 0 126 35712 0
routing nhops 256 27 108 34 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 52 38 374 0 30 34560 0
malloc-256 256 7 128 481 0 62 34560 0
malloc-256 256 30 105 1458 0 62 34560 0
malloc-256 256 27 108 283 0 62 34560 0
SLEEPQUEUE 88 232 152 232 0 126 33792 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 0 1 120 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-8192 8192 4 0 4 0 1 32768 0
malloc-8192 8192 2 2 144 0 1 32768 0
malloc-8192 8192 1 3 13 0 1 32768 0
malloc-4096 4096 4 4 25 0 2 32768 0
malloc-4096 4096 2 6 58060 0 2 32768 0
malloc-2048 2048 3 13 755 0 8 32768 0
malloc-2048 2048 9 7 22 0 8 32768 0
malloc-2048 2048 3 13 204 0 8 32768 0
malloc-1024 1024 2 30 37 0 16 32768 0
malloc-1024 1024 12 20 13 0 16 32768 0
malloc-1024 1024 7 25 2211 0 16 32768 0
malloc-1024 1024 2 30 19 0 16 32768 0
malloc-1024 1024 8 24 8 0 16 32768 0
malloc-1024 1024 4 28 354 0 16 32768 0
malloc-512 512 1 63 289 0 30 32768 0
malloc-512 512 0 64 445 0 30 32768 0
malloc-512 512 2 62 2667 0 30 32768 0
pcpu-64 64 497 15 497 0 254 32768 0
KNOTE 160 28 172 403637 0 62 32000 0
ttyinq 160 135 65 300 0 62 32000 0
tcp_rack_map 120 0 264 924 0 126 31680 0
cpuset 104 7 272 34 0 126 29016 0
sctp_laddr 48 108 480 7435 0 254 28224 0
tcp_inpcb ports 32 2 880 1492 0 254 28224 0
ertt 72 21 371 8676 0 126 28224 0
PWD 32 60 822 57031 0 254 28224 0
malloc-32 32 298 584 14009 0 254 28224 0
4 Bucket 48 7 581 1315 0 254 28224 0
AIO 208 0 133 150 0 62 27664 0
malloc-8192 8192 3 0 3 0 1 24576 0
malloc-8192 8192 1 2 5 0 1 24576 0
PGRP 88 35 241 56 0 126 24288 0
rl_entry 40 118 488 118 0 254 24240 0
rtentry 168 30 114 34 0 62 24192 0
itimer 352 0 66 41 0 30 23232 0
malloc-384 384 23 37 148 0 30 23040 0
malloc-384 384 12 48 12 0 30 23040 0
malloc-384 384 0 60 349 0 30 23040 0
domainset 40 0 567 21 0 254 22680 0
hostcache 64 2 313 2 0 254 20160 0
udplite_inpcb ports 32 0 630 17 0 254 20160 0
udp_inpcb ports 32 3 627 120 0 254 20160 0
malloc-32 32 113 517 361 0 254 20160 0
malloc-32 32 173 457 53583 0 254 20160 0
malloc-32 32 34 596 8138 0 254 20160 0
malloc-32 32 47 583 966 0 254 20160 0
malloc-32 32 16 614 17 0 254 20160 0
2 Bucket 32 64 566 6071 0 254 20160 0
cryptop 280 0 70 58 0 30 19600 0
AIOCB 552 0 35 538 0 16 19320 0
AIOLIO 272 0 70 141 0 30 19040 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 0 1 160 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 2 2 6 0 2 16384 0
malloc-2048 2048 0 8 573 0 8 16384 0
malloc-2048 2048 2 6 4 0 8 16384 0
malloc-512 512 2 30 2 0 30 16384 0
malloc-512 512 0 32 1 0 30 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
vtnet_tx_hdr 24 0 668 623515 0 254 16032 0
kenv 258 15 45 1054 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
malloc-16 16 10 740 456 0 254 12000 0
malloc-16 16 13 737 26294 0 254 12000 0
malloc-16 16 81 669 24849 0 254 12000 0
malloc-16 16 32 718 155 0 254 12000 0
malloc-16 16 4 746 6 0 254 12000 0
L VFS Cache 320 0 36 1 0 30 11520 0
malloc-384 384 1 29 1 0 30 11520 0
Mountpoints 2816 2 2 2 0 4 11264 0
pcpu-16 16 4 252 4 0 254 4096 0
UMA Slabs 1 176 9 13 9 0 62 3872 0
KMAP ENTRY 96 12 27 14 0
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Jun 24, 2023, 2:49:51 AM6/24/23
to syzkaller-f...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: b1c66bc44af0 netinet tests: Add a test which connects a di..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=10f1b0e0a80000
dashboard link: https://syzkaller.appspot.com/bug?extid=81ccc423a2737ed031ac
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=132cc4c7280000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15238093280000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+81ccc4...@syzkaller.appspotmail.com
panic: in_pcblookup_hash_locked: invalid local address
cpuid = 1
time = 1687589246
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe006a408df0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe006a408f50
vpanic() at vpanic+0x252/frame 0xfffffe006a409030
panic() at panic+0xb5/frame 0xfffffe006a4090f0
in_pcblookup_hash_locked() at in_pcblookup_hash_locked+0x639/frame 0xfffffe006a409200
in_pcb_lport_dest() at in_pcb_lport_dest+0x475/frame 0xfffffe006a4092b0
in_pcbconnect_setup() at in_pcbconnect_setup+0x879/frame 0xfffffe006a409410
udp_send() at udp_send+0x1968/frame 0xfffffe006a409650
udp6_send() at udp6_send+0x613/frame 0xfffffe006a409940
sosend_dgram() at sosend_dgram+0x68b/frame 0xfffffe006a4099c0
sousrsend() at sousrsend+0x116/frame 0xfffffe006a409a50
kern_sendit() at kern_sendit+0x5a2/frame 0xfffffe006a409bc0
sendit() at sendit+0x157/frame 0xfffffe006a409c10
sys_sendto() at sys_sendto+0x181/frame 0xfffffe006a409d30
amd64_syscall() at amd64_syscall+0x423/frame 0xfffffe006a409f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe006a409f30
--- syscall (0, FreeBSD ELF64, syscall), rip = 0x2b3c7a, rsp = 0x820634a98, rbp = 0x820634ab0 ---
KDB: enter: panic
[ thread pid 779 tid 100088 ]
Stopped at kdb_enter+0x6e: movq $0,0x2133d57(%rip)
rdx 0xdffff7c000000000
rbx 0xffffffff826ba7e0 .str.26
rsp 0xfffffe006a408f30
rbp 0xfffffe006a408f50
rsi 0x1
rdi 0
r12 0xfffffe00589ef3a0
r13 0xfffffffffffffffd
r14 0xffffffff826ba7e0 .str.26
r15 0
rip 0xffffffff815bd33e kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x2133d57(%rip)
db> show proc
Process 779 (syz-executor8691725) at 0xfffffe00541f0000:
ABI: FreeBSD ELF64
flag: 0x10004000 flag2: 0
arguments: ./syz-executor869172500
reaper: 0xfffffe00541f2040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00589fb000
(map 0xfffffe00589fb000)
(map.pmap 0xfffffe00589fb0c0)
(pmap 0xfffffe00589fb130)
threads: 1
100088 Run CPU 1 syz-executor8691725
777 775 777 0 Ss pause 0xfffffe006ccee0d0 csh
775 688 775 0 Rs CPU 0 sshd
754 1 754 0 Ss+ ttyin 0xfffffe00576fb4b0 getty
753 1 753 0 Ss+ ttyin 0xfffffe00587d84b0 getty
752 1 752 0 Ss+ ttyin 0xfffffe00587d88b0 getty
751 1 751 0 Ss+ ttyin 0xfffffe005408b0b0 getty
750 1 750 0 Ss+ ttyin 0xfffffe00587d8cb0 getty
749 1 749 0 Ss+ ttyin 0xfffffe005408b4b0 getty
748 1 748 0 Ss+ ttyin 0xfffffe005408b8b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe00576f70b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00576f74b0 getty
744 1 18 0 S+ piperd 0xfffffe0058a07888 logger
743 742 18 0 S+ nanslp 0xffffffff836d2841 sleep
742 1 18 0 S+ wait 0xfffffe0058cb0020 sh
692 1 692 0 Ss nanslp 0xffffffff836d2840 cron
688 1 688 0 Ss select 0xfffffe000799e7c0 sshd
501 1 501 0 Ss select 0xfffffe000799d940 syslogd
430 1 430 0 Ss select 0xfffffe000799dc40 devd
429 1 429 65 Ss select 0xfffffe000799db40 dhclient
344 1 344 0 Ss select 0xfffffe000799dbc0 dhclient
341 1 341 0 Ss select 0xfffffe000799e8c0 dhclient
17 0 0 0 DL vlruwt 0xfffffe00542f5b00 [vnlru]
16 0 0 0 DL syncer 0xffffffff837d4d20 [syncer]
100082 D - 0xffffffff82c0a140 [bufspacedaemon-0]
100093 D sdflush 0xfffffe000795d8e8 [/ worker]
9 0 0 0 DL psleep 0xffffffff8380ac00 [vmdaemon]
100080 D launds 0xffffffff837feac4 [laundry: dom0]
100081 D umarcl 0xffffffff81d3da20 [uma]
7 0 0 0 DL - 0xffffffff83496e48 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff840393d0 [pf purge]
5 0 0 0 DL waiting 0xffffffff8434e1c0 [sctp_iterator]
100045 D - 0xffffffff834792c0 [async]
100076 D - 0xffffffff83479140 [scanner]
14 0 0 0 DL seqstat 0xfffffe0057139c88 [sequencer 00]
100041 D crypto_ 0xfffffe00543d7030 [crypto returns 0]
100042 D crypto_ 0xfffffe00543d7080 [crypto returns 1]
100036 D - 0xffffffff836a8660 [g_up]
100037 D - 0xffffffff836a8680 [g_down]
100030 I [clock (1)]
100019 I [swi6: task queue]
100020 I [swi6: Giant taskq]
100031 I [swi1: netisr 0]
10 0 0 0 DL audit_w 0xffffffff837fada0 [audit]
100005 D - 0xfffffe005409ae00 [if_io_tqg_0]
100006 D - 0xfffffe005409ad00 [if_io_tqg_1]
100007 D - 0xfffffe005409ac00 [if_config_tqg_0]
100008 D - 0xfffffe005409ab00 [softirq_0]
100009 D - 0xfffffe005409aa00 [softirq_1]
100010 D - 0xfffffe000799be00 [linuxkpi_irq_wq]
100011 D - 0xfffffe000799bd00 [thread taskq]
100012 D - 0xfffffe000799bc00 [inm_free taskq]
100013 D - 0xfffffe000799bb00 [aiod_kick taskq]
100014 D - 0xfffffe000799ba00 [deferred_unmount ta]
100015 D - 0xfffffe000799b900 [in6m_free taskq]
100017 D - 0xfffffe000799b700 [kqueue_ctx taskq]
100018 D - 0xfffffe000799b600 [pci_hp taskq]
100021 D - 0xfffffe000799b300 [linuxkpi_short_wq_0]
100022 D - 0xfffffe000799b300 [linuxkpi_short_wq_1]
100023 D - 0xfffffe000799b300 [linuxkpi_short_wq_2]
100024 D - 0xfffffe000799b300 [linuxkpi_short_wq_3]
100025 D - 0xfffffe000799b200 [linuxkpi_long_wq_0]
100026 D - 0xfffffe000799b200 [linuxkpi_long_wq_1]
100027 D - 0xfffffe000799b200 [linuxkpi_long_wq_2]
100028 D - 0xfffffe000799b200 [linuxkpi_long_wq_3]
100034 D - 0xfffffe005435b300 [firmware taskq]
100038 D - 0xfffffe005435a800 [crypto_0]
100039 D - 0xfffffe005435a800 [crypto_1]
100055 D - 0xfffffe0054359a00 [vtnet0 rxq 0]
100056 D - 0xfffffe0054359900 [vtnet0 txq 0]
100057 D - 0xfffffe0054359800 [vtnet0 rxq 1]
100058 D - 0xfffffe0054359700 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe005722be80 [virtio_balloon]
100066 D - 0xffffffff826bf720 [deadlkres]
100070 D - 0xfffffe0054359300 [acpi_task_0]
100071 D - 0xfffffe0054359300 [acpi_task_1]
100072 D - 0xfffffe0054359300 [acpi_task_2]
100073 D - 0xfffffe000799c100 [mca taskq]
100075 D - 0xfffffe005435a200 [CAM taskq]
db> show all locks
Process 779 (syz-executor8691725) thread 0xfffffe00589ef3a0 (100088)
exclusive sleep mutex udphash (udphash) r = 0 (0xfffffe0054049dc8) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1254
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006cc331e0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1098
Process 775 (sshd) thread 0xfffffe00589efac0 (100087)
exclusive sleep mutex sellck (sellck) r = 0 (0xfffffe000799daa0) locked @ /syzkaller/managers/main/kernel/sys/kern/sys_generic.c:1996
sysctloid 34805 2051K 34876
vtbuf 24 1968K 46
kobj 326 1304K 488
newblk 804 1225K 816
vfscache 3 1025K 3
pcb 23 669K 42
inodedep 50 531K 71
subproc 96 181K 836
tidhash 3 141K 3
vmem 3 134K 4
pagedep 14 132K 18
vnet_data 1 112K 1
sem 4 106K 4
DEVFS1 105 105K 114
bus 988 81K 5135
temp 19 53K 1603
hostcache 1 32K 1
shm 1 32K 1
kdtrace 155 32K 895
DEVFS3 124 31K 134
umtx 242 31K 242
BPF 10 18K 10
bus-sc 34 15K 1648
eventhandler 157 13K 157
KTRACE 100 13K 100
kenv 95 12K 95
ifaddr 30 12K 32
pfs_vncache 1 8K 1
shmfd 1 8K 1
audit_evclass 237 8K 297
taskqueue 63 7K 63
pfs_nodes 20 5K 20
ufs_dirhash 24 5K 24
UMA 267 5K 267
dirrem 17 5K 28
plimit 17 5K 322
vt 11 5K 11
ifnet 3 5K 3
evdev 4 4K 4
acpisem 28 4K 28
hhook 15 4K 17
ether_multi 40 4K 50
diradd 25 4K 36
lltable 11 4K 11
pf_ifnet 5 3K 6
in6_multi 25 3K 25
terminal 11 3K 11
session 20 3K 31
kqueue 40 3K 782
pwddesc 40 3K 780
clone 9 3K 9
uidinfo 3 3K 8
proc-args 62 3K 1720
Unitno 27 2K 41
msi 12 2K 12
ipsec 3 1K 3
indirdep 3 1K 3
CC Mem 3 1K 7
nhops 6 1K 6
pfil 6 1K 6
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
newdirblk 4 1K 8
mkdir 4 1K 16
in_multi 2 1K 4
cdev 2 1K 2
osd 8 1K 20
chacha20random 1 1K 1
biobuf 1 1K 1
inpcbpolicy 11 1K 140
sctp_ifn 2 1K 6
DEVFS 9 1K 10
mld 2 1K 2
igmp 2 1K 2
cryptodev 2 1K 49
pmchooks 1 1K 1
filecaps 4 1K 66
tun 3 1K 3
tcp_fsb 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 4
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_temp 0 0K 0
filemon 0 0K 0
newnfsclient_req 0 0K 0
UMAHash 0 0K 0
DEVFS4 0 0K 0
freeblks 0 0K 25
freefrag 0 0K 1
lkpimhi 0 0K 0
in_mfilter 0 0K 0
statfs 0 0K 195
namei_tracker 0 0K 0
aio 0 0K 0
lio 0 0K 0
acl 0 0K 0
ioctlops 0 0K 86
eventfd 0 0K 0
mbuf 256 8579 1083 18413 0 254 2473472 0
BUF TRIE 144 189 11627 529 0 62 1701504 0
malloc-384 384 4118 52 4118 0 30 1601280 0
malloc-128 128 11417 53 11430 0 126 1468160 0
malloc-4096 4096 333 1 1035 0 2 1368064 0
UMA Slabs 0 112 10569 9 10569 0 126 1184736 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
vmem btag 56 15336 111 15336 0 254 865032 0
FFS inode 1160 499 26 508 0 8 609000 0
pbuf 2624 0 202 0 0 2 530048 0
RADIX NODE 144 3321 174 20012 0 62 503280 0
socket 960 19 489 1320 0 254 487680 0
VM OBJECT 264 1411 119 24441 0 30 403920 0
malloc-64 64 3810 285 3842 0 254 262080 0
VNODE 448 529 47 540 0 30 258048 0
malloc-256 256 878 52 919 0 62 238080 0
malloc-16 16 14389 361 14493 0 254 236000 0
DEVCTL 1024 0 220 124 0 0 225280 0
THREAD 1824 114 7 114 0 8 220704 0
malloc-4096 4096 48 4 788 0 2 212992 0
malloc-128 128 1309 210 30393 0 126 194432 0
MAP ENTRY 96 1583 433 85320 0 126 193536 0
malloc-2048 2048 8 64 1040 0 8 147456 0
FFS2 dinode 256 499 71 508 0 62 145920 0
malloc-65536 65536 0 2 126 0 1 131072 0
malloc-65536 65536 0 2 46 0 1 131072 0
malloc-1024 1024 111 17 120 0 16 131072 0
unpcb 256 7 503 1163 0 254 130560 0
mbuf_packet 256 0 508 97 0 254 130048 0
S VFS Cache 104 966 204 1009 0 126 121680 0
ksiginfo 112 37 1007 52 0 126 116928 0
FPU_save_area 832 116 19 128 0 16 112320 0
128 Bucket 1024 48 51 489 0 16 101376 0
malloc-128 128 606 169 761 0 126 99200 0
malloc-32768 32768 3 0 3 0 1 98304 0
UMA Kegs 384 226 7 226 0 30 89472 0
malloc-8192 8192 8 2 135 0 1 81920 0
PROC 1376 39 16 779 0 8 75680 0
malloc-4096 4096 15 3 221 0 2 73728 0
g_bio 408 0 180 4485 0 30 73440 0
malloc-64 64 501 570 935 0 254 68544 0
malloc-64 64 533 538 15037 0 254 68544 0
malloc-128 128 294 233 364 0 126 67456 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-16384 16384 2 2 162 0 1 65536 0
filedesc0 1072 40 16 780 0 8 60032 0
cpuset 104 7 551 7 0 126 58032 0
malloc-128 128 260 143 772 0 126 51584 0
malloc-256 256 128 67 141 0 62 49920 0
malloc-256 256 89 106 724 0 62 49920 0
malloc-256 256 133 62 422 0 62 49920 0
32 Bucket 256 54 141 10687 0 62 49920 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-16384 16384 2 1 12 0 1 49152 0
malloc-8192 8192 6 0 6 0 1 49152 0
malloc-8192 8192 6 0 6 0 1 49152 0
malloc-1024 1024 8 40 704 0 16 49152 0
malloc-1024 1024 28 20 52 0 16 49152 0
malloc-384 384 78 42 79 0 30 46080 0
syncache 168 0 264 5 0 254 44352 0
udp_inpcb 424 7 83 129 0 30 38160 0
da_ccb 544 0 70 1251 0 16 38080 0
pcpu-8 8 4271 337 4299 0 254 36864 0
64 Bucket 512 64 8 1700 0 30 36864 0
malloc-64 64 121 446 143 0 254 36288 0
malloc-64 64 90 477 13939 0 254 36288 0
malloc-64 64 45 522 83 0 254 36288 0
malloc-64 64 247 320 997 0 254 36288 0
malloc-64 64 46 521 800 0 254 36288 0
malloc-128 128 136 143 618 0 126 35712 0
malloc-128 128 41 238 88 0 126 35712 0
malloc-128 128 45 234 328 0 126 35712 0
routing nhops 256 10 125 17 0 62 34560 0
malloc-384 384 72 18 124 0 30 34560 0
malloc-256 256 4 131 9 0 62 34560 0
malloc-256 256 84 51 1015 0 62 34560 0
malloc-256 256 56 79 645 0 62 34560 0
malloc-256 256 33 102 81 0 62 34560 0
malloc-2048 2048 4 12 67 0 8 32768 0
malloc-2048 2048 3 13 12 0 8 32768 0
malloc-2048 2048 6 10 197 0 8 32768 0
malloc-2048 2048 4 12 28 0 8 32768 0
malloc-1024 1024 0 32 3 0 16 32768 0
malloc-1024 1024 5 27 5 0 16 32768 0
malloc-1024 1024 9 23 10 0 16 32768 0
malloc-1024 1024 8 24 876 0 16 32768 0
malloc-512 512 2 62 8 0 30 32768 0
malloc-512 512 11 53 178 0 30 32768 0
malloc-512 512 3 61 4 0 30 32768 0
malloc-512 512 4 60 4 0 30 32768 0
malloc-512 512 0 64 9 0 30 32768 0
pcpu-64 64 486 26 486 0 254 32768 0
sctp_laddr 48 0 588 4 0 254 28224 0
malloc-32 32 297 585 403 0 254 28224 0
16 Bucket 144 50 146 254 0 62 28224 0
4 Bucket 48 5 583 6 0 254 28224 0
TURNSTILE 136 122 67 122 0 62 25704 0
PGRP 88 20 256 31 0 126 24288 0
ertt_txseginfo 40 0 606 274 0 254 24240 0
rl_entry 40 30 576 30 0 254 24240 0
PWD 40 10 596 100 0 254 24240 0
rtentry 168 13 131 17 0 62 24192 0
pipe 728 7 26 284 0 16 24024 0
Files 80 72 228 6565 0 126 24000 0
8 Bucket 80 43 257 265 0 126 24000 0
tcp_inpcb 1304 3 15 7 0 8 23472 0
malloc-384 384 1 59 2 0 30 23040 0
malloc-384 384 1 59 2 0 30 23040 0
Mountpoints 2816 2 6 2 0 4 22528 0
SLEEPQUEUE 88 122 134 122 0 126 22528 0
clpbuf 2624 0 8 25 0 4 20992 0
hostcache 64 1 314 1 0 254 20160 0
udp_inpcb ports 32 3 627 40 0 254 20160 0
ertt 72 3 277 7 0 126 20160 0
malloc-32 32 80 550 93 0 254 20160 0
malloc-32 32 70 560 669 0 254 20160 0
malloc-32 32 46 584 91 0 254 20160 0
malloc-32 32 65 565 873 0 254 20160 0
malloc-32 32 60 570 2986 0 254 20160 0
malloc-32 32 9 621 1071 0 254 20160 0
2 Bucket 32 43 587 288 0 254 20160 0
malloc-2048 2048 1 7 1 0 8 16384 0
malloc-2048 2048 2 6 2 0 8 16384 0
malloc-2048 2048 1 7 1 0 8 16384 0
malloc-1024 1024 2 14 2 0 16 16384 0
KNOTE 160 0 75 8 0 62 12000 0
malloc-16 16 10 740 123 0 254 12000 0
malloc-16 16 319 431 479 0 254 12000 0
malloc-16 16 13 737 30 0 254 12000 0
malloc-16 16 26 724 37 0 254 12000 0
malloc-16 16 205 545 4170 0 254 12000 0
malloc-16 16 14 736 26546 0 254 12000 0
malloc-16 16 14 736 63 0 254 12000 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 0 2 2 0 2 8192 0
malloc-4096 4096 0 2 1 0 2 8192 0
malloc-4096 4096 2 0 2 0 2 8192 0
pcpu-16 16 8 504 8 0 254 8192 0
vtnet_tx_hdr 24 1 333 2003 0 254 8016 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 344 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tcp_rack_pcb 1024 0 0 0 0 16 0 0
tcp_rack_map 128 0 0 0 0 126 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2264 0 0 0 0 254 0 0
sctp_ep 1176 0 0 0 0 254 0 0
ripcb ports 32 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
udplite_inpcb 424 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
netlink 2048 0 0 0 0 8 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIO 208 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
TMPFS node 232 0 0 0 0 62 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 104 0 0 0 0 126 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 16 0 0
nfspbuf 2624 0 0 0 0 4 0 0
swwbuf 2624 0 0 0 0 2 0 0
swrbuf 2624 0 0 0 0 4 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-384 384 0 0 0 0 30 0 0
malloc-384 384 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
HEAD commit: b1c66bc44af0 netinet tests: Add a test which connects a di..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=10f1b0e0a80000
dashboard link: https://syzkaller.appspot.com/bug?extid=81ccc423a2737ed031ac
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=132cc4c7280000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15238093280000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+81ccc4...@syzkaller.appspotmail.com
panic: in_pcblookup_hash_locked: invalid local address
cpuid = 1
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe006a408df0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe006a408f50
vpanic() at vpanic+0x252/frame 0xfffffe006a409030
panic() at panic+0xb5/frame 0xfffffe006a4090f0
in_pcblookup_hash_locked() at in_pcblookup_hash_locked+0x639/frame 0xfffffe006a409200
in_pcb_lport_dest() at in_pcb_lport_dest+0x475/frame 0xfffffe006a4092b0
in_pcbconnect_setup() at in_pcbconnect_setup+0x879/frame 0xfffffe006a409410
udp_send() at udp_send+0x1968/frame 0xfffffe006a409650
udp6_send() at udp6_send+0x613/frame 0xfffffe006a409940
sosend_dgram() at sosend_dgram+0x68b/frame 0xfffffe006a4099c0
sousrsend() at sousrsend+0x116/frame 0xfffffe006a409a50
kern_sendit() at kern_sendit+0x5a2/frame 0xfffffe006a409bc0
sendit() at sendit+0x157/frame 0xfffffe006a409c10
sys_sendto() at sys_sendto+0x181/frame 0xfffffe006a409d30
amd64_syscall() at amd64_syscall+0x423/frame 0xfffffe006a409f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe006a409f30
--- syscall (0, FreeBSD ELF64, syscall), rip = 0x2b3c7a, rsp = 0x820634a98, rbp = 0x820634ab0 ---
KDB: enter: panic
[ thread pid 779 tid 100088 ]
Stopped at kdb_enter+0x6e: movq $0,0x2133d57(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe00033eee30
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rdx 0xdffff7c000000000
rbx 0xffffffff826ba7e0 .str.26
rsp 0xfffffe006a408f30
rbp 0xfffffe006a408f50
rsi 0x1
rdi 0
r8 0
r9 0xffffffff
r10 0
r11 0xa5c37881
r9 0xffffffff
r10 0
r12 0xfffffe00589ef3a0
r13 0xfffffffffffffffd
r14 0xffffffff826ba7e0 .str.26
r15 0
rip 0xffffffff815bd33e kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x2133d57(%rip)
db> show proc
Process 779 (syz-executor8691725) at 0xfffffe00541f0000:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 777 at 0xfffffe006ccee020
uid: 0 gids: 0, 0, 5
ABI: FreeBSD ELF64
flag: 0x10004000 flag2: 0
arguments: ./syz-executor869172500
reaper: 0xfffffe00541f2040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00589fb000
(map 0xfffffe00589fb000)
(map.pmap 0xfffffe00589fb0c0)
(pmap 0xfffffe00589fb130)
threads: 1
100088 Run CPU 1 syz-executor8691725
db> ps
pid ppid pgrp uid state wmesg wchan cmd
779 777 777 0 R CPU 1 syz-executor8691725
pid ppid pgrp uid state wmesg wchan cmd
777 775 777 0 Ss pause 0xfffffe006ccee0d0 csh
775 688 775 0 Rs CPU 0 sshd
754 1 754 0 Ss+ ttyin 0xfffffe00576fb4b0 getty
753 1 753 0 Ss+ ttyin 0xfffffe00587d84b0 getty
752 1 752 0 Ss+ ttyin 0xfffffe00587d88b0 getty
751 1 751 0 Ss+ ttyin 0xfffffe005408b0b0 getty
750 1 750 0 Ss+ ttyin 0xfffffe00587d8cb0 getty
749 1 749 0 Ss+ ttyin 0xfffffe005408b4b0 getty
748 1 748 0 Ss+ ttyin 0xfffffe005408b8b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe00576f70b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00576f74b0 getty
744 1 18 0 S+ piperd 0xfffffe0058a07888 logger
743 742 18 0 S+ nanslp 0xffffffff836d2841 sleep
742 1 18 0 S+ wait 0xfffffe0058cb0020 sh
692 1 692 0 Ss nanslp 0xffffffff836d2840 cron
688 1 688 0 Ss select 0xfffffe000799e7c0 sshd
501 1 501 0 Ss select 0xfffffe000799d940 syslogd
430 1 430 0 Ss select 0xfffffe000799dc40 devd
429 1 429 65 Ss select 0xfffffe000799db40 dhclient
344 1 344 0 Ss select 0xfffffe000799dbc0 dhclient
341 1 341 0 Ss select 0xfffffe000799e8c0 dhclient
17 0 0 0 DL vlruwt 0xfffffe00542f5b00 [vnlru]
16 0 0 0 DL syncer 0xffffffff837d4d20 [syncer]
15 0 0 0 DL (threaded) [bufdaemon]
100079 D psleep 0xffffffff837d3340 [bufdaemon]
100082 D - 0xffffffff82c0a140 [bufspacedaemon-0]
100093 D sdflush 0xfffffe000795d8e8 [/ worker]
9 0 0 0 DL psleep 0xffffffff8380ac00 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff837feab8 [dom0]
100080 D launds 0xffffffff837feac4 [laundry: dom0]
100081 D umarcl 0xffffffff81d3da20 [uma]
7 0 0 0 DL - 0xffffffff83496e48 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff840393d0 [pf purge]
5 0 0 0 DL waiting 0xffffffff8434e1c0 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff83479340 [doneq0]
100045 D - 0xffffffff834792c0 [async]
100076 D - 0xffffffff83479140 [scanner]
14 0 0 0 DL seqstat 0xfffffe0057139c88 [sequencer 00]
3 0 0 0 DL (threaded) [crypto]
100040 D crypto_ 0xffffffff837fa360 [crypto]
100041 D crypto_ 0xfffffe00543d7030 [crypto returns 0]
100042 D crypto_ 0xfffffe00543d7080 [crypto returns 1]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff836a8640 [g_event]
100036 D - 0xffffffff836a8660 [g_up]
100037 D - 0xffffffff836a8680 [g_down]
2 0 0 0 WL (threaded) [clock]
100029 I [clock (0)]
100030 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100016 I [swi5: fast taskq]
100019 I [swi6: task queue]
100020 I [swi6: Giant taskq]
100031 I [swi1: netisr 0]
100032 I [swi1: hpts]
100033 I [swi1: hpts]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq33: virtio_pci2]
100060 I [irq34: virtio_pci2]
100061 I [irq35: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe00541f2040 [init]
100033 I [swi1: hpts]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq33: virtio_pci2]
100060 I [irq34: virtio_pci2]
100061 I [irq35: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
10 0 0 0 DL audit_w 0xffffffff837fada0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff836a9060 [swapper]
100005 D - 0xfffffe005409ae00 [if_io_tqg_0]
100006 D - 0xfffffe005409ad00 [if_io_tqg_1]
100007 D - 0xfffffe005409ac00 [if_config_tqg_0]
100008 D - 0xfffffe005409ab00 [softirq_0]
100009 D - 0xfffffe005409aa00 [softirq_1]
100010 D - 0xfffffe000799be00 [linuxkpi_irq_wq]
100011 D - 0xfffffe000799bd00 [thread taskq]
100012 D - 0xfffffe000799bc00 [inm_free taskq]
100013 D - 0xfffffe000799bb00 [aiod_kick taskq]
100014 D - 0xfffffe000799ba00 [deferred_unmount ta]
100015 D - 0xfffffe000799b900 [in6m_free taskq]
100017 D - 0xfffffe000799b700 [kqueue_ctx taskq]
100018 D - 0xfffffe000799b600 [pci_hp taskq]
100021 D - 0xfffffe000799b300 [linuxkpi_short_wq_0]
100022 D - 0xfffffe000799b300 [linuxkpi_short_wq_1]
100023 D - 0xfffffe000799b300 [linuxkpi_short_wq_2]
100024 D - 0xfffffe000799b300 [linuxkpi_short_wq_3]
100025 D - 0xfffffe000799b200 [linuxkpi_long_wq_0]
100026 D - 0xfffffe000799b200 [linuxkpi_long_wq_1]
100027 D - 0xfffffe000799b200 [linuxkpi_long_wq_2]
100028 D - 0xfffffe000799b200 [linuxkpi_long_wq_3]
100034 D - 0xfffffe005435b300 [firmware taskq]
100038 D - 0xfffffe005435a800 [crypto_0]
100039 D - 0xfffffe005435a800 [crypto_1]
100055 D - 0xfffffe0054359a00 [vtnet0 rxq 0]
100056 D - 0xfffffe0054359900 [vtnet0 txq 0]
100057 D - 0xfffffe0054359800 [vtnet0 rxq 1]
100058 D - 0xfffffe0054359700 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe005722be80 [virtio_balloon]
100066 D - 0xffffffff826bf720 [deadlkres]
100070 D - 0xfffffe0054359300 [acpi_task_0]
100071 D - 0xfffffe0054359300 [acpi_task_1]
100072 D - 0xfffffe0054359300 [acpi_task_2]
100073 D - 0xfffffe000799c100 [mca taskq]
100075 D - 0xfffffe005435a200 [CAM taskq]
db> show all locks
Process 779 (syz-executor8691725) thread 0xfffffe00589ef3a0 (100088)
exclusive sleep mutex udphash (udphash) r = 0 (0xfffffe0054049dc8) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1254
exclusive rw udpinp (udpinp) r = 0 (0xfffffe006cc331e0) locked @ /syzkaller/managers/main/kernel/sys/netinet/udp_usrreq.c:1098
Process 775 (sshd) thread 0xfffffe00589efac0 (100087)
exclusive sleep mutex sellck (sellck) r = 0 (0xfffffe000799daa0) locked @ /syzkaller/managers/main/kernel/sys/kern/sys_generic.c:1996
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 7 4801K 7
devbuf 4218 4324K 4243
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 7 4801K 7
sysctloid 34805 2051K 34876
vtbuf 24 1968K 46
kobj 326 1304K 488
newblk 804 1225K 816
vfscache 3 1025K 3
pcb 23 669K 42
inodedep 50 531K 71
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
acpica 1674 184K 57877
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 96 181K 836
tidhash 3 141K 3
vmem 3 134K 4
pagedep 14 132K 18
tfo_ccache 1 128K 1
IP reass 1 128K 1
linker 324 127K 353
IP reass 1 128K 1
vnet_data 1 112K 1
sem 4 106K 4
DEVFS1 105 105K 114
bus 988 81K 5135
mtx_pool 2 72K 2
NFSD srvcache 3 68K 3
syncache 1 68K 1
NFSD srvcache 3 68K 3
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
ddb_capture 1 64K 1
temp 19 53K 1603
hostcache 1 32K 1
shm 1 32K 1
kdtrace 155 32K 895
DEVFS3 124 31K 134
umtx 242 31K 242
msg 4 30K 4
kbdmux 6 28K 6
gtaskqueue 18 26K 18
DEVFS_RULE 56 20K 56
kbdmux 6 28K 6
gtaskqueue 18 26K 18
BPF 10 18K 10
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 97 16K 97
proc 3 17K 3
tty 16 16K 16
bus-sc 34 15K 1648
eventhandler 157 13K 157
KTRACE 100 13K 100
kenv 95 12K 95
ifaddr 30 12K 32
rman 88 11K 431
GEOM 61 11K 481
routetbl 50 11K 176
GEOM 61 11K 481
CAM queue 5 11K 1528
bmsafemap 4 9K 40
rpc 4 9K 4
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 1
UART 12 9K 12
devstat 4 9K 4
pfs_vncache 1 8K 1
shmfd 1 8K 1
audit_evclass 237 8K 297
taskqueue 63 7K 63
sglist 5 7K 5
CAM DEV 3 6K 510
cred 23 6K 234
CAM DEV 3 6K 510
pfs_nodes 20 5K 20
ufs_dirhash 24 5K 24
UMA 267 5K 267
dirrem 17 5K 28
plimit 17 5K 322
vt 11 5K 11
ifnet 3 5K 3
memdesc 1 4K 1
MCA 32 4K 32
filedesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
acpisem 28 4K 28
hhook 15 4K 17
ether_multi 40 4K 50
diradd 25 4K 36
lltable 11 4K 11
pf_ifnet 5 3K 6
in6_multi 25 3K 25
terminal 11 3K 11
session 20 3K 31
kqueue 40 3K 782
pwddesc 40 3K 780
clone 9 3K 9
uidinfo 3 3K 8
proc-args 62 3K 1720
local_apic 1 2K 1
io_apic 1 2K 1
fpukern_ctx 2 2K 2
ipsec-saq 2 2K 2
selfd 27 2K 12537
io_apic 1 2K 1
fpukern_ctx 2 2K 2
ipsec-saq 2 2K 2
Unitno 27 2K 41
CAM XPT 22 2K 543
lockf 15 2K 22
msi 12 2K 12
ipsecpolicy 2 2K 2
acpidev 20 2K 20
acpidev 20 2K 20
NFSD session 1 1K 1
softdep 1 1K 1
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 8
secasvar 1 1K 1
CAM periph 4 1K 271
select 7 1K 29
ipsec 3 1K 3
indirdep 3 1K 3
CC Mem 3 1K 7
nhops 6 1K 6
pfil 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
sctp_ifa 5 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
newdirblk 4 1K 8
mkdir 4 1K 16
in_multi 2 1K 4
cdev 2 1K 2
osd 8 1K 20
chacha20random 1 1K 1
biobuf 1 1K 1
inpcbpolicy 11 1K 140
sctp_ifn 2 1K 6
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFSP 4 1K 9
NFSD V4client 1 1K 1
DEVFS 9 1K 10
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 7
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
prison 6 1K 6
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
soname 5 1K 3424
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
cryptodev 2 1K 49
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
apmdev 1 1K 1
atkbddev 2 1K 2
netlink 1 1K 1
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
procdesc 1 1K 6
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
pmchooks 1 1K 1
filecaps 4 1K 66
tun 3 1K 3
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 35
vnet 1 1K 1
pmc 1 1K 1
acpiintr 1 1K 1
cpus 2 1K 2
freework 1 1K 26
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
tcp_do 0 0K 0
Per-cpu 1 1K 1
p1003.1b 1 1K 1
tcp_fsb 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_athm 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 4
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
filemon 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
mqdata 0 0K 0
esp 0 0K 0
ah 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
md_ddf_data 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
smartpqi 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
ixl 0 0K 0
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
newnfsmnt 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
xen_intr 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWdirectio 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
NEWNFSnode 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
NFSCL lck 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
iommu_dmamap 0 0K 0
NFSCL open 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
bxe_ilt 0 0K 0
NFSCL owner 0 0K 0
xenbus 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
vm_fictitious 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
msdosfs_mount 0 0K 0
UMAHash 0 0K 0
DEVFS4 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 15
jblocks 0 0K 0
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 2
jfsync 0 0K 0
jtrunc 0 0K 0
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefile 0 0K 9
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 25
freefrag 0 0K 1
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
scsi_pass 0 0K 0
ciss_data 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
scsi_pass 0 0K 0
ciss_data 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
ktls_ocf 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 3
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
BACKLIGHT 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
LRO 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
ip_msource 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
VN POLL 0 0K 0
ath_hal 0 0K 0
statfs 0 0K 195
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 3
cl_savebuf 0 0K 3
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
USBdev 0 0K 0
agp 0 0K 0
nvme_da 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 0
nvme_da 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
twsbuf 0 0K 0
aio 0 0K 0
lio 0 0K 0
acl 0 0K 0
midi buffers 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 0
ktls 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
PUC 0 0K 0
ppbusdev 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 13723
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
accf 0 0K 0
pts 0 0K 0
ioctlops 0 0K 86
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
MPRSAS 0 0K 0
SWAP 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sysctltmp 0 0K 650
stack 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
MPRSAS 0 0K 0
SWAP 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sysctl 0 0K 3
md_sectors 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
cache 0 0K 0
aacraidcam 0 0K 0
kcovinfo 0 0K 0
md_sectors 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
cache 0 0K 0
aacraidcam 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
Fail Points 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 15507 0 254 38494208 0
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf 256 8579 1083 18413 0 254 2473472 0
BUF TRIE 144 189 11627 529 0 62 1701504 0
malloc-384 384 4118 52 4118 0 30 1601280 0
malloc-128 128 11417 53 11430 0 126 1468160 0
malloc-4096 4096 333 1 1035 0 2 1368064 0
UMA Slabs 0 112 10569 9 10569 0 126 1184736 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
vmem btag 56 15336 111 15336 0 254 865032 0
FFS inode 1160 499 26 508 0 8 609000 0
pbuf 2624 0 202 0 0 2 530048 0
RADIX NODE 144 3321 174 20012 0 62 503280 0
socket 960 19 489 1320 0 254 487680 0
VM OBJECT 264 1411 119 24441 0 30 403920 0
malloc-65536 65536 6 0 6 0 1 393216 0
lkpimm 168 1 2327 1 0 62 391104 0
lkpicurr 168 2 2326 2 0 62 391104 0
256 Bucket 2048 119 19 959 0 8 282624 0
lkpimm 168 1 2327 1 0 62 391104 0
lkpicurr 168 2 2326 2 0 62 391104 0
malloc-64 64 3810 285 3842 0 254 262080 0
VNODE 448 529 47 540 0 30 258048 0
malloc-256 256 878 52 919 0 62 238080 0
malloc-16 16 14389 361 14493 0 254 236000 0
DEVCTL 1024 0 220 124 0 0 225280 0
THREAD 1824 114 7 114 0 8 220704 0
malloc-4096 4096 48 4 788 0 2 212992 0
malloc-128 128 1309 210 30393 0 126 194432 0
MAP ENTRY 96 1583 433 85320 0 126 193536 0
UMA Zones 768 239 0 239 0 16 183552 0
malloc-32 32 5255 415 5272 0 254 181440 0
malloc-2048 2048 8 64 1040 0 8 147456 0
FFS2 dinode 256 499 71 508 0 62 145920 0
malloc-65536 65536 0 2 126 0 1 131072 0
malloc-65536 65536 0 2 46 0 1 131072 0
malloc-1024 1024 111 17 120 0 16 131072 0
unpcb 256 7 503 1163 0 254 130560 0
mbuf_packet 256 0 508 97 0 254 130048 0
S VFS Cache 104 966 204 1009 0 126 121680 0
ksiginfo 112 37 1007 52 0 126 116928 0
FPU_save_area 832 116 19 128 0 16 112320 0
128 Bucket 1024 48 51 489 0 16 101376 0
malloc-128 128 606 169 761 0 126 99200 0
malloc-32768 32768 3 0 3 0 1 98304 0
UMA Kegs 384 226 7 226 0 30 89472 0
malloc-8192 8192 8 2 135 0 1 81920 0
PROC 1376 39 16 779 0 8 75680 0
malloc-4096 4096 15 3 221 0 2 73728 0
g_bio 408 0 180 4485 0 30 73440 0
malloc-64 64 501 570 935 0 254 68544 0
malloc-64 64 533 538 15037 0 254 68544 0
malloc-128 128 294 233 364 0 126 67456 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-16384 16384 2 2 162 0 1 65536 0
filedesc0 1072 40 16 780 0 8 60032 0
cpuset 104 7 551 7 0 126 58032 0
malloc-128 128 260 143 772 0 126 51584 0
malloc-256 256 128 67 141 0 62 49920 0
malloc-256 256 89 106 724 0 62 49920 0
malloc-256 256 133 62 422 0 62 49920 0
32 Bucket 256 54 141 10687 0 62 49920 0
DIRHASH 1024 35 13 35 0 16 49152 0
NAMEI 1024 0 48 12179 0 16 49152 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-16384 16384 2 1 12 0 1 49152 0
malloc-8192 8192 6 0 6 0 1 49152 0
malloc-8192 8192 6 0 6 0 1 49152 0
malloc-1024 1024 8 40 704 0 16 49152 0
malloc-1024 1024 28 20 52 0 16 49152 0
malloc-384 384 78 42 79 0 30 46080 0
syncache 168 0 264 5 0 254 44352 0
udp_inpcb 424 7 83 129 0 30 38160 0
da_ccb 544 0 70 1251 0 16 38080 0
pcpu-8 8 4271 337 4299 0 254 36864 0
64 Bucket 512 64 8 1700 0 30 36864 0
malloc-64 64 121 446 143 0 254 36288 0
malloc-64 64 90 477 13939 0 254 36288 0
malloc-64 64 45 522 83 0 254 36288 0
malloc-64 64 247 320 997 0 254 36288 0
malloc-64 64 46 521 800 0 254 36288 0
malloc-128 128 136 143 618 0 126 35712 0
malloc-128 128 41 238 88 0 126 35712 0
malloc-128 128 45 234 328 0 126 35712 0
routing nhops 256 10 125 17 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 53 37 395 0 30 34560 0
malloc-384 384 72 18 124 0 30 34560 0
malloc-256 256 4 131 9 0 62 34560 0
malloc-256 256 84 51 1015 0 62 34560 0
malloc-256 256 56 79 645 0 62 34560 0
malloc-256 256 33 102 81 0 62 34560 0
malloc-2048 2048 4 12 67 0 8 32768 0
malloc-2048 2048 3 13 12 0 8 32768 0
malloc-2048 2048 6 10 197 0 8 32768 0
malloc-2048 2048 4 12 28 0 8 32768 0
malloc-1024 1024 0 32 3 0 16 32768 0
malloc-1024 1024 5 27 5 0 16 32768 0
malloc-1024 1024 9 23 10 0 16 32768 0
malloc-1024 1024 8 24 876 0 16 32768 0
malloc-512 512 2 62 8 0 30 32768 0
malloc-512 512 11 53 178 0 30 32768 0
malloc-512 512 3 61 4 0 30 32768 0
malloc-512 512 4 60 4 0 30 32768 0
malloc-512 512 0 64 9 0 30 32768 0
pcpu-64 64 486 26 486 0 254 32768 0
ttyinq 160 135 65 300 0 62 32000 0
VMSPACE 520 23 37 764 0 16 31200 0
sctp_laddr 48 0 588 4 0 254 28224 0
malloc-32 32 297 585 403 0 254 28224 0
16 Bucket 144 50 146 254 0 62 28224 0
4 Bucket 48 5 583 6 0 254 28224 0
TURNSTILE 136 122 67 122 0 62 25704 0
malloc-8192 8192 3 0 3 0 1 24576 0
malloc-4096 4096 4 2 81 0 2 24576 0
PGRP 88 20 256 31 0 126 24288 0
ertt_txseginfo 40 0 606 274 0 254 24240 0
rl_entry 40 30 576 30 0 254 24240 0
PWD 40 10 596 100 0 254 24240 0
rtentry 168 13 131 17 0 62 24192 0
pipe 728 7 26 284 0 16 24024 0
Files 80 72 228 6565 0 126 24000 0
8 Bucket 80 43 257 265 0 126 24000 0
tcp_inpcb 1304 3 15 7 0 8 23472 0
malloc-384 384 1 59 2 0 30 23040 0
malloc-384 384 1 59 2 0 30 23040 0
Mountpoints 2816 2 6 2 0 4 22528 0
SLEEPQUEUE 88 122 134 122 0 126 22528 0
clpbuf 2624 0 8 25 0 4 20992 0
hostcache 64 1 314 1 0 254 20160 0
udp_inpcb ports 32 3 627 40 0 254 20160 0
ertt 72 3 277 7 0 126 20160 0
malloc-32 32 80 550 93 0 254 20160 0
malloc-32 32 70 560 669 0 254 20160 0
malloc-32 32 46 584 91 0 254 20160 0
malloc-32 32 65 565 873 0 254 20160 0
malloc-32 32 60 570 2986 0 254 20160 0
malloc-32 32 9 621 1071 0 254 20160 0
2 Bucket 32 43 587 288 0 254 20160 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 1 1 3 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-2048 2048 1 7 1 0 8 16384 0
malloc-2048 2048 2 6 2 0 8 16384 0
malloc-2048 2048 1 7 1 0 8 16384 0
malloc-1024 1024 2 14 2 0 16 16384 0
malloc-512 512 0 32 1 0 30 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
kenv 258 15 45 1034 0 30 15480 0
SMR CPU 32 7 504 7 0 254 16352 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
ripcb 392 1 35 4 0 30 14112 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
tcp_inpcb ports 32 1 377 1 0 254 12096 0
KNOTE 160 0 75 8 0 62 12000 0
malloc-16 16 10 740 123 0 254 12000 0
malloc-16 16 319 431 479 0 254 12000 0
malloc-16 16 13 737 30 0 254 12000 0
malloc-16 16 26 724 37 0 254 12000 0
malloc-16 16 205 545 4170 0 254 12000 0
malloc-16 16 14 736 26546 0 254 12000 0
malloc-16 16 14 736 63 0 254 12000 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 0 2 2 0 2 8192 0
malloc-4096 4096 0 2 1 0 2 8192 0
malloc-4096 4096 2 0 2 0 2 8192 0
pcpu-16 16 8 504 8 0 254 8192 0
vtnet_tx_hdr 24 1 333 2003 0 254 8016 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 344 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tcp_rack_pcb 1024 0 0 0 0 16 0 0
tcp_rack_map 128 0 0 0 0 126 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2264 0 0 0 0 254 0 0
sctp_ep 1176 0 0 0 0 254 0 0
ripcb ports 32 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
udplite_inpcb 424 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
netlink 2048 0 0 0 0 8 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIO 208 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
TMPFS node 232 0 0 0 0 62 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 104 0 0 0 0 126 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 16 0 0
nfspbuf 2624 0 0 0 0 4 0 0
swwbuf 2624 0 0 0 0 2 0 0
swrbuf 2624 0 0 0 0 4 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-384 384 0 0 0 0 30 0 0
malloc-384 384 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
Reply all
Reply to author
Forward
0 new messages