Fatal trap 9: general protection fault in sctp_ss_fb_clear
0 views
Skip to first unread message
syzbot
May 19, 2021, 7:56:19 AM5/19/21
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: fc0dc940 nfsd: Reduce the callback timeout to 800msec
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=12d8ad0dd00000
dashboard link: https://syzkaller.appspot.com/bug?extid=dec8fdf66e4b26e593c7
userspace arch: i386
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dec8fd...@syzkaller.appspotmail.com
Fatal trap 9: general protection fault while in kernel mode
cpuid = 1; apic id = 01
instruction pointer = 0x20:0xffffffff8308db82
stack pointer = 0x0:0xfffffe005172f850
frame pointer = 0x0:0xfffffe005172f890
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 31570 (syz-executor.1)
trap number = 9
panic: general protection fault
cpuid = 1
time = 465
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe005172f520
vpanic() at vpanic+0x1c7/frame 0xfffffe005172f580
panic() at panic+0x43/frame 0xfffffe005172f5e0
trap_fatal() at trap_fatal+0x4cd/frame 0xfffffe005172f660
trap() at trap+0xf7/frame 0xfffffe005172f780
calltrap() at calltrap+0x8/frame 0xfffffe005172f780
--- trap 0x9, rip = 0xffffffff8308db82, rsp = 0xfffffe005172f850, rbp = 0xfffffe005172f890 ---
sctp_ss_fb_clear() at sctp_ss_fb_clear+0xa2/frame 0xfffffe005172f890
sctp_setopt() at sctp_setopt+0x4043/frame 0xfffffe005172f920
sctp_ctloutput() at sctp_ctloutput+0x22c/frame 0xfffffe005172f980
sosetopt() at sosetopt+0x101/frame 0xfffffe005172fa00
kern_setsockopt() at kern_setsockopt+0x150/frame 0xfffffe005172fa80
sys_setsockopt() at sys_setsockopt+0x33/frame 0xfffffe005172fab0
ia32_syscall() at ia32_syscall+0x237/frame 0xfffffe005172fbf0
int0x80_syscall_common() at int0x80_syscall_common+0x9c/frame 0xfbfdbf78
KDB: enter: panic
[ thread pid 31570 tid 134071 ]
Stopped at kdb_enter+0x67: movq $0,0x163948e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0xfffffe009b800000
rdx 0x3ffff
rbx 0
rsp 0xfffffe005172f500
rbp 0xfffffe005172f520
rsi 0x40001
rdi 0xffffffff81138986 vprintf+0x176
r8 0
r9 0x8080808080808080
r10 0xfffffe005172f3f0
r11 0x1ffaefff59c
r12 0xffffffff82267b80 ddb_dbbe
r13 0
r14 0xffffffff81a72b5d
r15 0xffffffff81a72b5d
rip 0xffffffff8112f977 kdb_enter+0x67
rflags 0x200086 kernload+0x86
kdb_enter+0x67: movq $0,0x163948e(%rip)
db> show proc
Process 31570 (syz-executor.1) at 0xfffff80042bf8a70:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 786 at 0xfffff80015d7a000
ABI: FreeBSD ELF32
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.1
reaper: 0xfffff80004bc7538 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe009f6013e0
(map 0xfffffe009f6013e0)
(map.pmap 0xfffffe009f6014a0)
(pmap 0xfffffe009f601500)
threads: 3
125576 RunQ syz-executor.1
134070 S uwait 0xfffff8000ebd7100 syz-executor.1
134071 Run CPU 1 syz-executor.1
db> ps
pid ppid pgrp uid state wmesg wchan cmd
31576 785 785 0 R (threaded) syz-executor.0
125605 Run CPU 0 syz-executor.0
134079 RunQ syz-executor.0
31570 786 786 0 R (threaded) syz-executor.1
125576 RunQ syz-executor.1
134070 S uwait 0xfffff8000ebd7100 syz-executor.1
134071 Run CPU 1 syz-executor.1
23932 23926 785 0 SV uwait 0xfffff80030fa9300 syz-executor.0
23926 1 785 0 DV ppwait 0xfffff8000e271a20 syz-executor.0
23587 1 787 0 S uwait 0xfffff8000e1d2700 syz-executor.2
23584 1 787 0 S uwait 0xfffff8000e053900 syz-executor.2
22800 22799 806 0 SV uwait 0xfffff80030fd9f00 syz-executor.3
22799 1 806 0 DV ppwait 0xfffff8000e1374e8 syz-executor.3
21408 1 21408 0 S uwait 0xfffff8000e1d2500 syz-executor.0
21406 1 21406 0 S uwait 0xfffff80026e41500 syz-executor.0
18663 1 787 0 S uwait 0xfffff8000e053f00 syz-executor.2
18662 1 787 0 S uwait 0xfffff80030b4fb00 syz-executor.2
18537 1 785 0 S uwait 0xfffff80030fd9d00 syz-executor.0
18534 1 785 0 S uwait 0xfffff8000e053500 syz-executor.0
15306 1 806 0 S uwait 0xfffff80026e39d00 syz-executor.3
15305 1 806 0 S umtxn 0xfffff80030b4fd00 syz-executor.3
15298 1 806 0 S uwait 0xfffff80026e55100 syz-executor.3
15297 1 806 0 S uwait 0xfffff8000e053700 syz-executor.3
14338 1 786 0 S uwait 0xfffff8000e053b00 syz-executor.1
14336 1 786 0 S uwait 0xfffff80030fd9300 syz-executor.1
13234 13231 787 0 SV uwait 0xfffff80015da4100 syz-executor.2
13231 1 787 0 DV ppwait 0xfffff800309eea20 syz-executor.2
10113 1 787 0 S uwait 0xfffff8000e073b00 syz-executor.2
10111 1 787 0 S uwait 0xfffff80030b4ff00 syz-executor.2
8923 1 785 0 S uwait 0xfffff80030fa9900 syz-executor.0
8921 1 785 0 S uwait 0xfffff8000e073f00 syz-executor.0
8121 1 786 0 S uwait 0xfffff80015da4300 syz-executor.1
8119 1 786 0 S uwait 0xfffff80030fa9500 syz-executor.1
8041 1 786 0 S uwait 0xfffff8000e053d00 syz-executor.1
8038 1 786 0 S uwait 0xfffff80030288d00 syz-executor.1
8013 8012 786 0 SV uwait 0xfffff80030a70d00 syz-executor.1
8012 1 786 0 DV ppwait 0xfffff80030ab2f58 syz-executor.1
7978 1 786 0 S uwait 0xfffff80030b4f900 syz-executor.1
7906 1 785 0 S uwait 0xfffff80030b4f500 syz-executor.0
7905 1 785 0 S uwait 0xfffff80030fa9b00 syz-executor.0
7567 1 7567 65 Ss select 0xfffff8000e0c05c0 dhclient
7266 1 786 0 S uwait 0xfffff80026de0900 syz-executor.1
7265 1 786 0 S uwait 0xfffff80026e41700 syz-executor.1
7227 1 806 0 S uwait 0xfffff80030fa9100 syz-executor.3
7226 1 806 0 S uwait 0xfffff80030a70900 syz-executor.3
7173 1 806 0 S uwait 0xfffff80015dded00 syz-executor.3
7171 1 806 0 S uwait 0xfffff80026e55b00 syz-executor.3
6986 6985 806 0 SV uwait 0xfffff80026de0300 syz-executor.3
6985 1 806 0 DV ppwait 0xfffff80026c0aa20 syz-executor.3
6888 1 785 0 S uwait 0xfffff80026e41100 syz-executor.0
6886 1 785 0 S uwait 0xfffff80015ddcf00 syz-executor.0
6884 1 785 0 S uwait 0xfffff80026e39500 syz-executor.0
6882 1 785 0 S uwait 0xfffff80030a70700 syz-executor.0
6337 0 0 0 DL (threaded) [zfskern]
101035 D t->zthr 0xfffff80030ee5548 [arc_evict]
106131 D t->zthr 0xfffff80030ee5348 [arc_reap]
106132 D - 0xfffff80030488100 [dbu_evict]
106133 D dbuf_ev 0xffffffff839c3fd8 [dbuf_evict_thread]
106134 D - 0xfffff80030457d00 [z_vdev_file_0]
106135 D - 0xfffff80030457d00 [z_vdev_file_1]
106136 D - 0xfffff80030457d00 [z_vdev_file_2]
106137 D - 0xfffff80030457d00 [z_vdev_file_3]
106138 D - 0xfffff80030457d00 [z_vdev_file_4]
106139 D - 0xfffff80030457d00 [z_vdev_file_5]
106140 D - 0xfffff80030457d00 [z_vdev_file_6]
106141 D - 0xfffff80030457d00 [z_vdev_file_7]
106142 D - 0xfffff80030457d00 [z_vdev_file_8]
106143 D - 0xfffff80030457d00 [z_vdev_file_9]
106144 D - 0xfffff80030457d00 [z_vdev_file_10]
106145 D - 0xfffff80030457d00 [z_vdev_file_11]
106146 D - 0xfffff80030457d00 [z_vdev_file_12]
106147 D - 0xfffff80030457d00 [z_vdev_file_13]
106148 D - 0xfffff80030457d00 [z_vdev_file_14]
106149 D - 0xfffff80030457d00 [z_vdev_file_15]
106150 D l2arc_f 0xffffffff839829b8 [l2arc_feed_thread]
106151 D - 0xfffff80030457900 [zfsvfs]
106152 S zevent_ 0xffffffff839c4560 [sysevent]
5453 1 5453 0 Ss select 0xfffff80026361740 dhclient
5450 1 5450 0 Ss select 0xfffff8003076ea40 dhclient
5431 1 5431 65 Ss select 0xfffff800308a7740 dhclient
4673 1 4673 0 Ss select 0xfffff800308598c0 dhclient
4670 1 4670 0 Ss select 0xfffff80030859ec0 dhclient
4651 1 4651 65 Ss select 0xfffff800308342c0 dhclient
4211 1 786 0 S uwait 0xfffff80015d99100 syz-executor.1
4210 1 786 0 S uwait 0xfffff80026de0700 syz-executor.1
4194 1 786 0 SV uwait 0xfffff80026e55f00 syz-executor.1
4186 1 786 0 SV uwait 0xfffff80015d99300 syz-executor.1
4020 1 4020 0 Ss select 0xfffff80026c2aa40 dhclient
4017 1 4017 0 Ss select 0xfffff80030726d40 dhclient
3998 1 3998 65 Ss select 0xfffff8003025da40 dhclient
3868 1 787 0 S uwait 0xfffff80026de0b00 syz-executor.2
3863 1 787 0 S uwait 0xfffff80026e35f00 syz-executor.2
3858 1 787 0 S uwait 0xfffff80026e39100 syz-executor.2
2103 1 806 0 S uwait 0xfffff80015d99f00 syz-executor.3
2096 1 806 0 S uwait 0xfffff80015ddcb00 syz-executor.3
1291 1 1291 0 Ss select 0xfffff80026eb8ec0 dhclient
1285 1 1285 0 Ss select 0xfffff80026b60bc0 dhclient
806 780 806 0 Rs syz-executor.3
787 780 787 0 Rs syz-executor.2
786 780 786 0 Rs syz-executor.1
785 780 785 0 Rs syz-executor.0
780 778 778 0 S (threaded) syz-fuzzer
100106 S uwait 0xfffff80015de0100 syz-fuzzer
100118 S uwait 0xfffff80015de5500 syz-fuzzer
100119 S uwait 0xfffff80015de5900 syz-fuzzer
100120 S kqread 0xfffff80015de3100 syz-fuzzer
100121 S uwait 0xfffff80015da4b00 syz-fuzzer
100122 S uwait 0xfffff80015dde500 syz-fuzzer
100123 S uwait 0xfffff80015de0d00 syz-fuzzer
100124 S uwait 0xfffff80015de0f00 syz-fuzzer
100125 S uwait 0xfffff80015de5300 syz-fuzzer
778 776 778 0 Ss pause 0xfffff800264fe0b0 csh
776 694 776 0 Ss select 0xfffff800262ff740 sshd
760 1 760 0 Ss+ ttyin 0xfffff80015465cb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80015a944b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80015a94cb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80015a974b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80015a97cb0 getty
755 1 755 0 Ss+ ttyin 0xfffff80015a9c4b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80015a9ccb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80015a9f4b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80015a9fcb0 getty
698 1 698 0 Ss nanslp 0xffffffff8273c560 cron
694 1 694 0 Ss select 0xfffff80026361d40 sshd
507 1 507 0 Ss select 0xfffff800263615c0 syslogd
436 1 436 0 Ss select 0xfffff80015e4d740 devd
435 1 435 65 Ss select 0xfffff80015d9a740 dhclient
350 1 350 0 Ss select 0xfffff80015f2b740 dhclient
347 1 347 0 Ss select 0xfffff80015f2b140 dhclient
23 0 0 0 DL vlruwt 0xfffff80015af6000 [vnlru]
22 0 0 0 DL syncer 0xffffffff8282b9d0 [syncer]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282aa80 [bufdaemon]
100086 D - 0xffffffff8220ae80 [bufspacedaemon-0]
100096 D sdflush 0xfffff80004dfc4e8 [/ worker]
20 0 0 0 DL psleep 0xffffffff828528c8 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82846d38 [dom0]
100087 D launds 0xffffffff82846d44 [laundry: dom0]
100088 D umarcl 0xffffffff815cb3c0 [uma]
18 0 0 0 DL - 0xffffffff82570908 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff830d8828 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff82e3e3c0 [pf purge]
15 0 0 0 DL - 0xffffffff828280dc [soaiod4]
9 0 0 0 DL - 0xffffffff828280dc [soaiod3]
8 0 0 0 DL - 0xffffffff828280dc [soaiod2]
7 0 0 0 DL - 0xffffffff828280dc [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82447dc0 [doneq0]
100045 D - 0xffffffff82447d40 [async]
100078 D - 0xffffffff82447c10 [scanner]
14 0 0 0 DL seqstat 0xfffff80004dcbc88 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffff80004d99d80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff80004d99d30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff82844220 [crypto]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff8271bda0 [g_event]
100036 D - 0xffffffff8271bda8 [g_up]
100037 D - 0xffffffff8271bdb0 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100028 D - 0xfffff80004c39d00 [thr_0]
100029 D - 0xfffff80004c39d80 [thr_1]
12 0 0 0 WL (threaded) [intr]
100012 I [swi5: fast taskq]
100015 I [swi6: task queue]
100017 I [swi6: Giant taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 I [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff80004bc7538 [init]
10 0 0 0 DL audit_w 0xffffffff82844730 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8271c330 [swapper]
100005 D - 0xfffff80004c63d00 [if_config_tqg_0]
100006 D - 0xfffff80004c63900 [softirq_0]
100007 D - 0xfffff80004c63500 [softirq_1]
100008 D - 0xfffff80004c63100 [if_io_tqg_0]
100009 D - 0xfffff80004c61d00 [if_io_tqg_1]
100010 D - 0xfffff80004c5fd00 [in6m_free taskq]
100011 D - 0xfffff80004c5f900 [aiod_kick taskq]
100013 D - 0xfffff80004c5f100 [kqueue_ctx taskq]
100014 D - 0xfffff80004c58d00 [pci_hp taskq]
100016 D - 0xfffff80004c58500 [inm_free taskq]
100018 D - 0xfffff80004c53d00 [linuxkpi_irq_wq]
100019 D - 0xfffff80004c53900 [thread taskq]
100020 D - 0xfffff80004c53500 [linuxkpi_short_wq_0]
100021 D - 0xfffff80004c53500 [linuxkpi_short_wq_1]
100022 D - 0xfffff80004c53500 [linuxkpi_short_wq_2]
100023 D - 0xfffff80004c53500 [linuxkpi_short_wq_3]
100024 D - 0xfffff80004c53100 [linuxkpi_long_wq_0]
100025 D - 0xfffff80004c53100 [linuxkpi_long_wq_1]
100026 D - 0xfffff80004c53100 [linuxkpi_long_wq_2]
100027 D - 0xfffff80004c53100 [linuxkpi_long_wq_3]
100034 D - 0xfffff80004c39900 [firmware taskq]
100038 D - 0xfffff80004c39500 [crypto_0]
100039 D - 0xfffff80004c39500 [crypto_1]
100055 D - 0xfffff800153dc900 [vtnet0 rxq 0]
100056 D - 0xfffff800153dc500 [vtnet0 txq 0]
100057 D - 0xfffff800153dc100 [vtnet0 rxq 1]
100058 D - 0xfffff800153c6d00 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80015429500 [virtio_balloon]
100064 D - 0xfffff800153c6900 [mca taskq]
100066 D - 0xffffffff81e1f3f0 [deadlkres]
100074 D - 0xfffff80015a2d900 [acpi_task_0]
100075 D - 0xfffff80015a2d900 [acpi_task_1]
100076 D - 0xfffff80015a2d900 [acpi_task_2]
100077 D - 0xfffff80004c39100 [CAM taskq]
106125 D - 0xfffff800301a1500 [system_taskq_0]
106126 D - 0xfffff800301a1500 [system_taskq_1]
106127 D - 0xfffff80030474100 [system_delay_taskq_]
106128 D - 0xfffff80030474100 [system_delay_taskq_]
106129 D - 0xfffff800303c8100 [arc_prune_0]
106130 D - 0xfffff800303c8100 [arc_prune_1]
db> show all locks
Process 31576 (syz-executor.0) thread 0xfffffe009507ce40 (125605)
exclusive sleep mutex umtxql (umtxql) r = 0 (0xffffffff8275b2b0) locked @ /syzkaller/managers/i386/kernel/sys/kern/kern_umtx.c:511
Process 31570 (syz-executor.1) thread 0xfffffe009f6be560 (134071)
exclusive sleep mutex sctp-send-tcb (tcbs) r = 0 (0xfffffe009e6e13a0) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_usrreq.c:4059
exclusive sleep mutex sctp-tcb (tcb) r = 0 (0xfffffe009e6e1380) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_usrreq.c:4057
db> show malloc
Type InUse MemUse Requests
pcb 6326 28955K 52720
sysctloid 46272 17352K 46339
sctp_stro 3150 12308K 10997
pf_hash 5 11560K 5
devbuf 4216 6982K 4245
sctp_atcl 6299 6299K 36896
linker 368 5875K 505
solaris 148 4440K 218
sctp_atky 9461 3549K 48665
tcp_hpts 5 3219K 5
kobj 328 2624K 488
sctp_map 6300 2363K 21428
sctp_athm 6299 2363K 37012
vtbuf 24 2064K 46
filedesc 122 1959K 61201
inodedep 708 1227K 30712
subproc 252 1064K 31736
newblk 9 1036K 31163
vfscache 3 1035K 3
acpica 1674 649K 55230
callout 2 528K 2
ufs_quota 1 520K 1
vfs_hash 1 520K 1
intr 4 480K 4
bus 990 378K 3499
dirrem 699 350K 30592
BPF 46 337K 46
kdtrace 357 285K 65657
freefile 699 263K 30561
umtx 528 231K 528
DEVFS1 108 216K 125
module 516 194K 516
vnet_data 1 176K 1
tidhash 3 164K 3
pagedep 9 140K 30556
UMA 365 137K 365
tfo_ccache 1 136K 1
sem 4 120K 4
vmem 3 112K 7
audit_evclass 236 89K 294
mtx_pool 2 80K 2
temp 35 77K 6699
syncache 1 76K 1
routetbl 137 73K 433
msg 4 68K 4
cred 67 67K 634
ifaddr 71 67K 73
acpitask 1 64K 1
ddb_capture 1 64K 1
DEVFS3 127 64K 137
sctp_timw 122 61K 122
ether_multi 157 59K 167
gtaskqueue 18 57K 18
pf_rule 14 56K 39
DEVFS_RULE 56 54K 56
kqueue 118 52K 31676
kenv 95 52K 95
eventhandler 136 51K 136
taskqueue 78 47K 78
lltable 52 46K 161
pwddesc 116 44K 31579
ithread 99 43K 99
rman 84 42K 425
KTRACE 100 38K 100
kstat_data 17 34K 17
proc 3 34K 3
ufs_mount 5 34K 6
bus-sc 33 34K 1710
DEVFSP 89 34K 16916
devstat 4 33K 4
hostcache 1 32K 1
tty 16 32K 16
shm 1 32K 27
in6_multi 71 31K 71
GEOM 60 29K 493
kbdmux 6 28K 6
ifnet 7 25K 7
plimit 24 24K 459
kcovinfo 64 24K 68
pf_osfp 62 24K 62
ksem 4 21K 2767
CAM queue 5 21K 1528
selfd 55 21K 424385
pfs_nodes 20 20K 20
proc-args 52 20K 678
session 36 18K 73
UART 12 18K 12
osd 44 17K 3347
bmsafemap 2 17K 30676
rpc 2 16K 2
shmfd 1 16K 98
pfs_vncache 1 16K 1
ufs_dirhash 24 14K 24
sglist 5 13K 5
lockf 34 13K 140
MCA 32 12K 32
CAM DEV 3 12K 510
vt 11 11K 11
acpisem 28 11K 28
Unitno 28 11K 59
CAM XPT 22 11K 543
inpcbpolicy 26 10K 5615
uidinfo 3 9K 58
pf_ifnet 10 9K 19
memdesc 1 8K 1
ipsec-saq 2 8K 2
evdev 4 8K 4
acpidev 20 8K 20
hhook 15 8K 17
select 19 8K 93
mount 16 7K 90
fpukern_ctx 3 6K 3
terminal 11 6K 11
sctp_ifa 14 6K 15
ip6ndp 12 6K 15
ipsecpolicy 2 5K 2
encap_export_host 12 5K 12
clone 9 5K 9
xform 11 5K 22254
local_apic 1 4K 1
io_apic 1 4K 1
sahead 1 4K 1
secasvar 1 4K 1
nhops 6 4K 8
pci_link 10 4K 10
msi 9 4K 9
DEVFS 9 4K 10
tun 7 4K 7
ipsec 3 3K 3
mkdir 8 3K 61066
in_multi 6 3K 8
vnodemarker 3 3K 153
prison 8 3K 8
nexusdev 7 3K 7
feeder 7 3K 7
procdesc 5 3K 18
freework 5 3K 30531
sctp_ifn 6 3K 15
mld 6 3K 6
igmp 6 3K 6
toponodes 6 3K 6
isadev 6 3K 6
sctp_socko 1 2K 25048
softdep 1 2K 1
freeblks 4 2K 30518
NFSD session 1 2K 1
linux 5 2K 6
CAM periph 4 2K 271
filecaps 5 2K 116
crypto 4 2K 3880
newdirblk 4 2K 30533
diradd 4 2K 30631
pfil 4 2K 4
CAM path 4 2K 1034
soname 4 2K 30395
tcpfunc 3 2K 3
loginclass 3 2K 10
ip6opt 2 1K 57
chacha20random 1 1K 1
vnodes 1 1K 2
CAM SIM 2 1K 2
ktls 1 1K 1
cdev 2 1K 2
taskq 2 1K 2
aesni_data 2 1K 2
cpus 2 1K 2
atkbddev 2 1K 2
CAM dev queue 2 1K 2
entropy 2 1K 43
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
pmchooks 1 1K 1
sctp_vrf 1 1K 1
apmdev 1 1K 1
CAM I/O Scheduler 1 1K 1
ip_msource 1 1K 1
vnet_data_free 1 1K 1
vnet 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
acpiintr 1 1K 1
pmc 1 1K 1
sfs_nodes 0 0K 0
zones_data 0 0K 0
sctp_mcore 0 0K 0
sctp_iter 0 0K 24
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 14
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 10
sctp_aadr 0 0K 0
sctp_stri 0 0K 1114
mqdata 0 0K 0
cdg data 0 0K 44
tcp_do 0 0K 0
tcp_fsb 0 0K 840
chd data 0 0K 31
cubic data 0 0K 0
htcp data 0 0K 0
vegas data 0 0K 0
dctcp data 0 0K 30
pf_table 0 0K 0
pf_altq 0 0K 0
pf_temp 0 0K 0
NFSD V4lock 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
axgbe 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
amr 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
vm_fictitious 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
agp 0 0K 0
nvme_da 0 0K 0
UMAHash 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 20585
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 74
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 7
allocindir 0 0K 0
indirdep 0 0K 19
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
twsbuf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 2
ip_moptions 0 0K 6
in_mfilter 0 0K 3
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
twa_commands 0 0K 0
statfs 0 0K 30900
namei_tracker 0 0K 4
export_host 0 0K 0
cl_savebuf 0 0K 5
tcp_log_dev 0 0K 1079
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 3401
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 123
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 32348
ioctlops 0 0K 5996
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 748
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 13
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8472 832 998532 0 254 38109184 0
malloc-8192 8192 3152 498 25140 0 1 29900800 0
malloc-384 384 62607 2503 165383 0 30 25002240 0
sctp_asoc 2288 3150 505 10714 0 254 8362640 0
malloc-1024 1024 6495 1001 38959 0 16 7675904 0
malloc-2048 2048 3155 499 11227 0 8 7483392 0
sctp_ep 1280 3149 502 25137 0 254 4673280 0
malloc-1024 1024 4196 12 4919 0 16 4308992 0
malloc-1024 1024 780 2908 30858 0 16 3776512 0
malloc-1024 1024 3181 499 25247 0 16 3768320 0
mbuf 256 13089 1356 1744072 0 254 3697920 0
malloc-384 384 8028 1012 119476 0 30 3471360 0
malloc-1024 1024 2 3126 20607 0 16 3203072 0
malloc-8192 8192 329 2 1882 0 1 2711552 0
sctp_raddr 736 3151 512 15829 0 254 2695968 0
pbuf 2624 0 989 0 0 2 2595136 0
UMA Slabs 0 112 22625 16 22625 0 126 2535792 0
malloc-32768 32768 63 6 30747 0 1 2260992 0
malloc-384 384 2758 2922 244437 0 30 2181120 0
tcp_log 416 2608 2405 36778 0 254 2085408 0
RADIX NODE 144 13928 377 699086 0 64 2059920 0
mbuf_cluster 2048 960 2 960 0 254 1970176 0
BUF TRIE 144 210 13258 1596 0 62 1939392 0
malloc-512 512 769 2911 92640 0 30 1884160 0
malloc-8192 8192 126 6 31615 0 1 1081344 0
FFS inode 1160 545 29 31109 0 8 665840 0
tcp_bbr_map 128 2159 2305 33104 0 126 571392 0
VM OBJECT 264 1971 84 447515 0 30 542520 0
sctp_laddr 48 10968 36 14577 0 254 528192 0
sctp_chunk 152 2467 939 9178 0 254 517712 0
THREAD 1808 240 24 34079 0 8 477312 0
MAP ENTRY 96 4160 376 1695992 0 126 435456 0
vmem btag 56 7631 61 7631 0 254 430752 0
malloc-16384 16384 26 0 30 0 1 425984 0
malloc-384 384 1013 67 26269 0 30 414720 0
lkpicurr 160 2 2348 2 0 62 376000 0
lkpimm 160 1 2324 1 0 62 372000 0
malloc-1024 1024 314 38 35344 0 16 360448 0
VNODE 448 583 74 31149 0 30 294336 0
sctp_stream_msg_out 112 2513 43 6311 0 254 286272 0
socket 944 59 237 32326 0 254 279424 0
malloc-384 384 700 10 999 0 30 272640 0
256 Bucket 2048 121 11 19562 0 8 270336 0
malloc-65536 65536 4 0 4 0 1 262144 0
UMA Zones 768 337 2 337 0 16 260352 0
ertt_txseginfo 40 2159 4305 87096 0 254 258560 0
mbuf_packet 256 556 404 62000 0 254 245760 0
malloc-16384 16384 10 5 273 0 1 245760 0
VMSPACE 2544 86 10 31547 0 4 244224 0
malloc-2048 2048 108 2 125 0 8 225280 0
DEVCTL 1024 0 216 133 0 0 221184 0
malloc-512 512 394 14 3097 0 30 208896 0
malloc-65536 65536 1 2 179 0 1 196608 0
malloc-65536 65536 1 2 5 0 1 196608 0
tcp_inpcb 488 15 385 3304 0 254 195200 0
PROC 1336 115 20 31576 0 8 180360 0
malloc-16384 16384 9 2 13 0 1 180224 0
malloc-8192 8192 16 5 170 0 1 172032 0
malloc-4096 4096 2 38 3445 0 2 163840 0
filedesc0 1072 116 24 31579 0 8 150080 0
S VFS Cache 104 1043 400 32469 0 126 150072 0
FFS2 dinode 256 545 40 31108 0 62 149760 0
zio_buf_comb_131072 131072 0 1 1 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-65536 65536 0 2 4 0 1 131072 0
malloc-384 384 275 65 472031 0 30 130560 0
UMA Kegs 384 322 1 322 0 30 124032 0
ksiginfo 112 120 924 5036 0 126 116928 0
32 Bucket 256 387 63 33276 0 62 115200 0
malloc-4096 4096 10 17 258 0 2 110592 0
malloc-512 512 199 17 1339 0 30 110592 0
malloc-4096 4096 24 0 582 0 2 98304 0
tcpcb 1064 15 76 3304 0 254 96824 0
malloc-512 512 153 31 2790 0 30 94208 0
128 Bucket 1024 57 34 6900 0 16 93184 0
16 Bucket 144 524 92 9285 0 62 88704 0
malloc-512 512 94 66 30989 0 30 81920 0
g_bio 408 0 190 10949 0 30 77520 0
malloc-8192 8192 2 7 30907 0 1 73728 0
malloc-384 384 149 31 23901 0 30 69120 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-16384 16384 2 2 26 0 1 65536 0
malloc-2048 2048 26 4 32 0 8 61440 0
malloc-1024 1024 53 7 57 0 16 61440 0
malloc-384 384 66 64 3435 0 30 49920 0
zio_data_buf_16384 16384 0 3 9 0 1 49152 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-16384 16384 1 2 8 0 1 49152 0
malloc-8192 8192 4 2 534 0 1 49152 0
malloc-4096 4096 5 7 612 0 2 49152 0
malloc-2048 2048 18 6 22 0 8 49152 0
malloc-2048 2048 5 17 4187 0 8 45056 0
malloc-512 512 21 67 34762 0 30 45056 0
pcpu-8 8 5187 445 5543 0 254 45056 0
64 Bucket 512 44 44 11565 0 30 45056 0
pipe 744 24 36 2901 0 16 44640 0
Files 80 272 278 110405 0 126 44000 0
clpbuf 2624 0 16 38 0 16 41984 0
DIRHASH 1024 34 6 34 0 16 40960 0
malloc-4096 4096 8 2 205 0 2 40960 0
malloc-2048 2048 9 11 1640 0 8 40960 0
malloc-512 512 21 59 31115 0 30 40960 0
TURNSTILE 136 265 29 265 0 62 39984 0
tcp_bbr_pcb 832 7 38 1086 0 16 37440 0
NAMEI 1024 0 36 168678 0 16 36864 0
zio_buf_16384 16384 0 2 10 0 1 32768 0
malloc-4096 4096 1 7 281 0 2 32768 0
pcpu-64 64 491 21 491 0 254 32768 0
malloc-4096 4096 7 0 7 0 2 28672 0
malloc-512 512 33 23 2927 0 30 28672 0
KNOTE 160 28 147 436056 0 62 28000 0
8 Bucket 80 103 247 7209 0 126 28000 0
SLEEPQUEUE 88 265 23 265 0 126 25344 0
PWD 32 47 709 30630 0 254 24192 0
2 Bucket 32 354 402 11199 0 254 24192 0
ttyinq 160 135 15 300 0 62 24000 0
ttyoutq 256 72 18 160 0 62 23040 0
tcp_rack_pcb 832 0 27 840 0 16 22464 0
malloc-2048 2048 9 1 9 0 8 20480 0
Mountpoints 2752 2 5 2 0 4 19264 0
unpcb 256 20 55 1536 0 254 19200 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
vtnet_tx_hdr 24 0 668 533008 0 254 16032 0
ripcb 488 5 27 1490 0 254 15616 0
udplite_inpcb 488 0 32 359 0 254 15616 0
udp_inpcb 488 6 26 462 0 254 15616 0
ertt 72 15 153 3304 0 126 12096 0
kenv 258 15 30 1062 0 30 11610 0
routing nhops 256 27 18 35 0 62 11520 0
malloc-4096 4096 0 2 2945 0 2 8192 0
malloc-2048 2048 0 4 9 0 8 8192 0
malloc-1024 1024 0 8 1127 0 16 8192 0
rtentry 176 31 15 35 0 62 8096 0
PGRP 88 37 55 91 0 126 8096 0
rl_entry 40 99 103 99 0 254 8080 0
tcp_rack_map 112 0 72 1378 0 126 8064 0
udpcb 32 6 246 821 0 254 8064 0
4 Bucket 48 6 162 605 0 254 8064 0
sctp_readq 152 0 52 805 0 254 7904 0
cryptop 280 0 28 311 0 30 7840 0
itimer 352 0 22 29 0 30 7744 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 7 55 31 0 126 6448 0
domainset 40 0 126 18 0 254 5040 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
tcptw 88 0 46 1 0 254 4048 0
hostcache 64 1 62 1 0 254 4032 0
syncache 168 0 24 4 0 254 4032 0
UMA Slabs 1 176 10 12 10 0 62 3872 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 16 23 19 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
zfs_znode_cache 472 0 0 0 0 30 0 0
sio_cache_2 168 0 0 0 0 62 0 0
sio_cache_1 152 0 0 0 0 62 0 0
sio_cache_0 136 0 0 0 0 62 0 0
zil_zcw_cache 80 0 0 0 0 126 0 0
zil_lwb_cache 360 0 0 0 0 30 0 0
dmu_buf_impl_t 408 0 0 0 0 30 0 0
arc_buf_t 64 0 0 0 0 254 0 0
arc_buf_hdr_t_l2only 96 0 0 0 0 126 0 0
arc_buf_hdr_t_full_crypt 424 0 0 0 0 30 0 0
arc
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: fc0dc940 nfsd: Reduce the callback timeout to 800msec
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=12d8ad0dd00000
dashboard link: https://syzkaller.appspot.com/bug?extid=dec8fdf66e4b26e593c7
userspace arch: i386
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dec8fd...@syzkaller.appspotmail.com
Fatal trap 9: general protection fault while in kernel mode
cpuid = 1; apic id = 01
instruction pointer = 0x20:0xffffffff8308db82
stack pointer = 0x0:0xfffffe005172f850
frame pointer = 0x0:0xfffffe005172f890
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 31570 (syz-executor.1)
trap number = 9
panic: general protection fault
cpuid = 1
time = 465
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe005172f520
vpanic() at vpanic+0x1c7/frame 0xfffffe005172f580
panic() at panic+0x43/frame 0xfffffe005172f5e0
trap_fatal() at trap_fatal+0x4cd/frame 0xfffffe005172f660
trap() at trap+0xf7/frame 0xfffffe005172f780
calltrap() at calltrap+0x8/frame 0xfffffe005172f780
--- trap 0x9, rip = 0xffffffff8308db82, rsp = 0xfffffe005172f850, rbp = 0xfffffe005172f890 ---
sctp_ss_fb_clear() at sctp_ss_fb_clear+0xa2/frame 0xfffffe005172f890
sctp_setopt() at sctp_setopt+0x4043/frame 0xfffffe005172f920
sctp_ctloutput() at sctp_ctloutput+0x22c/frame 0xfffffe005172f980
sosetopt() at sosetopt+0x101/frame 0xfffffe005172fa00
kern_setsockopt() at kern_setsockopt+0x150/frame 0xfffffe005172fa80
sys_setsockopt() at sys_setsockopt+0x33/frame 0xfffffe005172fab0
ia32_syscall() at ia32_syscall+0x237/frame 0xfffffe005172fbf0
int0x80_syscall_common() at int0x80_syscall_common+0x9c/frame 0xfbfdbf78
KDB: enter: panic
[ thread pid 31570 tid 134071 ]
Stopped at kdb_enter+0x67: movq $0,0x163948e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0xfffffe009b800000
rdx 0x3ffff
rbx 0
rsp 0xfffffe005172f500
rbp 0xfffffe005172f520
rsi 0x40001
rdi 0xffffffff81138986 vprintf+0x176
r8 0
r9 0x8080808080808080
r10 0xfffffe005172f3f0
r11 0x1ffaefff59c
r12 0xffffffff82267b80 ddb_dbbe
r13 0
r14 0xffffffff81a72b5d
r15 0xffffffff81a72b5d
rip 0xffffffff8112f977 kdb_enter+0x67
rflags 0x200086 kernload+0x86
kdb_enter+0x67: movq $0,0x163948e(%rip)
db> show proc
Process 31570 (syz-executor.1) at 0xfffff80042bf8a70:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 786 at 0xfffff80015d7a000
ABI: FreeBSD ELF32
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.1
reaper: 0xfffff80004bc7538 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe009f6013e0
(map 0xfffffe009f6013e0)
(map.pmap 0xfffffe009f6014a0)
(pmap 0xfffffe009f601500)
threads: 3
125576 RunQ syz-executor.1
134070 S uwait 0xfffff8000ebd7100 syz-executor.1
134071 Run CPU 1 syz-executor.1
db> ps
pid ppid pgrp uid state wmesg wchan cmd
31576 785 785 0 R (threaded) syz-executor.0
125605 Run CPU 0 syz-executor.0
134079 RunQ syz-executor.0
31570 786 786 0 R (threaded) syz-executor.1
125576 RunQ syz-executor.1
134070 S uwait 0xfffff8000ebd7100 syz-executor.1
134071 Run CPU 1 syz-executor.1
23932 23926 785 0 SV uwait 0xfffff80030fa9300 syz-executor.0
23926 1 785 0 DV ppwait 0xfffff8000e271a20 syz-executor.0
23587 1 787 0 S uwait 0xfffff8000e1d2700 syz-executor.2
23584 1 787 0 S uwait 0xfffff8000e053900 syz-executor.2
22800 22799 806 0 SV uwait 0xfffff80030fd9f00 syz-executor.3
22799 1 806 0 DV ppwait 0xfffff8000e1374e8 syz-executor.3
21408 1 21408 0 S uwait 0xfffff8000e1d2500 syz-executor.0
21406 1 21406 0 S uwait 0xfffff80026e41500 syz-executor.0
18663 1 787 0 S uwait 0xfffff8000e053f00 syz-executor.2
18662 1 787 0 S uwait 0xfffff80030b4fb00 syz-executor.2
18537 1 785 0 S uwait 0xfffff80030fd9d00 syz-executor.0
18534 1 785 0 S uwait 0xfffff8000e053500 syz-executor.0
15306 1 806 0 S uwait 0xfffff80026e39d00 syz-executor.3
15305 1 806 0 S umtxn 0xfffff80030b4fd00 syz-executor.3
15298 1 806 0 S uwait 0xfffff80026e55100 syz-executor.3
15297 1 806 0 S uwait 0xfffff8000e053700 syz-executor.3
14338 1 786 0 S uwait 0xfffff8000e053b00 syz-executor.1
14336 1 786 0 S uwait 0xfffff80030fd9300 syz-executor.1
13234 13231 787 0 SV uwait 0xfffff80015da4100 syz-executor.2
13231 1 787 0 DV ppwait 0xfffff800309eea20 syz-executor.2
10113 1 787 0 S uwait 0xfffff8000e073b00 syz-executor.2
10111 1 787 0 S uwait 0xfffff80030b4ff00 syz-executor.2
8923 1 785 0 S uwait 0xfffff80030fa9900 syz-executor.0
8921 1 785 0 S uwait 0xfffff8000e073f00 syz-executor.0
8121 1 786 0 S uwait 0xfffff80015da4300 syz-executor.1
8119 1 786 0 S uwait 0xfffff80030fa9500 syz-executor.1
8041 1 786 0 S uwait 0xfffff8000e053d00 syz-executor.1
8038 1 786 0 S uwait 0xfffff80030288d00 syz-executor.1
8013 8012 786 0 SV uwait 0xfffff80030a70d00 syz-executor.1
8012 1 786 0 DV ppwait 0xfffff80030ab2f58 syz-executor.1
7978 1 786 0 S uwait 0xfffff80030b4f900 syz-executor.1
7906 1 785 0 S uwait 0xfffff80030b4f500 syz-executor.0
7905 1 785 0 S uwait 0xfffff80030fa9b00 syz-executor.0
7567 1 7567 65 Ss select 0xfffff8000e0c05c0 dhclient
7266 1 786 0 S uwait 0xfffff80026de0900 syz-executor.1
7265 1 786 0 S uwait 0xfffff80026e41700 syz-executor.1
7227 1 806 0 S uwait 0xfffff80030fa9100 syz-executor.3
7226 1 806 0 S uwait 0xfffff80030a70900 syz-executor.3
7173 1 806 0 S uwait 0xfffff80015dded00 syz-executor.3
7171 1 806 0 S uwait 0xfffff80026e55b00 syz-executor.3
6986 6985 806 0 SV uwait 0xfffff80026de0300 syz-executor.3
6985 1 806 0 DV ppwait 0xfffff80026c0aa20 syz-executor.3
6888 1 785 0 S uwait 0xfffff80026e41100 syz-executor.0
6886 1 785 0 S uwait 0xfffff80015ddcf00 syz-executor.0
6884 1 785 0 S uwait 0xfffff80026e39500 syz-executor.0
6882 1 785 0 S uwait 0xfffff80030a70700 syz-executor.0
6337 0 0 0 DL (threaded) [zfskern]
101035 D t->zthr 0xfffff80030ee5548 [arc_evict]
106131 D t->zthr 0xfffff80030ee5348 [arc_reap]
106132 D - 0xfffff80030488100 [dbu_evict]
106133 D dbuf_ev 0xffffffff839c3fd8 [dbuf_evict_thread]
106134 D - 0xfffff80030457d00 [z_vdev_file_0]
106135 D - 0xfffff80030457d00 [z_vdev_file_1]
106136 D - 0xfffff80030457d00 [z_vdev_file_2]
106137 D - 0xfffff80030457d00 [z_vdev_file_3]
106138 D - 0xfffff80030457d00 [z_vdev_file_4]
106139 D - 0xfffff80030457d00 [z_vdev_file_5]
106140 D - 0xfffff80030457d00 [z_vdev_file_6]
106141 D - 0xfffff80030457d00 [z_vdev_file_7]
106142 D - 0xfffff80030457d00 [z_vdev_file_8]
106143 D - 0xfffff80030457d00 [z_vdev_file_9]
106144 D - 0xfffff80030457d00 [z_vdev_file_10]
106145 D - 0xfffff80030457d00 [z_vdev_file_11]
106146 D - 0xfffff80030457d00 [z_vdev_file_12]
106147 D - 0xfffff80030457d00 [z_vdev_file_13]
106148 D - 0xfffff80030457d00 [z_vdev_file_14]
106149 D - 0xfffff80030457d00 [z_vdev_file_15]
106150 D l2arc_f 0xffffffff839829b8 [l2arc_feed_thread]
106151 D - 0xfffff80030457900 [zfsvfs]
106152 S zevent_ 0xffffffff839c4560 [sysevent]
5453 1 5453 0 Ss select 0xfffff80026361740 dhclient
5450 1 5450 0 Ss select 0xfffff8003076ea40 dhclient
5431 1 5431 65 Ss select 0xfffff800308a7740 dhclient
4673 1 4673 0 Ss select 0xfffff800308598c0 dhclient
4670 1 4670 0 Ss select 0xfffff80030859ec0 dhclient
4651 1 4651 65 Ss select 0xfffff800308342c0 dhclient
4211 1 786 0 S uwait 0xfffff80015d99100 syz-executor.1
4210 1 786 0 S uwait 0xfffff80026de0700 syz-executor.1
4194 1 786 0 SV uwait 0xfffff80026e55f00 syz-executor.1
4186 1 786 0 SV uwait 0xfffff80015d99300 syz-executor.1
4020 1 4020 0 Ss select 0xfffff80026c2aa40 dhclient
4017 1 4017 0 Ss select 0xfffff80030726d40 dhclient
3998 1 3998 65 Ss select 0xfffff8003025da40 dhclient
3868 1 787 0 S uwait 0xfffff80026de0b00 syz-executor.2
3863 1 787 0 S uwait 0xfffff80026e35f00 syz-executor.2
3858 1 787 0 S uwait 0xfffff80026e39100 syz-executor.2
2103 1 806 0 S uwait 0xfffff80015d99f00 syz-executor.3
2096 1 806 0 S uwait 0xfffff80015ddcb00 syz-executor.3
1291 1 1291 0 Ss select 0xfffff80026eb8ec0 dhclient
1285 1 1285 0 Ss select 0xfffff80026b60bc0 dhclient
806 780 806 0 Rs syz-executor.3
787 780 787 0 Rs syz-executor.2
786 780 786 0 Rs syz-executor.1
785 780 785 0 Rs syz-executor.0
780 778 778 0 S (threaded) syz-fuzzer
100106 S uwait 0xfffff80015de0100 syz-fuzzer
100118 S uwait 0xfffff80015de5500 syz-fuzzer
100119 S uwait 0xfffff80015de5900 syz-fuzzer
100120 S kqread 0xfffff80015de3100 syz-fuzzer
100121 S uwait 0xfffff80015da4b00 syz-fuzzer
100122 S uwait 0xfffff80015dde500 syz-fuzzer
100123 S uwait 0xfffff80015de0d00 syz-fuzzer
100124 S uwait 0xfffff80015de0f00 syz-fuzzer
100125 S uwait 0xfffff80015de5300 syz-fuzzer
778 776 778 0 Ss pause 0xfffff800264fe0b0 csh
776 694 776 0 Ss select 0xfffff800262ff740 sshd
760 1 760 0 Ss+ ttyin 0xfffff80015465cb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80015a944b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80015a94cb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80015a974b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80015a97cb0 getty
755 1 755 0 Ss+ ttyin 0xfffff80015a9c4b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80015a9ccb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80015a9f4b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80015a9fcb0 getty
698 1 698 0 Ss nanslp 0xffffffff8273c560 cron
694 1 694 0 Ss select 0xfffff80026361d40 sshd
507 1 507 0 Ss select 0xfffff800263615c0 syslogd
436 1 436 0 Ss select 0xfffff80015e4d740 devd
435 1 435 65 Ss select 0xfffff80015d9a740 dhclient
350 1 350 0 Ss select 0xfffff80015f2b740 dhclient
347 1 347 0 Ss select 0xfffff80015f2b140 dhclient
23 0 0 0 DL vlruwt 0xfffff80015af6000 [vnlru]
22 0 0 0 DL syncer 0xffffffff8282b9d0 [syncer]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282aa80 [bufdaemon]
100086 D - 0xffffffff8220ae80 [bufspacedaemon-0]
100096 D sdflush 0xfffff80004dfc4e8 [/ worker]
20 0 0 0 DL psleep 0xffffffff828528c8 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82846d38 [dom0]
100087 D launds 0xffffffff82846d44 [laundry: dom0]
100088 D umarcl 0xffffffff815cb3c0 [uma]
18 0 0 0 DL - 0xffffffff82570908 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff830d8828 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff82e3e3c0 [pf purge]
15 0 0 0 DL - 0xffffffff828280dc [soaiod4]
9 0 0 0 DL - 0xffffffff828280dc [soaiod3]
8 0 0 0 DL - 0xffffffff828280dc [soaiod2]
7 0 0 0 DL - 0xffffffff828280dc [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82447dc0 [doneq0]
100045 D - 0xffffffff82447d40 [async]
100078 D - 0xffffffff82447c10 [scanner]
14 0 0 0 DL seqstat 0xfffff80004dcbc88 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffff80004d99d80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff80004d99d30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff82844220 [crypto]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff8271bda0 [g_event]
100036 D - 0xffffffff8271bda8 [g_up]
100037 D - 0xffffffff8271bdb0 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100028 D - 0xfffff80004c39d00 [thr_0]
100029 D - 0xfffff80004c39d80 [thr_1]
12 0 0 0 WL (threaded) [intr]
100012 I [swi5: fast taskq]
100015 I [swi6: task queue]
100017 I [swi6: Giant taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 I [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff80004bc7538 [init]
10 0 0 0 DL audit_w 0xffffffff82844730 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8271c330 [swapper]
100005 D - 0xfffff80004c63d00 [if_config_tqg_0]
100006 D - 0xfffff80004c63900 [softirq_0]
100007 D - 0xfffff80004c63500 [softirq_1]
100008 D - 0xfffff80004c63100 [if_io_tqg_0]
100009 D - 0xfffff80004c61d00 [if_io_tqg_1]
100010 D - 0xfffff80004c5fd00 [in6m_free taskq]
100011 D - 0xfffff80004c5f900 [aiod_kick taskq]
100013 D - 0xfffff80004c5f100 [kqueue_ctx taskq]
100014 D - 0xfffff80004c58d00 [pci_hp taskq]
100016 D - 0xfffff80004c58500 [inm_free taskq]
100018 D - 0xfffff80004c53d00 [linuxkpi_irq_wq]
100019 D - 0xfffff80004c53900 [thread taskq]
100020 D - 0xfffff80004c53500 [linuxkpi_short_wq_0]
100021 D - 0xfffff80004c53500 [linuxkpi_short_wq_1]
100022 D - 0xfffff80004c53500 [linuxkpi_short_wq_2]
100023 D - 0xfffff80004c53500 [linuxkpi_short_wq_3]
100024 D - 0xfffff80004c53100 [linuxkpi_long_wq_0]
100025 D - 0xfffff80004c53100 [linuxkpi_long_wq_1]
100026 D - 0xfffff80004c53100 [linuxkpi_long_wq_2]
100027 D - 0xfffff80004c53100 [linuxkpi_long_wq_3]
100034 D - 0xfffff80004c39900 [firmware taskq]
100038 D - 0xfffff80004c39500 [crypto_0]
100039 D - 0xfffff80004c39500 [crypto_1]
100055 D - 0xfffff800153dc900 [vtnet0 rxq 0]
100056 D - 0xfffff800153dc500 [vtnet0 txq 0]
100057 D - 0xfffff800153dc100 [vtnet0 rxq 1]
100058 D - 0xfffff800153c6d00 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80015429500 [virtio_balloon]
100064 D - 0xfffff800153c6900 [mca taskq]
100066 D - 0xffffffff81e1f3f0 [deadlkres]
100074 D - 0xfffff80015a2d900 [acpi_task_0]
100075 D - 0xfffff80015a2d900 [acpi_task_1]
100076 D - 0xfffff80015a2d900 [acpi_task_2]
100077 D - 0xfffff80004c39100 [CAM taskq]
106125 D - 0xfffff800301a1500 [system_taskq_0]
106126 D - 0xfffff800301a1500 [system_taskq_1]
106127 D - 0xfffff80030474100 [system_delay_taskq_]
106128 D - 0xfffff80030474100 [system_delay_taskq_]
106129 D - 0xfffff800303c8100 [arc_prune_0]
106130 D - 0xfffff800303c8100 [arc_prune_1]
db> show all locks
Process 31576 (syz-executor.0) thread 0xfffffe009507ce40 (125605)
exclusive sleep mutex umtxql (umtxql) r = 0 (0xffffffff8275b2b0) locked @ /syzkaller/managers/i386/kernel/sys/kern/kern_umtx.c:511
Process 31570 (syz-executor.1) thread 0xfffffe009f6be560 (134071)
exclusive sleep mutex sctp-send-tcb (tcbs) r = 0 (0xfffffe009e6e13a0) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_usrreq.c:4059
exclusive sleep mutex sctp-tcb (tcb) r = 0 (0xfffffe009e6e1380) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_usrreq.c:4057
db> show malloc
Type InUse MemUse Requests
pcb 6326 28955K 52720
sysctloid 46272 17352K 46339
sctp_stro 3150 12308K 10997
pf_hash 5 11560K 5
devbuf 4216 6982K 4245
sctp_atcl 6299 6299K 36896
linker 368 5875K 505
solaris 148 4440K 218
sctp_atky 9461 3549K 48665
tcp_hpts 5 3219K 5
kobj 328 2624K 488
sctp_map 6300 2363K 21428
sctp_athm 6299 2363K 37012
vtbuf 24 2064K 46
filedesc 122 1959K 61201
inodedep 708 1227K 30712
subproc 252 1064K 31736
newblk 9 1036K 31163
vfscache 3 1035K 3
acpica 1674 649K 55230
callout 2 528K 2
ufs_quota 1 520K 1
vfs_hash 1 520K 1
intr 4 480K 4
bus 990 378K 3499
dirrem 699 350K 30592
BPF 46 337K 46
kdtrace 357 285K 65657
freefile 699 263K 30561
umtx 528 231K 528
DEVFS1 108 216K 125
module 516 194K 516
vnet_data 1 176K 1
tidhash 3 164K 3
pagedep 9 140K 30556
UMA 365 137K 365
tfo_ccache 1 136K 1
sem 4 120K 4
vmem 3 112K 7
audit_evclass 236 89K 294
mtx_pool 2 80K 2
temp 35 77K 6699
syncache 1 76K 1
routetbl 137 73K 433
msg 4 68K 4
cred 67 67K 634
ifaddr 71 67K 73
acpitask 1 64K 1
ddb_capture 1 64K 1
DEVFS3 127 64K 137
sctp_timw 122 61K 122
ether_multi 157 59K 167
gtaskqueue 18 57K 18
pf_rule 14 56K 39
DEVFS_RULE 56 54K 56
kqueue 118 52K 31676
kenv 95 52K 95
eventhandler 136 51K 136
taskqueue 78 47K 78
lltable 52 46K 161
pwddesc 116 44K 31579
ithread 99 43K 99
rman 84 42K 425
KTRACE 100 38K 100
kstat_data 17 34K 17
proc 3 34K 3
ufs_mount 5 34K 6
bus-sc 33 34K 1710
DEVFSP 89 34K 16916
devstat 4 33K 4
hostcache 1 32K 1
tty 16 32K 16
shm 1 32K 27
in6_multi 71 31K 71
GEOM 60 29K 493
kbdmux 6 28K 6
ifnet 7 25K 7
plimit 24 24K 459
kcovinfo 64 24K 68
pf_osfp 62 24K 62
ksem 4 21K 2767
CAM queue 5 21K 1528
selfd 55 21K 424385
pfs_nodes 20 20K 20
proc-args 52 20K 678
session 36 18K 73
UART 12 18K 12
osd 44 17K 3347
bmsafemap 2 17K 30676
rpc 2 16K 2
shmfd 1 16K 98
pfs_vncache 1 16K 1
ufs_dirhash 24 14K 24
sglist 5 13K 5
lockf 34 13K 140
MCA 32 12K 32
CAM DEV 3 12K 510
vt 11 11K 11
acpisem 28 11K 28
Unitno 28 11K 59
CAM XPT 22 11K 543
inpcbpolicy 26 10K 5615
uidinfo 3 9K 58
pf_ifnet 10 9K 19
memdesc 1 8K 1
ipsec-saq 2 8K 2
evdev 4 8K 4
acpidev 20 8K 20
hhook 15 8K 17
select 19 8K 93
mount 16 7K 90
fpukern_ctx 3 6K 3
terminal 11 6K 11
sctp_ifa 14 6K 15
ip6ndp 12 6K 15
ipsecpolicy 2 5K 2
encap_export_host 12 5K 12
clone 9 5K 9
xform 11 5K 22254
local_apic 1 4K 1
io_apic 1 4K 1
sahead 1 4K 1
secasvar 1 4K 1
nhops 6 4K 8
pci_link 10 4K 10
msi 9 4K 9
DEVFS 9 4K 10
tun 7 4K 7
ipsec 3 3K 3
mkdir 8 3K 61066
in_multi 6 3K 8
vnodemarker 3 3K 153
prison 8 3K 8
nexusdev 7 3K 7
feeder 7 3K 7
procdesc 5 3K 18
freework 5 3K 30531
sctp_ifn 6 3K 15
mld 6 3K 6
igmp 6 3K 6
toponodes 6 3K 6
isadev 6 3K 6
sctp_socko 1 2K 25048
softdep 1 2K 1
freeblks 4 2K 30518
NFSD session 1 2K 1
linux 5 2K 6
CAM periph 4 2K 271
filecaps 5 2K 116
crypto 4 2K 3880
newdirblk 4 2K 30533
diradd 4 2K 30631
pfil 4 2K 4
CAM path 4 2K 1034
soname 4 2K 30395
tcpfunc 3 2K 3
loginclass 3 2K 10
ip6opt 2 1K 57
chacha20random 1 1K 1
vnodes 1 1K 2
CAM SIM 2 1K 2
ktls 1 1K 1
cdev 2 1K 2
taskq 2 1K 2
aesni_data 2 1K 2
cpus 2 1K 2
atkbddev 2 1K 2
CAM dev queue 2 1K 2
entropy 2 1K 43
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
pmchooks 1 1K 1
sctp_vrf 1 1K 1
apmdev 1 1K 1
CAM I/O Scheduler 1 1K 1
ip_msource 1 1K 1
vnet_data_free 1 1K 1
vnet 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
acpiintr 1 1K 1
pmc 1 1K 1
sfs_nodes 0 0K 0
zones_data 0 0K 0
sctp_mcore 0 0K 0
sctp_iter 0 0K 24
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 14
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 10
sctp_aadr 0 0K 0
sctp_stri 0 0K 1114
mqdata 0 0K 0
cdg data 0 0K 44
tcp_do 0 0K 0
tcp_fsb 0 0K 840
chd data 0 0K 31
cubic data 0 0K 0
htcp data 0 0K 0
vegas data 0 0K 0
dctcp data 0 0K 30
pf_table 0 0K 0
pf_altq 0 0K 0
pf_temp 0 0K 0
NFSD V4lock 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
axgbe 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
amr 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
vm_fictitious 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
agp 0 0K 0
nvme_da 0 0K 0
UMAHash 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 20585
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 74
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 7
allocindir 0 0K 0
indirdep 0 0K 19
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
twsbuf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 2
ip_moptions 0 0K 6
in_mfilter 0 0K 3
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
twa_commands 0 0K 0
statfs 0 0K 30900
namei_tracker 0 0K 4
export_host 0 0K 0
cl_savebuf 0 0K 5
tcp_log_dev 0 0K 1079
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 3401
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 123
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 32348
ioctlops 0 0K 5996
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 748
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 13
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8472 832 998532 0 254 38109184 0
malloc-8192 8192 3152 498 25140 0 1 29900800 0
malloc-384 384 62607 2503 165383 0 30 25002240 0
sctp_asoc 2288 3150 505 10714 0 254 8362640 0
malloc-1024 1024 6495 1001 38959 0 16 7675904 0
malloc-2048 2048 3155 499 11227 0 8 7483392 0
sctp_ep 1280 3149 502 25137 0 254 4673280 0
malloc-1024 1024 4196 12 4919 0 16 4308992 0
malloc-1024 1024 780 2908 30858 0 16 3776512 0
malloc-1024 1024 3181 499 25247 0 16 3768320 0
mbuf 256 13089 1356 1744072 0 254 3697920 0
malloc-384 384 8028 1012 119476 0 30 3471360 0
malloc-1024 1024 2 3126 20607 0 16 3203072 0
malloc-8192 8192 329 2 1882 0 1 2711552 0
sctp_raddr 736 3151 512 15829 0 254 2695968 0
pbuf 2624 0 989 0 0 2 2595136 0
UMA Slabs 0 112 22625 16 22625 0 126 2535792 0
malloc-32768 32768 63 6 30747 0 1 2260992 0
malloc-384 384 2758 2922 244437 0 30 2181120 0
tcp_log 416 2608 2405 36778 0 254 2085408 0
RADIX NODE 144 13928 377 699086 0 64 2059920 0
mbuf_cluster 2048 960 2 960 0 254 1970176 0
BUF TRIE 144 210 13258 1596 0 62 1939392 0
malloc-512 512 769 2911 92640 0 30 1884160 0
malloc-8192 8192 126 6 31615 0 1 1081344 0
FFS inode 1160 545 29 31109 0 8 665840 0
tcp_bbr_map 128 2159 2305 33104 0 126 571392 0
VM OBJECT 264 1971 84 447515 0 30 542520 0
sctp_laddr 48 10968 36 14577 0 254 528192 0
sctp_chunk 152 2467 939 9178 0 254 517712 0
THREAD 1808 240 24 34079 0 8 477312 0
MAP ENTRY 96 4160 376 1695992 0 126 435456 0
vmem btag 56 7631 61 7631 0 254 430752 0
malloc-16384 16384 26 0 30 0 1 425984 0
malloc-384 384 1013 67 26269 0 30 414720 0
lkpicurr 160 2 2348 2 0 62 376000 0
lkpimm 160 1 2324 1 0 62 372000 0
malloc-1024 1024 314 38 35344 0 16 360448 0
VNODE 448 583 74 31149 0 30 294336 0
sctp_stream_msg_out 112 2513 43 6311 0 254 286272 0
socket 944 59 237 32326 0 254 279424 0
malloc-384 384 700 10 999 0 30 272640 0
256 Bucket 2048 121 11 19562 0 8 270336 0
malloc-65536 65536 4 0 4 0 1 262144 0
UMA Zones 768 337 2 337 0 16 260352 0
ertt_txseginfo 40 2159 4305 87096 0 254 258560 0
mbuf_packet 256 556 404 62000 0 254 245760 0
malloc-16384 16384 10 5 273 0 1 245760 0
VMSPACE 2544 86 10 31547 0 4 244224 0
malloc-2048 2048 108 2 125 0 8 225280 0
DEVCTL 1024 0 216 133 0 0 221184 0
malloc-512 512 394 14 3097 0 30 208896 0
malloc-65536 65536 1 2 179 0 1 196608 0
malloc-65536 65536 1 2 5 0 1 196608 0
tcp_inpcb 488 15 385 3304 0 254 195200 0
PROC 1336 115 20 31576 0 8 180360 0
malloc-16384 16384 9 2 13 0 1 180224 0
malloc-8192 8192 16 5 170 0 1 172032 0
malloc-4096 4096 2 38 3445 0 2 163840 0
filedesc0 1072 116 24 31579 0 8 150080 0
S VFS Cache 104 1043 400 32469 0 126 150072 0
FFS2 dinode 256 545 40 31108 0 62 149760 0
zio_buf_comb_131072 131072 0 1 1 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-65536 65536 0 2 4 0 1 131072 0
malloc-384 384 275 65 472031 0 30 130560 0
UMA Kegs 384 322 1 322 0 30 124032 0
ksiginfo 112 120 924 5036 0 126 116928 0
32 Bucket 256 387 63 33276 0 62 115200 0
malloc-4096 4096 10 17 258 0 2 110592 0
malloc-512 512 199 17 1339 0 30 110592 0
malloc-4096 4096 24 0 582 0 2 98304 0
tcpcb 1064 15 76 3304 0 254 96824 0
malloc-512 512 153 31 2790 0 30 94208 0
128 Bucket 1024 57 34 6900 0 16 93184 0
16 Bucket 144 524 92 9285 0 62 88704 0
malloc-512 512 94 66 30989 0 30 81920 0
g_bio 408 0 190 10949 0 30 77520 0
malloc-8192 8192 2 7 30907 0 1 73728 0
malloc-384 384 149 31 23901 0 30 69120 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-16384 16384 2 2 26 0 1 65536 0
malloc-2048 2048 26 4 32 0 8 61440 0
malloc-1024 1024 53 7 57 0 16 61440 0
malloc-384 384 66 64 3435 0 30 49920 0
zio_data_buf_16384 16384 0 3 9 0 1 49152 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-16384 16384 1 2 8 0 1 49152 0
malloc-8192 8192 4 2 534 0 1 49152 0
malloc-4096 4096 5 7 612 0 2 49152 0
malloc-2048 2048 18 6 22 0 8 49152 0
malloc-2048 2048 5 17 4187 0 8 45056 0
malloc-512 512 21 67 34762 0 30 45056 0
pcpu-8 8 5187 445 5543 0 254 45056 0
64 Bucket 512 44 44 11565 0 30 45056 0
pipe 744 24 36 2901 0 16 44640 0
Files 80 272 278 110405 0 126 44000 0
clpbuf 2624 0 16 38 0 16 41984 0
DIRHASH 1024 34 6 34 0 16 40960 0
malloc-4096 4096 8 2 205 0 2 40960 0
malloc-2048 2048 9 11 1640 0 8 40960 0
malloc-512 512 21 59 31115 0 30 40960 0
TURNSTILE 136 265 29 265 0 62 39984 0
tcp_bbr_pcb 832 7 38 1086 0 16 37440 0
NAMEI 1024 0 36 168678 0 16 36864 0
zio_buf_16384 16384 0 2 10 0 1 32768 0
malloc-4096 4096 1 7 281 0 2 32768 0
pcpu-64 64 491 21 491 0 254 32768 0
malloc-4096 4096 7 0 7 0 2 28672 0
malloc-512 512 33 23 2927 0 30 28672 0
KNOTE 160 28 147 436056 0 62 28000 0
8 Bucket 80 103 247 7209 0 126 28000 0
SLEEPQUEUE 88 265 23 265 0 126 25344 0
PWD 32 47 709 30630 0 254 24192 0
2 Bucket 32 354 402 11199 0 254 24192 0
ttyinq 160 135 15 300 0 62 24000 0
ttyoutq 256 72 18 160 0 62 23040 0
tcp_rack_pcb 832 0 27 840 0 16 22464 0
malloc-2048 2048 9 1 9 0 8 20480 0
Mountpoints 2752 2 5 2 0 4 19264 0
unpcb 256 20 55 1536 0 254 19200 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
vtnet_tx_hdr 24 0 668 533008 0 254 16032 0
ripcb 488 5 27 1490 0 254 15616 0
udplite_inpcb 488 0 32 359 0 254 15616 0
udp_inpcb 488 6 26 462 0 254 15616 0
ertt 72 15 153 3304 0 126 12096 0
kenv 258 15 30 1062 0 30 11610 0
routing nhops 256 27 18 35 0 62 11520 0
malloc-4096 4096 0 2 2945 0 2 8192 0
malloc-2048 2048 0 4 9 0 8 8192 0
malloc-1024 1024 0 8 1127 0 16 8192 0
rtentry 176 31 15 35 0 62 8096 0
PGRP 88 37 55 91 0 126 8096 0
rl_entry 40 99 103 99 0 254 8080 0
tcp_rack_map 112 0 72 1378 0 126 8064 0
udpcb 32 6 246 821 0 254 8064 0
4 Bucket 48 6 162 605 0 254 8064 0
sctp_readq 152 0 52 805 0 254 7904 0
cryptop 280 0 28 311 0 30 7840 0
itimer 352 0 22 29 0 30 7744 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 7 55 31 0 126 6448 0
domainset 40 0 126 18 0 254 5040 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
tcptw 88 0 46 1 0 254 4048 0
hostcache 64 1 62 1 0 254 4032 0
syncache 168 0 24 4 0 254 4032 0
UMA Slabs 1 176 10 12 10 0 62 3872 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 16 23 19 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
zfs_znode_cache 472 0 0 0 0 30 0 0
sio_cache_2 168 0 0 0 0 62 0 0
sio_cache_1 152 0 0 0 0 62 0 0
sio_cache_0 136 0 0 0 0 62 0 0
zil_zcw_cache 80 0 0 0 0 126 0 0
zil_lwb_cache 360 0 0 0 0 30 0 0
dmu_buf_impl_t 408 0 0 0 0 30 0 0
arc_buf_t 64 0 0 0 0 254 0 0
arc_buf_hdr_t_l2only 96 0 0 0 0 126 0 0
arc_buf_hdr_t_full_crypt 424 0 0 0 0 30 0 0
arc
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Aug 17, 2021, 7:56:19 AM8/17/21
to syzkaller-f...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages