panic: Bad link elm ADDR next->prev != elm (3)
8Â vues
Accéder directement au premier message non lu
syzbot
4 juil. 2020, 16:55:1904/07/2020
à syzkaller-f...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: fc498f73 dev.ixl.<N>.debug: mark as MPSAFE
git tree: freebsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11f40a5b100000
dashboard link: https://syzkaller.appspot.com/bug?extid=8752a350d00374f1f353
userspace arch: i386
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10f932a7100000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+8752a3...@syzkaller.appspotmail.com
login: panic: Bad link elm 0xfffff80010811500 next->prev != elm
cpuid = 0
time = 1593895128
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe001a0bb0a0
vpanic() at vpanic+0x1c7/frame 0xfffffe001a0bb100
panic() at panic+0x43/frame 0xfffffe001a0bb160
sctp_inpcb_free() at sctp_inpcb_free+0x1658/frame 0xfffffe001a0bb1d0
sctp_free_assoc() at sctp_free_assoc+0x28cc/frame 0xfffffe001a0bb260
sctp_process_control() at sctp_process_control+0x8801/frame 0xfffffe001a0bb6d0
sctp_common_input_processing() at sctp_common_input_processing+0x74c/frame 0xfffffe001a0bb860
sctp6_input_with_port() at sctp6_input_with_port+0x300/frame 0xfffffe001a0bb960
sctp6_input() at sctp6_input+0x1f/frame 0xfffffe001a0bb980
ip6_input() at ip6_input+0x1802/frame 0xfffffe001a0bba90
swi_net() at swi_net+0x20d/frame 0xfffffe001a0bbb10
ithread_loop() at ithread_loop+0x328/frame 0xfffffe001a0bbbb0
fork_exit() at fork_exit+0xb3/frame 0xfffffe001a0bbbf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe001a0bbbf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 12 tid 100020 ]
Stopped at kdb_enter+0x67: movq $0,0x14a3436(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b ll+0x1a
es 0x3b ll+0x1a
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0x80 ll+0x5f
rdx 0xffffffff8195ecaa
rbx 0
rsp 0xfffffe001a0bb080
rbp 0xfffffe001a0bb0a0
rsi 0x1
rdi 0
r8 0
r9 0xffffffff
r10 0x224e ll+0x222d
r11 0x224e ll+0x222d
r12 0xffffffff82068f70 ddb_dbbe
r13 0
r14 0xffffffff819a9572
r15 0xffffffff819a9572
rip 0xffffffff810b67f7 kdb_enter+0x67
rflags 0x82 ll+0x61
kdb_enter+0x67: movq $0,0x14a3436(%rip)
db> show proc
Process 12 (intr) at 0xfffff80003311520:
state: NORMAL
uid: 0 gids: 0
parent: pid 0 at 0xffffffff8250e750
ABI: null
reaper: 0xffffffff8250e750 reapsubtree: 12
sigparent: 20
vmspace: 0xffffffff8250f3a0
(map 0xffffffff8250f3a0)
(map.pmap 0xffffffff8250f460)
(pmap 0xffffffff8250f4c0)
threads: 23
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100016 I [swi5: fast taskq]
100019 I [swi3: vm]
100020 Run CPU 0 [swi1: netisr 0]
100021 I [swi4: clock (0)]
100022 I [swi4: clock (1)]
100034 I [irq24: virtio_pci0]
100035 I [irq25: virtio_pci0]
100036 I [irq26: virtio_pci0]
100037 I [irq27: virtio_pci0]
100038 I [irq28: virtio_pci1]
100039 I [irq29: virtio_pci1]
100040 I [irq30: virtio_pci1]
100041 I [irq31: virtio_pci1]
100042 I [irq32: virtio_pci1]
100047 I [irq10: virtio_pci2]
100049 I [irq1: atkbd0]
100050 I [irq12: psm0]
100051 I [swi0: uart uart++]
100060 I [swi1: pf send]
100072 I [swi1: hpts]
100073 I [swi1: hpts]
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1762 793 793 0 R (threaded) syz-executor.3
100776 RunQ syz-executor.3
101106 S uwait 0xfffff800037ec180 syz-executor.3
101107 RunQ syz-executor.3
1761 776 776 0 RE CPU 1 syz-executor.0
1760 782 782 0 R (threaded) syz-executor.2
100203 RunQ syz-executor.2
101104 S uwait 0xfffff80003a40b00 syz-executor.2
1757 777 777 0 R (threaded) syz-executor.1
100108 RunQ syz-executor.1
101103 S uwait 0xfffff80003a41500 syz-executor.1
943 1 943 0 Ss select 0xfffff80003df7dc0 rtsol
940 1 940 0 Ss select 0xfffff80003bf45c0 rtsol
937 1 937 0 Ss select 0xfffff80003df7e40 rtsol
927 794 424 0 S kqread 0xfffff8000334f300 rtsol
794 780 424 0 S wait 0xfffff80003ca7520 sh
793 774 793 0 Ss nanslp 0xffffffff8252f241 syz-executor.3
782 774 782 0 Ss nanslp 0xffffffff8252f240 syz-executor.2
780 424 424 0 S wait 0xfffff80003d55520 sh
777 774 777 0 Ss nanslp 0xffffffff8252f241 syz-executor.1
776 774 776 0 Ss nanslp 0xffffffff8252f240 syz-executor.0
774 772 772 0 S (threaded) syz-execprog
100097 S uwait 0xfffff800037ecc80 syz-execprog
100109 S uwait 0xfffff80003a43480 syz-execprog
100110 S uwait 0xfffff80003a43580 syz-execprog
100111 S uwait 0xfffff80003a43680 syz-execprog
100112 S uwait 0xfffff80003a43780 syz-execprog
100113 S uwait 0xfffff800037ec380 syz-execprog
100114 S uwait 0xfffff800037ec100 syz-execprog
100115 S uwait 0xfffff800037ec300 syz-execprog
100116 S uwait 0xfffff80003317480 syz-execprog
100117 S kqread 0xfffff80003dc0000 syz-execprog
772 770 772 0 Ss pause 0xfffff80003d55ae8 csh
770 682 770 0 Ss select 0xfffff80003bf4ec0 sshd
748 1 748 0 Ss+ ttyin 0xfffff80003806cb0 getty
747 1 747 0 Ss+ ttyin 0xfffff80003b06cb0 getty
746 1 746 0 Ss+ ttyin 0xfffff80003b090b0 getty
745 1 745 0 Ss+ ttyin 0xfffff80003b094b0 getty
744 1 744 0 Ss+ ttyin 0xfffff80003b098b0 getty
743 1 743 0 Ss+ ttyin 0xfffff80003b09cb0 getty
742 1 742 0 Ss+ ttyin 0xfffff80003b080b0 getty
741 1 741 0 Ss+ ttyin 0xfffff80003b084b0 getty
740 1 740 0 Ss+ ttyin 0xfffff80003b088b0 getty
686 1 686 0 Ss nanslp 0xffffffff8252f240 cron
682 1 682 0 Ss select 0xfffff80003bf47c0 sshd
495 1 495 0 Ss select 0xfffff80003bf4940 syslogd
424 1 424 0 Ss wait 0xfffff800101f2520 devd
423 1 423 65 Ss select 0xfffff80003bf4ac0 dhclient
338 1 338 0 Ss select 0xfffff80003bf4d40 dhclient
335 1 335 0 Ss select 0xfffff80003df2ac0 dhclient
23 0 0 0 DL syncer 0xffffffff8261a498 [syncer]
22 0 0 0 DL vlruwt 0xfffff800033eca40 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100069 D qsleep 0xffffffff826197e0 [bufdaemon]
100076 D - 0xffffffff8200aa00 [bufspacedaemon-0]
100087 D sdflush 0xfffff8000342c4e8 [/ worker]
20 0 0 0 DL psleep 0xffffffff82640708 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100067 D psleep 0xffffffff82634b98 [dom0]
100074 D launds 0xffffffff82634ba4 [laundry: dom0]
100075 D umarcl 0xffffffff8154f650 [uma]
18 0 0 0 DL - 0xffffffff82362e78 [rand_harvestq]
17 0 0 0 DL pftm 0xffffffff82c583a0 [pf purge]
16 0 0 0 DL waiting 0xffffffff8261cc10 [sctp_iterator]
15 0 0 0 DL - 0xffffffff82618dec [soaiod4]
9 0 0 0 DL - 0xffffffff82618dec [soaiod3]
8 0 0 0 DL - 0xffffffff82618dec [soaiod2]
7 0 0 0 DL - 0xffffffff82618dec [soaiod1]
6 0 0 0 DL (threaded) [cam]
100033 D - 0xffffffff8223abc0 [doneq0]
100066 D - 0xffffffff8223aa90 [scanner]
5 0 0 0 DL crypto_ 0xfffff80003212d90 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff80003212d30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff82632440 [crypto]
14 0 0 0 DL seqstat 0xfffff800030d5488 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100024 D - 0xffffffff8250e1c0 [g_event]
100025 D - 0xffffffff8250e1c8 [g_up]
100026 D - 0xffffffff8250e1d0 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100017 D - 0xfffff80003093700 [thr_0]
100018 D - 0xfffff80003093740 [thr_1]
12 0 0 0 RL (threaded) [intr]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100016 I [swi5: fast taskq]
100019 I [swi3: vm]
100020 Run CPU 0 [swi1: netisr 0]
100021 I [swi4: clock (0)]
100022 I [swi4: clock (1)]
100034 I [irq24: virtio_pci0]
100035 I [irq25: virtio_pci0]
100036 I [irq26: virtio_pci0]
100037 I [irq27: virtio_pci0]
100038 I [irq28: virtio_pci1]
100039 I [irq29: virtio_pci1]
100040 I [irq30: virtio_pci1]
100041 I [irq31: virtio_pci1]
100042 I [irq32: virtio_pci1]
100047 I [irq10: virtio_pci2]
100049 I [irq1: atkbd0]
100050 I [irq12: psm0]
100051 I [swi0: uart uart++]
100060 I [swi1: pf send]
100072 I [swi1: hpts]
100073 I [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff80003310000 [init]
10 0 0 0 DL audit_w 0xffffffff82632858 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8250e750 [swapper]
100005 D - 0xfffff80003356100 [softirq_0]
100006 D - 0xfffff80003356000 [softirq_1]
100007 D - 0xfffff80003357e00 [if_io_tqg_0]
100008 D - 0xfffff80003357d00 [if_io_tqg_1]
100009 D - 0xfffff80003357c00 [if_config_tqg_0]
100010 D - 0xfffff80003351800 [kqueue_ctx taskq]
100011 D - 0xfffff80003351700 [aiod_kick taskq]
100014 D - 0xfffff80003351200 [in6m_free taskq]
100015 D - 0xfffff80003351100 [thread taskq]
100023 D - 0xfffff8000334e900 [firmware taskq]
100028 D - 0xfffff8000334e800 [crypto_0]
100029 D - 0xfffff8000334e800 [crypto_1]
100043 D - 0xfffff8000334e200 [vtnet0 rxq 0]
100044 D - 0xfffff8000334e100 [vtnet0 txq 0]
100045 D - 0xfffff8000334e000 [vtnet0 rxq 1]
100046 D - 0xfffff8000334fe00 [vtnet0 txq 1]
100048 D vtbslp 0xfffff800034f3580 [virtio_balloon]
100052 D - 0xfffff8000334f700 [mca taskq]
100057 D - 0xffffffff81d4edb1 [deadlkres]
100061 D - 0xfffff80003b66200 [acpi_task_0]
100062 D - 0xfffff80003b66200 [acpi_task_1]
100063 D - 0xfffff80003b66200 [acpi_task_2]
100065 D - 0xfffff8000334e700 [CAM taskq]
db> show all locks
Process 1762 (syz-executor.3) thread 0xfffffe0025c41300 (101107)
exclusive sleep mutex socket (socket) r = 0 (0xfffffe00239a9c40) locked @ /syzkaller/managers/i386/kernel/sys/kern/uipc_syscalls.c:524
Process 12 (intr) thread 0xfffffe00048b3e00 (100020)
exclusive sleep mutex sctp-inp (inp) r = 0 (0xfffff80010811968) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb.c:3321
exclusive rw sctp-info (sctp-info) r = 0 (0xfffffe0004956b60) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb.c:3319
exclusive sleep mutex sctp-create (inp_create) r = 0 (0xfffff80010811988) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb.c:3318
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
devbuf 4212 4850K 4240
tcp_hpts 5 3201K 5
vtbuf 24 1968K 46
sysctloid 27951 1631K 28015
kobj 334 1336K 493
newblk 30 1032K 1302
vfscache 4 1025K 4
inodedep 920 972K 983
pcb 35 548K 3665
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 130 265K 1836
dirrem 891 223K 919
acpica 1674 185K 55859
vnet_data 1 168K 1
pagedep 15 132K 922
filedesc 18 129K 1850
tfo_ccache 1 128K 1
freefile 891 112K 917
sem 4 106K 4
DEVFS1 105 105K 122
linker 239 96K 280
bus 1000 80K 3392
mtx_pool 2 72K 2
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 501 63K 501
umtx 306 39K 306
kdtrace 182 35K 4565
sctp_timw 136 34K 136
temp 35 33K 1847
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 124 31K 134
msg 4 30K 4
DEVFS_RULE 56 27K 56
gtaskqueue 18 26K 18
ifaddr 72 24K 72
vmem 3 22K 4
kbdmux 6 22K 6
BPF 14 19K 14
lltable 47 18K 47
ufs_mount 5 17K 6
proc 3 17K 3
tty 16 16K 16
tidhash 1 16K 1
ithread 98 16K 98
ether_multi 172 14K 177
bus-sc 30 14K 1439
KTRACE 100 13K 100
ifnet 7 13K 7
kenv 92 12K 92
eventhandler 132 12K 132
in6_multi 89 11K 89
pfs_nodes 20 10K 20
GEOM 60 10K 489
rman 82 10K 423
bmsafemap 3 9K 955
UART 12 9K 12
devstat 4 9K 4
kqueue 61 9K 1769
rpc 2 8K 2
shmfd 1 8K 1
pfs_vncache 1 8K 1
audit_evclass 233 8K 291
CAM DEV 3 6K 510
vt 11 6K 11
cred 21 6K 235
sglist 5 6K 5
CAM queue 5 6K 1528
plimit 20 5K 351
taskqueue 45 5K 45
ufs_dirhash 24 5K 24
pf_ifnet 10 5K 19
UMA 249 5K 249
memdesc 1 4K 1
MCA 32 4K 32
sctp_atcl 8 4K 5360
evdev 4 4K 4
routetbl 23 4K 23
diradd 29 4K 951
session 26 4K 38
pgrp 26 4K 38
hhook 13 4K 13
acpisem 22 3K 22
terminal 11 3K 11
mkdir 21 3K 1822
proc-args 46 3K 549
select 20 3K 20
uidinfo 3 3K 8
sctp_ifa 17 3K 17
local_apic 1 2K 1
io_apic 1 2K 1
indirdep 8 2K 10
ipsec-saq 2 2K 2
sctp_stro 2 2K 1788
ip6ndp 12 2K 21
CAM XPT 22 2K 543
lockf 15 2K 22
newdirblk 12 2K 911
in_multi 6 2K 7
Unitno 25 2K 45
acpidev 20 2K 20
msi 9 2K 9
tun 7 2K 7
softdep 1 1K 1
ipsecpolicy 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
clone 8 1K 8
vnodemarker 2 1K 12
NFSD session 1 1K 1
CAM periph 4 1K 271
mld 6 1K 6
sctp_ifn 6 1K 6
igmp 6 1K 6
nhops 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 86
pci_link 10 1K 10
crypto 3 1K 3
sctp_stri 1 1K 3566
pfil 4 1K 4
chacha20random 1 1K 1
CAM SIM 2 1K 2
epoch 4 1K 4
cdev 2 1K 2
encap_export_host 8 1K 8
sctp_atky 10 1K 8931
DEVFSP 6 1K 6
osd 3 1K 9
inpcbpolicy 9 1K 183
vnodes 1 1K 1
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
feeder 7 1K 7
loginclass 3 1K 7
soname 5 1K 9373
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
apmdev 1 1K 1
atkbddev 2 1K 2
CAM path 4 1K 1034
tcpfunc 2 1K 2
sctp_athm 8 1K 7143
ktls 1 1K 1
pmchooks 1 1K 1
prison 4 1K 4
nexusdev 5 1K 5
entropy 2 1K 41
freework 1 1K 917
sctp_vrf 1 1K 1
sctp_map 4 1K 3576
vnet 1 1K 1
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
filecaps 1 1K 78
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
vtfont 0 0K 0
madt_table 0 0K 2
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
amr 0 0K 0
scsi_da 0 0K 69
pvscsi 0 0K 0
smartpqi 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
nvme_da 0 0K 0
acpipwr 0 0K 0
twsbuf 0 0K 0
twe_commands 0 0K 0
twa_commands 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
fpukern_ctx 0 0K 0
tcp_log_dev 0 0K 0
xen_intr 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ac97 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
dmar_dmamap 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
isci 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
vm_fictitious 0 0K 0
CAM CCB 0 0K 1850
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
UMAHash 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 12
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 4
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 916
freefrag 0 0K 5
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
xform 0 0K 0
ag_slr_map_t malloc 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 4
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
lDevFlags * malloc 0 0K 0
LRO 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 8
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 8
sctp_aadr 0 0K 0
newreno data 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
statfs 0 0K 1093
export_host 0 0K 0
cl_savebuf 0 0K 2
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
MPSSAS 0 0K 0
mbuf_tag 0 0K 109
accf 0 0K 0
pts 0 0K 0
iov 0 0K 13413
ioctlops 0 0K 99
Witness 0 0K 0
stack 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
md_sectors 0 0K 0
sbuf 0 0K 288
md_disk 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
malodev 0 0K 0
SWAP 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 582
sysctl 0 0K 1
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
iirbuf 0 0K 0
cache 0 0K 0
aacraid_buf 0 0K 0
kcovinfo 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroffdiroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
scsi_pass 0 0K 0
ciss_data 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_cluster 2048 9018 126 9018 0 254 18726912 0
mbuf_packet 256 8192 698 31262 0 254 2275840 0
512 512 4138 38 4140 0 30 2138112 0
BUF TRIE 144 166 13330 476 0 62 1943424 0
4096 4096 336 2 946 0 2 1384448 0
128 128 9722 136 10302 0 126 1261824 0
sctp_asoc 2288 2 508 1788 0 254 1166880 0
mbuf_jumbo_page 4096 0 254 10 0 254 1040384 0
pbuf 832 0 985 0 0 2 819520 0
UMA Slabs 0 112 6378 24 6378 0 126 717024 0
sctp_ep 1280 5 505 1789 0 254 652800 0
tcpcb 1040 3 514 7 0 254 537680 0
512 512 922 14 1493 0 30 479232 0
socket 904 28 485 3048 0 254 463752 0
sctp_raddr 736 2 515 1788 0 254 380512 0
RADIX NODE 144 2357 188 44540 0 62 366480 0
VNODE 488 538 94 1457 0 30 308416 0
256 Bucket 2048 135 11 548 0 8 299008 0
VM OBJECT 264 1056 54 26630 0 30 293040 0
THREAD 1792 136 17 1107 0 8 274176 0
mbuf 256 473 552 41186 0 254 262400 0
65536 65536 4 0 4 0 1 262144 0
256 256 928 77 3658 0 62 257280 0
4096 4096 57 5 1763 0 2 253952 0
tcp_inpcb 488 3 509 7 0 254 249856 0
udp_inpcb 488 2 510 169 0 254 249856 0
16384 16384 9 5 926 0 1 229376 0
64 64 2807 280 2840 0 254 197568 0
65536 65536 1 2 66 0 1 196608 0
65536 65536 1 2 9 0 1 196608 0
16 16 11776 224 11880 0 254 192000 0
128 128 1161 234 25371 0 126 178560 0
UMA Zones 768 223 3 223 0 16 173568 0
32 32 4646 268 5658 0 254 157248 0
1024 1024 117 27 136 0 16 147456 0
FFS2 dinode 256 504 66 1421 0 62 145920 0
MAP ENTRY 96 1127 259 59628 0 126 133056 0
vmem btag 56 2005 358 2005 0 254 132328 0
65536 65536 2 0 2 0 1 131072 0
128 128 915 108 6582 0 126 130944 0
unpcb 256 14 496 1050 0 254 130560 0
ripcb 488 4 252 7 0 254 124928 0
ksiginfo 112 53 991 74 0 126 116928 0
2048 2048 0 56 1882 0 8 114688 0
VMSPACE 2536 34 11 1746 0 4 114120 0
256 256 56 379 2396 0 62 111360 0
S VFS Cache 108 615 393 2048 0 126 108864 0
4096 4096 24 2 35 0 2 106496 0
PROC 1312 56 16 1762 0 8 94464 0
FFS inode 160 504 71 1421 0 62 92000 0
filedesc0 1088 56 28 1763 0 8 91392 0
UMA Kegs 384 209 6 209 0 30 82560 0
256 256 175 140 3208 0 62 80640 0
sctp_chunk 152 1 519 1783 0 254 79040 0
512 512 98 54 108 0 30 77824 0
g_bio 408 0 180 5054 0 30 73440 0
1024 1024 6 62 2063 0 16 69632 0
128 Bucket 1024 43 24 420 0 16 68608 0
64 64 520 551 1589 0 254 68544 0
128 128 371 156 2173 0 126 67456 0
128 128 323 204 544 0 126 67456 0
65536 65536 1 0 1 0 1 65536 0
65536 65536 0 1 112 0 1 65536 0
16384 16384 4 0 4 0 1 65536 0
2048 2048 8 24 516 0 8 65536 0
256 256 156 99 522 0 62 65280 0
8192 8192 6 1 34 0 1 57344 0
64 Bucket 512 66 38 832 0 30 53248 0
64 64 467 352 756 0 254 52416 0
128 128 217 186 2378 0 126 51584 0
128 128 158 245 252 0 126 51584 0
256 256 104 91 1063 0 62 49920 0
256 256 152 43 1830 0 62 49920 0
256 256 80 115 643 0 62 49920 0
32 Bucket 256 44 151 510 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 0 48 16175 0 16 49152 0
2048 2048 6 18 1790 0 8 49152 0
512 512 53 43 86 0 30 49152 0
512 512 34 62 5386 0 30 49152 0
syncache 168 0 264 5 0 254 44352 0
8192 8192 3 2 86 0 1 40960 0
selfd 64 39 528 4237 0 254 36288 0
64 64 14 553 52 0 254 36288 0
64 64 228 339 13258 0 254 36288 0
64 64 66 501 1796 0 254 36288 0
64 64 2 565 37 0 254 36288 0
64 64 181 386 7501 0 254 36288 0
128 128 42 237 89 0 126 35712 0
routing nhops 256 16 119 38 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
256 256 18 117 919 0 62 34560 0
32768 32768 1 0 1 0 1 32768 0
32768 32768 1 0 1 0 1 32768 0
32768 32768 0 1 112 0 1 32768 0
32768 32768 1 0 1 0 1 32768 0
8192 8192 4 0 4 0 1 32768 0
4096 4096 6 2 6 0 2 32768 0
2048 2048 9 7 9 0 8 32768 0
2048 2048 9 7 9 0 8 32768 0
2048 2048 2 14 449 0 8 32768 0
1024 1024 16 16 16 0 16 32768 0
1024 1024 3 29 1035 0 16 32768 0
1024 1024 17 15 17 0 16 32768 0
512 512 21 43 139 0 30 32768 0
512 512 3 61 3889 0 30 32768 0
512 512 11 53 12 0 30 32768 0
mt_stats_zone 64 443 69 443 0 254 32768 0
64 pcpu 8 3741 355 3743 0 254 32768 0
ttyinq 160 135 65 300 0 62 32000 0
cpuset 104 7 272 7 0 126 29016 0
sctp_laddr 48 0 588 16 0 254 28224 0
hostcache 96 1 293 1 0 254 28224 0
PWD 32 17 865 1001 0 254 28224 0
4 Bucket 48 10 578 8888 0 254 28224 0
KMAP ENTRY 96 12 279 12 0 126 27936 0
rtentry 208 34 99 38 0 62 27664 0
clpbuf 832 0 32 88 0 16 26624 0
pipe 760 18 17 337 0 16 26600 0
TURNSTILE 136 154 35 154 0 62 25704 0
4096 4096 1 5 1094 0 2 24576 0
rl_entry 40 38 568 38 0 254 24240 0
2 Bucket 32 52 704 11225 0 254 24192 0
Files 80 125 175 9838 0 126 24000 0
8 Bucket 80 45 255 7824 0 126 24000 0
SLEEPQUEUE 88 154 102 154 0 126 22528 0
udpcb 32 2 628 169 0 254 20160 0
32 32 28 602 3641 0 254 20160 0
32 32 115 515 874 0 254 20160 0
32 32 118 512 938 0 254 20160 0
32 32 12 618 39 0 254 20160 0
32 32 94 536 3998 0 254 20160 0
32 32 46 584 3790 0 254 20160 0
16 Bucket 144 43 97 1170 0 62 20160 0
KNOTE 160 28 97 3288 0 62 20000 0
procdesc 136 4 141 10 0 62 19720 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
16384 16384 1 0 1 0 1 16384 0
16384 16384 0 1 136 0 1 16384 0
16384 16384 1 0 1 0 1 16384 0
8192 8192 2 0 2 0 1 16384 0
8192 8192 2 0 2 0 1 16384 0
8192 8192 2 0 2 0 1 16384 0
4096 4096 1 3 7 0 2 16384 0
4096 4096 4 0 5 0 2 16384 0
2048 2048 1 7 13 0 8 16384 0
2048 2048 3 5 4 0 8 16384 0
1024 1024 2 14 42 0 16 16384 0
1024 1024 6 10 6 0 16 16384 0
1024 1024 1 15 1 0 16 16384 0
vtnet_tx_hdr 24 0 668 669 0 254 16032 0
mt_zone 24 443 225 443 0 254 16032 0
kenv 258 3 57 1111 0 30 15480 0
MAP 216 2 69 2 0 62 15336 0
FPU_save_area 832 1 17 1 0 16 14976 0
vmem 1856 1 7 1 0 8 14848 0
32 32 12 366 187 0 254 12096 0
16 16 20 730 3623 0 254 12000 0
16 16 14 736 253 0 254 12000 0
16 16 28 722 325 0 254 12000 0
16 16 200 550 1372 0 254 12000 0
16 16 4 746 5 0 254 12000 0
16 16 260 490 7409 0 254 12000 0
16 16 22 728 25390 0 254 12000 0
Mountpoints 2816 2 2 2 0 4 11264 0
8192 8192 1 0 1 0 1 8192 0
SMR CPU 32 2 253 2 0 254 8160 0
SMR SHARED 24 2 253 2 0 254 6120 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
int pcpu 4 18 494 18 0 254 2048 0
FFS1 dinode 128 0 0 0 0 126 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 296 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 48 0 0 0 0 254 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
udplite_inpcb 488 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 280 0 0 0 0 30 0 0
AIOCB 752 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIO 208 0 0 0 0 62 0 0
NCLNODE 592 0 0 0 0 16 0 0
LTS VFS Cache 368 0 0 0 0 30 0 0
L VFS Cache 328 0 0 0 0 30 0 0
STS VFS Cache 148 0 0 0 0 62 0 0
rentr 24 0 0 0 0 254 0 0
VNODEPOLL 120 0 0 0 0 126 0 0
crypto_session 72 0 0 0 0 126 0 0
cryptop 280 0 0 0 0 30 0 0
nvme_request 128 0 0 0 0 126 0 0
DMAR_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls_session 192 0 0 0 0 62 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 832 0 0 0 0 62 0 0
mdpbuf 832 0 0 0 0 4 0 0
nfspbuf 832 0 0 0 0 16 0 0
swwbuf 832 0 0 0 0 8 0 0
swrbuf 832 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
65536 65536 0 0 0 0 1 0 0
65536 65536 0 0 0 0 1 0 0
32768 32768 0 0 0 0 1 0 0
32768 32768 0 0 0 0 1 0 0
32768 32768 0 0 0 0 1 0 0
32768 32768 0 0 0 0 1 0 0
16384 16384 0 0 0 0 1 0 0
16384 16384 0 0 0 0 1 0 0
16384 16384 0 0 0 0 1 0 0
8192 8192 0 0 0 0 1 0 0
4096 4096 0 0 0 0 2 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: fc498f73 dev.ixl.<N>.debug: mark as MPSAFE
git tree: freebsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11f40a5b100000
dashboard link: https://syzkaller.appspot.com/bug?extid=8752a350d00374f1f353
userspace arch: i386
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10f932a7100000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+8752a3...@syzkaller.appspotmail.com
login: panic: Bad link elm 0xfffff80010811500 next->prev != elm
cpuid = 0
time = 1593895128
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe001a0bb0a0
vpanic() at vpanic+0x1c7/frame 0xfffffe001a0bb100
panic() at panic+0x43/frame 0xfffffe001a0bb160
sctp_inpcb_free() at sctp_inpcb_free+0x1658/frame 0xfffffe001a0bb1d0
sctp_free_assoc() at sctp_free_assoc+0x28cc/frame 0xfffffe001a0bb260
sctp_process_control() at sctp_process_control+0x8801/frame 0xfffffe001a0bb6d0
sctp_common_input_processing() at sctp_common_input_processing+0x74c/frame 0xfffffe001a0bb860
sctp6_input_with_port() at sctp6_input_with_port+0x300/frame 0xfffffe001a0bb960
sctp6_input() at sctp6_input+0x1f/frame 0xfffffe001a0bb980
ip6_input() at ip6_input+0x1802/frame 0xfffffe001a0bba90
swi_net() at swi_net+0x20d/frame 0xfffffe001a0bbb10
ithread_loop() at ithread_loop+0x328/frame 0xfffffe001a0bbbb0
fork_exit() at fork_exit+0xb3/frame 0xfffffe001a0bbbf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe001a0bbbf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 12 tid 100020 ]
Stopped at kdb_enter+0x67: movq $0,0x14a3436(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b ll+0x1a
es 0x3b ll+0x1a
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0x80 ll+0x5f
rdx 0xffffffff8195ecaa
rbx 0
rsp 0xfffffe001a0bb080
rbp 0xfffffe001a0bb0a0
rsi 0x1
rdi 0
r8 0
r9 0xffffffff
r10 0x224e ll+0x222d
r11 0x224e ll+0x222d
r12 0xffffffff82068f70 ddb_dbbe
r13 0
r14 0xffffffff819a9572
r15 0xffffffff819a9572
rip 0xffffffff810b67f7 kdb_enter+0x67
rflags 0x82 ll+0x61
kdb_enter+0x67: movq $0,0x14a3436(%rip)
db> show proc
Process 12 (intr) at 0xfffff80003311520:
state: NORMAL
uid: 0 gids: 0
parent: pid 0 at 0xffffffff8250e750
ABI: null
reaper: 0xffffffff8250e750 reapsubtree: 12
sigparent: 20
vmspace: 0xffffffff8250f3a0
(map 0xffffffff8250f3a0)
(map.pmap 0xffffffff8250f460)
(pmap 0xffffffff8250f4c0)
threads: 23
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100016 I [swi5: fast taskq]
100019 I [swi3: vm]
100020 Run CPU 0 [swi1: netisr 0]
100021 I [swi4: clock (0)]
100022 I [swi4: clock (1)]
100034 I [irq24: virtio_pci0]
100035 I [irq25: virtio_pci0]
100036 I [irq26: virtio_pci0]
100037 I [irq27: virtio_pci0]
100038 I [irq28: virtio_pci1]
100039 I [irq29: virtio_pci1]
100040 I [irq30: virtio_pci1]
100041 I [irq31: virtio_pci1]
100042 I [irq32: virtio_pci1]
100047 I [irq10: virtio_pci2]
100049 I [irq1: atkbd0]
100050 I [irq12: psm0]
100051 I [swi0: uart uart++]
100060 I [swi1: pf send]
100072 I [swi1: hpts]
100073 I [swi1: hpts]
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1762 793 793 0 R (threaded) syz-executor.3
100776 RunQ syz-executor.3
101106 S uwait 0xfffff800037ec180 syz-executor.3
101107 RunQ syz-executor.3
1761 776 776 0 RE CPU 1 syz-executor.0
1760 782 782 0 R (threaded) syz-executor.2
100203 RunQ syz-executor.2
101104 S uwait 0xfffff80003a40b00 syz-executor.2
1757 777 777 0 R (threaded) syz-executor.1
100108 RunQ syz-executor.1
101103 S uwait 0xfffff80003a41500 syz-executor.1
943 1 943 0 Ss select 0xfffff80003df7dc0 rtsol
940 1 940 0 Ss select 0xfffff80003bf45c0 rtsol
937 1 937 0 Ss select 0xfffff80003df7e40 rtsol
927 794 424 0 S kqread 0xfffff8000334f300 rtsol
794 780 424 0 S wait 0xfffff80003ca7520 sh
793 774 793 0 Ss nanslp 0xffffffff8252f241 syz-executor.3
782 774 782 0 Ss nanslp 0xffffffff8252f240 syz-executor.2
780 424 424 0 S wait 0xfffff80003d55520 sh
777 774 777 0 Ss nanslp 0xffffffff8252f241 syz-executor.1
776 774 776 0 Ss nanslp 0xffffffff8252f240 syz-executor.0
774 772 772 0 S (threaded) syz-execprog
100097 S uwait 0xfffff800037ecc80 syz-execprog
100109 S uwait 0xfffff80003a43480 syz-execprog
100110 S uwait 0xfffff80003a43580 syz-execprog
100111 S uwait 0xfffff80003a43680 syz-execprog
100112 S uwait 0xfffff80003a43780 syz-execprog
100113 S uwait 0xfffff800037ec380 syz-execprog
100114 S uwait 0xfffff800037ec100 syz-execprog
100115 S uwait 0xfffff800037ec300 syz-execprog
100116 S uwait 0xfffff80003317480 syz-execprog
100117 S kqread 0xfffff80003dc0000 syz-execprog
772 770 772 0 Ss pause 0xfffff80003d55ae8 csh
770 682 770 0 Ss select 0xfffff80003bf4ec0 sshd
748 1 748 0 Ss+ ttyin 0xfffff80003806cb0 getty
747 1 747 0 Ss+ ttyin 0xfffff80003b06cb0 getty
746 1 746 0 Ss+ ttyin 0xfffff80003b090b0 getty
745 1 745 0 Ss+ ttyin 0xfffff80003b094b0 getty
744 1 744 0 Ss+ ttyin 0xfffff80003b098b0 getty
743 1 743 0 Ss+ ttyin 0xfffff80003b09cb0 getty
742 1 742 0 Ss+ ttyin 0xfffff80003b080b0 getty
741 1 741 0 Ss+ ttyin 0xfffff80003b084b0 getty
740 1 740 0 Ss+ ttyin 0xfffff80003b088b0 getty
686 1 686 0 Ss nanslp 0xffffffff8252f240 cron
682 1 682 0 Ss select 0xfffff80003bf47c0 sshd
495 1 495 0 Ss select 0xfffff80003bf4940 syslogd
424 1 424 0 Ss wait 0xfffff800101f2520 devd
423 1 423 65 Ss select 0xfffff80003bf4ac0 dhclient
338 1 338 0 Ss select 0xfffff80003bf4d40 dhclient
335 1 335 0 Ss select 0xfffff80003df2ac0 dhclient
23 0 0 0 DL syncer 0xffffffff8261a498 [syncer]
22 0 0 0 DL vlruwt 0xfffff800033eca40 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100069 D qsleep 0xffffffff826197e0 [bufdaemon]
100076 D - 0xffffffff8200aa00 [bufspacedaemon-0]
100087 D sdflush 0xfffff8000342c4e8 [/ worker]
20 0 0 0 DL psleep 0xffffffff82640708 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100067 D psleep 0xffffffff82634b98 [dom0]
100074 D launds 0xffffffff82634ba4 [laundry: dom0]
100075 D umarcl 0xffffffff8154f650 [uma]
18 0 0 0 DL - 0xffffffff82362e78 [rand_harvestq]
17 0 0 0 DL pftm 0xffffffff82c583a0 [pf purge]
16 0 0 0 DL waiting 0xffffffff8261cc10 [sctp_iterator]
15 0 0 0 DL - 0xffffffff82618dec [soaiod4]
9 0 0 0 DL - 0xffffffff82618dec [soaiod3]
8 0 0 0 DL - 0xffffffff82618dec [soaiod2]
7 0 0 0 DL - 0xffffffff82618dec [soaiod1]
6 0 0 0 DL (threaded) [cam]
100033 D - 0xffffffff8223abc0 [doneq0]
100066 D - 0xffffffff8223aa90 [scanner]
5 0 0 0 DL crypto_ 0xfffff80003212d90 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff80003212d30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff82632440 [crypto]
14 0 0 0 DL seqstat 0xfffff800030d5488 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100024 D - 0xffffffff8250e1c0 [g_event]
100025 D - 0xffffffff8250e1c8 [g_up]
100026 D - 0xffffffff8250e1d0 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100017 D - 0xfffff80003093700 [thr_0]
100018 D - 0xfffff80003093740 [thr_1]
12 0 0 0 RL (threaded) [intr]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100016 I [swi5: fast taskq]
100019 I [swi3: vm]
100020 Run CPU 0 [swi1: netisr 0]
100021 I [swi4: clock (0)]
100022 I [swi4: clock (1)]
100034 I [irq24: virtio_pci0]
100035 I [irq25: virtio_pci0]
100036 I [irq26: virtio_pci0]
100037 I [irq27: virtio_pci0]
100038 I [irq28: virtio_pci1]
100039 I [irq29: virtio_pci1]
100040 I [irq30: virtio_pci1]
100041 I [irq31: virtio_pci1]
100042 I [irq32: virtio_pci1]
100047 I [irq10: virtio_pci2]
100049 I [irq1: atkbd0]
100050 I [irq12: psm0]
100051 I [swi0: uart uart++]
100060 I [swi1: pf send]
100072 I [swi1: hpts]
100073 I [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff80003310000 [init]
10 0 0 0 DL audit_w 0xffffffff82632858 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8250e750 [swapper]
100005 D - 0xfffff80003356100 [softirq_0]
100006 D - 0xfffff80003356000 [softirq_1]
100007 D - 0xfffff80003357e00 [if_io_tqg_0]
100008 D - 0xfffff80003357d00 [if_io_tqg_1]
100009 D - 0xfffff80003357c00 [if_config_tqg_0]
100010 D - 0xfffff80003351800 [kqueue_ctx taskq]
100011 D - 0xfffff80003351700 [aiod_kick taskq]
100014 D - 0xfffff80003351200 [in6m_free taskq]
100015 D - 0xfffff80003351100 [thread taskq]
100023 D - 0xfffff8000334e900 [firmware taskq]
100028 D - 0xfffff8000334e800 [crypto_0]
100029 D - 0xfffff8000334e800 [crypto_1]
100043 D - 0xfffff8000334e200 [vtnet0 rxq 0]
100044 D - 0xfffff8000334e100 [vtnet0 txq 0]
100045 D - 0xfffff8000334e000 [vtnet0 rxq 1]
100046 D - 0xfffff8000334fe00 [vtnet0 txq 1]
100048 D vtbslp 0xfffff800034f3580 [virtio_balloon]
100052 D - 0xfffff8000334f700 [mca taskq]
100057 D - 0xffffffff81d4edb1 [deadlkres]
100061 D - 0xfffff80003b66200 [acpi_task_0]
100062 D - 0xfffff80003b66200 [acpi_task_1]
100063 D - 0xfffff80003b66200 [acpi_task_2]
100065 D - 0xfffff8000334e700 [CAM taskq]
db> show all locks
Process 1762 (syz-executor.3) thread 0xfffffe0025c41300 (101107)
exclusive sleep mutex socket (socket) r = 0 (0xfffffe00239a9c40) locked @ /syzkaller/managers/i386/kernel/sys/kern/uipc_syscalls.c:524
Process 12 (intr) thread 0xfffffe00048b3e00 (100020)
exclusive sleep mutex sctp-inp (inp) r = 0 (0xfffff80010811968) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb.c:3321
exclusive rw sctp-info (sctp-info) r = 0 (0xfffffe0004956b60) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb.c:3319
exclusive sleep mutex sctp-create (inp_create) r = 0 (0xfffff80010811988) locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb.c:3318
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
devbuf 4212 4850K 4240
tcp_hpts 5 3201K 5
vtbuf 24 1968K 46
sysctloid 27951 1631K 28015
kobj 334 1336K 493
newblk 30 1032K 1302
vfscache 4 1025K 4
inodedep 920 972K 983
pcb 35 548K 3665
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 130 265K 1836
dirrem 891 223K 919
acpica 1674 185K 55859
vnet_data 1 168K 1
pagedep 15 132K 922
filedesc 18 129K 1850
tfo_ccache 1 128K 1
freefile 891 112K 917
sem 4 106K 4
DEVFS1 105 105K 122
linker 239 96K 280
bus 1000 80K 3392
mtx_pool 2 72K 2
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 501 63K 501
umtx 306 39K 306
kdtrace 182 35K 4565
sctp_timw 136 34K 136
temp 35 33K 1847
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 124 31K 134
msg 4 30K 4
DEVFS_RULE 56 27K 56
gtaskqueue 18 26K 18
ifaddr 72 24K 72
vmem 3 22K 4
kbdmux 6 22K 6
BPF 14 19K 14
lltable 47 18K 47
ufs_mount 5 17K 6
proc 3 17K 3
tty 16 16K 16
tidhash 1 16K 1
ithread 98 16K 98
ether_multi 172 14K 177
bus-sc 30 14K 1439
KTRACE 100 13K 100
ifnet 7 13K 7
kenv 92 12K 92
eventhandler 132 12K 132
in6_multi 89 11K 89
pfs_nodes 20 10K 20
GEOM 60 10K 489
rman 82 10K 423
bmsafemap 3 9K 955
UART 12 9K 12
devstat 4 9K 4
kqueue 61 9K 1769
rpc 2 8K 2
shmfd 1 8K 1
pfs_vncache 1 8K 1
audit_evclass 233 8K 291
CAM DEV 3 6K 510
vt 11 6K 11
cred 21 6K 235
sglist 5 6K 5
CAM queue 5 6K 1528
plimit 20 5K 351
taskqueue 45 5K 45
ufs_dirhash 24 5K 24
pf_ifnet 10 5K 19
UMA 249 5K 249
memdesc 1 4K 1
MCA 32 4K 32
sctp_atcl 8 4K 5360
evdev 4 4K 4
routetbl 23 4K 23
diradd 29 4K 951
session 26 4K 38
pgrp 26 4K 38
hhook 13 4K 13
acpisem 22 3K 22
terminal 11 3K 11
mkdir 21 3K 1822
proc-args 46 3K 549
select 20 3K 20
uidinfo 3 3K 8
sctp_ifa 17 3K 17
local_apic 1 2K 1
io_apic 1 2K 1
indirdep 8 2K 10
ipsec-saq 2 2K 2
sctp_stro 2 2K 1788
ip6ndp 12 2K 21
CAM XPT 22 2K 543
lockf 15 2K 22
newdirblk 12 2K 911
in_multi 6 2K 7
Unitno 25 2K 45
acpidev 20 2K 20
msi 9 2K 9
tun 7 2K 7
softdep 1 1K 1
ipsecpolicy 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
clone 8 1K 8
vnodemarker 2 1K 12
NFSD session 1 1K 1
CAM periph 4 1K 271
mld 6 1K 6
sctp_ifn 6 1K 6
igmp 6 1K 6
nhops 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 86
pci_link 10 1K 10
crypto 3 1K 3
sctp_stri 1 1K 3566
pfil 4 1K 4
chacha20random 1 1K 1
CAM SIM 2 1K 2
epoch 4 1K 4
cdev 2 1K 2
encap_export_host 8 1K 8
sctp_atky 10 1K 8931
DEVFSP 6 1K 6
osd 3 1K 9
inpcbpolicy 9 1K 183
vnodes 1 1K 1
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
feeder 7 1K 7
loginclass 3 1K 7
soname 5 1K 9373
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
apmdev 1 1K 1
atkbddev 2 1K 2
CAM path 4 1K 1034
tcpfunc 2 1K 2
sctp_athm 8 1K 7143
ktls 1 1K 1
pmchooks 1 1K 1
prison 4 1K 4
nexusdev 5 1K 5
entropy 2 1K 41
freework 1 1K 917
sctp_vrf 1 1K 1
sctp_map 4 1K 3576
vnet 1 1K 1
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
filecaps 1 1K 78
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
vtfont 0 0K 0
madt_table 0 0K 2
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
amr 0 0K 0
scsi_da 0 0K 69
pvscsi 0 0K 0
smartpqi 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
nvme_da 0 0K 0
acpipwr 0 0K 0
twsbuf 0 0K 0
twe_commands 0 0K 0
twa_commands 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
fpukern_ctx 0 0K 0
tcp_log_dev 0 0K 0
xen_intr 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ac97 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
dmar_dmamap 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
isci 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
vm_fictitious 0 0K 0
CAM CCB 0 0K 1850
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
UMAHash 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 12
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 4
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 916
freefrag 0 0K 5
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
xform 0 0K 0
ag_slr_map_t malloc 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 4
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
lDevFlags * malloc 0 0K 0
LRO 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 8
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 8
sctp_aadr 0 0K 0
newreno data 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
statfs 0 0K 1093
export_host 0 0K 0
cl_savebuf 0 0K 2
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
MPSSAS 0 0K 0
mbuf_tag 0 0K 109
accf 0 0K 0
pts 0 0K 0
iov 0 0K 13413
ioctlops 0 0K 99
Witness 0 0K 0
stack 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
md_sectors 0 0K 0
sbuf 0 0K 288
md_disk 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
malodev 0 0K 0
SWAP 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 582
sysctl 0 0K 1
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
iirbuf 0 0K 0
cache 0 0K 0
aacraid_buf 0 0K 0
kcovinfo 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroffdiroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
scsi_pass 0 0K 0
ciss_data 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_cluster 2048 9018 126 9018 0 254 18726912 0
mbuf_packet 256 8192 698 31262 0 254 2275840 0
512 512 4138 38 4140 0 30 2138112 0
BUF TRIE 144 166 13330 476 0 62 1943424 0
4096 4096 336 2 946 0 2 1384448 0
128 128 9722 136 10302 0 126 1261824 0
sctp_asoc 2288 2 508 1788 0 254 1166880 0
mbuf_jumbo_page 4096 0 254 10 0 254 1040384 0
pbuf 832 0 985 0 0 2 819520 0
UMA Slabs 0 112 6378 24 6378 0 126 717024 0
sctp_ep 1280 5 505 1789 0 254 652800 0
tcpcb 1040 3 514 7 0 254 537680 0
512 512 922 14 1493 0 30 479232 0
socket 904 28 485 3048 0 254 463752 0
sctp_raddr 736 2 515 1788 0 254 380512 0
RADIX NODE 144 2357 188 44540 0 62 366480 0
VNODE 488 538 94 1457 0 30 308416 0
256 Bucket 2048 135 11 548 0 8 299008 0
VM OBJECT 264 1056 54 26630 0 30 293040 0
THREAD 1792 136 17 1107 0 8 274176 0
mbuf 256 473 552 41186 0 254 262400 0
65536 65536 4 0 4 0 1 262144 0
256 256 928 77 3658 0 62 257280 0
4096 4096 57 5 1763 0 2 253952 0
tcp_inpcb 488 3 509 7 0 254 249856 0
udp_inpcb 488 2 510 169 0 254 249856 0
16384 16384 9 5 926 0 1 229376 0
64 64 2807 280 2840 0 254 197568 0
65536 65536 1 2 66 0 1 196608 0
65536 65536 1 2 9 0 1 196608 0
16 16 11776 224 11880 0 254 192000 0
128 128 1161 234 25371 0 126 178560 0
UMA Zones 768 223 3 223 0 16 173568 0
32 32 4646 268 5658 0 254 157248 0
1024 1024 117 27 136 0 16 147456 0
FFS2 dinode 256 504 66 1421 0 62 145920 0
MAP ENTRY 96 1127 259 59628 0 126 133056 0
vmem btag 56 2005 358 2005 0 254 132328 0
65536 65536 2 0 2 0 1 131072 0
128 128 915 108 6582 0 126 130944 0
unpcb 256 14 496 1050 0 254 130560 0
ripcb 488 4 252 7 0 254 124928 0
ksiginfo 112 53 991 74 0 126 116928 0
2048 2048 0 56 1882 0 8 114688 0
VMSPACE 2536 34 11 1746 0 4 114120 0
256 256 56 379 2396 0 62 111360 0
S VFS Cache 108 615 393 2048 0 126 108864 0
4096 4096 24 2 35 0 2 106496 0
PROC 1312 56 16 1762 0 8 94464 0
FFS inode 160 504 71 1421 0 62 92000 0
filedesc0 1088 56 28 1763 0 8 91392 0
UMA Kegs 384 209 6 209 0 30 82560 0
256 256 175 140 3208 0 62 80640 0
sctp_chunk 152 1 519 1783 0 254 79040 0
512 512 98 54 108 0 30 77824 0
g_bio 408 0 180 5054 0 30 73440 0
1024 1024 6 62 2063 0 16 69632 0
128 Bucket 1024 43 24 420 0 16 68608 0
64 64 520 551 1589 0 254 68544 0
128 128 371 156 2173 0 126 67456 0
128 128 323 204 544 0 126 67456 0
65536 65536 1 0 1 0 1 65536 0
65536 65536 0 1 112 0 1 65536 0
16384 16384 4 0 4 0 1 65536 0
2048 2048 8 24 516 0 8 65536 0
256 256 156 99 522 0 62 65280 0
8192 8192 6 1 34 0 1 57344 0
64 Bucket 512 66 38 832 0 30 53248 0
64 64 467 352 756 0 254 52416 0
128 128 217 186 2378 0 126 51584 0
128 128 158 245 252 0 126 51584 0
256 256 104 91 1063 0 62 49920 0
256 256 152 43 1830 0 62 49920 0
256 256 80 115 643 0 62 49920 0
32 Bucket 256 44 151 510 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 0 48 16175 0 16 49152 0
2048 2048 6 18 1790 0 8 49152 0
512 512 53 43 86 0 30 49152 0
512 512 34 62 5386 0 30 49152 0
syncache 168 0 264 5 0 254 44352 0
8192 8192 3 2 86 0 1 40960 0
selfd 64 39 528 4237 0 254 36288 0
64 64 14 553 52 0 254 36288 0
64 64 228 339 13258 0 254 36288 0
64 64 66 501 1796 0 254 36288 0
64 64 2 565 37 0 254 36288 0
64 64 181 386 7501 0 254 36288 0
128 128 42 237 89 0 126 35712 0
routing nhops 256 16 119 38 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
256 256 18 117 919 0 62 34560 0
32768 32768 1 0 1 0 1 32768 0
32768 32768 1 0 1 0 1 32768 0
32768 32768 0 1 112 0 1 32768 0
32768 32768 1 0 1 0 1 32768 0
8192 8192 4 0 4 0 1 32768 0
4096 4096 6 2 6 0 2 32768 0
2048 2048 9 7 9 0 8 32768 0
2048 2048 9 7 9 0 8 32768 0
2048 2048 2 14 449 0 8 32768 0
1024 1024 16 16 16 0 16 32768 0
1024 1024 3 29 1035 0 16 32768 0
1024 1024 17 15 17 0 16 32768 0
512 512 21 43 139 0 30 32768 0
512 512 3 61 3889 0 30 32768 0
512 512 11 53 12 0 30 32768 0
mt_stats_zone 64 443 69 443 0 254 32768 0
64 pcpu 8 3741 355 3743 0 254 32768 0
ttyinq 160 135 65 300 0 62 32000 0
cpuset 104 7 272 7 0 126 29016 0
sctp_laddr 48 0 588 16 0 254 28224 0
hostcache 96 1 293 1 0 254 28224 0
PWD 32 17 865 1001 0 254 28224 0
4 Bucket 48 10 578 8888 0 254 28224 0
KMAP ENTRY 96 12 279 12 0 126 27936 0
rtentry 208 34 99 38 0 62 27664 0
clpbuf 832 0 32 88 0 16 26624 0
pipe 760 18 17 337 0 16 26600 0
TURNSTILE 136 154 35 154 0 62 25704 0
4096 4096 1 5 1094 0 2 24576 0
rl_entry 40 38 568 38 0 254 24240 0
2 Bucket 32 52 704 11225 0 254 24192 0
Files 80 125 175 9838 0 126 24000 0
8 Bucket 80 45 255 7824 0 126 24000 0
SLEEPQUEUE 88 154 102 154 0 126 22528 0
udpcb 32 2 628 169 0 254 20160 0
32 32 28 602 3641 0 254 20160 0
32 32 115 515 874 0 254 20160 0
32 32 118 512 938 0 254 20160 0
32 32 12 618 39 0 254 20160 0
32 32 94 536 3998 0 254 20160 0
32 32 46 584 3790 0 254 20160 0
16 Bucket 144 43 97 1170 0 62 20160 0
KNOTE 160 28 97 3288 0 62 20000 0
procdesc 136 4 141 10 0 62 19720 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
16384 16384 1 0 1 0 1 16384 0
16384 16384 0 1 136 0 1 16384 0
16384 16384 1 0 1 0 1 16384 0
8192 8192 2 0 2 0 1 16384 0
8192 8192 2 0 2 0 1 16384 0
8192 8192 2 0 2 0 1 16384 0
4096 4096 1 3 7 0 2 16384 0
4096 4096 4 0 5 0 2 16384 0
2048 2048 1 7 13 0 8 16384 0
2048 2048 3 5 4 0 8 16384 0
1024 1024 2 14 42 0 16 16384 0
1024 1024 6 10 6 0 16 16384 0
1024 1024 1 15 1 0 16 16384 0
vtnet_tx_hdr 24 0 668 669 0 254 16032 0
mt_zone 24 443 225 443 0 254 16032 0
kenv 258 3 57 1111 0 30 15480 0
MAP 216 2 69 2 0 62 15336 0
FPU_save_area 832 1 17 1 0 16 14976 0
vmem 1856 1 7 1 0 8 14848 0
32 32 12 366 187 0 254 12096 0
16 16 20 730 3623 0 254 12000 0
16 16 14 736 253 0 254 12000 0
16 16 28 722 325 0 254 12000 0
16 16 200 550 1372 0 254 12000 0
16 16 4 746 5 0 254 12000 0
16 16 260 490 7409 0 254 12000 0
16 16 22 728 25390 0 254 12000 0
Mountpoints 2816 2 2 2 0 4 11264 0
8192 8192 1 0 1 0 1 8192 0
SMR CPU 32 2 253 2 0 254 8160 0
SMR SHARED 24 2 253 2 0 254 6120 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
int pcpu 4 18 494 18 0 254 2048 0
FFS1 dinode 128 0 0 0 0 126 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 296 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 48 0 0 0 0 254 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
udplite_inpcb 488 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 280 0 0 0 0 30 0 0
AIOCB 752 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIO 208 0 0 0 0 62 0 0
NCLNODE 592 0 0 0 0 16 0 0
LTS VFS Cache 368 0 0 0 0 30 0 0
L VFS Cache 328 0 0 0 0 30 0 0
STS VFS Cache 148 0 0 0 0 62 0 0
rentr 24 0 0 0 0 254 0 0
VNODEPOLL 120 0 0 0 0 126 0 0
crypto_session 72 0 0 0 0 126 0 0
cryptop 280 0 0 0 0 30 0 0
nvme_request 128 0 0 0 0 126 0 0
DMAR_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls_session 192 0 0 0 0 62 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 832 0 0 0 0 62 0 0
mdpbuf 832 0 0 0 0 4 0 0
nfspbuf 832 0 0 0 0 16 0 0
swwbuf 832 0 0 0 0 8 0 0
swrbuf 832 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
65536 65536 0 0 0 0 1 0 0
65536 65536 0 0 0 0 1 0 0
32768 32768 0 0 0 0 1 0 0
32768 32768 0 0 0 0 1 0 0
32768 32768 0 0 0 0 1 0 0
32768 32768 0 0 0 0 1 0 0
16384 16384 0 0 0 0 1 0 0
16384 16384 0 0 0 0 1 0 0
16384 16384 0 0 0 0 1 0 0
8192 8192 0 0 0 0 1 0 0
4096 4096 0 0 0 0 2 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
15 août 2021, 11:07:1915/08/2021
à syzkaller-f...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 8afe9481cfa3 frag6: do less work in frag6_slowtimo if poss..
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=15bf1ffa300000
dashboard link: https://syzkaller.appspot.com/bug?extid=8752a350d00374f1f353
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13430526300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17a7fb9e300000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+8752a3...@syzkaller.appspotmail.com
panic: Bad link elm 0xfffffe009ee6ca00 next->prev != elm
cpuid = 0
time = 1629039542
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe0053b5e750
kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe0053b5e8b0
vpanic() at vpanic+0x2c5/frame 0xfffffe0053b5e990
panic() at panic+0xb5/frame 0xfffffe0053b5ea60
sctp_inpcb_free() at sctp_inpcb_free+0x20ef/frame 0xfffffe0053b5eaf0
sctp_free_assoc() at sctp_free_assoc+0x421a/frame 0xfffffe0053b5ec30
sctp_process_control() at sctp_process_control+0x7b7d/frame 0xfffffe0053b5f300
sctp_common_input_processing() at sctp_common_input_processing+0xb26/frame 0xfffffe0053b5f560
sctp6_input_with_port() at sctp6_input_with_port+0x5a1/frame 0xfffffe0053b5f730
sctp6_input() at sctp6_input+0x1f/frame 0xfffffe0053b5f750
ip6_input() at ip6_input+0x2531/frame 0xfffffe0053b5f9b0
swi_net() at swi_net+0x2e5/frame 0xfffffe0053b5fa50
ithread_loop() at ithread_loop+0x4f1/frame 0xfffffe0053b5fbb0
fork_exit() at fork_exit+0xd0/frame 0xfffffe0053b5fbf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0053b5fbf0
Stopped at kdb_enter+0x6b: movq $0,0x28ea9ca(%rip)
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0x6e635d97e0ea7bf4
rdx 0xdffff7c000000000
rbx 0
rsp 0xfffffe0053b5e890
rbp 0xfffffe0053b5e8b0
rsi 0x1
rdi 0xffffffff840889c0 cov_trace_pc
r8 0x3
r9 0xfffffe0053b5e3c8
r10 0
r11 0xbf
r12 0xfffffe0053e2b1e0
r13 0xfffffe0053b5e901
r14 0xffffffff82c65780 .str.18
r15 0xffffffff82c65780 .str.18
rip 0xffffffff817a096b kdb_enter+0x6b
rflags 0x46
kdb_enter+0x6b: movq $0,0x28ea9ca(%rip)
db> show proc
Process 12 (intr) at 0xfffffe0053df6a70:
ABI: null
flag: 0x10000284 flag2: 0
reaper: 0xffffffff8402c6c0 reapsubtree: 12
sigparent: 20
vmspace: 0xffffffff8402d640
(map 0xffffffff8402d640)
(map.pmap 0xffffffff8402d700)
(pmap 0xffffffff8402d760)
100032 I [swi4: clock (0)]
100033 I [swi4: clock (1)]
100034 Run CPU 0 [swi1: netisr 0]
100035 I [swi3: vm]
100036 I [swi1: hpts]
100037 I [swi1: hpts]
100050 I [irq24: virtio_pci0]
100051 I [irq25: virtio_pci0]
100052 I [irq26: virtio_pci0]
100053 I [irq27: virtio_pci0]
100054 I [irq28: virtio_pci1]
100055 I [irq29: virtio_pci1]
100056 I [irq30: virtio_pci1]
100057 I [irq31: virtio_pci1]
100058 I [irq32: virtio_pci1]
100063 I [irq10: virtio_pci2]
100065 I [irq1: atkbd0]
100066 I [irq12: psm0]
100067 I [swi0: uart uart++]
100075 I [swi1: pf send]
4071 796 790 0 R (threaded) syz-executor6584781
103811 RunQ syz-executor6584781
104488 S uwait 0xfffffe009e9a4800 syz-executor6584781
104489 S uwait 0xfffffe009e9a4e00 syz-executor6584781
104490 S uwait 0xfffffe009e467d80 syz-executor6584781
796 792 790 0 S nanslp 0xffffffff84058201 syz-executor6584781
795 792 790 0 R syz-executor6584781
794 792 790 0 S nanslp 0xffffffff84058200 syz-executor6584781
793 792 790 0 R syz-executor6584781
792 790 790 0 S nanslp 0xffffffff84058201 syz-executor6584781
790 788 790 0 Ss pause 0xfffffe009e4cf5e8 csh
788 694 788 0 Ss select 0xfffffe009e9a4c40 sshd
762 1 762 0 Ss+ ttyin 0xfffffe0057000cb0 getty
761 1 761 0 Ss+ ttyin 0xfffffe00575f24b0 getty
760 1 760 0 Ss+ ttyin 0xfffffe00575f28b0 getty
759 1 759 0 Ss+ ttyin 0xfffffe00575f2cb0 getty
758 1 758 0 Ss+ ttyin 0xfffffe00583b70b0 getty
757 1 757 0 Ss+ ttyin 0xfffffe00583b74b0 getty
756 1 756 0 Ss+ ttyin 0xfffffe00583b78b0 getty
755 1 755 0 Ss+ ttyin 0xfffffe00583b7cb0 getty
754 1 754 0 Ss+ ttyin 0xfffffe00574770b0 getty
698 1 698 0 Ss nanslp 0xffffffff84058200 cron
694 1 694 0 Ss select 0xfffffe009521b0c0 sshd
507 1 507 0 Ds bo_wwai 0xfffffe009e4586a8 syslogd
436 1 436 0 Ss select 0xfffffe009e396f40 devd
435 1 435 65 Ss select 0xfffffe009e2f01c0 dhclient
350 1 350 0 Ss select 0xfffffe009e2f02c0 dhclient
347 1 347 0 Ss select 0xfffffe009e2f0340 dhclient
23 0 0 0 DL syncer 0xffffffff84180380 [syncer]
22 0 0 0 DL vlruwt 0xfffffe0058537538 [vnlru]
100088 D - 0xffffffff83411f80 [bufspacedaemon-0]
100099 D sdflush 0xfffffe0095280ce8 [/ worker]
20 0 0 0 DL psleep 0xffffffff841b65c0 [vmdaemon]
100089 D launds 0xffffffff841aa104 [laundry: dom0]
100090 D umarcl 0xffffffff81e9c3e0 [uma]
18 0 0 0 DL - 0xffffffff83e0f320 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff84be2460 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff848fee20 [pf purge]
15 0 0 0 DL - 0xffffffff841794c0 [soaiod4]
9 0 0 0 DL - 0xffffffff841794c0 [soaiod3]
8 0 0 0 DL - 0xffffffff841794c0 [soaiod2]
7 0 0 0 DL - 0xffffffff841794c0 [soaiod1]
100049 D - 0xffffffff83c94a40 [async]
100082 D - 0xffffffff83c948c0 [scanner]
14 0 0 0 DL seqstat 0xfffffe0056abc888 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffffe0053c0cc80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffffe0053c0cc30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff841a41a0 [crypto]
100040 D - 0xffffffff8402b800 [g_up]
100041 D - 0xffffffff8402b840 [g_down]
100030 D - 0xfffffe0053dff080 [thr_1]
100031 D - 0xffffffff8417a748 [alloc_0]
100032 I [swi4: clock (0)]
100033 I [swi4: clock (1)]
100034 Run CPU 0 [swi1: netisr 0]
100035 I [swi3: vm]
100036 I [swi1: hpts]
100037 I [swi1: hpts]
100050 I [irq24: virtio_pci0]
100051 I [irq25: virtio_pci0]
100052 I [irq26: virtio_pci0]
100053 I [irq27: virtio_pci0]
100054 I [irq28: virtio_pci1]
100055 I [irq29: virtio_pci1]
100056 I [irq30: virtio_pci1]
100057 I [irq31: virtio_pci1]
100058 I [irq32: virtio_pci1]
100063 I [irq10: virtio_pci2]
100065 I [irq1: atkbd0]
100066 I [irq12: psm0]
100067 I [swi0: uart uart++]
100075 I [swi1: pf send]
10 0 0 0 DL audit_w 0xffffffff841a5140 [audit]
100005 D - 0xfffffe0053df0e00 [if_config_tqg_0]
100006 D - 0xfffffe0053df0d00 [softirq_0]
100007 D - 0xfffffe0053df0c00 [softirq_1]
100008 D - 0xfffffe0053df0b00 [if_io_tqg_0]
100009 D - 0xfffffe0053df0a00 [if_io_tqg_1]
100010 D - 0xfffffe0053c07c00 [in6m_free taskq]
100011 D - 0xfffffe0053c07b00 [deferred_unmount ta]
100014 D - 0xfffffe0053c07800 [thread taskq]
100016 D - 0xfffffe0053c07600 [linuxkpi_irq_wq]
100017 D - 0xfffffe0053c07500 [kqueue_ctx taskq]
100018 D - 0xfffffe0053c07400 [aiod_kick taskq]
100019 D - 0xfffffe0053c07300 [pci_hp taskq]
100020 D - 0xfffffe0053c07200 [inm_free taskq]
100021 D - 0xfffffe0053c07100 [linuxkpi_short_wq_0]
100022 D - 0xfffffe0053c07100 [linuxkpi_short_wq_1]
100023 D - 0xfffffe0053c07100 [linuxkpi_short_wq_2]
100024 D - 0xfffffe0053c07100 [linuxkpi_short_wq_3]
100025 D - 0xfffffe0053c07000 [linuxkpi_long_wq_0]
100026 D - 0xfffffe0053c07000 [linuxkpi_long_wq_1]
100027 D - 0xfffffe0053c07000 [linuxkpi_long_wq_2]
100028 D - 0xfffffe0053c07000 [linuxkpi_long_wq_3]
100038 D - 0xfffffe0054189e00 [firmware taskq]
100042 D - 0xfffffe0054189d00 [crypto_0]
100043 D - 0xfffffe0054189d00 [crypto_1]
100059 D - 0xfffffe0054189900 [vtnet0 rxq 0]
100060 D - 0xfffffe0054189800 [vtnet0 txq 0]
100061 D - 0xfffffe0054189700 [vtnet0 rxq 1]
100062 D - 0xfffffe0054189600 [vtnet0 txq 1]
100064 D vtbslp 0xfffffe0056b20a00 [virtio_balloon]
100068 D - 0xfffffe0054189400 [mca taskq]
100073 D - 0xffffffff82c6c701 [deadlkres]
100078 D - 0xfffffe0058344b00 [acpi_task_0]
100079 D - 0xfffffe0058344b00 [acpi_task_1]
100080 D - 0xfffffe0058344b00 [acpi_task_2]
100081 D - 0xfffffe0054189a00 [CAM taskq]
db> show all locks
Process 4072 (syz-executor6584781) thread 0xfffffe009e9b5020 (103596)
exclusive sleep mutex sctp-create (inp_create) r = 0 (0xfffffe009ee8b488) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:3330
Process 795 (syz-executor6584781) thread 0xfffffe0095341740 (100108)
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e473cb0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_subr.c:3009
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e50a070) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_cache.c:4488
Process 793 (syz-executor6584781) thread 0xfffffe009e4cac80 (100114)
exclusive rw bufobj interlock (bufobj interlock) r = 0 (0xfffffe00587727e0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:2873
exclusive lockmgr bufwait (bufwait) r = 0 (0xfffffe0007a52e30) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:3937
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e9e5070) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_subr.c:3009
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e9a9e70) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_cache.c:4488
Process 507 (syslogd) thread 0xfffffe009533f3a0 (100100)
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e4585b0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_syscalls.c:3543
Process 12 (intr) thread 0xfffffe0053e2b1e0 (100034)
exclusive sleep mutex sctp-inp (inp) r = 0 (0xfffffe009ee6ce68) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:3333
exclusive rw sctp-info (sctp-info) r = 0 (0xfffffe00081b37e0) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:3331
exclusive sleep mutex sctp-create (inp_create) r = 0 (0xfffffe009ee6ce88) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:3330
tcp_hpts 6 3201K 6
sysctloid 34385 2031K 34456
vtbuf 24 1968K 46
kobj 327 1308K 486
newblk 127 1056K 4007
vfscache 3 1025K 3
inodedep 1284 994K 3353
pcb 35 550K 39317
subproc 116 222K 4140
acpica 1674 184K 55752
vnet_data 1 168K 1
freefile 1275 160K 3299
vmem 3 146K 4
tidhash 3 141K 3
linker 356 140K 384
pagedep 9 130K 3300
tfo_ccache 1 128K 1
sem 4 106K 4
DEVFS1 104 104K 113
sctp_timw 373 94K 373
bus 989 81K 3490
umtx 308 39K 308
kdtrace 187 38K 8566
temp 18 33K 1643
msg 4 30K 4
gtaskqueue 18 26K 18
kbdmux 6 22K 6
DEVFS_RULE 56 20K 56
BPF 10 18K 10
ufs_mount 4 17K 5
bus-sc 34 15K 1693
KTRACE 100 13K 100
kenv 95 12K 95
eventhandler 133 12K 133
ifaddr 30 12K 32
routetbl 50 11K 176
CAM queue 5 11K 1528
GEOM 61 10K 489
rman 84 10K 425
bmsafemap 2 9K 3323
rpc 2 8K 2
shmfd 1 8K 6541
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 237 8K 295
taskqueue 63 7K 63
sglist 5 7K 5
ufs_dirhash 24 5K 24
UMA 270 5K 270
vt 11 5K 11
ifnet 3 5K 3
evdev 4 4K 4
filedesc 1 4K 1
acpisem 28 4K 28
hhook 15 4K 17
ether_multi 40 4K 50
lltable 11 4K 11
kqueue 49 4K 4075
pf_ifnet 5 3K 6
pwddesc 48 3K 4073
in6_multi 25 3K 25
terminal 11 3K 11
session 19 3K 33
sctp_atcl 6 3K 29427
uidinfo 3 3K 10
ipsec-saq 2 2K 2
lockf 16 2K 26
Unitno 27 2K 39
selfd 22 2K 52288
mkdir 10 2K 6576
ipsecpolicy 2 2K 2
softdep 1 1K 1
diradd 8 1K 3317
ipsec 3 1K 3
pci_link 10 1K 10
sctp_ifa 5 1K 6
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
in_multi 2 1K 4
pfil 4 1K 4
cdev 2 1K 2
chacha20random 1 1K 1
osd 7 1K 18
inpcbpolicy 10 1K 137
sctp_ifn 2 1K 6
DEVFS 9 1K 10
indirdep 1 1K 3
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
feeder 7 1K 7
sctp_atky 6 1K 39234
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
nexusdev 8 1K 8
pmchooks 1 1K 1
soname 4 1K 16555
sctp_athm 6 1K 32696
tun 3 1K 3
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 40
p1003.1b 1 1K 1
filecaps 1 1K 70
tcp_do 0 0K 0
tcp_fsb 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 6539
sctp_iter 0 0K 4
sctp_aadr 0 0K 0
sctp_stro 0 0K 6538
sctp_stri 0 0K 6538
sctp_map 0 0K 13076
cdg data 0 0K 0
chd data 0 0K 0
dctcp data 0 0K 0
htcp data 0 0K 0
vegas data 0 0K 0
cubic data 0 0K 0
smartpqi 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
xbbd 0 0K 0
vtfont 0 0K 0
scsi_da 0 0K 69
UMAHash 0 0K 0
ata_da 0 0K 0
freefrag 0 0K 7
nvme_da 0 0K 0
ktls_ocf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
LRO 0 0K 0
twsbuf 0 0K 0
statfs 0 0K 3479
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 6
mbuf_tag 0 0K 27
tempbuff 0 0K 0
ioctlops 0 0K 86
eventfd 0 0K 0
md_sectors 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 660
sysctl 0 0K 3
iirbuf 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
pbuf 2624 0 989 0 0 2 2595136 0
mbuf 256 8581 989 107685 0 254 2449920 0
malloc-128 128 13366 212 15433 0 126 1737984 0
BUF TRIE 144 182 11578 615 0 62 1693440 0
malloc-384 384 4162 8 4163 0 30 1601280 0
malloc-4096 4096 376 6 4559 0 2 1564672 0
UMA Slabs 0 112 10164 21 10164 0 126 1140720 0
vmem btag 56 16138 37 16138 0 254 905800 0
FFS inode 1160 496 29 3795 0 8 609000 0
malloc-384 384 1283 217 3353 0 30 576000 0
RADIX NODE 144 3127 228 80420 0 62 483120 0
malloc-256 256 1284 261 26253 0 62 395520 0
lkpimm 168 1 2327 1 0 62 391104 0
lkpicurr 168 2 2326 2 0 62 391104 0
malloc-256 256 140 1150 2476 0 62 330240 0
socket 944 22 318 20955 0 254 320960 0
sctp_ep 1280 6 243 19620 0 254 318720 0
256 Bucket 2048 132 8 11220 0 8 286720 0
THREAD 1808 137 17 4492 0 8 278432 0
VNODE 448 526 77 3827 0 30 270144 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-64 64 3949 146 12029 0 254 262080 0
VM OBJECT 264 913 77 53245 0 30 261360 0
malloc-16 16 14021 229 14088 0 254 228000 0
DEVCTL 1024 0 220 126 0 0 225280 0
malloc-65536 65536 1 2 137 0 1 196608 0
UMA Zones 768 242 2 242 0 16 187392 0
malloc-32 32 5302 368 6355 0 254 181440 0
malloc-256 256 535 95 7824 0 62 161280 0
malloc-128 128 1184 56 25994 0 126 158720 0
mbuf_cluster 2048 75 1 75 0 254 155648 0
S VFS Cache 104 988 377 4305 0 126 141960 0
FFS2 dinode 256 496 29 3794 0 62 134400 0
malloc-65536 65536 0 2 54 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
sctp_asoc 2288 0 55 6538 0 254 125840 0
malloc-1024 1024 114 6 124 0 16 122880 0
ksiginfo 112 49 995 77 0 126 116928 0
MAP ENTRY 96 851 367 93084 0 126 116928 0
malloc-4096 4096 26 0 37 0 2 106496 0
VMSPACE 2544 26 10 4051 0 4 91584 0
UMA Kegs 384 227 6 227 0 30 89472 0
PROC 1336 48 18 4072 0 8 88176 0
malloc-8192 8192 7 3 35 0 1 81920 0
malloc-2048 2048 9 29 19632 0 8 77824 0
filedesc0 1072 49 21 4073 0 8 75040 0
g_bio 408 4 166 5189 0 30 69360 0
malloc-256 256 151 119 4508 0 62 69120 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 0 2 130 0 1 65536 0
malloc-2048 2048 6 26 1063 0 8 65536 0
malloc-64 64 482 526 53186 0 254 64512 0
64 Bucket 512 84 36 2669 0 30 61440 0
128 Bucket 1024 44 11 728 0 16 56320 0
malloc-384 384 64 76 29485 0 30 53760 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-8192 8192 6 0 6 0 1 49152 0
sctp_raddr 736 0 66 6538 0 254 48576 0
malloc-128 128 329 43 3759 0 126 47616 0
32 Bucket 256 60 120 3268 0 62 46080 0
malloc-1024 1024 6 38 1404 0 16 45056 0
malloc-64 64 537 156 1644 0 254 44352 0
clpbuf 2624 0 16 25 0 16 41984 0
malloc-8192 8192 4 1 6 0 1 40960 0
malloc-1024 1024 2 38 6580 0 16 40960 0
malloc-128 128 66 244 7551 0 126 39680 0
DIRHASH 1024 34 2 34 0 16 36864 0
NAMEI 1024 1 35 25552 0 16 36864 0
malloc-512 512 8 64 6546 0 30 36864 0
pcpu-8 8 4229 379 4257 0 254 36864 0
malloc-64 64 149 418 4739 0 254 36288 0
da_ccb 544 1 62 1423 0 16 34272 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-16384 16384 2 0 17 0 1 32768 0
malloc-16384 16384 2 0 2 0 1 32768 0
malloc-16384 16384 0 2 160 0 1 32768 0
pcpu-64 64 487 25 487 0 254 32768 0
PWD 32 15 867 3384 0 254 28224 0
Files 80 71 279 36103 0 126 28000 0
malloc-384 384 69 1 79 0 30 26880 0
malloc-256 256 67 38 10323 0 62 26880 0
TURNSTILE 136 155 34 155 0 62 25704 0
malloc-8192 8192 2 1 103 0 1 24576 0
malloc-1024 1024 18 6 22 0 16 24576 0
ertt_txseginfo 40 1 605 3462 0 254 24240 0
ttyinq 160 135 15 300 0 62 24000 0
malloc-128 128 141 45 500 0 126 23808 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-256 256 61 29 4080 0 62 23040 0
malloc-4096 4096 3 2 634 0 2 20480 0
malloc-1024 1024 19 1 19 0 16 20480 0
malloc-64 64 251 64 13675 0 254 20160 0
malloc-32 32 49 581 579 0 254 20160 0
malloc-128 128 122 33 3478 0 126 19840 0
Mountpoints 2752 2 5 2 0 4 19264 0
mbuf_packet 256 0 75 19710 0 254 19200 0
malloc-256 256 46 29 431 0 62 19200 0
SLEEPQUEUE 88 155 37 155 0 126 16896 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 3 1 6 0 2 16384 0
malloc-2048 2048 7 1 7 0 8 16384 0
malloc-2048 2048 7 1 7 0 8 16384 0
malloc-32 32 293 211 1251 0 254 16128 0
16 Bucket 144 46 66 326 0 62 16128 0
vtnet_tx_hdr 24 0 668 5556 0 254 16032 0
8 Bucket 80 44 156 1310 0 126 16000 0
malloc-256 256 55 5 596 0 62 15360 0
tcpcb 1080 3 11 7 0 254 15120 0
malloc-4096 4096 1 2 3 0 2 12288 0
malloc-4096 4096 1 2 3480 0 2 12288 0
malloc-2048 2048 4 2 16 0 8 12288 0
malloc-64 64 35 154 13111 0 254 12096 0
malloc-32 32 54 324 26257 0 254 12096 0
malloc-128 128 48 45 3366 0 126 11904 0
sctp_chunk 152 0 78 3269 0 254 11856 0
kenv 258 15 30 1026 0 30 11610 0
malloc-384 384 20 10 367 0 30 11520 0
pipe 744 6 9 289 0 16 11160 0
malloc-4096 4096 0 2 5 0 2 8192 0
malloc-2048 2048 0 4 40 0 8 8192 0
malloc-2048 2048 3 1 3 0 8 8192 0
malloc-2048 2048 1 3 192 0 8 8192 0
malloc-1024 1024 3 5 6703 0 16 8192 0
malloc-1024 1024 2 6 22 0 16 8192 0
malloc-512 512 1 15 119 0 30 8192 0
malloc-512 512 2 14 61 0 30 8192 0
rtentry 176 13 33 17 0 62 8096 0
PGRP 88 19 73 33 0 126 8096 0
rl_entry 40 27 175 27 0 254 8080 0
sctp_laddr 48 0 168 4 0 254 8064 0
syncache 168 0 48 5 0 254 8064 0
udpcb 32 6 246 126 0 254 8064 0
ertt 72 3 109 7 0 126 8064 0
malloc-64 64 30 96 47 0 254 8064 0
malloc-64 64 11 115 74 0 254 8064 0
malloc-32 32 128 124 13244 0 254 8064 0
malloc-32 32 24 228 43 0 254 8064 0
malloc-32 32 56 196 2939 0 254 8064 0
4 Bucket 48 5 163 108 0 254 8064 0
2 Bucket 32 49 203 532 0 254 8064 0
malloc-16 16 18 482 50 0 254 8000 0
malloc-16 16 51 449 258 0 254 8000 0
malloc-16 16 57 443 32950 0 254 8000 0
malloc-16 16 191 309 1429 0 254 8000 0
malloc-16 16 9 491 9 0 254 8000 0
malloc-16 16 270 230 13347 0 254 8000 0
malloc-16 16 14 486 25355 0 254 8000 0
ripcb 496 1 15 4 0 254 7936 0
tcp_inpcb 496 3 13 7 0 254 7936 0
udp_inpcb 496 6 10 126 0 254 7936 0
malloc-128 128 29 33 79 0 126 7936 0
routing nhops 256 10 20 17 0 62 7680 0
unpcb 256 7 23 1181 0 254 7680 0
malloc-384 384 8 12 10 0 30 7680 0
malloc-384 384 1 19 20 0 30 7680 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 8 54 8 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
malloc-1024 1024 2 2 2 0 16 4096 0
malloc-512 512 7 1 7 0 30 4096 0
malloc-512 512 2 6 44 0 30 4096 0
malloc-512 512 1 7 1 0 30 4096 0
malloc-512 512 0 8 1 0 30 4096 0
malloc-512 512 1 7 1 0 30 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
sackhole 32 0 126 2 0 254 4032 0
hostcache 64 1 62 1 0 254 4032 0
malloc-32 32 22 104 43 0 254 4032 0
KNOTE 160 0 25 8 0 62 4000 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
tcp_rack_map 112 0 0 0 0 126 0 0
AIOCB 552 0 0 0 0 16 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls
HEAD commit: 8afe9481cfa3 frag6: do less work in frag6_slowtimo if poss..
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=15bf1ffa300000
dashboard link: https://syzkaller.appspot.com/bug?extid=8752a350d00374f1f353
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13430526300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17a7fb9e300000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+8752a3...@syzkaller.appspotmail.com
panic: Bad link elm 0xfffffe009ee6ca00 next->prev != elm
cpuid = 0
time = 1629039542
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe0053b5e750
kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe0053b5e8b0
vpanic() at vpanic+0x2c5/frame 0xfffffe0053b5e990
panic() at panic+0xb5/frame 0xfffffe0053b5ea60
sctp_inpcb_free() at sctp_inpcb_free+0x20ef/frame 0xfffffe0053b5eaf0
sctp_free_assoc() at sctp_free_assoc+0x421a/frame 0xfffffe0053b5ec30
sctp_process_control() at sctp_process_control+0x7b7d/frame 0xfffffe0053b5f300
sctp_common_input_processing() at sctp_common_input_processing+0xb26/frame 0xfffffe0053b5f560
sctp6_input_with_port() at sctp6_input_with_port+0x5a1/frame 0xfffffe0053b5f730
sctp6_input() at sctp6_input+0x1f/frame 0xfffffe0053b5f750
ip6_input() at ip6_input+0x2531/frame 0xfffffe0053b5f9b0
swi_net() at swi_net+0x2e5/frame 0xfffffe0053b5fa50
ithread_loop() at ithread_loop+0x4f1/frame 0xfffffe0053b5fbb0
fork_exit() at fork_exit+0xd0/frame 0xfffffe0053b5fbf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0053b5fbf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 12 tid 100034 ]
KDB: enter: panic
Stopped at kdb_enter+0x6b: movq $0,0x28ea9ca(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0x6e635d97e0ea7bf4
rdx 0xdffff7c000000000
rbx 0
rsp 0xfffffe0053b5e890
rbp 0xfffffe0053b5e8b0
rsi 0x1
rdi 0xffffffff840889c0 cov_trace_pc
r8 0x3
r9 0xfffffe0053b5e3c8
r10 0
r11 0xbf
r12 0xfffffe0053e2b1e0
r13 0xfffffe0053b5e901
r14 0xffffffff82c65780 .str.18
r15 0xffffffff82c65780 .str.18
rip 0xffffffff817a096b kdb_enter+0x6b
rflags 0x46
kdb_enter+0x6b: movq $0,0x28ea9ca(%rip)
db> show proc
Process 12 (intr) at 0xfffffe0053df6a70:
state: NORMAL
uid: 0 gids: 0
parent: pid 0 at 0xffffffff8402c6c0
uid: 0 gids: 0
ABI: null
flag: 0x10000284 flag2: 0
reaper: 0xffffffff8402c6c0 reapsubtree: 12
sigparent: 20
vmspace: 0xffffffff8402d640
(map 0xffffffff8402d640)
(map.pmap 0xffffffff8402d700)
(pmap 0xffffffff8402d760)
threads: 23
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100015 I [swi5: fast taskq]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100032 I [swi4: clock (0)]
100033 I [swi4: clock (1)]
100034 Run CPU 0 [swi1: netisr 0]
100035 I [swi3: vm]
100036 I [swi1: hpts]
100037 I [swi1: hpts]
100050 I [irq24: virtio_pci0]
100051 I [irq25: virtio_pci0]
100052 I [irq26: virtio_pci0]
100053 I [irq27: virtio_pci0]
100054 I [irq28: virtio_pci1]
100055 I [irq29: virtio_pci1]
100056 I [irq30: virtio_pci1]
100057 I [irq31: virtio_pci1]
100058 I [irq32: virtio_pci1]
100063 I [irq10: virtio_pci2]
100065 I [irq1: atkbd0]
100066 I [irq12: psm0]
100067 I [swi0: uart uart++]
100075 I [swi1: pf send]
db> ps
pid ppid pgrp uid state wmesg wchan cmd
4072 794 790 0 RE CPU 1 syz-executor6584781
pid ppid pgrp uid state wmesg wchan cmd
4071 796 790 0 R (threaded) syz-executor6584781
103811 RunQ syz-executor6584781
104488 S uwait 0xfffffe009e9a4800 syz-executor6584781
104489 S uwait 0xfffffe009e9a4e00 syz-executor6584781
104490 S uwait 0xfffffe009e467d80 syz-executor6584781
796 792 790 0 S nanslp 0xffffffff84058201 syz-executor6584781
795 792 790 0 R syz-executor6584781
794 792 790 0 S nanslp 0xffffffff84058200 syz-executor6584781
793 792 790 0 R syz-executor6584781
792 790 790 0 S nanslp 0xffffffff84058201 syz-executor6584781
790 788 790 0 Ss pause 0xfffffe009e4cf5e8 csh
788 694 788 0 Ss select 0xfffffe009e9a4c40 sshd
762 1 762 0 Ss+ ttyin 0xfffffe0057000cb0 getty
761 1 761 0 Ss+ ttyin 0xfffffe00575f24b0 getty
760 1 760 0 Ss+ ttyin 0xfffffe00575f28b0 getty
759 1 759 0 Ss+ ttyin 0xfffffe00575f2cb0 getty
758 1 758 0 Ss+ ttyin 0xfffffe00583b70b0 getty
757 1 757 0 Ss+ ttyin 0xfffffe00583b74b0 getty
756 1 756 0 Ss+ ttyin 0xfffffe00583b78b0 getty
755 1 755 0 Ss+ ttyin 0xfffffe00583b7cb0 getty
754 1 754 0 Ss+ ttyin 0xfffffe00574770b0 getty
698 1 698 0 Ss nanslp 0xffffffff84058200 cron
694 1 694 0 Ss select 0xfffffe009521b0c0 sshd
507 1 507 0 Ds bo_wwai 0xfffffe009e4586a8 syslogd
436 1 436 0 Ss select 0xfffffe009e396f40 devd
435 1 435 65 Ss select 0xfffffe009e2f01c0 dhclient
350 1 350 0 Ss select 0xfffffe009e2f02c0 dhclient
347 1 347 0 Ss select 0xfffffe009e2f0340 dhclient
23 0 0 0 DL syncer 0xffffffff84180380 [syncer]
22 0 0 0 DL vlruwt 0xfffffe0058537538 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100085 D qsleep 0xffffffff8417e1a0 [bufdaemon]
100088 D - 0xffffffff83411f80 [bufspacedaemon-0]
100099 D sdflush 0xfffffe0095280ce8 [/ worker]
20 0 0 0 DL psleep 0xffffffff841b65c0 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100083 D psleep 0xffffffff841aa0f8 [dom0]
100089 D launds 0xffffffff841aa104 [laundry: dom0]
100090 D umarcl 0xffffffff81e9c3e0 [uma]
18 0 0 0 DL - 0xffffffff83e0f320 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff84be2460 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff848fee20 [pf purge]
15 0 0 0 DL - 0xffffffff841794c0 [soaiod4]
9 0 0 0 DL - 0xffffffff841794c0 [soaiod3]
8 0 0 0 DL - 0xffffffff841794c0 [soaiod2]
7 0 0 0 DL - 0xffffffff841794c0 [soaiod1]
6 0 0 0 DL (threaded) [cam]
100048 D - 0xffffffff83c94ac0 [doneq0]
100049 D - 0xffffffff83c94a40 [async]
100082 D - 0xffffffff83c948c0 [scanner]
14 0 0 0 DL seqstat 0xfffffe0056abc888 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffffe0053c0cc80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffffe0053c0cc30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff841a41a0 [crypto]
13 0 0 0 DL (threaded) [geom]
100039 D - 0xffffffff8402b7c0 [g_event]
100040 D - 0xffffffff8402b800 [g_up]
100041 D - 0xffffffff8402b840 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100029 D - 0xfffffe0053dff000 [thr_0]
100030 D - 0xfffffe0053dff080 [thr_1]
100031 D - 0xffffffff8417a748 [alloc_0]
12 0 0 0 RL (threaded) [intr]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100015 I [swi5: fast taskq]
100012 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100032 I [swi4: clock (0)]
100033 I [swi4: clock (1)]
100034 Run CPU 0 [swi1: netisr 0]
100035 I [swi3: vm]
100036 I [swi1: hpts]
100037 I [swi1: hpts]
100050 I [irq24: virtio_pci0]
100051 I [irq25: virtio_pci0]
100052 I [irq26: virtio_pci0]
100053 I [irq27: virtio_pci0]
100054 I [irq28: virtio_pci1]
100055 I [irq29: virtio_pci1]
100056 I [irq30: virtio_pci1]
100057 I [irq31: virtio_pci1]
100058 I [irq32: virtio_pci1]
100063 I [irq10: virtio_pci2]
100065 I [irq1: atkbd0]
100066 I [irq12: psm0]
100067 I [swi0: uart uart++]
100075 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe0053d54538 [init]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
10 0 0 0 DL audit_w 0xffffffff841a5140 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8402c6c0 [swapper]
100005 D - 0xfffffe0053df0e00 [if_config_tqg_0]
100006 D - 0xfffffe0053df0d00 [softirq_0]
100007 D - 0xfffffe0053df0c00 [softirq_1]
100008 D - 0xfffffe0053df0b00 [if_io_tqg_0]
100009 D - 0xfffffe0053df0a00 [if_io_tqg_1]
100010 D - 0xfffffe0053c07c00 [in6m_free taskq]
100011 D - 0xfffffe0053c07b00 [deferred_unmount ta]
100014 D - 0xfffffe0053c07800 [thread taskq]
100016 D - 0xfffffe0053c07600 [linuxkpi_irq_wq]
100017 D - 0xfffffe0053c07500 [kqueue_ctx taskq]
100018 D - 0xfffffe0053c07400 [aiod_kick taskq]
100019 D - 0xfffffe0053c07300 [pci_hp taskq]
100020 D - 0xfffffe0053c07200 [inm_free taskq]
100021 D - 0xfffffe0053c07100 [linuxkpi_short_wq_0]
100022 D - 0xfffffe0053c07100 [linuxkpi_short_wq_1]
100023 D - 0xfffffe0053c07100 [linuxkpi_short_wq_2]
100024 D - 0xfffffe0053c07100 [linuxkpi_short_wq_3]
100025 D - 0xfffffe0053c07000 [linuxkpi_long_wq_0]
100026 D - 0xfffffe0053c07000 [linuxkpi_long_wq_1]
100027 D - 0xfffffe0053c07000 [linuxkpi_long_wq_2]
100028 D - 0xfffffe0053c07000 [linuxkpi_long_wq_3]
100038 D - 0xfffffe0054189e00 [firmware taskq]
100042 D - 0xfffffe0054189d00 [crypto_0]
100043 D - 0xfffffe0054189d00 [crypto_1]
100059 D - 0xfffffe0054189900 [vtnet0 rxq 0]
100060 D - 0xfffffe0054189800 [vtnet0 txq 0]
100061 D - 0xfffffe0054189700 [vtnet0 rxq 1]
100062 D - 0xfffffe0054189600 [vtnet0 txq 1]
100064 D vtbslp 0xfffffe0056b20a00 [virtio_balloon]
100068 D - 0xfffffe0054189400 [mca taskq]
100073 D - 0xffffffff82c6c701 [deadlkres]
100078 D - 0xfffffe0058344b00 [acpi_task_0]
100079 D - 0xfffffe0058344b00 [acpi_task_1]
100080 D - 0xfffffe0058344b00 [acpi_task_2]
100081 D - 0xfffffe0054189a00 [CAM taskq]
db> show all locks
Process 4072 (syz-executor6584781) thread 0xfffffe009e9b5020 (103596)
exclusive sleep mutex sctp-create (inp_create) r = 0 (0xfffffe009ee8b488) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:3330
Process 795 (syz-executor6584781) thread 0xfffffe0095341740 (100108)
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e473cb0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_subr.c:3009
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e50a070) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_cache.c:4488
Process 793 (syz-executor6584781) thread 0xfffffe009e4cac80 (100114)
exclusive rw bufobj interlock (bufobj interlock) r = 0 (0xfffffe00587727e0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:2873
exclusive lockmgr bufwait (bufwait) r = 0 (0xfffffe0007a52e30) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:3937
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e9e5070) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_subr.c:3009
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e9a9e70) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_cache.c:4488
Process 507 (syslogd) thread 0xfffffe009533f3a0 (100100)
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe009e4585b0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_syscalls.c:3543
Process 12 (intr) thread 0xfffffe0053e2b1e0 (100034)
exclusive sleep mutex sctp-inp (inp) r = 0 (0xfffffe009ee6ce68) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:3333
exclusive rw sctp-info (sctp-info) r = 0 (0xfffffe00081b37e0) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:3331
exclusive sleep mutex sctp-create (inp_create) r = 0 (0xfffffe009ee6ce88) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:3330
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
devbuf 4217 4339K 4245
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 6 3201K 6
sysctloid 34385 2031K 34456
vtbuf 24 1968K 46
kobj 327 1308K 486
newblk 127 1056K 4007
vfscache 3 1025K 3
inodedep 1284 994K 3353
pcb 35 550K 39317
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
dirrem 1275 319K 3301
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 116 222K 4140
acpica 1674 184K 55752
vnet_data 1 168K 1
freefile 1275 160K 3299
vmem 3 146K 4
tidhash 3 141K 3
linker 356 140K 384
pagedep 9 130K 3300
tfo_ccache 1 128K 1
sem 4 106K 4
DEVFS1 104 104K 113
sctp_timw 373 94K 373
bus 989 81K 3490
mtx_pool 2 72K 2
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 510 64K 510
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
umtx 308 39K 308
kdtrace 187 38K 8566
temp 18 33K 1643
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 123 31K 133
shm 1 32K 1
msg 4 30K 4
gtaskqueue 18 26K 18
kbdmux 6 22K 6
DEVFS_RULE 56 20K 56
BPF 10 18K 10
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
tty 16 16K 16
bus-sc 34 15K 1693
KTRACE 100 13K 100
kenv 95 12K 95
eventhandler 133 12K 133
ifaddr 30 12K 32
routetbl 50 11K 176
CAM queue 5 11K 1528
GEOM 61 10K 489
rman 84 10K 425
bmsafemap 2 9K 3323
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 1
devstat 4 9K 4
rpc 2 8K 2
shmfd 1 8K 6541
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 237 8K 295
taskqueue 63 7K 63
sglist 5 7K 5
CAM DEV 3 6K 510
cred 22 6K 253
ufs_dirhash 24 5K 24
UMA 270 5K 270
vt 11 5K 11
ifnet 3 5K 3
memdesc 1 4K 1
MCA 32 4K 32
plimit 16 4K 353
MCA 32 4K 32
evdev 4 4K 4
filedesc 1 4K 1
acpisem 28 4K 28
hhook 15 4K 17
ether_multi 40 4K 50
lltable 11 4K 11
kqueue 49 4K 4075
pf_ifnet 5 3K 6
pwddesc 48 3K 4073
in6_multi 25 3K 25
terminal 11 3K 11
session 19 3K 33
sctp_atcl 6 3K 29427
uidinfo 3 3K 10
local_apic 1 2K 1
io_apic 1 2K 1
fpukern_ctx 2 2K 2
io_apic 1 2K 1
ipsec-saq 2 2K 2
lockf 16 2K 26
Unitno 27 2K 39
CAM XPT 22 2K 543
proc-args 36 2K 500
selfd 22 2K 52288
mkdir 10 2K 6576
ipsecpolicy 2 2K 2
acpidev 20 2K 20
msi 9 2K 9
clone 9 2K 9
msi 9 2K 9
softdep 1 1K 1
diradd 8 1K 3317
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 34
secasvar 1 1K 1
NFSD session 1 1K 1
newdirblk 7 1K 3288
CAM periph 4 1K 271
select 7 1K 29
ipsec 3 1K 3
nhops 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
toponodes 6 1K 6
isadev 6 1K 6
pci_link 10 1K 10
sctp_ifa 5 1K 6
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
in_multi 2 1K 4
pfil 4 1K 4
cdev 2 1K 2
chacha20random 1 1K 1
osd 7 1K 18
inpcbpolicy 10 1K 137
sctp_ifn 2 1K 6
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFSP 4 1K 9
NFSD V4client 1 1K 1
DEVFS 9 1K 10
indirdep 1 1K 3
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
CAM SIM 2 1K 2
ktls 1 1K 1
feeder 7 1K 7
sctp_atky 6 1K 39234
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
atkbddev 2 1K 2
CAM dev queue 2 1K 2
xform 2 1K 49
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
procdesc 1 1K 6
pmchooks 1 1K 1
soname 4 1K 16555
sctp_athm 6 1K 32696
tun 3 1K 3
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 40
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
freework 1 1K 3299
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
filecaps 1 1K 70
tcp_do 0 0K 0
tcp_fsb 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 6539
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 4
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_aadr 0 0K 0
sctp_stro 0 0K 6538
sctp_stri 0 0K 6538
sctp_map 0 0K 13076
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
mqdata 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
cdg data 0 0K 0
chd data 0 0K 0
dctcp data 0 0K 0
htcp data 0 0K 0
vegas data 0 0K 0
cubic data 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
madt_table 0 0K 2
NEWNFSnode 0 0K 0
smartpqi 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
ixl 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
axgbe 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
xen_intr 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
privcmd_dev 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xenstore 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
ciss_data 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
xbbd 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vm_fictitious 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
amr 0 0K 0
pvscsi 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
amr 0 0K 0
scsi_da 0 0K 69
UMAHash 0 0K 0
ata_da 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 2022
jblocks 0 0K 0
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 9
jfsync 0 0K 0
jtrunc 0 0K 0
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 3298
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 7
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
scsi_cd 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
agp 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
nvme_da 0 0K 0
ktls_ocf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 3
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
LRO 0 0K 0
newreno data 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
twsbuf 0 0K 0
statfs 0 0K 3479
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 6
twe_commands 0 0K 0
twa_commands 0 0K 0
tcp_log_dev 0 0K 0
twa_commands 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
mixer 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
osti_cacheable 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
mbuf_tag 0 0K 27
tempbuff 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 13750
pts 0 0K 0
ioctlops 0 0K 86
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
stack 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 660
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
ipsbuf 0 0K 0
iirbuf 0 0K 0
kcovinfo 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 988 16314 0 254 38125568 0
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
pbuf 2624 0 989 0 0 2 2595136 0
mbuf 256 8581 989 107685 0 254 2449920 0
malloc-128 128 13366 212 15433 0 126 1737984 0
BUF TRIE 144 182 11578 615 0 62 1693440 0
malloc-384 384 4162 8 4163 0 30 1601280 0
malloc-4096 4096 376 6 4559 0 2 1564672 0
UMA Slabs 0 112 10164 21 10164 0 126 1140720 0
vmem btag 56 16138 37 16138 0 254 905800 0
FFS inode 1160 496 29 3795 0 8 609000 0
malloc-384 384 1283 217 3353 0 30 576000 0
RADIX NODE 144 3127 228 80420 0 62 483120 0
malloc-256 256 1284 261 26253 0 62 395520 0
lkpimm 168 1 2327 1 0 62 391104 0
lkpicurr 168 2 2326 2 0 62 391104 0
malloc-256 256 140 1150 2476 0 62 330240 0
socket 944 22 318 20955 0 254 320960 0
sctp_ep 1280 6 243 19620 0 254 318720 0
256 Bucket 2048 132 8 11220 0 8 286720 0
THREAD 1808 137 17 4492 0 8 278432 0
VNODE 448 526 77 3827 0 30 270144 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-64 64 3949 146 12029 0 254 262080 0
VM OBJECT 264 913 77 53245 0 30 261360 0
malloc-16 16 14021 229 14088 0 254 228000 0
DEVCTL 1024 0 220 126 0 0 225280 0
malloc-65536 65536 1 2 137 0 1 196608 0
UMA Zones 768 242 2 242 0 16 187392 0
malloc-32 32 5302 368 6355 0 254 181440 0
malloc-256 256 535 95 7824 0 62 161280 0
malloc-128 128 1184 56 25994 0 126 158720 0
mbuf_cluster 2048 75 1 75 0 254 155648 0
S VFS Cache 104 988 377 4305 0 126 141960 0
FFS2 dinode 256 496 29 3794 0 62 134400 0
malloc-65536 65536 0 2 54 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
sctp_asoc 2288 0 55 6538 0 254 125840 0
malloc-1024 1024 114 6 124 0 16 122880 0
ksiginfo 112 49 995 77 0 126 116928 0
MAP ENTRY 96 851 367 93084 0 126 116928 0
malloc-4096 4096 26 0 37 0 2 106496 0
VMSPACE 2544 26 10 4051 0 4 91584 0
UMA Kegs 384 227 6 227 0 30 89472 0
PROC 1336 48 18 4072 0 8 88176 0
malloc-8192 8192 7 3 35 0 1 81920 0
malloc-2048 2048 9 29 19632 0 8 77824 0
filedesc0 1072 49 21 4073 0 8 75040 0
g_bio 408 4 166 5189 0 30 69360 0
malloc-256 256 151 119 4508 0 62 69120 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 0 2 130 0 1 65536 0
malloc-2048 2048 6 26 1063 0 8 65536 0
malloc-64 64 482 526 53186 0 254 64512 0
64 Bucket 512 84 36 2669 0 30 61440 0
128 Bucket 1024 44 11 728 0 16 56320 0
malloc-384 384 64 76 29485 0 30 53760 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-8192 8192 6 0 6 0 1 49152 0
sctp_raddr 736 0 66 6538 0 254 48576 0
malloc-128 128 329 43 3759 0 126 47616 0
32 Bucket 256 60 120 3268 0 62 46080 0
malloc-1024 1024 6 38 1404 0 16 45056 0
malloc-64 64 537 156 1644 0 254 44352 0
clpbuf 2624 0 16 25 0 16 41984 0
malloc-8192 8192 4 1 6 0 1 40960 0
malloc-1024 1024 2 38 6580 0 16 40960 0
malloc-128 128 66 244 7551 0 126 39680 0
DIRHASH 1024 34 2 34 0 16 36864 0
NAMEI 1024 1 35 25552 0 16 36864 0
malloc-512 512 8 64 6546 0 30 36864 0
pcpu-8 8 4229 379 4257 0 254 36864 0
malloc-64 64 149 418 4739 0 254 36288 0
da_ccb 544 1 62 1423 0 16 34272 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-16384 16384 2 0 17 0 1 32768 0
malloc-16384 16384 2 0 2 0 1 32768 0
malloc-16384 16384 0 2 160 0 1 32768 0
pcpu-64 64 487 25 487 0 254 32768 0
PWD 32 15 867 3384 0 254 28224 0
Files 80 71 279 36103 0 126 28000 0
malloc-384 384 69 1 79 0 30 26880 0
malloc-256 256 67 38 10323 0 62 26880 0
TURNSTILE 136 155 34 155 0 62 25704 0
malloc-8192 8192 2 1 103 0 1 24576 0
malloc-1024 1024 18 6 22 0 16 24576 0
ertt_txseginfo 40 1 605 3462 0 254 24240 0
ttyinq 160 135 15 300 0 62 24000 0
malloc-128 128 141 45 500 0 126 23808 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-256 256 61 29 4080 0 62 23040 0
malloc-4096 4096 3 2 634 0 2 20480 0
malloc-1024 1024 19 1 19 0 16 20480 0
malloc-64 64 251 64 13675 0 254 20160 0
malloc-32 32 49 581 579 0 254 20160 0
malloc-128 128 122 33 3478 0 126 19840 0
Mountpoints 2752 2 5 2 0 4 19264 0
mbuf_packet 256 0 75 19710 0 254 19200 0
malloc-256 256 46 29 431 0 62 19200 0
SLEEPQUEUE 88 155 37 155 0 126 16896 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 3 1 6 0 2 16384 0
malloc-2048 2048 7 1 7 0 8 16384 0
malloc-2048 2048 7 1 7 0 8 16384 0
malloc-32 32 293 211 1251 0 254 16128 0
16 Bucket 144 46 66 326 0 62 16128 0
vtnet_tx_hdr 24 0 668 5556 0 254 16032 0
8 Bucket 80 44 156 1310 0 126 16000 0
malloc-256 256 55 5 596 0 62 15360 0
tcpcb 1080 3 11 7 0 254 15120 0
malloc-4096 4096 1 2 3 0 2 12288 0
malloc-4096 4096 1 2 3480 0 2 12288 0
malloc-2048 2048 4 2 16 0 8 12288 0
malloc-64 64 35 154 13111 0 254 12096 0
malloc-32 32 54 324 26257 0 254 12096 0
malloc-128 128 48 45 3366 0 126 11904 0
sctp_chunk 152 0 78 3269 0 254 11856 0
kenv 258 15 30 1026 0 30 11610 0
malloc-384 384 20 10 367 0 30 11520 0
pipe 744 6 9 289 0 16 11160 0
malloc-4096 4096 0 2 5 0 2 8192 0
malloc-2048 2048 0 4 40 0 8 8192 0
malloc-2048 2048 3 1 3 0 8 8192 0
malloc-2048 2048 1 3 192 0 8 8192 0
malloc-1024 1024 3 5 6703 0 16 8192 0
malloc-1024 1024 2 6 22 0 16 8192 0
malloc-512 512 1 15 119 0 30 8192 0
malloc-512 512 2 14 61 0 30 8192 0
rtentry 176 13 33 17 0 62 8096 0
PGRP 88 19 73 33 0 126 8096 0
rl_entry 40 27 175 27 0 254 8080 0
sctp_laddr 48 0 168 4 0 254 8064 0
syncache 168 0 48 5 0 254 8064 0
udpcb 32 6 246 126 0 254 8064 0
ertt 72 3 109 7 0 126 8064 0
malloc-64 64 30 96 47 0 254 8064 0
malloc-64 64 11 115 74 0 254 8064 0
malloc-32 32 128 124 13244 0 254 8064 0
malloc-32 32 24 228 43 0 254 8064 0
malloc-32 32 56 196 2939 0 254 8064 0
4 Bucket 48 5 163 108 0 254 8064 0
2 Bucket 32 49 203 532 0 254 8064 0
malloc-16 16 18 482 50 0 254 8000 0
malloc-16 16 51 449 258 0 254 8000 0
malloc-16 16 57 443 32950 0 254 8000 0
malloc-16 16 191 309 1429 0 254 8000 0
malloc-16 16 9 491 9 0 254 8000 0
malloc-16 16 270 230 13347 0 254 8000 0
malloc-16 16 14 486 25355 0 254 8000 0
ripcb 496 1 15 4 0 254 7936 0
tcp_inpcb 496 3 13 7 0 254 7936 0
udp_inpcb 496 6 10 126 0 254 7936 0
malloc-128 128 29 33 79 0 126 7936 0
routing nhops 256 10 20 17 0 62 7680 0
unpcb 256 7 23 1181 0 254 7680 0
malloc-384 384 8 12 10 0 30 7680 0
malloc-384 384 1 19 20 0 30 7680 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 8 54 8 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
malloc-1024 1024 2 2 2 0 16 4096 0
malloc-512 512 7 1 7 0 30 4096 0
malloc-512 512 2 6 44 0 30 4096 0
malloc-512 512 1 7 1 0 30 4096 0
malloc-512 512 0 8 1 0 30 4096 0
malloc-512 512 1 7 1 0 30 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
sackhole 32 0 126 2 0 254 4032 0
hostcache 64 1 62 1 0 254 4032 0
malloc-32 32 22 104 43 0 254 4032 0
KNOTE 160 0 25 8 0 62 4000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
swpctrie 144 0 0 0 0 62 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 312 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 48 0 0 0 0 254 0 0
tcp_rack_pcb 832 0 0 0 0 16 0 0
pf mtags 48 0 0 0 0 254 0 0
tcp_rack_map 112 0 0 0 0 126 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
udplite_inpcb 496 0 0 0 0 254 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIO 208 0 0 0 0 62 0 0
TMPFS node 224 0 0 0 0 62 0 0
AIO 208 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
NCLNODE 592 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 24 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls
Mark Johnston
7 sept. 2021, 18:53:5407/09/2021
à syzbot,syzkaller-f...@googlegroups.com
Répondre à tous
Répondre à l'auteur
Transférer
0 nouveau message