panic: Data modified on freelist: word 5 of object ADDR size 0xa0 previous type devbuf (0xd != ADDR)
已查看 4 次
跳至第一个未读帖子
syzbot
2019年10月12日 06:11:072019/10/12
收件人 syzkaller-o...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 353d0464 When available use "interrupt-names" to select th..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=162786c7600000
kernel config: https://syzkaller.appspot.com/x/.config?x=d0fe83f82fe104d4
dashboard link: https://syzkaller.appspot.com/bug?extid=a4e4f895a211f85554e7
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+a4e4f8...@syzkaller.appspotmail.com
panic: Data modified on freelist: word 5 of object 0xffff800000ad6700 size
0xa0 previous type devbuf (0xd != 0xdead4110)
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*176556 2158 0 0x100002 0 0 ndp
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(a0,5,1) at malloc+0xa23 sys/kern/kern_malloc.c:331
route_output(fffffd8036d79b00,fffffd8037015180,0,0) at route_output+0x1b3
sys/net/rtsock.c:706
route_usrreq(fffffd8037015180,9,fffffd8036d79b00,0,0,ffff8000ffff29f8) at
route_usrreq+0x363 sys/net/rtsock.c:275
sosend(fffffd8037015180,0,ffff800017b4d3a8,0,0,0) at sosend+0x63d
sys/kern/uipc_socket.c:524
dofilewritev(ffff8000ffff29f8,3,ffff800017b4d3a8,0,ffff800017b4d490) at
dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_write(ffff8000ffff29f8,ffff800017b4d440,ffff800017b4d490) at
sys_write+0x83 sys/kern/sys_generic.c:284
syscall(ffff800017b4d510) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,4,7f7ffffc01ff,4,a0,e1cd5d3cfc0) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbfff0, count: 5
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
Data modified on freelist: word 5 of object 0xffff800000ad6700 size 0xa0
previous type devbuf (0xd != 0xdead4110)
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(a0,5,1) at malloc+0xa23 sys/kern/kern_malloc.c:331
route_output(fffffd8036d79b00,fffffd8037015180,0,0) at route_output+0x1b3
sys/net/rtsock.c:706
route_usrreq(fffffd8037015180,9,fffffd8036d79b00,0,0,ffff8000ffff29f8) at
route_usrreq+0x363 sys/net/rtsock.c:275
sosend(fffffd8037015180,0,ffff800017b4d3a8,0,0,0) at sosend+0x63d
sys/kern/uipc_socket.c:524
dofilewritev(ffff8000ffff29f8,3,ffff800017b4d3a8,0,ffff800017b4d490) at
dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_write(ffff8000ffff29f8,ffff800017b4d440,ffff800017b4d490) at
sys_write+0x83 sys/kern/sys_generic.c:284
syscall(ffff800017b4d510) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,4,7f7ffffc01ff,4,a0,e1cd5d3cfc0) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbfff0, count: -10
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff800017b4ced0
rbx 0xffff800017b4cf80
rdx 0x2
rcx 0
rax 0
r8 0xffff800017b4ce90
r9 0x1
r10 0
r11 0xaf3493e5aee2aba4
r12 0x3000000008
r13 0xffff800017b4cee0
r14 0x100
r15 0x1
rip 0xffffffff81878d48 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800017b4cec0
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (ndp) pid=176556 stat=onproc
flags process=100002<EXEC,PLEDGE> proc=0
pri=86, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff3650,0xffffffff8259e2a8
process=0xffff8000148a30f8 user=0xffff800017b48000,
vmspace=0xfffffd803f014000
estcpu=36, cpticks=2, pctcpu=0.0
user=1, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
* 2158 176556 91434 0 7 0x100002 ndp
91434 524105 53314 0 3 0x10008a pause sh
53314 449703 98179 0 3 0x82 wait syz-executor.1
44106 67276 98179 0 3 0x82 piperd syz-executor.0
85802 513083 0 0 3 0x14200 acct acct
92416 270377 0 0 3 0x14200 bored sosplice
98179 516972 24285 0 3 0x82 thrsleep syz-fuzzer
98179 220116 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 14860 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 40367 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 313051 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 227868 24285 0 3 0x4000082 kqread syz-fuzzer
98179 416928 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 114087 24285 0 3 0x4000082 thrsleep syz-fuzzer
24285 422864 30827 0 3 0x10008a pause ksh
30827 112146 19209 0 3 0x92 select sshd
33275 66658 1 0 3 0x100083 ttyin getty
19209 377098 1 0 3 0x80 select sshd
8237 374308 31231 73 3 0x100090 kqread syslogd
31231 24524 1 0 3 0x100082 netio syslogd
49551 448018 1 77 3 0x100090 poll dhclient
13231 506987 1 0 3 0x80 poll dhclient
96937 347209 0 0 2 0x14200 zerothread
23689 307092 0 0 3 0x14200 aiodoned aiodoned
24547 36994 0 0 3 0x14200 syncer update
18201 35247 0 0 3 0x14200 cleaner cleaner
59120 415499 0 0 3 0x14200 reaper reaper
53843 73149 0 0 3 0x14200 pgdaemon pagedaemon
89398 73079 0 0 3 0x14200 bored crynlk
94627 356368 0 0 3 0x14200 bored crypto
82374 458352 0 0 3 0x40014200 acpi0 acpi0
21133 404041 0 0 3 0x14200 bored softnet
76641 342004 0 0 3 0x14200 bored systqmp
76425 387239 0 0 3 0x14200 bored systq
38649 448261 0 0 3 0x40014200 bored softclock
86371 194403 0 0 3 0x40014200 idle0
95663 334079 0 0 3 0x14200 bored smr
1 523524 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9499 6340K 7694K 78643K 12178 0 0
pcb 13 10K 12K 78643K 107 0 0
rtable 93 3K 4K 78643K 485 0 0
ifaddr 53 12K 13K 78643K 115 0 0
counters 19 16K 16K 78643K 19 0 0
ioctlops 0 0K 2K 78643K 33 0 0
iov 0 0K 16K 78643K 82 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1238 78K 78K 78643K 1774 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 8 0 0
VM map 4 1K 1K 78643K 4 0 0
sem 11 1K 1K 78643K 11 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1793 195K 288K 78643K 12645 0 0
file desc 6 17K 25K 78643K 399 0 0
sigio 0 0K 0K 78643K 30 0 0
proc 49 38K 63K 78643K 548 0 0
subproc 32 2K 2K 78643K 102 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 188 0 0
in_multi 23 1K 2K 78643K 105 0 0
ether_multi 1 0K 0K 78643K 3 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 60 265K 265K 78643K 60 0 0
exec 0 0K 1K 78643K 294 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 96 37K 39K 78643K 1905 0 0
UVM aobj 19 2K 2K 78643K 19 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 90 0 0
NDP 13 0K 0K 78643K 36 0 0
temp 163 3543K 3615K 78643K 12402 0 0
kqueue 0 0K 0K 78643K 6 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg
Idle
arp 64 17 0 12 1 0 1 1 0
8 0
rtpcb 80 45 0 42 1 0 1 1 0
8 0
rtentry 112 102 0 67 2 0 2 2 0
8 0
unpcb 120 357 0 349 3 2 1 2 0
8 0
syncache 264 4 0 4 1 1 0 1 0
8 0
tcpcb 544 434 0 430 12 5 7 12 0
8 6
ipq 40 4 0 4 2 2 0 1 0
8 0
ipqe 40 180 0 180 2 2 0 1 0
8 0
inpcb 280 708 0 701 11 4 7 9 0
8 6
nd6 48 13 0 11 1 0 1 1 0
8 0
ppxss 1128 5 0 5 3 2 1 1 0
8 1
art_heap8 4096 1 0 0 1 0 1 1 0
8 0
art_heap4 256 443 0 269 15 1 14 15 0
8 3
art_table 32 444 0 269 2 0 2 2 0
8 0
art_node 16 101 0 69 1 0 1 1 0
8 0
sysvmsgpl 40 33 0 29 1 0 1 1 0
8 0
semupl 112 1 0 1 1 1 0 1 0
8 0
semapl 112 9 0 0 1 0 1 1 0
8 0
shmpl 112 17 0 0 1 0 1 1 0
8 0
dirhash 1024 17 0 0 3 0 3 3 0
8 0
dino1pl 128 1984 0 585 46 0 46 46 0
8 0
ffsino 240 1984 0 585 83 0 83 83 0
8 0
nchpl 144 2764 0 1173 60 0 60 60 0
8 0
uvmvnodes 72 2474 0 0 45 0 45 45 0
8 0
vnodes 208 2474 0 0 131 0 131 131 0
8 0
namei 1024 8452 0 8452 2 1 1 1 0
8 1
vcpupl 1984 2 0 0 1 0 1 1 0
8 0
vmpool 520 2 0 0 1 0 1 1 0
8 0
scxspl 192 7869 0 7869 9 8 1 7 0
8 1
plimitpl 152 49 0 42 1 0 1 1 0
8 0
sigapl 432 558 0 544 2 0 2 2 0
8 0
futexpl 56 10413 0 10413 3 2 1 1 0
8 1
knotepl 112 180 0 159 1 0 1 1 0
8 0
kqueuepl 104 205 0 203 4 2 2 4 0
8 1
pipepl 112 476 0 457 2 0 2 2 0
8 1
fdescpl 424 559 0 544 2 0 2 2 0
8 0
filepl 120 4639 0 4543 12 3 9 11 0
8 6
lockfpl 104 169 0 168 1 0 1 1 0
8 0
lockfspl 48 52 0 51 1 0 1 1 0
8 0
sessionpl 112 21 0 11 1 0 1 1 0
8 0
pgrppl 48 23 0 13 1 0 1 1 0
8 0
ucredpl 96 629 0 622 1 0 1 1 0
8 0
zombiepl 144 544 0 544 1 0 1 1 0
8 1
processpl 864 575 0 544 4 0 4 4 0
8 0
procpl 632 1038 0 1000 5 1 4 5 0
8 0
sosppl 128 2 0 2 1 1 0 1 0
8 0
sockpl 384 1113 0 1095 18 10 8 13 0
8 6
mcl64k 65536 27 0 27 3 2 1 1 0
8 1
mcl16k 16384 6 0 6 3 2 1 1 0
8 1
mcl12k 12288 11 0 11 3 2 1 1 0
8 1
mcl9k 9216 11 0 11 3 2 1 1 0
8 1
mcl8k 8192 13 0 13 3 2 1 1 0
8 1
mcl4k 4096 39 0 39 4 3 1 1 0
8 1
mcl2k2 2112 1 0 1 1 1 0 1 0
8 0
mcl2k 2048 67077 0 67034 17 10 7 13 0
8 1
mtagpl 80 11 0 11 2 1 1 1 0
8 1
mbufpl 256 110025 0 109939 36 29 7 22 0
8 1
bufpl 256 8339 0 2271 380 0 380 380 0
8 0
anonpl 16 94086 0 80738 98 17 81 88 0
62 9
amapchunkpl 152 3490 0 3383 18 12 6 15 0
158 1
amappl16 192 3606 0 2618 74 17 57 64 0
8 7
amappl15 184 15 0 14 1 0 1 1 0
8 0
amappl14 176 138 0 134 1 0 1 1 0
8 0
amappl13 168 23 0 21 1 0 1 1 0
8 0
amappl12 160 29 0 26 1 0 1 1 0
8 0
amappl11 152 60 0 46 1 0 1 1 0
8 0
amappl10 144 137 0 137 1 0 1 1 0
8 1
amappl9 136 632 0 626 1 0 1 1 0
8 0
amappl8 128 194 0 172 1 0 1 1 0
8 0
amappl7 120 172 0 166 1 0 1 1 0
8 0
amappl6 112 75 0 66 1 0 1 1 0
8 0
amappl5 104 175 0 162 1 0 1 1 0
8 0
amappl4 96 775 0 749 1 0 1 1 0
8 0
amappl3 88 215 0 210 1 0 1 1 0
8 0
amappl2 80 3450 0 3388 3 1 2 3 0
8 0
amappl1 72 20098 0 19644 26 17 9 20 0
8 0
amappl 80 1331 0 1294 2 0 2 2 0
84 0
dma4096 4096 1 0 1 1 1 0 1 0
8 0
dma256 256 6 0 6 1 1 0 1 0
8 0
dma128 128 253 0 253 1 1 0 1 0
8 0
dma64 64 6 0 6 1 1 0 1 0
8 0
dma32 32 7 0 7 1 1 0 1 0
8 0
dma16 16 17 0 17 1 1 0 1 0
8 0
aobjpl 64 18 0 0 1 0 1 1 0
8 0
uaddrrnd 24 561 0 544 1 0 1 1 0
8 0
uaddrbest 32 2 0 0 1 0 1 1 0
8 0
uaddr 24 561 0 544 1 0 1 1 0
8 0
vmmpekpl 168 8572 0 8543 2 0 2 2 0
8 0
vmmpepl 168 77204 0 75175 170 39 131 131 0 357
40
vmsppl 272 558 0 544 2 1 1 2 0
8 0
pdppl 4096 1128 0 1090 6 1 5 6 0
8 0
pvpl 32 280183 0 263597 308 40 268 308 0 265
102
pmappl 200 560 0 544 1 0 1 1 0
8 0
extentpl 40 41 0 26 1 0 1 1 0
8 0
phpool 112 572 0 59 15 0 15 15 0
8 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 353d0464 When available use "interrupt-names" to select th..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=162786c7600000
kernel config: https://syzkaller.appspot.com/x/.config?x=d0fe83f82fe104d4
dashboard link: https://syzkaller.appspot.com/bug?extid=a4e4f895a211f85554e7
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+a4e4f8...@syzkaller.appspotmail.com
panic: Data modified on freelist: word 5 of object 0xffff800000ad6700 size
0xa0 previous type devbuf (0xd != 0xdead4110)
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*176556 2158 0 0x100002 0 0 ndp
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(a0,5,1) at malloc+0xa23 sys/kern/kern_malloc.c:331
route_output(fffffd8036d79b00,fffffd8037015180,0,0) at route_output+0x1b3
sys/net/rtsock.c:706
route_usrreq(fffffd8037015180,9,fffffd8036d79b00,0,0,ffff8000ffff29f8) at
route_usrreq+0x363 sys/net/rtsock.c:275
sosend(fffffd8037015180,0,ffff800017b4d3a8,0,0,0) at sosend+0x63d
sys/kern/uipc_socket.c:524
dofilewritev(ffff8000ffff29f8,3,ffff800017b4d3a8,0,ffff800017b4d490) at
dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_write(ffff8000ffff29f8,ffff800017b4d440,ffff800017b4d490) at
sys_write+0x83 sys/kern/sys_generic.c:284
syscall(ffff800017b4d510) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,4,7f7ffffc01ff,4,a0,e1cd5d3cfc0) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbfff0, count: 5
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
Data modified on freelist: word 5 of object 0xffff800000ad6700 size 0xa0
previous type devbuf (0xd != 0xdead4110)
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(a0,5,1) at malloc+0xa23 sys/kern/kern_malloc.c:331
route_output(fffffd8036d79b00,fffffd8037015180,0,0) at route_output+0x1b3
sys/net/rtsock.c:706
route_usrreq(fffffd8037015180,9,fffffd8036d79b00,0,0,ffff8000ffff29f8) at
route_usrreq+0x363 sys/net/rtsock.c:275
sosend(fffffd8037015180,0,ffff800017b4d3a8,0,0,0) at sosend+0x63d
sys/kern/uipc_socket.c:524
dofilewritev(ffff8000ffff29f8,3,ffff800017b4d3a8,0,ffff800017b4d490) at
dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_write(ffff8000ffff29f8,ffff800017b4d440,ffff800017b4d490) at
sys_write+0x83 sys/kern/sys_generic.c:284
syscall(ffff800017b4d510) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,4,7f7ffffc01ff,4,a0,e1cd5d3cfc0) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbfff0, count: -10
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff800017b4ced0
rbx 0xffff800017b4cf80
rdx 0x2
rcx 0
rax 0
r8 0xffff800017b4ce90
r9 0x1
r10 0
r11 0xaf3493e5aee2aba4
r12 0x3000000008
r13 0xffff800017b4cee0
r14 0x100
r15 0x1
rip 0xffffffff81878d48 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800017b4cec0
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (ndp) pid=176556 stat=onproc
flags process=100002<EXEC,PLEDGE> proc=0
pri=86, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff3650,0xffffffff8259e2a8
process=0xffff8000148a30f8 user=0xffff800017b48000,
vmspace=0xfffffd803f014000
estcpu=36, cpticks=2, pctcpu=0.0
user=1, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
* 2158 176556 91434 0 7 0x100002 ndp
91434 524105 53314 0 3 0x10008a pause sh
53314 449703 98179 0 3 0x82 wait syz-executor.1
44106 67276 98179 0 3 0x82 piperd syz-executor.0
85802 513083 0 0 3 0x14200 acct acct
92416 270377 0 0 3 0x14200 bored sosplice
98179 516972 24285 0 3 0x82 thrsleep syz-fuzzer
98179 220116 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 14860 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 40367 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 313051 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 227868 24285 0 3 0x4000082 kqread syz-fuzzer
98179 416928 24285 0 3 0x4000082 thrsleep syz-fuzzer
98179 114087 24285 0 3 0x4000082 thrsleep syz-fuzzer
24285 422864 30827 0 3 0x10008a pause ksh
30827 112146 19209 0 3 0x92 select sshd
33275 66658 1 0 3 0x100083 ttyin getty
19209 377098 1 0 3 0x80 select sshd
8237 374308 31231 73 3 0x100090 kqread syslogd
31231 24524 1 0 3 0x100082 netio syslogd
49551 448018 1 77 3 0x100090 poll dhclient
13231 506987 1 0 3 0x80 poll dhclient
96937 347209 0 0 2 0x14200 zerothread
23689 307092 0 0 3 0x14200 aiodoned aiodoned
24547 36994 0 0 3 0x14200 syncer update
18201 35247 0 0 3 0x14200 cleaner cleaner
59120 415499 0 0 3 0x14200 reaper reaper
53843 73149 0 0 3 0x14200 pgdaemon pagedaemon
89398 73079 0 0 3 0x14200 bored crynlk
94627 356368 0 0 3 0x14200 bored crypto
82374 458352 0 0 3 0x40014200 acpi0 acpi0
21133 404041 0 0 3 0x14200 bored softnet
76641 342004 0 0 3 0x14200 bored systqmp
76425 387239 0 0 3 0x14200 bored systq
38649 448261 0 0 3 0x40014200 bored softclock
86371 194403 0 0 3 0x40014200 idle0
95663 334079 0 0 3 0x14200 bored smr
1 523524 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9499 6340K 7694K 78643K 12178 0 0
pcb 13 10K 12K 78643K 107 0 0
rtable 93 3K 4K 78643K 485 0 0
ifaddr 53 12K 13K 78643K 115 0 0
counters 19 16K 16K 78643K 19 0 0
ioctlops 0 0K 2K 78643K 33 0 0
iov 0 0K 16K 78643K 82 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1238 78K 78K 78643K 1774 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 8 0 0
VM map 4 1K 1K 78643K 4 0 0
sem 11 1K 1K 78643K 11 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1793 195K 288K 78643K 12645 0 0
file desc 6 17K 25K 78643K 399 0 0
sigio 0 0K 0K 78643K 30 0 0
proc 49 38K 63K 78643K 548 0 0
subproc 32 2K 2K 78643K 102 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 188 0 0
in_multi 23 1K 2K 78643K 105 0 0
ether_multi 1 0K 0K 78643K 3 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 60 265K 265K 78643K 60 0 0
exec 0 0K 1K 78643K 294 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 96 37K 39K 78643K 1905 0 0
UVM aobj 19 2K 2K 78643K 19 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 90 0 0
NDP 13 0K 0K 78643K 36 0 0
temp 163 3543K 3615K 78643K 12402 0 0
kqueue 0 0K 0K 78643K 6 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg
Idle
arp 64 17 0 12 1 0 1 1 0
8 0
rtpcb 80 45 0 42 1 0 1 1 0
8 0
rtentry 112 102 0 67 2 0 2 2 0
8 0
unpcb 120 357 0 349 3 2 1 2 0
8 0
syncache 264 4 0 4 1 1 0 1 0
8 0
tcpcb 544 434 0 430 12 5 7 12 0
8 6
ipq 40 4 0 4 2 2 0 1 0
8 0
ipqe 40 180 0 180 2 2 0 1 0
8 0
inpcb 280 708 0 701 11 4 7 9 0
8 6
nd6 48 13 0 11 1 0 1 1 0
8 0
ppxss 1128 5 0 5 3 2 1 1 0
8 1
art_heap8 4096 1 0 0 1 0 1 1 0
8 0
art_heap4 256 443 0 269 15 1 14 15 0
8 3
art_table 32 444 0 269 2 0 2 2 0
8 0
art_node 16 101 0 69 1 0 1 1 0
8 0
sysvmsgpl 40 33 0 29 1 0 1 1 0
8 0
semupl 112 1 0 1 1 1 0 1 0
8 0
semapl 112 9 0 0 1 0 1 1 0
8 0
shmpl 112 17 0 0 1 0 1 1 0
8 0
dirhash 1024 17 0 0 3 0 3 3 0
8 0
dino1pl 128 1984 0 585 46 0 46 46 0
8 0
ffsino 240 1984 0 585 83 0 83 83 0
8 0
nchpl 144 2764 0 1173 60 0 60 60 0
8 0
uvmvnodes 72 2474 0 0 45 0 45 45 0
8 0
vnodes 208 2474 0 0 131 0 131 131 0
8 0
namei 1024 8452 0 8452 2 1 1 1 0
8 1
vcpupl 1984 2 0 0 1 0 1 1 0
8 0
vmpool 520 2 0 0 1 0 1 1 0
8 0
scxspl 192 7869 0 7869 9 8 1 7 0
8 1
plimitpl 152 49 0 42 1 0 1 1 0
8 0
sigapl 432 558 0 544 2 0 2 2 0
8 0
futexpl 56 10413 0 10413 3 2 1 1 0
8 1
knotepl 112 180 0 159 1 0 1 1 0
8 0
kqueuepl 104 205 0 203 4 2 2 4 0
8 1
pipepl 112 476 0 457 2 0 2 2 0
8 1
fdescpl 424 559 0 544 2 0 2 2 0
8 0
filepl 120 4639 0 4543 12 3 9 11 0
8 6
lockfpl 104 169 0 168 1 0 1 1 0
8 0
lockfspl 48 52 0 51 1 0 1 1 0
8 0
sessionpl 112 21 0 11 1 0 1 1 0
8 0
pgrppl 48 23 0 13 1 0 1 1 0
8 0
ucredpl 96 629 0 622 1 0 1 1 0
8 0
zombiepl 144 544 0 544 1 0 1 1 0
8 1
processpl 864 575 0 544 4 0 4 4 0
8 0
procpl 632 1038 0 1000 5 1 4 5 0
8 0
sosppl 128 2 0 2 1 1 0 1 0
8 0
sockpl 384 1113 0 1095 18 10 8 13 0
8 6
mcl64k 65536 27 0 27 3 2 1 1 0
8 1
mcl16k 16384 6 0 6 3 2 1 1 0
8 1
mcl12k 12288 11 0 11 3 2 1 1 0
8 1
mcl9k 9216 11 0 11 3 2 1 1 0
8 1
mcl8k 8192 13 0 13 3 2 1 1 0
8 1
mcl4k 4096 39 0 39 4 3 1 1 0
8 1
mcl2k2 2112 1 0 1 1 1 0 1 0
8 0
mcl2k 2048 67077 0 67034 17 10 7 13 0
8 1
mtagpl 80 11 0 11 2 1 1 1 0
8 1
mbufpl 256 110025 0 109939 36 29 7 22 0
8 1
bufpl 256 8339 0 2271 380 0 380 380 0
8 0
anonpl 16 94086 0 80738 98 17 81 88 0
62 9
amapchunkpl 152 3490 0 3383 18 12 6 15 0
158 1
amappl16 192 3606 0 2618 74 17 57 64 0
8 7
amappl15 184 15 0 14 1 0 1 1 0
8 0
amappl14 176 138 0 134 1 0 1 1 0
8 0
amappl13 168 23 0 21 1 0 1 1 0
8 0
amappl12 160 29 0 26 1 0 1 1 0
8 0
amappl11 152 60 0 46 1 0 1 1 0
8 0
amappl10 144 137 0 137 1 0 1 1 0
8 1
amappl9 136 632 0 626 1 0 1 1 0
8 0
amappl8 128 194 0 172 1 0 1 1 0
8 0
amappl7 120 172 0 166 1 0 1 1 0
8 0
amappl6 112 75 0 66 1 0 1 1 0
8 0
amappl5 104 175 0 162 1 0 1 1 0
8 0
amappl4 96 775 0 749 1 0 1 1 0
8 0
amappl3 88 215 0 210 1 0 1 1 0
8 0
amappl2 80 3450 0 3388 3 1 2 3 0
8 0
amappl1 72 20098 0 19644 26 17 9 20 0
8 0
amappl 80 1331 0 1294 2 0 2 2 0
84 0
dma4096 4096 1 0 1 1 1 0 1 0
8 0
dma256 256 6 0 6 1 1 0 1 0
8 0
dma128 128 253 0 253 1 1 0 1 0
8 0
dma64 64 6 0 6 1 1 0 1 0
8 0
dma32 32 7 0 7 1 1 0 1 0
8 0
dma16 16 17 0 17 1 1 0 1 0
8 0
aobjpl 64 18 0 0 1 0 1 1 0
8 0
uaddrrnd 24 561 0 544 1 0 1 1 0
8 0
uaddrbest 32 2 0 0 1 0 1 1 0
8 0
uaddr 24 561 0 544 1 0 1 1 0
8 0
vmmpekpl 168 8572 0 8543 2 0 2 2 0
8 0
vmmpepl 168 77204 0 75175 170 39 131 131 0 357
40
vmsppl 272 558 0 544 2 1 1 2 0
8 0
pdppl 4096 1128 0 1090 6 1 5 6 0
8 0
pvpl 32 280183 0 263597 308 40 268 308 0 265
102
pmappl 200 560 0 544 1 0 1 1 0
8 0
extentpl 40 41 0 26 1 0 1 1 0
8 0
phpool 112 572 0 59 15 0 15 15 0
8 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Anton Lindqvist
2019年10月13日 10:21:212019/10/13
收件人 syzbot、syzkaller-o...@googlegroups.com
Will likely occur again, next time with a normalized title.
#syz invalid
#syz invalid
回复全部
回复作者
转发
0 个新帖子