panic: handle_workitem_remove: bad file delta

2 views
Skip to first unread message

syzbot

unread,
Jul 29, 2025, 5:09:33 AMJul 29
to syzkaller-f...@googlegroups.com
Hello,

syzbot found the following issue on:

HEAD commit: 0ded4647215c vtnet.4: update description of loader tunables
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=11c144a2580000
dashboard link: https://syzkaller.appspot.com/bug?extid=18722c8e4008048efb51
userspace arch: i386

Unfortunately, I don't have any reproducer for this issue yet.

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+18722c...@syzkaller.appspotmail.com

panic: handle_workitem_remove: bad file delta
cpuid = 0
time = 101
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0056c527d0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0056c52930
vpanic() at vpanic+0x257/frame 0xfffffe0056c52af0
panic() at panic+0xb5/frame 0xfffffe0056c52bb0
handle_workitem_remove() at handle_workitem_remove+0xedf/frame 0xfffffe0056c52cf0
process_worklist_item() at process_worklist_item+0x525/frame 0xfffffe0056c52e40
softdep_process_worklist() at softdep_process_worklist+0xfd/frame 0xfffffe0056c52e90
softdep_flush() at softdep_flush+0x1a4/frame 0xfffffe0056c52ef0
fork_exit() at fork_exit+0xcc/frame 0xfffffe0056c52f30
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0056c52f30
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 14 tid 100093 ]
Stopped at kdb_enter+0x6e: movq $0,0x25c45c7(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0xfffffe0002bf1850
rdx 0
rbx 0xffffffff827cb4c0 .str.27
rsp 0xfffffe0056c52910
rbp 0xfffffe0056c52930
rsi 0
rdi 0xffffffff81614a99 printf+0x149
r8 0
r9 0xffffffff
r10 0x74c34662ca664c4c
r11 0x19
r12 0xfffffe00540be000
r13 0xfffffffffffffffe
r14 0xffffffff827cb4c0 .str.27
r15 0
rip 0xffffffff815fe5ce kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x25c45c7(%rip)
db> show proc
Process 14 (bufdaemon) at 0xfffffe000780a5c0:
state: NORMAL
uid: 0 gids: 0
parent: pid 0 at 0xffffffff83b4d060
ABI: null
flag: 0x10000284 flag2: 0
reaper: 0xffffffff83b4d060 reapsubtree: 14
sigparent: 20
vmspace: 0xffffffff83b4e040
(map 0xffffffff83b4e040)
(map.pmap 0xffffffff83b4e0e0)
(pmap 0xffffffff83b4e150)
threads: 3
100079 D psleep 0xffffffff83cbfd60 [bufdaemon]
100082 D - 0xffffffff83001ec0 [bufspacedaemon-0]
100093 Run CPU 0 [/ worker]
db> ps
pid ppid pgrp uid state wmesg wchan cmd
6497 797 797 0 R (threaded) syz-executor
106298 RunQ syz-executor
106299 RunQ syz-executor
6496 6414 6414 0 R (threaded) syz-executor
106182 Run CPU 1 syz-executor
106297 S lockf 0xfffffe0007671b00 syz-executor
6493 1 6414 0 S uwait 0xfffffe007cc1ea80 syz-executor
6473 1 797 0 S uwait 0xfffffe007cc1d800 syz-executor
6444 1 6414 0 S uwait 0xfffffe007cc1db00 syz-executor
6420 1 4628 0 S uwait 0xfffffe007cc1e780 syz-executor
6414 762 6414 0 S nanslp 0xffffffff83ba3c41 syz-executor
6390 1 4752 0 S uwait 0xfffffe007cc1ec80 syz-executor
6373 1 4752 0 S uwait 0xfffffe007cc1d700 syz-executor
6362 1 6361 0 S uwait 0xfffffe0053e0e380 syz-executor
6348 1 4628 0 SV uwait 0xfffffe0058257380 syz-executor
6347 1 4628 0 S uwait 0xfffffe007cc1f400 syz-executor
6323 1 4628 0 S uwait 0xfffffe007cc1f600 syz-executor
6322 1 4628 0 S uwait 0xfffffe007cc1e480 syz-executor
6315 1 6017 0 SV sigwait 0xfffffe00541f8110 syz-executor
6234 1 4752 0 S uwait 0xfffffe007cc1eb80 syz-executor
6233 1 4752 0 S uwait 0xfffffe0058257280 syz-executor
6217 1 6017 0 SV uwait 0xfffffe007cc1f900 syz-executor
6205 1 6017 0 S uwait 0xfffffe007cc1f800 syz-executor
6191 1 4628 0 S uwait 0xfffffe007cc62100 syz-executor
6163 1 797 60928 S uwait 0xfffffe00584ee300 syz-executor
6158 1 4752 0 S uwait 0xfffffe007cc1fa00 syz-executor
6149 1 4628 0 T syz-executor
6147 1 6017 0 SV sigwait 0xfffffe00541e4110 syz-executor
6143 1 4628 60928 S uwait 0xfffffe007cc1fe00 syz-executor
6090 1 4628 0 S uwait 0xfffffe00584ee700 syz-executor
6082 1 6017 60928 S uwait 0xfffffe007cc61e80 syz-executor
6064 1 797 0 S uwait 0xfffffe0058257880 syz-executor
5963 1 5963 0 SVs aiowc 0xfffffe00541d08e8 syz-executor
5956 1 4752 0 SV sigwait 0xfffffe00541c0650 syz-executor
5948 1 4752 0 S uwait 0xfffffe0053e0e600 syz-executor
5923 1 804 0 S uwait 0xfffffe00584eee00 syz-executor
5913 1 797 0 S uwait 0xfffffe007cc20080 syz-executor
5866 1 804 60928 S uwait 0xfffffe0058257480 syz-executor
5836 1 4752 0 S uwait 0xfffffe00584ee600 syz-executor
5800 1 797 0 T syz-executor
5780 1 804 60928 S uwait 0xfffffe00584eeb00 syz-executor
5778 1 5778 0 SVs aiowc 0xfffffe00541a53e8 syz-executor
5775 1 4752 60928 S uwait 0xfffffe007cc62200 syz-executor
5710 1 797 60928 S uwait 0xfffffe00584eb880 syz-executor
5659 1 5659 0 S uwait 0xfffffe00584eb780 syz-executor
5638 1 804 0 S uwait 0xfffffe0053e0e500 syz-executor
5622 1 804 0 S uwait 0xfffffe00584eec00 syz-executor
5566 1 804 0 S uwait 0xfffffe007cc20280 syz-executor
5565 1 804 0 S uwait 0xfffffe0059678200 syz-executor
5498 1 4628 60928 S uwait 0xfffffe0053e0eb00 syz-executor
5433 1 4752 0 S uwait 0xfffffe00584ee900 syz-executor
5395 1 4752 0 S uwait 0xfffffe0058257680 syz-executor
5317 1 797 0 S uwait 0xfffffe0058257180 syz-executor
5303 1 4752 60928 S uwait 0xfffffe0053e0ec00 syz-executor
5282 1 804 0 S uwait 0xfffffe00584ec900 syz-executor
5263 1 4752 0 S uwait 0xfffffe0059679980 syz-executor
5259 1 4752 0 S uwait 0xfffffe0059678300 syz-executor
5192 1 804 0 S umtxn 0xfffffe0058257b80 syz-executor
5181 0 0 0 DL mdwait 0xfffffe0077e6b000 [md11]
5169 1 804 0 S uwait 0xfffffe00584ecc00 syz-executor
5154 1 804 0 S uwait 0xfffffe0059678800 syz-executor
5136 1 5136 0 S uwait 0xfffffe0058258b80 syz-executor
5110 1 797 0 S uwait 0xfffffe0059678a00 syz-executor
5076 1 797 0 S uwait 0xfffffe0053e0e700 syz-executor
4994 1 4628 0 S uwait 0xfffffe0059678400 syz-executor
4982 1 804 0 S uwait 0xfffffe0053e0ed00 syz-executor
4932 1 4752 0 S uwait 0xfffffe00584ece00 syz-executor
4891 1 4628 0 S uwait 0xfffffe00584ec700 syz-executor
4880 1 4628 0 S uwait 0xfffffe0058258480 syz-executor
4878 1 4628 0 S uwait 0xfffffe0058257a80 syz-executor
4875 1 4752 0 S uwait 0xfffffe0059678100 syz-executor
4848 1 797 60929 S uwait 0xfffffe0059679080 syz-executor
4841 1 797 0 S uwait 0xfffffe00584ecf00 syz-executor
4840 1 804 0 S uwait 0xfffffe0059678c00 syz-executor
4820 1 804 60929 S uwait 0xfffffe0058258c80 syz-executor
4793 1 4628 0 S uwait 0xfffffe0058257780 syz-executor
4770 1 4628 0 T uwait 0xfffffe0053e0ef00 syz-executor
4752 762 4752 0 R syz-executor
4713 0 0 0 DL mdwait 0xfffffe0077ea9000 [md10]
4628 762 4628 0 R syz-executor
4626 1 803 0 S uwait 0xfffffe0059678700 syz-executor
4485 1 803 0 S uwait 0xfffffe0059678900 syz-executor
4472 0 0 0 DL mdwait 0xfffffe0077d22000 [md9]
4456 1 801 0 S uwait 0xfffffe0058258580 syz-executor
4432 1 804 0 S uwait 0xfffffe0059678d00 syz-executor
4387 1 804 0 S uwait 0xfffffe00584ec200 syz-executor
4350 1 804 0 S uwait 0xfffffe0058258880 syz-executor
4324 1 797 0 S uwait 0xfffffe0059678e00 syz-executor
4311 1 797 0 S uwait 0xfffffe0059678b00 syz-executor
4218 1 797 0 S uwait 0xfffffe0058258780 syz-executor
4208 1 797 0 S uwait 0xfffffe0058257980 syz-executor
4200 1 804 0 S uwait 0xfffffe0058257e00 syz-executor
4164 0 0 0 DL - 0xffffffff83cb3e00 [soaiod4]
4163 0 0 0 DL - 0xffffffff83cb3e00 [soaiod3]
4162 0 0 0 DL - 0xffffffff83cb3e00 [soaiod2]
4161 0 0 0 DL - 0xffffffff83cb3e00 [soaiod1]
4145 1 797 0 S uwait 0xfffffe0058258280 syz-executor
4141 1 804 60928 S uwait 0xfffffe0059679d80 syz-executor
4125 1 797 0 S uwait 0xfffffe005825a280 syz-executor
3960 0 0 0 DL (threaded) [so_splice]
103323 D - 0xfffffe0058257d00 [thr_0]
103360 D - 0xfffffe0058257d40 [thr_1]
3950 1 804 0 S uwait 0xfffffe00584eb980 syz-executor
3912 1 797 0 S uwait 0xfffffe00584ec600 syz-executor
3884 1 801 0 S uwait 0xfffffe0058258a80 syz-executor
3883 1 801 0 S uwait 0xfffffe0058258380 syz-executor
3872 0 0 0 DL mdwait 0xfffffe0077c5a000 [md8]
3835 1 801 0 S uwait 0xfffffe0058259100 syz-executor
3806 1 801 0 S uwait 0xfffffe005825a380 syz-executor
3732 1 804 0 S uwait 0xfffffe00584ecb00 syz-executor
3709 0 0 0 DL mdwait 0xfffffe0077c5c000 [md2147483519]
3684 1 803 0 S uwait 0xfffffe00584ec000 syz-executor
3644 1 797 0 S uwait 0xfffffe00584eb080 syz-executor
3643 1 797 0 S uwait 0xfffffe00584eb180 syz-executor
3611 1 804 0 S uwait 0xfffffe0058259c00 syz-executor
3521 0 0 0 DL mdwait 0xfffffe0077d23000 [md7]
3501 1 797 0 S uwait 0xfffffe0058259300 syz-executor
3462 0 0 0 DL mdwait 0xfffffe006dde4000 [md6]
3449 1 803 0 S uwait 0xfffffe0059679680 syz-executor
3409 1 797 0 S uwait 0xfffffe00584eb380 syz-executor
3332 1 803 0 S uwait 0xfffffe00584ec800 syz-executor
3315 0 0 0 DL mdwait 0xfffffe0077b44000 [md5]
3224 1 3224 0 S uwait 0xfffffe0058258680 syz-executor
3149 0 0 0 DL mdwait 0xfffffe0077b45000 [md4]
3143 0 0 0 DL mdwait 0xfffffe0077a71000 [md3]
3133 1 801 0 S uwait 0xfffffe00584eb680 syz-executor
3013 0 0 0 DL mdwait 0xfffffe0077a72000 [md2]
2984 1 804 0 S uwait 0xfffffe005825af00 syz-executor
2861 1 797 0 S uwait 0xfffffe0059679380 syz-executor
2858 0 0 0 DL mdwait 0xfffffe0059b46000 [md1]
2854 1 797 0 S uwait 0xfffffe0059679480 syz-executor
2843 1 804 0 S uwait 0xfffffe00584ebb80 syz-executor
2795 1 803 0 S uwait 0xfffffe00584ecd00 syz-executor
2773 1 801 0 S uwait 0xfffffe00584eba80 syz-executor
2761 1 803 0 S uwait 0xfffffe00584eb280 syz-executor
2726 1 803 0 S uwait 0xfffffe0059679880 syz-executor
2668 1 804 0 S uwait 0xfffffe00584ec300 syz-executor
2624 1 804 0 S uwait 0xfffffe0059679580 syz-executor
2598 0 0 0 DL - 0xffffffff83b4e500 [accounting]
2592 1 804 0 S uwait 0xfffffe005825a480 syz-executor
2582 0 0 0 DL mdwait 0xfffffe0059b47000 [md50331648]
1806 1 801 0 S uwait 0xfffffe005825ae00 syz-executor
1670 1 801 0 S uwait 0xfffffe00584ec100 syz-executor
902 796 902 0 Ss select 0xfffffe00593ea640 dhclient
843 0 0 0 DL aiordy 0xfffffe00540a5580 [aiod4]
841 0 0 0 DL aiordy 0xfffffe0054005060 [aiod3]
840 0 0 0 DL aiordy 0xfffffe00540a5020 [aiod2]
839 0 0 0 DL aiordy 0xfffffe0054004040 [aiod1]
800 1 800 0 Ss select 0xfffffe006e3dae40 dhclient
797 762 797 0 S nanslp 0xffffffff83ba3c40 syz-executor
796 789 423 65 S select 0xfffffe006e3db2c0 dhclient
789 423 423 0 S wait 0xfffffe00540a4000 sh
762 760 760 0 S select 0xfffffe0053ffb740 syz-executor
760 758 760 0 Ss sigsusp 0xfffffe00540cebb0 csh
758 681 758 0 Ss select 0xfffffe0057d65840 sshd
747 1 747 0 Ss+ ttyin 0xfffffe00582904b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00585cc4b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe00585cc8b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe00585cccb0 getty
743 1 743 0 Ss+ ttyin 0xfffffe00585cd0b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe00585cd4b0 getty
741 1 741 0 Ss+ ttyin 0xfffffe00585cd8b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe00585cdcb0 getty
739 1 739 0 Ss+ ttyin 0xfffffe00585ce0b0 getty
685 1 685 0 Ss nanslp 0xffffffff83ba3c40 cron
681 1 681 0 Ss select 0xfffffe0053ffb940 sshd
494 1 494 0 Ss select 0xfffffe00593ecb40 syslogd
423 1 423 0 Ss wait 0xfffffe00540cd580 devd
422 1 422 65 Ss select 0xfffffe00593ecac0 dhclient
337 1 337 0 Ss select 0xfffffe00593eccc0 dhclient
334 1 334 0 Ss select 0xfffffe00593ecec0 dhclient
16 0 0 0 DL syncer 0xffffffff83cc1820 [syncer]
15 0 0 0 DL vlruwt 0xfffffe000780a060 [vnlru]
14 0 0 0 RL (threaded) [bufdaemon]
100079 D psleep 0xffffffff83cbfd60 [bufdaemon]
100082 D - 0xffffffff83001ec0 [bufspacedaemon-0]
100093 Run CPU 0 [/ worker]
9 0 0 0 DL psleep 0xffffffff83d0acc0 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff83cf0d88 [dom0]
100080 D launds 0xffffffff83cf0d94 [laundry: dom0]
100081 D umarcl 0xffffffff81de0e10 [uma]
7 0 0 0 DL - 0xffffffff8391c5d8 [rand_harvestq]
6 0 0 0 TL pftm 0xffffffff843b89e0 [pf purge]
5 0 0 0 DL waiting 0xffffffff8467d700 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100045 D - 0xffffffff838e6340 [doneq0]
100046 D - 0xffffffff838e62c0 [async]
100075 D - 0xffffffff838e6140 [scanner]
3 0 0 0 DL (threaded) [crypto]
100042 D crypto_ 0xffffffff83cec640 [crypto]
100043 D crypto_ 0xfffffe0057d43030 [crypto returns 0]
100044 D crypto_ 0xfffffe0057d43080 [crypto returns 1]
13 0 0 0 DL (threaded) [geom]
100037 D - 0xffffffff83b4c620 [g_event]
100038 D - 0xffffffff83b4c640 [g_up]
100039 D - 0xffffffff83b4c660 [g_down]
2 0 0 0 WL (threaded) [clock]
100031 I [clock (0)]
100032 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100013 I [swi6: task queue]
100014 I [swi6: Giant taskq]
100016 I [swi5: fast taskq]
100033 I [swi1: netisr 0]
100034 I [swi1: hpts]
100035 I [swi1: hpts]
100047 I [irq24: virtio_pci0]
100048 I [irq25: virtio_pci0]
100049 I [irq26: virtio_pci0]
100050 I [irq27: virtio_pci0]
100051 I [irq28: virtio_pci1]
100052 I [irq29: virtio_pci1]
100053 I [irq30: virtio_pci1]
100054 I [irq31: virtio_pci1]
100055 I [irq32: virtio_pci1]
100060 I [irq10: virtio_pci2]
100062 I [irq1: atkbd0]
100063 I [irq12: psm0]
100064 I [swi0: uart uart++]
100068 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 TLs [init]
10 0 0 0 DL audit_w 0xffffffff83ced0e0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D parked 0xffffffff84c3dff0 [swapper]
100005 D - 0xfffffe0007768d00 [softirq_0]
100006 D - 0xfffffe0007768b00 [softirq_1]
100007 D - 0xfffffe0007768900 [if_io_tqg_0]
100008 D - 0xfffffe0007768700 [if_io_tqg_1]
100009 D - 0xfffffe0007768500 [if_config_tqg_0]
100010 D - 0xfffffe00083db100 [kqueue_ctx taskq]
100011 D - 0xfffffe00083db000 [jail_remove taskq]
100012 D - 0xfffffe00083dae00 [bus taskq]
100015 D - 0xfffffe00083da900 [thread taskq]
100017 D - 0xfffffe00083da600 [aiod_kick taskq]
100018 D - 0xfffffe00083da500 [deferred_unmount ta]
100019 D - 0xfffffe00083da400 [inm_free taskq]
100020 D - 0xfffffe00083da300 [in6m_free taskq]
100021 D - 0xfffffe00083da200 [linuxkpi_irq_wq]
100022 D - 0xfffffe00083da100 [linuxkpi_short_wq_0]
100023 D - 0xfffffe00083da100 [linuxkpi_short_wq_1]
100024 D - 0xfffffe00083da100 [linuxkpi_short_wq_2]
100025 D - 0xfffffe00083da100 [linuxkpi_short_wq_3]
100026 D - 0xfffffe00083da000 [linuxkpi_long_wq_0]
100027 D - 0xfffffe00083da000 [linuxkpi_long_wq_1]
100028 D - 0xfffffe00083da000 [linuxkpi_long_wq_2]
100029 D - 0xfffffe00083da000 [linuxkpi_long_wq_3]
100036 D - 0xfffffe00083d9900 [firmware taskq]
100040 D - 0xfffffe0057d47300 [crypto_0]
100041 D - 0xfffffe0057d47300 [crypto_1]
100056 D - 0xfffffe00083dd200 [vtnet0 rxq 0]
100057 D - 0xfffffe0058145500 [vtnet0 txq 0]
100058 D - 0xfffffe0058145400 [vtnet0 rxq 1]
100059 D - 0xfffffe0058145300 [vtnet0 txq 1]
100061 D vtbslp 0xfffffe0057d67400 [virtio_balloon]
100065 D - 0xffffffff827cfba1 [deadlkres]
100069 D - 0xfffffe0057d46e00 [acpi_task_0]
100070 D - 0xfffffe0057d46e00 [acpi_task_1]
100071 D - 0xfffffe0057d46e00 [acpi_task_2]
100073 D - 0xfffffe00083dca00 [mca taskq]
100074 D - 0xfffffe0057d46b00 [CAM taskq]
100076 D - 0xfffffe0058142300 [ipsec_offload]
5124 1 797 0 Z syz-executor
6161 1 0 0 ZL [md255]
5176 1 804 0 Z syz-executor
5179 1 804 0 Z syz-executor
5404 1 797 0 Z syz-executor
6430 1 4752 0 Z syz-executor
6465 1 797 0 Z syz-executor
5623 1 4628 0 Z syz-executor
2683 1 0 0 ZL [md0]
5818 1 0 0 ZL [md0]
5829 1 4628 0 Z syz-executor
5968 1 4628 0 Z syz-executor
5975 1 4628 0 Z syz-executor
4995 1 797 0 Z syz-executor
6025 1 4628 0 Z syz-executor
db> show all locks
Process 14 (bufdaemon) thread 0xfffffe00540be000 (100093)
exclusive rw SUrw (SUrw) r = 0 (0xfffffe005828dc00) locked @ /syzkaller/managers/i386/kernel/sys/ufs/ffs/ffs_softdep.c:10022
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe005843de30) locked @ /syzkaller/managers/i386/kernel/sys/kern/vfs_subr.c:3384
db> show malloc
Type InUse MemUse Requests
pf_hash 6 12804K 6
linker 395 5109K 580
tcp_hpts 7 4801K 7
devbuf 4187 4323K 4229
sysctloid 36061 2125K 36136
vtbuf 24 1968K 46
filedesc 230 1836K 11331
kobj 330 1320K 620
newblk 22 1030K 7967
vfscache 3 1025K 3
subproc 420 872K 6762
pcb 40 685K 648
inodedep 68 538K 6319
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
vmem 5 276K 10
vnet_data 2 224K 2
acpitask 1 224K 1
KTRACE 102 201K 246139
acpica 1674 184K 54426
tidhash 3 141K 3
pagedep 20 133K 5669
tfo_ccache 1 128K 1
IP reass 1 128K 1
DEVFS1 123 123K 152
sem 4 106K 4
gtaskqueue 18 98K 18
kdtrace 479 83K 12802
bus 997 82K 5063
umtx 608 76K 608
mtx_pool 3 74K 3
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 522 66K 522
ddb_capture 1 64K 1
md_disk 26 53K 40
md_sectors 13 52K 13
LRO 36 37K 38
BPF 26 36K 185
DEVFS3 142 36K 155
hostcache 1 32K 1
shm 1 32K 14
msg 4 30K 4
kbdmux 6 28K 6
ifaddr 103 26K 114
lltable 79 25K 113
routetbl 296 24K 832
GEOM 114 24K 854
ether_multi 264 22K 422
temp 49 21K 2829
ifnet 11 21K 13
DEVFS_RULE 56 20K 56
shmfd 22 18K 52
ufs_mount 4 17K 5
proc 3 17K 3
devstat 8 17K 8
tty 16 16K 16
ithread 90 15K 90
in6_multi 105 15K 123
bus-sc 34 15K 1647
eventhandler 163 14K 163
cred 53 14K 559
kqueue 201 13K 6829
kenv 95 12K 95
pwddesc 180 12K 6596
dirrem 42 11K 6135
plimit 28 11K 476
CAM queue 5 11K 1528
rman 82 10K 437
ksem 4 10K 28
rpc 8 9K 8
bmsafemap 3 9K 6304
UART 12 9K 12
pfs_vncache 1 8K 1
audit_evclass 240 8K 303
taskqueue 69 8K 216
sctp_stro 7 7K 31
sglist 6 7K 6
CAM DEV 3 6K 510
freefile 45 6K 5978
pf_ifnet 15 6K 39
pfs_nodes 22 6K 22
DEVFSP 88 6K 433
sctp_atcl 14 6K 159
ufs_dirhash 24 5K 24
sctp_timw 18 5K 18
UMA 276 5K 276
kcovinfo 72 5K 88
proc-args 191 5K 7668
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
lockf 40 4K 316
acpisem 28 4K 28
ip6ndp 20 4K 23
tun 8 3K 9
selfd 48 3K 282558
session 23 3K 52
terminal 11 3K 11
sctp_ifa 21 3K 24
uidinfo 6 3K 99
in_multi 10 3K 34
acpidev 20 3K 20
hhook 8 3K 10
clone 9 3K 10
freework 9 3K 6288
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
Unitno 34 2K 122
newdirblk 13 2K 5613
CAM XPT 22 2K 543
freeblks 6 2K 5648
nhops 6 2K 10
toponodes 6 2K 6
mount 28 2K 1875
diradd 11 2K 6175
ipsecpolicy 2 2K 2
select 11 2K 114
sctp_ifn 10 2K 24
mkdir 10 2K 11226
mld 10 2K 11
igmp 10 2K 11
msi 9 2K 9
netlink 2 2K 189
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 60
NFSD session 1 1K 1
sctp_atky 21 1K 199
CC Mem 7 1K 729
CAM periph 4 1K 271
ipsec 3 1K 3
pfil 6 1K 6
isadev 6 1K 6
pci_link 10 1K 10
ip_msource 11 1K 34
osd 12 1K 753
crypto 4 1K 215
encap_export_host 12 1K 12
filedesc_to_leader 10 1K 21
cdev 2 1K 2
inpcbpolicy 15 1K 1659
lkpikmalloc 8 1K 9
counter_rate 13 1K 13
chacha20random 1 1K 1
biobuf 1 1K 1
frag6 4 1K 21
sigio 5 1K 12
cryptodev 4 1K 582
sctp_aadr 4 1K 12
VN POLL 2 1K 25
vnodes 1 1K 25
procdesc 2 1K 8
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 11
CAM SIM 2 1K 2
sctp_athm 14 1K 165
sctp_map 14 1K 60
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
aio 4 1K 26
pmchooks 1 1K 1
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
soname 4 1K 4159
sctp_vrf 1 1K 1
vnet 1 1K 1
accf 1 1K 1
pmc 1 1K 1
entropy 2 1K 43
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
filecaps 2 1K 88
p1003.1b 1 1K 1
tcp_pcm_rack 0 0K 20
tcp_do_rack 0 0K 0
tcp_fsb_rack 0 0K 40
mqdata 0 0K 0
filemon 0 0K 17
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 19
sctp_iter 0 0K 24
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 1
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 23
sctp_stri 0 0K 12
pf_table 0 0K 0
pf_rule 0 0K 12
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
ixl 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
fpukern_ctx 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
NMI handlers 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
amdiommu_dom 0 0K 0
amdiommu_ctx 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
aesni_data 0 0K 0
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 1288
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 31
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 250
allocindir 0 0K 0
indirdep 0 0K 391
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
ktls_ocf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpimhi 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 2
ipsecrequest 0 0K 0
ip6opt 0 0K 154
ip6_msource 0 0K 0
ip6_moptions 0 0K 14
in6_mfilter 0 0K 8
tcplog 0 0K 0
tcp_hwpace 0 0K 0
ip_moptions 0 0K 56
in_mfilter 0 0K 81
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 20
fadvise 0 0K 0
statfs 0 0K 227
namei_tracker 0 0K 15
inotify 0 0K 63
export_host 0 0K 0
cl_savebuf 0 0K 79
lio 0 0K 86
acl 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 10
pts 0 0K 0
timerfd 0 0K 0
iov 0 0K 23610
ioctlops 0 0K 167
eventfd 0 0K 28
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 630
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 650
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
cache 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 156
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 2
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 8
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
mpi3mrbuf 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 366
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 70
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8338 1060 53621 0 254 38494208 0
tcp_log 416 5194 5228 17271 0 254 4335552 0
mbuf 256 8845 818 108521 0 254 2473728 0
malloc-4096 4096 527 5 7110 0 2 2179072 0
mbuf_cluster 2048 762 254 795 0 254 2080768 0
malloc-16384 16384 115 5 5658 0 1 1966080 0
BUF TRIE 152 335 11469 2446 0 62 1794208 0
RADIX NODE 152 11461 338 133733 0 62 1793448 0
malloc-384 384 4125 45 4493 0 30 1601280 0
malloc-128 128 11874 247 18115 0 126 1551488 0
UMA Slabs 0 112 11593 29 11593 0 126 1301664 0
sctp_asoc 2256 7 503 30 0 254 1150560 0
vmem btag 56 19605 90 19605 0 254 1102920 0
FFS inode 1168 664 29 6711 0 8 809424 0
VM OBJECT 248 2553 183 81542 0 62 678528 0
malloc-65536 65536 9 1 12 0 1 655360 0
sctp_ep 1152 7 504 123 0 254 588672 0
malloc-384 384 73 1427 6350 0 30 576000 0
THREAD 1860 281 23 6299 0 8 565440 0
malloc-64 64 594 7596 284217 0 254 524160 0
socket 1024 28 480 3492 0 254 520192 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 186 0 0 2 488064 0
MAP ENTRY 96 4576 338 239345 0 126 471744 0
malloc-65536 65536 4 3 120 0 1 458752 0
256 Bucket 2048 211 5 1750 0 8 442368 0
malloc-256 256 364 1316 19120 0 62 430080 0
sctp_raddr 736 7 510 35 0 254 380512 0
VNODE 440 708 102 6759 0 30 356400 0
malloc-32768 32768 4 6 344 0 1 327680 0
malloc-64 64 4571 532 17332 0 254 326592 0
malloc-2048 2048 105 47 690 0 8 311296 0
PROC 1376 196 24 6501 0 8 302720 0
FPU_save_area 832 283 41 11797 0 16 269568 0
malloc-128 128 548 1498 18208 0 126 261888 0
malloc-16 16 14900 100 15086 0 254 240000 0
DEVCTL 1024 87 133 214 0 0 225280 0
filedesc0 1072 180 23 6596 0 8 217616 0
malloc-65536 65536 0 3 94 0 1 196608 0
mbuf_packet 256 28 734 3347 0 254 195072 0
FFS2 dinode 256 664 86 6711 0 62 192000 0
malloc-256 256 404 346 9689 0 62 192000 0
UMA Zones 768 248 1 248 0 16 191232 0
malloc-32 32 5501 421 5635 0 254 189504 0
malloc-128 128 1218 177 26111 0 126 178560 0
lkpimm 56 1 3095 1 0 254 173376 0
unpcb 320 11 505 1525 0 254 165120 0
malloc-32768 32768 3 2 14 0 1 163840 0
malloc-1024 1024 142 18 960 0 16 163840 0
S VFS Cache 104 1024 380 7213 0 126 146016 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
ksiginfo 112 208 836 412 0 126 116928 0
malloc-384 384 261 39 313 0 30 115200 0
VMSPACE 584 143 39 6439 0 16 106288 0
128 Bucket 1024 73 26 430 0 16 101376 0
malloc-128 128 524 251 4191 0 126 99200 0
malloc-128 128 639 136 1587 0 126 99200 0
malloc-4096 4096 22 2 124 0 2 98304 0
64 Bucket 512 119 73 7983 0 30 98304 0
malloc-256 256 0 375 2017 0 62 96000 0
UMA Kegs 384 235 8 235 0 30 93312 0
syncache 168 0 528 5 0 254 88704 0
g_bio 408 0 210 16992 0 30 85680 0
malloc-16384 16384 3 2 196 0 1 81920 0
malloc-4096 4096 16 4 45 0 2 81920 0
malloc-256 256 156 159 7899 0 62 80640 0
32 Bucket 256 133 182 6640 0 62 80640 0
sctp_chunk 152 7 513 19 0 254 79040 0
malloc-8192 8192 4 5 260 0 1 73728 0
ertt_txseginfo 40 0 1818 15737 0 254 72720 0
malloc-64 64 847 224 9302 0 254 68544 0
malloc-65536 65536 0 1 1 0 1 65536 0
malloc-65536 65536 0 1 1 0 1 65536 0
malloc-32768 32768 0 2 124 0 1 65536 0
malloc-16384 16384 0 4 12 0 1 65536 0
malloc-8192 8192 7 1 9 0 1 65536 0
malloc-4096 4096 13 3 29 0 2 65536 0
malloc-4096 4096 12 4 30 0 2 65536 0
malloc-2048 2048 11 21 846 0 8 65536 0
malloc-2048 2048 20 12 101 0 8 65536 0
malloc-256 256 43 212 12229 0 62 65280 0
malloc-8192 8192 7 0 7 0 1 57344 0
tcp_inpcb 1304 14 28 728 0 8 54768 0
malloc-128 128 159 244 1081 0 126 51584 0
malloc-128 128 85 318 7543 0 126 51584 0
udp_inpcb 408 6 120 476 0 30 51408 0
TURNSTILE 136 305 73 305 0 62 51408 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 9 39 39094 0 16 49152 0
malloc-16384 16384 3 0 4 0 1 49152 0
malloc-2048 2048 3 21 135 0 8 49152 0
malloc-2048 2048 19 5 27 0 8 49152 0
malloc-1024 1024 28 20 135 0 16 49152 0
da_ccb 544 0 84 4271 0 16 45696 0
pcpu-8 8 5271 361 6677 0 254 45056 0
clpbuf 2624 0 16 48 0 4 41984 0
malloc-4096 4096 7 3 582 0 2 40960 0
malloc-4096 4096 6 4 1228 0 2 40960 0
pipe 736 23 32 477 0 16 40480 0
rl_entry 48 29 811 3702 0 254 40320 0
sctp_readq 152 0 260 1 0 254 39520 0
udplite_inpcb 408 0 90 65 0 30 36720 0
hostcache 64 4 563 4 0 254 36288 0
malloc-64 64 112 455 22938 0 254 36288 0
malloc-64 64 172 395 279 0 254 36288 0
malloc-64 64 31 536 160719 0 254 36288 0
malloc-64 64 3 564 10 0 254 36288 0
malloc-64 64 18 549 79 0 254 36288 0
tcp_rack_map 128 0 279 28 0 126 35712 0
malloc-128 128 0 279 41 0 126 35712 0
routing nhops 256 44 91 56 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 52 38 141 0 30 34560 0
malloc-384 384 42 48 930 0 30 34560 0
malloc-256 256 24 111 49 0 62 34560 0
malloc-256 256 44 91 164 0 62 34560 0
malloc-256 256 17 118 538 0 62 34560 0
ripcb 376 2 88 390 0 30 33840 0
SLEEPQUEUE 88 305 79 305 0 126 33792 0
malloc-16384 16384 1 1 2 0 1 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
malloc-2048 2048 4 12 6 0 8 32768 0
malloc-2048 2048 2 14 2 0 8 32768 0
malloc-2048 2048 1 15 152 0 8 32768 0
malloc-1024 1024 0 32 12 0 16 32768 0
malloc-1024 1024 16 16 49 0 16 32768 0
malloc-1024 1024 9 23 69 0 16 32768 0
malloc-1024 1024 8 24 15 0 16 32768 0
malloc-1024 1024 0 32 1247 0 16 32768 0
malloc-512 512 4 60 222 0 30 32768 0
malloc-512 512 2 62 150 0 30 32768 0
malloc-512 512 1 63 44 0 30 32768 0
malloc-512 512 2 62 75 0 30 32768 0
malloc-512 512 2 62 64 0 30 32768 0
malloc-512 512 12 52 163 0 30 32768 0
pcpu-64 64 498 14 498 0 254 32768 0
PWD 40 124 684 5587 0 254 32320 0
sctp_stream_msg_out 112 0 288 17 0 254 32256 0
ttyinq 160 135 65 300 0 62 32

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

syzbot

unread,
Jul 29, 2025, 8:43:37 AMJul 29
to syzkaller-f...@googlegroups.com
syzbot has found a reproducer for the following issue on:

HEAD commit: 0ded4647215c vtnet.4: update description of loader tunables
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=145554a2580000
dashboard link: https://syzkaller.appspot.com/bug?extid=18722c8e4008048efb51
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15ea74a2580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=130f8cf0580000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+18722c...@syzkaller.appspotmail.com

panic: handle_workitem_remove: bad file delta
cpuid = 1
time = 1753792927
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0056c59690
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0056c597f0
vpanic() at vpanic+0x257/frame 0xfffffe0056c599b0
panic() at panic+0xb5/frame 0xfffffe0056c59a70
handle_workitem_remove() at handle_workitem_remove+0xedf/frame 0xfffffe0056c59bb0
handle_workitem_remove() at handle_workitem_remove+0xc0f/frame 0xfffffe0056c59cf0
process_worklist_item() at process_worklist_item+0x525/frame 0xfffffe0056c59e40
softdep_process_worklist() at softdep_process_worklist+0xfd/frame 0xfffffe0056c59e90
softdep_flush() at softdep_flush+0x1a4/frame 0xfffffe0056c59ef0
fork_exit() at fork_exit+0xcc/frame 0xfffffe0056c59f30
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0056c59f30
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 14 tid 100093 ]
Stopped at kdb_enter+0x6e: movq $0,0x25c45c7(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe0002bf1850
rdx 0xdffff7c000000000
rbx 0xffffffff827cb4c0 .str.27
rsp 0xfffffe0056c597d0
rbp 0xfffffe0056c597f0
rsi 0
rdi 0xffffffff830004e8 panicstr
r8 0
r9 0xffffffff
r10 0x1000000001011
r11 0xb
r12 0xfffffe00540c2780
r13 0xfffffffffffffffd
r14 0xffffffff827cb4c0 .str.27
r15 0
rip 0xffffffff815fe5ce kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x25c45c7(%rip)
db> show proc
Process 14 (bufdaemon) at 0xfffffe000780a5c0:
state: NORMAL
uid: 0 gids: 0
parent: pid 0 at 0xffffffff83b4d060
ABI: null
flag: 0x10000284 flag2: 0
reaper: 0xffffffff83b4d060 reapsubtree: 14
sigparent: 20
vmspace: 0xffffffff83b4e040
(map 0xffffffff83b4e040)
(map.pmap 0xffffffff83b4e0e0)
(pmap 0xffffffff83b4e150)
threads: 3
100079 D psleep 0xffffffff83cbfd60 [bufdaemon]
100082 D - 0xffffffff83001ec0 [bufspacedaemon-0]
100093 Run CPU 1 [/ worker]
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1030 826 826 0 RE CPU 0 syz-executor
874 817 874 0 Ss select 0xfffffe0057d69640 dhclient
826 773 826 0 S nanslp 0xffffffff83ba3c40 syz-executor
820 1 820 0 Ss select 0xfffffe006dfa2840 dhclient
817 803 423 65 S select 0xfffffe006dfa29c0 dhclient
803 423 423 0 S wait 0xfffffe005409fb00 sh
773 772 770 0 S select 0xfffffe0057d657c0 syz-executor
772 770 770 0 S (threaded) syz-execprog
100114 S uwait 0xfffffe0059a7ae00 syz-execprog
100115 S uwait 0xfffffe0059a7be80 syz-execprog
100116 S uwait 0xfffffe0059a7bd80 syz-execprog
100117 S uwait 0xfffffe0059a7cd00 syz-execprog
100118 S kqread 0xfffffe000776ac00 syz-execprog
100119 S uwait 0xfffffe0059a7cb00 syz-execprog
100120 S uwait 0xfffffe0059a7ca00 syz-execprog
100122 S uwait 0xfffffe0059a7c900 syz-execprog
770 768 770 0 Ss sigsusp 0xfffffe00541080b0 csh
768 681 768 0 Ss select 0xfffffe0057d65340 sshd
747 1 747 0 Ss+ ttyin 0xfffffe00582904b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe005828d8b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe00585cccb0 getty
744 1 744 0 Ss+ ttyin 0xfffffe00585cd0b0 getty
743 1 743 0 Ss+ ttyin 0xfffffe00585cd4b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe005828dcb0 getty
741 1 741 0 Ss+ ttyin 0xfffffe00585cd8b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe00585cdcb0 getty
739 1 739 0 Ss+ ttyin 0xfffffe00585ce0b0 getty
737 1 17 0 S+ piperd 0xfffffe005973f9e0 logger
736 735 17 0 S+ nanslp 0xffffffff83ba3c41 sleep
735 1 17 0 S+ wait 0xfffffe00540deae0 sh
685 1 685 0 Ss nanslp 0xffffffff83ba3c41 cron
681 1 681 0 Ss select 0xfffffe0053ffba40 sshd
494 1 494 0 Ss select 0xfffffe0057d65840 syslogd
423 1 423 0 Ss wait 0xfffffe0054003ae0 devd
422 1 422 65 Ss select 0xfffffe00593ed1c0 dhclient
337 1 337 0 Ss select 0xfffffe0053ffb6c0 dhclient
334 1 334 0 Ss select 0xfffffe0053ffb740 dhclient
16 0 0 0 DL syncer 0xffffffff83cc1820 [syncer]
15 0 0 0 DL vlruwt 0xfffffe000780a060 [vnlru]
14 0 0 0 RL (threaded) [bufdaemon]
100079 D psleep 0xffffffff83cbfd60 [bufdaemon]
100082 D - 0xffffffff83001ec0 [bufspacedaemon-0]
100093 Run CPU 1 [/ worker]
9 0 0 0 DL psleep 0xffffffff83d0acc0 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100077 D psleep 0xffffffff83cf0d88 [dom0]
100080 D launds 0xffffffff83cf0d94 [laundry: dom0]
100081 D umarcl 0xffffffff81de0e10 [uma]
7 0 0 0 DL - 0xffffffff8391c5d8 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff848579e0 [pf purge]
5 0 0 0 DL waiting 0xffffffff846c8700 [sctp_iterator]
1 0 1 0 SLs wait 0xfffffe0007809040 [init]
100065 D - 0xffffffff827cfba0 [deadlkres]
100069 D - 0xfffffe0057d46e00 [acpi_task_0]
100070 D - 0xfffffe0057d46e00 [acpi_task_1]
100071 D - 0xfffffe0057d46e00 [acpi_task_2]
100073 D - 0xfffffe00083dca00 [mca taskq]
100074 D - 0xfffffe0057d46b00 [CAM taskq]
100076 D - 0xfffffe0057d47000 [ipsec_offload]
db> show all locks
Process 14 (bufdaemon) thread 0xfffffe00540c2780 (100093)
exclusive rw SUrw (SUrw) r = 0 (0xfffffe005828d000) locked @ /syzkaller/managers/main/kernel/sys/ufs/ffs/ffs_softdep.c:10022
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe006e724228) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_subr.c:3384
db> show malloc
Type InUse MemUse Requests
pf_hash 6 12804K 6
linker 376 5079K 486
tcp_hpts 7 4801K 7
devbuf 4187 4323K 4212
sysctloid 34891 2055K 34966
vtbuf 24 1968K 46
newblk 1860 1489K 2712
kobj 330 1320K 494
vfscache 3 1025K 3
inodedep 863 836K 1083
pcb 24 669K 47
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
vnet_data 2 224K 2
acpitask 1 224K 1
subproc 113 210K 1098
KTRACE 100 200K 100
acpica 1674 184K 54426
dirrem 605 152K 1396
vmem 5 144K 6
tidhash 3 141K 3
pagedep 44 139K 830
tfo_ccache 1 128K 1
IP reass 1 128K 1
sem 4 106K 4
DEVFS1 103 103K 117
gtaskqueue 18 98K 18
bus 997 82K 5063
mtx_pool 3 74K 3
freefile 587 74K 596
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 521 66K 521
ddb_capture 1 64K 1
kdtrace 176 36K 1174
BPF 19 36K 20
umtx 272 34K 272
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 122 31K 133
msg 4 30K 4
kbdmux 6 28K 6
temp 19 21K 1790
filedesc 3 21K 471
DEVFS_RULE 56 20K 56
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 90 15K 90
bus-sc 34 15K 1647
eventhandler 163 14K 163
ifaddr 40 14K 51
kenv 95 12K 95
routetbl 79 12K 314
GEOM 49 11K 431
CAM queue 5 11K 1528
rman 82 10K 437
rpc 8 9K 8
bmsafemap 3 9K 854
LRO 8 9K 10
devstat 4 9K 4
UART 12 9K 12
ksem 1 8K 1
shmfd 1 8K 1
pfs_vncache 1 8K 1
mkdir 63 8K 1638
audit_evclass 240 8K 303
plimit 20 8K 431
diradd 57 8K 1436
taskqueue 69 8K 69
ifnet 4 7K 5
sglist 6 7K 6
cred 24 6K 283
CAM DEV 3 6K 510
lltable 19 6K 27
kqueue 49 6K 1036
pfs_nodes 22 6K 22
ether_multi 68 6K 106
ufs_dirhash 24 5K 24
in6_multi 35 5K 45
UMA 266 5K 266
newdirblk 34 5K 819
vt 11 5K 11
pf_ifnet 9 4K 16
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
acpisem 28 4K 28
proc-args 75 3K 2081
pwddesc 45 3K 1031
terminal 11 3K 11
session 22 3K 46
acpidev 20 3K 20
hhook 8 3K 10
clone 9 3K 9
selfd 36 3K 29852
uidinfo 3 3K 9
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
lockf 19 2K 29
Unitno 28 2K 50
CAM XPT 22 2K 543
toponodes 6 2K 6
ipsecpolicy 2 2K 2
select 11 2K 35
msi 9 2K 9
netlink 2 2K 61
softdep 1 1K 1
indirdep 4 1K 4
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 8
NFSD session 1 1K 1
ip6ndp 6 1K 9
sctp_ifa 7 1K 10
CAM periph 4 1K 271
ipsec 3 1K 3
CC Mem 6 1K 13
in_multi 3 1K 6
nhops 6 1K 6
pfil 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
crypto 4 1K 4
encap_export_host 12 1K 12
osd 11 1K 30
cdev 2 1K 2
lkpikmalloc 8 1K 9
inpcbpolicy 14 1K 167
DEVFSP 7 1K 43
counter_rate 13 1K 13
sctp_ifn 3 1K 10
mld 3 1K 4
igmp 3 1K 4
tun 1 1K 2
chacha20random 1 1K 1
biobuf 1 1K 1
vnodes 1 1K 1
procdesc 2 1K 8
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
cryptodev 2 1K 49
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
pmchooks 1 1K 1
filecaps 5 1K 72
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
soname 4 1K 3355
sctp_vrf 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
entropy 2 1K 54
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
freework 1 1K 807
p1003.1b 1 1K 1
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 10
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_athm 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 10
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
filemon 0 0K 0
tcp_pcm_rack 0 0K 0
tcp_do_rack 0 0K 0
tcp_fsb_rack 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
savedino 0 0K 16
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 2
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 806
freefrag 0 0K 34
allocindir 0 0K 0
ip6opt 0 0K 3
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 19
fadvise 0 0K 0
VN POLL 0 0K 0
statfs 0 0K 197
namei_tracker 0 0K 0
inotify 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 31
aio 0 0K 0
lio 0 0K 0
acl 0 0K 0
mbuf_tag 0 0K 0
ktls 0 0K 0
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
iov 0 0K 15225
ioctlops 0 0K 91
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 288
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 671
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
cache 0 0K 0
kcovinfo 0 0K 30
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 0
md_sectors 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 70
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 25660 0 254 38494208 0
mbuf 256 8587 1075 35920 0 254 2473472 0
tcp_log 416 4733 604 13531 0 254 2220192 0
BUF TRIE 152 293 11511 996 0 62 1794208 0
malloc-384 384 4118 52 4462 0 30 1601280 0
malloc-4096 4096 376 4 1525 0 2 1556480 0
malloc-128 128 11514 204 12928 0 126 1499904 0
UMA Slabs 0 112 10912 26 10912 0 126 1225056 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
FFS inode 1168 745 67 1342 0 8 948416 0
vmem btag 56 16542 129 16542 0 254 933576 0
RADIX NODE 152 4504 535 32812 0 62 765928 0
malloc-65536 65536 9 1 12 0 1 655360 0
malloc-256 256 2165 130 4163 0 62 587520 0
socket 1024 27 481 1367 0 254 520192 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 198 0 0 2 519552 0
VNODE 440 778 122 1378 0 30 396000 0
malloc-65536 65536 4 2 114 0 1 393216 0
malloc-384 384 868 32 1089 0 30 345600 0
VM OBJECT 248 1250 126 16053 0 62 341248 0
malloc-2048 2048 107 45 636 0 8 311296 0
256 Bucket 2048 116 36 1109 0 8 311296 0
malloc-64 64 4133 214 6132 0 254 278208 0
THREAD 1860 129 7 142 0 8 252960 0
malloc-16 16 14398 102 14479 0 254 232000 0
DEVCTL 1024 15 205 142 0 0 225280 0
FFS2 dinode 256 745 125 1341 0 62 222720 0
malloc-256 256 767 103 2449 0 62 222720 0
UMA Zones 768 238 1 238 0 16 183552 0
malloc-32 32 5330 340 5351 0 254 181440 0
malloc-128 128 1217 178 25357 0 126 178560 0
lkpimm 56 1 3095 1 0 254 173376 0
unpcb 320 11 505 1178 0 254 165120 0
malloc-1024 1024 121 39 860 0 16 163840 0
malloc-128 128 1035 112 2778 0 126 146816 0
S VFS Cache 104 1019 385 2229 0 126 146016 0
MAP ENTRY 96 1088 298 46081 0 126 133056 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-65536 65536 0 2 60 0 1 131072 0
malloc-32768 32768 3 1 14 0 1 131072 0
malloc-32768 32768 4 0 4 0 1 131072 0
mbuf_packet 256 3 505 552 0 254 130048 0
FPU_save_area 832 131 13 5742 0 16 119808 0
ksiginfo 112 46 998 5430 0 126 116928 0
malloc-16384 16384 2 5 236 0 1 114688 0
malloc-128 128 521 254 3869 0 126 99200 0
PROC 1376 45 21 1030 0 8 90816 0
UMA Kegs 384 225 8 225 0 30 89472 0
syncache 168 0 528 6 0 254 88704 0
128 Bucket 1024 45 38 306 0 16 84992 0
filedesc0 1072 45 25 1031 0 8 75040 0
g_bio 408 0 180 5131 0 30 73440 0
malloc-64 64 551 520 2429 0 254 68544 0
malloc-64 64 553 518 31421 0 254 68544 0
malloc-128 128 288 239 1103 0 126 67456 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-16384 16384 3 1 193 0 1 65536 0
malloc-4096 4096 13 3 27 0 2 65536 0
malloc-2048 2048 4 28 718 0 8 65536 0
malloc-256 256 105 150 1256 0 62 65280 0
malloc-8192 8192 7 0 7 0 1 57344 0
malloc-8192 8192 7 0 8 0 1 57344 0
malloc-4096 4096 12 2 12 0 2 57344 0
malloc-128 128 150 253 667 0 126 51584 0
32 Bucket 256 56 139 6819 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 0 48 16654 0 16 49152 0
malloc-4096 4096 8 4 50 0 2 49152 0
malloc-1024 1024 28 20 32 0 16 49152 0
64 Bucket 512 75 21 2383 0 30 49152 0
malloc-8192 8192 4 1 111 0 1 40960 0
pcpu-8 8 4467 653 4673 0 254 40960 0
VMSPACE 584 30 40 1016 0 16 40880 0
pipe 736 11 44 336 0 16 40480 0
udp_inpcb 408 6 84 149 0 30 36720 0
malloc-64 64 29 538 15222 0 254 36288 0
malloc-64 64 154 413 182 0 254 36288 0
malloc-64 64 15 552 65 0 254 36288 0
malloc-64 64 11 556 29 0 254 36288 0
malloc-128 128 91 188 993 0 126 35712 0
routing nhops 256 15 120 26 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 52 38 53 0 30 34560 0
malloc-384 384 75 15 79 0 30 34560 0
malloc-256 256 10 125 25 0 62 34560 0
malloc-256 256 13 122 1693 0 62 34560 0
malloc-256 256 14 121 18 0 62 34560 0
malloc-256 256 14 121 316 0 62 34560 0
malloc-16384 16384 2 0 3 0 1 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
malloc-4096 4096 5 3 563 0 2 32768 0
malloc-2048 2048 2 14 2 0 8 32768 0
malloc-2048 2048 5 11 67 0 8 32768 0
malloc-2048 2048 5 11 6 0 8 32768 0
malloc-2048 2048 10 6 28 0 8 32768 0
malloc-2048 2048 1 15 42 0 8 32768 0
malloc-1024 1024 9 23 14 0 16 32768 0
malloc-1024 1024 2 30 2 0 16 32768 0
malloc-1024 1024 8 24 12 0 16 32768 0
malloc-1024 1024 0 32 974 0 16 32768 0
malloc-512 512 4 60 161 0 30 32768 0
malloc-512 512 1 63 17 0 30 32768 0
malloc-512 512 12 52 29 0 30 32768 0
pcpu-64 64 498 14 498 0 254 32768 0
ertt_txseginfo 40 1 807 1029 0 254 32320 0
ttyinq 160 135 65 300 0 62 32000 0
PGRP 120 23 241 61 0 126 31680 0
clpbuf 2624 0 12 73 0 4 31488 0
tcp_inpcb 1304 6 18 13 0 8 31296 0
sctp_laddr 48 0 588 10 0 254 28224 0
malloc-32 32 268 614 3262 0 254 28224 0
16 Bucket 144 48 148 354 0 62 28224 0
4 Bucket 48 7 581 13 0 254 28224 0
da_ccb 544 0 49 1513 0 16 26656 0
TURNSTILE 136 137 52 137 0 62 25704 0
cpuset 200 7 121 7 0 62 25600 0
malloc-4096 4096 2 4 200 0 2 24576 0
PWD 40 12 594 322 0 254 24240 0
rtentry 168 18 126 26 0 62 24192 0
Files 80 104 196 8037 0 126 24000 0
8 Bucket 80 55 245 438 0 126 24000 0
malloc-384 384 11 49 17 0 30 23040 0
malloc-384 384 34 26 446 0 30 23040 0
malloc-384 384 2 58 23 0 30 23040 0
ripcb 376 2 58 5 0 30 22560 0
Mountpoints 2816 2 6 2 0 4 22528 0
SLEEPQUEUE 88 137 119 137 0 126 22528 0
hostcache 64 1 314 1 0 254 20160 0
ertt 72 6 274 13 0 126 20160 0
malloc-64 64 3 312 3 0 254 20160 0
malloc-32 32 51 579 264 0 254 20160 0
malloc-32 32 87 543 123 0 254 20160 0
malloc-32 32 129 501 1352 0 254 20160 0
malloc-32 32 86 544 258 0 254 20160 0
malloc-32 32 26 604 1073 0 254 20160 0
2 Bucket 32 48 582 356 0 254 20160 0
KNOTE 160 6 119 504 0 62 20000 0
malloc-256 256 2 73 370 0 62 19200 0
vmem 1856 2 7 2 0 8 16704 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 1 1 20 0 1 16384 0
malloc-4096 4096 0 4 3 0 2 16384 0
malloc-4096 4096 2 2 2 0 2 16384 0
malloc-2048 2048 4 4 4 0 8 16384 0
malloc-512 512 1 31 1 0 30 16384 0
malloc-512 512 1 31 1 0 30 16384 0
malloc-512 512 2 30 8 0 30 16384 0
malloc-512 512 3 29 8 0 30 16384 0
SMR CPU 32 8 503 8 0 254 16352 0
malloc-16 16 477 523 3372 0 254 16000 0
kenv 258 17 43 1066 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
SMR SHARED 24 8 503 8 0 254 12264 0
malloc-32 32 7 371 7 0 254 12096 0
malloc-16 16 31 719 1689 0 254 12000 0
malloc-16 16 20 730 134 0 254 12000 0
malloc-16 16 38 712 24836 0 254 12000 0
malloc-16 16 21 729 77 0 254 12000 0
malloc-384 384 26 4 37 0 30 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
pcpu-16 16 8 504 8 0 254 8192 0
vtnet_tx_hdr 24 0 334 7586 0 254 8016 0
malloc-16 16 17 483 20 0 254 8000 0
malloc-16 16 6 494 7 0 254 8000 0
UMA Slabs 1 176 9 13 9 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 152 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf fragment node 72 0 0 0 0 126 0 0
pf frags 232 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf UDP mappings 104 0 0 0 0 126 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 384 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tcp_rack_pcb 1088 0 0 0 0 8 0 0
tcp_rack_map 128 0 0 0 0 126 0 0
tcp_bbr_pcb 896 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2256 0 0 0 0 254 0 0
sctp_ep 1152 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
udplite_inpcb 408 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIO 208 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 240 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 152 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 112 0 0 0 0 126 0 0
skbuff 1808 0 0 0 0 8 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 16 0 0
nfspbuf 2624 0 0 0 0 4 0 0
swwbuf 2624 0 0 0 0 2 0 0
swrbuf 2624 0 0 0 0 4 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 152 0 0 0 0 62 0 0
rl_entry 48 0 0 0 0 254 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-1024 1024 0 0 0 0 16 0 0
malloc-1024 1024 0 0 0 0 16 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-128 128 0 0 0 0 126 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 88 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
db> show all tcpcbs/bl


---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
Reply all
Reply to author
Forward
0 new messages