panic: ktls_frame: mapped mbuf ADDR (top = ADDR)
2 views
Skip to first unread message
syzbot
Apr 19, 2025, 5:12:25 AM4/19/25
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 7121e9414f29 wg: Improve wg_peer_alloc() to simplify the c..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=10acd204580000
dashboard link: https://syzkaller.appspot.com/bug?extid=9cc248c4b0ca9b931ab4
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+9cc248...@syzkaller.appspotmail.com
panic: ktls_frame: mapped mbuf 0xfffffe006d1de000 (top = 0xfffffe006d1de000)
cpuid = 0
time = 1
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0057b780b0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0057b78210
vpanic() at vpanic+0x257/frame 0xfffffe0057b783d0
panic() at panic+0xb5/frame 0xfffffe0057b78490
ktls_frame() at ktls_frame+0x694/frame 0xfffffe0057b78550
sosend_generic_locked() at sosend_generic_locked+0xb51/frame 0xfffffe0057b78730
so_splice_xfer() at so_splice_xfer+0x661/frame 0xfffffe0057b788c0
so_splice() at so_splice+0x788/frame 0xfffffe0057b78950
sosetopt() at sosetopt+0x1118/frame 0xfffffe0057b78b50
kern_setsockopt() at kern_setsockopt+0x2ae/frame 0xfffffe0057b78cc0
sys_setsockopt() at sys_setsockopt+0x77/frame 0xfffffe0057b78d10
amd64_syscall() at amd64_syscall+0x4af/frame 0xfffffe0057b78f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0057b78f30
--- syscall (198, FreeBSD ELF64, __syscall), rip = 0x3a197a, rsp = 0x82ade9f08, rbp = 0x82ade9f80 ---
KDB: enter: panic
[ thread pid 1507 tid 101145 ]
Stopped at kdb_enter+0x6e: movq $0,0x23e7bb7(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe0074400000
rdx 0x7ffff
rbx 0xffffffff82752f40 .str.27
rsp 0xfffffe0057b781f0
rbp 0xfffffe0057b78210
rsi 0x80001
rdi 0xffffffff815dbb59 printf+0x149
r8 0
r9 0xffffffff
r10 0
r11 0x16
r12 0xfffffe007a205000
r13 0xfffffffffffffffe
r14 0xffffffff82752f40 .str.27
r15 0
rip 0xffffffff815c64de kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x23e7bb7(%rip)
db> show proc
Process 1507 (syz-executor) at 0xfffffe007a24b560:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 766 at 0xfffffe00548d9060
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: ./syz-executor exec
reaper: 0xfffffe0008007040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe007a255b68
(map 0xfffffe007a255b68)
(map.pmap 0xfffffe007a255c08)
(pmap 0xfffffe007a255c78)
threads: 6
101065 RunQ syz-executor
101128 S pipdwt 0xfffffe007a4662e0 syz-executor
101135 S pipbww 0xfffffe007a4662e0 syz-executor
101141 D filemon 0xfffffe007822a000 syz-executor
101144 S pipbww 0xfffffe007a4662e0 syz-executor
101145 Run CPU 0 syz-executor
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1520 765 765 0 R (threaded) syz-executor
101039 RunQ syz-executor
101149 RunQ syz-executor
101150 RunQ syz-executor
1519 764 764 0 R (threaded) syz-executor
101059 RunQ syz-executor
101148 RunQ syz-executor
1515 1 765 0 S uwait 0xfffffe007a5b4e00 syz-executor
1512 1 764 0 S uwait 0xfffffe007a65ba00 syz-executor
1511 1 764 0 S uwait 0xfffffe007a65ca00 syz-executor
1507 766 1507 0 Rs (threaded) syz-executor
101065 RunQ syz-executor
101128 S pipdwt 0xfffffe007a4662e0 syz-executor
101135 S pipbww 0xfffffe007a4662e0 syz-executor
101141 D filemon 0xfffffe007822a000 syz-executor
101144 S pipbww 0xfffffe007a4662e0 syz-executor
101145 Run CPU 0 syz-executor
1502 1 766 0 T uwait 0xfffffe007a65bc00 syz-executor
1500 1 765 0 S uwait 0xfffffe00796d9580 syz-executor
1497 1496 767 0 S uwait 0xfffffe007a65be00 syz-executor
1496 1495 767 0 SV wait 0xfffffe007a22eae0 syz-executor
1494 1 767 0 S uwait 0xfffffe007a65c500 syz-executor
1487 0 0 0 DL mdwait 0xfffffe0059dc8000 [md4]
1482 1 766 0 SV uwait 0xfffffe007a5b4580 syz-executor
1477 1 765 0 S uwait 0xfffffe007a5b4400 syz-executor
1464 1 765 0 S uwait 0xfffffe00796d9380 syz-executor
1462 1 766 0 S uwait 0xfffffe007a5b4880 syz-executor
1460 1 767 0 S uwait 0xfffffe007a5b4980 syz-executor
1458 1 766 0 S uwait 0xfffffe0078d1aa80 syz-executor
1455 1 764 0 SV uwait 0xfffffe0078d1ae80 syz-executor
1443 1 766 0 S uwait 0xfffffe007a5b4680 syz-executor
1441 1 764 0 S uwait 0xfffffe007a5b4780 syz-executor
1437 1 766 0 S uwait 0xfffffe0078d1ad80 syz-executor
1431 1 765 0 S uwait 0xfffffe007a5b5480 syz-executor
1429 1 767 0 S uwait 0xfffffe00796d7280 syz-executor
1416 1 766 0 S uwait 0xfffffe00796d6a00 syz-executor
1411 1410 767 0 SV uwait 0xfffffe0078d1a980 syz-executor
1410 1409 767 0 DV ppwait 0xfffffe007a236a80 syz-executor
1409 1408 767 0 DV ppwait 0xfffffe007a236fe0 syz-executor
1408 1407 767 0 DV ppwait 0xfffffe007a237540 syz-executor
1407 1406 767 0 DV ppwait 0xfffffe007a237aa0 syz-executor
1406 1405 767 0 DV ppwait 0xfffffe007a238000 syz-executor
1405 1404 767 0 DV ppwait 0xfffffe007a238560 syz-executor
1404 1403 767 0 DV ppwait 0xfffffe00549f9a80 syz-executor
1403 1402 767 0 DV ppwait 0xfffffe00549f9fe0 syz-executor
1402 1401 767 0 DV ppwait 0xfffffe00549fa540 syz-executor
1401 1400 767 0 DV ppwait 0xfffffe00549faaa0 syz-executor
1400 1399 767 0 DV ppwait 0xfffffe00549fb000 syz-executor
1399 1397 767 0 DV ppwait 0xfffffe00549fb560 syz-executor
1397 1396 767 0 DV ppwait 0xfffffe00549fbac0 syz-executor
1396 1395 767 0 DV ppwait 0xfffffe007a235a60 syz-executor
1395 1394 767 0 DV ppwait 0xfffffe007a228000 syz-executor
1394 1393 767 0 DV ppwait 0xfffffe007a228560 syz-executor
1393 1392 767 0 DV ppwait 0xfffffe007a228ac0 syz-executor
1392 1391 767 0 DV ppwait 0xfffffe007a22d500 syz-executor
1391 1390 767 0 DV ppwait 0xfffffe007a22da60 syz-executor
1390 1389 767 0 DV ppwait 0xfffffe007a22dfc0 syz-executor
1389 1388 767 0 DV ppwait 0xfffffe007a22e520 syz-executor
1388 1387 767 0 DV ppwait 0xfffffe007a22ea80 syz-executor
1387 1386 767 0 DV ppwait 0xfffffe007a225500 syz-executor
1386 1385 767 0 DV ppwait 0xfffffe007a225a60 syz-executor
1385 1384 767 0 DV ppwait 0xfffffe007a225fc0 syz-executor
1384 1383 767 0 DV ppwait 0xfffffe007a226520 syz-executor
1383 1382 767 0 DV ppwait 0xfffffe007a226a80 syz-executor
1382 1381 767 0 DV ppwait 0xfffffe007a226fe0 syz-executor
1381 1380 767 0 DV ppwait 0xfffffe007a227540 syz-executor
1380 1379 767 0 DV ppwait 0xfffffe007a227aa0 syz-executor
1379 1378 767 0 DV ppwait 0xfffffe007a21a520 syz-executor
1378 1377 767 0 DV ppwait 0xfffffe007a21aa80 syz-executor
1377 1376 767 0 DV ppwait 0xfffffe007a21afe0 syz-executor
1376 1375 767 0 DV ppwait 0xfffffe007a21b540 syz-executor
1375 1374 767 0 DV ppwait 0xfffffe007a21baa0 syz-executor
1374 1373 767 0 DV ppwait 0xfffffe007a21c000 syz-executor
1373 1372 767 0 DV ppwait 0xfffffe007a21c560 syz-executor
1372 1371 767 0 DV ppwait 0xfffffe007a21cac0 syz-executor
1371 1370 767 0 DV ppwait 0xfffffe007a213540 syz-executor
1370 1369 767 0 DV ppwait 0xfffffe007a213aa0 syz-executor
1369 1368 767 0 DV ppwait 0xfffffe007a214000 syz-executor
1368 1367 767 0 DV ppwait 0xfffffe007a214560 syz-executor
1367 1366 767 0 DV ppwait 0xfffffe007a214ac0 syz-executor
1366 1365 767 0 DV ppwait 0xfffffe007a219500 syz-executor
1365 1364 767 0 DV ppwait 0xfffffe007a219a60 syz-executor
1364 1363 767 0 DV ppwait 0xfffffe007a219fc0 syz-executor
1363 1362 767 0 DV ppwait 0xfffffe007a20d560 syz-executor
1362 1361 767 0 DV ppwait 0xfffffe007a20dac0 syz-executor
1361 1360 767 0 DV ppwait 0xfffffe007a211500 syz-executor
1360 1359 767 0 DV ppwait 0xfffffe007a211a60 syz-executor
1359 1358 767 0 DV ppwait 0xfffffe007a211fc0 syz-executor
1358 1357 767 0 DV ppwait 0xfffffe007a212520 syz-executor
1357 1356 767 0 DV ppwait 0xfffffe007a212a80 syz-executor
1356 1355 767 0 DV ppwait 0xfffffe007a212fe0 syz-executor
1355 1354 767 0 DV ppwait 0xfffffe007a20aa60 syz-executor
1354 1353 767 0 DV ppwait 0xfffffe007a20afc0 syz-executor
1353 1352 767 0 DV ppwait 0xfffffe007a20b520 syz-executor
1352 1351 767 0 DV ppwait 0xfffffe007a20ba80 syz-executor
1351 1350 767 0 DV ppwait 0xfffffe007a20bfe0 syz-executor
1350 1349 767 0 DV ppwait 0xfffffe007a20c540 syz-executor
1349 1348 767 0 DV ppwait 0xfffffe007a20caa0 syz-executor
1348 1347 767 0 DV ppwait 0xfffffe007a20d000 syz-executor
1347 1346 767 0 DV ppwait 0xfffffe00549c1fe0 syz-executor
1346 1 767 0 DV ppwait 0xfffffe00549c2540 syz-executor
1343 1 765 0 S uwait 0xfffffe0078d1a480 syz-executor
1340 1 765 0 S uwait 0xfffffe006eb11980 syz-executor
1338 1 767 0 S uwait 0xfffffe00796d6d00 syz-executor
1336 1 764 0 S uwait 0xfffffe0078d18b00 syz-executor
1331 1 764 0 S uwait 0xfffffe00796d6900 syz-executor
1329 1 766 60929 SV sigwait 0xfffffe00549cb670 syz-executor
1321 1 767 0 S uwait 0xfffffe00796d7c80 syz-executor
1318 1 765 0 S uwait 0xfffffe0078d18a00 syz-executor
1313 1 765 0 S uwait 0xfffffe00796d8e00 syz-executor
1305 0 0 0 DL mdwait 0xfffffe006eac7000 [md3]
1300 1 766 0 SV uwait 0xfffffe0078d19380 syz-executor
1285 1 767 0 S uwait 0xfffffe00796d8d00 syz-executor
1284 1 766 0 S uwait 0xfffffe00796d9280 syz-executor
1283 1 765 0 S uwait 0xfffffe00796d8a00 syz-executor
1275 1 767 0 S uwait 0xfffffe0058cf2e00 syz-executor
1272 1 765 0 S uwait 0xfffffe0058cf2700 syz-executor
1271 1 765 0 S uwait 0xfffffe006eb11a80 syz-executor
1267 1 766 0 S uwait 0xfffffe0078d19280 syz-executor
1264 1 765 0 SV lockf 0xfffffe00585fb980 syz-executor
1263 1 765 0 S uwait 0xfffffe00796d9680 syz-executor
1262 1 766 0 S uwait 0xfffffe0078d19e00 syz-executor
1257 1256 765 0 SV uwait 0xfffffe006eb14e80 syz-executor
1256 1255 765 0 DV ppwait 0xfffffe00549d2540 syz-executor
1255 1254 765 0 DV ppwait 0xfffffe00549c8fc0 syz-executor
1254 1253 765 0 DV ppwait 0xfffffe00549c9520 syz-executor
1253 1252 765 0 DV ppwait 0xfffffe00549c9a80 syz-executor
1252 1251 765 0 DV ppwait 0xfffffe00549c9fe0 syz-executor
1251 1250 765 0 DV ppwait 0xfffffe00549ca540 syz-executor
1250 1249 765 0 DV ppwait 0xfffffe00549caaa0 syz-executor
1249 1248 765 0 DV ppwait 0xfffffe00549cb000 syz-executor
1248 1247 765 0 DV ppwait 0xfffffe00549cb560 syz-executor
1247 1246 765 0 DV ppwait 0xfffffe00549bb000 syz-executor
1246 1245 765 0 DV ppwait 0xfffffe00549bb560 syz-executor
1245 1244 765 0 DV ppwait 0xfffffe00549bbac0 syz-executor
1244 1243 765 0 DV ppwait 0xfffffe00549c0500 syz-executor
1243 1242 765 0 DV ppwait 0xfffffe00549c8a60 syz-executor
1242 1241 765 0 DV ppwait 0xfffffe00549c0a60 syz-executor
1241 1240 765 0 DV ppwait 0xfffffe00549c0fc0 syz-executor
1240 1239 765 0 DV ppwait 0xfffffe00549c1520 syz-executor
1239 1238 765 0 DV ppwait 0xfffffe00549c1a80 syz-executor
1238 1237 765 0 DV ppwait 0xfffffe00549b8500 syz-executor
1237 1236 765 0 DV ppwait 0xfffffe00549b8a60 syz-executor
1236 1235 765 0 DV ppwait 0xfffffe00549b8fc0 syz-executor
1235 1234 765 0 DV ppwait 0xfffffe00549b9520 syz-executor
1234 1233 765 0 DV ppwait 0xfffffe00549b9a80 syz-executor
1233 1232 765 0 DV ppwait 0xfffffe00549b9fe0 syz-executor
1232 1231 765 0 DV ppwait 0xfffffe00549ba540 syz-executor
1231 1230 765 0 DV ppwait 0xfffffe00549baaa0 syz-executor
1230 1229 765 0 DV ppwait 0xfffffe00549ad520 syz-executor
1229 1228 765 0 DV ppwait 0xfffffe00549ada80 syz-executor
1228 1227 765 0 DV ppwait 0xfffffe00549adfe0 syz-executor
1227 1226 765 0 DV ppwait 0xfffffe00549ae540 syz-executor
1226 1225 765 0 DV ppwait 0xfffffe00549aeaa0 syz-executor
1225 1224 765 0 DV ppwait 0xfffffe00549af000 syz-executor
1224 1223 765 0 DV ppwait 0xfffffe00549af560 syz-executor
1223 1222 765 0 DV ppwait 0xfffffe00549afac0 syz-executor
1222 1221 765 0 DV ppwait 0xfffffe005499f560 syz-executor
1221 1220 765 0 DV ppwait 0xfffffe005499fac0 syz-executor
1220 1219 765 0 DV ppwait 0xfffffe00549a4500 syz-executor
1219 1218 765 0 DV ppwait 0xfffffe00549a4a60 syz-executor
1218 1217 765 0 DV ppwait 0xfffffe00549a4fc0 syz-executor
1217 1216 765 0 DV ppwait 0xfffffe00549a5520 syz-executor
1216 1215 765 0 DV ppwait 0xfffffe00549a6540 syz-executor
1215 1214 765 0 DV ppwait 0xfffffe00549a6aa0 syz-executor
1214 1213 765 0 DV ppwait 0xfffffe00549a7000 syz-executor
1213 1212 765 0 DV ppwait 0xfffffe00549a7560 syz-executor
1212 1211 765 0 DV ppwait 0xfffffe00549a7ac0 syz-executor
1211 1210 765 0 DV ppwait 0xfffffe00549ac500 syz-executor
1210 1209 765 0 DV ppwait 0xfffffe00549a5a80 syz-executor
1209 1208 765 0 DV ppwait 0xfffffe00549aca60 syz-executor
1208 1207 765 0 DV ppwait 0xfffffe00549acfc0 syz-executor
1207 1205 765 0 DV ppwait 0xfffffe005499ca60 syz-executor
1205 1204 765 0 DV ppwait 0xfffffe005499cfc0 syz-executor
1204 1203 765 0 DV ppwait 0xfffffe005499da80 syz-executor
1203 1202 765 0 DV ppwait 0xfffffe00549a5fe0 syz-executor
1202 1201 765 0 DV ppwait 0xfffffe005499dfe0 syz-executor
1201 1199 765 0 DV ppwait 0xfffffe005499c500 syz-executor
1199 1198 765 0 DV ppwait 0xfffffe005499e540 syz-executor
1198 1197 765 0 DV ppwait 0xfffffe0054989a80 syz-executor
1197 1196 765 0 DV ppwait 0xfffffe0054989fe0 syz-executor
1196 1195 765 0 DV ppwait 0xfffffe005498a540 syz-executor
1195 1194 765 0 DV ppwait 0xfffffe005498aaa0 syz-executor
1194 1193 765 0 DV ppwait 0xfffffe005498b000 syz-executor
1193 1192 765 0 DV ppwait 0xfffffe005499f000 syz-executor
1192 1191 765 0 DV ppwait 0xfffffe005498b560 syz-executor
1191 1 765 0 DV ppwait 0xfffffe005498bac0 syz-executor
1174 1173 1174 0 SVs select 0xfffffe006eb11440 syz-executor
1173 1 766 0 DV ppwait 0xfffffe0054975ac0 syz-executor
1168 1 766 0 S uwait 0xfffffe006eb11680 syz-executor
1167 1 766 0 S uwait 0xfffffe0058cf2f00 syz-executor
1156 1 767 0 S uwait 0xfffffe006eb11080 syz-executor
1153 1 764 0 S uwait 0xfffffe0077f64680 syz-executor
1152 1 764 0 S umtxn 0xfffffe006eb14400 syz-executor
1150 1 764 0 S uwait 0xfffffe0077f63100 syz-executor
1149 1 764 0 S uwait 0xfffffe0058cef500 syz-executor
1148 1 765 0 S uwait 0xfffffe0077f63000 syz-executor
1141 0 0 0 DL mdwait 0xfffffe006ead9000 [md2]
1139 0 0 0 DL mdwait 0xfffffe006eada000 [md1]
1137 1 767 0 S uwait 0xfffffe0077f63300 syz-executor
1135 1 767 0 S uwait 0xfffffe006eb12780 syz-executor
1131 0 0 0 DL mdwait 0xfffffe006eac6000 [md0]
1130 1 764 0 S uwait 0xfffffe0077f64180 syz-executor
1123 1122 765 0 SV uwait 0xfffffe006eb12100 syz-executor
1122 1121 765 0 DV ppwait 0xfffffe0054970aa0 syz-executor
1121 1120 765 0 DV ppwait 0xfffffe0054923560 syz-executor
1120 1119 765 0 DV ppwait 0xfffffe0054980540 syz-executor
1119 1118 765 0 DV ppwait 0xfffffe0054972fc0 syz-executor
1118 1117 765 0 DV ppwait 0xfffffe0054973520 syz-executor
1117 1116 765 0 DV ppwait 0xfffffe0054973a80 syz-executor
1116 1115 765 0 DV ppwait 0xfffffe0054973fe0 syz-executor
1115 1114 765 0 DV ppwait 0xfffffe0054974540 syz-executor
1114 1113 765 0 DV ppwait 0xfffffe0054974aa0 syz-executor
1113 1112 765 0 DV ppwait 0xfffffe0054975000 syz-executor
1112 1111 765 0 DV ppwait 0xfffffe0054975560 syz-executor
1111 1110 765 0 DV ppwait 0xfffffe005495a000 syz-executor
1110 1109 765 0 DV ppwait 0xfffffe005495a560 syz-executor
1109 1108 765 0 DV ppwait 0xfffffe0054971000 syz-executor
1108 1107 765 0 DV ppwait 0xfffffe005495aac0 syz-executor
1107 1106 765 0 DV ppwait 0xfffffe005496e500 syz-executor
1106 1105 765 0 DV ppwait 0xfffffe0054971560 syz-executor
1105 1104 765 0 DV ppwait 0xfffffe0054971ac0 syz-executor
1104 1103 765 0 DV ppwait 0xfffffe0054972500 syz-executor
1103 1102 765 0 DV ppwait 0xfffffe0054972a60 syz-executor
1102 1100 765 0 DV ppwait 0xfffffe005493e520 syz-executor
1100 1099 765 0 DV ppwait 0xfffffe005493ea80 syz-executor
1099 1098 765 0 DV ppwait 0xfffffe005493efe0 syz-executor
1098 1097 765 0 DV ppwait 0xfffffe005493f540 syz-executor
1097 1096 765 0 DV ppwait 0xfffffe005493faa0 syz-executor
1096 1095 765 0 DV ppwait 0xfffffe0054908a60 syz-executor
1095 1094 765 0 DV ppwait 0xfffffe0054923000 syz-executor
1094 1093 765 0 DV ppwait 0xfffffe0054940560 syz-executor
1093 1092 765 0 DV ppwait 0xfffffe0054920500 syz-executor
1092 1091 765 0 DV ppwait 0xfffffe00548d6fc0 syz-executor
1091 1090 765 0 DV ppwait 0xfffffe005496efc0 syz-executor
1090 1 765 0 DV ppwait 0xfffffe005496f520 syz-executor
1076 1 764 0 S uwait 0xfffffe0058a9d980 syz-executor
1070 1054 1070 0 Ss select 0xfffffe0077f63440 dhclient
1069 1 765 0 S uwait 0xfffffe005859cc80 syz-executor
1061 1 1061 0 Ss select 0xfffffe0077f64640 dhclient
1056 1 767 0 S uwait 0xfffffe0077f64080 syz-executor
1054 1046 424 65 S select 0xfffffe0077f633c0 dhclient
1046 424 424 0 S wait 0xfffffe00548f15c0 sh
1019 1 765 0 SV uwait 0xfffffe0077f63f00 syz-executor
1013 1 764 0 S uwait 0xfffffe0058a9aa00 syz-executor
990 1 766 0 S uwait 0xfffffe0077f63d00 syz-executor
984 1 764 0 S uwait 0xfffffe006eb13700 syz-executor
983 1 764 0 S uwait 0xfffffe0058a9d780 syz-executor
974 1 767 0 S uwait 0xfffffe0058cf0800 syz-executor
973 0 0 0 DL (threaded) [so_splice]
100298 D - 0xfffffe0077f64580 [thr_0]
100350 D - 0xfffffe0077f645c0 [thr_1]
960 0 0 0 DL - 0xffffffff83a9f300 [soaiod4]
959 0 0 0 DL - 0xffffffff83a9f300 [soaiod3]
958 0 0 0 DL - 0xffffffff83a9f300 [soaiod2]
957 0 0 0 DL - 0xffffffff83a9f300 [soaiod1]
956 1 764 0 S uwait 0xfffffe0058cef100 syz-executor
951 1 765 0 S uwait 0xfffffe005859ca80 syz-executor
943 1 766 0 S uwait 0xfffffe006eb13500 syz-executor
939 1 765 0 S uwait 0xfffffe006eb13d80 syz-executor
938 0 0 0 DL (threaded) [KTLS]
100168 D - 0xfffffe0058e29200 [thr_0]
100289 D - 0xfffffe0058e29280 [thr_1]
100290 D - 0xffffffff83aa0b28 [reclaim_0]
937 1 767 0 S uwait 0xfffffe0058a9d680 syz-executor
930 1 764 0 S uwait 0xfffffe0058cef400 syz-executor
929 1 764 0 S uwait 0xfffffe0058a9a280 syz-executor
899 1 764 0 S uwait 0xfffffe006eb14100 syz-executor
898 1 764 0 S uwait 0xfffffe006eb14300 syz-executor
897 1 764 0 S uwait 0xfffffe006eb13600 syz-executor
896 1 764 0 S uwait 0xfffffe0058cf0900 syz-executor
890 1 765 0 S uwait 0xfffffe0058cf1180 syz-executor
886 1 766 0 S uwait 0xfffffe0058cf0f00 syz-executor
860 0 0 0 DL - 0xffffffff83939c20 [accounting]
840 1 767 0 S uwait 0xfffffe006eb13e80 syz-executor
828 1 764 0 S uwait 0xfffffe006eb14000 syz-executor
825 1 766 0 S uwait 0xfffffe005859cb80 syz-executor
818 0 0 0 DL aiordy 0xfffffe005490a040 [aiod4]
817 0 0 0 DL aiordy 0xfffffe005490ab00 [aiod3]
815 0 0 0 DL aiordy 0xfffffe005490a5a0 [aiod2]
814 0 0 0 DL aiordy 0xfffffe00548f1060 [aiod1]
767 763 767 0 S nanslp 0xffffffff8398f401 syz-executor
766 763 766 0 S nanslp 0xffffffff8398f401 syz-executor
765 763 765 0 S nanslp 0xffffffff8398f401 syz-executor
764 763 764 0 S nanslp 0xffffffff8398f401 syz-executor
763 761 761 0 S select 0xfffffe005859ca40 syz-executor
761 759 761 0 Ss pause 0xfffffe00548d7630 csh
759 682 759 0 Ss select 0xfffffe005859cc40 sshd
748 1 748 0 Ss+ ttyin 0xfffffe000826d8b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe0058e218b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe0058e21cb0 getty
745 1 745 0 Ss+ ttyin 0xfffffe0058e220b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe0058e224b0 getty
743 1 743 0 Ss+ ttyin 0xfffffe0058e228b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe0058e22cb0 getty
741 1 741 0 Ss+ ttyin 0xfffffe0058e230b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe0058e234b0 getty
738 1 18 0 S+ piperd 0xfffffe006e6d4cc0 logger
737 736 18 0 S+ nanslp 0xffffffff8398f401 sleep
736 1 18 0 S+ wait 0xfffffe00548eeac0 sh
686 1 686 0 Ss nanslp 0xffffffff8398f400 cron
682 1 682 0 Ss select 0xfffffe0058cf1440 sshd
495 1 495 0 Ss select 0xfffffe0058a9a840 syslogd
424 1 424 0 Ss wait 0xfffffe0054804b00 devd
423 1 423 65 Ss select 0xfffffe0058a9a640 dhclient
338 1 338 0 Ss select 0xfffffe0058a9a6c0 dhclient
335 1 335 0 Ss select 0xfffffe0058a9a9c0 dhclient
17 0 0 0 DL syncer 0xffffffff83aacca0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe0008026040 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100080 D psleep 0xffffffff83aab260 [bufdaemon]
100083 D - 0xffffffff82e02140 [bufspacedaemon-0]
100093 D sdflush 0xfffffe006bcb6ce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83af6240 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83adc1b8 [dom0]
100081 D launds 0xffffffff83adc1c4 [laundry: dom0]
100082 D umarcl 0xffffffff81d89660 [uma]
7 0 0 0 DL - 0xffffffff8370cbd0 [rand_harvestq]
6 0 0 0 TL pftm 0xffffffff843c1710 [pf purge]
5 0 0 0 DL waiting 0xffffffff8428f580 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100046 D - 0xffffffff836d7340 [doneq0]
100047 D - 0xffffffff836d72c0 [async]
100076 D - 0xffffffff836d7140 [scanner]
3 0 0 0 DL (threaded) [crypto]
100043 D crypto_ 0xffffffff83ad79e0 [crypto]
100044 D crypto_ 0xfffffe0008278d30 [crypto returns 0]
100045 D crypto_ 0xfffffe0008278d80 [crypto returns 1]
14 0 0 0 DL seqstat 0xfffffe00584cb488 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100037 D - 0xffffffff83937de0 [g_event]
100038 D - 0xffffffff83937e00 [g_up]
100039 D - 0xffffffff83937e20 [g_down]
2 0 0 0 WL (threaded) [clock]
100031 I [clock (0)]
100032 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100013 I [swi6: task queue]
100014 I [swi6: Giant taskq]
100016 I [swi5: fast taskq]
100033 I [swi1: netisr 0]
100034 I [swi1: hpts]
100035 I [swi1: hpts]
100048 I [irq24: virtio_pci0]
100049 I [irq25: virtio_pci0]
100050 I [irq26: virtio_pci0]
100051 I [irq27: virtio_pci0]
100052 I [irq28: virtio_pci1]
100053 I [irq29: virtio_pci1]
100054 I [irq30: virtio_pci1]
100055 I [irq31: virtio_pci1]
100056 I [irq32: virtio_pci1]
100061 I [irq10: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe0008007040 [init]
10 0 0 0 DL audit_w 0xffffffff83ad8480 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D parked 0xffffffff84a16ff0 [swapper]
100005 D - 0xfffffe0008bde900 [softirq_0]
100006 D - 0xfffffe0008bde800 [softirq_1]
100007 D - 0xfffffe0008bde700 [if_io_tqg_0]
100008 D - 0xfffffe0008bde600 [if_io_tqg_1]
100009 D - 0xfffffe0008bde500 [if_config_tqg_0]
100010 D - 0xfffffe0008bde400 [kqueue_ctx taskq]
100011 D - 0xfffffe0008bde300 [jail_remove taskq]
100012 D - 0xfffffe0008bde200 [bus taskq]
100015 D - 0xfffffe0008bdde00 [thread taskq]
100017 D - 0xfffffe0008bddc00 [aiod_kick taskq]
100018 D - 0xfffffe0008bddb00 [deferred_unmount ta]
100019 D - 0xfffffe0008bdda00 [inm_free taskq]
100020 D - 0xfffffe0008bdd900 [in6m_free taskq]
100021 D - 0xfffffe0008bdd800 [linuxkpi_irq_wq]
100022 D - 0xfffffe0008bdd700 [linuxkpi_short_wq_0]
100023 D - 0xfffffe0008bdd700 [linuxkpi_short_wq_1]
100024 D - 0xfffffe0008bdd700 [linuxkpi_short_wq_2]
100025 D - 0xfffffe0008bdd700 [linuxkpi_short_wq_3]
100026 D - 0xfffffe0008bdd600 [linuxkpi_long_wq_0]
100027 D - 0xfffffe0008bdd600 [linuxkpi_long_wq_1]
100028 D - 0xfffffe0008bdd600 [linuxkpi_long_wq_2]
100029 D - 0xfffffe0008bdd600 [linuxkpi_long_wq_3]
100036 D - 0xfffffe0008bdd400 [firmware taskq]
100041 D - 0xfffffe0008bdc800 [crypto_0]
100042 D - 0xfffffe0008bdc800 [crypto_1]
100057 D - 0xfffffe00585ea100 [vtnet0 rxq 0]
100058 D - 0xfffffe00585ea000 [vtnet0 txq 0]
100059 D - 0xfffffe00585e9e00 [vtnet0 rxq 1]
100060 D - 0xfffffe00585e9d00 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe0058599680 [virtio_balloon]
100066 D - 0xffffffff82758280 [deadlkres]
100070 D - 0xfffffe0008bdc300 [acpi_task_0]
100071 D - 0xfffffe0008bdc300 [acpi_task_1]
100072 D - 0xfffffe0008bdc300 [acpi_task_2]
100074 D - 0xfffffe0008bdea00 [mca taskq]
100075 D - 0xfffffe0008bdc100 [CAM taskq]
100077 D - 0xfffffe0058c45a00 [ipsec_offload]
100372 D - 0xfffffe006e85f700 [netlink_socket (PID]
100388 D - 0xfffffe006ebb5a00 [netlink_socket (PID]
100501 D - 0xfffffe0059ea3e00 [netlink_socket (PID]
100759 D - 0xfffffe006eaa0b00 [system_taskq_0]
100760 D - 0xfffffe006eaa0b00 [system_taskq_1]
100761 D - 0xfffffe0059e87500 [system_delay_taskq_]
100762 D - 0xfffffe0059e87500 [system_delay_taskq_]
100764 D - 0xfffffe0059e87600 [arc_prune]
100765 D - 0xfffffe0059e87900 [arc_flush_0]
100766 D - 0xfffffe0059e87900 [arc_flush_1]
100779 D - 0xfffffe006e85f900 [netlink_socket (PID]
100792 D - 0xfffffe0077f90e00 [dbu_evict]
100813 D - 0xfffffe006eaa7e00 [z_vdev_file_0]
100814 D - 0xfffffe006eaa7e00 [z_vdev_file_1]
100815 D - 0xfffffe006eaa7e00 [z_vdev_file_2]
100816 D - 0xfffffe006eaa7e00 [z_vdev_file_3]
100817 D - 0xfffffe006eaa7e00 [z_vdev_file_4]
100818 D - 0xfffffe006eaa7e00 [z_vdev_file_5]
100819 D - 0xfffffe006eaa7e00 [z_vdev_file_6]
100820 D - 0xfffffe006eaa7e00 [z_vdev_file_7]
100821 D - 0xfffffe006eaa7e00 [z_vdev_file_8]
100822 D - 0xfffffe006eaa7e00 [z_vdev_file_9]
100823 D - 0xfffffe006eaa7e00 [z_vdev_file_10]
100824 D - 0xfffffe006eaa7e00 [z_vdev_file_11]
100825 D - 0xfffffe006eaa7e00 [z_vdev_file_12]
100826 D - 0xfffffe006eaa7e00 [z_vdev_file_13]
100827 D - 0xfffffe006eaa7e00 [z_vdev_file_14]
100828 D - 0xfffffe006eaa7e00 [z_vdev_file_15]
100877 D - 0xfffffe006eaacd00 [zfsvfs]
1495 767 767 0 RE CPU 1 syz-executor
db> show all locks
Process 1520 (syz-executor) thread 0xfffffe007a264000 (101149)
exclusive lockmgr bufwait (bufwait) r = 0 (0xfffffe0008666210) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:4023
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe007a41a750) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_vnops.c:1236
Process 1519 (syz-executor) thread 0xfffffe007a240740 (101148)
shared sx vm map (user) (vm map (user)) r = 0 (0xfffffe007a256bc8) locked @ /syzkaller/managers/main/kernel/sys/vm/vm_map.c:4995
Process 1507 (syz-executor) thread 0xfffffe007a25c740 (101144)
exclusive sx filemon (filemon) r = 0 (0xfffffe007822a000) locked @ /syzkaller/managers/main/kernel/sys/dev/filemon/filemon.c:367
Process 1507 (syz-executor) thread 0xfffffe007a205000 (101145)
exclusive sx so_rcv_sx (so_rcv_sx) r = 0 (0xfffffe0078f079c0) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4836
exclusive sx so_snd_sx (so_snd_sx) r = 0 (0xfffffe0078f07980) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4830
db> show malloc
Type InUse MemUse Requests
pf_hash 6 12804K 6
linker 425 12576K 697
tcp_hpts 7 4801K 7
devbuf 4188 4324K 4219
filedesc 496 3952K 1246
solaris 2244 3597K 4470
sysctloid 45107 2650K 45219
sctp_stro 5 2312K 17
vtbuf 24 1968K 46
subproc 642 1365K 1864
kobj 330 1320K 539
newblk 49 1036K 4636
vfscache 3 1025K 3
pcb 149 759K 531
inodedep 34 525K 982
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
vmem 5 276K 9
vnet_data 2 224K 2
acpitask 1 224K 1
md_sectors 52 208K 52
KTRACE 101 201K 22012
acpica 1674 184K 54408
tidhash 3 141K 3
pagedep 26 135K 473
tfo_ccache 1 128K 1
IP reass 1 128K 1
kdtrace 730 125K 2673
DEVFS1 115 115K 132
umtx 864 108K 864
sem 4 106K 4
gtaskqueue 18 98K 18
bus 994 81K 5040
mtx_pool 3 74K 3
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 525 66K 528
ddb_capture 1 64K 1
BPF 27 38K 48
temp 36 38K 2322
shm 2 34K 13
DEVFS3 134 34K 144
hostcache 1 32K 1
msg 4 30K 4
kbdmux 6 28K 6
kqueue 317 23K 2179
md_disk 57 22K 60
DEVFS_RULE 56 20K 56
pwddesc 309 20K 1650
kstat_data 19 19K 19
ifaddr 67 19K 69
LRO 18 19K 18
lockf 177 17K 721
ufs_mount 4 17K 5
sctp_atcl 44 17K 175
proc 3 17K 3
filemon 2 16K 19
tty 16 16K 16
routetbl 130 16K 434
GEOM 96 16K 637
lltable 48 15K 50
ithread 90 15K 90
bus-sc 34 15K 1637
eventhandler 166 14K 166
ether_multi 159 13K 199
ifnet 7 13K 7
kenv 95 12K 95
shmfd 7 11K 22
taskqueue 102 11K 120
CAM queue 5 11K 1528
rman 82 10K 437
plimit 25 10K 360
rpc 8 9K 8
cred 35 9K 285
in6_multi 65 9K 65
bmsafemap 2 9K 816
devstat 4 9K 4
UART 12 9K 12
ksem 1 8K 9
pfs_vncache 1 8K 1
audit_evclass 239 8K 301
crypto 18 8K 76
DEVFSP 103 7K 238
proc-args 323 7K 2624
UMA 342 7K 342
sglist 6 7K 6
CAM DEV 3 6K 510
pfs_nodes 22 6K 22
CC Mem 41 6K 391
pf_ifnet 12 5K 25
inpcbpolicy 149 5K 995
ufs_dirhash 24 5K 39
tcp_fsb_rack 2 5K 28
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
acpisem 28 4K 28
cryptodev 54 4K 274
ip6opt 7 4K 60
selfd 50 4K 119964
mount 20 4K 1246
session 24 3K 41
terminal 11 3K 11
uidinfo 6 3K 26
acpidev 20 3K 20
hhook 8 3K 10
newdirblk 18 3K 414
clone 9 3K 9
kcovinfo 36 3K 36
sctp_timw 8 2K 8
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
in_multi 8 2K 16
ip6ndp 12 2K 13
osd 71 2K 439
sctp_atky 49 2K 190
sctp_ifa 13 2K 14
Unitno 26 2K 59
CAM XPT 22 2K 543
tun 4 2K 4
vnodemarker 3 2K 63
select 12 2K 75
toponodes 6 2K 6
diradd 11 2K 773
ipsecpolicy 2 2K 2
indirdep 5 2K 759
msi 9 2K 9
mkdir 9 2K 826
netlink 2 2K 82
softdep 1 1K 1
dirrem 4 1K 750
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
NFSD session 1 1K 1
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_ifn 6 1K 14
mld 6 1K 6
igmp 6 1K 6
pfil 6 1K 6
isadev 6 1K 6
pci_link 10 1K 10
sctp_athm 44 1K 175
iov 4 1K 16483
encap_export_host 12 1K 12
filecaps 6 1K 98
cdev 2 1K 2
ktls 7 1K 33
lkpikmalloc 8 1K 9
ip_msource 7 1K 23
ktls_ocf 3 1K 5
chacha20random 1 1K 1
biobuf 1 1K 1
ip6_msource 5 1K 5
filedesc_to_leader 5 1K 14
vnodes 2 1K 11
freework 2 1K 1148
tcp_pcm_rack 1 1K 16
freefile 2 1K 590
freeblks 1 1K 501
procdesc 2 1K 12
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
prison 8 1K 8
feeder 7 1K 7
taskq 2 1K 2
frag6 2 1K 2
tcpfunc 3 1K 3
loginclass 3 1K 5
sctp_map 10 1K 34
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
in6_mfilter 2 1K 14
ip_moptions 2 1K 27
aio 4 1K 11
pmchooks 1 1K 1
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
soname 4 1K 3923
ip6_moptions 3 1K 8
in_mfilter 2 1K 52
sctp_vrf 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
sigio 1 1K 5
entropy 2 1K 35
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
sfs_nodes 0 0K 0
zones_data 0 0K 0
ext2_mount 0 0K 0
ext2_node 0 0K 0
ext2_extents 0 0K 0
mqdata 0 0K 0
tcp_do_rack 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
pf_table 0 0K 6
pf_rule 0 0K 4
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 38
sctp_iter 0 0K 11
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 11
sctp_aadr 0 0K 0
sctp_stri 0 0K 4
madt_table 0 0K 2
smartpqi 0 0K 0
ixl 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
fpukern_ctx 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
NMI handlers 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
amdiommu_dom 0 0K 0
amdiommu_ctx 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
aesni_data 0 0K 2
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 976
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 31
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 148
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpimhi 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 24
fadvise 0 0K 5
VN POLL 0 0K 9
statfs 0 0K 207
namei_tracker 0 0K 2
export_host 0 0K 0
cl_savebuf 0 0K 103
lio 0 0K 22
acl 0 0K 0
mbuf_tag 0 0K 0
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
ioctlops 0 0K 217
eventfd 0 0K 8
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 486
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 651
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 1
rctl 0 0K 0
cache 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 102
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 5
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 1052
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_c
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 7121e9414f29 wg: Improve wg_peer_alloc() to simplify the c..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=10acd204580000
dashboard link: https://syzkaller.appspot.com/bug?extid=9cc248c4b0ca9b931ab4
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+9cc248...@syzkaller.appspotmail.com
panic: ktls_frame: mapped mbuf 0xfffffe006d1de000 (top = 0xfffffe006d1de000)
cpuid = 0
time = 1
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0057b780b0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0057b78210
vpanic() at vpanic+0x257/frame 0xfffffe0057b783d0
panic() at panic+0xb5/frame 0xfffffe0057b78490
ktls_frame() at ktls_frame+0x694/frame 0xfffffe0057b78550
sosend_generic_locked() at sosend_generic_locked+0xb51/frame 0xfffffe0057b78730
so_splice_xfer() at so_splice_xfer+0x661/frame 0xfffffe0057b788c0
so_splice() at so_splice+0x788/frame 0xfffffe0057b78950
sosetopt() at sosetopt+0x1118/frame 0xfffffe0057b78b50
kern_setsockopt() at kern_setsockopt+0x2ae/frame 0xfffffe0057b78cc0
sys_setsockopt() at sys_setsockopt+0x77/frame 0xfffffe0057b78d10
amd64_syscall() at amd64_syscall+0x4af/frame 0xfffffe0057b78f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0057b78f30
--- syscall (198, FreeBSD ELF64, __syscall), rip = 0x3a197a, rsp = 0x82ade9f08, rbp = 0x82ade9f80 ---
KDB: enter: panic
[ thread pid 1507 tid 101145 ]
Stopped at kdb_enter+0x6e: movq $0,0x23e7bb7(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe0074400000
rdx 0x7ffff
rbx 0xffffffff82752f40 .str.27
rsp 0xfffffe0057b781f0
rbp 0xfffffe0057b78210
rsi 0x80001
rdi 0xffffffff815dbb59 printf+0x149
r8 0
r9 0xffffffff
r10 0
r11 0x16
r12 0xfffffe007a205000
r13 0xfffffffffffffffe
r14 0xffffffff82752f40 .str.27
r15 0
rip 0xffffffff815c64de kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x23e7bb7(%rip)
db> show proc
Process 1507 (syz-executor) at 0xfffffe007a24b560:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 766 at 0xfffffe00548d9060
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: ./syz-executor exec
reaper: 0xfffffe0008007040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe007a255b68
(map 0xfffffe007a255b68)
(map.pmap 0xfffffe007a255c08)
(pmap 0xfffffe007a255c78)
threads: 6
101065 RunQ syz-executor
101128 S pipdwt 0xfffffe007a4662e0 syz-executor
101135 S pipbww 0xfffffe007a4662e0 syz-executor
101141 D filemon 0xfffffe007822a000 syz-executor
101144 S pipbww 0xfffffe007a4662e0 syz-executor
101145 Run CPU 0 syz-executor
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1520 765 765 0 R (threaded) syz-executor
101039 RunQ syz-executor
101149 RunQ syz-executor
101150 RunQ syz-executor
1519 764 764 0 R (threaded) syz-executor
101059 RunQ syz-executor
101148 RunQ syz-executor
1515 1 765 0 S uwait 0xfffffe007a5b4e00 syz-executor
1512 1 764 0 S uwait 0xfffffe007a65ba00 syz-executor
1511 1 764 0 S uwait 0xfffffe007a65ca00 syz-executor
1507 766 1507 0 Rs (threaded) syz-executor
101065 RunQ syz-executor
101128 S pipdwt 0xfffffe007a4662e0 syz-executor
101135 S pipbww 0xfffffe007a4662e0 syz-executor
101141 D filemon 0xfffffe007822a000 syz-executor
101144 S pipbww 0xfffffe007a4662e0 syz-executor
101145 Run CPU 0 syz-executor
1502 1 766 0 T uwait 0xfffffe007a65bc00 syz-executor
1500 1 765 0 S uwait 0xfffffe00796d9580 syz-executor
1497 1496 767 0 S uwait 0xfffffe007a65be00 syz-executor
1496 1495 767 0 SV wait 0xfffffe007a22eae0 syz-executor
1494 1 767 0 S uwait 0xfffffe007a65c500 syz-executor
1487 0 0 0 DL mdwait 0xfffffe0059dc8000 [md4]
1482 1 766 0 SV uwait 0xfffffe007a5b4580 syz-executor
1477 1 765 0 S uwait 0xfffffe007a5b4400 syz-executor
1464 1 765 0 S uwait 0xfffffe00796d9380 syz-executor
1462 1 766 0 S uwait 0xfffffe007a5b4880 syz-executor
1460 1 767 0 S uwait 0xfffffe007a5b4980 syz-executor
1458 1 766 0 S uwait 0xfffffe0078d1aa80 syz-executor
1455 1 764 0 SV uwait 0xfffffe0078d1ae80 syz-executor
1443 1 766 0 S uwait 0xfffffe007a5b4680 syz-executor
1441 1 764 0 S uwait 0xfffffe007a5b4780 syz-executor
1437 1 766 0 S uwait 0xfffffe0078d1ad80 syz-executor
1431 1 765 0 S uwait 0xfffffe007a5b5480 syz-executor
1429 1 767 0 S uwait 0xfffffe00796d7280 syz-executor
1416 1 766 0 S uwait 0xfffffe00796d6a00 syz-executor
1411 1410 767 0 SV uwait 0xfffffe0078d1a980 syz-executor
1410 1409 767 0 DV ppwait 0xfffffe007a236a80 syz-executor
1409 1408 767 0 DV ppwait 0xfffffe007a236fe0 syz-executor
1408 1407 767 0 DV ppwait 0xfffffe007a237540 syz-executor
1407 1406 767 0 DV ppwait 0xfffffe007a237aa0 syz-executor
1406 1405 767 0 DV ppwait 0xfffffe007a238000 syz-executor
1405 1404 767 0 DV ppwait 0xfffffe007a238560 syz-executor
1404 1403 767 0 DV ppwait 0xfffffe00549f9a80 syz-executor
1403 1402 767 0 DV ppwait 0xfffffe00549f9fe0 syz-executor
1402 1401 767 0 DV ppwait 0xfffffe00549fa540 syz-executor
1401 1400 767 0 DV ppwait 0xfffffe00549faaa0 syz-executor
1400 1399 767 0 DV ppwait 0xfffffe00549fb000 syz-executor
1399 1397 767 0 DV ppwait 0xfffffe00549fb560 syz-executor
1397 1396 767 0 DV ppwait 0xfffffe00549fbac0 syz-executor
1396 1395 767 0 DV ppwait 0xfffffe007a235a60 syz-executor
1395 1394 767 0 DV ppwait 0xfffffe007a228000 syz-executor
1394 1393 767 0 DV ppwait 0xfffffe007a228560 syz-executor
1393 1392 767 0 DV ppwait 0xfffffe007a228ac0 syz-executor
1392 1391 767 0 DV ppwait 0xfffffe007a22d500 syz-executor
1391 1390 767 0 DV ppwait 0xfffffe007a22da60 syz-executor
1390 1389 767 0 DV ppwait 0xfffffe007a22dfc0 syz-executor
1389 1388 767 0 DV ppwait 0xfffffe007a22e520 syz-executor
1388 1387 767 0 DV ppwait 0xfffffe007a22ea80 syz-executor
1387 1386 767 0 DV ppwait 0xfffffe007a225500 syz-executor
1386 1385 767 0 DV ppwait 0xfffffe007a225a60 syz-executor
1385 1384 767 0 DV ppwait 0xfffffe007a225fc0 syz-executor
1384 1383 767 0 DV ppwait 0xfffffe007a226520 syz-executor
1383 1382 767 0 DV ppwait 0xfffffe007a226a80 syz-executor
1382 1381 767 0 DV ppwait 0xfffffe007a226fe0 syz-executor
1381 1380 767 0 DV ppwait 0xfffffe007a227540 syz-executor
1380 1379 767 0 DV ppwait 0xfffffe007a227aa0 syz-executor
1379 1378 767 0 DV ppwait 0xfffffe007a21a520 syz-executor
1378 1377 767 0 DV ppwait 0xfffffe007a21aa80 syz-executor
1377 1376 767 0 DV ppwait 0xfffffe007a21afe0 syz-executor
1376 1375 767 0 DV ppwait 0xfffffe007a21b540 syz-executor
1375 1374 767 0 DV ppwait 0xfffffe007a21baa0 syz-executor
1374 1373 767 0 DV ppwait 0xfffffe007a21c000 syz-executor
1373 1372 767 0 DV ppwait 0xfffffe007a21c560 syz-executor
1372 1371 767 0 DV ppwait 0xfffffe007a21cac0 syz-executor
1371 1370 767 0 DV ppwait 0xfffffe007a213540 syz-executor
1370 1369 767 0 DV ppwait 0xfffffe007a213aa0 syz-executor
1369 1368 767 0 DV ppwait 0xfffffe007a214000 syz-executor
1368 1367 767 0 DV ppwait 0xfffffe007a214560 syz-executor
1367 1366 767 0 DV ppwait 0xfffffe007a214ac0 syz-executor
1366 1365 767 0 DV ppwait 0xfffffe007a219500 syz-executor
1365 1364 767 0 DV ppwait 0xfffffe007a219a60 syz-executor
1364 1363 767 0 DV ppwait 0xfffffe007a219fc0 syz-executor
1363 1362 767 0 DV ppwait 0xfffffe007a20d560 syz-executor
1362 1361 767 0 DV ppwait 0xfffffe007a20dac0 syz-executor
1361 1360 767 0 DV ppwait 0xfffffe007a211500 syz-executor
1360 1359 767 0 DV ppwait 0xfffffe007a211a60 syz-executor
1359 1358 767 0 DV ppwait 0xfffffe007a211fc0 syz-executor
1358 1357 767 0 DV ppwait 0xfffffe007a212520 syz-executor
1357 1356 767 0 DV ppwait 0xfffffe007a212a80 syz-executor
1356 1355 767 0 DV ppwait 0xfffffe007a212fe0 syz-executor
1355 1354 767 0 DV ppwait 0xfffffe007a20aa60 syz-executor
1354 1353 767 0 DV ppwait 0xfffffe007a20afc0 syz-executor
1353 1352 767 0 DV ppwait 0xfffffe007a20b520 syz-executor
1352 1351 767 0 DV ppwait 0xfffffe007a20ba80 syz-executor
1351 1350 767 0 DV ppwait 0xfffffe007a20bfe0 syz-executor
1350 1349 767 0 DV ppwait 0xfffffe007a20c540 syz-executor
1349 1348 767 0 DV ppwait 0xfffffe007a20caa0 syz-executor
1348 1347 767 0 DV ppwait 0xfffffe007a20d000 syz-executor
1347 1346 767 0 DV ppwait 0xfffffe00549c1fe0 syz-executor
1346 1 767 0 DV ppwait 0xfffffe00549c2540 syz-executor
1343 1 765 0 S uwait 0xfffffe0078d1a480 syz-executor
1340 1 765 0 S uwait 0xfffffe006eb11980 syz-executor
1338 1 767 0 S uwait 0xfffffe00796d6d00 syz-executor
1336 1 764 0 S uwait 0xfffffe0078d18b00 syz-executor
1331 1 764 0 S uwait 0xfffffe00796d6900 syz-executor
1329 1 766 60929 SV sigwait 0xfffffe00549cb670 syz-executor
1321 1 767 0 S uwait 0xfffffe00796d7c80 syz-executor
1318 1 765 0 S uwait 0xfffffe0078d18a00 syz-executor
1313 1 765 0 S uwait 0xfffffe00796d8e00 syz-executor
1305 0 0 0 DL mdwait 0xfffffe006eac7000 [md3]
1300 1 766 0 SV uwait 0xfffffe0078d19380 syz-executor
1285 1 767 0 S uwait 0xfffffe00796d8d00 syz-executor
1284 1 766 0 S uwait 0xfffffe00796d9280 syz-executor
1283 1 765 0 S uwait 0xfffffe00796d8a00 syz-executor
1275 1 767 0 S uwait 0xfffffe0058cf2e00 syz-executor
1272 1 765 0 S uwait 0xfffffe0058cf2700 syz-executor
1271 1 765 0 S uwait 0xfffffe006eb11a80 syz-executor
1267 1 766 0 S uwait 0xfffffe0078d19280 syz-executor
1264 1 765 0 SV lockf 0xfffffe00585fb980 syz-executor
1263 1 765 0 S uwait 0xfffffe00796d9680 syz-executor
1262 1 766 0 S uwait 0xfffffe0078d19e00 syz-executor
1257 1256 765 0 SV uwait 0xfffffe006eb14e80 syz-executor
1256 1255 765 0 DV ppwait 0xfffffe00549d2540 syz-executor
1255 1254 765 0 DV ppwait 0xfffffe00549c8fc0 syz-executor
1254 1253 765 0 DV ppwait 0xfffffe00549c9520 syz-executor
1253 1252 765 0 DV ppwait 0xfffffe00549c9a80 syz-executor
1252 1251 765 0 DV ppwait 0xfffffe00549c9fe0 syz-executor
1251 1250 765 0 DV ppwait 0xfffffe00549ca540 syz-executor
1250 1249 765 0 DV ppwait 0xfffffe00549caaa0 syz-executor
1249 1248 765 0 DV ppwait 0xfffffe00549cb000 syz-executor
1248 1247 765 0 DV ppwait 0xfffffe00549cb560 syz-executor
1247 1246 765 0 DV ppwait 0xfffffe00549bb000 syz-executor
1246 1245 765 0 DV ppwait 0xfffffe00549bb560 syz-executor
1245 1244 765 0 DV ppwait 0xfffffe00549bbac0 syz-executor
1244 1243 765 0 DV ppwait 0xfffffe00549c0500 syz-executor
1243 1242 765 0 DV ppwait 0xfffffe00549c8a60 syz-executor
1242 1241 765 0 DV ppwait 0xfffffe00549c0a60 syz-executor
1241 1240 765 0 DV ppwait 0xfffffe00549c0fc0 syz-executor
1240 1239 765 0 DV ppwait 0xfffffe00549c1520 syz-executor
1239 1238 765 0 DV ppwait 0xfffffe00549c1a80 syz-executor
1238 1237 765 0 DV ppwait 0xfffffe00549b8500 syz-executor
1237 1236 765 0 DV ppwait 0xfffffe00549b8a60 syz-executor
1236 1235 765 0 DV ppwait 0xfffffe00549b8fc0 syz-executor
1235 1234 765 0 DV ppwait 0xfffffe00549b9520 syz-executor
1234 1233 765 0 DV ppwait 0xfffffe00549b9a80 syz-executor
1233 1232 765 0 DV ppwait 0xfffffe00549b9fe0 syz-executor
1232 1231 765 0 DV ppwait 0xfffffe00549ba540 syz-executor
1231 1230 765 0 DV ppwait 0xfffffe00549baaa0 syz-executor
1230 1229 765 0 DV ppwait 0xfffffe00549ad520 syz-executor
1229 1228 765 0 DV ppwait 0xfffffe00549ada80 syz-executor
1228 1227 765 0 DV ppwait 0xfffffe00549adfe0 syz-executor
1227 1226 765 0 DV ppwait 0xfffffe00549ae540 syz-executor
1226 1225 765 0 DV ppwait 0xfffffe00549aeaa0 syz-executor
1225 1224 765 0 DV ppwait 0xfffffe00549af000 syz-executor
1224 1223 765 0 DV ppwait 0xfffffe00549af560 syz-executor
1223 1222 765 0 DV ppwait 0xfffffe00549afac0 syz-executor
1222 1221 765 0 DV ppwait 0xfffffe005499f560 syz-executor
1221 1220 765 0 DV ppwait 0xfffffe005499fac0 syz-executor
1220 1219 765 0 DV ppwait 0xfffffe00549a4500 syz-executor
1219 1218 765 0 DV ppwait 0xfffffe00549a4a60 syz-executor
1218 1217 765 0 DV ppwait 0xfffffe00549a4fc0 syz-executor
1217 1216 765 0 DV ppwait 0xfffffe00549a5520 syz-executor
1216 1215 765 0 DV ppwait 0xfffffe00549a6540 syz-executor
1215 1214 765 0 DV ppwait 0xfffffe00549a6aa0 syz-executor
1214 1213 765 0 DV ppwait 0xfffffe00549a7000 syz-executor
1213 1212 765 0 DV ppwait 0xfffffe00549a7560 syz-executor
1212 1211 765 0 DV ppwait 0xfffffe00549a7ac0 syz-executor
1211 1210 765 0 DV ppwait 0xfffffe00549ac500 syz-executor
1210 1209 765 0 DV ppwait 0xfffffe00549a5a80 syz-executor
1209 1208 765 0 DV ppwait 0xfffffe00549aca60 syz-executor
1208 1207 765 0 DV ppwait 0xfffffe00549acfc0 syz-executor
1207 1205 765 0 DV ppwait 0xfffffe005499ca60 syz-executor
1205 1204 765 0 DV ppwait 0xfffffe005499cfc0 syz-executor
1204 1203 765 0 DV ppwait 0xfffffe005499da80 syz-executor
1203 1202 765 0 DV ppwait 0xfffffe00549a5fe0 syz-executor
1202 1201 765 0 DV ppwait 0xfffffe005499dfe0 syz-executor
1201 1199 765 0 DV ppwait 0xfffffe005499c500 syz-executor
1199 1198 765 0 DV ppwait 0xfffffe005499e540 syz-executor
1198 1197 765 0 DV ppwait 0xfffffe0054989a80 syz-executor
1197 1196 765 0 DV ppwait 0xfffffe0054989fe0 syz-executor
1196 1195 765 0 DV ppwait 0xfffffe005498a540 syz-executor
1195 1194 765 0 DV ppwait 0xfffffe005498aaa0 syz-executor
1194 1193 765 0 DV ppwait 0xfffffe005498b000 syz-executor
1193 1192 765 0 DV ppwait 0xfffffe005499f000 syz-executor
1192 1191 765 0 DV ppwait 0xfffffe005498b560 syz-executor
1191 1 765 0 DV ppwait 0xfffffe005498bac0 syz-executor
1174 1173 1174 0 SVs select 0xfffffe006eb11440 syz-executor
1173 1 766 0 DV ppwait 0xfffffe0054975ac0 syz-executor
1168 1 766 0 S uwait 0xfffffe006eb11680 syz-executor
1167 1 766 0 S uwait 0xfffffe0058cf2f00 syz-executor
1156 1 767 0 S uwait 0xfffffe006eb11080 syz-executor
1153 1 764 0 S uwait 0xfffffe0077f64680 syz-executor
1152 1 764 0 S umtxn 0xfffffe006eb14400 syz-executor
1150 1 764 0 S uwait 0xfffffe0077f63100 syz-executor
1149 1 764 0 S uwait 0xfffffe0058cef500 syz-executor
1148 1 765 0 S uwait 0xfffffe0077f63000 syz-executor
1141 0 0 0 DL mdwait 0xfffffe006ead9000 [md2]
1139 0 0 0 DL mdwait 0xfffffe006eada000 [md1]
1137 1 767 0 S uwait 0xfffffe0077f63300 syz-executor
1135 1 767 0 S uwait 0xfffffe006eb12780 syz-executor
1131 0 0 0 DL mdwait 0xfffffe006eac6000 [md0]
1130 1 764 0 S uwait 0xfffffe0077f64180 syz-executor
1123 1122 765 0 SV uwait 0xfffffe006eb12100 syz-executor
1122 1121 765 0 DV ppwait 0xfffffe0054970aa0 syz-executor
1121 1120 765 0 DV ppwait 0xfffffe0054923560 syz-executor
1120 1119 765 0 DV ppwait 0xfffffe0054980540 syz-executor
1119 1118 765 0 DV ppwait 0xfffffe0054972fc0 syz-executor
1118 1117 765 0 DV ppwait 0xfffffe0054973520 syz-executor
1117 1116 765 0 DV ppwait 0xfffffe0054973a80 syz-executor
1116 1115 765 0 DV ppwait 0xfffffe0054973fe0 syz-executor
1115 1114 765 0 DV ppwait 0xfffffe0054974540 syz-executor
1114 1113 765 0 DV ppwait 0xfffffe0054974aa0 syz-executor
1113 1112 765 0 DV ppwait 0xfffffe0054975000 syz-executor
1112 1111 765 0 DV ppwait 0xfffffe0054975560 syz-executor
1111 1110 765 0 DV ppwait 0xfffffe005495a000 syz-executor
1110 1109 765 0 DV ppwait 0xfffffe005495a560 syz-executor
1109 1108 765 0 DV ppwait 0xfffffe0054971000 syz-executor
1108 1107 765 0 DV ppwait 0xfffffe005495aac0 syz-executor
1107 1106 765 0 DV ppwait 0xfffffe005496e500 syz-executor
1106 1105 765 0 DV ppwait 0xfffffe0054971560 syz-executor
1105 1104 765 0 DV ppwait 0xfffffe0054971ac0 syz-executor
1104 1103 765 0 DV ppwait 0xfffffe0054972500 syz-executor
1103 1102 765 0 DV ppwait 0xfffffe0054972a60 syz-executor
1102 1100 765 0 DV ppwait 0xfffffe005493e520 syz-executor
1100 1099 765 0 DV ppwait 0xfffffe005493ea80 syz-executor
1099 1098 765 0 DV ppwait 0xfffffe005493efe0 syz-executor
1098 1097 765 0 DV ppwait 0xfffffe005493f540 syz-executor
1097 1096 765 0 DV ppwait 0xfffffe005493faa0 syz-executor
1096 1095 765 0 DV ppwait 0xfffffe0054908a60 syz-executor
1095 1094 765 0 DV ppwait 0xfffffe0054923000 syz-executor
1094 1093 765 0 DV ppwait 0xfffffe0054940560 syz-executor
1093 1092 765 0 DV ppwait 0xfffffe0054920500 syz-executor
1092 1091 765 0 DV ppwait 0xfffffe00548d6fc0 syz-executor
1091 1090 765 0 DV ppwait 0xfffffe005496efc0 syz-executor
1090 1 765 0 DV ppwait 0xfffffe005496f520 syz-executor
1076 1 764 0 S uwait 0xfffffe0058a9d980 syz-executor
1070 1054 1070 0 Ss select 0xfffffe0077f63440 dhclient
1069 1 765 0 S uwait 0xfffffe005859cc80 syz-executor
1061 1 1061 0 Ss select 0xfffffe0077f64640 dhclient
1056 1 767 0 S uwait 0xfffffe0077f64080 syz-executor
1054 1046 424 65 S select 0xfffffe0077f633c0 dhclient
1046 424 424 0 S wait 0xfffffe00548f15c0 sh
1019 1 765 0 SV uwait 0xfffffe0077f63f00 syz-executor
1013 1 764 0 S uwait 0xfffffe0058a9aa00 syz-executor
990 1 766 0 S uwait 0xfffffe0077f63d00 syz-executor
984 1 764 0 S uwait 0xfffffe006eb13700 syz-executor
983 1 764 0 S uwait 0xfffffe0058a9d780 syz-executor
974 1 767 0 S uwait 0xfffffe0058cf0800 syz-executor
973 0 0 0 DL (threaded) [so_splice]
100298 D - 0xfffffe0077f64580 [thr_0]
100350 D - 0xfffffe0077f645c0 [thr_1]
960 0 0 0 DL - 0xffffffff83a9f300 [soaiod4]
959 0 0 0 DL - 0xffffffff83a9f300 [soaiod3]
958 0 0 0 DL - 0xffffffff83a9f300 [soaiod2]
957 0 0 0 DL - 0xffffffff83a9f300 [soaiod1]
956 1 764 0 S uwait 0xfffffe0058cef100 syz-executor
951 1 765 0 S uwait 0xfffffe005859ca80 syz-executor
943 1 766 0 S uwait 0xfffffe006eb13500 syz-executor
939 1 765 0 S uwait 0xfffffe006eb13d80 syz-executor
938 0 0 0 DL (threaded) [KTLS]
100168 D - 0xfffffe0058e29200 [thr_0]
100289 D - 0xfffffe0058e29280 [thr_1]
100290 D - 0xffffffff83aa0b28 [reclaim_0]
937 1 767 0 S uwait 0xfffffe0058a9d680 syz-executor
930 1 764 0 S uwait 0xfffffe0058cef400 syz-executor
929 1 764 0 S uwait 0xfffffe0058a9a280 syz-executor
899 1 764 0 S uwait 0xfffffe006eb14100 syz-executor
898 1 764 0 S uwait 0xfffffe006eb14300 syz-executor
897 1 764 0 S uwait 0xfffffe006eb13600 syz-executor
896 1 764 0 S uwait 0xfffffe0058cf0900 syz-executor
890 1 765 0 S uwait 0xfffffe0058cf1180 syz-executor
886 1 766 0 S uwait 0xfffffe0058cf0f00 syz-executor
860 0 0 0 DL - 0xffffffff83939c20 [accounting]
840 1 767 0 S uwait 0xfffffe006eb13e80 syz-executor
828 1 764 0 S uwait 0xfffffe006eb14000 syz-executor
825 1 766 0 S uwait 0xfffffe005859cb80 syz-executor
818 0 0 0 DL aiordy 0xfffffe005490a040 [aiod4]
817 0 0 0 DL aiordy 0xfffffe005490ab00 [aiod3]
815 0 0 0 DL aiordy 0xfffffe005490a5a0 [aiod2]
814 0 0 0 DL aiordy 0xfffffe00548f1060 [aiod1]
767 763 767 0 S nanslp 0xffffffff8398f401 syz-executor
766 763 766 0 S nanslp 0xffffffff8398f401 syz-executor
765 763 765 0 S nanslp 0xffffffff8398f401 syz-executor
764 763 764 0 S nanslp 0xffffffff8398f401 syz-executor
763 761 761 0 S select 0xfffffe005859ca40 syz-executor
761 759 761 0 Ss pause 0xfffffe00548d7630 csh
759 682 759 0 Ss select 0xfffffe005859cc40 sshd
748 1 748 0 Ss+ ttyin 0xfffffe000826d8b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe0058e218b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe0058e21cb0 getty
745 1 745 0 Ss+ ttyin 0xfffffe0058e220b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe0058e224b0 getty
743 1 743 0 Ss+ ttyin 0xfffffe0058e228b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe0058e22cb0 getty
741 1 741 0 Ss+ ttyin 0xfffffe0058e230b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe0058e234b0 getty
738 1 18 0 S+ piperd 0xfffffe006e6d4cc0 logger
737 736 18 0 S+ nanslp 0xffffffff8398f401 sleep
736 1 18 0 S+ wait 0xfffffe00548eeac0 sh
686 1 686 0 Ss nanslp 0xffffffff8398f400 cron
682 1 682 0 Ss select 0xfffffe0058cf1440 sshd
495 1 495 0 Ss select 0xfffffe0058a9a840 syslogd
424 1 424 0 Ss wait 0xfffffe0054804b00 devd
423 1 423 65 Ss select 0xfffffe0058a9a640 dhclient
338 1 338 0 Ss select 0xfffffe0058a9a6c0 dhclient
335 1 335 0 Ss select 0xfffffe0058a9a9c0 dhclient
17 0 0 0 DL syncer 0xffffffff83aacca0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe0008026040 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100080 D psleep 0xffffffff83aab260 [bufdaemon]
100083 D - 0xffffffff82e02140 [bufspacedaemon-0]
100093 D sdflush 0xfffffe006bcb6ce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83af6240 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83adc1b8 [dom0]
100081 D launds 0xffffffff83adc1c4 [laundry: dom0]
100082 D umarcl 0xffffffff81d89660 [uma]
7 0 0 0 DL - 0xffffffff8370cbd0 [rand_harvestq]
6 0 0 0 TL pftm 0xffffffff843c1710 [pf purge]
5 0 0 0 DL waiting 0xffffffff8428f580 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100046 D - 0xffffffff836d7340 [doneq0]
100047 D - 0xffffffff836d72c0 [async]
100076 D - 0xffffffff836d7140 [scanner]
3 0 0 0 DL (threaded) [crypto]
100043 D crypto_ 0xffffffff83ad79e0 [crypto]
100044 D crypto_ 0xfffffe0008278d30 [crypto returns 0]
100045 D crypto_ 0xfffffe0008278d80 [crypto returns 1]
14 0 0 0 DL seqstat 0xfffffe00584cb488 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100037 D - 0xffffffff83937de0 [g_event]
100038 D - 0xffffffff83937e00 [g_up]
100039 D - 0xffffffff83937e20 [g_down]
2 0 0 0 WL (threaded) [clock]
100031 I [clock (0)]
100032 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100013 I [swi6: task queue]
100014 I [swi6: Giant taskq]
100016 I [swi5: fast taskq]
100033 I [swi1: netisr 0]
100034 I [swi1: hpts]
100035 I [swi1: hpts]
100048 I [irq24: virtio_pci0]
100049 I [irq25: virtio_pci0]
100050 I [irq26: virtio_pci0]
100051 I [irq27: virtio_pci0]
100052 I [irq28: virtio_pci1]
100053 I [irq29: virtio_pci1]
100054 I [irq30: virtio_pci1]
100055 I [irq31: virtio_pci1]
100056 I [irq32: virtio_pci1]
100061 I [irq10: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe0008007040 [init]
10 0 0 0 DL audit_w 0xffffffff83ad8480 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D parked 0xffffffff84a16ff0 [swapper]
100005 D - 0xfffffe0008bde900 [softirq_0]
100006 D - 0xfffffe0008bde800 [softirq_1]
100007 D - 0xfffffe0008bde700 [if_io_tqg_0]
100008 D - 0xfffffe0008bde600 [if_io_tqg_1]
100009 D - 0xfffffe0008bde500 [if_config_tqg_0]
100010 D - 0xfffffe0008bde400 [kqueue_ctx taskq]
100011 D - 0xfffffe0008bde300 [jail_remove taskq]
100012 D - 0xfffffe0008bde200 [bus taskq]
100015 D - 0xfffffe0008bdde00 [thread taskq]
100017 D - 0xfffffe0008bddc00 [aiod_kick taskq]
100018 D - 0xfffffe0008bddb00 [deferred_unmount ta]
100019 D - 0xfffffe0008bdda00 [inm_free taskq]
100020 D - 0xfffffe0008bdd900 [in6m_free taskq]
100021 D - 0xfffffe0008bdd800 [linuxkpi_irq_wq]
100022 D - 0xfffffe0008bdd700 [linuxkpi_short_wq_0]
100023 D - 0xfffffe0008bdd700 [linuxkpi_short_wq_1]
100024 D - 0xfffffe0008bdd700 [linuxkpi_short_wq_2]
100025 D - 0xfffffe0008bdd700 [linuxkpi_short_wq_3]
100026 D - 0xfffffe0008bdd600 [linuxkpi_long_wq_0]
100027 D - 0xfffffe0008bdd600 [linuxkpi_long_wq_1]
100028 D - 0xfffffe0008bdd600 [linuxkpi_long_wq_2]
100029 D - 0xfffffe0008bdd600 [linuxkpi_long_wq_3]
100036 D - 0xfffffe0008bdd400 [firmware taskq]
100041 D - 0xfffffe0008bdc800 [crypto_0]
100042 D - 0xfffffe0008bdc800 [crypto_1]
100057 D - 0xfffffe00585ea100 [vtnet0 rxq 0]
100058 D - 0xfffffe00585ea000 [vtnet0 txq 0]
100059 D - 0xfffffe00585e9e00 [vtnet0 rxq 1]
100060 D - 0xfffffe00585e9d00 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe0058599680 [virtio_balloon]
100066 D - 0xffffffff82758280 [deadlkres]
100070 D - 0xfffffe0008bdc300 [acpi_task_0]
100071 D - 0xfffffe0008bdc300 [acpi_task_1]
100072 D - 0xfffffe0008bdc300 [acpi_task_2]
100074 D - 0xfffffe0008bdea00 [mca taskq]
100075 D - 0xfffffe0008bdc100 [CAM taskq]
100077 D - 0xfffffe0058c45a00 [ipsec_offload]
100372 D - 0xfffffe006e85f700 [netlink_socket (PID]
100388 D - 0xfffffe006ebb5a00 [netlink_socket (PID]
100501 D - 0xfffffe0059ea3e00 [netlink_socket (PID]
100759 D - 0xfffffe006eaa0b00 [system_taskq_0]
100760 D - 0xfffffe006eaa0b00 [system_taskq_1]
100761 D - 0xfffffe0059e87500 [system_delay_taskq_]
100762 D - 0xfffffe0059e87500 [system_delay_taskq_]
100764 D - 0xfffffe0059e87600 [arc_prune]
100765 D - 0xfffffe0059e87900 [arc_flush_0]
100766 D - 0xfffffe0059e87900 [arc_flush_1]
100779 D - 0xfffffe006e85f900 [netlink_socket (PID]
100792 D - 0xfffffe0077f90e00 [dbu_evict]
100813 D - 0xfffffe006eaa7e00 [z_vdev_file_0]
100814 D - 0xfffffe006eaa7e00 [z_vdev_file_1]
100815 D - 0xfffffe006eaa7e00 [z_vdev_file_2]
100816 D - 0xfffffe006eaa7e00 [z_vdev_file_3]
100817 D - 0xfffffe006eaa7e00 [z_vdev_file_4]
100818 D - 0xfffffe006eaa7e00 [z_vdev_file_5]
100819 D - 0xfffffe006eaa7e00 [z_vdev_file_6]
100820 D - 0xfffffe006eaa7e00 [z_vdev_file_7]
100821 D - 0xfffffe006eaa7e00 [z_vdev_file_8]
100822 D - 0xfffffe006eaa7e00 [z_vdev_file_9]
100823 D - 0xfffffe006eaa7e00 [z_vdev_file_10]
100824 D - 0xfffffe006eaa7e00 [z_vdev_file_11]
100825 D - 0xfffffe006eaa7e00 [z_vdev_file_12]
100826 D - 0xfffffe006eaa7e00 [z_vdev_file_13]
100827 D - 0xfffffe006eaa7e00 [z_vdev_file_14]
100828 D - 0xfffffe006eaa7e00 [z_vdev_file_15]
100877 D - 0xfffffe006eaacd00 [zfsvfs]
1495 767 767 0 RE CPU 1 syz-executor
db> show all locks
Process 1520 (syz-executor) thread 0xfffffe007a264000 (101149)
exclusive lockmgr bufwait (bufwait) r = 0 (0xfffffe0008666210) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_bio.c:4023
exclusive lockmgr ufs (ufs) r = 0 (0xfffffe007a41a750) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_vnops.c:1236
Process 1519 (syz-executor) thread 0xfffffe007a240740 (101148)
shared sx vm map (user) (vm map (user)) r = 0 (0xfffffe007a256bc8) locked @ /syzkaller/managers/main/kernel/sys/vm/vm_map.c:4995
Process 1507 (syz-executor) thread 0xfffffe007a25c740 (101144)
exclusive sx filemon (filemon) r = 0 (0xfffffe007822a000) locked @ /syzkaller/managers/main/kernel/sys/dev/filemon/filemon.c:367
Process 1507 (syz-executor) thread 0xfffffe007a205000 (101145)
exclusive sx so_rcv_sx (so_rcv_sx) r = 0 (0xfffffe0078f079c0) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4836
exclusive sx so_snd_sx (so_snd_sx) r = 0 (0xfffffe0078f07980) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4830
db> show malloc
Type InUse MemUse Requests
pf_hash 6 12804K 6
linker 425 12576K 697
tcp_hpts 7 4801K 7
devbuf 4188 4324K 4219
filedesc 496 3952K 1246
solaris 2244 3597K 4470
sysctloid 45107 2650K 45219
sctp_stro 5 2312K 17
vtbuf 24 1968K 46
subproc 642 1365K 1864
kobj 330 1320K 539
newblk 49 1036K 4636
vfscache 3 1025K 3
pcb 149 759K 531
inodedep 34 525K 982
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
vmem 5 276K 9
vnet_data 2 224K 2
acpitask 1 224K 1
md_sectors 52 208K 52
KTRACE 101 201K 22012
acpica 1674 184K 54408
tidhash 3 141K 3
pagedep 26 135K 473
tfo_ccache 1 128K 1
IP reass 1 128K 1
kdtrace 730 125K 2673
DEVFS1 115 115K 132
umtx 864 108K 864
sem 4 106K 4
gtaskqueue 18 98K 18
bus 994 81K 5040
mtx_pool 3 74K 3
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 525 66K 528
ddb_capture 1 64K 1
BPF 27 38K 48
temp 36 38K 2322
shm 2 34K 13
DEVFS3 134 34K 144
hostcache 1 32K 1
msg 4 30K 4
kbdmux 6 28K 6
kqueue 317 23K 2179
md_disk 57 22K 60
DEVFS_RULE 56 20K 56
pwddesc 309 20K 1650
kstat_data 19 19K 19
ifaddr 67 19K 69
LRO 18 19K 18
lockf 177 17K 721
ufs_mount 4 17K 5
sctp_atcl 44 17K 175
proc 3 17K 3
filemon 2 16K 19
tty 16 16K 16
routetbl 130 16K 434
GEOM 96 16K 637
lltable 48 15K 50
ithread 90 15K 90
bus-sc 34 15K 1637
eventhandler 166 14K 166
ether_multi 159 13K 199
ifnet 7 13K 7
kenv 95 12K 95
shmfd 7 11K 22
taskqueue 102 11K 120
CAM queue 5 11K 1528
rman 82 10K 437
plimit 25 10K 360
rpc 8 9K 8
cred 35 9K 285
in6_multi 65 9K 65
bmsafemap 2 9K 816
devstat 4 9K 4
UART 12 9K 12
ksem 1 8K 9
pfs_vncache 1 8K 1
audit_evclass 239 8K 301
crypto 18 8K 76
DEVFSP 103 7K 238
proc-args 323 7K 2624
UMA 342 7K 342
sglist 6 7K 6
CAM DEV 3 6K 510
pfs_nodes 22 6K 22
CC Mem 41 6K 391
pf_ifnet 12 5K 25
inpcbpolicy 149 5K 995
ufs_dirhash 24 5K 39
tcp_fsb_rack 2 5K 28
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
acpisem 28 4K 28
cryptodev 54 4K 274
ip6opt 7 4K 60
selfd 50 4K 119964
mount 20 4K 1246
session 24 3K 41
terminal 11 3K 11
uidinfo 6 3K 26
acpidev 20 3K 20
hhook 8 3K 10
newdirblk 18 3K 414
clone 9 3K 9
kcovinfo 36 3K 36
sctp_timw 8 2K 8
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
in_multi 8 2K 16
ip6ndp 12 2K 13
osd 71 2K 439
sctp_atky 49 2K 190
sctp_ifa 13 2K 14
Unitno 26 2K 59
CAM XPT 22 2K 543
tun 4 2K 4
vnodemarker 3 2K 63
select 12 2K 75
toponodes 6 2K 6
diradd 11 2K 773
ipsecpolicy 2 2K 2
indirdep 5 2K 759
msi 9 2K 9
mkdir 9 2K 826
netlink 2 2K 82
softdep 1 1K 1
dirrem 4 1K 750
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
NFSD session 1 1K 1
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_ifn 6 1K 14
mld 6 1K 6
igmp 6 1K 6
pfil 6 1K 6
isadev 6 1K 6
pci_link 10 1K 10
sctp_athm 44 1K 175
iov 4 1K 16483
encap_export_host 12 1K 12
filecaps 6 1K 98
cdev 2 1K 2
ktls 7 1K 33
lkpikmalloc 8 1K 9
ip_msource 7 1K 23
ktls_ocf 3 1K 5
chacha20random 1 1K 1
biobuf 1 1K 1
ip6_msource 5 1K 5
filedesc_to_leader 5 1K 14
vnodes 2 1K 11
freework 2 1K 1148
tcp_pcm_rack 1 1K 16
freefile 2 1K 590
freeblks 1 1K 501
procdesc 2 1K 12
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
prison 8 1K 8
feeder 7 1K 7
taskq 2 1K 2
frag6 2 1K 2
tcpfunc 3 1K 3
loginclass 3 1K 5
sctp_map 10 1K 34
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
in6_mfilter 2 1K 14
ip_moptions 2 1K 27
aio 4 1K 11
pmchooks 1 1K 1
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
soname 4 1K 3923
ip6_moptions 3 1K 8
in_mfilter 2 1K 52
sctp_vrf 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
sigio 1 1K 5
entropy 2 1K 35
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
sfs_nodes 0 0K 0
zones_data 0 0K 0
ext2_mount 0 0K 0
ext2_node 0 0K 0
ext2_extents 0 0K 0
mqdata 0 0K 0
tcp_do_rack 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
pf_table 0 0K 6
pf_rule 0 0K 4
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 38
sctp_iter 0 0K 11
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 11
sctp_aadr 0 0K 0
sctp_stri 0 0K 4
madt_table 0 0K 2
smartpqi 0 0K 0
ixl 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
fpukern_ctx 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
NMI handlers 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
amdiommu_dom 0 0K 0
amdiommu_ctx 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
aesni_data 0 0K 2
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 976
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 31
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 148
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpimhi 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 24
fadvise 0 0K 5
VN POLL 0 0K 9
statfs 0 0K 207
namei_tracker 0 0K 2
export_host 0 0K 0
cl_savebuf 0 0K 103
lio 0 0K 22
acl 0 0K 0
mbuf_tag 0 0K 0
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
ioctlops 0 0K 217
eventfd 0 0K 8
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 486
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 651
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 1
rctl 0 0K 0
cache 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 102
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 5
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 1052
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_c
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Apr 19, 2025, 6:24:28 AM4/19/25
to syzkaller-f...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 7121e9414f29 wg: Improve wg_peer_alloc() to simplify the c..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=17aa3470580000
dashboard link: https://syzkaller.appspot.com/bug?extid=9cc248c4b0ca9b931ab4
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15c4863f980000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=139ebbac580000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+9cc248...@syzkaller.appspotmail.com
panic: ktls_frame: mapped mbuf 0xfffffe006df89d00 (top = 0xfffffe006df89d00)
cpuid = 0
time = 1745058229
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe00574b00b0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe00574b0210
vpanic() at vpanic+0x257/frame 0xfffffe00574b03d0
panic() at panic+0xb5/frame 0xfffffe00574b0490
ktls_frame() at ktls_frame+0x694/frame 0xfffffe00574b0550
sosend_generic_locked() at sosend_generic_locked+0xb51/frame 0xfffffe00574b0730
so_splice_xfer() at so_splice_xfer+0x661/frame 0xfffffe00574b08c0
so_splice() at so_splice+0x788/frame 0xfffffe00574b0950
sosetopt() at sosetopt+0x1118/frame 0xfffffe00574b0b50
kern_setsockopt() at kern_setsockopt+0x2ae/frame 0xfffffe00574b0cc0
sys_setsockopt() at sys_setsockopt+0x77/frame 0xfffffe00574b0d10
amd64_syscall() at amd64_syscall+0x4af/frame 0xfffffe00574b0f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00574b0f30
--- syscall (0, FreeBSD ELF64, syscall), rip = 0x233f2a, rsp = 0x820a533d8, rbp = 0x820a533f0 ---
KDB: enter: panic
[ thread pid 773 tid 100111 ]
rdx 0xdffff7c000000000
rbx 0xffffffff82752f40 .str.27
rsp 0xfffffe00574b01f0
rbp 0xfffffe00574b0210
rsi 0
rdi 0xffffffff82e004c0 panicstr
ABI: FreeBSD ELF64
flag: 0x10004000 flag2: 0
arguments: ./syz-executor3790384215
(map 0xfffffe00548da490)
(map.pmap 0xfffffe00548da530)
(pmap 0xfffffe00548da5a0)
threads: 1
100111 Run CPU 0 syz-executor3790384
100117 D - 0xfffffe005859c780 [thr_0]
100120 D - 0xfffffe005859c7c0 [thr_1]
774 0 0 0 DL (threaded) [KTLS]
100110 D - 0xfffffe0054751800 [thr_0]
100118 D - 0xfffffe0054751880 [thr_1]
100119 D - 0xffffffff83aa0b28 [reclaim_0]
773 771 771 0 R CPU 0 syz-executor3790384
771 769 771 0 Ss pause 0xfffffe0054803b90 csh
769 682 769 0 Ss select 0xfffffe005859ca40 sshd
746 1 746 0 Ss+ ttyin 0xfffffe0058e224b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe000826c4b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe0058e228b0 getty
743 1 743 0 Ss+ ttyin 0xfffffe000826c8b0 getty
686 1 686 0 Ss nanslp 0xffffffff8398f401 cron
682 1 682 0 Ss select 0xfffffe0058a9a440 sshd
495 1 495 0 Ss select 0xfffffe0058cf0dc0 syslogd
424 1 424 0 Ss select 0xfffffe0058cf0ec0 devd
423 1 423 65 Ss select 0xfffffe0058a9a4c0 dhclient
338 1 338 0 Ss select 0xfffffe0058a9b040 dhclient
335 1 335 0 Ss select 0xfffffe0058cf0d40 dhclient
100094 D sdflush 0xfffffe005a0c6ce8 [/ worker]
100083 D umarcl 0xffffffff81d89660 [uma]
5 0 0 0 DL waiting 0xffffffff843d1580 [sctp_iterator]
100004 Run CPU 1 [idle: cpu1]
100066 D - 0xffffffff82758281 [deadlkres]
db> show all locks
Process 773 (syz-executor3790384) thread 0xfffffe00548d4740 (100111)
exclusive sx so_rcv_sx (so_rcv_sx) r = 0 (0xfffffe005a0a45c0) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4836
exclusive sx so_snd_sx (so_snd_sx) r = 0 (0xfffffe005a0a4580) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4830
tcp_hpts 7 4801K 7
devbuf 4188 4324K 4213
sysctloid 35067 2066K 35142
vtbuf 24 1968K 46
newblk 1940 1509K 1966
kobj 330 1320K 494
vfscache 3 1025K 3
pcb 23 669K 42
inodedep 50 531K 71
subproc 98 189K 832
acpica 1674 184K 54408
vmem 5 144K 7
tidhash 3 141K 3
pagedep 14 132K 18
DEVFS1 105 105K 114
ddb_capture 1 64K 1
temp 19 37K 1565
kdtrace 162 33K 897
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 124 31K 134
msg 4 30K 4
umtx 240 30K 240
kbdmux 6 28K 6
DEVFS_RULE 56 20K 56
BPF 10 18K 10
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
kenv 95 12K 95
ifaddr 30 12K 32
GEOM 61 11K 477
routetbl 50 11K 176
bmsafemap 3 9K 39
shmfd 1 8K 1
plimit 17 7K 322
pfs_nodes 22 6K 22
ufs_dirhash 24 5K 24
UMA 268 5K 268
dirrem 17 5K 28
ifnet 3 5K 3
diradd 25 4K 36
lltable 11 4K 11
pf_ifnet 5 3K 6
in6_multi 25 3K 25
terminal 11 3K 11
kqueue 42 3K 778
pwddesc 42 3K 776
session 20 3K 31
uidinfo 3 3K 8
crypto 8 3K 8
proc-args 62 3K 1696
Unitno 28 2K 42
toponodes 6 2K 6
ipsecpolicy 2 2K 2
msi 9 2K 9
netlink 2 2K 30
softdep 1 1K 1
nhops 6 1K 6
pci_link 10 1K 10
sctp_ifa 5 1K 6
ip6ndp 4 1K 5
encap_export_host 12 1K 12
osd 9 1K 24
newdirblk 4 1K 8
mkdir 4 1K 16
CC Mem 4 1K 8
in_multi 2 1K 4
cdev 2 1K 2
lkpikmalloc 8 1K 9
ktls 3 1K 5
sctp_ifn 2 1K 6
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
cryptodev 2 1K 49
procdesc 1 1K 6
filecaps 4 1K 66
p1003.1b 1 1K 1
pf_table 0 0K 0
pf_rule 0 0K 0
tcp_do_rack 0 0K 0
tcp_fsb_rack 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 4
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
aesni_data 0 0K 1
freeblks 0 0K 25
freefrag 0 0K 15
ip6opt 0 0K 3
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
statfs 0 0K 195
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 23
aio 0 0K 0
lio 0 0K 0
ioctlops 0 0K 85
eventfd 0 0K 0
filedesc_to_leader 0 0K 0
tcp_log_dev 0 0K 0
md_sectors 0 0K 0
md_disk 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 25841 0 254 38494208 0
mbuf 256 8580 1082 33469 0 254 2473472 0
BUF TRIE 152 300 11504 1056 0 62 1794208 0
malloc-384 384 4169 31 4513 0 30 1612800 0
malloc-128 128 11600 273 11638 0 126 1519744 0
malloc-4096 4096 330 2 494 0 2 1359872 0
UMA Slabs 0 112 10923 15 10923 0 126 1225056 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
vmem btag 56 15646 89 15646 0 254 881160 0
malloc-65536 65536 9 1 12 0 1 655360 0
RADIX NODE 152 3956 225 23338 0 62 635512 0
FFS inode 1168 515 17 524 0 8 621376 0
malloc-256 256 2208 87 3137 0 62 587520 0
malloc-2048 2048 7 249 1230 0 8 524288 0
socket 1024 19 489 1313 0 254 520192 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 194 0 0 2 509056 0
malloc-65536 65536 4 2 158 0 1 393216 0
malloc-64 64 4108 239 4896 0 254 278208 0
256 Bucket 2048 108 20 887 0 8 262144 0
VM OBJECT 264 919 71 12701 0 30 261360 0
VNODE 440 545 31 556 0 30 253440 0
malloc-16 16 14482 268 14563 0 254 236000 0
malloc-2048 2048 102 10 111 0 8 229376 0
DEVCTL 1024 0 220 123 0 0 225280 0
THREAD 1824 119 1 120 0 8 218880 0
UMA Zones 768 240 4 240 0 16 187392 0
malloc-32 32 5379 291 6600 0 254 181440 0
malloc-4096 4096 43 1 777 0 2 180224 0
malloc-128 128 1214 181 25604 0 126 178560 0
lkpimm 56 1 3095 1 0 254 173376 0
unpcb 320 7 509 1158 0 254 165120 0
malloc-32768 32768 3 2 123 0 1 163840 0
malloc-1024 1024 120 40 1707 0 16 163840 0
FFS2 dinode 256 515 55 524 0 62 145920 0
malloc-65536 65536 2 0 2 0 1 131072 0
mbuf_packet 256 0 508 117 0 254 130048 0
S VFS Cache 104 982 188 1025 0 126 121680 0
MAP ENTRY 96 873 387 39328 0 126 120960 0
ksiginfo 112 39 1005 54 0 126 116928 0
FPU_save_area 832 121 14 134 0 16 112320 0
malloc-128 128 530 245 3827 0 126 99200 0
malloc-128 128 665 110 1669 0 126 99200 0
UMA Kegs 384 225 8 225 0 30 89472 0
128 Bucket 1024 44 39 240 0 16 84992 0
malloc-16384 16384 4 1 184 0 1 81920 0
PROC 1376 41 14 775 0 8 75680 0
malloc-64 64 561 510 2325 0 254 68544 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-8192 8192 7 1 114 0 1 65536 0
malloc-256 256 127 128 419 0 62 65280 0
32 Bucket 256 55 200 3236 0 62 65280 0
g_bio 408 0 150 5037 0 30 61200 0
malloc-4096 4096 13 1 27 0 2 57344 0
64 Bucket 512 63 41 1194 0 30 53248 0
filedesc0 1072 42 7 776 0 8 52528 0
malloc-64 64 502 317 1376 0 254 52416 0
malloc-256 256 81 114 403 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 0 48 12094 0 16 49152 0
malloc-8192 8192 6 0 7 0 1 49152 0
malloc-4096 4096 8 4 13 0 2 49152 0
malloc-384 384 81 39 408 0 30 46080 0
syncache 168 0 264 5 0 254 44352 0
clpbuf 2624 0 16 72 0 4 41984 0
malloc-8192 8192 5 0 5 0 1 40960 0
malloc-4096 4096 7 3 568 0 2 40960 0
pipe 736 7 48 282 0 16 40480 0
pcpu-8 8 4292 316 4320 0 254 36864 0
udp_inpcb 408 6 84 126 0 30 36720 0
malloc-64 64 15 552 14656 0 254 36288 0
malloc-64 64 147 420 147 0 254 36288 0
malloc-64 64 40 527 29224 0 254 36288 0
malloc-64 64 55 512 789 0 254 36288 0
malloc-128 128 69 210 69 0 126 35712 0
malloc-128 128 23 256 100 0 126 35712 0
malloc-128 128 2 277 164 0 126 35712 0
malloc-128 128 4 275 4 0 126 35712 0
routing nhops 256 10 125 17 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 58 32 58 0 30 34560 0
malloc-256 256 9 126 398 0 62 34560 0
malloc-256 256 21 114 34 0 62 34560 0
malloc-256 256 31 104 133 0 62 34560 0
malloc-256 256 26 109 290 0 62 34560 0
malloc-256 256 21 114 26 0 62 34560 0
malloc-32768 32768 0 1 11 0 1 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
malloc-4096 4096 6 2 6 0 2 32768 0
malloc-2048 2048 4 12 4 0 8 32768 0
malloc-2048 2048 4 12 4 0 8 32768 0
malloc-2048 2048 6 10 92 0 8 32768 0
malloc-2048 2048 5 11 22 0 8 32768 0
malloc-2048 2048 3 13 3 0 8 32768 0
malloc-1024 1024 0 32 4 0 16 32768 0
malloc-1024 1024 23 9 27 0 16 32768 0
malloc-1024 1024 9 23 9 0 16 32768 0
malloc-1024 1024 15 17 19 0 16 32768 0
malloc-512 512 3 61 9 0 30 32768 0
malloc-512 512 11 53 177 0 30 32768 0
malloc-512 512 1 63 11 0 30 32768 0
pcpu-64 64 495 17 495 0 254 32768 0
ertt_txseginfo 40 2 806 621 0 254 32320 0
ttyinq 160 135 65 300 0 62 32000 0
PGRP 120 20 244 31 0 126 31680 0
VMSPACE 584 23 26 758 0 16 28616 0
malloc-32 32 435 447 1736 0 254 28224 0
16 Bucket 144 44 152 339 0 62 28224 0
4 Bucket 48 8 580 14 0 254 28224 0
da_ccb 544 0 49 1493 0 16 26656 0
TURNSTILE 136 121 68 121 0 62 25704 0
cpuset 200 8 120 8 0 62 25600 0
PWD 40 10 596 99 0 254 24240 0
rtentry 168 13 131 17 0 62 24192 0
Files 80 72 228 6514 0 126 24000 0
8 Bucket 80 69 231 570 0 126 24000 0
tcp_inpcb 1304 4 14 8 0 8 23472 0
malloc-384 384 6 54 25 0 30 23040 0
malloc-384 384 7 53 9 0 30 23040 0
malloc-384 384 27 33 38 0 30 23040 0
ripcb 376 1 59 4 0 30 22560 0
Mountpoints 2816 2 6 2 0 4 22528 0
SLEEPQUEUE 88 121 135 121 0 126 22528 0
hostcache 64 1 314 1 0 254 20160 0
ertt 72 4 276 8 0 126 20160 0
malloc-64 64 2 313 24 0 254 20160 0
malloc-32 32 33 597 178 0 254 20160 0
malloc-32 32 6 624 20 0 254 20160 0
malloc-32 32 41 589 54 0 254 20160 0
malloc-32 32 36 594 2722 0 254 20160 0
malloc-32 32 6 624 19 0 254 20160 0
malloc-32 32 5 625 8 0 254 20160 0
2 Bucket 32 49 581 305 0 254 20160 0
ktls_session 256 1 74 1 0 62 19200 0
vmem 1856 2 7 2 0 8 16704 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 2 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-8192 8192 0 2 19 0 1 16384 0
malloc-4096 4096 1 3 18 0 2 16384 0
malloc-4096 4096 2 2 197 0 2 16384 0
malloc-2048 2048 1 7 1 0 8 16384 0
malloc-1024 1024 3 13 3 0 16 16384 0
malloc-1024 1024 2 14 2 0 16 16384 0
malloc-512 512 1 31 2 0 30 16384 0
malloc-512 512 1 31 1 0 30 16384 0
malloc-512 512 2 30 7 0 30 16384 0
malloc-512 512 2 30 2 0 30 16384 0
SMR CPU 32 8 503 8 0 254 16352 0
sctp_laddr 48 0 336 4 0 254 16128 0
malloc-16 16 520 480 3480 0 254 16000 0
kenv 258 17 43 1063 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
SMR SHARED 24 8 503 8 0 254 12264 0
KNOTE 160 0 75 7 0 62 12000 0
malloc-16 16 24 726 1339 0 254 12000 0
malloc-16 16 10 740 11 0 254 12000 0
malloc-16 16 24 726 24805 0 254 12000 0
malloc-16 16 1 749 114 0 254 12000 0
splice 184 1 62 1 0 62 11592 0
malloc-384 384 1 29 1 0 30 11520 0
malloc-384 384 1 29 1 0 30 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
pcpu-16 16 8 504 8 0 254 8192 0
vtnet_tx_hdr 24 0 334 6352 0 254 8016 0
malloc-16 16 14 486 16 0 254 8000 0
malloc-16 16 5 495 5 0 254 8000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 152 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 256 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf UDP mappings 104 0 0 0 0 126 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 384 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tcp_rack_pcb 1088 0 0 0 0 8 0 0
tcp_rack_map 128 0 0 0 0 126 0 0
tcp_bbr_pcb 896 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2256 0 0 0 0 254 0 0
sctp_ep 1152 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
udplite_inpcb 408 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIO 208 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 240 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 152 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 112 0 0 0 0 126 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 16 0 0
nfspbuf 2624 0 0 0 0 4 0 0
swwbuf 2624 0 0 0 0 2 0 0
swrbuf 2624 0 0 0 0 4 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 152 0 0 0 0 62 0 0
rl_entry 48 0 0 0 0 254 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-1024 1024 0 0 0 0 16 0 0
malloc-512 512 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
HEAD commit: 7121e9414f29 wg: Improve wg_peer_alloc() to simplify the c..
git tree: freebsd-src
dashboard link: https://syzkaller.appspot.com/bug?extid=9cc248c4b0ca9b931ab4
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15c4863f980000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=139ebbac580000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+9cc248...@syzkaller.appspotmail.com
cpuid = 0
time = 1745058229
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe00574b00b0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe00574b0210
vpanic() at vpanic+0x257/frame 0xfffffe00574b03d0
panic() at panic+0xb5/frame 0xfffffe00574b0490
ktls_frame() at ktls_frame+0x694/frame 0xfffffe00574b0550
sosend_generic_locked() at sosend_generic_locked+0xb51/frame 0xfffffe00574b0730
so_splice_xfer() at so_splice_xfer+0x661/frame 0xfffffe00574b08c0
so_splice() at so_splice+0x788/frame 0xfffffe00574b0950
sosetopt() at sosetopt+0x1118/frame 0xfffffe00574b0b50
kern_setsockopt() at kern_setsockopt+0x2ae/frame 0xfffffe00574b0cc0
sys_setsockopt() at sys_setsockopt+0x77/frame 0xfffffe00574b0d10
amd64_syscall() at amd64_syscall+0x4af/frame 0xfffffe00574b0f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00574b0f30
--- syscall (0, FreeBSD ELF64, syscall), rip = 0x233f2a, rsp = 0x820a533d8, rbp = 0x820a533f0 ---
KDB: enter: panic
[ thread pid 773 tid 100111 ]
Stopped at kdb_enter+0x6e: movq $0,0x23e7bb7(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe00033eee30
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rdx 0xdffff7c000000000
rbx 0xffffffff82752f40 .str.27
rsp 0xfffffe00574b01f0
rbp 0xfffffe00574b0210
rsi 0
rdi 0xffffffff82e004c0 panicstr
r8 0
r9 0xffffffff
r10 0
r11 0x16
r12 0xfffffe00548d4740
r9 0xffffffff
r10 0
r11 0x16
r13 0xfffffffffffffffe
r14 0xffffffff82752f40 .str.27
r15 0
rip 0xffffffff815c64de kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x23e7bb7(%rip)
db> show proc
Process 773 (syz-executor3790384) at 0xfffffe00548e6000:
r14 0xffffffff82752f40 .str.27
r15 0
rip 0xffffffff815c64de kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x23e7bb7(%rip)
db> show proc
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 771 at 0xfffffe0054803ae0
uid: 0 gids: 0, 0, 5
ABI: FreeBSD ELF64
flag: 0x10004000 flag2: 0
arguments: ./syz-executor3790384215
reaper: 0xfffffe0008007040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00548da490
sigparent: 20
(map 0xfffffe00548da490)
(map.pmap 0xfffffe00548da530)
(pmap 0xfffffe00548da5a0)
threads: 1
100111 Run CPU 0 syz-executor3790384
db> ps
pid ppid pgrp uid state wmesg wchan cmd
775 0 0 0 DL (threaded) [so_splice]
pid ppid pgrp uid state wmesg wchan cmd
100117 D - 0xfffffe005859c780 [thr_0]
100120 D - 0xfffffe005859c7c0 [thr_1]
774 0 0 0 DL (threaded) [KTLS]
100110 D - 0xfffffe0054751800 [thr_0]
100118 D - 0xfffffe0054751880 [thr_1]
100119 D - 0xffffffff83aa0b28 [reclaim_0]
773 771 771 0 R CPU 0 syz-executor3790384
771 769 771 0 Ss pause 0xfffffe0054803b90 csh
769 682 769 0 Ss select 0xfffffe005859ca40 sshd
748 1 748 0 Ss+ ttyin 0xfffffe000826d8b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe000826c0b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe0058e224b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe000826c4b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe0058e228b0 getty
743 1 743 0 Ss+ ttyin 0xfffffe000826c8b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe0058e22cb0 getty
741 1 741 0 Ss+ ttyin 0xfffffe0058e230b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe0058e234b0 getty
738 1 18 0 S+ piperd 0xfffffe005a2efb80 logger
741 1 741 0 Ss+ ttyin 0xfffffe0058e230b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe0058e234b0 getty
737 736 18 0 S+ nanslp 0xffffffff8398f401 sleep
736 1 18 0 S+ wait 0xfffffe00548cc560 sh
686 1 686 0 Ss nanslp 0xffffffff8398f401 cron
682 1 682 0 Ss select 0xfffffe0058a9a440 sshd
495 1 495 0 Ss select 0xfffffe0058cf0dc0 syslogd
424 1 424 0 Ss select 0xfffffe0058cf0ec0 devd
423 1 423 65 Ss select 0xfffffe0058a9a4c0 dhclient
338 1 338 0 Ss select 0xfffffe0058a9b040 dhclient
335 1 335 0 Ss select 0xfffffe0058cf0d40 dhclient
17 0 0 0 DL syncer 0xffffffff83aacca0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe0008025020 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100080 D psleep 0xffffffff83aab260 [bufdaemon]
100081 D - 0xffffffff82e02140 [bufspacedaemon-0]
100080 D psleep 0xffffffff83aab260 [bufdaemon]
100094 D sdflush 0xfffffe005a0c6ce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83af6240 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83adc1b8 [dom0]
100082 D launds 0xffffffff83adc1c4 [laundry: dom0]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83adc1b8 [dom0]
100083 D umarcl 0xffffffff81d89660 [uma]
7 0 0 0 DL - 0xffffffff8370cbd0 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff8464a710 [pf purge]
5 0 0 0 DL waiting 0xffffffff843d1580 [sctp_iterator]
100070 D - 0xfffffe0008bdc300 [acpi_task_0]
100071 D - 0xfffffe0008bdc300 [acpi_task_1]
100072 D - 0xfffffe0008bdc300 [acpi_task_2]
100074 D - 0xfffffe0008bdea00 [mca taskq]
100075 D - 0xfffffe0008bdc100 [CAM taskq]
100077 D - 0xfffffe0008bdc400 [ipsec_offload]
100071 D - 0xfffffe0008bdc300 [acpi_task_1]
100072 D - 0xfffffe0008bdc300 [acpi_task_2]
100074 D - 0xfffffe0008bdea00 [mca taskq]
100075 D - 0xfffffe0008bdc100 [CAM taskq]
db> show all locks
Process 773 (syz-executor3790384) thread 0xfffffe00548d4740 (100111)
exclusive sx so_rcv_sx (so_rcv_sx) r = 0 (0xfffffe005a0a45c0) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4836
exclusive sx so_snd_sx (so_snd_sx) r = 0 (0xfffffe005a0a4580) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4830
db> show malloc
Type InUse MemUse Requests
pf_hash 6 12804K 6
linker 376 5023K 486
Type InUse MemUse Requests
pf_hash 6 12804K 6
tcp_hpts 7 4801K 7
devbuf 4188 4324K 4213
sysctloid 35067 2066K 35142
vtbuf 24 1968K 46
newblk 1940 1509K 1966
kobj 330 1320K 494
vfscache 3 1025K 3
pcb 23 669K 42
inodedep 50 531K 71
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
vnet_data 2 224K 2
acpitask 1 224K 1
KTRACE 100 200K 100
acpitask 1 224K 1
subproc 98 189K 832
acpica 1674 184K 54408
vmem 5 144K 7
tidhash 3 141K 3
pagedep 14 132K 18
tfo_ccache 1 128K 1
IP reass 1 128K 1
sem 4 106K 4
IP reass 1 128K 1
DEVFS1 105 105K 114
gtaskqueue 18 98K 18
bus 994 81K 5040
mtx_pool 3 74K 3
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 520 65K 520
bus 994 81K 5040
mtx_pool 3 74K 3
syncache 1 68K 1
NFSD srvcache 3 68K 3
ddb_capture 1 64K 1
temp 19 37K 1565
kdtrace 162 33K 897
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 124 31K 134
msg 4 30K 4
umtx 240 30K 240
kbdmux 6 28K 6
DEVFS_RULE 56 20K 56
BPF 10 18K 10
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 90 15K 90
bus-sc 34 15K 1637
eventhandler 163 14K 163
bus-sc 34 15K 1637
kenv 95 12K 95
ifaddr 30 12K 32
GEOM 61 11K 477
routetbl 50 11K 176
CAM queue 5 11K 1528
rman 82 10K 437
rpc 8 9K 8
rman 82 10K 437
bmsafemap 3 9K 39
devstat 4 9K 4
UART 12 9K 12
ksem 1 8K 1
UART 12 9K 12
shmfd 1 8K 1
pfs_vncache 1 8K 1
audit_evclass 239 8K 301
taskqueue 69 8K 69
audit_evclass 239 8K 301
plimit 17 7K 322
sglist 6 7K 6
CAM DEV 3 6K 510
cred 23 6K 274
CAM DEV 3 6K 510
pfs_nodes 22 6K 22
ufs_dirhash 24 5K 24
UMA 268 5K 268
dirrem 17 5K 28
ifnet 3 5K 3
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
filedesc 1 4K 1
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
acpisem 28 4K 28
ether_multi 40 4K 50
acpisem 28 4K 28
diradd 25 4K 36
lltable 11 4K 11
pf_ifnet 5 3K 6
in6_multi 25 3K 25
terminal 11 3K 11
kqueue 42 3K 778
pwddesc 42 3K 776
session 20 3K 31
acpidev 20 3K 20
hhook 8 3K 10
clone 9 3K 9
hhook 8 3K 10
uidinfo 3 3K 8
crypto 8 3K 8
proc-args 62 3K 1696
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
selfd 27 2K 29183
io_apic 1 2K 1
ipsec-saq 2 2K 2
Unitno 28 2K 42
CAM XPT 22 2K 543
lockf 15 2K 22
toponodes 6 2K 6
ipsecpolicy 2 2K 2
msi 9 2K 9
netlink 2 2K 30
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 8
secasvar 1 1K 1
NFSD session 1 1K 1
select 7 1K 29
CAM periph 4 1K 271
ipsec 3 1K 3
indirdep 3 1K 3
ipsec 3 1K 3
nhops 6 1K 6
pfil 6 1K 6
isadev 6 1K 6
mount 16 1K 89
isadev 6 1K 6
pci_link 10 1K 10
sctp_ifa 5 1K 6
ip6ndp 4 1K 5
encap_export_host 12 1K 12
osd 9 1K 24
newdirblk 4 1K 8
mkdir 4 1K 16
CC Mem 4 1K 8
in_multi 2 1K 4
cdev 2 1K 2
lkpikmalloc 8 1K 9
chacha20random 1 1K 1
biobuf 1 1K 1
inpcbpolicy 11 1K 138
biobuf 1 1K 1
ktls 3 1K 5
sctp_ifn 2 1K 6
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFSP 4 1K 9
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
feeder 7 1K 7
CAM SIM 2 1K 2
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
cryptodev 2 1K 49
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
ktls_ocf 1 1K 1
apmdev 1 1K 1
atkbddev 2 1K 2
procdesc 1 1K 6
pmchooks 1 1K 1
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
soname 4 1K 3330
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
filecaps 4 1K 66
sctp_vrf 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
entropy 2 1K 35
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
freework 1 1K 26
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
tcp_pcm_rack 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
tcp_do_rack 0 0K 0
tcp_fsb_rack 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_athm 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 4
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
filemon 0 0K 0
esp 0 0K 0
ah 0 0K 0
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 18
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 2
jfsync 0 0K 0
jtrunc 0 0K 0
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefile 0 0K 9
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 25
freefrag 0 0K 15
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
LRO 0 0K 0
tcp_hwpace 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
tun 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 19
ifdescr 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
statfs 0 0K 195
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 23
aio 0 0K 0
lio 0 0K 0
acl 0 0K 0
mbuf_tag 0 0K 0
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
iov 0 0K 14737
mbuf_tag 0 0K 0
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
ioctlops 0 0K 85
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 288
stack 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 649
compressor 0 0K 0
SWAP 0 0K 0
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
rctl 0 0K 0
cache 0 0K 0
kcovinfo 0 0K 0
cache 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
Fail Points 0 0K 0
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 25841 0 254 38494208 0
mbuf 256 8580 1082 33469 0 254 2473472 0
BUF TRIE 152 300 11504 1056 0 62 1794208 0
malloc-384 384 4169 31 4513 0 30 1612800 0
malloc-128 128 11600 273 11638 0 126 1519744 0
malloc-4096 4096 330 2 494 0 2 1359872 0
UMA Slabs 0 112 10923 15 10923 0 126 1225056 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
vmem btag 56 15646 89 15646 0 254 881160 0
malloc-65536 65536 9 1 12 0 1 655360 0
RADIX NODE 152 3956 225 23338 0 62 635512 0
FFS inode 1168 515 17 524 0 8 621376 0
malloc-256 256 2208 87 3137 0 62 587520 0
malloc-2048 2048 7 249 1230 0 8 524288 0
socket 1024 19 489 1313 0 254 520192 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 194 0 0 2 509056 0
malloc-65536 65536 4 2 158 0 1 393216 0
malloc-64 64 4108 239 4896 0 254 278208 0
256 Bucket 2048 108 20 887 0 8 262144 0
VM OBJECT 264 919 71 12701 0 30 261360 0
VNODE 440 545 31 556 0 30 253440 0
malloc-16 16 14482 268 14563 0 254 236000 0
malloc-2048 2048 102 10 111 0 8 229376 0
DEVCTL 1024 0 220 123 0 0 225280 0
THREAD 1824 119 1 120 0 8 218880 0
UMA Zones 768 240 4 240 0 16 187392 0
malloc-32 32 5379 291 6600 0 254 181440 0
malloc-4096 4096 43 1 777 0 2 180224 0
malloc-128 128 1214 181 25604 0 126 178560 0
lkpimm 56 1 3095 1 0 254 173376 0
unpcb 320 7 509 1158 0 254 165120 0
malloc-32768 32768 3 2 123 0 1 163840 0
malloc-1024 1024 120 40 1707 0 16 163840 0
FFS2 dinode 256 515 55 524 0 62 145920 0
malloc-65536 65536 2 0 2 0 1 131072 0
mbuf_packet 256 0 508 117 0 254 130048 0
S VFS Cache 104 982 188 1025 0 126 121680 0
MAP ENTRY 96 873 387 39328 0 126 120960 0
ksiginfo 112 39 1005 54 0 126 116928 0
FPU_save_area 832 121 14 134 0 16 112320 0
malloc-128 128 530 245 3827 0 126 99200 0
malloc-128 128 665 110 1669 0 126 99200 0
UMA Kegs 384 225 8 225 0 30 89472 0
128 Bucket 1024 44 39 240 0 16 84992 0
malloc-16384 16384 4 1 184 0 1 81920 0
PROC 1376 41 14 775 0 8 75680 0
malloc-64 64 561 510 2325 0 254 68544 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-8192 8192 7 1 114 0 1 65536 0
malloc-256 256 127 128 419 0 62 65280 0
32 Bucket 256 55 200 3236 0 62 65280 0
g_bio 408 0 150 5037 0 30 61200 0
malloc-4096 4096 13 1 27 0 2 57344 0
64 Bucket 512 63 41 1194 0 30 53248 0
filedesc0 1072 42 7 776 0 8 52528 0
malloc-64 64 502 317 1376 0 254 52416 0
malloc-256 256 81 114 403 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 0 48 12094 0 16 49152 0
malloc-8192 8192 6 0 7 0 1 49152 0
malloc-4096 4096 8 4 13 0 2 49152 0
malloc-384 384 81 39 408 0 30 46080 0
syncache 168 0 264 5 0 254 44352 0
clpbuf 2624 0 16 72 0 4 41984 0
malloc-8192 8192 5 0 5 0 1 40960 0
malloc-4096 4096 7 3 568 0 2 40960 0
pipe 736 7 48 282 0 16 40480 0
pcpu-8 8 4292 316 4320 0 254 36864 0
udp_inpcb 408 6 84 126 0 30 36720 0
malloc-64 64 15 552 14656 0 254 36288 0
malloc-64 64 147 420 147 0 254 36288 0
malloc-64 64 40 527 29224 0 254 36288 0
malloc-64 64 55 512 789 0 254 36288 0
malloc-128 128 69 210 69 0 126 35712 0
malloc-128 128 23 256 100 0 126 35712 0
malloc-128 128 2 277 164 0 126 35712 0
malloc-128 128 4 275 4 0 126 35712 0
routing nhops 256 10 125 17 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 58 32 58 0 30 34560 0
malloc-256 256 9 126 398 0 62 34560 0
malloc-256 256 21 114 34 0 62 34560 0
malloc-256 256 31 104 133 0 62 34560 0
malloc-256 256 26 109 290 0 62 34560 0
malloc-256 256 21 114 26 0 62 34560 0
malloc-32768 32768 0 1 11 0 1 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
malloc-4096 4096 6 2 6 0 2 32768 0
malloc-2048 2048 4 12 4 0 8 32768 0
malloc-2048 2048 4 12 4 0 8 32768 0
malloc-2048 2048 6 10 92 0 8 32768 0
malloc-2048 2048 5 11 22 0 8 32768 0
malloc-2048 2048 3 13 3 0 8 32768 0
malloc-1024 1024 0 32 4 0 16 32768 0
malloc-1024 1024 23 9 27 0 16 32768 0
malloc-1024 1024 9 23 9 0 16 32768 0
malloc-1024 1024 15 17 19 0 16 32768 0
malloc-512 512 3 61 9 0 30 32768 0
malloc-512 512 11 53 177 0 30 32768 0
malloc-512 512 1 63 11 0 30 32768 0
pcpu-64 64 495 17 495 0 254 32768 0
ertt_txseginfo 40 2 806 621 0 254 32320 0
ttyinq 160 135 65 300 0 62 32000 0
PGRP 120 20 244 31 0 126 31680 0
VMSPACE 584 23 26 758 0 16 28616 0
malloc-32 32 435 447 1736 0 254 28224 0
16 Bucket 144 44 152 339 0 62 28224 0
4 Bucket 48 8 580 14 0 254 28224 0
da_ccb 544 0 49 1493 0 16 26656 0
TURNSTILE 136 121 68 121 0 62 25704 0
cpuset 200 8 120 8 0 62 25600 0
PWD 40 10 596 99 0 254 24240 0
rtentry 168 13 131 17 0 62 24192 0
Files 80 72 228 6514 0 126 24000 0
8 Bucket 80 69 231 570 0 126 24000 0
tcp_inpcb 1304 4 14 8 0 8 23472 0
malloc-384 384 6 54 25 0 30 23040 0
malloc-384 384 7 53 9 0 30 23040 0
malloc-384 384 27 33 38 0 30 23040 0
ripcb 376 1 59 4 0 30 22560 0
Mountpoints 2816 2 6 2 0 4 22528 0
SLEEPQUEUE 88 121 135 121 0 126 22528 0
hostcache 64 1 314 1 0 254 20160 0
ertt 72 4 276 8 0 126 20160 0
malloc-64 64 2 313 24 0 254 20160 0
malloc-32 32 33 597 178 0 254 20160 0
malloc-32 32 6 624 20 0 254 20160 0
malloc-32 32 41 589 54 0 254 20160 0
malloc-32 32 36 594 2722 0 254 20160 0
malloc-32 32 6 624 19 0 254 20160 0
malloc-32 32 5 625 8 0 254 20160 0
2 Bucket 32 49 581 305 0 254 20160 0
ktls_session 256 1 74 1 0 62 19200 0
vmem 1856 2 7 2 0 8 16704 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 2 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-8192 8192 0 2 19 0 1 16384 0
malloc-4096 4096 1 3 18 0 2 16384 0
malloc-4096 4096 2 2 197 0 2 16384 0
malloc-2048 2048 1 7 1 0 8 16384 0
malloc-1024 1024 3 13 3 0 16 16384 0
malloc-1024 1024 2 14 2 0 16 16384 0
malloc-512 512 1 31 2 0 30 16384 0
malloc-512 512 1 31 1 0 30 16384 0
malloc-512 512 2 30 7 0 30 16384 0
malloc-512 512 2 30 2 0 30 16384 0
SMR CPU 32 8 503 8 0 254 16352 0
sctp_laddr 48 0 336 4 0 254 16128 0
malloc-16 16 520 480 3480 0 254 16000 0
kenv 258 17 43 1063 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
SMR SHARED 24 8 503 8 0 254 12264 0
KNOTE 160 0 75 7 0 62 12000 0
malloc-16 16 24 726 1339 0 254 12000 0
malloc-16 16 10 740 11 0 254 12000 0
malloc-16 16 24 726 24805 0 254 12000 0
malloc-16 16 1 749 114 0 254 12000 0
splice 184 1 62 1 0 62 11592 0
malloc-384 384 1 29 1 0 30 11520 0
malloc-384 384 1 29 1 0 30 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
pcpu-16 16 8 504 8 0 254 8192 0
vtnet_tx_hdr 24 0 334 6352 0 254 8016 0
malloc-16 16 14 486 16 0 254 8000 0
malloc-16 16 5 495 5 0 254 8000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 152 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 256 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf UDP mappings 104 0 0 0 0 126 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 384 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tcp_rack_pcb 1088 0 0 0 0 8 0 0
tcp_rack_map 128 0 0 0 0 126 0 0
tcp_bbr_pcb 896 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2256 0 0 0 0 254 0 0
sctp_ep 1152 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
udplite_inpcb 408 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIO 208 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 240 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 152 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 112 0 0 0 0 126 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 16 0 0
nfspbuf 2624 0 0 0 0 4 0 0
swwbuf 2624 0 0 0 0 2 0 0
swrbuf 2624 0 0 0 0 4 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 152 0 0 0 0 62 0 0
rl_entry 48 0 0 0 0 254 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-1024 1024 0 0 0 0 16 0 0
malloc-512 512 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
Reply all
Reply to author
Forward
0 new messages