panic: Most recently used by tcp_fsb
1 view
Skip to first unread message
syzbot
May 7, 2021, 1:26:19 AM5/7/21
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=116807c3d00000
dashboard link: https://syzkaller.appspot.com/bug?extid=98e9d337f9ac13b58e5b
userspace arch: i386
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+98e9d3...@syzkaller.appspotmail.com
panic: Most recently used by tcp_fsb
cpuid = 1
time = 1620365110
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe009a4f4490
vpanic() at vpanic+0x1c7/frame 0xfffffe009a4f44f0
panic() at panic+0x43/frame 0xfffffe009a4f4550
mtrash_ctor() at mtrash_ctor+0xe5/frame 0xfffffe009a4f4590
item_ctor() at item_ctor+0x46f/frame 0xfffffe009a4f45f0
malloc() at malloc+0xe3/frame 0xfffffe009a4f4650
crypto_open() at crypto_open+0x22/frame 0xfffffe009a4f4670
devfs_open() at devfs_open+0x1b1/frame 0xfffffe009a4f46e0
VOP_OPEN_APV() at VOP_OPEN_APV+0x75/frame 0xfffffe009a4f4710
vn_open_vnode() at vn_open_vnode+0x379/frame 0xfffffe009a4f47c0
vn_open_cred() at vn_open_cred+0x7d9/frame 0xfffffe009a4f4940
kern_openat() at kern_openat+0x3bd/frame 0xfffffe009a4f4ab0
ia32_syscall() at ia32_syscall+0x237/frame 0xfffffe009a4f4bf0
int0x80_syscall_common() at int0x80_syscall_common+0x9c/frame 0xfbffcf78
KDB: enter: panic
[ thread pid 4034 tid 104665 ]
Stopped at kdb_enter+0x67: movq $0,0x163a54e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0xfffffe009b400000
rdx 0x3ffff
rbx 0
rsp 0xfffffe009a4f4470
rbp 0xfffffe009a4f4490
rsi 0x40001
rdi 0xffffffff81137c46 vprintf+0x176
r8 0
r9 0x8080808080808080
r10 0xfffffe009a4f4360
r11 0x1ff65fff59c
r12 0xffffffff82267ac0 ddb_dbbe
r13 0
r14 0xffffffff81a73d95
r15 0xffffffff81a73d95
rip 0xffffffff8112ec37 kdb_enter+0x67
rflags 0x200082 kernload+0x82
kdb_enter+0x67: movq $0,0x163a54e(%rip)
db> show proc
Process 4034 (syz-executor.3) at 0xfffff80016edc538:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 793 at 0xfffff80004fd2000
ABI: FreeBSD ELF32
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.3
reaper: 0xfffff8000452a538 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00951913e0
(map 0xfffffe00951913e0)
(map.pmap 0xfffffe00951914a0)
(pmap 0xfffffe0095191500)
threads: 2
103350 Run CPU 0 syz-executor.3
104665 Run CPU 1 syz-executor.3
db> ps
pid ppid pgrp uid state wmesg wchan cmd
4037 4036 782 0 R syz-executor.0
4036 782 782 0 R (threaded) syz-executor.0
104194 RunQ syz-executor.0
104666 S wait 0xfffff8002c1e3538 syz-executor.0
4034 793 793 0 R (threaded) syz-executor.3
103350 Run CPU 0 syz-executor.3
104665 Run CPU 1 syz-executor.3
4031 4029 788 0 S uwait 0xfffff80030fc7d00 syz-executor.2
4029 788 788 0 R (threaded) syz-executor.2
103490 RunQ syz-executor.2
104661 S wait 0xfffff80016065000 syz-executor.2
4026 1 782 0 S uwait 0xfffff80030dcf280 syz-executor.0
4022 1 788 0 S uwait 0xfffff80030cf4180 syz-executor.2
4017 1 788 0 S uwait 0xfffff8001669b580 syz-executor.2
4009 1 788 0 S uwait 0xfffff8001669b680 syz-executor.2
3544 1 793 0 S uwait 0xfffff80030fc7200 syz-executor.3
3540 1 782 0 S uwait 0xfffff80030cf4680 syz-executor.0
3532 1 793 0 S uwait 0xfffff8001669be80 syz-executor.3
3530 1 782 0 S umtxn 0xfffff80004f5e600 syz-executor.0
3525 1 793 0 S uwait 0xfffff8003062fc00 syz-executor.3
3522 1 782 0 S uwait 0xfffff80030dcf380 syz-executor.0
3517 1 782 0 S uwait 0xfffff80030cf4780 syz-executor.0
3511 1 782 0 S uwait 0xfffff8001669ba00 syz-executor.0
3383 3377 3383 0 Ss select 0xfffff8001669b9c0 dhclient
3380 1 3380 0 Ss select 0xfffff80016806dc0 dhclient
3377 3370 436 65 S select 0xfffff80016806140 dhclient
3370 436 436 0 S wait 0xfffff800306d1000 sh
3361 1 3361 65 Ss select 0xfffff800168060c0 dhclient
2649 1 2649 0 Ss select 0xfffff80016a8ccc0 dhclient
2646 1 2646 0 Ss select 0xfffff80016a8cd40 dhclient
2625 1 2625 65 Ss select 0xfffff80016806e40 dhclient
2028 1 783 0 S umtxn 0xfffff80030dcf680 syz-executor.1
2017 1 788 0 S uwait 0xfffff80030dcf780 syz-executor.2
2016 1 783 0 S uwait 0xfffff8003062f080 syz-executor.1
2007 1 788 0 S uwait 0xfffff8003062f480 syz-executor.2
2006 1 783 0 S uwait 0xfffff80030cf4a80 syz-executor.1
1997 1 788 0 S uwait 0xfffff8002300f780 syz-executor.2
1993 1 788 0 S uwait 0xfffff80030dcf900 syz-executor.2
1986 1 788 0 S uwait 0xfffff80030dcfc00 syz-executor.2
1982 1 793 0 S uwait 0xfffff8003062f780 syz-executor.3
1981 1 793 0 S umtxn 0xfffff80030fc7c00 syz-executor.3
1977 1 783 0 S uwait 0xfffff80030dcfe00 syz-executor.1
1975 1 783 0 S uwait 0xfffff80030cf4480 syz-executor.1
1970 1 793 0 S uwait 0xfffff8003062f900 syz-executor.3
1969 1 793 0 S uwait 0xfffff80030fc7b00 syz-executor.3
1964 1 783 0 S uwait 0xfffff80030fc7f00 syz-executor.1
1963 1 783 0 S uwait 0xfffff80030fc7e00 syz-executor.1
1956 1 793 0 S uwait 0xfffff80030cf4080 syz-executor.3
1955 1 793 0 S uwait 0xfffff80030fc7a00 syz-executor.3
1951 1 783 0 S uwait 0xfffff8002300fc00 syz-executor.1
1950 1 783 0 S uwait 0xfffff80030cf4880 syz-executor.1
1945 1 783 0 S uwait 0xfffff8003062fe00 syz-executor.1
1944 1 783 0 S uwait 0xfffff80004f5e000 syz-executor.1
1939 1 783 0 S uwait 0xfffff80030dcfd00 syz-executor.1
1937 1 783 0 S umtxn 0xfffff80030cf4980 syz-executor.1
1847 1 1847 0 Ss select 0xfffff80030cf4cc0 dhclient
1844 1 1844 0 Ss select 0xfffff8001669bf40 dhclient
1824 1 1824 65 Ss select 0xfffff80030dcf1c0 dhclient
1584 1 782 0 S uwait 0xfffff80004f5e300 syz-executor.0
1582 1 788 0 S uwait 0xfffff8003062f280 syz-executor.2
1580 1 782 0 S uwait 0xfffff80030384c80 syz-executor.0
1578 1 788 0 S uwait 0xfffff80030cf4380 syz-executor.2
1577 1 782 0 S uwait 0xfffff8003062fd00 syz-executor.0
1573 1 788 0 S uwait 0xfffff80030384680 syz-executor.2
1570 1 788 0 S uwait 0xfffff8003062f680 syz-executor.2
1569 1 788 0 S uwait 0xfffff80030dcfb00 syz-executor.2
1412 1 783 0 S uwait 0xfffff8003062f180 syz-executor.1
1402 1 783 0 S uwait 0xfffff80030384780 syz-executor.1
1397 1 783 0 S uwait 0xfffff80030cf4e80 syz-executor.1
1396 1 788 0 S uwait 0xfffff80004f5ed00 syz-executor.2
1391 1 788 0 S uwait 0xfffff8003062f380 syz-executor.2
1386 1 788 0 S uwait 0xfffff80004f5e400 syz-executor.2
1383 1 788 0 S uwait 0xfffff80004f5e880 syz-executor.2
1380 1 788 0 S uwait 0xfffff80030dcff00 syz-executor.2
1156 1 1156 0 Ss select 0xfffff80030cf4d40 dhclient
1153 1 1153 0 Ss select 0xfffff80030cf4240 dhclient
793 780 793 0 Rs syz-executor.3
788 780 788 0 Rs syz-executor.2
783 780 783 0 Ss piperd 0xfffff80030b6aba0 syz-executor.1
782 780 782 0 Rs syz-executor.0
780 778 778 0 S (threaded) syz-fuzzer
100097 S kqread 0xfffff80030650c00 syz-fuzzer
100118 S uwait 0xfffff80004cfc180 syz-fuzzer
100119 S uwait 0xfffff80004cfc280 syz-fuzzer
100120 S uwait 0xfffff80004cfc380 syz-fuzzer
100121 S uwait 0xfffff80004cfc480 syz-fuzzer
100122 S uwait 0xfffff80004cfc580 syz-fuzzer
100123 S uwait 0xfffff80004cfc680 syz-fuzzer
100124 S uwait 0xfffff80004cfc780 syz-fuzzer
100667 S uwait 0xfffff80030cf4b80 syz-fuzzer
778 776 778 0 Ss pause 0xfffff80023018b20 csh
776 694 776 0 Ss select 0xfffff8003062fac0 sshd
760 1 760 0 Ss+ ttyin 0xfffff800049d7cb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80004ced8b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80004cedcb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80004cf40b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80004cf44b0 getty
755 1 755 0 Ss+ ttyin 0xfffff80004cf48b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80004cf4cb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80004c6e0b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80004c6e4b0 getty
698 1 698 0 Ss nanslp 0xffffffff8273c8e0 cron
694 1 694 0 Ss select 0xfffff800303848c0 sshd
507 1 507 0 Ss select 0xfffff80030384840 syslogd
436 1 436 0 Ss wait 0xfffff80004f68538 devd
435 1 435 65 Ss select 0xfffff80030384ac0 dhclient
350 1 350 0 Ss select 0xfffff80030384940 dhclient
347 1 347 0 Ss select 0xfffff80030384c40 dhclient
23 0 0 0 DL syncer 0xffffffff8282bd50 [syncer]
22 0 0 0 DL vlruwt 0xfffff80004e8da70 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282ae00 [bufdaemon]
100088 D - 0xffffffff8220ae00 [bufspacedaemon-0]
100098 D sdflush 0xfffff8002305ace8 [/ worker]
20 0 0 0 DL psleep 0xffffffff82852c08 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82847078 [dom0]
100086 D launds 0xffffffff82847084 [laundry: dom0]
100087 D umarcl 0xffffffff815c9360 [uma]
18 0 0 0 DL - 0xffffffff82570c78 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff82e34828 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff82fc03c0 [pf purge]
15 0 0 0 DL - 0xffffffff8282845c [soaiod4]
9 0 0 0 DL - 0xffffffff8282845c [soaiod3]
8 0 0 0 DL - 0xffffffff8282845c [soaiod2]
7 0 0 0 DL - 0xffffffff8282845c [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82448140 [doneq0]
100045 D - 0xffffffff824480c0 [async]
100078 D - 0xffffffff82447f90 [scanner]
14 0 0 0 DL seqstat 0xfffff8000463c888 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffff8000462ed80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff8000462ed30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff828445a0 [crypto]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff8271c120 [g_event]
100036 D - 0xffffffff8271c128 [g_up]
100037 D - 0xffffffff8271c130 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100028 D - 0xfffff80004574600 [thr_0]
100029 D - 0xfffff80004574680 [thr_1]
12 0 0 0 WL (threaded) [intr]
100011 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100018 I [swi5: fast taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 I [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff8000452a538 [init]
10 0 0 0 DL audit_w 0xffffffff82844ab0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8271c6b0 [swapper]
100005 D - 0xfffff80004144800 [if_config_tqg_0]
100006 D - 0xfffff80004144700 [softirq_0]
100007 D - 0xfffff80004144600 [softirq_1]
100008 D - 0xfffff80004144500 [if_io_tqg_0]
100009 D - 0xfffff80004144400 [if_io_tqg_1]
100010 D - 0xfffff8000457a600 [pci_hp taskq]
100012 D - 0xfffff8000457a300 [inm_free taskq]
100014 D - 0xfffff8000457a000 [linuxkpi_irq_wq]
100015 D - 0xfffff80004574e00 [thread taskq]
100016 D - 0xfffff80004574d00 [in6m_free taskq]
100017 D - 0xfffff80004574c00 [aiod_kick taskq]
100019 D - 0xfffff80004574900 [kqueue_ctx taskq]
100020 D - 0xfffff80004574800 [linuxkpi_short_wq_0]
100021 D - 0xfffff80004574800 [linuxkpi_short_wq_1]
100022 D - 0xfffff80004574800 [linuxkpi_short_wq_2]
100023 D - 0xfffff80004574800 [linuxkpi_short_wq_3]
100024 D - 0xfffff80004574700 [linuxkpi_long_wq_0]
100025 D - 0xfffff80004574700 [linuxkpi_long_wq_1]
100026 D - 0xfffff80004574700 [linuxkpi_long_wq_2]
100027 D - 0xfffff80004574700 [linuxkpi_long_wq_3]
100034 D - 0xfffff80004574000 [firmware taskq]
100038 D - 0xfffff800045c1d00 [crypto_0]
100039 D - 0xfffff800045c1d00 [crypto_1]
100055 D - 0xfffff800045c1700 [vtnet0 rxq 0]
100056 D - 0xfffff800045c1600 [vtnet0 txq 0]
100057 D - 0xfffff800045c1500 [vtnet0 rxq 1]
100058 D - 0xfffff800045c1400 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80004972100 [virtio_balloon]
100064 D - 0xfffff80004973a00 [mca taskq]
100066 D - 0xffffffff81e206a0 [deadlkres]
100073 D - 0xfffff80004c3c700 [acpi_task_0]
100074 D - 0xfffff80004c3c700 [acpi_task_1]
100075 D - 0xfffff80004c3c700 [acpi_task_2]
100077 D - 0xfffff800045c1c00 [CAM taskq]
db> show all locks
Process 4034 (syz-executor.3) thread 0xfffffe009512f3a0 (103350)
exclusive sleep mutex umtxql (umtxql) r = 0 (0xffffffff82760310) locked @ /syzkaller/managers/i386/kernel/sys/kern/kern_umtx.c:511
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
sctp_stro 108 8296K 1121
devbuf 4216 4340K 4244
tcp_hpts 5 3201K 5
sysctloid 33718 1992K 33785
vtbuf 24 1968K 46
kobj 332 1328K 492
newblk 25 1030K 8727
vfscache 3 1025K 3
filedesc 124 986K 6137
pcb 246 780K 5852
inodedep 199 587K 3574
subproc 241 515K 4169
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
acpica 1674 184K 55406
vnet_data 1 168K 1
tidhash 3 141K 3
pagedep 20 133K 3092
tfo_ccache 1 128K 1
DEVFS1 107 107K 124
sem 4 106K 4
linker 294 102K 330
BPF 46 88K 46
sctp_atcl 218 82K 3899
bus 995 81K 3509
mtx_pool 2 72K 2
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
kdtrace 317 58K 8705
umtx 440 55K 440
dirrem 179 45K 3313
temp 36 35K 2895
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 126 32K 136
msg 4 30K 4
vmem 3 26K 4
gtaskqueue 18 26K 18
freefile 176 22K 3270
kbdmux 6 22K 6
routetbl 143 21K 627
ifaddr 70 20K 72
DEVFS_RULE 56 20K 56
ufs_mount 5 17K 6
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
lltable 45 14K 92
bus-sc 33 14K 1719
sctp_atky 326 14K 5206
KTRACE 100 13K 100
ifnet 7 13K 7
ether_multi 152 13K 162
kenv 93 12K 93
eventhandler 133 12K 133
rman 84 10K 425
GEOM 60 10K 489
kqueue 119 10K 4125
sctp_timw 37 10K 37
cred 36 9K 269
in6_multi 65 9K 65
bmsafemap 2 9K 3564
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 77
pf_table 4 8K 57
rpc 2 8K 2
shmfd 1 8K 1
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 236 8K 294
pwddesc 117 8K 4054
pf_ifnet 19 7K 67
taskqueue 60 7K 60
sglist 5 7K 5
CAM DEV 3 6K 510
plimit 24 6K 490
DEVFSP 81 6K 215
CAM queue 5 6K 1528
ufs_dirhash 24 5K 24
UMA 265 5K 265
session 34 5K 49
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
kcovinfo 64 4K 68
acpisem 28 4K 28
lockf 32 4K 302
sctp_athm 218 4K 4029
sctp_map 216 4K 2224
selfd 52 4K 48545
hhook 13 4K 13
fpukern_ctx 3 3K 3
proc-args 53 3K 675
terminal 11 3K 11
select 19 3K 187
uidinfo 4 3K 10
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
ip6ndp 12 2K 14
newdirblk 14 2K 3029
sctp_ifa 13 2K 14
Unitno 27 2K 47
CAM XPT 22 2K 543
freework 7 2K 5258
freeblks 6 2K 3341
in_multi 6 2K 8
ipsecpolicy 2 2K 2
acpidev 20 2K 20
msi 9 2K 9
clone 9 2K 9
tun 7 2K 7
sctp_stri 2 1K 310
softdep 1 1K 1
mkdir 8 1K 6058
indirdep 4 1K 3012
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 258
NFSD session 1 1K 1
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_ifn 6 1K 14
mld 6 1K 6
igmp 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
diradd 5 1K 3353
crypto 4 1K 4
encap_export_host 12 1K 12
procdesc 5 1K 18
inpcbpolicy 18 1K 1302
pfil 4 1K 4
CAM SIM 2 1K 2
cdev 2 1K 2
chacha20random 1 1K 1
osd 3 1K 10
pf_rule 2 1K 85
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
vnodes 1 1K 8
ktls 1 1K 1
feeder 7 1K 7
xform 3 1K 174
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
linux 5 1K 6
aesni_data 2 1K 2
tcp_fsb 2 1K 73
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
pmchooks 1 1K 1
nexusdev 7 1K 7
soname 4 1K 6005
filecaps 5 1K 115
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 43
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
mqdata 0 0K 0
tcp_do 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 1791
sctp_iter 0 0K 14
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 6
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 8
sctp_aadr 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
axgbe 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
amr 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
vm_fictitious 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
agp 0 0K 0
nvme_da 0 0K 0
UMAHash 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 3043
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 127
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 6
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
twsbuf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 10
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 13
twa_commands 0 0K 0
statfs 0 0K 3216
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 4
tcp_log_dev 0 0K 74
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 13400
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 139
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 17538
ioctlops 0 0K 301
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 735
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 47
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 986 30429 0 254 38117376 0
tcp_log 416 0 20097 115219 0 254 8360352 0
mbuf 256 8896 2249 300965 0 254 2853120 0
pbuf 2624 0 973 0 0 2 2553152 0
RADIX NODE 144 6419 8726 128683 0 62 2180880 0
BUF TRIE 144 185 13283 6540 0 62 1939392 0
malloc-384 384 4116 4 4116 0 30 1582080 0
malloc-128 128 11064 34 11317 0 126 1420544 0
mbuf_cluster 2048 675 1 675 0 254 1384448 0
malloc-4096 4096 332 2 564 0 2 1368064 0
UMA Slabs 0 112 10774 23 10774 0 126 1209264 0
malloc-16384 16384 65 0 3247 0 1 1064960 0
FFS inode 1160 558 23 3837 0 8 673960 0
tcp_bbr_map 128 0 4433 109016 0 126 567424 0
malloc-4096 4096 127 2 4048 0 2 528384 0
VM OBJECT 264 1945 20 60549 0 30 518760 0
256 Bucket 2048 220 14 13813 0 8 479232 0
MAP ENTRY 96 4523 139 229481 0 126 447552 0
THREAD 1808 199 21 4666 0 8 397760 0
lkpimm 160 1 2324 1 0 62 372000 0
lkpicurr 160 2 2323 2 0 62 372000 0
malloc-65536 65536 1 4 322 0 1 327680 0
VNODE 448 596 79 3877 0 30 302400 0
sctp_asoc 2288 108 17 1112 0 254 286000 0
malloc-64 64 4205 205 9944 0 254 282240 0
malloc-2048 2048 111 23 2575 0 8 274432 0
malloc-256 256 300 765 15986 0 62 272640 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-32768 32768 0 8 2748 0 1 262144 0
VMSPACE 2544 94 2 4021 0 4 244224 0
malloc-16 16 13974 276 17889 0 254 228000 0
malloc-128 128 1498 269 41873 0 126 226176 0
DEVCTL 1024 0 216 132 0 0 221184 0
UMA Zones 768 237 2 237 0 16 183552 0
malloc-32 32 5435 235 9735 0 254 181440 0
sctp_ep 1280 108 27 2572 0 254 172800 0
mbuf_packet 256 156 519 15313 0 254 172800 0
malloc-384 384 243 197 3747 0 30 168960 0
PROC 1336 116 7 4037 0 8 164328 0
malloc-128 128 1148 61 2614 0 126 154752 0
malloc-384 384 358 42 4046 0 30 153600 0
FFS2 dinode 256 558 27 3835 0 62 149760 0
sctp_chunk 152 64 898 6451 0 254 146224 0
filedesc0 1072 117 16 4054 0 8 142576 0
S VFS Cache 104 1029 336 4438 0 126 141960 0
vmem btag 56 2324 40 2324 0 254 132384 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-1024 1024 109 19 1092 0 16 131072 0
sctp_raddr 736 118 58 1630 0 254 129536 0
128 Bucket 1024 81 34 1895 0 16 117760 0
ksiginfo 112 107 937 335 0 126 116928 0
malloc-1024 1024 108 4 128 0 16 114688 0
malloc-2048 2048 6 44 13459 0 8 102400 0
malloc-256 256 284 106 5629 0 62 99840 0
malloc-256 256 33 357 3450 0 62 99840 0
malloc-4096 4096 23 0 555 0 2 94208 0
malloc-8192 8192 9 2 138 0 1 90112 0
UMA Kegs 384 222 1 222 0 30 85632 0
clpbuf 2624 0 32 20 0 16 83968 0
socket 944 43 45 5579 0 254 83072 0
g_bio 408 0 200 51065 0 30 81600 0
malloc-4096 4096 15 2 113 0 2 69632 0
64 Bucket 512 98 38 5942 0 30 69632 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 5 0 1 65536 0
malloc-32768 32768 0 2 130 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 1 1 6 0 1 65536 0
malloc-256 256 119 121 3895 0 62 61440 0
malloc-256 256 160 35 281 0 62 49920 0
32 Bucket 256 61 134 9042 0 62 49920 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-64 64 570 186 17905 0 254 48384 0
malloc-128 128 117 255 477 0 126 47616 0
malloc-256 256 139 41 6148 0 62 46080 0
malloc-2048 2048 4 18 511 0 8 45056 0
pcpu-8 8 4839 793 6577 0 254 45056 0
malloc-128 128 300 41 458 0 126 43648 0
malloc-256 256 20 145 5370 0 62 42240 0
malloc-8192 8192 5 0 5 0 1 40960 0
tcpcb 1064 6 29 778 0 254 37240 0
DIRHASH 1024 34 2 34 0 16 36864 0
NAMEI 1024 0 36 28509 0 16 36864 0
malloc-4096 4096 4 5 3223 0 2 36864 0
malloc-2048 2048 12 6 382 0 8 36864 0
malloc-512 512 6 66 738 0 30 36864 0
malloc-64 64 489 78 902 0 254 36288 0
malloc-8192 8192 3 1 5 0 1 32768 0
pcpu-64 64 480 32 480 0 254 32768 0
TURNSTILE 136 221 10 221 0 62 31416 0
tcp_inpcb 488 6 58 778 0 254 31232 0
KNOTE 160 28 147 34028 0 62 28000 0
Files 80 236 114 16896 0 126 28000 0
pipe 744 23 12 532 0 16 26040 0
malloc-1024 1024 10 14 1541 0 16 24576 0
malloc-1024 1024 18 6 22 0 16 24576 0
ttyinq 160 135 15 300 0 62 24000 0
8 Bucket 80 47 253 1663 0 126 24000 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-384 384 52 8 52 0 30 23040 0
SLEEPQUEUE 88 221 35 221 0 126 22528 0
tcp_bbr_pcb 832 0 27 278 0 16 22464 0
malloc-2048 2048 2 8 281 0 8 20480 0
PWD 32 59 571 3096 0 254 20160 0
malloc-64 64 235 80 48890 0 254 20160 0
malloc-64 64 258 57 8197 0 254 20160 0
2 Bucket 32 54 576 1444 0 254 20160 0
Mountpoints 2752 2 5 2 0 4 19264 0
malloc-384 384 23 27 422 0 30 19200 0
malloc-256 256 57 18 786 0 62 19200 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-1024 1024 12 4 12 0 16 16384 0
malloc-1024 1024 11 5 43 0 16 16384 0
sctp_stream_msg_out 112 76 68 329 0 254 16128 0
malloc-64 64 136 116 192 0 254 16128 0
malloc-32 32 411 93 636 0 254 16128 0
malloc-32 32 115 389 6408 0 254 16128 0
16 Bucket 144 61 51 500 0 62 16128 0
vtnet_tx_hdr 24 0 668 49907 0 254 16032 0
unpcb 256 20 40 1669 0 254 15360 0
malloc-2048 2048 6 0 6 0 8 12288 0
malloc-2048 2048 5 1 196 0 8 12288 0
malloc-1024 1024 8 4 9 0 16 12288 0
malloc-512 512 14 10 270 0 30 12288 0
malloc-32 32 164 214 3354 0 254 12096 0
malloc-16 16 530 220 2771 0 254 12000 0
malloc-128 128 65 28 3114 0 126 11904 0
udplite_inpcb 488 0 24 143 0 254 11712 0
udp_inpcb 488 7 17 304 0 254 11712 0
kenv 258 15 30 1065 0 30 11610 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 0 2 4 0 2 8192 0
malloc-2048 2048 1 3 82 0 8 8192 0
malloc-1024 1024 0 8 9 0 16 8192 0
malloc-512 512 0 16 5 0 30 8192 0
malloc-512 512 3 13 212 0 30 8192 0
malloc-512 512 8 8 8 0 30 8192 0
pf tags 104 0 78 58 0 126 8112 0
rtentry 176 30 16 34 0 62 8096 0
PGRP 88 34 58 57 0 126 8096 0
rl_entry 40 98 104 98 0 254 8080 0
sctp_laddr 48 32 136 513 0 254 8064 0
tcp_rack_map 112 6 66 99 0 126 8064 0
udpcb 32 7 245 447 0 254 8064 0
malloc-64 64 8 118 9 0 254 8064 0
malloc-64 64 37 89 990 0 254 8064 0
malloc-32 32 6 246 14 0 254 8064 0
malloc-32 32 37 215 766 0 254 8064 0
malloc-32 32 36 216 379 0 254 8064 0
4 Bucket 48 6 162 128 0 254 8064 0
malloc-16 16 1 499 4 0 254 8000 0
malloc-16 16 20 480 59 0 254 8000 0
malloc-16 16 28 472 29 0 254 8000 0
malloc-16 16 188 312 1448 0 254 8000 0
malloc-16 16 34 466 27770 0 254 8000 0
malloc-16 16 14 486 1459 0 254 8000 0
malloc-128 128 10 52 17 0 126 7936 0
malloc-128 128 8 54 112 0 126 7936 0
sctp_readq 152 0 52 165 0 254 7904 0
ripcb 488 5 11 77 0 254 7808 0
itimer 352 0 22 8 0 30 7744 0
routing nhops 256 27 3 34 0 62 7680 0
malloc-384 384 0 20 39 0 30 7680 0
malloc-384 384 1 19 60 0 30 7680 0
malloc-384 384 20 0 20 0 30 7680 0
tcp_rack_pcb 832 2 7 73 0 16 7488 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 7 55 7 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
malloc-512 512 0 8 2 0 30 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
hostcache 64 1 62 1 0 254 4032 0
syncache 168 0 24 4 0 254 4032 0
malloc-32 32 0 126 2 0 254 4032 0
UMA Slabs 1 176 10 12 10 0 62 3872 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 12 27 12 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
FFS1 dinode 128 0 0 0 0 126 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 296 0 0 0 0 0 0 0
pf mtags 48 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=116807c3d00000
dashboard link: https://syzkaller.appspot.com/bug?extid=98e9d337f9ac13b58e5b
userspace arch: i386
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+98e9d3...@syzkaller.appspotmail.com
panic: Most recently used by tcp_fsb
cpuid = 1
time = 1620365110
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe009a4f4490
vpanic() at vpanic+0x1c7/frame 0xfffffe009a4f44f0
panic() at panic+0x43/frame 0xfffffe009a4f4550
mtrash_ctor() at mtrash_ctor+0xe5/frame 0xfffffe009a4f4590
item_ctor() at item_ctor+0x46f/frame 0xfffffe009a4f45f0
malloc() at malloc+0xe3/frame 0xfffffe009a4f4650
crypto_open() at crypto_open+0x22/frame 0xfffffe009a4f4670
devfs_open() at devfs_open+0x1b1/frame 0xfffffe009a4f46e0
VOP_OPEN_APV() at VOP_OPEN_APV+0x75/frame 0xfffffe009a4f4710
vn_open_vnode() at vn_open_vnode+0x379/frame 0xfffffe009a4f47c0
vn_open_cred() at vn_open_cred+0x7d9/frame 0xfffffe009a4f4940
kern_openat() at kern_openat+0x3bd/frame 0xfffffe009a4f4ab0
ia32_syscall() at ia32_syscall+0x237/frame 0xfffffe009a4f4bf0
int0x80_syscall_common() at int0x80_syscall_common+0x9c/frame 0xfbffcf78
KDB: enter: panic
[ thread pid 4034 tid 104665 ]
Stopped at kdb_enter+0x67: movq $0,0x163a54e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0
rax 0x12
rcx 0xfffffe009b400000
rdx 0x3ffff
rbx 0
rsp 0xfffffe009a4f4470
rbp 0xfffffe009a4f4490
rsi 0x40001
rdi 0xffffffff81137c46 vprintf+0x176
r8 0
r9 0x8080808080808080
r10 0xfffffe009a4f4360
r11 0x1ff65fff59c
r12 0xffffffff82267ac0 ddb_dbbe
r13 0
r14 0xffffffff81a73d95
r15 0xffffffff81a73d95
rip 0xffffffff8112ec37 kdb_enter+0x67
rflags 0x200082 kernload+0x82
kdb_enter+0x67: movq $0,0x163a54e(%rip)
db> show proc
Process 4034 (syz-executor.3) at 0xfffff80016edc538:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 793 at 0xfffff80004fd2000
ABI: FreeBSD ELF32
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.3
reaper: 0xfffff8000452a538 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00951913e0
(map 0xfffffe00951913e0)
(map.pmap 0xfffffe00951914a0)
(pmap 0xfffffe0095191500)
threads: 2
103350 Run CPU 0 syz-executor.3
104665 Run CPU 1 syz-executor.3
db> ps
pid ppid pgrp uid state wmesg wchan cmd
4037 4036 782 0 R syz-executor.0
4036 782 782 0 R (threaded) syz-executor.0
104194 RunQ syz-executor.0
104666 S wait 0xfffff8002c1e3538 syz-executor.0
4034 793 793 0 R (threaded) syz-executor.3
103350 Run CPU 0 syz-executor.3
104665 Run CPU 1 syz-executor.3
4031 4029 788 0 S uwait 0xfffff80030fc7d00 syz-executor.2
4029 788 788 0 R (threaded) syz-executor.2
103490 RunQ syz-executor.2
104661 S wait 0xfffff80016065000 syz-executor.2
4026 1 782 0 S uwait 0xfffff80030dcf280 syz-executor.0
4022 1 788 0 S uwait 0xfffff80030cf4180 syz-executor.2
4017 1 788 0 S uwait 0xfffff8001669b580 syz-executor.2
4009 1 788 0 S uwait 0xfffff8001669b680 syz-executor.2
3544 1 793 0 S uwait 0xfffff80030fc7200 syz-executor.3
3540 1 782 0 S uwait 0xfffff80030cf4680 syz-executor.0
3532 1 793 0 S uwait 0xfffff8001669be80 syz-executor.3
3530 1 782 0 S umtxn 0xfffff80004f5e600 syz-executor.0
3525 1 793 0 S uwait 0xfffff8003062fc00 syz-executor.3
3522 1 782 0 S uwait 0xfffff80030dcf380 syz-executor.0
3517 1 782 0 S uwait 0xfffff80030cf4780 syz-executor.0
3511 1 782 0 S uwait 0xfffff8001669ba00 syz-executor.0
3383 3377 3383 0 Ss select 0xfffff8001669b9c0 dhclient
3380 1 3380 0 Ss select 0xfffff80016806dc0 dhclient
3377 3370 436 65 S select 0xfffff80016806140 dhclient
3370 436 436 0 S wait 0xfffff800306d1000 sh
3361 1 3361 65 Ss select 0xfffff800168060c0 dhclient
2649 1 2649 0 Ss select 0xfffff80016a8ccc0 dhclient
2646 1 2646 0 Ss select 0xfffff80016a8cd40 dhclient
2625 1 2625 65 Ss select 0xfffff80016806e40 dhclient
2028 1 783 0 S umtxn 0xfffff80030dcf680 syz-executor.1
2017 1 788 0 S uwait 0xfffff80030dcf780 syz-executor.2
2016 1 783 0 S uwait 0xfffff8003062f080 syz-executor.1
2007 1 788 0 S uwait 0xfffff8003062f480 syz-executor.2
2006 1 783 0 S uwait 0xfffff80030cf4a80 syz-executor.1
1997 1 788 0 S uwait 0xfffff8002300f780 syz-executor.2
1993 1 788 0 S uwait 0xfffff80030dcf900 syz-executor.2
1986 1 788 0 S uwait 0xfffff80030dcfc00 syz-executor.2
1982 1 793 0 S uwait 0xfffff8003062f780 syz-executor.3
1981 1 793 0 S umtxn 0xfffff80030fc7c00 syz-executor.3
1977 1 783 0 S uwait 0xfffff80030dcfe00 syz-executor.1
1975 1 783 0 S uwait 0xfffff80030cf4480 syz-executor.1
1970 1 793 0 S uwait 0xfffff8003062f900 syz-executor.3
1969 1 793 0 S uwait 0xfffff80030fc7b00 syz-executor.3
1964 1 783 0 S uwait 0xfffff80030fc7f00 syz-executor.1
1963 1 783 0 S uwait 0xfffff80030fc7e00 syz-executor.1
1956 1 793 0 S uwait 0xfffff80030cf4080 syz-executor.3
1955 1 793 0 S uwait 0xfffff80030fc7a00 syz-executor.3
1951 1 783 0 S uwait 0xfffff8002300fc00 syz-executor.1
1950 1 783 0 S uwait 0xfffff80030cf4880 syz-executor.1
1945 1 783 0 S uwait 0xfffff8003062fe00 syz-executor.1
1944 1 783 0 S uwait 0xfffff80004f5e000 syz-executor.1
1939 1 783 0 S uwait 0xfffff80030dcfd00 syz-executor.1
1937 1 783 0 S umtxn 0xfffff80030cf4980 syz-executor.1
1847 1 1847 0 Ss select 0xfffff80030cf4cc0 dhclient
1844 1 1844 0 Ss select 0xfffff8001669bf40 dhclient
1824 1 1824 65 Ss select 0xfffff80030dcf1c0 dhclient
1584 1 782 0 S uwait 0xfffff80004f5e300 syz-executor.0
1582 1 788 0 S uwait 0xfffff8003062f280 syz-executor.2
1580 1 782 0 S uwait 0xfffff80030384c80 syz-executor.0
1578 1 788 0 S uwait 0xfffff80030cf4380 syz-executor.2
1577 1 782 0 S uwait 0xfffff8003062fd00 syz-executor.0
1573 1 788 0 S uwait 0xfffff80030384680 syz-executor.2
1570 1 788 0 S uwait 0xfffff8003062f680 syz-executor.2
1569 1 788 0 S uwait 0xfffff80030dcfb00 syz-executor.2
1412 1 783 0 S uwait 0xfffff8003062f180 syz-executor.1
1402 1 783 0 S uwait 0xfffff80030384780 syz-executor.1
1397 1 783 0 S uwait 0xfffff80030cf4e80 syz-executor.1
1396 1 788 0 S uwait 0xfffff80004f5ed00 syz-executor.2
1391 1 788 0 S uwait 0xfffff8003062f380 syz-executor.2
1386 1 788 0 S uwait 0xfffff80004f5e400 syz-executor.2
1383 1 788 0 S uwait 0xfffff80004f5e880 syz-executor.2
1380 1 788 0 S uwait 0xfffff80030dcff00 syz-executor.2
1156 1 1156 0 Ss select 0xfffff80030cf4d40 dhclient
1153 1 1153 0 Ss select 0xfffff80030cf4240 dhclient
793 780 793 0 Rs syz-executor.3
788 780 788 0 Rs syz-executor.2
783 780 783 0 Ss piperd 0xfffff80030b6aba0 syz-executor.1
782 780 782 0 Rs syz-executor.0
780 778 778 0 S (threaded) syz-fuzzer
100097 S kqread 0xfffff80030650c00 syz-fuzzer
100118 S uwait 0xfffff80004cfc180 syz-fuzzer
100119 S uwait 0xfffff80004cfc280 syz-fuzzer
100120 S uwait 0xfffff80004cfc380 syz-fuzzer
100121 S uwait 0xfffff80004cfc480 syz-fuzzer
100122 S uwait 0xfffff80004cfc580 syz-fuzzer
100123 S uwait 0xfffff80004cfc680 syz-fuzzer
100124 S uwait 0xfffff80004cfc780 syz-fuzzer
100667 S uwait 0xfffff80030cf4b80 syz-fuzzer
778 776 778 0 Ss pause 0xfffff80023018b20 csh
776 694 776 0 Ss select 0xfffff8003062fac0 sshd
760 1 760 0 Ss+ ttyin 0xfffff800049d7cb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80004ced8b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80004cedcb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80004cf40b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80004cf44b0 getty
755 1 755 0 Ss+ ttyin 0xfffff80004cf48b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80004cf4cb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80004c6e0b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80004c6e4b0 getty
698 1 698 0 Ss nanslp 0xffffffff8273c8e0 cron
694 1 694 0 Ss select 0xfffff800303848c0 sshd
507 1 507 0 Ss select 0xfffff80030384840 syslogd
436 1 436 0 Ss wait 0xfffff80004f68538 devd
435 1 435 65 Ss select 0xfffff80030384ac0 dhclient
350 1 350 0 Ss select 0xfffff80030384940 dhclient
347 1 347 0 Ss select 0xfffff80030384c40 dhclient
23 0 0 0 DL syncer 0xffffffff8282bd50 [syncer]
22 0 0 0 DL vlruwt 0xfffff80004e8da70 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282ae00 [bufdaemon]
100088 D - 0xffffffff8220ae00 [bufspacedaemon-0]
100098 D sdflush 0xfffff8002305ace8 [/ worker]
20 0 0 0 DL psleep 0xffffffff82852c08 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82847078 [dom0]
100086 D launds 0xffffffff82847084 [laundry: dom0]
100087 D umarcl 0xffffffff815c9360 [uma]
18 0 0 0 DL - 0xffffffff82570c78 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff82e34828 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff82fc03c0 [pf purge]
15 0 0 0 DL - 0xffffffff8282845c [soaiod4]
9 0 0 0 DL - 0xffffffff8282845c [soaiod3]
8 0 0 0 DL - 0xffffffff8282845c [soaiod2]
7 0 0 0 DL - 0xffffffff8282845c [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82448140 [doneq0]
100045 D - 0xffffffff824480c0 [async]
100078 D - 0xffffffff82447f90 [scanner]
14 0 0 0 DL seqstat 0xfffff8000463c888 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffff8000462ed80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff8000462ed30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff828445a0 [crypto]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff8271c120 [g_event]
100036 D - 0xffffffff8271c128 [g_up]
100037 D - 0xffffffff8271c130 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100028 D - 0xfffff80004574600 [thr_0]
100029 D - 0xfffff80004574680 [thr_1]
12 0 0 0 WL (threaded) [intr]
100011 I [swi6: task queue]
100013 I [swi6: Giant taskq]
100018 I [swi5: fast taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 I [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff8000452a538 [init]
10 0 0 0 DL audit_w 0xffffffff82844ab0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8271c6b0 [swapper]
100005 D - 0xfffff80004144800 [if_config_tqg_0]
100006 D - 0xfffff80004144700 [softirq_0]
100007 D - 0xfffff80004144600 [softirq_1]
100008 D - 0xfffff80004144500 [if_io_tqg_0]
100009 D - 0xfffff80004144400 [if_io_tqg_1]
100010 D - 0xfffff8000457a600 [pci_hp taskq]
100012 D - 0xfffff8000457a300 [inm_free taskq]
100014 D - 0xfffff8000457a000 [linuxkpi_irq_wq]
100015 D - 0xfffff80004574e00 [thread taskq]
100016 D - 0xfffff80004574d00 [in6m_free taskq]
100017 D - 0xfffff80004574c00 [aiod_kick taskq]
100019 D - 0xfffff80004574900 [kqueue_ctx taskq]
100020 D - 0xfffff80004574800 [linuxkpi_short_wq_0]
100021 D - 0xfffff80004574800 [linuxkpi_short_wq_1]
100022 D - 0xfffff80004574800 [linuxkpi_short_wq_2]
100023 D - 0xfffff80004574800 [linuxkpi_short_wq_3]
100024 D - 0xfffff80004574700 [linuxkpi_long_wq_0]
100025 D - 0xfffff80004574700 [linuxkpi_long_wq_1]
100026 D - 0xfffff80004574700 [linuxkpi_long_wq_2]
100027 D - 0xfffff80004574700 [linuxkpi_long_wq_3]
100034 D - 0xfffff80004574000 [firmware taskq]
100038 D - 0xfffff800045c1d00 [crypto_0]
100039 D - 0xfffff800045c1d00 [crypto_1]
100055 D - 0xfffff800045c1700 [vtnet0 rxq 0]
100056 D - 0xfffff800045c1600 [vtnet0 txq 0]
100057 D - 0xfffff800045c1500 [vtnet0 rxq 1]
100058 D - 0xfffff800045c1400 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80004972100 [virtio_balloon]
100064 D - 0xfffff80004973a00 [mca taskq]
100066 D - 0xffffffff81e206a0 [deadlkres]
100073 D - 0xfffff80004c3c700 [acpi_task_0]
100074 D - 0xfffff80004c3c700 [acpi_task_1]
100075 D - 0xfffff80004c3c700 [acpi_task_2]
100077 D - 0xfffff800045c1c00 [CAM taskq]
db> show all locks
Process 4034 (syz-executor.3) thread 0xfffffe009512f3a0 (103350)
exclusive sleep mutex umtxql (umtxql) r = 0 (0xffffffff82760310) locked @ /syzkaller/managers/i386/kernel/sys/kern/kern_umtx.c:511
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
sctp_stro 108 8296K 1121
devbuf 4216 4340K 4244
tcp_hpts 5 3201K 5
sysctloid 33718 1992K 33785
vtbuf 24 1968K 46
kobj 332 1328K 492
newblk 25 1030K 8727
vfscache 3 1025K 3
filedesc 124 986K 6137
pcb 246 780K 5852
inodedep 199 587K 3574
subproc 241 515K 4169
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
acpica 1674 184K 55406
vnet_data 1 168K 1
tidhash 3 141K 3
pagedep 20 133K 3092
tfo_ccache 1 128K 1
DEVFS1 107 107K 124
sem 4 106K 4
linker 294 102K 330
BPF 46 88K 46
sctp_atcl 218 82K 3899
bus 995 81K 3509
mtx_pool 2 72K 2
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
kdtrace 317 58K 8705
umtx 440 55K 440
dirrem 179 45K 3313
temp 36 35K 2895
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 126 32K 136
msg 4 30K 4
vmem 3 26K 4
gtaskqueue 18 26K 18
freefile 176 22K 3270
kbdmux 6 22K 6
routetbl 143 21K 627
ifaddr 70 20K 72
DEVFS_RULE 56 20K 56
ufs_mount 5 17K 6
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
lltable 45 14K 92
bus-sc 33 14K 1719
sctp_atky 326 14K 5206
KTRACE 100 13K 100
ifnet 7 13K 7
ether_multi 152 13K 162
kenv 93 12K 93
eventhandler 133 12K 133
rman 84 10K 425
GEOM 60 10K 489
kqueue 119 10K 4125
sctp_timw 37 10K 37
cred 36 9K 269
in6_multi 65 9K 65
bmsafemap 2 9K 3564
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 77
pf_table 4 8K 57
rpc 2 8K 2
shmfd 1 8K 1
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 236 8K 294
pwddesc 117 8K 4054
pf_ifnet 19 7K 67
taskqueue 60 7K 60
sglist 5 7K 5
CAM DEV 3 6K 510
plimit 24 6K 490
DEVFSP 81 6K 215
CAM queue 5 6K 1528
ufs_dirhash 24 5K 24
UMA 265 5K 265
session 34 5K 49
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
kcovinfo 64 4K 68
acpisem 28 4K 28
lockf 32 4K 302
sctp_athm 218 4K 4029
sctp_map 216 4K 2224
selfd 52 4K 48545
hhook 13 4K 13
fpukern_ctx 3 3K 3
proc-args 53 3K 675
terminal 11 3K 11
select 19 3K 187
uidinfo 4 3K 10
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
ip6ndp 12 2K 14
newdirblk 14 2K 3029
sctp_ifa 13 2K 14
Unitno 27 2K 47
CAM XPT 22 2K 543
freework 7 2K 5258
freeblks 6 2K 3341
in_multi 6 2K 8
ipsecpolicy 2 2K 2
acpidev 20 2K 20
msi 9 2K 9
clone 9 2K 9
tun 7 2K 7
sctp_stri 2 1K 310
softdep 1 1K 1
mkdir 8 1K 6058
indirdep 4 1K 3012
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 258
NFSD session 1 1K 1
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_ifn 6 1K 14
mld 6 1K 6
igmp 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
diradd 5 1K 3353
crypto 4 1K 4
encap_export_host 12 1K 12
procdesc 5 1K 18
inpcbpolicy 18 1K 1302
pfil 4 1K 4
CAM SIM 2 1K 2
cdev 2 1K 2
chacha20random 1 1K 1
osd 3 1K 10
pf_rule 2 1K 85
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
vnodes 1 1K 8
ktls 1 1K 1
feeder 7 1K 7
xform 3 1K 174
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
linux 5 1K 6
aesni_data 2 1K 2
tcp_fsb 2 1K 73
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
pmchooks 1 1K 1
nexusdev 7 1K 7
soname 4 1K 6005
filecaps 5 1K 115
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 43
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
mqdata 0 0K 0
tcp_do 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 1791
sctp_iter 0 0K 14
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 6
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 8
sctp_aadr 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
axgbe 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
amr 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
vm_fictitious 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
agp 0 0K 0
nvme_da 0 0K 0
UMAHash 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 3043
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 127
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 6
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
twsbuf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 10
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 13
twa_commands 0 0K 0
statfs 0 0K 3216
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 4
tcp_log_dev 0 0K 74
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 13400
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 139
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 17538
ioctlops 0 0K 301
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 735
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 47
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 986 30429 0 254 38117376 0
tcp_log 416 0 20097 115219 0 254 8360352 0
mbuf 256 8896 2249 300965 0 254 2853120 0
pbuf 2624 0 973 0 0 2 2553152 0
RADIX NODE 144 6419 8726 128683 0 62 2180880 0
BUF TRIE 144 185 13283 6540 0 62 1939392 0
malloc-384 384 4116 4 4116 0 30 1582080 0
malloc-128 128 11064 34 11317 0 126 1420544 0
mbuf_cluster 2048 675 1 675 0 254 1384448 0
malloc-4096 4096 332 2 564 0 2 1368064 0
UMA Slabs 0 112 10774 23 10774 0 126 1209264 0
malloc-16384 16384 65 0 3247 0 1 1064960 0
FFS inode 1160 558 23 3837 0 8 673960 0
tcp_bbr_map 128 0 4433 109016 0 126 567424 0
malloc-4096 4096 127 2 4048 0 2 528384 0
VM OBJECT 264 1945 20 60549 0 30 518760 0
256 Bucket 2048 220 14 13813 0 8 479232 0
MAP ENTRY 96 4523 139 229481 0 126 447552 0
THREAD 1808 199 21 4666 0 8 397760 0
lkpimm 160 1 2324 1 0 62 372000 0
lkpicurr 160 2 2323 2 0 62 372000 0
malloc-65536 65536 1 4 322 0 1 327680 0
VNODE 448 596 79 3877 0 30 302400 0
sctp_asoc 2288 108 17 1112 0 254 286000 0
malloc-64 64 4205 205 9944 0 254 282240 0
malloc-2048 2048 111 23 2575 0 8 274432 0
malloc-256 256 300 765 15986 0 62 272640 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-32768 32768 0 8 2748 0 1 262144 0
VMSPACE 2544 94 2 4021 0 4 244224 0
malloc-16 16 13974 276 17889 0 254 228000 0
malloc-128 128 1498 269 41873 0 126 226176 0
DEVCTL 1024 0 216 132 0 0 221184 0
UMA Zones 768 237 2 237 0 16 183552 0
malloc-32 32 5435 235 9735 0 254 181440 0
sctp_ep 1280 108 27 2572 0 254 172800 0
mbuf_packet 256 156 519 15313 0 254 172800 0
malloc-384 384 243 197 3747 0 30 168960 0
PROC 1336 116 7 4037 0 8 164328 0
malloc-128 128 1148 61 2614 0 126 154752 0
malloc-384 384 358 42 4046 0 30 153600 0
FFS2 dinode 256 558 27 3835 0 62 149760 0
sctp_chunk 152 64 898 6451 0 254 146224 0
filedesc0 1072 117 16 4054 0 8 142576 0
S VFS Cache 104 1029 336 4438 0 126 141960 0
vmem btag 56 2324 40 2324 0 254 132384 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-1024 1024 109 19 1092 0 16 131072 0
sctp_raddr 736 118 58 1630 0 254 129536 0
128 Bucket 1024 81 34 1895 0 16 117760 0
ksiginfo 112 107 937 335 0 126 116928 0
malloc-1024 1024 108 4 128 0 16 114688 0
malloc-2048 2048 6 44 13459 0 8 102400 0
malloc-256 256 284 106 5629 0 62 99840 0
malloc-256 256 33 357 3450 0 62 99840 0
malloc-4096 4096 23 0 555 0 2 94208 0
malloc-8192 8192 9 2 138 0 1 90112 0
UMA Kegs 384 222 1 222 0 30 85632 0
clpbuf 2624 0 32 20 0 16 83968 0
socket 944 43 45 5579 0 254 83072 0
g_bio 408 0 200 51065 0 30 81600 0
malloc-4096 4096 15 2 113 0 2 69632 0
64 Bucket 512 98 38 5942 0 30 69632 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 5 0 1 65536 0
malloc-32768 32768 0 2 130 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 1 1 6 0 1 65536 0
malloc-256 256 119 121 3895 0 62 61440 0
malloc-256 256 160 35 281 0 62 49920 0
32 Bucket 256 61 134 9042 0 62 49920 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-64 64 570 186 17905 0 254 48384 0
malloc-128 128 117 255 477 0 126 47616 0
malloc-256 256 139 41 6148 0 62 46080 0
malloc-2048 2048 4 18 511 0 8 45056 0
pcpu-8 8 4839 793 6577 0 254 45056 0
malloc-128 128 300 41 458 0 126 43648 0
malloc-256 256 20 145 5370 0 62 42240 0
malloc-8192 8192 5 0 5 0 1 40960 0
tcpcb 1064 6 29 778 0 254 37240 0
DIRHASH 1024 34 2 34 0 16 36864 0
NAMEI 1024 0 36 28509 0 16 36864 0
malloc-4096 4096 4 5 3223 0 2 36864 0
malloc-2048 2048 12 6 382 0 8 36864 0
malloc-512 512 6 66 738 0 30 36864 0
malloc-64 64 489 78 902 0 254 36288 0
malloc-8192 8192 3 1 5 0 1 32768 0
pcpu-64 64 480 32 480 0 254 32768 0
TURNSTILE 136 221 10 221 0 62 31416 0
tcp_inpcb 488 6 58 778 0 254 31232 0
KNOTE 160 28 147 34028 0 62 28000 0
Files 80 236 114 16896 0 126 28000 0
pipe 744 23 12 532 0 16 26040 0
malloc-1024 1024 10 14 1541 0 16 24576 0
malloc-1024 1024 18 6 22 0 16 24576 0
ttyinq 160 135 15 300 0 62 24000 0
8 Bucket 80 47 253 1663 0 126 24000 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-384 384 52 8 52 0 30 23040 0
SLEEPQUEUE 88 221 35 221 0 126 22528 0
tcp_bbr_pcb 832 0 27 278 0 16 22464 0
malloc-2048 2048 2 8 281 0 8 20480 0
PWD 32 59 571 3096 0 254 20160 0
malloc-64 64 235 80 48890 0 254 20160 0
malloc-64 64 258 57 8197 0 254 20160 0
2 Bucket 32 54 576 1444 0 254 20160 0
Mountpoints 2752 2 5 2 0 4 19264 0
malloc-384 384 23 27 422 0 30 19200 0
malloc-256 256 57 18 786 0 62 19200 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-1024 1024 12 4 12 0 16 16384 0
malloc-1024 1024 11 5 43 0 16 16384 0
sctp_stream_msg_out 112 76 68 329 0 254 16128 0
malloc-64 64 136 116 192 0 254 16128 0
malloc-32 32 411 93 636 0 254 16128 0
malloc-32 32 115 389 6408 0 254 16128 0
16 Bucket 144 61 51 500 0 62 16128 0
vtnet_tx_hdr 24 0 668 49907 0 254 16032 0
unpcb 256 20 40 1669 0 254 15360 0
malloc-2048 2048 6 0 6 0 8 12288 0
malloc-2048 2048 5 1 196 0 8 12288 0
malloc-1024 1024 8 4 9 0 16 12288 0
malloc-512 512 14 10 270 0 30 12288 0
malloc-32 32 164 214 3354 0 254 12096 0
malloc-16 16 530 220 2771 0 254 12000 0
malloc-128 128 65 28 3114 0 126 11904 0
udplite_inpcb 488 0 24 143 0 254 11712 0
udp_inpcb 488 7 17 304 0 254 11712 0
kenv 258 15 30 1065 0 30 11610 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 0 2 4 0 2 8192 0
malloc-2048 2048 1 3 82 0 8 8192 0
malloc-1024 1024 0 8 9 0 16 8192 0
malloc-512 512 0 16 5 0 30 8192 0
malloc-512 512 3 13 212 0 30 8192 0
malloc-512 512 8 8 8 0 30 8192 0
pf tags 104 0 78 58 0 126 8112 0
rtentry 176 30 16 34 0 62 8096 0
PGRP 88 34 58 57 0 126 8096 0
rl_entry 40 98 104 98 0 254 8080 0
sctp_laddr 48 32 136 513 0 254 8064 0
tcp_rack_map 112 6 66 99 0 126 8064 0
udpcb 32 7 245 447 0 254 8064 0
malloc-64 64 8 118 9 0 254 8064 0
malloc-64 64 37 89 990 0 254 8064 0
malloc-32 32 6 246 14 0 254 8064 0
malloc-32 32 37 215 766 0 254 8064 0
malloc-32 32 36 216 379 0 254 8064 0
4 Bucket 48 6 162 128 0 254 8064 0
malloc-16 16 1 499 4 0 254 8000 0
malloc-16 16 20 480 59 0 254 8000 0
malloc-16 16 28 472 29 0 254 8000 0
malloc-16 16 188 312 1448 0 254 8000 0
malloc-16 16 34 466 27770 0 254 8000 0
malloc-16 16 14 486 1459 0 254 8000 0
malloc-128 128 10 52 17 0 126 7936 0
malloc-128 128 8 54 112 0 126 7936 0
sctp_readq 152 0 52 165 0 254 7904 0
ripcb 488 5 11 77 0 254 7808 0
itimer 352 0 22 8 0 30 7744 0
routing nhops 256 27 3 34 0 62 7680 0
malloc-384 384 0 20 39 0 30 7680 0
malloc-384 384 1 19 60 0 30 7680 0
malloc-384 384 20 0 20 0 30 7680 0
tcp_rack_pcb 832 2 7 73 0 16 7488 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 7 55 7 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
malloc-512 512 0 8 2 0 30 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
hostcache 64 1 62 1 0 254 4032 0
syncache 168 0 24 4 0 254 4032 0
malloc-32 32 0 126 2 0 254 4032 0
UMA Slabs 1 176 10 12 10 0 62 3872 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 12 27 12 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
FFS1 dinode 128 0 0 0 0 126 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 296 0 0 0 0 0 0 0
pf mtags 48 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
May 7, 2021, 7:09:15 AM5/7/21
to syzkaller-f...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
git tree: https://github.com/freebsd/freebsd-src.git main
console output: https://syzkaller.appspot.com/x/log.txt?x=149dd1b3d00000
dashboard link: https://syzkaller.appspot.com/bug?extid=98e9d337f9ac13b58e5b
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=145c3263d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15bc9f7dd00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+98e9d3...@syzkaller.appspotmail.com
panic: Most recently used by tcp_fsb
cpuid = 1
time = 1620385606
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00885606c0
vpanic() at vpanic+0x1c7/frame 0xfffffe0088560720
panic() at panic+0x43/frame 0xfffffe0088560780
mtrash_ctor() at mtrash_ctor+0xe5/frame 0xfffffe00885607c0
item_ctor() at item_ctor+0x46f/frame 0xfffffe0088560820
malloc() at malloc+0xe3/frame 0xfffffe0088560880
rack_init() at rack_init+0x7e5/frame 0xfffffe0088560900
tcp_ctloutput() at tcp_ctloutput+0x65f/frame 0xfffffe0088560980
sosetopt() at sosetopt+0x101/frame 0xfffffe0088560a00
kern_setsockopt() at kern_setsockopt+0x150/frame 0xfffffe0088560a80
sys_setsockopt() at sys_setsockopt+0x33/frame 0xfffffe0088560ab0
amd64_syscall() at amd64_syscall+0x247/frame 0xfffffe0088560bf0
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0088560bf0
--- syscall (0, FreeBSD ELF64, nosys), rip = 0x2b3dea, rsp = 0x7fffffffe9f8, rbp = 0x7fffffffea10 ---
KDB: enter: panic
[ thread pid 833 tid 100103 ]
rax 0x12
rcx 0x80
rdx 0xffffffff819c28f7
rbx 0
rsp 0xfffffe00885606a0
rbp 0xfffffe00885606c0
rsi 0x1
rdi 0
r8 0
r9 0x8080808080808080
r10 0xfffffe0088560590
r11 0x1ff77fff59c
r15 0xffffffff81a73d13
rip 0xffffffff8112ec37 kdb_enter+0x67
rflags 0x86
ABI: FreeBSD ELF64
flag: 0x10000000 flag2: 0
arguments: ./syz-executor201792369
(map 0xfffffe0094c08000)
(map.pmap 0xfffffe0094c080c0)
(pmap 0xfffffe0094c08120)
threads: 1
100103 Run CPU 1 syz-executor2017923
785 783 783 0 S nanslp 0xffffffff8273c8e0 syz-executor2017923
783 781 783 0 Ss pause 0xfffff8002300d0b0 csh
781 694 781 0 Ss select 0xfffff800230012c0 sshd
749 748 24 0 S+ nanslp 0xffffffff8273c8e1 sleep
748 1 24 0 S+ wait 0xfffff80030547a70 sh
507 1 507 0 Ss select 0xfffff800230014c0 syslogd
436 1 436 0 Ss select 0xfffff80023001640 devd
435 1 435 65 Ss select 0xfffff80030546cc0 dhclient
350 1 350 0 Ss select 0xfffff800230015c0 dhclient
347 1 347 0 Ss select 0xfffff80023001840 dhclient
16 0 0 0 DL pftm 0xffffffff82d793c0 [pf purge]
100003 Run CPU 0 [idle: cpu0]
100066 D - 0xffffffff81e206a1 [deadlkres]
exclusive rw tcpinp (tcpinp) r = 0 (0xfffff80030b1dd78) locked @ /syzkaller/managers/main/kernel/sys/netinet/tcp_usrreq.c:1809
vfscache 3 1025K 3
pcb 23 537K 124
inodedep 26 522K 71
tfo_ccache 1 128K 1
sem 4 106K 4
DEVFS1 103 103K 112
linker 294 102K 318
kdtrace 164 33K 951
umtx 242 31K 242
DEVFS_RULE 56 20K 56
BPF 10 18K 10
KTRACE 100 13K 100
routetbl 50 11K 176
vt 11 5K 11
ifnet 3 5K 3
acpisem 28 4K 28
hhook 13 4K 13
ether_multi 40 4K 50
lltable 11 4K 11
pf_ifnet 5 3K 6
fpukern_ctx 3 3K 3
in6_multi 25 3K 25
kqueue 47 3K 836
pwddesc 47 3K 834
terminal 11 3K 11
session 20 3K 31
uidinfo 3 3K 8
proc-args 39 2K 488
freefile 13 2K 22
Unitno 27 2K 39
dirrem 4 1K 28
ipsec 3 1K 3
indirdep 3 1K 3
nhops 6 1K 6
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
newdirblk 4 1K 8
mkdir 4 1K 16
in_multi 2 1K 4
osd 3 1K 10
sctp_ifn 2 1K 6
DEVFS 9 1K 10
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
loginclass 3 1K 7
filecaps 4 1K 66
tun 3 1K 3
p1003.1b 1 1K 1
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 3
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 3
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
tcp_do 0 0K 0
tcp_fsb 0 0K 47
mqdata 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
savedino 0 0K 15
freefrag 0 0K 7
ip6opt 0 0K 3
VN POLL 0 0K 0
twa_commands 0 0K 0
statfs 0 0K 196
tcp_log_dev 0 0K 0
ioctlops 0 0K 86
mbuf_jumbo_page 4096 8320 903 13369 0 254 37777408 0
pbuf 2624 0 989 0 0 2 2595136 0
mbuf 256 8577 888 15809 0 254 2423040 0
BUF TRIE 144 170 13298 448 0 62 1939392 0
malloc-4096 4096 332 3 492 0 2 1372160 0
UMA Slabs 0 112 10019 22 10019 0 126 1124592 0
FFS inode 1160 486 25 508 0 8 592760 0
malloc-64 64 4021 200 5037 0 254 270144 0
VNODE 448 516 33 540 0 30 245952 0
256 Bucket 2048 106 14 10274 0 8 245760 0
malloc-4096 4096 57 0 844 0 2 233472 0
malloc-16 16 13756 244 13827 0 254 224000 0
DEVCTL 1024 0 216 116 0 0 221184 0
THREAD 1808 116 5 116 0 8 218768 0
malloc-65536 65536 1 2 183 0 1 196608 0
malloc-256 256 628 47 1014 0 62 172800 0
malloc-128 128 1277 56 29063 0 126 170624 0
malloc-128 128 928 33 1907 0 126 123008 0
ksiginfo 112 35 1009 51 0 126 116928 0
MAP ENTRY 96 847 329 38571 0 126 112896 0
malloc-1024 1024 104 4 116 0 16 110592 0
S VFS Cache 104 966 87 1004 0 126 109512 0
vmem btag 56 1883 49 1883 0 254 108192 0
malloc-16384 16384 4 2 181 0 1 98304 0
malloc-8192 8192 9 3 138 0 1 98304 0
malloc-2048 2048 2 40 1790 0 8 86016 0
PROC 1336 46 5 833 0 8 68136 0
filedesc0 1072 47 16 834 0 8 67536 0
mbuf_cluster 2048 30 2 30 0 254 65536 0
malloc-4096 4096 14 1 109 0 2 61440 0
128 Bucket 1024 39 16 607 0 16 56320 0
malloc-256 256 177 33 753 0 62 53760 0
malloc-64 64 526 167 14821 0 254 44352 0
malloc-128 128 292 49 451 0 126 43648 0
malloc-256 256 140 25 157 0 62 42240 0
clpbuf 2624 0 16 20 0 16 41984 0
DIRHASH 1024 34 6 34 0 16 40960 0
32 Bucket 256 45 105 4610 0 62 38400 0
NAMEI 1024 0 36 11997 0 16 36864 0
malloc-4096 4096 7 2 539 0 2 36864 0
malloc-512 512 4 68 512 0 30 36864 0
pcpu-8 8 4190 418 4218 0 254 36864 0
64 Bucket 512 57 15 1400 0 30 36864 0
malloc-64 64 486 81 750 0 254 36288 0
malloc-384 384 45 45 102 0 30 34560 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-256 256 83 37 138 0 62 30720 0
malloc-384 384 68 2 68 0 30 26880 0
socket 944 19 9 1301 0 254 26432 0
malloc-1024 1024 10 14 1078 0 16 24576 0
TURNSTILE 136 122 25 122 0 62 19992 0
malloc-2048 2048 3 5 268 0 8 16384 0
malloc-2048 2048 6 2 6 0 8 16384 0
malloc-32 32 336 168 434 0 254 16128 0
8 Bucket 80 41 159 438 0 126 16000 0
tcp_rack_pcb 832 1 17 48 0 16 14976 0
tcpcb 1064 4 10 55 0 254 14896 0
SLEEPQUEUE 88 122 38 122 0 126 14080 0
malloc-64 64 65 124 9925 0 254 12096 0
malloc-64 64 117 72 1718 0 254 12096 0
malloc-64 64 127 62 155 0 254 12096 0
malloc-64 64 24 165 339 0 254 12096 0
malloc-32 32 71 307 4059 0 254 12096 0
Files 80 72 78 6549 0 126 12000 0
udp_inpcb 488 6 18 126 0 254 11712 0
kenv 258 15 30 1049 0 30 11610 0
malloc-256 256 14 31 102 0 62 11520 0
malloc-256 256 20 25 617 0 62 11520 0
malloc-256 256 13 32 346 0 62 11520 0
malloc-2048 2048 3 1 3 0 8 8192 0
malloc-1024 1024 0 8 4 0 16 8192 0
malloc-512 512 6 10 14 0 30 8192 0
PGRP 88 20 72 31 0 126 8096 0
rl_entry 40 28 174 28 0 254 8080 0
tcp_rack_map 112 0 72 141 0 126 8064 0
udpcb 32 6 246 126 0 254 8064 0
PWD 32 10 242 100 0 254 8064 0
malloc-32 32 37 215 769 0 254 8064 0
malloc-32 32 30 222 189 0 254 8064 0
16 Bucket 144 35 21 201 0 62 8064 0
4 Bucket 48 7 161 60 0 254 8064 0
2 Bucket 32 42 210 495 0 254 8064 0
vtnet_tx_hdr 24 0 334 1301 0 254 8016 0
malloc-16 16 24 476 25 0 254 8000 0
malloc-16 16 188 312 1443 0 254 8000 0
malloc-16 16 26 474 25396 0 254 8000 0
malloc-16 16 14 486 20 0 254 8000 0
malloc-128 128 5 57 11 0 126 7936 0
malloc-128 128 39 23 55 0 126 7936 0
malloc-128 128 10 52 79 0 126 7936 0
routing nhops 256 10 20 17 0 62 7680 0
unpcb 256 7 23 1099 0 254 7680 0
mbuf_packet 256 0 30 93 0 254 7680 0
malloc-384 384 0 20 19 0 30 7680 0
malloc-384 384 5 15 352 0 30 7680 0
KNOTE 160 0 25 8 0 62 4000 0
ripcb 488 1 7 4 0 254 3904 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
malloc-384 384 1 9 2 0 30 3840 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2288 0 0 0 0 254 0 0
sctp_ep 1280 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
AIO 208 0 0 0 0 62 0 0
NCLNODE 584 0 0 0 0 16 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 224 0 0 0 0 62 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 24 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls_session 192 0 0 0 0 62 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 64 0 0
mdpbuf 2624 0 0 0 0 3 0 0
nfspbuf 2624 0 0 0 0 16 0 0
swwbuf 2624 0 0 0 0 8 0 0
swrbuf 2624 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
HEAD commit: fb53b42e virtio-modern: fix PCI common read/write function..
git tree: https://github.com/freebsd/freebsd-src.git main
dashboard link: https://syzkaller.appspot.com/bug?extid=98e9d337f9ac13b58e5b
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=145c3263d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15bc9f7dd00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+98e9d3...@syzkaller.appspotmail.com
panic: Most recently used by tcp_fsb
cpuid = 1
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00885606c0
vpanic() at vpanic+0x1c7/frame 0xfffffe0088560720
panic() at panic+0x43/frame 0xfffffe0088560780
mtrash_ctor() at mtrash_ctor+0xe5/frame 0xfffffe00885607c0
item_ctor() at item_ctor+0x46f/frame 0xfffffe0088560820
malloc() at malloc+0xe3/frame 0xfffffe0088560880
rack_init() at rack_init+0x7e5/frame 0xfffffe0088560900
tcp_ctloutput() at tcp_ctloutput+0x65f/frame 0xfffffe0088560980
sosetopt() at sosetopt+0x101/frame 0xfffffe0088560a00
kern_setsockopt() at kern_setsockopt+0x150/frame 0xfffffe0088560a80
sys_setsockopt() at sys_setsockopt+0x33/frame 0xfffffe0088560ab0
amd64_syscall() at amd64_syscall+0x247/frame 0xfffffe0088560bf0
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0088560bf0
--- syscall (0, FreeBSD ELF64, nosys), rip = 0x2b3dea, rsp = 0x7fffffffe9f8, rbp = 0x7fffffffea10 ---
KDB: enter: panic
[ thread pid 833 tid 100103 ]
Stopped at kdb_enter+0x67: movq $0,0x163a54e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
rax 0x12
rcx 0x80
rdx 0xffffffff819c28f7
rbx 0
rsp 0xfffffe00885606a0
rbp 0xfffffe00885606c0
rsi 0x1
rdi 0
r8 0
r9 0x8080808080808080
r10 0xfffffe0088560590
r11 0x1ff77fff59c
r12 0xffffffff82267ac0 ddb_dbbe
r13 0
r14 0xffffffff81a73d13
r13 0
r15 0xffffffff81a73d13
rip 0xffffffff8112ec37 kdb_enter+0x67
rflags 0x86
kdb_enter+0x67: movq $0,0x163a54e(%rip)
db> show proc
Process 833 (syz-executor2017923) at 0xfffff8003046ba70:
db> show proc
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 785 at 0xfffff80030575538
uid: 0 gids: 0, 0, 5
ABI: FreeBSD ELF64
flag: 0x10000000 flag2: 0
arguments: ./syz-executor201792369
reaper: 0xfffff8000452a538 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe0094c08000
sigparent: 20
(map 0xfffffe0094c08000)
(map.pmap 0xfffffe0094c080c0)
(pmap 0xfffffe0094c08120)
threads: 1
100103 Run CPU 1 syz-executor2017923
db> ps
pid ppid pgrp uid state wmesg wchan cmd
833 785 783 0 R CPU 1 syz-executor2017923
pid ppid pgrp uid state wmesg wchan cmd
785 783 783 0 S nanslp 0xffffffff8273c8e0 syz-executor2017923
783 781 783 0 Ss pause 0xfffff8002300d0b0 csh
781 694 781 0 Ss select 0xfffff800230012c0 sshd
760 1 760 0 Ss+ ttyin 0xfffff800049d7cb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80004ced8b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80004cedcb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80004cf40b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80004cf44b0 getty
755 1 755 0 Ss+ ttyin 0xfffff80004cf48b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80004cf4cb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80004c6e0b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80004c6e4b0 getty
750 1 24 0 S+ piperd 0xfffff80004f985d0 logger
759 1 759 0 Ss+ ttyin 0xfffff80004ced8b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80004cedcb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80004cf40b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80004cf44b0 getty
755 1 755 0 Ss+ ttyin 0xfffff80004cf48b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80004cf4cb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80004c6e0b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80004c6e4b0 getty
749 748 24 0 S+ nanslp 0xffffffff8273c8e1 sleep
748 1 24 0 S+ wait 0xfffff80030547a70 sh
698 1 698 0 Ss nanslp 0xffffffff8273c8e0 cron
694 1 694 0 Ss select 0xfffff80004f59ac0 sshd
507 1 507 0 Ss select 0xfffff800230014c0 syslogd
436 1 436 0 Ss select 0xfffff80023001640 devd
435 1 435 65 Ss select 0xfffff80030546cc0 dhclient
350 1 350 0 Ss select 0xfffff800230015c0 dhclient
347 1 347 0 Ss select 0xfffff80023001840 dhclient
23 0 0 0 DL syncer 0xffffffff8282bd50 [syncer]
22 0 0 0 DL vlruwt 0xfffff80004e8da70 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282ae00 [bufdaemon]
100088 D - 0xffffffff8220ae00 [bufspacedaemon-0]
100095 D sdflush 0xfffff800230b0ce8 [/ worker]
22 0 0 0 DL vlruwt 0xfffff80004e8da70 [vnlru]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282ae00 [bufdaemon]
100088 D - 0xffffffff8220ae00 [bufspacedaemon-0]
20 0 0 0 DL psleep 0xffffffff82852c08 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82847078 [dom0]
100086 D launds 0xffffffff82847084 [laundry: dom0]
100087 D umarcl 0xffffffff815c9360 [uma]
18 0 0 0 DL - 0xffffffff82570c78 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff83068828 [sctp_iterator]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82847078 [dom0]
100086 D launds 0xffffffff82847084 [laundry: dom0]
100087 D umarcl 0xffffffff815c9360 [uma]
18 0 0 0 DL - 0xffffffff82570c78 [rand_harvestq]
16 0 0 0 DL pftm 0xffffffff82d793c0 [pf purge]
100073 D - 0xfffff80004c3c700 [acpi_task_0]
100074 D - 0xfffff80004c3c700 [acpi_task_1]
100075 D - 0xfffff80004c3c700 [acpi_task_2]
100077 D - 0xfffff800045c1c00 [CAM taskq]
db> show all locks
Process 833 (syz-executor2017923) thread 0xfffffe00557663a0 (100103)
100074 D - 0xfffff80004c3c700 [acpi_task_1]
100075 D - 0xfffff80004c3c700 [acpi_task_2]
100077 D - 0xfffff800045c1c00 [CAM taskq]
db> show all locks
exclusive rw tcpinp (tcpinp) r = 0 (0xfffff80030b1dd78) locked @ /syzkaller/managers/main/kernel/sys/netinet/tcp_usrreq.c:1809
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
devbuf 4216 4340K 4241
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 5 3201K 5
sysctloid 33718 1992K 33785
vtbuf 24 1968K 46
kobj 332 1328K 492
newblk 545 1160K 602
sysctloid 33718 1992K 33785
vtbuf 24 1968K 46
kobj 332 1328K 492
vfscache 3 1025K 3
pcb 23 537K 124
inodedep 26 522K 71
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 99 208K 886
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
acpica 1674 184K 55406
vnet_data 1 168K 1
tidhash 3 141K 3
pagedep 8 130K 18
vnet_data 1 168K 1
tidhash 3 141K 3
tfo_ccache 1 128K 1
sem 4 106K 4
DEVFS1 103 103K 112
linker 294 102K 318
bus 995 81K 3509
mtx_pool 2 72K 2
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
temp 18 33K 1605
mtx_pool 2 72K 2
syncache 1 68K 1
acpitask 1 64K 1
ddb_capture 1 64K 1
module 508 64K 508
kdtrace 164 33K 951
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 122 31K 132
shm 1 32K 1
umtx 242 31K 242
msg 4 30K 4
vmem 3 26K 4
gtaskqueue 18 26K 18
kbdmux 6 22K 6
vmem 3 26K 4
gtaskqueue 18 26K 18
DEVFS_RULE 56 20K 56
BPF 10 18K 10
ufs_mount 5 17K 6
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
bus-sc 33 14K 1719
proc 3 17K 3
tty 16 16K 16
ithread 99 16K 99
KTRACE 100 13K 100
kenv 93 12K 93
eventhandler 133 12K 133
ifaddr 30 12K 32
eventhandler 133 12K 133
routetbl 50 11K 176
rman 84 10K 425
GEOM 60 10K 489
bmsafemap 2 9K 41
GEOM 60 10K 489
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 1
devstat 4 9K 4
rpc 2 8K 2
shmfd 1 8K 1
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 236 8K 294
shmfd 1 8K 1
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 236 8K 294
taskqueue 60 7K 60
sglist 5 7K 5
CAM DEV 3 6K 510
cred 23 6K 234
sglist 5 7K 5
CAM DEV 3 6K 510
CAM queue 5 6K 1528
ufs_dirhash 24 5K 24
UMA 265 5K 265
plimit 17 5K 322
ufs_dirhash 24 5K 24
UMA 265 5K 265
vt 11 5K 11
ifnet 3 5K 3
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
filedesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
acpisem 28 4K 28
hhook 13 4K 13
ether_multi 40 4K 50
lltable 11 4K 11
pf_ifnet 5 3K 6
fpukern_ctx 3 3K 3
in6_multi 25 3K 25
kqueue 47 3K 836
pwddesc 47 3K 834
terminal 11 3K 11
session 20 3K 31
uidinfo 3 3K 8
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
selfd 27 2K 9858
io_apic 1 2K 1
ipsec-saq 2 2K 2
proc-args 39 2K 488
freefile 13 2K 22
Unitno 27 2K 39
CAM XPT 22 2K 543
lockf 15 2K 22
ipsecpolicy 2 2K 2
acpidev 20 2K 20
msi 9 2K 9
clone 9 2K 9
softdep 1 1K 1
acpidev 20 2K 20
msi 9 2K 9
clone 9 2K 9
dirrem 4 1K 28
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 10
secasvar 1 1K 1
NFSD session 1 1K 1
diradd 7 1K 36
CAM periph 4 1K 271
select 7 1K 29
ipsec 3 1K 3
indirdep 3 1K 3
nhops 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
sctp_ifa 5 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
newdirblk 4 1K 8
mkdir 4 1K 16
in_multi 2 1K 4
pfil 4 1K 4
CAM SIM 2 1K 2
cdev 2 1K 2
chacha20random 1 1K 1
inpcbpolicy 11 1K 185
CAM SIM 2 1K 2
cdev 2 1K 2
chacha20random 1 1K 1
osd 3 1K 10
sctp_ifn 2 1K 6
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFSP 4 1K 9
NFSD V4client 1 1K 1
DEVFS 9 1K 10
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
ktls 1 1K 1
feeder 7 1K 7
tcpfunc 3 1K 3
feeder 7 1K 7
loginclass 3 1K 7
prison 6 1K 6
linux 5 1K 6
aesni_data 2 1K 2
linux 5 1K 6
aesni_data 2 1K 2
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
xform 2 1K 49
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
procdesc 1 1K 6
pmchooks 1 1K 1
nexusdev 7 1K 7
soname 4 1K 3278
nexusdev 7 1K 7
filecaps 4 1K 66
tun 3 1K 3
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 35
vnet 1 1K 1
acpiintr 1 1K 1
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
freework 1 1K 26
pmc 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 3
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_athm 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 3
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
tcp_do 0 0K 0
tcp_fsb 0 0K 47
mqdata 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 3
jfsync 0 0K 0
jtrunc 0 0K 0
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 25
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 7
twa_commands 0 0K 0
statfs 0 0K 196
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 6
export_host 0 0K 0
tcp_log_dev 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 1788
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 27
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 13508
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
ioctlops 0 0K 86
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 618
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
kcovinfo 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
pbuf 2624 0 989 0 0 2 2595136 0
mbuf 256 8577 888 15809 0 254 2423040 0
BUF TRIE 144 170 13298 448 0 62 1939392 0
malloc-384 384 4116 4 4116 0 30 1582080 0
malloc-128 128 11051 16 11062 0 126 1416576 0
malloc-4096 4096 332 3 492 0 2 1372160 0
UMA Slabs 0 112 10019 22 10019 0 126 1124592 0
FFS inode 1160 486 25 508 0 8 592760 0
lkpimm 160 1 2324 1 0 62 372000 0
lkpicurr 160 2 2323 2 0 62 372000 0
RADIX NODE 144 2061 176 20856 0 62 322128 0
lkpicurr 160 2 2323 2 0 62 372000 0
malloc-64 64 4021 200 5037 0 254 270144 0
malloc-65536 65536 4 0 4 0 1 262144 0
VM OBJECT 264 896 64 13094 0 30 253440 0
VNODE 448 516 33 540 0 30 245952 0
256 Bucket 2048 106 14 10274 0 8 245760 0
malloc-4096 4096 57 0 844 0 2 233472 0
malloc-16 16 13756 244 13827 0 254 224000 0
DEVCTL 1024 0 216 116 0 0 221184 0
THREAD 1808 116 5 116 0 8 218768 0
malloc-65536 65536 1 2 183 0 1 196608 0
UMA Zones 768 237 2 237 0 16 183552 0
malloc-32 32 5219 199 6041 0 254 173376 0
malloc-256 256 628 47 1014 0 62 172800 0
malloc-128 128 1277 56 29063 0 126 170624 0
malloc-65536 65536 2 0 2 0 1 131072 0
FFS2 dinode 256 486 24 508 0 62 130560 0
malloc-128 128 928 33 1907 0 126 123008 0
ksiginfo 112 35 1009 51 0 126 116928 0
MAP ENTRY 96 847 329 38571 0 126 112896 0
malloc-1024 1024 104 4 116 0 16 110592 0
S VFS Cache 104 966 87 1004 0 126 109512 0
vmem btag 56 1883 49 1883 0 254 108192 0
malloc-16384 16384 4 2 181 0 1 98304 0
malloc-8192 8192 9 3 138 0 1 98304 0
malloc-2048 2048 2 40 1790 0 8 86016 0
UMA Kegs 384 222 1 222 0 30 85632 0
VMSPACE 2544 24 9 812 0 4 83952 0
PROC 1336 46 5 833 0 8 68136 0
filedesc0 1072 47 16 834 0 8 67536 0
mbuf_cluster 2048 30 2 30 0 254 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 0 2 130 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
g_bio 408 0 160 4608 0 30 65280 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-4096 4096 14 1 109 0 2 61440 0
128 Bucket 1024 39 16 607 0 16 56320 0
malloc-256 256 177 33 753 0 62 53760 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-2048 2048 4 20 511 0 8 49152 0
malloc-64 64 526 167 14821 0 254 44352 0
malloc-128 128 292 49 451 0 126 43648 0
malloc-256 256 140 25 157 0 62 42240 0
clpbuf 2624 0 16 20 0 16 41984 0
DIRHASH 1024 34 6 34 0 16 40960 0
malloc-8192 8192 5 0 5 0 1 40960 0
malloc-128 128 118 192 419 0 126 39680 0
32 Bucket 256 45 105 4610 0 62 38400 0
NAMEI 1024 0 36 11997 0 16 36864 0
malloc-4096 4096 7 2 539 0 2 36864 0
malloc-512 512 4 68 512 0 30 36864 0
pcpu-8 8 4190 418 4218 0 254 36864 0
64 Bucket 512 57 15 1400 0 30 36864 0
malloc-64 64 486 81 750 0 254 36288 0
malloc-384 384 45 45 102 0 30 34560 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-8192 8192 3 1 5 0 1 32768 0
pcpu-64 64 480 32 480 0 254 32768 0
tcp_inpcb 488 51 13 55 0 254 31232 0
pcpu-64 64 480 32 480 0 254 32768 0
malloc-256 256 83 37 138 0 62 30720 0
malloc-384 384 68 2 68 0 30 26880 0
socket 944 19 9 1301 0 254 26432 0
malloc-1024 1024 10 14 1078 0 16 24576 0
malloc-1024 1024 18 6 22 0 16 24576 0
ttyinq 160 135 15 300 0 62 24000 0
ttyinq 160 135 15 300 0 62 24000 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-384 384 52 8 52 0 30 23040 0
malloc-4096 4096 3 2 200 0 2 20480 0
malloc-384 384 52 8 52 0 30 23040 0
TURNSTILE 136 122 25 122 0 62 19992 0
Mountpoints 2752 2 5 2 0 4 19264 0
pipe 744 7 18 284 0 16 18600 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-2048 2048 6 2 83 0 8 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-2048 2048 3 5 268 0 8 16384 0
malloc-2048 2048 6 2 6 0 8 16384 0
malloc-1024 1024 12 4 12 0 16 16384 0
malloc-1024 1024 11 5 11 0 16 16384 0
malloc-32 32 336 168 434 0 254 16128 0
8 Bucket 80 41 159 438 0 126 16000 0
tcp_rack_pcb 832 1 17 48 0 16 14976 0
tcpcb 1064 4 10 55 0 254 14896 0
SLEEPQUEUE 88 122 38 122 0 126 14080 0
malloc-2048 2048 5 1 196 0 8 12288 0
malloc-1024 1024 5 7 21 0 16 12288 0
malloc-1024 1024 8 4 9 0 16 12288 0
malloc-512 512 3 21 189 0 30 12288 0
malloc-64 64 65 124 9925 0 254 12096 0
malloc-64 64 117 72 1718 0 254 12096 0
malloc-64 64 127 62 155 0 254 12096 0
malloc-64 64 24 165 339 0 254 12096 0
malloc-32 32 71 307 4059 0 254 12096 0
Files 80 72 78 6549 0 126 12000 0
udp_inpcb 488 6 18 126 0 254 11712 0
kenv 258 15 30 1049 0 30 11610 0
malloc-256 256 14 31 102 0 62 11520 0
malloc-256 256 20 25 617 0 62 11520 0
malloc-256 256 13 32 346 0 62 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-4096 4096 0 2 3 0 2 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-2048 2048 3 1 3 0 8 8192 0
malloc-1024 1024 0 8 4 0 16 8192 0
malloc-512 512 6 10 14 0 30 8192 0
malloc-512 512 8 8 8 0 30 8192 0
rtentry 176 13 33 17 0 62 8096 0
PGRP 88 20 72 31 0 126 8096 0
rl_entry 40 28 174 28 0 254 8080 0
tcp_rack_map 112 0 72 141 0 126 8064 0
udpcb 32 6 246 126 0 254 8064 0
PWD 32 10 242 100 0 254 8064 0
malloc-64 64 8 118 9 0 254 8064 0
malloc-32 32 6 246 11 0 254 8064 0
malloc-32 32 37 215 769 0 254 8064 0
malloc-32 32 30 222 189 0 254 8064 0
16 Bucket 144 35 21 201 0 62 8064 0
4 Bucket 48 7 161 60 0 254 8064 0
2 Bucket 32 42 210 495 0 254 8064 0
vtnet_tx_hdr 24 0 334 1301 0 254 8016 0
malloc-16 16 1 499 4 0 254 8000 0
malloc-16 16 20 480 59 0 254 8000 0
malloc-16 16 298 202 504 0 254 8000 0
malloc-16 16 20 480 59 0 254 8000 0
malloc-16 16 24 476 25 0 254 8000 0
malloc-16 16 188 312 1443 0 254 8000 0
malloc-16 16 26 474 25396 0 254 8000 0
malloc-16 16 14 486 20 0 254 8000 0
malloc-128 128 5 57 11 0 126 7936 0
malloc-128 128 39 23 55 0 126 7936 0
malloc-128 128 10 52 79 0 126 7936 0
routing nhops 256 10 20 17 0 62 7680 0
unpcb 256 7 23 1099 0 254 7680 0
mbuf_packet 256 0 30 93 0 254 7680 0
malloc-384 384 0 20 19 0 30 7680 0
malloc-384 384 5 15 352 0 30 7680 0
malloc-384 384 20 0 20 0 30 7680 0
malloc-256 256 15 15 293 0 62 7680 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 7 55 7 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
malloc-2048 2048 1 1 1 0 8 4096 0
cpuset 104 7 55 7 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
malloc-512 512 0 8 2 0 30 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
sctp_laddr 48 0 84 4 0 254 4032 0
pcpu-16 16 7 249 7 0 254 4096 0
hostcache 64 1 62 1 0 254 4032 0
syncache 168 0 24 5 0 254 4032 0
malloc-32 32 0 126 2 0 254 4032 0
malloc-32 32 103 23 227 0 254 4032 0
KNOTE 160 0 25 8 0 62 4000 0
ripcb 488 1 7 4 0 254 3904 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
malloc-384 384 1 9 2 0 30 3840 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 12 27 12 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
FFS1 dinode 128 0 0 0 0 126 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
KMAP ENTRY 96 12 27 12 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
FFS1 dinode 128 0 0 0 0 126 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2288 0 0 0 0 254 0 0
sctp_ep 1280 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 296 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 48 0 0 0 0 254 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
udplite_inpcb 488 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIOCB 552 0 0 0 0 16 0 0
AIO 208 0 0 0 0 62 0 0
NCLNODE 584 0 0 0 0 16 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 224 0 0 0 0 62 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 24 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls_session 192 0 0 0 0 62 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 64 0 0
mdpbuf 2624 0 0 0 0 3 0 0
nfspbuf 2624 0 0 0 0 16 0 0
swwbuf 2624 0 0 0 0 8 0 0
swrbuf 2624 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
syzbot
Aug 6, 2021, 1:19:14 PM8/6/21
to syzkaller-f...@googlegroups.com, tue...@freebsd.org
This bug is marked as fixed by commit:
#syz fix: Fix a UDP tunneling issue with rack. Basically there are two
But I can't find it in any tested tree for more than 90 days.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
new crashes with the same signature are ignored.
#syz fix: Fix a UDP tunneling issue with rack. Basically there are two
But I can't find it in any tested tree for more than 90 days.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
new crashes with the same signature are ignored.
syzbot
Aug 20, 2021, 1:19:16 PM8/20/21
to syzkaller-f...@googlegroups.com, tue...@freebsd.org
syzbot
Sep 3, 2021, 1:19:24 PM9/3/21
to syzkaller-f...@googlegroups.com, tue...@freebsd.org
syzbot
Sep 17, 2021, 1:20:16 PM9/17/21
to syzkaller-f...@googlegroups.com, tue...@freebsd.org
Mark Johnston
Sep 17, 2021, 5:42:20 PM9/17/21
to syzbot, syzkaller-f...@googlegroups.com
Fixed by
https://cgit.freebsd.org/src/commit/?id=a16cee0218652230d94a73690201e76baab0bba1
Reply all
Reply to author
Forward
0 new messages