panic: Lock pf config not exclusively locked @ /syzkaller/managers/main/kernel/sys/netpfil/pf/pf_ioctl.c:LINE
0 views
Skip to first unread message
syzbot
Mar 28, 2022, 3:42:22 PM3/28/22
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 8601fca7895c sysent: regen for syscallarg_t
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=15637207700000
dashboard link: https://syzkaller.appspot.com/bug?extid=ba6bcae2eabec42983f6
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ba6bca...@syzkaller.appspotmail.com
panic: Lock pf config not exclusively locked @ /syzkaller/managers/main/kernel/sys/netpfil/pf/pf_ioctl.c:538
cpuid = 1
time = 1648496460
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe0092b23f70
kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe0092b240d0
vpanic() at vpanic+0x2b8/frame 0xfffffe0092b241b0
panic() at panic+0xb5/frame 0xfffffe0092b24270
_sx_xunlock_hard() at _sx_xunlock_hard/frame 0xfffffe0092b242c0
pf_free_rule() at pf_free_rule+0x4c/frame 0xfffffe0092b242f0
pfioctl() at pfioctl+0xb6df/frame 0xfffffe0092b25610
devfs_ioctl() at devfs_ioctl+0x22a/frame 0xfffffe0092b256f0
VOP_IOCTL_APV() at VOP_IOCTL_APV+0xb0/frame 0xfffffe0092b25730
vn_ioctl() at vn_ioctl+0x215/frame 0xfffffe0092b25a80
devfs_ioctl_f() at devfs_ioctl_f+0x71/frame 0xfffffe0092b25ad0
kern_ioctl() at kern_ioctl+0x631/frame 0xfffffe0092b25bd0
sys_ioctl() at sys_ioctl+0x31f/frame 0xfffffe0092b25d30
amd64_syscall() at amd64_syscall+0x40c/frame 0xfffffe0092b25f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0092b25f30
--- syscall (198, FreeBSD ELF64, nosys), rip = 0x28a42a, rsp = 0x83369df08, rbp = 0x83369df70 ---
KDB: enter: panic
[ thread pid 1426 tid 100837 ]
Stopped at kdb_enter+0x6b: movq $0,0x270a69a(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0x9f395b3fa5c2a98a
rdx 0x3ffff
rbx 0
rsp 0xfffffe0092b240b0
rbp 0xfffffe0092b240d0
rsi 0x40001
rdi 0xffffffff8177a5ea vprintf+0x35a
r8 0
r9 0xffffffff
r10 0
r11 0xfffffe009a5c26f0
r12 0xfffffe009a5c21e0
r13 0xfffffe0092b24101
r14 0xffffffff82bb9d20 .str.26
r15 0xffffffff82bb9d20 .str.26
rip 0xffffffff8176db7b kdb_enter+0x6b
rflags 0x46
kdb_enter+0x6b: movq $0,0x270a69a(%rip)
db> show proc
Process 1426 (syz-executor.0) at 0xfffffe0053ddc548:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 776 at 0xfffffe0058dfb000
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.0 exec
reaper: 0xfffffe0053dde000 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00998a93f0
(map 0xfffffe00998a93f0)
(map.pmap 0xfffffe00998a94b0)
(pmap 0xfffffe00998a9518)
threads: 2
100087 RunQ syz-executor.0
100837 Run CPU 1 syz-executor.0
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1426 776 776 0 R (threaded) syz-executor.0
100087 RunQ syz-executor.0
100837 Run CPU 1 syz-executor.0
1425 777 777 0 R (threaded) syz-executor.1
100235 RunQ syz-executor.1
100836 S uwait 0xfffffe0092685d00 syz-executor.1
1424 783 783 0 R (threaded) syz-executor.2
100112 RunQ syz-executor.2
100835 RunQ syz-executor.2
1421 787 787 0 R (threaded) syz-executor.3
100490 RunQ syz-executor.3
100831 S connec 0xfffffe0058be40da syz-executor.3
100832 S uwait 0xfffffe009a533000 syz-executor.3
1166 1 787 0 S uwait 0xfffffe0092685c00 syz-executor.3
1161 1 787 0 S uwait 0xfffffe0092dacc00 syz-executor.3
1155 1 787 0 S umtxn 0xfffffe0092dace00 syz-executor.3
1151 1 787 0 S uwait 0xfffffe0092686180 syz-executor.3
1144 1 787 0 S uwait 0xfffffe0058a7ab00 syz-executor.3
1141 1 787 0 S uwait 0xfffffe0092686400 syz-executor.3
1123 1 787 0 S uwait 0xfffffe0053f7c700 syz-executor.3
1118 1 787 0 S uwait 0xfffffe0092686300 syz-executor.3
1112 1 787 0 S uwait 0xfffffe0092dacf00 syz-executor.3
1107 1 787 0 S uwait 0xfffffe0092dad080 syz-executor.3
978 0 0 0 DL aiordy 0xfffffe009a45b548 [aiod4]
977 0 0 0 DL aiordy 0xfffffe0092dcd000 [aiod3]
976 0 0 0 DL aiordy 0xfffffe009a45ba90 [aiod2]
975 0 0 0 DL aiordy 0xfffffe0053f05548 [aiod1]
823 812 823 0 Ss select 0xfffffe00926856c0 dhclient
818 1 818 0 Ss select 0xfffffe0092dac940 dhclient
812 798 430 65 S select 0xfffffe0092685740 dhclient
798 430 430 0 S wait 0xfffffe0092678548 sh
787 774 787 0 Ss nanslp 0xffffffff83e458c1 syz-executor.3
783 774 783 0 Ss nanslp 0xffffffff83e458c1 syz-executor.2
777 774 777 0 Ss nanslp 0xffffffff83e458c1 syz-executor.1
776 774 776 0 Ss nanslp 0xffffffff83e458c1 syz-executor.0
774 772 772 0 S (threaded) syz-fuzzer
100099 S kqread 0xfffffe0053f31500 syz-fuzzer
100118 S uwait 0xfffffe0053f7b680 syz-fuzzer
100119 S uwait 0xfffffe0053f7b780 syz-fuzzer
100120 S uwait 0xfffffe0053f7b880 syz-fuzzer
100121 S uwait 0xfffffe0058a7a800 syz-fuzzer
100122 S uwait 0xfffffe0092686080 syz-fuzzer
100123 S uwait 0xfffffe0058a7a900 syz-fuzzer
100124 S uwait 0xfffffe0058a7aa00 syz-fuzzer
100257 S uwait 0xfffffe0092685f00 syz-fuzzer
772 770 772 0 Ss pause 0xfffffe0058c035f8 csh
770 688 770 0 Ss select 0xfffffe0053f7d040 sshd
754 1 754 0 Ss+ ttyin 0xfffffe00574d7cb0 getty
753 1 753 0 Ss+ ttyin 0xfffffe00574d50b0 getty
752 1 752 0 Ss+ ttyin 0xfffffe00586c0cb0 getty
751 1 751 0 Ss+ ttyin 0xfffffe00574d54b0 getty
750 1 750 0 Ss+ ttyin 0xfffffe00574d58b0 getty
749 1 749 0 Ss+ ttyin 0xfffffe00574d5cb0 getty
748 1 748 0 Ss+ ttyin 0xfffffe00574d60b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe00574d64b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00574d68b0 getty
744 1 18 0 S+ piperd 0xfffffe0058b2dba0 logger
743 742 18 0 S+ nanslp 0xffffffff83e458c1 sleep
742 1 18 0 S+ wait 0xfffffe0058c04548 sh
692 1 692 0 Ss nanslp 0xffffffff83e458c1 cron
688 1 688 0 Ss select 0xfffffe0053f7c340 sshd
501 1 501 0 Ss select 0xfffffe0092686540 syslogd
430 1 430 0 Ss wait 0xfffffe0058c03000 devd
429 1 429 65 Ss select 0xfffffe0053f7c2c0 dhclient
344 1 344 0 Ss select 0xfffffe0053f7bbc0 dhclient
341 1 341 0 Ss select 0xfffffe0058a7acc0 dhclient
17 0 0 0 DL syncer 0xffffffff83f6b0e0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe00587d0a90 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100080 D psleep 0xffffffff83f696e0 [bufdaemon]
100083 D - 0xffffffff83211f80 [bufspacedaemon-0]
100093 D sdflush 0xfffffe0058632ce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83f9d180 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83f91038 [dom0]
100081 D launds 0xffffffff83f91044 [laundry: dom0]
100082 D umarcl 0xffffffff81ea4540 [uma]
7 0 0 0 DL - 0xffffffff83c01688 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff8463b530 [pf purge]
5 0 0 0 DL waiting 0xffffffff849465a0 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100045 D - 0xffffffff83aa35c0 [doneq0]
100046 D - 0xffffffff83aa3540 [async]
100077 D - 0xffffffff83aa33c0 [scanner]
14 0 0 0 DL seqstat 0xfffffe0056ec5488 [sequencer 00]
3 0 0 0 DL (threaded) [crypto]
100041 D crypto_ 0xffffffff83f8c840 [crypto]
100042 D crypto_ 0xfffffe0053ed6c30 [crypto returns 0]
100043 D crypto_ 0xfffffe0053ed6c80 [crypto returns 1]
13 0 0 0 DL (threaded) [geom]
100036 D - 0xffffffff83e1ae80 [g_event]
100037 D - 0xffffffff83e1aea0 [g_up]
100038 D - 0xffffffff83e1aec0 [g_down]
2 0 0 0 WL (threaded) [clock]
100030 I [clock (0)]
100031 I [clock (1)]
12 0 0 0 RL (threaded) [intr]
100010 I [swi6: Giant taskq]
100017 I [swi5: fast taskq]
100020 I [swi6: task queue]
100029 I [swi1: netisr 0]
100032 I [swi3: busdma]
100033 I [swi1: hpts]
100034 Run CPU 0 [swi1: hpts]
100047 I [irq24: virtio_pci0]
100048 I [irq25: virtio_pci0]
100049 I [irq26: virtio_pci0]
100050 I [irq27: virtio_pci0]
100051 I [irq28: virtio_pci1]
100052 I [irq29: virtio_pci1]
100053 I [irq30: virtio_pci1]
100054 I [irq31: virtio_pci1]
100055 I [irq32: virtio_pci1]
100060 I [irq33: virtio_pci2]
100061 I [irq34: virtio_pci2]
100062 I [irq35: virtio_pci2]
100064 I [irq1: atkbd0]
100065 I [irq12: psm0]
100066 I [swi0: uart uart++]
100070 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe0053dde000 [init]
10 0 0 0 DL audit_w 0xffffffff83f8d340 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff83e1b8c0 [swapper]
100005 D - 0xfffffe0053c95b00 [softirq_0]
100006 D - 0xfffffe0053c95900 [softirq_1]
100007 D - 0xfffffe0053c95700 [if_io_tqg_0]
100008 D - 0xfffffe0053c95500 [if_io_tqg_1]
100009 D - 0xfffffe0053c95300 [if_config_tqg_0]
100011 D - 0xfffffe0008181c00 [aiod_kick taskq]
100012 D - 0xfffffe0008181b00 [inm_free taskq]
100013 D - 0xfffffe0008181a00 [linuxkpi_irq_wq]
100014 D - 0xfffffe0008181900 [in6m_free taskq]
100015 D - 0xfffffe0008181800 [deferred_unmount ta]
100016 D - 0xfffffe0008181700 [thread taskq]
100018 D - 0xfffffe0008181500 [kqueue_ctx taskq]
100019 D - 0xfffffe0008181400 [pci_hp taskq]
100021 D - 0xfffffe0008181200 [linuxkpi_short_wq_0]
100022 D - 0xfffffe0008181200 [linuxkpi_short_wq_1]
100023 D - 0xfffffe0008181200 [linuxkpi_short_wq_2]
100024 D - 0xfffffe0008181200 [linuxkpi_short_wq_3]
100025 D - 0xfffffe0008181100 [linuxkpi_long_wq_0]
100026 D - 0xfffffe0008181100 [linuxkpi_long_wq_1]
100027 D - 0xfffffe0008181100 [linuxkpi_long_wq_2]
100028 D - 0xfffffe0008181100 [linuxkpi_long_wq_3]
100035 D - 0xfffffe0053f33300 [firmware taskq]
100039 D - 0xfffffe0053f33200 [crypto_0]
100040 D - 0xfffffe0053f33200 [crypto_1]
100056 D - 0xfffffe0053f32d00 [vtnet0 rxq 0]
100057 D - 0xfffffe0053f32c00 [vtnet0 txq 0]
100058 D - 0xfffffe0053f32b00 [vtnet0 rxq 1]
100059 D - 0xfffffe0053f32a00 [vtnet0 txq 1]
100063 D vtbslp 0xfffffe0056fa1480 [virtio_balloon]
100067 D - 0xffffffff82bbfba0 [deadlkres]
100071 D - 0xfffffe0008182100 [mca taskq]
100073 D - 0xfffffe0053f32500 [acpi_task_0]
100074 D - 0xfffffe0053f32500 [acpi_task_1]
100075 D - 0xfffffe0053f32500 [acpi_task_2]
100076 D - 0xfffffe0053f32e00 [CAM taskq]
db> show all locks
Process 1426 (syz-executor.0) thread 0xfffffe009a5c21e0 (100837)
exclusive rm pf rulesets (pf rulesets) r = 0 (0xffffffff846f34a0) locked @ /syzkaller/managers/main/kernel/sys/netpfil/pf/pf_ioctl.c:3203
Process 1424 (syz-executor.2) thread 0xfffffe009a548ac0 (100835)
exclusive rw tcpinp (tcpinp) r = 0 (0xfffffe00926da508) locked @ /syzkaller/managers/main/kernel/sys/netinet/tcp_usrreq.c:1008
exclusive sx so_snd_sx (so_snd_sx) r = 0 (0xfffffe0058be5c80) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4193
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
sctp_stro 32 11308K 245
tcp_hpts 6 4801K 6
devbuf 4217 4323K 4242
sysctloid 35306 2080K 35377
vtbuf 24 1968K 46
kobj 327 1308K 488
newblk 9 1026K 1236
vfscache 3 1025K 3
pcb 110 638K 1466
inodedep 90 546K 756
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
filedesc 38 297K 1235
subproc 148 295K 1513
vmem 3 274K 6
acpica 1674 184K 56014
vnet_data 1 168K 1
tidhash 3 141K 3
linker 358 134K 386
pagedep 10 131K 625
tfo_ccache 1 128K 1
DEVFS1 109 109K 126
sem 4 106K 4
bus 991 81K 5140
mtx_pool 2 72K 2
syncache 1 68K 1
module 512 64K 512
acpitask 1 64K 1
ddb_capture 1 64K 1
kdtrace 226 45K 2265
umtx 352 44K 352
BPF 22 36K 22
temp 35 35K 1928
DEVFS3 128 32K 138
hostcache 1 32K 1
shm 1 32K 1
msg 4 30K 4
sctp_atcl 77 29K 975
gtaskqueue 18 26K 18
kbdmux 6 22K 6
dirrem 80 20K 632
DEVFS_RULE 56 20K 56
ifaddr 67 19K 69
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 100 16K 100
routetbl 130 16K 410
lltable 49 16K 52
bus-sc 34 15K 1651
KTRACE 100 13K 104
ifnet 7 13K 7
ether_multi 152 13K 162
kenv 95 12K 95
eventhandler 134 12K 134
rman 88 11K 429
GEOM 61 11K 490
CAM queue 5 11K 1528
freefile 78 10K 617
in6_multi 65 9K 65
ksem 4 9K 24
bmsafemap 2 9K 694
UART 12 9K 12
devstat 4 9K 4
rpc 2 8K 2
shmfd 1 8K 1
pfs_vncache 1 8K 1
sctp_timw 31 8K 31
pfs_nodes 20 8K 20
audit_evclass 237 8K 296
taskqueue 63 7K 63
kqueue 68 7K 1431
cred 25 7K 201
sglist 5 7K 5
CAM DEV 3 6K 510
plimit 22 6K 348
DEVFSP 75 5K 171
ufs_dirhash 24 5K 24
UMA 272 5K 272
sctp_atky 109 5K 1273
pf_ifnet 10 5K 19
vt 11 5K 11
pwddesc 66 5K 1417
memdesc 1 4K 1
MCA 32 4K 32
ioctlops 1 4K 155
evdev 4 4K 4
acpisem 28 4K 28
hhook 15 4K 17
session 26 4K 35
kcovinfo 52 4K 52
proc-args 92 4K 2503
terminal 11 3K 11
uidinfo 3 3K 7
crypto 10 3K 68
pf_rule 1 2K 5
local_apic 1 2K 1
io_apic 1 2K 1
fpukern_ctx 2 2K 2
ipsec-saq 2 2K 2
lockf 19 2K 29
selfd 31 2K 18538
ip6ndp 12 2K 13
freework 7 2K 603
Unitno 29 2K 47
sctp_ifa 13 2K 14
CAM XPT 22 2K 543
msi 12 2K 12
freeblks 6 2K 602
in_multi 6 2K 8
cryptodev 18 2K 212
ipsecpolicy 2 2K 2
acpidev 20 2K 20
select 10 2K 31
sctp_athm 77 2K 1012
clone 9 2K 9
tun 7 2K 7
sctp_map 64 1K 482
softdep 1 1K 1
mkdir 8 1K 1186
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 124
NFSD session 1 1K 1
CAM periph 4 1K 271
sctp_ifn 6 1K 14
ipsec 3 1K 3
mld 6 1K 6
igmp 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
newdirblk 5 1K 593
encap_export_host 12 1K 12
diradd 4 1K 665
inpcbpolicy 16 1K 457
CC Mem 8 1K 339
pfil 4 1K 4
cdev 2 1K 2
osd 12 1K 276
chacha20random 1 1K 1
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
vnodes 1 1K 1
CAM SIM 2 1K 2
procdesc 2 1K 8
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
soname 6 1K 4222
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
pmchooks 1 1K 1
filecaps 5 1K 72
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 38
pmc 1 1K 1
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
tcp_do 0 0K 0
tcp_fsb 0 0K 52
sctp_mcore 0 0K 0
sctp_socko 0 0K 408
sctp_iter 0 0K 12
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 12
sctp_aadr 0 0K 0
sctp_stri 0 0K 74
pf_table 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
mqdata 0 0K 0
filemon 0 0K 14
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
ixl 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
xen_intr 0 0K 0
NFSD srvcache 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
msdosfs_node 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
DEVFS4 0 0K 0
xenbus 0 0K 0
DEVFS2 0 0K 0
vm_fictitious 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
scsi_pass 0 0K 0
ciss_data 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
UMAHash 0 0K 0
vtfont 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 99
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 59
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 2
allocindir 0 0K 0
indirdep 0 0K 10
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
ktls_ocf 0 0K 0
AHCI driver 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 3
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
LRO 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
agp 0 0K 0
statfs 0 0K 778
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 2
nvme_da 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
twsbuf 0 0K 0
twe_commands 0 0K 0
tcp_log_dev 0 0K 42
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 37
acl 0 0K 0
mbuf_tag 0 0K 97
ktls 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 14297
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
MPRSAS 0 0K 0
SWAP 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sysctltmp 0 0K 674
sysctl 0 0K 3
md_sectors 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
cache 0 0K 0
aacraidcam 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 10
pwd 0 0K 0
tty console 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
boottrace 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8324 1074 110302 0 254 38494208 0
tcp_log 416 0 12195 58710 0 254 5073120 0
mbuf 256 8800 863 227278 0 254 2473728 0
pbuf 2624 0 778 0 0 2 2041472 0
BUF TRIE 144 189 11599 1025 0 62 1697472 0
malloc-128 128 12526 339 13106 0 126 1646720 0
malloc-384 384 4155 15 4156 0 30 1601280 0
mbuf_cluster 2048 762 0 762 0 254 1560576 0
malloc-4096 4096 328 4 491 0 2 1359872 0
UMA Slabs 0 112 10877 25 10877 0 126 1221024 0
sctp_asoc 2288 32 478 241 0 254 1166880 0
vmem btag 56 18897 78 18897 0 254 1062600 0
RADIX NODE 144 6795 228 38871 0 62 1011312 0
FFS inode 1160 517 36 1134 0 8 641480 0
sctp_ep 1208 45 465 697 0 254 616080 0
VM OBJECT 264 2082 78 38588 0 30 570240 0
tcpcb 1104 8 503 265 0 254 564144 0
256 Bucket 2048 240 16 1874 0 8 524288 0
socket 960 43 465 2377 0 254 487680 0
tcp_bbr_map 128 8 3402 19784 0 126 436480 0
ertt_txseginfo 40 0 9999 61397 0 254 399960 0
lkpicurr 168 2 2350 2 0 62 395136 0
lkpimm 168 1 2327 1 0 62 391104 0
sctp_raddr 736 32 485 241 0 254 380512 0
malloc-16384 16384 19 4 776 0 1 376832 0
THREAD 1808 159 17 837 0 8 318208 0
malloc-4096 4096 67 5 1432 0 2 294912 0
MAP ENTRY 96 2767 257 122359 0 126 290304 0
VNODE 448 555 75 1174 0 30 282240 0
malloc-64 64 3879 468 22419 0 254 278208 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-16 16 14630 120 14987 0 254 236000 0
DEVCTL 1024 21 199 151 0 0 225280 0
malloc-65536 65536 1 2 7 0 1 196608 0
malloc-65536 65536 3 0 3 0 1 196608 0
malloc-65536 65536 1 2 137 0 1 196608 0
mbuf_packet 256 10 752 2947 0 254 195072 0
malloc-256 256 31 719 1464 0 62 192000 0
UMA Zones 768 244 0 244 0 16 187392 0
malloc-32 32 5318 352 6851 0 254 181440 0
malloc-128 128 1132 263 26379 0 126 178560 0
FPU_save_area 832 161 37 1617 0 16 164736 0
malloc-384 384 89 331 756 0 30 161280 0
S VFS Cache 104 1001 403 1705 0 126 146016 0
FFS2 dinode 256 517 53 1134 0 62 145920 0
VMSPACE 2552 45 12 1407 0 4 145464 0
malloc-65536 65536 0 2 60 0 1 131072 0
malloc-2048 2048 47 17 723 0 8 131072 0
malloc-1024 1024 123 5 141 0 16 131072 0
unpcb 256 11 499 1197 0 254 130560 0
malloc-4096 4096 27 3 38 0 2 122880 0
g_bio 408 0 300 7425 0 30 122400 0
128 Bucket 1024 81 34 709 0 16 117760 0
ksiginfo 112 68 976 873 0 126 116928 0
malloc-256 256 136 299 1991 0 62 111360 0
PROC 1352 65 16 1426 0 8 109512 0
filedesc0 1072 66 25 1417 0 8 97552 0
malloc-256 256 253 122 1642 0 62 96000 0
UMA Kegs 384 230 3 230 0 30 89472 0
clpbuf 2624 0 32 62 0 16 83968 0
malloc-8192 8192 6 4 48 0 1 81920 0
sctp_readq 152 0 520 65 0 254 79040 0
sctp_chunk 152 21 499 95 0 254 79040 0
64 Bucket 512 88 48 2673 0 30 69632 0
malloc-64 64 522 549 1909 0 254 68544 0
malloc-128 128 294 233 405 0 126 67456 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-2048 2048 8 24 570 0 8 65536 0
malloc-256 256 162 93 629 0 62 65280 0
32 Bucket 256 92 163 6960 0 62 65280 0
sctp_stream_msg_out 112 23 517 68 0 254 60480 0
malloc-384 384 97 53 1004 0 30 57600 0
malloc-8192 8192 5 2 8 0 1 57344 0
tcp_inpcb 424 8 118 265 0 30 53424 0
da_ccb 544 0 98 1973 0 16 53312 0
malloc-64 64 399 420 14271 0 254 52416 0
malloc-64 64 597 222 3512 0 254 52416 0
malloc-128 128 134 269 2677 0 126 51584 0
malloc-128 128 179 224 611 0 126 51584 0
malloc-256 256 100 95 1652 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 0 48 15897 0 16 49152 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-16384 16384 2 1 17 0 1 49152 0
malloc-8192 8192 4 2 105 0 1 49152 0
malloc-2048 2048 13 11 17 0 8 49152 0
malloc-2048 2048 2 22 575 0 8 49152 0
malloc-1024 1024 5 43 1518 0 16 49152 0
malloc-1024 1024 32 16 398 0 16 49152 0
malloc-1024 1024 16 32 20 0 16 49152 0
malloc-384 384 103 17 103 0 30 46080 0
syncache 168 0 264 4 0 254 44352 0
malloc-8192 8192 5 0 5 0 1 40960 0
pcpu-8 8 4655 465 4843 0 254 40960 0
Mountpoints 2752 2 12 2 0 4 38528 0
udp_inpcb 424 6 84 162 0 30 38160 0
pipe 744 21 29 323 0 16 37200 0
PWD 32 29 1105 682 0 254 36288 0
malloc-64 64 20 547 168 0 254 36288 0
malloc-64 64 236 331 2161 0 254 36288 0
malloc-64 64 8 559 65 0 254 36288 0
malloc-64 64 91 476 658 0 254 36288 0
malloc-128 128 53 226 141 0 126 35712 0
malloc-128 128 74 205 3407 0 126 35712 0
malloc-128 128 155 124 895 0 126 35712 0
routing nhops 256 27 108 34 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 52 38 392 0 30 34560 0
malloc-256 256 67 68 802 0 62 34560 0
malloc-256 256 100 35 502 0 62 34560 0
malloc-256 256 7 128 586 0 62 34560 0
TURNSTILE 136 177 75 177 0 62 34272 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-4096 4096 5 3 629 0 2 32768 0
malloc-2048 2048 1 15 13 0 8 32768 0
malloc-2048 2048 8 8 8 0 8 32768 0
malloc-2048 2048 2 14 2 0 8 32768 0
malloc-2048 2048 1 15 244 0 8 32768 0
malloc-1024 1024 4 28 44 0 16 32768 0
malloc-1024 1024 2 30 21 0 16 32768 0
malloc-1024 1024 17 15 17 0 16 32768 0
malloc-1024 1024 1 31 6 0 16 32768 0
malloc-512 512 5 59 5 0 30 32768 0
malloc-512 512 0 64 14 0 30 32768 0
malloc-512 512 2 62 125 0 30 32768 0
malloc-512 512 2 62 125 0 30 32768 0
malloc-512 512 9 55 10 0 30 32768 0
pcpu-64 64 492 20 492 0 254 32768 0
tcp_rack_pcb 896 0 36 52 0 16 32256 0
KNOTE 160 28 172 9437 0 62 32000 0
ttyinq 160 135 65 300 0 62 32000 0
Files 80 217 183 9069 0 126 32000 0
tcp_rack_map 120 0 264 121 0 126 31680 0
tcp_bbr_pcb 832 4 32 122 0 16 29952 0
cpuset 104 7 272 7 0 126 29016 0
sctp_laddr 48 4 584 103 0 254 28224 0
malloc-32 32 337 545 914 0 254 28224 0
16 Bucket 144 67 129 287 0 62 28224 0
4 Bucket 48 7 581 67 0 254 28224 0
AIO 208 0 133 37 0 62 27664 0
ripcb 424 2 61 30 0 30 26712 0
malloc-4096 4096 2 4 8 0 2 24576 0
malloc-4096 4096 3 3 781 0 2 24576 0
rtentry 176 30 108 34 0 62 24288 0
PGRP 88 26 250 35 0 126 24288 0
rl_entry 40 40 566 40 0 254 24240 0
8 Bucket 80 51 249 407 0 126 24000 0
malloc-384 384 26 34 29 0 30 23040 0
malloc-384 384 3 57 24 0 30 23040 0
malloc-384 384 1 59 25 0 30 23040 0
SLEEPQUEUE 88 177 79 177 0 126 22528 0
hostcache 64 1 314 1 0 254 20160 0
udpcb 32 6 624 162 0 254 20160 0
tcp_inpcb ports 32 6 624 152 0 254 20160 0
udp_inpcb ports 32 3 627 33 0 254 20160 0
AIOP 32 4 626 4 0 254 20160 0
ertt 72 8 272 265 0 126 20160 0
malloc-32 32 128 502 552 0 254 20160 0
malloc-32 32 62 568 1366 0 254 20160 0
malloc-32 32 98 532 154 0 254 20160 0
malloc-32 32 162 468 1285 0 254 20160 0
malloc-32 32 46 584 2873 0 254 20160 0
2 Bucket 32 55 575 407 0 254 20160 0
cryptop 280 0 70 22 0 30 19600 0
AIOCB 552 0 35 74 0 16 19320 0
AIOLIO 272 0 70 37 0 30 19040 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 1 3 12 0 2 16384 0
malloc-512 512 2 30 120 0 30 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
malloc-16 16 454 546 3729 0 254 16000 0
kenv 258 15 45 1026 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
malloc-32 32 4 374 66 0 254 12096 0
vtnet_tx_hdr 24 0 501 52509 0 254 12024 0
malloc-16 16 11 739 426 0 254 12000 0
malloc-16 16 53 697 756 0 254 12000 0
malloc-16 16 58 692 256 0 254 12000 0
malloc-16 16 199 551 3075 0 254 12000 0
malloc-16 16 23 727 25466 0 254 12000 0
itimer 352 0 33 4 0 30 11616 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
pcpu-16 16 14 498 14 0 254 8192 0
malloc-16 16 8 492 8 0 254 8000 0
UMA Slabs 1 176 9 13 9 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 312 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 56 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 72 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
ripcb ports 32 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
udplite_inpcb 424 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
TMPFS node 224 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 8601fca7895c sysent: regen for syscallarg_t
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=15637207700000
dashboard link: https://syzkaller.appspot.com/bug?extid=ba6bcae2eabec42983f6
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ba6bca...@syzkaller.appspotmail.com
panic: Lock pf config not exclusively locked @ /syzkaller/managers/main/kernel/sys/netpfil/pf/pf_ioctl.c:538
cpuid = 1
time = 1648496460
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe0092b23f70
kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe0092b240d0
vpanic() at vpanic+0x2b8/frame 0xfffffe0092b241b0
panic() at panic+0xb5/frame 0xfffffe0092b24270
_sx_xunlock_hard() at _sx_xunlock_hard/frame 0xfffffe0092b242c0
pf_free_rule() at pf_free_rule+0x4c/frame 0xfffffe0092b242f0
pfioctl() at pfioctl+0xb6df/frame 0xfffffe0092b25610
devfs_ioctl() at devfs_ioctl+0x22a/frame 0xfffffe0092b256f0
VOP_IOCTL_APV() at VOP_IOCTL_APV+0xb0/frame 0xfffffe0092b25730
vn_ioctl() at vn_ioctl+0x215/frame 0xfffffe0092b25a80
devfs_ioctl_f() at devfs_ioctl_f+0x71/frame 0xfffffe0092b25ad0
kern_ioctl() at kern_ioctl+0x631/frame 0xfffffe0092b25bd0
sys_ioctl() at sys_ioctl+0x31f/frame 0xfffffe0092b25d30
amd64_syscall() at amd64_syscall+0x40c/frame 0xfffffe0092b25f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0092b25f30
--- syscall (198, FreeBSD ELF64, nosys), rip = 0x28a42a, rsp = 0x83369df08, rbp = 0x83369df70 ---
KDB: enter: panic
[ thread pid 1426 tid 100837 ]
Stopped at kdb_enter+0x6b: movq $0,0x270a69a(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0x9f395b3fa5c2a98a
rdx 0x3ffff
rbx 0
rsp 0xfffffe0092b240b0
rbp 0xfffffe0092b240d0
rsi 0x40001
rdi 0xffffffff8177a5ea vprintf+0x35a
r8 0
r9 0xffffffff
r10 0
r11 0xfffffe009a5c26f0
r12 0xfffffe009a5c21e0
r13 0xfffffe0092b24101
r14 0xffffffff82bb9d20 .str.26
r15 0xffffffff82bb9d20 .str.26
rip 0xffffffff8176db7b kdb_enter+0x6b
rflags 0x46
kdb_enter+0x6b: movq $0,0x270a69a(%rip)
db> show proc
Process 1426 (syz-executor.0) at 0xfffffe0053ddc548:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 776 at 0xfffffe0058dfb000
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: /root/syz-executor.0 exec
reaper: 0xfffffe0053dde000 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00998a93f0
(map 0xfffffe00998a93f0)
(map.pmap 0xfffffe00998a94b0)
(pmap 0xfffffe00998a9518)
threads: 2
100087 RunQ syz-executor.0
100837 Run CPU 1 syz-executor.0
db> ps
pid ppid pgrp uid state wmesg wchan cmd
1426 776 776 0 R (threaded) syz-executor.0
100087 RunQ syz-executor.0
100837 Run CPU 1 syz-executor.0
1425 777 777 0 R (threaded) syz-executor.1
100235 RunQ syz-executor.1
100836 S uwait 0xfffffe0092685d00 syz-executor.1
1424 783 783 0 R (threaded) syz-executor.2
100112 RunQ syz-executor.2
100835 RunQ syz-executor.2
1421 787 787 0 R (threaded) syz-executor.3
100490 RunQ syz-executor.3
100831 S connec 0xfffffe0058be40da syz-executor.3
100832 S uwait 0xfffffe009a533000 syz-executor.3
1166 1 787 0 S uwait 0xfffffe0092685c00 syz-executor.3
1161 1 787 0 S uwait 0xfffffe0092dacc00 syz-executor.3
1155 1 787 0 S umtxn 0xfffffe0092dace00 syz-executor.3
1151 1 787 0 S uwait 0xfffffe0092686180 syz-executor.3
1144 1 787 0 S uwait 0xfffffe0058a7ab00 syz-executor.3
1141 1 787 0 S uwait 0xfffffe0092686400 syz-executor.3
1123 1 787 0 S uwait 0xfffffe0053f7c700 syz-executor.3
1118 1 787 0 S uwait 0xfffffe0092686300 syz-executor.3
1112 1 787 0 S uwait 0xfffffe0092dacf00 syz-executor.3
1107 1 787 0 S uwait 0xfffffe0092dad080 syz-executor.3
978 0 0 0 DL aiordy 0xfffffe009a45b548 [aiod4]
977 0 0 0 DL aiordy 0xfffffe0092dcd000 [aiod3]
976 0 0 0 DL aiordy 0xfffffe009a45ba90 [aiod2]
975 0 0 0 DL aiordy 0xfffffe0053f05548 [aiod1]
823 812 823 0 Ss select 0xfffffe00926856c0 dhclient
818 1 818 0 Ss select 0xfffffe0092dac940 dhclient
812 798 430 65 S select 0xfffffe0092685740 dhclient
798 430 430 0 S wait 0xfffffe0092678548 sh
787 774 787 0 Ss nanslp 0xffffffff83e458c1 syz-executor.3
783 774 783 0 Ss nanslp 0xffffffff83e458c1 syz-executor.2
777 774 777 0 Ss nanslp 0xffffffff83e458c1 syz-executor.1
776 774 776 0 Ss nanslp 0xffffffff83e458c1 syz-executor.0
774 772 772 0 S (threaded) syz-fuzzer
100099 S kqread 0xfffffe0053f31500 syz-fuzzer
100118 S uwait 0xfffffe0053f7b680 syz-fuzzer
100119 S uwait 0xfffffe0053f7b780 syz-fuzzer
100120 S uwait 0xfffffe0053f7b880 syz-fuzzer
100121 S uwait 0xfffffe0058a7a800 syz-fuzzer
100122 S uwait 0xfffffe0092686080 syz-fuzzer
100123 S uwait 0xfffffe0058a7a900 syz-fuzzer
100124 S uwait 0xfffffe0058a7aa00 syz-fuzzer
100257 S uwait 0xfffffe0092685f00 syz-fuzzer
772 770 772 0 Ss pause 0xfffffe0058c035f8 csh
770 688 770 0 Ss select 0xfffffe0053f7d040 sshd
754 1 754 0 Ss+ ttyin 0xfffffe00574d7cb0 getty
753 1 753 0 Ss+ ttyin 0xfffffe00574d50b0 getty
752 1 752 0 Ss+ ttyin 0xfffffe00586c0cb0 getty
751 1 751 0 Ss+ ttyin 0xfffffe00574d54b0 getty
750 1 750 0 Ss+ ttyin 0xfffffe00574d58b0 getty
749 1 749 0 Ss+ ttyin 0xfffffe00574d5cb0 getty
748 1 748 0 Ss+ ttyin 0xfffffe00574d60b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe00574d64b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00574d68b0 getty
744 1 18 0 S+ piperd 0xfffffe0058b2dba0 logger
743 742 18 0 S+ nanslp 0xffffffff83e458c1 sleep
742 1 18 0 S+ wait 0xfffffe0058c04548 sh
692 1 692 0 Ss nanslp 0xffffffff83e458c1 cron
688 1 688 0 Ss select 0xfffffe0053f7c340 sshd
501 1 501 0 Ss select 0xfffffe0092686540 syslogd
430 1 430 0 Ss wait 0xfffffe0058c03000 devd
429 1 429 65 Ss select 0xfffffe0053f7c2c0 dhclient
344 1 344 0 Ss select 0xfffffe0053f7bbc0 dhclient
341 1 341 0 Ss select 0xfffffe0058a7acc0 dhclient
17 0 0 0 DL syncer 0xffffffff83f6b0e0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe00587d0a90 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100080 D psleep 0xffffffff83f696e0 [bufdaemon]
100083 D - 0xffffffff83211f80 [bufspacedaemon-0]
100093 D sdflush 0xfffffe0058632ce8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83f9d180 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83f91038 [dom0]
100081 D launds 0xffffffff83f91044 [laundry: dom0]
100082 D umarcl 0xffffffff81ea4540 [uma]
7 0 0 0 DL - 0xffffffff83c01688 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff8463b530 [pf purge]
5 0 0 0 DL waiting 0xffffffff849465a0 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100045 D - 0xffffffff83aa35c0 [doneq0]
100046 D - 0xffffffff83aa3540 [async]
100077 D - 0xffffffff83aa33c0 [scanner]
14 0 0 0 DL seqstat 0xfffffe0056ec5488 [sequencer 00]
3 0 0 0 DL (threaded) [crypto]
100041 D crypto_ 0xffffffff83f8c840 [crypto]
100042 D crypto_ 0xfffffe0053ed6c30 [crypto returns 0]
100043 D crypto_ 0xfffffe0053ed6c80 [crypto returns 1]
13 0 0 0 DL (threaded) [geom]
100036 D - 0xffffffff83e1ae80 [g_event]
100037 D - 0xffffffff83e1aea0 [g_up]
100038 D - 0xffffffff83e1aec0 [g_down]
2 0 0 0 WL (threaded) [clock]
100030 I [clock (0)]
100031 I [clock (1)]
12 0 0 0 RL (threaded) [intr]
100010 I [swi6: Giant taskq]
100017 I [swi5: fast taskq]
100020 I [swi6: task queue]
100029 I [swi1: netisr 0]
100032 I [swi3: busdma]
100033 I [swi1: hpts]
100034 Run CPU 0 [swi1: hpts]
100047 I [irq24: virtio_pci0]
100048 I [irq25: virtio_pci0]
100049 I [irq26: virtio_pci0]
100050 I [irq27: virtio_pci0]
100051 I [irq28: virtio_pci1]
100052 I [irq29: virtio_pci1]
100053 I [irq30: virtio_pci1]
100054 I [irq31: virtio_pci1]
100055 I [irq32: virtio_pci1]
100060 I [irq33: virtio_pci2]
100061 I [irq34: virtio_pci2]
100062 I [irq35: virtio_pci2]
100064 I [irq1: atkbd0]
100065 I [irq12: psm0]
100066 I [swi0: uart uart++]
100070 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe0053dde000 [init]
10 0 0 0 DL audit_w 0xffffffff83f8d340 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff83e1b8c0 [swapper]
100005 D - 0xfffffe0053c95b00 [softirq_0]
100006 D - 0xfffffe0053c95900 [softirq_1]
100007 D - 0xfffffe0053c95700 [if_io_tqg_0]
100008 D - 0xfffffe0053c95500 [if_io_tqg_1]
100009 D - 0xfffffe0053c95300 [if_config_tqg_0]
100011 D - 0xfffffe0008181c00 [aiod_kick taskq]
100012 D - 0xfffffe0008181b00 [inm_free taskq]
100013 D - 0xfffffe0008181a00 [linuxkpi_irq_wq]
100014 D - 0xfffffe0008181900 [in6m_free taskq]
100015 D - 0xfffffe0008181800 [deferred_unmount ta]
100016 D - 0xfffffe0008181700 [thread taskq]
100018 D - 0xfffffe0008181500 [kqueue_ctx taskq]
100019 D - 0xfffffe0008181400 [pci_hp taskq]
100021 D - 0xfffffe0008181200 [linuxkpi_short_wq_0]
100022 D - 0xfffffe0008181200 [linuxkpi_short_wq_1]
100023 D - 0xfffffe0008181200 [linuxkpi_short_wq_2]
100024 D - 0xfffffe0008181200 [linuxkpi_short_wq_3]
100025 D - 0xfffffe0008181100 [linuxkpi_long_wq_0]
100026 D - 0xfffffe0008181100 [linuxkpi_long_wq_1]
100027 D - 0xfffffe0008181100 [linuxkpi_long_wq_2]
100028 D - 0xfffffe0008181100 [linuxkpi_long_wq_3]
100035 D - 0xfffffe0053f33300 [firmware taskq]
100039 D - 0xfffffe0053f33200 [crypto_0]
100040 D - 0xfffffe0053f33200 [crypto_1]
100056 D - 0xfffffe0053f32d00 [vtnet0 rxq 0]
100057 D - 0xfffffe0053f32c00 [vtnet0 txq 0]
100058 D - 0xfffffe0053f32b00 [vtnet0 rxq 1]
100059 D - 0xfffffe0053f32a00 [vtnet0 txq 1]
100063 D vtbslp 0xfffffe0056fa1480 [virtio_balloon]
100067 D - 0xffffffff82bbfba0 [deadlkres]
100071 D - 0xfffffe0008182100 [mca taskq]
100073 D - 0xfffffe0053f32500 [acpi_task_0]
100074 D - 0xfffffe0053f32500 [acpi_task_1]
100075 D - 0xfffffe0053f32500 [acpi_task_2]
100076 D - 0xfffffe0053f32e00 [CAM taskq]
db> show all locks
Process 1426 (syz-executor.0) thread 0xfffffe009a5c21e0 (100837)
exclusive rm pf rulesets (pf rulesets) r = 0 (0xffffffff846f34a0) locked @ /syzkaller/managers/main/kernel/sys/netpfil/pf/pf_ioctl.c:3203
Process 1424 (syz-executor.2) thread 0xfffffe009a548ac0 (100835)
exclusive rw tcpinp (tcpinp) r = 0 (0xfffffe00926da508) locked @ /syzkaller/managers/main/kernel/sys/netinet/tcp_usrreq.c:1008
exclusive sx so_snd_sx (so_snd_sx) r = 0 (0xfffffe0058be5c80) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c:4193
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
sctp_stro 32 11308K 245
tcp_hpts 6 4801K 6
devbuf 4217 4323K 4242
sysctloid 35306 2080K 35377
vtbuf 24 1968K 46
kobj 327 1308K 488
newblk 9 1026K 1236
vfscache 3 1025K 3
pcb 110 638K 1466
inodedep 90 546K 756
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
filedesc 38 297K 1235
subproc 148 295K 1513
vmem 3 274K 6
acpica 1674 184K 56014
vnet_data 1 168K 1
tidhash 3 141K 3
linker 358 134K 386
pagedep 10 131K 625
tfo_ccache 1 128K 1
DEVFS1 109 109K 126
sem 4 106K 4
bus 991 81K 5140
mtx_pool 2 72K 2
syncache 1 68K 1
module 512 64K 512
acpitask 1 64K 1
ddb_capture 1 64K 1
kdtrace 226 45K 2265
umtx 352 44K 352
BPF 22 36K 22
temp 35 35K 1928
DEVFS3 128 32K 138
hostcache 1 32K 1
shm 1 32K 1
msg 4 30K 4
sctp_atcl 77 29K 975
gtaskqueue 18 26K 18
kbdmux 6 22K 6
dirrem 80 20K 632
DEVFS_RULE 56 20K 56
ifaddr 67 19K 69
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 100 16K 100
routetbl 130 16K 410
lltable 49 16K 52
bus-sc 34 15K 1651
KTRACE 100 13K 104
ifnet 7 13K 7
ether_multi 152 13K 162
kenv 95 12K 95
eventhandler 134 12K 134
rman 88 11K 429
GEOM 61 11K 490
CAM queue 5 11K 1528
freefile 78 10K 617
in6_multi 65 9K 65
ksem 4 9K 24
bmsafemap 2 9K 694
UART 12 9K 12
devstat 4 9K 4
rpc 2 8K 2
shmfd 1 8K 1
pfs_vncache 1 8K 1
sctp_timw 31 8K 31
pfs_nodes 20 8K 20
audit_evclass 237 8K 296
taskqueue 63 7K 63
kqueue 68 7K 1431
cred 25 7K 201
sglist 5 7K 5
CAM DEV 3 6K 510
plimit 22 6K 348
DEVFSP 75 5K 171
ufs_dirhash 24 5K 24
UMA 272 5K 272
sctp_atky 109 5K 1273
pf_ifnet 10 5K 19
vt 11 5K 11
pwddesc 66 5K 1417
memdesc 1 4K 1
MCA 32 4K 32
ioctlops 1 4K 155
evdev 4 4K 4
acpisem 28 4K 28
hhook 15 4K 17
session 26 4K 35
kcovinfo 52 4K 52
proc-args 92 4K 2503
terminal 11 3K 11
uidinfo 3 3K 7
crypto 10 3K 68
pf_rule 1 2K 5
local_apic 1 2K 1
io_apic 1 2K 1
fpukern_ctx 2 2K 2
ipsec-saq 2 2K 2
lockf 19 2K 29
selfd 31 2K 18538
ip6ndp 12 2K 13
freework 7 2K 603
Unitno 29 2K 47
sctp_ifa 13 2K 14
CAM XPT 22 2K 543
msi 12 2K 12
freeblks 6 2K 602
in_multi 6 2K 8
cryptodev 18 2K 212
ipsecpolicy 2 2K 2
acpidev 20 2K 20
select 10 2K 31
sctp_athm 77 2K 1012
clone 9 2K 9
tun 7 2K 7
sctp_map 64 1K 482
softdep 1 1K 1
mkdir 8 1K 1186
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 124
NFSD session 1 1K 1
CAM periph 4 1K 271
sctp_ifn 6 1K 14
ipsec 3 1K 3
mld 6 1K 6
igmp 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
newdirblk 5 1K 593
encap_export_host 12 1K 12
diradd 4 1K 665
inpcbpolicy 16 1K 457
CC Mem 8 1K 339
pfil 4 1K 4
cdev 2 1K 2
osd 12 1K 276
chacha20random 1 1K 1
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
vnodes 1 1K 1
CAM SIM 2 1K 2
procdesc 2 1K 8
feeder 7 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 6
prison 6 1K 6
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
soname 6 1K 4222
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
pmchooks 1 1K 1
filecaps 5 1K 72
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 38
pmc 1 1K 1
acpiintr 1 1K 1
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
tcp_do 0 0K 0
tcp_fsb 0 0K 52
sctp_mcore 0 0K 0
sctp_socko 0 0K 408
sctp_iter 0 0K 12
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 12
sctp_aadr 0 0K 0
sctp_stri 0 0K 74
pf_table 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
mqdata 0 0K 0
filemon 0 0K 14
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
ixl 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
xen_intr 0 0K 0
NFSD srvcache 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
msdosfs_node 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
DEVFS4 0 0K 0
xenbus 0 0K 0
DEVFS2 0 0K 0
vm_fictitious 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
scsi_pass 0 0K 0
ciss_data 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
UMAHash 0 0K 0
vtfont 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 99
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 59
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefrag 0 0K 2
allocindir 0 0K 0
indirdep 0 0K 10
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
ktls_ocf 0 0K 0
AHCI driver 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6opt 0 0K 3
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
LRO 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
agp 0 0K 0
statfs 0 0K 778
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 2
nvme_da 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
twsbuf 0 0K 0
twe_commands 0 0K 0
tcp_log_dev 0 0K 42
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 37
acl 0 0K 0
mbuf_tag 0 0K 97
ktls 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
tempbuff 0 0K 0
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 14297
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
MPRSAS 0 0K 0
SWAP 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sysctltmp 0 0K 674
sysctl 0 0K 3
md_sectors 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
cache 0 0K 0
aacraidcam 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 10
pwd 0 0K 0
tty console 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
boottrace 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8324 1074 110302 0 254 38494208 0
tcp_log 416 0 12195 58710 0 254 5073120 0
mbuf 256 8800 863 227278 0 254 2473728 0
pbuf 2624 0 778 0 0 2 2041472 0
BUF TRIE 144 189 11599 1025 0 62 1697472 0
malloc-128 128 12526 339 13106 0 126 1646720 0
malloc-384 384 4155 15 4156 0 30 1601280 0
mbuf_cluster 2048 762 0 762 0 254 1560576 0
malloc-4096 4096 328 4 491 0 2 1359872 0
UMA Slabs 0 112 10877 25 10877 0 126 1221024 0
sctp_asoc 2288 32 478 241 0 254 1166880 0
vmem btag 56 18897 78 18897 0 254 1062600 0
RADIX NODE 144 6795 228 38871 0 62 1011312 0
FFS inode 1160 517 36 1134 0 8 641480 0
sctp_ep 1208 45 465 697 0 254 616080 0
VM OBJECT 264 2082 78 38588 0 30 570240 0
tcpcb 1104 8 503 265 0 254 564144 0
256 Bucket 2048 240 16 1874 0 8 524288 0
socket 960 43 465 2377 0 254 487680 0
tcp_bbr_map 128 8 3402 19784 0 126 436480 0
ertt_txseginfo 40 0 9999 61397 0 254 399960 0
lkpicurr 168 2 2350 2 0 62 395136 0
lkpimm 168 1 2327 1 0 62 391104 0
sctp_raddr 736 32 485 241 0 254 380512 0
malloc-16384 16384 19 4 776 0 1 376832 0
THREAD 1808 159 17 837 0 8 318208 0
malloc-4096 4096 67 5 1432 0 2 294912 0
MAP ENTRY 96 2767 257 122359 0 126 290304 0
VNODE 448 555 75 1174 0 30 282240 0
malloc-64 64 3879 468 22419 0 254 278208 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-16 16 14630 120 14987 0 254 236000 0
DEVCTL 1024 21 199 151 0 0 225280 0
malloc-65536 65536 1 2 7 0 1 196608 0
malloc-65536 65536 3 0 3 0 1 196608 0
malloc-65536 65536 1 2 137 0 1 196608 0
mbuf_packet 256 10 752 2947 0 254 195072 0
malloc-256 256 31 719 1464 0 62 192000 0
UMA Zones 768 244 0 244 0 16 187392 0
malloc-32 32 5318 352 6851 0 254 181440 0
malloc-128 128 1132 263 26379 0 126 178560 0
FPU_save_area 832 161 37 1617 0 16 164736 0
malloc-384 384 89 331 756 0 30 161280 0
S VFS Cache 104 1001 403 1705 0 126 146016 0
FFS2 dinode 256 517 53 1134 0 62 145920 0
VMSPACE 2552 45 12 1407 0 4 145464 0
malloc-65536 65536 0 2 60 0 1 131072 0
malloc-2048 2048 47 17 723 0 8 131072 0
malloc-1024 1024 123 5 141 0 16 131072 0
unpcb 256 11 499 1197 0 254 130560 0
malloc-4096 4096 27 3 38 0 2 122880 0
g_bio 408 0 300 7425 0 30 122400 0
128 Bucket 1024 81 34 709 0 16 117760 0
ksiginfo 112 68 976 873 0 126 116928 0
malloc-256 256 136 299 1991 0 62 111360 0
PROC 1352 65 16 1426 0 8 109512 0
filedesc0 1072 66 25 1417 0 8 97552 0
malloc-256 256 253 122 1642 0 62 96000 0
UMA Kegs 384 230 3 230 0 30 89472 0
clpbuf 2624 0 32 62 0 16 83968 0
malloc-8192 8192 6 4 48 0 1 81920 0
sctp_readq 152 0 520 65 0 254 79040 0
sctp_chunk 152 21 499 95 0 254 79040 0
64 Bucket 512 88 48 2673 0 30 69632 0
malloc-64 64 522 549 1909 0 254 68544 0
malloc-128 128 294 233 405 0 126 67456 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-32768 32768 0 2 120 0 1 65536 0
malloc-2048 2048 8 24 570 0 8 65536 0
malloc-256 256 162 93 629 0 62 65280 0
32 Bucket 256 92 163 6960 0 62 65280 0
sctp_stream_msg_out 112 23 517 68 0 254 60480 0
malloc-384 384 97 53 1004 0 30 57600 0
malloc-8192 8192 5 2 8 0 1 57344 0
tcp_inpcb 424 8 118 265 0 30 53424 0
da_ccb 544 0 98 1973 0 16 53312 0
malloc-64 64 399 420 14271 0 254 52416 0
malloc-64 64 597 222 3512 0 254 52416 0
malloc-128 128 134 269 2677 0 126 51584 0
malloc-128 128 179 224 611 0 126 51584 0
malloc-256 256 100 95 1652 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 0 48 15897 0 16 49152 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-16384 16384 2 1 17 0 1 49152 0
malloc-8192 8192 4 2 105 0 1 49152 0
malloc-2048 2048 13 11 17 0 8 49152 0
malloc-2048 2048 2 22 575 0 8 49152 0
malloc-1024 1024 5 43 1518 0 16 49152 0
malloc-1024 1024 32 16 398 0 16 49152 0
malloc-1024 1024 16 32 20 0 16 49152 0
malloc-384 384 103 17 103 0 30 46080 0
syncache 168 0 264 4 0 254 44352 0
malloc-8192 8192 5 0 5 0 1 40960 0
pcpu-8 8 4655 465 4843 0 254 40960 0
Mountpoints 2752 2 12 2 0 4 38528 0
udp_inpcb 424 6 84 162 0 30 38160 0
pipe 744 21 29 323 0 16 37200 0
PWD 32 29 1105 682 0 254 36288 0
malloc-64 64 20 547 168 0 254 36288 0
malloc-64 64 236 331 2161 0 254 36288 0
malloc-64 64 8 559 65 0 254 36288 0
malloc-64 64 91 476 658 0 254 36288 0
malloc-128 128 53 226 141 0 126 35712 0
malloc-128 128 74 205 3407 0 126 35712 0
malloc-128 128 155 124 895 0 126 35712 0
routing nhops 256 27 108 34 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 52 38 392 0 30 34560 0
malloc-256 256 67 68 802 0 62 34560 0
malloc-256 256 100 35 502 0 62 34560 0
malloc-256 256 7 128 586 0 62 34560 0
TURNSTILE 136 177 75 177 0 62 34272 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-4096 4096 5 3 629 0 2 32768 0
malloc-2048 2048 1 15 13 0 8 32768 0
malloc-2048 2048 8 8 8 0 8 32768 0
malloc-2048 2048 2 14 2 0 8 32768 0
malloc-2048 2048 1 15 244 0 8 32768 0
malloc-1024 1024 4 28 44 0 16 32768 0
malloc-1024 1024 2 30 21 0 16 32768 0
malloc-1024 1024 17 15 17 0 16 32768 0
malloc-1024 1024 1 31 6 0 16 32768 0
malloc-512 512 5 59 5 0 30 32768 0
malloc-512 512 0 64 14 0 30 32768 0
malloc-512 512 2 62 125 0 30 32768 0
malloc-512 512 2 62 125 0 30 32768 0
malloc-512 512 9 55 10 0 30 32768 0
pcpu-64 64 492 20 492 0 254 32768 0
tcp_rack_pcb 896 0 36 52 0 16 32256 0
KNOTE 160 28 172 9437 0 62 32000 0
ttyinq 160 135 65 300 0 62 32000 0
Files 80 217 183 9069 0 126 32000 0
tcp_rack_map 120 0 264 121 0 126 31680 0
tcp_bbr_pcb 832 4 32 122 0 16 29952 0
cpuset 104 7 272 7 0 126 29016 0
sctp_laddr 48 4 584 103 0 254 28224 0
malloc-32 32 337 545 914 0 254 28224 0
16 Bucket 144 67 129 287 0 62 28224 0
4 Bucket 48 7 581 67 0 254 28224 0
AIO 208 0 133 37 0 62 27664 0
ripcb 424 2 61 30 0 30 26712 0
malloc-4096 4096 2 4 8 0 2 24576 0
malloc-4096 4096 3 3 781 0 2 24576 0
rtentry 176 30 108 34 0 62 24288 0
PGRP 88 26 250 35 0 126 24288 0
rl_entry 40 40 566 40 0 254 24240 0
8 Bucket 80 51 249 407 0 126 24000 0
malloc-384 384 26 34 29 0 30 23040 0
malloc-384 384 3 57 24 0 30 23040 0
malloc-384 384 1 59 25 0 30 23040 0
SLEEPQUEUE 88 177 79 177 0 126 22528 0
hostcache 64 1 314 1 0 254 20160 0
udpcb 32 6 624 162 0 254 20160 0
tcp_inpcb ports 32 6 624 152 0 254 20160 0
udp_inpcb ports 32 3 627 33 0 254 20160 0
AIOP 32 4 626 4 0 254 20160 0
ertt 72 8 272 265 0 126 20160 0
malloc-32 32 128 502 552 0 254 20160 0
malloc-32 32 62 568 1366 0 254 20160 0
malloc-32 32 98 532 154 0 254 20160 0
malloc-32 32 162 468 1285 0 254 20160 0
malloc-32 32 46 584 2873 0 254 20160 0
2 Bucket 32 55 575 407 0 254 20160 0
cryptop 280 0 70 22 0 30 19600 0
AIOCB 552 0 35 74 0 16 19320 0
AIOLIO 272 0 70 37 0 30 19040 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 1 3 12 0 2 16384 0
malloc-512 512 2 30 120 0 30 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
malloc-16 16 454 546 3729 0 254 16000 0
kenv 258 15 45 1026 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
malloc-32 32 4 374 66 0 254 12096 0
vtnet_tx_hdr 24 0 501 52509 0 254 12024 0
malloc-16 16 11 739 426 0 254 12000 0
malloc-16 16 53 697 756 0 254 12000 0
malloc-16 16 58 692 256 0 254 12000 0
malloc-16 16 199 551 3075 0 254 12000 0
malloc-16 16 23 727 25466 0 254 12000 0
itimer 352 0 33 4 0 30 11616 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
pcpu-16 16 14 498 14 0 254 8192 0
malloc-16 16 8 492 8 0 254 8000 0
UMA Slabs 1 176 9 13 9 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 312 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 56 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 72 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
ripcb ports 32 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
udplite_inpcb 424 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
TMPFS node 224 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Mar 28, 2022, 5:48:26 PM3/28/22
to syzkaller-f...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 8601fca7895c sysent: regen for syscallarg_t
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=17420863700000
dashboard link: https://syzkaller.appspot.com/bug?extid=ba6bcae2eabec42983f6
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1156ba77700000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15a6cbb3700000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ba6bca...@syzkaller.appspotmail.com
login: panic: Lock pf config not exclusively locked @ /syzkaller/managers/main/kernel/sys/netpfil/pf/pf_ioctl.c:538
cpuid = 1
time = 1648503944
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe0054131f70
kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe00541320d0
vpanic() at vpanic+0x2b8/frame 0xfffffe00541321b0
panic() at panic+0xb5/frame 0xfffffe0054132270
_sx_xunlock_hard() at _sx_xunlock_hard/frame 0xfffffe00541322c0
pf_free_rule() at pf_free_rule+0x4c/frame 0xfffffe00541322f0
pfioctl() at pfioctl+0xb6df/frame 0xfffffe0054133610
devfs_ioctl() at devfs_ioctl+0x22a/frame 0xfffffe00541336f0
VOP_IOCTL_APV() at VOP_IOCTL_APV+0xb0/frame 0xfffffe0054133730
vn_ioctl() at vn_ioctl+0x215/frame 0xfffffe0054133a80
devfs_ioctl_f() at devfs_ioctl_f+0x71/frame 0xfffffe0054133ad0
kern_ioctl() at kern_ioctl+0x631/frame 0xfffffe0054133bd0
sys_ioctl() at sys_ioctl+0x31f/frame 0xfffffe0054133d30
amd64_syscall() at amd64_syscall+0x40c/frame 0xfffffe0054133f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0054133f30
--- syscall (0, FreeBSD ELF64, nosys), rip = 0x2b3e6a, rsp = 0x8203dc6c8, rbp = 0x8203dc6e0 ---
KDB: enter: panic
[ thread pid 779 tid 100111 ]
rdx 0xdffff7c000000000
rbx 0
rsp 0xfffffe00541320b0
rbp 0xfffffe00541320d0
rsi 0x1
rdi 0
r8 0x3
r9 0xffffffff
r10 0
r11 0xfffffe0092455530
r12 0xfffffe0092455020
r13 0xfffffe0054132101
ABI: FreeBSD ELF64
flag: 0x10004000 flag2: 0
arguments: ./syz-executor617674246
(map 0xfffffe0092d7e9f8)
(map.pmap 0xfffffe0092d7eab8)
(pmap 0xfffffe0092d7eb20)
threads: 1
100111 Run CPU 1 syz-executor6176742
777 775 777 0 Ss pause 0xfffffe008fe0eb40 csh
775 688 775 0 Ss select 0xfffffe0058ddab40 sshd
752 1 752 0 Ss+ ttyin 0xfffffe00574d50b0 getty
501 1 501 0 Ss select 0xfffffe0058ddad40 syslogd
430 1 430 0 Ss select 0xfffffe0058ddaf40 devd
429 1 429 65 Ss select 0xfffffe00923303c0 dhclient
344 1 344 0 Ss select 0xfffffe0058ddae40 dhclient
341 1 341 0 Ss select 0xfffffe0092330440 dhclient
5 0 0 0 DL waiting 0xffffffff848845a0 [sctp_iterator]
Process 779 (syz-executor6176742) thread 0xfffffe0092455020 (100111)
exclusive rm pf rulesets (pf rulesets) r = 0 (0xffffffff846314a0) locked @ /syzkaller/managers/main/kernel/sys/netpfil/pf/pf_ioctl.c:3203
vfscache 3 1025K 3
pcb 21 539K 42
inodedep 49 530K 71
subproc 89 179K 829
linker 358 134K 386
pagedep 14 132K 18
tfo_ccache 1 128K 1
sem 4 106K 4
DEVFS1 105 105K 114
DEVFS3 124 31K 134
umtx 242 31K 242
msg 4 30K 4
BPF 10 18K 10
KTRACE 100 13K 100
bmsafemap 4 9K 39
plimit 17 5K 322
vt 11 5K 11
ifnet 3 5K 3
filedesc 1 4K 1
diradd 25 4K 36
lltable 11 4K 11
pf_ifnet 5 3K 6
in6_multi 25 3K 25
terminal 11 3K 11
session 20 3K 31
kqueue 40 3K 782
pwddesc 40 3K 780
uidinfo 3 3K 8
proc-args 62 3K 1720
pf_rule 1 2K 1
Unitno 27 2K 39
msi 12 2K 12
sctp_stro 1 1K 1
softdep 1 1K 1
ipsec 3 1K 3
sctp_atcl 2 1K 3
indirdep 3 1K 3
nhops 6 1K 6
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
newdirblk 4 1K 8
mkdir 4 1K 16
in_multi 2 1K 4
osd 7 1K 18
inpcbpolicy 10 1K 139
sctp_ifn 2 1K 6
DEVFS 9 1K 10
freework 1 1K 26
mld 2 1K 2
igmp 2 1K 2
loginclass 3 1K 7
sctp_atky 3 1K 4
pmchooks 1 1K 1
soname 4 1K 3472
filecaps 4 1K 66
tun 3 1K 3
sctp_map 2 1K 2
tcp_fsb 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 2
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_aadr 0 0K 0
sctp_stri 0 0K 0
savedino 0 0K 15
freeblks 0 0K 25
freefrag 0 0K 1
allocindir 0 0K 0
statfs 0 0K 195
acl 0 0K 0
mbuf_tag 0 0K 27
iov 0 0K 13648
mbuf_jumbo_page 4096 8320 1078 14579 0 254 38494208 0
mbuf 256 8578 1084 17468 0 254 2473472 0
pbuf 2624 0 794 0 0 2 2083456 0
BUF TRIE 144 183 11605 500 0 62 1697472 0
malloc-4096 4096 327 1 488 0 2 1343488 0
UMA Slabs 0 112 10569 9 10569 0 126 1184736 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
vmem btag 56 16362 93 16362 0 254 921480 0
FFS inode 1160 499 26 508 0 8 609000 0
sctp_asoc 2288 1 254 1 0 254 583440 0
tcpcb 1104 3 508 7 0 254 564144 0
RADIX NODE 144 3316 179 19981 0 62 503280 0
socket 960 19 489 1337 0 254 487680 0
VM OBJECT 264 1411 119 24441 0 30 403920 0
256 Bucket 2048 122 14 1003 0 8 278528 0
VNODE 448 530 46 541 0 30 258048 0
malloc-16 16 14625 125 14729 0 254 236000 0
DEVCTL 1024 0 220 126 0 0 225280 0
THREAD 1808 114 7 114 0 8 218768 0
malloc-256 256 729 81 862 0 62 207360 0
MAP ENTRY 96 1560 456 84325 0 126 193536 0
malloc-4096 4096 41 3 785 0 2 180224 0
malloc-128 128 1132 263 26321 0 126 178560 0
FFS2 dinode 256 499 71 508 0 62 145920 0
malloc-65536 65536 0 2 46 0 1 131072 0
malloc-1024 1024 119 9 129 0 16 131072 0
unpcb 256 7 503 1179 0 254 130560 0
mbuf_packet 256 0 508 78 0 254 130048 0
S VFS Cache 104 966 204 1008 0 126 121680 0
ksiginfo 112 36 1008 51 0 126 116928 0
malloc-2048 2048 6 50 538 0 8 114688 0
FPU_save_area 832 116 19 128 0 16 112320 0
malloc-4096 4096 23 1 34 0 2 98304 0
VMSPACE 2552 23 10 764 0 4 84216 0
malloc-256 256 200 115 340 0 62 80640 0
malloc-64 64 517 554 1644 0 254 68544 0
malloc-128 128 295 232 351 0 126 67456 0
malloc-65536 65536 1 0 1 0 1 65536 0
g_bio 408 0 150 4462 0 30 61200 0
filedesc0 1072 40 16 780 0 8 60032 0
malloc-8192 8192 6 1 34 0 1 57344 0
malloc-8192 8192 6 1 8 0 1 57344 0
64 Bucket 512 64 40 1581 0 30 53248 0
malloc-64 64 545 274 2228 0 254 52416 0
malloc-128 128 179 224 584 0 126 51584 0
malloc-256 256 149 46 480 0 62 49920 0
malloc-256 256 94 101 379 0 62 49920 0
32 Bucket 256 61 134 8338 0 62 49920 0
syncache 168 0 264 5 0 254 44352 0
clpbuf 2624 0 16 22 0 16 41984 0
pipe 744 7 43 284 0 16 37200 0
pcpu-8 8 4228 380 4256 0 254 36864 0
malloc-64 64 7 560 23 0 254 36288 0
malloc-64 64 271 296 13597 0 254 36288 0
malloc-64 64 165 402 1444 0 254 36288 0
malloc-64 64 7 560 35 0 254 36288 0
malloc-64 64 47 520 276 0 254 36288 0
malloc-128 128 44 235 104 0 126 35712 0
malloc-128 128 54 225 3380 0 126 35712 0
malloc-128 128 104 175 755 0 126 35712 0
malloc-128 128 147 132 221 0 126 35712 0
routing nhops 256 10 125 17 0 62 34560 0
malloc-384 384 48 42 71 0 30 34560 0
malloc-256 256 22 113 86 0 62 34560 0
malloc-256 256 79 56 404 0 62 34560 0
malloc-256 256 7 128 582 0 62 34560 0
malloc-4096 4096 4 4 625 0 2 32768 0
malloc-2048 2048 4 12 14 0 8 32768 0
malloc-1024 1024 16 16 20 0 16 32768 0
malloc-512 512 0 64 9 0 30 32768 0
malloc-512 512 2 62 51 0 30 32768 0
malloc-512 512 2 62 9 0 30 32768 0
malloc-32 32 297 585 890 0 254 28224 0
16 Bucket 144 47 149 235 0 62 28224 0
4 Bucket 48 6 582 44 0 254 28224 0
tcp_inpcb 424 3 60 7 0 30 26712 0
ripcb 424 1 62 4 0 30 26712 0
da_ccb 544 0 49 1236 0 16 26656 0
TURNSTILE 136 122 67 122 0 62 25704 0
malloc-4096 4096 3 3 198 0 2 24576 0
rtentry 176 13 125 17 0 62 24288 0
PGRP 88 20 256 31 0 126 24288 0
ertt_txseginfo 40 1 605 247 0 254 24240 0
rl_entry 40 29 577 29 0 254 24240 0
Files 80 73 227 6583 0 126 24000 0
8 Bucket 80 43 257 234 0 126 24000 0
malloc-384 384 4 56 4 0 30 23040 0
malloc-384 384 2 58 12 0 30 23040 0
malloc-384 384 9 51 12 0 30 23040 0
malloc-384 384 1 59 20 0 30 23040 0
SLEEPQUEUE 88 122 134 122 0 126 22528 0
udp_inpcb ports 32 3 627 40 0 254 20160 0
ertt 72 3 277 7 0 126 20160 0
PWD 32 10 620 100 0 254 20160 0
malloc-32 32 128 502 163 0 254 20160 0
malloc-32 32 44 586 751 0 254 20160 0
malloc-32 32 23 607 42 0 254 20160 0
malloc-32 32 81 549 259 0 254 20160 0
malloc-32 32 46 584 2801 0 254 20160 0
2 Bucket 32 47 583 293 0 254 20160 0
KNOTE 160 0 125 8 0 62 20000 0
malloc-4096 4096 1 3 4 0 2 16384 0
malloc-32 32 4 374 53 0 254 12096 0
malloc-16 16 11 739 57 0 254 12000 0
malloc-16 16 51 699 255 0 254 12000 0
malloc-16 16 38 712 202 0 254 12000 0
malloc-16 16 22 728 25463 0 254 12000 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tcp_rack_pcb 896 0 0 0 0 16 0 0
tcp_rack_map 120 0 0 0 0 126 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIO 208 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 64 0 0
mdpbuf 2624 0 0 0 0 3 0 0
nfspbuf 2624 0 0 0 0 16 0 0
swwbuf 2624 0 0 0 0 8 0 0
swrbuf 2624 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
HEAD commit: 8601fca7895c sysent: regen for syscallarg_t
git tree: freebsd-src
dashboard link: https://syzkaller.appspot.com/bug?extid=ba6bcae2eabec42983f6
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1156ba77700000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15a6cbb3700000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ba6bca...@syzkaller.appspotmail.com
cpuid = 1
time = 1648503944
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe0054131f70
kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe00541320d0
vpanic() at vpanic+0x2b8/frame 0xfffffe00541321b0
panic() at panic+0xb5/frame 0xfffffe0054132270
_sx_xunlock_hard() at _sx_xunlock_hard/frame 0xfffffe00541322c0
pf_free_rule() at pf_free_rule+0x4c/frame 0xfffffe00541322f0
pfioctl() at pfioctl+0xb6df/frame 0xfffffe0054133610
devfs_ioctl() at devfs_ioctl+0x22a/frame 0xfffffe00541336f0
VOP_IOCTL_APV() at VOP_IOCTL_APV+0xb0/frame 0xfffffe0054133730
vn_ioctl() at vn_ioctl+0x215/frame 0xfffffe0054133a80
devfs_ioctl_f() at devfs_ioctl_f+0x71/frame 0xfffffe0054133ad0
kern_ioctl() at kern_ioctl+0x631/frame 0xfffffe0054133bd0
sys_ioctl() at sys_ioctl+0x31f/frame 0xfffffe0054133d30
amd64_syscall() at amd64_syscall+0x40c/frame 0xfffffe0054133f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0054133f30
--- syscall (0, FreeBSD ELF64, nosys), rip = 0x2b3e6a, rsp = 0x8203dc6c8, rbp = 0x8203dc6e0 ---
KDB: enter: panic
[ thread pid 779 tid 100111 ]
Stopped at kdb_enter+0x6b: movq $0,0x270a69a(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xdfbc0b9094ac75cc
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rdx 0xdffff7c000000000
rbx 0
rsp 0xfffffe00541320b0
rbp 0xfffffe00541320d0
rsi 0x1
rdi 0
r8 0x3
r9 0xffffffff
r10 0
r11 0xfffffe0092455530
r12 0xfffffe0092455020
r13 0xfffffe0054132101
r14 0xffffffff82bb9d20 .str.26
r15 0xffffffff82bb9d20 .str.26
rip 0xffffffff8176db7b kdb_enter+0x6b
rflags 0x46
kdb_enter+0x6b: movq $0,0x270a69a(%rip)
db> show proc
Process 779 (syz-executor6176742) at 0xfffffe00929bca90:
r15 0xffffffff82bb9d20 .str.26
rip 0xffffffff8176db7b kdb_enter+0x6b
rflags 0x46
kdb_enter+0x6b: movq $0,0x270a69a(%rip)
db> show proc
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 777 at 0xfffffe008fe0ea90
uid: 0 gids: 0, 0, 5
ABI: FreeBSD ELF64
flag: 0x10004000 flag2: 0
arguments: ./syz-executor617674246
reaper: 0xfffffe0053dde000 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe0092d7e9f8
sigparent: 20
(map 0xfffffe0092d7e9f8)
(map.pmap 0xfffffe0092d7eab8)
(pmap 0xfffffe0092d7eb20)
threads: 1
100111 Run CPU 1 syz-executor6176742
db> ps
pid ppid pgrp uid state wmesg wchan cmd
779 777 777 0 R CPU 1 syz-executor6176742
pid ppid pgrp uid state wmesg wchan cmd
777 775 777 0 Ss pause 0xfffffe008fe0eb40 csh
775 688 775 0 Ss select 0xfffffe0058ddab40 sshd
754 1 754 0 Ss+ ttyin 0xfffffe00574d7cb0 getty
753 1 753 0 Ss+ ttyin 0xfffffe005873ccb0 getty
752 1 752 0 Ss+ ttyin 0xfffffe00574d50b0 getty
751 1 751 0 Ss+ ttyin 0xfffffe00574d54b0 getty
750 1 750 0 Ss+ ttyin 0xfffffe00574d58b0 getty
749 1 749 0 Ss+ ttyin 0xfffffe00574d5cb0 getty
748 1 748 0 Ss+ ttyin 0xfffffe00574d60b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe00574d64b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00574d68b0 getty
744 1 18 0 S+ piperd 0xfffffe0058b458b8 logger
750 1 750 0 Ss+ ttyin 0xfffffe00574d58b0 getty
749 1 749 0 Ss+ ttyin 0xfffffe00574d5cb0 getty
748 1 748 0 Ss+ ttyin 0xfffffe00574d60b0 getty
747 1 747 0 Ss+ ttyin 0xfffffe00574d64b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe00574d68b0 getty
743 742 18 0 S+ nanslp 0xffffffff83e458c1 sleep
742 1 18 0 S+ wait 0xfffffe0058b58548 sh
692 1 692 0 Ss nanslp 0xffffffff83e458c1 cron
688 1 688 0 Ss select 0xfffffe0058ddb6c0 sshd
501 1 501 0 Ss select 0xfffffe0058ddad40 syslogd
430 1 430 0 Ss select 0xfffffe0058ddaf40 devd
429 1 429 65 Ss select 0xfffffe00923303c0 dhclient
344 1 344 0 Ss select 0xfffffe0058ddae40 dhclient
341 1 341 0 Ss select 0xfffffe0092330440 dhclient
17 0 0 0 DL syncer 0xffffffff83f6b0e0 [syncer]
16 0 0 0 DL vlruwt 0xfffffe0053ddd000 [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100080 D psleep 0xffffffff83f696e0 [bufdaemon]
100083 D - 0xffffffff83211f80 [bufspacedaemon-0]
100094 D sdflush 0xfffffe005865cce8 [/ worker]
100080 D psleep 0xffffffff83f696e0 [bufdaemon]
100083 D - 0xffffffff83211f80 [bufspacedaemon-0]
9 0 0 0 DL psleep 0xffffffff83f9d180 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83f91038 [dom0]
100081 D launds 0xffffffff83f91044 [laundry: dom0]
100082 D umarcl 0xffffffff81ea4540 [uma]
7 0 0 0 DL - 0xffffffff83c01688 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff84579530 [pf purge]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83f91038 [dom0]
100081 D launds 0xffffffff83f91044 [laundry: dom0]
100082 D umarcl 0xffffffff81ea4540 [uma]
7 0 0 0 DL - 0xffffffff83c01688 [rand_harvestq]
5 0 0 0 DL waiting 0xffffffff848845a0 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100045 D - 0xffffffff83aa35c0 [doneq0]
100046 D - 0xffffffff83aa3540 [async]
100077 D - 0xffffffff83aa33c0 [scanner]
14 0 0 0 DL seqstat 0xfffffe0056ec5488 [sequencer 00]
3 0 0 0 DL (threaded) [crypto]
100041 D crypto_ 0xffffffff83f8c840 [crypto]
100042 D crypto_ 0xfffffe0053ed6c30 [crypto returns 0]
100043 D crypto_ 0xfffffe0053ed6c80 [crypto returns 1]
13 0 0 0 DL (threaded) [geom]
100036 D - 0xffffffff83e1ae80 [g_event]
100037 D - 0xffffffff83e1aea0 [g_up]
100038 D - 0xffffffff83e1aec0 [g_down]
2 0 0 0 WL (threaded) [clock]
100030 I [clock (0)]
100031 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100045 D - 0xffffffff83aa35c0 [doneq0]
100046 D - 0xffffffff83aa3540 [async]
100077 D - 0xffffffff83aa33c0 [scanner]
14 0 0 0 DL seqstat 0xfffffe0056ec5488 [sequencer 00]
3 0 0 0 DL (threaded) [crypto]
100041 D crypto_ 0xffffffff83f8c840 [crypto]
100042 D crypto_ 0xfffffe0053ed6c30 [crypto returns 0]
100043 D crypto_ 0xfffffe0053ed6c80 [crypto returns 1]
13 0 0 0 DL (threaded) [geom]
100036 D - 0xffffffff83e1ae80 [g_event]
100037 D - 0xffffffff83e1aea0 [g_up]
100038 D - 0xffffffff83e1aec0 [g_down]
2 0 0 0 WL (threaded) [clock]
100030 I [clock (0)]
100031 I [clock (1)]
100010 I [swi6: Giant taskq]
100017 I [swi5: fast taskq]
100020 I [swi6: task queue]
100029 I [swi1: netisr 0]
100032 I [swi3: busdma]
100033 I [swi1: hpts]
100034 I [swi1: hpts]
100017 I [swi5: fast taskq]
100020 I [swi6: task queue]
100029 I [swi1: netisr 0]
100032 I [swi3: busdma]
100033 I [swi1: hpts]
100047 I [irq24: virtio_pci0]
100048 I [irq25: virtio_pci0]
100049 I [irq26: virtio_pci0]
100050 I [irq27: virtio_pci0]
100051 I [irq28: virtio_pci1]
100052 I [irq29: virtio_pci1]
100053 I [irq30: virtio_pci1]
100054 I [irq31: virtio_pci1]
100055 I [irq32: virtio_pci1]
100060 I [irq33: virtio_pci2]
100061 I [irq34: virtio_pci2]
100062 I [irq35: virtio_pci2]
100064 I [irq1: atkbd0]
100065 I [irq12: psm0]
100066 I [swi0: uart uart++]
100070 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 Run CPU 0 [idle: cpu0]
100048 I [irq25: virtio_pci0]
100049 I [irq26: virtio_pci0]
100050 I [irq27: virtio_pci0]
100051 I [irq28: virtio_pci1]
100052 I [irq29: virtio_pci1]
100053 I [irq30: virtio_pci1]
100054 I [irq31: virtio_pci1]
100055 I [irq32: virtio_pci1]
100060 I [irq33: virtio_pci2]
100061 I [irq34: virtio_pci2]
100062 I [irq35: virtio_pci2]
100064 I [irq1: atkbd0]
100065 I [irq12: psm0]
100066 I [swi0: uart uart++]
100070 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
exclusive rm pf rulesets (pf rulesets) r = 0 (0xffffffff846314a0) locked @ /syzkaller/managers/main/kernel/sys/netpfil/pf/pf_ioctl.c:3203
db> show malloc
Type InUse MemUse Requests
pf_hash 5 11524K 5
Type InUse MemUse Requests
pf_hash 5 11524K 5
tcp_hpts 6 4801K 6
devbuf 4217 4323K 4242
sysctloid 35306 2080K 35377
vtbuf 24 1968K 46
kobj 327 1308K 488
newblk 707 1201K 720
devbuf 4217 4323K 4242
sysctloid 35306 2080K 35377
vtbuf 24 1968K 46
kobj 327 1308K 488
vfscache 3 1025K 3
pcb 21 539K 42
inodedep 49 530K 71
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
acpica 1674 184K 56014
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 89 179K 829
vnet_data 1 168K 1
tidhash 3 141K 3
vmem 3 138K 4
tidhash 3 141K 3
linker 358 134K 386
pagedep 14 132K 18
tfo_ccache 1 128K 1
sem 4 106K 4
DEVFS1 105 105K 114
bus 991 81K 5140
mtx_pool 2 72K 2
syncache 1 68K 1
module 512 64K 512
acpitask 1 64K 1
ddb_capture 1 64K 1
temp 17 33K 1606
mtx_pool 2 72K 2
syncache 1 68K 1
module 512 64K 512
acpitask 1 64K 1
ddb_capture 1 64K 1
hostcache 1 32K 1
shm 1 32K 1
kdtrace 155 32K 895
shm 1 32K 1
DEVFS3 124 31K 134
umtx 242 31K 242
msg 4 30K 4
gtaskqueue 18 26K 18
kbdmux 6 22K 6
DEVFS_RULE 56 20K 56
kbdmux 6 22K 6
BPF 10 18K 10
ufs_mount 4 17K 5
proc 3 17K 3
tty 16 16K 16
ithread 100 16K 100
bus-sc 34 15K 1651
proc 3 17K 3
tty 16 16K 16
ithread 100 16K 100
KTRACE 100 13K 100
kenv 95 12K 95
eventhandler 134 12K 134
ifaddr 30 12K 32
eventhandler 134 12K 134
rman 88 11K 429
GEOM 61 11K 490
routetbl 50 11K 176
GEOM 61 11K 490
CAM queue 5 11K 1528
cred 36 9K 234
bmsafemap 4 9K 39
UART 12 9K 12
devstat 4 9K 4
ksem 1 8K 1
devstat 4 9K 4
rpc 2 8K 2
shmfd 1 8K 1
pfs_vncache 1 8K 1
shmfd 1 8K 1
pfs_vncache 1 8K 1
pfs_nodes 20 8K 20
audit_evclass 237 8K 296
taskqueue 63 7K 63
audit_evclass 237 8K 296
taskqueue 63 7K 63
sglist 5 7K 5
CAM DEV 3 6K 510
CAM DEV 3 6K 510
ufs_dirhash 24 5K 24
UMA 272 5K 272
dirrem 17 5K 28
UMA 272 5K 272
plimit 17 5K 322
vt 11 5K 11
ifnet 3 5K 3
memdesc 1 4K 1
MCA 32 4K 32
ioctlops 1 4K 87
MCA 32 4K 32
filedesc 1 4K 1
evdev 4 4K 4
acpisem 28 4K 28
hhook 15 4K 17
ether_multi 40 4K 50
acpisem 28 4K 28
hhook 15 4K 17
diradd 25 4K 36
lltable 11 4K 11
pf_ifnet 5 3K 6
in6_multi 25 3K 25
terminal 11 3K 11
session 20 3K 31
kqueue 40 3K 782
pwddesc 40 3K 780
uidinfo 3 3K 8
proc-args 62 3K 1720
pf_rule 1 2K 1
local_apic 1 2K 1
io_apic 1 2K 1
fpukern_ctx 2 2K 2
ipsec-saq 2 2K 2
selfd 27 2K 10959
io_apic 1 2K 1
fpukern_ctx 2 2K 2
ipsec-saq 2 2K 2
Unitno 27 2K 39
CAM XPT 22 2K 543
lockf 15 2K 22
msi 12 2K 12
ipsecpolicy 2 2K 2
acpidev 20 2K 20
clone 9 2K 9
acpidev 20 2K 20
sctp_stro 1 1K 1
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
vnodemarker 2 1K 8
secasvar 1 1K 1
NFSD session 1 1K 1
CAM periph 4 1K 271
select 7 1K 29
CAM periph 4 1K 271
ipsec 3 1K 3
sctp_atcl 2 1K 3
indirdep 3 1K 3
nhops 6 1K 6
toponodes 6 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
sctp_ifa 5 1K 6
isadev 6 1K 6
mount 16 1K 89
pci_link 10 1K 10
crypto 4 1K 4
ip6ndp 4 1K 5
encap_export_host 12 1K 12
newdirblk 4 1K 8
mkdir 4 1K 16
in_multi 2 1K 4
pfil 4 1K 4
cdev 2 1K 2
chacha20random 1 1K 1
cdev 2 1K 2
osd 7 1K 18
inpcbpolicy 10 1K 139
sctp_ifn 2 1K 6
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFSP 4 1K 9
NFSD V4client 1 1K 1
DEVFS 9 1K 10
freework 1 1K 26
mld 2 1K 2
igmp 2 1K 2
vnodes 1 1K 1
CAM SIM 2 1K 2
CAM SIM 2 1K 2
feeder 7 1K 7
tcpfunc 3 1K 3
CC Mem 3 1K 7
tcpfunc 3 1K 3
loginclass 3 1K 7
prison 6 1K 6
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
cryptodev 2 1K 49
lkpikmalloc 5 1K 6
aesni_data 2 1K 2
sctp_atky 3 1K 4
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
procdesc 1 1K 6
apmdev 1 1K 1
atkbddev 2 1K 2
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
CAM path 4 1K 1034
pmchooks 1 1K 1
soname 4 1K 3472
filecaps 4 1K 66
tun 3 1K 3
sctp_vrf 1 1K 1
vnet 1 1K 1
entropy 2 1K 35
vnet 1 1K 1
pmc 1 1K 1
acpiintr 1 1K 1
sctp_athm 2 1K 3
acpiintr 1 1K 1
sctp_map 2 1K 2
cpus 2 1K 2
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
mqdata 0 0K 0
tcp_do 0 0K 0
esp 0 0K 0
ah 0 0K 0
mqdata 0 0K 0
tcp_fsb 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 2
sctp_iter 0 0K 4
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 4
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_aadr 0 0K 0
sctp_stri 0 0K 0
pf_table 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
filemon 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 2
jfsync 0 0K 0
jtrunc 0 0K 0
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefile 0 0K 9
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 25
freefrag 0 0K 1
allocindir 0 0K 0
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 3
export_host 0 0K 0
nvme_da 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
twsbuf 0 0K 0
twe_commands 0 0K 0
tcp_log_dev 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
twsbuf 0 0K 0
twe_commands 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 523
biobuf 0 0K 0
aios 0 0K 0
acl 0 0K 0
mbuf_tag 0 0K 27
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
MPRSAS 0 0K 0
SWAP 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sysctltmp 0 0K 658
Witness 0 0K 0
stack 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
sbuf 0 0K 288
mpr_user 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
MPRSAS 0 0K 0
SWAP 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sysctl 0 0K 3
md_sectors 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
cache 0 0K 0
aacraidcam 0 0K 0
kcovinfo 0 0K 0
md_sectors 0 0K 0
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
md_disk 0 0K 0
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
cache 0 0K 0
aacraidcam 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
mbuf 256 8578 1084 17468 0 254 2473472 0
pbuf 2624 0 794 0 0 2 2083456 0
BUF TRIE 144 183 11605 500 0 62 1697472 0
malloc-384 384 4155 15 4156 0 30 1601280 0
malloc-128 128 12331 162 12382 0 126 1599104 0
malloc-4096 4096 327 1 488 0 2 1343488 0
UMA Slabs 0 112 10569 9 10569 0 126 1184736 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
vmem btag 56 16362 93 16362 0 254 921480 0
FFS inode 1160 499 26 508 0 8 609000 0
sctp_asoc 2288 1 254 1 0 254 583440 0
tcpcb 1104 3 508 7 0 254 564144 0
RADIX NODE 144 3316 179 19981 0 62 503280 0
socket 960 19 489 1337 0 254 487680 0
VM OBJECT 264 1411 119 24441 0 30 403920 0
lkpicurr 168 2 2350 2 0 62 395136 0
lkpimm 168 1 2327 1 0 62 391104 0
sctp_ep 1208 1 259 2 0 254 314080 0
lkpimm 168 1 2327 1 0 62 391104 0
256 Bucket 2048 122 14 1003 0 8 278528 0
malloc-65536 65536 4 0 4 0 1 262144 0
malloc-64 64 3875 220 14840 0 254 262080 0
VNODE 448 530 46 541 0 30 258048 0
malloc-16 16 14625 125 14729 0 254 236000 0
DEVCTL 1024 0 220 126 0 0 225280 0
THREAD 1808 114 7 114 0 8 218768 0
malloc-256 256 729 81 862 0 62 207360 0
malloc-65536 65536 3 0 3 0 1 196608 0
malloc-65536 65536 1 2 137 0 1 196608 0
sctp_raddr 736 1 263 1 0 254 194304 0
malloc-65536 65536 1 2 137 0 1 196608 0
MAP ENTRY 96 1560 456 84325 0 126 193536 0
UMA Zones 768 244 0 244 0 16 187392 0
malloc-32 32 5312 358 6533 0 254 181440 0
malloc-4096 4096 41 3 785 0 2 180224 0
malloc-128 128 1132 263 26321 0 126 178560 0
FFS2 dinode 256 499 71 508 0 62 145920 0
malloc-65536 65536 0 2 46 0 1 131072 0
malloc-1024 1024 119 9 129 0 16 131072 0
unpcb 256 7 503 1179 0 254 130560 0
mbuf_packet 256 0 508 78 0 254 130048 0
S VFS Cache 104 966 204 1008 0 126 121680 0
ksiginfo 112 36 1008 51 0 126 116928 0
malloc-2048 2048 6 50 538 0 8 114688 0
FPU_save_area 832 116 19 128 0 16 112320 0
malloc-4096 4096 23 1 34 0 2 98304 0
UMA Kegs 384 230 3 230 0 30 89472 0
128 Bucket 1024 43 40 481 0 16 84992 0
VMSPACE 2552 23 10 764 0 4 84216 0
malloc-256 256 200 115 340 0 62 80640 0
malloc-64 64 517 554 1644 0 254 68544 0
malloc-128 128 295 232 351 0 126 67456 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 0 1 8 0 1 65536 0
malloc-32768 32768 0 2 120 0 1 65536 0
PROC 1352 39 9 779 0 8 64896 0
malloc-32768 32768 0 2 120 0 1 65536 0
g_bio 408 0 150 4462 0 30 61200 0
filedesc0 1072 40 16 780 0 8 60032 0
malloc-8192 8192 6 1 34 0 1 57344 0
malloc-8192 8192 6 1 8 0 1 57344 0
64 Bucket 512 64 40 1581 0 30 53248 0
malloc-64 64 545 274 2228 0 254 52416 0
malloc-128 128 179 224 584 0 126 51584 0
malloc-256 256 149 46 480 0 62 49920 0
malloc-256 256 94 101 379 0 62 49920 0
32 Bucket 256 61 134 8338 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 0 48 12228 0 16 49152 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-16384 16384 1 2 161 0 1 49152 0
malloc-8192 8192 4 2 105 0 1 49152 0
malloc-2048 2048 2 22 575 0 8 49152 0
malloc-1024 1024 5 43 1382 0 16 49152 0
syncache 168 0 264 5 0 254 44352 0
clpbuf 2624 0 16 22 0 16 41984 0
malloc-8192 8192 5 0 5 0 1 40960 0
Mountpoints 2752 2 12 2 0 4 38528 0
udp_inpcb 424 6 84 128 0 30 38160 0
pipe 744 7 43 284 0 16 37200 0
pcpu-8 8 4228 380 4256 0 254 36864 0
malloc-64 64 7 560 23 0 254 36288 0
malloc-64 64 271 296 13597 0 254 36288 0
malloc-64 64 165 402 1444 0 254 36288 0
malloc-64 64 7 560 35 0 254 36288 0
malloc-64 64 47 520 276 0 254 36288 0
malloc-128 128 44 235 104 0 126 35712 0
malloc-128 128 54 225 3380 0 126 35712 0
malloc-128 128 104 175 755 0 126 35712 0
malloc-128 128 147 132 221 0 126 35712 0
routing nhops 256 10 125 17 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-384 384 70 20 70 0 30 34560 0
malloc-384 384 48 42 71 0 30 34560 0
malloc-384 384 52 38 392 0 30 34560 0
malloc-256 256 16 119 735 0 62 34560 0
malloc-256 256 22 113 86 0 62 34560 0
malloc-256 256 79 56 404 0 62 34560 0
malloc-256 256 7 128 582 0 62 34560 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-16384 16384 1 1 16 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-4096 4096 4 4 625 0 2 32768 0
malloc-2048 2048 1 15 13 0 8 32768 0
malloc-2048 2048 8 8 8 0 8 32768 0
malloc-2048 2048 9 7 9 0 8 32768 0
malloc-2048 2048 8 8 8 0 8 32768 0
malloc-2048 2048 4 12 14 0 8 32768 0
malloc-2048 2048 2 14 2 0 8 32768 0
malloc-2048 2048 1 15 194 0 8 32768 0
malloc-1024 1024 4 28 44 0 16 32768 0
malloc-1024 1024 2 30 21 0 16 32768 0
malloc-1024 1024 5 27 158 0 16 32768 0
malloc-1024 1024 2 30 21 0 16 32768 0
malloc-1024 1024 16 16 20 0 16 32768 0
malloc-1024 1024 17 15 17 0 16 32768 0
malloc-1024 1024 1 31 5 0 16 32768 0
malloc-512 512 0 64 9 0 30 32768 0
malloc-512 512 2 62 51 0 30 32768 0
malloc-512 512 2 62 9 0 30 32768 0
malloc-512 512 9 55 10 0 30 32768 0
pcpu-64 64 492 20 492 0 254 32768 0
pcpu-64 64 492 20 492 0 254 32768 0
ttyinq 160 135 65 300 0 62 32000 0
cpuset 104 7 272 7 0 126 29016 0
sctp_laddr 48 0 588 4 0 254 28224 0
malloc-32 32 297 585 890 0 254 28224 0
16 Bucket 144 47 149 235 0 62 28224 0
4 Bucket 48 6 582 44 0 254 28224 0
tcp_inpcb 424 3 60 7 0 30 26712 0
ripcb 424 1 62 4 0 30 26712 0
da_ccb 544 0 49 1236 0 16 26656 0
TURNSTILE 136 122 67 122 0 62 25704 0
malloc-4096 4096 3 3 198 0 2 24576 0
rtentry 176 13 125 17 0 62 24288 0
PGRP 88 20 256 31 0 126 24288 0
ertt_txseginfo 40 1 605 247 0 254 24240 0
rl_entry 40 29 577 29 0 254 24240 0
Files 80 73 227 6583 0 126 24000 0
8 Bucket 80 43 257 234 0 126 24000 0
malloc-384 384 4 56 4 0 30 23040 0
malloc-384 384 2 58 12 0 30 23040 0
malloc-384 384 9 51 12 0 30 23040 0
malloc-384 384 1 59 20 0 30 23040 0
SLEEPQUEUE 88 122 134 122 0 126 22528 0
hostcache 64 1 314 1 0 254 20160 0
udpcb 32 6 624 128 0 254 20160 0
udp_inpcb ports 32 3 627 40 0 254 20160 0
ertt 72 3 277 7 0 126 20160 0
PWD 32 10 620 100 0 254 20160 0
malloc-32 32 128 502 163 0 254 20160 0
malloc-32 32 44 586 751 0 254 20160 0
malloc-32 32 23 607 42 0 254 20160 0
malloc-32 32 81 549 259 0 254 20160 0
malloc-32 32 46 584 2801 0 254 20160 0
2 Bucket 32 47 583 293 0 254 20160 0
KNOTE 160 0 125 8 0 62 20000 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 2 2 4 0 2 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 1 3 4 0 2 16384 0
malloc-512 512 2 30 120 0 30 16384 0
malloc-512 512 3 29 3 0 30 16384 0
SMR CPU 32 7 504 7 0 254 16352 0
kenv 258 15 45 1023 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
tcp_inpcb ports 32 1 377 1 0 254 12096 0
vmem 1856 1 7 1 0 8 14848 0
SMR SHARED 24 7 504 7 0 254 12264 0
malloc-32 32 4 374 53 0 254 12096 0
malloc-16 16 11 739 57 0 254 12000 0
malloc-16 16 51 699 255 0 254 12000 0
malloc-16 16 38 712 202 0 254 12000 0
malloc-16 16 199 551 3075 0 254 12000 0
malloc-16 16 290 460 1510 0 254 12000 0
malloc-16 16 22 728 25463 0 254 12000 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
pcpu-16 16 14 498 14 0 254 8192 0
vtnet_tx_hdr 24 0 334 1977 0 254 8016 0
malloc-8192 8192 1 0 1 0 1 8192 0
malloc-8192 8192 1 0 1 0 1 8192 0
pcpu-16 16 14 498 14 0 254 8192 0
malloc-16 16 8 492 8 0 254 8000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 312 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 56 0 0 0 0 254 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 312 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 56 0 0 0 0 254 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tcp_rack_pcb 896 0 0 0 0 16 0 0
tcp_rack_map 120 0 0 0 0 126 0 0
ipq 56 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 72 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 72 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
ripcb ports 32 0 0 0 0 254 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
udplite_inpcb 424 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
udplite_inpcb ports 32 0 0 0 0 254 0 0
udplite_inpcb 424 0 0 0 0 30 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIO 208 0 0 0 0 62 0 0
TMPFS node 224 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 64 0 0
mdpbuf 2624 0 0 0 0 3 0 0
nfspbuf 2624 0 0 0 0 16 0 0
swwbuf 2624 0 0 0 0 8 0 0
swrbuf 2624 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-512 512 0 0 0 0 30 0 0
malloc-512 512 0 0 0 0 30 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
Mark Johnston
Jun 13, 2022, 1:01:46 PM6/13/22
to syzbot, syzkaller-f...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages