Re: uvm_fault: pfi_dynaddr_remove
4 views
Skip to first unread message
syzbot
Apr 18, 2020, 5:31:06 AM4/18/20
to an...@basename.se, syzkaller-o...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger crash:
Reported-and-tested-by: syzbot+ae5e35...@syzkaller.appspotmail.com
Tested on:
commit: 36b0faca XXX potential fix
git tree: https://github.com/mptre/openbsd-src pf
kernel config: https://syzkaller.appspot.com/x/.config?x=fe55924c11e64b0a
dashboard link: https://syzkaller.appspot.com/bug?extid=ae5e359d7f82688edd6a
compiler:
Note: testing is done by a robot and is best-effort only.
syzbot has tested the proposed patch and the reproducer did not trigger crash:
Reported-and-tested-by: syzbot+ae5e35...@syzkaller.appspotmail.com
Tested on:
commit: 36b0faca XXX potential fix
git tree: https://github.com/mptre/openbsd-src pf
kernel config: https://syzkaller.appspot.com/x/.config?x=fe55924c11e64b0a
dashboard link: https://syzkaller.appspot.com/bug?extid=ae5e359d7f82688edd6a
compiler:
Note: testing is done by a robot and is best-effort only.
syzbot
Apr 18, 2020, 8:00:52 PM4/18/20
to Greg Steuck, anedv...@gmail.com, gr...@nest.cx, syzkaller-o...@googlegroups.com
> #syz test: git:/github.com/blackgnezdo/src
"git:/github.com/blackgnezdo/src" does not look like a valid git repo address.
> c4fa7f2562c6318a999d877a6b05647a480baa3d
"git:/github.com/blackgnezdo/src" does not look like a valid git repo address.
> c4fa7f2562c6318a999d877a6b05647a480baa3d
Greg Steuck
Apr 18, 2020, 8:02:05 PM4/18/20
to syzbot, Saša Nedvědický, syzkaller-o...@googlegroups.com
#syz test: git://github.com/blackgnezdo/src
c4fa7f2562c6318a999d877a6b05647a480baa3d
--
nest.cx is Gmail hosted, use PGP: https://pgp.key-server.io/0x0B1542BD8DF5A1B0
Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0
c4fa7f2562c6318a999d877a6b05647a480baa3d
--
nest.cx is Gmail hosted, use PGP: https://pgp.key-server.io/0x0B1542BD8DF5A1B0
Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0
syzbot
Apr 20, 2020, 2:35:04 PM4/20/20
to anedv...@gmail.com, gr...@nest.cx, syzkaller-o...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer still triggered crash:
uvm_fault: pfi_dynaddr_remove
login: uvm_fault(0xfffffd806bc09dd0, 0x440010051, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at pfi_dynaddr_remove+0x4a: movq 0x58(%r15),%r12
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
kernel page fault
uvm_fault(0xfffffd806bc09dd0, 0x440010051, 0, 1) -> e
pfi_dynaddr_remove(ffff800000a0b038) at pfi_dynaddr_remove+0x4a sys/net/pf_if.c:602
end trace frame: 0xffff80001d844a00, count: 0
ddb> trace
pfi_dynaddr_remove(ffff800000a0b038) at pfi_dynaddr_remove+0x4a sys/net/pf_if.c:602
pf_rm_rule(0,ffff800000a0b000) at pf_rm_rule+0x3ae sys/net/pf_ioctl.c:303
pfioctl(4900,cd604404,ffff800000a02000,c2,ffff80001d7a8d50) at pfioctl+0x30a9
VOP_IOCTL(fffffd80687bb000,cd604404,ffff800000a02000,c2,fffffd806c3bf840,ffff80001d7a8d50) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290
vn_ioctl(fffffd805d8c9e90,cd604404,ffff800000a02000,ffff80001d7a8d50) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531
sys_ioctl(ffff80001d7a8d50,ffff80001d844e48,ffff80001d844e90) at sys_ioctl+0x4a1
syscall(ffff80001d844f10) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa7794e8a6c0, count: -8
ddb> show registers
rdi 0x2
rsi 0x2
rbp 0xffff80001d8449a0
rbx 0x2
rdx 0x4
rcx 0
rax 0
r8 0xf8
r9 0x5
r10 0
r11 0xd29b318bb2d89f71
r12 0xffff800000a0b038
r13 0x10
r14 0xffff800000a0b038
r15 0x44000fff9
rip 0xffffffff81dd28aa pfi_dynaddr_remove+0x4a
cs 0x8
rflags 0x10206 __ALIGN_SIZE+0xf206
rsp 0xffff80001d844970
ss 0x10
pfi_dynaddr_remove+0x4a: movq 0x58(%r15),%r12
ddb> show proc
PROC (syz-executor.0) pid=166235 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=86, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff80001d7a8120,0xffff80001d73a878
process=0xffff8000ffffb5a0 user=0xffff80001d83f000, vmspace=0xfffffd806bc09dd0
estcpu=36, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
28541 22890 92123 0 2 0 syz-executor.1
28541 276551 92123 0 3 0x4000080 fsleep syz-executor.1
10447 204541 59480 0 2 0 syz-executor.0
10447 209515 59480 0 3 0x4000080 lockf syz-executor.0
*10447 166235 59480 0 7 0x4000000 syz-executor.0
10447 102914 59480 0 2 0x4000000 syz-executor.0
92123 101620 57406 0 3 0x82 nanosleep syz-executor.1
59480 454506 57406 0 3 0x82 nanosleep syz-executor.0
57406 203713 38972 0 3 0x82 thrsleep syz-execprog
57406 138714 38972 0 3 0x4000082 thrsleep syz-execprog
57406 305748 38972 0 3 0x4000082 thrsleep syz-execprog
57406 432505 38972 0 3 0x4000082 thrsleep syz-execprog
57406 304679 38972 0 3 0x4000082 kqread syz-execprog
57406 348440 38972 0 3 0x4000082 thrsleep syz-execprog
57406 168693 38972 0 3 0x4000082 thrsleep syz-execprog
38972 93222 6781 0 3 0x10008a pause ksh
6781 401025 2849 0 3 0x92 select sshd
72374 45181 1 0 3 0x100083 ttyin getty
2849 404192 1 0 3 0x80 select sshd
10822 146116 23046 73 3 0x100090 kqread syslogd
23046 65235 1 0 3 0x100082 netio syslogd
63230 145688 1 77 3 0x100090 poll dhclient
4308 180237 1 0 3 0x80 poll dhclient
44894 72436 0 0 3 0x14200 bored smr
12113 301149 0 0 2 0x14200 zerothread
9259 454975 0 0 3 0x14200 aiodoned aiodoned
2730 234339 0 0 3 0x14200 syncer update
74630 122598 0 0 3 0x14200 cleaner cleaner
54102 75333 0 0 3 0x14200 reaper reaper
59096 314542 0 0 3 0x14200 pgdaemon pagedaemon
27467 59376 0 0 3 0x14200 bored crynlk
14167 220412 0 0 3 0x14200 bored crypto
83554 101636 0 0 3 0x40014200 acpi0 acpi0
60308 132488 0 0 3 0x14200 bored softnet
96263 321234 0 0 3 0x14200 bored systqmp
52491 330793 0 0 3 0x14200 bored systq
16377 358973 0 0 3 0x40014200 bored softclock
95217 112763 0 0 3 0x40014200 idle0
1 276559 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9447 6323K 6323K 78643K 10544 0
pcb 13 8K 8K 78643K 13 0
rtable 108 3K 3K 78643K 192 0
ifaddr 43 11K 11K 78643K 43 0
counters 21 16K 16K 78643K 21 0
ioctlops 1 4K 4K 78643K 17 0
mount 1 1K 1K 78643K 1 0
vnodes 1199 75K 75K 78643K 1204 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 1K 78643K 2 0
VM map 2 0K 0K 78643K 2 0
sem 2 0K 0K 78643K 2 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1794 195K 288K 78643K 12646 0
file desc 5 16K 24K 78643K 40 0
proc 47 38K 63K 78643K 358 0
subproc 0 0K 1K 78643K 17 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 33 2K 2K 78643K 33 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 19 95K 95K 78643K 19 0
exec 0 0K 1K 78643K 202 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 78 20K 20K 78643K 1079 0
UVM aobj 2 2K 2K 78643K 2 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 9 0K 0K 78643K 9 0
temp 27 3029K 3094K 78643K 1974 0
kqueue 3 4K 4K 78643K 4 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 6 0 0 1 0 1 1 0 8 0
rtpcb 80 19 0 17 1 0 1 1 0 8 0
rtentry 112 45 0 1 2 0 2 2 0 8 0
unpcb 120 39 0 31 1 0 1 1 0 8 0
syncache 264 8 0 8 1 0 1 1 0 8 1
tcpqe 32 1 0 1 1 1 0 1 0 8 0
tcpcb 544 14 0 10 1 0 1 1 0 8 0
inpcb 280 36 0 29 1 0 1 1 0 8 0
nd6 48 6 0 0 1 0 1 1 0 8 0
pfrktable 1344 1 0 0 1 0 1 1 0 8 0
pfrule 1360 2 0 0 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 189 0 0 12 0 12 12 0 8 0
art_table 32 190 0 0 2 0 2 2 0 8 0
art_node 16 44 0 4 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 1429 0 28 88 0 88 88 0 8 0
ffsino 240 1429 0 28 83 0 83 83 0 8 0
nchpl 144 1669 0 58 60 0 60 60 0 8 0
uvmvnodes 72 1455 0 0 27 0 27 27 0 8 0
vnodes 208 1455 0 0 77 0 77 77 0 8 0
namei 1024 4533 0 4533 1 0 1 1 0 8 1
scxspl 192 5269 0 5269 1 0 1 1 0 8 1
plimitpl 152 19 0 12 1 0 1 1 0 8 0
sigapl 424 248 0 219 4 0 4 4 0 8 0
futexpl 56 14 0 13 2 1 1 1 0 8 0
knotepl 112 99 0 82 1 0 1 1 0 8 0
kqueuepl 144 6 0 1 1 0 1 1 0 8 0
pipelkpl 16 103 0 93 1 0 1 1 0 8 0
pipepl 120 206 0 187 1 0 1 1 0 8 0
fdescpl 432 234 0 219 2 0 2 2 0 8 0
filepl 120 1295 0 1228 4 1 3 3 0 8 0
lockfpl 104 7 0 4 1 0 1 1 0 8 0
lockfspl 48 4 0 2 1 0 1 1 0 8 0
sessionpl 112 26 0 16 1 0 1 1 0 8 0
pgrppl 48 26 0 16 1 0 1 1 0 8 0
ucredpl 96 84 0 77 1 0 1 1 0 8 0
zombiepl 144 219 0 219 1 0 1 1 0 8 1
processpl 920 248 0 219 4 0 4 4 0 8 0
procpl 624 266 0 227 3 0 3 3 0 8 0
sockpl 400 94 0 77 2 0 2 2 0 8 0
mcl4k 4096 16 0 16 1 0 1 1 0 8 1
mcl2k 2048 14535 0 14495 12 3 9 9 0 8 3
mtagpl 80 2 0 2 1 1 0 1 0 8 0
mbufpl 256 24424 0 24304 10 2 8 8 0 8 0
bufpl 280 4337 0 183 297 0 297 297 0 8 0
anonpl 16 30202 0 28671 16 4 12 13 0 107 3
amapchunkpl 152 1034 0 964 7 2 5 5 0 158 2
amappl16 192 208 0 172 3 1 2 2 0 8 0
amappl15 184 5 0 1 1 0 1 1 0 8 0
amappl14 176 43 0 39 1 0 1 1 0 8 0
amappl13 168 29 0 28 1 0 1 1 0 8 0
amappl12 160 7 0 6 2 1 1 1 0 8 0
amappl11 152 49 0 40 1 0 1 1 0 8 0
amappl10 144 27 0 23 1 0 1 1 0 8 0
amappl9 136 581 0 578 1 0 1 1 0 8 0
amappl8 128 280 0 274 1 0 1 1 0 8 0
amappl7 120 141 0 131 1 0 1 1 0 8 0
amappl6 112 43 0 40 1 0 1 1 0 8 0
amappl5 104 230 0 219 1 0 1 1 0 8 0
amappl4 96 546 0 520 1 0 1 1 0 8 0
amappl3 88 147 0 142 1 0 1 1 0 8 0
amappl2 80 1050 0 978 4 1 3 3 0 8 1
amappl1 72 16978 0 16538 27 9 18 20 0 8 9
amappl 80 534 0 502 1 0 1 1 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 1 0 0 1 0 1 1 0 8 0
uaddrrnd 24 234 0 219 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 234 0 219 1 0 1 1 0 8 0
vmmpekpl 168 8641 0 8621 1 0 1 1 0 8 0
vmmpepl 168 37167 0 36157 80 5 75 77 0 357 31
vmsppl 272 233 0 219 2 0 2 2 0 8 1
pdppl 4096 474 0 438 6 0 6 6 0 8 1
pvpl 32 150678 0 146737 118 2 116 116 0 265 81
pmappl 200 233 0 219 1 0 1 1 0 8 0
extentpl 40 46 0 29 1 0 1 1 0 8 0
phpool 112 228 0 7 7 0 7 7 0 8 0
Tested on:
commit: c4fa7f25 potential patch from sashan@
git tree: git://github.com/blackgnezdo/src
console output: https://syzkaller.appspot.com/x/log.txt?x=12cacf00100000
syzbot has tested the proposed patch but the reproducer still triggered crash:
uvm_fault: pfi_dynaddr_remove
login: uvm_fault(0xfffffd806bc09dd0, 0x440010051, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at pfi_dynaddr_remove+0x4a: movq 0x58(%r15),%r12
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
kernel page fault
uvm_fault(0xfffffd806bc09dd0, 0x440010051, 0, 1) -> e
pfi_dynaddr_remove(ffff800000a0b038) at pfi_dynaddr_remove+0x4a sys/net/pf_if.c:602
end trace frame: 0xffff80001d844a00, count: 0
ddb> trace
pfi_dynaddr_remove(ffff800000a0b038) at pfi_dynaddr_remove+0x4a sys/net/pf_if.c:602
pf_rm_rule(0,ffff800000a0b000) at pf_rm_rule+0x3ae sys/net/pf_ioctl.c:303
pfioctl(4900,cd604404,ffff800000a02000,c2,ffff80001d7a8d50) at pfioctl+0x30a9
VOP_IOCTL(fffffd80687bb000,cd604404,ffff800000a02000,c2,fffffd806c3bf840,ffff80001d7a8d50) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290
vn_ioctl(fffffd805d8c9e90,cd604404,ffff800000a02000,ffff80001d7a8d50) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531
sys_ioctl(ffff80001d7a8d50,ffff80001d844e48,ffff80001d844e90) at sys_ioctl+0x4a1
syscall(ffff80001d844f10) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa7794e8a6c0, count: -8
ddb> show registers
rdi 0x2
rsi 0x2
rbp 0xffff80001d8449a0
rbx 0x2
rdx 0x4
rcx 0
rax 0
r8 0xf8
r9 0x5
r10 0
r11 0xd29b318bb2d89f71
r12 0xffff800000a0b038
r13 0x10
r14 0xffff800000a0b038
r15 0x44000fff9
rip 0xffffffff81dd28aa pfi_dynaddr_remove+0x4a
cs 0x8
rflags 0x10206 __ALIGN_SIZE+0xf206
rsp 0xffff80001d844970
ss 0x10
pfi_dynaddr_remove+0x4a: movq 0x58(%r15),%r12
ddb> show proc
PROC (syz-executor.0) pid=166235 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=86, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff80001d7a8120,0xffff80001d73a878
process=0xffff8000ffffb5a0 user=0xffff80001d83f000, vmspace=0xfffffd806bc09dd0
estcpu=36, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
28541 22890 92123 0 2 0 syz-executor.1
28541 276551 92123 0 3 0x4000080 fsleep syz-executor.1
10447 204541 59480 0 2 0 syz-executor.0
10447 209515 59480 0 3 0x4000080 lockf syz-executor.0
*10447 166235 59480 0 7 0x4000000 syz-executor.0
10447 102914 59480 0 2 0x4000000 syz-executor.0
92123 101620 57406 0 3 0x82 nanosleep syz-executor.1
59480 454506 57406 0 3 0x82 nanosleep syz-executor.0
57406 203713 38972 0 3 0x82 thrsleep syz-execprog
57406 138714 38972 0 3 0x4000082 thrsleep syz-execprog
57406 305748 38972 0 3 0x4000082 thrsleep syz-execprog
57406 432505 38972 0 3 0x4000082 thrsleep syz-execprog
57406 304679 38972 0 3 0x4000082 kqread syz-execprog
57406 348440 38972 0 3 0x4000082 thrsleep syz-execprog
57406 168693 38972 0 3 0x4000082 thrsleep syz-execprog
38972 93222 6781 0 3 0x10008a pause ksh
6781 401025 2849 0 3 0x92 select sshd
72374 45181 1 0 3 0x100083 ttyin getty
2849 404192 1 0 3 0x80 select sshd
10822 146116 23046 73 3 0x100090 kqread syslogd
23046 65235 1 0 3 0x100082 netio syslogd
63230 145688 1 77 3 0x100090 poll dhclient
4308 180237 1 0 3 0x80 poll dhclient
44894 72436 0 0 3 0x14200 bored smr
12113 301149 0 0 2 0x14200 zerothread
9259 454975 0 0 3 0x14200 aiodoned aiodoned
2730 234339 0 0 3 0x14200 syncer update
74630 122598 0 0 3 0x14200 cleaner cleaner
54102 75333 0 0 3 0x14200 reaper reaper
59096 314542 0 0 3 0x14200 pgdaemon pagedaemon
27467 59376 0 0 3 0x14200 bored crynlk
14167 220412 0 0 3 0x14200 bored crypto
83554 101636 0 0 3 0x40014200 acpi0 acpi0
60308 132488 0 0 3 0x14200 bored softnet
96263 321234 0 0 3 0x14200 bored systqmp
52491 330793 0 0 3 0x14200 bored systq
16377 358973 0 0 3 0x40014200 bored softclock
95217 112763 0 0 3 0x40014200 idle0
1 276559 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9447 6323K 6323K 78643K 10544 0
pcb 13 8K 8K 78643K 13 0
rtable 108 3K 3K 78643K 192 0
ifaddr 43 11K 11K 78643K 43 0
counters 21 16K 16K 78643K 21 0
ioctlops 1 4K 4K 78643K 17 0
mount 1 1K 1K 78643K 1 0
vnodes 1199 75K 75K 78643K 1204 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 1K 78643K 2 0
VM map 2 0K 0K 78643K 2 0
sem 2 0K 0K 78643K 2 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1794 195K 288K 78643K 12646 0
file desc 5 16K 24K 78643K 40 0
proc 47 38K 63K 78643K 358 0
subproc 0 0K 1K 78643K 17 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 33 2K 2K 78643K 33 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 19 95K 95K 78643K 19 0
exec 0 0K 1K 78643K 202 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 78 20K 20K 78643K 1079 0
UVM aobj 2 2K 2K 78643K 2 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 9 0K 0K 78643K 9 0
temp 27 3029K 3094K 78643K 1974 0
kqueue 3 4K 4K 78643K 4 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 6 0 0 1 0 1 1 0 8 0
rtpcb 80 19 0 17 1 0 1 1 0 8 0
rtentry 112 45 0 1 2 0 2 2 0 8 0
unpcb 120 39 0 31 1 0 1 1 0 8 0
syncache 264 8 0 8 1 0 1 1 0 8 1
tcpqe 32 1 0 1 1 1 0 1 0 8 0
tcpcb 544 14 0 10 1 0 1 1 0 8 0
inpcb 280 36 0 29 1 0 1 1 0 8 0
nd6 48 6 0 0 1 0 1 1 0 8 0
pfrktable 1344 1 0 0 1 0 1 1 0 8 0
pfrule 1360 2 0 0 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 189 0 0 12 0 12 12 0 8 0
art_table 32 190 0 0 2 0 2 2 0 8 0
art_node 16 44 0 4 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 1429 0 28 88 0 88 88 0 8 0
ffsino 240 1429 0 28 83 0 83 83 0 8 0
nchpl 144 1669 0 58 60 0 60 60 0 8 0
uvmvnodes 72 1455 0 0 27 0 27 27 0 8 0
vnodes 208 1455 0 0 77 0 77 77 0 8 0
namei 1024 4533 0 4533 1 0 1 1 0 8 1
scxspl 192 5269 0 5269 1 0 1 1 0 8 1
plimitpl 152 19 0 12 1 0 1 1 0 8 0
sigapl 424 248 0 219 4 0 4 4 0 8 0
futexpl 56 14 0 13 2 1 1 1 0 8 0
knotepl 112 99 0 82 1 0 1 1 0 8 0
kqueuepl 144 6 0 1 1 0 1 1 0 8 0
pipelkpl 16 103 0 93 1 0 1 1 0 8 0
pipepl 120 206 0 187 1 0 1 1 0 8 0
fdescpl 432 234 0 219 2 0 2 2 0 8 0
filepl 120 1295 0 1228 4 1 3 3 0 8 0
lockfpl 104 7 0 4 1 0 1 1 0 8 0
lockfspl 48 4 0 2 1 0 1 1 0 8 0
sessionpl 112 26 0 16 1 0 1 1 0 8 0
pgrppl 48 26 0 16 1 0 1 1 0 8 0
ucredpl 96 84 0 77 1 0 1 1 0 8 0
zombiepl 144 219 0 219 1 0 1 1 0 8 1
processpl 920 248 0 219 4 0 4 4 0 8 0
procpl 624 266 0 227 3 0 3 3 0 8 0
sockpl 400 94 0 77 2 0 2 2 0 8 0
mcl4k 4096 16 0 16 1 0 1 1 0 8 1
mcl2k 2048 14535 0 14495 12 3 9 9 0 8 3
mtagpl 80 2 0 2 1 1 0 1 0 8 0
mbufpl 256 24424 0 24304 10 2 8 8 0 8 0
bufpl 280 4337 0 183 297 0 297 297 0 8 0
anonpl 16 30202 0 28671 16 4 12 13 0 107 3
amapchunkpl 152 1034 0 964 7 2 5 5 0 158 2
amappl16 192 208 0 172 3 1 2 2 0 8 0
amappl15 184 5 0 1 1 0 1 1 0 8 0
amappl14 176 43 0 39 1 0 1 1 0 8 0
amappl13 168 29 0 28 1 0 1 1 0 8 0
amappl12 160 7 0 6 2 1 1 1 0 8 0
amappl11 152 49 0 40 1 0 1 1 0 8 0
amappl10 144 27 0 23 1 0 1 1 0 8 0
amappl9 136 581 0 578 1 0 1 1 0 8 0
amappl8 128 280 0 274 1 0 1 1 0 8 0
amappl7 120 141 0 131 1 0 1 1 0 8 0
amappl6 112 43 0 40 1 0 1 1 0 8 0
amappl5 104 230 0 219 1 0 1 1 0 8 0
amappl4 96 546 0 520 1 0 1 1 0 8 0
amappl3 88 147 0 142 1 0 1 1 0 8 0
amappl2 80 1050 0 978 4 1 3 3 0 8 1
amappl1 72 16978 0 16538 27 9 18 20 0 8 9
amappl 80 534 0 502 1 0 1 1 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 1 0 0 1 0 1 1 0 8 0
uaddrrnd 24 234 0 219 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 234 0 219 1 0 1 1 0 8 0
vmmpekpl 168 8641 0 8621 1 0 1 1 0 8 0
vmmpepl 168 37167 0 36157 80 5 75 77 0 357 31
vmsppl 272 233 0 219 2 0 2 2 0 8 1
pdppl 4096 474 0 438 6 0 6 6 0 8 1
pvpl 32 150678 0 146737 118 2 116 116 0 265 81
pmappl 200 233 0 219 1 0 1 1 0 8 0
extentpl 40 46 0 29 1 0 1 1 0 8 0
phpool 112 228 0 7 7 0 7 7 0 8 0
Tested on:
commit: c4fa7f25 potential patch from sashan@
git tree: git://github.com/blackgnezdo/src
console output: https://syzkaller.appspot.com/x/log.txt?x=12cacf00100000
Reply all
Reply to author
Forward
0 new messages