syzbot |
sign-in | mailing list | source | docs |
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address = 0x28
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff81a93a1e
stack pointer = 0x28:0xfffffe00575e44e0
frame pointer = 0x28:0xfffffe00575e4670
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 836 (syz-executor)
rdi: 0000000000000028 rsi: 000000000000017e rdx: 000000000000017d
rcx: fffffe00033eee30 r8: 0000000000000000 r9: 0000000000000001
rax: fffffe00033eee30 rbx: 1fffffc00aebc8a4 rbp: fffffe00575e4670
r10: bb01000000000000 r11: fffffe005491ac60 r12: fffffe0008bff110
r13: dffff7c000000000 r14: 0000000000000000 r15: fffffe0008bd7000
trap number = 12
panic: page fault
cpuid = 1
time = 1748632342
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe00575e3d10
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe00575e3e70
vpanic() at vpanic+0x257/frame 0xfffffe00575e4030
panic() at panic+0xb5/frame 0xfffffe00575e40f0
trap_pfault() at trap_pfault+0xaec/frame 0xfffffe00575e4230
trap() at trap+0x78e/frame 0xfffffe00575e4410
calltrap() at calltrap+0x8/frame 0xfffffe00575e4410
--- trap 0xc, rip = 0xffffffff81a93a1e, rsp = 0xfffffe00575e44e0, rbp = 0xfffffe00575e4670 ---
mld_change_state() at mld_change_state+0x13e/frame 0xfffffe00575e4670
in6_leavegroup_locked() at in6_leavegroup_locked+0x17b/frame 0xfffffe00575e47a0
ip6_freemoptions() at ip6_freemoptions+0x282/frame 0xfffffe00575e4800
in_pcbfree() at in_pcbfree+0x682/frame 0xfffffe00575e4850
sorele_locked() at sorele_locked+0x264/frame 0xfffffe00575e4890
soclose() at soclose+0x41f/frame 0xfffffe00575e4980
_fdrop() at _fdrop+0x5c/frame 0xfffffe00575e49b0
closef() at closef+0x655/frame 0xfffffe00575e4b90
closefp_impl() at closefp_impl+0xd2/frame 0xfffffe00575e4bd0
kern_dup() at kern_dup+0x8b5/frame 0xfffffe00575e4d10
amd64_syscall() at amd64_syscall+0x4af/frame 0xfffffe00575e4f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00575e4f30
--- syscall (198, FreeBSD ELF64, __syscall), rip = 0x3a197a, rsp = 0x82640ef08, rbp = 0x82640ef80 ---
KDB: enter: panic
[ thread pid 836 tid 100166 ]
Stopped at kdb_enter+0x6e: movq $0,0x25be9e7(%rip)
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0xfffffe006f200000
rdx 0x7ffff
rbx 0xffffffff827b0640 .str.27
rsp 0xfffffe00575e3e50
rbp 0xfffffe00575e3e70
rsi 0x80001
rdi 0xffffffff81614609 printf+0x149
r8 0
r9 0xffffffff
r10 0
r11 0x17
r12 0xfffffe005491a740
r13 0xfffffffffffffffd
r14 0xffffffff827b0640 .str.27
r15 0
rip 0xffffffff815fe7ae kdb_enter+0x6e
rflags 0x46
kdb_enter+0x6e: movq $0,0x25be9e7(%rip)
db> show proc
Process 836 (syz-executor) at 0xfffffe000800a5c0:
state: NORMAL
uid: 0 gids: 0, 0, 5
parent: pid 765 at 0xfffffe00548f85c0
ABI: FreeBSD ELF64
flag: 0x10000080 flag2: 0
arguments: ./syz-executor exec
reaper: 0xfffffe0008009040 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00548d1b68
(map 0xfffffe00548d1b68)
(map.pmap 0xfffffe00548d1c08)
(pmap 0xfffffe00548d1c78)
threads: 3
100089 RunQ syz-executor
100166 Run CPU 1 syz-executor
100167 S uwait 0xfffffe0058cf5800 syz-executor
db> ps
pid ppid pgrp uid state wmesg wchan cmd
836 765 765 0 R (threaded) syz-executor
100089 RunQ syz-executor
100166 Run CPU 1 syz-executor
100167 S uwait 0xfffffe0058cf5800 syz-executor
835 763 835 0 L *mld_mtx 0xfffffe00081fd540 syz-executor
834 809 834 0 Ss select 0xfffffe006ece1040 dhclient
831 1 765 60929 S uwait 0xfffffe000828c900 syz-executor
827 0 0 0 DL (threaded) [KTLS]
100146 D - 0xfffffe006bced300 [thr_0]
100147 D - 0xfffffe006bced380 [thr_1]
100148 D - 0xffffffff83cafc28 [reclaim_0]
826 1 765 0 S uwait 0xfffffe0058a6ab80 syz-executor
821 1 821 0 Ss select 0xfffffe0059e8c740 dhclient
814 0 0 0 DL aiordy 0xfffffe0054809060 [aiod4]
813 0 0 0 DL aiordy 0xfffffe00548f75a0 [aiod3]
812 0 0 0 DL aiordy 0xfffffe000800a060 [aiod2]
811 0 0 0 DL aiordy 0xfffffe0008009b00 [aiod1]
809 788 424 65 S select 0xfffffe0059e8cdc0 dhclient
788 424 424 0 S wait 0xfffffe00548f7040 sh
767 763 767 0 S piperd 0xfffffe006bc37b80 syz-executor
766 763 766 0 S piperd 0xfffffe006bc429e0 syz-executor
765 763 765 0 R syz-executor
763 761 761 0 R syz-executor
761 759 761 0 Ss pause 0xfffffe00548f7bb0 csh
759 682 759 0 Ss select 0xfffffe0059e8c2c0 sshd
748 1 748 0 Rs+ CPU 0 getty
747 1 747 0 Ss+ ttyin 0xfffffe0059c080b0 getty
746 1 746 0 Ss+ ttyin 0xfffffe0059c084b0 getty
745 1 745 0 Ss+ ttyin 0xfffffe0059c088b0 getty
744 1 744 0 Ss+ ttyin 0xfffffe0059c08cb0 getty
743 1 743 0 Ss+ ttyin 0xfffffe0059c090b0 getty
742 1 742 0 Ss+ ttyin 0xfffffe0059c094b0 getty
741 1 741 0 Ss+ ttyin 0xfffffe0059c098b0 getty
740 1 740 0 Ss+ ttyin 0xfffffe0059c09cb0 getty
738 1 18 0 S+ piperd 0xfffffe006bc36420 logger
737 736 18 0 S+ nanslp 0xffffffff83b9e500 sleep
736 1 18 0 S+ wait 0xfffffe00548ce040 sh
686 1 686 0 Ss nanslp 0xffffffff83b9e500 cron
682 1 682 0 Ss select 0xfffffe0059e901c0 sshd
495 1 495 0 Ss select 0xfffffe0059e8c440 syslogd
424 1 424 0 Ss wait 0xfffffe0054807020 devd
423 1 423 65 Ss select 0xfffffe0059e8c540 dhclient
338 1 338 0 Ss select 0xfffffe0059e8c640 dhclient
335 1 335 0 Ss select 0xfffffe0059e902c0 dhclient
17 0 0 0 DL syncer 0xffffffff83cbbda0 [syncer]
16 0 0 0 RL [vnlru]
15 0 0 0 DL (threaded) [bufdaemon]
100080 D psleep 0xffffffff83cba360 [bufdaemon]
100083 D - 0xffffffff83001ec0 [bufspacedaemon-0]
100094 D sdflush 0xfffffe005860d4e8 [/ worker]
9 0 0 0 DL psleep 0xffffffff83d05380 [vmdaemon]
8 0 0 0 DL (threaded) [pagedaemon]
100078 D psleep 0xffffffff83ceb2f8 [dom0]
100081 D launds 0xffffffff83ceb304 [laundry: dom0]
100082 D umarcl 0xffffffff81dcfc40 [uma]
7 0 0 0 DL - 0xffffffff8391bcd0 [rand_harvestq]
6 0 0 0 DL pftm 0xffffffff8468e850 [pf purge]
5 0 0 0 DL waiting 0xffffffff844df700 [sctp_iterator]
4 0 0 0 DL (threaded) [cam]
100046 D - 0xffffffff838e6340 [doneq0]
100047 D - 0xffffffff838e62c0 [async]
100076 D - 0xffffffff838e6140 [scanner]
3 0 0 0 DL (threaded) [crypto]
100043 D crypto_ 0xffffffff83ce6b40 [crypto]
100044 D crypto_ 0xfffffe00546b2030 [crypto returns 0]
100045 D crypto_ 0xfffffe00546b2080 [crypto returns 1]
14 0 0 0 DL seqstat 0xfffffe00547e8c88 [sequencer 00]
13 0 0 0 DL (threaded) [geom]
100037 D - 0xffffffff83b46f00 [g_event]
100038 D - 0xffffffff83b46f20 [g_up]
100039 D - 0xffffffff83b46f40 [g_down]
2 0 0 0 LL (threaded) [clock]
100031 L *in6_mul 0xfffffe0008005a80 [clock (0)]
100032 I [clock (1)]
12 0 0 0 WL (threaded) [intr]
100013 I [swi6: task queue]
100014 I [swi6: Giant taskq]
100016 I [swi5: fast taskq]
100033 I [swi1: netisr 0]
100034 I [swi1: hpts]
100035 I [swi1: hpts]
100048 I [irq24: virtio_pci0]
100049 I [irq25: virtio_pci0]
100050 I [irq26: virtio_pci0]
100051 I [irq27: virtio_pci0]
100052 I [irq28: virtio_pci1]
100053 I [irq29: virtio_pci1]
100054 I [irq30: virtio_pci1]
100055 I [irq31: virtio_pci1]
100056 I [irq32: virtio_pci1]
100061 I [irq10: virtio_pci2]
100063 I [irq1: atkbd0]
100064 I [irq12: psm0]
100065 I [swi0: uart uart++]
100069 I [swi1: pf send]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffffe0008009040 [init]
10 0 0 0 DL audit_w 0xffffffff83ce75e0 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D parked 0xffffffff84c2dff0 [swapper]
100005 D - 0xfffffe0008286900 [softirq_0]
100006 D - 0xfffffe0008286700 [softirq_1]
100007 D - 0xfffffe0008286500 [if_io_tqg_0]
100008 D - 0xfffffe0008286300 [if_io_tqg_1]
100009 D - 0xfffffe0008286100 [if_config_tqg_0]
100010 D - 0xfffffe0007fd1000 [kqueue_ctx taskq]
100011 D - 0xfffffe0007fd0e00 [jail_remove taskq]
100012 D - 0xfffffe0007fd0d00 [bus taskq]
100015 D - 0xfffffe0007fd0a00 [thread taskq]
100017 D - 0xfffffe0007fd0800 [aiod_kick taskq]
100018 D - 0xfffffe0007fd0700 [deferred_unmount ta]
100019 D - 0xfffffe0007fd0600 [inm_free taskq]
100020 D - 0xfffffe0007fd0500 [in6m_free taskq]
100021 D - 0xfffffe0007fd0400 [linuxkpi_irq_wq]
100022 D - 0xfffffe0007fd0300 [linuxkpi_short_wq_0]
100023 D - 0xfffffe0007fd0300 [linuxkpi_short_wq_1]
100024 D - 0xfffffe0007fd0300 [linuxkpi_short_wq_2]
100025 D - 0xfffffe0007fd0300 [linuxkpi_short_wq_3]
100026 D - 0xfffffe0007fd0200 [linuxkpi_long_wq_0]
100027 D - 0xfffffe0007fd0200 [linuxkpi_long_wq_1]
100028 D - 0xfffffe0007fd0200 [linuxkpi_long_wq_2]
100029 D - 0xfffffe0007fd0200 [linuxkpi_long_wq_3]
100036 D - 0xfffffe0007fd0100 [firmware taskq]
100041 D - 0xfffffe0007fcfe00 [crypto_0]
100042 D - 0xfffffe0007fcfe00 [crypto_1]
100057 D - 0xfffffe0007fcfc00 [vtnet0 rxq 0]
100058 D - 0xfffffe0007fcfb00 [vtnet0 txq 0]
100059 D - 0xfffffe0007fcfa00 [vtnet0 rxq 1]
100060 D - 0xfffffe0007fcf900 [vtnet0 txq 1]
100062 D vtbslp 0xfffffe0058582b00 [virtio_balloon]
100066 D - 0xffffffff827b5980 [deadlkres]
100070 D - 0xfffffe0058d69700 [acpi_task_0]
100071 D - 0xfffffe0058d69700 [acpi_task_1]
100072 D - 0xfffffe0058d69700 [acpi_task_2]
100074 D - 0xfffffe0007fd1100 [mca taskq]
100075 D - 0xfffffe0007fcfd00 [CAM taskq]
100077 D - 0xfffffe0058d69600 [ipsec_offload]
db> show all locks
Process 836 (syz-executor) thread 0xfffffe005491a740 (100166)
exclusive sleep mutex mld_mtx (mld_mtx) r = 0 (0xffffffff83ce2280) locked @ /syzkaller/managers/main/kernel/sys/netinet6/mld6.c:1898
exclusive sleep mutex in6_multi_list_mtx (in6_multi_list_mtx) r = 0 (0xffffffff83ce20a0) locked @ /syzkaller/managers/main/kernel/sys/netinet6/in6_mcast.c:1387
exclusive sx in6_multi_sx (in6_multi_sx) r = 0 (0xffffffff83ce20e0) locked @ /syzkaller/managers/main/kernel/sys/netinet6/in6_mcast.c:1330
Process 835 (syz-executor) thread 0xfffffe0054900740 (100115)
shared lockmgr devfs (devfs) r = 0 (0xfffffe0058c4a228) locked @ /syzkaller/managers/main/kernel/sys/fs/devfs/devfs_vnops.c:375
Process 748 (getty) thread 0xfffffe00548f1740 (100113)
exclusive sleep mutex ttymtx (ttymtx) r = 0 (0xfffffe0058a95c08) locked @ /syzkaller/managers/main/kernel/sys/kern/tty_ttydisc.c:572
Process 2 (clock) thread 0xfffffe000801a740 (100031)
shared rw vnet_rwlock (vnet_rwlock) r = 0 (0xffffffff83cc0340) locked @ /syzkaller/managers/main/kernel/sys/netinet6/mld6.c:1304
db> show malloc
Type InUse MemUse Requests
pf_hash 6 12804K 6
linker 376 5063K 486
tcp_hpts 7 4801K 7
devbuf 4188 4324K 4213
sysctloid 34987 2061K 35062
vtbuf 24 1968K 46
kobj 331 1324K 495
newblk 433 1132K 527
vfscache 3 1025K 3
pcb 28 671K 73
inodedep 75 540K 114
ufs_quota 1 512K 1
vfs_hash 1 512K 1
callout 2 512K 2
intr 4 472K 4
subproc 123 250K 905
vnet_data 2 224K 2
acpitask 1 224K 1
KTRACE 100 200K 100
acpica 1674 184K 54426
vmem 5 144K 7
tidhash 3 141K 3
pagedep 25 134K 42
tfo_ccache 1 128K 1
IP reass 1 128K 1
filedesc 16 121K 98
DEVFS1 110 110K 129
sem 4 106K 4
gtaskqueue 18 98K 18
bus 997 82K 5063
mtx_pool 3 74K 3
syncache 1 68K 1
NFSD srvcache 3 68K 3
module 521 66K 521
ddb_capture 1 64K 1
temp 33 37K 1853
kdtrace 189 37K 1007
umtx 288 36K 288
BPF 21 36K 22
hostcache 1 32K 1
shm 1 32K 1
DEVFS3 127 32K 138
msg 4 30K 4
kbdmux 6 28K 6
DEVFS_RULE 56 20K 56
ifaddr 64 18K 75
routetbl 154 17K 487
ufs_mount 4 17K 5
proc 3 17K 3
LRO 16 17K 18
tty 16 16K 16
ithread 90 15K 90
bus-sc 34 15K 1647
eventhandler 163 14K 163
ifnet 7 13K 8
kenv 95 12K 95
lltable 37 12K 45
GEOM 61 11K 477
ether_multi 129 11K 167
CAM queue 5 11K 1528
rman 82 10K 437
rpc 8 9K 8
plimit 23 9K 342
bmsafemap 3 9K 83
devstat 4 9K 4
UART 12 9K 12
ksem 1 8K 1
shmfd 1 8K 2
pfs_vncache 1 8K 1
audit_evclass 239 8K 301
in6_multi 56 8K 66
taskqueue 69 8K 78
cred 26 7K 195
sglist 6 7K 6
CAM DEV 3 6K 510
pfs_nodes 22 6K 22
ufs_dirhash 24 5K 24
dirrem 18 5K 57
diradd 36 5K 77
UMA 267 5K 267
pf_ifnet 10 5K 22
vt 11 5K 11
memdesc 1 4K 1
MCA 32 4K 32
evdev 4 4K 4
kqueue 57 4K 856
pwddesc 56 4K 840
acpisem 28 4K 28
selfd 49 4K 7333
DEVFSP 45 3K 62
indirdep 11 3K 32
terminal 11 3K 11
session 22 3K 34
proc-args 81 3K 1885
uidinfo 5 3K 8
acpidev 20 3K 20
hhook 8 3K 10
mkdir 18 3K 60
clone 9 3K 9
kcovinfo 36 3K 45
local_apic 1 2K 1
io_apic 1 2K 1
ipsec-saq 2 2K 2
lockf 19 2K 29
newdirblk 15 2K 30
Unitno 28 2K 58
ip6ndp 11 2K 14
CAM XPT 22 2K 543
tun 4 2K 5
select 12 2K 33
toponodes 6 2K 6
sctp_ifa 11 2K 14
ipsecpolicy 2 2K 2
in_multi 5 2K 8
msi 9 2K 9
netlink 2 2K 85
softdep 1 1K 1
sahead 1 1K 1
secasvar 1 1K 1
nhops 6 1K 8
vnodemarker 2 1K 8
NFSD session 1 1K 1
CAM periph 4 1K 271
ipsec 3 1K 3
mld 6 1K 7
pfil 6 1K 6
isadev 6 1K 6
mount 16 1K 140
pci_link 10 1K 10
sctp_ifn 5 1K 14
crypto 4 1K 8
CC Mem 5 1K 16
encap_export_host 12 1K 12
igmp 5 1K 6
osd 10 1K 33
inpcbpolicy 17 1K 184
cdev 2 1K 2
lkpikmalloc 8 1K 9
sctp_atcl 1 1K 9
chacha20random 1 1K 1
biobuf 1 1K 1
sctp_timw 1 1K 1
freefile 2 1K 25
vnodes 1 1K 1
ktls 1 1K 6
procdesc 2 1K 8
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
DEVFS 9 1K 10
CAM SIM 2 1K 2
feeder 7 1K 7
frag6 2 1K 2
tcpfunc 3 1K 3
loginclass 3 1K 5
prison 6 1K 6
cryptodev 2 1K 37
nexusdev 8 1K 8
apmdev 1 1K 1
atkbddev 2 1K 2
in6_mfilter 2 1K 2
VN POLL 1 1K 1
aio 4 1K 4
pmchooks 1 1K 1
filecaps 5 1K 72
CAM path 4 1K 1034
CAM dev queue 2 1K 2
CAM I/O Scheduler 1 1K 1
soname 4 1K 3322
sctp_vrf 1 1K 1
ip_moptions 1 1K 1
in_mfilter 1 1K 1
vnet 1 1K 1
pmc 1 1K 1
entropy 2 1K 34
acpiintr 1 1K 1
sctp_atky 1 1K 10
cpus 2 1K 2
freework 1 1K 56
ip6_moptions 1 1K 1
vnet_data_free 1 1K 1
Per-cpu 1 1K 1
sctp_athm 1 1K 9
p1003.1b 1 1K 1
tcp_pcm_rack 0 0K 0
tcp_do_rack 0 0K 0
tcp_fsb_rack 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_krule_item 0 0K 0
pf_temp 0 0K 0
ipcomp 0 0K 0
esp 0 0K 0
ah 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 6
sctp_iter 0 0K 14
sctp_mvrf 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_a_it 0 0K 14
sctp_aadr 0 0K 0
sctp_stro 0 0K 1
sctp_stri 0 0K 0
sctp_map 0 0K 2
filemon 0 0K 2
mqdata 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
ixl 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
iavf 0 0K 0
axgbe 0 0K 0
fpukern_ctx 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
NMI handlers 0 0K 0
bounce 0 0K 0
busdma 0 0K 0
qpidrv 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
amdiommu_dom 0 0K 0
amdiommu_ctx 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
aesni_data 0 0K 0
xenbus 0 0K 0
vm_fictitious 0 0K 0
UMAHash 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 59
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 2
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freeblks 0 0K 41
freefrag 0 0K 3
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
ktls_ocf 0 0K 1
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS_RX 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
simple_attr 0 0K 0
seq_file 0 0K 0
lkpiskb 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpindev 0 0K 0
lkpimhi 0 0K 0
lkpifw 0 0K 0
lkpi80211 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 2
ipsecrequest 0 0K 0
ip6opt 0 0K 5
ip6_msource 0 0K 1
tcplog 0 0K 0
tcp_hwpace 0 0K 0
ip_msource 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 19
fadvise 0 0K 0
statfs 0 0K 184
namei_tracker 0 0K 1
export_host 0 0K 0
cl_savebuf 0 0K 7
lio 0 0K 0
acl 0 0K 0
mbuf_tag 0 0K 0
accf 0 0K 0
pts 0 0K 0
timerfd 0 0K 0
iov 0 0K 13612
ioctlops 0 0K 103
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
sbuf 0 0K 296
firmware 0 0K 0
compressor 0 0K 0
SWAP 0 0K 0
sysctltmp 0 0K 649
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
cache 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
boottrace 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
tmpfs extattr 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
NFSD V4lock 0 0K 0
NFSD V4state 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
xnb 0 0K 0
xen_acpi 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
pvscsi 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
twsbuf 0 0K 0
tcp_log_dev 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
SIIS driver 0 0K 0
PUC 0 0K 0
ppbusdev 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
mpi3mrbuf 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
md_sectors 0 0K 0
md_disk 0 0K 1
malodev 0 0K 0
LED 0 0K 0
ix_sriov 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
AHCI driver 0 0K 0
agp 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
acpicmbat 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 350
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
scsi_da 0 0K 70
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
nvme_da 0 0K 0
CAM CCB 0 0K 523
CAM ccb queue 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 1078 12198 0 254 38494208 0
mbuf 256 8644 1018 17602 0 254 2473472 0
BUF TRIE 152 214 11590 481 0 62 1794208 0
malloc-4096 4096 389 5 1891 0 2 1613824 0
malloc-384 384 4157 43 4172 0 30 1612800 0
tcp_log 416 521 3295 6739 0 254 1587456 0
malloc-128 128 12040 205 12757 0 126 1567360 0
UMA Slabs 0 112 10954 20 10954 0 126 1229088 0
mbuf_cluster 2048 508 0 508 0 254 1040384 0
RADIX NODE 152 6031 256 27080 0 62 955624 0
vmem btag 56 16295 88 16295 0 254 917448 0
malloc-65536 65536 13 0 16 0 1 851968 0
FFS inode 1168 540 20 565 0 8 654080 0
sctp_asoc 2256 0 255 1 0 254 575280 0
socket 1024 33 475 1392 0 254 520192 0
lkpicurr 168 2 3094 2 0 62 520128 0
pbuf 2624 0 198 0 0 2 519552 0
256 Bucket 2048 133 19 1025 0 8 311296 0
sctp_ep 1152 1 258 8 0 254 298368 0
VM OBJECT 248 1102 82 13524 0 62 293632 0
malloc-64 64 4016 331 11401 0 254 278208 0
VNODE 440 577 53 605 0 30 277200 0
THREAD 1824 132 12 167 0 8 262656 0
malloc-16384 16384 10 6 49 0 1 262144 0
malloc-2048 2048 3 125 1085 0 8 262144 0
malloc-16 16 14462 288 14800 0 254 236000 0
malloc-2048 2048 103 9 110 0 8 229376 0
DEVCTL 1024 28 192 155 0 0 225280 0
malloc-65536 65536 1 2 61 0 1 196608 0
sctp_raddr 736 0 264 1 0 254 194304 0
UMA Zones 768 239 0 239 0 16 183552 0
malloc-32 32 5329 341 5646 0 254 181440 0
malloc-128 128 1138 257 25280 0 126 178560 0
lkpimm 56 1 3095 1 0 254 173376 0
unpcb 320 11 505 1167 0 254 165120 0
malloc-32768 32768 3 2 123 0 1 163840 0
FFS2 dinode 256 540 90 565 0 62 161280 0
malloc-1024 1024 127 17 153 0 16 147456 0
malloc-256 256 483 87 749 0 62 145920 0
MAP ENTRY 96 1226 286 42269 0 126 145152 0
malloc-4096 4096 31 3 96 0 2 139264 0
FPU_save_area 832 134 28 189 0 16 134784 0
S VFS Cache 104 996 291 1053 0 126 133848 0
malloc-65536 65536 0 2 118 0 1 131072 0
malloc-65536 65536 2 0 2 0 1 131072 0
mbuf_packet 256 14 494 658 0 254 130048 0
ksiginfo 112 51 993 70 0 126 116928 0
malloc-32768 32768 2 1 13 0 1 98304 0
PROC 1376 55 11 838 0 8 90816 0
UMA Kegs 384 225 8 225 0 30 89472 0
128 Bucket 1024 45 38 237 0 16 84992 0
malloc-256 256 239 76 835 0 62 80640 0
filedesc0 1072 56 14 840 0 8 75040 0
malloc-64 64 570 501 2380 0 254 68544 0
malloc-128 128 362 165 520 0 126 67456 0
malloc-128 128 330 197 808 0 126 67456 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-16384 16384 4 0 5 0 1 65536 0
malloc-1024 1024 14 50 526 0 16 65536 0
64 Bucket 512 74 54 2047 0 30 65536 0
malloc-256 256 165 90 513 0 62 65280 0
g_bio 408 0 150 5166 0 30 61200 0
malloc-384 384 126 24 469 0 30 57600 0
malloc-8192 8192 6 1 9 0 1 57344 0
malloc-64 64 284 535 13608 0 254 52416 0
malloc-64 64 536 283 1561 0 254 52416 0
malloc-128 128 145 258 597 0 126 51584 0
malloc-128 128 138 265 231 0 126 51584 0
32 Bucket 256 62 133 655 0 62 49920 0
DIRHASH 1024 34 14 34 0 16 49152 0
NAMEI 1024 1 47 12796 0 16 49152 0
malloc-2048 2048 11 13 61 0 8 49152 0
malloc-384 384 75 45 115 0 30 46080 0
syncache 168 0 264 3 0 254 44352 0
malloc-8192 8192 3 2 86 0 1 40960 0
malloc-4096 4096 5 5 11 0 2 40960 0
pcpu-8 8 4704 416 4990 0 254 40960 0
pipe 736 20 35 296 0 16 40480 0
da_ccb 544 0 70 1392 0 16 38080 0
udp_inpcb 408 7 83 154 0 30 36720 0
hostcache 64 2 565 2 0 254 36288 0
malloc-64 64 8 559 24 0 254 36288 0
malloc-64 64 110 457 1540 0 254 36288 0
malloc-64 64 96 471 364 0 254 36288 0
malloc-128 128 35 244 97 0 126 35712 0
malloc-128 128 48 231 3314 0 126 35712 0
routing nhops 256 24 111 35 0 62 34560 0
ttyoutq 256 72 63 160 0 62 34560 0
malloc-256 256 70 65 236 0 62 34560 0
malloc-256 256 26 109 894 0 62 34560 0
malloc-256 256 31 104 122 0 62 34560 0
malloc-256 256 67 68 105 0 62 34560 0
malloc-256 256 30 105 304 0 62 34560 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-32768 32768 0 1 2 0 1 32768 0
malloc-32768 32768 0 1 20 0 1 32768 0
malloc-32768 32768 1 0 1 0 1 32768 0
malloc-16384 16384 0 2 190 0 1 32768 0
malloc-8192 8192 3 1 29 0 1 32768 0
malloc-8192 8192 4 0 4 0 1 32768 0
malloc-8192 8192 2 2 21 0 1 32768 0
malloc-8192 8192 4 0 4 0 1 32768 0
malloc-4096 4096 4 4 12 0 2 32768 0
malloc-2048 2048 9 7 22 0 8 32768 0
malloc-2048 2048 9 7 27 0 8 32768 0
malloc-2048 2048 3 13 31 0 8 32768 0
malloc-2048 2048 2 14 2 0 8 32768 0
malloc-2048 2048 4 12 195 0 8 32768 0
malloc-1024 1024 2 30 42 0 16 32768 0
malloc-1024 1024 3 29 1017 0 16 32768 0
malloc-1024 1024 5 27 163 0 16 32768 0
malloc-1024 1024 16 16 17 0 16 32768 0
malloc-512 512 1 63 111 0 30 32768 0
malloc-512 512 7 57 12 0 30 32768 0
malloc-512 512 2 62 31 0 30 32768 0
malloc-512 512 0 64 19 0 30 32768 0
malloc-512 512 9 55 9 0 30 32768 0
pcpu-64 64 496 16 496 0 254 32768 0
ttyinq 160 135 65 300 0 62 32000 0
PGRP 120 26 238 39 0 126 31680 0
clpbuf 2624 0 12 20 0 4 31488 0
tcp_inpcb 1304 5 19 16 0 8 31296 0
VMSPACE 584 34 15 817 0 16 28616 0
malloc-32 32 315 567 542 0 254 28224 0
16 Bucket 144 52 144 250 0 62 28224 0
4 Bucket 48 6 582 8 0 254 28224 0
AIO 208 0 133 2 0 62 27664 0
TURNSTILE 136 145 44 145 0 62 25704 0
cpuset 200 8 120 8 0 62 25600 0
ertt_txseginfo 40 5 601 668 0 254 24240 0
PWD 40 18 588 111 0 254 24240 0
rtentry 168 26 118 34 0 62 24192 0
Files 80 173 127 6931 0 126 24000 0
8 Bucket 80 55 245 300 0 126 24000 0
malloc-384 384 18 42 48 0 30 23040 0
malloc-384 384 42 18 374 0 30 23040 0
ripcb 376 4 56 10 0 30 22560 0
Mountpoints 2816 2 6 2 0 4 22528 0
SLEEPQUEUE 88 145 111 145 0 126 22528 0
ertt 72 5 275 16 0 126 20160 0
malloc-32 32 50 580 95 0 254 20160 0
malloc-32 32 213 417 704 0 254 20160 0
malloc-32 32 134 496 953 0 254 20160 0
malloc-32 32 31 599 3693 0 254 20160 0
2 Bucket 32 56 574 339 0 254 20160 0
KNOTE 160 0 125 11 0 62 20000 0
ktls_session 256 0 75 1 0 62 19200 0
L VFS Cache 320 1 59 3 0 30 19200 0
vmem 1856 2 7 2 0 8 16704 0
epoch_record pcpu 256 4 60 4 0 62 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-8192 8192 2 0 2 0 1 16384 0
malloc-4096 4096 1 3 7 0 2 16384 0
malloc-4096 4096 1 3 185 0 2 16384 0
malloc-1024 1024 8 8 8 0 16 16384 0
malloc-1024 1024 1 15 1 0 16 16384 0
malloc-512 512 2 30 50 0 30 16384 0
malloc-512 512 2 30 8 0 30 16384 0
malloc-512 512 1 31 1 0 30 16384 0
SMR CPU 32 8 503 8 0 254 16352 0
sctp_laddr 48 0 336 18 0 254 16128 0
rl_entry 48 1 335 1 0 254 16128 0
kenv 258 17 43 1066 0 30 15480 0
mqnode 416 3 33 3 0 30 14976 0
udplite_inpcb 408 1 35 4 0 30 14688 0
SMR SHARED 24 8 503 8 0 254 12264 0
malloc-32 32 9 369 48 0 254 12096 0
malloc-32 32 10 368 38 0 254 12096 0
malloc-16 16 19 731 68 0 254 12000 0
malloc-16 16 34 716 174 0 254 12000 0
malloc-16 16 28 722 37 0 254 12000 0
malloc-16 16 221 529 3181 0 254 12000 0
malloc-16 16 4 746 5 0 254 12000 0
malloc-16 16 296 454 1637 0 254 12000 0
malloc-16 16 23 727 24807 0 254 12000 0
AIOCB 552 0 21 2 0 16 11592 0
malloc-384 384 1 29 1 0 30 11520 0
malloc-384 384 1 29 1 0 30 11520 0
malloc-8192 8192 1 0 1 0 1 8192 0
pcpu-16 16 8 504 8 0 254 8192 0
vtnet_tx_hdr 24 0 167 1173 0 254 4008 0
UMA Slabs 1 176 9 13 9 0 62 3872 0
KMAP ENTRY 96 12 27 14 0 0 3744 0
FFS1 dinode 128 0 0 0 0 126 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 152 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 256 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 254 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf UDP mappings 104 0 0 0 0 126 0 0
pf source nodes 152 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 384 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 184 0 0 0 0 62 0 0
tcp_bbr_pcb 896 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
tcp_rack_pcb 1088 0 0 0 0 8 0 0
tcp_rack_map 128 0 0 0 0 126 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
tcp_log_id_node 120 0 0 0 0 126 0 0
tcp_log_id_bucket 176 0 0 0 0 62 0 0
tcpreass 48 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 240 0 0 0 0 62 0 0
NCLNODE 608 0 0 0 0 16 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 32 0 0 0 0 254 0 0
linux_dma_pctrie 152 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 112 0 0 0 0 126 0 0
skbuff 1808 0 0 0 0 8 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 16 0 0
nfspbuf 2624 0 0 0 0 4 0 0
swwbuf 2624 0 0 0 0 2 0 0
swrbuf 2624 0 0 0 0 4 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 152 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-16384 16384 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-384 384 0 0 0 0 30 0 0
malloc-64 64 0 0 0 0 254 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
db> show all tcpcbs/l
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2025/05/30 19:12 | freebsd-src | 955ab1a8f21e | 3d2f584d | console log | report | ci-freebsd-main | Fatal trap NUM: page fault in mld_change_state | |||||
| 2025/03/24 14:23 | freebsd-src | 67c1c4dfd1cc | 875573af | console log | report | ci-freebsd-main | Fatal trap NUM: page fault in mld_change_state | |||||
| 2025/04/15 15:25 | freebsd-src | 168d873ae41f | 85125322 | console log | report | ci-freebsd-i386 | Fatal trap NUM: page fault in mld_change_state | |||||
| 2025/03/07 02:03 | freebsd-src | ecb3a7d43dd6 | 831e3629 | console log | report | ci-freebsd-i386 | Fatal trap NUM: page fault in mld_change_state | |||||
| 2025/03/01 23:45 | freebsd-src | 7ee310c80ea7 | c3901742 | console log | report | ci-freebsd-i386 | Fatal trap NUM: page fault in mld_change_state |