| Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported |
|---|---|---|---|---|---|---|
| panic: Memory modified after free ADDR(4096) val=ADDR @ ADDR | C | 1 | 1067d | 1067d |
syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [53] 🐞 Fixed [314] 🐞 Invalid [325] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
panic: Memory modified after free 0xfffff80024b71600(256) val=214e7e44 @ 0xfffff80024b71600
cpuid = 0
time = 1621301200
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe008878a420
vpanic() at vpanic+0x1c7/frame 0xfffffe008878a480
panic() at panic+0x43/frame 0xfffffe008878a4e0
trash_ctor() at trash_ctor+0xa8/frame 0xfffffe008878a520
item_ctor() at item_ctor+0x1c8/frame 0xfffffe008878a580
tcp_output() at tcp_output+0x22ab/frame 0xfffffe008878a760
tcp_usr_send() at tcp_usr_send+0x762/frame 0xfffffe008878a840
sosend_generic() at sosend_generic+0x99d/frame 0xfffffe008878a930
sosend() at sosend+0xc6/frame 0xfffffe008878a9a0
soo_write() at soo_write+0x62/frame 0xfffffe008878a9e0
dofilewrite() at dofilewrite+0xb0/frame 0xfffffe008878aa30
sys_write() at sys_write+0x10c/frame 0xfffffe008878aab0
amd64_syscall() at amd64_syscall+0x247/frame 0xfffffe008878abf0
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe008878abf0
--- syscall (4, FreeBSD ELF64, sys_write), rip = 0x80090d1ea, rsp = 0x7fffffffa4b8, rbp = 0x7fffffffa4f0 ---
KDB: enter: panic
[ thread pid 781 tid 100117 ]
Stopped at kdb_enter+0x67: movq $0,0x163930e(%rip)
db>
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs 0x20
ds 0x3b
es 0x3b
fs 0x13
gs 0x1b
ss 0x28
rax 0x12
rcx 0x80
rdx 0xffffffff819c26b1
rbx 0
rsp 0xfffffe008878a400
rbp 0xfffffe008878a420
rsi 0x1
rdi 0
r8 0
r9 0x8080808080808080
r10 0xfffffe008878a2f0
r11 0x1ff77fff59c
r12 0xffffffff82267b80 ddb_dbbe
r13 0
r14 0xffffffff81a73b35
r15 0xffffffff81a73b35
rip 0xffffffff8112faf7 kdb_enter+0x67
rflags 0x86
kdb_enter+0x67: movq $0,0x163930e(%rip)
db> show proc
Process 781 (sshd) at 0xfffff800268b2a70:
state: NORMAL
uid: 0 gids: 0
parent: pid 694 at 0xfffff800262d7000
ABI: FreeBSD ELF64
flag: 0x10004100 flag2: 0
arguments: sshd: root@notty
reaper: 0xfffff80004bc7538 reapsubtree: 1
sigparent: 20
vmspace: 0xfffffe00042273e0
(map 0xfffffe00042273e0)
(map.pmap 0xfffffe00042274a0)
(pmap 0xfffffe0004227500)
threads: 1
100117 Run CPU 0 sshd
db> ps
pid ppid pgrp uid state wmesg wchan cmd
842 785 783 0 R CPU 1 syz-executor8578089
785 783 783 0 S nanslp 0xffffffff8273c560 syz-executor8578089
783 781 783 0 Ss pause 0xfffff800268b25e8 csh
781 694 781 0 Rs CPU 0 sshd
760 1 760 0 Ss+ ttyin 0xfffff80015465cb0 getty
759 1 759 0 Ss+ ttyin 0xfffff80015afe4b0 getty
758 1 758 0 Ss+ ttyin 0xfffff80015afecb0 getty
757 1 757 0 Ss+ ttyin 0xfffff80015a864b0 getty
756 1 756 0 Ss+ ttyin 0xfffff80015a86cb0 getty
755 1 755 0 Ss+ ttyin 0xfffff80015a8a4b0 getty
754 1 754 0 Ss+ ttyin 0xfffff80015a8acb0 getty
753 1 753 0 Ss+ ttyin 0xfffff80015a8d4b0 getty
752 1 752 0 Ss+ ttyin 0xfffff80015a8dcb0 getty
750 1 24 0 S+ piperd 0xfffff800264515d0 logger
749 748 24 0 S+ nanslp 0xffffffff8273c561 sleep
748 1 24 0 S+ wait 0xfffff80015ca3000 sh
698 1 698 0 Ss nanslp 0xffffffff8273c561 cron
694 1 694 0 Ss select 0xfffff80015ec5140 sshd
507 1 507 0 Ss select 0xfffff8002635ebc0 syslogd
436 1 436 0 Ss select 0xfffff80015eada40 devd
435 1 435 65 Ss select 0xfffff80015eadec0 dhclient
350 1 350 0 Ss select 0xfffff80015db7740 dhclient
347 1 347 0 Ss select 0xfffff80015ec52c0 dhclient
23 0 0 0 DL vlruwt 0xfffff80015ca3538 [vnlru]
22 0 0 0 DL syncer 0xffffffff8282b9d0 [syncer]
21 0 0 0 DL (threaded) [bufdaemon]
100081 D qsleep 0xffffffff8282aa80 [bufdaemon]
100086 D - 0xffffffff8220ae80 [bufspacedaemon-0]
100098 D sdflush 0xfffff80004dfc4e8 [/ worker]
20 0 0 0 DL psleep 0xffffffff828528c8 [vmdaemon]
19 0 0 0 DL (threaded) [pagedaemon]
100079 D psleep 0xffffffff82846d38 [dom0]
100087 D launds 0xffffffff82846d44 [laundry: dom0]
100088 D umarcl 0xffffffff815cb470 [uma]
18 0 0 0 DL - 0xffffffff82570908 [rand_harvestq]
17 0 0 0 DL waiting 0xffffffff8302c828 [sctp_iterator]
16 0 0 0 DL pftm 0xffffffff82d783c0 [pf purge]
15 0 0 0 DL - 0xffffffff828280dc [soaiod4]
9 0 0 0 DL - 0xffffffff828280dc [soaiod3]
8 0 0 0 DL - 0xffffffff828280dc [soaiod2]
7 0 0 0 DL - 0xffffffff828280dc [soaiod1]
6 0 0 0 DL (threaded) [cam]
100044 D - 0xffffffff82447dc0 [doneq0]
100045 D - 0xffffffff82447d40 [async]
100078 D - 0xffffffff82447c10 [scanner]
14 0 0 0 DL seqstat 0xfffff80004dcbc88 [sequencer 00]
5 0 0 0 DL crypto_ 0xfffff80004d99d80 [crypto returns 1]
4 0 0 0 DL crypto_ 0xfffff80004d99d30 [crypto returns 0]
3 0 0 0 DL crypto_ 0xffffffff82844220 [crypto]
13 0 0 0 DL (threaded) [geom]
100035 D - 0xffffffff8271bda0 [g_event]
100036 D - 0xffffffff8271bda8 [g_up]
100037 D - 0xffffffff8271bdb0 [g_down]
2 0 0 0 DL (threaded) [KTLS]
100028 D - 0xfffff80004c39d00 [thr_0]
100029 D - 0xfffff80004c39d80 [thr_1]
12 0 0 0 WL (threaded) [intr]
100012 I [swi5: fast taskq]
100015 I [swi6: task queue]
100017 I [swi6: Giant taskq]
100030 I [swi4: clock (0)]
100031 I [swi4: clock (1)]
100032 I [swi1: netisr 0]
100033 I [swi3: vm]
100046 I [irq24: virtio_pci0]
100047 I [irq25: virtio_pci0]
100048 I [irq26: virtio_pci0]
100049 I [irq27: virtio_pci0]
100050 I [irq28: virtio_pci1]
100051 I [irq29: virtio_pci1]
100052 I [irq30: virtio_pci1]
100053 I [irq31: virtio_pci1]
100054 I [irq32: virtio_pci1]
100059 I [irq10: virtio_pci2]
100061 I [irq1: atkbd0]
100062 I [irq12: psm0]
100063 I [swi0: uart uart++]
100071 I [swi1: pf send]
100084 I [swi1: hpts]
100085 I [swi1: hpts]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
1 0 1 0 SLs wait 0xfffff80004bc7538 [init]
10 0 0 0 DL audit_w 0xffffffff82844730 [audit]
0 0 0 0 DLs (threaded) [kernel]
100000 D swapin 0xffffffff8271c330 [swapper]
100005 D - 0xfffff80004c63d00 [if_config_tqg_0]
100006 D - 0xfffff80004c63900 [softirq_0]
100007 D - 0xfffff80004c63500 [softirq_1]
100008 D - 0xfffff80004c63100 [if_io_tqg_0]
100009 D - 0xfffff80004c61d00 [if_io_tqg_1]
100010 D - 0xfffff80004c5fd00 [in6m_free taskq]
100011 D - 0xfffff80004c5f900 [aiod_kick taskq]
100013 D - 0xfffff80004c5f100 [kqueue_ctx taskq]
100014 D - 0xfffff80004c58d00 [pci_hp taskq]
100016 D - 0xfffff80004c58500 [inm_free taskq]
100018 D - 0xfffff80004c53d00 [linuxkpi_irq_wq]
100019 D - 0xfffff80004c53900 [thread taskq]
100020 D - 0xfffff80004c53500 [linuxkpi_short_wq_0]
100021 D - 0xfffff80004c53500 [linuxkpi_short_wq_1]
100022 D - 0xfffff80004c53500 [linuxkpi_short_wq_2]
100023 D - 0xfffff80004c53500 [linuxkpi_short_wq_3]
100024 D - 0xfffff80004c53100 [linuxkpi_long_wq_0]
100025 D - 0xfffff80004c53100 [linuxkpi_long_wq_1]
100026 D - 0xfffff80004c53100 [linuxkpi_long_wq_2]
100027 D - 0xfffff80004c53100 [linuxkpi_long_wq_3]
100034 D - 0xfffff80004c39900 [firmware taskq]
100038 D - 0xfffff80004c39500 [crypto_0]
100039 D - 0xfffff80004c39500 [crypto_1]
100055 D - 0xfffff800153dc900 [vtnet0 rxq 0]
100056 D - 0xfffff800153dc500 [vtnet0 txq 0]
100057 D - 0xfffff800153dc100 [vtnet0 rxq 1]
100058 D - 0xfffff800153c6d00 [vtnet0 txq 1]
100060 D vtbslp 0xfffff80015429500 [virtio_balloon]
100064 D - 0xfffff800153c6900 [mca taskq]
100066 D - 0xffffffff81e20400 [deadlkres]
100074 D - 0xfffff80015a19900 [acpi_task_0]
100075 D - 0xfffff80015a19900 [acpi_task_1]
100076 D - 0xfffff80015a19900 [acpi_task_2]
100077 D - 0xfffff80004c39100 [CAM taskq]
db> show all locks
Process 781 (sshd) thread 0xfffffe0094f8cc80 (100117)
exclusive sleep mutex so_snd (so_snd) r = 0 (0xfffff8002624c260) locked @ /syzkaller/managers/main/kernel/sys/netinet/tcp_output.c:355
exclusive rw tcpinp (tcpinp) r = 0 (0xfffff80026217d78) locked @ /syzkaller/managers/main/kernel/sys/netinet/tcp_usrreq.c:989
exclusive sx so_snd_sx (so_snd_sx) r = 0 (0xfffff8002624c280) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_sockbuf.c:467
db> show malloc
Type InUse MemUse Requests
sysctloid 34288 12858K 34355
pf_hash 5 11560K 5
devbuf 4216 6982K 4241
tcp_hpts 5 3219K 5
kobj 328 2624K 488
vtbuf 24 2064K 46
newblk 545 1304K 602
vfscache 3 1035K 3
acpica 1674 649K 55230
pcb 26 613K 134
inodedep 44 563K 71
callout 2 528K 2
ufs_quota 1 520K 1
vfs_hash 1 520K 1
intr 4 480K 4
subproc 102 431K 898
bus 990 378K 3499
linker 348 270K 397
DEVFS1 103 206K 112
module 512 192K 512
vnet_data 1 176K 1
tidhash 3 164K 3
pagedep 14 143K 18
kdtrace 167 138K 963
tfo_ccache 1 136K 1
sem 4 120K 4
umtx 242 106K 242
UMA 270 102K 270
audit_evclass 236 89K 294
mtx_pool 2 80K 2
syncache 1 76K 1
temp 18 71K 1613
msg 4 68K 4
BPF 10 68K 10
acpitask 1 64K 1
ddb_capture 1 64K 1
DEVFS3 122 61K 132
gtaskqueue 18 57K 18
vmem 3 56K 4
DEVFS_RULE 56 54K 56
kenv 95 52K 95
eventhandler 133 50K 133
ithread 99 43K 99
rman 84 42K 425
ifaddr 30 40K 32
KTRACE 100 38K 100
taskqueue 60 36K 60
proc 3 34K 3
ufs_mount 5 34K 6
bus-sc 33 34K 1710
routetbl 50 34K 176
devstat 4 33K 4
hostcache 1 32K 1
tty 16 32K 16
shm 1 32K 1
GEOM 60 29K 489
kbdmux 6 28K 6
cred 23 23K 234
CAM queue 5 21K 1528
pfs_nodes 20 20K 20
kqueue 47 18K 845
pwddesc 47 18K 843
UART 12 18K 12
plimit 17 17K 322
ksem 1 16K 1
rpc 2 16K 2
bmsafemap 1 16K 41
shmfd 1 16K 1
pfs_vncache 1 16K 1
ether_multi 40 15K 50
proc-args 39 15K 488
ufs_dirhash 24 14K 24
sglist 5 13K 5
MCA 32 12K 32
CAM DEV 3 12K 510
vt 11 11K 11
in6_multi 25 11K 25
acpisem 28 11K 28
CAM XPT 22 11K 543
Unitno 27 11K 39
session 20 10K 31
diradd 25 10K 36
lltable 11 9K 11
uidinfo 3 9K 8
dirrem 17 9K 28
ifnet 3 9K 3
memdesc 1 8K 1
ipsec-saq 2 8K 2
evdev 4 8K 4
filedesc 1 8K 1
acpidev 20 8K 20
selfd 20 8K 12720
hhook 15 8K 17
mount 16 7K 90
pf_ifnet 5 6K 6
fpukern_ctx 3 6K 3
lockf 15 6K 22
terminal 11 6K 11
inpcbpolicy 13 5K 194
ipsecpolicy 2 5K 2
encap_export_host 12 5K 12
clone 9 5K 9
local_apic 1 4K 1
io_apic 1 4K 1
sahead 1 4K 1
secasvar 1 4K 1
pci_link 10 4K 10
msi 9 4K 9
DEVFS 9 4K 10
osd 8 4K 76
ipsec 3 3K 3
nhops 6 3K 6
nexusdev 7 3K 7
ip6opt 6 3K 117
feeder 7 3K 7
select 7 3K 29
toponodes 6 3K 6
prison 6 3K 6
isadev 6 3K 6
softdep 1 2K 1
vnodemarker 2 2K 10
NFSD session 1 2K 1
sctp_ifa 5 2K 6
linux 5 2K 6
CAM periph 4 2K 271
soname 5 2K 3288
crypto 4 2K 4
ip6ndp 4 2K 5
DEVFSP 4 2K 9
newdirblk 4 2K 8
mkdir 4 2K 16
indirdep 3 2K 3
pfil 4 2K 4
CAM path 4 2K 1034
filecaps 4 2K 66
tcpfunc 3 2K 3
tun 3 2K 3
loginclass 3 2K 7
in_multi 2 1K 4
chacha20random 1 1K 1
vnodes 1 1K 1
CAM SIM 2 1K 2
ktls 1 1K 1
cdev 2 1K 2
aesni_data 2 1K 2
sctp_ifn 2 1K 6
cpus 2 1K 2
atkbddev 2 1K 2
CAM dev queue 2 1K 2
xform 2 1K 49
mld 2 1K 2
igmp 2 1K 2
entropy 2 1K 35
NFSD lckfile 1 1K 1
NFSD V4client 1 1K 1
procdesc 1 1K 6
pmchooks 1 1K 1
sctp_vrf 1 1K 1
apmdev 1 1K 1
CAM I/O Scheduler 1 1K 1
freework 1 1K 26
vnet_data_free 1 1K 1
vnet 1 1K 1
Per-cpu 1 1K 1
p1003.1b 1 1K 1
acpiintr 1 1K 1
pmc 1 1K 1
chd data 0 0K 0
vegas data 0 0K 0
mqdata 0 0K 0
sctp_mcore 0 0K 0
sctp_socko 0 0K 0
sctp_iter 0 0K 3
sctp_mvrf 0 0K 0
sctp_timw 0 0K 0
sctp_cpal 0 0K 0
sctp_cmsg 0 0K 0
sctp_stre 0 0K 0
sctp_athi 0 0K 0
sctp_athm 0 0K 0
sctp_atky 0 0K 0
sctp_atcl 0 0K 0
sctp_a_it 0 0K 3
sctp_aadr 0 0K 0
sctp_stro 0 0K 0
sctp_stri 0 0K 0
sctp_map 0 0K 0
cubic data 0 0K 0
htcp data 0 0K 0
dctcp data 0 0K 0
cdg data 0 0K 0
tcp_do 0 0K 0
tcp_fsb 0 0K 0
pf_table 0 0K 0
pf_rule 0 0K 0
pf_altq 0 0K 0
pf_osfp 0 0K 0
pf_temp 0 0K 0
NFSD V4lock 0 0K 0
madt_table 0 0K 2
smartpqi 0 0K 0
NFSD V4state 0 0K 0
NFSD srvcache 0 0K 0
msdosfs_fat 0 0K 0
msdosfs_mount 0 0K 0
msdosfs_node 0 0K 0
iavf 0 0K 0
ixl 0 0K 0
DEVFS4 0 0K 0
DEVFS2 0 0K 0
gntdev 0 0K 0
privcmd_dev 0 0K 0
ice-resmgr 0 0K 0
ice-osdep 0 0K 0
ice 0 0K 0
axgbe 0 0K 0
evtchn_dev 0 0K 0
xenstore 0 0K 0
ciss_data 0 0K 0
BACKLIGHT 0 0K 0
xnb 0 0K 0
xbbd 0 0K 0
xbd 0 0K 0
Balloon 0 0K 0
sysmouse 0 0K 0
vtfont 0 0K 0
xen_intr 0 0K 0
xen_hvm 0 0K 0
legacydrv 0 0K 0
qpidrv 0 0K 0
ath_hal 0 0K 0
athdev 0 0K 0
dmar_idpgtbl 0 0K 0
dmar_dom 0 0K 0
dmar_ctx 0 0K 0
ata_pci 0 0K 0
ata_dma 0 0K 0
ata_generic 0 0K 0
isci 0 0K 0
iommu_dmamap 0 0K 0
amr 0 0K 0
hyperv_socket 0 0K 0
bxe_ilt 0 0K 0
xenbus 0 0K 0
pvscsi 0 0K 0
scsi_da 0 0K 69
vm_fictitious 0 0K 0
ata_da 0 0K 0
scsi_ch 0 0K 0
scsi_cd 0 0K 0
AHCI driver 0 0K 0
USBdev 0 0K 0
USB 0 0K 0
agp 0 0K 0
nvme_da 0 0K 0
UMAHash 0 0K 0
acpipwr 0 0K 0
acpi_perf 0 0K 0
vm_pgdata 0 0K 0
jblocks 0 0K 0
savedino 0 0K 16
sentinel 0 0K 0
jfsync 0 0K 0
jtrunc 0 0K 0
sbdep 0 0K 3
jsegdep 0 0K 0
jseg 0 0K 0
jfreefrag 0 0K 0
jfreeblk 0 0K 0
jnewblk 0 0K 0
jmvref 0 0K 0
jremref 0 0K 0
jaddref 0 0K 0
freedep 0 0K 0
freefile 0 0K 9
freeblks 0 0K 25
freefrag 0 0K 7
allocindir 0 0K 0
allocdirect 0 0K 0
ufs_trim 0 0K 0
mactemp 0 0K 0
audit_trigger 0 0K 0
audit_pipe_presel 0 0K 0
audit_pipeent 0 0K 0
audit_pipe 0 0K 0
audit_evname 0 0K 0
audit_bsm 0 0K 0
audit_gidset 0 0K 0
audit_text 0 0K 0
audit_path 0 0K 0
audit_data 0 0K 0
audit_cred 0 0K 0
twsbuf 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5E_TLS 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EN 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
MLX5DUMP 0 0K 0
MLX5EEPROM 0 0K 0
MLX5EEPROM 0 0K 0
seq_file 0 0K 0
radix 0 0K 0
idr 0 0K 0
lkpifw 0 0K 0
NLM 0 0K 0
ipsec-spdcache 0 0K 0
ipsec-reg 0 0K 0
ipsec-misc 0 0K 0
ipsecrequest 0 0K 0
ip6_msource 0 0K 0
ip6_moptions 0 0K 0
in6_mfilter 0 0K 0
frag6 0 0K 0
tcplog 0 0K 0
tcp_hwpace 0 0K 0
twe_commands 0 0K 0
LRO 0 0K 0
newreno data 0 0K 0
ip_msource 0 0K 0
ip_moptions 0 0K 0
in_mfilter 0 0K 0
ipid 0 0K 0
80211scan 0 0K 0
80211ratectl 0 0K 0
80211power 0 0K 0
80211nodeie 0 0K 0
80211node 0 0K 0
80211mesh_gt 0 0K 0
80211mesh_rt 0 0K 0
80211perr 0 0K 0
80211prep 0 0K 0
80211preq 0 0K 0
80211dfs 0 0K 0
80211crypto 0 0K 0
80211vap 0 0K 0
iflib 0 0K 0
vlan 0 0K 0
gif 0 0K 0
ifdescr 0 0K 0
zlib 0 0K 0
fadvise 0 0K 0
VN POLL 0 0K 0
twa_commands 0 0K 0
statfs 0 0K 195
namei_tracker 0 0K 0
export_host 0 0K 0
cl_savebuf 0 0K 6
tcp_log_dev 0 0K 0
midi buffers 0 0K 0
mixer 0 0K 0
ac97 0 0K 0
hdacc 0 0K 0
hdac 0 0K 0
hdaa 0 0K 0
acpicmbat 0 0K 0
SIIS driver 0 0K 0
CAM CCB 0 0K 1786
PUC 0 0K 0
ppbusdev 0 0K 0
agtiapi_MemAlloc malloc 0 0K 0
osti_cacheable 0 0K 0
tempbuff 0 0K 0
biobuf 0 0K 0
aios 0 0K 0
lio 0 0K 0
acl 0 0K 0
tempbuff 0 0K 0
mbuf_tag 0 0K 27
ag_tgt_map_t malloc 0 0K 0
ag_slr_map_t malloc 0 0K 0
lDevFlags * malloc 0 0K 0
tiDeviceHandle_t * malloc 0 0K 0
ag_portal_data_t malloc 0 0K 0
ag_device_t malloc 0 0K 0
STLock malloc 0 0K 0
CCB List 0 0K 0
sr_iov 0 0K 0
OCS 0 0K 0
OCS 0 0K 0
nvme 0 0K 0
nvd 0 0K 0
netmap 0 0K 0
mwldev 0 0K 0
MVS driver 0 0K 0
CAM ccb queue 0 0K 0
mrsasbuf 0 0K 0
mpt_user 0 0K 0
mps_user 0 0K 0
accf 0 0K 0
pts 0 0K 0
iov 0 0K 13508
ioctlops 0 0K 86
eventfd 0 0K 0
Witness 0 0K 0
stack 0 0K 0
MPSSAS 0 0K 0
mps 0 0K 0
mpr_user 0 0K 0
MPRSAS 0 0K 0
mpr 0 0K 0
mfibuf 0 0K 0
sbuf 0 0K 288
md_sectors 0 0K 0
firmware 0 0K 0
compressor 0 0K 0
md_disk 0 0K 0
SWAP 0 0K 0
malodev 0 0K 0
LED 0 0K 0
sysctltmp 0 0K 618
sysctl 0 0K 3
ekcd 0 0K 0
dumper 0 0K 0
sendfile 0 0K 0
rctl 0 0K 0
ix_sriov 0 0K 0
aacraidcam 0 0K 0
aacraid_buf 0 0K 0
ix 0 0K 0
ipsbuf 0 0K 0
cache 0 0K 0
iirbuf 0 0K 0
kcovinfo 0 0K 0
prison_racct 0 0K 0
Fail Points 0 0K 0
sigio 0 0K 1
filedesc_to_leader 0 0K 0
pwd 0 0K 0
tty console 0 0K 0
aaccam 0 0K 0
aacbuf 0 0K 0
zstd 0 0K 0
XZ_DEC 0 0K 0
nvlist 0 0K 0
SCSI ENC 0 0K 0
SCSI sa 0 0K 0
scsi_pass 0 0K 0
isofs_node 0 0K 0
isofs_mount 0 0K 0
tr_raid5_data 0 0K 0
tr_raid1e_data 0 0K 0
tr_raid1_data 0 0K 0
tr_raid0_data 0 0K 0
tr_concat_data 0 0K 0
md_sii_data 0 0K 0
md_promise_data 0 0K 0
md_nvidia_data 0 0K 0
md_jmicron_data 0 0K 0
md_intel_data 0 0K 0
md_ddf_data 0 0K 0
raid_data 0 0K 72
geom_flashmap 0 0K 0
tmpfs dir 0 0K 0
tmpfs name 0 0K 0
tmpfs mount 0 0K 0
NFS FHA 0 0K 0
newnfsmnt 0 0K 0
newnfsclient_req 0 0K 0
NFSCL layrecall 0 0K 0
NFSCL session 0 0K 0
NFSCL sockreq 0 0K 0
NFSCL devinfo 0 0K 0
NFSCL flayout 0 0K 0
NFSCL layout 0 0K 0
NFSD rollback 0 0K 0
NFSCL diroff 0 0K 0
NEWdirectio 0 0K 0
NEWNFSnode 0 0K 0
NFSCL lck 0 0K 0
NFSCL lckown 0 0K 0
NFSCL client 0 0K 0
NFSCL deleg 0 0K 0
NFSCL open 0 0K 0
NFSCL owner 0 0K 0
NFS fh 0 0K 0
NFS req 0 0K 0
NFSD usrgroup 0 0K 0
NFSD string 0 0K 0
db> show uma
Zone Size Used Free Requests Sleeps Bucket Total Mem XFree
mbuf_jumbo_page 4096 8320 562 13285 0 254 36380672 0
malloc-384 384 34654 66 36608 0 30 13332480 0
malloc-1024 1024 4143 13 4362 0 16 4255744 0
malloc-8192 8192 329 2 489 0 1 2711552 0
pbuf 2624 0 989 0 0 2 2595136 0
mbuf 256 8579 571 15204 0 254 2342400 0
BUF TRIE 144 170 13298 447 0 62 1939392 0
UMA Slabs 0 112 11057 28 11057 0 126 1241520 0
malloc-384 384 1908 42 72277 0 30 748800 0
FFS inode 1160 499 19 509 0 8 600880 0
malloc-384 384 1254 26 3723 0 30 491520 0
malloc-8192 8192 56 3 852 0 1 483328 0
malloc-384 384 996 14 3334 0 30 387840 0
lkpimm 160 1 2324 1 0 62 372000 0
lkpicurr 160 2 2323 2 0 62 372000 0
malloc-512 512 618 46 801 0 30 339968 0
RADIX NODE 144 2132 189 21017 0 62 334224 0
malloc-65536 65536 4 0 4 0 1 262144 0
VM OBJECT 264 898 62 13165 0 30 253440 0
VNODE 448 529 20 541 0 30 245952 0
malloc-384 384 589 21 733 0 30 234240 0
malloc-16384 16384 11 3 273 0 1 229376 0
DEVCTL 1024 0 216 116 0 0 221184 0
malloc-2048 2048 103 5 112 0 8 221184 0
THREAD 1808 119 2 119 0 8 218768 0
malloc-65536 65536 1 2 178 0 1 196608 0
malloc-16384 16384 10 2 14 0 1 196608 0
UMA Zones 768 242 2 242 0 16 187392 0
malloc-32768 32768 3 2 148 0 1 163840 0
malloc-4096 4096 2 37 1789 0 2 159744 0
malloc-1024 1024 153 3 874 0 16 159744 0
256 Bucket 2048 56 16 9682 0 8 147456 0
vmem btag 56 2333 103 2333 0 254 136416 0
malloc-512 512 238 26 949 0 30 135168 0
malloc-65536 65536 2 0 2 0 1 131072 0
malloc-8192 8192 14 2 134 0 1 131072 0
FFS2 dinode 256 499 11 508 0 62 130560 0
ksiginfo 112 38 1006 54 0 126 116928 0
MAP ENTRY 96 847 371 38671 0 126 116928 0
malloc-1024 1024 90 18 149 0 16 110592 0
malloc-1024 1024 96 8 687 0 16 106496 0
S VFS Cache 104 966 48 1005 0 126 105456 0
malloc-16384 16384 6 0 6 0 1 98304 0
malloc-512 512 169 7 194 0 30 90112 0
UMA Kegs 384 227 6 227 0 30 89472 0
VMSPACE 2544 24 9 821 0 4 83952 0
g_bio 408 0 180 4600 0 30 73440 0
PROC 1336 46 8 842 0 8 72144 0
filedesc0 1072 47 16 843 0 8 67536 0
mbuf_cluster 2048 30 2 30 0 254 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-65536 65536 1 0 1 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-32768 32768 2 0 2 0 1 65536 0
malloc-512 512 72 56 392 0 30 65536 0
malloc-384 384 87 73 12862 0 30 61440 0
malloc-1024 1024 53 3 57 0 16 57344 0
malloc-4096 4096 5 8 515 0 2 53248 0
32 Bucket 256 66 129 10064 0 62 49920 0
malloc-16384 16384 3 0 3 0 1 49152 0
malloc-16384 16384 1 2 4 0 1 49152 0
malloc-8192 8192 4 2 534 0 1 49152 0
malloc-2048 2048 18 6 22 0 8 49152 0
malloc-2048 2048 8 16 516 0 8 49152 0
malloc-384 384 74 46 626 0 30 46080 0
malloc-4096 4096 6 5 74 0 2 45056 0
malloc-2048 2048 9 13 1185 0 8 45056 0
clpbuf 2624 0 16 20 0 16 41984 0
DIRHASH 1024 34 2 34 0 16 36864 0
NAMEI 1024 0 36 11991 0 16 36864 0
pcpu-8 8 4210 398 4238 0 254 36864 0
128 Bucket 1024 22 13 145 0 16 35840 0
malloc-16384 16384 2 0 2 0 1 32768 0
malloc-4096 4096 6 2 22 0 2 32768 0
malloc-4096 4096 8 0 199 0 2 32768 0
malloc-1024 1024 30 2 31 0 16 32768 0
pcpu-64 64 486 26 486 0 254 32768 0
malloc-4096 4096 7 0 7 0 2 28672 0
64 Bucket 512 41 15 1358 0 30 28672 0
socket 944 19 9 1310 0 254 26432 0
pipe 744 7 28 284 0 16 26040 0
malloc-8192 8192 1 2 197 0 1 24576 0
malloc-8192 8192 3 0 3 0 1 24576 0
malloc-4096 4096 2 4 268 0 2 24576 0
malloc-512 512 18 30 161 0 30 24576 0
ttyinq 160 135 15 300 0 62 24000 0
ttyoutq 256 72 18 160 0 62 23040 0
malloc-2048 2048 9 1 9 0 8 20480 0
malloc-2048 2048 9 1 9 0 8 20480 0
malloc-1024 1024 2 18 21 0 16 20480 0
malloc-512 512 12 28 1220 0 30 20480 0
malloc-512 512 26 14 301 0 30 20480 0
2 Bucket 32 79 551 1262 0 254 20160 0
TURNSTILE 136 122 25 122 0 62 19992 0
Mountpoints 2752 2 5 2 0 4 19264 0
malloc-384 384 29 21 160 0 30 19200 0
malloc-16384 16384 1 0 1 0 1 16384 0
malloc-16384 16384 1 0 1 0 1 16384 0
tcpcb 1064 4 10 64 0 254 14896 0
SLEEPQUEUE 88 122 38 122 0 126 14080 0
malloc-512 512 13 11 19 0 30 12288 0
ertt_txseginfo 40 0 303 260 0 254 12120 0
Files 80 72 78 6557 0 126 12000 0
8 Bucket 80 35 115 379 0 126 12000 0
tcp_inpcb 488 6 18 64 0 254 11712 0
udp_inpcb 488 6 18 126 0 254 11712 0
kenv 258 15 30 1044 0 30 11610 0
malloc-2048 2048 0 4 4 0 8 8192 0
malloc-2048 2048 4 0 4 0 8 8192 0
malloc-1024 1024 0 8 19 0 16 8192 0
rtentry 176 13 33 17 0 62 8096 0
PGRP 88 20 72 31 0 126 8096 0
rl_entry 40 31 171 31 0 254 8080 0
udpcb 32 6 246 126 0 254 8064 0
ertt 72 4 108 64 0 126 8064 0
PWD 32 10 242 100 0 254 8064 0
16 Bucket 144 34 22 1303 0 62 8064 0
4 Bucket 48 5 163 64 0 254 8064 0
vtnet_tx_hdr 24 0 334 977 0 254 8016 0
ripcb 488 1 15 4 0 254 7808 0
routing nhops 256 10 20 17 0 62 7680 0
unpcb 256 7 23 1099 0 254 7680 0
mbuf_packet 256 0 30 93 0 254 7680 0
FPU_save_area 832 1 8 1 0 16 7488 0
cpuset 104 7 55 7 0 126 6448 0
epoch_record pcpu 256 4 12 4 0 62 4096 0
pcpu-16 16 7 249 7 0 254 4096 0
sctp_laddr 48 0 84 4 0 254 4032 0
hostcache 64 1 62 1 0 254 4032 0
syncache 168 0 24 5 0 254 4032 0
KNOTE 160 0 25 8 0 62 4000 0
UMA Slabs 1 176 8 14 8 0 62 3872 0
mqnode 416 3 6 3 0 30 3744 0
KMAP ENTRY 96 12 27 12 0 0 3744 0
vmem 1856 1 1 1 0 8 3712 0
SMR CPU 32 3 60 3 0 254 2016 0
SMR SHARED 24 3 60 3 0 254 1512 0
FFS1 dinode 128 0 0 0 0 126 0 0
da_ccb 544 0 0 0 0 16 0 0
ada_ccb 272 0 0 0 0 30 0 0
swblk 136 0 0 0 0 62 0 0
swpctrie 144 0 0 0 0 62 0 0
cdg_qdiffsample 16 0 0 0 0 254 0 0
sctp_asconf_ack 48 0 0 0 0 254 0 0
sctp_asconf 40 0 0 0 0 254 0 0
sctp_stream_msg_out 112 0 0 0 0 254 0 0
sctp_readq 152 0 0 0 0 254 0 0
sctp_chunk 152 0 0 0 0 254 0 0
sctp_raddr 736 0 0 0 0 254 0 0
sctp_asoc 2288 0 0 0 0 254 0 0
sctp_ep 1280 0 0 0 0 254 0 0
pf state scrubs 40 0 0 0 0 254 0 0
pf frag entries 40 0 0 0 0 254 0 0
pf frags 248 0 0 0 0 62 0 0
pf table entries 160 0 0 0 0 62 0 0
pf table entry counters 64 0 0 0 0 254 0 0
pf source nodes 136 0 0 0 0 254 0 0
pf state keys 88 0 0 0 0 126 0 0
pf states 296 0 0 0 0 254 0 0
pf tags 104 0 0 0 0 126 0 0
pf mtags 48 0 0 0 0 254 0 0
tcp_rack_pcb 832 0 0 0 0 16 0 0
tcp_rack_map 112 0 0 0 0 126 0 0
tcp_bbr_pcb 832 0 0 0 0 16 0 0
tcp_bbr_map 128 0 0 0 0 126 0 0
udplite_inpcb 488 0 0 0 0 254 0 0
tcp_log_node 120 0 0 0 0 126 0 0
tcp_log_bucket 176 0 0 0 0 62 0 0
tcp_log 416 0 0 0 0 254 0 0
tcpreass 48 0 0 0 0 254 0 0
tfo_ccache_entries 80 0 0 0 0 126 0 0
tfo 4 0 0 0 0 254 0 0
sackhole 32 0 0 0 0 254 0 0
tcptw 88 0 0 0 0 254 0 0
ipq 56 0 0 0 0 254 0 0
IPsec SA lft_c 16 0 0 0 0 254 0 0
itimer 352 0 0 0 0 30 0 0
AIOLIO 272 0 0 0 0 30 0 0
AIOCB 552 0 0 0 0 16 0 0
AIOP 32 0 0 0 0 254 0 0
AIO 208 0 0 0 0 62 0 0
NCLNODE 584 0 0 0 0 16 0 0
mqnotifier 216 0 0 0 0 62 0 0
mvdata 64 0 0 0 0 254 0 0
mqueue 248 0 0 0 0 62 0 0
TMPFS node 224 0 0 0 0 62 0 0
LTS VFS Cache 360 0 0 0 0 30 0 0
L VFS Cache 320 0 0 0 0 30 0 0
STS VFS Cache 144 0 0 0 0 62 0 0
cryptop 280 0 0 0 0 30 0 0
linux_dma_object 24 0 0 0 0 254 0 0
linux_dma_pctrie 144 0 0 0 0 62 0 0
IOMMU_MAP_ENTRY 120 0 0 0 0 126 0 0
ktls_session 192 0 0 0 0 62 0 0
mbuf_jumbo_16k 16384 0 0 0 0 254 0 0
mbuf_jumbo_9k 9216 0 0 0 0 254 0 0
audit_record 1280 0 0 0 0 8 0 0
domainset 40 0 0 0 0 254 0 0
MAC labels 40 0 0 0 0 254 0 0
vnpbuf 2624 0 0 0 0 64 0 0
mdpbuf 2624 0 0 0 0 3 0 0
nfspbuf 2624 0 0 0 0 16 0 0
swwbuf 2624 0 0 0 0 8 0 0
swrbuf 2624 0 0 0 0 16 0 0
umtx_shm 88 0 0 0 0 126 0 0
umtx pi 96 0 0 0 0 126 0 0
rangeset pctrie nodes 144 0 0 0 0 62 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-65536 65536 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-32768 32768 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-8192 8192 0 0 0 0 1 0 0
malloc-4096 4096 0 0 0 0 2 0 0
malloc-256 256 0 0 0 0 62 0 0
malloc-256 256 0 0 0 0 62 0 0
malloc-256 256 0 0 0 0 62 0 0
malloc-256 256 0 0 0 0 62 0 0
malloc-256 256 0 0 0 0 62 0 0
malloc-256 256 0 0 0 0 62 0 0
malloc-256 256 0 0 0 0 62 0 0
malloc-256 256 0 0 0 0 62 0 0
malloc-128 128 0 0 0 0 126 0 0
malloc-128 128 0 0 0 0 126 0 0
malloc-128 128 0 0 0 0 126 0 0
malloc-128 128 0 0 0 0 126 0 0
malloc-128 128 0 0 0 0 126 0 0
malloc-128 128 0 0 0 0 126 0 0
malloc-128 128 0 0 0 0 126 0 0
malloc-128 128 0 0 0 0 126 0 0
malloc-64 64 0 0 0 0 254 0 0
malloc-64 64 0 0 0 0 254 0 0
malloc-64 64 0 0 0 0 254 0 0
malloc-64 64 0 0 0 0 254 0 0
malloc-64 64 0 0 0 0 254 0 0
malloc-64 64 0 0 0 0 254 0 0
malloc-64 64 0 0 0 0 254 0 0
malloc-64 64 0 0 0 0 254 0 0
malloc-32 32 0 0 0 0 254 0 0
malloc-32 32 0 0 0 0 254 0 0
malloc-32 32 0 0 0 0 254 0 0
malloc-32 32 0 0 0 0 254 0 0
malloc-32 32 0 0 0 0 254 0 0
malloc-32 32 0 0 0 0 254 0 0
malloc-32 32 0 0 0 0 254 0 0
malloc-32 32 0 0 0 0 254 0 0
malloc-16 16 0 0 0 0 254 0 0
malloc-16 16 0 0 0 0 254 0 0
malloc-16 16 0 0 0 0 254 0 0
malloc-16 16 0 0 0 0 254 0 0
malloc-16 16 0 0 0 0 254 0 0
malloc-16 16 0 0 0 0 254 0 0
malloc-16 16 0 0 0 0 254 0 0
malloc-16 16 0 0 0 0 254 0 0
pcpu-32 32 0 0 0 0 254 0 0
pcpu-4 4 0 0 0 0 254 0 0
fakepg 104 0 0 0 0 126 0 0
UMA Hash 256 0 0 0 0 62 0 0
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2021/05/18 01:28 | freebsd-src | 4224dbf4c7c4 | a343ba6b | console log | report | syz | C | ci-freebsd-main | panic: Memory modified after free ADDR(256) val=ADDR @ ADDR | |||
| 2021/05/16 19:04 | freebsd-src | 91f251b2ab3a | f54a5c09 | console log | report | syz | ci-freebsd-main | panic: Memory modified after free ADDR(256) val=ADDR @ ADDR | ||||
| 2021/05/17 04:57 | freebsd-src | 75b5caa08ef2 | f54a5c09 | console log | report | ci-freebsd-main | panic: Memory modified after free ADDR(256) val=ADDR @ ADDR | |||||
| 2021/05/16 18:40 | freebsd-src | 91f251b2ab3a | f54a5c09 | console log | report | ci-freebsd-main | panic: Memory modified after free ADDR(256) val=ADDR @ ADDR | |||||
| 2021/05/21 12:47 | freebsd-src | d7751071bc41 | 3c7fef33 | console log | report | ci-freebsd-i386 | panic: Memory modified after free ADDR(256) val=ADDR @ ADDR | |||||
| 2021/05/01 14:48 | freebsd-src | a6ca7519f89c | 77e2b668 | console log | report | ci-freebsd-i386 | panic: Memory modified after free ADDR(256) val=ADDR @ ADDR |