Starting background file system checks in 60 seconds. Sun Dec 19 01:54:01 UTC 2021 FreeBSD/amd64 (ci-freebsd-main-3.c.syzkaller.internal) (ttyu0) Warning: Permanently added '10.128.0.159' (ECDSA) to the list of known hosts. 2021/12/19 01:54:14 parsed 1 programs 2021/12/19 01:54:14 executed programs: 0 2021/12/19 01:54:19 executed programs: 1073 2021/12/19 01:54:24 executed programs: 2262 2021/12/19 01:54:29 executed programs: 3398 login: panic: ASan: Invalid access, 4-byte read at 0xfffffe0058df1478, UMAUseAfterFree(fd) cpuid = 1 time = 1639878870 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe005402e6b0 kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe005402e810 vpanic() at vpanic+0x2b8/frame 0xfffffe005402e8f0 panic() at panic+0xb5/frame 0xfffffe005402e9c0 kasan_report() at kasan_report+0xdc/frame 0xfffffe005402ea90 sctp_med_chunk_output() at sctp_med_chunk_output+0x552/frame 0xfffffe005402f640 sctp_chunk_output() at sctp_chunk_output+0x28a0/frame 0xfffffe00540302b0 sctp_process_control() at sctp_process_control+0x3500/frame 0xfffffe0054030780 sctp_common_input_processing() at sctp_common_input_processing+0xb26/frame 0xfffffe00540309e0 sctp_input_with_port() at sctp_input_with_port+0x57d/frame 0xfffffe0054030b70 sctp_input() at sctp_input+0x32/frame 0xfffffe0054030b90 ip_input() at ip_input+0x828/frame 0xfffffe0054030cf0 swi_net() at swi_net+0x2e5/frame 0xfffffe0054030d90 ithread_loop() at ithread_loop+0x4f1/frame 0xfffffe0054030ef0 fork_exit() at fork_exit+0xd0/frame 0xfffffe0054030f30 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0054030f30 --- trap 0, rip = 0, rsp = 0, rbp = 0 --- KDB: enter: panic [ thread pid 12 tid 100032 ] Stopped at kdb_enter+0x6b: movq $0,0x250e09a(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b es 0x3b fs 0x13 gs 0x1b ss 0x28 rax 0x12 rcx 0x397ef021166e0e5b rdx 0xdffff7c000000000 rbx 0 rsp 0xfffffe005402e7f0 rbp 0xfffffe005402e810 rsi 0x1 rdi 0 r8 0x3 r9 0xffffffff r10 0 r11 0 r12 0xfffffe0053ee6560 r13 0xfffffe005402e801 r14 0xffffffff82b43300 .str.18 r15 0xffffffff82b43300 .str.18 rip 0xffffffff8175317b kdb_enter+0x6b rflags 0x46 kdb_enter+0x6b: movq $0,0x250e09a(%rip) db> show proc Process 12 (intr) at 0xfffffe0053de4548: state: NORMAL uid: 0 gids: 0 parent: pid 0 at 0xffffffff83c04a20 ABI: null flag: 0x10000284 flag2: 0 reaper: 0xffffffff83c04a20 reapsubtree: 12 sigparent: 20 vmspace: 0xffffffff83c059c0 (map 0xffffffff83c059c0) (map.pmap 0xffffffff83c05a80) (pmap 0xffffffff83c05ae8) threads: 23 100013 I [swi6: task queue] 100014 I [swi6: Giant taskq] 100020 I [swi5: fast taskq] 100029 I [swi4: clock (0)] 100030 I [swi4: clock (1)] 100031 I [swi3: vm] 100032 Run CPU 1 [swi1: netisr 0] 100033 I [swi1: hpts] 100034 I [swi1: hpts] 100047 I [irq24: virtio_pci0] 100048 I [irq25: virtio_pci0] 100049 I [irq26: virtio_pci0] 100050 I [irq27: virtio_pci0] 100051 I [irq28: virtio_pci1] 100052 I [irq29: virtio_pci1] 100053 I [irq30: virtio_pci1] 100054 I [irq31: virtio_pci1] 100055 I [irq32: virtio_pci1] 100060 I [irq10: virtio_pci2] 100062 I [irq1: atkbd0] 100063 I [irq12: psm0] 100064 I [swi0: uart uart++] 100067 I [swi1: pf send] db> ps pid ppid pgrp uid state wmesg wchan cmd 4583 780 780 0 RE syz-executor.0 3842 3822 3842 0 Ss select 0xfffffe009e7d85c0 dhclient 3830 1 3830 0 Ss select 0xfffffe0058b2ea40 dhclient 3822 3789 429 65 S select 0xfffffe0058b2e240 dhclient 3789 429 429 0 S wait 0xfffffe0058c40000 sh 780 778 780 0 Rs syz-executor.0 778 776 776 0 R (threaded) syz-execprog 100113 S uwait 0xfffffe0053e97000 syz-execprog 100114 S uwait 0xfffffe00576c9c00 syz-execprog 100115 S uwait 0xfffffe00576c9d00 syz-execprog 100116 S kqread 0xfffffe00081d7800 syz-execprog 100117 S uwait 0xfffffe00576c9f00 syz-execprog 100118 S uwait 0xfffffe0053e97100 syz-execprog 100119 S uwait 0xfffffe0053e97200 syz-execprog 100120 RunQ syz-execprog 776 774 776 0 Ss pause 0xfffffe009c349b40 csh 774 687 774 0 Ss select 0xfffffe0058b2dac0 sshd 753 1 753 0 Ss+ ttyin 0xfffffe00576de8b0 getty 752 1 752 0 Ss+ ttyin 0xfffffe0058636cb0 getty 751 1 751 0 Ss+ ttyin 0xfffffe00586374b0 getty 750 1 750 0 Ss+ ttyin 0xfffffe0058637cb0 getty 749 1 749 0 Ss+ ttyin 0xfffffe00586384b0 getty 748 1 748 0 Ss+ ttyin 0xfffffe0058638cb0 getty 747 1 747 0 Ss+ ttyin 0xfffffe00586394b0 getty 746 1 746 0 Ss+ ttyin 0xfffffe0058639cb0 getty 745 1 745 0 Ss+ ttyin 0xfffffe00576e94b0 getty 743 1 17 0 S+ piperd 0xfffffe0058bd92e8 logger 742 741 17 0 S+ nanslp 0xffffffff83c2e8c1 sleep 741 1 17 0 S+ wait 0xfffffe009ec45000 sh 691 1 691 0 Ss nanslp 0xffffffff83c2e8c1 cron 687 1 687 0 Ss select 0xfffffe0058b2df40 sshd 500 1 500 0 Ss select 0xfffffe0058b2e5c0 syslogd 429 1 429 0 Ss wait 0xfffffe009c349000 devd 428 1 428 65 Ss select 0xfffffe009e7d86c0 dhclient 343 1 343 0 Ss select 0xfffffe009e7d84c0 dhclient 340 1 340 0 Ss select 0xfffffe0058b2fa40 dhclient 16 0 0 0 DL syncer 0xffffffff83d540c0 [syncer] 15 0 0 0 DL vlruwt 0xfffffe00587cd000 [vnlru] 9 0 0 0 DL (threaded) [bufdaemon] 100078 D qsleep 0xffffffff83d526e0 [bufdaemon] 100081 D - 0xffffffff83011f80 [bufspacedaemon-0] 100091 D sdflush 0xfffffe0058ccdce8 [/ worker] 8 0 0 0 DL psleep 0xffffffff83d85b80 [vmdaemon] 7 0 0 0 DL (threaded) [pagedaemon] 100076 D psleep 0xffffffff83d79a38 [dom0] 100082 D launds 0xffffffff83d79a44 [laundry: dom0] 100083 D umarcl 0xffffffff81e43b20 [uma] 6 0 0 0 RL CPU 0 [rand_harvestq] 5 0 0 0 DL waiting 0xffffffff848481c0 [sctp_iterator] 4 0 0 0 DL pftm 0xffffffff8436f530 [pf purge] 3 0 0 0 DL (threaded) [cam] 100045 D - 0xffffffff8388c740 [doneq0] 100046 D - 0xffffffff8388c6c0 [async] 100075 D - 0xffffffff8388c540 [scanner] 14 0 0 0 DL seqstat 0xfffffe0057147c88 [sequencer 00] 2 0 0 0 DL (threaded) [crypto] 100041 D crypto_ 0xffffffff83d75280 [crypto] 100042 D crypto_ 0xfffffe0053fb3030 [crypto returns 0] 100043 D crypto_ 0xfffffe0053fb3080 [crypto returns 1] 13 0 0 0 DL (threaded) [geom] 100036 D - 0xffffffff83c03f80 [g_event] 100037 D - 0xffffffff83c03fa0 [g_up] 100038 D - 0xffffffff83c03fc0 [g_down] 12 0 0 0 RL (threaded) [intr] 100013 I [swi6: task queue] 100014 I [swi6: Giant taskq] 100020 I [swi5: fast taskq] 100029 I [swi4: clock (0)] 100030 I [swi4: clock (1)] 100031 I [swi3: vm] 100032 Run CPU 1 [swi1: netisr 0] 100033 I [swi1: hpts] 100034 I [swi1: hpts] 100047 I [irq24: virtio_pci0] 100048 I [irq25: virtio_pci0] 100049 I [irq26: virtio_pci0] 100050 I [irq27: virtio_pci0] 100051 I [irq28: virtio_pci1] 100052 I [irq29: virtio_pci1] 100053 I [irq30: virtio_pci1] 100054 I [irq31: virtio_pci1] 100055 I [irq32: virtio_pci1] 100060 I [irq10: virtio_pci2] 100062 I [irq1: atkbd0] 100063 I [irq12: psm0] 100064 I [swi0: uart uart++] 100067 I [swi1: pf send] 11 0 0 0 RL (threaded) [idle] 100003 CanRun [idle: cpu0] 100004 CanRun [idle: cpu1] 1 0 1 0 SLs wait 0xfffffe0053de5000 [init] 10 0 0 0 DL audit_w 0xffffffff83d75d60 [audit] 0 0 0 0 DLs (threaded) [kernel] 100000 D swapin 0xffffffff83c04a20 [swapper] 100005 D - 0xfffffe0053e15000 [if_io_tqg_0] 100006 D - 0xfffffe0053e14e00 [if_io_tqg_1] 100007 D - 0xfffffe0053e14d00 [if_config_tqg_0] 100008 D - 0xfffffe0053e14c00 [softirq_0] 100009 D - 0xfffffe0053e14b00 [softirq_1] 100010 D - 0xfffffe00081db000 [kqueue_ctx taskq] 100011 D - 0xfffffe00081dae00 [pci_hp taskq] 100012 D - 0xfffffe00081dad00 [linuxkpi_irq_wq] 100015 D - 0xfffffe00081daa00 [aiod_kick taskq] 100016 D - 0xfffffe00081da900 [inm_free taskq] 100017 D - 0xfffffe00081da800 [in6m_free taskq] 100018 D - 0xfffffe00081da700 [deferred_unmount ta] 100019 D - 0xfffffe00081da600 [thread taskq] 100021 D - 0xfffffe00081da400 [linuxkpi_short_wq_0] 100022 D - 0xfffffe00081da400 [linuxkpi_short_wq_1] 100023 D - 0xfffffe00081da400 [linuxkpi_short_wq_2] 100024 D - 0xfffffe00081da400 [linuxkpi_short_wq_3] 100025 D - 0xfffffe00081da300 [linuxkpi_long_wq_0] 100026 D - 0xfffffe00081da300 [linuxkpi_long_wq_1] 100027 D - 0xfffffe00081da300 [linuxkpi_long_wq_2] 100028 D - 0xfffffe00081da300 [linuxkpi_long_wq_3] 100035 D - 0xfffffe0053f6b300 [firmware taskq] 100039 D - 0xfffffe0053f6a800 [crypto_0] 100040 D - 0xfffffe0053f6a800 [crypto_1] 100056 D - 0xfffffe0053f69e00 [vtnet0 rxq 0] 100057 D - 0xfffffe0053f69d00 [vtnet0 txq 0] 100058 D - 0xfffffe0053f69c00 [vtnet0 rxq 1] 100059 D - 0xfffffe0053f69b00 [vtnet0 txq 1] 100061