panic: ASan: Invalid access, 8-byte read at 0xfffffe0057409f60, UMAUseAfterFree(fd) cpuid = 1 time = 32797 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe00a8c3e670 kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe00a8c3e7d0 vpanic() at vpanic+0x2c5/frame 0xfffffe00a8c3e8b0 panic() at panic+0xb5/frame 0xfffffe00a8c3e970 __asan_load8_noabort() at __asan_load8_noabort+0x376/frame 0xfffffe00a8c3ea30 osd_get() at osd_get+0xef/frame 0xfffffe00a8c3eb40 taskq_tsd_set() at taskq_tsd_set+0x30/frame 0xfffffe00a8c3eb60 taskqueue_thread_loop() at taskqueue_thread_loop+0x7c/frame 0xfffffe00a8c3ebb0 fork_exit() at fork_exit+0xd0/frame 0xfffffe00a8c3ebf0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe00a8c3ebf0 --- trap 0, rip = 0, rsp = 0, rbp = 0 --- KDB: enter: panic [ thread pid 12483 tid 120276 ] Stopped at kdb_enter+0x6b: movq $0,0x28ee9da(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b es 0x3b fs 0x13 gs 0x1b ss 0x28 rax 0x12 rcx 0xd7757774a71bf9e4 rdx 0x1 rbx 0 rsp 0xfffffe00a8c3e7b0 rbp 0xfffffe00a8c3e7d0 rsi 0 rdi 0xffffffff817a8739 vprintf+0x319 r8 0x3 r9 0xfffffe00a8c3e2e8 r10 0 r11 0xfffffe009e544a70 r12 0xfffffe00a88c63a0 r13 0xfffffe00a8c3e801 r14 0xffffffff82c58e40 .str.18 r15 0xffffffff82c58e40 .str.18 rip 0xffffffff8179c15b kdb_enter+0x6b rflags 0x46 kdb_enter+0x6b: movq $0,0x28ee9da(%rip) db> show proc Process 12483 (zfskern) at 0xfffffe00a831fa70: state: NORMAL uid: 0 gids: 0 parent: pid 0 at 0xffffffff8402bec0 ABI: null flag: 0x10000284 flag2: 0 reaper: 0xffffffff8402bec0 reapsubtree: 12483 sigparent: 20 vmspace: 0xffffffff8402ce40 (map 0xffffffff8402ce40) (map.pmap 0xffffffff8402cf00) (pmap 0xffffffff8402cf60) threads: 22 120028 D t->zthr 0xfffffe00a85f0848 [arc_evict] 120256 D t->zthr 0xfffffe00a85f0748 [arc_reap] 120257 D - 0xfffffe00a85f0600 [dbu_evict] 120258 D dbuf_ev 0xffffffff85a9df80 [dbuf_evict_thread] 120259 D - 0xfffffe00a85f0300 [z_vdev_file_0] 120260 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_1] 120261 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_2] 120262 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_3] 120263 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_4] 120264 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_5] 120265 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_6] 120266 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_7] 120267 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_8] 120268 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_9] 120269 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_10] 120270 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_11] 120271 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_12] 120272 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_13] 120273 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_14] 120274 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_15] 120275 D l2arc_f 0xffffffff85a8cf80 [l2arc_feed_thread] 120276 Run CPU 1 [zfsvfs] db> ps pid ppid pgrp uid state wmesg wchan cmd 12483 0 0 0 RL (threaded) [zfskern] 120028 D t->zthr 0xfffffe00a85f0848 [arc_evict] 120256 D t->zthr 0xfffffe00a85f0748 [arc_reap] 120257 D - 0xfffffe00a85f0600 [dbu_evict] 120258 D dbuf_ev 0xffffffff85a9df80 [dbuf_evict_thread] 120259 D - 0xfffffe00a85f0300 [z_vdev_file_0] 120260 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_1] 120261 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_2] 120262 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_3] 120263 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_4] 120264 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_5] 120265 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_6] 120266 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_7] 120267 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_8] 120268 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_9] 120269 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_10] 120270 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_11] 120271 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_12] 120272 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_13] 120273 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_14] 120274 L *osd_obj 0xfffffe00a7f93540 [z_vdev_file_15] 120275 D l2arc_f 0xffffffff85a8cf80 [l2arc_feed_thread] 120276 Run CPU 1 [zfsvfs] 12475 783 783 0 T (threaded) syz-executor.0 120020 s syz-executor.0 120230 Run CPU 0 syz-executor.0 11630 1 785 0 S uwait 0xfffffe009e398d80 syz-executor.2 11627 1 785 0 S uwait 0xfffffe005885c980 syz-executor.2 11625 1 785 0 S uwait 0xfffffe009fa54d80 syz-executor.2 11622 1 785 0 S uwait 0xfffffe00a7996200 syz-executor.2 11620 1 785 0 S uwait 0xfffffe00a799e800 syz-executor.2 11398 1 783 0 S uwait 0xfffffe009e3fd680 syz-executor.0 11396 1 783 0 S uwait 0xfffffe009e398c00 syz-executor.0 11390 1 783 0 S uwait 0xfffffe00a80b1a80 syz-executor.0 11389 1 783 0 S uwait 0xfffffe00a75df900 syz-executor.0 11386 1 783 0 S uwait 0xfffffe00a7996300 syz-executor.0 11384 1 785 0 S uwait 0xfffffe00a75df080 syz-executor.2 11383 1 783 0 S uwait 0xfffffe00a75df500 syz-executor.0 11382 1 785 0 S uwait 0xfffffe00a80b1e80 syz-executor.2 11376 1 785 0 S uwait 0xfffffe009e3fd900 syz-executor.2 11374 1 785 0 S uwait 0xfffffe00a75dfb80 syz-executor.2 11372 1 785 0 S uwait 0xfffffe00a7f95f00 syz-executor.2 11370 1 785 0 S uwait 0xfffffe00a75df380 syz-executor.2 11365 1 785 0 S uwait 0xfffffe00a799e380 syz-executor.2 11364 1 785 0 S uwait 0xfffffe00a799eb00 syz-executor.2 11363 1 785 0 S uwait 0xfffffe00a799e280 syz-executor.2 11360 1 785 0 S uwait 0xfffffe00a75dfe00 syz-executor.2 11152 1 785 0 S uwait 0xfffffe005885c100 syz-executor.2 9871 0 0 0 DL - 0xffffffff8402dcc0 [accounting] 6888 1 783 0 S uwait 0xfffffe00a78b3b80 syz-executor.0 6887 1 6887 0 S uwait 0xfffffe00a78b3000 syz-executor.0 6878 1 783 0 S uwait 0xfffffe00a78b3580 syz-executor.0 6876 1 6876 0 S uwait 0xfffffe009e3fdc00 syz-executor.0 6872 1 783 0 S uwait 0xfffffe00a799ee80 syz-executor.0 6871 1 6871 0 S uwait 0xfffffe00a78b3780 syz-executor.0 6861 1 783 0 S uwait 0xfffffe00a732d800 syz-executor.0 6856 1 783 0 S uwait 0xfffffe00a799ee00 syz-executor.0 6855 1 6855 0 S uwait 0xfffffe00a732d100 syz-executor.0 6499 1 783 0 S uwait 0xfffffe0058915380 syz-executor.0 6498 1 783 0 S uwait 0xfffffe00a799eb80 syz-executor.0 6302 1 784 0 S uwait 0xfffffe00a7996e80 syz-executor.1 6296 1 785 0 S uwait 0xfffffe00a7996d80 syz-executor.2 6295 1 784 0 S uwait 0xfffffe00a75df800 syz-executor.1 6292 1 783 0 S uwait 0xfffffe009fa5b400 syz-executor.0 6281 1 785 0 S uwait 0xfffffe009fa1c300 syz-executor.2 6277 1 790 0 S uwait 0xfffffe00a7996600 syz-executor.3 6274 1 785 0 S uwait 0xfffffe00a75df400 syz-executor.2 6273 1 783 0 S uwait 0xfffffe00a799e880 syz-executor.0 6270 1 784 0 S uwait 0xfffffe009e47fe00 syz-executor.1 6269 1 790 0 S uwait 0xfffffe00a7996700 syz-executor.3 6256 1 790 0 S uwait 0xfffffe009fa54180 syz-executor.3 6250 1 790 0 S uwait 0xfffffe00a78b3300 syz-executor.3 6243 1 790 0 S uwait 0xfffffe00a75df180 syz-executor.3 5601 1 784 0 S uwait 0xfffffe009fa5b900 syz-executor.1 5596 1 784 0 S uwait 0xfffffe00a732de00 syz-executor.1 5593 1 784 0 S uwait 0xfffffe00a78b3500 syz-executor.1 5590 1 784 0 S uwait 0xfffffe00a78b3c80 syz-executor.1 5588 1 784 0 S uwait 0xfffffe00a78b3200 syz-executor.1 5585 1 784 0 S uwait 0xfffffe009fa54000 syz-executor.1 5583 1 784 0 S uwait 0xfffffe00a7996c80 syz-executor.1 5582 1 784 0 S uwait 0xfffffe0058915e00 syz-executor.1 4413 1 790 0 S uwait 0xfffffe00a7996900 syz-executor.3 4411 1 783 0 S umtxn 0xfffffe0058915300 syz-executor.0 4404 1 790 0 S uwait 0xfffffe00a732d900 syz-executor.3 4403 1 783 0 S uwait 0xfffffe0058915f00 syz-executor.0 4394 1 790 0 S uwait 0xfffffe00a7996800 syz-executor.3 4393 1 783 0 S uwait 0xfffffe00a78b3e80 syz-executor.0 4392 1 785 0 S uwait 0xfffffe009e9bba00 syz-executor.2 4388 1 785 0 S uwait 0xfffffe00a7996500 syz-executor.2 4382 1 783 0 S uwait 0xfffffe009e3fd580 syz-executor.0 4381 1 785 0 S uwait 0xfffffe00a7996400 syz-executor.2 4377 1 783 0 S uwait 0xfffffe009fa5b600 syz-executor.0 4376 1 785 0 S uwait 0xfffffe00a732d400 syz-executor.2 4374 1 785 0 S uwait 0xfffffe00a78b3880 syz-executor.2 3500 1 784 0 S uwait 0xfffffe00a78b3980 syz-executor.1 3493 1 785 0 S uwait 0xfffffe00a78b3680 syz-executor.2 3490 1 784 0 S uwait 0xfffffe009e3fd700 syz-executor.1 3489 1 783 0 S uwait 0xfffffe00a732d700 syz-executor.0 3486 1 785 0 S uwait 0xfffffe009fa5bb00 syz-executor.2 3479 1 783 0 S uwait 0xfffffe005885c900 syz-executor.0 3478 1 784 0 S uwait 0xfffffe009fa54280 syz-executor.1 3472 1 785 0 S uwait 0xfffffe009fa1c400 syz-executor.2 3469 1 783 0 S uwait 0xfffffe009fa54980 syz-executor.0 3465 1 783 0 S uwait 0xfffffe00a732db00 syz-executor.0 3459 1 783 0 S uwait 0xfffffe00a732d300 syz-executor.0 2613 1 784 0 S uwait 0xfffffe009fa5b300 syz-executor.1 2604 1 784 0 S uwait 0xfffffe009fa5b800 syz-executor.1 2603 1 783 0 S uwait 0xfffffe005873d780 syz-executor.0 2602 1 790 0 S uwait 0xfffffe00a75dfd00 syz-executor.3 2599 1 784 0 S uwait 0xfffffe009e9bbc00 syz-executor.1 2597 1 783 0 S uwait 0xfffffe009fa54c80 syz-executor.0 2595 1 790 0 S uwait 0xfffffe009e398e80 syz-executor.3 2590 1 783 0 S uwait 0xfffffe009e3fd480 syz-executor.0 2588 1 790 0 S uwait 0xfffffe00a732d200 syz-executor.3 2580 1 790 0 S uwait 0xfffffe009e3fd380 syz-executor.3 2579 1 790 0 S uwait 0xfffffe00a732d500 syz-executor.3 2402 0 0 0 DL aiordy 0xfffffe00a75fa000 [aiod4] 2401 0 0 0 DL aiordy 0xfffffe009fa25000 [aiod3] 2400 0 0 0 DL aiordy 0xfffffe00a771e538 [aiod2] 2399 0 0 0 DL aiordy 0xfffffe00a75f1538 [aiod1] 2146 1 2146 65 Ss select 0xfffffe00a7625940 dhclient 1901 1 1901 0 Ss select 0xfffffe00a7625e40 dhclient 1897 1 1897 0 Ss select 0xfffffe009fa2f440 dhclient 1877 1 1877 65 Ss select 0xfffffe0056b74cc0 dhclient 1724 1 1724 0 Ss select 0xfffffe009fa2f140 dhclient 1713 1 1713 0 Ss select 0xfffffe00a7625d40 dhclient 1694 1 1694 65 Ss select 0xfffffe009fa2fcc0 dhclient 1434 1 1434 0 Ss select 0xfffffe0056b76140 dhclient 1431 1 1431 0 Ss select 0xfffffe0056b76540 dhclient 1406 1 1406 65 Ss select 0xfffffe0056b763c0 dhclient 1317 1 783 0 S uwait 0xfffffe009e2df480 syz-executor.0 1309 1 783 0 S uwait 0xfffffe009fa5bd80 syz-executor.0 1302 1 784 0 S uwait 0xfffffe00a732df00 syz-executor.1 1298 1 783 0 S uwait 0xfffffe00a732dd00 syz-executor.0 1295 1 785 0 S uwait 0xfffffe009e2df780 syz-executor.2 1292 1 790 0 S uwait 0xfffffe0056ff4e00 syz-executor.3 1286 1 783 0 S uwait 0xfffffe005873d980 syz-executor.0 1285 1 785 0 S uwait 0xfffffe009e3fde00 syz-executor.2 1281 1 784 0 S uwait 0xfffffe009fa5ba00 syz-executor.1 1280 1 790 0 S uwait 0xfffffe009fa5b180 syz-executor.3 1275 1 783 0 S uwait 0xfffffe009fa5b080 syz-executor.0 1274 1 785 0 S uwait 0xfffffe009fa54e80 syz-executor.2 1269 1 784 0 S uwait 0xfffffe0056ff4f00 syz-executor.1 1266 1 790 0 S uwait 0xfffffe0058915800 syz-executor.3 1262 1 783 0 S uwait 0xfffffe009fa5b500 syz-executor.0 1252 1 783 0 S uwait 0xfffffe009fa5b700 syz-executor.0 1247 1 783 0 S uwait 0xfffffe009fa1c200 syz-executor.0 989 1 989 0 Ss select 0xfffffe00573e7e40 dhclient 985 1 985 0 Ss select 0xfffffe009fa2fdc0 dhclient 790 780 790 0 Ss piperd 0xfffffe009e43e8b8 syz-executor.3 785 780 785 0 Ss piperd 0xfffffe009e9d35d0 syz-executor.2 784 780 784 0 Ss piperd 0xfffffe009e9cd2e8 syz-executor.1 783 780 783 0 Ss wait 0xfffffe009bf13000 syz-executor.0 780 778 778 0 S (threaded) syz-fuzzer 100121 S uwait 0xfffffe009e3fdf00 syz-fuzzer 100126 S uwait 0xfffffe009e47f400 syz-fuzzer 100127 S uwait 0xfffffe009e47f500 syz-fuzzer 100128 S uwait 0xfffffe009e47f600 syz-fuzzer 100129 S uwait 0xfffffe009e9bbd00 syz-fuzzer 100130 S uwait 0xfffffe009e9bbe00 syz-fuzzer 100131 S uwait 0xfffffe009e9bbf00 syz-fuzzer 100132 S kqread 0xfffffe009bf4a400 syz-fuzzer 100133 S uwait 0xfffffe009e47fc00 syz-fuzzer 778 776 778 0 Ss pause 0xfffffe009e8e05e8 csh 776 694 776 0 Ss select 0xfffffe0056b746c0 sshd 760 1 760 0 Ss+ ttyin 0xfffffe0056fdecb0 getty 759 1 759 0 Ss+ ttyin 0xfffffe00583ee0b0 getty 758 1 758 0 Ss+ ttyin 0xfffffe00583ee4b0 getty 757 1 757 0 Ss+ ttyin 0xfffffe00583ee8b0 getty 756 1 756 0 Ss+ ttyin 0xfffffe00583eecb0 getty 755 1 755 0 Ss+ ttyin 0xfffffe00583940b0 getty 754 1 754 0 Ss+ ttyin 0xfffffe00583944b0 getty 753 1 753 0 Ss+ ttyin 0xfffffe00583948b0 getty 752 1 752 0 Ss+ ttyin 0xfffffe0058394cb0 getty 698 1 698 0 Ss nanslp 0xffffffff84057a01 cron 694 1 694 0 Ss select 0xfffffe00573e7d40 sshd 507 1 507 0 Ss select 0xfffffe0056b74e40 syslogd 436 1 436 0 Rs devd 435 1 435 65 Ss select 0xfffffe0056b730c0 dhclient 350 1 350 0 Ss select 0xfffffe0056b74ec0 dhclient 347 1 347 0 Ss select 0xfffffe0056b73040 dhclient 23 0 0 0 DL syncer 0xffffffff8417dc00 [syncer] 22 0 0 0 DL vlruwt 0xfffffe0058736a70 [vnlru] 21 0 0 0 DL (threaded) [bufdaemon] 100084 D qsleep 0xffffffff8417ba40 [bufdaemon] 100087 D - 0xffffffff83411f80 [bufspacedaemon-0] 100097 D sdflush 0xfffffe005751d0e8 [/ worker] 20 0 0 0 DL psleep 0xffffffff841b3ec0 [vmdaemon] 19 0 0 0 DL (threaded) [pagedaemon] 100082 D psleep 0xffffffff841a79f8 [dom0] 100088 D launds 0xffffffff841a7a04 [laundry: dom0] 100089 D umarcl 0xffffffff81e932e0 [uma] 18 0 0 0 DL - 0xffffffff83e0eb60 [rand_harvestq] 17 0 0 0 DL waiting 0xffffffff84d7b460 [sctp_iterator] 16 0 0 0 DL pftm 0xffffffff84745e20 [pf purge] 15 0 0 0 DL - 0xffffffff84176ec0 [soaiod4] 9 0 0 0 DL - 0xffffffff84176ec0 [soaiod3] 8 0 0 0 DL - 0xffffffff84176ec0 [soaiod2] 7 0 0 0 DL - 0xffffffff84176ec0 [soaiod1] 6 0 0 0 DL (threaded) [cam] 100047 D - 0xffffffff83c942c0 [doneq0] 100048 D - 0xffffffff83c94240 [async] 100081 D - 0xffffffff83c940c0 [scanner] 14 0 0 0 DL seqstat 0xfffffe0007919888 [sequencer 00] 5 0 0 0 DL crypto_ 0xfffffe0053e0fc80 [crypto returns 1] 4 0 0 0 DL crypto_ 0xfffffe0053e0fc30 [crypto returns 0] 3 0 0 0 DL crypto_ 0xffffffff841a1aa0 [crypto] 13 0 0 0 DL (threaded) [geom] 100038 D - 0xffffffff8402afc0 [g_event] 100039 D - 0xffffffff8402b000 [g_up] 100040 D - 0xffffffff8402b040 [g_down] 2 0 0 0 DL (threaded) [KTLS] 100029 D - 0xfffffe0053e0fe00 [thr_0] 100030 D - 0xfffffe0053e0fe80 [thr_1] 12 0 0 0 LL (threaded) [intr] 100011 I [swi6: task queue] 100012 I [swi6: Giant taskq] 100014 I [swi5: fast taskq] 100031 I [swi1: netisr 0] 100032 I [swi3: vm] 100033 L *Giant 0xfffffe00a7f93d80 [swi4: clock (0)] 100034 I [swi4: clock (1)] 100035 I [swi1: hpts] 100036 I [swi1: hpts] 100049 I [irq24: virtio_pci0] 100050 I [irq25: virtio_pci0] 100051 I [irq26: virtio_pci0] 100052 I [irq27: virtio_pci0] 100053 I [irq28: virtio_pci1] 100054 I [irq29: virtio_pci1] 100055 I [irq30: virtio_pci1] 100056 I [irq31: virtio_pci1] 100057 I [irq32: virtio_pci1] 100062 I [irq10: virtio_pci2] 100064 I [irq1: atkbd0] 100065 I [irq12: psm0] 100066 I [swi0: uart uart++] 100074 I [swi1: pf send] 11 0 0 0 RL (threaded) [idle] 100003 CanRun [idle: cpu0] 100004 CanRun [idle: cpu1] 1 0 1 0 SLs wait 0xfffffe0053d4b538 [init] 10 0 0 0 DL audit_w 0xffffffff841a2a40 [audit] 0 0 0 0 DLs (threaded) [kernel] 100000 D swapin 0xffffffff8402bec0 [swapper] 100005 D - 0xfffffe000791d500 [softirq_0] 100006 D - 0xfffffe000791d400 [softirq_1] 100007 D - 0xfffffe000791d300 [if_io_tqg_0] 100008 D - 0xfffffe000791d200 [if_io_tqg_1] 100009 D - 0xfffffe000791d100 [if_config_tqg_0] 100010 D - 0xfffffe0053dde500 [deferred_unmount ta] 100013 D - 0xfffffe0053dde000 [thread taskq] 100015 D - 0xfffffe0053df1c00 [linuxkpi_irq_wq] 100016 D - 0xfffffe0053df1b00 [kqueue_ctx taskq] 100017 D - 0xfffffe0053df1a00 [aiod_kick taskq] 100018 D - 0xfffffe0053df1900 [pci_hp taskq] 100019 D - 0xfffffe0053df1800 [inm_free taskq] 100020 D - 0xfffffe0053df1700 [in6m_free taskq] 100021 D - 0xfffffe0053df1600 [linuxkpi_short_wq_0] 100022 D - 0xfffffe0053df1600 [linuxkpi_short_wq_1] 100023 D - 0xfffffe0053df1600 [linuxkpi_short_wq_2] 100024 D - 0xfffffe0053df1600 [linuxkpi_short_wq_3] 100025 D - 0xfffffe0053df1500 [linuxkpi_long_wq_0] 100026 D - 0xfffffe0053df1500 [linuxkpi_long_wq_1] 100027 D - 0xfffffe0053df1500 [linuxkpi_long_wq_2] 100028 D - 0xfffffe0053df1500 [linuxkpi_long_wq_3] 100037 D - 0xfffffe0054140c00 [firmware taskq] 100041 D - 0xfffffe0054140b00 [crypto_0] 100042 D - 0xfffffe0054140b00 [crypto_1] 100058 D - 0xfffffe0054140500 [vtnet0 rxq 0] 100059 D - 0xfffffe0054140400 [vtnet0 txq 0] 100060 D - 0xfffffe0054140300 [vtnet0 rxq 1] 100061 D - 0xfffffe0054140200 [vtnet0 txq 1] 100063 D vtbslp 0xfffffe0056b73100 [virtio_balloon] 100067 D - 0xfffffe0056fb3a00 [mca taskq] 100072 D - 0xffffffff82c5fdc1 [deadlkres] 100076 D - 0xfffffe005834bd00 [acpi_task_0] 100077 D - 0xfffffe005834bd00 [acpi_task_1] 100078 D - 0xfffffe005834bd00 [acpi_task_2] 100080 D - 0xfffffe0054140a00 [CAM taskq] 120250 D - 0xfffffe009e4ee700 [system_taskq_0] 120251 D - 0xfffffe009e4ee700 [system_taskq_1] 120252 D - 0xfffffe009e4ee600 [system_delay_taskq_] 120253 D - 0xfffffe009e4ee600 [system_delay_taskq_] 120254 D - 0xfffffe00a85f0900 [arc_prune_0] 120255 D - 0xfffffe00a85f0900 [arc_prune_1] 11344 1 785 0 Z syz-executor.2 db> show all locks Process 12475 (syz-executor.0) thread 0xfffffe00a7990000 (120230) exclusive sx osd_module (osd_module) r = 0 (0xffffffff838d41a0) locked @ /syzkaller/managers/main/kernel/sys/kern/kern_osd.c:110 exclusive sleep mutex Giant (Giant) r = 1 (0xffffffff834099c0) locked @ /syzkaller/managers/main/kernel/sys/kern/kern_module.c:116 db> show malloc Type InUse MemUse Requests pf_hash 5 11524K 5 linker 380 10017K 467 devbuf 4217 4338K 4245 tcp_hpts 6 3201K 6 sysctloid 46252 2728K 46351 solaris 125 2643K 194 vtbuf 24 1968K 46 filedesc 220 1756K 22609 kobj 326 1304K 485 newblk 43 1035K 30621 vfscache 3 1025K 3 pcb 436 960K 30134 subproc 366 765K 12686 inodedep 109 553K 12863 ufs_quota 1 512K 1 vfs_hash 1 512K 1 callout 2 512K 2 intr 4 472K 4 vmem 3 274K 5 acpica 1674 184K 54514 vnet_data 1 168K 1 tidhash 3 141K 3 pagedep 10 131K 11486 tfo_ccache 1 128K 1 sctp_atcl 311 117K 19534 DEVFS1 108 108K 125 sem 4 106K 4 BPF 46 88K 115 kdtrace 468 85K 32761 bus 984 80K 3474 umtx 616 77K 616 mtx_pool 2 72K 2 sctp_stro 70 70K 5630 syncache 1 68K 1 module 513 65K 513 acpitask 1 64K 1 ddb_capture 1 64K 1 temp 36 34K 4602 hostcache 1 32K 1 shm 1 32K 57 DEVFS3 126 32K 136 msg 4 30K 4 gtaskqueue 18 26K 18 dirrem 97 25K 12149 kbdmux 6 22K 6 ifaddr 70 20K 72 DEVFS_RULE 56 20K 56 ufs_mount 4 17K 5 proc 3 17K 3 sctp_stri 33 17K 1144 routetbl 132 17K 1021 tty 16 16K 16 ithread 99 16K 99 sctp_atky 381 16K 26205 kstat_data 15 15K 15 ksem 35 14K 268 bus-sc 33 14K 1690 lltable 44 14K 778 kqueue 175 14K 12627 KTRACE 101 13K 2278 freefile 99 13K 12007 ifnet 7 13K 7 ether_multi 152 13K 204 kenv 95 12K 95 eventhandler 135 12K 135 pwddesc 170 11K 12521 CAM queue 5 11K 1528 GEOM 61 10K 494 rman 84 10K 425 DEVFSP 156 10K 2681 lockf 89 9K 1034 in6_multi 65 9K 67 taskqueue 81 9K 81 bmsafemap 2 9K 12837 UART 12 9K 12 devstat 4 9K 4 sctp_timw 32 8K 32 rpc 2 8K 2 shmfd 1 8K 144 cred 32 8K 642 pfs_vncache 1 8K 1 pfs_nodes 20 8K 20 audit_evclass 236 8K 294 UMA 365 7K 365 sglist 5 7K 5 CAM DEV 3 6K 510 plimit 24 6K 855 freework 24 6K 18977 xform 78 5K 4310 sctp_athm 311 5K 20043 ufs_dirhash 24 5K 24 session 35 5K 94 pf_ifnet 10 5K 292 vt 11 5K 11 memdesc 1 4K 1 MCA 32 4K 32 evdev 4 4K 4 kcovinfo 64 4K 68 acpisem 28 4K 28 selfd 55 4K 164829 hhook 15 4K 17 fpukern_ctx 3 3K 3 proc-args 52 3K 852 freeblks 11 3K 12223 terminal 11 3K 11 uidinfo 5 3K 86 select 19 3K 680 inpcbpolicy 73 3K 10227 sctp_map 140 3K 11214 local_apic 1 2K 1 io_apic 1 2K 1 ipsec-saq 2 2K 2 ip6ndp 12 2K 14 mount 31 2K 1012 sctp_ifa 13 2K 14 CAM XPT 22 2K 543 Unitno 25 2K 73 in_multi 6 2K 21 vnodemarker 3 2K 1043 pf_osfp 12 2K 12 ipsecpolicy 2 2K 2 acpidev 20 2K 20 msi 9 2K 9 clone 9 2K 9 tcp_fsb 26 2K 1534 tun 7 2K 7 softdep 1 1K 1 mkdir 8 1K 22500 sahead 1 1K 1 secasvar 1 1K 1 nhops 6 1K 8 NFSD session 1 1K 1 CAM periph 4 1K 271 osd 30 1K 5218 sctp_ifn 6 1K 14 ipsec 3 1K 3 mld 6 1K 6 igmp 6 1K 6 toponodes 6 1K 6 isadev 6 1K 6 pci_link 10 1K 10 newdirblk 5 1K 11250 crypto 4 1K 1258 encap_export_host 12 1K 12 ip_msource 10 1K 49 procdesc 5 1K 18 filedesc_to_leader 10 1K 47 diradd 4 1K 12196 indirdep 2 1K 7969 pfil 4 1K 4 cdev 2 1K 2 chacha20random 1 1K 1 sctp_aadr 5 1K 185 NFSD lckfile 1 1K 1 NFSD V4client 1 1K 1 DEVFS 9 1K 10 vnodes 1 1K 23 CAM SIM 2 1K 2 ktls 1 1K 7 prison 8 1K 8 feeder 7 1K 7 taskq 2 1K 2 tcpfunc 3 1K 3 loginclass 3 1K 6 lkpikmalloc 5 1K 6 aesni_data 2 1K 2 apmdev 1 1K 1 atkbddev 2 1K 2 CAM dev queue 2 1K 2 CAM I/O Scheduler 1 1K 1 CAM path 4 1K 1034 pmchooks 1 1K 1 nexusdev 7 1K 7 soname 4 1K 21438 filecaps 5 1K 141 sctp_vrf 1 1K 1 ip6_msource 1 1K 61 vnet 1 1K 1