syzbot


Fatal trap 9: general protection fault in sctp_free_assoc

Status: fixed on 2021/09/01 18:06
Reported-by: syzbot+fabee77954fe69d3a5ad@syzkaller.appspotmail.com
Fix commit: d35be50f5779 sctp: Hold association locks across socket wakeups when freeing
First crash: 893d, last: 585d

Sample crash report:
Fatal trap 9: general protection fault while in kernel mode
cpuid = 0; if_delmulti_locked: detaching ifnet instance 0xfffff800177b0800
apic id = 00
instruction pointer	= 0x20:0xffffffff82c892a6
stack pointer	        = 0x28:0xffffffff82e7d250
frame pointer	        = 0x28:0xffffffff82e7d2d0
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
if_delmulti_locked: detaching ifnet instance 0xfffff800177b0800
processor eflags	= if_delmulti_locked: detaching ifnet instance 0xfffff800177b0800
interrupt enabled, resume, IOPL = 0
current process		= 12 (swi1: netisr 0)
trap number		= 9
panic: general protection fault
cpuid = 0
time = 1607270024
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xffffffff82e7cf20
vpanic() at vpanic+0x1c7/frame 0xffffffff82e7cf80
panic() at panic+0x43/frame 0xffffffff82e7cfe0
trap_fatal() at trap_fatal+0x4cd/frame 0xffffffff82e7d060
trap() at trap+0xf7/frame 0xffffffff82e7d180
calltrap() at calltrap+0x8/frame 0xffffffff82e7d180
--- trap 0x9, rip = 0xffffffff82c892a6, rsp = 0xffffffff82e7d250, rbp = 0xffffffff82e7d2d0 ---
sctp_free_assoc() at sctp_free_assoc+0x22f6/frame 0xffffffff82e7d2d0
sctp_process_control() at sctp_process_control+0x8a98/frame 0xffffffff82e7d750
sctp_common_input_processing() at sctp_common_input_processing+0x7db/frame 0xffffffff82e7d8e0
sctp_input_with_port() at sctp_input_with_port+0x308/frame 0xffffffff82e7d9d0
sctp_input() at sctp_input+0x1f/frame 0xffffffff82e7d9f0
ip_input() at ip_input+0x388/frame 0xffffffff82e7da90
swi_net() at swi_net+0x20d/frame 0xffffffff82e7db10
ithread_loop() at ithread_loop+0x33f/frame 0xffffffff82e7dbb0
fork_exit() at fork_exit+0xb3/frame 0xffffffff82e7dbf0
fork_trampoline() at fork_trampoline+0xe/frame 0xffffffff82e7dbf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 12 tid 100020 ]
Stopped at      kdb_enter+0x67: movq    $0,0x1471976(%rip)
db> 
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs                        0x20
ds                        0x3b
es                        0x3b
fs                        0x13
gs                        0x1b
ss                        0x28
rax                       0x12
rcx                       0x80
rdx         0xffffffff818d5f3b
rbx                          0
rsp         0xffffffff82e7cf00
rbp         0xffffffff82e7cf20
rsi                        0x1
rdi                          0
r8                           0
r9                  0xffffffff
r10                          0
r11                       0xbf
r12         0xffffffff820671c0  ddb_dbbe
r13                          0
r14         0xffffffff8197df14
r15         0xffffffff8197df14
rip         0xffffffff810ead87  kdb_enter+0x67
rflags                    0x86
kdb_enter+0x67: movq    $0,0x1471976(%rip)
db> show proc
Process 12 (intr) at 0xfffff8000447ba50:
 state: NORMAL
 uid: 0  gids: 0
 parent: pid 0 at 0xffffffff8250fcb0
 ABI: null
 reaper: 0xffffffff8250fcb0 reapsubtree: 12
 sigparent: 20
 vmspace: 0xffffffff82510900
   (map 0xffffffff82510900)
   (map.pmap 0xffffffff825109c0)
   (pmap 0xffffffff82510a20)
 threads: 23
100011                   I                                   [swi5: fast taskq]
100014                   I                                   [swi6: task queue]
100015                   I                                   [swi6: Giant taskq]
100020                   Run     CPU 0                       [swi1: netisr 0]
100021                   I                                   [swi4: clock (0)]
100022                   I                                   [swi4: clock (1)]
100023                   I                                   [swi3: vm]
100035                   I                                   [irq24: virtio_pci0]
100036                   I                                   [irq25: virtio_pci0]
100037                   I                                   [irq26: virtio_pci0]
100038                   I                                   [irq27: virtio_pci0]
100039                   I                                   [irq28: virtio_pci1]
100040                   I                                   [irq29: virtio_pci1]
100041                   I                                   [irq30: virtio_pci1]
100042                   I                                   [irq31: virtio_pci1]
100043                   I                                   [irq32: virtio_pci1]
100048                   I                                   [irq10: virtio_pci2]
100050                   I                                   [irq1: atkbd0]
100051                   I                                   [irq12: psm0]
100052                   I                                   [swi0: uart uart++]
100060                   I                                   [swi1: pf send]
100073                   I                                   [swi1: hpts]
100074                   I                                   [swi1: hpts]
db> ps
  pid  ppid  pgrp   uid  state   wmesg   wchan               cmd
 4646  4645   436     0  R                                   ifconfig
 4645  4640   436     0  S       wait    0xfffff80017944a50  sh
 4643     1  4643     0  Ss      select  0xfffff800205bfd40  dhclient
 4640  4628   436     0  S       wait    0xfffff800177fda50  dhclient
 4628   436   436     0  S       wait    0xfffff800177fd528  sh
 4623   780  4623     0  REs                                 syz-executor.0
  780   778   778     0  S       (threaded)                  syz-execprog
100094                   S       uwait   0xfffff80004d9dc80  syz-execprog
100109                   S       uwait   0xfffff8001734c480  syz-execprog
100110                   S       uwait   0xfffff8001734c580  syz-execprog
100111                   S       uwait   0xfffff8001734c680  syz-execprog
100112                   S       uwait   0xfffff80004de2680  syz-execprog
100113                   S       uwait   0xfffff80004de2780  syz-execprog
100114                   S       kqread  0xfffff80004e28a00  syz-execprog
100116                   S       uwait   0xfffff8001741af00  syz-execprog
100117                   S       uwait   0xfffff80004f40200  syz-execprog
  778   776   778     0  Ss      pause   0xfffff800173025d8  csh
  776   694   776     0  Ss      select  0xfffff8001741ab40  sshd
  754     1   754     0  Ss+     ttyin   0xfffff800048a3cb0  getty
  753     1   753     0  Ss+     ttyin   0xfffff80004ba28b0  getty
  752     1   752     0  Ss+     ttyin   0xfffff80004ba2cb0  getty
  751     1   751     0  Ss+     ttyin   0xfffff80004b9a0b0  getty
  750     1   750     0  Ss+     ttyin   0xfffff80004b9a4b0  getty
  749     1   749     0  Ss+     ttyin   0xfffff80004b9a8b0  getty
  748     1   748     0  Ss+     ttyin   0xfffff80004b9acb0  getty
  747     1   747     0  Ss+     ttyin   0xfffff80004b3a0b0  getty
  746     1   746     0  Ss+     ttyin   0xfffff80004b3a4b0  getty
  698     1   698     0  Ss      nanslp  0xffffffff8252fea1  cron
  694     1   694     0  Ss      select  0xfffff8001734c940  sshd
  507     1   507     0  Ss      select  0xfffff80004f42340  syslogd
  436     1   436     0  Ss      wait    0xfffff80004e70a50  devd
  435     1   435    65  Ss      select  0xfffff80004f42740  dhclient
  350     1   350     0  Ss      select  0xfffff80004f42540  dhclient
  347     1   347     0  Ss      select  0xfffff80004f409c0  dhclient
   23     0     0     0  DL      vlruwt  0xfffff80004d5c528  [vnlru]
   22     0     0     0  DL      syncer  0xffffffff8261d238  [syncer]
   21     0     0     0  DL      (threaded)                  [bufdaemon]
100070                   D       qsleep  0xffffffff8261c300  [bufdaemon]
100077                   D       -       0xffffffff8200ac80  [bufspacedaemon-0]
100086                   D       sdflush 0xfffff800043408e8  [/ worker]
   20     0     0     0  DL      psleep  0xffffffff826437c8  [vmdaemon]
   19     0     0     0  DL      (threaded)                  [pagedaemon]
100068                   D       psleep  0xffffffff82637c38  [dom0]
100075                   D       launds  0xffffffff82637c44  [laundry: dom0]
100076                   D       umarcl  0xffffffff814f7a20  [uma]
   18     0     0     0  RL                                  [rand_harvestq]
   17     0     0     0  RL                                  [sctp_iterator]
   16     0     0     0  RL                                  [pf purge]
   15     0     0     0  DL      -       0xffffffff8261b8dc  [soaiod4]
    9     0     0     0  DL      -       0xffffffff8261b8dc  [soaiod3]
    8     0     0     0  DL      -       0xffffffff8261b8dc  [soaiod2]
    7     0     0     0  DL      -       0xffffffff8261b8dc  [soaiod1]
    6     0     0     0  DL      (threaded)                  [cam]
100034                   D       -       0xffffffff8223bfc0  [doneq0]
100067                   D       -       0xffffffff8223be90  [scanner]
    5     0     0     0  DL      crypto_ 0xfffff80004348c90  [crypto returns 1]
    4     0     0     0  DL      crypto_ 0xfffff80004348c30  [crypto returns 0]
    3     0     0     0  DL      crypto_ 0xffffffff82635130  [crypto]
   14     0     0     0  DL      seqstat 0xfffff800044bf488  [sequencer 00]
   13     0     0     0  DL      (threaded)                  [geom]
100025                   D       -       0xffffffff8250f720  [g_event]
100026                   D       -       0xffffffff8250f728  [g_up]
100027                   D       -       0xffffffff8250f730  [g_down]
    2     0     0     0  DL      (threaded)                  [KTLS]
100018                   D       -       0xfffff80004472300  [thr_0]
100019                   D       -       0xfffff80004472380  [thr_1]
   12     0     0     0  RL      (threaded)                  [intr]
100011                   I                                   [swi5: fast taskq]
100014                   I                                   [swi6: task queue]
100015                   I                                   [swi6: Giant taskq]
100020                   Run     CPU 0                       [swi1: netisr 0]
100021                   I                                   [swi4: clock (0)]
100022                   I                                   [swi4: clock (1)]
100023                   I                                   [swi3: vm]
100035                   I                                   [irq24: virtio_pci0]
100036                   I                                   [irq25: virtio_pci0]
100037                   I                                   [irq26: virtio_pci0]
100038                   I                                   [irq27: virtio_pci0]
100039                   I                                   [irq28: virtio_pci1]
100040                   I                                   [irq29: virtio_pci1]
100041                   I                                   [irq30: virtio_pci1]
100042                   I                                   [irq31: virtio_pci1]
100043                   I                                   [irq32: virtio_pci1]
100048                   I                                   [irq10: virtio_pci2]
100050                   I                                   [irq1: atkbd0]
100051                   I                                   [irq12: psm0]
100052                   I                                   [swi0: uart uart++]
100060                   I                                   [swi1: pf send]
100073                   I                                   [swi1: hpts]
100074                   I                                   [swi1: hpts]
   11     0     0     0  RL      (threaded)                  [idle]
100003                   CanRun                              [idle: cpu0]
100004                   CanRun                              [idle: cpu1]
    1     0     1     0  SLs     wait    0xfffff80004453528  [init]
   10     0     0     0  DL      audit_w 0xffffffff82635650  [audit]
    0     0     0     0  RLs     (threaded)                  [kernel]
100000                   D       swapin  0xffffffff8250fcb0  [swapper]
100005                   D       -       0xfffff80004477e00  [if_io_tqg_0]
100006                   D       -       0xfffff80004477d00  [if_io_tqg_1]
100007                   D       -       0xfffff80004477c00  [if_config_tqg_0]
100008                   D       -       0xfffff80004477b00  [softirq_0]
100009                   D       -       0xfffff80004477a00  [softirq_1]
100010                   Run     CPU 1                       [in6m_free taskq]
100012                   D       -       0xfffff8000447ad00  [kqueue_ctx taskq]
100013                   D       -       0xfffff8000447ab00  [inm_free taskq]
100016                   D       -       0xfffff8000447a500  [aiod_kick taskq]
100017                   D       -       0xfffff8000447a300  [thread taskq]
100024                   D       -       0xfffff8000448ca00  [firmware taskq]
100029                   D       -       0xfffff8000448c300  [crypto_0]
100030                   D       -       0xfffff8000448c300  [crypto_1]
100044                   D       -       0xfffff800044fe300  [vtnet0 rxq 0]
100045                   D       -       0xfffff800044fe200  [vtnet0 txq 0]
100046                   D       -       0xfffff800044fe100  [vtnet0 rxq 1]
100047                   D       -       0xfffff800044fe000  [vtnet0 txq 1]
100049                   D       vtbslp  0xfffff80004645700  [virtio_balloon]
100053                   D       -       0xfffff800048b1e00  [mca taskq]
100056                   D       -       0xffffffff81d26660  [deadlkres]
100062                   D       -       0xfffff80004ac2200  [acpi_task_0]
100063                   D       -       0xfffff80004ac2200  [acpi_task_1]
100064                   D       -       0xfffff80004ac2200  [acpi_task_2]
100066                   D       -       0xfffff800044feb00  [CAM taskq]
db> show all locks
Process 4646 (ifconfig) thread 0xfffffe0094c86a00 (100129)
exclusive sx in_control (in_control) r = 0 (0xffffffff8261f500) locked @ /syzkaller/managers/main/kernel/sys/netinet/in.c:253
Process 18 (rand_harvestq) thread 0xfffffe0051dfa700 (100065)
exclusive sleep mutex reseed mutex (reseed mutex) r = 0 (0xffffffff82369420) locked @ /syzkaller/managers/main/kernel/sys/dev/random/fortuna.c:348
Process 12 (intr) thread 0xfffffe000470da00 (100020)
exclusive sleep mutex sctp-send-tcb (tcbs) r = 0 (0xfffffe0094fb2ab0) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:4837
exclusive sleep mutex sctp-tcb (tcb) r = 0 (0xfffffe0094fb2a90) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:4836
exclusive rw sctp-info (sctp-info) r = 0 (0xfffffe000479b5d8) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:4834
Process 0 (kernel) thread 0xfffffe000389b100 (100010)
exclusive sleep mutex if_addr_lock (if_addr_lock) r = 0 (0xfffff800177b09a8) locked @ /syzkaller/managers/main/kernel/sys/net/if.c:3674
exclusive sx in6_multi_sx (in6_multi_sx) r = 0 (0xffffffff82633608) locked @ /syzkaller/managers/main/kernel/sys/netinet6/in6_mcast.c:615
db> show malloc
              Type        InUse        MemUse     Requests
           pf_hash            5        11524K            5
            devbuf         4216         4339K         4244
          tcp_hpts            5         3201K            5
             vtbuf           24         1968K           46
         sysctloid        29250         1706K        29315
              kobj          337         1348K          498
               pcb          712         1112K         2202
            newblk           10         1027K         1342
          vfscache            3         1025K            3
          inodedep          704          776K         1533
         sctp_atcl         1383          519K         1848
         ufs_quota            1          512K            1
          vfs_hash            1          512K            1
           callout            2          512K            2
              intr            4          472K            4
         sctp_stro          460          460K          462
           pagedep          696          302K         1915
         sctp_stri          460          230K          462
           subproc          116          222K         4714
            acpica         1674          184K        54318
         vnet_data            1          168K            1
         sctp_atky         2536          148K         3003
            ifaddr          389          145K          806
           tidhash            3          141K            3
        tfo_ccache            1          128K            1
               sem            4          106K            4
            DEVFS1          102          102K          113
            linker          254           97K          975
            diradd          695           87K         1081
               bus          994           81K         3318
          mtx_pool            2           72K            2
          syncache            1           68K            1
          acpitask            1           64K            1
       ddb_capture            1           64K            1
            module          509           64K          509
              umtx          288           36K          288
           kdtrace          179           36K         4777
              temp           23           33K        18530
         hostcache            1           32K            1
               shm            1           32K            1
              vmem            3           32K            7
            DEVFS3          121           31K          131
               msg            4           30K            4
          sctp_ifa          238           30K          657
         sctp_aadr          460           29K        53360
        gtaskqueue           18           26K           18
         sctp_athm         1383           22K         1848
            kbdmux            6           22K            6
          filedesc            3           21K         3697
        DEVFS_RULE           56           20K           56
               BPF           11           18K          755
         ufs_mount            5           17K            6
              proc            3           17K            3
               tty           16           16K           16
           ithread           99           16K           99
          sctp_map          920           15K          924
            bus-sc           31           14K         1555
            KTRACE          100           13K          100
              kenv           92           12K           92
      eventhandler          125           11K          125
              GEOM           60           10K          489
              rman           82           10K          423
         bmsafemap            3            9K         1160
              UART           12            9K           12
           devstat            4            9K            4
               rpc            2            8K            2
             shmfd            1            8K            1
       pfs_vncache            1            8K            1
         pfs_nodes           20            8K           20
     audit_evclass          233            8K          291
             ifnet            4            7K            4
            sglist            5            7K            5
           CAM DEV            3            6K          510
            kqueue           51            6K         4651
       ufs_dirhash           27            6K           33
         CAM queue            5            6K         1528
         taskqueue           48            6K           48
              cred           20            5K          791
           lltable           17            5K          897
            plimit           18            5K         3695
       ether_multi           55            5K         5803
                vt           11            5K           11
               UMA          254            5K          254
           memdesc            1            4K            1
               MCA           32            4K           32
             evdev            4            4K            4
          pf_ifnet            7            4K           10
          routetbl           16            4K          248
             hhook           13            4K           13
           pwddesc           48            3K         4647
         in6_multi           25            3K         3082
          terminal           11            3K           11
           acpisem           22            3K           22
           session           21            3K          472
              pgrp           21            3K          472
         proc-args           42            3K         5485
           uidinfo            3            3K            8
             lockf           20            3K          769
        local_apic            1            2K            1
           io_apic            1            2K            1
         ipsec-saq            2            2K            2
             selfd           28            2K        41426
           CAM XPT           22            2K          543
            Unitno           25            2K           39
       ipsecpolicy            2            2K            2
           acpidev           20            2K           20
               msi            9            2K            9
             clone            9            2K            9
            select            9            2K          590
           softdep            1            1K            1
            sahead            1            1K            1
          secasvar            1            1K            1
       vnodemarker            2            1K           22
      NFSD session            1            1K            1
            ip6ndp            6            1K          425
        CAM periph            4            1K          271
             ipsec            3            1K            3
             nhops            6            1K            6
         toponodes            6            1K            6
            isadev            6            1K            6
             mount           16            1K           89
          pci_link           10            1K           10
          freework            3            1K          142
 encap_export_host           12            1K           12
            crypto            3            1K            3
         sctp_timw            2            1K            2
          freeblks            2            1K          141
          indirdep            2            1K            4
          in_multi            2            1K          285
              pfil            4            1K            4
           CAM SIM            2            1K            2
              cdev            2            1K            2
          sctp_ifn            3            1K          657
             mkdir            3            1K         1402
          freefile            3            1K          141
               mld            3            1K            3
              igmp            3            1K            3
    chacha20random            1            1K            1
               tun            4            1K            4
               osd            3            1K            9
         sctp_iter            1            1K          673
            dirrem            1            1K          144
            vnodes            1            1K            1
              ktls            1            1K            1
          procdesc            2            1K          240
      NFSD lckfile            1            1K            1
     NFSD V4client            1            1K            1
             DEVFS            9            1K           10
            feeder            7            1K            7
       inpcbpolicy            7            1K         2452
        loginclass            3            1K            7
            prison            6            1K            6
            DEVFSP            3            1K          419
     CAM dev queue            2            1K            2
 CAM I/O Scheduler            1            1K            1
            apmdev            1            1K            1
          atkbddev            2            1K            2
          CAM path            4            1K         1034
           tcpfunc            2            1K            2
          mbuf_tag            4            1K         7268
          pmchooks            1            1K            1
            soname            4            1K         5908
          nexusdev            5            1K            5
          sctp_vrf            1            1K            1
           entropy            2            1K          361
              vnet            1            1K            1
               pmc            1            1K            1
          acpiintr            1            1K            1
              cpus            2            1K            2
    vnet_data_free            1            1K            1
           Per-cpu            1            1K            1
         sctp_a_it            1            1K          673
          p1003.1b            1            1K            1
          filecaps            1            1K          717
        sctp_mcore            0            0K            0
        sctp_socko            0            0K          462
         sctp_mvrf            0            0K            0
         sctp_cpal            0            0K            0
         sctp_cmsg            0            0K            0
         sctp_stre            0            0K            0
         sctp_athi            0            0K            0
          pf_table            0            0K            0
           pf_rule            0            0K            0
           pf_altq            0            0K            0
           pf_osfp            0            0K            0
           pf_temp            0            0K            0
            nvlist            0            0K            0
          SCSI ENC            0            0K            0
           SCSI sa            0            0K            0
        madt_table            0            0K            2
          smartpqi            0            0K            0
         scsi_pass            0            0K            0
         ciss_data            0            0K            0
            pvscsi            0            0K            0
           ath_hal            0            0K            0
            athdev            0            0K            0
           ata_pci            0            0K            0
           ata_dma            0            0K            0
       ata_generic            0            0K            0
              iavf            0            0K            0
               ixl            0            0K            0
               amr            0            0K            0
           scsi_da            0            0K           69
            ata_da            0            0K            0
           scsi_ch            0            0K            0
           scsi_cd            0            0K            0
            USBdev            0            0K            0
        ice-resmgr            0            0K            0
         ice-osdep            0            0K            0
               ice            0            0K            0
             axgbe            0            0K            0
       fpukern_ctx            0            0K            0
               USB            0            0K            0
          xen_intr            0            0K            0
       AHCI driver            0            0K            0
               agp            0            0K            0
           xen_hvm            0            0K            0
         legacydrv            0            0K            0
            qpidrv            0            0K            0
      dmar_idpgtbl            0            0K            0
          dmar_dom            0            0K            0
          dmar_ctx            0            0K            0
           nvme_da            0            0K            0
           acpipwr            0            0K            0
              isci            0            0K            0
      iommu_dmamap            0            0K            0
            twsbuf            0            0K            0
     hyperv_socket            0            0K            0
           bxe_ilt            0            0K            0
            xenbus            0            0K            0
      twe_commands            0            0K            0
      twa_commands            0            0K            0
       tcp_log_dev            0            0K            0
     vm_fictitious            0            0K            0
      midi buffers            0            0K            0
             mixer            0            0K            0
              ac97            0            0K            0
             hdacc            0            0K            0
              hdac            0            0K            0
              hdaa            0            0K            0
         acpi_perf            0            0K            0
         acpicmbat            0            0K            0
       SIIS driver            0            0K            0
           UMAHash            0            0K            0
           CAM CCB            0            0K         6240
         vm_pgdata            0            0K            0
           jblocks            0            0K            0
          savedino            0            0K           38
          sentinel            0            0K            0
            jfsync            0            0K            0
            jtrunc            0            0K            0
             sbdep            0            0K            6
           jsegdep            0            0K            0
              jseg            0            0K            0
         jfreefrag            0            0K            0
          jfreeblk            0            0K            0
           jnewblk            0            0K            0
            jmvref            0            0K            0
           jremref            0            0K            0
           jaddref            0            0K            0
           freedep            0            0K            0
         newdirblk            0            0K          703
          freefrag            0            0K           55
        allocindir            0            0K            0
       allocdirect            0            0K            0
          ufs_trim            0            0K            0
           mactemp            0            0K            0
     audit_trigger            0            0K            0
 audit_pipe_presel            0            0K            0
     audit_pipeent            0            0K            0
        audit_pipe            0            0K            0
      audit_evname            0            0K            0
         audit_bsm            0            0K            0
      audit_gidset            0            0K            0
        audit_text            0            0K            0
        audit_path            0            0K            0
        audit_data            0            0K            0
        audit_cred            0            0K            0
             xform            0            0K            0
               NLM            0            0K            0
    ipsec-spdcache            0            0K            0
         ipsec-reg            0            0K            0
        ipsec-misc            0            0K            0
      ipsecrequest            0            0K            0
            ip6opt            0            0K            3
       ip6_msource            0            0K            0
      ip6_moptions            0            0K            0
       in6_mfilter            0            0K            0
             frag6            0            0K            0
            tcplog            0            0K            0
               LRO            0            0K            0
      newreno data            0            0K            0
        ip_msource            0            0K            0
       ip_moptions            0            0K            0
        in_mfilter            0            0K            0
              ipid            0            0K            0
         80211scan            0            0K            0
      80211ratectl            0            0K            0
        80211power            0            0K            0
       80211nodeie            0            0K            0
         80211node            0            0K            0
      80211mesh_gt            0            0K            0
      80211mesh_rt            0            0K            0
         80211perr            0            0K            0
         80211prep            0            0K            0
         80211preq            0            0K            0
          80211dfs            0            0K            0
       80211crypto            0            0K            0
          80211vap            0            0K            0
             iflib            0            0K            0
              vlan            0            0K            0
               gif            0            0K            0
           ifdescr            0            0K            0
              zlib            0            0K            0
           fadvise            0            0K            0
           VN POLL            0            0K            0
            statfs            0            0K          430
     namei_tracker            0            0K            0
       export_host            0            0K            0
        cl_savebuf            0            0K           10
               PUC            0            0K            0
          ppbusdev            0            0K            0
agtiapi_MemAlloc malloc            0            0K            0
    osti_cacheable            0            0K            0
          tempbuff            0            0K            0
          tempbuff            0            0K            0
ag_tgt_map_t malloc            0            0K            0
ag_slr_map_t malloc            0            0K            0
lDevFlags * malloc            0            0K            0
tiDeviceHandle_t * malloc            0            0K            0
ag_portal_data_t malloc            0            0K            0
ag_device_t malloc            0            0K            0
     STLock malloc            0            0K            0
          CCB List            0            0K            0
            sr_iov            0            0K            0
               OCS            0            0K            0
               OCS            0            0K            0
              nvme            0            0K            0
               nvd            0            0K            0
            netmap            0            0K            0
            mwldev            0            0K            0
            biobuf            0            0K            0
              aios            0            0K            0
               lio            0            0K            0
               acl            0            0K            0
        MVS driver            0            0K            0
              accf            0            0K            0
               pts            0            0K            0
               iov            0            0K        65885
          ioctlops            0            0K          548
           Witness            0            0K            0
             stack            0            0K            0
     CAM ccb queue            0            0K            0
          mrsasbuf            0            0K            0
          mpt_user            0            0K            0
              sbuf            0            0K          288
          mps_user            0            0K            0
          firmware            0            0K            0
        compressor            0            0K            0
            MPSSAS            0            0K            0
              SWAP            0            0K            0
               mps            0            0K            0
          mpr_user            0            0K            0
         sysctltmp            0            0K         2774
            sysctl            0            0K            1
            MPRSAS            0            0K            0
              ekcd            0            0K            0
            dumper            0            0K            0
          sendfile            0            0K            0
              rctl            0            0K            0
               mpr            0            0K            0
            mfibuf            0            0K            0
        md_sectors            0            0K            0
           md_disk            0            0K            0
           malodev            0            0K            0
               LED            0            0K            0
             cache            0            0K            0
          kcovinfo            0            0K            0
      prison_racct            0            0K            0
       Fail Points            0            0K            0
             sigio            0            0K            1
filedesc_to_leader            0            0K            0
               pwd            0            0K            0
       tty console            0            0K            0
          ix_sriov            0            0K            0
        aacraidcam            0            0K            0
                ix            0            0K            0
            ipsbuf            0            0K            0
            iirbuf            0            0K            0
       aacraid_buf            0            0K            0
            aaccam            0            0K            0
        isofs_node            0            0K            0
       isofs_mount            0            0K            0
     tr_raid5_data            0            0K            0
    tr_raid1e_data            0            0K            0
     tr_raid1_data            0            0K            0
     tr_raid0_data            0            0K            0
    tr_concat_data            0            0K            0
       md_sii_data            0            0K            0
   md_promise_data            0            0K            0
    md_nvidia_data            0            0K            0
   md_jmicron_data            0            0K            0
     md_intel_data            0            0K            0
       md_ddf_data            0            0K            0
         raid_data            0            0K           72
     geom_flashmap            0            0K            0
         tmpfs dir            0            0K            0
        tmpfs name            0            0K            0
       tmpfs mount            0            0K            0
           NFS FHA            0            0K            0
         newnfsmnt            0            0K            0
  newnfsclient_req            0            0K            0
   NFSCL layrecall            0            0K            0
     NFSCL session            0            0K            0
     NFSCL sockreq            0            0K            0
     NFSCL devinfo            0            0K            0
     NFSCL flayout            0            0K            0
      NFSCL layout            0            0K            0
     NFSD rollback            0            0K            0
NFSCL diroffdiroff            0            0K            0
       NEWdirectio            0            0K            0
        NEWNFSnode            0            0K            0
         NFSCL lck            0            0K            0
      NFSCL lckown            0            0K            0
      NFSCL client            0            0K            0
       NFSCL deleg            0            0K            0
        NFSCL open            0            0K            0
       NFSCL owner            0            0K            0
            NFS fh            0            0K            0
           NFS req            0            0K            0
     NFSD usrgroup            0            0K            0
       NFSD string            0            0K            0
       NFSD V4lock            0            0K            0
      NFSD V4state            0            0K            0
     NFSD srvcache            0            0K            0
       msdosfs_fat            0            0K            0
     msdosfs_mount            0            0K            0
      msdosfs_node            0            0K            0
            DEVFS4            0            0K            0
            DEVFS2            0            0K            0
            gntdev            0            0K            0
       privcmd_dev            0            0K            0
        evtchn_dev            0            0K            0
          xenstore            0            0K            0
            aacbuf            0            0K            0
               xnb            0            0K            0
              xbbd            0            0K            0
               xbd            0            0K            0
           Balloon            0            0K            0
          sysmouse            0            0K            0
            vtfont            0            0K            0
              zstd            0            0K            0
db> show uma
              Zone   Size    Used    Free    Requests  Sleeps  Bucket  Total Mem    XFree
      mbuf_cluster   2048    9443       1        9443       0     254   19341312        0
   mbuf_jumbo_page   4096    3680      16        3706       0     254   15138816        0
              mbuf    256   29402     238      137151       0     254    7587840        0
              pbuf   2632       0     989           0       0       2    2603048        0
       mbuf_packet    256    8421     894       27692       0     254    2384640        0
          BUF TRIE    144     169   13299        2242       0      62    1939392        0
        sctp_chunk    152   11730      74       11781       0     254    1794208        0
         FFS inode   1128    1413      15        1554       0       8    1610784        0
        malloc-384    384    4139      11        4141       0      30    1593600        0
       malloc-4096   4096     337       2         498       0       2    1388544        0
        malloc-128    128   10665      61       13118       0     126    1372928        0
       UMA Slabs 0    112    9545      28        9545       0     126    1072176        0
         sctp_asoc   2288     461       4         462       0     254    1063920        0
        sctp_raddr    736    1382       4        1386       0     254    1020096        0
             VNODE    488    1445      35        1588       0      30     722240        0
           sctp_ep   1280     461       4         693       0     254     595200        0
        malloc-384    384    1436       4        1901       0      30     552960        0
       malloc-2048   2048     231      17        6934       0       8     507904        0
       malloc-1024   1024     462       6         504       0      16     479232        0
         VM OBJECT    264    1649      76       89723       0      30     455400        0
       FFS2 dinode    256    1413      12        1554       0      62     364800        0
        RADIX NODE    144    2295     194      174098       0      62     358416        0
            DEVCTL   1024     228     104         576       0       0     339968        0
      malloc-65536  65536       0       5        1487       0       1     327680        0
      malloc-65536  65536       3       2          11       0       1     327680        0
        malloc-384    384     703      57        1532       0      30     291840        0
            socket    944      19     281        6949       0     254     283200        0
        256 Bucket   2048     120      14       14922       0       8     274432        0
      malloc-65536  65536       4       0           4       0       1     262144        0
            THREAD   1792     129      15         129       0       8     258048        0
        malloc-512    512     460      12         462       0      30     241664        0
       malloc-4096   4096      52       5        5233       0       2     233472        0
         malloc-16     16   13152      98       14073       0     254     212000        0
        malloc-256    256     713     112        5838       0      62     211200        0
         malloc-64     64    2753      82        3454       0     254     181440        0
       S VFS Cache    104    1443     273        3423       0     126     178464        0
         UMA Zones    768     226       3         226       0      16     175872        0
         vmem btag     56    2970      42        2970       0     254     168672        0
         malloc-32     32    4781     259        9124       0     254     161280        0
        malloc-128    128    1126      83       25316       0     126     154752        0
        malloc-384    384     360      10         777       0      30     142080        0
      malloc-65536  65536       0       2         122       0       1     131072        0
      malloc-65536  65536       2       0           2       0       1     131072        0
       malloc-4096   4096      23       8         406       0       2     126976        0
        malloc-256    256     474      21        1521       0      62     126720        0
       malloc-1024   1024     114       6         126       0      16     122880        0
         MAP ENTRY     96     969     291      301467       0     126     120960        0
        malloc-256    256      46     419        1783       0      62     119040        0
          ksiginfo    112      51     993         707       0     126     116928        0
        malloc-128    128     817      82        1654       0     126     115072        0
      malloc-16384  16384       2       5        1849       0       1     114688        0
           VMSPACE   2544      26      10        4625       0       4      91584        0
              PROC   1320      48      18        4646       0       8      87120        0
          UMA Kegs    384     212       1         212       0      30      81792        0
        malloc-128    128     603      17         957       0     126      79360        0
             g_bio    408       0     190       22464       0      30      77520        0
        malloc-128    128     309     280        2883       0     126      75392        0
         filedesc0   1072      49      21        4647       0       8      75040        0
       malloc-8192   8192       6       3          34       0       1      73728        0
        128 Bucket   1024      41      30        1193       0      16      72704        0
      malloc-32768  32768       2       0           2       0       1      65536        0
      malloc-32768  32768       0       2         126       0       1      65536        0
        malloc-256    256     190      65        1757       0      62      65280        0
         malloc-64     64     952      56        1298       0     254      64512        0
         malloc-64     64     551     394       49442       0     254      60480        0
        malloc-256    256     139      56        6835       0      62      49920        0
      malloc-16384  16384       3       0           3       0       1      49152        0
      malloc-16384  16384       2       1           5       0       1      49152        0
         malloc-64     64     204     552       11709       0     254      48384        0
        malloc-128    128     108     264        9516       0     126      47616        0
         32 Bucket    256      54     126        1827       0      62      46080        0
       malloc-2048   2048       9      13         516       0       8      45056        0
            pcpu-8      8    5330     302        9042       0     254      45056        0
         malloc-64     64     523     170        1624       0     254      44352        0
         malloc-32     32    1200     186        3888       0     254      44352        0
            clpbuf   2632       0      16          21       0      16      42112        0
           DIRHASH   1024      38       2          43       0      16      40960        0
       malloc-8192   8192       4       1           6       0       1      40960        0
         64 Bucket    512      62      18       14725       0      30      40960        0
        malloc-384    384      87      13         640       0      30      38400        0
             NAMEI   1024       0      36       87366       0      16      36864        0
        sctp_laddr     48     232     524       54433       0     254      36288        0
         malloc-64     64     462     105       53397       0     254      36288        0
              pipe    744       9      36        1866       0      16      33480        0
      malloc-32768  32768       1       0           1       0       1      32768        0
      malloc-16384  16384       0       2         153       0       1      32768        0
           pcpu-64     64     452      60         452       0     254      32768        0
     routing nhops    256      12      93        1016       0      62      26880        0
       malloc-8192   8192       2       1         102       0       1      24576        0
       malloc-8192   8192       3       0           3       0       1      24576        0
         malloc-64     64     251     127       59364       0     254      24192        0
          4 Bucket     48       7     497       12132       0     254      24192        0
             KNOTE    160       6     144       17051       0      62      24000        0
            ttyinq    160     135      15         300       0      62      24000        0
         malloc-16     16    1426      74        2630       0     254      24000        0
          8 Bucket     80      43     257       14253       0     126      24000        0
             tcpcb   1048       3      19           7       0     254      23056        0
             unpcb    256      11      79        3046       0     254      23040        0
           ttyoutq    256      72      18         160       0      62      23040        0
        malloc-384    384       6      54         887       0      30      23040        0
        malloc-256    256      62      28         945       0      62      23040        0
        malloc-256    256      39      51        4759       0      62      23040        0
         TURNSTILE    136     145      23         145       0      62      22848        0
       malloc-4096   4096       3       2           8       0       2      20480        0
       malloc-2048   2048       6       4         262       0       8      20480        0
       malloc-1024   1024       6      14       11018       0      16      20480        0
       malloc-1024   1024      18       2          18       0      16      20480        0
           rtentry    176      14     101        1016       0      62      20240        0
               PWD     32      11     619         910       0     254      20160        0
             Files     80      87     163       50524       0     126      20000        0
        malloc-128    128      45     110        3892       0     126      19840        0
       Mountpoints   2752       2       5           2       0       4      19264        0
        malloc-256    256      51      24          54       0      62      19200        0
        SLEEPQUEUE     88     145      47         145       0     126      16896        0
      malloc-16384  16384       1       0           1       0       1      16384        0
      malloc-16384  16384       1       0           1       0       1      16384        0
       malloc-8192   8192       2       0           2       0       1      16384        0
       malloc-8192   8192       2       0           2       0       1      16384        0
       malloc-8192   8192       2       0           2       0       1      16384        0
       malloc-4096   4096       1       3         434       0       2      16384        0
       malloc-1024   1024      14       2          14       0      16      16384        0
        malloc-512    512       4      28         190       0      30      16384        0
          2 Bucket     32      60     444       12372       0     254      16128        0
         udp_inpcb    488       3      29        2348       0     254      15616        0
       malloc-4096   4096       3       0           4       0       2      12288        0
       malloc-2048   2048       3       3          15       0       8      12288        0
       malloc-2048   2048       4       2           4       0       8      12288        0
       malloc-2048   2048       3       3         194       0       8      12288        0
        malloc-512    512       1      23         119       0      30      12288        0
         16 Bucket    144      41      43       23932       0      62      12096        0
         malloc-16     16     484     266         487       0     254      12000        0
       malloc-8192   8192       1       0           1       0       1       8192        0
       malloc-4096   4096       1       1           3       0       2       8192        0
       malloc-2048   2048       2       2           5       0       8       8192        0
       malloc-2048   2048       1       3          37       0       8       8192        0
       malloc-1024   1024       2       6           2       0      16       8192        0
       malloc-1024   1024       4       4         161       0      16       8192        0
       malloc-1024   1024       3       5          19       0      16       8192        0
        malloc-512    512       2      14         510       0      30       8192        0
        malloc-512    512       3      13          47       0      30       8192        0
        malloc-512    512       2      14          22       0      30       8192        0
        malloc-512    512       9       7          11       0      30       8192        0
          rl_entry     40      45     157          45       0     254       8080        0
sctp_stream_msg_out    112       0      72         231       0     254       8064        0
             udpcb     32       3     249        2348       0     254       8064        0
         malloc-64     64      11     115          24       0     254       8064        0
         malloc-32     32     101     151         138       0     254       8064        0
         malloc-32     32      55     197       10324       0     254       8064        0
         malloc-32     32      57     195        1414       0     254       8064        0
         malloc-32     32       1     251         761       0     254       8064        0
         malloc-32     32      32     220        2727       0     254       8064        0
      vtnet_tx_hdr     24       0     334        1347       0     254       8016        0
         malloc-16     16      16     484          46       0     254       8000        0
         malloc-16     16      28     472        4393       0     254       8000        0
         malloc-16     16     188     312        1814       0     254       8000        0
         malloc-16     16       8     492           8       0     254       8000        0
         malloc-16     16      27     473       24507       0     254       8000        0
        malloc-128    128      16      46         305       0     126       7936        0
             ripcb    488       1      15          97       0     254       7808        0
         tcp_inpcb    488       3      13           7       0     254       7808        0
              kenv    258       3      27        1237       0      30       7740        0
     FPU_save_area    832       1       8           1       0      16       7488        0
            cpuset    104       7      55           7       0     126       6448        0
 epoch_record pcpu    256       4      12           4       0      62       4096        0
        malloc-512    512       1       7           2       0      30       4096        0
           pcpu-16     16       7     249           7       0     254       4096        0
         hostcache     96       1      41           1       0     254       4032        0
          syncache    168       0      24           5       0     254       4032        0
         malloc-32     32       8     118          29       0     254       4032        0
       UMA Slabs 1    176      10      12          10       0      62       3872        0
        malloc-384    384       1       9           1       0      30       3840        0
        malloc-384    384       1       9           1       0      30       3840        0
        KMAP ENTRY     96      12      27          12       0       0       3744        0
              vmem   1856       1       1           1       0       8       3712        0
           SMR CPU     32       2      29           2       0     254        992        0
        SMR SHARED     24       2      29           2       0     254        744        0
       FFS1 dinode    128       0       0           0       0     126          0        0
             swblk    136       0       0           0       0      62          0        0
          swpctrie    144       0       0           0       0      62          0        0
   sctp_asconf_ack     48       0       0           0       0     254          0        0
       sctp_asconf     40       0       0           0       0     254          0        0
        sctp_readq    152       0       0           0       0     254          0        0
   pf state scrubs     40       0       0           0       0     254          0        0
   pf frag entries     40       0       0           0       0     254          0        0
          pf frags    248       0       0           0       0      62          0        0
  pf table entries    160       0       0           0       0      62          0        0
pf table entry counters     64       0       0           0       0     254          0        0
   pf source nodes    136       0       0           0       0     254          0        0
     pf state keys     88       0       0           0       0     126          0        0
         pf states    296       0       0           0       0     254          0        0
           pf tags    104       0       0           0       0     126          0        0
          pf mtags     48       0       0           0       0     254          0        0
       tcp_bbr_pcb    832       0       0           0       0      16          0        0
       tcp_bbr_map    128       0       0           0       0     126          0        0
    IPsec SA lft_c     16       0       0           0       0     254          0        0
     udplite_inpcb    488       0       0           0       0     254          0        0
      tcp_log_node    120       0       0           0       0     126          0        0
    tcp_log_bucket    176       0       0           0       0      62          0        0
           tcp_log    416       0       0           0       0     254          0        0
          tcpreass     48       0       0           0       0     254          0        0
tfo_ccache_entries     80       0       0           0       0     126          0        0
               tfo      4       0       0           0       0     254          0        0
          sackhole     32       0       0           0       0     254          0        0
             tcptw     88       0       0           0       0     254          0        0
               ipq     56       0       0           0       0     254          0        0
            itimer    352       0       0           0       0      30          0        0
            AIOLIO    272       0       0           0       0      30          0        0
             AIOCB    488       0       0           0       0      30          0        0
              AIOP     32       0       0           0       0     254          0        0
               AIO    208       0       0           0       0      62          0        0
        TMPFS node    224       0       0           0       0      62          0        0
           NCLNODE    592       0       0           0       0      16          0        0
     LTS VFS Cache    360       0       0           0       0      30          0        0
       L VFS Cache    320       0       0           0       0      30          0        0
     STS VFS Cache    144       0       0           0       0      62          0        0
    crypto_session     72       0       0           0       0     126          0        0
           cryptop    280       0       0           0       0      30          0        0
   IOMMU_MAP_ENTRY    120       0       0           0       0     126          0        0
      ktls_session    192       0       0           0       0      62          0        0
    mbuf_jumbo_16k  16384       0       0           0       0     254          0        0
     mbuf_jumbo_9k   9216       0       0           0       0     254          0        0
      audit_record   1280       0       0           0       0       8          0        0
         domainset     40       0       0           0       0     254          0        0
        MAC labels     40       0       0           0       0     254          0        0
            vnpbuf   2632       0       0           0       0      62          0        0
            mdpbuf   2632       0       0           0       0       4          0        0
           nfspbuf   2632       0       0           0       0      16          0        0
            swwbuf   2632       0       0           0       0       8          0        0
            swrbuf   2632       0       0           0       0      16          0        0
          umtx_shm     88       0       0           0       0     126          0        0
           umtx pi     96       0       0           0       0     126          0        0
rangeset pctrie nodes    144       0       0           0       0      62          0        0
      malloc-65536  65536       0       0           0       0       1          0        0
      malloc-65536  65536       0       0           0       0       1          0        0
      malloc-65536  65536       0       0           0       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-16384  16384       0       0           0       0       1          0        0
      malloc-16384  16384       0       0           0       0       1          0        0
       malloc-4096   4096       0       0           0       0       2          0        0
           pcpu-32     32       0       0           0       0     254          0        0
            pcpu-4      4       0       0           0       0     254          0        0
            fakepg    104       0       0           0       0     126          0        0
          UMA Hash    256       0       0           0       0      62          0        0

Crashes (14):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-freebsd-main 2020/12/06 15:55 freebsd b531e6856765 c521566d console log report syz
ci-freebsd-main 2021/07/01 23:03 freebsd-src 858937bea459 658ebc66 console log report Fatal trap 9: general protection fault in sctp_free_assoc
ci-freebsd-main 2021/06/28 13:58 freebsd-src e0893890eb60 9d2ab5df console log report Fatal trap 9: general protection fault in sctp_free_assoc
ci-freebsd-main 2021/02/07 22:43 freebsd-src 6117aa58fa4f 2ce644fc console log report Fatal trap 9: general protection fault in sctp_free_assoc
ci-freebsd-main 2021/02/06 05:25 freebsd-src 344f1083e128 42b90a7c console log report Fatal trap 9: general protection fault in sctp_free_assoc
ci-freebsd-main 2021/01/28 18:43 freebsd-src b8051298b0a3 7df34f59 console log report Fatal trap 9: general protection fault in sctp_free_assoc
ci-freebsd-i386 2021/06/29 19:21 freebsd-src f77697dd9f31 a4fccb01 console log report Fatal trap 9: general protection fault in sctp_free_assoc
ci-freebsd-i386 2021/06/10 16:17 freebsd-src cedaad93176e 1ba81399 console log report Fatal trap 9: general protection fault in sctp_free_assoc
ci-freebsd-i386 2021/02/17 22:34 freebsd-src ab4fad4be144 14052202 console log report Fatal trap 9: general protection fault in sctp_free_assoc
ci-freebsd-main 2020/12/06 19:41 freebsd b531e6856765 c521566d console log report
ci-freebsd-main 2020/10/31 02:58 freebsd 75e5305e4cb1 bde4231c console log report
ci-freebsd-main 2020/10/23 12:05 freebsd d0dde1163090 4e740c00 console log report
ci-freebsd-i386 2020/08/27 19:24 freebsd fd597f085c48 816e0689 console log report
ci-freebsd-main 2021/01/06 03:02 freebsd-src 225afb6cad98 b1c228e1 console log report
* Struck through repros no longer work on HEAD.