syzbot


Fatal trap 12: page fault in sctp_is_vtag_good

Status: auto-closed as invalid on 2021/05/25 11:29
Reported-by: syzbot+18ab1804ee146f08c563@syzkaller.appspotmail.com
First crash: 1366d, last: 1366d

Sample crash report:
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address	= 0xfffffe0094c453c8
fault code		= supervisor read data, page not present
instruction poin
ter	= 0x20:0xffffffff82caf2b0
stack pointer	        = 0x28:0xfffffe009495a3e0
frame pointer	        = 0x28:0xfffffe009495a430
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 31604 (syz-executor.0)
trap number		= 12
panic: page fault
cpuid = 1
time = 1614166085
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe009495a040
vpanic() at vpanic+0x1c7/frame 0xfffffe009495a0a0
panic() at panic+0x43/frame 0xfffffe009495a100
trap_fatal() at trap_fatal+0x4cd/frame 0xfffffe009495a180
trap_pfault() at trap_pfault+0xd4/frame 0xfffffe009495a1f0
trap() at trap+0x41d/frame 0xfffffe009495a310
calltrap() at calltrap+0x8/frame 0xfffffe009495a310
--- trap 0xc, rip = 0xffffffff82caf2b0, rsp = 0xfffffe009495a3e0, rbp = 0xfffffe009495a430 ---
sctp_is_vtag_good() at sctp_is_vtag_good+0xb0/frame 0xfffffe009495a430
sctp_select_a_tag() at sctp_select_a_tag+0x179/frame 0xfffffe009495a4a0
sctp_init_asoc() at sctp_init_asoc+0x38d/frame 0xfffffe009495a510
sctp_aloc_assoc() at sctp_aloc_assoc+0x4d9/frame 0xfffffe009495a590
sctp_lower_sosend() at sctp_lower_sosend+0xfcf/frame 0xfffffe009495a7a0
sctp_sosend() at sctp_sosend+0x4fc/frame 0xfffffe009495a8d0
sosend() at sosend+0xc6/frame 0xfffffe009495a940
kern_sendit() at kern_sendit+0x35b/frame 0xfffffe009495a9f0
sendit() at sendit+0x229/frame 0xfffffe009495aa50
sys_sendmsg() at sys_sendmsg+0x8b/frame 0xfffffe009495aab0
amd64_syscall() at amd64_syscall+0x247/frame 0xfffffe009495abf0
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe009495abf0
--- syscall (198, FreeBSD ELF64, nosys), rip = 0x284dca, rsp = 0x7fffdfffdf08, rbp = 0x7fffdfffdf70 ---
KDB: enter: panic
[ thread pid 31604 tid 131291 ]
Stopped at      kdb_enter+0x67: movq    $0,0x144283e(%rip)
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs                        0x20
ds                        0x3b
es                        0x3b
fs                        0x13
gs                        0x1b
ss                        0x28
rax                       0x12
rcx         0xfffffe01f4800000
rdx                    0x3ffff
rbx                          0
rsp         0xfffffe009495a020
rbp         0xfffffe009495a040
rsi                    0x40001
rdi         0xffffffff8112cf66  vprintf+0x176
r8                           0
r9          0x8080808080808080
r10         0xfffffe0094959f10
r11              0x1ff6bfff59c
r12         0xffffffff820678b0  ddb_dbbe
r13                          0
r14         0xffffffff81a521cd
r15         0xffffffff81a521cd
rip         0xffffffff81123f47  kdb_enter+0x67
rflags                    0x82
kdb_enter+0x67: movq    $0,0x144283e(%rip)
db> show proc
Process 31604 (syz-executor.0) at 0xfffff80019b48000:
 state: NORMAL
 uid: 0  gids: 0, 0, 5
 parent: pid 14111 at 0xfffff80019b48a50
 ABI: FreeBSD ELF64
 flag: 0x10000080  flag2: 0
 arguments: /root/syz-executor.0
 reaper: 0xfffff80004457528 reapsubtree: 1
 sigparent: 20
 vmspace: 0xfffffe0094c61000
   (map 0xfffffe0094c61000)
   (map.pmap 0xfffffe0094c610c0)
   (pmap 0xfffffe0094c61120)
 threads: 2
120338                   RunQ                                syz-executor.0
131291                   Run     CPU 1                       syz-executor.0
db> ps
  pid  ppid  pgrp   uid  state   wmesg   wchan               cmd
31604 14111 14111     0  R       (threaded)                  syz-executor.0
120338                   RunQ                                syz-executor.0
131291                   Run     CPU 1                       syz-executor.0
18760     1 18760    65  Ss      select  0xfffff80019bea040  dhclient
17567     1 17567     0  Ss      select  0xfffff80066229cc0  dhclient
17564     1 17564     0  Ss      select  0xfffff80066229d40  dhclient
17553     1 17553    65  Ss      select  0xfffff80066229dc0  dhclient
17534   780 17534     0  Ss      piperd  0xfffff80004eaf8b8  syz-executor.3
17275     1 17275     0  Ss      select  0xfffff80046868940  dhclient
17271     1 17271     0  Ss      select  0xfffff80060e1ee40  dhclient
17254   780 17254     0  Ss      piperd  0xfffff80031408ba0  syz-executor.1
14631     1 14631    65  Ss      select  0xfffff80004f66840  dhclient
14373     1 14373     0  Ss      select  0xfffff800468680c0  dhclient
14360   780 14360     0  Ss      piperd  0xfffff8001c8098b8  syz-executor.2
14355     1 14355     0  Ss      select  0xfffff80004f667c0  dhclient
14233     1 14233    65  Ss      select  0xfffff80046868ec0  dhclient
14177     1 14177     0  Ss      select  0xfffff80038903040  dhclient
14174     1 14174     0  Ss      select  0xfffff80046868cc0  dhclient
14111   780 14111     0  Rs                                  syz-executor.0
  780   778   778     0  S       (threaded)                  syz-fuzzer
100090                   S       uwait   0xfffff80004882000  syz-fuzzer
100114                   S       uwait   0xfffff80004ba9800  syz-fuzzer
100115                   S       uwait   0xfffff80004ba9900  syz-fuzzer
100116                   S       uwait   0xfffff80004ba9a00  syz-fuzzer
100117                   S       uwait   0xfffff80004ba9b00  syz-fuzzer
100118                   S       uwait   0xfffff80019260700  syz-fuzzer
100119                   S       uwait   0xfffff80019260800  syz-fuzzer
100120                   S       kqread  0xfffff800044fc500  syz-fuzzer
100122                   S       uwait   0xfffff80019260a00  syz-fuzzer
  778   776   778     0  SWs     pause   0xfffff80019945b00  csh
  776   694   776     0  Ss      select  0xfffff80004f66c40  sshd
  761     1   761     0  Rs+     CPU 0                       getty
  760     1   760     0  Ss+     ttyin   0xfffff80004bc38b0  getty
  759     1   759     0  Ss+     ttyin   0xfffff80004bc3cb0  getty
  758     1   758     0  Ss+     ttyin   0xfffff80004b4f0b0  getty
  757     1   757     0  Ss+     ttyin   0xfffff80004b4f4b0  getty
  756     1   756     0  Ss+     ttyin   0xfffff80004b4f8b0  getty
  755     1   755     0  Ss+     ttyin   0xfffff80004b4fcb0  getty
  754     1   754     0  Ss+     ttyin   0xfffff80004b3f0b0  getty
  753     1   753     0  Ss+     ttyin   0xfffff80004b3f4b0  getty
  698     1   698     0  Ss      nanslp  0xffffffff82539f20  cron
  694     1   694     0  Ss      select  0xfffff80004f66ec0  sshd
  507     1   507     0  Ss      select  0xfffff80019260ec0  syslogd
  436     1   436     0  Ss      select  0xfffff80019260f40  devd
  435     1   435    65  Ss      select  0xfffff80004e9fac0  dhclient
  350     1   350     0  Ss      select  0xfffff80019260dc0  dhclient
  347     1   347     0  Ss      select  0xfffff80004ba90c0  dhclient
   23     0     0     0  DL      vlruwt  0xfffff80004d64528  [vnlru]
   22     0     0     0  DL      syncer  0xffffffff82629338  [syncer]
   21     0     0     0  RL      (threaded)                  [bufdaemon]
100079                   RunQ                                [bufdaemon]
100086                   D       -       0xffffffff8200ad80  [bufspacedaemon-0]
100096                   D       sdflush 0xfffff80004dde0e8  [/ worker]
   20     0     0     0  DL      psleep  0xffffffff82650248  [vmdaemon]
   19     0     0     0  DL      (threaded)                  [pagedaemon]
100077                   D       psleep  0xffffffff826446b8  [dom0]
100084                   D       launds  0xffffffff826446c4  [laundry: dom0]
100085                   D       umarcl  0xffffffff815affa0  [uma]
   18     0     0     0  DL      -       0xffffffff8236e2a8  [rand_harvestq]
   17     0     0     0  DL      waiting 0xffffffff82cfd818  [sctp_iterator]
   16     0     0     0  DL      pftm    0xffffffff82b75430  [pf purge]
   15     0     0     0  DL      -       0xffffffff82625a5c  [soaiod4]
    9     0     0     0  DL      -       0xffffffff82625a5c  [soaiod3]
    8     0     0     0  DL      -       0xffffffff82625a5c  [soaiod2]
    7     0     0     0  DL      -       0xffffffff82625a5c  [soaiod1]
    6     0     0     0  DL      (threaded)                  [cam]
100043                   D       -       0xffffffff82245bc0  [doneq0]
100076                   D       -       0xffffffff82245a90  [scanner]
   14     0     0     0  DL      seqstat 0xfffff80004664c88  [sequencer 00]
    5     0     0     0  DL      crypto_ 0xfffff80004346b90  [crypto returns 1]
    4     0     0     0  DL      crypto_ 0xfffff80004346b30  [crypto returns 0]
    3     0     0     0  DL      crypto_ 0xffffffff82641ba0  [crypto]
   13     0     0     0  DL      (threaded)                  [geom]
100034                   D       -       0xffffffff82519760  [g_event]
100035                   D       -       0xffffffff82519768  [g_up]
100036                   D       -       0xffffffff82519770  [g_down]
    2     0     0     0  DL      (threaded)                  [KTLS]
100027                   D       -       0xfffff8000434bd00  [thr_0]
100028                   D       -       0xfffff8000434bd80  [thr_1]
   12     0     0     0  WL      (threaded)                  [intr]
100010                   I                                   [swi5: fast taskq]
100015                   I                                   [swi6: task queue]
100016                   I                                   [swi6: Giant taskq]
100029                   I                                   [swi4: clock (0)]
100030                   I                                   [swi4: clock (1)]
100031                   I                                   [swi3: vm]
100032                   I                                   [swi1: netisr 0]
100044                   I                                   [irq24: virtio_pci0]
100045                   I                                   [irq25: virtio_pci0]
100046                   I                                   [irq26: virtio_pci0]
100047                   I                                   [irq27: virtio_pci0]
100048                   I                                   [irq28: virtio_pci1]
100049                   I                                   [irq29: virtio_pci1]
100050                   I                                   [irq30: virtio_pci1]
100051                   I                                   [irq31: virtio_pci1]
100052                   I                                   [irq32: virtio_pci1]
100057                   I                                   [irq10: virtio_pci2]
100059                   I                                   [irq1: atkbd0]
100060                   I                                   [irq12: psm0]
100061                   I                                   [swi0: uart uart++]
100069                   I                                   [swi1: pf send]
100082                   I                                   [swi1: hpts]
100083                   I                                   [swi1: hpts]
   11     0     0     0  RL      (threaded)                  [idle]
100003                   CanRun                              [idle: cpu0]
100004                   CanRun                              [idle: cpu1]
    1     0     1     0  SLs     wait    0xfffff80004457528  [init]
   10     0     0     0  DL      audit_w 0xffffffff826420c0  [audit]
    0     0     0     0  DLs     (threaded)                  [kernel]
100000                   D       swapin  0xffffffff82519cf0  [swapper]
100005                   D       -       0xfffff80004472100  [if_io_tqg_0]
100006                   D       -       0xfffff80004472000  [if_io_tqg_1]
100007                   D       -       0xfffff80004473e00  [if_config_tqg_0]
100008                   D       -       0xfffff80004473d00  [softirq_0]
100009                   D       -       0xfffff80004473c00  [softirq_1]
100011                   D       -       0xfffff80004473900  [inm_free taskq]
100012                   D       -       0xfffff80004473800  [linuxkpi_irq_wq]
100013                   D       -       0xfffff80004473700  [kqueue_ctx taskq]
100014                   D       -       0xfffff80004473600  [aiod_kick taskq]
100017                   D       -       0xfffff80004473100  [thread taskq]
100018                   D       -       0xfffff80004473000  [in6m_free taskq]
100019                   D       -       0xfffff80004478e00  [linuxkpi_short_wq_0]
100020                   D       -       0xfffff80004478e00  [linuxkpi_short_wq_1]
100021                   D       -       0xfffff80004478e00  [linuxkpi_short_wq_2]
100022                   D       -       0xfffff80004478e00  [linuxkpi_short_wq_3]
100023                   D       -       0xfffff80004478d00  [linuxkpi_long_wq_0]
100024                   D       -       0xfffff80004478d00  [linuxkpi_long_wq_1]
100025                   D       -       0xfffff80004478d00  [linuxkpi_long_wq_2]
100026                   D       -       0xfffff80004478d00  [linuxkpi_long_wq_3]
100033                   D       -       0xfffff80004478700  [firmware taskq]
100037                   D       -       0xfffff80004478600  [crypto_0]
100038                   D       -       0xfffff80004478600  [crypto_1]
100053                   D       -       0xfffff80004892d00  [vtnet0 rxq 0]
100054                   D       -       0xfffff80004892c00  [vtnet0 txq 0]
100055                   D       -       0xfffff80004892b00  [vtnet0 rxq 1]
100056                   D       -       0xfffff80004892a00  [vtnet0 txq 1]
100058                   D       vtbslp  0xfffff80004882b80  [virtio_balloon]
100062                   D       -       0xfffff80004892300  [mca taskq]
100066                   D       -       0xffffffff81dfd5e1  [deadlkres]
100071                   D       -       0xfffff800044fc900  [acpi_task_0]
100072                   D       -       0xfffff800044fc900  [acpi_task_1]
100073                   D       -       0xfffff800044fc900  [acpi_task_2]
100075                   D       -       0xfffff80004478500  [CAM taskq]
db> show all locks
Process 31604 (syz-executor.0) thread 0xfffffe0094c68800 (131291)
shared rw sctp-info (sctp-info) r = 0 (0xfffffe000419c5c8) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:6710
exclusive sleep mutex sctp-create (inp_create) r = 0 (0xfffff80055033988) locked @ /syzkaller/managers/main/kernel/sys/netinet/sctp_output.c:12639
Process 761 (getty) thread 0xfffffe0051b69700 (100091)
exclusive sleep mutex ttymtx (ttymtx) r = 0 (0xfffff8000486ec08) locked @ /syzkaller/managers/main/kernel/sys/kern/tty.c:218
db> show malloc
              Type        InUse        MemUse     Requests
           pf_hash            5        11524K            5
            devbuf         4216         4340K         4244
          tcp_hpts            5         3201K            5
             vtbuf           24         1968K           46
         sysctloid        30860         1810K        30927
               pcb          742         1343K        22496
              kobj          332         1328K          492
            newblk            9         1026K        30233
          vfscache            3         1025K            3
          inodedep          272          614K        30189
         ufs_quota            1          512K            1
          vfs_hash            1          512K            1
           callout            2          512K            2
              intr            4          472K            4
         sctp_stro          357          357K         6023
           subproc          142          271K        31834
         sctp_atcl          715          269K        16985
            acpica         1674          184K        55181
         vnet_data            1          168K            1
           tidhash            3          141K            3
           pagedep            9          130K        29572
        tfo_ccache            1          128K            1
            DEVFS1          106          106K          123
               sem            4          106K            4
            linker          287          101K          484
          filedesc           12           89K        59537
               BPF           46           88K          366
               bus          995           81K         3509
          mtx_pool            2           72K            2
          syncache            1           68K            1
            dirrem          265           67K        29918
          acpitask            1           64K            1
       ddb_capture            1           64K            1
            module          507           64K          507
              umtx          360           45K          360
         sctp_atky         1072           45K        23005
           kdtrace          213           42K        62911
              vmem            3           34K            5
          freefile          265           34K        29904
         sctp_timw          132           33K          132
              temp           35           33K        12185
         hostcache            1           32K            1
               shm            1           32K           45
            DEVFS3          125           32K          135
               msg            4           30K            4
        gtaskqueue           18           26K           18
            kbdmux            6           22K            6
            ifaddr           74           22K          268
        DEVFS_RULE           56           20K           56
         ufs_mount            5           17K            6
              proc            3           17K            3
               tty           16           16K           16
           ithread           99           16K           99
           lltable           47           15K          321
            ip6ndp           60           14K          169
       ether_multi          172           14K         1788
            bus-sc           33           14K         1719
            KTRACE          100           13K          100
             ifnet            7           13K            7
              kenv           93           12K           93
         sctp_athm          715           12K        17074
          sctp_map          714           12K        12046
      eventhandler          133           12K          133
         in6_multi           89           11K          878
              rman           84           10K          425
              GEOM           60           10K          489
         bmsafemap            2            9K        30055
              UART           12            9K           12
           devstat            4            9K            4
              ksem            1            8K            1
               rpc            2            8K            2
             shmfd            1            8K          229
       pfs_vncache            1            8K            1
         pfs_nodes           20            8K           20
     audit_evclass          236            8K          294
          sctp_ifa           50            7K          170
            sglist            5            7K            5
           CAM DEV            3            6K          510
            plimit           24            6K         1646
              cred           24            6K          999
            kqueue           62            6K        31616
         taskqueue           57            6K           57
         CAM queue            5            6K         1528
            DEVFSP           78            5K         1132
           session           35            5K          230
          pf_ifnet           10            5K           19
               UMA          262            5K          262
                vt           11            5K           11
           memdesc            1            4K            1
               MCA           32            4K           32
       ufs_dirhash            8            4K           28
             evdev            4            4K            4
          kcovinfo           64            4K          986
           pwddesc           60            4K        31612
           pf_rule           29            4K           46
          routetbl           23            4K          127
             lockf           33            4K          395
             selfd           55            4K       430078
             hhook           13            4K           13
       fpukern_ctx            3            3K            3
         proc-args           52            3K         2300
           acpisem           22            3K           22
          terminal           11            3K           11
            select           19            3K          287
           uidinfo            3            3K           58
        local_apic            1            2K            1
           io_apic            1            2K            1
         ipsec-saq            2            2K            2
            Unitno           27            2K          187
           CAM XPT           22            2K          543
          in_multi            6            2K           61
       ipsecpolicy            2            2K            2
           acpidev           20            2K           20
               msi            9            2K            9
          freework            5            2K        29585
             clone            9            2K            9
               tun            7            2K            7
           softdep            1            1K            1
             mkdir            8            1K        59002
          freeblks            4            1K        29584
            sahead            1            1K            1
          secasvar            1            1K            1
             nhops            6            1K           10
       vnodemarker            2            1K          216
      NFSD session            1            1K            1
        CAM periph            4            1K          271
             ipsec            3            1K            3
          sctp_ifn            6            1K          170
               mld            6            1K            6
              igmp            6            1K            6
         toponodes            6            1K            6
            isadev            6            1K            6
             mount           16            1K           89
          pci_link           10            1K           10
            crypto            4            1K            4
 encap_export_host           12            1K           12
          procdesc            5            1K           96
      linuxcurrent            3            1K            4
         newdirblk            4            1K        29501
            diradd            4            1K        29963
              pfil            4            1K            4
           CAM SIM            2            1K            2
              cdev            2            1K            2
    chacha20random            1            1K            1
       inpcbpolicy           11            1K        16502
               osd            3            1K           10
             DEVFS            9            1K           10
            vnodes            1            1K            1
              ktls            1            1K            1
      NFSD lckfile            1            1K            1
     NFSD V4client            1            1K            1
            feeder            7            1K            7
           tcpfunc            3            1K            3
        loginclass            3            1K            6
            prison            6            1K            6
             linux            5            1K            6
        aesni_data            2            1K            2
            apmdev            1            1K            1
          atkbddev            2            1K            2
     CAM dev queue            2            1K            2
 CAM I/O Scheduler            1            1K            1
          CAM path            4            1K         1034
            soname            5            1K        22192
          pmchooks            1            1K            1
          nexusdev            7            1K            7
          filecaps            5            1K          391
          sctp_vrf            1            1K            1
              vnet            1            1K            1
           entropy            2            1K          151
          acpiintr            1            1K            1
               pmc            1            1K            1
              cpus            2            1K            2
    vnet_data_free            1            1K            1
           Per-cpu            1            1K            1
               iov            1            1K        64420
          p1003.1b            1            1K            1
            mqdata            0            0K            0
        sctp_mcore            0            0K            0
        sctp_socko            0            0K         1853
         sctp_iter            0            0K          183
         sctp_mvrf            0            0K            0
         sctp_cpal            0            0K            0
         sctp_cmsg            0            0K            0
         sctp_stre            0            0K            0
         sctp_athi            0            0K            0
         sctp_a_it            0            0K          183
         sctp_aadr            0            0K        10601
         sctp_stri            0            0K            0
          pf_table            0            0K            0
           pf_altq            0            0K            0
           pf_osfp            0            0K            0
           pf_temp            0            0K            0
            DEVFS4            0            0K            0
        madt_table            0            0K            2
          smartpqi            0            0K            0
            DEVFS2            0            0K            0
            gntdev            0            0K            0
       privcmd_dev            0            0K            0
        evtchn_dev            0            0K            0
          xenstore            0            0K            0
         ciss_data            0            0K            0
              iavf            0            0K            0
               ixl            0            0K            0
         BACKLIGHT            0            0K            0
               xnb            0            0K            0
              xbbd            0            0K            0
               xbd            0            0K            0
           Balloon            0            0K            0
          sysmouse            0            0K            0
            vtfont            0            0K            0
        ice-resmgr            0            0K            0
         ice-osdep            0            0K            0
               ice            0            0K            0
             axgbe            0            0K            0
          xen_intr            0            0K            0
           ath_hal            0            0K            0
           xen_hvm            0            0K            0
         legacydrv            0            0K            0
            qpidrv            0            0K            0
            athdev            0            0K            0
           ata_pci            0            0K            0
      dmar_idpgtbl            0            0K            0
          dmar_dom            0            0K            0
          dmar_ctx            0            0K            0
           ata_dma            0            0K            0
       ata_generic            0            0K            0
               amr            0            0K            0
              isci            0            0K            0
      iommu_dmamap            0            0K            0
            pvscsi            0            0K            0
     hyperv_socket            0            0K            0
           bxe_ilt            0            0K            0
            xenbus            0            0K            0
           scsi_da            0            0K           69
            ata_da            0            0K            0
     vm_fictitious            0            0K            0
           scsi_ch            0            0K            0
           scsi_cd            0            0K            0
       AHCI driver            0            0K            0
            USBdev            0            0K            0
               USB            0            0K            0
               agp            0            0K            0
           nvme_da            0            0K            0
           acpipwr            0            0K            0
           UMAHash            0            0K            0
         acpi_perf            0            0K            0
            twsbuf            0            0K            0
         vm_pgdata            0            0K            0
           jblocks            0            0K            0
          savedino            0            0K        23385
          sentinel            0            0K            0
            jfsync            0            0K            0
            jtrunc            0            0K            0
             sbdep            0            0K          105
           jsegdep            0            0K            0
              jseg            0            0K            0
         jfreefrag            0            0K            0
          jfreeblk            0            0K            0
           jnewblk            0            0K            0
            jmvref            0            0K            0
           jremref            0            0K            0
           jaddref            0            0K            0
           freedep            0            0K            0
          freefrag            0            0K           16
        allocindir            0            0K            0
          indirdep            0            0K           10
       allocdirect            0            0K            0
          ufs_trim            0            0K            0
           mactemp            0            0K            0
     audit_trigger            0            0K            0
 audit_pipe_presel            0            0K            0
     audit_pipeent            0            0K            0
        audit_pipe            0            0K            0
      audit_evname            0            0K            0
         audit_bsm            0            0K            0
      audit_gidset            0            0K            0
        audit_text            0            0K            0
        audit_path            0            0K            0
        audit_data            0            0K            0
        audit_cred            0            0K            0
             xform            0            0K            0
      twe_commands            0            0K            0
        MLX5EEPROM            0            0K            0
        MLX5EEPROM            0            0K            0
        MLX5EEPROM            0            0K            0
        MLX5EEPROM            0            0K            0
         MLX5E_TLS            0            0K            0
        MLX5EEPROM            0            0K            0
        MLX5EEPROM            0            0K            0
        MLX5EEPROM            0            0K            0
            MLX5EN            0            0K            0
        MLX5EEPROM            0            0K            0
        MLX5EEPROM            0            0K            0
        MLX5EEPROM            0            0K            0
          MLX5DUMP            0            0K            0
        MLX5EEPROM            0            0K            0
        MLX5EEPROM            0            0K            0
          seq_file            0            0K            0
             radix            0            0K            0
               idr            0            0K            0
            lkpifw            0            0K            0
               NLM            0            0K            0
    ipsec-spdcache            0            0K            0
         ipsec-reg            0            0K            0
        ipsec-misc            0            0K            0
      ipsecrequest            0            0K            0
            ip6opt            0            0K            3
       ip6_msource            0            0K            0
      ip6_moptions            0            0K            0
       in6_mfilter            0            0K            0
             frag6            0            0K            0
            tcplog            0            0K            0
        tcp_hwpace            0            0K            0
      twa_commands            0            0K            0
               LRO            0            0K            0
      newreno data            0            0K            0
        ip_msource            0            0K            0
       ip_moptions            0            0K            0
        in_mfilter            0            0K            0
              ipid            0            0K            0
         80211scan            0            0K            0
      80211ratectl            0            0K            0
        80211power            0            0K            0
       80211nodeie            0            0K            0
         80211node            0            0K            0
      80211mesh_gt            0            0K            0
      80211mesh_rt            0            0K            0
         80211perr            0            0K            0
         80211prep            0            0K            0
         80211preq            0            0K            0
          80211dfs            0            0K            0
       80211crypto            0            0K            0
          80211vap            0            0K            0
             iflib            0            0K            0
              vlan            0            0K            0
               gif            0            0K            0
           ifdescr            0            0K            0
              zlib            0            0K            0
           fadvise            0            0K            0
           VN POLL            0            0K            0
       tcp_log_dev            0            0K            0
            statfs            0            0K        29594
     namei_tracker            0            0K         1094
       export_host            0            0K            0
        cl_savebuf            0            0K            6
      midi buffers            0            0K            0
             mixer            0            0K            0
              ac97            0            0K            0
             hdacc            0            0K            0
              hdac            0            0K            0
              hdaa            0            0K            0
         acpicmbat            0            0K            0
       SIIS driver            0            0K            0
           CAM CCB            0            0K         5114
               PUC            0            0K            0
          ppbusdev            0            0K            0
agtiapi_MemAlloc malloc            0            0K            0
    osti_cacheable            0            0K            0
          tempbuff            0            0K            0
          tempbuff            0            0K            0
            biobuf            0            0K            0
              aios            0            0K            0
               lio            0            0K            0
               acl            0            0K            0
ag_tgt_map_t malloc            0            0K            0
          mbuf_tag            0            0K         2226
ag_slr_map_t malloc            0            0K            0
lDevFlags * malloc            0            0K            0
tiDeviceHandle_t * malloc            0            0K            0
ag_portal_data_t malloc            0            0K            0
ag_device_t malloc            0            0K            0
     STLock malloc            0            0K            0
          CCB List            0            0K            0
            sr_iov            0            0K            0
               OCS            0            0K            0
               OCS            0            0K            0
              nvme            0            0K            0
               nvd            0            0K            0
            netmap            0            0K            0
            mwldev            0            0K            0
        MVS driver            0            0K            0
     CAM ccb queue            0            0K            0
          mrsasbuf            0            0K            0
          mpt_user            0            0K            0
          mps_user            0            0K            0
              accf            0            0K            0
               pts            0            0K            0
          ioctlops            0            0K        13665
           eventfd            0            0K            0
           Witness            0            0K            0
             stack            0            0K            0
            MPSSAS            0            0K            0
               mps            0            0K            0
          mpr_user            0            0K            0
            MPRSAS            0            0K            0
               mpr            0            0K            0
            mfibuf            0            0K            0
              sbuf            0            0K          288
        md_sectors            0            0K            0
          firmware            0            0K            0
        compressor            0            0K            0
           md_disk            0            0K            0
              SWAP            0            0K            0
           malodev            0            0K            0
               LED            0            0K            0
         sysctltmp            0            0K         1998
            sysctl            0            0K            1
              ekcd            0            0K            0
            dumper            0            0K            0
          sendfile            0            0K            0
              rctl            0            0K            0
          ix_sriov            0            0K            0
        aacraidcam            0            0K            0
       aacraid_buf            0            0K            0
                ix            0            0K            0
            ipsbuf            0            0K            0
             cache            0            0K            0
            iirbuf            0            0K            0
      prison_racct            0            0K            0
       Fail Points            0            0K            0
             sigio            0            0K          517
filedesc_to_leader            0            0K            0
               pwd            0            0K            0
       tty console            0            0K            0
            aaccam            0            0K            0
            aacbuf            0            0K            0
              zstd            0            0K            0
            XZ_DEC            0            0K            0
            nvlist            0            0K            0
          SCSI ENC            0            0K            0
           SCSI sa            0            0K            0
         scsi_pass            0            0K            0
        isofs_node            0            0K            0
       isofs_mount            0            0K            0
     tr_raid5_data            0            0K            0
    tr_raid1e_data            0            0K            0
     tr_raid1_data            0            0K            0
     tr_raid0_data            0            0K            0
    tr_concat_data            0            0K            0
       md_sii_data            0            0K            0
   md_promise_data            0            0K            0
    md_nvidia_data            0            0K            0
   md_jmicron_data            0            0K            0
     md_intel_data            0            0K            0
       md_ddf_data            0            0K            0
         raid_data            0            0K           72
     geom_flashmap            0            0K            0
         tmpfs dir            0            0K            0
        tmpfs name            0            0K            0
       tmpfs mount            0            0K            0
           NFS FHA            0            0K            0
         newnfsmnt            0            0K            0
  newnfsclient_req            0            0K            0
   NFSCL layrecall            0            0K            0
     NFSCL session            0            0K            0
     NFSCL sockreq            0            0K            0
     NFSCL devinfo            0            0K            0
     NFSCL flayout            0            0K            0
      NFSCL layout            0            0K            0
     NFSD rollback            0            0K            0
NFSCL diroffdiroff            0            0K            0
       NEWdirectio            0            0K            0
        NEWNFSnode            0            0K            0
         NFSCL lck            0            0K            0
      NFSCL lckown            0            0K            0
      NFSCL client            0            0K            0
       NFSCL deleg            0            0K            0
        NFSCL open            0            0K            0
       NFSCL owner            0            0K            0
            NFS fh            0            0K            0
           NFS req            0            0K            0
     NFSD usrgroup            0            0K            0
       NFSD string            0            0K            0
       NFSD V4lock            0            0K            0
      NFSD V4state            0            0K            0
     NFSD srvcache            0            0K            0
       msdosfs_fat            0            0K            0
     msdosfs_mount            0            0K            0
      msdosfs_node            0            0K            0
db> show uma
              Zone   Size    Used    Free    Requests  Sleeps  Bucket  Total Mem    XFree
   mbuf_jumbo_page   4096    8320     764       70893       0       3   37208064        0
         sctp_asoc   2288     358    1892        6024       0       4    5148000        0
        RADIX NODE    144    5474   27031    27479513       0      62    4680720        0
       malloc-2048   2048     363    1899       16275       0       8    4632576        0
      mbuf_cluster   2048    1914       0       47556       0       8    3919872        0
              mbuf    256   13193    1873      282136       0     254    3856896        0
           sctp_ep   1280     358    1892       10965       0       8    2880000        0
              pbuf   2624       0    1001           0       0       2    2626624        0
       malloc-1024   1024     365    1895        6259       0      16    2314240        0
        malloc-256    256     356    7294       55402       0      62    1958400        0
          BUF TRIE    144     199   13269        3040       0      62    1939392        0
        malloc-128    128   10453    3807       70353       0     126    1825280        0
        malloc-384    384     716    3794       16986       0      30    1731840        0
        sctp_raddr    736     357    1898        6020       0      16    1659680        0
       malloc-4096   4096     392       8       33112       0       2    1638400        0
        malloc-384    384    4116       4        4463       0      30    1582080        0
        malloc-384    384     306    3794       30497       0      30    1574400        0
       UMA Slabs 0    112   12536      25       36564       0     126    1406832        0
        malloc-256    256     647    1918       43115       0      62     656640        0
         FFS inode   1160     522      31       30428       0       8     641480        0
       mbuf_packet    256     434    1480       68712       0     254     489984        0
      malloc-65536  65536       4       3        1863       0       1     458752        0
        sctp_laddr     48     812    7756       31319       0     254     411264        0
         VM OBJECT    264    1422      78      452429       0      30     396000        0
        sctp_chunk    152     391    2079        4562       0      62     375440        0
        256 Bucket   2048     162       4    22162465       0       8     339968        0
            THREAD   1792     152      28       31298       0       8     322560        0
      malloc-16384  16384      11       7       29921       0       1     294912        0
             VNODE    448     559      89       30467       0      30     290304        0
         malloc-64     64    3432     348       35193       0     254     241920        0
         malloc-16     16   12819     431       13443       0     254     212000        0
         malloc-64     64    1050    1974      512057       0     254     193536        0
         MAP ENTRY     96    1522     452     1740036       0     126     189504        0
         UMA Zones    768     234       0         234       0      16     179712        0
        malloc-128    128    1181      90       25945       0     126     162688        0
         malloc-32     32    4915     125        6796       0     254     161280        0
         vmem btag     56    2777      91        3360       0     254     160608        0
       S VFS Cache    104    1066     377       32318       0     126     150072        0
       FFS2 dinode    256     522      63       30426       0      62     149760        0
         malloc-32     32     743    3919       21921       0     254     149184        0
       malloc-1024   1024     126      10        4898       0      16     139264        0
         64 Bucket    512     254      10     1067807       0      30     135168        0
      malloc-65536  65536       2       0           2       0       1     131072        0
        malloc-128    128     810     213       92450       0     126     130944        0
           VMSPACE   2544      37      14       31590       0       4     129744        0
sctp_stream_msg_out    112       0    1008        4985       0     126     112896        0
            socket    944      37      79       35648       0      16     109504        0
         32 Bucket    256     309     111     3655469       0      62     107520        0
              PROC   1320      59      22       31611       0       8     106920        0
            DEVCTL   1024       0     100         235       0       0     102400        0
        128 Bucket   1024      79      20     3507403       0      16     101376        0
       malloc-4096   4096      22       1         190       0       2      94208        0
        malloc-128    128     557     156       12238       0     126      91264        0
         filedesc0   1072      60      24       31612       0       8      90048        0
             g_bio    408       0     220       17903       0      30      89760        0
          UMA Kegs    384     220       3         220       0      30      85632        0
        malloc-256    256     231      99       90810       0      62      84480        0
         malloc-16     16    1219    4031       14343       0     254      84000        0
         malloc-16     16     732    4018       42909       0     254      76000        0
      malloc-65536  65536       1       0           1       0       1      65536        0
      malloc-65536  65536       1       0           1       0       1      65536        0
      malloc-65536  65536       1       0           1       0       1      65536        0
        malloc-384    384     134      16        2668       0      30      57600        0
       malloc-8192   8192       7       0           7       0       1      57344        0
       malloc-4096   4096      13       0          25       0       2      53248        0
         malloc-64     64     610     146        1931       0     254      48384        0
         16 Bucket    144     275      33     4955396       0      62      44352        0
          8 Bucket     80     515      35     9690064       0     126      44000        0
       malloc-8192   8192       5       0         135       0       1      40960        0
            pcpu-8      8    4630     490        6333       0     254      40960        0
       malloc-4096   4096       9       0           9       0       2      36864        0
             Files     80     231     219      105568       0     126      36000        0
        malloc-128    128     166     113         438       0     126      35712        0
             ripcb    488       5      67        6457       0      30      35136        0
             tcpcb   1048       4      29        2495       0       8      34584        0
        malloc-256    256      61      74       31361       0      62      34560        0
             NAMEI   1024       0      32      171007       0      16      32768        0
      malloc-32768  32768       1       0           1       0       1      32768        0
      malloc-32768  32768       1       0           1       0       1      32768        0
      malloc-32768  32768       1       0           1       0       1      32768        0
      malloc-16384  16384       2       0           2       0       1      32768        0
       malloc-8192   8192       4       0           4       0       1      32768        0
           pcpu-64     64     479      33         479       0     254      32768        0
        malloc-256    256      76      44         226       0      62      30720        0
              pipe    744      23      17        3299       0      16      29760        0
          4 Bucket     48     507      81    16011643       0     254      28224        0
          2 Bucket     32     363     519    25258639       0     254      28224        0
             KNOTE    160      28     147      244498       0      62      28000        0
        malloc-128    128      86     131        1017       0     126      27776        0
         tcp_inpcb    488       4      52        2495       0      30      27328        0
         udp_inpcb    488       2      54        5679       0      30      27328        0
             unpcb    256      20      85        7871       0      62      26880        0
        malloc-384    384      47      23         241       0      30      26880        0
         TURNSTILE    136     181       8         181       0      62      25704        0
       malloc-8192   8192       1       2          30       0       1      24576        0
       malloc-4096   4096       5       1         677       0       2      24576        0
       malloc-2048   2048       7       5        2408       0       8      24576        0
       malloc-2048   2048      12       0          13       0       8      24576        0
               PWD     32      19     737       29644       0     254      24192        0
         malloc-64     64      77     301         842       0     254      24192        0
            ttyinq    160     135      15         300       0      62      24000        0
           ttyoutq    256      72      18         160       0      62      23040        0
        malloc-256    256      70      20         371       0      62      23040        0
       malloc-1024   1024      18       2          18       0      16      20480        0
       malloc-1024   1024      14       6          42       0      16      20480        0
         malloc-64     64     196     119        1122       0     254      20160        0
         malloc-64     64      26     289        1287       0     254      20160        0
         malloc-32     32     152     478       30725       0     254      20160        0
         malloc-32     32     250     380        2671       0     254      20160        0
       Mountpoints   2752       2       5           2       0       4      19264        0
        malloc-256    256      28      47        1074       0      62      19200        0
        SLEEPQUEUE     88     181      11         181       0     126      16896        0
      malloc-16384  16384       1       0           1       0       1      16384        0
       malloc-8192   8192       2       0           2       0       1      16384        0
       malloc-8192   8192       2       0           4       0       1      16384        0
       malloc-4096   4096       0       4       29595       0       2      16384        0
       malloc-2048   2048       4       4        7830       0       8      16384        0
              PGRP     88      35     149         282       0     126      16192        0
          ksiginfo    112      64      80        1311       0     126      16128        0
      vtnet_tx_hdr     24       0     668       84415       0     254      16032        0
        malloc-128    128      64      60         122       0     126      15872        0
           rtentry    176      34      35         305       0      62      12144        0
         malloc-64     64      14     175         123       0     254      12096        0
         malloc-32     32      65     313         725       0     254      12096        0
         malloc-32     32      32     346         460       0     254      12096        0
         malloc-32     32      66     312       16860       0     254      12096        0
     routing nhops    256      27      18         305       0      62      11520        0
            clpbuf   2624       0       4          22       0       4      10496        0
            cpuset    104       7      86         242       0     126       9672        0
       malloc-4096   4096       2       0           2       0       2       8192        0
       malloc-2048   2048       3       1           3       0       8       8192        0
       malloc-2048   2048       0       4         300       0       8       8192        0
       malloc-1024   1024       2       6           2       0      16       8192        0
        malloc-512    512       2      14         308       0      30       8192        0
        malloc-512    512       9       7           9       0      30       8192        0
        malloc-512    512      10       6          91       0      30       8192        0
    tcp_log_bucket    176       0      46          12       0      62       8096        0
          rl_entry     40      77     125          77       0     254       8080        0
             udpcb     32       2     250        7550       0     254       8064        0
         malloc-64     64       4     122       40292       0     254       8064        0
         malloc-16     16       4     496       23464       0     254       8000        0
         malloc-16     16       6     494           6       0     254       8000        0
         malloc-16     16      10     490          66       0     254       8000        0
      tcp_log_node    120       0      66          69       0     126       7920        0
     udplite_inpcb    488       0      16        1871       0      30       7808        0
            itimer    352       0      22         142       0      30       7744        0
        malloc-384    384      15       5          15       0      30       7680        0
        malloc-256    256       4      26       36345       0      62       7680        0
     FPU_save_area    832       1       8           1       0      16       7488        0
         domainset     40       0     126         165       0     254       5040        0
 epoch_record pcpu    256       4      12           4       0      62       4096        0
       malloc-2048   2048       2       0           2       0       8       4096        0
       malloc-1024   1024       1       3           1       0      16       4096        0
       malloc-1024   1024       2       2           2       0      16       4096        0
        malloc-512    512       1       7           1       0      30       4096        0
        malloc-512    512       3       5         180       0      30       4096        0
        malloc-512    512       1       7           1       0      30       4096        0
        malloc-512    512       3       5         511       0      30       4096        0
           pcpu-16     16       7     249           7       0     254       4096        0
         hostcache     96       1      41           1       0     126       4032        0
         malloc-32     32       5     121        6924       0     254       4032        0
         malloc-16     16      18     232          22       0     254       4000        0
         malloc-16     16       1     249         118       0     254       4000        0
        malloc-128    128       0      31         671       0     126       3968        0
       UMA Slabs 1    176       9      13          10       0      62       3872        0
              kenv    258      15       0        1165       0      30       3870        0
        malloc-384    384       1       9           1       0      30       3840        0
            mqnode    416       3       6           3       0      30       3744        0
        KMAP ENTRY     96      12      27          12       0       0       3744        0
              vmem   1856       1       1           1       0       8       3712        0
           SMR CPU     32       2      29           2       0     254        992        0
        SMR SHARED     24       2      29           2       0     254        744        0
       FFS1 dinode    128       0       0           0       0     126          0        0
             swblk    136       0       0           0       0      62          0        0
          swpctrie    144       0       0           0       0      62          0        0
   sctp_asconf_ack     48       0       0           0       0     254          0        0
       sctp_asconf     40       0       0           0       0     254          0        0
        sctp_readq    152       0       0           0       0      62          0        0
   pf state scrubs     40       0       0           0       0     254          0        0
   pf frag entries     40       0       0           0       0     254          0        0
          pf frags    248       0       0           0       0      62          0        0
  pf table entries    160       0       0           0       0      62          0        0
pf table entry counters     64       0       0           0       0     254          0        0
   pf source nodes    136       0       0           0       0      62          0        0
     pf state keys     88       0       0           0       0     126          0        0
         pf states    296       0       0           0       0      30          0        0
           pf tags    104       0       0           0       0     126          0        0
          pf mtags     48       0       0           0       0     254          0        0
      tcp_rack_pcb    704       0       0           0       0      16          0        0
      tcp_rack_map    120       0       0           0       0     126          0        0
       tcp_bbr_pcb    832       0       0           0       0      16          0        0
       tcp_bbr_map    128       0       0           0       0     126          0        0
    IPsec SA lft_c     16       0       0           0       0     254          0        0
           tcp_log    416       0       0           0       0      30          0        0
          tcpreass     48       0       0           5       0     254          0        0
tfo_ccache_entries     80       0       0           0       0     126          0        0
               tfo      4       0       0           0       0     254          0        0
          sackhole     32       0       0          19       0     254          0        0
          syncache    168       0       0           4       0      62          0        0
             tcptw     88       0       0           0       0     126          0        0
               ipq     56       0       0           0       0     254          0        0
            AIOLIO    272       0       0           0       0      30          0        0
             AIOCB    552       0       0           0       0      16          0        0
              AIOP     32       0       0           0       0     254          0        0
               AIO    208       0       0           0       0      62          0        0
           DIRHASH   1024       0       0          38       0      16          0        0
        TMPFS node    224       0       0           0       0      62          0        0
        mqnotifier    216       0       0           0       0      62          0        0
            mvdata     64       0       0           0       0     254          0        0
            mqueue    248       0       0           0       0      62          0        0
           NCLNODE    584       0       0           0       0      16          0        0
     LTS VFS Cache    360       0       0           0       0      30          0        0
       L VFS Cache    320       0       0           0       0      30          0        0
     STS VFS Cache    144       0       0           0       0      62          0        0
           cryptop    280       0       0           0       0      30          0        0
  linux_dma_object     24       0       0           0       0     254          0        0
  linux_dma_pctrie    144       0       0           0       0      62          0        0
   IOMMU_MAP_ENTRY    120       0       0           0       0     126          0        0
      ktls_session    192       0       0           0       0      62          0        0
    mbuf_jumbo_16k  16384       0       0           0       0       1          0        0
     mbuf_jumbo_9k   9216       0       0           0       0       1          0        0
      audit_record   1280       0       0           0       0       8          0        0
        MAC labels     40       0       0           0       0     254          0        0
            vnpbuf   2624       0       0           0       0       4          0        0
            mdpbuf   2624       0       0           0       0       3          0        0
           nfspbuf   2624       0       0           0       0       4          0        0
            swwbuf   2624       0       0           0       0       4          0        0
            swrbuf   2624       0       0           0       0       4          0        0
          umtx_shm     88       0       0           0       0     126          0        0
           umtx pi     96       0       0           0       0     126          0        0
rangeset pctrie nodes    144       0       0           0       0      62          0        0
      malloc-65536  65536       0       0           0       0       1          0        0
      malloc-65536  65536       0       0           0       0       1          0        0
      malloc-65536  65536       0       0           8       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-32768  32768       0       0         165       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-32768  32768       0       0           0       0       1          0        0
      malloc-16384  16384       0       0           0       0       1          0        0
      malloc-16384  16384       0       0           0       0       1          0        0
      malloc-16384  16384       0       0           0       0       1          0        0
      malloc-16384  16384       0       0           0       0       1          0        0
      malloc-16384  16384       0       0           0       0       1          0        0
       malloc-8192   8192       0       0           0       0       1          0        0
       malloc-8192   8192       0       0           0       0       1          0        0
       malloc-4096   4096       0       0           2       0       2          0        0
       malloc-2048   2048       0       0           0       0       8          0        0
       malloc-1024   1024       0       0           8       0      16          0        0
        malloc-512    512       0       0           0       0      30          0        0
        malloc-384    384       0       0           0       0      30          0        0
           pcpu-32     32       0       0           0       0     254          0        0
            pcpu-4      4       0       0           0       0     254          0        0
            fakepg    104       0       0           0       0     126          0        0
          UMA Hash    256       0       0           0       0      62          0        0

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/02/24 11:28 freebsd-src 1af48800c20f fcc6d71b console log report ci-freebsd-main Fatal trap 12: page fault in sctp_is_vtag_good
* Struck through repros no longer work on HEAD.