syzbot


Fatal trap 12: page fault in uipc_ready

Status: fixed on 2020/07/30 11:06
Reported-by: syzbot+6a689cc9c27bd265237a@syzkaller.appspotmail.com
Fix commit: 1b778ba2609f Fix a logic error in uipc_ready_scan().
First crash: 973d, last: 946d

Sample crash report:
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address	= 0x8
fault code		= supervisor read data, page not present
instruction pointer	= 0x20:0xffffffff8114c928
stack pointer	        = 0x28:0xfffffe001a1047a0
frame pointer	        = 0x28:0xfffffe001a104800
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 6 (doneq0)
trap number		= 12


FreeBSD/amd64panic: page fault
cpuid = 0
time = 1591526769
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe001a1043f0
vpanic() at vpanic+0x1c7/frame 0xfffffe001a104450
panic() at panic+0x43/frame 0xfffffe001a1044b0
trap_fatal() at trap_fatal+0x4ca/frame 0xfffffe001a104530
trap_pfault() at trap_pfault+0xdc/frame 0xfffffe001a1045b0
trap() at trap+0x3f8/frame 0xfffffe001a1046d0
calltrap() at calltrap+0x8/frame 0xfffffe001a1046d0
--- trap 0xc, rip = 0xffffffff8114c928, rsp = 0xfffffe001a1047a0, rbp = 0xfffffe001a104800 ---
uipc_ready() at uipc_ready+0x1e8/frame 0xfffffe001a104800
sendfile_iodone() at sendfile_iodone+0x3d9/frame 0xfffffe001a104850
vnode_pager_generic_getpages_done_async() at vnode_pager_generic_getpages_done_async+0x49/frame 0xfffffe001a104880
bufdone() at bufdone+0xa1/frame 0xfffffe001a104900
g_io_deliver() at g_io_deliver+0x393/frame 0xfffffe001a104960
g_io_deliver() at g_io_deliver+0x393/frame 0xfffffe001a1049c0
g_io_deliver() at g_io_deliver+0x393/frame 0xfffffe001a104a20
g_disk_done() at g_disk_done+0x15f/frame 0xfffffe001a104a70
dadone() at dadone+0x66a/frame 0xfffffe001a104af0
xpt_done_process() at xpt_done_process+0x5ad/frame 0xfffffe001a104b50
xpt_done_td() at xpt_done_td+0x185/frame 0xfffffe001a104bb0
fork_exit() at fork_exit+0xb3/frame 0xfffffe001a104bf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe001a104bf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 6 tid 100033 ]
Stopped at      kdb_enter+0x67: movq    $0,0x14a7206(%rip)
db> set $lines = 0
db> set $maxwidth = 0
db> show registers
cs                        0x20
ds                        0x3b  ll+0x1a
es                        0x3b  ll+0x1a
fs                        0x13
gs                        0x1b
ss                        0x28  ll+0x7
rax                       0x12
rcx                       0x80  ll+0x5f
rdx         0xffffffff81901452
rbx                          0
rsp         0xfffffe001a1043d0
rbp         0xfffffe001a1043f0
rsi                        0x1
rdi                          0
r8                           0
r9                  0xffffffff
r10                          0
r11         0xfffffe0023b91a00
r12         0xffffffff82068e90  ddb_dbbe
r13                          0
r14         0xffffffff819a566e
r15         0xffffffff819a566e
rip         0xffffffff810b3467  kdb_enter+0x67
rflags                    0x86  ll+0x65
kdb_enter+0x67: movq    $0,0x14a7206(%rip)
db> show proc
Process 6 (cam) at 0xfffff800033f8520:
 state: NORMAL
 uid: 0  gids: 0
 parent: pid 0 at 0xffffffff8250e510
 ABI: null
 reaper: 0xffffffff8250e510 reapsubtree: 6
 sigparent: 20
 vmspace: 0xffffffff8250f150
   (map 0xffffffff8250f150)
   (map.pmap 0xffffffff8250f210)
   (pmap 0xffffffff8250f270)
 threads: 2
100033                   Run     CPU 0                       [doneq0]
100066                   D       -       0xffffffff8223a890  [scanner]
db> ps
  pid  ppid  pgrp   uid  state   wmesg   wchan               cmd
  870   777   771     0  RE                                  syz-executor3653366
  869   778   771     0  LE     *socket  0xfffff800030c4000  syz-executor3653366
  778   773   771     0  S       nanslp  0xffffffff8252efe0  syz-executor3653366
  777   773   771     0  R                                   syz-executor3653366
  775   773   771     0  D       bo_wwai 0xfffff8000c458ec0  syz-executor3653366
  774   773   771     0  R                                   syz-executor3653366
  773   771   771     0  S       nanslp  0xffffffff8252efe0  syz-executor3653366
  771   769   771     0  Ss      pause   0xfffff80003c970a8  csh
  769   682   769     0  Ss      select  0xfffff80003352040  sshd
  748     1   748     0  Ss+     ttyin   0xfffff8000380c0b0  getty
  747     1   747     0  Ss+     ttyin   0xfffff80003b7dcb0  getty
  746     1   746     0  Ss+     ttyin   0xfffff80003b804b0  getty
  745     1   745     0  Ss+     ttyin   0xfffff80003b80cb0  getty
  744     1   744     0  Ss+     ttyin   0xfffff800033c14b0  getty
  743     1   743     0  Ss+     ttyin   0xfffff800033c1cb0  getty
  742     1   742     0  Ss+     ttyin   0xfffff800033c64b0  getty
  741     1   741     0  Ss+     ttyin   0xfffff800033c6cb0  getty
  740     1   740     0  Ss+     ttyin   0xfffff800033c54b0  getty
  738     1    24     0  S+      piperd  0xfffff8000c21f5f0  logger
  737   736    24     0  S+      nanslp  0xffffffff8252efe1  sleep
  736     1    24     0  S+      wait    0xfffff80003d0e520  sh
  686     1   686     0  Ss      nanslp  0xffffffff8252efe1  cron
  682     1   682     0  Ss      select  0xfffff80003a5b940  sshd
  495     1   495     0  Ds      getbuf  0xfffffe0003e3dc7c  syslogd
  424     1   424     0  Ss      select  0xfffff80003352e40  devd
  423     1   423    65  Ss      select  0xfffff80003352b40  dhclient
  338     1   338     0  Ss      select  0xfffff80003a5bcc0  dhclient
  335     1   335     0  Ss      select  0xfffff80003a5bc40  dhclient
   23     0     0     0  DL      syncer  0xffffffff8261af18  [syncer]
   22     0     0     0  DL      vlruwt  0xfffff800033f7a40  [vnlru]
   21     0     0     0  DL      (threaded)                  [bufdaemon]
100069                   D       qsleep  0xffffffff8261a230  [bufdaemon]
100076                   D       -       0xffffffff8200aa00  [bufspacedaemon-0]
100084                   D       sdflush 0xfffff80003d0ace8  [/ worker]
   20     0     0     0  DL      psleep  0xffffffff82641248  [vmdaemon]
   19     0     0     0  DL      (threaded)                  [pagedaemon]
100067                   D       psleep  0xffffffff826356d8  [dom0]
100074                   D       launds  0xffffffff826356e4  [laundry: dom0]
100075                   D       umarcl  0xffffffff8154cf50  [uma]
   18     0     0     0  DL      -       0xffffffff82362c58  [rand_harvestq]
   17     0     0     0  DL      pftm    0xffffffff82be03a0  [pf purge]
   16     0     0     0  DL      waiting 0xffffffff8261d690  [sctp_iterator]
   15     0     0     0  DL      -       0xffffffff8261982c  [soaiod4]
    9     0     0     0  DL      -       0xffffffff8261982c  [soaiod3]
    8     0     0     0  DL      -       0xffffffff8261982c  [soaiod2]
    7     0     0     0  DL      -       0xffffffff8261982c  [soaiod1]
    6     0     0     0  RL      (threaded)                  [cam]
100033                   Run     CPU 0                       [doneq0]
100066                   D       -       0xffffffff8223a890  [scanner]
    5     0     0     0  DL      crypto_ 0xfffff800033f6090  [crypto returns 1]
    4     0     0     0  DL      crypto_ 0xfffff800033f6030  [crypto returns 0]
    3     0     0     0  DL      crypto_ 0xffffffff82632ec0  [crypto]
   14     0     0     0  DL      seqstat 0xfffff8000338f888  [sequencer 00]
   13     0     0     0  DL      (threaded)                  [geom]
100024                   D       -       0xffffffff8250df80  [g_event]
100025                   D       -       0xffffffff8250df88  [g_up]
100026                   D       -       0xffffffff8250df90  [g_down]
    2     0     0     0  DL      (threaded)                  [KTLS]
100017                   D       -       0xfffff80003351e80  [thr_0]
100018                   D       -       0xfffff80003351ec0  [thr_1]
   12     0     0     0  RL      (threaded)                  [intr]
100012                   I                                   [swi6: task queue]
100013                   I                                   [swi6: Giant taskq]
100016                   I                                   [swi5: fast taskq]
100019                   Run     CPU 1                       [swi4: clock (0)]
100020                   I                                   [swi4: clock (1)]
100021                   I                                   [swi1: netisr 0]
100022                   I                                   [swi3: vm]
100034                   I                                   [irq24: virtio_pci0]
100035                   I                                   [irq25: virtio_pci0]
100036                   I                                   [irq26: virtio_pci0]
100037                   I                                   [irq27: virtio_pci0]
100038                   I                                   [irq28: virtio_pci1]
100039                   I                                   [irq29: virtio_pci1]
100040                   I                                   [irq30: virtio_pci1]
100041                   I                                   [irq31: virtio_pci1]
100042                   I                                   [irq32: virtio_pci1]
100047                   I                                   [irq10: virtio_pci2]
100049                   I                                   [irq1: atkbd0]
100050                   I                                   [irq12: psm0]
100051                   I                                   [swi0: uart uart++]
100060                   I                                   [swi1: pf send]
100072                   I                                   [swi1: hpts]
100073                   I                                   [swi1: hpts]
   11     0     0     0  RL      (threaded)                  [idle]
100003                   CanRun                              [idle: cpu0]
100004                   CanRun                              [idle: cpu1]
    1     0     1     0  SLs     wait    0xfffff8000331c000  [init]
   10     0     0     0  DL      audit_w 0xffffffff82633398  [audit]
    0     0     0     0  DLs     (threaded)                  [kernel]
100000                   D       swapin  0xffffffff8250e510  [swapper]
100005                   D       -       0xfffff80003346100  [softirq_0]
100006                   D       -       0xfffff80003346000  [softirq_1]
100007                   D       -       0xfffff80003343e00  [if_io_tqg_0]
100008                   D       -       0xfffff80003343d00  [if_io_tqg_1]
100009                   D       -       0xfffff80003343c00  [if_config_tqg_0]
100010                   D       -       0xfffff8000334d100  [kqueue_ctx taskq]
100011                   D       -       0xfffff8000334d000  [aiod_kick taskq]
100014                   D       -       0xfffff8000334ec00  [in6m_free taskq]
100015                   D       -       0xfffff8000334eb00  [thread taskq]
100023                   D       -       0xfffff8000334e900  [firmware taskq]
100028                   D       -       0xfffff8000334e700  [crypto_0]
100029                   D       -       0xfffff8000334e700  [crypto_1]
100043                   D       -       0xfffff80003349d00  [vtnet0 rxq 0]
100044                   D       -       0xfffff80003349c00  [vtnet0 txq 0]
100045                   D       -       0xfffff80003349b00  [vtnet0 rxq 1]
100046                   D       -       0xfffff80003349a00  [vtnet0 txq 1]
100048                   D       vtbslp  0xfffff80003597800  [virtio_balloon]
100052                   D       -       0xfffff80003821600  [mca taskq]
100057                   D       -       0xffffffff81d4a971  [deadlkres]
100062                   D       -       0xfffff80003b74900  [acpi_task_0]
100063                   D       -       0xfffff80003b74900  [acpi_task_1]
100064                   D       -       0xfffff80003b74900  [acpi_task_2]
100065                   D       -       0xfffff8000334e500  [CAM taskq]
db> show all locks
Process 870 (syz-executor3653366) thread 0xfffffe0023b91500 (100105)
exclusive rw vm object (vm object) r = 0 (0xfffff8000c800738) locked @ /syzkaller/managers/main/kernel/sys/vm/vm_object.c:647
Process 869 (syz-executor3653366) thread 0xfffffe0025861700 (100111)
exclusive sleep mutex unp (unp) r = 0 (0xfffff80003d2f100) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_usrreq.c:880
exclusive sleep mutex unp (unp) r = 0 (0xfffff80003d2f200) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_usrreq.c:874
Process 775 (syz-executor3653366) thread 0xfffffe001cff2000 (100097)
exclusive lockmgr ufs (ufs) r = 0 (0xfffff8000c458dc0) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_subr.c:2925
Process 774 (syz-executor3653366) thread 0xfffffe002579b000 (100104)
exclusive lockmgr ufs (ufs) r = 0 (0xfffff8000c796250) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_subr.c:2925
Process 495 (syslogd) thread 0xfffffe0023bf6300 (100085)
exclusive lockmgr ufs (ufs) r = 0 (0xfffff8000c341250) locked @ /syzkaller/managers/main/kernel/sys/kern/vfs_syscalls.c:3431
Process 6 (cam) thread 0xfffffe0003843500 (100033)
exclusive sleep mutex so_rcv (so_rcv) r = 0 (0xfffffe00239ddd98) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_usrreq.c:1272
exclusive sleep mutex socket (socket) r = 0 (0xfffffe00239ddc40) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_usrreq.c:1265
shared rw unp_link_rwlock (unp_link_rwlock) r = 0 (0xffffffff8261a0b8) locked @ /syzkaller/managers/main/kernel/sys/kern/uipc_usrreq.c:1334
Process 12 (intr) thread 0xfffffe00048b4500 (100019)
exclusive sleep mutex ip6qb (ip6qb) r = 0 (0xfffffe000495cbf0) locked @ /syzkaller/managers/main/kernel/sys/netinet6/frag6.c:908
shared rw vnet_rwlock (vnet_rwlock) r = 0 (0xffffffff8261ce08) locked @ /syzkaller/managers/main/kernel/sys/netinet6/frag6.c:904
db> show malloc
              Type        InUse        MemUse     Requests
           pf_hash            5        11524K            5
            devbuf         4213         4851K         4238
          tcp_hpts            5         3201K            5
             vtbuf           24         1968K           46
         sysctloid        27849         1625K        27913
              kobj          334         1336K          493
            newblk          566         1166K         3152
          vfscache            4         1025K            4
          inodedep          129          576K          263
               pcb           21          537K           75
         ufs_quota            1          512K            1
          vfs_hash            1          512K            1
           callout            2          512K            2
              intr            4          388K            4
           subproc          119          242K          938
            acpica         1674          185K        52739
         vnet_data            1          168K            1
           pagedep           16          132K          115
        tfo_ccache            1          128K            1
               sem            4          106K            4
            DEVFS1          101          101K          110
            linker          239           96K          268
               bus          972           79K         3360
          mtx_pool            2           72K            2
          syncache            1           68K            1
          acpitask            1           64K            1
       ddb_capture            1           64K            1
            module          501           63K          501
              temp           18           33K         1534
         hostcache            1           32K            1
               shm            1           32K            1
              umtx          252           32K          252
          freefrag          240           30K          735
               msg            4           30K            4
            DEVFS3          120           30K          130
           kdtrace          158           30K         1796
        DEVFS_RULE           56           27K           56
        gtaskqueue           18           26K           18
            dirrem           93           24K          208
           CAM CCB           11           22K         2462
              vmem            3           22K            4
            kbdmux            6           22K            6
               BPF           10           18K           10
         ufs_mount            4           17K            5
              proc            3           17K            3
               tty           16           16K           16
           tidhash            1           16K            1
           ithread           98           16K           98
            bus-sc           30           14K         1439
            ifaddr           32           13K           32
          freefile          102           13K          200
            KTRACE          100           13K          100
              kenv           95           12K           99
      eventhandler          132           12K          132
         pfs_nodes           20           10K           20
              GEOM           60           10K          487
              rman           82           10K          423
         bmsafemap            2            9K          231
              UART           12            9K           12
           devstat            4            9K            4
               rpc            2            8K            2
             shmfd            1            8K            1
       pfs_vncache            1            8K            1
     audit_evclass          233            8K          291
          freework           27            7K         1391
           CAM DEV            3            6K          510
                vt           11            6K           11
              cred           21            6K          234
            sglist            5            6K            5
         CAM queue            5            6K         1528
         taskqueue           45            5K           45
       ufs_dirhash           24            5K           24
            plimit           17            5K          322
             ifnet            3            5K            3
           memdesc            1            4K            1
               MCA           32            4K           32
               UMA          248            4K          248
             evdev            4            4K            4
          filedesc            1            4K            1
           lltable           11            4K           11
          routetbl           14            4K           14
             hhook           13            4K           13
            kqueue           52            4K          873
       ether_multi           40            4K           45
          pf_ifnet            5            3K            6
         in6_multi           25            3K           25
           acpisem           22            3K           22
          terminal           11            3K           11
             mkdir           20            3K          210
           session           20            3K           31
              pgrp           20            3K           31
           uidinfo            3            3K            8
            diradd           17            3K          226
        local_apic            1            2K            1
           io_apic            1            2K            1
         ipsec-saq            2            2K            2
          indirdep            7            2K           96
            select           14            2K           14
         proc-args           39            2K          472
           CAM XPT           22            2K          543
             lockf           15            2K           22
         newdirblk           12            2K          105
            Unitno           25            2K           37
           acpidev           20            2K           20
               msi            9            2K            9
           softdep            1            1K            1
       ipsecpolicy            1            1K            1
            sahead            1            1K            1
          secasvar            1            1K            1
             clone            8            1K            8
       vnodemarker            2            1K            8
      NFSD session            1            1K            1
        CAM periph            4            1K          271
             nhops            6            1K            6
         toponodes            6            1K            6
            isadev            6            1K            6
             mount           16            1K           86
          pci_link           10            1K           10
            ip6ndp            4            1K            5
          sctp_ifa            5            1K            5
            crypto            3            1K            3
          freeblks            2            1K          298
          in_multi            2            1K            3
              pfil            4            1K            4
    chacha20random            1            1K            1
           CAM SIM            2            1K            2
             epoch            4            1K            4
              cdev            2            1K            2
 encap_export_host            8            1K            8
               osd            3            1K            9
               mld            2            1K            2
          sctp_ifn            2            1K            2
              igmp            2            1K            2
            vnodes            1            1K            1
      NFSD lckfile            1            1K            1
     NFSD V4client            1            1K            1
             DEVFS            9            1K           10
            feeder            7            1K            7
       inpcbpolicy            6            1K          222
        loginclass            3            1K            7
     CAM dev queue            2            1K            2
 CAM I/O Scheduler            1            1K            1
            apmdev            1            1K            1
          atkbddev            2            1K            2
          CAM path            4            1K         1034
           tcpfunc            2            1K            2
              ktls            1            1K            1
          sendfile            2            1K           93
          pmchooks            1            1K            1
            prison            4            1K            4
            DEVFSP            2            1K            2
            soname            4            1K         5788
          filecaps            4            1K           66
               tun            3            1K            3
          nexusdev            5            1K            5
           entropy            2            1K           39
          sctp_vrf            1            1K            1
              vnet            1            1K            1
          acpiintr            1            1K            1
               pmc            1            1K            1
              cpus            2            1K            2
    vnet_data_free            1            1K            1
           Per-cpu            1            1K            1
          p1003.1b            1            1K            1
          pf_table            0            0K            0
           pf_rule            0            0K            0
           pf_altq            0            0K            0
           pf_osfp            0            0K            0
           pf_temp            0            0K            0
            vtfont            0            0K            0
        madt_table            0            0K            2
           ath_hal            0            0K            0
            athdev            0            0K            0
           ata_pci            0            0K            0
           ata_dma            0            0K            0
       ata_generic            0            0K            0
               amr            0            0K            0
           scsi_da            0            0K           69
            pvscsi            0            0K            0
          smartpqi            0            0K            0
            ata_da            0            0K            0
           scsi_ch            0            0K            0
           scsi_cd            0            0K            0
            USBdev            0            0K            0
               USB            0            0K            0
       AHCI driver            0            0K            0
               agp            0            0K            0
              iavf            0            0K            0
               ixl            0            0K            0
           nvme_da            0            0K            0
           acpipwr            0            0K            0
            twsbuf            0            0K            0
      twe_commands            0            0K            0
      twa_commands            0            0K            0
       tcp_log_dev            0            0K            0
        ice-resmgr            0            0K            0
         ice-osdep            0            0K            0
               ice            0            0K            0
       fpukern_ctx            0            0K            0
      midi buffers            0            0K            0
          xen_intr            0            0K            0
             mixer            0            0K            0
           xen_hvm            0            0K            0
         legacydrv            0            0K            0
            qpidrv            0            0K            0
              ac97            0            0K            0
             hdacc            0            0K            0
      dmar_idpgtbl            0            0K            0
          dmar_dom            0            0K            0
          dmar_ctx            0            0K            0
       dmar_dmamap            0            0K            0
              hdac            0            0K            0
              hdaa            0            0K            0
         acpi_perf            0            0K            0
              isci            0            0K            0
     hyperv_socket            0            0K            0
           bxe_ilt            0            0K            0
            xenbus            0            0K            0
         acpicmbat            0            0K            0
       SIIS driver            0            0K            0
     vm_fictitious            0            0K            0
               PUC            0            0K            0
          ppbusdev            0            0K            0
agtiapi_MemAlloc malloc            0            0K            0
    osti_cacheable            0            0K            0
          tempbuff            0            0K            0
          tempbuff            0            0K            0
           UMAHash            0            0K            0
ag_tgt_map_t malloc            0            0K            0
ag_slr_map_t malloc            0            0K            0
         vm_pgdata            0            0K            0
           jblocks            0            0K            0
          savedino            0            0K           13
          sentinel            0            0K            0
            jfsync            0            0K            0
            jtrunc            0            0K            0
             sbdep            0            0K            3
           jsegdep            0            0K            0
              jseg            0            0K            0
         jfreefrag            0            0K            0
          jfreeblk            0            0K            0
           jnewblk            0            0K            0
            jmvref            0            0K            0
           jremref            0            0K            0
           jaddref            0            0K            0
           freedep            0            0K            0
        allocindir            0            0K            0
       allocdirect            0            0K            0
          ufs_trim            0            0K            0
           mactemp            0            0K            0
     audit_trigger            0            0K            0
 audit_pipe_presel            0            0K            0
     audit_pipeent            0            0K            0
        audit_pipe            0            0K            0
      audit_evname            0            0K            0
         audit_bsm            0            0K            0
      audit_gidset            0            0K            0
        audit_text            0            0K            0
        audit_path            0            0K            0
        audit_data            0            0K            0
        audit_cred            0            0K            0
             xform            0            0K            0
               NLM            0            0K            0
    ipsec-spdcache            0            0K            0
         ipsec-reg            0            0K            0
        ipsec-misc            0            0K            0
      ipsecrequest            0            0K            0
            ip6opt            0            0K            3
       ip6_msource            0            0K            0
      ip6_moptions            0            0K            0
       in6_mfilter            0            0K            0
             frag6            0            0K            0
            tcplog            0            0K            0
lDevFlags * malloc            0            0K            0
               LRO            0            0K            0
        sctp_mcore            0            0K            0
        sctp_socko            0            0K            0
         sctp_iter            0            0K            3
         sctp_mvrf            0            0K            0
         sctp_timw            0            0K            0
         sctp_cpal            0            0K            0
         sctp_cmsg            0            0K            0
         sctp_stre            0            0K            0
         sctp_athi            0            0K            0
         sctp_athm            0            0K            0
         sctp_atky            0            0K            0
         sctp_atcl            0            0K            0
         sctp_a_it            0            0K            3
         sctp_aadr            0            0K            0
         sctp_stro            0            0K            0
         sctp_stri            0            0K            0
          sctp_map            0            0K            0
      newreno data            0            0K            0
        ip_msource            0            0K            0
       ip_moptions            0            0K            0
        in_mfilter            0            0K            0
              ipid            0            0K            0
         80211scan            0            0K            0
      80211ratectl            0            0K            0
        80211power            0            0K            0
       80211nodeie            0            0K            0
         80211node            0            0K            0
      80211mesh_gt            0            0K            0
      80211mesh_rt            0            0K            0
         80211perr            0            0K            0
         80211prep            0            0K            0
         80211preq            0            0K            0
          80211dfs            0            0K            0
       80211crypto            0            0K            0
          80211vap            0            0K            0
             iflib            0            0K            0
              vlan            0            0K            0
               gif            0            0K            0
           ifdescr            0            0K            0
              zlib            0            0K            0
           fadvise            0            0K            0
tiDeviceHandle_t * malloc            0            0K            0
            statfs            0            0K          287
       export_host            0            0K            0
        cl_savebuf            0            0K          359
ag_portal_data_t malloc            0            0K            0
ag_device_t malloc            0            0K            0
     STLock malloc            0            0K            0
          CCB List            0            0K            0
            sr_iov            0            0K            0
               OCS            0            0K            0
               OCS            0            0K            0
              nvme            0            0K            0
               nvd            0            0K            0
            netmap            0            0K            0
            mwldev            0            0K            0
        MVS driver            0            0K            0
     CAM ccb queue            0            0K            0
          mrsasbuf            0            0K            0
          mpt_user            0            0K            0
          mps_user            0            0K            0
            biobuf            0            0K            0
              aios            0            0K            0
               lio            0            0K            0
               acl            0            0K            0
            MPSSAS            0            0K            0
          mbuf_tag            0            0K           25
              accf            0            0K            0
               pts            0            0K            0
               iov            0            0K        13254
          ioctlops            0            0K           85
           Witness            0            0K            0
             stack            0            0K            0
               mps            0            0K            0
          mpr_user            0            0K            0
            MPRSAS            0            0K            0
               mpr            0            0K            0
            mfibuf            0            0K            0
        md_sectors            0            0K            0
              sbuf            0            0K          288
           md_disk            0            0K            0
        compressor            0            0K            0
           malodev            0            0K            0
              SWAP            0            0K            0
               LED            0            0K            0
         sysctltmp            0            0K          574
            sysctl            0            0K            1
              ekcd            0            0K            0
            dumper            0            0K            0
              rctl            0            0K            0
          ix_sriov            0            0K            0
        aacraidcam            0            0K            0
                ix            0            0K            0
            ipsbuf            0            0K            0
            iirbuf            0            0K            0
             cache            0            0K            0
       aacraid_buf            0            0K            0
          kcovinfo            0            0K            0
      prison_racct            0            0K            0
       Fail Points            0            0K            0
             sigio            0            0K            1
filedesc_to_leader            0            0K            0
               pwd            0            0K            0
       tty console            0            0K            0
            aaccam            0            0K            0
            aacbuf            0            0K            0
              zstd            0            0K            0
            nvlist            0            0K            0
          SCSI ENC            0            0K            0
           SCSI sa            0            0K            0
        isofs_node            0            0K            0
       isofs_mount            0            0K            0
     tr_raid5_data            0            0K            0
    tr_raid1e_data            0            0K            0
     tr_raid1_data            0            0K            0
     tr_raid0_data            0            0K            0
    tr_concat_data            0            0K            0
       md_sii_data            0            0K            0
   md_promise_data            0            0K            0
    md_nvidia_data            0            0K            0
   md_jmicron_data            0            0K            0
     md_intel_data            0            0K            0
       md_ddf_data            0            0K            0
         raid_data            0            0K           72
     geom_flashmap            0            0K            0
           NFS FHA            0            0K            0
         newnfsmnt            0            0K            0
  newnfsclient_req            0            0K            0
   NFSCL layrecall            0            0K            0
     NFSCL session            0            0K            0
     NFSCL sockreq            0            0K            0
     NFSCL devinfo            0            0K            0
     NFSCL flayout            0            0K            0
      NFSCL layout            0            0K            0
     NFSD rollback            0            0K            0
NFSCL diroffdiroff            0            0K            0
       NEWdirectio            0            0K            0
        NEWNFSnode            0            0K            0
         NFSCL lck            0            0K            0
      NFSCL lckown            0            0K            0
      NFSCL client            0            0K            0
       NFSCL deleg            0            0K            0
        NFSCL open            0            0K            0
       NFSCL owner            0            0K            0
            NFS fh            0            0K            0
           NFS req            0            0K            0
     NFSD usrgroup            0            0K            0
       NFSD string            0            0K            0
       NFSD V4lock            0            0K            0
      NFSD V4state            0            0K            0
     NFSD srvcache            0            0K            0
       msdosfs_fat            0            0K            0
     msdosfs_mount            0            0K            0
      msdosfs_node            0            0K            0
            DEVFS4            0            0K            0
            DEVFS2            0            0K            0
            gntdev            0            0K            0
       privcmd_dev            0            0K            0
        evtchn_dev            0            0K            0
          xenstore            0            0K            0
         scsi_pass            0            0K            0
         ciss_data            0            0K            0
               xnb            0            0K            0
              xbbd            0            0K            0
               xbd            0            0K            0
           Balloon            0            0K            0
          sysmouse            0            0K            0
db> show uma
              Zone   Size    Used    Free    Requests  Sleeps  Bucket  Total Mem    XFree
      mbuf_cluster   2048    9018     126        9018       0     254   18726912        0
       mbuf_packet    256    8192     698       25317       0     254    2275840        0
               512    512    4248      48        4569       0      30    2199552        0
          BUF TRIE    144     177   13319        1563       0      62    1943424        0
              4096   4096     335       1         494       0       2    1376256        0
               128    128    9429     181        9512       0     126    1230080        0
   mbuf_jumbo_page   4096       0     254          10       0     254    1040384        0
              pbuf    832       0     907           0       0       2     754624        0
       UMA Slabs 0    112    6241      17        6241       0     126     700896        0
             tcpcb   1032       3     514           7       0     254     533544        0
            socket    904      17     496        1440       0     254     463752        0
             65536  65536       6       0           6       0       1     393216        0
        RADIX NODE    144    2216     217       22653       0      62     350352        0
        256 Bucket   2048     123      21         362       0       8     294912        0
             VNODE    488     527      73         729       0      30     292800        0
         VM OBJECT    264     947      73       13385       0      30     269280        0
              4096   4096      59       5         880       0       2     262144        0
     udplite_inpcb    488       0     512          93       0     254     249856        0
         tcp_inpcb    488       3     509           7       0     254     249856        0
         udp_inpcb    488       2     510         118       0     254     249856        0
               256    256     757     188        4256       0      62     241920        0
            THREAD   1776     112      14         112       0       8     223776        0
                64     64    3149     190        3393       0     254     213696        0
              mbuf    256     387     383        2144       0     254     197120        0
                16     16   11891     359       12996       0     254     196000        0
               128    128    1173     222       24013       0     126     178560        0
         UMA Zones    768     222       4         222       0      16     173568        0
                32     32    4435     479        5240       0     254     157248        0
              1024   1024     125      19         134       0      16     147456        0
               128    128     983     164        7500       0     126     146816        0
       FFS2 dinode    256     498      72         698       0      62     145920        0
             65536  65536       0       2          43       0       1     131072        0
             65536  65536       2       0           2       0       1     131072        0
             65536  65536       1       1         113       0       1     131072        0
             65536  65536       0       2           8       0       1     131072        0
              2048   2048      16      48        3421       0       8     131072        0
             unpcb    256      10     500        1201       0     254     130560        0
             ripcb    488       1     255           4       0     254     124928        0
         MAP ENTRY     96     906     354       38454       0     126     120960        0
          ksiginfo    112      43    1001          59       0     126     116928        0
         vmem btag     56    1791     284        1791       0     254     116200        0
           VMSPACE   2536      29      13         849       0       4     106512        0
         FFS inode    160     498      77         698       0      62      92000        0
              4096   4096      19       3          33       0       2      90112        0
              PROC   1312      51      15         870       0       8      86592        0
        128 Bucket   1024      42      41         244       0      16      84992        0
         filedesc0   1088      51      26         871       0       8      83776        0
          UMA Kegs    384     208       7         208       0      30      82560        0
              8192   8192       7       3          35       0       1      81920        0
       S VFS Cache    108     590     166        1298       0     126      81648        0
               512    512     121      31         748       0      30      77824        0
             g_bio    408      45     135        7499       0      30      73440        0
              1024   1024       5      63         290       0      16      69632        0
                64     64     515     556        1548       0     254      68544        0
               128    128     356     171        1090       0     126      67456        0
             32768  32768       1       1         113       0       1      65536        0
               256    256     179      76        1306       0      62      65280        0
               256    256      62     193        1938       0      62      65280        0
         64 Bucket    512      67      37         559       0      30      53248        0
            vnpbuf    832       2      60          92       0      62      51584        0
               256    256     132      63         429       0      62      49920        0
         32 Bucket    256      33     162         424       0      62      49920        0
           DIRHASH   1024      34      14          34       0      16      49152        0
             NAMEI   1024       0      48       12216       0      16      49152        0
             16384  16384       3       0           3       0       1      49152        0
             16384  16384       2       1           3       0       1      49152        0
              8192   8192       5       1           7       0       1      49152        0
          syncache    168       0     264           5       0     254      44352        0
              8192   8192       4       1          85       0       1      40960        0
            clpbuf    832       5      43         538       0      16      39936        0
              pipe    760       7      43         280       0      16      38000        0
             selfd     64      29     538        6304       0     254      36288        0
                64     64      45     522         273       0     254      36288        0
                64     64      35     532       12763       0     254      36288        0
                64     64      94     473        1054       0     254      36288        0
                64     64      54     513         875       0     254      36288        0
                64     64     190     377         607       0     254      36288        0
                64     64      93     474          93       0     254      36288        0
               128    128      59     220         219       0     126      35712        0
               128    128      21     258          31       0     126      35712        0
               128    128      86     193         489       0     126      35712        0
               128    128      53     226          53       0     126      35712        0
     routing nhops    256       8     127          18       0      62      34560        0
           ttyoutq    256      72      63         160       0      62      34560        0
               256    256      15     120          91       0      62      34560        0
               256    256      28     107         448       0      62      34560        0
               256    256      23     112        1279       0      62      34560        0
               256    256       2     133           3       0      62      34560        0
             32768  32768       1       0           1       0       1      32768        0
             32768  32768       1       0           1       0       1      32768        0
              2048   2048       2      14           2       0       8      32768        0
              2048   2048       7       9           7       0       8      32768        0
              2048   2048       2      14          16       0       8      32768        0
              2048   2048       6      10           6       0       8      32768        0
              1024   1024       3      29           7       0      16      32768        0
              1024   1024       3      29         889       0      16      32768        0
              1024   1024       7      25           7       0      16      32768        0
              1024   1024      11      21          11       0      16      32768        0
               512    512       1      63          19       0      30      32768        0
               512    512      14      50          14       0      30      32768        0
               512    512      20      44          27       0      30      32768        0
               512    512      10      54          10       0      30      32768        0
     mt_stats_zone     64     442      70         442       0     254      32768        0
           64 pcpu      8    3393     703        3395       0     254      32768        0
         16 Bucket    144      47     177         360       0      62      32256        0
            ttyinq    160     135      65         300       0      62      32000        0
            cpuset    104       7     272           7       0     126      29016        0
              4096   4096       2       5         739       0       2      28672        0
        sctp_laddr     48       0     588           4       0     254      28224        0
         hostcache     96       1     293           1       0     254      28224        0
          4 Bucket     48       7     581        4595       0     254      28224        0
        KMAP ENTRY     96      12     279          12       0     126      27936        0
           rtentry    208      14     119          18       0      62      27664        0
         TURNSTILE    136     127      62         127       0      62      25704        0
              4096   4096       5       1           8       0       2      24576        0
          rl_entry     40      36     570          36       0     254      24240        0
          8 Bucket     80      43     257        8518       0     126      24000        0
       Mountpoints   2816       2       6           2       0       4      22528        0
        SLEEPQUEUE     88     127     129         127       0     126      22528        0
               512    512      23      17         344       0      30      20480        0
             udpcb     32       2     628         211       0     254      20160        0
               PWD     32      14     616         195       0     254      20160        0
             Files     72      74     206        6859       0     126      20160        0
                32     32      33     597         177       0     254      20160        0
                32     32      36     594          62       0     254      20160        0
                32     32     336     294        1194       0     254      20160        0
                32     32      33     597         252       0     254      20160        0
                32     32      21     609          90       0     254      20160        0
                32     32      50     580        3681       0     254      20160        0
                32     32       5     625           5       0     254      20160        0
          2 Bucket     32      41     589        9858       0     254      20160        0
          procdesc    136       1     144           6       0      62      19720        0
 epoch_record pcpu    256       4      60           4       0      62      16384        0
             16384  16384       1       0           1       0       1      16384        0
             16384  16384       0       1         136       0       1      16384        0
             16384  16384       1       0           1       0       1      16384        0
             16384  16384       1       0           1       0       1      16384        0
              8192   8192       2       0           2       0       1      16384        0
              2048   2048       2       6           2       0       8      16384        0
              2048   2048       3       5           3       0       8      16384        0
              1024   1024       8       8           9       0      16      16384        0
              1024   1024       1      15           1       0      16      16384        0
               512    512       1      31           2       0      30      16384        0
      vtnet_tx_hdr     24       0     668        1000       0     254      16032        0
           mt_zone     24     442     226         442       0     254      16032        0
               MAP    216       2      69           2       0      62      15336        0
              vmem   1856       1       7           1       0       8      14848        0
             KNOTE    160       0      75           7       0      62      12000        0
                16     16       0     750           5       0     254      12000        0
                16     16      13     737          46       0     254      12000        0
                16     16      58     692         591       0     254      12000        0
                16     16      13     737         134       0     254      12000        0
                16     16     260     490       24182       0     254      12000        0
                16     16      10     740          10       0     254      12000        0
              8192   8192       1       0           1       0       1       8192        0
              8192   8192       1       0           1       0       1       8192        0
              4096   4096       1       1           1       0       2       8192        0
           SMR CPU     32       1     254           1       0     254       8160        0
                16     16       0     500           7       0     254       8000        0
        SMR SHARED     24       1     254           1       0     254       6120        0
              2048   2048       0       2          32       0       8       4096        0
       UMA Slabs 1    176       8      14           8       0      62       3872        0
          int pcpu      4      34     478          34       0     254       2048        0
       FFS1 dinode    128       0       0           0       0     126          0        0
             swblk    136       0       0           0       0      62          0        0
          swpctrie    144       0       0           0       0      62          0        0
   pf state scrubs     40       0       0           0       0     254          0        0
   pf frag entries     40       0       0           0       0     254          0        0
          pf frags    256       0       0           0       0      62          0        0
  pf table entries    160       0       0           0       0      62          0        0
pf table entry counters     64       0       0           0       0     254          0        0
   pf source nodes    136       0       0           0       0     254          0        0
     pf state keys     88       0       0           0       0     126          0        0
         pf states    296       0       0           0       0     254          0        0
           pf tags    104       0       0           0       0     126          0        0
          pf mtags     48       0       0           0       0     254          0        0
       tcp_bbr_pcb    832       0       0           0       0      16          0        0
       tcp_bbr_map    128       0       0           0       0     126          0        0
    IPsec SA lft_c     16       0       0           0       0     254          0        0
   sctp_asconf_ack     48       0       0           0       0     254          0        0
       sctp_asconf     40       0       0           0       0     254          0        0
sctp_stream_msg_out    112       0       0           0       0     254          0        0
        sctp_readq    152       0       0           0       0     254          0        0
        sctp_chunk    152       0       0           0       0     254          0        0
        sctp_raddr    736       0       0           0       0     254          0        0
         sctp_asoc   2288       0       0           0       0     254          0        0
           sctp_ep   1280       0       0           0       0     254          0        0
      tcp_log_node    120       0       0           0       0     126          0        0
    tcp_log_bucket    184       0       0           0       0      62          0        0
           tcp_log    408       0       0           0       0     254          0        0
          tcpreass     48       0       0           0       0     254          0        0
tfo_ccache_entries     80       0       0           0       0     126          0        0
               tfo      4       0       0           0       0     254          0        0
          sackhole     32       0       0           0       0     254          0        0
             tcptw     88       0       0           0       0     254          0        0
               ipq     56       0       0           0       0     254          0        0
            itimer    352       0       0           0       0      30          0        0
            AIOLIO    280       0       0           0       0      30          0        0
             AIOCB    752       0       0           0       0      16          0        0
              AIOP     32       0       0           0       0     254          0        0
               AIO    208       0       0           0       0      62          0        0
           NCLNODE    592       0       0           0       0      16          0        0
     LTS VFS Cache    368       0       0           0       0      30          0        0
       L VFS Cache    328       0       0           0       0      30          0        0
     STS VFS Cache    148       0       0           0       0      62          0        0
             rentr     24       0       0           0       0     254          0        0
         VNODEPOLL    120       0       0           0       0     126          0        0
    crypto_session     72       0       0           0       0     126          0        0
           cryptop    272       0       0           0       0      30          0        0
      nvme_request    128       0       0           0       0     126          0        0
     FPU_save_area    832       0       0           0       0      16          0        0
    DMAR_MAP_ENTRY    128       0       0           0       0     126          0        0
      ktls_session    192       0       0           0       0      62          0        0
    mbuf_jumbo_16k  16384       0       0           0       0     254          0        0
     mbuf_jumbo_9k   9216       0       0           0       0     254          0        0
      audit_record   1280       0       0           0       0       8          0        0
         domainset     40       0       0           0       0     254          0        0
        MAC labels     40       0       0           0       0     254          0        0
            mdpbuf    832       0       0           0       0       4          0        0
           nfspbuf    832       0       0           0       0      16          0        0
            swwbuf    832       0       0           0       0       8          0        0
            swrbuf    832       0       0           0       0      16          0        0
          umtx_shm     88       0       0           0       0     126          0        0
           umtx pi     96       0       0           0       0     126          0        0
rangeset pctrie nodes    144       0       0           0       0      62          0        0
             65536  65536       0       0           0       0       1          0        0
             65536  65536       0       0           0       0       1          0        0
             65536  65536       0       0           0       0       1          0        0
             32768  32768       0       0           0       0       1          0        0
             32768  32768       0       0           0       0       1          0        0
             32768  32768       0       0           0       0       1          0        0
             32768  32768       0       0           0       0       1          0        0
             32768  32768       0       0           0       0       1          0        0
             16384  16384       0       0           0       0       1          0        0
             16384  16384       0       0           0       0       1          0        0
              8192   8192       0       0           0       0       1          0        0
              8192   8192       0       0           0       0       1          0        0
              4096   4096       0       0           0       0       2          0        0
              4096   4096       0       0           0       0       2          0        0
            fakepg    104       0       0           0       0     126          0        0
          UMA Hash    256       0       0           0       0      62          0        0

Crashes (5):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-freebsd-main 2020/06/07 10:48 freebsd 3e9c80660666 2c2b926c console log report syz C
ci-freebsd-main 2020/07/05 07:28 freebsd fc498f7385bd 695ef2dd console log report
ci-freebsd-main 2020/06/25 10:52 freebsd f64b25b13f1d 9d60b18e console log report
ci-freebsd-main 2020/06/13 17:07 freebsd 430cfd638e7d dbce178a console log report
ci-freebsd-main 2020/06/07 10:15 freebsd 3e9c80660666 2c2b926c console log report
* Struck through repros no longer work on HEAD.