login: kernel: protection fault trap, code=0
Stopped at in_pcb_iterator+0x13b: movq %rcx,0x8(%rdx)
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
the kernel did not panic
ddb{0}> trace
in_pcb_iterator(ffffffff83a21fe0,fffffd806f4c3148,ffff80003ac07048) at in_pcb_iterator+0x13b sys/netinet/in_pcb.c:699
sysctl_file(ffff80003ac07348,4,0,ffff80003ac07378,ffff80003c4a2d08) at sysctl_file+0xcb9 sys/kern/kern_sysctl.c:-1
kern_sysctl(ffff80003ac07344,5,0,ffff80003ac07378,0,0,4940cb46508e2be2) at kern_sysctl+0x167 sys/kern/kern_sysctl.c:526
sys_sysctl(ffff80003c4a2d08,ffff80003ac074b0,ffff80003ac07400) at sys_sysctl+0x3f2 sys/kern/kern_sysctl.c:-1
syscall(ffff80003ac074b0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003ac074b0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6a9becaa0f0, count: -6
ddb{0}> show registers
rdi 0xffff80002b3d4000
rsi 0x21b
rbp 0xffff80003ac07020
rbx 0
rdx 0xfcc23c0228444726
rcx 0xffff80003ac07050
rax 0xfffffd806f4c3528
r8 0xffffffff
r9 0
r10 0x9aa51e225547de31
r11 0x6a116af1327e40a1
r12 0xfffffd806f4c3148
r13 0xfffffd806f4c3520
r14 0xffffffff83a22018 tcbtable+0x38
r15 0xffff80003ac07048
rip 0xffffffff815d510b in_pcb_iterator+0x13b
cs 0x8
rflags 0x10286 __ALIGN_SIZE+0xf286
rsp 0xffff80003ac06fb0
ss 0x10
in_pcb_iterator+0x13b: movq %rcx,0x8(%rdx)
ddb{0}> show proc
PROC (syz-executor) tid=328024 pid=9260 tcnt=3 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=86, usrpri=86, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80003c41acf8,0xffff80003c4a3238
process=0xffff80003c4a4eb0 user=0xffff80003ac02000, vmspace=0xfffffd806b7c9998
estcpu=36, cpticks=3, pctcpu=0.0, user=0, sys=3, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
44947 145259 99800 0 2 0 syz-executor
67817 434485 76894 0 7 0 syz-executor
67817 465065 76894 0 2 0x4000000 syz-executor
9260 158434 45782 0 2 0 syz-executor
9260 187567 45782 0 3 0x4000080 kqsel syz-executor
* 9260 328024 45782 0 7 0x4000000 syz-executor
41195 502898 7454 0 3 0x80 nanoslp syz-executor
41195 76269 7454 0 3 0x4000080 fsleep syz-executor
41195 417726 7454 0 3 0x4000080 lockf syz-executor
41195 106511 7454 0 3 0x4000080 fsleep syz-executor
41195 70113 7454 0 3 0x4000080 fsleep syz-executor
96490 83537 0 0 3 0x14200 acct acct
90866 289694 1 0 3 0x100083 ttyin getty
76894 211293 56106 0 3 0x82 nanoslp syz-executor
87141 163783 56106 0 3 0x82 nanoslp syz-executor
42506 176145 56106 0 3 0x82 nanoslp syz-executor
74842 261772 0 0 3 0x14200 bored sosplice
5949 56010 56106 0 3 0x82 wait syz-executor
7454 488077 56106 0 3 0x82 nanoslp syz-executor
50383 139790 56106 0 2 0x2 syz-executor
45782 139657 56106 0 3 0x82 nanoslp syz-executor
99800 492926 56106 0 3 0x82 nanoslp syz-executor
56106 163046 54991 0 3 0x82 kqread syz-executor
54991 71832 48978 0 3 0x10008a sigsusp ksh
48978 386391 38885 0 3 0x98 kqread sshd-session
38885 179655 51169 0 3 0x92 kqread sshd-session
51169 234729 1 0 3 0x88 kqread sshd
29301 87732 41966 74 3 0x1100092 bpf pflogd
41966 16771 1 0 3 0x80 sbwait pflogd
18813 477528 61264 73 3 0x1100090 kqread syslogd
61264 105226 1 0 3 0x100082 sbwait syslogd
53429 322645 1 0 3 0x100080 kqread resolvd
88548 157225 72205 77 3 0x100092 kqread dhcpleased
2108 494412 72205 77 3 0x100092 kqread dhcpleased
72205 504656 1 0 3 0x80 kqread dhcpleased
14627 108366 0 0 3 0x14200 bored smr
67679 352673 0 0 2 0x14200 zerothread
74685 309591 0 0 3 0x14200 aiodoned aiodoned
34073 514183 0 0 3 0x14200 syncer update
61803 279314 0 0 3 0x14200 cleaner cleaner
55137 2829 0 0 3 0x14200 reaper reaper
39475 178622 0 0 3 0x14200 pgdaemon pagedaemon
70073 16102 0 0 3 0x14200 bored viomb
94935 5545 0 0 3 0x40014200 acpi0 acpi0
11316 100552 0 0 3 0x40014200 idle1
1755 156422 0 0 3 0x14200 bored softnet3
31775 374133 0 0 3 0x14200 bored softnet2
62475 151589 0 0 3 0x14200 bored softnet1
2851 179 0 0 3 0x14200 bored softnet0
72160 296739 0 0 3 0x14200 bored systqmp
5905 61948 0 0 3 0x14200 bored systq
3584 279699 0 0 3 0x14200 tmoslp softclockmp
41784 235786 0 0 3 0x40014200 tmoslp softclock
91601 511448 0 0 3 0x40014200 idle0
1 112584 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{0}> show all locks
CPU 0:
exclusive mutex &table->inpt_mtx r = 0 (0xffffffff83a21ff0)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 mtx_enter_try+0x1ad sys/kern/kern_lock.c:298
#2 mtx_enter+0x62 sys/kern/kern_lock.c:255
#3 sysctl_file+0xa52 sys/kern/kern_sysctl.c:-1
#4 kern_sysctl+0x167 sys/kern/kern_sysctl.c:526
#5 sys_sysctl+0x3f2 sys/kern/kern_sysctl.c:-1
#6 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#6 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579
#7 Xsyscall+0x128
Process 50383 (syz-executor) thread 0xffff80002a2bb208 (139790)
exclusive rwlock vmmaplk r = 0 (0xfffffd806b7c9c78)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x377 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0x12e sys/uvm/uvm_map.c:5168
#3 uvmspace_fork+0x12b sys/uvm/uvm_map.c:3738
#4 process_new+0x572 sys/kern/kern_fork.c:284
#5 fork1+0x3ea sys/kern/kern_fork.c:410
#6 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#6 syscall+0xb08 sys/arch/amd64/amd64/trap.c:579
#7 Xsyscall+0x128
exclusive rwlock vmmaplk r = 0 (0xfffffd800b026a60)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x377 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0x12e sys/uvm/uvm_map.c:5168
#3 uvmspace_fork+0x44 sys/uvm/uvm_map.c:3729
#4 process_new+0x572 sys/kern/kern_fork.c:284
#5 fork1+0x3ea sys/kern/kern_fork.c:410
#6 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#6 syscall+0xb08 sys/arch/amd64/amd64/trap.c:579
#7 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10227 11075K 11887K 166960K 15553 0
pcb 17 14K 17K 166960K 714 0
rtable 175 11K 13K 166960K 807 0
pf 39 18K 82K 166960K 289 0
ifaddr 35 6K 8K 166960K 170 0
ifgroup 57 2K 3K 166960K 297 0
sysctl 4 1K 9K 166960K 31 0
counters 70 37K 38K 166960K 324 0
ioctlops 0 0K 4K 166960K 2036 0
iov 0 0K 28K 166960K 319 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1507 95K 95K 166960K 3980 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 50 0
VM map 2 1K 1K 166960K 2 0
sem 21 21K 37K 166960K 65 0
dirhash 15 2K 3K 166960K 57 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 18 65K 236K 166960K 2832 0
sigio 0 0K 0K 166960K 58 0
proc 74 91K 128K 166960K 960 0
subproc 72 4K 4K 166960K 103 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 362 0
in_multi 52 3K 7K 166960K 246 0
ether_multi 1 0K 0K 166960K 17 0
mrt 0 0K 0K 166960K 35 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 133 599K 599K 166960K 133 0
exec 0 0K 1K 166960K 872 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 4 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 247 185K 193K 166960K 27459 0
UVM aobj 69 5K 5K 166960K 77 0
pinsyscall 43 86K 105K 166960K 4027 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 135 0
NDP 13 0K 1K 166960K 115 0
temp 85 8697K 8824K 166960K 116115 0
kqueue 13 20K 33K 166960K 503 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 401 0 398 5 4 1 3 0 8 0
rtentry 176 255 0 189 5 0 5 5 0 8 0
unpcb 144 1550 0 1533 11 9 2 6 0 8 1
syncache 336 15 0 15 7 6 1 1 0 8 1
tcpqe 32 2 0 2 1 1 0 1 0 8 0
tcpcb 736 1026 0 1020 24 20 4 7 0 8 3
arp 128 46 0 29 1 0 1 1 0 8 0
inpcb 328 3116 0 3108 29 23 6 12 0 8 4
pool(inpcb): free list modified: page 0xfffffd806f4c3000; item ordinal 0; addr 0xfffffd806f4c3520 (p 0xfffffd806f4c3000); offset 0x0=0x6f4c3150
nd6 144 44 0 34 1 0 1 1 0 8 0
pkpcb 40 94 0 94 6 5 1 1 0 8 1
kcovpl 48 11 0 3 1 0 1 1 0 8 0
mppekey 1024 1 0 1 1 1 0 1 0 8 0
ppxss 1192 95 0 94 4 3 1 1 0 8 0
pppxif 1504 16 0 16 5 4 1 1 0 8 1
pfstscr 40 4 0 3 2 1 1 1 0 8 0
pffrag 232 17 0 10 1 0 1 1 0 482 0
pffrnode 88 16 0 10 1 0 1 1 0 8 0
pffrent 40 33 0 26 1 0 1 1 0 8 0
pfosfp 40 1429 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1429 0 714 21 0 21 21 0 8 0
pfrktable 1344 2 0 0 1 0 1 1 0 8 0
pfanchor 1288 1 0 0 1 0 1 1 0 8 0
pftag 88 2 0 0 1 0 1 1 0 8 0
pfstitem 24 148 0 63 1 0 1 1 0 8 0
pfstkey 128 151 0 66 3 0 3 3 0 8 0
pfstate 384 150 0 66 9 0 9 9 0 8 0
pfrule 1344 33 0 21 2 1 1 2 0 8 0
rttmr 136 11 0 11 7 7 0 1 0 8 0
art_heap8 4096 4 0 1 4 1 3 3 0 8 0
art_heap4 256 1129 0 859 32 6 26 30 0 8 3
art_table 32 1133 0 860 4 0 4 4 0 8 0
art_node 16 242 0 193 1 0 1 1 0 8 0
sysvmsgpl 40 3 0 2 1 0 1 1 0 8 0
semapl 112 55 0 36 1 0 1 1 0 8 0
shmpl 112 74 0 8 2 0 2 2 0 8 0
dirhash 1024 47 0 28 3 0 3 3 0 8 0
dino2pl 256 6635 0 5124 95 0 95 95 0 8 0
ffsino 288 6635 0 5124 109 0 109 109 0 8 0
nchpl 144 10566 0 8867 64 0 64 64 0 8 0
rtmask 32 17 0 17 5 4 1 1 0 8 1
uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0
vnodes 216 5926 0 0 330 0 330 330 0 8 0
namei 1024 37019 0 37018 5 4 1 2 0 8 0
percpumem 16 177 0 127 1 0 1 1 0 8 0
kstatmem 264 188 0 158 6 3 3 3 0 8 0
acpiwqpl 32 1 0 1 1 0 1 1 1 8 1
scsiplug 72 13 0 13 6 5 1 1 0 8 1
scxspl 216 33799 0 33799 14 13 1 8 1 8 1
plimitpl 152 665 0 647 1 0 1 1 0 8 0
sigapl 424 3148 0 3096 10 3 7 9 0 8 0
knotepl 120 541 0 0 17 0 17 17 0 8 0
kqueuepl 224 1003 0 993 7 6 1 4 0 8 0
pipepl 336 497 0 470 10 7 3 8 0 8 0
fdescpl 520 3104 0 3072 3 0 3 3 0 8 0
filepl 160 21016 0 20796 37 24 13 19 0 8 2
lockfpl 104 1054 0 1050 1 0 1 1 0 8 0
lockfspl 48 430 0 427 1 0 1 1 0 8 0
sessionpl 144 36 0 27 1 0 1 1 0 8 0
pgrppl 48 79 0 62 1 0 1 1 0 8 0
ucredpl 104 3421 0 3408 1 0 1 1 0 8 0
zombiepl 144 3691 0 3688 2 1 1 1 0 8 0
processpl 1240 3148 0 3096 6 0 6 6 0 8 0
procpl 656 7560 0 7501 8 1 7 8 0 8 0
srpgc 96 24 0 24 5 4 1 1 0 8 1
sosppl 168 10 0 10 4 3 1 1 0 8 1
sockpl 728 5297 0 5268 40 31 9 16 0 8 5
mcl64k 65536 5 0 0 1 0 1 1 0 8 0
mcl12k 12288 1 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 2 0 0 1 0 1 1 0 8 0
mcl4k 4096 118 0 0 15 0 15 15 0 8 0
mcl2k2 2112 2 0 0 1 0 1 1 0 8 0
mcl2k 2048 33 0 0 4 0 4 4 0 8 0
mtagpl 96 38 0 0 1 0 1 1 0 8 0
mbufpl 256 1188 0 0 75 0 75 75 0 8 0
bufpl 280 8810 0 2668 440 0 440 440 0 8 0
anonpl 32 11737 0 0 96 1 95 96 0 246 0
amapchunkpl 152 94350 0 93739 73 42 31 37 0 158 3
amappl16 200 7459 0 7384 63 47 16 21 0 8 8
amappl15 192 3 0 3 1 1 0 1 0 8 0
amappl14 184 140 0 127 1 0 1 1 0 8 0
amappl13 176 34 0 34 1 1 0 1 0 8 0
amappl12 168 3803 0 3771 3 1 2 2 0 8 0
amappl11 160 70 0 56 1 0 1 1 0 8 0
amappl10 152 8 0 7 1 0 1 1 0 8 0
amappl9 144 252 0 251 3 2 1 1 0 8 0
amappl8 136 23 0 20 1 0 1 1 0 8 0
amappl7 128 122 0 109 1 0 1 1 0 8 0
amappl6 120 220 0 217 1 0 1 1 0 8 0
amappl5 112 136 0 126 1 0 1 1 0 8 0
amappl4 104 363 0 343 1 0 1 1 0 8 0
amappl3 96 19342 0 19234 5 1 4 4 0 8 0
amappl2 88 754 0 691 2 0 2 2 0 8 0
amappl1 80 21086 0 20492 17 2 15 16 0 8 0
amappl 88 26181 0 26010 5 0 5 5 0 92 0
dma16384 16384 1 0 1 1 1 0 1 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 7 0 7 2 2 0 1 0 8 0
dma128 128 258 0 258 4 4 0 1 0 8 0
dma64 64 7 0 7 2 2 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 76 0 8 2 0 2 2 0 8 0
uaddrrnd 24 3104 0 3072 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 3104 0 3072 1 0 1 1 0 8 0
vmmpekpl 168 25163 0 25105 4 0 4 4 0 8 0
vmmpepl 168 195461 0 193393 135 31 104 106 0 357 4
vmsppl 480 3103 0 3072 8 3 5 5 0 8 0
rwobjpl 72 53510 0 46538 133 1 132 133 0 8 0
pdppl 4096 6215 0 6144 119 48 71 85 0 8 0
pvpl 32 20006 0 0 161 0 161 161 0 265 0
pmappl 256 3103 0 3072 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 513 0 97 13 0 13 13 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
in_pcb_iterator(ffffffff83a21fe0,fffffd806f4c3148,ffff80003ac07048) at in_pcb_iterator+0x13b sys/netinet/in_pcb.c:699
sysctl_file(ffff80003ac07348,4,0,ffff80003ac07378,ffff80003c4a2d08) at sysctl_file+0xcb9 sys/kern/kern_sysctl.c:-1
kern_sysctl(ffff80003ac07344,5,0,ffff80003ac07378,0,0,4940cb46508e2be2) at kern_sysctl+0x167 sys/kern/kern_sysctl.c:526
sys_sysctl(ffff80003c4a2d08,ffff80003ac074b0,ffff80003ac07400) at sys_sysctl+0x3f2 sys/kern/kern_sysctl.c:-1
syscall(ffff80003ac074b0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003ac074b0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6a9becaa0f0, count: -6
ddb{0}> machine ddbcpu 1