kernel: protection fault trap, code=0
Stopped at pf_anchor_global_RB_REMOVE+0x81: movq 0(%r12),%r15
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
the kernel did not panic
ddb> trace
pf_anchor_global_RB_REMOVE(ffffffff83a5dd78,ffff8000016c2840) at pf_anchor_global_RB_REMOVE+0x81 sys/net/pf_ruleset.c:82
pf_remove_if_empty_ruleset(ffff8000016c2cd0) at pf_remove_if_empty_ruleset+0x12d sys/net/pf_ruleset.c:301
pfi_dynaddr_setup(ffff80000161ea70,0,1) at pfi_dynaddr_setup+0x671 sys/net/pf_if.c:508
pf_addr_setup(ffffffff83a5e210,ffff80000161ea70,0) at pf_addr_setup+0x46 sys/net/pf_ioctl.c:948
pfioctl(224900,cd60441a,ffff800000c73000,83,ffff80003c90f4e8) at pfioctl+0x9a85 sys/net/pf_ioctl.c:2618
VOP_IOCTL(fffffd806d7d36d8,cd60441a,ffff800000c73000,83,fffffd8007ffd7b8,ffff80003c90f4e8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264
vn_ioctl(fffffd8071bf32d0,cd60441a,ffff800000c73000,ffff80003c90f4e8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537
sys_ioctl(ffff80003c90f4e8,ffff80003c901640,ffff80003c901590) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1
syscall(ffff80003c901640) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c901640) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd9ab0a84f70, count: -10
ddb> show registers
rdi 0xffff800035cc4000
rsi 0xb22
rbp 0xffff80003c901010
rbx 0xffffffff83a5dd78 pf_anchors
rdx 0xffff800035cc4000
rcx 0xb21
rax 0xffffffff823a44af pf_anchor_global_RB_REMOVE+0x2f
r8 0x3fc
r9 0x8080808080808080
r10 0x19ebdf092301968d
r11 0x342cf4e16445c788
r12 0xa65c1d872972349a
r13 0x1
r14 0xffff8000016c2840
r15 0xcafee0dac80d8144
rip 0xffffffff823a4501 pf_anchor_global_RB_REMOVE+0x81
cs 0x8
rflags 0x10286 __ALIGN_SIZE+0xf286
rsp 0xffff80003c900fc0
ss 0x10
pf_anchor_global_RB_REMOVE+0x81: movq 0(%r12),%r15
ddb> show proc
PROC (syz-executor) tid=450440 pid=78059 tcnt=2 stat=onproc
flags process=1000000<CHROOT> proc=4000000<THREAD>
runpri=32, usrpri=50, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80003c90ed20,0xffffffff83a6a928
process=0xffff8000ffffa418 user=0xffff80003c8fc000, vmspace=0xfffffd806c934188
estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
78059 276098 78190 0 2 0x1000000 syz-executor
*78059 450440 78190 0 7 0x5000000 syz-executor
85113 218388 29923 0 2 0 syz-executor
85113 417064 29923 0 3 0x4000088 kqread syz-executor
88190 484201 1930 0 2 0 syz-executor
88190 348692 1930 0 3 0x4000080 fsleep syz-executor
34547 332670 99224 0 2 0 syz-executor
34547 436567 99224 0 3 0x4000080 fsleep syz-executor
34547 304200 99224 0 3 0x4000080 fsleep syz-executor
6756 224489 54726 0 3 0x80 nanoslp syz-executor
6756 190090 54726 0 3 0x4000080 ttyin syz-executor
6756 453200 54726 0 3 0x4000080 fsleep syz-executor
6756 184763 54726 0 3 0x4000080 fsleep syz-executor
6756 112131 54726 0 3 0x4000080 fsleep syz-executor
37538 346086 20684 0 3 0x80 nanoslp syz-executor
37538 171718 20684 0 3 0x4000080 kqread syz-executor
94023 157912 53403 0 3 0x80 nanoslp syz-executor
94023 470902 53403 0 3 0x4000080 sbwait syz-executor
94023 278420 53403 0 3 0x4000080 fsleep syz-executor
94023 125108 53403 0 3 0x4000080 fsleep syz-executor
76903 23290 6578 0 3 0x80 nanoslp syz-executor
76903 122515 6578 0 3 0x4000080 netcon syz-executor
76903 505317 6578 0 3 0x4000080 fsleep syz-executor
98229 233868 1 0 3 0x80 nanoslp init
99224 136020 3719 0 3 0x82 nanoslp syz-executor
1930 392890 3719 0 3 0x82 nanoslp syz-executor
78190 499552 3719 0 3 0x82 nanoslp syz-executor
29923 395117 3719 0 3 0x82 nanoslp syz-executor
54726 183704 3719 0 3 0x82 nanoslp syz-executor
53403 201626 3719 0 3 0x82 nanoslp syz-executor
6578 128475 3719 0 3 0x82 nanoslp syz-executor
20684 59159 3719 0 3 0x82 nanoslp syz-executor
3719 361454 1 0 3 0x82 kqread syz-executor
56939 71572 0 0 3 0x14200 bored smr
49330 188399 0 0 2 0x14200 zerothread
9735 48710 0 0 3 0x14200 aiodoned aiodoned
68018 59673 0 0 3 0x14200 syncer update
4 326959 0 0 3 0x14200 cleaner cleaner
16133 424494 0 0 3 0x14200 reaper reaper
77303 193259 0 0 3 0x14200 pgdaemon pagedaemon
46164 234251 0 0 3 0x14200 bored viomb
42157 68269 0 0 3 0x40014200 acpi0 acpi0
82037 108000 0 0 3 0x14200 bored softnet0
85384 155613 0 0 3 0x14200 bored systqmp
21685 134639 0 0 3 0x14200 bored systq
81160 485254 0 0 3 0x40014200 tmoslp softclock
79176 34309 0 0 3 0x40014200 idle0
1 144940 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11033 12106K 12672K 166960K 12590 0
pcb 19 14K 16K 166960K 164 0
rtable 232 7K 8K 166960K 400 0
pf 35 14K 20K 166960K 74 0
ifaddr 38 6K 7K 166960K 52 0
ifgroup 46 2K 2K 166960K 66 0
sysctl 4 1K 9K 166960K 12 0
counters 32 17K 18K 166960K 40 0
ioctlops 1 4K 4K 166960K 80 0
iov 1 4K 16K 166960K 29 0
mount 1 1K 1K 166960K 1 0
log 2 0K 0K 166960K 6 0
vnodes 1358 85K 86K 166960K 1730 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 3 5K 5K 166960K 8 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 14 0
dirhash 12 2K 2K 166960K 12 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 17 65K 89K 166960K 391 0
sigio 0 0K 0K 166960K 6 0
proc 12 25K 108K 166960K 524 0
subproc 72 4K 4K 166960K 72 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 80 0
in_multi 88 6K 7K 166960K 108 0
ether_multi 1 0K 0K 166960K 2 0
mrt 0 0K 0K 166960K 5 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 67 307K 307K 166960K 67 0
exec 0 0K 1K 166960K 431 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 142 78K 173K 166960K 5225 0
UVM aobj 10 2K 2K 166960K 12 0
pinsyscall 19 38K 92K 166960K 1499 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 11 0
NDP 10 0K 2K 166960K 32 0
temp 46 9108K 9172K 166960K 13086 0
kqueue 4 8K 28K 166960K 77 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 81 0 81 2 1 1 2 0 8 1
rtentry 136 120 0 18 4 0 4 4 0 8 0
unpcb 144 178 0 176 2 0 2 2 0 8 1
syncache 336 5 0 5 2 1 1 1 0 8 1
tcpcb 736 164 0 162 7 0 7 7 0 8 6
arp 96 18 0 2 1 0 1 1 0 8 0
ipq 40 2 0 1 1 0 1 1 0 8 0
ipqe 40 3 0 2 1 0 1 1 0 8 0
inpcb 328 430 0 425 11 3 8 8 0 8 6
ip6q 72 1 0 1 1 0 1 1 0 8 1
ip6af 40 2 0 2 1 0 1 1 0 8 1
nd6 112 30 0 7 1 0 1 1 0 8 0
kcovpl 48 8 0 0 1 0 1 1 0 8 0
ppxss 1072 5 0 5 1 0 1 1 0 8 1
pppxif 1416 1 0 1 1 0 1 1 0 8 1
pfstscr 40 6 0 2 1 0 1 1 0 8 0
pfrktable 1344 2 1 1 1 0 1 1 0 8 0
pfanchor 1288 3 0 1 1 0 1 1 0 8 0
pftag 88 6 0 0 1 0 1 1 0 8 0
pfqueue 320 3 0 2 1 0 1 1 0 8 0
pfstitem 24 6 0 0 1 0 1 1 0 8 0
pfstkey 128 8 0 2 1 0 1 1 0 8 0
pfstate 384 4 0 1 1 0 1 1 0 8 0
pfrule 1360 3 0 2 1 0 1 1 0 8 0
art_heap8 4096 2 0 0 2 0 2 2 0 8 0
art_heap4 256 503 0 74 31 0 31 31 0 8 1
art_table 40 505 0 74 5 0 5 5 0 8 0
art_node 32 120 0 27 1 0 1 1 0 8 0
sysvmsgpl 40 3 0 3 1 0 1 1 0 8 1
semapl 72 12 0 2 1 0 1 1 0 8 0
shmpl 112 9 0 2 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 2117 0 661 92 0 92 92 0 8 0
ffsino 256 2117 0 661 92 0 92 92 0 8 0
nchpl 144 2669 0 970 63 0 63 63 0 8 0
rtmask 32 1 0 1 1 0 1 1 0 8 1
vnodes 216 2400 0 0 134 0 134 134 0 8 0
namei 1024 8780 0 8780 2 1 1 2 0 8 1
pfiaddrpl 120 1 0 0 1 0 1 1 0 8 0
kstatmem 264 33 0 12 2 0 2 2 0 8 0
scxspl 216 8744 0 8744 11 3 8 8 1 8 8
plimitpl 152 58 0 49 1 0 1 1 0 8 0
sigapl 424 689 0 656 6 1 5 6 0 8 0
knotepl 120 13672 0 13653 10 0 10 10 0 8 8
kqueuepl 184 104 0 97 1 0 1 1 0 8 0
pipepl 304 134 0 106 3 0 3 3 0 8 0
fdescpl 448 675 0 655 5 1 4 5 0 8 0
filepl 120 3759 0 3556 13 1 12 12 0 8 4
lockfpl 104 113 0 111 1 0 1 1 0 8 0
lockfspl 48 48 0 46 1 0 1 1 0 8 0
sessionpl 144 33 0 31 1 0 1 1 0 8 0
pgrppl 48 43 0 33 1 0 1 1 0 8 0
ucredpl 104 646 0 642 1 0 1 1 0 8 0
zombiepl 144 656 0 656 1 0 1 1 0 8 1
processpl 1152 689 0 656 4 0 4 4 0 8 0
procpl 664 1098 0 1050 6 0 6 6 0 8 1
sockpl 552 699 0 692 12 4 8 8 0 8 7
mcl64k 65536 18 0 18 2 1 1 1 0 8 1
mcl8k 8192 7 0 7 2 1 1 1 0 8 1
mcl4k 4096 2830 0 2780 14 6 8 13 0 8 1
mcl2k 2048 313 0 311 2 0 2 2 0 8 1
mtagpl 96 5 0 4 2 1 1 1 0 8 0
mbufpl 256 7325 0 7179 24 0 24 24 0 8 11
bufpl 280 3826 0 103 266 0 266 266 0 8 0
anonpl 24 125115 0 123496 70 23 47 47 0 186 25
amapchunkpl 152 16345 0 15958 26 0 26 26 0 158 9
amappl16 200 2335 0 2310 27 17 10 16 0 8 8
amappl15 192 4 0 4 1 1 0 1 0 8 0
amappl14 184 408 0 408 1 0 1 1 0 8 1
amappl13 176 118 0 118 1 0 1 1 0 8 1
amappl12 168 912 0 894 2 0 2 2 0 8 0
amappl11 160 8 0 8 1 1 0 1 0 8 0
amappl10 152 59 0 59 1 0 1 1 0 8 1
amappl9 144 300 0 300 1 1 0 1 0 8 0
amappl8 136 110 0 110 1 0 1 1 0 8 1
amappl7 128 149 0 147 1 0 1 1 0 8 0
amappl6 120 148 0 147 1 0 1 1 0 8 0
amappl5 112 90 0 90 1 0 1 1 0 8 1
amappl4 104 275 0 274 1 0 1 1 0 8 0
amappl3 96 3134 0 3051 4 0 4 4 0 8 0
amappl2 88 548 0 540 2 0 2 2 0 8 0
amappl1 80 11506 0 11405 13 0 13 13 0 8 6
amappl 88 4481 0 4350 5 0 5 5 0 92 1
uvmvnodes 80 109 0 0 3 0 3 3 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma2048 2048 2 0 2 1 0 1 1 0 8 1
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 11 0 2 1 0 1 1 0 8 0
uaddrrnd 24 675 0 655 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 675 0 655 1 0 1 1 0 8 0
vmmpekpl 168 7319 0 7293 2 0 2 2 0 8 0
vmmpepl 168 51921 0 51037 101 9 92 92 0 357 44
vmsppl 368 674 0 655 4 1 3 4 0 8 0
rwobjpl 40 17589 0 17179 14 1 13 13 0 8 1
pdppl 4096 1356 0 1310 96 34 62 78 0 8 16
pvpl 32 315055 0 310575 154 36 118 118 0 265 65
pmappl 216 674 0 655 2 0 2 2 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 385 0 48 10 0 10 10 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
pf_anchor_global_RB_REMOVE(ffffffff83a5dd78,ffff8000016c2840) at pf_anchor_global_RB_REMOVE+0x81 sys/net/pf_ruleset.c:82
pf_remove_if_empty_ruleset(ffff8000016c2cd0) at pf_remove_if_empty_ruleset+0x12d sys/net/pf_ruleset.c:301
pfi_dynaddr_setup(ffff80000161ea70,0,1) at pfi_dynaddr_setup+0x671 sys/net/pf_if.c:508
pf_addr_setup(ffffffff83a5e210,ffff80000161ea70,0) at pf_addr_setup+0x46 sys/net/pf_ioctl.c:948
pfioctl(224900,cd60441a,ffff800000c73000,83,ffff80003c90f4e8) at pfioctl+0x9a85 sys/net/pf_ioctl.c:2618
VOP_IOCTL(fffffd806d7d36d8,cd60441a,ffff800000c73000,83,fffffd8007ffd7b8,ffff80003c90f4e8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264
vn_ioctl(fffffd8071bf32d0,cd60441a,ffff800000c73000,ffff80003c90f4e8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537
sys_ioctl(ffff80003c90f4e8,ffff80003c901640,ffff80003c901590) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1
syscall(ffff80003c901640) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c901640) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd9ab0a84f70, count: -10
ddb> machine ddbcpu 1
No such command
ddb> trace
pf_anchor_global_RB_REMOVE(ffffffff83a5dd78,ffff8000016c2840) at pf_anchor_global_RB_REMOVE+0x81 sys/net/pf_ruleset.c:82
pf_remove_if_empty_ruleset(ffff8000016c2cd0) at pf_remove_if_empty_ruleset+0x12d sys/net/pf_ruleset.c:301
pfi_dynaddr_setup(ffff80000161ea70,0,1) at pfi_dynaddr_setup+0x671 sys/net/pf_if.c:508
pf_addr_setup(ffffffff83a5e210,ffff80000161ea70,0) at pf_addr_setup+0x46 sys/net/pf_ioctl.c:948
pfioctl(224900,cd60441a,ffff800000c73000,83,ffff80003c90f4e8) at pfioctl+0x9a85 sys/net/pf_ioctl.c:2618
VOP_IOCTL(fffffd806d7d36d8,cd60441a,ffff800000c73000,83,fffffd8007ffd7b8,ffff80003c90f4e8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264
vn_ioctl(fffffd8071bf32d0,cd60441a,ffff800000c73000,ffff80003c90f4e8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537
sys_ioctl(ffff80003c90f4e8,ffff80003c901640,ffff80003c901590) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1
syscall(ffff80003c901640) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c901640) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd9ab0a84f70, count: -10
ddb>