kernel: protection fault trap, code=0
Stopped at __x86_indirect_thunk_r11+0x14: ret
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
the kernel did not panic
ddb{1}> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
rt_clone(ffff800034841638,fffffd806f459c90,0) at rt_clone+0x7d sys/net/route.c:383
route_mpath(fffffd806f459c78,fffffd806d2a0524,0,0) at route_mpath+0x112 rt_match sys/net/route.c:360 [inline]
route_mpath(fffffd806f459c78,fffffd806d2a0524,0,0) at route_mpath+0x112 rtalloc_mpath sys/net/route.c:476 [inline]
route_mpath(fffffd806f459c78,fffffd806d2a0524,0,0) at route_mpath+0x112 sys/net/route.c:255
in_pcbselsrc(ffff800034841728,fffffd806d2a0520,fffffd806f459c00) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:975
in_pcbconnect(fffffd806f459c00,fffffd806d2a0500) at in_pcbconnect+0xe8 sys/netinet/in_pcb.c:523
tcp_connect(ffff800000e29530,fffffd806d2a0500) at tcp_connect+0x29b sys/netinet/tcp_usrreq.c:654
sys_connect(ffff80002a2a3748,ffff800034841950,ffff8000348418a0) at sys_connect+0x239 sys/kern/uipc_syscalls.c:422
syscall(ffff800034841950) at syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline]
syscall(ffff800034841950) at syscall+0x8cf sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x89791eff270, count: -9
ddb{1}> show registers
rdi 0xffff800000dee800
rsi 0xb
rbp 0xffff800034841510
rbx 0xffff800000ed1720
rdx 0xfffffd806efcea10
rcx 0x711
rax 0xffffffff8254d9f5 rtrequest+0x8b5
r8 0x100
r9 0xfffffd806efcea10
r10 0xba069168540f9203
r11 0x382c080380030008
r12 0xffff8000348415c8
r13 0
r14 0xfffffd806efcea10
r15 0xffff800034841528
rip 0xffffffff826f8304 __x86_indirect_thunk_r11+0x14
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff800034841410
ss 0x10
__x86_indirect_thunk_r11+0x14: ret
ddb{1}> show proc
PROC (syz-executor.1) tid=357742 pid=29340 tcnt=3 stat=onproc
flags process=8000000 proc=4000000<THREAD>
runpri=32, usrpri=86, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff800032d834c8,0xffffffff82e9c2e8
process=0xffff8000ffff2850 user=0xffff80003483c000, vmspace=0xfffffd805fd17008
estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
70259 453935 59231 0 2 0x8000000 syz-executor.2
70259 245314 59231 0 3 0xc000080 fsleep syz-executor.2
97000 53036 68465 0 2 0x8000000 syz-executor.3
97000 86583 68465 0 3 0xc000080 netcon syz-executor.3
29340 295429 67779 0 7 0x8000000 syz-executor.1
29340 202979 67779 0 3 0xc000080 kqsel syz-executor.1
*29340 357742 67779 0 7 0xc000000 syz-executor.1
43958 494074 47435 0 3 0x8000080 nanoslp syz-executor.6
43958 244350 47435 0 3 0xc000080 fifor syz-executor.6
42389 9440 81694 0 3 0x8000080 nanoslp syz-executor.4
42389 289347 81694 0 3 0xc000080 msgwait syz-executor.4
42389 45337 81694 0 3 0xc000080 msgwait syz-executor.4
42389 433773 81694 0 3 0xc000080 fsleep syz-executor.4
47435 208923 44655 0 3 0x8000082 nanoslp syz-executor.6
90895 73723 0 0 3 0x14200 acct acct
59231 176488 44655 0 3 0x8000082 nanoslp syz-executor.2
68465 388646 44655 0 3 0x8000082 nanoslp syz-executor.3
28385 416200 1 0 3 0x18100083 ttyin getty
67779 164476 44655 0 3 0x8000082 nanoslp syz-executor.1
70066 328927 44655 0 3 0x8000082 nanoslp syz-executor.5
33623 11865 44655 0 3 0x8000082 nanoslp syz-executor.0
63771 163315 44655 0 3 0x8000002 biowait syz-executor.7
81694 289811 44655 0 3 0x8000082 nanoslp syz-executor.4
2422 86965 0 0 3 0x14200 bored sosplice
44655 238924 85888 0 3 0x1a000082 wait syz-fuzzer
44655 468377 85888 0 3 0x1e000082 thrsleep syz-fuzzer
44655 210147 85888 0 3 0x1e000082 thrsleep syz-fuzzer
44655 114650 85888 0 3 0x1e000082 thrsleep syz-fuzzer
44655 287543 85888 0 3 0x1e000082 wait syz-fuzzer
44655 77418 85888 0 3 0x1e000082 wait syz-fuzzer
44655 258515 85888 0 3 0x1e000082 wait syz-fuzzer
44655 328092 85888 0 3 0x1e000082 wait syz-fuzzer
44655 73422 85888 0 3 0x1e000082 wait syz-fuzzer
44655 509996 85888 0 3 0x1e000082 thrsleep syz-fuzzer
44655 182155 85888 0 3 0x1e000082 wait syz-fuzzer
44655 320734 85888 0 3 0x1e000082 thrsleep syz-fuzzer
44655 24386 85888 0 3 0x1e000082 thrsleep syz-fuzzer
44655 171923 85888 0 3 0x1e000082 kqread syz-fuzzer
44655 100179 85888 0 3 0x1e000082 thrsleep syz-fuzzer
44655 15893 85888 0 3 0x1e000082 wait syz-fuzzer
85888 139160 6664 0 3 0x810008a sigsusp ksh
6664 456424 16606 0 3 0x1800009a kqread sshd
16606 162861 1 0 3 0x18000088 kqread sshd
80782 432083 64550 73 3 0x19100010 biowait syslogd
64550 328158 1 0 3 0x18100082 sbwait syslogd
60634 119125 1 0 3 0x18100080 kqread resolvd
5042 321498 75574 77 3 0x18100092 kqread dhcpleased
15764 302345 75574 77 3 0x18100092 kqread dhcpleased
75574 310373 1 0 3 0x18000080 kqread dhcpleased
51936 359448 0 0 3 0x14200 bored smr
63704 314449 0 0 3 0x14200 pgzero zerothread
81970 134277 0 0 3 0x14200 aiodoned aiodoned
4359 207069 0 0 3 0x14200 syncer update
67145 22285 0 0 3 0x14200 cleaner cleaner
71349 40143 0 0 3 0x14200 reaper reaper
61339 246976 0 0 3 0x14200 pgdaemon pagedaemon
72188 315688 0 0 3 0x14200 bored viomb
93947 469838 0 0 3 0x40014200 acpi0 acpi0
51949 348644 0 0 3 0x40014200 idle1
2781 89402 0 0 3 0x14200 bored softnet3
60171 294678 0 0 3 0x14200 bored softnet2
23288 328365 0 0 3 0x14200 bored softnet1
48129 144408 0 0 3 0x14200 bored softnet0
27561 103597 0 0 3 0x14200 bored systqmp
63532 212757 0 0 3 0x14200 bored systq
57838 132922 0 0 3 0x14200 tmoslp softclockmp
31365 263432 0 0 3 0x40014200 tmoslp softclock
56814 505872 0 0 3 0x40014200 idle0
1 66733 0 0 3 0x8080082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 29340 (syz-executor.1) thread 0xffff80002a2a3748 (357742)
Process 63771 (syz-executor.7) thread 0xffff800035f702e0 (163315)
Process 80782 (syslogd) thread 0xffff8000ffffc7c0 (432083)
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10220 6587K 7155K 166960K 18249 0
pcb 18 12K 12K 166960K 491 0
rtable 119 7K 10K 166960K 1652 0
pf 43 11K 12K 166960K 217 0
ifaddr 35 12K 16K 166960K 245 0
ifgroup 78 3K 3K 166960K 347 0
sysctl 3 0K 1K 166960K 11 0
counters 76 37K 38K 166960K 230 0
ioctlops 0 0K 4K 166960K 1685 0
iov 0 0K 24K 166960K 203 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1404 88K 89K 166960K 4700 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 16K 24K 166960K 112 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 316 0
dirhash 12 2K 3K 166960K 96 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 16 57K 93K 166960K 3746 0
sigio 0 0K 0K 166960K 68 0
proc 60 79K 115K 166960K 1579 0
subproc 104 6K 7K 166960K 535 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 4 0K 0K 166960K 483 0
in_multi 42 3K 7K 166960K 552 0
ether_multi 1 0K 0K 166960K 26 0
mrt 1 0K 0K 166960K 14 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 121 546K 546K 166960K 121 0
exec 0 0K 1K 166960K 1209 0
pfkey data 0 0K 0K 166960K 4 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 289 91K 106K 166960K 33882 0
UVM aobj 155 8K 8K 166960K 160 0
pinsyscall 36 72K 100K 166960K 5734 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 1K 166960K 184 0
NDP 19 0K 2K 166960K 173 0
temp 74 6808K 14744K 166960K 136400 0
kqueue 12 18K 26K 166960K 556 0
SYN cache 2 8K 16K 166960K 3 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 24 0 0 1 0 1 1 0 8 0
rtpcb 120 388 0 384 1 0 1 1 0 8 0
rtentry 112 571 0 531 4 1 3 4 0 8 0
unpcb 144 2684 0 2669 7 6 1 2 0 8 0
syncache 336 45 0 45 11 11 0 1 0 8 0
sackhl 24 1 3 1 1 1 0 1 0 8 0
tcpqe 32 36 0 36 1 1 0 1 0 8 0
tcpcb 808 1332 0 1322 19 17 2 4 0 8 1
arp 120 106 0 100 1 0 1 1 0 8 0
inpcb 384 3922 0 3903 23 20 3 5 0 8 1
nd6 136 140 0 130 1 0 1 1 0 8 0
pkpcb 40 26 0 26 15 14 1 1 0 8 1
kcovpl 48 41 0 33 1 0 1 1 0 8 0
ppxss 1168 28 0 28 11 10 1 1 0 8 1
pffrag 232 33 0 22 4 3 1 1 0 482 0
pffrnode 88 31 0 21 4 3 1 1 0 8 0
pffrent 40 261 0 250 4 3 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfstitem 24 270 0 227 1 0 1 1 0 8 0
pfstkey 128 270 0 227 2 0 2 2 0 8 0
pfstate 376 270 0 227 8 3 5 5 0 8 0
pfrule 1344 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 6 0 4 4 2 2 2 0 8 0
art_heap4 256 2055 0 1852 39 16 23 30 0 8 3
art_table 32 2061 0 1856 4 0 4 4 0 8 0
art_node 16 559 0 526 1 0 1 1 0 8 0
sysvmsgpl 40 29 0 20 1 0 1 1 0 8 0
semupl 112 2 0 2 1 1 0 1 0 8 0
semapl 112 312 0 302 1 0 1 1 0 8 0
shmpl 112 157 0 5 6 1 5 5 0 8 0
dirhash 1024 73 0 56 3 0 3 3 0 8 0
dino2pl 256 7502 0 5972 97 0 97 97 0 8 0
ffsino 272 7502 0 5972 103 0 103 103 0 8 0
nchpl 144 13082 0 11341 67 0 67 67 0 8 0
uvmvnodes 80 8997 0 0 184 0 184 184 0 8 0
vnodes 216 8997 0 0 500 0 500 500 0 8 0
namei 1024 46312 0 46312 6 5 1 3 0 8 1
percpumem 16 129 0 77 1 0 1 1 0 8 0
vcpupl 3904 7 0 0 1 0 1 1 0 8 0
vmpool 696 25 0 18 2 1 1 1 0 8 0
kstatmem 264 188 0 154 3 0 3 3 0 8 0
scsiplug 72 8 0 8 8 8 0 1 0 8 0
scxspl 216 75040 0 75038 15 14 1 8 1 8 0
plimitpl 152 657 0 641 1 0 1 1 0 8 0
sigapl 424 4014 0 3966 10 2 8 8 0 8 1
futexpl 64 64100 0 64098 7 6 1 1 0 8 0
knotepl 120 895 0 0 19 0 19 19 0 8 0
kqueuepl 216 1190 0 1180 2 1 1 2 0 8 0
pipepl 320 732 0 704 8 0 8 8 0 8 5
fdescpl 496 3971 0 3944 5 1 4 5 0 8 0
filepl 152 26730 0 26471 17 1 16 16 0 8 5
lockfpl 104 1208 0 1206 1 0 1 1 0 8 0
lockfspl 48 543 0 541 1 0 1 1 0 8 0
sessionpl 144 58 0 42 1 0 1 1 0 8 0
pgrppl 48 150 0 134 1 0 1 1 0 8 0
ucredpl 104 4563 0 4551 1 0 1 1 0 8 0
zombiepl 144 3968 0 3966 1 0 1 1 0 8 0
processpl 1144 4014 0 3966 8 2 6 6 0 8 1
procpl 656 7975 0 7904 11 2 9 9 0 8 0
srpgc 96 56 0 56 11 11 0 1 0 8 0
sosppl 168 30 0 30 15 14 1 1 0 8 1
sockpl 664 7077 0 7040 30 26 4 6 0 8 0
mcl64k 65536 27 0 0 3 0 3 3 0 8 0
mcl16k 16384 7 0 0 1 0 1 1 0 8 0
mcl12k 12288 11 0 0 2 0 2 2 0 8 0
mcl9k 9216 11 0 0 1 0 1 1 0 8 0
mcl8k 8192 18 0 0 3 0 3 3 0 8 0
mcl4k 4096 7 0 0 1 0 1 1 0 8 0
mcl2k 2048 448 0 0 52 3 49 52 0 8 0
mtagpl 96 31 0 0 1 0 1 1 0 8 0
mbufpl 256 537 0 0 27 0 27 27 0 8 0
bufpl 280 15168 0 6169 643 0 643 643 0 8 0
anonpl 24 626136 0 619721 129 60 69 91 0 186 1
amapchunkpl 152 112118 0 111445 88 48 40 49 0 158 3
amappl16 200 12345 0 12191 55 42 13 21 0 8 2
amappl15 192 17 0 17 3 2 1 1 0 8 1
amappl14 184 275 0 262 2 1 1 2 0 8 0
amappl13 176 17 0 17 1 1 0 1 0 8 0
amappl12 168 5069 0 5041 3 1 2 2 0 8 0
amappl11 160 98 0 80 1 0 1 1 0 8 0
amappl10 152 121 0 118 1 0 1 1 0 8 0
amappl9 144 413 0 413 3 3 0 1 0 8 0
amappl8 136 261 0 226 2 0 2 2 0 8 0
amappl7 128 65 0 50 1 0 1 1 0 8 0
amappl6 120 716 0 701 2 1 1 2 0 8 0
amappl5 112 294 0 282 1 0 1 1 0 8 0
amappl4 104 835 0 798 2 0 2 2 0 8 0
amappl3 96 20114 0 20033 3 0 3 3 0 8 0
amappl2 88 4496 0 4424 4 2 2 4 0 8 0
amappl1 80 22464 0 21978 22 10 12 22 0 8 0
amappl 88 32801 0 32603 7 1 6 6 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 159 0 5 3 0 3 3 0 8 0
uaddrrnd 24 3996 0 3962 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 3996 0 3962 1 0 1 1 0 8 0
vmmpekpl 168 29788 0 29711 4 0 4 4 0 8 0
vmmpepl 168 255345 0 253455 184 82 102 115 0 357 8
vmsppl 440 3995 0 3962 6 1 5 5 0 8 0
rwobjpl 56 70539 0 60288 150 5 145 146 0 8 0
pdppl 4096 7999 0 7931 244 168 76 79 0 8 8
pvpl 32 46612 0 0 379 3 376 377 0 265 0
pmappl 248 3995 0 3962 5 2 3 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 627 0 234 12 0 12 12 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp
ddb{0}> trace
x86_ipi_db(ffffffff82d15ff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff82e5b6b8) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff82e5b6b8) at __mp_lock+0x122 sys/kern/kern_lock.c:147
intr_handler(ffff80002e0fff50,ffff80000006bc00) at intr_handler+0x62 sys/arch/amd64/amd64/intr.c:539
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
end of kernel
end trace frame: 0x74c11a5116d0, count: -6
ddb{0}> machine ddbcpu 1
Stopped at __x86_indirect_thunk_r11+0x14: ret
ddb{1}> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
rt_clone(ffff800034841638,fffffd806f459c90,0) at rt_clone+0x7d sys/net/route.c:383
route_mpath(fffffd806f459c78,fffffd806d2a0524,0,0) at route_mpath+0x112 rt_match sys/net/route.c:360 [inline]
route_mpath(fffffd806f459c78,fffffd806d2a0524,0,0) at route_mpath+0x112 rtalloc_mpath sys/net/route.c:476 [inline]
route_mpath(fffffd806f459c78,fffffd806d2a0524,0,0) at route_mpath+0x112 sys/net/route.c:255
in_pcbselsrc(ffff800034841728,fffffd806d2a0520,fffffd806f459c00) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:975
in_pcbconnect(fffffd806f459c00,fffffd806d2a0500) at in_pcbconnect+0xe8 sys/netinet/in_pcb.c:523
tcp_connect(ffff800000e29530,fffffd806d2a0500) at tcp_connect+0x29b sys/netinet/tcp_usrreq.c:654
sys_connect(ffff80002a2a3748,ffff800034841950,ffff8000348418a0) at sys_connect+0x239 sys/kern/uipc_syscalls.c:422
syscall(ffff800034841950) at syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline]
syscall(ffff800034841950) at syscall+0x8cf sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x89791eff270, count: -9