uvm_fault(0xffffffff827afde0, 0xfffffd0000000018, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at _bpf_mtap+0x68: movl 0x18(%rbx),%r13d
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
kernel page fault
uvm_fault(0xffffffff827afde0, 0xfffffd0000000018, 0, 1) -> e
_bpf_mtap(ffff800000adb980,fffffd806d528d00,fffffd806d528d00,2) at _bpf_mtap+0x68 sys/net/bpf.c:1281
end trace frame: 0xffff800023fb1720, count: 0
ddb{0}> trace
_bpf_mtap(ffff800000adb980,fffffd806d528d00,fffffd806d528d00,2) at _bpf_mtap+0x68 sys/net/bpf.c:1281
tun_dev_read(5d01,ffff800023fb1998,10) at tun_dev_read+0x113
spec_read(ffff800023fb17e0) at spec_read+0xf1 sys/kern/spec_vnops.c:222
VOP_READ(fffffd8065403b80,ffff800023fb1998,10,fffffd807f7bfa20) at VOP_READ+0xbf sys/kern/vfs_vops.c:247
vn_read(fffffd80665fcdc8,ffff800023fb1998,0) at vn_read+0x124 sys/kern/vfs_vnops.c:375
dofilereadv(ffff8000230f89f0,f0,ffff800023fb1998,0,ffff800023fb1a80) at dofilereadv+0x1a1 sys/kern/sys_generic.c:237
sys_read(ffff8000230f89f0,ffff800023fb1a30,ffff800023fb1a80) at sys_read+0x83 sys/kern/sys_generic.c:157
syscall(ffff800023fb1b00) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800023fb1b00) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa6c1c9249d0, count: -9
ddb{0}> show registers
rdi 0xffffffff818acdc5 _bpf_mtap+0x65
rsi 0x14d
rbp 0xffff800023fb16b0
rbx 0xfffffd0000000000
rdx 0x14e
rcx 0xffff800021ee2000
rax 0xe
r8 0xffffffff82421aeb pp_r600_decoded_lanes+0x9607
r9 0xffff800000b2be64
r10 0xa
r11 0xbeede0af92687e6d
r12 0xfffffd806d528d00
r13 0xe
r14 0x2
r15 0xffff800000adb980
rip 0xffffffff818acdc8 _bpf_mtap+0x68
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff800023fb1610
ss 0x10
_bpf_mtap+0x68: movl 0x18(%rbx),%r13d
ddb{0}> show proc
PROC (syz-executor.1) pid=207384 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=32, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff8000230f9140,0xffff8000230f8040
process=0xffff800023f21748 user=0xffff800023fac000, vmspace=0xfffffd807eaacd00
estcpu=36, cpticks=2, pctcpu=0.0
user=0, sys=1, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
59253 220240 21109 0 2 0 syz-executor.1
*59253 207384 21109 0 7 0x4000000 syz-executor.1
59253 67042 21109 0 3 0x4000080 fsleep syz-executor.1
33936 259853 3800 0 2 0 syz-executor.0
33936 321663 3800 0 3 0x4000080 fsleep syz-executor.0
33936 73432 3800 0 7 0x4000000 syz-executor.0
33936 191732 3800 0 2 0x4000000 syz-executor.0
3800 99745 32417 0 2 0x482 syz-executor.0
21109 430832 32417 0 3 0x82 nanosleep syz-executor.1
92432 136927 0 0 3 0x14280 nfsidl nfsio
24015 381631 0 0 3 0x14280 nfsidl nfsio
82070 208561 0 0 3 0x14280 nfsidl nfsio
3105 77457 0 0 3 0x14280 nfsidl nfsio
95934 430238 0 0 3 0x14280 nfsidl nfsio
96074 215417 0 0 3 0x14280 nfsidl nfsio
52469 450873 0 0 3 0x14280 nfsidl nfsio
39428 415842 0 0 3 0x14280 nfsidl nfsio
30448 233069 0 0 3 0x14280 nfsidl nfsio
94082 94182 0 0 3 0x14280 nfsidl nfsio
74496 282246 0 0 3 0x14280 nfsidl nfsio
57057 499132 0 0 3 0x14280 nfsidl nfsio
96509 19758 0 0 3 0x14280 nfsidl nfsio
55072 457285 0 0 3 0x14280 nfsidl nfsio
97160 221135 0 0 3 0x14280 nfsidl nfsio
85193 402921 0 0 3 0x14280 nfsidl nfsio
40697 292450 0 0 3 0x14280 nfsidl nfsio
62901 9131 0 0 3 0x14280 nfsidl nfsio
73390 522229 0 0 3 0x14280 nfsidl nfsio
29702 454535 0 0 3 0x14280 nfsidl nfsio
15433 334176 0 0 3 0x14200 acct acct
23218 272774 0 0 3 0x14200 bored sosplice
32417 198326 49187 0 3 0x82 thrsleep syz-fuzzer
32417 345572 49187 0 3 0x4000082 thrsleep syz-fuzzer
32417 239918 49187 0 3 0x4000082 thrsleep syz-fuzzer
32417 158906 49187 0 3 0x4000082 thrsleep syz-fuzzer
32417 327885 49187 0 3 0x4000082 thrsleep syz-fuzzer
32417 332250 49187 0 3 0x4000082 thrsleep syz-fuzzer
32417 211200 49187 0 3 0x4000082 thrsleep syz-fuzzer
32417 219167 49187 0 3 0x4000082 thrsleep syz-fuzzer
32417 383147 49187 0 3 0x4000082 thrsleep syz-fuzzer
32417 48788 49187 0 3 0x4000082 kqread syz-fuzzer
49187 405948 76350 0 3 0x10008a pause ksh
76350 174139 79715 0 3 0x92 select sshd
87379 94477 1 0 3 0x100083 ttyin getty
79715 483754 1 0 3 0x80 select sshd
11475 158561 58461 74 3 0x100092 bpf pflogd
58461 336607 1 0 3 0x80 netio pflogd
55079 490594 43009 73 3 0x100090 kqread syslogd
43009 209569 1 0 3 0x100082 netio syslogd
65006 482774 1 77 3 0x100090 poll dhclient
21514 296336 1 0 3 0x80 poll dhclient
19320 387737 0 0 3 0x14200 bored smr
57121 301948 0 0 2 0x14200 zerothread
81236 323174 0 0 3 0x14200 aiodoned aiodoned
48865 466578 0 0 3 0x14200 syncer update
91683 34588 0 0 3 0x14200 cleaner cleaner
94976 130201 0 0 3 0x14200 reaper reaper
52132 196897 0 0 3 0x14200 pgdaemon pagedaemon
65448 222744 0 0 3 0x14200 bored crynlk
79489 111581 0 0 3 0x14200 bored crypto
42530 9526 0 0 3 0x40014200 acpi0 acpi0
83026 317565 0 0 3 0x40014200 idle1
91558 304383 0 0 3 0x14200 bored softnet
64377 135229 0 0 3 0x14200 bored systqmp
16361 518719 0 0 3 0x14200 bored systq
32124 26702 0 0 3 0x40014200 bored softclock
12778 85047 0 0 3 0x40014200 idle0
1 169083 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 59253 (syz-executor.1) thread 0xffff8000230f89f0 (207384)
exclusive kernel_lock &kernel_lock r = 1 (0xffffffff828b1058)
#0 witness_lock+0x4c7 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4c7 sys/kern/subr_witness.c:1164
#1 vn_read+0x45 sys/kern/vfs_vnops.c:357
#2 dofilereadv+0x1a1 sys/kern/sys_generic.c:237
#3 sys_read+0x83 sys/kern/sys_generic.c:157
#4 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#4 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
#5 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9579 6450K 6946K 78643K 12073 0
pcb 13 8K 8K 78643K 193 0
rtable 103 10K 10K 78643K 688 0
ifaddr 117 21K 21K 78643K 289 0
sysctl 2 0K 0K 78643K 2 0
counters 45 34K 34K 78643K 101 0
ioctlops 0 0K 4K 78643K 1653 0
iov 0 0K 24K 78643K 770 0
mount 1 1K 1K 78643K 1 0
vnodes 1220 77K 77K 78643K 1761 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 15 0
VM map 2 1K 1K 78643K 2 0
sem 12 1K 1K 78643K 22 0
dirhash 9 1K 2K 78643K 12 0
ACPI 1824 197K 290K 78643K 13058 0
file desc 6 17K 25K 78643K 1201 0
sigio 0 0K 0K 78643K 5 0
proc 61 63K 95K 78643K 625 0
subproc 32 2K 2K 78643K 68 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 84 0
in_multi 58 2K 3K 78643K 191 0
ether_multi 1 0K 0K 78643K 26 0
mrt 0 0K 0K 78643K 8 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 61 281K 281K 78643K 61 0
exec 0 0K 1K 78643K 318 0
pfkey data 0 0K 1K 78643K 2 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 141 72K 88K 78643K 5130 0
UVM aobj 43 4K 4K 78643K 54 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 1K 78643K 157 0
NDP 20 0K 0K 78643K 63 0
temp 166 3873K 3953K 78643K 21691 0
kqueue 3 4K 12K 78643K 80 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 15 0 8 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 80 83 0 81 1 0 1 1 0 8 0
rtentry 112 105 0 78 3 1 2 2 0 8 0
unpcb 120 727 0 715 1 0 1 1 0 8 0
syncache 264 6 0 6 2 2 0 1 0 8 0
tcpqe 32 293 0 293 1 1 0 1 0 8 0
tcpcb 544 498 0 494 3 2 1 2 0 8 0
inpcb 296 1485 0 1478 7 5 2 3 0 8 1
rttmr 72 5 0 5 3 2 1 1 0 8 1
nd6 48 20 0 19 2 1 1 1 0 8 0
pkpcb 40 6 0 6 2 2 0 1 0 8 0
ppxss 1128 3 0 3 2 2 0 1 0 8 0
pfstscr 40 3 0 3 2 1 1 1 0 8 1
pffrag 232 3 0 3 1 1 0 1 0 482 0
pffrnode 88 3 0 3 1 1 0 1 0 8 0
pffrent 40 10 0 10 2 2 0 1 0 8 0
pfosfp 40 846 0 423 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 30 0 19 3 2 1 2 0 8 0
pftag 88 5 0 4 1 0 1 1 0 8 0
pfqueue 264 1 0 0 1 0 1 1 0 8 0
pfstitem 24 50 0 38 1 0 1 1 0 8 0
pfstkey 112 57 0 45 2 0 2 2 0 8 0
pfstate 328 54 0 43 4 0 4 4 0 8 0
pfsrctr 152 28 0 28 1 1 0 1 0 8 0
pfrule 1360 37 0 26 4 2 2 2 0 8 0
art_heap8 4096 2 0 0 2 0 2 2 0 8 0
art_heap4 256 577 0 440 24 10 14 15 0 8 4
art_table 32 579 0 440 3 1 2 2 0 8 0
art_node 16 102 0 79 1 0 1 1 0 8 0
sysvmsgpl 40 19 0 7 1 0 1 1 0 8 0
semupl 112 5 0 5 1 1 0 1 0 8 0
semapl 112 12 0 2 1 0 1 1 0 8 0
shmpl 112 52 0 11 2 0 2 2 0 8 0
dirhash 1024 17 0 10 3 1 2 3 0 8 0
dino2pl 256 3223 0 1824 89 0 89 89 0 8 0
ffsino 272 3223 0 1824 96 1 95 95 0 8 0
nchpl 144 5485 0 3884 60 0 60 60 0 8 0
uvmvnodes 72 3636 0 0 67 0 67 67 0 8 0
vnodes 208 3636 0 0 192 0 192 192 0 8 0
namei 1024 15881 0 15881 3 2 1 1 0 8 1
percpumem 16 61 0 28 1 0 1 1 0 8 0
vcpupl 1984 6 0 0 1 0 1 1 0 8 0
vmpool 560 8 0 2 1 0 1 1 0 8 0
pfiaddrpl 120 14 0 2 1 0 1 1 0 8 0
scsiplug 64 1 0 1 1 1 0 1 0 8 0
scxspl 192 16378 0 16378 15 14 1 7 0 8 1
plimitpl 152 82 0 74 1 0 1 1 0 8 0
sigapl 424 1432 0 1378 8 1 7 7 0 8 0
futexpl 56 20517 0 20515 2 1 1 1 0 8 0
knotepl 112 166 0 147 1 0 1 1 0 8 0
kqueuepl 144 187 0 181 1 0 1 1 0 8 0
pipepl 304 227 0 217 5 3 2 2 0 8 1
fdescpl 496 1395 0 1378 3 0 3 3 0 8 0
filepl 152 9097 0 8988 9 4 5 6 0 8 0
lockfpl 104 1354 0 1351 1 0 1 1 0 8 0
lockfspl 48 322 0 320 1 0 1 1 0 8 0
sessionpl 112 20 0 9 1 0 1 1 0 8 0
pgrppl 48 28 0 17 1 0 1 1 0 8 0
ucredpl 96 937 0 928 1 0 1 1 0 8 0
zombiepl 144 1378 0 1378 2 1 1 1 0 8 1
processpl 984 1432 0 1378 8 1 7 7 0 8 0
procpl 624 4226 0 4158 7 1 6 6 0 8 0
srpgc 64 4 0 4 2 2 0 1 0 8 0
sosppl 128 32 0 32 6 5 1 1 0 8 1
sockpl 400 2314 0 2293 11 7 4 5 0 8 1
mcl64k 65536 17 0 0 3 0 3 3 0 8 0
mcl16k 16384 2 0 0 1 0 1 1 0 8 0
mcl12k 12288 16 0 0 2 0 2 2 0 8 0
mcl9k 9216 2 0 0 1 0 1 1 0 8 0
mcl8k 8192 3 0 0 1 0 1 1 0 8 0
mcl4k 4096 12 0 0 2 0 2 2 0 8 0
mcl2k2 2112 5 0 0 1 0 1 1 0 8 0
mcl2k 2048 167 0 0 20 0 20 20 0 8 0
mtagpl 96 68 0 0 2 0 2 2 0 8 0
mbufpl 256 287 0 0 14 0 14 14 0 8 0
bufpl 280 7483 0 1248 446 0 446 446 0 8 0
anonpl 16 151243 0 133518 111 24 87 87 0 124 14
amapchunkpl 152 10656 0 10480 53 36 17 21 0 158 9
amappl16 192 6545 0 5601 80 23 57 59 0 8 8
amappl15 184 267 0 265 2 1 1 1 0 8 0
amappl14 176 346 0 340 1 0 1 1 0 8 0
amappl13 168 304 0 301 1 0 1 1 0 8 0
amappl12 160 268 0 267 2 1 1 1 0 8 0
amappl11 152 64 0 47 1 0 1 1 0 8 0
amappl10 144 294 0 288 1 0 1 1 0 8 0
amappl9 136 685 0 682 1 0 1 1 0 8 0
amappl8 128 423 0 385 2 0 2 2 0 8 0
amappl7 120 133 0 120 1 0 1 1 0 8 0
amappl6 112 32 0 23 1 0 1 1 0 8 0
amappl5 104 1298 0 1280 1 0 1 1 0 8 0
amappl4 96 522 0 495 1 0 1 1 0 8 0
amappl3 88 470 0 465 1 0 1 1 0 8 0
amappl2 80 10659 0 10577 2 0 2 2 0 8 0
amappl1 72 40825 0 40348 23 13 10 18 0 8 0
amappl 80 4522 0 4466 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 53 0 11 1 0 1 1 0 8 0
uaddrrnd 24 1403 0 1380 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1403 0 1380 1 0 1 1 0 8 0
vmmpekpl 168 14763 0 14724 3 0 3 3 0 8 0
vmmpepl 168 178075 0 175832 165 62 103 125 0 357 5
vmsppl 368 1402 0 1380 3 0 3 3 0 8 0
pdppl 4096 2813 0 2766 8 2 6 7 0 8 0
pvpl 32 439154 0 418135 241 40 201 201 0 265 31
pmappl 232 1402 0 1380 3 1 2 2 0 8 0
extentpl 40 53 0 36 1 0 1 1 0 8 0
phpool 112 296 0 30 8 0 8 8 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
_bpf_mtap(ffff800000adb980,fffffd806d528d00,fffffd806d528d00,2) at _bpf_mtap+0x68 sys/net/bpf.c:1281
tun_dev_read(5d01,ffff800023fb1998,10) at tun_dev_read+0x113
spec_read(ffff800023fb17e0) at spec_read+0xf1 sys/kern/spec_vnops.c:222
VOP_READ(fffffd8065403b80,ffff800023fb1998,10,fffffd807f7bfa20) at VOP_READ+0xbf sys/kern/vfs_vops.c:247
vn_read(fffffd80665fcdc8,ffff800023fb1998,0) at vn_read+0x124 sys/kern/vfs_vnops.c:375
dofilereadv(ffff8000230f89f0,f0,ffff800023fb1998,0,ffff800023fb1a80) at dofilereadv+0x1a1 sys/kern/sys_generic.c:237
sys_read(ffff8000230f89f0,ffff800023fb1a30,ffff800023fb1a80) at sys_read+0x83 sys/kern/sys_generic.c:157
syscall(ffff800023fb1b00) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800023fb1b00) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa6c1c9249d0, count: -9
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800020d70ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:352
x86_ipi_handler() at x86_ipi_handler+0xc6 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__sanitizer_cov_trace_cmp4(ffffffff828b0e50,ffffffff828b0e50) at __sanitizer_cov_trace_cmp4+0xc sys/dev/kcov.c:134
uvm_map_inentry(ffff8000230f9140,ffff8000230f91b8,b2b6c686a1a,ffffffff8241a5e2,ffffffff812e4aa0,22) at uvm_map_inentry+0xbe sys/uvm/uvm_map.c:1890
syscall(ffff800021ee15d0) at syscall+0x3dc mi_syscall sys/sys/syscall_mi.h:87 [inline]
syscall(ffff800021ee15d0) at syscall+0x3dc sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xb2df3051e50, count: -7