uvm_fault(0xffffffff82891b70, 0xfffffd0000000018, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at bpf_mtap+0x58: movl 0x18(%rbx),%r12d
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
kernel page fault
uvm_fault(0xffffffff82891b70, 0xfffffd0000000018, 0, 1) -> e
bpf_mtap(ffff800000ad8580,fffffd806d7f0d00,2) at bpf_mtap+0x58 sys/net/bpf.c:1273
end trace frame: 0xffff800023fcb780, count: 0
ddb{0}> trace
bpf_mtap(ffff800000ad8580,fffffd806d7f0d00,2) at bpf_mtap+0x58 sys/net/bpf.c:1273
tun_dev_read(5d00,ffff800023fcb9f8,10) at tun_dev_read+0x113
spec_read(ffff800023fcb840) at spec_read+0xf1 sys/kern/spec_vnops.c:222
VOP_READ(fffffd806e2c04e8,ffff800023fcb9f8,10,fffffd807f7bf780) at VOP_READ+0xbf sys/kern/vfs_vops.c:247
vn_read(fffffd80669997d0,ffff800023fcb9f8,0) at vn_read+0x124 sys/kern/vfs_vnops.c:375
dofilereadv(ffff800023fb5b00,f0,ffff800023fcb9f8,0,ffff800023fcbae0) at dofilereadv+0x1a1 sys/kern/sys_generic.c:237
sys_read(ffff800023fb5b00,ffff800023fcba90,ffff800023fcbae0) at sys_read+0x83 sys/kern/sys_generic.c:157
syscall(ffff800023fcbb60) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800023fcbb60) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3567e4bfe30, count: -9
ddb{0}> show registers
rdi 0xffffffff821084c5 bpf_mtap+0x55
rsi 0x471
rbp 0xffff800023fcb710
rbx 0xfffffd0000000000
rdx 0x472
rcx 0xffff8000212f4000
rax 0xe
r8 0xffffffff82404f87 pp_r600_decoded_lanes+0x6ffb
r9 0xffff800000ac3664
r10 0xa
r11 0x627e78516b506495
r12 0xe
r13 0x2
r14 0xfffffd806d7f0d00
r15 0xffff800000ad8580
rip 0xffffffff821084c8 bpf_mtap+0x58
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff800023fcb690
ss 0x10
bpf_mtap+0x58: movl 0x18(%rbx),%r12d
ddb{0}> show proc
PROC (syz-executor.0) pid=513035 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=79, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff800023fb5d70,0xffffffff8290e270
process=0xffff800023f94030 user=0xffff800023fc6000, vmspace=0xfffffd807f000730
estcpu=36, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
41425 138389 31410 0 2 0 syz-executor.0
41425 124747 31410 0 3 0x4000080 fsleep syz-executor.0
41425 303469 31410 0 3 0x4000080 fsleep syz-executor.0
*41425 513035 31410 0 7 0x4000000 syz-executor.0
82398 216446 0 0 3 0x14280 nfsidl nfsio
98703 196140 0 0 3 0x14280 nfsidl nfsio
46715 390748 0 0 3 0x14280 nfsidl nfsio
92431 312459 0 0 3 0x14280 nfsidl nfsio
49371 426629 0 0 3 0x14280 nfsidl nfsio
9246 240 0 0 3 0x14280 nfsidl nfsio
40842 241624 0 0 3 0x14280 nfsidl nfsio
99873 68711 0 0 3 0x14280 nfsidl nfsio
73905 497770 0 0 3 0x14280 nfsidl nfsio
3843 108233 0 0 3 0x14280 nfsidl nfsio
16340 14600 0 0 3 0x14280 nfsidl nfsio
35686 386007 0 0 3 0x14280 nfsidl nfsio
83953 68173 0 0 3 0x14280 nfsidl nfsio
36791 252346 0 0 3 0x14280 nfsidl nfsio
64626 15033 0 0 3 0x14280 nfsidl nfsio
46767 435860 0 0 3 0x14280 nfsidl nfsio
39386 316147 0 0 3 0x14280 nfsidl nfsio
13017 298643 0 0 3 0x14280 nfsidl nfsio
81294 341077 0 0 3 0x14280 nfsidl nfsio
68953 468768 0 0 3 0x14280 nfsidl nfsio
26777 38795 0 0 3 0x14200 bored sosplice
30582 136158 47746 0 3 0x82 nanosleep syz-executor.1
31410 302183 47746 0 7 0x482 syz-executor.0
47746 385792 31698 0 3 0x82 thrsleep syz-fuzzer
47746 330870 31698 0 2 0x4000482 syz-fuzzer
47746 463060 31698 0 3 0x4000082 thrsleep syz-fuzzer
47746 208227 31698 0 3 0x4000082 thrsleep syz-fuzzer
47746 23111 31698 0 3 0x4000082 thrsleep syz-fuzzer
47746 382661 31698 0 3 0x4000082 kqread syz-fuzzer
47746 26620 31698 0 3 0x4000082 thrsleep syz-fuzzer
47746 475310 31698 0 3 0x4000082 thrsleep syz-fuzzer
47746 204207 31698 0 3 0x4000082 thrsleep syz-fuzzer
47746 269539 31698 0 3 0x4000082 thrsleep syz-fuzzer
47746 180214 31698 0 3 0x4000082 thrsleep syz-fuzzer
31698 389803 57336 0 3 0x10008a pause ksh
57336 318685 9027 0 3 0x92 select sshd
56684 157441 1 0 3 0x100083 ttyin getty
9027 40443 1 0 3 0x80 select sshd
44362 475251 41203 74 3 0x100092 bpf pflogd
41203 47877 1 0 3 0x80 netio pflogd
57762 177513 70521 73 3 0x100090 kqread syslogd
70521 395051 1 0 3 0x100082 netio syslogd
28560 382565 1 77 3 0x100090 poll dhclient
43153 92083 1 0 3 0x80 poll dhclient
67149 252817 0 0 3 0x14200 bored smr
85738 336027 0 0 3 0x14200 pgzero zerothread
4755 301572 0 0 3 0x14200 aiodoned aiodoned
59345 386937 0 0 3 0x14200 syncer update
43467 422025 0 0 3 0x14200 cleaner cleaner
28511 326715 0 0 3 0x14200 reaper reaper
83384 227473 0 0 3 0x14200 pgdaemon pagedaemon
98913 335318 0 0 3 0x14200 bored crynlk
36324 124347 0 0 3 0x14200 bored crypto
74660 424855 0 0 3 0x40014200 acpi0 acpi0
23758 56922 0 0 3 0x40014200 idle1
37742 313697 0 0 3 0x14200 bored softnet
12458 345047 0 0 3 0x14200 bored systqmp
40321 451169 0 0 3 0x14200 bored systq
59979 114233 0 0 3 0x40014200 bored softclock
97486 476740 0 0 3 0x40014200 idle0
1 451330 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 41425 (syz-executor.0) thread 0xffff800023fb5b00 (513035)
exclusive kernel_lock &kernel_lock r = 1 (0xffffffff82910a70)
#0 witness_lock+0x4c7 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4c7 sys/kern/subr_witness.c:1164
#1 vn_read+0x45 sys/kern/vfs_vnops.c:357
#2 dofilereadv+0x1a1 sys/kern/sys_generic.c:237
#3 sys_read+0x83 sys/kern/sys_generic.c:157
#4 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#4 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
#5 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9540 6503K 6942K 78643K 11896 0
pcb 13 8K 8K 78643K 131 0
rtable 120 6K 9K 78643K 525 0
ifaddr 108 22K 23K 78643K 239 0
sysctl 2 0K 0K 78643K 2 0
counters 45 34K 34K 78643K 83 0
ioctlops 0 0K 4K 78643K 1593 0
iov 0 0K 16K 78643K 98 0
mount 1 1K 1K 78643K 1 0
vnodes 1214 76K 77K 78643K 1616 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 16 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 133 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1824 197K 290K 78643K 13058 0
file desc 6 17K 25K 78643K 831 0
sigio 0 0K 0K 78643K 4 0
proc 63 63K 95K 78643K 517 0
subproc 32 2K 2K 78643K 34 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 59 0
in_multi 108 4K 4K 78643K 184 0
ether_multi 1 0K 0K 78643K 22 0
mrt 0 0K 0K 78643K 5 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 67 307K 307K 78643K 67 0
exec 0 0K 1K 78643K 308 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 143 88K 104K 78643K 3776 0
UVM aobj 37 4K 4K 78643K 44 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 108 0
NDP 14 0K 0K 78643K 42 0
temp 141 3858K 3924K 78643K 14925 0
kqueue 3 4K 10K 78643K 30 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 12 0 1 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 80 63 0 61 1 0 1 1 0 8 0
rtentry 112 69 0 26 2 0 2 2 0 8 0
unpcb 120 679 0 669 1 0 1 1 0 8 0
syncache 264 14 0 14 4 4 0 1 0 8 0
tcpqe 32 88 0 88 1 1 0 1 0 8 0
tcpcb 544 328 0 324 1 0 1 1 0 8 0
inpcb 280 1520 0 1513 5 3 2 2 0 8 1
rttmr 72 1 0 1 1 1 0 1 0 8 0
nd6 48 11 0 9 1 0 1 1 0 8 0
pkpcb 40 5 0 5 3 3 0 1 0 8 0
ppxss 1128 2 0 2 2 2 0 1 0 8 0
pffrag 232 5 0 5 3 3 0 1 0 482 0
pffrnode 88 5 0 5 3 3 0 1 0 8 0
pffrent 40 96 0 96 3 3 0 1 0 8 0
pfosfp 40 846 0 423 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 48 0 42 1 0 1 1 0 8 0
pftag 88 4 0 0 1 0 1 1 0 8 0
pfqueue 264 2 0 2 1 1 0 1 0 8 0
pfstitem 24 18 0 14 1 0 1 1 0 8 0
pfstkey 112 18 0 14 1 0 1 1 0 8 0
pfstate 328 18 0 14 2 1 1 2 0 8 0
pfsrctr 152 61 0 57 1 0 1 1 0 8 0
pfrule 1360 42 0 26 3 1 2 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 315 0 135 14 1 13 14 0 8 1
art_table 32 316 0 135 2 0 2 2 0 8 0
art_node 16 68 0 28 1 0 1 1 0 8 0
sysvmsgpl 40 65 0 25 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 131 0 121 1 0 1 1 0 8 0
shmpl 112 42 0 7 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 2540 0 1140 89 0 89 89 0 8 0
ffsino 272 2540 0 1140 95 0 95 95 0 8 0
nchpl 144 4171 0 2559 60 0 60 60 0 8 0
uvmvnodes 72 2865 0 0 53 0 53 53 0 8 0
vnodes 208 2865 0 0 151 0 151 151 0 8 0
namei 1024 11553 0 11553 3 2 1 1 0 8 1
percpumem 16 52 0 19 1 0 1 1 0 8 0
vcpupl 1984 5 0 0 1 0 1 1 0 8 0
vmpool 560 9 0 4 2 1 1 1 0 8 0
pfiaddrpl 120 15 0 11 1 0 1 1 0 8 0
scxspl 192 11891 0 11891 13 12 1 7 0 8 1
plimitpl 152 73 0 65 1 0 1 1 0 8 0
sigapl 424 1067 0 1014 6 0 6 6 0 8 0
futexpl 56 13576 0 13574 3 2 1 1 0 8 0
knotepl 112 94 0 75 1 0 1 1 0 8 0
kqueuepl 144 118 0 114 1 0 1 1 0 8 0
pipelkpl 48 224 0 214 1 0 1 1 0 8 0
pipepl 120 448 0 429 2 1 1 2 0 8 0
fdescpl 496 1031 0 1014 3 0 3 3 0 8 0
filepl 152 7149 0 7045 6 1 5 6 0 8 0
lockfpl 104 257 0 253 1 0 1 1 0 8 0
lockfspl 48 83 0 79 1 0 1 1 0 8 0
sessionpl 112 18 0 7 1 0 1 1 0 8 0
pgrppl 48 26 0 15 1 0 1 1 0 8 0
ucredpl 96 453 0 444 1 0 1 1 0 8 0
zombiepl 144 1015 0 1014 1 0 1 1 0 8 0
processpl 984 1067 0 1014 7 0 7 7 0 8 0
procpl 624 2968 0 2902 7 1 6 6 0 8 0
sosppl 128 21 0 21 2 2 0 1 0 8 0
sockpl 400 2267 0 2248 7 3 4 4 0 8 2
mcl64k 65536 17 0 0 3 0 3 3 0 8 0
mcl16k 16384 2 0 0 1 0 1 1 0 8 0
mcl12k 12288 10 0 0 1 0 1 1 0 8 0
mcl9k 9216 6 0 0 1 0 1 1 0 8 0
mcl8k 8192 5 0 0 1 0 1 1 0 8 0
mcl4k 4096 8 0 0 1 0 1 1 0 8 0
mcl2k2 2112 3 0 0 1 0 1 1 0 8 0
mcl2k 2048 164 0 0 20 0 20 20 0 8 0
mtagpl 80 46 0 0 1 0 1 1 0 8 0
mbufpl 256 317 0 0 18 0 18 18 0 8 0
bufpl 280 5282 0 133 368 0 368 368 0 8 0
anonpl 16 100239 0 83778 87 18 69 81 0 124 2
amapchunkpl 152 6543 0 6382 32 12 20 20 0 158 12
amappl16 192 4302 0 3414 57 11 46 57 0 8 1
amappl15 184 800 0 795 1 0 1 1 0 8 0
amappl14 176 28 0 23 1 0 1 1 0 8 0
amappl13 168 28 0 25 1 0 1 1 0 8 0
amappl12 160 9 0 7 2 1 1 1 0 8 0
amappl11 152 477 0 460 1 0 1 1 0 8 0
amappl10 144 17 0 13 1 0 1 1 0 8 0
amappl9 136 392 0 390 1 0 1 1 0 8 0
amappl8 128 377 0 340 2 0 2 2 0 8 0
amappl7 120 118 0 107 1 0 1 1 0 8 0
amappl6 112 22 0 19 2 1 1 1 0 8 0
amappl5 104 941 0 920 1 0 1 1 0 8 0
amappl4 96 500 0 472 1 0 1 1 0 8 0
amappl3 88 146 0 141 1 0 1 1 0 8 0
amappl2 80 8123 0 8040 2 0 2 2 0 8 0
amappl1 72 32000 0 31529 23 13 10 18 0 8 0
amappl 80 3217 0 3161 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 43 0 7 1 0 1 1 0 8 0
uaddrrnd 24 1040 0 1018 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1040 0 1018 1 0 1 1 0 8 0
vmmpekpl 168 11808 0 11767 3 0 3 3 0 8 0
vmmpepl 168 130179 0 128001 127 31 96 110 0 357 1
vmsppl 368 1039 0 1018 2 0 2 2 0 8 0
pdppl 4096 2087 0 2041 6 0 6 6 0 8 0
pvpl 32 310065 0 290258 203 27 176 194 0 265 14
pmappl 232 1039 0 1018 3 1 2 2 0 8 0
extentpl 40 53 0 36 1 0 1 1 0 8 0
phpool 112 277 0 10 8 0 8 8 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
bpf_mtap(ffff800000ad8580,fffffd806d7f0d00,2) at bpf_mtap+0x58 sys/net/bpf.c:1273
tun_dev_read(5d00,ffff800023fcb9f8,10) at tun_dev_read+0x113
spec_read(ffff800023fcb840) at spec_read+0xf1 sys/kern/spec_vnops.c:222
VOP_READ(fffffd806e2c04e8,ffff800023fcb9f8,10,fffffd807f7bf780) at VOP_READ+0xbf sys/kern/vfs_vops.c:247
vn_read(fffffd80669997d0,ffff800023fcb9f8,0) at vn_read+0x124 sys/kern/vfs_vnops.c:375
dofilereadv(ffff800023fb5b00,f0,ffff800023fcb9f8,0,ffff800023fcbae0) at dofilereadv+0x1a1 sys/kern/sys_generic.c:237
sys_read(ffff800023fb5b00,ffff800023fcba90,ffff800023fcbae0) at sys_read+0x83 sys/kern/sys_generic.c:157
syscall(ffff800023fcbb60) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800023fcbb60) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3567e4bfe30, count: -9
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800020d80ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:352
x86_ipi_handler() at x86_ipi_handler+0xc6 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__mp_lock(ffffffff82910868) at __mp_lock+0x127 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff82910868) at __mp_lock+0x127 sys/kern/kern_lock.c:147
__mp_acquire_count(ffffffff82910868,1) at __mp_acquire_count+0x51 sys/kern/kern_lock.c:227
mi_switch() at mi_switch+0x392 sys/kern/sched_bsd.c:435
sleep_finish(ffff800020eed700,1) at sleep_finish+0x113 sys/kern/kern_synch.c:418
sleep_finish_all(ffff800020eed700,1) at sleep_finish_all+0x32 sleep_finish_timeout sys/kern/kern_synch.c:447 [inline]
sleep_finish_all(ffff800020eed700,1) at sleep_finish_all+0x32 sys/kern/kern_synch.c:393
tsleep(ffffffff828678b8,120,ffffffff823d7d65,2) at tsleep+0x1cc sys/kern/kern_synch.c:155
sys_nanosleep(ffff800020dedad8,ffff800020eed830,ffff800020eed880) at sys_nanosleep+0x205 sys/kern/kern_time.c:297
syscall(ffff800020eed900) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800020eed900) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffc3ff0, count: -12