kernel: protection fault trap, code=0
Stopped at pf_anchor_global_RB_REMOVE+0x81: movq 0(%r12),%r15
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
the kernel did not panic
ddb> trace
pf_anchor_global_RB_REMOVE(ffffffff83a9e558,ffff800001632848) at pf_anchor_global_RB_REMOVE+0x81 sys/net/pf_ruleset.c:82
pf_remove_if_empty_ruleset(ffff800001632cd8) at pf_remove_if_empty_ruleset+0x12d sys/net/pf_ruleset.c:301
pfi_dynaddr_setup(ffff80000161bd48,0,1) at pfi_dynaddr_setup+0x671 sys/net/pf_if.c:508
pf_addr_setup(ffffffff83a9e9f0,ffff80000161bd48,0) at pf_addr_setup+0x46 sys/net/pf_ioctl.c:948
pfioctl(14900,cd60441a,ffff8000015fb000,83,ffff80002a8a34f8) at pfioctl+0x9aee sys/net/pf_ioctl.c:2624
VOP_IOCTL(fffffa0067bf3988,cd60441a,ffff8000015fb000,83,fffffa0007ffd548,ffff80002a8a34f8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264
vn_ioctl(fffffa006d3dbad8,cd60441a,ffff8000015fb000,ffff80002a8a34f8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537
sys_ioctl(ffff80002a8a34f8,ffff80003c8f9600,ffff80003c8f9550) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1
syscall(ffff80003c8f9600) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c8f9600) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1a4a5d03dc0, count: -10
ddb> show registers
rdi 0xffff8000314b8000
rsi 0x7bb
rbp 0xffff80003c8f8fd0
rbx 0xffffffff83a9e558 pf_anchors
rdx 0xffff8000314b8000
rcx 0x7ba
rax 0xffffffff826669bf pf_anchor_global_RB_REMOVE+0x2f
r8 0x3fc
r9 0x8080808080808080
r10 0x927914dc6dab4674
r11 0x3cb9c7d782789813
r12 0xf3a39c355fcbde0c
r13 0x1
r14 0xffff800001632848
r15 0xaf3db98f2992aab9
rip 0xffffffff82666a11 pf_anchor_global_RB_REMOVE+0x81
cs 0x8
rflags 0x10286 __ALIGN_SIZE+0xf286
rsp 0xffff80003c8f8f80
ss 0x10
pf_anchor_global_RB_REMOVE+0x81: movq 0(%r12),%r15
ddb> show proc
PROC (syz-executor) tid=279116 pid=57517 tcnt=2 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=32, usrpri=50, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80002a8a3260,0xffff80002a8a3a38
process=0xffff8000ffff96a0 user=0xffff80003c8f4000, vmspace=0xfffffa006ca862f0
estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
99595 479690 58297 0 2 0 syz-executor
57517 189865 52538 0 2 0 syz-executor
*57517 279116 52538 0 7 0x4000000 syz-executor
7654 366732 87566 0 2 0 syz-executor
7654 239062 87566 0 3 0x4000080 bell syz-executor
83514 190536 63107 0 3 0x80 nanoslp syz-executor
83514 263523 63107 0 3 0x4000080 kqread syz-executor
88051 171446 70275 0 2 0 syz-executor
88051 465641 70275 0 3 0x4000080 ttyretype syz-executor
46371 294796 28892 -1 3 0x90 nanoslp syz-executor
46371 69893 28892 -1 3 0x4000090 msgwait syz-executor
46371 396348 28892 -1 3 0x4000090 fsleep syz-executor
32317 155423 14085 0 3 0x3000 suspend syz-executor
32317 423649 14085 0 2 0x4081000 syz-executor
32317 148580 14085 0 3 0x4081000 inode syz-executor
96514 269269 1 0 3 0x100083 ttyin getty
70275 413 23075 0 3 0x82 nanoslp syz-executor
58297 261057 23075 0 3 0x82 nanoslp syz-executor
6861 441491 23075 0 3 0x82 nanoslp syz-executor
72254 295407 0 0 3 0x14280 nfsidl nfsio
37565 488823 0 0 3 0x14280 nfsidl nfsio
92445 512896 0 0 3 0x14280 nfsidl nfsio
10218 75454 0 0 3 0x14280 nfsidl nfsio
75275 254801 0 0 3 0x14280 nfsidl nfsio
884 85215 0 0 3 0x14280 nfsidl nfsio
22528 400949 0 0 3 0x14280 nfsidl nfsio
56591 370113 0 0 3 0x14280 nfsidl nfsio
76191 194603 0 0 3 0x14280 nfsidl nfsio
41959 4476 0 0 3 0x14280 nfsidl nfsio
83776 325195 0 0 3 0x14280 nfsidl nfsio
97647 162265 0 0 3 0x14280 nfsidl nfsio
97131 309674 0 0 3 0x14280 nfsidl nfsio
64697 334102 0 0 3 0x14280 nfsidl nfsio
66624 248856 0 0 3 0x14280 nfsidl nfsio
80419 460486 0 0 3 0x14280 nfsidl nfsio
53952 10265 0 0 3 0x14280 nfsidl nfsio
96621 58143 0 0 3 0x14280 nfsidl nfsio
95670 166 0 0 3 0x14280 nfsidl nfsio
17781 100726 0 0 3 0x14280 nfsidl nfsio
63107 243412 23075 0 3 0x82 nanoslp syz-executor
28892 378107 23075 0 3 0x82 nanoslp syz-executor
87566 452941 23075 0 3 0x82 nanoslp syz-executor
52538 176462 23075 0 3 0x82 nanoslp syz-executor
14085 77661 23075 0 3 0x82 wait syz-executor
23075 247504 87705 0 2 0x2 syz-executor
87705 331844 38188 0 3 0x10008a sigsusp ksh
38188 380553 68094 0 3 0x98 kqread sshd-session
68094 302722 16615 0 3 0x92 kqread sshd-session
16615 390326 1 0 3 0x88 kqread sshd
91995 519474 13936 73 3 0x1100090 kqread syslogd
13936 68654 1 0 3 0x100082 sbwait syslogd
72469 57739 1 0 3 0x100080 kqread resolvd
35246 36696 64857 77 3 0x100092 kqread dhcpleased
99229 150130 64857 77 3 0x100092 kqread dhcpleased
64857 503486 1 0 3 0x80 kqread dhcpleased
10834 20301 0 0 3 0x14200 bored smr
41426 222864 0 0 2 0x14200 zerothread
92666 365251 0 0 3 0x14200 aiodoned aiodoned
5583 204307 0 0 3 0x14200 syncer update
92345 430718 0 0 3 0x14200 cleaner cleaner
65958 321527 0 0 3 0x14200 reaper reaper
93169 221752 0 0 3 0x14200 pgdaemon pagedaemon
59064 43222 0 0 3 0x14200 bored viomb
22885 410330 0 0 3 0x40014200 acpi0 acpi0
28089 37789 0 0 3 0x14200 bored softnet0
34507 351586 0 0 3 0x14200 bored systqmp
99010 188369 0 0 3 0x14200 bored systq
10152 174641 0 0 3 0x40014200 tmoslp softclock
35151 340638 0 0 3 0x40014200 idle0
1 340000 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11060 12377K 12573K 166960K 13666 0
pcb 17 13K 14K 166960K 245 0
rtable 220 9K 11K 166960K 626 0
pf 41 15K 20K 166960K 261 0
ifaddr 39 7K 7K 166960K 101 0
ifgroup 51 2K 2K 166960K 159 0
sysctl 4 1K 9K 166960K 12 0
counters 34 17K 18K 166960K 83 0
ioctlops 1 4K 4K 166960K 375 0
iov 0 0K 12K 166960K 41 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1392 88K 88K 166960K 2508 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 20 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 133 0
dirhash 12 2K 2K 166960K 21 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 18 65K 81K 166960K 1104 0
sigio 0 0K 0K 166960K 80 0
proc 61 59K 83K 166960K 652 0
subproc 72 4K 4K 166960K 99 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 188 0
in_multi 91 6K 7K 166960K 152 0
ether_multi 1 0K 0K 166960K 7 0
mrt 0 0K 0K 166960K 21 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 97 440K 440K 166960K 97 0
exec 0 0K 1K 166960K 496 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 2 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 215 158K 177K 166960K 10855 0
UVM aobj 26 2K 2K 166960K 27 0
pinsyscall 39 78K 88K 166960K 2270 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 36 0
NDP 11 0K 1K 166960K 74 0
temp 57 9111K 13208K 166960K 34346 0
kqueue 13 20K 31K 166960K 202 0
SYN cache 2 16K 24K 166960K 3 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 167 0 163 2 0 2 2 0 8 1
rtentry 136 156 0 69 4 0 4 4 0 8 0
unpcb 144 453 0 437 2 1 1 2 0 8 0
syncache 336 6 0 6 2 1 1 1 0 8 1
tcpcb 736 282 0 278 7 6 1 7 0 8 0
arp 96 25 0 11 1 0 1 1 0 8 0
ipq 40 13 0 12 1 0 1 1 0 8 0
ipqe 40 25 0 24 1 0 1 1 0 8 0
inpcb 328 884 0 877 11 6 5 7 0 8 4
nd6 112 37 0 15 1 0 1 1 0 8 0
pkpcb 40 5 0 5 2 1 1 1 0 8 1
kcovpl 48 11 0 3 1 0 1 1 0 8 0
ppxss 1072 41 0 39 2 1 1 1 0 8 0
pfstscr 40 15 0 15 2 1 1 1 0 8 1
pffrag 232 11 0 7 1 0 1 1 0 482 0
pffrnode 88 11 0 7 1 0 1 1 0 8 0
pffrent 40 21 0 17 1 0 1 1 0 8 0
pfrktable 1344 32 1 30 1 0 1 1 0 8 0
pfsrclim 320 18 0 17 1 0 1 1 0 8 0
pfanchor 1288 22 0 22 2 1 1 1 0 8 1
pftag 88 8 0 5 1 0 1 1 0 8 0
pfqueue 320 28 0 12 2 0 2 2 0 8 0
pfstitem 24 16 0 7 1 0 1 1 0 8 0
pfstkey 128 38 0 25 1 0 1 1 0 8 0
pfstate 384 20 0 15 1 0 1 1 0 8 0
pfrule 1360 20 0 19 2 1 1 1 0 8 0
rttmr 136 1 0 1 1 1 0 1 0 8 0
art_heap8 4096 2 0 0 2 0 2 2 0 8 0
art_heap4 256 697 0 291 33 6 27 30 0 8 0
art_table 40 699 0 291 5 0 5 5 0 8 0
art_node 32 155 0 77 1 0 1 1 0 8 0
sysvmsgpl 40 18 0 9 1 0 1 1 0 8 0
semapl 72 64 0 54 1 0 1 1 0 8 0
shmpl 112 24 0 1 1 0 1 1 0 8 0
dirhash 1024 23 0 6 3 0 3 3 0 8 0
dino2pl 256 3260 0 1799 92 0 92 92 0 8 0
ffsino 256 3260 0 1799 92 0 92 92 0 8 0
nchpl 144 4653 0 2954 64 0 64 64 0 8 0
rtmask 32 3 0 3 1 1 0 1 0 8 0
vnodes 216 4127 0 0 230 0 230 230 0 8 0
namei 1024 14994 0 14994 3 2 1 2 0 8 1
pfiaddrpl 120 9 0 8 2 1 1 1 0 8 0
kstatmem 264 105 0 82 2 0 2 2 0 8 0
scsiplug 72 6 0 6 1 1 0 1 0 8 0
scxspl 216 18711 0 18711 8 7 1 8 1 8 1
plimitpl 152 208 0 189 1 0 1 1 0 8 0
sigapl 424 1409 0 1346 8 0 8 8 0 8 0
knotepl 120 38501 0 38454 42 30 12 17 0 8 8
kqueuepl 184 366 0 355 5 2 3 3 0 8 2
pipepl 304 180 0 153 3 0 3 3 0 8 0
fdescpl 448 1376 0 1346 4 0 4 4 0 8 0
filepl 120 6870 0 6649 14 4 10 12 0 8 1
lockfpl 104 661 0 656 2 1 1 2 0 8 0
lockfspl 48 186 0 181 1 0 1 1 0 8 0
sessionpl 144 151 0 143 1 0 1 1 0 8 0
pgrppl 48 166 0 150 1 0 1 1 0 8 0
ucredpl 104 947 0 934 1 0 1 1 0 8 0
zombiepl 144 1348 0 1346 1 0 1 1 0 8 0
processpl 1152 1409 0 1346 5 0 5 5 0 8 0
procpl 664 2635 0 2564 8 0 8 8 0 8 0
sockpl 552 1528 0 1501 12 5 7 8 0 8 5
mcl64k 65536 125 0 124 2 1 1 1 0 8 0
mcl16k 16384 33 0 33 2 1 1 1 0 8 1
mcl12k 12288 5 0 5 2 1 1 1 0 8 1
mcl9k128 9344 2 0 2 2 1 1 1 0 8 1
mcl8k 8192 70 0 70 2 1 1 1 0 8 1
mcl4k 4096 4064 0 4012 14 6 8 14 0 8 1
mcl2k2 2112 5 0 5 1 1 0 1 0 8 0
mcl2k 2048 980 0 978 2 1 1 2 0 8 0
mtagpl 96 9 0 5 1 0 1 1 0 8 0
mbufpl 256 14891 0 14731 22 4 18 18 0 8 5
bufpl 280 6221 0 107 437 0 437 437 0 8 0
anonpl 24 216495 0 209347 71 24 47 53 0 186 0
amapchunkpl 152 49395 0 48940 48 15 33 33 0 158 13
amappl16 200 4607 0 4338 33 18 15 19 0 8 0
amappl15 192 5 0 4 1 0 1 1 0 8 0
amappl14 184 440 0 439 1 0 1 1 0 8 0
amappl13 176 124 0 114 1 0 1 1 0 8 0
amappl12 168 1622 0 1594 2 0 2 2 0 8 0
amappl11 160 4 0 4 1 1 0 1 0 8 0
amappl10 152 54 0 44 1 0 1 1 0 8 0
amappl9 144 274 0 273 1 0 1 1 0 8 0
amappl8 136 101 0 99 1 0 1 1 0 8 0
amappl7 128 147 0 136 1 0 1 1 0 8 0
amappl6 120 186 0 182 1 0 1 1 0 8 0
amappl5 112 91 0 83 1 0 1 1 0 8 0
amappl4 104 272 0 257 1 0 1 1 0 8 0
amappl3 96 7472 0 7370 4 0 4 4 0 8 0
amappl2 88 540 0 485 2 0 2 2 0 8 0
amappl1 80 14224 0 13675 13 1 12 13 0 8 0
amappl 88 9980 0 9828 5 0 5 5 0 92 0
uvmvnodes 80 123 0 0 3 0 3 3 0 8 0
dma8192 8192 1 0 1 1 0 1 1 0 8 1
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma2048 2048 2 0 2 2 1 1 1 0 8 1
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 7 0 7 1 1 0 1 0 8 0
dma128 128 256 0 256 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 26 0 1 1 0 1 1 0 8 0
uaddrrnd 24 1376 0 1346 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1376 0 1346 1 0 1 1 0 8 0
vmmpekpl 168 11413 0 11365 3 0 3 3 0 8 0
vmmpepl 168 91934 0 89865 103 10 93 94 0 357 2
vmsppl 368 1375 0 1346 4 1 3 4 0 8 0
rwobjpl 40 26189 0 24971 14 1 13 13 0 8 0
pdppl 4096 2758 0 2692 104 38 66 74 0 8 0
pvpl 32 628436 0 615294 174 45 129 135 0 265 1
pmappl 216 1375 0 1346 2 0 2 2 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 398 0 72 10 0 10 10 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
pf_anchor_global_RB_REMOVE(ffffffff83a9e558,ffff800001632848) at pf_anchor_global_RB_REMOVE+0x81 sys/net/pf_ruleset.c:82
pf_remove_if_empty_ruleset(ffff800001632cd8) at pf_remove_if_empty_ruleset+0x12d sys/net/pf_ruleset.c:301
pfi_dynaddr_setup(ffff80000161bd48,0,1) at pfi_dynaddr_setup+0x671 sys/net/pf_if.c:508
pf_addr_setup(ffffffff83a9e9f0,ffff80000161bd48,0) at pf_addr_setup+0x46 sys/net/pf_ioctl.c:948
pfioctl(14900,cd60441a,ffff8000015fb000,83,ffff80002a8a34f8) at pfioctl+0x9aee sys/net/pf_ioctl.c:2624
VOP_IOCTL(fffffa0067bf3988,cd60441a,ffff8000015fb000,83,fffffa0007ffd548,ffff80002a8a34f8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264
vn_ioctl(fffffa006d3dbad8,cd60441a,ffff8000015fb000,ffff80002a8a34f8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537
sys_ioctl(ffff80002a8a34f8,ffff80003c8f9600,ffff80003c8f9550) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1
syscall(ffff80003c8f9600) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c8f9600) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1a4a5d03dc0, count: -10
ddb> machine ddbcpu 1
No such command
ddb> trace
pf_anchor_global_RB_REMOVE(ffffffff83a9e558,ffff800001632848) at pf_anchor_global_RB_REMOVE+0x81 sys/net/pf_ruleset.c:82
pf_remove_if_empty_ruleset(ffff800001632cd8) at pf_remove_if_empty_ruleset+0x12d sys/net/pf_ruleset.c:301
pfi_dynaddr_setup(ffff80000161bd48,0,1) at pfi_dynaddr_setup+0x671 sys/net/pf_if.c:508
pf_addr_setup(ffffffff83a9e9f0,ffff80000161bd48,0) at pf_addr_setup+0x46 sys/net/pf_ioctl.c:948
pfioctl(14900,cd60441a,ffff8000015fb000,83,ffff80002a8a34f8) at pfioctl+0x9aee sys/net/pf_ioctl.c:2624
VOP_IOCTL(fffffa0067bf3988,cd60441a,ffff8000015fb000,83,fffffa0007ffd548,ffff80002a8a34f8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264
vn_ioctl(fffffa006d3dbad8,cd60441a,ffff8000015fb000,ffff80002a8a34f8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537
sys_ioctl(ffff80002a8a34f8,ffff80003c8f9600,ffff80003c8f9550) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1
syscall(ffff80003c8f9600) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c8f9600) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1a4a5d03dc0, count: -10