uvm_fault(0xffffffff824fee30, 0xffffffff815e1e34, 0, 2) -> e
kernel: page fault trap, code=0
Stopped at m_zero+0xde: orb $0x20,0x1f(%r15)
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
kernel page fault
uvm_fault(0xffffffff824fee30, 0xffffffff815e1e34, 0, 2) -> e
m_zero(fffffd802cf60000) at m_zero+0xde sys/kern/uipc_mbuf.c:1301
end trace frame: 0xffff800014b41fd0, count: 0
ddb> trace
m_zero(fffffd802cf60000) at m_zero+0xde sys/kern/uipc_mbuf.c:1301
m_free(fffffd802cf60000) at m_free+0x87 sys/kern/uipc_mbuf.c:443
ml_purge(ffff800014b42028) at ml_purge+0x50 m_freem sys/kern/uipc_mbuf.c:538 [inline]
ml_purge(ffff800014b42028) at ml_purge+0x50 sys/kern/uipc_mbuf.c:1628
ifq_purge(ffff800000cbb260) at ifq_purge+0x97 sys/net/ifq.c:423
if_down(ffff800000cbb000) at if_down+0x9c if_linkstate sys/net/if.c:1633 [inline]
if_down(ffff800000cbb000) at if_down+0x9c sys/net/if.c:1584
if_clone_destroy(ffff800014b42460) at if_clone_destroy+0x11c sys/net/if.c:1261
ifioctl(fffffd8036ff0000,80206979,ffff800014b42460,ffff8000ffff3650) at ifioctl+0x3d4 sys/net/if.c:1877
fifo_ioctl(ffff800014b422a8) at fifo_ioctl+0x101 sys/miscfs/fifofs/fifo_vnops.c:282
VOP_IOCTL(fffffd803b164ea8,80206979,ffff800014b42460,82,fffffd803f7c6ae0,ffff8000ffff3650) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
vn_ioctl(fffffd8037551a50,80206979,ffff800014b42460,ffff8000ffff3650) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:536
sys_ioctl(ffff8000ffff3650,ffff800014b42578,ffff800014b425c0) at sys_ioctl+0x5b9
syscall(ffff800014b42640) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,0,ffffffffffffff36,0,3,7412c46d010) at Xsyscall+0x128
end of kernel
end trace frame: 0x7440989d9b0, count: -13
ddb> show registers
rdi 0xffffffff81690b8e m_zero+0xde
rsi 0x36c
rbp 0xffff800014b41f80
rbx 0xffff800014b42460
rdx 0x36d
rcx 0xffff800015988000
rax 0xffff800015988000
r8 0x101010101010101
r9 0x8080808080808080
r10 0xe454091e443a2e14
r11 0xd5cf85802163dd48
r12 0x2000 __ALIGN_SIZE+0x1000
r13 0x3
r14 0xfffffd802cf60000
r15 0xffffffff815e1e15 lapic_delay+0xb5
rip 0xffffffff81690b8e m_zero+0xde
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff800014b41f50
ss 0x10
m_zero+0xde: orb $0x20,0x1f(%r15)
ddb> show proc
PROC (syz-executor.1) pid=18571 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=86, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff3b40,0xffff8000ffff38d8
process=0xffff8000148a2018 user=0xffff800014b3d000, vmspace=0xfffffd803f013550
estcpu=36, cpticks=5, pctcpu=0.0
user=0, sys=0, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
55106 201242 15521 0 2 0 syz-executor.1
*55106 18571 15521 0 7 0x4000000 syz-executor.1
55106 467724 15521 0 3 0x4000080 fsleep syz-executor.1
72227 31556 34363 0 3 0x80 nanosleep syz-executor.0
72227 345635 34363 0 3 0x4000080 nanosleep syz-executor.0
72227 373350 34363 0 3 0x4000080 fsleep syz-executor.0
34363 475767 69722 0 3 0x82 nanosleep syz-executor.0
15521 55661 69722 0 3 0x82 nanosleep syz-executor.1
99660 355305 0 0 3 0x14200 acct acct
93552 458672 0 0 3 0x14200 bored sosplice
69722 332178 57402 0 3 0x82 thrsleep syz-fuzzer
69722 375054 57402 0 3 0x4000082 thrsleep syz-fuzzer
69722 350397 57402 0 3 0x4000082 thrsleep syz-fuzzer
69722 204547 57402 0 3 0x4000082 thrsleep syz-fuzzer
69722 265234 57402 0 3 0x4000082 thrsleep syz-fuzzer
69722 170963 57402 0 3 0x4000082 thrsleep syz-fuzzer
69722 437066 57402 0 3 0x4000082 thrsleep syz-fuzzer
69722 225696 57402 0 3 0x4000082 kqread syz-fuzzer
57402 328046 55003 0 3 0x10008a pause ksh
55003 169174 32342 0 3 0x92 select sshd
17589 32593 1 0 3 0x100083 ttyin getty
32342 362606 1 0 3 0x80 select sshd
6892 498596 30172 73 3 0x100090 kqread syslogd
30172 130652 1 0 3 0x100082 netio syslogd
86056 314379 0 0 2 0x14200 zerothread
72006 265275 0 0 3 0x14200 aiodoned aiodoned
27436 24010 0 0 3 0x14200 syncer update
25091 486315 0 0 3 0x14200 cleaner cleaner
84380 77799 0 0 3 0x14200 reaper reaper
36423 466907 0 0 3 0x14200 pgdaemon pagedaemon
24605 126644 0 0 3 0x14200 bored crynlk
20580 219869 0 0 3 0x14200 bored crypto
60850 143387 0 0 3 0x40014200 acpi0 acpi0
21331 410425 0 0 3 0x14200 bored softnet
21776 479307 0 0 3 0x14200 bored systqmp
68476 54793 0 0 3 0x14200 bored systq
33482 450491 0 0 3 0x40014200 bored softclock
81924 491279 0 0 3 0x40014200 idle0
12411 6111 0 0 3 0x14200 bored smr
1 285948 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9553 6367K 13164K 78643K 36376 0 0
pcb 13 11K 13K 78643K 972 0 0
rtable 150 14K 15K 78643K 1812 0 0
ifaddr 89 19K 20K 78643K 508 0 0
counters 19 16K 16K 78643K 19 0 0
ioctlops 0 0K 2K 78643K 226 0 0
iov 0 0K 32K 78643K 1086 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1330 83K 84K 78643K 8120 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 56 0 0
VM map 38 9K 9K 78643K 51 0 0
sem 12 0K 0K 78643K 1163 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1793 195K 288K 78643K 12645 0 0
file desc 6 17K 25K 78643K 2736 0 0
sigio 0 0K 0K 78643K 40 0 0
proc 44 30K 63K 78643K 1476 0 0
subproc 32 2K 2K 78643K 391 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 225 0 0
in_multi 36 2K 2K 78643K 336 0 0
ether_multi 1 0K 0K 78643K 26 0 0
mrt 1 0K 0K 78643K 28 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 84 371K 371K 78643K 84 0 0
exec 0 0K 1K 78643K 741 0 0
pfkey data 0 0K 0K 78643K 2 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 170 299K 300K 78643K 8030 0 0
UVM aobj 130 4K 4K 78643K 149 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 567 0 0
NDP 18 0K 0K 78643K 159 0 0
temp 215 3548K 4182K 78643K 56287 0 0
kqueue 0 0K 0K 78643K 16 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 41 0 37 1 0 1 1 0 8 0
rtpcb 80 289 0 289 1 0 1 1 0 8 1
rtentry 112 336 0 277 2 0 2 2 0 8 0
unpcb 120 1848 0 1836 2 1 1 2 0 8 0
syncache 264 22 0 22 7 7 0 1 0 8 0
sackhl 24 1 0 1 1 1 0 1 0 8 0
tcpqe 32 129 0 129 4 4 0 1 0 8 0
tcpcb 544 1168 0 1164 14 13 1 12 0 8 0
ipq 40 35 0 35 12 11 1 1 0 8 1
ipqe 40 896 0 896 12 11 1 1 0 8 1
inpcb 280 5726 0 5722 17 15 2 9 0 8 1
rttmr 72 12 0 11 4 3 1 1 0 8 0
nd6 48 49 0 46 3 2 1 1 0 8 0
pkpcb 40 4 0 4 2 2 0 1 0 8 0
ppxss 1128 48 0 48 10 10 0 1 0 8 0
art_heap8 4096 9 0 5 6 2 4 6 0 8 0
art_heap4 256 1422 0 1150 29 11 18 20 0 8 0
art_table 32 1431 0 1155 6 3 3 3 0 8 0
art_node 16 330 0 285 1 0 1 1 0 8 0
sysvmsgpl 40 56 0 36 1 0 1 1 0 8 0
semapl 112 1161 0 1151 1 0 1 1 0 8 0
shmpl 112 147 0 19 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 5512 0 4113 46 0 46 46 0 8 0
ffsino 240 5512 0 4113 83 0 83 83 0 8 0
nchpl 144 9620 0 9157 60 40 20 60 0 8 0
uvmvnodes 72 6750 0 0 123 0 123 123 0 8 0
vnodes 208 6750 0 0 356 0 356 356 0 8 0
namei 1024 39001 0 39001 3 2 1 1 0 8 1
vcpupl 1984 36 0 0 5 0 5 5 0 8 0
vmpool 520 49 0 13 4 1 3 3 0 8 0
scsiplug 64 1 0 1 1 1 0 1 0 8 0
scxspl 192 32583 0 32583 20 19 1 7 0 8 1
plimitpl 152 237 0 231 1 0 1 1 0 8 0
sigapl 432 2843 0 2831 2 0 2 2 0 8 0
futexpl 56 102359 0 102357 3 2 1 1 0 8 0
knotepl 112 694 0 670 1 0 1 1 0 8 0
kqueuepl 104 928 0 924 4 3 1 4 0 8 0
pipepl 112 1858 0 1839 8 6 2 2 0 8 1
fdescpl 424 2844 0 2831 2 0 2 2 0 8 0
filepl 120 31159 0 31064 30 25 5 10 0 8 2
lockfpl 104 1463 0 1463 1 0 1 1 0 8 1
lockfspl 48 413 0 413 1 0 1 1 0 8 1
sessionpl 112 38 0 30 1 0 1 1 0 8 0
pgrppl 48 67 0 59 1 0 1 1 0 8 0
ucredpl 96 2556 0 2550 1 0 1 1 0 8 0
zombiepl 144 2831 0 2831 1 0 1 1 0 8 1
processpl 864 2860 0 2831 4 0 4 4 0 8 0
procpl 632 6139 0 6099 4 0 4 4 0 8 0
sosppl 128 45 0 45 9 8 1 1 0 8 1
sockpl 384 8005 0 7988 29 25 4 14 0 8 1
mcl64k 65536 1176 0 1176 95 94 1 33 0 8 1
mcl16k 16384 52 0 52 9 8 1 1 0 8 1
mcl12k 12288 160 0 160 4 3 1 1 0 8 1
mcl9k 9216 53 0 53 9 8 1 1 0 8 1
mcl8k 8192 161 0 161 4 3 1 1 0 8 1
mcl4k 4096 300 0 300 6 5 1 1 0 8 1
mcl2k2 2112 23 0 23 7 7 0 1 0 8 0
mcl2k 2048 75909 0 75864 20 13 7 15 0 8 0
mtagpl 80 124 0 103 5 4 1 1 0 8 0
mbufpl 256 152471 0 152328 119 103 16 34 0 8 5
bufpl 256 17375 0 10624 423 0 423 423 0 8 0
anonpl 16 460708 0 440263 160 67 93 99 0 62 8
amapchunkpl 152 18591 0 18435 68 56 12 17 0 158 5
amappl16 192 19257 0 18101 161 102 59 69 0 8 1
amappl15 184 63 0 63 2 2 0 1 0 8 0
amappl14 176 700 0 693 1 0 1 1 0 8 0
amappl13 168 552 0 550 1 0 1 1 0 8 0
amappl12 160 293 0 292 4 3 1 1 0 8 0
amappl11 152 112 0 107 1 0 1 1 0 8 0
amappl10 144 658 0 654 1 0 1 1 0 8 0
amappl9 136 1191 0 1187 1 0 1 1 0 8 0
amappl8 128 769 0 717 2 0 2 2 0 8 0
amappl7 120 765 0 757 1 0 1 1 0 8 0
amappl6 112 82 0 70 1 0 1 1 0 8 0
amappl5 104 771 0 763 1 0 1 1 0 8 0
amappl4 96 3280 0 3250 1 0 1 1 0 8 0
amappl3 88 1095 0 1086 1 0 1 1 0 8 0
amappl2 80 20768 0 20700 3 1 2 3 0 8 0
amappl1 72 62984 0 62577 25 16 9 20 0 8 0
amappl 80 6783 0 6719 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 17 0 17 1 1 0 1 0 8 0
aobjpl 64 148 0 19 3 0 3 3 0 8 0
uaddrrnd 24 2893 0 2831 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 2893 0 2831 1 0 1 1 0 8 0
vmmpekpl 168 21764 0 21726 2 0 2 2 0 8 0
vmmpepl 168 362811 0 360458 256 137 119 176 0 357 9
vmsppl 272 2843 0 2831 3 2 1 2 0 8 0
pdppl 4096 5792 0 5724 13 3 10 10 0 8 1
pvpl 32 1133927 0 1109731 450 123 327 333 0 265 131
pmappl 200 2892 0 2844 3 0 3 3 0 8 0
extentpl 40 41 0 26 1 0 1 1 0 8 0
phpool 112 832 0 261 18 0 18 18 0 8 0