uvm_fault(0xfffffd8079bdf740, 0xa6, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at in6_pcbhashlookup+0xa0: movl 0xa4(%r14),%ebx
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
kernel page fault
uvm_fault(0xfffffd8079bdf740, 0xa6, 0, 1) -> e
in6_pcbhashlookup(ffffffff8287ef00,ffff800020edc090,7,ffff8000006abd48,8f2c,0) at in6_pcbhashlookup+0xa0 sys/netinet6/in6_pcb.c:502
end trace frame: 0xffff800020edc100, count: 0
ddb{1}> trace
in6_pcbhashlookup(ffffffff8287ef00,ffff800020edc090,7,ffff8000006abd48,8f2c,0) at in6_pcbhashlookup+0xa0 sys/netinet6/in6_pcb.c:502
in6_pcbconnect(fffffd806f650b90,fffffd80793cc800) at in6_pcbconnect+0x44c sys/netinet6/in6_pcb.c:287
tcp_usrreq(fffffd806adfab00,4,0,fffffd80793cc800,0,ffff800020ec3650) at tcp_usrreq+0xaf9 sys/netinet/tcp_usrreq.c:228
sys_connect(ffff800020ec3650,ffff800020edc258,ffff800020edc2a0) at sys_connect+0x3df sys/kern/uipc_syscalls.c:381
syscall(ffff800020edc320) at syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800020edc320) at syscall+0x4a1 sys/arch/amd64/amd64/trap.c:568
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1256c1458f0, count: -6
ddb{1}> show registers
rdi 0xffff800022f0b000
rsi 0x3c9
rbp 0xffff800020edc070
rbx 0x7
rdx 0xffff800022f0b000
rcx 0x3c8
rax 0xffff8000006b2538
r8 0x30
r9 0x8f2c __ALIGN_SIZE+0x7f2c
r10 0x1fdb97d4fbd4d97c
r11 0x85950ea8e2d2686a
r12 0xffff800020edc090
r13 0
r14 0x2
r15 0x100
rip 0xffffffff8169a120 in6_pcbhashlookup+0xa0
cs 0x8
rflags 0x10202 __ALIGN_SIZE+0xf202
rsp 0xffff800020edbfe0
ss 0x10
in6_pcbhashlookup+0xa0: movl 0xa4(%r14),%ebx
ddb{1}> show proc
PROC (syz-executor.0) pid=160434 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=32, usrpri=72, nice=20
forw=0xffffffffffffffff, list=0xffff800020ec29f8,0xffffffff828b9d50
process=0xffff800020ec43f8 user=0xffff800020ed7000, vmspace=0xfffffd8079bdf740
estcpu=22, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
41137 465346 6622 0 7 0 syz-executor.0
*41137 160434 6622 0 7 0x4000000 syz-executor.0
23161 59257 97336 0 3 0x2 biowait syz-executor.1
6622 435594 97336 0 3 0x82 nanosleep syz-executor.0
51842 148565 0 0 3 0x14200 bored sosplice
97336 61852 16980 0 3 0x82 thrsleep syz-fuzzer
97336 259876 16980 0 3 0x4000082 nanosleep syz-fuzzer
97336 266157 16980 0 3 0x4000082 kqread syz-fuzzer
97336 291686 16980 0 3 0x4000082 thrsleep syz-fuzzer
97336 39750 16980 0 3 0x4000082 nanosleep syz-fuzzer
97336 509281 16980 0 3 0x4000082 thrsleep syz-fuzzer
97336 90780 16980 0 3 0x4000082 thrsleep syz-fuzzer
97336 495190 16980 0 3 0x4000082 thrsleep syz-fuzzer
16980 214434 70070 0 3 0x10008a pause ksh
70070 191156 38693 0 3 0x92 select sshd
83196 364828 1 0 3 0x100083 ttyopn getty
38693 169121 1 0 3 0x80 select sshd
22733 365142 45688 74 3 0x100092 bpf pflogd
45688 281407 1 0 3 0x80 netio pflogd
46802 498574 51959 73 3 0x100090 kqread syslogd
51959 455578 1 0 3 0x100082 netio syslogd
17880 27999 1 77 3 0x100090 poll dhclient
19274 520075 1 0 3 0x80 poll dhclient
64703 313097 0 0 3 0x14200 bored smr
73498 155378 0 0 3 0x14200 pgzero zerothread
53677 111115 0 0 3 0x14200 aiodoned aiodoned
8380 407689 0 0 3 0x14200 syncer update
57513 169998 0 0 3 0x14200 cleaner cleaner
76274 211006 0 0 3 0x14200 reaper reaper
2801 372102 0 0 3 0x14200 pgdaemon pagedaemon
95575 343761 0 0 3 0x14200 bored crynlk
64852 303835 0 0 3 0x14200 bored crypto
19789 213263 0 0 3 0x40014200 acpi0 acpi0
58131 519321 0 0 3 0x40014200 idle1
44674 352741 0 0 3 0x14200 bored softnet
62091 10951 0 0 3 0x14200 bored systqmp
17567 421480 0 0 3 0x14200 bored systq
98004 219683 0 0 3 0x40014200 bored softclock
53446 370584 0 0 3 0x40014200 idle0
1 63245 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 41137 (syz-executor.0) thread 0xffff800020ec3650 (160434)
exclusive rwlock netlock r = 0 (0xffffffff826f42a0)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1164
#1 solock+0x5a sys/kern/uipc_socket2.c:282
#2 sys_connect+0x6a sys/kern/uipc_syscalls.c:355
#3 syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#3 syscall+0x4a1 sys/arch/amd64/amd64/trap.c:568
#4 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 1 (0xffffffff82881568)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1164
#1 syscall+0x3fd mi_syscall sys/sys/syscall_mi.h:93 [inline]
#1 syscall+0x3fd sys/arch/amd64/amd64/trap.c:568
#2 Xsyscall+0x128
Process 23161 (syz-executor.1) thread 0xffff800020ec2018 (59257)
exclusive rrwlock inode r = 0 (0xfffffd8078b1df80)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1164
#1 rw_enter+0x446 sys/kern/kern_rwlock.c:311
#2 rrw_enter+0x88 sys/kern/kern_rwlock.c:462
#3 ufs_ihashins+0x45 sys/ufs/ufs/ufs_ihash.c:140
#4 ffs_vget+0x135 sys/ufs/ffs/ffs_vfsops.c:1350
#5 ffs_inode_alloc+0x1e1 sys/ufs/ffs/ffs_alloc.c:394
#6 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1162
#7 VOP_MKDIR+0xc6 sys/kern/vfs_vops.c:450
#8 domkdirat+0x121 sys/kern/vfs_syscalls.c:3046
#9 syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#9 syscall+0x4a1 sys/arch/amd64/amd64/trap.c:568
#10 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd80745e5a28)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1164
#1 rw_enter+0x446 sys/kern/kern_rwlock.c:311
#2 rrw_enter+0x88 sys/kern/kern_rwlock.c:462
#3 VOP_LOCK+0x4b sys/kern/vfs_vops.c:603
#4 vn_lock+0x6c sys/kern/vfs_vnops.c:575
#5 vfs_lookup+0xe6 sys/kern/vfs_lookup.c:419
#6 namei+0x5f7 sys/kern/vfs_lookup.c:249
#7 domkdirat+0x75 sys/kern/vfs_syscalls.c:3031
#8 syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#8 syscall+0x4a1 sys/arch/amd64/amd64/trap.c:568
#9 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9566 6444K 7332K 78643K 16833 0
pcb 13 8K 8K 78643K 399 0
rtable 117 6K 6K 78643K 988 0
ifaddr 95 16K 18K 78643K 324 0
counters 43 33K 34K 78643K 111 0
ioctlops 0 0K 4K 78643K 1694 0
iov 0 0K 24K 78643K 284 0
mount 1 1K 1K 78643K 1 0
vnodes 1218 77K 77K 78643K 3365 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 93 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 607 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1824 197K 290K 78643K 13058 0
file desc 5 13K 25K 78643K 5833 0
sigio 0 0K 0K 78643K 72 0
proc 66 63K 95K 78643K 1062 0
subproc 32 2K 2K 78643K 136 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 573 0
in_multi 33 2K 2K 78643K 504 0
ether_multi 1 0K 0K 78643K 120 0
mrt 0 0K 0K 78643K 43 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 73 334K 334K 78643K 73 0
exec 0 0K 2K 78643K 757 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 228 258K 259K 78643K 14629 0
UVM aobj 131 8K 8K 78643K 131 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 1K 78643K 455 0
NDP 18 0K 0K 78643K 84 0
temp 156 3967K 4033K 78643K 34652 0
kqueue 3 4K 16K 78643K 200 0
SYN cache 2 16K 16K 78643K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 29 0 23 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 96 139 0 137 1 0 1 1 0 8 0
rtentry 112 183 0 139 2 0 2 2 0 8 0
unpcb 120 1560 0 1550 1 0 1 1 0 8 0
syncache 272 66 0 66 9 9 0 1 0 8 0
tcpqe 32 59 0 59 8 8 0 1 0 8 0
tcpcb 592 1440 0 1432 21 19 2 5 0 8 0
inpcb 296 3471 0 3459 9 7 2 3 0 8 1
rttmr 72 7 0 7 2 2 0 1 0 8 0
nd6 48 40 0 34 1 0 1 1 0 8 0
pkpcb 40 68 0 68 6 6 0 1 0 8 0
kcovpl 48 8 0 6 1 0 1 1 0 8 0
ppxss 1128 12 0 12 3 3 0 1 0 8 0
pfstscr 40 5 0 5 1 1 0 1 0 8 0
pffrag 232 35 0 34 4 3 1 1 0 482 0
pffrnode 88 35 0 34 4 3 1 1 0 8 0
pffrent 40 1358 0 1357 4 3 1 1 0 8 0
pfosfp 40 846 0 423 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 30 0 26 2 1 1 1 0 8 0
pfstitem 24 118 0 116 1 0 1 1 0 8 0
pfstkey 112 133 0 131 2 1 1 2 0 8 0
pfstate 328 128 0 126 5 4 1 5 0 8 0
pfrule 1360 59 0 33 4 1 3 3 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 502 0 311 14 1 13 13 0 8 0
art_table 32 503 0 311 2 0 2 2 0 8 0
art_node 16 173 0 133 1 0 1 1 0 8 0
sysvmsgpl 40 61 0 41 1 0 1 1 0 8 0
semapl 112 605 0 595 1 0 1 1 0 8 0
shmpl 112 128 0 0 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 8782 0 7370 89 0 89 89 0 8 0
ffsino 272 8782 0 7370 95 0 95 95 0 8 0
nchpl 144 15739 0 14143 60 0 60 60 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 208 5926 0 0 312 0 312 312 0 8 0
namei 1024 39685 0 39684 2 1 1 1 0 8 0
percpumem 16 66 0 34 1 0 1 1 0 8 0
vcpupl 1984 15 0 0 2 0 2 2 0 8 0
vmpool 560 17 0 2 2 0 2 2 0 8 0
pfiaddrpl 120 16 0 6 2 1 1 1 0 8 0
scsiplug 72 1 0 1 1 1 0 1 0 8 0
scxspl 200 47582 0 47581 13 12 1 7 0 8 0
plimitpl 152 293 0 285 1 0 1 1 0 8 0
sigapl 424 6039 0 6007 4 0 4 4 0 8 0
futexpl 56 47532 0 47532 2 1 1 1 0 8 1
knotepl 112 363 0 343 1 0 1 1 0 8 0
kqueuepl 152 3125 0 3114 1 0 1 1 0 8 0
pipepl 304 564 0 553 14 12 2 2 0 8 0
fdescpl 496 6015 0 5999 3 0 3 3 0 8 0
filepl 152 22922 0 22818 8 3 5 7 0 8 1
lockfpl 104 783 0 782 1 0 1 1 0 8 0
lockfspl 48 340 0 339 1 0 1 1 0 8 0
sessionpl 120 24 0 13 1 0 1 1 0 8 0
pgrppl 48 44 0 33 1 0 1 1 0 8 0
ucredpl 96 2894 0 2878 1 0 1 1 0 8 0
zombiepl 144 6007 0 6007 1 0 1 1 0 8 1
processpl 1008 6039 0 6007 5 0 5 5 0 8 0
procpl 632 13447 0 13407 4 0 4 4 0 8 0
sosppl 144 52 0 51 1 0 1 1 0 8 0
sockpl 400 5266 0 5243 12 9 3 6 0 8 0
mcl64k 65536 23 0 0 3 0 3 3 0 8 0
mcl16k 16384 3 0 0 1 0 1 1 0 8 0
mcl12k 12288 17 0 0 2 0 2 2 0 8 0
mcl9k 9216 22 0 0 2 0 2 2 0 8 0
mcl8k 8192 11 0 0 2 0 2 2 0 8 0
mcl4k 4096 25 0 0 4 1 3 3 0 8 0
mcl2k2 2112 3 0 0 1 0 1 1 0 8 0
mcl2k 2048 409 0 0 20 1 19 19 0 8 0
mtagpl 96 270 0 0 5 0 5 5 0 8 0
mbufpl 256 945 0 0 39 0 39 39 0 8 0
bufpl 280 12071 0 5798 449 0 449 449 0 8 0
anonpl 16 539631 0 532134 108 72 36 58 0 124 0
amapchunkpl 152 23349 0 23140 14 4 10 12 0 158 0
amappl16 192 24269 0 24017 109 96 13 34 0 8 0
amappl15 184 2041 0 2038 1 0 1 1 0 8 0
amappl14 176 1541 0 1538 2 1 1 1 0 8 0
amappl13 168 1239 0 1238 1 0 1 1 0 8 0
amappl12 160 40 0 34 1 0 1 1 0 8 0
amappl11 152 499 0 483 1 0 1 1 0 8 0
amappl10 144 879 0 872 1 0 1 1 0 8 0
amappl9 136 338 0 337 1 0 1 1 0 8 0
amappl8 128 399 0 280 4 0 4 4 0 8 0
amappl7 120 1190 0 1182 1 0 1 1 0 8 0
amappl6 112 590 0 563 1 0 1 1 0 8 0
amappl5 104 5490 0 5477 1 0 1 1 0 8 0
amappl4 96 1796 0 1763 1 0 1 1 0 8 0
amappl3 88 1851 0 1845 1 0 1 1 0 8 0
amappl2 80 43370 0 43287 3 1 2 3 0 8 0
amappl1 72 165345 0 164881 24 14 10 19 0 8 0
amappl 80 13852 0 13763 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 130 0 0 3 0 3 3 0 8 0
uaddrrnd 24 6032 0 6001 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 6032 0 6001 1 0 1 1 0 8 0
vmmpekpl 168 32106 0 32067 2 0 2 2 0 8 0
vmmpepl 168 740958 0 739365 155 79 76 90 0 357 1
vmsppl 368 6031 0 6001 3 0 3 3 0 8 0
pdppl 4096 12071 0 12017 8 0 8 8 0 8 0
pvpl 32 2121721 0 2111038 335 233 102 143 0 265 14
pmappl 232 6031 0 6001 2 0 2 2 0 8 0
extentpl 40 53 0 36 1 0 1 1 0 8 0
phpool 112 311 0 25 9 0 9 9 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{0}> trace
x86_ipi_db(ffffffff8273aff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:352
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__mp_lock(ffffffff82881360) at __mp_lock+0x133 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff82881360) at __mp_lock+0x133 sys/kern/kern_lock.c:147
intr_handler(ffff800020ebe430,ffff80000004a400) at intr_handler+0x5e sys/arch/amd64/amd64/intr.c:532
Xintr_ioapic_edge17_untramp() at Xintr_ioapic_edge17_untramp+0x19f
__mp_lock(ffffffff82881360) at __mp_lock+0x129 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff82881360) at __mp_lock+0x129 sys/kern/kern_lock.c:147
softintr_dispatch(0) at softintr_dispatch+0x4e sys/arch/amd64/amd64/softintr.c:89
Xsoftclock() at Xsoftclock+0x1f
end of kernel
end trace frame: 0x7f7ffffcc750, count: -9
ddb{0}> machine ddbcpu 1
Stopped at in6_pcbhashlookup+0xa0: movl 0xa4(%r14),%ebx
ddb{1}> trace
in6_pcbhashlookup(ffffffff8287ef00,ffff800020edc090,7,ffff8000006abd48,8f2c,0) at in6_pcbhashlookup+0xa0 sys/netinet6/in6_pcb.c:502
in6_pcbconnect(fffffd806f650b90,fffffd80793cc800) at in6_pcbconnect+0x44c sys/netinet6/in6_pcb.c:287
tcp_usrreq(fffffd806adfab00,4,0,fffffd80793cc800,0,ffff800020ec3650) at tcp_usrreq+0xaf9 sys/netinet/tcp_usrreq.c:228
sys_connect(ffff800020ec3650,ffff800020edc258,ffff800020edc2a0) at sys_connect+0x3df sys/kern/uipc_syscalls.c:381
syscall(ffff800020edc320) at syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800020edc320) at syscall+0x4a1 sys/arch/amd64/amd64/trap.c:568
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1256c1458f0, count: -6