Warning: Permanently added '10.128.0.172' (ECDSA) to the list of known hosts.
2020/08/06 20:41:56 parsed 1 programs
2020/08/06 20:41:59 executed programs: 0
login: kernel: protection fault trap, code=0
Stopped at pfi_ifhead_RB_REMOVE+0x58: movq 0x10(%r12),%rbx
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
the kernel did not panic
ddb{1}> trace
pfi_ifhead_RB_REMOVE(ffffffff828ca230,ffff800000aa2d00) at pfi_ifhead_RB_REMOVE+0x58
pfi_detach_ifgroup(ffff800000af1500) at pfi_detach_ifgroup+0x11b
if_delgroup(ffff800000af4000,ffff800000af1500) at if_delgroup+0x1bc
if_detach(ffff800000af4000) at if_detach+0x1b0
tun_clone_destroy(ffff800000af4000) at tun_clone_destroy+0x1e1
ifioctl(fffffd806cdab650,80206979,ffff800020ef0a70,ffff800020ead3d8) at ifioctl+0x3ea
soo_ioctl(fffffd806d01bb58,80206979,ffff800020ef0a70,ffff800020ead3d8) at soo_ioctl+0x27c
sys_ioctl(ffff800020ead3d8,ffff800020ef0b88,ffff800020ef0bd0) at sys_ioctl+0x4a5
syscall(ffff800020ef0c50) at syscall+0x4a4
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffd3ab0, count: -10
ddb{1}> show registers
rdi 0xffffffff828ca230 pfi_ifs
rsi 0xffff800000aa2d00
rbp 0xffff800020ef07f0
rbx 0xdead4110dead4110
rdx 0xffffffff82745f98 ifg_head+0x8
rcx 0
rax 0xffff800000aa2d10
r8 0x101010101010101
r9 0x8080808080808080
r10 0x5a815e8a5f855b31
r11 0xacc23cf7ed4ff53f
r12 0xdead4110dead4110
r13 0xffff80000002aca0
r14 0xffff800000aa2d00
r15 0xffffffff828ca230 pfi_ifs
rip 0xffffffff8125b088 pfi_ifhead_RB_REMOVE+0x58
cs 0x8
rflags 0x10282 __ALIGN_SIZE+0xf282
rsp 0xffff800020ef0790
ss 0x10
pfi_ifhead_RB_REMOVE+0x58: movq 0x10(%r12),%rbx
ddb{1}> show proc
PROC (syz-executor.1) pid=410413 stat=onproc
flags process=0 proc=0
pri=32, usrpri=50, nice=20
forw=0xffffffffffffffff, list=0xffff800020eacc70,0xffffffff828d38a0
process=0xffff800020df0fd0 user=0xffff800020eeb000, vmspace=0xfffffd807efff5c0
estcpu=36, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
*18421 410413 47513 0 7 0 syz-executor.1
98393 387629 78420 0 3 0 tqbar syz-executor.0
47513 187005 65766 0 3 0x82 nanosleep syz-executor.1
78420 306170 65766 0 3 0x82 nanosleep syz-executor.0
65766 75574 15413 0 3 0x82 thrsleep syz-execprog
65766 479551 15413 0 3 0x4000082 thrsleep syz-execprog
65766 473606 15413 0 3 0x4000082 thrsleep syz-execprog
65766 469009 15413 0 3 0x4000082 thrsleep syz-execprog
65766 390858 15413 0 3 0x4000082 kqread syz-execprog
65766 144275 15413 0 3 0x4000082 thrsleep syz-execprog
65766 212673 15413 0 3 0x4000082 thrsleep syz-execprog
15413 519588 50564 0 3 0x10008a pause ksh
50564 119333 49350 0 3 0x92 select sshd
72929 147362 1 0 3 0x100083 ttyin getty
49350 7835 1 0 3 0x80 select sshd
483 141243 24737 74 3 0x100092 bpf pflogd
24737 474819 1 0 3 0x80 netio pflogd
60967 193649 91749 73 3 0x100090 kqread syslogd
91749 399003 1 0 3 0x100082 netio syslogd
95474 97418 1 77 7 0x100090 dhclient
98652 344845 1 0 3 0x80 poll dhclient
56264 265132 0 0 3 0x14200 bored smr
9447 172370 0 0 3 0x14200 pgzero zerothread
9249 438578 0 0 3 0x14200 aiodoned aiodoned
70980 135594 0 0 3 0x14200 syncer update
37137 333776 0 0 3 0x14200 cleaner cleaner
34468 296581 0 0 3 0x14200 reaper reaper
17902 395534 0 0 3 0x14200 pgdaemon pagedaemon
65382 11828 0 0 3 0x14200 bored crynlk
25422 270918 0 0 3 0x14200 bored crypto
88842 173877 0 0 3 0x40014200 acpi0 acpi0
54027 459751 0 0 3 0x40014200 idle1
11417 375238 0 0 2 0x14200 softnet
30942 463755 0 0 2 0x14200 systqmp
64042 287050 0 0 3 0x14200 bored systq
77438 243853 0 0 3 0x40014200 bored softclock
44096 372632 0 0 3 0x40014200 idle0
1 345772 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 18421 (syz-executor.1) thread 0xffff800020ead3d8 (410413)
exclusive rwlock netlock r = 0 (0xffffffff82746010)
#0 witness_lock+0x4c7
#1 if_detach+0x70
#2 tun_clone_destroy+0x1e1
#3 ifioctl+0x3ea
#4 soo_ioctl+0x27c
#5 sys_ioctl+0x4a5
#6 syscall+0x4a4
#7 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff828e2178)
#0 witness_lock+0x4c7
#1 __mp_acquire_count+0x51
#2 mi_switch+0x392
#3 sleep_finish+0x113
#4 cond_wait+0x76
#5 smr_barrier_impl+0xf9
#6 tun_clone_destroy+0x136
#7 ifioctl+0x3ea
#8 soo_ioctl+0x27c
#9 sys_ioctl+0x4a5
#10 syscall+0x4a4
#11 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9465 6396K 6396K 78643K 10560 0
pcb 13 8K 8K 78643K 13 0
rtable 61 2K 3K 78643K 203 0
ifaddr 32 8K 10K 78643K 47 0
counters 41 33K 33K 78643K 43 0
ioctlops 0 0K 4K 78643K 1469 0
mount 1 1K 1K 78643K 1 0
vnodes 1181 74K 75K 78643K 1188 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 1K 78643K 2 0
VM map 2 1K 1K 78643K 2 0
sem 2 0K 0K 78643K 2 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1824 197K 290K 78643K 13058 0
file desc 6 17K 25K 78643K 36 0
proc 59 63K 95K 78643K 438 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 11 0K 2K 78643K 33 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 19 95K 95K 78643K 19 0
exec 0 0K 1K 78643K 210 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 89 20K 21K 78643K 1009 0
UVM aobj 3 2K 2K 78643K 3 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 5 0K 0K 78643K 10 0
temp 26 3857K 3921K 78643K 1979 0
kqueue 3 4K 4K 78643K 3 0
SYN cache 2 16K 16K 78643K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 6 0 4 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 88 19 0 17 1 0 1 1 0 8 0
rtentry 112 45 0 23 2 0 2 2 0 8 1
unpcb 120 31 0 19 1 0 1 1 0 8 0
syncache 272 5 0 5 2 1 1 1 0 8 1
tcpcb 592 8 0 5 1 0 1 1 0 8 0
inpcb 296 39 0 31 1 0 1 1 0 8 0
nd6 48 6 0 6 1 0 1 1 0 8 1
pfosfp 40 846 0 423 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfstitem 24 12 0 0 1 0 1 1 0 8 0
pfstkey 112 12 0 0 1 0 1 1 0 8 0
pfstate 328 12 0 0 1 0 1 1 0 8 0
pfrule 1360 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 188 0 0 12 0 12 12 0 8 0
art_table 32 189 0 0 2 0 2 2 0 8 0
art_node 16 44 0 4 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 1427 0 24 88 0 88 88 0 8 0
ffsino 272 1427 0 24 94 0 94 94 0 8 0
nchpl 144 1648 0 38 61 1 60 60 0 8 0
uvmvnodes 72 1437 0 0 27 0 27 27 0 8 0
vnodes 208 1437 0 0 76 0 76 76 0 8 0
namei 1024 4351 0 4351 2 1 1 1 0 8 1
percpumem 16 32 0 1 1 0 1 1 0 8 0
scxspl 200 4402 0 4402 2 1 1 2 0 8 1
plimitpl 152 16 0 8 1 0 1 1 0 8 0
sigapl 424 255 0 223 4 0 4 4 0 8 0
knotepl 112 60 0 42 1 0 1 1 0 8 0
kqueuepl 152 2 0 0 1 0 1 1 0 8 0
pipepl 304 82 0 71 2 1 1 1 0 8 0
fdescpl 496 240 0 223 3 0 3 3 0 8 0
filepl 152 1147 0 1074 3 0 3 3 0 8 0
lockfpl 104 5 0 4 1 0 1 1 0 8 0
lockfspl 48 3 0 2 1 0 1 1 0 8 0
sessionpl 120 20 0 9 1 0 1 1 0 8 0
pgrppl 48 20 0 9 1 0 1 1 0 8 0
ucredpl 96 62 0 53 1 0 1 1 0 8 0
zombiepl 144 223 0 223 2 1 1 1 0 8 1
processpl 1008 255 0 223 5 0 5 5 0 8 1
procpl 632 261 0 223 4 0 4 4 0 8 0
srpgc 72 4 0 4 1 0 1 1 0 8 1
sockpl 400 89 0 67 3 0 3 3 0 8 0
mcl4k 4096 3 0 0 1 0 1 1 0 8 0
mcl2k 2048 56 0 0 7 0 7 7 0 8 0
mtagpl 96 1 0 0 1 0 1 1 0 8 0
mbufpl 256 135 0 0 7 0 7 7 0 8 0
bufpl 280 2997 0 127 205 0 205 205 0 8 0
anonpl 16 22902 0 21114 14 2 12 12 0 124 3
amapchunkpl 152 1043 0 952 6 0 6 6 0 158 1
amappl16 192 154 0 110 3 0 3 3 0 8 0
amappl15 184 9 0 6 1 0 1 1 0 8 0
amappl14 176 2 0 2 1 0 1 1 0 8 1
amappl13 168 31 0 26 2 1 1 1 0 8 0
amappl12 160 24 0 22 1 0 1 1 0 8 0
amappl11 152 59 0 43 1 0 1 1 0 8 0
amappl10 144 29 0 24 1 0 1 1 0 8 0
amappl9 136 209 0 206 1 0 1 1 0 8 0
amappl8 128 299 0 283 1 0 1 1 0 8 0
amappl7 120 115 0 105 1 0 1 1 0 8 0
amappl6 112 34 0 28 1 0 1 1 0 8 0
amappl5 104 132 0 118 1 0 1 1 0 8 0
amappl4 96 504 0 480 1 0 1 1 0 8 0
amappl3 88 125 0 117 1 0 1 1 0 8 0
amappl2 80 913 0 849 2 0 2 2 0 8 0
amappl1 72 16000 0 15552 24 6 18 18 0 8 8
amappl 80 508 0 473 1 0 1 1 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 2 0 0 1 0 1 1 0 8 0
uaddrrnd 24 240 0 223 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 240 0 223 1 0 1 1 0 8 0
vmmpekpl 168 6487 0 6461 2 0 2 2 0 8 0
vmmpepl 168 34342 0 33291 86 12 74 74 0 357 26
vmsppl 368 239 0 223 2 0 2 2 0 8 0
pdppl 4096 487 0 446 6 0 6 6 0 8 0
pvpl 32 116771 0 112482 107 3 104 104 0 265 66
pmappl 232 239 0 223 2 0 2 2 0 8 1
extentpl 40 53 0 36 1 0 1 1 0 8 0
phpool 112 232 0 5 7 0 7 7 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{0}> trace
x86_ipi_db(ffffffff82728ff0) at x86_ipi_db+0x1a
x86_ipi_handler() at x86_ipi_handler+0xc6
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__sanitizer_cov_trace_cmp4(ffffffff828e1f70,ffffffff828e1f70) at __sanitizer_cov_trace_cmp4+0x6f
__mp_acquire_count(ffffffff828e1f70,2) at __mp_acquire_count+0x51
mi_switch() at mi_switch+0x392
sleep_finish(ffff800020e17c80,1) at sleep_finish+0x113
sleep_finish_all(ffff800020e17c80,1) at sleep_finish_all+0x32
tsleep(ffffffff828d9024,118,ffffffff8246ca90,41df49) at tsleep+0x1cc
doppoll(ffff800020dd7640,7f7ffffc7590,3,ffff800020e17e18,0,ffff800020e17ed0) at doppoll+0x57e
sys_poll(ffff800020dd7640,ffff800020e17e80,ffff800020e17ed0) at sys_poll+0xa6
syscall(ffff800020e17f50) at syscall+0x4a4
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffc7570, count: -13
ddb{0}> machine ddbcpu 1
Stopped at pfi_ifhead_RB_REMOVE+0x58: movq 0x10(%r12),%rbx
ddb{1}> trace
pfi_ifhead_RB_REMOVE(ffffffff828ca230,ffff800000aa2d00) at pfi_ifhead_RB_REMOVE+0x58
pfi_detach_ifgroup(ffff800000af1500) at pfi_detach_ifgroup+0x11b
if_delgroup(ffff800000af4000,ffff800000af1500) at if_delgroup+0x1bc
if_detach(ffff800000af4000) at if_detach+0x1b0
tun_clone_destroy(ffff800000af4000) at tun_clone_destroy+0x1e1
ifioctl(fffffd806cdab650,80206979,ffff800020ef0a70,ffff800020ead3d8) at ifioctl+0x3ea
soo_ioctl(fffffd806d01bb58,80206979,ffff800020ef0a70,ffff800020ead3d8) at soo_ioctl+0x27c
sys_ioctl(ffff800020ead3d8,ffff800020ef0b88,ffff800020ef0bd0) at sys_ioctl+0x4a5
syscall(ffff800020ef0c50) at syscall+0x4a4
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffd3ab0, count: -10
ddb{1}>