uvm_fault(0xffffffff827df520, 0xffff800000b2e000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at memcpy+0x15: repe movsq (%rsi),%es:(%rdi) ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic kernel page fault uvm_fault(0xffffffff827df520, 0xffff800000b2e000, 0, 1) -> e memcpy() at memcpy+0x15 end trace frame: 0xffff800020e17640, count: 0 ddb{1}> trace memcpy() at memcpy+0x15 sysctl_iflist(0,ffff800020e17698) at sysctl_iflist+0x255 sys/net/rtsock.c:1979 sysctl_rtable(ffff800020e1775c,3,1dacd1e0f460,ffff800020e17788,0,0) at sysctl_rtable+0x196 sys/net/rtsock.c:2076 sys_sysctl(ffff800020ddc4e8,ffff800020e177f0,ffff800020e17840) at sys_sysctl+0x20e sys/kern/kern_sysctl.c:250 syscall(ffff800020e178c0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff800020e178c0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffe7da0, count: -6 ddb{1}> show registers rdi 0xffff800000b22ce8 rsi 0xffff800000b2e000 rbp 0xffff800020e17540 rbx 0xe8 rdx 0xe8 rcx 0x5 rax 0xffffffffffff4ce8 r8 0xffff800020e17698 r9 0x5 r10 0x2805e0ce2c5245c9 r11 0xffff800000b22c28 r12 0xffff800000b2df40 r13 0xe8 r14 0xffff800000b22c28 r15 0x6 rip 0xffffffff81f68805 memcpy+0x15 cs 0x8 rflags 0x10206 __ALIGN_SIZE+0xf206 rsp 0xffff800020e17488 ss 0x10 memcpy+0x15: repe movsq (%rsi),%es:(%rdi) ddb{1}> show proc PROC (dhclient) pid=192485 stat=onproc flags process=100010 proc=0 pri=24, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff800020ddc278,0xffff800020e41610 process=0xffff800020df0f70 user=0xffff800020e12000, vmspace=0xfffffd807efff2e0 estcpu=0, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 36529 430550 46693 0 7 0 syz-executor.0 36529 358586 46693 0 3 0x4000080 fsleep syz-executor.0 81653 188014 88897 0 3 0x82 nanosleep syz-executor.1 46693 179575 88897 0 3 0x82 nanosleep syz-executor.0 88897 29004 3890 0 3 0x82 thrsleep syz-fuzzer 88897 233635 3890 0 3 0x4000082 thrsleep syz-fuzzer 88897 156655 3890 0 3 0x4000082 thrsleep syz-fuzzer 88897 301977 3890 0 3 0x4000082 kqread syz-fuzzer 88897 25450 3890 0 3 0x4000082 thrsleep syz-fuzzer 88897 303275 3890 0 3 0x4000082 thrsleep syz-fuzzer 88897 89738 3890 0 3 0x4000082 thrsleep syz-fuzzer 88897 80156 3890 0 3 0x4000082 thrsleep syz-fuzzer 88897 419948 3890 0 3 0x4000082 thrsleep syz-fuzzer 88897 296609 3890 0 3 0x4000082 thrsleep syz-fuzzer 3890 123889 72231 0 3 0x10008a pause ksh 72231 499499 75464 0 3 0x92 select sshd 77343 518853 1 0 3 0x100083 ttyin getty 75464 486481 1 0 3 0x80 select sshd 99879 102114 27123 74 3 0x100092 bpf pflogd 27123 12316 1 0 3 0x80 netio pflogd 97831 113709 94942 73 3 0x100090 kqread syslogd 94942 455376 1 0 3 0x100082 netio syslogd *45428 192485 1 77 7 0x100010 dhclient 54088 71734 1 0 3 0x80 poll dhclient 53592 213518 0 0 3 0x14200 bored smr 53227 463896 0 0 2 0x14200 zerothread 46119 367966 0 0 3 0x14200 aiodoned aiodoned 1878 369216 0 0 3 0x14200 syncer update 48669 489374 0 0 3 0x14200 cleaner cleaner 82482 14219 0 0 3 0x14200 reaper reaper 64759 514760 0 0 3 0x14200 pgdaemon pagedaemon 77632 401919 0 0 3 0x14200 bored crynlk 54808 200049 0 0 3 0x14200 bored crypto 21021 127364 0 0 3 0x40014200 acpi0 acpi0 63705 421781 0 0 3 0x40014200 idle1 23741 486346 0 0 3 0x14200 bored softnet 89989 31379 0 0 3 0x14200 bored systqmp 12931 182144 0 0 3 0x14200 bored systq 89392 215734 0 0 3 0x40014200 bored softclock 3186 248323 0 0 3 0x40014200 idle0 1 113429 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 45428 (dhclient) thread 0xffff800020ddc4e8 (192485) exclusive rwlock netlock r = 0 (0xffffffff826f74b8) #0 witness_lock+0x4c7 stacktrace_save sys/sys/stacktrace.h:36 [inline] #0 witness_lock+0x4c7 sys/kern/subr_witness.c:1164 #1 sysctl_rtable+0x187 sys/net/rtsock.c:2075 #2 sys_sysctl+0x20e sys/kern/kern_sysctl.c:250 #3 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline] #3 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570 #4 Xsyscall+0x128 exclusive rwlock sysctllk r = 0 (0xffffffff8276be50) #0 witness_lock+0x4c7 stacktrace_save sys/sys/stacktrace.h:36 [inline] #0 witness_lock+0x4c7 sys/kern/subr_witness.c:1164 #1 rw_enter+0x453 sys/kern/kern_rwlock.c:311 #2 sys_sysctl+0x1ac sys/kern/kern_sysctl.c:234 #3 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline] #3 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570 #4 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 1 (0xffffffff82910c50) #0 witness_lock+0x4c7 stacktrace_save sys/sys/stacktrace.h:36 [inline] #0 witness_lock+0x4c7 sys/kern/subr_witness.c:1164 #1 syscall+0x400 mi_syscall sys/sys/syscall_mi.h:93 [inline] #1 syscall+0x400 sys/arch/amd64/amd64/trap.c:570 #2 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9493 6405K 6663K 78643K 10715 0 pcb 13 8K 8K 78643K 33 0 rtable 98 5K 5K 78643K 239 0 ifaddr 53 11K 11K 78643K 62 0 sysctl 2 0K 0K 78643K 2 0 counters 41 33K 33K 78643K 43 0 ioctlops 0 0K 4K 78643K 1487 0 iov 0 0K 16K 78643K 25 0 mount 1 1K 1K 78643K 1 0 vnodes 1221 77K 77K 78643K 1261 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 4 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 36 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1824 197K 290K 78643K 13058 0 file desc 5 13K 25K 78643K 134 0 proc 61 63K 95K 78643K 445 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 10 0 in_multi 29 1K 2K 78643K 49 0 ether_multi 1 0K 0K 78643K 4 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 43 201K 201K 78643K 43 0 exec 0 0K 1K 78643K 209 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 110 38K 38K 78643K 1345 0 UVM aobj 12 2K 2K 78643K 12 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 20 0 NDP 8 0K 0K 78643K 13 0 temp 95 3864K 3928K 78643K 2322 0 kqueue 3 4K 6K 78643K 4 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 2 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 23 0 21 1 0 1 1 0 8 0 rtentry 112 47 0 12 2 0 2 2 0 8 0 unpcb 120 89 0 78 1 0 1 1 0 8 0 syncache 264 6 0 6 2 1 1 1 0 8 1 tcpqe 32 132 0 132 2 2 0 1 0 8 0 tcpcb 544 50 0 46 1 0 1 1 0 8 0 inpcb 296 164 0 157 3 1 2 2 0 8 1 nd6 48 8 0 3 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 1 0 1 0 8 0 pfosfp 40 846 0 423 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 4 0 1 1 0 1 1 0 8 0 pfstitem 24 12 0 3 1 0 1 1 0 8 0 pfstkey 112 12 0 3 1 0 1 1 0 8 0 pfstate 328 12 0 3 1 0 1 1 0 8 0 pfrule 1360 25 0 18 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 242 0 44 14 1 13 13 0 8 0 art_table 32 243 0 44 2 0 2 2 0 8 0 art_node 16 46 0 14 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 6 1 0 1 1 0 8 0 semapl 112 34 0 24 1 0 1 1 0 8 0 shmpl 112 10 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1557 0 149 90 1 89 89 0 8 0 ffsino 272 1557 0 149 95 0 95 95 0 8 0 nchpl 144 1998 0 386 60 0 60 60 0 8 0 uvmvnodes 72 1632 0 0 30 0 30 30 0 8 0 vnodes 208 1632 0 0 86 0 86 86 0 8 0 namei 1024 5210 0 5210 2 1 1 1 0 8 1 percpumem 16 32 0 1 1 0 1 1 0 8 0 vcpupl 1984 2 0 0 1 0 1 1 0 8 0 vmpool 560 2 0 0 1 0 1 1 0 8 0 pfiaddrpl 120 2 0 0 1 0 1 1 0 8 0 scxspl 192 5866 0 5866 9 8 1 7 0 8 1 plimitpl 152 23 0 15 1 0 1 1 0 8 0 sigapl 424 349 0 318 4 0 4 4 0 8 0 futexpl 56 1680 0 1679 2 1 1 1 0 8 0 knotepl 112 62 0 43 1 0 1 1 0 8 0 kqueuepl 144 44 0 42 1 0 1 1 0 8 0 pipelkpl 48 81 0 71 1 0 1 1 0 8 0 pipepl 120 162 0 143 1 0 1 1 0 8 0 fdescpl 496 334 0 318 3 0 3 3 0 8 0 filepl 152 1820 0 1717 6 1 5 5 0 8 1 lockfpl 104 40 0 39 1 0 1 1 0 8 0 lockfspl 48 13 0 12 1 0 1 1 0 8 0 sessionpl 112 18 0 7 1 0 1 1 0 8 0 pgrppl 48 18 0 7 1 0 1 1 0 8 0 ucredpl 96 156 0 146 1 0 1 1 0 8 0 zombiepl 144 318 0 317 2 1 1 1 0 8 0 processpl 984 349 0 317 6 1 5 5 0 8 1 procpl 624 586 0 544 4 0 4 4 0 8 0 srpgc 64 2 0 2 1 1 0 1 0 8 0 sockpl 400 282 0 262 4 1 3 3 0 8 0 mcl64k 65536 6 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl12k 12288 5 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 1 0 0 1 0 1 1 0 8 0 mcl4k 4096 3 0 0 1 0 1 1 0 8 0 mcl2k 2048 177 0 0 22 0 22 22 0 8 0 mtagpl 96 9 0 0 1 0 1 1 0 8 0 mbufpl 256 200 0 0 12 0 12 12 0 8 0 bufpl 280 3579 0 132 247 0 247 247 0 8 0 anonpl 16 48812 0 33745 80 17 63 77 0 124 1 amapchunkpl 152 1639 0 1501 8 1 7 8 0 158 0 amappl16 192 1583 0 769 54 11 43 52 0 8 2 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 27 0 20 1 0 1 1 0 8 0 amappl13 168 132 0 127 1 0 1 1 0 8 0 amappl12 160 17 0 16 2 1 1 1 0 8 0 amappl11 152 109 0 92 1 0 1 1 0 8 0 amappl10 144 22 0 16 1 0 1 1 0 8 0 amappl9 136 389 0 388 1 0 1 1 0 8 0 amappl8 128 326 0 302 1 0 1 1 0 8 0 amappl7 120 117 0 106 1 0 1 1 0 8 0 amappl6 112 69 0 67 1 0 1 1 0 8 0 amappl5 104 174 0 158 1 0 1 1 0 8 0 amappl4 96 546 0 516 1 0 1 1 0 8 0 amappl3 88 164 0 156 1 0 1 1 0 8 0 amappl2 80 1726 0 1655 2 0 2 2 0 8 0 amappl1 72 17181 0 16742 23 12 11 18 0 8 0 amappl 80 836 0 791 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 11 0 0 1 0 1 1 0 8 0 uaddrrnd 24 336 0 318 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 336 0 318 1 0 1 1 0 8 0 vmmpekpl 168 6628 0 6596 2 0 2 2 0 8 0 vmmpepl 168 47684 0 45711 119 26 93 110 0 357 2 vmsppl 368 335 0 318 2 0 2 2 0 8 0 pdppl 4096 679 0 638 6 0 6 6 0 8 0 pvpl 32 162447 0 144481 189 35 154 181 0 265 6 pmappl 232 335 0 318 2 0 2 2 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 264 0 7 8 0 8 8 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp ddb{0}> trace x86_ipi_db(ffffffff82714ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:352 x86_ipi_handler() at x86_ipi_handler+0xc6 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __mp_lock(ffffffff82910a48) at __mp_lock+0x127 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82910a48) at __mp_lock+0x127 sys/kern/kern_lock.c:147 softintr_dispatch(0) at softintr_dispatch+0x4e sys/arch/amd64/amd64/softintr.c:89 Xsoftclock() at Xsoftclock+0x1f __mp_lock(ffffffff82910a48) at __mp_lock+0x127 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82910a48) at __mp_lock+0x127 sys/kern/kern_lock.c:147 pageflttrap(ffff8000230f3ce0,1) at pageflttrap+0x7f sys/arch/amd64/amd64/trap.c:180 usertrap(ffff8000230f3ce0) at usertrap+0x21a sys/arch/amd64/amd64/trap.c:384 recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x7f7ffffc12f0, count: -10 ddb{0}> machine ddbcpu 1 Stopped at memcpy+0x15: repe movsq (%rsi),%es:(%rdi) ddb{1}> trace memcpy() at memcpy+0x15 sysctl_iflist(0,ffff800020e17698) at sysctl_iflist+0x255 sys/net/rtsock.c:1979 sysctl_rtable(ffff800020e1775c,3,1dacd1e0f460,ffff800020e17788,0,0) at sysctl_rtable+0x196 sys/net/rtsock.c:2076 sys_sysctl(ffff800020ddc4e8,ffff800020e177f0,ffff800020e17840) at sys_sysctl+0x20e sys/kern/kern_sysctl.c:250 syscall(ffff800020e178c0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff800020e178c0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffe7da0, count: -6