+,SHCREMZ xY|[ $LҍpQ11} @`L bė{Ihۂmi)2l!舭eE`Gzq@ToDoL,G-+,SHCREMZ xY|[ $LҍpQ11} @`L bė{Ihۂmi)2l!舭eE`Gzq@ToDoL,G-uvm_fault(0xffffffff825475c8, 0xffff800000c68000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at strlcpy+0xcf: movzbl 0xffffffffffffffff(%rbx),%r15d ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic kernel page fault uvm_fault(0xffffffff825475c8, 0xffff800000c68000, 0, 1) -> e strlcpy(ffff800000a80d50,ffff800000c67ee2,20) at strlcpy+0xcf sys/lib/libkern/strlcpy.c:44 end trace frame: 0xffff8000239b1500, count: 0 ddb{0}> trace strlcpy(ffff800000a80d50,ffff800000c67ee2,20) at strlcpy+0xcf sys/lib/libkern/strlcpy.c:44 rtlabel_name2id(ffff800000c67ee2) at rtlabel_name2id+0x13d sys/net/route.c:1614 rtrequest(1,ffff8000239b16b8,0,ffff8000239b1628,0) at rtrequest+0x653 sys/net/route.c:893 rtm_output(ffff800000c67e00,ffff8000239b1768,ffff8000239b16b8,0,0) at rtm_output+0x62f sys/net/rtsock.c:901 route_output(fffffd8068256e00,fffffd8071e86dc8,0,0) at route_output+0x7c4 sys/net/rtsock.c:819 route_usrreq(fffffd8071e86dc8,9,fffffd8068256e00,0,0,ffff800020acea08) at route_usrreq+0x363 sys/net/rtsock.c:275 sosend(fffffd8071e86dc8,0,ffff8000239b1950,0,0,80) at sosend+0x645 sys/kern/uipc_socket.c:524 sendit(ffff800020acea08,3,ffff8000239b1a30,0,ffff8000239b1b10) at sendit+0x52b sys/kern/uipc_syscalls.c:662 sys_sendto(ffff800020acea08,ffff8000239b1ac8,ffff8000239b1b10) at sys_sendto+0x80 sys/kern/uipc_syscalls.c:527 syscall(ffff8000239b1b90) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] syscall(ffff8000239b1b90) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffffd8,0,6,7a3fdb22010) at Xsyscall+0x128 end of kernel end trace frame: 0x7a643df4da0, count: -11 ddb{0}> show registers rdi 0xffffffff81770355 strlcpy+0xc5 rsi 0x5e2 rbp 0xffff8000239b14b0 rbx 0xffff800000c68001 rdx 0x5e3 rcx 0xffff800020b52000 rax 0xffff800020b52000 r8 0x38 r9 0x5 r10 0x9b41427cb9d78123 r11 0x170666a2ff69d206 r12 0 r13 0x27 r14 0xffff800000c67ee2 r15 0xd1 rip 0xffffffff8177035f strlcpy+0xcf cs 0x8 rflags 0x10282 __ALIGN_SIZE+0xf282 rsp 0xffff8000239b1460 ss 0x10 strlcpy+0xcf: movzbl 0xffffffffffffffff(%rbx),%r15d ddb{0}> show proc PROC (syz-executor.0) pid=202036 stat=onproc flags process=0 proc=4000000 pri=86, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff800020ace2a0,0xffffffff8265f578 process=0xffff800020add500 user=0xffff8000239ac000, vmspace=0xfffffd807f00c000 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 1391 144022 45184 0 2 0 syz-executor.0 * 1391 202036 45184 0 7 0x4000000 syz-executor.0 71448 291948 32596 0 2 0 syz-executor.1 71448 45340 32596 0 3 0x4000080 fsleep syz-executor.1 45184 199085 76937 0 7 0x482 syz-executor.0 70568 142676 1 0 3 0x100083 ttyin getty 32596 451891 76937 0 3 0x82 nanosleep syz-executor.1 16691 461533 0 0 3 0x14200 acct acct 95650 357393 0 0 3 0x14200 bored sosplice 76937 102526 77763 0 3 0x82 thrsleep syz-fuzzer 76937 127022 77763 0 3 0x4000082 nanosleep syz-fuzzer 76937 161602 77763 0 3 0x4000082 thrsleep syz-fuzzer 76937 47459 77763 0 3 0x4000082 thrsleep syz-fuzzer 76937 345587 77763 0 3 0x4000082 kqread syz-fuzzer 76937 294483 77763 0 3 0x4000082 thrsleep syz-fuzzer 76937 167945 77763 0 3 0x4000082 thrsleep syz-fuzzer 76937 343123 77763 0 3 0x4000082 thrsleep syz-fuzzer 76937 38575 77763 0 3 0x4000082 thrsleep syz-fuzzer 76937 249554 77763 0 3 0x4000082 thrsleep syz-fuzzer 77763 135970 64417 0 3 0x10008a pause ksh 64417 348662 6836 0 3 0x92 select sshd 6836 376064 1 0 3 0x80 select sshd 82052 17610 3805 74 3 0x100092 bpf pflogd 3805 24561 1 0 3 0x80 netio pflogd 21741 90435 50410 73 2 0x100090 syslogd 50410 316528 1 0 3 0x100082 netio syslogd 55618 307254 1 77 3 0x100090 poll dhclient 37015 88744 1 0 3 0x80 poll dhclient 21491 182375 0 0 2 0x14200 zerothread 3829 372953 0 0 3 0x14200 aiodoned aiodoned 90380 340298 0 0 3 0x14200 syncer update 4483 216882 0 0 3 0x14200 cleaner cleaner 63950 62489 0 0 3 0x14200 reaper reaper 23209 338707 0 0 3 0x14200 pgdaemon pagedaemon 35400 42359 0 0 3 0x14200 bored crynlk 79869 483824 0 0 3 0x14200 bored crypto 26076 65792 0 0 3 0x40014200 acpi0 acpi0 81434 251990 0 0 3 0x40014200 idle1 54805 267385 0 0 3 0x14200 bored softnet 64426 241077 0 0 3 0x14200 bored systqmp 38810 114060 0 0 3 0x14200 bored systq 45331 37155 0 0 3 0x40014200 bored softclock 13080 27111 0 0 3 0x40014200 idle0 22376 202268 0 0 3 0x14200 pause smr 1 206753 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 1391 (syz-executor.0) thread 0xffff800020acea08 (202036) exclusive rwlock netlock r = 0 (0xffffffff824aa9e8) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 rtm_output+0x5c3 sys/net/rtsock.c:897 #2 route_output+0x7c4 sys/net/rtsock.c:819 #3 route_usrreq+0x363 sys/net/rtsock.c:275 #4 sosend+0x645 sys/kern/uipc_socket.c:524 #5 sendit+0x52b sys/kern/uipc_syscalls.c:662 #6 sys_sendto+0x80 sys/kern/uipc_syscalls.c:527 #7 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #7 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #8 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 1 (0xffffffff8264ee38) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 solock+0x66 sys/kern/uipc_socket2.c:292 #2 sosend+0x51b sys/kern/uipc_socket.c:512 #3 sendit+0x52b sys/kern/uipc_syscalls.c:662 #4 sys_sendto+0x80 sys/kern/uipc_syscalls.c:527 #5 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #5 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #6 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9650 7246K 9816K 78643K 39957 0 0 pcb 13 8K 8K 78643K 641 0 0 rtable 120 13K 13K 78643K 1976 0 0 ifaddr 78 18K 20K 78643K 603 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 4K 78643K 1614 0 0 iov 0 0K 16K 78643K 499 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1238 78K 78K 78643K 9630 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 9K 78643K 77 0 0 VM map 2 1K 1K 78643K 4 0 0 sem 12 0K 0K 78643K 1520 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1808 196K 290K 78643K 12765 0 0 file desc 6 17K 25K 78643K 5048 0 0 sigio 2 0K 1K 78643K 1121 0 0 proc 62 63K 95K 78643K 1944 0 0 subproc 32 2K 2K 78643K 484 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 507 0 0 in_multi 33 2K 2K 78643K 466 0 0 ether_multi 1 0K 0K 78643K 27 0 0 mrt 1 0K 0K 78643K 21 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 90 397K 397K 78643K 90 0 0 exec 0 0K 1K 78643K 958 0 0 pfkey data 0 0K 4K 78643K 2 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 115 22K 32K 78643K 18014 0 0 UVM aobj 130 5K 5K 78643K 219 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 0K 78643K 558 0 0 NDP 18 0K 0K 78643K 192 0 0 temp 214 3556K 4196K 78643K 106524 0 0 kqueue 0 0K 0K 78643K 34 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 62 0 56 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 278 0 275 1 0 1 1 0 8 0 rtentry 112 301 0 256 2 0 2 2 0 8 0 unpcb 120 3173 0 3148 9 8 1 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 sackhl 24 3 0 3 2 2 0 1 0 8 0 tcpqe 32 5860 0 5860 1 1 0 1 0 8 0 tcpcb 544 1051 0 1047 1 0 1 1 0 8 0 inpcb 280 4596 0 4587 13 12 1 2 0 8 0 rttmr 72 2 0 2 2 2 0 1 0 8 0 nd6 48 48 0 44 1 0 1 1 0 8 0 pkpcb 40 32 0 32 8 8 0 1 0 8 0 ppxss 1128 82 0 82 14 13 1 1 0 8 1 pffrag 232 3 0 3 2 2 0 1 0 482 0 pffrnode 88 3 0 3 2 2 0 1 0 8 0 pffrent 40 9 0 9 3 3 0 1 0 8 0 pfosfp 40 846 0 846 5 5 0 5 0 8 0 pfosfpen 112 1428 0 1428 21 21 0 21 0 8 0 pfstitem 24 153 0 124 1 0 1 1 0 8 0 pfstkey 112 153 0 124 2 0 2 2 0 8 0 pfstate 328 153 0 124 4 0 4 4 0 8 1 pfrule 1360 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1212 0 993 18 3 15 15 0 8 0 art_table 32 1213 0 993 2 0 2 2 0 8 0 art_node 16 286 0 246 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 4 2 2 0 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 1518 0 1508 1 0 1 1 0 8 0 shmpl 112 217 0 89 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 9085 0 7679 46 0 46 46 0 8 0 ffsino 272 9085 0 7679 95 1 94 95 0 8 0 nchpl 144 17511 0 15890 61 0 61 61 0 8 0 uvmvnodes 72 6526 0 0 119 0 119 119 0 8 0 vnodes 208 6526 0 0 344 0 344 344 0 8 0 namei 1024 62404 0 62404 3 2 1 1 0 8 1 percpumem 16 30 0 0 1 0 1 1 0 8 0 vmpool 552 2 0 2 1 1 0 1 0 8 0 scsiplug 64 9 0 9 6 6 0 1 0 8 0 scxspl 192 48116 0 48116 26 25 1 7 0 8 1 plimitpl 152 435 0 427 1 0 1 1 0 8 0 sigapl 432 5175 0 5159 3 1 2 3 0 8 0 futexpl 56 98049 0 98048 2 1 1 1 0 8 0 knotepl 112 1381 0 1362 2 1 1 2 0 8 0 kqueuepl 104 1651 0 1648 1 0 1 1 0 8 0 pipepl 112 4948 0 4919 9 7 2 2 0 8 1 fdescpl 488 5176 0 5159 3 0 3 3 0 8 0 filepl 152 45163 0 45044 29 23 6 7 0 8 1 lockfpl 104 2593 0 2591 1 0 1 1 0 8 0 lockfspl 48 770 0 768 1 0 1 1 0 8 0 sessionpl 112 49 0 38 1 0 1 1 0 8 0 pgrppl 48 91 0 80 1 0 1 1 0 8 0 ucredpl 96 6059 0 6048 1 0 1 1 0 8 0 zombiepl 144 5159 0 5159 2 1 1 1 0 8 1 processpl 896 5193 0 5159 4 0 4 4 0 8 0 procpl 632 16027 0 15982 6 1 5 5 0 8 0 srpgc 64 52 0 52 10 10 0 1 0 8 0 sosppl 128 66 0 66 17 17 0 1 0 8 0 sockpl 384 8201 0 8164 18 14 4 6 0 8 0 mcl64k 65536 14 0 0 2 0 2 2 0 8 0 mcl16k 16384 8 0 0 1 0 1 1 0 8 0 mcl12k 12288 33 0 0 2 0 2 2 0 8 0 mcl9k 9216 30 0 0 2 1 1 2 0 8 0 mcl8k 8192 17 0 0 3 0 3 3 0 8 0 mcl4k 4096 24 0 0 3 0 3 3 0 8 0 mcl2k2 2112 8 0 0 1 0 1 1 0 8 0 mcl2k 2048 155 0 0 16 1 15 16 0 8 0 mtagpl 80 43 0 0 1 0 1 1 0 8 0 mbufpl 256 589 0 0 32 1 31 31 0 8 0 bufpl 256 21062 0 14014 441 0 441 441 0 8 0 anonpl 16 488185 0 473715 158 84 74 74 0 124 14 amapchunkpl 152 33699 0 33588 46 40 6 19 0 158 1 amappl16 192 23338 0 22535 131 83 48 52 0 8 7 amappl15 184 1380 0 1379 1 0 1 1 0 8 0 amappl14 176 866 0 863 1 0 1 1 0 8 0 amappl13 168 1280 0 1278 5 4 1 1 0 8 0 amappl12 160 350 0 349 1 0 1 1 0 8 0 amappl11 152 648 0 633 1 0 1 1 0 8 0 amappl10 144 494 0 490 1 0 1 1 0 8 0 amappl9 136 1234 0 1227 1 0 1 1 0 8 0 amappl8 128 830 0 792 2 0 2 2 0 8 0 amappl7 120 628 0 620 1 0 1 1 0 8 0 amappl6 112 628 0 611 1 0 1 1 0 8 0 amappl5 104 656 0 640 1 0 1 1 0 8 0 amappl4 96 5914 0 5879 1 0 1 1 0 8 0 amappl3 88 1361 0 1355 1 0 1 1 0 8 0 amappl2 80 40055 0 39974 3 1 2 3 0 8 0 amappl1 72 124975 0 124519 26 16 10 20 0 8 0 amappl 80 16692 0 16653 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 218 0 89 3 0 3 3 0 8 0 uaddrrnd 24 5178 0 5159 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5178 0 5159 1 0 1 1 0 8 0 vmmpekpl 168 47654 0 47613 3 0 3 3 0 8 0 vmmpepl 168 642461 0 640397 266 156 110 120 0 357 18 vmsppl 368 5175 0 5159 2 0 2 2 0 8 0 pdppl 4096 10363 0 10322 7 1 6 6 0 8 0 pvpl 32 1332739 0 1314950 352 173 179 179 0 265 35 pmappl 232 5177 0 5161 5 4 1 2 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 632 0 12 18 0 18 18 0 8 0