uvm_fault(0xffffffff82557e48, 0xffff800000ad9074, 0, 1) -> e kernel: page fault trap, code=0 Stopped at rtable_satoplen+0x150: movzbl 0xffffffffffffffff(%r13),%r12d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xffffffff82557e48, 0xffff800000ad9074, 0, 1) -> e rtable_satoplen(2,ffff800000ad8f78) at rtable_satoplen+0x150 sys/net/rtable.c:894 end trace frame: 0xffff80001492c820, count: 0 ddb> trace rtable_satoplen(2,ffff800000ad8f78) at rtable_satoplen+0x150 sys/net/rtable.c:894 rtable_lookup(0,fffffd8036a34c20,ffff800000ad8f78,ffff800000ad8f58,4) at rtable_lookup+0xe0 sys/net/rtable.c:391 rtrequest_delete(ffff80001492c8c0,4,ffff800000af2800,ffff80001492c990,0) at rtrequest_delete+0xe3 sys/net/route.c:775 rt_ifa_del(ffff800000ad8f00,800100,ffff800000ad8f58,0) at rt_ifa_del+0x3c3 sys/net/route.c:1191 in_purgeaddr(ffff800000ad8f00) at in_purgeaddr+0xc6 in_remove_prefix sys/netinet/in.c:738 [inline] in_purgeaddr(ffff800000ad8f00) at in_purgeaddr+0xc6 in_ifscrub sys/netinet/in.c:562 [inline] in_purgeaddr(ffff800000ad8f00) at in_purgeaddr+0xc6 sys/netinet/in.c:678 in_ifinit(ffff800000af2800,ffff800000ad8f00,ffff80001492cd10,1) at in_ifinit+0x234 sys/netinet/in.c:664 in_ioctl_change_ifaddr(8040691a,ffff80001492cd00,ffff800000af2800,1) at in_ioctl_change_ifaddr+0x5de sys/netinet/in.c:452 in_ioctl(8040691a,ffff80001492cd00,ffff800000af2800,1) at in_ioctl+0x205 sys/netinet/in.c:234 ifioctl(fffffd803701b900,8040691a,ffff80001492cd00,ffff8000ffff8280) at ifioctl+0xb34 sys/net/if.c:2202 sys_ioctl(ffff8000ffff8280,ffff80001492ce18,ffff80001492ce60) at sys_ioctl+0x5b9 syscall(ffff80001492cee0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff36,0,3,213f5e66010) at Xsyscall+0x128 end of kernel end trace frame: 0x21625ea7a30, count: -12 ddb> show registers rdi 0 rsi 0xfd rbp 0xffff80001492c780 rbx 0xffffffffffffff07 rdx 0xffff800000ad8f7c rcx 0xffff800000ad9075 rax 0xffff800000ad9075 r8 0x4 r9 0x5 r10 0xbcbda6e15805e829 r11 0xf9e45744764edc54 r12 0 r13 0xffff800000ad9075 r14 0xffffffff824ae810 inetdomain r15 0x4 rip 0xffffffff815d6f90 rtable_satoplen+0x150 cs 0x8 rflags 0x10283 __ALIGN_SIZE+0xf283 rsp 0xffff80001492c730 ss 0x10 rtable_satoplen+0x150: movzbl 0xffffffffffffffff(%r13),%r12d ddb> show proc PROC (syz-executor.0) pid=315978 stat=onproc flags process=0 proc=4000000 pri=62, usrpri=62, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff9b30,0xffffffff82563c58 process=0xffff8000ffff6370 user=0xffff800014927000, vmspace=0xfffffd803f014330 estcpu=32, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 27573 252120 33859 0 2 0 syz-executor.0 *27573 315978 33859 0 7 0x4000000 syz-executor.0 23715 439487 20267 0 2 0 syz-executor.1 23715 13094 20267 0 3 0x4000080 nanosleep syz-executor.1 23715 483056 20267 0 3 0x4000080 select syz-executor.1 20267 314433 23272 0 3 0x82 nanosleep syz-executor.1 95524 77291 1 0 3 0x100083 ttyin getty 33859 445431 23272 0 3 0x82 nanosleep syz-executor.0 38029 318804 0 0 3 0x14200 bored sosplice 23272 317705 79808 0 3 0x82 thrsleep syz-fuzzer 23272 463959 79808 0 3 0x4000082 thrsleep syz-fuzzer 23272 319993 79808 0 3 0x4000082 thrsleep syz-fuzzer 23272 318084 79808 0 3 0x4000082 thrsleep syz-fuzzer 23272 168908 79808 0 3 0x4000082 thrsleep syz-fuzzer 23272 320874 79808 0 3 0x4000082 thrsleep syz-fuzzer 23272 283455 79808 0 3 0x4000082 thrsleep syz-fuzzer 23272 150028 79808 0 3 0x4000082 kqread syz-fuzzer 79808 476890 79065 0 3 0x10008a pause ksh 79065 247412 86563 0 3 0x92 select sshd 86563 223887 1 0 3 0x80 select sshd 99076 124858 47283 73 3 0x100090 kqread syslogd 47283 342143 1 0 3 0x100082 netio syslogd 69121 386249 1 77 3 0x100090 poll dhclient 36766 20838 1 0 3 0x80 poll dhclient 12114 308695 0 0 2 0x14200 zerothread 2917 93363 0 0 3 0x14200 aiodoned aiodoned 30025 361370 0 0 3 0x14200 syncer update 74963 254736 0 0 3 0x14200 cleaner cleaner 46469 182100 0 0 3 0x14200 reaper reaper 18566 167863 0 0 3 0x14200 pgdaemon pagedaemon 57534 179479 0 0 3 0x14200 bored crynlk 8153 66211 0 0 3 0x14200 bored crypto 80757 441320 0 0 3 0x40014200 acpi0 acpi0 23843 147356 0 0 3 0x14200 bored softnet 52646 248100 0 0 3 0x14200 bored systqmp 31022 419989 0 0 3 0x14200 bored systq 80239 409517 0 0 3 0x40014200 bored softclock 26312 188028 0 0 3 0x40014200 idle0 84525 513382 0 0 3 0x14200 bored smr 1 358272 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9568 6934K 7064K 78643K 17624 0 0 pcb 13 10K 12K 78643K 149 0 0 rtable 111 4K 4K 78643K 2879 0 0 ifaddr 69 22K 25K 78643K 1362 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 81 0 0 iov 0 0K 32K 78643K 1114 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1220 77K 77K 78643K 4778 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 40 0 0 VM map 6 1K 1K 78643K 10 0 0 sem 12 1K 1K 78643K 556 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12645 0 0 file desc 6 17K 25K 78643K 2449 0 0 sigio 0 0K 0K 78643K 12 0 0 proc 49 38K 63K 78643K 673 0 0 subproc 32 2K 2K 78643K 140 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 444 0 0 in_multi 34 2K 2K 78643K 134 0 0 ether_multi 1 0K 0K 78643K 12 0 0 mrt 1 0K 0K 78643K 7 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 90 397K 397K 78643K 90 0 0 exec 0 0K 1K 78643K 358 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 131 39K 48K 78643K 8141 0 0 UVM aobj 130 4K 4K 78643K 142 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 0K 78643K 164 0 0 NDP 15 0K 0K 78643K 403 0 0 temp 191 3540K 3609K 78643K 79236 0 0 kqueue 0 0K 0K 78643K 3 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 27 0 21 1 0 1 1 0 8 0 rtpcb 80 471 0 469 1 0 1 1 0 8 0 rtentry 112 127 0 83 2 0 2 2 0 8 0 unpcb 120 1350 0 1342 1 0 1 1 0 8 0 syncache 264 11 0 11 5 4 1 1 0 8 1 tcpqe 32 86 0 86 3 3 0 1 0 8 0 tcpcb 544 832 0 828 18 17 1 12 0 8 0 ipq 40 6 0 6 3 3 0 1 0 8 0 ipqe 40 14 0 14 3 3 0 1 0 8 0 inpcb 280 1388 0 1380 19 18 1 9 0 8 0 rttmr 72 1 0 1 1 0 1 1 0 8 1 nd6 48 16 0 12 1 0 1 1 0 8 0 swfcl 56 2 0 0 1 0 1 1 0 8 0 ppxss 1128 151 0 151 6 6 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 523 0 299 18 3 15 15 0 8 0 art_table 32 524 0 299 2 0 2 2 0 8 0 art_node 16 126 0 86 1 0 1 1 0 8 0 sysvmsgpl 40 43 0 33 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 554 0 544 1 0 1 1 0 8 0 shmpl 112 140 0 12 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 7226 0 5836 46 0 46 46 0 8 0 ffsino 240 7226 0 5836 83 0 83 83 0 8 0 nchpl 144 11359 0 9754 61 1 60 61 0 8 0 uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0 vnodes 208 5926 0 0 312 0 312 312 0 8 0 namei 1024 40362 0 40362 1 0 1 1 0 8 1 vcpupl 1984 4 0 0 1 0 1 1 0 8 0 vmpool 520 8 0 4 1 0 1 1 0 8 0 scxspl 192 29496 0 29496 15 14 1 7 0 8 1 plimitpl 152 71 0 64 1 0 1 1 0 8 0 sigapl 432 2603 0 2589 2 0 2 2 0 8 0 futexpl 56 69238 0 69238 1 0 1 1 0 8 1 knotepl 112 264 0 245 1 0 1 1 0 8 0 kqueuepl 104 410 0 408 4 3 1 4 0 8 0 pipepl 112 874 0 855 4 3 1 2 0 8 0 fdescpl 424 2604 0 2589 2 0 2 2 0 8 0 filepl 120 23257 0 23161 21 17 4 11 0 8 0 lockfpl 104 12270 0 12269 1 0 1 1 0 8 0 lockfspl 48 2506 0 2505 1 0 1 1 0 8 0 sessionpl 112 24 0 14 1 0 1 1 0 8 0 pgrppl 48 28 0 18 1 0 1 1 0 8 0 ucredpl 96 6789 0 6782 1 0 1 1 0 8 0 zombiepl 144 2589 0 2589 1 0 1 1 0 8 1 processpl 864 2619 0 2589 4 0 4 4 0 8 0 procpl 632 7104 0 7064 6 2 4 5 0 8 0 sockpl 384 3227 0 3209 36 33 3 13 0 8 1 mcl64k 65536 736 0 736 3 2 1 1 0 8 1 mcl16k 16384 68 0 68 11 11 0 1 0 8 0 mcl12k 12288 588 0 588 7 6 1 1 0 8 1 mcl9k 9216 21 0 21 9 9 0 1 0 8 0 mcl8k 8192 135 0 135 24 23 1 1 0 8 1 mcl4k 4096 227 0 227 21 20 1 1 0 8 1 mcl2k2 2112 10 0 10 10 10 0 1 0 8 0 mcl2k 2048 78723 0 78675 33 26 7 14 0 8 0 mtagpl 80 73 0 71 6 5 1 2 0 8 0 mbufpl 256 166462 0 166354 28 17 11 16 0 8 0 bufpl 256 11953 0 7028 309 0 309 309 0 8 0 anonpl 16 278053 0 259418 129 49 80 91 0 62 2 amapchunkpl 152 16144 0 16019 37 27 10 19 0 158 4 amappl16 192 14126 0 13074 120 64 56 64 0 8 3 amappl15 184 229 0 229 2 2 0 1 0 8 0 amappl14 176 92 0 86 1 0 1 1 0 8 0 amappl13 168 102 0 102 2 2 0 1 0 8 0 amappl12 160 26 0 21 1 0 1 1 0 8 0 amappl11 152 552 0 539 1 0 1 1 0 8 0 amappl10 144 1101 0 1099 2 1 1 1 0 8 0 amappl9 136 1187 0 1178 1 0 1 1 0 8 0 amappl8 128 748 0 707 2 0 2 2 0 8 0 amappl7 120 1152 0 1145 1 0 1 1 0 8 0 amappl6 112 559 0 544 1 0 1 1 0 8 0 amappl5 104 831 0 821 1 0 1 1 0 8 0 amappl4 96 2990 0 2959 1 0 1 1 0 8 0 amappl3 88 739 0 733 1 0 1 1 0 8 0 amappl2 80 19842 0 19768 3 1 2 3 0 8 0 amappl1 72 59631 0 59202 27 18 9 20 0 8 0 amappl 80 7457 0 7415 5 3 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 141 0 12 3 0 3 3 0 8 0 uaddrrnd 24 2612 0 2589 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2612 0 2589 1 0 1 1 0 8 0 vmmpekpl 168 22235 0 22209 2 0 2 2 0 8 0 vmmpepl 168 318621 0 316375 310 208 102 143 0 357 2 vmsppl 272 2603 0 2589 7 6 1 2 0 8 0 pdppl 4096 5230 0 5190 8 2 6 6 0 8 0 pvpl 32 708842 0 687076 325 134 191 215 0 265 14 pmappl 200 2611 0 2593 6 5 1 2 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 570 0 129 13 0 13 13 0 8 0