uvm_fault(0xffffffff82557e48, 0xffff800000ad9074, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at rtable_satoplen+0x150: movzbl 0xffffffffffffffff(%r13),%r12d
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
kernel page fault
uvm_fault(0xffffffff82557e48, 0xffff800000ad9074, 0, 1) -> e
rtable_satoplen(2,ffff800000ad8f78) at rtable_satoplen+0x150 sys/net/rtable.c:894
end trace frame: 0xffff80001492c820, count: 0
ddb> trace
rtable_satoplen(2,ffff800000ad8f78) at rtable_satoplen+0x150 sys/net/rtable.c:894
rtable_lookup(0,fffffd8036a34c20,ffff800000ad8f78,ffff800000ad8f58,4) at rtable_lookup+0xe0 sys/net/rtable.c:391
rtrequest_delete(ffff80001492c8c0,4,ffff800000af2800,ffff80001492c990,0) at rtrequest_delete+0xe3 sys/net/route.c:775
rt_ifa_del(ffff800000ad8f00,800100,ffff800000ad8f58,0) at rt_ifa_del+0x3c3 sys/net/route.c:1191
in_purgeaddr(ffff800000ad8f00) at in_purgeaddr+0xc6 in_remove_prefix sys/netinet/in.c:738 [inline]
in_purgeaddr(ffff800000ad8f00) at in_purgeaddr+0xc6 in_ifscrub sys/netinet/in.c:562 [inline]
in_purgeaddr(ffff800000ad8f00) at in_purgeaddr+0xc6 sys/netinet/in.c:678
in_ifinit(ffff800000af2800,ffff800000ad8f00,ffff80001492cd10,1) at in_ifinit+0x234 sys/netinet/in.c:664
in_ioctl_change_ifaddr(8040691a,ffff80001492cd00,ffff800000af2800,1) at in_ioctl_change_ifaddr+0x5de sys/netinet/in.c:452
in_ioctl(8040691a,ffff80001492cd00,ffff800000af2800,1) at in_ioctl+0x205 sys/netinet/in.c:234
ifioctl(fffffd803701b900,8040691a,ffff80001492cd00,ffff8000ffff8280) at ifioctl+0xb34 sys/net/if.c:2202
sys_ioctl(ffff8000ffff8280,ffff80001492ce18,ffff80001492ce60) at sys_ioctl+0x5b9
syscall(ffff80001492cee0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,0,ffffffffffffff36,0,3,213f5e66010) at Xsyscall+0x128
end of kernel
end trace frame: 0x21625ea7a30, count: -12
ddb> show registers
rdi 0
rsi 0xfd
rbp 0xffff80001492c780
rbx 0xffffffffffffff07
rdx 0xffff800000ad8f7c
rcx 0xffff800000ad9075
rax 0xffff800000ad9075
r8 0x4
r9 0x5
r10 0xbcbda6e15805e829
r11 0xf9e45744764edc54
r12 0
r13 0xffff800000ad9075
r14 0xffffffff824ae810 inetdomain
r15 0x4
rip 0xffffffff815d6f90 rtable_satoplen+0x150
cs 0x8
rflags 0x10283 __ALIGN_SIZE+0xf283
rsp 0xffff80001492c730
ss 0x10
rtable_satoplen+0x150: movzbl 0xffffffffffffffff(%r13),%r12d
ddb> show proc
PROC (syz-executor.0) pid=315978 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=62, usrpri=62, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff9b30,0xffffffff82563c58
process=0xffff8000ffff6370 user=0xffff800014927000, vmspace=0xfffffd803f014330
estcpu=32, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
27573 252120 33859 0 2 0 syz-executor.0
*27573 315978 33859 0 7 0x4000000 syz-executor.0
23715 439487 20267 0 2 0 syz-executor.1
23715 13094 20267 0 3 0x4000080 nanosleep syz-executor.1
23715 483056 20267 0 3 0x4000080 select syz-executor.1
20267 314433 23272 0 3 0x82 nanosleep syz-executor.1
95524 77291 1 0 3 0x100083 ttyin getty
33859 445431 23272 0 3 0x82 nanosleep syz-executor.0
38029 318804 0 0 3 0x14200 bored sosplice
23272 317705 79808 0 3 0x82 thrsleep syz-fuzzer
23272 463959 79808 0 3 0x4000082 thrsleep syz-fuzzer
23272 319993 79808 0 3 0x4000082 thrsleep syz-fuzzer
23272 318084 79808 0 3 0x4000082 thrsleep syz-fuzzer
23272 168908 79808 0 3 0x4000082 thrsleep syz-fuzzer
23272 320874 79808 0 3 0x4000082 thrsleep syz-fuzzer
23272 283455 79808 0 3 0x4000082 thrsleep syz-fuzzer
23272 150028 79808 0 3 0x4000082 kqread syz-fuzzer
79808 476890 79065 0 3 0x10008a pause ksh
79065 247412 86563 0 3 0x92 select sshd
86563 223887 1 0 3 0x80 select sshd
99076 124858 47283 73 3 0x100090 kqread syslogd
47283 342143 1 0 3 0x100082 netio syslogd
69121 386249 1 77 3 0x100090 poll dhclient
36766 20838 1 0 3 0x80 poll dhclient
12114 308695 0 0 2 0x14200 zerothread
2917 93363 0 0 3 0x14200 aiodoned aiodoned
30025 361370 0 0 3 0x14200 syncer update
74963 254736 0 0 3 0x14200 cleaner cleaner
46469 182100 0 0 3 0x14200 reaper reaper
18566 167863 0 0 3 0x14200 pgdaemon pagedaemon
57534 179479 0 0 3 0x14200 bored crynlk
8153 66211 0 0 3 0x14200 bored crypto
80757 441320 0 0 3 0x40014200 acpi0 acpi0
23843 147356 0 0 3 0x14200 bored softnet
52646 248100 0 0 3 0x14200 bored systqmp
31022 419989 0 0 3 0x14200 bored systq
80239 409517 0 0 3 0x40014200 bored softclock
26312 188028 0 0 3 0x40014200 idle0
84525 513382 0 0 3 0x14200 bored smr
1 358272 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9568 6934K 7064K 78643K 17624 0 0
pcb 13 10K 12K 78643K 149 0 0
rtable 111 4K 4K 78643K 2879 0 0
ifaddr 69 22K 25K 78643K 1362 0 0
counters 19 16K 16K 78643K 19 0 0
ioctlops 0 0K 2K 78643K 81 0 0
iov 0 0K 32K 78643K 1114 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1220 77K 77K 78643K 4778 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 40 0 0
VM map 6 1K 1K 78643K 10 0 0
sem 12 1K 1K 78643K 556 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1793 195K 288K 78643K 12645 0 0
file desc 6 17K 25K 78643K 2449 0 0
sigio 0 0K 0K 78643K 12 0 0
proc 49 38K 63K 78643K 673 0 0
subproc 32 2K 2K 78643K 140 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 444 0 0
in_multi 34 2K 2K 78643K 134 0 0
ether_multi 1 0K 0K 78643K 12 0 0
mrt 1 0K 0K 78643K 7 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 90 397K 397K 78643K 90 0 0
exec 0 0K 1K 78643K 358 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 131 39K 48K 78643K 8141 0 0
UVM aobj 130 4K 4K 78643K 142 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 164 0 0
NDP 15 0K 0K 78643K 403 0 0
temp 191 3540K 3609K 78643K 79236 0 0
kqueue 0 0K 0K 78643K 3 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 27 0 21 1 0 1 1 0 8 0
rtpcb 80 471 0 469 1 0 1 1 0 8 0
rtentry 112 127 0 83 2 0 2 2 0 8 0
unpcb 120 1350 0 1342 1 0 1 1 0 8 0
syncache 264 11 0 11 5 4 1 1 0 8 1
tcpqe 32 86 0 86 3 3 0 1 0 8 0
tcpcb 544 832 0 828 18 17 1 12 0 8 0
ipq 40 6 0 6 3 3 0 1 0 8 0
ipqe 40 14 0 14 3 3 0 1 0 8 0
inpcb 280 1388 0 1380 19 18 1 9 0 8 0
rttmr 72 1 0 1 1 0 1 1 0 8 1
nd6 48 16 0 12 1 0 1 1 0 8 0
swfcl 56 2 0 0 1 0 1 1 0 8 0
ppxss 1128 151 0 151 6 6 0 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 523 0 299 18 3 15 15 0 8 0
art_table 32 524 0 299 2 0 2 2 0 8 0
art_node 16 126 0 86 1 0 1 1 0 8 0
sysvmsgpl 40 43 0 33 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 554 0 544 1 0 1 1 0 8 0
shmpl 112 140 0 12 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 7226 0 5836 46 0 46 46 0 8 0
ffsino 240 7226 0 5836 83 0 83 83 0 8 0
nchpl 144 11359 0 9754 61 1 60 61 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 208 5926 0 0 312 0 312 312 0 8 0
namei 1024 40362 0 40362 1 0 1 1 0 8 1
vcpupl 1984 4 0 0 1 0 1 1 0 8 0
vmpool 520 8 0 4 1 0 1 1 0 8 0
scxspl 192 29496 0 29496 15 14 1 7 0 8 1
plimitpl 152 71 0 64 1 0 1 1 0 8 0
sigapl 432 2603 0 2589 2 0 2 2 0 8 0
futexpl 56 69238 0 69238 1 0 1 1 0 8 1
knotepl 112 264 0 245 1 0 1 1 0 8 0
kqueuepl 104 410 0 408 4 3 1 4 0 8 0
pipepl 112 874 0 855 4 3 1 2 0 8 0
fdescpl 424 2604 0 2589 2 0 2 2 0 8 0
filepl 120 23257 0 23161 21 17 4 11 0 8 0
lockfpl 104 12270 0 12269 1 0 1 1 0 8 0
lockfspl 48 2506 0 2505 1 0 1 1 0 8 0
sessionpl 112 24 0 14 1 0 1 1 0 8 0
pgrppl 48 28 0 18 1 0 1 1 0 8 0
ucredpl 96 6789 0 6782 1 0 1 1 0 8 0
zombiepl 144 2589 0 2589 1 0 1 1 0 8 1
processpl 864 2619 0 2589 4 0 4 4 0 8 0
procpl 632 7104 0 7064 6 2 4 5 0 8 0
sockpl 384 3227 0 3209 36 33 3 13 0 8 1
mcl64k 65536 736 0 736 3 2 1 1 0 8 1
mcl16k 16384 68 0 68 11 11 0 1 0 8 0
mcl12k 12288 588 0 588 7 6 1 1 0 8 1
mcl9k 9216 21 0 21 9 9 0 1 0 8 0
mcl8k 8192 135 0 135 24 23 1 1 0 8 1
mcl4k 4096 227 0 227 21 20 1 1 0 8 1
mcl2k2 2112 10 0 10 10 10 0 1 0 8 0
mcl2k 2048 78723 0 78675 33 26 7 14 0 8 0
mtagpl 80 73 0 71 6 5 1 2 0 8 0
mbufpl 256 166462 0 166354 28 17 11 16 0 8 0
bufpl 256 11953 0 7028 309 0 309 309 0 8 0
anonpl 16 278053 0 259418 129 49 80 91 0 62 2
amapchunkpl 152 16144 0 16019 37 27 10 19 0 158 4
amappl16 192 14126 0 13074 120 64 56 64 0 8 3
amappl15 184 229 0 229 2 2 0 1 0 8 0
amappl14 176 92 0 86 1 0 1 1 0 8 0
amappl13 168 102 0 102 2 2 0 1 0 8 0
amappl12 160 26 0 21 1 0 1 1 0 8 0
amappl11 152 552 0 539 1 0 1 1 0 8 0
amappl10 144 1101 0 1099 2 1 1 1 0 8 0
amappl9 136 1187 0 1178 1 0 1 1 0 8 0
amappl8 128 748 0 707 2 0 2 2 0 8 0
amappl7 120 1152 0 1145 1 0 1 1 0 8 0
amappl6 112 559 0 544 1 0 1 1 0 8 0
amappl5 104 831 0 821 1 0 1 1 0 8 0
amappl4 96 2990 0 2959 1 0 1 1 0 8 0
amappl3 88 739 0 733 1 0 1 1 0 8 0
amappl2 80 19842 0 19768 3 1 2 3 0 8 0
amappl1 72 59631 0 59202 27 18 9 20 0 8 0
amappl 80 7457 0 7415 5 3 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 17 0 17 1 1 0 1 0 8 0
aobjpl 64 141 0 12 3 0 3 3 0 8 0
uaddrrnd 24 2612 0 2589 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 2612 0 2589 1 0 1 1 0 8 0
vmmpekpl 168 22235 0 22209 2 0 2 2 0 8 0
vmmpepl 168 318621 0 316375 310 208 102 143 0 357 2
vmsppl 272 2603 0 2589 7 6 1 2 0 8 0
pdppl 4096 5230 0 5190 8 2 6 6 0 8 0
pvpl 32 708842 0 687076 325 134 191 215 0 265 14
pmappl 200 2611 0 2593 6 5 1 2 0 8 0
extentpl 40 41 0 26 1 0 1 1 0 8 0
phpool 112 570 0 129 13 0 13 13 0 8 0