uvm_fault(0xffffffff8224f098, 0xffff800007f42002, 0, 1) -> e kernel: page fault trap, code=0 Stopped at rtable_satoplen+0x150: movzbl 0xffffffffffffffff(%r13),%r12d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xffffffff8224f098, 0xffff800007f42002, 0, 1) -> e rtable_satoplen(21,ffff800007f41f59) at rtable_satoplen+0x150 sys/net/rtable.c:888 end trace frame: 0xffff800014a3e8f0, count: 0 ddb> trace rtable_satoplen(21,ffff800007f41f59) at rtable_satoplen+0x150 sys/net/rtable.c:888 rtable_lookup(0,ffff800007f41f09,ffff800007f41f59,ffff800007f41f11,21) at rtable_lookup+0xed sys/net/rtable.c:391 rtm_output(ffff800007f41f00,ffff800014a3e9e0,ffff800014a3e9e8,21,0) at rtm_output+0x1a7 sys/net/rtsock.c:952 route_output(fffffd803f030a00,fffffd803700c600,0,0) at route_output+0x78b sys/net/rtsock.c:806 route_usrreq(fffffd803700c600,9,fffffd803f030a00,0,0,ffff8000149eee30) at route_usrreq+0x35d sys/net/rtsock.c:271 sosend(fffffd803700c600,0,ffff800014a3eca8,0,0,0) at sosend+0x6e3 sys/kern/uipc_socket.c:513 sendit(ffff8000149eee30,3,ffff800014a3ed68,0,ffff800014a3ee30) at sendit+0x58f sys/kern/uipc_syscalls.c:662 sys_sendto(ffff8000149eee30,ffff800014a3ee48,ffff800014a3ee30) at sys_sendto+0x92 syscall(ffff800014a3eee0) at syscall+0x541 Xsyscall(6,0,ffffffffffffffd8,0,6,21e5dbf5010) at Xsyscall+0x128 end of kernel end trace frame: 0x22149a28640, count: -10 ddb> show registers rdi 0 rsi 0xaa rbp 0xffff800014a3e850 rbx 0xffffffffffffff5a rdx 0xffff800007f41f5d rcx 0xffff800007f42003 rax 0xffff800007f42003 r8 0x21 r9 0x1 r10 0xffff80000092c300 r11 0xbfa2139de1930295 r12 0 r13 0xffff800007f42003 r14 0xffffffff8214bcc0 mplsdomain r15 0x4 rip 0xffffffff81d33ff0 rtable_satoplen+0x150 cs 0x8 rflags 0x10287 __ALIGN_SIZE+0xf287 rsp 0xffff800014a3e800 ss 0x10 rtable_satoplen+0x150: movzbl 0xffffffffffffffff(%r13),%r12d ddb> show proc PROC (syz-executor.1) pid=216662 stat=onproc flags process=0 proc=4000000 pri=69, usrpri=69, nice=20 forw=0xffffffffffffffff, list=0xffff8000149ee4d0,0xffffffff82252c30 process=0xffff8000ffff73c0 user=0xffff800014a39000, vmspace=0xfffffd803f014a50 estcpu=19, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 46600 192881 97653 0 2 0 syz-executor.1 *46600 216662 97653 0 7 0x4000000 syz-executor.1 40977 270954 21166 0 2 0 syz-executor.0 40977 180459 21166 0 3 0x4000080 fsleep syz-executor.0 97653 258856 19128 0 3 0x82 nanosleep syz-executor.1 21166 470902 19128 0 2 0x482 syz-executor.0 11996 37832 1 0 3 0x100083 ttyin getty 1879 411722 0 0 3 0x14200 bored sosplice 19128 195726 10711 0 3 0x82 thrsleep syz-fuzzer 19128 321151 10711 0 2 0x4000482 syz-fuzzer 19128 383967 10711 0 3 0x4000082 kqread syz-fuzzer 19128 497087 10711 0 3 0x4000082 thrsleep syz-fuzzer 19128 269552 10711 0 3 0x4000082 thrsleep syz-fuzzer 19128 477081 10711 0 3 0x4000082 thrsleep syz-fuzzer 19128 240164 10711 0 3 0x4000082 thrsleep syz-fuzzer 19128 11869 10711 0 3 0x4000082 thrsleep syz-fuzzer 10711 370551 77592 0 3 0x10008a pause ksh 77592 180015 80040 0 3 0x92 select sshd 80040 48856 1 0 3 0x80 select sshd 85403 405301 54822 73 2 0x100090 syslogd 54822 76706 1 0 3 0x100082 netio syslogd 99454 293278 1 77 3 0x100090 poll dhclient 53555 174631 1 0 3 0x80 poll dhclient 66858 137024 0 0 3 0x14200 pgzero zerothread 46178 198293 0 0 3 0x14200 aiodoned aiodoned 38968 520110 0 0 3 0x14200 syncer update 1306 342123 0 0 3 0x14200 cleaner cleaner 58821 279000 0 0 3 0x14200 reaper reaper 81341 515117 0 0 3 0x14200 pgdaemon pagedaemon 14189 311024 0 0 3 0x14200 bored crynlk 17504 83757 0 0 3 0x14200 bored crypto 94403 110049 0 0 3 0x40014200 acpi0 acpi0 80822 503050 0 0 3 0x14200 bored softnet 31133 181803 0 0 3 0x14200 bored systqmp 49558 335632 0 0 3 0x14200 bored systq 76639 148512 0 0 2 0x40014200 softclock 74576 255198 0 0 3 0x40014200 idle0 7609 143151 0 0 3 0x14200 bored smr 1 354535 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9550 10463K 10479K 78643K 13667 0 0 pcb 24 9K 11K 78643K 2396 0 0 rtable 107 4K 4K 78643K 4931 0 0 ifaddr 71 26K 33K 78643K 2244 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 93 0 0 iov 0 0K 32K 78643K 572 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1181 74K 75K 78643K 4654 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 9K 78643K 53 0 0 VM map 2 0K 0K 78643K 2 0 0 sem 12 0K 1K 78643K 914 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12537 0 0 file desc 6 17K 21K 78643K 6450 0 0 sigio 0 0K 0K 78643K 54 0 0 proc 42 30K 54K 78643K 1674 0 0 subproc 64 65538K 67586K 78643K 1511 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 524 0 0 in_multi 33 2K 2K 78643K 616 0 0 ether_multi 1 0K 0K 78643K 16 0 0 mrt 1 0K 0K 78643K 10 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 96 424K 424K 78643K 96 0 0 exec 0 0K 1K 78643K 752 0 0 pfkey data 0 0K 0K 78643K 2 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 91 21K 24K 78643K 16003 0 0 UVM aobj 130 7K 7K 78643K 149 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 190 0 0 NDP 18 0K 0K 78643K 687 0 0 temp 198 2360K 2487K 78643K 24506 0 0 kqueue 0 0K 0K 78643K 36 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 46 0 42 1 0 1 1 0 8 0 inpcbpl 280 3018 0 3011 1 0 1 1 0 8 0 plimitpl 152 176 0 169 1 0 1 1 0 8 0 rtentry 112 425 0 385 2 0 2 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpcb 544 651 0 647 1 0 1 1 0 8 0 nd6 48 88 0 84 1 0 1 1 0 8 0 ppxss 1128 517 0 517 21 20 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1989 0 1795 14 1 13 13 0 8 0 art_table 32 1990 0 1795 2 0 2 2 0 8 0 art_node 16 418 0 384 1 0 1 1 0 8 0 sysvmsgpl 40 30 0 5 1 0 1 1 0 8 0 semapl 112 912 0 902 1 0 1 1 0 8 0 shmpl 112 147 0 19 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 12677 0 11058 53 0 53 53 0 8 0 ffsino 240 12677 0 11058 96 0 96 96 0 8 0 nchpl 144 21300 0 19524 66 0 66 66 0 8 0 uvmvnodes 72 7051 0 0 129 0 129 129 0 8 0 vnodes 200 7051 0 0 372 0 372 372 0 8 0 namei 1024 67112 0 67112 3 2 1 1 0 8 1 scsiplug 64 10 0 10 7 7 0 1 0 8 0 scxspl 192 77716 0 77716 37 34 3 6 0 8 3 sigapl 432 6497 0 6483 2 0 2 2 0 8 0 futexpl 56 89690 0 89689 3 2 1 1 0 8 0 knotepl 112 1586 0 1567 2 1 1 2 0 8 0 kqueuepl 104 990 0 988 1 0 1 1 0 8 0 pipepl 112 3580 0 3559 10 9 1 2 0 8 0 fdescpl 424 6498 0 6483 2 0 2 2 0 8 0 filepl 120 35434 0 35336 12 8 4 5 0 8 1 lockfpl 104 1248 0 1247 11 10 1 1 0 8 0 lockfspl 32 1213 0 1212 11 10 1 1 0 8 0 sessionpl 112 62 0 52 1 0 1 1 0 8 0 pgrppl 48 126 0 116 1 0 1 1 0 8 0 ucredpl 96 8400 0 8393 1 0 1 1 0 8 0 zombiepl 144 6483 0 6483 2 1 1 1 0 8 1 processpl 840 6513 0 6483 4 0 4 4 0 8 0 procpl 600 14398 0 14359 5 1 4 4 0 8 0 sosppl 128 58 0 58 14 14 0 1 0 8 0 sockpl 384 5110 0 5092 13 10 3 4 0 8 1 mcl64k 65536 1774 0 1774 165 144 21 47 0 8 21 mcl16k 16384 17 0 17 8 8 0 1 0 8 0 mcl12k 12288 133 0 133 22 21 1 1 0 8 1 mcl9k 9216 105 0 105 20 19 1 1 0 8 1 mcl8k 8192 106 0 106 24 23 1 1 0 8 1 mcl4k 4096 208 0 208 18 17 1 1 0 8 1 mcl2k2 2112 32 0 32 13 13 0 1 0 8 0 mcl2k 2048 55707 0 55671 39 33 6 10 0 8 1 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 138538 0 138448 110 101 9 29 0 8 2 bufpl 256 20493 0 13421 443 0 443 443 0 8 0 anonpl 16 642442 0 635363 162 111 51 52 0 62 9 amapchunkpl 152 28242 0 28159 64 59 5 14 0 158 1 amappl16 192 34834 0 34372 225 192 33 36 0 8 8 amappl15 184 1611 0 1607 1 0 1 1 0 8 0 amappl14 176 987 0 986 2 1 1 1 0 8 0 amappl13 168 187 0 183 1 0 1 1 0 8 0 amappl12 160 791 0 786 1 0 1 1 0 8 0 amappl11 152 1449 0 1435 1 0 1 1 0 8 0 amappl10 144 1504 0 1502 4 3 1 1 0 8 0 amappl9 136 1342 0 1339 1 0 1 1 0 8 0 amappl8 128 925 0 898 1 0 1 1 0 8 0 amappl7 120 851 0 844 1 0 1 1 0 8 0 amappl6 112 1343 0 1336 1 0 1 1 0 8 0 amappl5 104 968 0 956 1 0 1 1 0 8 0 amappl4 96 6151 0 6120 2 1 1 2 0 8 0 amappl3 88 1299 0 1293 1 0 1 1 0 8 0 amappl2 80 54861 0 54802 2 0 2 2 0 8 0 amappl1 72 126958 0 126530 26 17 9 19 0 8 0 amappl 72 14951 0 14917 1 0 1 1 0 75 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 148 0 19 3 0 3 3 0 8 0 uaddrrnd 24 6498 0 6483 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6498 0 6483 1 0 1 1 0 8 0 vmmpekpl 168 42320 0 42299 2 0 2 2 0 8 0 vmmpepl 168 673791 0 672297 268 190 78 92 0 357 8 vmsppl 264 6497 0 6483 6 5 1 2 0 8 0 pdppl 4096 13002 0 12966 5 0 5 5 0 8 0 pvpl 32 2131800 0 2121351 557 354 203 229 0 265 97 pmappl 192 6497 0 6483 1 0 1 1 0 8 0 extentpl 40 39 0 25 1 0 1 1 0 8 0 phpool 112 932 0 331 19 0 19 19 0 8 0