uvm_fault(0xffffffff825f90e8, 0xfffffd80787255f8, 0, 4) -> e kernel: page fault trap, code=0 Stopped at 0xfffffd80787255f8: xorl $0x58,0xffffffff8285e11c(%rbx) ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic kernel page fault uvm_fault(0xffffffff825f90e8, 0xfffffd80787255f8, 0, 4) -> e fffffd80787255f8(b,ffff800023ded7e8,83,ffff800023ded888,0,b) at 0xfffffd80787255f8 end trace frame: 0xffff800023ded8e0, count: 0 ddb{0}> trace fffffd80787255f8(b,ffff800023ded7e8,83,ffff800023ded888,0,b) at 0xfffffd80787255f8 rt_clone(ffff800023ded8f8,fffffd806f6ce4e0,0) at rt_clone+0x78 sys/net/route.c:266 rtalloc_mpath(fffffd806f6ce4e0,0,0) at rtalloc_mpath+0xba rt_match sys/net/route.c:244 [inline] rtalloc_mpath(fffffd806f6ce4e0,0,0) at rtalloc_mpath+0xba sys/net/route.c:359 in_pcbselsrc(ffff800023ded9d0,fffffd805f0dcd20,fffffd806f6ce460) at in_pcbselsrc+0x219 sys/netinet/in_pcb.c:934 in_pcbconnect(fffffd806f6ce460,fffffd805f0dcd00) at in_pcbconnect+0x107 sys/netinet/in_pcb.c:492 udp_usrreq(fffffd80707a6d90,4,0,fffffd805f0dcd00,0,ffff800020abec70) at udp_usrreq+0x560 sys_connect(ffff800020abec70,ffff800023dedb58,ffff800023dedba0) at sys_connect+0x3df sys/kern/uipc_syscalls.c:388 syscall(ffff800023dedc20) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] syscall(ffff800023dedc20) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 Xsyscall(0,0,fffffffffffffed2,0,3,a2268fa010) at Xsyscall+0x128 end of kernel end trace frame: 0xa4cc8a88b0, count: -9 ddb{0}> show registers rdi 0xffff800000b97800 rsi 0xb rbp 0xffff800023ded7d0 rbx 0xfffffd80661fa858 rdx 0xfffffd80661fa858 rcx 0xffff800020d58000 rax 0xffff800020d58000 r8 0x100 r9 0x7 r10 0xc64237ba28344f03 r11 0xfffffd80787255f8 r12 0xfffffd80661fa858 r13 0xffff800023ded7e8 r14 0xffff800023ded888 r15 0xffff80000005b6d0 rip 0xfffffd80787255f8 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800023ded6d8 ss 0x10 0xfffffd80787255f8: xorl $0x58,0xffffffff8285e11c(%rbx) ddb{0}> show proc PROC (syz-executor.1) pid=411977 stat=onproc flags process=0 proc=4000000 pri=86, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff800020abe508,0xffffffff82656ed8 process=0xffff800020adc700 user=0xffff800023de8000, vmspace=0xfffffd807f00ba10 estcpu=36, cpticks=2, pctcpu=0.0 user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 8445 348093 99862 0 2 0 syz-executor.1 * 8445 411977 99862 0 7 0x4000000 syz-executor.1 51237 60757 99402 0 2 0x2 syz-executor.0 99862 373427 99402 0 2 0x482 syz-executor.1 13594 149755 1 0 3 0x100083 ttyin getty 61663 102084 0 0 3 0x14200 bored sosplice 99402 486541 44488 0 3 0x82 thrsleep syz-fuzzer 99402 288974 44488 0 7 0x4000482 syz-fuzzer 99402 56550 44488 0 3 0x4000082 thrsleep syz-fuzzer 99402 289512 44488 0 3 0x4000082 thrsleep syz-fuzzer 99402 80115 44488 0 3 0x4000082 thrsleep syz-fuzzer 99402 227065 44488 0 3 0x4000082 nanosleep syz-fuzzer 99402 342763 44488 0 3 0x4000082 kqread syz-fuzzer 99402 131447 44488 0 3 0x4000082 thrsleep syz-fuzzer 99402 327131 44488 0 3 0x4000082 thrsleep syz-fuzzer 99402 129206 44488 0 3 0x4000082 thrsleep syz-fuzzer 44488 53900 22644 0 3 0x10008a pause ksh 22644 210547 69329 0 3 0x92 select sshd 69329 377702 1 0 3 0x80 select sshd 33155 246286 3415 74 3 0x100092 bpf pflogd 3415 497143 1 0 3 0x80 netio pflogd 52325 238096 71173 73 3 0x100090 kqread syslogd 71173 226869 1 0 3 0x100082 netio syslogd 5576 37797 1 77 3 0x100090 poll dhclient 35630 434639 1 0 3 0x80 poll dhclient 53728 188394 0 0 3 0x14200 pgzero zerothread 46734 121628 0 0 3 0x14200 aiodoned aiodoned 48243 130467 0 0 3 0x14200 syncer update 92751 56888 0 0 3 0x14200 cleaner cleaner 35622 282960 0 0 3 0x14200 reaper reaper 79181 345371 0 0 3 0x14200 pgdaemon pagedaemon 6644 269824 0 0 3 0x14200 bored crynlk 31079 114625 0 0 3 0x14200 bored crypto 60352 185989 0 0 3 0x40014200 acpi0 acpi0 47343 349357 0 0 3 0x40014200 idle1 25379 518237 0 0 3 0x14200 bored softnet 7231 115265 0 0 3 0x14200 bored systqmp 14977 274827 0 0 3 0x14200 bored systq 78423 463689 0 0 3 0x40014200 bored softclock 58289 236231 0 0 3 0x40014200 idle0 76862 267926 0 0 3 0x14200 bored smr 1 315171 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 8445 (syz-executor.1) thread 0xffff800020abec70 (411977) exclusive rwlock netlock r = 0 (0xffffffff82487d08) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 solock+0x5a sys/kern/uipc_socket2.c:282 #2 sys_connect+0x6b sys/kern/uipc_syscalls.c:362 #3 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #3 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #4 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 2 (0xffffffff82644840) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 syscall+0x400 mi_syscall sys/sys/syscall_mi.h:83 [inline] #1 syscall+0x400 sys/arch/amd64/amd64/trap.c:555 #2 Xsyscall+0x128 Process 51237 (syz-executor.0) thread 0xffff800020abeee8 (60757) exclusive rrwlock inode r = 0 (0xfffffd806e310a30) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 rw_enter+0x447 sys/kern/kern_rwlock.c:306 #2 rrw_enter+0x4f sys/kern/kern_rwlock.c:435 #3 ufs_ihashins+0x45 sys/ufs/ufs/ufs_ihash.c:140 #4 ffs_vget+0x13e sys/ufs/ffs/ffs_vfsops.c:1352 #5 ffs_inode_alloc+0x1cf sys/ufs/ffs/ffs_alloc.c:392 #6 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1164 #7 VOP_MKDIR+0xc6 sys/kern/vfs_vops.c:450 #8 domkdirat+0x121 sys/kern/vfs_syscalls.c:2983 #9 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #9 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #10 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd807e37fe78) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 rw_enter+0x447 sys/kern/kern_rwlock.c:306 #2 rrw_enter+0x4f sys/kern/kern_rwlock.c:435 #3 VOP_LOCK+0xf0 sys/kern/vfs_vops.c:615 #4 vn_lock+0x81 sys/kern/vfs_vnops.c:574 #5 vfs_lookup+0xe6 sys/kern/vfs_lookup.c:419 #6 namei+0x63c sys/kern/vfs_lookup.c:249 #7 domkdirat+0x75 sys/kern/vfs_syscalls.c:2968 #8 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #8 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #9 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9684 7527K 8287K 78643K 42061 0 0 pcb 13 13K 15K 78643K 2774 0 0 rtable 136 15K 15K 78643K 10088 0 0 ifaddr 123 33K 37K 78643K 3000 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 4K 78643K 2253 0 0 iov 0 0K 32K 78643K 2624 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1218 76K 77K 78643K 13701 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 9K 78643K 201 0 0 VM map 80 40K 40K 78643K 148 0 0 sem 12 1K 1K 78643K 17 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1808 196K 290K 78643K 12765 0 0 file desc 5 13K 25K 78643K 14653 0 0 sigio 0 0K 0K 78643K 1081 0 0 proc 62 63K 95K 78643K 5969 0 0 subproc 32 2K 2K 78643K 1654 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 1252 0 0 in_multi 43 2K 3K 78643K 1935 0 0 ether_multi 1 0K 0K 78643K 160 0 0 mrt 2 0K 0K 78643K 85 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 102 450K 450K 78643K 102 0 0 exec 0 0K 1K 78643K 2905 0 0 pfkey data 0 0K 4K 78643K 8 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 263 774K 790K 78643K 52227 0 0 UVM aobj 130 9K 9K 78643K 134 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 4387 0 0 NDP 31 1K 1K 78643K 965 0 0 temp 295 3562K 4202K 78643K 459195 0 0 kqueue 0 0K 0K 78643K 94 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 330 0 325 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 1029 0 1027 1 0 1 1 0 8 0 rtentry 112 1755 0 1708 2 0 2 2 0 8 0 unpcb 120 6400 0 6383 8 7 1 2 0 8 0 syncache 264 81 0 81 29 28 1 1 0 8 1 sackhl 24 2 0 2 2 2 0 1 0 8 0 tcpqe 32 11 0 11 10 10 0 1 0 8 0 tcpcb 544 14692 0 14687 108 107 1 13 0 8 0 inpcb 280 36058 0 36048 115 113 2 13 0 8 1 rttmr 72 27 0 26 3 2 1 1 0 8 0 ip6q 72 5 0 5 3 3 0 1 0 8 0 ip6af 40 10 0 10 2 2 0 1 0 8 0 nd6 48 260 0 257 8 7 1 1 0 8 0 pkpcb 40 73 0 73 28 28 0 1 0 8 0 swfcl 56 6 0 0 1 0 1 1 0 8 0 ppxss 1128 464 0 464 32 31 1 1 0 8 1 pffrag 232 317 0 317 40 39 1 1 0 482 1 pffrnode 88 309 0 309 40 39 1 1 0 8 1 pffrent 40 6754 0 6754 39 38 1 1 0 8 1 pfosfp 40 846 0 423 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 1127 0 1062 1 0 1 1 0 8 0 pfstkey 112 1131 0 1066 5 2 3 3 0 8 0 pfstate 328 1131 0 1066 13 6 7 8 0 8 0 pfrule 1360 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 51 0 50 27 26 1 4 0 8 0 art_heap4 256 7618 0 7323 83 63 20 21 0 8 0 art_table 32 7669 0 7373 3 0 3 3 0 8 0 art_node 16 1744 0 1700 1 0 1 1 0 8 0 sysvmsgpl 40 38 0 31 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 15 0 5 1 0 1 1 0 8 0 shmpl 112 132 0 4 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 23788 0 22292 49 0 49 49 0 8 0 ffsino 272 23788 0 22292 103 3 100 101 0 8 0 nchpl 144 48812 0 48317 61 40 21 61 0 8 0 uvmvnodes 72 7835 0 0 143 0 143 143 0 8 0 vnodes 208 7835 0 0 413 0 413 413 0 8 0 namei 1024 165105 0 165104 7 6 1 1 0 8 0 percpumem 16 30 0 0 1 0 1 1 0 8 0 vcpupl 1984 80 0 2 10 0 10 10 0 8 0 vmpool 552 146 0 68 8 2 6 6 0 8 0 scsiplug 64 14 0 14 9 9 0 1 0 8 0 scxspl 192 146552 0 146552 85 84 1 7 0 8 1 plimitpl 152 1126 0 1118 1 0 1 1 0 8 0 sigapl 432 14573 0 14558 3 1 2 3 0 8 0 futexpl 56 332727 0 332727 3 2 1 1 0 8 1 knotepl 112 3755 0 3736 7 6 1 3 0 8 0 kqueuepl 104 5893 0 5890 24 23 1 4 0 8 0 pipepl 112 11566 0 11545 30 29 1 2 0 8 0 fdescpl 488 14574 0 14558 3 0 3 3 0 8 0 filepl 152 135998 0 135892 135 130 5 14 0 8 0 lockfpl 104 5125 0 5124 1 0 1 1 0 8 0 lockfspl 48 1706 0 1705 1 0 1 1 0 8 0 sessionpl 112 114 0 103 1 0 1 1 0 8 0 pgrppl 48 396 0 385 1 0 1 1 0 8 0 ucredpl 96 16854 0 16843 1 0 1 1 0 8 0 zombiepl 144 14564 0 14564 6 5 1 1 0 8 1 processpl 896 14596 0 14564 4 0 4 4 0 8 0 procpl 632 46477 0 46435 7 2 5 5 0 8 1 srpgc 64 141 0 141 36 35 1 1 0 8 1 sosppl 128 222 0 222 44 43 1 1 0 8 1 sockpl 384 44051 0 44022 195 191 4 23 0 8 0 mcl64k 65536 1023 0 0 115 77 38 98 0 8 2 mcl16k 16384 49 0 0 7 4 3 3 0 8 0 mcl12k 12288 53 0 0 2 0 2 2 0 8 0 mcl9k 9216 37 0 0 2 0 2 2 0 8 0 mcl8k 8192 33 0 0 5 2 3 3 0 8 0 mcl4k 4096 34 0 0 4 1 3 3 0 8 0 mcl2k2 2112 10 0 0 1 0 1 1 0 8 0 mcl2k 2048 327 0 0 26 8 18 24 0 8 0 mtagpl 80 253 0 0 4 1 3 4 0 8 0 mbufpl 256 1234 0 0 60 0 60 60 0 8 0 bufpl 256 51792 0 43479 520 0 520 520 0 8 0 anonpl 16 1746949 0 1730340 366 269 97 100 0 124 10 amapchunkpl 152 106131 0 105997 159 139 20 20 0 158 13 amappl16 192 80526 0 79345 463 395 68 72 0 8 8 amappl15 184 1607 0 1606 2 1 1 1 0 8 0 amappl14 176 3315 0 3312 1 0 1 1 0 8 0 amappl13 168 2304 0 2303 15 14 1 1 0 8 0 amappl12 160 1462 0 1461 2 1 1 1 0 8 0 amappl11 152 2632 0 2615 1 0 1 1 0 8 0 amappl10 144 1529 0 1524 1 0 1 1 0 8 0 amappl9 136 3465 0 3458 1 0 1 1 0 8 0 amappl8 128 3005 0 2933 5 2 3 3 0 8 0 amappl7 120 1943 0 1935 1 0 1 1 0 8 0 amappl6 112 2364 0 2345 1 0 1 1 0 8 0 amappl5 104 2332 0 2317 1 0 1 1 0 8 0 amappl4 96 13900 0 13861 17 15 2 2 0 8 1 amappl3 88 4021 0 4010 1 0 1 1 0 8 0 amappl2 80 112176 0 112096 3 1 2 3 0 8 0 amappl1 72 338097 0 337656 26 16 10 20 0 8 0 amappl 80 48589 0 48500 4 1 3 3 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 133 0 4 3 0 3 3 0 8 0 uaddrrnd 24 14720 0 14558 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 14720 0 14558 1 0 1 1 0 8 0 vmmpekpl 168 114933 0 114885 6 3 3 3 0 8 0 vmmpepl 168 1868845 0 1866306 564 409 155 161 0 357 31 vmsppl 368 14573 0 14558 2 0 2 2 0 8 0 pdppl 4096 29447 0 29330 22 7 15 16 0 8 0 pvpl 32 4423067 0 4404748 680 467 213 220 0 265 28 pmappl 232 14719 0 14626 8 2 6 6 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 1096 0 307 25 1 24 24 0 8 0