login: kernel: privileged instruction fault trap, code=0
Stopped at vmptrld+0xb: rdrand 0(%rdi)
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
the kernel did not panic
ddb{0}> trace
vmptrld() at vmptrld+0xb
vm_create(ffff800000a24000,ffff800020ec7398) at vm_create+0x304 vcpu_init sys/arch/amd64/amd64/vmm.c:3586 [inline]
vm_create(ffff800000a24000,ffff800020ec7398) at vm_create+0x304 sys/arch/amd64/amd64/vmm.c:1482
VOP_IOCTL(fffffd806e331dd0,c5005601,ffff800000a24000,1,fffffd807f7bf6c0,ffff800020ec7398) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290
vn_ioctl(fffffd806787b6a0,c5005601,ffff800000a24000,ffff800020ec7398) at vn_ioctl+0xba sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800020ec7398,ffff800021fad928,ffff800021fad970) at sys_ioctl+0x4a5
syscall(ffff800021fad9f0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800021fad9f0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1a10cc09b60, count: -7
ddb{0}> show registers
rdi 0xffff800021f9b1d0
rsi 0x1
rbp 0xffff800021fad5e0
rbx 0xffff800021f9ae80
rdx 0x1d72 __ALIGN_SIZE+0xd72
rcx 0x11e57ed0 __kernel_phys_end+0xf657ed0
rax 0xfffffd8067430000
r8 0
r9 0
r10 0x4
r11 0x6af430a6764f86fe
r12 0x1
r13 0
r14 0xffff800021f9ae80
r15 0xffff800021f9b1d0
rip 0xffffffff81ed6bd1 vmptrld+0xb
cs 0x8
rflags 0x10202 __ALIGN_SIZE+0xf202
rsp 0xffff800021fad5a8
ss 0x10
vmptrld+0xb: rdrand 0(%rdi)
ddb{0}> show proc
PROC (syz-executor.1) pid=118511 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=32, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff800020ec69d8,0xffffffff826651b0
process=0xffff800020e92ba8 user=0xffff800021fa8000, vmspace=0xfffffd807efff8a0
estcpu=36, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
2915 443207 3496 0 2 0 syz-executor.0
2915 518512 3496 0 2 0x4000000 syz-executor.0
37766 122856 56948 0 2 0 syz-executor.1
37766 51196 56948 0 7 0x4000000 syz-executor.1
37766 150058 56948 0 2 0x4000000 syz-executor.1
*37766 118511 56948 0 7 0x4000000 syz-executor.1
56948 305118 95719 0 3 0x82 nanosleep syz-executor.1
3496 226227 95719 0 3 0x82 nanosleep syz-executor.0
95719 351991 75281 0 3 0x82 thrsleep syz-fuzzer
95719 98999 75281 0 3 0x4000082 thrsleep syz-fuzzer
95719 146555 75281 0 3 0x4000082 thrsleep syz-fuzzer
95719 476665 75281 0 3 0x4000082 thrsleep syz-fuzzer
95719 305254 75281 0 3 0x4000082 thrsleep syz-fuzzer
95719 213926 75281 0 3 0x4000082 thrsleep syz-fuzzer
95719 348176 75281 0 3 0x4000082 thrsleep syz-fuzzer
95719 264638 75281 0 3 0x4000082 thrsleep syz-fuzzer
95719 188328 75281 0 3 0x4000082 thrsleep syz-fuzzer
95719 887 75281 0 3 0x4000082 kqread syz-fuzzer
75281 411213 7864 0 3 0x10008a pause ksh
7864 22545 25694 0 3 0x92 select sshd
30064 299968 1 0 3 0x100083 ttyin getty
25694 414801 1 0 3 0x80 select sshd
1785 340609 61323 74 3 0x100092 bpf pflogd
61323 403018 1 0 3 0x80 netio pflogd
1450 293152 15355 73 3 0x100090 kqread syslogd
15355 36774 1 0 3 0x100082 netio syslogd
50952 362876 1 77 3 0x100090 poll dhclient
57252 317612 1 0 3 0x80 poll dhclient
34947 479671 0 0 3 0x14200 bored smr
37045 48857 0 0 2 0x14200 zerothread
9907 485166 0 0 3 0x14200 aiodoned aiodoned
57126 420408 0 0 3 0x14200 syncer update
37195 85384 0 0 3 0x14200 cleaner cleaner
33602 278872 0 0 3 0x14200 reaper reaper
63763 331115 0 0 3 0x14200 pgdaemon pagedaemon
41114 227894 0 0 3 0x14200 bored crynlk
49279 447287 0 0 3 0x14200 bored crypto
99354 404853 0 0 3 0x40014200 acpi0 acpi0
8680 389459 0 0 3 0x40014200 idle1
64691 128975 0 0 3 0x14200 bored softnet
95216 445743 0 0 3 0x14200 bored systqmp
40223 403005 0 0 3 0x14200 bored systq
81948 139631 0 0 3 0x40014200 bored softclock
95833 122301 0 0 3 0x40014200 idle0
1 309675 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 37766 (syz-executor.1) thread 0xffff800020ec7398 (118511)
exclusive rwlock vmlistlock r = 0 (0xffff800000678878)
#0 witness_lock+0x4c7 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4c7 sys/kern/subr_witness.c:1164
#1 rw_enter+0x453 sys/kern/kern_rwlock.c:311
#2 vm_create+0x130 vm_impl_init sys/arch/amd64/amd64/vmm.c:1642 [inline]
#2 vm_create+0x130 sys/arch/amd64/amd64/vmm.c:1463
#3 VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290
#4 vn_ioctl+0xba sys/kern/vfs_vnops.c:531
#5 sys_ioctl+0x4a5
#6 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#6 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
#7 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff8266f830)
#0 witness_lock+0x4c7 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4c7 sys/kern/subr_witness.c:1164
#1 __mp_acquire_count+0x51 sys/kern/kern_lock.c:227
#2 mi_switch+0x392 sys/kern/sched_bsd.c:435
#3 sleep_finish+0x113 sys/kern/kern_synch.c:418
#4 rw_enter+0x3d6 sys/kern/kern_rwlock.c:287
#5 vm_create+0x130 vm_impl_init sys/arch/amd64/amd64/vmm.c:1642 [inline]
#5 vm_create+0x130 sys/arch/amd64/amd64/vmm.c:1463
#6 VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290
#7 vn_ioctl+0xba sys/kern/vfs_vnops.c:531
#8 sys_ioctl+0x4a5
#9 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#9 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
#10 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9475 6398K 6722K 78643K 10638 0
pcb 13 8K 8K 78643K 23 0
rtable 109 3K 3K 78643K 207 0
ifaddr 45 10K 10K 78643K 48 0
counters 43 33K 33K 78643K 43 0
ioctlops 1 2K 4K 78643K 1475 0
iov 0 0K 24K 78643K 4 0
mount 1 1K 1K 78643K 1 0
vnodes 1223 77K 77K 78643K 1253 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 3 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 16 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1809 196K 290K 78643K 12766 0
file desc 6 17K 25K 78643K 80 0
proc 60 63K 95K 78643K 442 0
subproc 32 2K 2K 78643K 34 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 33 2K 2K 78643K 33 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 49 228K 228K 78643K 49 0
exec 0 0K 1K 78643K 218 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 147 40K 40K 78643K 1194 0
UVM aobj 4 2K 2K 78643K 6 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 6 0K 0K 78643K 10 0
temp 67 3036K 3116K 78643K 6150 0
kqueue 3 4K 5K 78643K 7 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 7 0 0 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 80 19 0 17 1 0 1 1 0 8 0
rtentry 112 48 0 2 2 0 2 2 0 8 0
unpcb 120 47 0 37 1 0 1 1 0 8 0
syncache 264 4 0 4 1 1 0 1 0 8 0
tcpqe 32 103 0 103 1 0 1 1 0 8 1
tcpcb 544 16 0 12 1 0 1 1 0 8 0
inpcb 280 146 0 139 2 0 2 2 0 8 1
nd6 48 6 0 0 1 0 1 1 0 8 0
pfosfp 40 846 0 423 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfstitem 24 14 0 0 1 0 1 1 0 8 0
pfstkey 112 14 0 0 1 0 1 1 0 8 0
pfstate 328 14 0 0 2 0 2 2 0 8 0
pfrule 1360 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 195 0 0 13 0 13 13 0 8 0
art_table 32 196 0 0 2 0 2 2 0 8 0
art_node 16 47 0 6 1 0 1 1 0 8 0
semupl 112 2 0 2 1 0 1 1 0 8 1
semapl 112 12 0 2 1 0 1 1 0 8 0
shmpl 112 4 0 2 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 1494 0 86 89 0 89 89 0 8 0
ffsino 272 1494 0 86 95 0 95 95 0 8 0
nchpl 144 1785 0 178 60 0 60 60 0 8 0
uvmvnodes 72 1556 0 0 29 0 29 29 0 8 0
vnodes 208 1556 0 0 82 0 82 82 0 8 0
namei 1024 4735 0 4735 1 0 1 1 0 8 1
percpumem 16 32 0 0 1 0 1 1 0 8 0
vcpupl 1984 2 0 1 1 0 1 1 0 8 0
vmpool 560 2 0 1 1 0 1 1 0 8 0
scxspl 192 4532 0 4532 4 1 3 3 0 8 3
plimitpl 152 19 0 11 1 0 1 1 0 8 0
sigapl 424 295 0 263 4 0 4 4 0 8 0
futexpl 56 777 0 777 1 0 1 1 0 8 1
knotepl 112 63 0 44 1 0 1 1 0 8 0
kqueuepl 144 6 0 4 1 0 1 1 0 8 0
pipelkpl 48 82 0 72 1 0 1 1 0 8 0
pipepl 120 164 0 145 1 0 1 1 0 8 0
fdescpl 496 280 0 263 3 0 3 3 0 8 0
filepl 152 1519 0 1417 5 0 5 5 0 8 1
lockfpl 104 13 0 12 1 0 1 1 0 8 0
lockfspl 48 7 0 6 1 0 1 1 0 8 0
sessionpl 112 18 0 7 1 0 1 1 0 8 0
pgrppl 48 18 0 7 1 0 1 1 0 8 0
ucredpl 96 145 0 136 1 0 1 1 0 8 0
zombiepl 144 263 0 263 1 0 1 1 0 8 1
processpl 984 295 0 263 5 0 5 5 0 8 0
procpl 624 407 0 362 4 0 4 4 0 8 0
sockpl 400 212 0 193 3 0 3 3 0 8 1
mcl64k 65536 1 0 0 1 0 1 1 0 8 0
mcl12k 12288 2 0 0 1 0 1 1 0 8 0
mcl8k 8192 1 0 0 1 0 1 1 0 8 0
mcl4k 4096 2 0 0 1 0 1 1 0 8 0
mcl2k 2048 205 0 0 25 0 25 25 0 8 0
mtagpl 80 2 0 0 1 0 1 1 0 8 0
mbufpl 256 229 0 0 14 0 14 14 0 8 0
bufpl 280 3443 0 145 236 0 236 236 0 8 0
anonpl 16 39599 0 25436 59 1 58 58 0 124 0
amapchunkpl 152 1235 0 1093 8 0 8 8 0 158 2
amappl16 192 1025 0 279 38 0 38 38 0 8 0
amappl15 184 3 0 1 1 0 1 1 0 8 0
amappl14 176 68 0 63 1 0 1 1 0 8 0
amappl13 168 73 0 68 1 0 1 1 0 8 0
amappl12 160 4 0 2 2 1 1 1 0 8 0
amappl11 152 51 0 36 1 0 1 1 0 8 0
amappl10 144 23 0 15 1 0 1 1 0 8 0
amappl9 136 369 0 366 1 0 1 1 0 8 0
amappl8 128 361 0 321 2 0 2 2 0 8 0
amappl7 120 121 0 108 1 0 1 1 0 8 0
amappl6 112 32 0 23 1 0 1 1 0 8 0
amappl5 104 179 0 163 1 0 1 1 0 8 0
amappl4 96 480 0 451 1 0 1 1 0 8 0
amappl3 88 112 0 101 1 0 1 1 0 8 0
amappl2 80 1362 0 1272 2 0 2 2 0 8 0
amappl1 72 17136 0 16570 23 9 14 18 0 8 3
amappl 80 655 0 605 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 5 0 2 1 0 1 1 0 8 0
uaddrrnd 24 282 0 264 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 282 0 264 1 0 1 1 0 8 0
vmmpekpl 168 8243 0 8207 2 0 2 2 0 8 0
vmmpepl 168 45170 0 42875 116 5 111 111 0 357 11
vmsppl 368 281 0 264 2 0 2 2 0 8 0
pdppl 4096 572 0 529 6 0 6 6 0 8 0
pvpl 32 153912 0 135712 152 0 152 152 0 265 5
pmappl 232 281 0 264 2 0 2 2 0 8 0
extentpl 40 46 0 29 1 0 1 1 0 8 0
phpool 112 264 0 3 8 0 8 8 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
vmptrld() at vmptrld+0xb
vm_create(ffff800000a24000,ffff800020ec7398) at vm_create+0x304 vcpu_init sys/arch/amd64/amd64/vmm.c:3586 [inline]
vm_create(ffff800000a24000,ffff800020ec7398) at vm_create+0x304 sys/arch/amd64/amd64/vmm.c:1482
VOP_IOCTL(fffffd806e331dd0,c5005601,ffff800000a24000,1,fffffd807f7bf6c0,ffff800020ec7398) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290
vn_ioctl(fffffd806787b6a0,c5005601,ffff800000a24000,ffff800020ec7398) at vn_ioctl+0xba sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800020ec7398,ffff800021fad928,ffff800021fad970) at sys_ioctl+0x4a5
syscall(ffff800021fad9f0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800021fad9f0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1a10cc09b60, count: -7
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800020e00ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:352
x86_ipi_handler() at x86_ipi_handler+0xc6 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__mp_lock(ffffffff8266f628) at __mp_lock+0x127 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff8266f628) at __mp_lock+0x127 sys/kern/kern_lock.c:147
sys_futex(ffff800020ec6c48,ffff800021f90ee0,ffff800021f90f30) at sys_futex+0xf6 sys/kern/sys_futex.c:109
syscall(ffff800021f90fb0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800021f90fb0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1a13f1b5f10, count: -7