kernel: protection fault trap, code=0
Stopped at __x86_indirect_thunk_r11+0x14: ret
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
the kernel did not panic
ddb{1}> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
spec_write(ffff80002efec340) at spec_write+0x120 sys/kern/spec_vnops.c:302
VOP_WRITE(fffffd807c6c05f0,ffff80002efec560,1,fffffd80097fb340) at VOP_WRITE+0x102 sys/kern/vfs_vops.c:245
vn_write(fffffd806c0c42d0,ffff80002efec560,0) at vn_write+0x1d4 sys/kern/vfs_vnops.c:408
dofilewritev(ffff8000383f8550,3,ffff80002efec560,0,ffff80002efec620) at dofilewritev+0x23c sys/kern/sys_generic.c:380
sys_writev(ffff8000383f8550,ffff80002efec6d0,ffff80002efec620) at sys_writev+0xd8 sys/kern/sys_generic.c:327
syscall(ffff80002efec6d0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002efec6d0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa860f2a8fe0, count: -8
ddb{1}> show registers
rdi 0xffff800001411000
rsi 0xfffffd8066e63400
rbp 0xffff80002efec290
rbx 0
rdx 0xffff80002efec130
rcx 0
rax 0
r8 0x7f7fffffc000
r9 0x1
r10 0x7dbff3e3cfb88d3e
r11 0x65bd900000000
r12 0
r13 0xffff800001411000
r14 0xffff8000014dba00
r15 0xffff8000014dbac8
rip 0xffffffff82152304 __x86_indirect_thunk_r11+0x14
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002efec120
ss 0x10
__x86_indirect_thunk_r11+0x14: ret
ddb{1}> show proc
PROC (syz-executor) tid=361259 pid=15222 tcnt=2 stat=onproc
flags process=1000<SINGLEEXIT> proc=4080000<SUSPSINGLE,THREAD>
runpri=0, usrpri=60, slppri=0, nice=20
wchan=0x0, wmesg=, ps_single=0xffff8000ffff07d0 scnt=1 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000ffff07d0,0xffff8000383f99e0
process=0xffff8000fffe9858 user=0xffff80002efe7000, vmspace=0xfffffd806c1e9b60
estcpu=10, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
96017 353465 64858 0 2 0x2 sh
11906 240532 82082 0 2 0 syz-executor
3561 260716 26862 0 3 0x2 clonelk ifconfig
26862 168724 57486 0 3 0x10008a sigsusp sh
83470 261111 28426 0 3 0x2 smrbar ifconfig
36240 155487 37097 0 3 0x2 clonelk ifconfig
37097 8129 43901 0 3 0x10008a sigsusp sh
28426 206734 83748 0 3 0x10008a sigsusp sh
98591 349450 69231 0 2 0x2 ifconfig
57486 318430 82082 0 3 0x82 wait syz-executor
43901 295034 82082 0 3 0x82 wait syz-executor
83748 229615 82082 0 3 0x82 wait syz-executor
69231 88731 29017 0 3 0x10008a sigsusp sh
29017 122752 82082 0 3 0x82 wait syz-executor
64858 131617 82082 0 7 0x10000002 syz-executor
68442 241009 82082 0 3 0x2 clonelk syz-executor
44715 302526 1 0 3 0x3010 suspend syz-executor
44715 458778 1 0 2 0x4081010 syz-executor
1541 375456 0 0 3 0x14200 acct acct
66316 234567 1 0 3 0x3000 suspend syz-executor
66316 253604 1 0 2 0x4081000 syz-executor
15222 87254 1 0 3 0x3000 suspend syz-executor
*15222 361259 1 0 7 0x4081000 syz-executor
55431 344160 1 0 2 0x3000 syz-executor
42642 167435 1 0 3 0x100083 ttyin getty
72089 95859 0 0 3 0x14200 bored sosplice
82082 371828 79805 0 2 0x10000002 syz-executor
79805 450090 55416 0 3 0x10008a sigsusp ksh
55416 174284 6350 0 3 0x98 kqread sshd-session
6350 211627 59556 0 3 0x92 kqread sshd-session
59556 60671 1 0 3 0x88 kqread sshd
10236 224948 76815 74 3 0x1100092 bpf pflogd
76815 11327 1 0 3 0x80 sbwait pflogd
12540 281187 80082 73 3 0x1100090 kqread syslogd
80082 437078 1 0 3 0x100082 sbwait syslogd
57364 158707 1 0 3 0x100080 kqread resolvd
89390 162593 10186 77 3 0x100092 kqread dhcpleased
32307 409709 10186 77 3 0x100092 kqread dhcpleased
10186 195392 1 0 3 0x80 kqread dhcpleased
30461 263169 0 0 3 0x14200 bored smr
82690 306751 0 0 2 0x14200 zerothread
72036 137940 0 0 3 0x14200 aiodoned aiodoned
7029 287102 0 0 3 0x14200 syncer update
62116 519638 0 0 3 0x14200 cleaner cleaner
6177 375926 0 0 3 0x14200 reaper reaper
57454 72376 0 0 3 0x14200 pgdaemon pagedaemon
13515 89134 0 0 3 0x14200 bored viomb
92557 181968 0 0 3 0x40014200 acpi0 acpi0
84820 101906 0 0 3 0x40014200 idle1
15233 174553 0 0 3 0x14200 bored softnet3
33330 75436 0 0 3 0x14200 bored softnet2
34835 236502 0 0 2 0x14200 softnet1
55712 522928 0 0 3 0x14200 bored softnet0
60199 111926 0 0 3 0x14200 bored systqmp
25270 218271 0 0 3 0x14200 bored systq
1701 491005 0 0 3 0x14200 tmoslp softclockmp
6320 347019 0 0 3 0x40014200 tmoslp softclock
13331 18504 0 0 3 0x40014200 idle0
1 521971 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{1}> show all locks
Process 83470 (ifconfig) thread 0xffff8000ffff0f80 (261111)
exclusive rwlock clonelk r = 0 (0xffffffff837fdb08)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x377 sys/kern/kern_rwlock.c:310
#2 if_clone_destroy+0x67 sys/net/if.c:-1
#3 ifioctl+0x5c5 sys/net/if.c:-1
#4 sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1
#5 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#5 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579
#6 Xsyscall+0x128
Process 15222 (syz-executor) thread 0xffff8000383f8550 (361259)
exclusive rwlock netlock r = 0 (0xffffffff837fdbf0)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x377 sys/kern/kern_rwlock.c:310
#2 bpfwrite+0x313 sys/net/bpf.c:681
#3 spec_write+0x120 sys/kern/spec_vnops.c:302
#4 VOP_WRITE+0x102 sys/kern/vfs_vops.c:245
#5 vn_write+0x1d4 sys/kern/vfs_vnops.c:408
#6 dofilewritev+0x23c sys/kern/sys_generic.c:380
#7 sys_writev+0xd8 sys/kern/sys_generic.c:327
#8 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#8 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579
#9 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff8392d428)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 __mp_acquire_count+0x58 sys/kern/kern_lock.c:-1
#2 sleep_finish+0x2da sys/kern/kern_synch.c:366
#3 msleep_nsec+0x141 sys/kern/kern_synch.c:219
#4 pool_get+0x431 sys/kern/subr_pool.c:604
#5 m_clget+0x392 sys/kern/uipc_mbuf.c:-1
#6 bpf_movein+0x2d2 sys/net/bpf.c:227
#7 bpfwrite+0x1fa sys/net/bpf.c:664
#8 spec_write+0x120 sys/kern/spec_vnops.c:302
#9 VOP_WRITE+0x102 sys/kern/vfs_vops.c:245
#10 vn_write+0x1d4 sys/kern/vfs_vnops.c:408
#11 dofilewritev+0x23c sys/kern/sys_generic.c:380
#12 sys_writev+0xd8 sys/kern/sys_generic.c:327
#13 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#13 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579
#14 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10250 11687K 12083K 166960K 13171 0
pcb 17 13K 13K 166960K 132 0
rtable 139 14K 16K 166960K 515 0
pf 34 17K 67486K 166960K 92 0
ifaddr 30 4K 7K 166960K 75 0
ifgroup 56 2K 2K 166960K 119 0
sysctl 4 1K 9K 166960K 15 0
counters 66 36K 37K 166960K 114 0
ioctlops 0 0K 4K 166960K 1568 0
iov 0 0K 20K 166960K 84 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1528 96K 96K 166960K 2944 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 13 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 35 0
dirhash 12 2K 2K 166960K 15 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 24 86K 94K 166960K 1031 0
sigio 0 0K 0K 166960K 21 0
proc 100 140K 152K 166960K 740 0
subproc 108 6K 7K 166960K 324 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 222 0
in_multi 52 3K 7K 166960K 144 0
ether_multi 1 0K 0K 166960K 1 0
mrt 1 0K 0K 166960K 2 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 79 360K 360K 166960K 79 0
exec 0 0K 1K 166960K 632 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 4 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 274 197K 214K 166960K 10550 0
UVM aobj 82 4K 4K 166960K 86 0
pinsyscall 49 98K 104K 166960K 2256 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 1 0K 1K 166960K 67 0
NDP 11 0K 2K 166960K 51 0
temp 68 8691K 8757K 166960K 41029 0
kqueue 16 22K 32K 166960K 145 0
SYN cache 2 16K 16K 166960K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 204 0 201 3 2 1 3 0 8 0
rtentry 176 157 0 103 6 0 6 6 0 8 0
unpcb 144 474 0 452 6 5 1 6 0 8 0
syncache 336 6 0 6 4 4 0 1 0 8 0
tcpcb 736 404 0 398 10 9 1 7 0 8 0
arp 128 27 0 17 1 0 1 1 0 8 0
inpcb 328 1079 0 1065 14 12 2 7 0 8 0
nd6 144 34 0 22 1 0 1 1 0 8 0
pkpcb 40 7 0 7 1 1 0 1 0 8 0
kcovpl 48 36 0 24 1 0 1 1 0 8 0
mppekey 1024 1 0 1 1 1 0 1 0 8 0
ppxss 1192 12 0 12 2 2 0 1 0 8 0
pppxif 1504 1 0 1 1 1 0 1 0 8 0
pffrag 232 8 0 8 1 1 0 1 0 482 0
pffrnode 88 7 0 7 1 1 0 1 0 8 0
pffrent 40 11 0 11 1 1 0 1 0 8 0
pfosfp 40 1429 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1429 0 714 21 0 21 21 0 8 0
pfstitem 24 51 0 49 1 0 1 1 0 8 0
pfstkey 128 53 0 51 2 0 2 2 0 8 1
pfstate 384 53 0 51 5 1 4 5 0 8 3
pfrule 1344 22 0 17 2 1 1 2 0 8 0
rttmr 136 1 0 1 1 1 0 1 0 8 0
art_heap8 4096 2 0 0 2 0 2 2 0 8 0
art_heap4 256 667 0 423 29 4 25 29 0 8 2
art_table 32 669 0 423 4 0 4 4 0 8 0
art_node 16 156 0 110 1 0 1 1 0 8 0
sysvmsgpl 40 7 0 5 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 28 0 18 1 0 1 1 0 8 0
shmpl 112 83 0 4 3 0 3 3 0 8 0
dirhash 1024 19 0 2 3 0 3 3 0 8 0
dino2pl 256 3108 0 1580 96 0 96 96 0 8 0
ffsino 288 3108 0 1580 111 1 110 110 0 8 0
nchpl 144 4326 0 2606 64 0 64 64 0 8 0
rtmask 32 1 0 1 1 1 0 1 0 8 0
uvmvnodes 80 4354 0 0 89 0 89 89 0 8 0
vnodes 216 4354 0 0 242 0 242 242 0 8 0
namei 1024 15471 0 15471 3 2 1 2 0 8 1
percpumem 16 72 0 24 1 0 1 1 0 8 0
kstatmem 264 64 0 36 3 0 3 3 0 8 0
scsiplug 72 4 0 4 3 3 0 1 0 8 0
scxspl 216 15719 0 15719 10 9 1 8 1 8 1
plimitpl 152 178 0 155 1 0 1 1 0 8 0
sigapl 424 1288 0 1229 8 1 7 7 0 8 0
knotepl 120 556 0 0 17 0 17 17 0 8 0
kqueuepl 224 409 0 399 9 8 1 5 0 8 0
pipepl 336 259 0 225 4 0 4 4 0 8 0
fdescpl 520 1267 0 1229 3 0 3 3 0 8 0
filepl 160 8420 0 8145 20 8 12 20 0 8 0
lockfpl 104 268 0 266 1 0 1 1 0 8 0
lockfspl 48 103 0 101 1 0 1 1 0 8 0
sessionpl 144 47 0 38 1 0 1 1 0 8 0
pgrppl 48 98 0 76 1 0 1 1 0 8 0
ucredpl 104 1365 0 1351 1 0 1 1 0 8 0
zombiepl 144 1236 0 1229 1 0 1 1 0 8 0
processpl 1240 1288 0 1229 5 0 5 5 0 8 0
procpl 656 2587 0 2525 7 1 6 7 0 8 0
srpgc 96 14 0 12 3 2 1 1 0 8 0
sosppl 168 3 0 3 2 2 0 1 0 8 0
sockpl 728 1782 0 1743 27 23 4 20 0 8 0
mcl64k 65536 4 0 0 1 0 1 1 0 8 0
mcl16k 16384 1 0 0 1 0 1 1 0 8 0
mcl9k 9216 3 0 0 1 0 1 1 0 8 0
mcl8k 8192 8 0 0 1 0 1 1 0 8 0
mcl4k 4096 133 0 0 17 0 17 17 0 8 0
mcl2k2 2112 1 0 0 1 0 1 1 0 8 0
mcl2k 2048 41 559 20 4 0 4 4 0 8 1
mtagpl 96 154 0 0 4 0 4 4 0 8 0
mbufpl 256 2572 0 0 161 0 161 161 0 8 0
bufpl 280 7159 0 1017 439 0 439 439 0 8 0
anonpl 32 10733 0 0 87 0 87 87 0 246 0
amapchunkpl 152 33320 0 32723 38 8 30 32 0 158 5
amappl16 200 3895 0 3865 44 31 13 22 0 8 8
amappl15 192 5 0 5 1 1 0 1 0 8 0
amappl14 184 123 0 111 1 0 1 1 0 8 0
amappl13 176 6 0 6 1 1 0 1 0 8 0
amappl12 168 2006 0 1969 3 1 2 2 0 8 0
amappl11 160 51 0 36 1 0 1 1 0 8 0
amappl10 152 27 0 27 1 1 0 1 0 8 0
amappl9 144 266 0 266 1 1 0 1 0 8 0
amappl8 136 22 0 19 1 0 1 1 0 8 0
amappl7 128 165 0 153 1 0 1 1 0 8 0
amappl6 120 228 0 215 1 0 1 1 0 8 0
amappl5 112 153 0 139 1 0 1 1 0 8 0
amappl4 104 340 0 320 1 0 1 1 0 8 0
amappl3 96 6748 0 6629 4 0 4 4 0 8 0
amappl2 88 719 0 644 2 0 2 2 0 8 0
amappl1 80 12261 0 11632 15 1 14 14 0 8 0
amappl 88 9637 0 9443 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 7 0 7 2 2 0 1 0 8 0
dma128 128 256 0 256 4 4 0 1 0 8 0
dma64 64 7 0 7 2 2 0 1 0 8 0
dma32 32 8 0 8 2 2 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 85 0 4 2 0 2 2 0 8 0
uaddrrnd 24 1267 0 1229 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1267 0 1229 1 0 1 1 0 8 0
vmmpekpl 168 11313 0 11239 4 0 4 4 0 8 0
vmmpepl 168 85596 0 83473 114 13 101 105 0 357 4
vmsppl 480 1266 0 1229 5 0 5 5 0 8 0
rwobjpl 72 28275 0 22736 102 1 101 101 0 8 0
pdppl 4096 2541 0 2458 125 38 87 87 0 8 4
pvpl 32 18393 0 0 150 1 149 149 0 265 0
pmappl 256 1266 0 1229 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 580 0 62 15 0 15 15 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
ddb{0}> trace
x86_ipi_db(ffffffff8381dff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff8392d220) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline]
__mp_lock(ffffffff8392d220) at __mp_lock+0x192 sys/kern/kern_lock.c:165
softintr_dispatch(0) at softintr_dispatch+0x12a sys/kern/kern_softintr.c:83
dosoftint(0) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:847
Xsoftclock() at Xsoftclock+0x27
__mp_lock(ffffffff8392d220) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline]
__mp_lock(ffffffff8392d220) at __mp_lock+0x192 sys/kern/kern_lock.c:165
syscall(ffff80002a2fab30) at syscall+0xae6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a2fab30) at syscall+0xae6 sys/arch/amd64/amd64/trap.c:579
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7ad53c7771c0, count: -10
ddb{0}> machine ddbcpu 1