login: kernel: protection fault trap, code=0
Stopped at klist_invalidate+0xd9: movq 0x8(%r14),%r11
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
the kernel did not panic
ddb> trace
klist_invalidate(ffff8000012d92a8) at klist_invalidate+0xd9 klist_lock sys/kern/kern_event.c:2317 [inline]
klist_invalidate(ffff8000012d92a8) at klist_invalidate+0xd9 sys/kern/kern_event.c:2283
bpfsdetach(ffff8000012a2780) at bpfsdetach+0xff sys/net/bpf.c:1800
bpfdetach(ffff80000129d800) at bpfdetach+0x76
if_detach(ffff80000129d800) at if_detach+0x14f sys/net/if.c:1193
tun_clone_destroy(ffff80000129d800) at tun_clone_destroy+0x2aa sys/net/if_tun.c:338
if_clone_destroy(ffff80002d9df4d0) at if_clone_destroy+0x1d7 sys/net/if.c:1382
sys_ioctl(ffff800036616020,ffff80002d9df6b0,ffff80002d9df600) at sys_ioctl+0x678
syscall(ffff80002d9df6b0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x4c8986763f0, count: -9
ddb> show registers
rdi 0xffff800030dec000
rsi 0xfb8d __ALIGN_SIZE+0xeb8d
rbp 0xffff80002d9df330
rbx 0xffffffff833e7d10 cdevsw+0x730
rdx 0xffff800030dec000
rcx 0xfb8c __ALIGN_SIZE+0xeb8c
rax 0xffffffff8220baa0 klist_invalidate+0xd0
r8 0x65
r9 0
r10 0x3a80e1498ea1cb4f
r11 0x91f528a87ee22df5
r12 0
r13 0xffff8000012d92a8
r14 0x8004060103f20002
r15 0x3
rip 0xffffffff8220baa9 klist_invalidate+0xd9
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002d9df2e0
ss 0x10
klist_invalidate+0xd9: movq 0x8(%r14),%r11
ddb> show proc
PROC (syz-executor) tid=343788 pid=71332 tcnt=2 stat=onproc
flags process=1000<SINGLEEXIT> proc=4080000<SUSPSINGLE,THREAD>
runpri=32, usrpri=57, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0xffff800036616a40 scnt=1 ecnt=0
forw=0xffffffffffffffff, list=0xffff800036616a40,0xffff800036612a58
process=0xffff8000ffff6ae8 user=0xffff80002d9da000, vmspace=0xfffffd807e43cc78
estcpu=7, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
90274 319055 71073 0 2 0x1 syz-executor
90274 324758 71073 0 3 0x4000080 fsleep syz-executor
67027 454199 45442 0 4 0x82000 syz-executor
67027 391270 45442 0 2 0x4082000 syz-executor
67027 501524 45442 0 4 0x4082000 syz-executor
67027 421542 45442 0 3 0x4002000 suspend syz-executor
45286 150343 14391 0 2 0 syz-executor
45286 382206 14391 0 2 0x4000000 syz-executor
45286 10755 14391 0 3 0x4000080 fsleep syz-executor
45286 233288 14391 0 3 0x4000080 fsleep syz-executor
13711 399628 82537 0 3 0x90 nanoslp syz-executor
13711 471298 82537 0 2 0x4000010 syz-executor
13711 411026 82537 0 3 0x4000010 inode syz-executor
13711 518948 82537 0 3 0x4000090 fsleep syz-executor
71332 268911 49542 0 3 0x3000 suspend syz-executor
*71332 343788 49542 0 7 0x4081000 syz-executor
85908 192043 1 0 3 0x100083 ttyin getty
49663 279757 46383 0 3 0x80 nanoslp syz-executor
49663 313901 46383 0 2 0x4000000 syz-executor
49663 425214 46383 0 3 0x4000080 fsleep syz-executor
49663 223854 46383 0 3 0x4000080 fsleep syz-executor
39370 343591 0 0 3 0x14200 bored sosplice
14391 304556 77896 0 3 0x82 nanoslp syz-executor
71073 96060 77896 0 3 0x82 nanoslp syz-executor
46383 458498 77896 0 3 0x82 nanoslp syz-executor
49542 375411 77896 0 3 0x82 nanoslp syz-executor
87923 43746 77896 0 2 0x2 syz-executor
86862 261625 77896 0 2 0x2 syz-executor
82537 465161 77896 0 3 0x82 nanoslp syz-executor
45442 323666 77896 0 3 0x82 nanoslp syz-executor
77896 266152 28062 0 3 0x82 kqread syz-executor
28062 275891 66416 0 3 0x10008a sigsusp ksh
66416 49380 75351 0 3 0x98 kqread sshd-session
75351 480625 18241 0 3 0x92 kqread sshd-session
18241 439599 1 0 3 0x88 kqread sshd
72802 178148 43560 73 3 0x1100090 kqread syslogd
43560 417726 1 0 3 0x100082 sbwait syslogd
68957 469568 1 0 3 0x100080 kqread resolvd
98565 176645 46353 77 3 0x100092 kqread dhcpleased
9111 490319 46353 77 3 0x100092 kqread dhcpleased
46353 321675 1 0 3 0x80 kqread dhcpleased
6248 7911 0 0 3 0x14200 bored smr
6831 251660 0 0 2 0x14200 zerothread
58533 290065 0 0 3 0x14200 aiodoned aiodoned
24888 208949 0 0 3 0x14200 syncer update
23027 265378 0 0 3 0x14200 cleaner cleaner
35331 273230 0 0 3 0x14200 reaper reaper
55572 415212 0 0 3 0x14200 pgdaemon pagedaemon
545 309917 0 0 3 0x14200 bored viomb
71580 223522 0 0 3 0x40014200 acpi0 acpi0
1020 456155 0 0 3 0x14200 bored softnet3
64070 301501 0 0 3 0x14200 bored softnet2
7551 253039 0 0 3 0x14200 bored softnet1
91912 39031 0 0 3 0x14200 bored softnet0
81166 217992 0 0 3 0x14200 bored systqmp
87278 380178 0 0 3 0x14200 bored systq
34921 268857 0 0 3 0x40014200 tmoslp softclock
77233 99326 0 0 3 0x40014200 idle0
1 10630 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10192 11117K 11369K 166960K 11513 0
pcb 18 15K 17K 166960K 82 0
rtable 176 4K 6K 166960K 435 0
pf 29 12K 21K 166960K 49 0
ifaddr 36 6K 7K 166960K 54 0
ifgroup 46 2K 2K 166960K 65 0
sysctl 2 0K 0K 166960K 2 0
counters 29 17K 17K 166960K 36 0
ioctlops 0 0K 4K 166960K 53 0
iov 0 0K 16K 166960K 26 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1431 90K 91K 166960K 1608 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 5 0
VM map 2 1K 1K 166960K 2 0
sem 7 0K 0K 166960K 7 0
dirhash 12 2K 2K 166960K 15 0
ACPI 1690 195K 286K 166960K 12468 0
file desc 16 57K 97K 166960K 364 0
sigio 0 0K 0K 166960K 8 0
proc 60 59K 116K 166960K 511 0
subproc 104 6K 6K 166960K 104 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 89 0
in_multi 81 6K 7K 166960K 108 0
ether_multi 1 0K 0K 166960K 1 0
mrt 0 0K 0K 166960K 1 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 97 440K 440K 166960K 97 0
exec 0 0K 1K 166960K 383 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 225 72K 76K 166960K 4922 0
UVM aobj 10 2K 2K 166960K 13 0
pinsyscall 37 74K 98K 166960K 1396 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 8 0
NDP 10 0K 1K 166960K 35 0
temp 40 6807K 6873K 166960K 7649 0
kqueue 13 20K 28K 166960K 60 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 154 0 151 4 1 3 3 0 8 2
rtentry 112 115 0 34 4 0 4 4 0 8 0
unpcb 144 278 0 260 4 3 1 4 0 8 0
syncache 336 4 0 4 1 1 0 1 0 8 0
tcpqe 32 1 0 1 1 1 0 1 0 8 0
tcpcb 808 50 0 45 1 0 1 1 0 8 0
arp 88 18 0 2 1 0 1 1 0 8 0
ipq 40 1 0 0 1 0 1 1 0 8 0
ipqe 40 1 0 0 1 0 1 1 0 8 0
inpcb 336 363 0 354 12 2 10 12 0 8 8
nd6 104 27 0 8 1 0 1 1 0 8 0
kcovpl 48 8 0 0 1 0 1 1 0 8 0
ppxss 1072 5 0 5 2 1 1 1 0 8 1
pfstitem 24 2 0 0 1 0 1 1 0 8 0
pfstkey 128 2 0 0 1 0 1 1 0 8 0
pfstate 344 1 0 0 1 0 1 1 0 8 0
pfrule 1344 1 0 1 1 0 1 1 0 8 1
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 488 0 129 29 2 27 29 0 8 1
art_table 32 489 0 129 4 0 4 4 0 8 0
art_node 16 114 0 41 1 0 1 1 0 8 0
sysvmsgpl 40 2 0 2 1 1 0 1 0 8 0
semapl 112 5 0 0 1 0 1 1 0 8 0
shmpl 112 10 0 3 1 0 1 1 0 8 0
dirhash 1024 19 0 2 3 0 3 3 0 8 0
dino2pl 256 1952 0 457 94 0 94 94 0 8 0
ffsino 240 1952 0 457 89 0 89 89 0 8 0
nchpl 144 2465 0 787 63 0 63 63 0 8 0
uvmvnodes 80 2221 0 0 46 0 46 46 0 8 0
vnodes 216 2221 0 0 124 0 124 124 0 8 0
namei 1024 7758 0 7757 2 1 1 2 0 8 0
kstatmem 264 34 0 14 2 0 2 2 0 8 0
scxspl 216 7127 0 7127 10 2 8 8 1 8 8
plimitpl 152 58 0 41 1 0 1 1 0 8 0
sigapl 424 647 0 602 7 1 6 7 0 8 0
futexpl 64 3506 0 3500 2 1 1 1 0 8 0
knotepl 120 12447 0 12399 17 8 9 10 0 8 7
kqueuepl 184 109 0 100 1 0 1 1 0 8 0
pipepl 288 125 0 97 4 1 3 3 0 8 0
fdescpl 432 630 0 602 5 1 4 5 0 8 0
filepl 120 2949 0 2696 17 3 14 14 0 8 5
lockfpl 104 61 0 58 1 0 1 1 0 8 0
lockfspl 48 29 0 26 1 0 1 1 0 8 0
sessionpl 144 23 0 15 1 0 1 1 0 8 0
pgrppl 48 38 0 22 1 0 1 1 0 8 0
ucredpl 104 312 0 300 1 0 1 1 0 8 0
zombiepl 144 648 0 647 1 0 1 1 0 8 0
processpl 1096 647 0 602 4 0 4 4 0 8 0
procpl 648 1011 0 952 6 0 6 6 0 8 0
sosppl 168 3 0 3 1 1 0 1 0 8 0
sockpl 504 796 0 766 37 20 17 29 0 8 12
mcl64k 65536 5 0 5 1 1 0 1 0 8 0
mcl8k 8192 11 0 11 1 1 0 1 0 8 0
mcl4k 4096 2855 0 2806 18 11 7 18 0 8 0
mcl2k 2048 349 0 344 3 2 1 3 0 8 0
mtagpl 96 16 0 9 1 0 1 1 0 8 0
mbufpl 256 7105 0 6975 19 6 13 19 0 8 1
bufpl 280 2479 0 96 171 0 171 171 0 8 0
anonpl 24 198634 0 195422 66 21 45 45 0 187 17
amapchunkpl 152 17169 0 16681 34 12 22 32 0 158 0
amappl16 200 5466 0 5441 26 11 15 15 0 8 10
amappl15 192 18 0 18 1 1 0 1 0 8 0
amappl14 184 119 0 109 1 0 1 1 0 8 0
amappl13 176 13 0 13 1 1 0 1 0 8 0
amappl12 168 1252 0 1224 3 1 2 3 0 8 0
amappl11 160 52 0 42 1 0 1 1 0 8 0
amappl10 152 15 0 15 1 1 0 1 0 8 0
amappl9 144 145 0 145 1 1 0 1 0 8 0
amappl8 136 25 0 24 1 0 1 1 0 8 0
amappl7 128 114 0 104 1 0 1 1 0 8 0
amappl6 120 162 0 161 1 0 1 1 0 8 0
amappl5 112 129 0 121 1 0 1 1 0 8 0
amappl4 104 292 0 276 1 0 1 1 0 8 0
amappl3 96 2917 0 2824 3 0 3 3 0 8 0
amappl2 88 902 0 827 2 0 2 2 0 8 0
amappl1 80 8233 0 7735 13 2 11 13 0 8 0
amappl 88 4550 0 4379 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 12 0 3 1 0 1 1 0 8 0
uaddrrnd 24 630 0 602 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 630 0 602 1 0 1 1 0 8 0
vmmpekpl 168 6372 0 6335 2 0 2 2 0 8 0
vmmpepl 168 48095 0 46416 98 10 88 88 0 357 5
vmsppl 352 629 0 602 4 1 3 4 0 8 0
rwobjpl 24 20641 0 17570 20 0 20 20 0 8 0
pdppl 4096 1267 0 1204 99 32 67 83 0 8 4
pvpl 32 370042 0 361422 140 28 112 112 0 265 23
pmappl 216 629 0 602 3 0 3 3 0 8 0
extentpl 40 55 0 38 1 0 1 1 0 8 0
phpool 112 417 0 82 10 0 10 10 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
klist_invalidate(ffff8000012d92a8) at klist_invalidate+0xd9 klist_lock sys/kern/kern_event.c:2317 [inline]
klist_invalidate(ffff8000012d92a8) at klist_invalidate+0xd9 sys/kern/kern_event.c:2283
bpfsdetach(ffff8000012a2780) at bpfsdetach+0xff sys/net/bpf.c:1800
bpfdetach(ffff80000129d800) at bpfdetach+0x76
if_detach(ffff80000129d800) at if_detach+0x14f sys/net/if.c:1193
tun_clone_destroy(ffff80000129d800) at tun_clone_destroy+0x2aa sys/net/if_tun.c:338
if_clone_destroy(ffff80002d9df4d0) at if_clone_destroy+0x1d7 sys/net/if.c:1382
sys_ioctl(ffff800036616020,ffff80002d9df6b0,ffff80002d9df600) at sys_ioctl+0x678
syscall(ffff80002d9df6b0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x4c8986763f0, count: -9
ddb> machine ddbcpu 1
No such command
ddb> trace
klist_invalidate(ffff8000012d92a8) at klist_invalidate+0xd9 klist_lock sys/kern/kern_event.c:2317 [inline]
klist_invalidate(ffff8000012d92a8) at klist_invalidate+0xd9 sys/kern/kern_event.c:2283
bpfsdetach(ffff8000012a2780) at bpfsdetach+0xff sys/net/bpf.c:1800
bpfdetach(ffff80000129d800) at bpfdetach+0x76
if_detach(ffff80000129d800) at if_detach+0x14f sys/net/if.c:1193
tun_clone_destroy(ffff80000129d800) at tun_clone_destroy+0x2aa sys/net/if_tun.c:338
if_clone_destroy(ffff80002d9df4d0) at if_clone_destroy+0x1d7 sys/net/if.c:1382
sys_ioctl(ffff800036616020,ffff80002d9df6b0,ffff80002d9df600) at sys_ioctl+0x678
syscall(ffff80002d9df6b0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x4c8986763f0, count: -9