kernel: protection fault trap, code=0
Stopped at lf_advlock+0x223: addl $0x1,0x28(%rbx)
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
the kernel did not panic
ddb{0}> trace
lf_advlock(ffff800000c34660,0,fffffd806843b9a0,8,ffff80002c92e8b8,30) at lf_advlock+0x223 ls_ref sys/kern/vfs_lockf.c:140 [inline]
lf_advlock(ffff800000c34660,0,fffffd806843b9a0,8,ffff80002c92e8b8,30) at lf_advlock+0x223 sys/kern/vfs_lockf.c:280
VOP_ADVLOCK(fffffd8069526008,fffffd806843b9a0,8,ffff80002c92e8b8,30) at VOP_ADVLOCK+0x71 sys/kern/vfs_vops.c:628
sys_flock(ffff8000fffe67f0,ffff80002c92e938,ffff80002c92e990) at sys_flock+0x1cd
syscall(ffff80002c92ea00) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002c92ea00) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x81391149400, count: -5
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80002c92e800
rbx 0xdeadbeefdeadbeef
rdx 0
rcx 0x5
rax 0xffff8000fffe67f0
r8 0xffff80002c92e8b8
r9 0x30
r10 0
r11 0xa0a93b4c29194722
r12 0xffff800000c34660
r13 0x8
r14 0xffff80002c92e8b8
r15 0
rip 0xffffffff81bcf5d3 lf_advlock+0x223
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002c92e760
ss 0x10
lf_advlock+0x223: addl $0x1,0x28(%rbx)
ddb{0}> show proc
PROC (syz-executor.6) pid=220583 stat=onproc
flags process=1010<SUGID,SINGLEEXIT> proc=4080000<SUSPSINGLE,THREAD>
pri=32, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff8000211657a0,0xffff8000fffe7d00
process=0xffff8000fffeb620 user=0xffff80002c929000, vmspace=0xfffffd8069169018
estcpu=36, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
20471 267681 33261 32767 3 0x4081010 lockflk syz-executor.6
*20471 220583 33261 32767 7 0x4081010 syz-executor.6
20471 222715 33261 32767 7 0x4081010 syz-executor.6
20471 366003 33261 32767 2 0x4081010 syz-executor.6
20471 158214 33261 32767 3 0x4003010 suspend syz-executor.6
20471 482591 33261 32767 2 0x4081010 syz-executor.6
33261 100074 61065 32767 2 0x490 syz-executor.6
61065 31659 25057 0 3 0x82 wait syz-executor.6
46628 80122 48374 32767 3 0x90 piperd syz-executor.7
48374 351647 25057 0 3 0x82 wait syz-executor.7
87499 300141 0 0 3 0x14200 bored sosplice
90491 49475 77528 32767 3 0x90 piperd syz-executor.5
18140 234057 42326 32767 3 0x90 nanoslp syz-executor.2
97102 97353 85210 32767 3 0x90 piperd syz-executor.3
42326 354880 25057 0 3 0x82 wait syz-executor.2
77528 193371 25057 0 3 0x82 wait syz-executor.5
21803 122096 78480 32767 3 0x90 piperd syz-executor.4
78480 21720 25057 0 3 0x82 wait syz-executor.4
85210 479159 25057 0 3 0x82 wait syz-executor.3
46327 180229 78425 32767 3 0x90 piperd syz-executor.1
75440 316648 7256 32767 3 0x90 piperd syz-executor.0
78425 381996 25057 0 3 0x82 wait syz-executor.1
7256 2764 25057 0 3 0x82 wait syz-executor.0
25057 124810 65643 0 3 0x82 thrsleep syz-fuzzer
25057 521916 65643 0 3 0x4000082 nanoslp syz-fuzzer
25057 155944 65643 0 3 0x4000082 thrsleep syz-fuzzer
25057 408659 65643 0 3 0x4000082 thrsleep syz-fuzzer
25057 180237 65643 0 3 0x4000082 thrsleep syz-fuzzer
25057 333145 65643 0 3 0x4000082 thrsleep syz-fuzzer
25057 54347 65643 0 3 0x4000082 kqread syz-fuzzer
25057 192447 65643 0 3 0x4000082 thrsleep syz-fuzzer
25057 45032 65643 0 3 0x4000082 thrsleep syz-fuzzer
25057 48553 65643 0 3 0x4000082 thrsleep syz-fuzzer
65643 141883 4501 0 3 0x10008a sigsusp ksh
4501 185251 33362 0 3 0x9a kqread sshd
4897 343380 1 0 3 0x100083 ttyin getty
33362 140597 1 0 3 0x88 kqread sshd
28795 70206 38086 73 3 0x1100090 kqread syslogd
38086 202138 1 0 3 0x100082 netio syslogd
77605 154214 1 0 3 0x100080 kqread resolvd
41158 123998 30791 77 3 0x100092 kqread dhcpleased
59094 320898 30791 77 3 0x100092 kqread dhcpleased
30791 422739 1 0 3 0x80 kqread dhcpleased
25842 361532 0 0 3 0x14200 bored smr
77732 357991 0 0 2 0x14200 zerothread
95988 306830 0 0 3 0x14200 aiodoned aiodoned
33531 385810 0 0 3 0x14200 syncer update
78612 286258 0 0 3 0x14200 cleaner cleaner
52127 200692 0 0 3 0x14200 reaper reaper
22332 26570 0 0 3 0x14200 pgdaemon pagedaemon
87632 189983 0 0 3 0x14200 bored viomb
3753 360681 0 0 3 0x40014200 acpi0 acpi0
97481 389567 0 0 3 0x40014200 idle1
31932 132263 0 0 3 0x14200 bored softnet
98638 107354 0 0 3 0x14200 bored softnet
96925 517121 0 0 3 0x14200 bored softnet
89393 435760 0 0 3 0x14200 bored softnet
13709 423100 0 0 3 0x14200 bored systqmp
83312 368510 0 0 3 0x14200 bored systq
96424 211477 0 0 2 0x40014200 softclock
80996 358286 0 0 3 0x40014200 idle0
1 52092 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
CPU 1:
exclusive sched_lock &sched_lock r = 0 (0xffffffff829df688)
#0 witness_lock+0x44d
#1 userret+0x229 single_thread_check sys/kern/kern_sig.c:2060 [inline]
#1 userret+0x229 sys/kern/kern_sig.c:2008
#2 intr_user_exit+0x3c
Process 20471 (syz-executor.6) thread 0xffff8000fffe67f0 (220583)
exclusive rwlock lockflk r = 0 (0xffffffff82976f50)
#0 witness_lock+0x44d
#1 lf_advlock+0x195 sys/kern/vfs_lockf.c:262
#2 VOP_ADVLOCK+0x71 sys/kern/vfs_vops.c:628
#3 sys_flock+0x1cd
#4 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#4 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#5 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10204 6412K 6420K 78643K 11314 0
pcb 13 16K 20K 78643K 19 0
rtable 240 6K 7K 78643K 620 0
ifaddr 81 17K 17K 78643K 125 0
sysctl 3 1K 1K 78643K 3 0
counters 56 35K 35K 78643K 68 0
ioctlops 0 0K 2K 78643K 53 0
iov 0 0K 16K 78643K 288 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 5 0
vnodes 1271 79K 79K 78643K 1937 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 36 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 981 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 19 69K 121K 78643K 3665 0
sigio 0 0K 0K 78643K 90 0
proc 56 78K 115K 78643K 927 0
subproc 104 6K 6K 78643K 182 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 2365 0
in_multi 99 6K 7K 78643K 238 0
ether_multi 1 0K 0K 78643K 29 0
mrt 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 223 996K 996K 78643K 223 0
exec 0 0K 2K 78643K 1354 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 259 86K 90K 78643K 23309 0
UVM aobj 131 4K 4K 78643K 143 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 343 0
NDP 11 0K 2K 78643K 45 0
temp 124 4734K 4798K 78643K 12367 0
kqueue 12 18K 26K 78643K 336 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 22 0 0 1 0 1 1 0 8 0
rtpcb 120 359 0 356 8 7 1 3 0 8 0
rtentry 112 182 0 69 4 0 4 4 0 8 0
unpcb 136 4503 0 4490 36 33 3 9 0 8 2
syncache 296 27 0 27 6 6 0 1 0 8 0
sackhl 24 1 0 1 1 1 0 1 0 8 0
tcpqe 32 13 0 13 5 5 0 1 0 8 0
tcpcb 736 3973 0 3956 108 97 11 31 0 8 8
arp 120 30 0 12 1 0 1 1 0 8 0
ipq 40 1 0 0 1 0 1 1 0 8 0
ipqe 40 4 0 3 1 0 1 1 0 8 0
inpcb 312 7341 0 7331 78 69 9 17 0 8 7
nd6 48 47 0 20 1 0 1 1 0 8 0
kcovpl 48 14 0 6 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 733 0 271 29 0 29 29 0 8 0
art_table 32 734 0 271 4 0 4 4 0 8 0
art_node 16 181 0 78 1 0 1 1 0 8 0
sysvmsgpl 40 18 0 7 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 978 0 968 1 0 1 1 0 8 0
shmpl 112 140 0 12 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 6118 0 4678 91 0 91 91 0 8 0
ffsino 272 6118 0 4678 97 0 97 97 0 8 0
nchpl 144 10938 0 9303 63 0 63 63 0 8 0
uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0
vnodes 224 5926 0 0 349 0 349 349 0 8 0
namei 1024 38399 0 38399 4 3 1 2 0 8 1
percpumem 16 46 0 6 1 0 1 1 0 8 0
kstatmem 264 34 0 12 2 0 2 2 0 8 0
scxspl 216 34776 0 34776 21 19 2 8 0 8 2
plimitpl 152 1062 0 1040 3 2 1 2 0 8 0
sigapl 424 3930 0 3881 7 0 7 7 0 8 0
futexpl 64 32308 0 32308 4 3 1 1 0 8 1
knotepl 120 644 0 0 17 0 17 17 0 8 0
kqueuepl 216 875 0 867 15 12 3 5 0 8 2
pipepl 336 868 0 840 22 16 6 8 0 8 3
fdescpl 496 3912 0 3882 7 2 5 6 0 8 0
filepl 152 29878 0 29640 69 54 15 21 0 8 5
lockfpl 104 479 0 477 2 1 1 2 0 8 0
lockfspl 48 102 0 100 1 0 1 1 0 8 0
sessionpl 144 29 0 13 1 0 1 1 0 8 0
pgrppl 48 41 0 25 1 0 1 1 0 8 0
ucredpl 96 3769 0 3751 1 0 1 1 0 8 0
zombiepl 144 3882 0 3881 1 0 1 1 0 8 0
processpl 1064 3930 0 3881 5 1 4 5 0 8 0
procpl 672 10816 0 10752 14 6 8 8 0 8 1
sosppl 168 38 0 38 7 6 1 1 0 8 1
sockpl 480 12436 0 12410 238 222 16 35 0 8 11
mcl64k 65536 22 0 0 3 1 2 3 0 8 0
mcl16k 16384 13 0 0 2 0 2 2 0 8 0
mcl12k 12288 25 0 0 2 0 2 2 0 8 0
mcl9k 9216 19 0 0 2 0 2 2 0 8 0
mcl8k 8192 17 0 0 3 0 3 3 0 8 0
mcl4k 4096 17 0 0 3 1 2 3 0 8 0
mcl2k2 2112 4 0 0 1 0 1 1 0 8 0
mcl2k 2048 217 0 0 20 1 19 20 0 8 0
mtagpl 96 2 0 0 1 0 1 1 0 8 0
mbufpl 256 519 0 0 26 0 26 26 0 8 0
bufpl 288 8876 0 2549 453 0 453 453 0 8 0
anonpl 24 758434 0 746358 165 67 98 106 0 186 14
amapchunkpl 152 67671 0 67104 52 23 29 36 0 158 3
amappl16 200 10366 0 10019 77 49 28 32 0 8 8
amappl15 192 1786 0 1785 1 0 1 1 0 8 0
amappl14 184 1194 0 1186 1 0 1 1 0 8 0
amappl13 176 117 0 114 1 0 1 1 0 8 0
amappl12 168 439 0 437 1 0 1 1 0 8 0
amappl11 160 523 0 505 1 0 1 1 0 8 0
amappl10 152 84 0 75 1 0 1 1 0 8 0
amappl9 144 533 0 527 1 0 1 1 0 8 0
amappl8 136 1431 0 1353 3 0 3 3 0 8 0
amappl7 128 855 0 840 1 0 1 1 0 8 0
amappl6 120 279 0 257 2 1 1 2 0 8 0
amappl5 112 2537 0 2521 1 0 1 1 0 8 0
amappl4 104 2540 0 2509 2 0 2 2 0 8 0
amappl3 96 11699 0 11653 2 0 2 2 0 8 0
amappl2 88 4421 0 4358 3 1 2 3 0 8 0
amappl1 80 95294 0 94673 22 6 16 19 0 8 0
amappl 88 22633 0 22480 6 1 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 142 0 12 3 0 3 3 0 8 0
uaddrrnd 24 3912 0 3882 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 3912 0 3882 1 0 1 1 0 8 0
vmmpekpl 168 34150 0 34101 3 0 3 3 0 8 0
vmmpepl 168 384138 0 381857 172 39 133 134 0 357 12
vmsppl 368 3911 0 3882 4 0 4 4 0 8 0
rwobjpl 56 102115 0 94772 111 3 108 108 0 8 2
pdppl 4096 7831 0 7764 214 133 81 93 0 8 14
pvpl 32 1555208 0 1538366 317 138 179 257 0 265 27
pmappl 248 3911 0 3882 4 1 3 3 0 8 0
extentpl 40 58 0 38 1 0 1 1 0 8 0
phpool 112 1164 0 323 25 0 25 25 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
lf_advlock(ffff800000c34660,0,fffffd806843b9a0,8,ffff80002c92e8b8,30) at lf_advlock+0x223 ls_ref sys/kern/vfs_lockf.c:140 [inline]
lf_advlock(ffff800000c34660,0,fffffd806843b9a0,8,ffff80002c92e8b8,30) at lf_advlock+0x223 sys/kern/vfs_lockf.c:280
VOP_ADVLOCK(fffffd8069526008,fffffd806843b9a0,8,ffff80002c92e8b8,30) at VOP_ADVLOCK+0x71 sys/kern/vfs_vops.c:628
sys_flock(ffff8000fffe67f0,ffff80002c92e938,ffff80002c92e990) at sys_flock+0x1cd
syscall(ffff80002c92ea00) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002c92ea00) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x81391149400, count: -5
ddb{0}> machine ddbcpu 1