kernel: protection fault trap, code=0
Stopped at sys_msgrcv+0x2df: movq 0x10(%r13),%rdi
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
the kernel did not panic
ddb{1}> trace
sys_msgrcv(ffff8000ffff1510,ffff8000215120c8,ffff800021512110) at sys_msgrcv+0x2df msg_copyout sys/kern/sysv_msg.c:639 [inline]
sys_msgrcv(ffff8000ffff1510,ffff8000215120c8,ffff800021512110) at sys_msgrcv+0x2df sys/kern/sysv_msg.c:349
syscall(ffff800021512190) at syscall+0x438 mi_syscall sys/sys/syscall_mi.h:101 [inline]
syscall(ffff800021512190) at syscall+0x438 sys/arch/amd64/amd64/trap.c:599
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xc39782acfb0, count: -3
ddb{1}> show registers
rdi 0x1b
rsi 0x20003b08
rbp 0xffff8000215120b0
rbx 0x1b
rdx 0xffff80002150d000
rcx 0
rax 0
r8 0x7f7fffffc000
r9 0x1
r10 0x5dfc8098ec9deee
r11 0xafc63d6f66a616ed
r12 0xfffffd8072b38f28
r13 0xdeadbeefdeadbeef
r14 0xffff800000bf7000
r15 0x8
rip 0xffffffff8222a11f sys_msgrcv+0x2df
cs 0x8
rflags 0x10202 __ALIGN_SIZE+0xf202
rsp 0xffff800021512020
ss 0x10
sys_msgrcv+0x2df: movq 0x10(%r13),%rdi
ddb{1}> show proc
PROC (syz-executor.5) pid=180681 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=36, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff02b0,0xffff8000ffff17c0
process=0xffff8000213f0018 user=0xffff80002150d000, vmspace=0xfffffd80697aae70
estcpu=36, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
99138 478496 40808 0 7 0 syz-executor.5
99138 230952 40808 0 3 0x4000080 msgwait syz-executor.5
*99138 180681 40808 0 7 0x4000000 syz-executor.5
99138 494216 40808 0 3 0x4000080 msgwait syz-executor.5
99138 312635 40808 0 3 0x4000080 fsleep syz-executor.5
99138 117412 40808 0 2 0x4000000 syz-executor.5
99138 84502 40808 0 2 0x4000000 syz-executor.5
43449 156421 87809 0 3 0x80 nanoslp syz-executor.1
43449 344057 87809 0 3 0x4000080 msgwait syz-executor.1
43449 380720 87809 0 3 0x4000080 fsleep syz-executor.1
43449 436230 87809 0 3 0x4000080 msgwait syz-executor.1
43449 352733 87809 0 3 0x4000080 msgwait syz-executor.1
43449 394643 87809 0 3 0x4000080 fsleep syz-executor.1
50482 357005 23749 0 3 0x80 nanoslp syz-executor.7
50482 359006 23749 0 3 0x4000080 msgwait syz-executor.7
50482 62577 23749 0 3 0x4000080 msgwait syz-executor.7
50482 131253 23749 0 3 0x4000080 msgwait syz-executor.7
50482 41578 23749 0 3 0x4000080 fsleep syz-executor.7
50482 336938 23749 0 3 0x4000080 fsleep syz-executor.7
51647 6481 82929 0 3 0x80 nanoslp syz-executor.6
51647 521150 82929 0 3 0x4000080 msgwait syz-executor.6
51647 249152 82929 0 3 0x4000080 fsleep syz-executor.6
51647 71395 82929 0 3 0x4000080 msgwait syz-executor.6
51647 471449 82929 0 3 0x4000080 msgwait syz-executor.6
51647 193233 82929 0 3 0x4000080 fsleep syz-executor.6
59261 221126 45676 0 3 0x80 nanoslp syz-executor.2
59261 490117 45676 0 3 0x4000080 msgwait syz-executor.2
59261 519154 45676 0 3 0x4000080 msgwait syz-executor.2
59261 147243 45676 0 3 0x4000080 msgwait syz-executor.2
59261 365838 45676 0 3 0x4000080 fsleep syz-executor.2
59261 471863 45676 0 3 0x4000080 fsleep syz-executor.2
18641 124776 50814 0 3 0x80 nanoslp syz-executor.3
18641 271157 50814 0 3 0x4000080 msgwait syz-executor.3
18641 179618 50814 0 3 0x4000080 fsleep syz-executor.3
18641 151504 50814 0 3 0x4000080 msgwait syz-executor.3
18641 302374 50814 0 3 0x4000080 msgwait syz-executor.3
18641 408364 50814 0 3 0x4000080 fsleep syz-executor.3
18641 258697 50814 0 3 0x4000080 fsleep syz-executor.3
59682 458975 87334 0 3 0x80 nanoslp syz-executor.0
59682 335977 87334 0 3 0x4000080 msgwait syz-executor.0
59682 474493 87334 0 3 0x4000080 fsleep syz-executor.0
59682 375221 87334 0 3 0x4000080 msgwait syz-executor.0
59682 212907 87334 0 3 0x4000080 msgwait syz-executor.0
59682 322634 87334 0 3 0x4000080 fsleep syz-executor.0
59682 382136 87334 0 3 0x4000080 fsleep syz-executor.0
52405 359997 86146 0 3 0x80 nanoslp syz-executor.4
52405 193241 86146 0 3 0x4000080 msgwait syz-executor.4
52405 1948 86146 0 3 0x4000080 fsleep syz-executor.4
52405 459545 86146 0 3 0x4000080 msgwait syz-executor.4
52405 53410 86146 0 3 0x4000080 msgwait syz-executor.4
52405 481024 86146 0 3 0x4000080 fsleep syz-executor.4
50814 370497 49091 0 3 0x82 nanoslp syz-executor.3
23749 268037 49091 0 3 0x82 nanoslp syz-executor.7
87334 386856 49091 0 3 0x82 nanoslp syz-executor.0
40808 226632 49091 0 3 0x82 nanoslp syz-executor.5
86146 16258 49091 0 3 0x82 nanoslp syz-executor.4
45676 438519 49091 0 3 0x82 nanoslp syz-executor.2
82929 95175 49091 0 3 0x82 nanoslp syz-executor.6
87809 171110 49091 0 3 0x82 nanoslp syz-executor.1
49091 513154 58060 0 3 0x82 wait syz-execprog
49091 204581 58060 0 3 0x4000082 thrsleep syz-execprog
49091 498039 58060 0 3 0x4000082 wait syz-execprog
49091 71126 58060 0 3 0x4000082 wait syz-execprog
49091 229649 58060 0 3 0x4000082 thrsleep syz-execprog
49091 418904 58060 0 3 0x4000082 wait syz-execprog
49091 69229 58060 0 3 0x4000082 thrsleep syz-execprog
49091 491688 58060 0 3 0x4000082 wait syz-execprog
49091 510509 58060 0 3 0x4000082 thrsleep syz-execprog
49091 21027 58060 0 3 0x4000082 wait syz-execprog
49091 222974 58060 0 3 0x4000082 wait syz-execprog
49091 18720 58060 0 3 0x4000082 wait syz-execprog
49091 350854 58060 0 3 0x4000082 thrsleep syz-execprog
49091 115499 58060 0 3 0x4000082 kqread syz-execprog
49091 148539 58060 0 3 0x4000082 thrsleep syz-execprog
58060 218844 80 0 3 0x10008a sigsusp ksh
80 508461 21889 0 3 0x9a kqread sshd
86372 458591 1 0 3 0x100083 ttyin getty
21889 260224 1 0 3 0x88 kqread sshd
78353 189157 37429 73 3 0x1100090 kqread syslogd
37429 155061 1 0 3 0x100082 netio syslogd
38297 474587 1 0 3 0x100080 kqread resolvd
87321 225382 35490 77 3 0x100092 kqread dhcpleased
13036 219052 35490 77 3 0x100092 kqread dhcpleased
35490 189255 1 0 3 0x80 kqread dhcpleased
25085 522248 0 0 3 0x14200 bored smr
24457 313045 0 0 3 0x14200 pgzero zerothread
51282 145477 0 0 3 0x14200 aiodoned aiodoned
45245 3076 0 0 3 0x14200 syncer update
32927 94833 0 0 3 0x14200 cleaner cleaner
94713 113519 0 0 3 0x14200 reaper reaper
73111 29774 0 0 3 0x14200 pgdaemon pagedaemon
39717 71436 0 0 3 0x14200 bored viomb
79412 493519 0 0 3 0x40014200 acpi0 acpi0
70652 6885 0 0 3 0x40014200 idle1
59683 468944 0 0 3 0x14200 bored softnet
78284 165291 0 0 3 0x14200 bored softnet
70228 426378 0 0 3 0x14200 bored softnet
18808 307370 0 0 3 0x14200 bored softnet
27799 157185 0 0 3 0x14200 bored systqmp
52324 293475 0 0 3 0x14200 bored systq
72627 2665 0 0 3 0x40014200 bored softclock
11418 456831 0 0 3 0x40014200 idle0
1 442172 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 99138 (syz-executor.5) thread 0xffff8000ffff1510 (180681)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff829ee4c8)
#0 witness_lock+0x44d
#1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227
#2 mi_switch+0x3bb sys/kern/sched_bsd.c:415
#3 sleep_finish+0x180 sys/kern/kern_synch.c:417
#4 rw_enter+0x35a sys/kern/kern_rwlock.c:286
#5 uvmfault_lookup+0xc9 sys/uvm/uvm_fault.c:1773
#6 uvm_fault_check+0x3a sys/uvm/uvm_fault.c:673
#7 uvm_fault+0xf2 sys/uvm/uvm_fault.c:601
#8 kpageflttrap+0x22e sys/arch/amd64/amd64/trap.c:277
#9 kerntrap+0xef sys/arch/amd64/amd64/trap.c:332
#10 alltraps_kern_meltdown+0x7b
#11 copyout+0x53
#12 syscall+0x438 mi_syscall sys/sys/syscall_mi.h:101 [inline]
#12 syscall+0x438 sys/arch/amd64/amd64/trap.c:599
#13 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10185 6408K 6420K 78643K 11275 0
pcb 13 8K 8K 78643K 13 0
rtable 234 6K 6K 78643K 351 0
ifaddr 71 16K 16K 78643K 73 0
counters 60 35K 35K 78643K 60 0
ioctlops 0 0K 2K 78643K 27 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 4 0
vnodes 1167 73K 73K 78643K 1180 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 1K 78643K 2 0
VM map 2 1K 1K 78643K 2 0
sem 2 0K 0K 78643K 2 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 18 65K 89K 78643K 165 0
proc 55 78K 103K 78643K 463 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 99 6K 6K 78643K 99 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 25 122K 122K 78643K 25 0
exec 0 0K 1K 78643K 362 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 8 62K 64K 78643K 10 0
UVM amap 294 75K 75K 78643K 2857 0
UVM aobj 3 2K 2K 78643K 3 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 11 0K 2K 78643K 27 0
temp 84 4686K 4750K 78643K 4005 0
kqueue 12 18K 18K 78643K 25 0
SYN cache 2 16K 16K 78643K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 22 0 0 1 0 1 1 0 8 0
rtpcb 120 37 0 34 1 0 1 1 0 8 0
rtentry 112 111 0 1 4 0 4 4 0 8 0
unpcb 144 33 0 20 1 0 1 1 0 8 0
syncache 296 5 0 5 2 1 1 1 0 8 1
tcpqe 32 85 0 85 1 1 0 1 0 8 0
tcpcb 776 8 0 5 1 0 1 1 0 8 0
arp 120 18 0 0 1 0 1 1 0 8 0
inpcb 368 57 0 51 1 0 1 1 0 8 0
nd6 48 24 0 0 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 452 0 0 29 0 29 29 0 8 0
art_table 32 453 0 0 4 0 4 4 0 8 0
art_node 16 110 0 10 1 0 1 1 0 8 0
sysvmsgpl 40 128 0 128 1 0 1 1 0 8 1
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 1502 0 72 90 0 90 90 0 8 0
ffsino 272 1502 0 72 96 0 96 96 0 8 0
nchpl 144 1783 0 115 63 0 63 63 0 8 0
uvmvnodes 80 1511 0 0 31 0 31 31 0 8 0
vnodes 216 1511 0 0 84 0 84 84 0 8 0
namei 1024 5916 0 5916 3 1 2 2 0 8 2
percpumem 16 42 0 0 1 0 1 1 0 8 0
kstatmem 264 22 0 0 2 0 2 2 0 8 0
scxspl 216 6076 0 6076 10 9 1 8 0 8 1
plimitpl 152 25 0 10 1 0 1 1 0 8 0
sigapl 424 460 0 414 6 0 6 6 0 8 0
futexpl 64 337 0 320 1 0 1 1 0 8 0
knotepl 120 106 0 0 4 0 4 4 0 8 0
kqueuepl 216 21 0 13 1 0 1 1 0 8 0
pipepl 320 132 0 104 4 1 3 3 0 8 0
fdescpl 496 443 0 414 6 1 5 5 0 8 0
filepl 152 1531 0 1403 6 0 6 6 0 8 0
lockfpl 104 6 0 4 1 0 1 1 0 8 0
lockfspl 48 4 0 2 1 0 1 1 0 8 0
sessionpl 144 25 0 9 1 0 1 1 0 8 0
pgrppl 48 25 0 9 1 0 1 1 0 8 0
ucredpl 104 66 0 56 1 0 1 1 0 8 0
zombiepl 144 414 0 414 2 1 1 1 0 8 1
processpl 1072 460 0 414 4 0 4 4 0 8 0
procpl 672 655 0 552 9 0 9 9 0 8 0
sockpl 488 127 0 105 4 0 4 4 0 8 1
mcl8k 8192 3 0 0 1 0 1 1 0 8 0
mcl4k 4096 4 0 0 1 0 1 1 0 8 0
mcl2k 2048 256 0 0 32 0 32 32 0 8 0
mtagpl 96 1 0 0 1 0 1 1 0 8 0
mbufpl 256 303 0 0 19 0 19 19 0 8 0
bufpl 288 3994 0 138 276 0 276 276 0 8 0
anonpl 24 124278 0 117118 60 15 45 46 0 186 1
amapchunkpl 152 7526 0 6891 27 1 26 26 0 158 1
amappl16 200 2150 0 2071 9 4 5 5 0 8 0
amappl15 192 4 0 4 1 1 0 1 0 8 0
amappl14 184 153 0 141 2 0 2 2 0 8 0
amappl13 176 20 0 19 2 1 1 1 0 8 0
amappl12 168 399 0 397 2 1 1 1 0 8 0
amappl11 160 49 0 39 1 0 1 1 0 8 0
amappl10 152 30 0 20 2 1 1 1 0 8 0
amappl9 144 931 0 931 2 1 1 1 0 8 1
amappl8 136 127 0 99 3 1 2 2 0 8 0
amappl7 128 135 0 119 2 0 2 2 0 8 0
amappl6 120 156 0 148 1 0 1 1 0 8 0
amappl5 112 112 0 106 1 0 1 1 0 8 0
amappl4 104 490 0 462 2 0 2 2 0 8 1
amappl3 96 743 0 666 2 0 2 2 0 8 0
amappl2 88 779 0 708 3 0 3 3 0 8 1
amappl1 80 12862 0 12035 24 2 22 22 0 8 5
amappl 88 2400 0 2195 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 2 0 0 1 0 1 1 0 8 0
uaddrrnd 24 443 0 414 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 443 0 414 1 0 1 1 0 8 0
vmmpekpl 168 9612 0 9587 2 0 2 2 0 8 0
vmmpepl 168 46582 0 44279 115 9 106 106 0 357 5
vmsppl 368 442 0 414 4 0 4 4 0 8 1
rwobjpl 56 16897 0 14129 44 1 43 43 0 8 4
pdppl 4096 893 0 828 103 36 67 77 0 8 2
pvpl 32 307185 0 294760 287 20 267 267 0 265 166
pmappl 248 442 0 414 4 1 3 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 662 0 39 19 0 19 19 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{0}> trace
x86_ipi_db(ffffffff8296fff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__mp_lock(ffffffff829ee2c0) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff829ee2c0) at __mp_lock+0x122 sys/kern/kern_lock.c:147
softintr_dispatch(0) at softintr_dispatch+0x4e sys/arch/amd64/amd64/softintr.c:88
Xsoftclock() at Xsoftclock+0x1f
end of kernel
end trace frame: 0x7f7ffffbee30, count: -6
ddb{0}> machine ddbcpu 1
Stopped at sys_msgrcv+0x2df: movq 0x10(%r13),%rdi
ddb{1}>