Warning: Permanently added '10.128.1.12' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program kernel: protection fault trap, code=0 Stopped at sys_msgrcv+0x2df: movq 0x10(%r13),%rdi ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic the kernel did not panic ddb{1}> trace sys_msgrcv(ffff8000211ad310,ffff800021255e20,ffff800021255e70) at sys_msgrcv+0x2df syscall(ffff800021255ef0) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb2b25878be0, count: -3 ddb{1}> show registers rdi 0x106e __ALIGN_SIZE+0x6e rsi 0x20001cc8 rbp 0xffff800021255e10 rbx 0x106e __ALIGN_SIZE+0x6e rdx 0xffff800021250000 rcx 0 rax 0 r8 0x7f7fffffc000 r9 0 r10 0x48c4a4b947b635c8 r11 0x93397fccc3faa9da r12 0xfffffd806d676f28 r13 0xdead4110dead4110 r14 0xffff800000cef600 r15 0x8 rip 0xffffffff81bc92bf sys_msgrcv+0x2df cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff800021255d80 ss 0x10 sys_msgrcv+0x2df: movq 0x10(%r13),%rdi ddb{1}> show proc PROC (syz-executor4102321349) pid=37580 stat=onproc flags process=0 proc=4000000 pri=36, usrpri=53, nice=20 forw=0xffffffffffffffff, list=0xffff8000211f3318,0xffff800021237338 process=0xffff8000212225c0 user=0xffff800021250000, vmspace=0xfffffd80089fe740 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 70655 235589 43892 0 7 0 syz-executor4102321349 70655 336187 43892 0 3 0x4000080 fsleep syz-executor4102321349 *70655 37580 43892 0 7 0x4000000 syz-executor4102321349 70655 121687 43892 0 3 0x4000080 fsleep syz-executor4102321349 43892 405082 84333 0 3 0x82 nanoslp syz-executor4102321349 84333 321189 98977 0 3 0x10008a sigsusp ksh 98977 316822 55406 0 3 0x9a kqread sshd 63131 114906 1 0 3 0x100083 ttyin getty 55406 417294 1 0 3 0x88 kqread sshd 61067 204932 8680 73 3 0x1100090 kqread syslogd 8680 29466 1 0 3 0x100082 netio syslogd 36873 505284 1 0 3 0x100080 kqread resolvd 57884 377106 75201 77 3 0x100092 kqread dhcpleased 19289 124702 75201 77 3 0x100092 kqread dhcpleased 75201 300176 1 0 3 0x80 kqread dhcpleased 50372 39665 0 0 3 0x14200 bored smr 95571 380244 0 0 3 0x14200 pgzero zerothread 28747 127922 0 0 3 0x14200 aiodoned aiodoned 68852 455372 0 0 3 0x14200 syncer update 45700 472411 0 0 3 0x14200 cleaner cleaner 7118 335248 0 0 3 0x14200 reaper reaper 27733 171833 0 0 3 0x14200 pgdaemon pagedaemon 18108 230277 0 0 3 0x14200 bored viomb 73402 269220 0 0 3 0x40014200 acpi0 acpi0 97473 428126 0 0 3 0x40014200 idle1 39776 132400 0 0 3 0x14200 bored softnet3 88052 519288 0 0 3 0x14200 bored softnet2 63530 162546 0 0 3 0x14200 bored softnet1 71787 47596 0 0 3 0x14200 bored softnet0 6823 154365 0 0 3 0x14200 bored systqmp 23134 469603 0 0 3 0x14200 bored systq 53506 345157 0 0 3 0x40014200 bored softclock 83919 164901 0 0 3 0x40014200 idle0 1 80245 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 70655 (syz-executor4102321349) thread 0xffff8000211ad310 (37580) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82c80768) #0 witness_lock+0x44d #1 __mp_acquire_count+0x48 #2 mi_switch+0x3c3 #3 sleep_finish+0x184 #4 rw_enter+0x35e #5 uvmfault_lookup+0xd9 #6 uvm_fault_check+0x3e #7 uvm_fault+0xf2 #8 kpageflttrap+0x23e #9 kerntrap+0xf3 #10 alltraps_kern_meltdown+0x7b #11 copyout+0x57 #12 syscall+0x5e2 #13 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10147 6388K 6419K 78643K 11237 0 pcb 13 8K 8K 78643K 13 0 rtable 58 1K 2K 78643K 104 0 ifaddr 24 15K 15K 78643K 24 0 counters 44 33K 33K 78643K 44 0 ioctlops 0 0K 2K 78643K 21 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1174 73K 74K 78643K 1187 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 3 0K 0K 78643K 18 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 1 0K 0K 78643K 1 0 proc 55 78K 79K 78643K 246 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 11 0K 0K 78643K 11 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 1K 78643K 234 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 95 12K 12K 78643K 2310 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 3 0K 0K 78643K 3 0 temp 50 5857K 5913K 78643K 2765 0 kqueue 11 16K 18K 78643K 24 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 17 0 14 1 0 1 1 0 8 0 rtentry 112 23 0 1 1 0 1 1 0 8 0 unpcb 144 125 0 112 1 0 1 1 0 8 0 syncache 296 5 0 5 2 1 1 1 0 8 1 tcpqe 32 229 0 229 1 1 0 1 0 8 0 tcpcb 776 8 0 5 1 0 1 1 0 8 0 arp 120 2 0 0 1 0 1 1 0 8 0 inpcb 368 42 0 35 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 97 0 0 7 0 7 7 0 8 0 art_table 32 98 0 0 1 0 1 1 0 8 0 art_node 16 22 0 2 1 0 1 1 0 8 0 sysvmsgpl 40 47 0 47 1 0 1 1 0 8 1 semapl 112 16 0 15 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1422 0 37 87 0 87 87 0 8 0 ffsino 272 1422 0 37 93 0 93 93 0 8 0 nchpl 144 1606 0 47 58 0 58 58 0 8 0 uvmvnodes 80 1431 0 0 30 0 30 30 0 8 0 vnodes 216 1431 0 0 80 0 80 80 0 8 0 namei 1024 4239 0 4239 2 1 1 1 0 8 1 percpumem 16 35 0 0 1 0 1 1 0 8 0 kstatmem 264 6 0 0 1 0 1 1 0 8 0 scxspl 216 5000 0 5000 12 11 1 8 0 8 1 plimitpl 152 17 0 10 1 0 1 1 0 8 0 sigapl 424 316 0 285 4 0 4 4 0 8 0 futexpl 64 300 0 298 1 0 1 1 0 8 0 knotepl 120 41 0 0 2 0 2 2 0 8 0 kqueuepl 216 20 0 13 1 0 1 1 0 8 0 pipepl 320 99 0 96 2 1 1 1 0 8 0 fdescpl 496 299 0 285 3 1 2 3 0 8 0 filepl 152 1277 0 1223 3 0 3 3 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 17 0 9 1 0 1 1 0 8 0 pgrppl 48 17 0 9 1 0 1 1 0 8 0 ucredpl 104 66 0 56 1 0 1 1 0 8 0 zombiepl 144 285 0 285 2 1 1 1 0 8 1 processpl 1072 316 0 285 3 0 3 3 0 8 0 procpl 696 378 0 344 5 1 4 4 0 8 0 sockpl 488 184 0 161 4 0 4 4 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 5 0 0 1 0 1 1 0 8 0 mcl2k 2048 294 0 0 37 0 37 37 0 8 0 mtagpl 96 3 0 0 1 0 1 1 0 8 0 mbufpl 256 307 0 0 20 0 20 20 0 8 0 bufpl 288 2406 0 92 166 0 166 166 0 8 0 anonpl 24 169088 0 167200 26 13 13 24 0 186 1 amapchunkpl 152 8132 0 7980 7 1 6 7 0 158 0 amappl16 200 4851 0 4849 5 4 1 5 0 8 0 amappl15 192 13 0 12 1 0 1 1 0 8 0 amappl14 184 99 0 90 1 0 1 1 0 8 0 amappl13 176 19 0 18 1 0 1 1 0 8 0 amappl12 168 777 0 764 1 0 1 1 0 8 0 amappl11 160 53 0 43 1 0 1 1 0 8 0 amappl10 152 16 0 16 2 1 1 1 0 8 1 amappl9 144 149 0 149 1 1 0 1 0 8 0 amappl8 136 37 0 35 1 0 1 1 0 8 0 amappl7 128 50 0 43 1 0 1 1 0 8 0 amappl6 120 141 0 130 1 0 1 1 0 8 0 amappl5 112 80 0 74 1 0 1 1 0 8 0 amappl4 104 411 0 386 1 0 1 1 0 8 0 amappl3 96 2097 0 2064 1 0 1 1 0 8 0 amappl2 88 450 0 408 2 1 1 2 0 8 0 amappl1 80 8948 0 8521 13 2 11 11 0 8 0 amappl 88 2057 0 2001 2 0 2 2 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 299 0 285 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 299 0 285 1 0 1 1 0 8 0 vmmpekpl 168 6987 0 6968 1 0 1 1 0 8 0 vmmpepl 168 32874 0 31922 55 9 46 47 0 357 4 vmsppl 464 298 0 285 3 1 2 3 0 8 0 rwobjpl 56 18118 0 16059 31 1 30 31 0 8 0 pdppl 4096 606 0 570 54 18 36 42 0 8 0 pvpl 32 260834 0 256576 58 20 38 52 0 265 0 pmappl 248 298 0 285 2 1 1 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 476 0 21 13 0 13 13 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp ddb{0}> trace x86_ipi_db(ffffffff82c21ff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __mp_lock(ffffffff82c80560) at __mp_lock+0x122 syscall(ffff80002121f610) at syscall+0x5cd Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7acbb2cc6860, count: -6 ddb{0}> machine ddbcpu 1 Stopped at sys_msgrcv+0x2df: movq 0x10(%r13),%rdi ddb{1}> trace sys_msgrcv(ffff8000211ad310,ffff800021255e20,ffff800021255e70) at sys_msgrcv+0x2df syscall(ffff800021255ef0) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb2b25878be0, count: -3