kernel: protection fault trap, code=0 Stopped at ktrops+0x4e: movq 0x8(%rbx),%r14 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace ktrops(ffff80002a7032b8,deaf4152deaf4152,0,80001100,fffffd806fc7b520,fffffd807f7d7618) at ktrops+0x4e ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a7032b8,deaf4152deaf4152,0,80001100,fffffd806fc7b520,fffffd807f7d7618) at ktrops+0x4e sys/kern/kern_ktrace.c:561 doktrace(fffffd806fc7b520,4,1100,ffffffff,ffff80002a7032b8) at doktrace+0x428 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806fc7b520,4,1100,ffffffff,ffff80002a7032b8) at doktrace+0x428 sys/kern/kern_ktrace.c:493 sys_ktrace(ffff80002a7032b8,ffff80002c153d30,ffff80002c153d80) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff80002c153df0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x5bac1f641d0, count: -5 ddb> show registers rdi 0xffff80002a7032b8 rsi 0xdeaf4152deaf4152 rbp 0xffff80002c153b20 rbx 0xdeaf4152deaf4152 rdx 0 rcx 0x80001100 __kernel_virt_to_phys+0x1100 rax 0xffff80002a7032b8 r8 0xfffffd806fc7b520 r9 0xfffffd807f7d7618 r10 0xd59d1c182ae9c815 r11 0xf1f9f5a096e24e9f r12 0xffff80002a5cf3b0 r13 0xfffffd807f7d7618 r14 0xffff80002a7032b8 r15 0x80001100 __kernel_virt_to_phys+0x1100 rip 0xffffffff81c28b6e ktrops+0x4e cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002c153aa0 ss 0x10 ktrops+0x4e: movq 0x8(%rbx),%r14 ddb> show proc PROC (syz-executor.5) tid=362885 pid=9411 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=74, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a702818,0xffff80002a703818 process=0xffff80002a6953c0 user=0xffff80002c14e000, vmspace=0xfffffd8075c35008 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 9411 454366 30607 0 2 0 syz-executor.5 * 9411 362885 30607 0 7 0x4000000 syz-executor.5 9411 150400 30607 0 3 0x4000080 netio syz-executor.5 86876 261585 53029 0 3 0x80 nanoslp syz-executor.2 86876 352875 53029 0 2 0x4000000 syz-executor.2 86876 245730 53029 0 3 0x4000080 fsleep syz-executor.2 30607 339374 55601 0 3 0x82 nanoslp syz-executor.5 97838 177312 55601 0 2 0x2 syz-executor.4 53029 484539 55601 0 3 0x82 nanoslp syz-executor.2 68029 383266 55601 0 2 0x2 syz-executor.1 15094 523236 55601 0 2 0x2 syz-executor.6 66626 132199 1 0 3 0x100083 ttyin getty 16811 46164 0 0 3 0x14200 acct acct 48343 252273 0 0 3 0x14280 nfsidl nfsio 79378 241167 0 0 3 0x14280 nfsidl nfsio 96717 495182 0 0 3 0x14280 nfsidl nfsio 38537 344078 0 0 3 0x14280 nfsidl nfsio 48634 437807 0 0 3 0x14280 nfsidl nfsio 24557 296768 0 0 3 0x14280 nfsidl nfsio 93279 508198 0 0 3 0x14280 nfsidl nfsio 3817 173298 0 0 3 0x14280 nfsidl nfsio 37068 232752 0 0 3 0x14280 nfsidl nfsio 48500 214115 0 0 3 0x14280 nfsidl nfsio 50674 504494 0 0 3 0x14280 nfsidl nfsio 20011 423545 0 0 3 0x14280 nfsidl nfsio 96585 441687 0 0 3 0x14280 nfsidl nfsio 43223 211640 0 0 3 0x14280 nfsidl nfsio 24066 268306 0 0 3 0x14280 nfsidl nfsio 32161 495381 0 0 3 0x14280 nfsidl nfsio 47938 146567 0 0 3 0x14280 nfsidl nfsio 9236 389139 0 0 3 0x14280 nfsidl nfsio 48237 118547 0 0 3 0x14280 nfsidl nfsio 89014 345118 0 0 3 0x14280 nfsidl nfsio 43742 234195 0 0 3 0x14200 bored sosplice 55601 362871 23504 0 3 0x2000082 thrsleep syz-fuzzer 55601 419026 23504 0 3 0x6000082 nanoslp syz-fuzzer 55601 145285 23504 0 3 0x6000082 wait syz-fuzzer 55601 283284 23504 0 3 0x6000082 wait syz-fuzzer 55601 376602 23504 0 3 0x6000082 thrsleep syz-fuzzer 55601 338322 23504 0 3 0x6000082 thrsleep syz-fuzzer 55601 186713 23504 0 3 0x6000082 wait syz-fuzzer 55601 478231 23504 0 3 0x6000082 wait syz-fuzzer 55601 299115 23504 0 3 0x6000082 thrsleep syz-fuzzer 55601 242736 23504 0 3 0x6000082 thrsleep syz-fuzzer 55601 25377 23504 0 3 0x6000082 wait syz-fuzzer 55601 137983 23504 0 3 0x6000082 wait syz-fuzzer 55601 4197 23504 0 2 0x6000002 syz-fuzzer 55601 268649 23504 0 3 0x6000082 thrsleep syz-fuzzer 55601 108127 23504 0 3 0x6000082 wait syz-fuzzer 23504 365357 24330 0 3 0x10008a sigsusp ksh 24330 66135 59352 0 3 0x9a kqread sshd 59352 175123 1 0 3 0x88 kqread sshd 28338 90850 3996 73 3 0x1100090 kqread syslogd 3996 87407 1 0 3 0x100082 netio syslogd 30488 320525 1 0 3 0x100080 kqread resolvd 23274 342846 26116 77 3 0x100092 kqread dhcpleased 15647 178420 26116 77 3 0x100092 kqread dhcpleased 26116 117970 1 0 3 0x80 kqread dhcpleased 39601 174768 0 0 3 0x14200 bored smr 87559 200027 0 0 2 0x14200 zerothread 26829 25138 0 0 3 0x14200 aiodoned aiodoned 98435 486618 0 0 3 0x14200 syncer update 41152 122385 0 0 3 0x14200 cleaner cleaner 87021 238942 0 0 3 0x14200 reaper reaper 99859 384777 0 0 3 0x14200 pgdaemon pagedaemon 35480 300123 0 0 3 0x14200 bored viomb 67611 459330 0 0 3 0x40014200 acpi0 acpi0 30221 522967 0 0 3 0x14200 bored softnet3 1336 111969 0 0 3 0x14200 bored softnet2 69618 375835 0 0 3 0x14200 bored softnet1 73592 250959 0 0 3 0x14200 bored softnet0 22170 399720 0 0 3 0x14200 bored systqmp 29496 242283 0 0 3 0x14200 bored systq 61416 29840 0 0 3 0x40014200 tmoslp softclock 25277 147247 0 0 3 0x40014200 idle0 1 331297 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10215 6501K 7135K 166960K 43832 0 pcb 13 16K 18K 166960K 1534 0 rtable 244 15K 16K 166960K 5157 0 pf 34 9K 10K 166960K 779 0 ifaddr 45 15K 15K 166960K 707 0 ifgroup 59 2K 2K 166960K 1290 0 sysctl 4 1K 2K 166960K 55 0 counters 32 17K 17K 166960K 370 0 ioctlops 0 0K 2K 166960K 1397 0 iov 0 0K 40K 166960K 17564 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1483 93K 93K 166960K 14670 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 231 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 3262 0 dirhash 12 2K 2K 166960K 108 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 12 41K 77K 166960K 25025 0 sigio 0 0K 0K 166960K 547 0 proc 58 59K 108K 166960K 4304 0 subproc 104 6K 7K 166960K 1450 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1814 0 in_multi 99 7K 7K 166960K 1388 0 ether_multi 1 0K 0K 166960K 6 0 mrt 1 0K 0K 166960K 9 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 223 996K 996K 166960K 223 0 exec 0 0K 1K 166960K 4915 0 pfkey data 0 0K 0K 166960K 100 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 605 810K 820K 166960K 231636 0 UVM aobj 131 5K 5K 166960K 131 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 576 0 NDP 13 0K 2K 166960K 577 0 temp 74 5924K 6052K 166960K 245430 0 kqueue 13 20K 29K 166960K 1496 0 SYN cache 2 2456K 2464K 166960K 4 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 2567 0 2564 28 26 2 5 0 8 1 rtentry 112 1611 0 1501 6 2 4 4 0 8 0 unpcb 144 47640 0 47623 240 234 6 11 0 8 5 syncache 312 212 0 212 34 33 1 1 0 8 1 sackhl 24 2 0 2 2 2 0 1 0 8 0 tcpqe 32 417 0 417 33 32 1 1 0 8 1 tcpcb 808 5512 0 5473 167 160 7 16 0 8 1 arp 88 338 0 320 1 0 1 1 0 8 0 ipq 40 13 0 13 8 8 0 1 0 8 0 ipqe 40 81 0 81 8 8 0 1 0 8 0 inpcb 336 17212 0 17170 243 236 7 14 0 8 1 nd6 104 352 0 327 1 0 1 1 0 8 0 pkpcb 40 275 0 275 13 13 0 1 0 8 0 kcovpl 48 111 0 103 1 0 1 1 0 8 0 ppxss 1160 95 0 95 24 24 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 5579 0 5111 81 51 30 31 0 8 0 art_table 32 5580 0 5111 4 0 4 4 0 8 0 art_node 16 1519 0 1420 1 0 1 1 0 8 0 sysvmsgpl 40 9 0 0 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 3258 0 3248 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 81 0 64 3 0 3 3 0 8 0 dino2pl 256 38411 0 36815 100 0 100 100 0 8 0 ffsino 240 38411 0 36815 95 0 95 95 0 8 0 nchpl 144 72209 0 70560 63 0 63 63 0 8 0 uvmvnodes 80 8234 0 0 169 0 169 169 0 8 0 vnodes 216 8234 0 0 458 0 458 458 0 8 0 namei 1024 260804 0 260804 13 12 1 3 0 8 1 vcpupl 2048 333 0 1 42 0 42 42 0 8 0 vmpool 664 379 0 47 29 1 28 28 0 8 0 kstatmem 264 702 0 676 2 0 2 2 0 8 0 scxspl 216 352712 0 352712 106 103 3 8 1 8 3 plimitpl 152 2506 0 2491 1 0 1 1 0 8 0 sigapl 424 25111 0 25049 8 0 8 8 0 8 0 futexpl 64 249786 0 249785 2 1 1 1 0 8 0 knotepl 120 212611 0 212523 67 64 3 17 0 8 0 kqueuepl 184 2914 0 2904 23 22 1 4 0 8 0 pipepl 288 4295 0 4265 92 89 3 7 0 8 0 fdescpl 432 25073 0 25050 4 0 4 4 0 8 0 filepl 120 190246 0 190000 222 208 14 18 0 8 6 lockfpl 104 5908 0 5906 8 7 1 2 0 8 0 lockfspl 48 2116 0 2114 1 0 1 1 0 8 0 sessionpl 144 126 0 110 1 0 1 1 0 8 0 pgrppl 48 381 0 365 1 0 1 1 0 8 0 ucredpl 104 28836 0 28819 1 0 1 1 0 8 0 zombiepl 144 25053 0 25049 2 1 1 1 0 8 0 processpl 1008 25111 0 25049 11 2 9 9 0 8 0 procpl 680 62927 0 62847 44 35 9 10 0 8 1 sosppl 168 258 0 258 19 19 0 1 0 8 0 sockpl 456 67754 0 67692 1424 1406 18 40 0 8 9 mcl64k 65536 972 0 972 28 27 1 1 0 8 1 mcl16k 16384 550 0 550 38 37 1 1 0 8 1 mcl12k 12288 1000 0 1000 31 30 1 1 0 8 1 mcl9k 9216 328 0 328 41 40 1 1 0 8 1 mcl8k 8192 2788 0 2788 16 15 1 1 0 8 1 mcl4k 4096 3383 0 3383 17 16 1 2 0 8 1 mcl2k2 2112 223 0 223 54 53 1 1 0 8 1 mcl2k 2048 124763 0 124717 119 111 8 26 0 8 1 mtagpl 96 4454 0 4336 53 46 7 14 0 8 2 mbufpl 256 443989 0 442826 1137 1055 82 92 0 8 9 bufpl 288 185231 0 176819 601 0 601 601 0 8 0 anonpl 24 2775695 0 2761431 313 200 113 139 0 188 10 amapchunkpl 152 786593 0 785761 278 232 46 52 0 158 8 amappl16 200 70875 0 70418 212 176 36 38 0 8 8 amappl15 192 26 0 26 4 4 0 1 0 8 0 amappl14 184 478 0 466 2 1 1 2 0 8 0 amappl13 176 86 0 85 1 0 1 1 0 8 0 amappl12 168 27274 0 27247 2 0 2 2 0 8 0 amappl11 160 86 0 76 1 0 1 1 0 8 0 amappl10 152 150 0 137 2 1 1 1 0 8 0 amappl9 144 228 0 227 28 27 1 1 0 8 0 amappl8 136 1080 0 893 8 1 7 7 0 8 0 amappl7 128 438 0 412 2 0 2 2 0 8 0 amappl6 120 2033 0 2013 2 1 1 2 0 8 0 amappl5 112 564 0 555 1 0 1 1 0 8 0 amappl4 104 1373 0 1343 2 1 1 2 0 8 0 amappl3 96 143551 0 143457 13 9 4 4 0 8 1 amappl2 88 28051 0 27974 3 1 2 3 0 8 0 amappl1 80 104551 0 104060 24 13 11 22 0 8 0 amappl 88 229704 0 229418 9 1 8 8 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 25452 0 25097 3 0 3 3 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 25452 0 25097 3 0 3 3 0 8 0 vmmpekpl 168 165737 0 165633 5 0 5 5 0 8 0 vmmpepl 168 1528650 0 1526034 393 249 144 149 0 357 0 vmsppl 368 25451 0 25097 33 0 33 33 0 8 0 rwobjpl 24 371430 0 361398 71 9 62 62 0 8 1 pdppl 4096 50910 0 50526 1316 924 392 396 0 8 8 pvpl 32 7300722 0 7281323 774 572 202 344 0 265 29 pmappl 216 25451 0 25097 22 1 21 21 0 8 1 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 4223 0 2803 41 0 41 41 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ktrops(ffff80002a7032b8,deaf4152deaf4152,0,80001100,fffffd806fc7b520,fffffd807f7d7618) at ktrops+0x4e ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a7032b8,deaf4152deaf4152,0,80001100,fffffd806fc7b520,fffffd807f7d7618) at ktrops+0x4e sys/kern/kern_ktrace.c:561 doktrace(fffffd806fc7b520,4,1100,ffffffff,ffff80002a7032b8) at doktrace+0x428 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806fc7b520,4,1100,ffffffff,ffff80002a7032b8) at doktrace+0x428 sys/kern/kern_ktrace.c:493 sys_ktrace(ffff80002a7032b8,ffff80002c153d30,ffff80002c153d80) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff80002c153df0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x5bac1f641d0, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ktrops(ffff80002a7032b8,deaf4152deaf4152,0,80001100,fffffd806fc7b520,fffffd807f7d7618) at ktrops+0x4e ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a7032b8,deaf4152deaf4152,0,80001100,fffffd806fc7b520,fffffd807f7d7618) at ktrops+0x4e sys/kern/kern_ktrace.c:561 doktrace(fffffd806fc7b520,4,1100,ffffffff,ffff80002a7032b8) at doktrace+0x428 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806fc7b520,4,1100,ffffffff,ffff80002a7032b8) at doktrace+0x428 sys/kern/kern_ktrace.c:493 sys_ktrace(ffff80002a7032b8,ffff80002c153d30,ffff80002c153d80) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff80002c153df0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x5bac1f641d0, count: -5