kernel: protection fault trap, code=0 Stopped at ktrops+0x4f: movq 0x8(%r14),%r14 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace ktrops(ffff80002db41008,dead4110dead4110,0,a0c7df9b,fffffd80641255e8,fffffd807f7d7548) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002db41008,dead4110dead4110,0,a0c7df9b,fffffd80641255e8,fffffd807f7d7548) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd80641255e8,4,20c7df9b,0,ffff80002db41008) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd80641255e8,4,20c7df9b,0,ffff80002db41008) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002db41008,ffff8000378a5bb0,ffff8000378a5b00) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff8000378a5bb0) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xda0c08a28a0, count: -5 ddb> show registers rdi 0xffff80002db5a000 rsi 0xd97 rbp 0xffff8000378a58e0 rbx 0xfffffd807f7d7548 rdx 0xffff80002db5a000 rcx 0xd96 rax 0xffffffff8227a743 ktrops+0x43 r8 0xfffffd80641255e8 r9 0xfffffd807f7d7548 r10 0x37fcbbfe3cda7351 r11 0x731ca4e7175e6cd5 r12 0xffff80002db41008 r13 0xdead4110dead4110 r14 0xdead4110dead4110 r15 0xa0c7df9b rip 0xffffffff8227a74f ktrops+0x4f cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000378a5860 ss 0x10 ktrops+0x4f: movq 0x8(%r14),%r14 ddb> show proc PROC (syz-executor.1) tid=241211 pid=10898 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a689a90,0xffff80002db40578 process=0xffff80002a63dd68 user=0xffff8000378a0000, vmspace=0xfffffd807e4f7168 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 49120 47205 77710 0 2 0 syz-executor.2 49120 126235 77710 0 2 0x4000000 syz-executor.2 49120 85837 77710 0 2 0x4000000 syz-executor.2 42900 316228 85614 0 2 0 syz-executor.6 42900 167407 85614 0 3 0x4000080 fsleep syz-executor.6 92712 379814 5416 60928 2 0x10 syz-executor.0 92712 217694 5416 60928 2 0x4000010 syz-executor.0 10898 109016 71529 0 2 0 syz-executor.1 *10898 241211 71529 0 7 0x4000000 syz-executor.1 24741 337828 0 0 2 0x14280 nfsio 39579 120919 0 0 2 0x14280 nfsio 66553 232486 0 0 2 0x14280 nfsio 76100 406699 0 0 2 0x14280 nfsio 67 78039 0 0 2 0x14280 nfsio 90924 443160 0 0 2 0x14280 nfsio 13698 56897 0 0 2 0x14280 nfsio 63930 148991 0 0 2 0x14280 nfsio 73884 432178 0 0 2 0x14280 nfsio 67571 429280 0 0 2 0x14280 nfsio 28749 151201 0 0 2 0x14280 nfsio 46907 130994 0 0 2 0x14280 nfsio 59748 29687 0 0 2 0x14280 nfsio 93608 55863 0 0 2 0x14280 nfsio 61983 17748 0 0 2 0x14280 nfsio 87117 31109 0 0 2 0x14280 nfsio 74760 376680 0 0 2 0x14280 nfsio 27712 272011 0 0 2 0x14280 nfsio 73175 1655 1 0 3 0x18100083 ttyin getty 71529 522108 16250 0 2 0x482 syz-executor.1 79329 113424 16250 0 2 0x2 syz-executor.5 54923 214017 16250 0 2 0x2 syz-executor.7 41490 319214 16250 0 2 0x2 syz-executor.4 31297 7907 16250 0 2 0x2 syz-executor.3 5416 271938 16250 0 2 0x482 syz-executor.0 77710 172477 16250 0 2 0x482 syz-executor.2 85614 334960 16250 0 2 0x482 syz-executor.6 96706 240401 17691 0 3 0x18100082 netio ndp 17691 318777 1 0 3 0x810008a sigsusp sh 11766 11662 0 0 3 0x14200 bored sosplice 16250 44373 51552 0 3 0x1a000082 thrsleep syz-fuzzer 16250 199312 51552 0 2 0x1e000482 syz-fuzzer 16250 383332 51552 0 3 0x1e000082 wait syz-fuzzer 16250 409001 51552 0 3 0x1e000082 wait syz-fuzzer 16250 80976 51552 0 3 0x1e000082 wait syz-fuzzer 16250 19923 51552 0 3 0x1e000082 thrsleep syz-fuzzer 16250 166984 51552 0 3 0x1e000082 wait syz-fuzzer 16250 223092 51552 0 3 0x1e000082 wait syz-fuzzer 16250 302064 51552 0 3 0x1e000082 kqread syz-fuzzer 16250 48422 51552 0 3 0x1e000082 wait syz-fuzzer 16250 343496 51552 0 3 0x1e000082 thrsleep syz-fuzzer 16250 473352 51552 0 3 0x1e000082 wait syz-fuzzer 16250 214132 51552 0 3 0x1e000082 wait syz-fuzzer 16250 186037 51552 0 3 0x1e000082 thrsleep syz-fuzzer 51552 209132 10079 0 3 0x810008a sigsusp ksh 10079 105880 61977 0 3 0x1800009a kqread sshd 61977 333851 1 0 3 0x18000088 kqread sshd 53867 521952 54419 73 3 0x19100090 kqread syslogd 54419 134905 1 0 3 0x18100082 netio syslogd 60621 3637 1 0 3 0x18100080 kqread resolvd 32595 93025 347 77 3 0x18100092 kqread dhcpleased 49014 164931 347 77 3 0x18100092 kqread dhcpleased 347 243143 1 0 3 0x18000080 kqread dhcpleased 96439 497265 0 0 3 0x14200 bored smr 23653 495980 0 0 2 0x14200 zerothread 52037 422580 0 0 3 0x14200 aiodoned aiodoned 99858 13672 0 0 3 0x14200 syncer update 75678 476261 0 0 3 0x14200 cleaner cleaner 48044 332284 0 0 3 0x14200 reaper reaper 78319 367501 0 0 3 0x14200 pgdaemon pagedaemon 83720 90147 0 0 3 0x14200 bored viomb 77320 11441 0 0 3 0x40014200 acpi0 acpi0 88385 33286 0 0 3 0x14200 bored softnet3 85887 451434 0 0 3 0x14200 bored softnet2 32748 169584 0 0 3 0x14200 bored softnet1 14729 401455 0 0 3 0x14200 bored softnet0 49573 198368 0 0 3 0x14200 bored systqmp 27695 16303 0 0 3 0x14200 bored systq 85800 312272 0 0 3 0x40014200 tmoslp softclock 54208 365413 0 0 3 0x40014200 idle0 1 23083 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10180 6424K 7098K 166960K 17695 0 pcb 15 14K 16K 166960K 332 0 rtable 238 11K 11K 166960K 2338 0 pf 33 9K 10K 166960K 278 0 ifaddr 45 12K 12K 166960K 303 0 ifgroup 58 2K 2K 166960K 461 0 sysctl 2 0K 0K 166960K 2 0 counters 32 17K 17K 166960K 140 0 ioctlops 0 0K 2K 166960K 259 0 iov 0 0K 18K 166960K 776 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1473 93K 93K 166960K 3714 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 52 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 521 0 dirhash 12 2K 2K 166960K 21 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 85K 166960K 5083 0 sigio 0 0K 0K 166960K 141 0 proc 58 59K 92K 166960K 1954 0 subproc 117 7K 7K 166960K 715 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 313 0 in_multi 99 7K 7K 166960K 667 0 ether_multi 1 0K 0K 166960K 5 0 mrt 0 0K 0K 166960K 2 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 79 360K 360K 166960K 79 0 exec 0 0K 1K 166960K 2171 0 pfkey data 0 0K 0K 166960K 5 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 374 241K 248K 166960K 47008 0 UVM aobj 99 3K 3K 166960K 106 0 pinsyscall 25 50K 100K 166960K 2799 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 117 0 NDP 13 0K 2K 166960K 231 0 temp 74 6804K 7440K 166960K 37699 0 kqueue 12 18K 27K 166960K 475 0 SYN cache 2 104K 112K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 297 0 293 3 0 3 3 0 8 2 rtentry 112 803 0 694 4 0 4 4 0 8 0 unpcb 144 3894 0 3881 12 3 9 12 0 8 8 syncache 336 58 0 58 1 0 1 1 0 8 1 sackhl 24 1 0 1 1 0 1 1 0 8 1 tcpqe 32 230 0 230 1 0 1 1 0 8 1 tcpcb 808 1293 0 1280 10 1 9 10 0 8 7 arp 88 157 0 139 1 0 1 1 0 8 0 ipq 40 4 0 3 1 0 1 1 0 8 0 ipqe 40 11 0 10 1 0 1 1 0 8 0 inpcb 360 3124 0 3108 12 3 9 12 0 8 6 nd6 104 170 0 146 1 0 1 1 0 8 0 pkpcb 40 151 0 151 2 0 2 2 0 8 2 kcovpl 48 55 0 46 1 0 1 1 0 8 0 ppxss 1072 29 0 29 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2620 0 2166 67 38 29 30 0 8 0 art_table 32 2621 0 2166 4 0 4 4 0 8 0 art_node 16 764 0 665 1 0 1 1 0 8 0 semupl 112 4 0 4 1 0 1 1 0 8 1 semapl 112 516 0 506 1 0 1 1 0 8 0 shmpl 112 103 0 7 3 0 3 3 0 8 0 dirhash 1024 23 0 6 3 0 3 3 0 8 0 dino2pl 256 7737 0 6198 97 0 97 97 0 8 0 ffsino 240 7737 0 6198 91 0 91 91 0 8 0 nchpl 144 14279 0 12551 66 0 66 66 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 53615 0 53613 3 0 3 3 0 8 2 vcpupl 2048 23 0 0 3 0 3 3 0 8 0 vmpool 664 29 0 6 3 0 3 3 0 8 1 kstatmem 264 242 0 216 2 0 2 2 0 8 0 scxspl 216 57726 0 57726 8 0 8 8 1 8 8 plimitpl 152 450 0 434 1 0 1 1 0 8 0 sigapl 424 5354 0 5292 8 0 8 8 0 8 0 futexpl 64 41240 0 41239 1 0 1 1 0 8 0 knotepl 120 43246 0 43164 16 6 10 16 0 8 7 kqueuepl 184 1212 0 1204 7 0 7 7 0 8 6 pipepl 288 1192 0 1161 7 0 7 7 0 8 4 fdescpl 432 5276 0 5249 4 0 4 4 0 8 0 filepl 120 30859 0 30605 21 7 14 19 0 8 5 lockfpl 104 935 0 932 2 0 2 2 0 8 1 lockfspl 48 392 0 389 1 0 1 1 0 8 0 sessionpl 144 73 0 56 1 0 1 1 0 8 0 pgrppl 48 81 0 64 1 0 1 1 0 8 0 ucredpl 104 3709 0 3698 1 0 1 1 0 8 0 zombiepl 144 5292 0 5292 1 0 1 1 0 8 1 processpl 1072 5354 0 5292 5 0 5 5 0 8 0 procpl 680 12173 0 12093 9 0 9 9 0 8 1 sosppl 168 58 0 58 1 0 1 1 0 8 1 sockpl 488 7473 0 7440 125 112 13 52 0 8 8 mcl64k 65536 190 0 190 1 0 1 1 0 8 1 mcl16k 16384 88 0 88 1 0 1 1 0 8 1 mcl12k 12288 175 0 175 1 0 1 1 0 8 1 mcl9k 9216 78 0 78 1 0 1 1 0 8 1 mcl8k 8192 274 0 274 1 0 1 1 0 8 1 mcl4k 4096 449 0 449 1 0 1 1 0 8 1 mcl2k2 2112 34 0 34 1 0 1 1 0 8 1 mcl2k 2048 84574 0 84528 32 18 14 26 0 8 7 mtagpl 96 565 0 565 7 0 7 7 0 8 7 mbufpl 256 174125 0 173997 115 97 18 63 0 8 5 bufpl 280 13321 0 6982 454 0 454 454 0 8 0 anonpl 24 625865 0 610945 132 0 132 132 0 188 30 amapchunkpl 152 161272 0 160442 50 0 50 50 0 158 10 amappl16 200 12937 0 12487 36 3 33 36 0 8 7 amappl15 192 82 0 80 1 0 1 1 0 8 0 amappl14 184 316 0 301 2 0 2 2 0 8 1 amappl13 176 58 0 57 1 0 1 1 0 8 0 amappl12 168 6621 0 6588 2 0 2 2 0 8 0 amappl11 160 64 0 53 1 0 1 1 0 8 0 amappl10 152 88 0 80 1 0 1 1 0 8 0 amappl9 144 168 0 166 1 0 1 1 0 8 0 amappl8 136 335 0 266 3 0 3 3 0 8 0 amappl7 128 95 0 81 1 0 1 1 0 8 0 amappl6 120 924 0 903 2 0 2 2 0 8 1 amappl5 112 455 0 443 1 0 1 1 0 8 0 amappl4 104 910 0 874 2 0 2 2 0 8 0 amappl3 96 29119 0 29046 3 0 3 3 0 8 0 amappl2 88 6007 0 5935 4 0 4 4 0 8 1 amappl1 80 30155 0 29638 22 3 19 22 0 8 6 amappl 88 45962 0 45736 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 105 0 7 2 0 2 2 0 8 0 uaddrrnd 24 5305 0 5255 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5305 0 5255 1 0 1 1 0 8 0 vmmpekpl 168 41069 0 40999 4 0 4 4 0 8 0 vmmpepl 168 356235 0 354000 138 0 138 138 0 357 23 vmsppl 352 5304 0 5255 6 0 6 6 0 8 1 rwobjpl 24 89177 0 81650 47 0 47 47 0 8 0 pdppl 4096 10616 0 10533 392 303 89 97 0 8 6 pvpl 32 1707607 0 1686738 389 41 348 389 0 265 166 pmappl 216 5304 0 5255 4 0 4 4 0 8 1 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 838 0 457 13 0 13 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ktrops(ffff80002db41008,dead4110dead4110,0,a0c7df9b,fffffd80641255e8,fffffd807f7d7548) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002db41008,dead4110dead4110,0,a0c7df9b,fffffd80641255e8,fffffd807f7d7548) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd80641255e8,4,20c7df9b,0,ffff80002db41008) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd80641255e8,4,20c7df9b,0,ffff80002db41008) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002db41008,ffff8000378a5bb0,ffff8000378a5b00) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff8000378a5bb0) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xda0c08a28a0, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ktrops(ffff80002db41008,dead4110dead4110,0,a0c7df9b,fffffd80641255e8,fffffd807f7d7548) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002db41008,dead4110dead4110,0,a0c7df9b,fffffd80641255e8,fffffd807f7d7548) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd80641255e8,4,20c7df9b,0,ffff80002db41008) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd80641255e8,4,20c7df9b,0,ffff80002db41008) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002db41008,ffff8000378a5bb0,ffff8000378a5b00) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff8000378a5bb0) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xda0c08a28a0, count: -5