kernel: protection fault trap, code=0 Stopped at ktrops+0x4e: movq 0x8(%rbx),%r14 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace ktrops(ffff80002a6aad50,deadbeefdeadbeef,0,80000214,fffffd806b2c4da8,fffffd807f7d7958) at ktrops+0x4e ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a6aad50,deadbeefdeadbeef,0,80000214,fffffd806b2c4da8,fffffd807f7d7958) at ktrops+0x4e sys/kern/kern_ktrace.c:561 doktrace(fffffd806b2c4da8,4,214,0,ffff80002a6aad50) at doktrace+0x524 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806b2c4da8,4,214,0,ffff80002a6aad50) at doktrace+0x524 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a6aad50,ffff800035d91130,ffff800035d91170) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff800035d91230) at syscall+0x5ef sys/arch/amd64/amd64/trap.c:591 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x456b9f0ab0, count: -5 ddb> show registers rdi 0xffff80002db3a000 rsi 0xe63 rbp 0xffff800035d90f20 rbx 0xdeadbeefdeadbeef rdx 0xffff80002db3a000 rcx 0xe62 rax 0xffffffff81de6363 ktrops+0x43 r8 0xfffffd806b2c4da8 r9 0xfffffd807f7d7958 r10 0x8a229d18848517e9 r11 0x85fa9dde4aa7d91a r12 0xdeadbeefdeadbeef r13 0xfffffd807f7d7958 r14 0xffff80002a6aad50 r15 0x80000214 __kernel_virt_to_phys+0x214 rip 0xffffffff81de636e ktrops+0x4e cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800035d90ea0 ss 0x10 ktrops+0x4e: movq 0x8(%rbx),%r14 ddb> show proc PROC (syz-executor.1) tid=307826 pid=69891 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a6abd40,0xffff80002a6ab2b0 process=0xffff80002a695100 user=0xffff800035d8c000, vmspace=0xfffffd807bb885e8 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 61438 271630 92058 0 2 0 syz-executor.3 61438 431101 92058 0 2 0x4000000 syz-executor.3 61438 101346 92058 0 2 0x4000000 syz-executor.3 61438 75919 92058 0 2 0x4000000 syz-executor.3 66987 511495 35282 0 3 0x80 nanoslp syz-executor.0 66987 302994 35282 0 3 0x4000080 fsleep syz-executor.0 69891 16529 60374 0 2 0 syz-executor.1 *69891 307826 60374 0 7 0x4000000 syz-executor.1 24628 389092 44198 0 2 0 syz-executor.6 24628 390301 44198 0 3 0x4000080 fsleep syz-executor.6 34688 210888 0 0 2 0x14280 nfsio 65426 170325 0 0 2 0x14280 nfsio 1565 235131 0 0 2 0x14280 nfsio 40817 117728 0 0 2 0x14280 nfsio 59714 413307 0 0 2 0x14280 nfsio 54893 88140 0 0 2 0x14280 nfsio 85732 13952 0 0 2 0x14280 nfsio 56461 480381 0 0 2 0x14280 nfsio 44963 369243 0 0 2 0x14280 nfsio 61720 83404 0 0 2 0x14280 nfsio 50399 173370 0 0 2 0x14280 nfsio 86006 461549 0 0 2 0x14280 nfsio 83248 308206 0 0 2 0x14280 nfsio 6719 476034 0 0 2 0x14280 nfsio 66123 53062 0 0 2 0x14280 nfsio 67816 468449 0 0 2 0x14280 nfsio 61234 222762 0 0 2 0x14280 nfsio 84623 74296 0 0 2 0x14280 nfsio 60374 15348 5797 0 3 0x82 nanoslp syz-executor.1 9826 364121 5797 0 3 0x2 biowait syz-executor.2 92732 428174 5797 0 3 0x82 nanoslp syz-executor.5 49015 37047 0 0 3 0x14200 acct acct 44198 57614 5797 0 3 0x82 nanoslp syz-executor.6 92058 349896 5797 0 2 0x482 syz-executor.3 35282 477135 5797 0 3 0x82 nanoslp syz-executor.0 91519 152737 5797 0 2 0x2 syz-executor.4 13152 351962 5797 0 2 0x2 syz-executor.7 86190 241152 1 0 3 0x100083 ttyin getty 41056 482736 0 0 3 0x14200 bored sosplice 5797 226146 44068 0 3 0x2000082 thrsleep syz-fuzzer 5797 502749 44068 0 3 0x6000082 nanoslp syz-fuzzer 5797 367268 44068 0 3 0x6000082 wait syz-fuzzer 5797 48580 44068 0 3 0x6000082 wait syz-fuzzer 5797 236361 44068 0 3 0x6000082 kqread syz-fuzzer 5797 200480 44068 0 3 0x6000082 thrsleep syz-fuzzer 5797 310408 44068 0 3 0x6000082 wait syz-fuzzer 5797 52483 44068 0 3 0x6000082 wait syz-fuzzer 5797 11806 44068 0 3 0x6000082 wait syz-fuzzer 5797 82185 44068 0 3 0x6000082 wait syz-fuzzer 5797 339904 44068 0 3 0x6000082 thrsleep syz-fuzzer 5797 101291 44068 0 3 0x6000082 wait syz-fuzzer 5797 98513 44068 0 3 0x6000082 wait syz-fuzzer 5797 83891 44068 0 3 0x6000082 thrsleep syz-fuzzer 44068 519935 14701 0 3 0x10008a sigsusp ksh 14701 396470 76960 0 3 0x9a kqread sshd 76960 496017 1 0 3 0x88 kqread sshd 48946 213812 52846 73 3 0x1100090 kqread syslogd 52846 420270 1 0 3 0x100082 netio syslogd 1227 398436 1 0 3 0x100080 kqread resolvd 28046 121899 68399 77 3 0x100092 kqread dhcpleased 2166 402008 68399 77 3 0x100092 kqread dhcpleased 68399 168508 1 0 3 0x80 kqread dhcpleased 14292 522614 0 0 3 0x14200 bored smr 9373 316978 0 0 2 0x14200 zerothread 35123 473439 0 0 3 0x14200 aiodoned aiodoned 41487 333309 0 0 3 0x14200 syncer update 85562 311200 0 0 3 0x14200 cleaner cleaner 12651 475429 0 0 3 0x14200 reaper reaper 69947 247606 0 0 3 0x14200 pgdaemon pagedaemon 24758 127152 0 0 3 0x14200 bored viomb 37870 124043 0 0 3 0x40014200 acpi0 acpi0 80106 61760 0 0 3 0x14200 bored softnet3 40720 523597 0 0 3 0x14200 bored softnet2 92505 511658 0 0 3 0x14200 bored softnet1 92565 524158 0 0 3 0x14200 bored softnet0 48784 132826 0 0 3 0x14200 bored systqmp 34353 240252 0 0 3 0x14200 bored systq 69278 135465 0 0 3 0x40014200 tmoslp softclock 61366 333969 0 0 3 0x40014200 idle0 1 521343 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10223 6441K 7235K 166960K 25931 0 pcb 15 20K 22K 166960K 552 0 rtable 201 15K 17K 166960K 2168 0 pf 35 9K 10K 166960K 264 0 ifaddr 42 11K 12K 166960K 284 0 ifgroup 62 2K 2K 166960K 445 0 sysctl 3 0K 0K 166960K 3 0 counters 33 17K 18K 166960K 128 0 ioctlops 0 0K 2K 166960K 440 0 iov 0 0K 24K 166960K 855 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1437 90K 90K 166960K 6070 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 128 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 752 0 dirhash 12 2K 2K 166960K 27 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 77K 166960K 7000 0 sigio 1 0K 0K 166960K 183 0 proc 58 59K 75K 166960K 1882 0 subproc 104 6K 6K 166960K 628 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 634 0 in_multi 78 5K 7K 166960K 655 0 ether_multi 1 0K 0K 166960K 10 0 mrt 1 0K 0K 166960K 8 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 223 996K 996K 166960K 223 0 exec 0 0K 1K 166960K 2274 0 pfkey data 0 0K 0K 166960K 70 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 391 317K 319K 166960K 65338 0 UVM aobj 131 4K 4K 166960K 131 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 170 0 NDP 14 0K 2K 166960K 214 0 temp 74 6704K 7004K 166960K 110671 0 kqueue 12 18K 26K 166960K 452 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 414 0 411 5 4 1 3 0 8 0 rtentry 112 761 0 674 5 1 4 4 0 8 0 unpcb 144 6000 0 5987 63 61 2 11 0 8 1 syncache 312 78 0 78 12 12 0 1 0 8 0 tcpqe 32 164 0 164 11 11 0 1 0 8 0 tcpcb 808 2596 0 2573 75 71 4 14 0 8 0 arp 88 127 0 117 1 0 1 1 0 8 0 ipq 40 3 0 3 3 2 1 1 0 8 1 ipqe 40 11 0 11 3 2 1 1 0 8 1 inpcb 336 6435 0 6409 83 77 6 14 0 8 1 nd6 104 167 0 146 1 0 1 1 0 8 0 pkpcb 40 224 0 224 12 12 0 1 0 8 0 kcovpl 48 48 0 40 1 0 1 1 0 8 0 ppxss 1160 18 0 18 5 4 1 1 0 8 1 art_heap8 4096 42 0 40 4 2 2 3 0 8 0 art_heap4 256 2932 0 2494 54 26 28 29 0 8 0 art_table 32 2974 0 2534 4 0 4 4 0 8 0 art_node 16 760 0 680 1 0 1 1 0 8 0 sysvmsgpl 40 6 0 2 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 747 0 737 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 27 0 10 3 0 3 3 0 8 0 dino2pl 256 10274 0 8804 93 0 93 93 0 8 0 ffsino 240 10274 0 8804 87 0 87 87 0 8 0 nchpl 144 19786 0 18146 63 0 63 63 0 8 0 uvmvnodes 80 6429 0 0 132 0 132 132 0 8 0 vnodes 216 6429 0 0 358 0 358 358 0 8 0 namei 1024 70685 0 70684 5 4 1 3 0 8 0 vcpupl 2048 27 0 0 4 0 4 4 0 8 0 vmpool 664 34 0 7 3 0 3 3 0 8 0 kstatmem 264 218 0 190 3 0 3 3 0 8 1 scxspl 216 70696 0 70695 26 24 2 8 1 8 1 plimitpl 152 851 0 836 1 0 1 1 0 8 0 sigapl 424 7551 0 7489 8 0 8 8 0 8 0 futexpl 64 63924 0 63922 5 4 1 1 0 8 0 knotepl 120 61654 0 61571 19 15 4 14 0 8 1 kqueuepl 184 1173 0 1165 15 14 1 4 0 8 0 pipepl 288 1127 0 1099 25 22 3 7 0 8 0 fdescpl 432 7193 0 7167 7 3 4 4 0 8 0 filepl 120 45210 0 44970 67 56 11 16 0 8 1 lockfpl 104 2392 0 2390 6 5 1 2 0 8 0 lockfspl 48 950 0 948 1 0 1 1 0 8 0 sessionpl 144 65 0 49 1 0 1 1 0 8 0 pgrppl 48 138 0 122 1 0 1 1 0 8 0 ucredpl 104 6595 0 6581 1 0 1 1 0 8 0 zombiepl 144 7490 0 7489 1 0 1 1 0 8 0 processpl 1080 7551 0 7489 5 0 5 5 0 8 0 procpl 680 17475 0 17394 15 7 8 9 0 8 0 sosppl 168 81 0 75 8 7 1 1 0 8 0 sockpl 456 13092 0 13050 284 269 15 38 0 8 7 mcl64k 65536 217 0 217 11 10 1 1 0 8 1 mcl16k 16384 185 0 185 13 12 1 1 0 8 1 mcl12k 12288 302 0 302 13 12 1 1 0 8 1 mcl9k 9216 98 0 98 17 16 1 1 0 8 1 mcl8k 8192 422 0 422 12 11 1 1 0 8 1 mcl4k 4096 722 0 722 12 11 1 2 0 8 1 mcl2k2 2112 33 0 33 13 13 0 1 0 8 0 mcl2k 2048 84570 0 84380 81 56 25 30 0 8 0 mtagpl 96 2433 0 1661 40 21 19 19 0 8 0 mbufpl 256 207041 0 206147 516 457 59 175 0 8 0 bufpl 288 20735 0 14345 457 0 457 457 0 8 0 anonpl 24 902306 0 887839 247 140 107 176 0 188 0 amapchunkpl 152 210787 0 209945 110 72 38 70 0 158 1 amappl16 200 21275 0 20821 90 61 29 38 0 8 0 amappl15 192 18 0 16 1 0 1 1 0 8 0 amappl14 184 319 0 306 2 1 1 2 0 8 0 amappl13 176 41 0 40 3 2 1 1 0 8 0 amappl12 168 8488 0 8459 2 0 2 2 0 8 0 amappl11 160 58 0 48 1 0 1 1 0 8 0 amappl10 152 67 0 56 1 0 1 1 0 8 0 amappl9 144 176 0 176 8 7 1 1 0 8 1 amappl8 136 471 0 380 4 0 4 4 0 8 0 amappl7 128 253 0 230 2 0 2 2 0 8 0 amappl6 120 867 0 856 1 0 1 1 0 8 0 amappl5 112 239 0 230 1 0 1 1 0 8 0 amappl4 104 762 0 736 2 1 1 2 0 8 0 amappl3 96 40987 0 40904 3 0 3 3 0 8 0 amappl2 88 8042 0 7970 3 1 2 3 0 8 0 amappl1 80 36828 0 36319 22 10 12 22 0 8 0 amappl 88 64284 0 64051 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 7227 0 7174 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 7227 0 7174 1 0 1 1 0 8 0 vmmpekpl 168 54878 0 54820 4 0 4 4 0 8 0 vmmpepl 168 458734 0 456471 262 142 120 135 0 357 1 vmsppl 368 7226 0 7174 6 0 6 6 0 8 0 rwobjpl 24 118563 0 110499 51 2 49 49 0 8 0 pdppl 4096 14460 0 14375 391 300 91 93 0 8 6 pvpl 32 2254341 0 2234137 558 368 190 342 0 265 0 pmappl 216 7226 0 7174 5 1 4 4 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1962 0 1080 29 2 27 28 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ktrops(ffff80002a6aad50,deadbeefdeadbeef,0,80000214,fffffd806b2c4da8,fffffd807f7d7958) at ktrops+0x4e ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a6aad50,deadbeefdeadbeef,0,80000214,fffffd806b2c4da8,fffffd807f7d7958) at ktrops+0x4e sys/kern/kern_ktrace.c:561 doktrace(fffffd806b2c4da8,4,214,0,ffff80002a6aad50) at doktrace+0x524 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806b2c4da8,4,214,0,ffff80002a6aad50) at doktrace+0x524 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a6aad50,ffff800035d91130,ffff800035d91170) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff800035d91230) at syscall+0x5ef sys/arch/amd64/amd64/trap.c:591 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x456b9f0ab0, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ktrops(ffff80002a6aad50,deadbeefdeadbeef,0,80000214,fffffd806b2c4da8,fffffd807f7d7958) at ktrops+0x4e ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a6aad50,deadbeefdeadbeef,0,80000214,fffffd806b2c4da8,fffffd807f7d7958) at ktrops+0x4e sys/kern/kern_ktrace.c:561 doktrace(fffffd806b2c4da8,4,214,0,ffff80002a6aad50) at doktrace+0x524 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806b2c4da8,4,214,0,ffff80002a6aad50) at doktrace+0x524 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a6aad50,ffff800035d91130,ffff800035d91170) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff800035d91230) at syscall+0x5ef sys/arch/amd64/amd64/trap.c:591 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x456b9f0ab0, count: -5