kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800034a010d0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800034a010d0,1,ffff800030fab800) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e39e360,c0205602,ffff800034a010d0,1,fffffd807f7d78f0,ffff800030fab800) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd80662805a8,c0205602,ffff800034a010d0,ffff800030fab800) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff800030fab800,ffff800034a011e0,ffff800034a01230) at sys_ioctl+0x49e syscall(ffff800034a012a0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x72c62039c80, count: -8 ddb> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff800037831630 rbp 0xffff800034a00e20 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffffffffffc r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0x8ac159a12edb3ae5 r11 0x1ba1ad2b3ddfe63a r12 0xffff8000378313a8 r13 0xffff800034a00d56 r14 0xffff800037831000 r15 0x246 rip 0xffffffff8186c12b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff800034a00c86 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb> show proc PROC (syz-executor.5) tid=450700 pid=41644 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=85, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff800030faad60,0xffff800030fabab8 process=0xffff80002a68cbe0 user=0xffff8000349fc000, vmspace=0xfffffd805c0bdcf8 estcpu=35, cpticks=1, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 48857 471364 33413 60928 2 0x10 syz-executor.4 48857 296003 33413 60928 3 0x4000090 fsleep syz-executor.4 63530 332039 42419 0 2 0 syz-executor.1 63530 329462 42419 0 3 0x4000080 fsleep syz-executor.1 63530 153949 42419 0 3 0x4000080 fsleep syz-executor.1 71296 390477 19464 0 2 0x10 syz-executor.7 71296 256210 19464 0 3 0x4000090 fsleep syz-executor.7 41644 438553 83700 0 2 0 syz-executor.5 *41644 450700 83700 0 7 0x4000000 syz-executor.5 68442 1253 34865 0 2 0 syz-executor.6 68442 202536 34865 0 3 0x4000080 fsleep syz-executor.6 13613 309343 67983 0 3 0x82 nanoslp syz-executor.0 33413 389356 67983 0 3 0x82 nanoslp syz-executor.4 34865 292132 67983 0 3 0x82 nanoslp syz-executor.6 42999 331021 67983 0 3 0x82 nanoslp syz-executor.3 42419 498638 67983 0 3 0x82 nanoslp syz-executor.1 19464 224363 67983 0 3 0x82 nanoslp syz-executor.7 63063 105465 67983 0 3 0x82 nanoslp syz-executor.2 83700 5962 67983 0 3 0x82 nanoslp syz-executor.5 97111 70015 0 0 3 0x14280 nfsidl nfsio 96357 37332 0 0 3 0x14280 nfsidl nfsio 11562 497445 0 0 3 0x14280 nfsidl nfsio 99795 469346 0 0 3 0x14280 nfsidl nfsio 15514 273574 0 0 3 0x14280 nfsidl nfsio 72115 159291 0 0 3 0x14280 nfsidl nfsio 13510 211908 0 0 3 0x14280 nfsidl nfsio 33228 82847 0 0 3 0x14280 nfsidl nfsio 792 159218 0 0 3 0x14280 nfsidl nfsio 24155 377219 0 0 3 0x14280 nfsidl nfsio 1171 346417 0 0 3 0x14280 nfsidl nfsio 77624 455260 0 0 3 0x14280 nfsidl nfsio 35903 56025 0 0 3 0x14280 nfsidl nfsio 35731 392661 0 0 3 0x14280 nfsidl nfsio 84688 2225 0 0 3 0x14280 nfsidl nfsio 62228 477509 0 0 3 0x14280 nfsidl nfsio 23616 353484 0 0 3 0x14280 nfsidl nfsio 45040 8066 0 0 3 0x14280 nfsidl nfsio 22973 435493 0 0 3 0x14280 nfsidl nfsio 40824 169163 0 0 3 0x14280 nfsidl nfsio 48991 245719 0 0 3 0x14200 acct acct 84105 280720 1 0 3 0x100083 ttyin getty 52644 218820 0 0 3 0x14200 bored sosplice 67983 6408 92988 0 3 0x2000082 wait syz-fuzzer 67983 411612 92988 0 3 0x6000082 thrsleep syz-fuzzer 67983 243074 92988 0 3 0x6000082 thrsleep syz-fuzzer 67983 195017 92988 0 3 0x6000082 thrsleep syz-fuzzer 67983 473091 92988 0 3 0x6000082 kqread syz-fuzzer 67983 144269 92988 0 3 0x6000082 wait syz-fuzzer 67983 110672 92988 0 3 0x6000082 wait syz-fuzzer 67983 59273 92988 0 3 0x6000082 wait syz-fuzzer 67983 488317 92988 0 3 0x6000082 wait syz-fuzzer 67983 268952 92988 0 3 0x6000082 thrsleep syz-fuzzer 67983 402778 92988 0 3 0x6000082 wait syz-fuzzer 67983 281399 92988 0 3 0x6000082 wait syz-fuzzer 67983 311097 92988 0 3 0x6000082 thrsleep syz-fuzzer 67983 312358 92988 0 3 0x6000082 wait syz-fuzzer 92988 370751 89650 0 3 0x10008a sigsusp ksh 89650 131476 52891 0 3 0x9a kqread sshd 52891 139862 1 0 3 0x88 kqread sshd 5173 257653 97299 73 3 0x1100090 kqread syslogd 97299 113210 1 0 3 0x100082 netio syslogd 75849 152475 1 0 3 0x100080 kqread resolvd 40142 60547 49246 77 3 0x100092 kqread dhcpleased 92340 167278 49246 77 3 0x100092 kqread dhcpleased 49246 24399 1 0 3 0x80 kqread dhcpleased 53137 439636 0 0 3 0x14200 bored smr 55803 27952 0 0 2 0x14200 zerothread 90801 477802 0 0 3 0x14200 aiodoned aiodoned 15958 367360 0 0 3 0x14200 syncer update 77058 406860 0 0 3 0x14200 cleaner cleaner 52676 317717 0 0 3 0x14200 reaper reaper 33280 121072 0 0 3 0x14200 pgdaemon pagedaemon 96260 215097 0 0 3 0x14200 bored viomb 73196 333416 0 0 3 0x40014200 acpi0 acpi0 6705 348 0 0 3 0x14200 bored softnet3 3266 194296 0 0 3 0x14200 bored softnet2 63208 481594 0 0 3 0x14200 bored softnet1 92417 367137 0 0 3 0x14200 bored softnet0 21025 52820 0 0 3 0x14200 bored systqmp 35840 77548 0 0 3 0x14200 bored systq 91592 40973 0 0 3 0x40014200 tmoslp softclock 99842 368387 0 0 3 0x40014200 idle0 1 64548 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10231 6612K 7484K 166960K 17995 0 pcb 13 20K 22K 166960K 398 0 rtable 205 14K 16K 166960K 4903 0 pf 34 9K 10K 166960K 211 0 ifaddr 40 11K 12K 166960K 199 0 ifgroup 59 2K 2K 166960K 348 0 sysctl 2 0K 0K 166960K 2 0 counters 32 17K 18K 166960K 114 0 ioctlops 0 0K 2K 166960K 335 0 iov 0 0K 18K 166960K 505 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1449 91K 91K 166960K 4267 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 50 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 1798 0 dirhash 12 2K 2K 166960K 42 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 69K 166960K 4888 0 sigio 0 0K 0K 166960K 109 0 proc 58 59K 83K 166960K 1288 0 subproc 104 6K 7K 166960K 364 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 163 0 in_multi 83 6K 7K 166960K 367 0 ether_multi 1 0K 0K 166960K 1 0 mrt 1 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 229 1023K 1023K 166960K 229 0 exec 0 0K 1K 166960K 1195 0 pfkey data 0 0K 0K 166960K 36 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 419 437K 438K 166960K 46939 0 UVM aobj 131 7K 7K 166960K 140 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 99 0 NDP 13 0K 1K 166960K 155 0 temp 74 5920K 6048K 166960K 55444 0 kqueue 12 18K 26K 166960K 386 0 SYN cache 2 1236K 1244K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 4256 0 4252 24 22 2 5 0 8 1 rtentry 112 382 0 291 5 1 4 4 0 8 0 unpcb 144 3042 0 3029 36 35 1 6 0 8 0 syncache 312 68 0 68 12 12 0 1 0 8 0 sackhl 24 1 0 1 1 1 0 1 0 8 0 tcpqe 32 336 0 336 8 8 0 1 0 8 0 tcpcb 808 1617 0 1587 49 42 7 13 0 8 1 arp 88 68 0 55 1 0 1 1 0 8 0 ipq 40 1 0 1 1 1 0 1 0 8 0 ipqe 40 3 0 3 1 1 0 1 0 8 0 inpcb 336 4042 0 4009 67 55 12 19 0 8 6 nd6 104 93 0 74 1 0 1 1 0 8 0 pkpcb 40 77 0 77 4 3 1 1 0 8 1 kcovpl 48 28 0 20 1 0 1 1 0 8 0 ppxss 1160 26 0 26 5 4 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1586 0 1178 44 15 29 30 0 8 1 art_table 32 1587 0 1178 4 0 4 4 0 8 0 art_node 16 381 0 298 1 0 1 1 0 8 0 sysvmsgpl 40 40 0 19 1 0 1 1 0 8 0 semapl 112 1796 0 1786 1 0 1 1 0 8 0 shmpl 112 137 0 9 4 0 4 4 0 8 0 dirhash 1024 37 0 20 3 0 3 3 0 8 0 dino2pl 256 8124 0 6668 92 0 92 92 0 8 0 ffsino 240 8124 0 6668 86 0 86 86 0 8 0 nchpl 144 15018 0 14504 63 41 22 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 53014 0 53014 11 10 1 2 0 8 1 vcpupl 2048 108 0 0 14 0 14 14 0 8 0 vmpool 664 123 0 15 11 1 10 10 0 8 1 kstatmem 264 190 0 164 3 1 2 3 0 8 0 scxspl 216 49670 0 49670 15 14 1 8 1 8 1 plimitpl 152 453 0 438 1 0 1 1 0 8 0 sigapl 424 5164 0 5097 9 1 8 8 0 8 0 futexpl 64 48313 0 48308 4 3 1 1 0 8 0 knotepl 120 49533 0 49452 26 22 4 11 0 8 0 kqueuepl 184 980 0 972 15 14 1 4 0 8 0 pipepl 288 1125 0 1097 26 23 3 8 0 8 0 fdescpl 432 5126 0 5100 6 2 4 4 0 8 0 filepl 120 35782 0 35540 58 47 11 17 0 8 1 lockfpl 104 1553 0 1550 4 3 1 2 0 8 0 lockfspl 48 682 0 679 1 0 1 1 0 8 0 sessionpl 144 46 0 30 1 0 1 1 0 8 0 pgrppl 48 200 0 184 1 0 1 1 0 8 0 ucredpl 104 4647 0 4633 1 0 1 1 0 8 0 zombiepl 144 5100 0 5097 2 1 1 1 0 8 0 processpl 1008 5164 0 5097 10 1 9 9 0 8 0 procpl 680 12405 0 12319 19 11 8 9 0 8 0 sosppl 168 53 0 50 3 2 1 1 0 8 0 sockpl 456 11423 0 11373 201 184 17 31 0 8 8 mcl64k 65536 212 0 212 11 10 1 1 0 8 1 mcl16k 16384 102 0 102 10 9 1 1 0 8 1 mcl12k 12288 217 0 217 13 12 1 1 0 8 1 mcl9k 9216 118 0 118 14 13 1 1 0 8 1 mcl8k 8192 392 0 392 11 10 1 1 0 8 1 mcl4k 4096 756 0 756 8 7 1 2 0 8 1 mcl2k2 2112 32 0 32 15 14 1 1 0 8 1 mcl2k 2048 78178 0 78125 48 40 8 28 0 8 1 mtagpl 96 648 0 618 11 10 1 7 0 8 0 mbufpl 256 182223 0 181994 343 323 20 123 0 8 0 bufpl 288 13580 0 7183 458 0 458 458 0 8 0 anonpl 24 664398 0 650100 216 117 99 159 0 188 0 amapchunkpl 152 151193 0 150322 100 62 38 65 0 158 1 amappl16 200 13327 0 12841 71 44 27 39 0 8 0 amappl15 192 5 0 5 1 1 0 1 0 8 0 amappl14 184 224 0 211 2 1 1 2 0 8 0 amappl13 176 12 0 12 1 1 0 1 0 8 0 amappl12 168 6065 0 6036 2 0 2 2 0 8 0 amappl11 160 51 0 41 1 0 1 1 0 8 0 amappl10 152 61 0 51 1 0 1 1 0 8 0 amappl9 144 150 0 149 2 1 1 1 0 8 0 amappl8 136 328 0 249 3 0 3 3 0 8 0 amappl7 128 243 0 218 2 0 2 2 0 8 0 amappl6 120 583 0 571 1 0 1 1 0 8 0 amappl5 112 238 0 229 1 0 1 1 0 8 0 amappl4 104 573 0 548 2 1 1 2 0 8 0 amappl3 96 29516 0 29420 4 1 3 4 0 8 0 amappl2 88 5851 0 5776 3 0 3 3 0 8 0 amappl1 80 27888 0 27386 22 11 11 22 0 8 0 amappl 88 46126 0 45877 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 139 0 9 3 0 3 3 0 8 0 uaddrrnd 24 5249 0 5115 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5249 0 5115 1 0 1 1 0 8 0 vmmpekpl 168 39987 0 39917 4 0 4 4 0 8 0 vmmpepl 168 331113 0 328684 244 123 121 130 0 357 0 vmsppl 368 5248 0 5115 16 3 13 13 0 8 0 rwobjpl 24 86542 0 78939 48 0 48 48 0 8 0 pdppl 4096 10504 0 10338 414 242 172 174 0 8 6 pvpl 32 1718385 0 1698697 416 238 178 333 0 265 0 pmappl 216 5248 0 5115 8 0 8 8 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1746 0 814 29 0 29 29 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800034a010d0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800034a010d0,1,ffff800030fab800) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e39e360,c0205602,ffff800034a010d0,1,fffffd807f7d78f0,ffff800030fab800) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd80662805a8,c0205602,ffff800034a010d0,ffff800030fab800) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff800030fab800,ffff800034a011e0,ffff800034a01230) at sys_ioctl+0x49e syscall(ffff800034a012a0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x72c62039c80, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800034a010d0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800034a010d0,1,ffff800030fab800) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e39e360,c0205602,ffff800034a010d0,1,fffffd807f7d78f0,ffff800030fab800) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd80662805a8,c0205602,ffff800034a010d0,ffff800030fab800) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff800030fab800,ffff800034a011e0,ffff800034a01230) at sys_ioctl+0x49e syscall(ffff800034a012a0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x72c62039c80, count: -8