login: kernel: protection fault trap, code=0 Stopped at in_pcbhash_lookup+0xc0: movl 0xc0(%r14),%r12d ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace in_pcbhash_lookup(ffffffff839cdd98,6e7114d82c921aeb,0,ffffffff83701c78,0,ffffffff83701c78,c95bdfee0a44e053) at in_pcbhash_lookup+0xc0 sys/netinet/in_pcb.c:1115 in_pcblookup_listen(ffffffff839cdd98,100007f,1600,fffffd8069d66800,0) at in_pcblookup_listen+0x294 sys/netinet/in_pcb.c:-1 tcp_input_solocked(ffff80002a74b200,ffff80002a74b20c,0,2,ffff80002a74b1f8) at tcp_input_solocked+0xa97 sys/netinet/tcp_input.c:-1 tcp_input_mlist(ffffffff839cae60,2) at tcp_input_mlist+0x93 sys/netinet/tcp_input.c:-1 if_input_process(ffff800000b11800,ffff80002a74b2d8,0) at if_input_process+0x229 sys/net/if.c:1015 ifiq_process(ffff800000b11c18) at ifiq_process+0xcd sys/net/ifq.c:874 taskq_thread(ffff80000002c000) at taskq_thread+0xd4 sys/kern/kern_task.c:446 end trace frame: 0x0, count: -7 ddb> show registers rdi 0xdeafbead rsi 0 rbp 0xffff80002a74af40 rbx 0 rdx 0 rcx 0x1600 __ALIGN_SIZE+0x600 rax 0xffff80002a72c520 r8 0 r9 0xffffffff83701c78 zeroin_addr r10 0xadf774549ae7561e r11 0x568d1adaa97d188e r12 0 r13 0xdeafbead r14 0xdeafbeaddeafbead r15 0x1600 __ALIGN_SIZE+0x600 rip 0xffffffff82c47ee0 in_pcbhash_lookup+0xc0 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a74aec0 ss 0x10 in_pcbhash_lookup+0xc0: movl 0xc0(%r14),%r12d ddb> show proc PROC (softnet0) tid=311657 pid=81979 tcnt=1 stat=onproc flags process=14000 proc=200 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a72c7b0,0xffff80002a72c2a0 process=0xffff8000ffffdfb8 user=0xffff80002a746000, vmspace=0xffffffff838e16a0 estcpu=0, cpticks=2, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 21971 36436 18786 0 2 0 syz-executor 21971 249178 18786 0 3 0x4000080 netcon syz-executor 56333 382095 2421 0 2 0 syz-executor 56333 426719 2421 0 3 0x4000080 fsleep syz-executor 56333 93217 2421 0 3 0x4000080 fsleep syz-executor 39981 460451 53533 0 3 0x80 nanoslp syz-executor 39981 130173 53533 0 3 0x4000080 fsleep syz-executor 35862 412079 72520 0 2 0 syz-executor 35862 464259 72520 0 3 0x4000080 fsleep syz-executor 41377 227790 42865 0 3 0x80 nanoslp syz-executor 41377 435349 42865 0 3 0x4000080 kqpoll syz-executor 41377 109028 42865 0 3 0x4000080 fsleep syz-executor 41377 524186 42865 0 3 0x4000080 fsleep syz-executor 67585 206444 72820 0 3 0x80 nanoslp syz-executor 67585 254520 72820 0 3 0x4000080 kqpoll syz-executor 29362 482402 0 0 3 0x14200 acct acct 72820 50829 38766 0 3 0x82 nanoslp syz-executor 47156 230648 1 0 3 0x100083 ttyin getty 90119 198508 0 0 3 0x14200 bored sosplice 18786 460513 38766 0 3 0x82 nanoslp syz-executor 2421 392147 38766 0 3 0x82 nanoslp syz-executor 53533 367822 38766 0 3 0x82 nanoslp syz-executor 42865 468535 38766 0 3 0x82 nanoslp syz-executor 3299 437131 38766 0 3 0x82 nanoslp syz-executor 72520 171658 38766 0 3 0x82 nanoslp syz-executor 34228 426596 38766 0 3 0x82 nanoslp syz-executor 38766 433723 79359 0 3 0x82 kqread syz-executor 79359 80853 5928 0 3 0x10008a sigsusp ksh 5928 220506 78934 0 3 0x98 kqread sshd-session 78934 260142 78648 0 3 0x92 kqread sshd-session 78648 415196 1 0 3 0x88 kqread sshd 12542 478209 18625 73 3 0x1100090 kqread syslogd 18625 154958 1 0 3 0x100082 sbwait syslogd 2548 516670 1 0 3 0x100080 kqread resolvd 40090 141395 11914 77 3 0x100092 kqread dhcpleased 74168 331855 11914 77 3 0x100092 kqread dhcpleased 11914 20748 1 0 3 0x80 kqread dhcpleased 63200 174466 0 0 3 0x14200 bored smr 82215 184506 0 0 2 0x14200 zerothread 12646 82090 0 0 3 0x14200 aiodoned aiodoned 41451 318455 0 0 3 0x14200 syncer update 62384 365655 0 0 3 0x14200 cleaner cleaner 35775 207862 0 0 3 0x14200 reaper reaper 53383 328038 0 0 3 0x14200 pgdaemon pagedaemon 55175 86772 0 0 3 0x14200 bored viomb 59539 499821 0 0 3 0x40014200 acpi0 acpi0 71739 18779 0 0 3 0x14200 bored softnet3 2002 128427 0 0 3 0x14200 bored softnet2 67297 304516 0 0 3 0x14200 bored softnet1 *81979 311657 0 0 7 0x14200 softnet0 83091 363893 0 0 3 0x14200 bored systqmp 51367 278698 0 0 3 0x14200 bored systq 67025 263050 0 0 3 0x40014200 tmoslp softclock 54721 342213 0 0 3 0x40014200 idle0 1 25523 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10200 11279K 11735K 166960K 13240 0 pcb 20 14K 18K 166960K 233 0 rtable 252 11K 11K 166960K 518 0 pf 30 12K 20K 166960K 94 0 ifaddr 45 8K 8K 166960K 85 0 ifgroup 50 2K 2K 166960K 129 0 sysctl 4 1K 9K 166960K 12 0 counters 32 17K 18K 166960K 102 0 ioctlops 0 0K 4K 166960K 173 0 iov 0 0K 24K 166960K 50 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1564 98K 98K 166960K 2343 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 16 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 43 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 236K 166960K 824 0 sigio 0 0K 0K 166960K 10 0 proc 68 75K 124K 166960K 566 0 subproc 72 4K 4K 166960K 83 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 227 0 in_multi 96 7K 7K 166960K 138 0 ether_multi 1 0K 0K 166960K 3 0 mrt 1 0K 0K 166960K 10 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 79 360K 360K 166960K 79 0 exec 0 0K 1K 166960K 437 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 245 136K 149K 166960K 8687 0 UVM aobj 28 2K 2K 166960K 30 0 pinsyscall 39 78K 96K 166960K 1870 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 63 0 NDP 11 0K 2K 166960K 54 0 temp 60 8684K 8748K 166960K 41580 0 kqueue 13 20K 39K 166960K 135 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 94 0 91 1 0 1 1 0 8 0 rtentry 136 157 0 48 4 0 4 4 0 8 0 unpcb 144 490 0 472 4 0 4 4 0 8 3 syncache 336 6 0 6 1 0 1 1 0 8 1 tcpqe 32 1 0 1 1 0 1 1 0 8 1 tcpcb 736 273 0 267 7 0 7 7 0 8 6 arp 88 25 0 3 1 0 1 1 0 8 0 inpcb 328 926 0 910 7 0 7 7 0 8 5 ip6q 72 35 0 33 1 0 1 1 0 8 0 ip6af 40 69 0 67 1 0 1 1 0 8 0 nd6 104 32 0 7 1 0 1 1 0 8 0 pkpcb 40 71 0 70 1 0 1 1 0 8 0 kcovpl 48 9 0 1 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 0 1 1 0 8 1 ppxss 1072 59 0 59 1 0 1 1 0 8 1 pppxif 1384 3 0 3 1 0 1 1 0 8 1 pfanchor 1288 2 0 0 1 0 1 1 0 8 0 pftag 88 2 0 0 1 0 1 1 0 8 0 pfrule 1344 3 0 2 1 0 1 1 0 8 0 rttmr 136 3 0 3 1 0 1 1 0 8 1 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 691 0 278 29 0 29 29 0 8 3 art_table 32 694 0 278 4 0 4 4 0 8 0 art_node 16 153 0 59 1 0 1 1 0 8 0 sysvmsgpl 40 72 0 70 1 0 1 1 0 8 0 semupl 112 2 0 2 1 0 1 1 0 8 1 semapl 112 39 0 29 1 0 1 1 0 8 0 shmpl 112 27 0 2 1 0 1 1 0 8 0 dirhash 1024 25 0 8 3 0 3 3 0 8 0 dino2pl 256 2888 0 1389 95 0 95 95 0 8 0 ffsino 248 2888 0 1389 95 0 95 95 0 8 0 nchpl 144 3989 0 2300 63 0 63 63 0 8 0 rtmask 32 7 0 7 1 0 1 1 0 8 1 uvmvnodes 80 3593 0 0 74 0 74 74 0 8 0 vnodes 216 3593 0 0 200 0 200 200 0 8 0 namei 1024 13907 0 13907 2 0 2 2 0 8 2 kstatmem 264 70 0 48 2 0 2 2 0 8 0 scxspl 216 12023 0 12023 8 0 8 8 1 8 8 plimitpl 152 177 0 161 1 0 1 1 0 8 0 sigapl 424 1082 0 1034 7 0 7 7 0 8 1 knotepl 120 321501 0 321454 23 13 10 17 0 8 7 kqueuepl 184 329 0 317 4 0 4 4 0 8 2 pipepl 296 159 0 132 3 0 3 3 0 8 0 fdescpl 440 1063 0 1033 5 0 5 5 0 8 1 filepl 120 7033 0 6811 12 0 12 12 0 8 3 lockfpl 104 359 0 357 2 0 2 2 0 8 1 lockfspl 48 168 0 166 1 0 1 1 0 8 0 sessionpl 144 25 0 17 1 0 1 1 0 8 0 pgrppl 48 45 0 29 1 0 1 1 0 8 0 ucredpl 104 1128 0 1116 1 0 1 1 0 8 0 zombiepl 144 1036 0 1034 1 0 1 1 0 8 0 processpl 1160 1082 0 1034 4 0 4 4 0 8 0 procpl 656 2081 0 2024 6 0 6 6 0 8 0 sosppl 168 2 0 2 1 0 1 1 0 8 1 sockpl 528 1632 0 1593 8 0 8 8 0 8 5 mcl64k 65536 8 0 7 1 0 1 1 0 8 0 mcl12k 12288 1 0 1 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 75 0 75 1 0 1 1 0 8 1 mcl4k 4096 3317 0 3263 14 0 14 14 0 8 6 mcl2k 2048 1009 0 1006 3 0 3 3 0 8 2 mtagpl 96 109 0 11 3 0 3 3 0 8 0 mbufpl 256 14009 0 13737 83 57 26 74 0 8 7 bufpl 280 4593 0 119 320 0 320 320 0 8 0 anonpl 24 162280 0 152748 66 0 66 66 0 187 2 amapchunkpl 152 27190 0 26595 29 0 29 29 0 158 6 amappl16 200 3426 0 3087 31 10 21 21 0 8 3 amappl15 192 2 0 2 1 0 1 1 0 8 1 amappl14 184 108 0 98 1 0 1 1 0 8 0 amappl13 176 4 0 4 1 0 1 1 0 8 1 amappl12 168 1701 0 1671 3 0 3 3 0 8 1 amappl11 160 45 0 35 1 0 1 1 0 8 0 amappl10 152 4 0 4 1 0 1 1 0 8 1 amappl9 144 250 0 250 1 0 1 1 0 8 1 amappl8 136 25 0 22 1 0 1 1 0 8 0 amappl7 128 104 0 93 1 0 1 1 0 8 0 amappl6 120 192 0 189 1 0 1 1 0 8 0 amappl5 112 134 0 127 1 0 1 1 0 8 0 amappl4 104 294 0 278 1 0 1 1 0 8 0 amappl3 96 5533 0 5419 4 0 4 4 0 8 1 amappl2 88 644 0 589 2 0 2 2 0 8 0 amappl1 80 11180 0 10632 14 0 14 14 0 8 1 amappl 88 7880 0 7698 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 7 0 7 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 29 0 2 1 0 1 1 0 8 0 uaddrrnd 24 1063 0 1033 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1063 0 1033 1 0 1 1 0 8 0 vmmpekpl 168 9487 0 9447 3 0 3 3 0 8 0 vmmpepl 168 71806 0 69579 98 0 98 98 0 357 1 vmsppl 360 1062 0 1033 4 0 4 4 0 8 1 rwobjpl 32 24133 0 19343 39 0 39 39 0 8 0 pdppl 4096 2132 0 2066 104 38 66 82 0 8 0 pvpl 32 447929 0 432909 133 0 133 133 0 265 4 pmappl 216 1062 0 1033 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 350 0 95 9 0 9 9 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace in_pcbhash_lookup(ffffffff839cdd98,6e7114d82c921aeb,0,ffffffff83701c78,0,ffffffff83701c78,c95bdfee0a44e053) at in_pcbhash_lookup+0xc0 sys/netinet/in_pcb.c:1115 in_pcblookup_listen(ffffffff839cdd98,100007f,1600,fffffd8069d66800,0) at in_pcblookup_listen+0x294 sys/netinet/in_pcb.c:-1 tcp_input_solocked(ffff80002a74b200,ffff80002a74b20c,0,2,ffff80002a74b1f8) at tcp_input_solocked+0xa97 sys/netinet/tcp_input.c:-1 tcp_input_mlist(ffffffff839cae60,2) at tcp_input_mlist+0x93 sys/netinet/tcp_input.c:-1 if_input_process(ffff800000b11800,ffff80002a74b2d8,0) at if_input_process+0x229 sys/net/if.c:1015 ifiq_process(ffff800000b11c18) at ifiq_process+0xcd sys/net/ifq.c:874 taskq_thread(ffff80000002c000) at taskq_thread+0xd4 sys/kern/kern_task.c:446 end trace frame: 0x0, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace in_pcbhash_lookup(ffffffff839cdd98,6e7114d82c921aeb,0,ffffffff83701c78,0,ffffffff83701c78,c95bdfee0a44e053) at in_pcbhash_lookup+0xc0 sys/netinet/in_pcb.c:1115 in_pcblookup_listen(ffffffff839cdd98,100007f,1600,fffffd8069d66800,0) at in_pcblookup_listen+0x294 sys/netinet/in_pcb.c:-1 tcp_input_solocked(ffff80002a74b200,ffff80002a74b20c,0,2,ffff80002a74b1f8) at tcp_input_solocked+0xa97 sys/netinet/tcp_input.c:-1 tcp_input_mlist(ffffffff839cae60,2) at tcp_input_mlist+0x93 sys/netinet/tcp_input.c:-1 if_input_process(ffff800000b11800,ffff80002a74b2d8,0) at if_input_process+0x229 sys/net/if.c:1015 ifiq_process(ffff800000b11c18) at ifiq_process+0xcd sys/net/ifq.c:874 taskq_thread(ffff80000002c000) at taskq_thread+0xd4 sys/kern/kern_task.c:446 end trace frame: 0x0, count: -7