Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x0 fault code = supervisor read data, page not present instruction pointer = 0x20:0xffffffff8159d501 stack pointer = 0x28:0xfffffe0056c36ac0 frame pointer = 0x28:0xfffffe0056c36c00 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = resume, IOPL = 0 current process = 1200 (syz-executor) rdi: 0000000000000000 rsi: 0000000000000000 rdx: 0000000000000000 rcx: fffffe0002bf1850 r8: 0000000000000000 r9: 0000000000000001 rax: fffffe0000000000 rbx: fffffe00540cef30 rbp: fffffe0056c36c00 r10: 4d7c484b8bacd961 r11: 0000000000000017 r12: 0000000000000000 r13: 0000004a4f948ce3 r14: fffffe00540cef28 r15: 0000000000000000 trap number = 12 panic: page fault cpuid = 0 time = 17 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0056c362f0 kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0056c36450 vpanic() at vpanic+0x257/frame 0xfffffe0056c36610 panic() at panic+0xb5/frame 0xfffffe0056c366d0 trap_pfault() at trap_pfault+0xaf2/frame 0xfffffe0056c36810 trap() at trap+0x78e/frame 0xfffffe0056c369f0 calltrap() at calltrap+0x8/frame 0xfffffe0056c369f0 --- trap 0xc, rip = 0xffffffff8159d501, rsp = 0xfffffe0056c36ac0, rbp = 0xfffffe0056c36c00 --- callout_process() at callout_process+0x441/frame 0xfffffe0056c36c00 handleevents() at handleevents+0x3ee/frame 0xfffffe0056c36c70 timercb() at timercb+0x3cb/frame 0xfffffe0056c36d40 lapic_handle_timer() at lapic_handle_timer+0x17f/frame 0xfffffe0056c36d80 Xtimerint() at Xtimerint+0xb1/frame 0xfffffe0056c36d80 --- interrupt, rip = 0xffffffff8211fd81, rsp = 0xfffffe0056c36e50, rbp = 0xfffffe0056c36e70 --- spinlock_exit() at spinlock_exit+0xd1/frame 0xfffffe0056c36e70 ast_scheduler() at ast_scheduler+0x88/frame 0xfffffe0056c36ea0 ast_handler() at ast_handler+0x2b0/frame 0xfffffe0056c36f10 ast() at ast+0x25/frame 0xfffffe0056c36f30 doreti_ast() at doreti_ast+0x1c/frame 0x820b6b1e0 KDB: enter: panic [ thread pid 1200 tid 100097 ] Stopped at kdb_enter+0x6e: movq $0,0x259f6b7(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b es 0x3b fs 0x13 gs 0x1b ss 0x28 rax 0x12 rcx 0xfffffe0002bf1850 rdx 0 rbx 0xffffffff8280bda0 .str.27 rsp 0xfffffe0056c36430 rbp 0xfffffe0056c36450 rsi 0 rdi 0xffffffff816450f9 printf+0x149 r8 0 r9 0xffffffff r10 0 r11 0x17 r12 0xfffffe00540b9000 r13 0xfffffffffffffffe r14 0xffffffff8280bda0 .str.27 r15 0 rip 0xffffffff8162e4de kdb_enter+0x6e rflags 0x46 kdb_enter+0x6e: movq $0,0x259f6b7(%rip) db> show proc Process 1200 (syz-executor) at 0xfffffe005400b008: state: NORMAL uid: 0 gid: 0 supp gids: 0, 5 parent: pid 763 at 0xfffffe00540eeab0 ABI: FreeBSD ELF64 flag: 0x10000080 flag2: 0 arguments: ./syz-executor exec reaper: 0xfffffe0007809010 reapsubtree: 1 sigparent: 20 vmspace: 0xfffffe00078116d8 (map 0xfffffe00078116d8) (map.pmap 0xfffffe0007811778) (pmap 0xfffffe00078117e8) threads: 2 100097 Run CPU 0 syz-executor 100697 S uwait 0xfffffe0078685280 syz-executor db> ps pid ppid pgrp uid state wmesg wchan cmd 1200 763 1200 0 Rs (threaded) syz-executor 100097 Run CPU 0 syz-executor 100697 S uwait 0xfffffe0078685280 syz-executor 1199 764 764 0 R (threaded) syz-executor 100337 RunQ syz-executor 100695 S select 0xfffffe00788693c0 syz-executor 100696 S select 0xfffffe00788688c0 syz-executor 100698 RunQ syz-executor 1198 1 764 0 S uwait 0xfffffe0078298880 syz-executor 1196 766 766 0 R (threaded) syz-executor 100090 RunQ syz-executor 100688 S uwait 0xfffffe0078299c80 syz-executor 100691 D biowr 0xfffffe0007c028c8 syz-executor 100693 S uwait 0xfffffe007829a500 syz-executor 1195 765 765 0 S (threaded) syz-executor 100092 S nanslp 0xffffffff83baec41 syz-executor 100690 S uwait 0xfffffe0078298580 syz-executor 100692 S uwait 0xfffffe0078298a00 syz-executor 100694 S aiowc 0xfffffe005400c8f0 syz-executor 1186 1 765 0 S uwait 0xfffffe006dfcfb00 syz-executor 1183 1 765 0 S uwait 0xfffffe00582d1900 syz-executor 1175 1 763 0 SV uwait 0xfffffe006dfd0180 syz-executor 1168 1 765 0 S uwait 0xfffffe00582d1180 syz-executor 1160 1 764 0 S uwait 0xfffffe0078299800 syz-executor 1159 1 766 0 S uwait 0xfffffe0057dc8e00 syz-executor 1155 1 766 0 S uwait 0xfffffe00582d0b00 syz-executor 1142 1 763 0 S uwait 0xfffffe0057dc8b00 syz-executor 1140 1 765 0 S uwait 0xfffffe00582d0e00 syz-executor 1136 1 763 0 S uwait 0xfffffe0057dc8a00 syz-executor 1125 1 763 0 S uwait 0xfffffe006dfd1580 syz-executor 1123 1 763 0 S uwait 0xfffffe0058519400 syz-executor 1116 0 0 0 DL mdwait 0xfffffe0053e38000 [md0] 1112 1 1109 0 S uwait 0xfffffe00582d0780 syz-executor 1106 1 1106 0 Ss+ ttyin 0xfffffe00582b80b0 getty 1105 1 1105 0 Ss+ ttyin 0xfffffe00594ac0b0 getty 1104 1 1104 0 Ss+ ttyin 0xfffffe00594ac8b0 getty 1103 1 1103 0 Ss+ ttyin 0xfffffe00594ad0b0 getty 1102 1 1102 0 Ss+ ttyin 0xfffffe00594ad8b0 getty 1101 1 1101 0 Ss+ ttyin 0xfffffe0053f660b0 getty 1100 1 1100 0 Ss+ ttyin 0xfffffe0053f668b0 getty 1099 1 1099 0 Ss+ ttyin 0xfffffe0053f680b0 getty 1098 1 1098 0 Ss+ ttyin 0xfffffe0053f688b0 getty 1077 0 0 0 DL (threaded) [so_splice] 100521 D - 0xfffffe0078298b00 [thr_0] 100522 D - 0xfffffe0078298b40 [thr_1] 1053 0 0 0 DL aiordy 0xfffffe0054136ab8 [aiod13] 1052 0 0 0 DL aiordy 0xfffffe0054135000 [aiod12] 1051 0 0 0 DL aiordy 0xfffffe0054135558 [aiod11] 1050 0 0 0 DL aiordy 0xfffffe0054135ab0 [aiod10] 1049 0 0 0 DL aiordy 0xfffffe0054106ab8 [aiod9] 1048 0 0 0 DL aiordy 0xfffffe0054105ab0 [aiod8] 1047 0 0 0 DL aiordy 0xfffffe005411eab8 [aiod7] 1046 0 0 0 DL aiordy 0xfffffe00540ef008 [aiod6] 1045 0 0 0 DL aiordy 0xfffffe00540f1018 [aiod5] 968 0 0 0 DL (threaded) [KTLS] 100095 D - 0xfffffe0058593e00 [thr_0] 100316 D - 0xfffffe0058593e80 [thr_1] 100317 D - 0xffffffff83cd0628 [reclaim_0] 923 0 0 0 DL - 0xffffffff83ccee00 [soaiod4] 922 0 0 0 DL - 0xffffffff83ccee00 [soaiod3] 921 0 0 0 DL - 0xffffffff83ccee00 [soaiod2] 920 0 0 0 DL - 0xffffffff83ccee00 [soaiod1] 881 0 0 0 DL mdwait 0xfffffe006e4a7000 [md512] 816 0 0 0 DL aiordy 0xfffffe00540f0010 [aiod4] 815 0 0 0 DL aiordy 0xfffffe00540f0568 [aiod3] 814 0 0 0 DL aiordy 0xfffffe000780a018 [aiod2] 813 0 0 0 DL aiordy 0xfffffe00540f0ac0 [aiod1] 766 762 766 0 S nanslp 0xffffffff83baec40 syz-executor 765 762 765 0 S nanslp 0xffffffff83baec41 syz-executor 764 762 764 0 S nanslp 0xffffffff83baec41 syz-executor 763 762 763 0 R nanslp 0xffffffff83baec41 syz-executor 762 760 760 0 S select 0xfffffe006dc21040 syz-executor 760 1 760 0 Ss sigsusp 0xfffffe00540ce608 csh 16 0 0 0 DL syncer 0xffffffff83cdc820 [syncer] 15 0 0 0 DL vlruwt 0xfffffe0054002558 [vnlru] 14 0 0 0 DL (threaded) [bufdaemon] 100079 D psleep 0xffffffff83cdad60 [bufdaemon] 100082 D - 0xffffffff83001ec0 [bufspacedaemon-0] 100093 D sdflush 0xfffffe005994cce8 [/ worker] 9 0 0 0 DL psleep 0xffffffff83d25cc0 [vmdaemon] 8 0 0 0 DL (threaded) [pagedaemon] 100077 D psleep 0xffffffff83d0bd88 [dom0] 100080 D launds 0xffffffff83d0bd94 [laundry: dom0] 100081 D umarcl 0xffffffff81e15b10 [uma] 7 0 0 0 DL - 0xffffffff839275f8 [rand_harvestq] 6 0 0 0 DL pftm 0xffffffff844a2f20 [pf purge] 5 0 0 0 DL waiting 0xffffffff8476a700 [sctp_iterator] 4 0 0 0 DL (threaded) [cam] 100045 D - 0xffffffff838f1340 [doneq0] 100046 D - 0xffffffff838f12c0 [async] 100075 D - 0xffffffff838f1140 [scanner] 3 0 0 0 DL (threaded) [crypto] 100042 D crypto_ 0xffffffff83d07660 [crypto] 100043 D crypto_ 0xfffffe0057d60030 [crypto returns 0] 100044 D crypto_ 0xfffffe0057d60080 [crypto returns 1] 13 0 0 0 DL (threaded) [geom] 100037 D - 0xffffffff83b57640 [g_event] 100038 D - 0xffffffff83b57660 [g_up] 100039 D - 0xffffffff83b57680 [g_down] 2 0 0 0 WL (threaded) [clock] 100031 I [clock (0)] 100032 I [clock (1)] 12 0 0 0 WL (threaded) [intr] 100013 I [swi6: task queue] 100014 I [swi6: Giant taskq] 100016 I [swi5: fast taskq] 100033 I [swi1: netisr 0] 100034 I [swi1: hpts] 100035 I [swi1: hpts] 100047 I [irq24: virtio_pci0] 100048 I [irq25: virtio_pci0] 100049 I [irq26: virtio_pci0] 100050 I [irq27: virtio_pci0] 100051 I [irq28: virtio_pci1] 100052 I [irq29: virtio_pci1] 100053 I [irq30: virtio_pci1] 100054 I [irq31: virtio_pci1] 100055 I [irq32: virtio_pci1] 100060 I [irq10: virtio_pci2] 100062 I [irq1: atkbd0] 100063 I [irq12: psm0] 100064 I [swi0: uart uart++] 100068 I [swi1: pf send] 11 0 0 0 RL (threaded) [idle] 100003 CanRu