kernel: protection fault trap, code=0 Stopped at sys_msgrcv+0x3f2: movq 0x10(%r13),%rdi ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_msgrcv(ffff80002a799a18,ffff80002ccfd9e0,ffff80002ccfd930) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a799a18,ffff80002ccfd9e0,ffff80002ccfd930) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80002ccfd9e0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002ccfd9e0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3273563c3e0, count: -3 ddb> show registers rdi 0 rsi 0x200000000f08 rbp 0xffff80002ccfd910 rbx 0 rdx 0xffff80000146b740 rcx 0 rax 0xf0 r8 0x7f7fffffc000 r9 0 r10 0xf9cb463966bb8206 r11 0x88cf9e8aa23a4e91 r12 0xfffffd8064366e60 r13 0xdead4110dead4110 r14 0xffff8000014b3b00 r15 0x8 rip 0xffffffff830e7572 sys_msgrcv+0x3f2 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff80002ccfd870 ss 0 sys_msgrcv+0x3f2: movq 0x10(%r13),%rdi ddb> show proc PROC (syz-executor) tid=353361 pid=78712 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=36, usrpri=84, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7982c0,0xffff80002a7bb4e8 process=0xffff80003a928918 user=0xffff80002ccf8000, vmspace=0xfffffd806c288180 estcpu=34, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 31761 487134 75903 0 2 0 syz-executor 31761 502199 75903 0 3 0x4000080 kqsel syz-executor 76227 110413 7024 0 2 0 syz-executor 95768 240196 59755 0 2 0 syz-executor 43606 2373 63374 0 2 0 syz-executor 57206 23367 97496 0 2 0 syz-executor 57206 12182 97496 0 2 0x4000000 syz-executor 57206 10996 97496 0 2 0x4000000 syz-executor 78712 523265 99023 0 2 0 syz-executor 78712 54816 99023 0 3 0x4000080 fsleep syz-executor *78712 353361 99023 0 7 0x4000000 syz-executor 78712 450188 99023 0 2 0x4000000 syz-executor 2223 184269 78178 0 3 0 vmmaplk syz-executor 2223 174139 78178 0 3 0x4000080 ttyout syz-executor 2223 60211 78178 0 3 0x4000080 ttyout syz-executor 2223 392936 78178 0 2 0x4000000 syz-executor 2223 514882 78178 0 2 0x4000000 syz-executor 18416 171735 0 0 3 0x14200 bored sosplice 64190 483324 1 0 3 0x100083 ttyopn getty 93218 498338 0 0 3 0x14280 nfsidl nfsio 46494 374429 0 0 3 0x14280 nfsidl nfsio 24706 358615 0 0 3 0x14280 nfsidl nfsio 38670 176612 0 0 3 0x14280 nfsidl nfsio 33065 495405 0 0 3 0x14280 nfsidl nfsio 65366 442509 0 0 3 0x14280 nfsidl nfsio 87645 121468 0 0 3 0x14280 nfsidl nfsio 75939 364938 0 0 3 0x14280 nfsidl nfsio 77584 331079 0 0 3 0x14280 nfsidl nfsio 73044 42740 0 0 3 0x14280 nfsidl nfsio 27172 450676 0 0 3 0x14280 nfsidl nfsio 44577 506309 0 0 3 0x14280 nfsidl nfsio 84870 141783 0 0 3 0x14280 nfsidl nfsio 51507 394889 0 0 3 0x14280 nfsidl nfsio 21831 423847 0 0 3 0x14280 nfsidl nfsio 8136 118044 0 0 3 0x14280 nfsidl nfsio 15616 416579 0 0 3 0x14280 nfsidl nfsio 71411 321606 0 0 3 0x14280 nfsidl nfsio 62285 265540 0 0 3 0x14280 nfsidl nfsio 34906 353687 0 0 3 0x14280 nfsidl nfsio 99023 422894 29641 0 3 0x82 nanoslp syz-executor 63374 1253 29641 0 3 0x82 nanoslp syz-executor 75903 434462 29641 0 3 0x82 nanoslp syz-executor 97496 404734 29641 0 3 0x82 nanoslp syz-executor 59755 190 29641 0 3 0x82 nanoslp syz-executor 78178 68062 29641 0 3 0x82 nanoslp syz-executor 5949 288590 29641 0 2 0x2 syz-executor 7024 361095 29641 0 3 0x82 nanoslp syz-executor 29641 146946 37834 0 3 0x82 kqread syz-executor 37834 181515 92182 0 3 0x10008a sigsusp ksh 92182 336300 11120 0 3 0x98 kqread sshd-session 11120 468790 98522 0 3 0x92 kqread sshd-session 98522 216576 1 0 3 0x88 kqread sshd 88426 269232 5377 73 3 0x1100090 kqread syslogd 5377 358423 1 0 3 0x100082 sbwait syslogd 30750 79235 1 0 3 0x100080 kqread resolvd 12916 98418 21912 77 3 0x100092 kqread dhcpleased 13600 426016 21912 77 3 0x100092 kqread dhcpleased 21912 82840 1 0 3 0x80 kqread dhcpleased 69688 112406 0 0 3 0x14200 bored smr 80034 332076 0 0 2 0x14200 zerothread 2562 470529 0 0 3 0x14200 aiodoned aiodoned 41303 299869 0 0 3 0x14200 syncer update 86248 494726 0 0 3 0x14200 cleaner cleaner 69511 453154 0 0 3 0x14200 reaper reaper 35510 371544 0 0 3 0x14200 pgdaemon pagedaemon 35956 282034 0 0 3 0x14200 bored viomb 60184 335266 0 0 3 0x40014200 acpi0 acpi0 13532 345936 0 0 3 0x14200 bored softnet0 25790 27678 0 0 3 0x14200 bored systqmp 73507 398620 0 0 3 0x14200 bored systq 52742 457330 0 0 3 0x40014200 tmoslp softclock 43478 122672 0 0 3 0x40014200 idle0 1 500019 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10171 11041K 11245K 166960K 12069 0 pcb 17 12K 12K 166960K 154 0 rtable 226 7K 8K 166960K 456 0 pf 28 12K 13K 166960K 111 0 ifaddr 37 6K 8K 166960K 78 0 ifgroup 46 2K 2K 166960K 159 0 sysctl 3 1K 9K 166960K 12 0 counters 31 17K 18K 166960K 62 0 ioctlops 0 0K 4K 166960K 104 0 iov 0 0K 16K 166960K 35 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1331 84K 84K 166960K 1958 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 12 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 17 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 97K 166960K 2154 0 sigio 0 0K 0K 166960K 7 0 proc 60 59K 124K 166960K 532 0 subproc 72 4K 4K 166960K 74 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 114 0 in_multi 84 6K 7K 166960K 126 0 ether_multi 1 0K 0K 166960K 8 0 mrt 1 0K 0K 166960K 7 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 79 360K 360K 166960K 79 0 exec 0 0K 1K 166960K 406 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 219 158K 173K 166960K 19880 0 UVM aobj 18 4K 4K 166960K 20 0 pinsyscall 38 76K 96K 166960K 3236 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 22 0 NDP 10 0K 2K 166960K 57 0 temp 59 8647K 8714K 166960K 32835 0 kqueue 13 20K 26K 166960K 178 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 94 0 91 1 0 1 1 0 8 0 rtentry 136 126 0 28 4 0 4 4 0 8 0 unpcb 144 354 0 339 1 0 1 1 0 8 0 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 181 0 177 1 0 1 1 0 8 0 arp 96 21 0 4 1 0 1 1 0 8 0 ipq 40 8 0 8 1 0 1 1 0 8 1 ipqe 40 13 0 13 1 0 1 1 0 8 1 inpcb 328 507 0 500 3 1 2 2 0 8 1 ip6q 72 10 0 10 1 0 1 1 0 8 1 ip6af 40 18 0 18 1 0 1 1 0 8 1 nd6 112 27 0 7 1 0 1 1 0 8 0 pkpcb 40 8 0 8 1 0 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 14 0 14 1 0 1 1 0 8 1 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 rttmr 136 1 0 1 1 0 1 1 0 8 1 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 498 0 99 29 0 29 29 0 8 2 art_table 40 502 0 99 5 0 5 5 0 8 0 art_node 32 124 0 35 1 0 1 1 0 8 0 sysvmsgpl 40 12 0 9 1 0 1 1 0 8 0 semupl 112 3 0 3 1 0 1 1 0 8 1 semapl 112 13 0 3 1 0 1 1 0 8 0 shmpl 112 17 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 4326 0 2839 95 0 95 95 0 8 0 ffsino 256 4326 0 2839 95 0 95 95 0 8 0 nchpl 144 6757 0 5073 63 0 63 63 0 8 0 vnodes 216 4697 0 0 261 0 261 261 0 8 0 namei 1024 16408 0 16407 3 1 2 2 0 8 1 kstatmem 264 82 0 62 2 0 2 2 0 8 0 scsiplug 72 6 0 6 1 0 1 1 0 8 1 scxspl 216 20984 0 20984 9 1 8 8 1 8 8 plimitpl 152 90 0 74 1 0 1 1 0 8 0 sigapl 424 2466 0 2403 8 0 8 8 0 8 0 knotepl 120 80456 0 80409 17 7 10 17 0 8 7 kqueuepl 184 193 0 183 1 0 1 1 0 8 0 pipepl 304 141 0 114 3 0 3 3 0 8 0 fdescpl 448 2431 0 2402 5 0 5 5 0 8 1 filepl 120 5729 0 5523 7 0 7 7 0 8 0 lockfpl 104 288 0 286 1 0 1 1 0 8 0 lockfspl 48 127 0 125 1 0 1 1 0 8 0 sessionpl 144 22 0 14 1 0 1 1 0 8 0 pgrppl 48 34 0 18 1 0 1 1 0 8 0 ucredpl 104 760 0 749 1 0 1 1 0 8 0 zombiepl 144 3030 0 3030 2 1 1 1 0 8 1 processpl 1152 2466 0 2403 5 0 5 5 0 8 0 procpl 664 5152 0 5078 7 0 7 7 0 8 0 sockpl 552 972 0 947 4 1 3 3 0 8 1 mcl64k 65536 552 0 552 3 0 3 3 0 8 3 mcl16k 16384 372 0 372 1 0 1 1 0 8 1 mcl12k 12288 379 0 379 1 0 1 1 0 8 1 mcl9k 9216 144 0 144 2 1 1 1 0 8 1 mcl8k 8192 690 0 690 2 1 1 1 0 8 1 mcl4k 4096 6933 0 6882 16 8 8 15 0 8 1 mcl2k2 2112 2 0 2 1 0 1 1 0 8 1 mcl2k 2048 607 0 606 3 1 2 2 0 8 1 mtagpl 96 5 0 4 2 1 1 1 0 8 0 mbufpl 256 29072 0 28897 133 111 22 78 0 8 8 bufpl 280 5388 0 121 377 0 377 377 0 8 0 anonpl 24 300216 0 297357 49 3 46 46 0 187 17 amapchunkpl 152 66888 0 66456 29 1 28 28 0 158 10 amappl16 200 5448 0 5417 33 21 12 16 0 8 8 amappl15 192 8 0 8 1 1 0 1 0 8 0 amappl14 184 5 0 5 1 1 0 1 0 8 0 amappl13 176 405 0 404 1 0 1 1 0 8 0 amappl12 168 2775 0 2737 2 0 2 2 0 8 0 amappl11 160 33 0 32 1 0 1 1 0 8 0 amappl10 152 69 0 59 1 0 1 1 0 8 0 amappl9 144 263 0 263 1 1 0 1 0 8 0 amappl8 136 25 0 24 1 0 1 1 0 8 0 amappl7 128 85 0 84 1 0 1 1 0 8 0 amappl6 120 265 0 254 1 0 1 1 0 8 0 amappl5 112 70 0 63 1 0 1 1 0 8 0 amappl4 104 380 0 358 1 0 1 1 0 8 0 amappl3 96 12494 0 12413 3 0 3 3 0 8 0 amappl2 88 2544 0 2477 2 0 2 2 0 8 0 amappl1 80 17208 0 16669 13 0 13 13 0 8 1 amappl 88 19056 0 18905 5 0 5 5 0 92 0 uvmvnodes 80 4697 0 0 96 0 96 96 0 8 0 dma65536 65536 2 0 2 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 0 1 1 0 8 1 dma1024 1024 2 0 1 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 19 0 2 1 0 1 1 0 8 0 uaddrrnd 24 2431 0 2402 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2431 0 2402 1 0 1 1 0 8 0 vmmpekpl 168 17585 0 17555 2 0 2 2 0 8 0 vmmpepl 168 148621 0 146861 97 6 91 91 0 357 12 vmsppl 368 2430 0 2402 4 1 3 4 0 8 0 rwobjpl 40 40525 0 34995 56 0 56 56 0 8 0 pdppl 4096 4869 0 4804 125 58 67 83 0 8 2 pvpl 32 998022 0 990056 119 3 116 116 0 265 39 pmappl 216 2430 0 2402 3 0 3 3 0 8 1 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 528 0 184 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_msgrcv(ffff80002a799a18,ffff80002ccfd9e0,ffff80002ccfd930) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a799a18,ffff80002ccfd9e0,ffff80002ccfd930) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80002ccfd9e0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002ccfd9e0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3273563c3e0, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_msgrcv(ffff80002a799a18,ffff80002ccfd9e0,ffff80002ccfd930) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a799a18,ffff80002ccfd9e0,ffff80002ccfd930) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80002ccfd9e0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002ccfd9e0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3273563c3e0, count: -3