kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic the kernel did not panic ddb{1}> trace end trace frame: 0x0, count: -1 ddb{1}> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff8000fffe2c98 rbp 0 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0x100000001 r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0 r11 0 r12 0 r13 0 r14 0 r15 0 rip 0xffffffff8142f92b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff80003c3f1118 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb{1}> show proc PROC (syz-executor) tid=253173 pid=89710 tcnt=5 stat=onproc flags process=1000 proc=4080000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80003c40e038 scnt=4 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000fffe87e8,0xffff8000fffe8030 process=0xffff80003c496b78 user=0xffff80003c3ec000, vmspace=0xfffffd8067f4c3f0 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 85328 234855 15293 0 7 0 syz-executor 85328 342609 15293 0 2 0x4000000 syz-executor 89710 335555 42687 0 3 0x3000 suspend syz-executor 89710 404138 42687 0 2 0x4081000 syz-executor 89710 445786 42687 0 2 0x4081000 syz-executor *89710 253173 42687 0 7 0x4081000 syz-executor 89710 161349 42687 0 2 0x4081000 syz-executor 57336 407922 40375 0 2 0 syz-executor 14333 242234 22579 0 2 0 syz-executor 14333 509580 22579 0 2 0x4000000 syz-executor 91455 436566 53579 0 2 0 syz-executor 91455 436951 53579 0 3 0x4000080 ttyin syz-executor 91455 95758 53579 0 3 0x4000080 fsleep syz-executor 75445 485581 49457 0 2 0 syz-executor 75445 59126 49457 0 3 0x4000080 fsleep syz-executor 56916 205729 0 0 3 0x14200 acct acct 22579 457077 64071 0 3 0x82 nanoslp syz-executor 40375 432224 64071 0 3 0x82 nanoslp syz-executor 44477 77531 64071 0 3 0x82 wait syz-executor 95251 119299 0 0 3 0x14280 nfsidl nfsio 89995 491985 0 0 3 0x14280 nfsidl nfsio 91411 308439 0 0 3 0x14280 nfsidl nfsio 96437 333435 0 0 3 0x14280 nfsidl nfsio 69161 328346 0 0 3 0x14280 nfsidl nfsio 51807 498287 0 0 3 0x14280 nfsidl nfsio 57981 128502 0 0 3 0x14280 nfsidl nfsio 73584 114400 0 0 3 0x14280 nfsidl nfsio 76574 504994 0 0 3 0x14280 nfsidl nfsio 68167 46754 0 0 3 0x14280 nfsidl nfsio 34469 76999 0 0 3 0x14280 nfsidl nfsio 23726 108757 0 0 3 0x14280 nfsidl nfsio 70587 369346 0 0 3 0x14280 nfsidl nfsio 91054 364889 0 0 3 0x14280 nfsidl nfsio 60042 368229 0 0 3 0x14280 nfsidl nfsio 80874 156598 0 0 3 0x14280 nfsidl nfsio 79523 123026 0 0 3 0x14280 nfsidl nfsio 50793 61380 0 0 3 0x14280 nfsidl nfsio 27920 440365 0 0 3 0x14280 nfsidl nfsio 3 390811 0 0 3 0x14280 nfsidl nfsio 17533 455459 64071 0 3 0x82 nanoslp syz-executor 53579 337381 64071 0 3 0x82 nanoslp syz-executor 49457 353110 64071 0 3 0x82 nanoslp syz-executor 15293 491714 64071 0 3 0x82 nanoslp syz-executor 42687 474555 64071 0 3 0x82 nanoslp syz-executor 64071 336818 16005 0 3 0x82 kqread syz-executor 16005 48417 91230 0 3 0x10008a sigsusp ksh 91230 162141 45298 0 3 0x98 kqread sshd-session 45298 341091 53661 0 3 0x92 kqread sshd-session 92353 164761 1 0 3 0x100083 ttyopn getty 53661 85263 1 0 3 0x88 kqread sshd 22523 132683 8342 74 3 0x1100092 bpf pflogd 8342 139769 1 0 3 0x80 sbwait pflogd 6887 330 86825 73 3 0x1100090 kqread syslogd 86825 288857 1 0 3 0x100082 sbwait syslogd 59309 475869 1 0 3 0x100080 kqread resolvd 80081 302533 94282 77 3 0x100092 kqread dhcpleased 28060 55111 94282 77 3 0x100092 kqread dhcpleased 94282 354053 1 0 3 0x80 kqread dhcpleased 60439 511479 0 0 3 0x14200 bored smr 61946 147712 0 0 2 0x14200 zerothread 40755 391359 0 0 3 0x14200 aiodoned aiodoned 61841 110987 0 0 3 0x14200 syncer update 73021 243008 0 0 3 0x14200 cleaner cleaner 37534 190310 0 0 3 0x14200 reaper reaper 77270 184924 0 0 3 0x14200 pgdaemon pagedaemon 73937 29974 0 0 3 0x14200 bored viomb 74575 427286 0 0 3 0x40014200 acpi0 acpi0 75258 391506 0 0 3 0x40014200 idle1 25536 269343 0 0 3 0x14200 bored softnet1 35869 16952 0 0 3 0x14200 bored softnet0 7250 116141 0 0 3 0x14200 bored systqmp 24156 209934 0 0 3 0x14200 bored systq 15271 511109 0 0 3 0x14200 tmoslp softclockmp 65493 429071 0 0 3 0x40014200 tmoslp softclock 73017 341016 0 0 3 0x40014200 idle0 1 309819 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks Process 89710 (syz-executor) thread 0xffff8000fffe87e8 (445786) exclusive rrwlock inode r = 0 (0xfffffd806e991d88) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 ufs_ihashins+0x4f ufs_ihash sys/ufs/ufs/ufs_ihash.c:-1 [inline] #4 ufs_ihashins+0x4f sys/ufs/ufs/ufs_ihash.c:159 #5 ffs_vget+0x187 sys/ufs/ffs/ffs_vfsops.c:1232 #6 ffs_inode_alloc+0x279 sys/ufs/ffs/ffs_alloc.c:393 #7 ufs_makeinode+0xcd sys/ufs/ufs/ufs_vnops.c:1732 #8 ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167 #9 VOP_MKNOD+0x101 sys/kern/vfs_vops.c:121 #10 domknodat+0x469 sys/kern/vfs_syscalls.c:1659 #11 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] #11 syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 #12 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd80765d50a8) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vfs_lookup+0x11c sys/kern/vfs_lookup.c:-1 #6 namei+0x7ca sys/kern/vfs_lookup.c:250 #7 domknodat+0xb4 sys/kern/vfs_syscalls.c:1611 #8 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] #8 syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 #9 Xsyscall+0x128 Process 89710 (syz-executor) thread 0xffff8000fffe8fb0 (253173) exclusive rwlock vcpu r = 0 (0xffff8000fffe29f0) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 vm_run+0xa2 sys/arch/amd64/amd64/vmm_machdep.c:-1 #3 vmmioctl+0x337 sys/dev/vmm/vmm.c:254 #4 VOP_IOCTL+0xac sys/kern/vfs_vops.c:264 #5 vn_ioctl+0xf8 sys/kern/vfs_vnops.c:531 #6 sys_ioctl+0x674 sys/kern/sys_generic.c:-1 #7 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #7 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783 #8 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11102 12176K 14084K 166960K 14346 0 pcb 17 16K 18K 166960K 477 0 rtable 169 9K 11K 166960K 687 0 pf 33 17K 82K 166960K 204 0 ifaddr 33 6K 9K 166960K 146 0 ifgroup 47 2K 3K 166960K 238 0 sysctl 4 1K 9K 166960K 22 0 counters 66 36K 38K 166960K 246 0 ioctlops 0 0K 4K 166960K 1895 0 iov 0 0K 24K 166960K 192 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1472 92K 93K 166960K 3022 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 26 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 131 0 dirhash 12 2K 2K 166960K 39 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 240K 166960K 1971 0 sigio 0 0K 0K 166960K 27 0 proc 73 115K 164K 166960K 813 0 subproc 72 4K 4K 166960K 108 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 218 0 in_multi 64 4K 7K 166960K 243 0 ether_multi 1 0K 0K 166960K 21 0 mrt 1 0K 0K 166960K 36 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 253 1129K 1129K 166960K 253 0 exec 0 0K 1K 166960K 644 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 241 171K 183K 166960K 19164 0 UVM aobj 142 34K 34K 166960K 149 0 pinsyscall 43 86K 105K 166960K 3186 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 221 0 NDP 10 0K 1K 166960K 104 0 temp 79 9084K 9336K 166960K 61121 0 kqueue 15 22K 32K 166960K 360 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 141 0 138 1 0 1 1 0 8 0 rtentry 176 210 0 150 6 0 6 6 0 8 0 unpcb 144 1209 0 1192 10 4 6 6 0 8 5 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 721 0 717 16 9 7 7 0 8 6 arp 136 32 0 19 1 0 1 1 0 8 0 inpcb 328 2432 0 2425 26 17 9 12 0 8 8 ip6q 72 1 0 1 1 1 0 1 0 8 0 ip6af 40 2 0 2 1 1 0 1 0 8 0 nd6 152 50 0 38 2 0 2 2 0 8 0 pkpcb 40 6 0 6 4 3 1 1 0 8 1 kcovpl 48 12 0 4 1 0 1 1 0 8 0 ppxss 1192 67 0 67 2 1 1 1 0 8 1 pppxif 1576 3 0 3 2 2 0 1 0 8 0 pfstscr 40 2 0 2 1 1 0 1 0 8 0 pffrag 232 9 0 2 1 0 1 1 0 482 0 pffrnode 88 9 0 2 1 0 1 1 0 8 0 pffrent 40 13 0 6 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 2 0 2 1 1 0 1 0 8 0 pfsrclim 320 1 0 1 1 1 0 1 0 8 0 pfstitem 24 167 0 50 1 0 1 1 0 8 0 pfstkey 128 169 0 52 4 0 4 4 0 8 0 pfstate 448 168 0 52 13 0 13 13 0 8 0 pfrule 1360 27 0 21 2 1 1 2 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 967 0 686 35 7 28 33 0 8 8 art_table 40 969 0 686 6 0 6 6 0 8 0 art_node 32 207 0 154 1 0 1 1 0 8 0 sysvmsgpl 40 18 0 11 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 123 0 113 1 0 1 1 0 8 0 shmpl 112 135 0 7 4 0 4 4 0 8 0 dirhash 1024 35 0 18 3 0 3 3 0 8 0 dino2pl 256 5112 0 3645 93 0 93 93 0 8 0 ffsino 296 5112 0 3645 114 0 114 114 0 8 0 nchpl 144 7849 0 6135 65 0 65 65 0 8 0 rtmask 32 11 0 11 4 3 1 1 0 8 1 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 26597 0 26596 2 1 1 2 0 8 0 percpumem 16 138 0 90 1 0 1 1 0 8 0 vcpupl 3968 11 0 0 2 0 2 2 0 8 0 vmpool 848 11 0 0 2 0 2 2 0 8 0 kstatmem 264 154 0 130 4 1 3 3 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 17 0 17 5 4 1 1 0 8 1 scxspl 216 41602 0 41602 12 10 2 8 1 8 2 plimitpl 152 690 0 673 1 0 1 1 0 8 0 sigapl 424 2272 0 2203 8 0 8 8 0 8 0 knotepl 120 572 0 0 17 0 17 17 0 8 0 kqueuepl 224 559 0 548 6 4 2 3 0 8 1 pipepl 344 330 0 303 6 3 3 6 0 8 0 fdescpl 528 2233 0 2201 3 0 3 3 0 8 0 filepl 160 14599 0 14379 22 6 16 16 0 8 4 lockfpl 104 957 0 954 2 1 1 2 0 8 0 lockfspl 48 365 0 362 1 0 1 1 0 8 0 sessionpl 144 26 0 17 1 0 1 1 0 8 0 pgrppl 48 58 0 41 1 0 1 1 0 8 0 ucredpl 104 2321 0 2307 1 0 1 1 0 8 0 zombiepl 144 2205 0 2203 1 0 1 1 0 8 0 processpl 1232 2272 0 2203 6 0 6 6 0 8 0 procpl 664 5314 0 5236 8 0 8 8 0 8 0 sosppl 176 13 0 13 3 3 0 1 0 8 0 sockpl 752 3845 0 3818 41 28 13 17 0 8 10 mcl64k 65536 7 0 0 1 0 1 1 0 8 0 mcl16k 16384 4 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 119 0 0 15 0 15 15 0 8 0 mcl2k 2048 29 0 0 4 0 4 4 0 8 0 mtagpl 96 80 0 0 2 0 2 2 0 8 0 mbufpl 256 1196 0 0 75 0 75 75 0 8 0 bufpl 280 14930 0 8800 439 0 439 439 0 8 0 anonpl 32 11861 0 0 96 0 96 96 0 246 0 amapchunkpl 152 66284 0 65782 51 24 27 34 0 158 4 amappl16 200 6723 0 6689 65 58 7 29 0 8 3 amappl15 192 4 0 4 1 1 0 1 0 8 0 amappl14 184 542 0 541 1 0 1 1 0 8 0 amappl13 176 127 0 115 1 0 1 1 0 8 0 amappl12 168 2498 0 2467 2 0 2 2 0 8 0 amappl11 160 29 0 29 1 1 0 1 0 8 0 amappl10 152 65 0 51 1 0 1 1 0 8 0 amappl9 144 269 0 267 1 0 1 1 0 8 0 amappl8 136 116 0 114 1 0 1 1 0 8 0 amappl7 128 172 0 159 1 0 1 1 0 8 0 amappl6 120 200 0 198 1 0 1 1 0 8 0 amappl5 112 111 0 100 1 0 1 1 0 8 0 amappl4 104 302 0 279 1 0 1 1 0 8 0 amappl3 96 13625 0 13507 4 0 4 4 0 8 0 amappl2 88 559 0 498 2 0 2 2 0 8 0 amappl1 80 16804 0 16195 15 1 14 14 0 8 0 amappl 88 18095 0 17927 5 0 5 5 0 92 0 uvmvnodes 80 177 0 0 4 0 4 4 0 8 0 dma32768 32768 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 262 0 262 5 4 1 1 0 8 1 dma64 64 7 0 7 2 2 0 1 0 8 0 dma32 32 9 0 9 2 2 0 1 0 8 0 dma16 16 84 0 83 1 0 1 1 0 8 0 aobjpl 72 148 0 7 3 0 3 3 0 8 0 uaddrrnd 24 2233 0 2201 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2233 0 2201 1 0 1 1 0 8 0 vmmpekpl 168 18119 0 18071 3 0 3 3 0 8 0 vmmpepl 168 143164 0 141183 125 22 103 109 0 357 11 vmsppl 488 2232 0 2201 6 1 5 5 0 8 0 rwobjpl 80 37758 0 36488 40 7 33 34 0 8 0 pdppl 4096 4495 0 4413 122 40 82 83 0 8 0 pvpl 32 19644 0 0 159 0 159 159 0 265 0 pmappl 256 2243 0 2201 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 395 0 63 10 0 10 10 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{0}> trace x86_ipi_db(ffffffff8391cff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 end of kernel end trace frame: 0x7d2f7b9e1be0, count: -3 ddb{0}> machine ddbcpu 1 Stopped at done_flush+0x38: movl %eax,%dr6 ddb{1}> trace end trace frame: 0x0, count: -1