kernel: protection fault trap, code=0 Stopped at bpfdetach+0x70: movq 0(%r15),%r12 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace bpfdetach(ffff800010fd8800) at bpfdetach+0x70 sys/net/bpf.c:1778 if_detach(ffff800010fd8800) at if_detach+0x153 sys/net/if.c:1212 tun_clone_destroy(ffff800010fd8800) at tun_clone_destroy+0x2d6 sys/net/if_tun.c:346 if_clone_destroy(ffff80003c42d7e0) at if_clone_destroy+0x1d7 sys/net/if.c:1401 ifioctl(ffff8000014602e8,80206979,ffff80003c42d7e0,ffff8000333ebc58) at ifioctl+0x5c5 sys/net/if.c:-1 sys_ioctl(ffff8000333ebc58,ffff80003c42d9c0,ffff80003c42d910) at sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1 syscall(ffff80003c42d9c0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c42d9c0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4c5507ce120, count: -8 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80003c42d600 rbx 0x80206979 __kernel_virt_to_phys+0x206979 rdx 0 rcx 0xffff8000333ebc58 rax 0xffffffff837d5ff0 cpu_info_full_primary+0x1ff0 r8 0 r9 0 r10 0 r11 0x2dd90433680b3f3f r12 0xdead0002deadbeef r13 0x800 r14 0xffff800010fd8800 r15 0xdead0002deadbeef rip 0xffffffff830a4630 bpfdetach+0x70 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c42d5d0 ss 0x10 bpfdetach+0x70: movq 0(%r15),%r12 ddb{0}> show proc PROC (syz-executor) tid=412090 pid=31675 tcnt=2 stat=onproc flags process=1000 proc=4080000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff8000ffff2a50 scnt=1 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000ffff2a50,0xffff8000333ead08 process=0xffff8000333ec020 user=0xffff80003c428000, vmspace=0xfffffd806c1cc980 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 13859 300089 73559 0 2 0 syz-executor 13859 317909 73559 0 3 0x4000080 fsleep syz-executor 31675 238450 498 0 3 0x3000 suspend syz-executor *31675 412090 498 0 7 0x4081000 syz-executor 47786 436331 74311 0 2 0x1000001 syz-executor 47786 161893 74311 0 3 0x5000080 sbwait syz-executor 47786 440558 74311 0 3 0x5000080 fsleep syz-executor 47786 179670 74311 0 3 0x5000080 fsleep syz-executor 47786 27859 74311 0 3 0x5000080 fsleep syz-executor 37430 461416 5712 0 2 0x1 syz-executor 37430 40292 5712 0 3 0x4000080 fsleep syz-executor 37430 211257 5712 0 3 0x4000080 fsleep syz-executor 498 491281 61024 0 3 0x82 nanoslp syz-executor 7745 335982 0 0 3 0x14280 nfsidl nfsio 32329 337044 0 0 3 0x14280 nfsidl nfsio 89496 149288 0 0 3 0x14280 nfsidl nfsio 97816 121625 0 0 3 0x14280 nfsidl nfsio 11681 223609 0 0 3 0x14280 nfsidl nfsio 13530 132552 0 0 3 0x14280 nfsidl nfsio 82132 340323 0 0 3 0x14280 nfsidl nfsio 88571 338250 0 0 3 0x14280 nfsidl nfsio 9951 263660 0 0 3 0x14280 nfsidl nfsio 23323 168524 0 0 3 0x14280 nfsidl nfsio 9816 164794 0 0 3 0x14280 nfsidl nfsio 5618 180015 0 0 3 0x14280 nfsidl nfsio 43444 196290 0 0 3 0x14280 nfsidl nfsio 45851 125544 0 0 3 0x14280 nfsidl nfsio 80529 354310 0 0 3 0x14280 nfsidl nfsio 13478 197596 0 0 3 0x14280 nfsidl nfsio 35357 147525 0 0 3 0x14280 nfsidl nfsio 56910 415223 0 0 3 0x14280 nfsidl nfsio 10958 498689 0 0 3 0x14280 nfsidl nfsio 50001 143275 0 0 3 0x14280 nfsidl nfsio 51305 509500 61024 0 3 0x82 nanoslp syz-executor 6354 202049 0 0 3 0x14200 acct acct 74839 428581 1 0 3 0x100083 ttyin getty 12928 396582 0 0 3 0x14200 bored sosplice 10610 464397 32107 0 3 0x100082 sbwait ndp 32107 380939 95807 0 3 0x10008a sigsusp sh 74311 439353 61024 0 3 0x82 nanoslp syz-executor 95807 95481 61024 0 3 0x82 wait syz-executor 80257 27907 61024 0 3 0x82 nanoslp syz-executor 90172 42374 61024 0 2 0x3 syz-executor 5712 470527 61024 0 3 0x82 nanoslp syz-executor 73559 332554 61024 0 3 0x82 nanoslp syz-executor 61024 335045 92089 0 3 0x82 kqread syz-executor 92089 86372 15370 0 3 0x10008a sigsusp ksh 15370 20685 75940 0 3 0x98 kqread sshd-session 75940 223704 59930 0 3 0x92 kqread sshd-session 59930 66249 1 0 3 0x88 kqread sshd 24449 510301 52420 74 3 0x1100092 bpf pflogd 52420 111094 1 0 3 0x80 sbwait pflogd 44669 128427 15527 73 3 0x1100090 kqread syslogd 15527 142235 1 0 3 0x100082 sbwait syslogd 89193 116493 1 0 3 0x100080 kqread resolvd 46145 420633 78158 77 3 0x100092 kqread dhcpleased 11796 475755 78158 77 3 0x100092 kqread dhcpleased 78158 315295 1 0 3 0x80 kqread dhcpleased 41054 107879 0 0 3 0x14200 bored smr 79641 303785 0 0 2 0x14200 zerothread 90888 216080 0 0 3 0x14200 aiodoned aiodoned 82208 516996 0 0 3 0x14200 syncer update 10819 8576 0 0 3 0x14200 cleaner cleaner 6266 430503 0 0 3 0x14200 reaper reaper 54320 425815 0 0 3 0x14200 pgdaemon pagedaemon 26127 167213 0 0 3 0x14200 bored viomb 1058 105276 0 0 3 0x40014200 acpi0 acpi0 27184 273864 0 0 7 0x40014200 idle1 94565 412765 0 0 3 0x14200 bored softnet3 27190 508896 0 0 3 0x14200 bored softnet2 10215 375142 0 0 3 0x14200 bored softnet1 33925 376628 0 0 2 0x14200 softnet0 97207 184049 0 0 3 0x14200 bored systqmp 3655 237149 0 0 3 0x14200 bored systq 93591 282458 0 0 3 0x14200 tmoslp softclockmp 97489 382918 0 0 3 0x40014200 tmoslp softclock 93474 278663 0 0 3 0x40014200 idle0 1 249528 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks Process 31675 (syz-executor) thread 0xffff8000333ebc58 (412090) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10223 11251K 15545K 166960K 15264 0 pcb 19 17K 25K 166960K 405 0 rtable 203 10K 11K 166960K 581 0 pf 38 18K 22K 166960K 171 0 ifaddr 39 6K 7K 166960K 112 0 ifgroup 59 2K 3K 166960K 198 0 sysctl 4 1K 9K 166960K 187 0 counters 70 37K 38K 166960K 222 0 ioctlops 0 0K 4K 166960K 2015 0 iov 0 0K 16K 166960K 92 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1490 94K 94K 166960K 3488 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 20 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 69 0 dirhash 15 2K 3K 166960K 63 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 85K 166960K 1987 0 sigio 0 0K 0K 166960K 134 0 proc 73 91K 115K 166960K 773 0 subproc 72 4K 4K 166960K 92 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 365 0 in_multi 77 5K 7K 166960K 188 0 ether_multi 1 0K 0K 166960K 11 0 mrt 1 0K 0K 166960K 14 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 103 466K 466K 166960K 103 0 exec 0 0K 1K 166960K 598 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 256 163K 176K 166960K 19353 0 UVM aobj 105 3K 3K 166960K 107 0 pinsyscall 44 88K 101K 166960K 3185 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 116 0 NDP 13 0K 1K 166960K 78 0 temp 80 8692K 8772K 166960K 96706 0 kqueue 14 22K 32K 166960K 376 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 214 0 210 3 2 1 2 0 8 0 rtentry 176 171 0 88 6 0 6 6 0 8 0 unpcb 144 1482 0 1460 10 9 1 6 0 8 0 syncache 336 11 0 11 4 4 0 1 0 8 0 tcpqe 32 4 0 4 2 2 0 1 0 8 0 tcpcb 736 750 0 742 17 16 1 11 0 8 0 arp 128 29 0 11 1 0 1 1 0 8 0 inpcb 328 2442 0 2427 23 21 2 12 0 8 0 nd6 144 32 0 16 1 0 1 1 0 8 0 pkpcb 40 20 0 20 2 1 1 1 0 8 1 kcovpl 48 10 0 2 1 0 1 1 0 8 0 mppekey 1024 2 0 2 2 2 0 1 0 8 0 ppxss 1192 58 0 58 3 2 1 1 0 8 1 pppxif 1504 8 0 8 2 2 0 1 0 8 0 pfstscr 40 2 0 2 1 1 0 1 0 8 0 pffrag 232 9 0 0 1 0 1 1 0 482 0 pffrnode 88 9 0 0 1 0 1 1 0 8 0 pffrent 40 10 0 1 1 0 1 1 0 8 0 pfosfp 40 1428 0 1428 5 5 0 5 0 8 0 pfosfpen 112 1428 0 1428 21 21 0 21 0 8 0 pfrktable 1344 2 0 1 2 1 1 1 0 8 0 pftag 88 3 0 1 1 0 1 1 0 8 0 pfstitem 24 163 0 36 1 0 1 1 0 8 0 pfstkey 128 169 0 43 5 0 5 5 0 8 0 pfstate 384 164 0 39 13 0 13 13 0 8 0 pfrule 1344 35 0 25 2 1 1 2 0 8 0 rttmr 136 3 0 3 3 3 0 1 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 736 0 358 34 10 24 29 0 8 0 art_table 32 739 0 358 4 0 4 4 0 8 0 art_node 16 165 0 95 1 0 1 1 0 8 0 sysvmsgpl 40 90 0 81 1 0 1 1 0 8 0 semapl 112 65 0 55 1 0 1 1 0 8 0 shmpl 112 104 0 2 3 0 3 3 0 8 0 dirhash 1024 51 0 32 3 0 3 3 0 8 0 dino2pl 256 4947 0 3438 95 0 95 95 0 8 0 ffsino 288 4947 0 3438 109 0 109 109 0 8 0 nchpl 144 7673 0 5973 64 0 64 64 0 8 0 rtmask 32 13 0 13 2 2 0 1 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 27397 0 27397 3 2 1 2 0 8 1 percpumem 16 126 0 76 1 0 1 1 0 8 0 kstatmem 264 120 0 90 5 2 3 3 0 8 1 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 38 0 38 2 2 0 1 0 8 0 scxspl 216 25257 0 25257 9 8 1 5 1 8 1 plimitpl 152 419 0 401 1 0 1 1 0 8 0 sigapl 424 2325 0 2253 10 1 9 9 0 8 0 knotepl 120 569 0 0 17 0 17 17 0 8 0 kqueuepl 224 933 0 923 14 13 1 7 0 8 0 pipepl 336 513 0 486 6 3 3 6 0 8 0 fdescpl 520 2279 0 2247 3 0 3 3 0 8 0 filepl 160 15976 0 15743 28 16 12 20 0 8 0 lockfpl 104 950 0 946 3 2 1 2 0 8 0 lockfspl 48 353 0 349 1 0 1 1 0 8 0 sessionpl 144 34 0 25 1 0 1 1 0 8 0 pgrppl 48 109 0 92 1 0 1 1 0 8 0 ucredpl 104 1903 0 1889 1 0 1 1 0 8 0 zombiepl 144 2287 0 2284 1 0 1 1 0 8 0 processpl 1240 2325 0 2253 6 0 6 6 0 8 0 procpl 656 5222 0 5142 8 0 8 8 0 8 0 srpgc 96 6 0 6 3 2 1 1 0 8 1 sosppl 168 19 0 19 2 2 0 1 0 8 0 sockpl 728 4264 0 4213 34 28 6 17 0 8 0 mcl64k 65536 6 0 0 1 0 1 1 0 8 0 mcl16k 16384 5 0 0 1 0 1 1 0 8 0 mcl12k 12288 5 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 125 0 0 15 0 15 15 0 8 0 mcl2k2 2112 2 0 0 1 0 1 1 0 8 0 mcl2k 2048 41 0 0 5 0 5 5 0 8 0 mtagpl 96 160 0 0 4 0 4 4 0 8 0 mbufpl 256 569 0 0 36 0 36 36 0 8 0 bufpl 280 7145 0 1003 439 0 439 439 0 8 0 anonpl 32 9298 0 0 75 0 75 75 0 246 0 amapchunkpl 152 65305 0 64761 30 6 24 28 0 158 1 amappl16 200 4918 0 4882 32 29 3 15 0 8 0 amappl15 192 6 0 6 1 1 0 1 0 8 0 amappl14 184 136 0 123 1 0 1 1 0 8 0 amappl13 176 18 0 18 2 2 0 1 0 8 0 amappl12 168 2991 0 2957 4 2 2 3 0 8 0 amappl11 160 111 0 97 1 0 1 1 0 8 0 amappl10 152 9 0 8 2 1 1 1 0 8 0 amappl9 144 249 0 249 1 1 0 1 0 8 0 amappl8 136 29 0 25 1 0 1 1 0 8 0 amappl7 128 125 0 110 1 0 1 1 0 8 0 amappl6 120 209 0 204 1 0 1 1 0 8 0 amappl5 112 139 0 129 1 0 1 1 0 8 0 amappl4 104 380 0 359 1 0 1 1 0 8 0 amappl3 96 13622 0 13502 5 1 4 4 0 8 0 amappl2 88 738 0 672 2 0 2 2 0 8 0 amappl1 80 17706 0 17064 15 0 15 15 0 8 0 amappl 88 18260 0 18082 5 0 5 5 0 92 0 dma8192 8192 2 0 2 2 2 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma512 512 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 257 0 257 2 2 0 1 0 8 0 dma64 64 8 0 8 2 2 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 106 0 2 2 0 2 2 0 8 0 uaddrrnd 24 2279 0 2247 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2279 0 2247 1 0 1 1 0 8 0 vmmpekpl 168 19928 0 19876 3 0 3 3 0 8 0 vmmpepl 168 145487 0 143421 108 12 96 103 0 357 0 vmsppl 480 2278 0 2247 5 0 5 5 0 8 0 rwobjpl 72 41990 0 34941 129 0 129 129 0 8 0 pdppl 4096 4566 0 4494 120 46 74 84 0 8 2 pvpl 32 16910 0 0 139 2 137 138 0 265 0 pmappl 256 2278 0 2247 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 464 0 88 12 0 12 12 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace bpfdetach(ffff800010fd8800) at bpfdetach+0x70 sys/net/bpf.c:1778 if_detach(ffff800010fd8800) at if_detach+0x153 sys/net/if.c:1212 tun_clone_destroy(ffff800010fd8800) at tun_clone_destroy+0x2d6 sys/net/if_tun.c:346 if_clone_destroy(ffff80003c42d7e0) at if_clone_destroy+0x1d7 sys/net/if.c:1401 ifioctl(ffff8000014602e8,80206979,ffff80003c42d7e0,ffff8000333ebc58) at ifioctl+0x5c5 sys/net/if.c:-1 sys_ioctl(ffff8000333ebc58,ffff80003c42d9c0,ffff80003c42d910) at sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1 syscall(ffff80003c42d9c0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c42d9c0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4c5507ce120, count: -8 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu_x86.c:1218 sched_idle(ffff8000299ddff0) at sched_idle+0x4d8 sys/kern/kern_sched.c:191 end trace frame: 0x0, count: -5