kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace done_flush() at done_flush+0x38 vm_run(ffff80003786f520) at vm_run+0x163 vmmioctl(a00,c0205602,ffff80003786f520,1,ffff80002a739ab0) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd8071a46000,c0205602,ffff80003786f520,1,fffffd807f7d78f0,ffff80002a739ab0) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd80611fa8f8,c0205602,ffff80003786f520,ffff80002a739ab0) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a739ab0,ffff80003786f630,ffff80003786f680) at sys_ioctl+0x49e syscall(ffff80003786f6f0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd053c284bf0, count: -8 ddb> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff800037843630 rbp 0xffff80003786f270 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffffffffffc r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0x33da5abcb4cb80b8 r11 0xfc2cf884cc252132 r12 0xffff8000378433a8 r13 0xffff80003786f1a6 r14 0xffff800037843000 r15 0x246 rip 0xffffffff8186c12b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff80003786f0d6 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb> show proc PROC (syz-executor.0) tid=332407 pid=96702 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=79, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a738020,0xffff80002a7382d8 process=0xffff80002a6957b0 user=0xffff80003786a000, vmspace=0xfffffd8075b53760 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 43828 96651 44237 0 2 0 syz-executor.1 18206 398652 12280 0 2 0 syz-executor.3 18206 405951 12280 0 3 0x4000080 fsleep syz-executor.3 96702 483599 66224 0 2 0 syz-executor.0 *96702 332407 66224 0 7 0x4000000 syz-executor.0 99480 240170 63321 0 2 0 syz-executor.6 99480 477938 63321 0 3 0x4000080 netio syz-executor.6 99480 494248 63321 0 2 0x4000000 syz-executor.6 99480 24652 63321 0 2 0x4000000 syz-executor.6 87214 143893 70198 0 2 0x2 syz-executor.4 66224 1787 70198 0 2 0x482 syz-executor.0 63321 273950 70198 0 2 0x482 syz-executor.6 33085 258677 70198 0 2 0x2 syz-executor.7 6831 503009 1 0 3 0x100083 ttyopn getty 12280 389350 70198 0 2 0x482 syz-executor.3 72426 44450 70198 0 2 0x2 syz-executor.2 47816 326939 70198 0 2 0x2 syz-executor.5 44237 301397 70198 0 2 0x482 syz-executor.1 79158 517905 0 0 3 0x14200 bored sosplice 70198 158472 75409 0 3 0x2000082 thrsleep syz-fuzzer 70198 380850 75409 0 2 0x6000482 syz-fuzzer 70198 281893 75409 0 3 0x6000082 thrsleep syz-fuzzer 70198 38634 75409 0 3 0x6000082 wait syz-fuzzer 70198 253075 75409 0 3 0x6000082 wait syz-fuzzer 70198 373843 75409 0 3 0x6000082 wait syz-fuzzer 70198 199756 75409 0 3 0x6000082 thrsleep syz-fuzzer 70198 255366 75409 0 3 0x6000082 wait syz-fuzzer 70198 49016 75409 0 3 0x6000082 wait syz-fuzzer 70198 229217 75409 0 3 0x6000082 wait syz-fuzzer 70198 26923 75409 0 3 0x6000082 thrsleep syz-fuzzer 70198 480237 75409 0 3 0x6000082 wait syz-fuzzer 70198 174084 75409 0 3 0x6000082 wait syz-fuzzer 70198 350179 75409 0 3 0x6000082 kqread syz-fuzzer 75409 167501 54095 0 3 0x10008a sigsusp ksh 54095 414846 90495 0 3 0x9a kqread sshd 90495 421626 1 0 3 0x88 kqread sshd 61377 124130 48160 73 3 0x1100090 kqread syslogd 48160 177916 1 0 3 0x100082 netio syslogd 52176 427257 1 0 3 0x100080 kqread resolvd 27117 347421 17000 77 3 0x100092 kqread dhcpleased 7217 295355 17000 77 3 0x100092 kqread dhcpleased 17000 423242 1 0 3 0x80 kqread dhcpleased 19721 334162 0 0 3 0x14200 bored smr 67708 435556 0 0 2 0x14200 zerothread 45878 168922 0 0 3 0x14200 aiodoned aiodoned 19780 214207 0 0 3 0x14200 syncer update 83532 443122 0 0 3 0x14200 cleaner cleaner 37786 86200 0 0 3 0x14200 reaper reaper 62818 418447 0 0 3 0x14200 pgdaemon pagedaemon 97570 329010 0 0 3 0x14200 bored viomb 94084 127022 0 0 3 0x40014200 acpi0 acpi0 77374 442580 0 0 3 0x14200 bored softnet3 39560 19146 0 0 3 0x14200 bored softnet2 71483 242577 0 0 3 0x14200 bored softnet1 1221 230397 0 0 3 0x14200 bored softnet0 26493 407774 0 0 3 0x14200 bored systqmp 59957 299648 0 0 3 0x14200 bored systq 44465 467804 0 0 2 0x40014200 softclock 38557 319792 0 0 3 0x40014200 idle0 1 70420 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10205 6420K 7371K 166960K 24143 0 pcb 13 16K 18K 166960K 769 0 rtable 225 15K 15K 166960K 1207 0 pf 33 9K 10K 166960K 269 0 ifaddr 42 11K 12K 166960K 215 0 ifgroup 58 2K 2K 166960K 432 0 sysctl 3 0K 0K 166960K 7 0 counters 32 17K 18K 166960K 130 0 ioctlops 0 0K 2K 166960K 418 0 iov 0 0K 26K 166960K 756 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1601 100K 100K 166960K 6469 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 89 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 304 0 dirhash 12 2K 2K 166960K 39 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 14 49K 69K 166960K 7009 0 sigio 0 0K 0K 166960K 191 0 proc 57 59K 75K 166960K 1272 0 subproc 104 6K 6K 166960K 364 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 227 0 in_multi 88 6K 7K 166960K 412 0 ether_multi 1 0K 0K 166960K 1 0 mrt 1 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 205 917K 917K 166960K 205 0 exec 0 0K 1K 166960K 1740 0 pfkey data 0 0K 0K 166960K 67 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 427 215K 225K 166960K 66120 0 UVM aobj 131 4K 4K 166960K 137 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 234 0 NDP 13 0K 2K 166960K 171 0 temp 74 5920K 6172K 166960K 88694 0 kqueue 12 18K 26K 166960K 609 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 1516 0 1513 14 11 3 3 0 8 2 rtentry 112 380 0 279 5 1 4 4 0 8 0 unpcb 144 4392 0 4377 40 37 3 6 0 8 2 syncache 312 72 0 72 12 11 1 1 0 8 1 tcpqe 32 242 0 242 13 12 1 1 0 8 1 tcpcb 808 3161 0 3133 56 47 9 12 0 8 3 arp 88 66 0 50 1 0 1 1 0 8 0 ipq 40 74 0 73 6 5 1 1 0 8 0 ipqe 40 152 0 151 6 5 1 1 0 8 0 inpcb 336 6686 0 6655 69 56 13 13 0 8 8 nd6 104 99 0 75 1 0 1 1 0 8 0 pkpcb 40 81 0 81 4 4 0 1 0 8 0 kcovpl 48 28 0 20 1 0 1 1 0 8 0 ppxss 1160 30 0 30 6 6 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1581 0 1148 38 7 31 32 0 8 3 art_table 32 1582 0 1148 5 0 5 5 0 8 0 art_node 16 376 0 284 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 1 1 0 1 1 0 8 0 semupl 112 5 0 5 1 1 0 1 0 8 0 semapl 112 295 0 285 1 0 1 1 0 8 0 shmpl 112 134 0 6 4 0 4 4 0 8 0 dirhash 1024 35 0 18 3 0 3 3 0 8 0 dino2pl 256 11149 0 9664 94 0 94 94 0 8 0 ffsino 240 11149 0 9664 88 0 88 88 0 8 0 nchpl 144 22439 0 21890 63 40 23 63 0 8 1 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 83193 0 83192 4 3 1 3 0 8 0 vcpupl 2048 119 0 0 15 0 15 15 0 8 0 vmpool 664 125 0 6 10 0 10 10 0 8 0 kstatmem 264 222 0 196 4 2 2 3 0 8 0 scxspl 216 64344 0 64344 23 22 1 8 1 8 1 plimitpl 152 860 0 845 1 0 1 1 0 8 0 sigapl 424 7285 0 7243 8 2 6 8 0 8 0 futexpl 64 87544 0 87543 3 2 1 1 0 8 0 knotepl 120 62060 0 61980 18 14 4 11 0 8 0 kqueuepl 184 6227 0 6219 56 50 6 11 0 8 5 pipepl 288 1244 0 1216 19 16 3 7 0 8 0 fdescpl 432 7246 0 7221 6 2 4 4 0 8 0 filepl 120 57545 0 57308 75 62 13 16 0 8 4 lockfpl 104 2293 0 2291 5 3 2 2 0 8 1 lockfspl 48 809 0 807 1 0 1 1 0 8 0 sessionpl 144 44 0 28 1 0 1 1 0 8 0 pgrppl 48 1003 0 987 1 0 1 1 0 8 0 ucredpl 104 8836 0 8824 1 0 1 1 0 8 0 zombiepl 144 7243 0 7243 2 1 1 1 0 8 1 processpl 1008 7285 0 7243 10 3 7 9 0 8 0 procpl 680 17504 0 17444 14 7 7 9 0 8 0 sosppl 168 76 0 73 9 8 1 1 0 8 0 sockpl 456 12676 0 12627 201 184 17 29 0 8 8 mcl64k 65536 237 0 234 8 7 1 1 0 8 0 mcl16k 16384 89 0 89 14 13 1 1 0 8 1 mcl12k 12288 275 0 275 8 7 1 1 0 8 1 mcl9k 9216 123 0 123 9 8 1 1 0 8 1 mcl8k 8192 601 0 598 12 11 1 3 0 8 0 mcl4k 4096 1399 0 1399 6 5 1 1 0 8 1 mcl2k2 2112 46 0 46 12 12 0 1 0 8 0 mcl2k 2048 80654 0 80584 53 42 11 29 0 8 1 mtagpl 96 1421 0 1093 21 12 9 13 0 8 0 mbufpl 256 207210 0 206717 547 467 80 85 0 8 43 bufpl 288 17243 0 10843 458 0 458 458 0 8 0 anonpl 24 843058 0 829733 202 98 104 164 0 188 0 amapchunkpl 152 212994 0 212177 93 50 43 63 0 158 3 amappl16 200 16386 0 15966 81 50 31 35 0 8 8 amappl15 192 13 0 12 1 0 1 1 0 8 0 amappl14 184 214 0 203 2 1 1 2 0 8 0 amappl13 176 19 0 18 1 0 1 1 0 8 0 amappl12 168 8179 0 8153 3 1 2 2 0 8 0 amappl11 160 58 0 48 1 0 1 1 0 8 0 amappl10 152 47 0 38 2 1 1 1 0 8 0 amappl9 144 153 0 152 1 0 1 1 0 8 0 amappl8 136 385 0 298 4 0 4 4 0 8 0 amappl7 128 222 0 198 2 0 2 2 0 8 0 amappl6 120 605 0 593 1 0 1 1 0 8 0 amappl5 112 234 0 224 1 0 1 1 0 8 0 amappl4 104 569 0 548 2 1 1 2 0 8 0 amappl3 96 41530 0 41461 3 0 3 3 0 8 0 amappl2 88 7996 0 7922 3 1 2 3 0 8 0 amappl1 80 35677 0 35176 22 11 11 22 0 8 0 amappl 88 65205 0 64963 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 136 0 6 3 0 3 3 0 8 0 uaddrrnd 24 7371 0 7227 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 7371 0 7227 1 0 1 1 0 8 0 vmmpekpl 168 52874 0 52785 6 1 5 5 0 8 0 vmmpepl 168 441520 0 439284 187 68 119 123 0 357 8 vmsppl 368 7370 0 7227 14 0 14 14 0 8 0 rwobjpl 24 111487 0 103973 49 1 48 48 0 8 0 pdppl 4096 14748 0 14573 411 229 182 182 0 8 7 pvpl 32 2121426 0 2102982 564 357 207 361 0 265 29 pmappl 216 7370 0 7227 10 1 9 9 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1939 0 923 31 1 30 30 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff80003786f520) at vm_run+0x163 vmmioctl(a00,c0205602,ffff80003786f520,1,ffff80002a739ab0) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd8071a46000,c0205602,ffff80003786f520,1,fffffd807f7d78f0,ffff80002a739ab0) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd80611fa8f8,c0205602,ffff80003786f520,ffff80002a739ab0) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a739ab0,ffff80003786f630,ffff80003786f680) at sys_ioctl+0x49e syscall(ffff80003786f6f0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd053c284bf0, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff80003786f520) at vm_run+0x163 vmmioctl(a00,c0205602,ffff80003786f520,1,ffff80002a739ab0) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd8071a46000,c0205602,ffff80003786f520,1,fffffd807f7d78f0,ffff80002a739ab0) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd80611fa8f8,c0205602,ffff80003786f520,ffff80002a739ab0) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a739ab0,ffff80003786f630,ffff80003786f680) at sys_ioctl+0x49e syscall(ffff80003786f6f0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd053c284bf0, count: -8