kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace end trace frame: 0x0, count: -1 ddb{0}> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff80003c3f9d18 rbp 0 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0x100000001 r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0 r11 0 r12 0 r13 0 r14 0 r15 0 rip 0xffffffff8142f92b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff80003c42d8a8 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb{0}> show proc PROC (syz-executor) tid=430639 pid=99677 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=86, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c486800,0xffff80002a2b0d20 process=0xffff8000ffff6688 user=0xffff80003c428000, vmspace=0xfffffd806c966b88 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 54948 80198 9478 0 2 0 syz-executor 2993 264714 60943 0 2 0 syz-executor 2993 445168 60943 0 2 0x4000000 syz-executor 99677 441634 76457 0 2 0 syz-executor *99677 430639 76457 0 7 0x4000000 syz-executor 27927 414947 1 0 3 0x82 nanoslp getty 88362 226288 1636 0 2 0 syz-executor 88362 88190 1636 0 3 0x4000080 fifow syz-executor 88362 343462 1636 0 2 0x4000000 syz-executor 21619 43960 71648 0 4 0x82004 syz-executor 21619 196124 71648 0 4 0x4082004 syz-executor 21619 383699 71648 0 2 0x4002004 syz-executor 9233 370232 45507 0 3 0x3000 suspend syz-executor 9233 478398 45507 0 2 0x4081000 syz-executor 68287 469546 68463 60929 2 0x10 syz-executor 68287 504080 68463 60929 3 0x4000090 ttyin syz-executor 68287 145060 68463 60929 3 0x4000090 fsleep syz-executor 68287 437329 68463 60929 3 0x4000090 fsleep syz-executor 83147 211563 50990 0 3 0x1 inode syz-executor 83147 24098 50990 0 2 0x4000000 syz-executor 74122 319441 0 0 3 0x14200 acct acct 68463 491532 19017 0 3 0x82 nanoslp syz-executor 1636 427355 19017 0 3 0x82 nanoslp syz-executor 76457 466338 19017 0 3 0x82 nanoslp syz-executor 71648 438172 19017 0 3 0x82 nanoslp syz-executor 60943 229472 19017 0 2 0xc82 syz-executor 50990 27355 19017 0 3 0x3 inode syz-executor 45507 503609 19017 0 2 0xc82 syz-executor 9478 298872 19017 0 2 0xc82 syz-executor 19017 157217 37422 0 3 0x82 kqread syz-executor 37422 123176 12643 0 3 0x10008a sigsusp ksh 12643 43697 59650 0 3 0x98 kqread sshd-session 59650 428154 48326 0 3 0x92 kqread sshd-session 48326 483266 1 0 3 0x88 kqread sshd 42154 77364 70985 74 3 0x1100092 bpf pflogd 70985 523162 1 0 3 0x80 sbwait pflogd 15039 452798 20866 73 3 0x1100090 kqread syslogd 20866 28060 1 0 3 0x100082 sbwait syslogd 16885 469200 1 0 3 0x100080 kqread resolvd 50460 409713 80967 77 3 0x100092 kqread dhcpleased 98148 157070 80967 77 3 0x100092 kqread dhcpleased 80967 398597 1 0 3 0x80 kqread dhcpleased 52052 515377 0 0 3 0x14200 bored smr 42371 378287 0 0 2 0x14200 zerothread 51783 49763 0 0 3 0x14200 aiodoned aiodoned 55758 13975 0 0 3 0x14200 syncer update 71146 521480 0 0 3 0x14200 cleaner cleaner 60405 437839 0 0 3 0x14200 reaper reaper 62361 293076 0 0 3 0x14200 pgdaemon pagedaemon 43211 188030 0 0 3 0x14200 bored viomb 69377 374057 0 0 3 0x40014200 acpi0 acpi0 77658 340287 0 0 7 0x40014200 idle1 68607 261592 0 0 3 0x14200 bored softnet1 56786 298389 0 0 3 0x14200 bored softnet0 12851 330348 0 0 3 0x14200 bored systqmp 32103 245177 0 0 3 0x14200 bored systq 16736 388005 0 0 3 0x14200 tmoslp softclockmp 47363 244978 0 0 3 0x40014200 tmoslp softclock 78836 264755 0 0 3 0x40014200 idle0 1 53276 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks Process 99677 (syz-executor) thread 0xffff80003c486fc8 (430639) exclusive rwlock vcpu r = 0 (0xffff80003c3f9a70) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 vm_run+0xa2 sys/arch/amd64/amd64/vmm_machdep.c:-1 #3 vmmioctl+0x337 sys/dev/vmm/vmm.c:254 #4 VOP_IOCTL+0xac sys/kern/vfs_vops.c:264 #5 vn_ioctl+0xf8 sys/kern/vfs_vnops.c:531 #6 sys_ioctl+0x674 sys/kern/sys_generic.c:-1 #7 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #7 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783 #8 Xsyscall+0x128 Process 88362 (syz-executor) thread 0xffff80003c486d30 (343462) exclusive rwlock vmmaplk r = 0 (0xfffffd806c966e70) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_read+0x3e8 sys/kern/kern_rwlock.c:413 #2 uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1880 #3 uvm_fault_check+0x4f sys/uvm/uvm_fault.c:693 #4 uvm_fault+0x106 sys/uvm/uvm_fault.c:627 #5 upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192 #6 usertrap+0x430 sys/arch/amd64/amd64/trap.c:640 #7 recall_trap+0x8 Process 9233 (syz-executor) thread 0xffff8000fffea2b8 (478398) exclusive rwlock vmmaplk r = 0 (0xfffffd806dc84128) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_read+0x3e8 sys/kern/kern_rwlock.c:413 #2 uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1880 #3 uvm_fault_check+0x4f sys/uvm/uvm_fault.c:693 #4 uvm_fault+0x106 sys/uvm/uvm_fault.c:627 #5 kpageflttrap+0x2f4 sys/arch/amd64/amd64/trap.c:283 #6 kerntrap+0x19d sys/arch/amd64/amd64/trap.c:528 #7 alltraps_kern_meltdown+0x7b #8 _copyin+0x5b #9 ffs_write+0x769 sys/ufs/ffs/ffs_vnops.c:359 #10 VOP_WRITE+0x101 sys/kern/vfs_vops.c:245 #11 vn_write+0x1d3 sys/kern/vfs_vnops.c:408 #12 dofilewritev+0x2bd sys/kern/sys_generic.c:384 #13 sys_write+0xa2 sys/kern/sys_generic.c:300 #14 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #14 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783 #15 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd806c8dd560) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vn_write+0x18f sys/kern/vfs_vnops.c:405 #6 dofilewritev+0x2bd sys/kern/sys_generic.c:384 #7 sys_write+0xa2 sys/kern/sys_generic.c:300 #8 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #8 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783 #9 Xsyscall+0x128 Process 83147 (syz-executor) thread 0xffff80002a2b0a78 (24098) exclusive rrwlock inode r = 0 (0xfffffd8070422548) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vn_write+0x18f sys/kern/vfs_vnops.c:405 #6 dofilewritev+0x2bd sys/kern/sys_generic.c:384 #7 sys_write+0xa2 sys/kern/sys_generic.c:300 #8 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #8 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783 #9 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11093 12179K 14070K 166960K 14793 0 pcb 18 16K 32K 166960K 802 0 rtable 135 9K 12K 166960K 931 0 pf 27 16K 19K 166960K 211 0 ifaddr 22 4K 7K 166960K 150 0 ifgroup 39 1K 3K 166960K 251 0 sysctl 3 1K 9K 166960K 41 0 counters 62 36K 39K 166960K 282 0 ioctlops 0 0K 5K 166960K 2036 0 iov 1 12K 28K 166960K 129 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1406 88K 90K 166960K 3147 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 9K 166960K 31 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 121 0 dirhash 15 2K 3K 166960K 48 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 240K 166960K 2063 0 sigio 0 0K 0K 166960K 56 0 proc 73 115K 196K 166960K 890 0 subproc 72 4K 4K 166960K 127 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 350 0 in_multi 33 2K 7K 166960K 216 0 ether_multi 1 0K 0K 166960K 16 0 mrt 0 0K 0K 166960K 52 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 253 1129K 1129K 166960K 253 0 exec 1 0K 1K 166960K 971 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 256 152K 174K 166960K 20840 0 UVM aobj 85 74K 74K 166960K 94 0 pinsyscall 43 86K 104K 166960K 3478 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 174 0 NDP 8 0K 1K 166960K 111 0 temp 79 9084K 9212K 166960K 96299 0 kqueue 14 22K 31K 166960K 407 0 SYN cache 2 200K 208K 166960K 3 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 301 0 298 5 4 1 3 0 8 0 rtentry 176 284 0 245 6 0 6 6 0 8 0 unpcb 144 1220 0 1199 7 6 1 4 0 8 0 syncache 336 13 0 13 5 5 0 1 0 8 0 tcpqe 32 7 0 7 4 4 0 1 0 8 0 tcpcb 736 639 0 630 13 11 2 7 0 8 0 arp 136 33 0 27 1 0 1 1 0 8 0 inpcb 328 2584 0 2570 25 20 5 9 0 8 3 nd6 152 48 0 43 1 0 1 1 0 8 0 pkpcb 40 9 0 9 5 4 1 1 0 8 1 kcovpl 48 14 0 6 1 0 1 1 0 8 0 mppekey 1024 4 0 4 4 3 1 2 0 8 1 ppxss 1192 82 0 82 5 4 1 1 0 8 1 pppxif 1576 6 0 6 2 2 0 1 0 8 0 pffrag 232 17 0 9 1 0 1 1 0 482 0 pffrnode 88 15 0 7 1 0 1 1 0 8 0 pffrent 40 91 0 82 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 132 0 81 1 0 1 1 0 8 0 pfstkey 128 132 0 81 2 0 2 2 0 8 0 pfstate 448 131 0 81 7 0 7 7 0 8 0 pfrule 1360 21 0 16 2 1 1 2 0 8 0 rttmr 136 7 0 7 3 2 1 1 0 8 1 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 1276 0 1087 45 15 30 37 0 8 8 art_table 40 1280 0 1087 6 0 6 6 0 8 1 art_node 32 283 0 248 1 0 1 1 0 8 0 sysvmsgpl 40 22 0 12 2 1 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 117 0 107 1 0 1 1 0 8 0 shmpl 112 55 0 9 2 0 2 2 0 8 0 dirhash 1024 42 0 23 3 0 3 3 0 8 0 dino2pl 256 5460 0 3990 93 0 93 93 0 8 0 ffsino 296 5460 0 3990 114 0 114 114 0 8 0 nchpl 144 8242 0 6516 65 0 65 65 0 8 0 rtmask 32 14 0 14 5 5 0 1 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 30089 0 30088 4 2 2 2 0 8 1 percpumem 16 156 0 110 1 0 1 1 0 8 0 vcpupl 3968 36 0 0 5 0 5 5 0 8 0 vmpool 848 36 0 0 4 0 4 4 0 8 0 kstatmem 264 168 0 148 4 1 3 3 0 8 1 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 8 0 8 4 4 0 1 0 8 0 scxspl 216 50073 0 50073 14 12 2 8 1 8 2 plimitpl 152 772 0 752 1 0 1 1 0 8 0 sigapl 424 2398 0 2349 9 2 7 8 0 8 0 knotepl 120 754 0 0 21 0 21 21 0 8 0 kqueuepl 224 727 0 715 4 3 1 3 0 8 0 pipepl 344 287 0 258 4 0 4 4 0 8 0 fdescpl 528 2355 0 2323 3 0 3 3 0 8 0 filepl 160 16729 0 16497 38 24 14 23 0 8 2 lockfpl 104 818 0 814 2 1 1 2 0 8 0 lockfspl 48 303 0 299 1 0 1 1 0 8 0 sessionpl 144 39 0 31 1 0 1 1 0 8 0 pgrppl 48 89 0 73 1 0 1 1 0 8 0 ucredpl 104 3094 0 3079 1 0 1 1 0 8 0 zombiepl 144 3462 0 3461 1 0 1 1 0 8 0 processpl 1232 2398 0 2349 8 4 4 6 0 8 0 procpl 664 5565 0 5505 8 2 6 8 0 8 0 sosppl 176 25 0 25 4 3 1 1 0 8 1 sockpl 752 4252 0 4214 56 45 11 24 0 8 6 mcl64k 65536 11 0 0 2 0 2 2 0 8 0 mcl16k 16384 4 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 1 0 0 1 0 1 1 0 8 0 mcl4k 4096 112 0 0 14 0 14 14 0 8 0 mcl2k2 2112 2 0 0 1 0 1 1 0 8 0 mcl2k 2048 64 0 0 8 0 8 8 0 8 0 mtagpl 96 8 0 0 1 0 1 1 0 8 0 mbufpl 256 1340 0 0 84 0 84 84 0 8 0 bufpl 280 19641 0 13511 439 0 439 439 0 8 0 anonpl 32 15478 0 0 125 0 125 125 0 246 0 amapchunkpl 152 69898 0 69245 59 26 33 37 0 158 5 amappl16 200 8678 0 8421 77 45 32 32 0 8 8 amappl15 192 92 0 92 1 1 0 1 0 8 0 amappl14 184 516 0 515 1 0 1 1 0 8 0 amappl13 176 167 0 154 1 0 1 1 0 8 0 amappl12 168 2650 0 2618 2 0 2 2 0 8 0 amappl11 160 8 0 8 2 2 0 1 0 8 0 amappl10 152 87 0 72 1 0 1 1 0 8 0 amappl9 144 262 0 262 1 1 0 1 0 8 0 amappl8 136 135 0 131 1 0 1 1 0 8 0 amappl7 128 189 0 175 1 0 1 1 0 8 0 amappl6 120 221 0 219 1 0 1 1 0 8 0 amappl5 112 127 0 115 1 0 1 1 0 8 0 amappl4 104 381 0 358 1 0 1 1 0 8 0 amappl3 96 14381 0 14259 4 0 4 4 0 8 0 amappl2 88 741 0 680 2 0 2 2 0 8 0 amappl1 80 22814 0 22208 25 11 14 17 0 8 0 amappl 88 19575 0 19389 5 0 5 5 0 92 0 uvmvnodes 80 167 0 0 4 0 4 4 0 8 0 dma4096 4096 2 0 2 2 2 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma512 512 1 0 1 1 1 0 1 0 8 0 dma256 256 73 0 73 3 3 0 1 0 8 0 dma128 128 259 0 259 4 4 0 1 0 8 0 dma64 64 10 0 10 4 4 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 93 0 9 2 0 2 2 0 8 0 uaddrrnd 24 2355 0 2323 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2355 0 2323 1 0 1 1 0 8 0 vmmpekpl 168 20362 0 20306 4 1 3 3 0 8 0 vmmpepl 168 161912 0 159680 150 37 113 114 0 357 5 vmsppl 488 2354 0 2323 6 1 5 5 0 8 0 rwobjpl 80 46492 0 45050 41 4 37 37 0 8 0 pdppl 4096 4789 0 4682 177 70 107 110 0 8 0 pvpl 32 24152 0 0 195 0 195 195 0 265 0 pmappl 256 2390 0 2323 5 0 5 5 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 479 0 113 11 0 11 11 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace end trace frame: 0x0, count: -1 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff8000299bdff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224 sched_idle(ffff8000299bdff0) at sched_idle+0x391 sys/kern/kern_sched.c:191 end trace frame: 0x0, count: -5