kernel: protection fault trap, code=0 Stopped at ktrops+0x4f: movq 0x8(%r14),%r14 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace ktrops(ffff80002a604010,dead4110dead4110,0,a0c7df9b,fffffd806bc618d0,fffffd807f7d7410) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a604010,dead4110dead4110,0,a0c7df9b,fffffd806bc618d0,fffffd807f7d7410) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd806bc618d0,4,20c7df9b,0,ffff80002a604010) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806bc618d0,4,20c7df9b,0,ffff80002a604010) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a604010,ffff8000377e7a80,ffff8000377e79d0) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff8000377e7a80) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x80702b8f950, count: -5 ddb> show registers rdi 0xffff80002a604010 rsi 0xdead4110dead4110 rbp 0xffff8000377e77b0 rbx 0xfffffd807f7d7410 rdx 0 rcx 0xa0c7df9b rax 0xffff80002a604010 r8 0xfffffd806bc618d0 r9 0xfffffd807f7d7410 r10 0x195b093f6fb424a2 r11 0xd74f3e9a6b4bdaf0 r12 0xffff80002a604010 r13 0xdead4110dead4110 r14 0xdead4110dead4110 r15 0xa0c7df9b rip 0xffffffff8121d3df ktrops+0x4f cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000377e7730 ss 0x10 ktrops+0x4f: movq 0x8(%r14),%r14 ddb> show proc PROC (syz-executor.6) tid=195588 pid=56291 tcnt=3 stat=onproc flags process=1000 proc=4080000 runpri=17, usrpri=71, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80002a6b22a8 forw=0xffffffffffffffff, list=0xffff80002a6c32a0,0xffff80002a6b2560 process=0xffff8000ffff8008 user=0xffff8000377e2000, vmspace=0xfffffd80697d19b0 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 78836 172235 58403 0 3 0x80 fsleep syz-executor.2 78836 505262 58403 0 2 0x4000000 syz-executor.2 78836 321488 58403 0 2 0x4000000 syz-executor.2 78836 456208 58403 0 2 0x4000000 syz-executor.2 78836 349403 58403 0 2 0x4000000 syz-executor.2 78836 316495 58403 0 2 0x4000000 syz-executor.2 *56291 195588 14336 0 7 0x4081000 syz-executor.6 56291 21801 14336 0 3 0x4003000 suspend syz-executor.6 17368 171063 57701 60928 3 0x90 nanoslp syz-executor.7 17368 265011 57701 60928 3 0x4000090 fsleep syz-executor.7 17368 316109 57701 60928 3 0x4000090 fsleep syz-executor.7 17368 206220 57701 60928 3 0x4000090 fsleep syz-executor.7 68054 301405 49384 0 3 0x80 fsleep syz-executor.3 68054 93640 49384 0 3 0x4000080 kqpoll syz-executor.3 68054 253150 49384 0 3 0x4000080 fsleep syz-executor.3 68054 57355 49384 0 3 0x4000080 fsleep syz-executor.3 27541 503300 13697 0 3 0x80 fsleep syz-executor.0 27541 275076 13697 0 3 0x4000080 netcon syz-executor.0 37612 364852 0 0 3 0x14280 nfsidl nfsio 35471 65836 0 0 3 0x14280 nfsidl nfsio 37581 170243 0 0 3 0x14280 nfsidl nfsio 44723 362703 0 0 3 0x14280 nfsidl nfsio 94461 59241 0 0 3 0x14280 nfsidl nfsio 16579 380047 0 0 3 0x14280 nfsidl nfsio 66982 32971 0 0 3 0x14280 nfsidl nfsio 61112 65444 0 0 3 0x14280 nfsidl nfsio 36326 548 0 0 3 0x14280 nfsidl nfsio 87770 441475 0 0 3 0x14280 nfsidl nfsio 76240 385326 0 0 3 0x14280 nfsidl nfsio 95480 81050 0 0 3 0x14280 nfsidl nfsio 59460 81191 0 0 3 0x14280 nfsidl nfsio 93708 288010 0 0 3 0x14280 nfsidl nfsio 90221 160419 0 0 3 0x14280 nfsidl nfsio 60998 236443 0 0 3 0x14280 nfsidl nfsio 16662 317186 0 0 3 0x14280 nfsidl nfsio 60549 21028 0 0 3 0x14280 nfsidl nfsio 34930 348107 0 0 3 0x14280 nfsidl nfsio 45869 451769 0 0 3 0x14280 nfsidl nfsio 14336 210907 58333 0 3 0x82 nanoslp syz-executor.6 12315 7479 1 0 3 0x80 fsleep syz-executor.6 12315 321605 1 0 3 0x4000080 piperd syz-executor.6 12315 496725 1 0 3 0x4000080 piperd syz-executor.6 60227 52204 58333 0 2 0x2 syz-executor.4 1272 200742 58333 0 2 0x2 syz-executor.1 49384 420736 58333 0 3 0x82 nanoslp syz-executor.3 13697 52555 58333 0 3 0x82 nanoslp syz-executor.0 33368 141559 58333 0 2 0x2 syz-executor.5 58403 422574 58333 0 3 0x82 nanoslp syz-executor.2 50221 81303 0 0 3 0x14200 bored sosplice 57701 387945 58333 0 3 0x82 nanoslp syz-executor.7 58333 295102 69444 0 3 0x1a000082 thrsleep syz-fuzzer 58333 223365 69444 0 3 0x1e000082 nanoslp syz-fuzzer 58333 391810 69444 0 3 0x1e000082 wait syz-fuzzer 58333 360977 69444 0 3 0x1e000082 thrsleep syz-fuzzer 58333 213456 69444 0 3 0x1e000082 wait syz-fuzzer 58333 447815 69444 0 2 0x1e000002 syz-fuzzer 58333 89780 69444 0 3 0x1e000082 wait syz-fuzzer 58333 106626 69444 0 3 0x1e000082 wait syz-fuzzer 58333 137740 69444 0 3 0x1e000082 thrsleep syz-fuzzer 58333 178909 69444 0 3 0x1e000082 wait syz-fuzzer 58333 502689 69444 0 3 0x1e000082 thrsleep syz-fuzzer 58333 512669 69444 0 3 0x1e000082 wait syz-fuzzer 58333 134361 69444 0 3 0x1e000082 wait syz-fuzzer 58333 39549 69444 0 3 0x1e000082 wait syz-fuzzer 69444 520673 79941 0 3 0x810008a sigsusp ksh 79941 243943 51783 0 3 0x1800009a kqread sshd 17777 233282 1 0 3 0x18100083 ttyin getty 51783 243134 1 0 3 0x18000088 kqread sshd 176 30250 60700 73 3 0x19100090 kqread syslogd 60700 169897 1 0 3 0x18100082 netio syslogd 70649 224695 1 0 3 0x18100080 kqread resolvd 11754 425178 28174 77 3 0x18100092 kqread dhcpleased 63509 426721 28174 77 3 0x18100092 kqread dhcpleased 28174 62636 1 0 3 0x18000080 kqread dhcpleased 91995 464132 0 0 3 0x14200 bored smr 37472 90456 0 0 2 0x14200 zerothread 23350 64629 0 0 3 0x14200 aiodoned aiodoned 36092 52900 0 0 3 0x14200 syncer update 65622 16144 0 0 3 0x14200 cleaner cleaner 19241 487627 0 0 3 0x14200 reaper reaper 50869 521724 0 0 3 0x14200 pgdaemon pagedaemon 61869 92101 0 0 3 0x14200 bored viomb 87906 245065 0 0 3 0x40014200 acpi0 acpi0 70025 64776 0 0 3 0x14200 bored softnet3 19143 90223 0 0 3 0x14200 bored softnet2 71307 18265 0 0 3 0x14200 bored softnet1 49169 351284 0 0 3 0x14200 bored softnet0 16433 376236 0 0 3 0x14200 bored systqmp 69437 61217 0 0 3 0x14200 bored systq 32185 200986 0 0 3 0x40014200 tmoslp softclock 13014 169419 0 0 3 0x40014200 idle0 1 466190 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10174 6412K 7580K 166960K 19394 0 pcb 15 16K 18K 166960K 540 0 rtable 180 9K 11K 166960K 1256 0 pf 29 8K 9K 166960K 189 0 ifaddr 35 10K 12K 166960K 159 0 ifgroup 50 2K 2K 166960K 290 0 sysctl 4 1K 1K 166960K 4 0 counters 30 17K 17K 166960K 101 0 ioctlops 0 0K 2K 166960K 417 0 iov 0 0K 26K 166960K 489 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1499 94K 94K 166960K 3647 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 31 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 312 0 dirhash 12 2K 2K 166960K 54 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 69K 166960K 4633 0 sigio 0 0K 0K 166960K 180 0 proc 62 59K 75K 166960K 952 0 subproc 117 7K 7K 166960K 247 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 701 0 in_multi 67 5K 7K 166960K 264 0 ether_multi 1 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 1124 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 433 257K 258K 166960K 47172 0 UVM aobj 131 8K 8K 166960K 141 0 pinsyscall 22 44K 100K 166960K 1563 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 143 0 NDP 11 0K 2K 166960K 122 0 temp 80 6804K 7440K 166960K 50893 0 kqueue 12 18K 24K 166960K 360 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 262 0 259 3 0 3 3 0 8 2 rtentry 112 375 0 295 4 0 4 4 0 8 1 unpcb 144 4125 0 4102 13 5 8 8 0 8 7 syncache 336 76 0 76 2 1 1 1 0 8 1 tcpqe 32 198 0 198 2 1 1 1 0 8 1 tcpcb 808 1601 0 1577 26 15 11 16 0 8 8 arp 88 69 0 56 1 0 1 1 0 8 0 ipq 40 12 0 12 1 0 1 1 0 8 1 ipqe 40 36 0 36 1 0 1 1 0 8 1 inpcb 360 4347 0 4313 34 23 11 16 0 8 7 nd6 104 61 0 45 1 0 1 1 0 8 0 pkpcb 40 9 0 9 1 0 1 1 0 8 1 kcovpl 48 19 0 10 1 0 1 1 0 8 0 ppxss 1072 31 0 31 2 1 1 1 0 8 1 art_heap8 4096 44 0 42 3 0 3 3 0 8 1 art_heap4 256 1335 0 991 31 2 29 29 0 8 4 art_table 32 1379 0 1033 4 0 4 4 0 8 0 art_node 16 360 0 287 1 0 1 1 0 8 0 sysvmsgpl 40 81 0 41 1 0 1 1 0 8 0 semapl 112 310 0 300 1 0 1 1 0 8 0 shmpl 112 138 0 10 4 0 4 4 0 8 0 dirhash 1024 45 0 28 3 0 3 3 0 8 0 dino2pl 256 7637 0 6095 97 0 97 97 0 8 0 ffsino 240 7637 0 6095 91 0 91 91 0 8 0 nchpl 144 13987 0 12256 66 0 66 66 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 45851 0 45850 4 2 2 3 0 8 1 vcpupl 2048 34 0 0 5 0 5 5 0 8 0 vmpool 664 76 0 42 3 0 3 3 0 8 0 kstatmem 264 164 0 142 2 0 2 2 0 8 0 scxspl 216 42308 0 42308 10 7 3 8 1 8 3 plimitpl 152 531 0 515 1 0 1 1 0 8 0 sigapl 424 5173 0 5109 8 0 8 8 0 8 0 futexpl 64 42331 0 42322 1 0 1 1 0 8 0 knotepl 120 43754 0 43672 9 0 9 9 0 8 5 kqueuepl 184 769 0 760 6 2 4 4 0 8 3 pipepl 288 658 0 628 7 0 7 7 0 8 4 fdescpl 432 4896 0 4869 4 0 4 4 0 8 0 filepl 120 28458 0 28187 21 6 15 15 0 8 6 lockfpl 104 1193 0 1190 1 0 1 1 0 8 0 lockfspl 48 448 0 445 1 0 1 1 0 8 0 sessionpl 144 34 0 17 1 0 1 1 0 8 0 pgrppl 48 159 0 142 1 0 1 1 0 8 0 ucredpl 104 3909 0 3897 1 0 1 1 0 8 0 zombiepl 144 5110 0 5109 2 1 1 1 0 8 0 processpl 1072 5173 0 5109 5 0 5 5 0 8 0 procpl 680 13564 0 13471 9 0 9 9 0 8 1 sosppl 168 50 0 44 1 0 1 1 0 8 0 sockpl 488 8747 0 8693 166 143 23 33 0 8 15 mcl64k 65536 180 0 180 2 1 1 1 0 8 1 mcl16k 16384 112 0 112 2 1 1 1 0 8 1 mcl12k 12288 202 0 202 2 1 1 1 0 8 1 mcl9k 9216 110 0 110 2 1 1 1 0 8 1 mcl8k 8192 406 0 406 2 1 1 1 0 8 1 mcl4k 4096 596 0 596 6 1 5 5 0 8 5 mcl2k2 2112 22 0 22 2 1 1 1 0 8 1 mcl2k 2048 80359 0 80309 35 21 14 29 0 8 7 mtagpl 96 801 0 669 8 0 8 8 0 8 4 mbufpl 256 169031 0 168740 96 62 34 63 0 8 8 bufpl 280 12437 0 6101 453 0 453 453 0 8 0 anonpl 24 577479 0 563208 113 5 108 108 0 188 18 amapchunkpl 152 148522 0 147569 42 2 40 40 0 158 2 amappl16 200 12117 0 11678 44 12 32 35 0 8 8 amappl15 192 42 0 40 1 0 1 1 0 8 0 amappl14 184 183 0 171 2 1 1 2 0 8 0 amappl13 176 9 0 9 2 1 1 1 0 8 1 amappl12 168 5719 0 5689 2 0 2 2 0 8 0 amappl11 160 51 0 39 1 0 1 1 0 8 0 amappl10 152 53 0 44 1 0 1 1 0 8 0 amappl9 144 168 0 168 1 0 1 1 0 8 1 amappl8 136 264 0 198 3 0 3 3 0 8 0 amappl7 128 104 0 93 1 0 1 1 0 8 0 amappl6 120 492 0 476 2 1 1 2 0 8 0 amappl5 112 367 0 355 1 0 1 1 0 8 0 amappl4 104 689 0 656 2 1 1 2 0 8 0 amappl3 96 29756 0 29658 3 0 3 3 0 8 0 amappl2 88 5549 0 5479 4 1 3 4 0 8 0 amappl1 80 26115 0 25615 22 10 12 22 0 8 0 amappl 88 46404 0 46131 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 140 0 10 3 0 3 3 0 8 0 uaddrrnd 24 4972 0 4911 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 4972 0 4911 1 0 1 1 0 8 0 vmmpekpl 168 40683 0 40618 4 0 4 4 0 8 0 vmmpepl 168 311241 0 308940 142 16 126 126 0 357 22 vmsppl 352 4971 0 4911 6 0 6 6 0 8 0 rwobjpl 24 85454 0 77879 46 0 46 46 0 8 0 pdppl 4096 9950 0 9856 409 311 98 100 0 8 4 pvpl 32 1489034 0 1469178 421 230 191 388 0 265 25 pmappl 216 4971 0 4911 4 0 4 4 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 833 0 420 13 0 13 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ktrops(ffff80002a604010,dead4110dead4110,0,a0c7df9b,fffffd806bc618d0,fffffd807f7d7410) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a604010,dead4110dead4110,0,a0c7df9b,fffffd806bc618d0,fffffd807f7d7410) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd806bc618d0,4,20c7df9b,0,ffff80002a604010) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806bc618d0,4,20c7df9b,0,ffff80002a604010) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a604010,ffff8000377e7a80,ffff8000377e79d0) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff8000377e7a80) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x80702b8f950, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ktrops(ffff80002a604010,dead4110dead4110,0,a0c7df9b,fffffd806bc618d0,fffffd807f7d7410) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a604010,dead4110dead4110,0,a0c7df9b,fffffd806bc618d0,fffffd807f7d7410) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd806bc618d0,4,20c7df9b,0,ffff80002a604010) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806bc618d0,4,20c7df9b,0,ffff80002a604010) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a604010,ffff8000377e7a80,ffff8000377e79d0) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff8000377e7a80) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x80702b8f950, count: -5