kernel: protection fault trap, code=0 Stopped at ktrops+0x4f: movq 0x8(%r14),%r14 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace ktrops(ffff80002a5f9208,dead4110dead4110,0,80001804,fffffd806a3f3130,fffffd807f7d7680) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a5f9208,dead4110dead4110,0,80001804,fffffd806a3f3130,fffffd807f7d7680) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd806a3f3130,4,1804,0,ffff80002a5f9208) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806a3f3130,4,1804,0,ffff80002a5f9208) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a5f9208,ffff80002dae7e30,ffff80002dae7d80) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff80002dae7e30) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x303826e01b0, count: -5 ddb> show registers rdi 0xffff800030f8c000 rsi 0x9f8 rbp 0xffff80002dae7b50 rbx 0xfffffd807f7d7680 rdx 0xffff800030f8c000 rcx 0x9f7 rax 0xffffffff81e196b3 ktrops+0x43 r8 0xfffffd806a3f3130 r9 0xfffffd807f7d7680 r10 0x2295d82c9dd1f4a5 r11 0xc28870e4d779ce1b r12 0xffff80002a5f9208 r13 0xdead4110dead4110 r14 0xdead4110dead4110 r15 0x80001804 __kernel_virt_to_phys+0x1804 rip 0xffffffff81e196bf ktrops+0x4f cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002dae7ad0 ss 0 ktrops+0x4f: movq 0x8(%r14),%r14 ddb> show proc PROC (syz-executor.7) tid=253018 pid=15390 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=17, usrpri=82, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a5f8538,0xffff80002a5f94a8 process=0xffff8000378872c0 user=0xffff80002dae2000, vmspace=0xfffffd806914e820 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 50001 66073 91017 0 2 0x8000000 syz-executor.3 50001 10781 91017 0 3 0xc000080 fsleep syz-executor.3 62690 229127 32852 0 2 0x8000000 syz-executor.1 62690 473625 32852 0 3 0xc000080 fsleep syz-executor.1 60202 196365 97869 0 2 0x8000000 syz-executor.4 60202 260348 97869 0 2 0xc000000 syz-executor.4 42697 158403 88296 0 2 0x8000000 syz-executor.6 42697 117524 88296 0 3 0xc000080 bell syz-executor.6 15390 19458 36522 0 2 0x8000000 syz-executor.7 *15390 253018 36522 0 7 0xc000000 syz-executor.7 48285 69788 20080 0 2 0x8000000 syz-executor.5 48285 78286 20080 0 3 0xc000080 fsleep syz-executor.5 20080 405771 2470 0 3 0x8000082 nanoslp syz-executor.5 25565 175430 2470 0 2 0x8000002 syz-executor.0 91017 479746 2470 0 3 0x8000082 nanoslp syz-executor.3 32852 388119 2470 0 3 0x8000082 nanoslp syz-executor.1 48101 419838 0 0 3 0x14200 bored sosplice 97869 69996 2470 0 3 0x8000082 nanoslp syz-executor.4 36522 139887 2470 0 3 0x8000082 nanoslp syz-executor.7 88296 123210 2470 0 3 0x8000082 nanoslp syz-executor.6 64071 356111 2470 0 3 0x8000082 nanoslp syz-executor.2 2470 231048 26878 0 3 0x1a000082 thrsleep syz-fuzzer 2470 318816 26878 0 3 0x1e000082 thrsleep syz-fuzzer 2470 160738 26878 0 3 0x1e000082 wait syz-fuzzer 2470 469228 26878 0 3 0x1e000082 wait syz-fuzzer 2470 75906 26878 0 3 0x1e000082 wait syz-fuzzer 2470 362280 26878 0 3 0x1e000082 thrsleep syz-fuzzer 2470 364498 26878 0 3 0x1e000082 wait syz-fuzzer 2470 26623 26878 0 3 0x1e000082 wait syz-fuzzer 2470 292952 26878 0 3 0x1e000082 wait syz-fuzzer 2470 521498 26878 0 3 0x1e000082 wait syz-fuzzer 2470 501366 26878 0 3 0x1e000082 thrsleep syz-fuzzer 2470 127896 26878 0 3 0x1e000082 wait syz-fuzzer 2470 94414 26878 0 3 0x1e000082 kqread syz-fuzzer 2470 179851 26878 0 3 0x1e000082 thrsleep syz-fuzzer 26878 25860 96245 0 3 0x810008a sigsusp ksh 96245 416152 71564 0 3 0x1800009a kqread sshd 60192 357595 1 0 3 0x18100083 ttyin getty 71564 233282 1 0 3 0x18000088 kqread sshd 65121 479995 47619 73 3 0x19100090 kqread syslogd 47619 240346 1 0 3 0x18100082 sbwait syslogd 86067 156626 1 0 3 0x18100080 kqread resolvd 51119 494334 19533 77 3 0x18100092 kqread dhcpleased 54955 144783 19533 77 3 0x18100092 kqread dhcpleased 19533 488442 1 0 3 0x18000080 kqread dhcpleased 1503 40816 0 0 3 0x14200 bored smr 22602 213488 0 0 2 0x14200 zerothread 54259 300826 0 0 3 0x14200 aiodoned aiodoned 7162 471289 0 0 3 0x14200 syncer update 70015 138111 0 0 3 0x14200 cleaner cleaner 83180 406617 0 0 3 0x14200 reaper reaper 90906 327248 0 0 3 0x14200 pgdaemon pagedaemon 57686 433857 0 0 3 0x14200 bored viomb 70613 481219 0 0 3 0x40014200 acpi0 acpi0 29533 326189 0 0 3 0x14200 bored softnet3 66089 223819 0 0 3 0x14200 bored softnet2 89690 517856 0 0 3 0x14200 bored softnet1 10773 102893 0 0 3 0x14200 bored softnet0 38310 31628 0 0 3 0x14200 bored systqmp 8726 455068 0 0 3 0x14200 bored systq 13523 269508 0 0 3 0x40014200 tmoslp softclock 85108 143729 0 0 3 0x40014200 idle0 1 137616 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10193 6598K 7046K 166960K 12311 0 pcb 17 12K 12K 166960K 114 0 rtable 205 6K 7K 166960K 518 0 pf 29 8K 9K 166960K 42 0 ifaddr 40 10K 11K 166960K 65 0 ifgroup 50 2K 2K 166960K 73 0 sysctl 2 0K 0K 166960K 3 0 counters 30 17K 17K 166960K 36 0 ioctlops 0 0K 2K 166960K 54 0 iov 0 0K 16K 166960K 27 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1402 88K 88K 166960K 1855 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 12 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 44 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 17 61K 77K 166960K 559 0 sigio 0 0K 0K 166960K 7 0 proc 58 59K 83K 166960K 605 0 subproc 104 6K 6K 166960K 156 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 59 0 in_multi 94 6K 7K 166960K 161 0 ether_multi 1 0K 0K 166960K 7 0 mrt 1 0K 0K 166960K 2 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 500 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 279 92K 109K 166960K 6861 0 UVM aobj 22 4K 4K 166960K 23 0 pinsyscall 37 74K 100K 166960K 1788 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 30 0 NDP 11 0K 2K 166960K 41 0 temp 74 6800K 14724K 166960K 13091 0 kqueue 12 18K 28K 166960K 88 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 80 0 77 1 0 1 1 0 8 0 rtentry 112 163 0 69 4 0 4 4 0 8 0 unpcb 144 427 0 414 4 0 4 4 0 8 3 syncache 336 5 0 5 1 0 1 1 0 8 1 tcpcb 808 154 0 148 2 0 2 2 0 8 1 arp 88 27 0 11 1 0 1 1 0 8 0 ipq 40 2 0 1 1 0 1 1 0 8 0 ipqe 40 4 0 3 1 0 1 1 0 8 0 inpcb 352 623 0 613 8 0 8 8 0 8 7 nd6 104 40 0 14 1 0 1 1 0 8 0 pkpcb 40 3 0 3 1 0 1 1 0 8 1 kcovpl 48 12 0 4 1 0 1 1 0 8 0 ppxss 1072 1 0 1 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 648 0 239 29 0 29 29 0 8 1 art_table 32 649 0 239 4 0 4 4 0 8 0 art_node 16 162 0 78 1 0 1 1 0 8 0 sysvmsgpl 40 15 0 10 1 0 1 1 0 8 0 semupl 112 3 0 3 1 0 1 1 0 8 1 semapl 112 38 0 28 1 0 1 1 0 8 0 shmpl 112 20 0 1 1 0 1 1 0 8 0 dirhash 1024 25 0 8 3 0 3 3 0 8 0 dino2pl 256 2319 0 804 96 0 96 96 0 8 0 ffsino 240 2319 0 804 90 0 90 90 0 8 0 nchpl 144 3177 0 1445 67 0 67 67 0 8 1 uvmvnodes 80 2785 0 0 57 0 57 57 0 8 0 vnodes 216 2785 0 0 155 0 155 155 0 8 0 namei 1024 11102 0 11102 3 0 3 3 0 8 3 vcpupl 3904 1 0 0 1 0 1 1 0 8 0 vmpool 664 2 0 1 1 0 1 1 0 8 0 kstatmem 264 34 0 12 2 0 2 2 0 8 0 scsiplug 72 1 0 1 1 0 1 1 0 8 1 scxspl 216 17761 0 17761 8 0 8 8 1 8 8 plimitpl 152 99 0 84 1 0 1 1 0 8 0 sigapl 424 871 0 826 8 0 8 8 0 8 1 futexpl 64 8918 0 8915 1 0 1 1 0 8 0 knotepl 120 10046 0 9964 11 0 11 11 0 8 7 kqueuepl 184 162 0 153 1 0 1 1 0 8 0 pipepl 288 199 0 171 3 0 3 3 0 8 0 fdescpl 432 833 0 805 4 0 4 4 0 8 0 filepl 120 4893 0 4643 12 0 12 12 0 8 3 lockfpl 104 202 0 199 1 0 1 1 0 8 0 lockfspl 48 89 0 86 1 0 1 1 0 8 0 sessionpl 144 27 0 11 1 0 1 1 0 8 0 pgrppl 48 34 0 18 1 0 1 1 0 8 0 ucredpl 104 525 0 515 1 0 1 1 0 8 0 zombiepl 144 827 0 826 1 0 1 1 0 8 0 processpl 1080 871 0 826 5 0 5 5 0 8 0 procpl 656 1353 0 1289 8 0 8 8 0 8 1 sosppl 168 2 0 2 1 0 1 1 0 8 1 sockpl 504 1136 0 1110 13 2 11 13 0 8 7 mcl64k 65536 32 0 32 1 0 1 1 0 8 1 mcl16k 16384 11 0 11 1 0 1 1 0 8 1 mcl12k 12288 6 0 6 1 0 1 1 0 8 1 mcl9k 9216 3 0 3 1 0 1 1 0 8 1 mcl8k 8192 35 0 35 1 0 1 1 0 8 1 mcl4k 4096 14 0 14 1 0 1 1 0 8 1 mcl2k2 2112 2 0 2 1 0 1 1 0 8 1 mcl2k 2048 16285 0 16196 45 25 20 42 0 8 8 mtagpl 96 14 0 8 1 0 1 1 0 8 0 mbufpl 256 30030 0 29836 24 7 17 22 0 8 0 bufpl 280 6417 0 185 446 0 446 446 0 8 0 anonpl 24 228998 0 223082 64 0 64 64 0 188 22 amapchunkpl 152 24134 0 23461 38 0 38 38 0 158 12 amappl16 200 4894 0 4775 19 3 16 19 0 8 8 amappl15 192 9 0 9 1 0 1 1 0 8 1 amappl14 184 163 0 153 2 0 2 2 0 8 1 amappl13 176 11 0 10 1 0 1 1 0 8 0 amappl12 168 1513 0 1485 2 0 2 2 0 8 0 amappl11 160 64 0 46 1 0 1 1 0 8 0 amappl10 152 64 0 62 1 0 1 1 0 8 0 amappl9 144 124 0 124 1 0 1 1 0 8 1 amappl8 136 117 0 88 2 0 2 2 0 8 0 amappl7 128 41 0 32 1 0 1 1 0 8 0 amappl6 120 373 0 360 2 0 2 2 0 8 1 amappl5 112 179 0 167 1 0 1 1 0 8 0 amappl4 104 578 0 549 2 0 2 2 0 8 1 amappl3 96 5381 0 5298 3 0 3 3 0 8 0 amappl2 88 1289 0 1217 3 0 3 3 0 8 1 amappl1 80 11003 0 10506 22 2 20 22 0 8 8 amappl 88 6281 0 6090 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 22 0 1 1 0 1 1 0 8 0 uaddrrnd 24 835 0 806 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 835 0 806 1 0 1 1 0 8 0 vmmpekpl 168 10817 0 10760 3 0 3 3 0 8 0 vmmpepl 168 71705 0 69847 112 0 112 112 0 357 29 vmsppl 344 834 0 806 3 0 3 3 0 8 0 rwobjpl 24 26590 0 22739 24 0 24 24 0 8 0 pdppl 4096 1676 0 1613 107 42 65 70 0 8 2 pvpl 32 541817 0 529824 357 10 347 357 0 265 234 pmappl 216 834 0 806 2 0 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 424 0 76 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ktrops(ffff80002a5f9208,dead4110dead4110,0,80001804,fffffd806a3f3130,fffffd807f7d7680) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a5f9208,dead4110dead4110,0,80001804,fffffd806a3f3130,fffffd807f7d7680) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd806a3f3130,4,1804,0,ffff80002a5f9208) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806a3f3130,4,1804,0,ffff80002a5f9208) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a5f9208,ffff80002dae7e30,ffff80002dae7d80) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff80002dae7e30) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x303826e01b0, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ktrops(ffff80002a5f9208,dead4110dead4110,0,80001804,fffffd806a3f3130,fffffd807f7d7680) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a5f9208,dead4110dead4110,0,80001804,fffffd806a3f3130,fffffd807f7d7680) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd806a3f3130,4,1804,0,ffff80002a5f9208) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd806a3f3130,4,1804,0,ffff80002a5f9208) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a5f9208,ffff80002dae7e30,ffff80002dae7d80) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff80002dae7e30) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x303826e01b0, count: -5