kernel: protection fault trap, code=0 Stopped at sys_msgrcv+0x3f2: movq 0x10(%r13),%rdi ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_msgrcv(ffff80002a8d67f0,ffff80002a86ba20,ffff80002a86b970) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a8d67f0,ffff80002a86ba20,ffff80002a86b970) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80002a86ba20) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a86ba20) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x456b18f21e0, count: -3 ddb> show registers rdi 0 rsi 0x200000001208 rbp 0xffff80002a86b940 rbx 0 rdx 0xffff8000014a8680 rcx 0 rax 0xa r8 0x7f7fffffc000 r9 0 r10 0x66331707d3642c04 r11 0xc21ada84d195c2ad r12 0xfffffd806bf1ac08 r13 0xdead4110dead4110 r14 0xffff8000015a5800 r15 0xa rip 0xffffffff825ec2b2 sys_msgrcv+0x3f2 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff80002a86b8a0 ss 0x10 sys_msgrcv+0x3f2: movq 0x10(%r13),%rdi ddb> show proc PROC (syz-executor) tid=340345 pid=86991 tcnt=5 stat=onproc flags process=0 proc=4000000 runpri=36, usrpri=84, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a8d6560,0xffff80002a8d7240 process=0xffff80002fd1a018 user=0xffff80002a866000, vmspace=0xfffffd807a92f2e8 estcpu=34, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 40889 428898 92183 0 2 0 syz-executor 40889 167901 92183 0 3 0x4000080 sbwait syz-executor 52930 395530 22189 0 2 0 syz-executor 52930 395004 22189 0 3 0x4000080 fsleep syz-executor 52930 299822 22189 0 3 0x4000080 fsleep syz-executor 84355 33326 12548 0 2 0 syz-executor 84355 364055 12548 0 3 0x4000080 fsleep syz-executor 69895 447326 22453 0 2 0 syz-executor 34321 505111 59749 0 2 0 syz-executor 34321 213999 59749 0 3 0x4000080 fsleep syz-executor 34321 45693 59749 0 2 0x4000000 syz-executor 40811 315191 80949 0 2 0 syz-executor 40811 186768 80949 0 2 0x4000000 syz-executor 40811 130537 80949 0 3 0x4000080 fsleep syz-executor 86991 449043 99077 0 2 0 syz-executor *86991 340345 99077 0 7 0x4000000 syz-executor 86991 37017 99077 0 3 0x4000080 fsleep syz-executor 86991 498166 99077 0 3 0x4000080 fsleep syz-executor 86991 111331 99077 0 2 0x4000000 syz-executor 20095 501006 87483 0 3 0x82 nanoslp syz-executor 22189 361506 87483 0 3 0x82 nanoslp syz-executor 99077 245131 87483 0 3 0x82 nanoslp syz-executor 40283 98764 1 0 3 0x100083 ttyopn getty 26467 466353 0 0 3 0x14280 nfsidl nfsio 11112 492381 0 0 3 0x14280 nfsidl nfsio 18157 114245 0 0 3 0x14280 nfsidl nfsio 29494 497618 0 0 3 0x14280 nfsidl nfsio 68074 109896 0 0 3 0x14280 nfsidl nfsio 731 54468 0 0 3 0x14280 nfsidl nfsio 78848 139885 0 0 3 0x14280 nfsidl nfsio 78647 518172 0 0 3 0x14280 nfsidl nfsio 78058 33683 0 0 3 0x14280 nfsidl nfsio 99627 328714 0 0 3 0x14280 nfsidl nfsio 21688 128864 0 0 3 0x14280 nfsidl nfsio 26563 42003 0 0 3 0x14280 nfsidl nfsio 37411 105336 0 0 3 0x14280 nfsidl nfsio 20373 202087 0 0 3 0x14280 nfsidl nfsio 9836 337372 0 0 3 0x14280 nfsidl nfsio 8444 18983 0 0 3 0x14280 nfsidl nfsio 92399 337021 0 0 3 0x14280 nfsidl nfsio 91336 18405 0 0 3 0x14280 nfsidl nfsio 48955 523011 0 0 3 0x14280 nfsidl nfsio 99676 423797 0 0 3 0x14280 nfsidl nfsio 12548 115686 87483 0 3 0x82 nanoslp syz-executor 17671 221914 0 0 3 0x14200 bored sosplice 80949 74123 87483 0 3 0x82 nanoslp syz-executor 59749 113430 87483 0 3 0x82 nanoslp syz-executor 92183 341176 87483 0 3 0x82 nanoslp syz-executor 22453 44068 87483 0 3 0x82 nanoslp syz-executor 87483 201788 50011 0 3 0x82 kqread syz-executor 50011 343359 88598 0 3 0x10008a sigsusp ksh 88598 77356 47387 0 3 0x98 kqread sshd-session 47387 57426 82493 0 3 0x92 kqread sshd-session 82493 27072 1 0 3 0x88 kqread sshd 33071 114559 97815 73 3 0x1100090 kqread syslogd 97815 363186 1 0 3 0x100082 sbwait syslogd 78206 335212 1 0 3 0x100080 kqread resolvd 60097 256799 49098 77 3 0x100092 kqread dhcpleased 88005 409768 49098 77 3 0x100092 kqread dhcpleased 49098 74874 1 0 3 0x80 kqread dhcpleased 33825 333357 0 0 3 0x14200 bored smr 55553 75396 0 0 2 0x14200 zerothread 30869 18484 0 0 3 0x14200 aiodoned aiodoned 7537 235051 0 0 3 0x14200 syncer update 37154 64853 0 0 3 0x14200 cleaner cleaner 23552 327763 0 0 3 0x14200 reaper reaper 49135 109926 0 0 3 0x14200 pgdaemon pagedaemon 59007 331701 0 0 3 0x14200 bored viomb 68982 139600 0 0 3 0x40014200 acpi0 acpi0 61114 49277 0 0 3 0x14200 bored softnet7 70321 491695 0 0 3 0x14200 bored softnet6 47205 361721 0 0 3 0x14200 bored softnet5 88299 66230 0 0 3 0x14200 bored softnet4 78854 462138 0 0 3 0x14200 bored softnet3 63060 119413 0 0 3 0x14200 bored softnet2 44422 327704 0 0 3 0x14200 bored softnet1 98335 73919 0 0 3 0x14200 bored softnet0 51354 222399 0 0 3 0x14200 bored systqmp 46959 23677 0 0 3 0x14200 bored systq 32931 377415 0 0 3 0x40014200 tmoslp softclock 79171 334269 0 0 3 0x40014200 idle0 1 246646 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10206 11075K 11771K 166960K 15020 0 pcb 17 16K 18K 166960K 477 0 rtable 260 10K 11K 166960K 675 0 pf 40 15K 131086K 166960K 210 0 ifaddr 45 8K 9K 166960K 153 0 ifgroup 58 2K 2K 166960K 231 0 sysctl 4 1K 9K 166960K 30 0 counters 34 18K 18K 166960K 122 0 ioctlops 0 0K 4K 166960K 376 0 iov 1 2K 16K 166960K 152 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1492 94K 94K 166960K 3695 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 10K 166960K 35 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 313 0 dirhash 12 2K 2K 166960K 36 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 240K 166960K 1952 0 sigio 0 0K 0K 166960K 19 0 proc 63 67K 100K 166960K 833 0 subproc 72 4K 4K 166960K 126 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 362 0 in_multi 105 7K 7K 166960K 243 0 ether_multi 1 0K 0K 166960K 17 0 mrt 1 0K 0K 166960K 21 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 103 466K 466K 166960K 103 0 exec 0 0K 1K 166960K 703 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 226 143K 173K 166960K 19553 0 UVM aobj 30 2K 3K 166960K 34 0 pinsyscall 39 78K 92K 166960K 3181 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 94 0 NDP 13 0K 1K 166960K 108 0 temp 76 8675K 8745K 166960K 47915 0 kqueue 13 20K 32K 166960K 327 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 170 0 167 1 0 1 1 0 8 0 rtentry 136 241 0 136 4 0 4 4 0 8 0 unpcb 144 1805 0 1784 11 5 6 6 0 8 5 syncache 336 22 0 22 4 3 1 1 0 8 1 tcpqe 32 18 0 18 3 2 1 1 0 8 1 tcpcb 736 678 0 665 9 1 8 8 0 8 5 arp 88 27 0 15 1 0 1 1 0 8 0 ipq 40 9 0 7 1 0 1 1 0 8 0 ipqe 40 13 0 11 1 0 1 1 0 8 0 inpcb 328 2085 0 2069 20 12 8 8 0 8 5 ip6q 72 6 0 6 1 0 1 1 0 8 1 ip6af 40 8 0 8 1 0 1 1 0 8 1 nd6 104 69 0 31 1 0 1 1 0 8 0 pkpcb 40 13 0 13 2 1 1 1 0 8 1 kcovpl 48 14 0 6 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 0 1 1 0 8 1 ppxss 1072 72 0 72 3 2 1 1 0 8 1 pppxif 1384 6 0 6 2 1 1 1 0 8 1 pfstscr 40 3 0 3 3 2 1 1 0 8 1 pfrktable 1344 6 0 6 2 1 1 1 0 8 1 pfanchor 1288 1 0 1 1 1 0 1 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfqueue 320 2 0 2 2 1 1 1 0 8 1 pfstitem 24 5 0 0 1 0 1 1 0 8 0 pfstkey 128 13 0 9 2 1 1 1 0 8 0 pfstate 384 7 0 4 2 1 1 1 0 8 0 pfrule 1344 12 0 11 2 1 1 1 0 8 0 rttmr 136 6 0 6 2 1 1 1 0 8 1 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 1320 0 599 48 2 46 46 0 8 0 art_table 40 1322 0 599 8 0 8 8 0 8 0 art_node 32 239 0 144 1 0 1 1 0 8 0 sysvmsgpl 40 20 0 10 1 0 1 1 0 8 0 semapl 112 245 0 235 1 0 1 1 0 8 0 shmpl 112 31 0 4 1 0 1 1 0 8 0 dirhash 1024 33 0 16 3 0 3 3 0 8 0 dino2pl 256 5143 0 3641 95 0 95 95 0 8 0 ffsino 256 5143 0 3641 95 0 95 95 0 8 0 nchpl 144 7772 0 6067 64 0 64 64 0 8 0 rtmask 32 9 0 9 2 1 1 1 0 8 1 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 28062 0 28061 6 4 2 2 0 8 1 pfiaddrpl 120 1 0 1 1 1 0 1 0 8 0 kstatmem 264 158 0 132 6 3 3 3 0 8 1 scsiplug 72 19 0 19 3 2 1 1 0 8 1 scxspl 216 25093 0 25093 10 8 2 8 1 8 2 plimitpl 152 959 0 943 1 0 1 1 0 8 0 sigapl 424 2216 0 2145 10 1 9 9 0 8 0 knotepl 120 76494 0 76446 33 22 11 15 0 8 5 kqueuepl 184 665 0 655 6 2 4 4 0 8 3 pipepl 304 390 0 363 8 0 8 8 0 8 5 fdescpl 448 2171 0 2141 4 0 4 4 0 8 0 filepl 120 16044 0 15758 22 8 14 15 0 8 5 lockfpl 104 1546 0 1543 2 0 2 2 0 8 1 lockfspl 48 666 0 663 1 0 1 1 0 8 0 sessionpl 144 46 0 38 1 0 1 1 0 8 0 pgrppl 48 85 0 69 1 0 1 1 0 8 0 ucredpl 104 3147 0 3135 1 0 1 1 0 8 0 zombiepl 144 3259 0 3258 3 2 1 1 0 8 0 processpl 1168 2216 0 2145 6 0 6 6 0 8 0 procpl 656 5409 0 5326 10 1 9 9 0 8 1 sosppl 168 10 0 10 4 3 1 1 0 8 1 sockpl 552 4119 0 4079 32 19 13 17 0 8 8 mcl64k 65536 143 0 142 4 3 1 1 0 8 0 mcl16k 16384 5 0 5 1 0 1 1 0 8 1 mcl12k 12288 4 0 4 1 0 1 1 0 8 1 mcl9k 9216 4 0 4 2 1 1 1 0 8 1 mcl8k 8192 61 0 61 4 3 1 1 0 8 1 mcl4k 4096 5053 0 5001 16 8 8 14 0 8 1 mcl2k 2048 2979 0 2971 4 0 4 4 0 8 2 mtagpl 96 63 0 36 1 0 1 1 0 8 0 mbufpl 256 24202 0 24031 24 10 14 18 0 8 0 bufpl 280 7564 0 1337 446 0 446 446 0 8 0 anonpl 24 285108 0 281807 61 11 50 50 0 187 17 amapchunkpl 152 64145 0 63662 41 8 33 33 0 158 12 amappl16 200 5130 0 5094 21 7 14 15 0 8 8 amappl15 192 2 0 2 1 1 0 1 0 8 0 amappl14 184 152 0 142 1 0 1 1 0 8 0 amappl13 176 7 0 7 2 1 1 1 0 8 1 amappl12 168 2931 0 2901 2 0 2 2 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 7 0 6 2 1 1 1 0 8 0 amappl9 144 237 0 237 1 1 0 1 0 8 0 amappl8 136 29 0 28 1 0 1 1 0 8 0 amappl7 128 172 0 162 1 0 1 1 0 8 0 amappl6 120 250 0 246 1 0 1 1 0 8 0 amappl5 112 145 0 137 1 0 1 1 0 8 0 amappl4 104 352 0 337 1 0 1 1 0 8 0 amappl3 96 13366 0 13254 6 2 4 4 0 8 0 amappl2 88 853 0 795 2 0 2 2 0 8 0 amappl1 80 19209 0 18654 19 2 17 17 0 8 2 amappl 88 18399 0 18237 5 0 5 5 0 92 0 dma32768 32768 1 0 1 1 1 0 1 0 8 0 dma16384 16384 2 0 2 1 0 1 1 0 8 1 dma4096 4096 2 0 2 2 1 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 1 1 1 0 8 1 dma128 128 258 0 258 2 1 1 1 0 8 1 dma64 64 9 0 9 3 2 1 1 0 8 1 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 33 0 4 1 0 1 1 0 8 0 uaddrrnd 24 2171 0 2141 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2171 0 2141 1 0 1 1 0 8 0 vmmpekpl 168 20037 0 19986 3 0 3 3 0 8 0 vmmpepl 168 143658 0 141715 117 11 106 106 0 357 18 vmsppl 368 2170 0 2141 4 1 3 4 0 8 0 rwobjpl 40 44666 0 37848 70 0 70 70 0 8 0 pdppl 4096 4348 0 4282 128 62 66 76 0 8 0 pvpl 32 879715 0 870675 156 33 123 123 0 265 26 pmappl 216 2170 0 2141 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 465 0 100 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_msgrcv(ffff80002a8d67f0,ffff80002a86ba20,ffff80002a86b970) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a8d67f0,ffff80002a86ba20,ffff80002a86b970) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80002a86ba20) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a86ba20) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x456b18f21e0, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_msgrcv(ffff80002a8d67f0,ffff80002a86ba20,ffff80002a86b970) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a8d67f0,ffff80002a86ba20,ffff80002a86b970) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80002a86ba20) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a86ba20) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x456b18f21e0, count: -3