kernel: protection fault trap, code=0 Stopped at lf_advlock+762: incl 40(%r12) ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace lf_advlock(ffff80000155a1a0,0,fffffd805afbba88,8,ffff80002a3c0178,30) at lf_advlock+762 VOP_ADVLOCK(fffffd8076decc08,fffffd805afbba88,8,ffff80002a3c0178,30) at VOP_ADVLOCK+135 sys_flock(ffff80002a26ea78,ffff80002a3c02c0,ffff80002a3c0210) at sys_flock+661 syscall(ffff80002a3c02c0) at syscall+3028 Xsyscall() at Xsyscall+296 end of kernel end trace frame: 0x35087077ef0, count: -5 ddb{0}> show registers rdi 18446603336933969920 rsi 6000 __ALIGN_SIZE+1904 rbp 18446603336929771712 rbx 0 rdx 18446603336933969920 rcx 5999 __ALIGN_SIZE+1903 rax 18446744071595723630 witness_assert+1262 r8 160 r9 0 r10 6451175333961184702 r11 8522563229546085514 r12 16045552588102123792 r13 8 r14 18446603336929771896 r15 1 rip 18446744071608720922 lf_advlock+762 cs 8 rflags 66118 __ALIGN_SIZE+62022 rsp 18446603336929771568 ss 16 lf_advlock+762: incl 40(%r12) ddb{0}> show proc PROC (syz-executor) tid=252763 pid=71533 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a26e548,0xffff80002a2acfd8 process=0xffff8000ffff6688 user=0xffff80002a3bb000, vmspace=0xfffffd806f6091f0 estcpu=34, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 3359 302771 18041 0 2 0 syz-executor 3359 236853 18041 0 2 0x4000000 syz-executor 3359 344517 18041 0 3 0x4000080 fsleep syz-executor 3359 45119 18041 0 2 0x4000000 syz-executor 50788 12382 23641 0 2 0 syz-executor 50788 75953 23641 0 2 0x4000000 syz-executor 71533 340115 86356 0 3 0x80 nanoslp syz-executor *71533 252763 86356 0 7 0x4000000 syz-executor 39710 38608 31440 0 3 0 inode syz-executor 39710 25842 31440 0 2 0x4000000 syz-executor 39710 257205 31440 0 2 0x4000000 syz-executor 39710 155664 31440 0 3 0x4000080 fsleep syz-executor 83021 367819 4380 0 2 0x2 syz-executor 73784 446471 77659 0 3 0x3000 suspend syz-executor 73784 356919 77659 0 2 0x4081000 syz-executor 73784 504457 77659 0 3 0x4081000 inode syz-executor 73784 267553 77659 0 3 0x4081000 inode syz-executor 49109 485814 0 0 3 0x14200 acct acct 81020 152123 1 0 3 0x100083 ttyin getty 15717 448544 4380 0 2 0x3 syz-executor 18041 57974 4380 0 2 0x3 syz-executor 23641 73471 4380 0 2 0x3 syz-executor 64921 19730 4380 0 2 0x3 syz-executor 77659 227609 4380 0 2 0x3 syz-executor 59314 18425 0 0 3 0x14280 nfsidl nfsio 91323 457449 0 0 3 0x14280 nfsidl nfsio 26554 361629 0 0 3 0x14280 nfsidl nfsio 30827 493640 0 0 3 0x14280 nfsidl nfsio 53464 350752 69105 0 3 0x100082 sbwait ndp 69105 411662 1 0 3 0x10008a sigsusp sh 31440 221349 4380 0 2 0x3 syz-executor 86356 110164 4380 0 2 0x3 syz-executor 4380 438843 50255 0 2 0x2 syz-executor 50255 213810 75573 0 3 0x10008a sigsusp ksh 75573 166104 35652 0 3 0x98 kqread sshd-session 35652 287851 52747 0 3 0x92 kqread sshd-session 52747 164017 1 0 3 0x88 kqread sshd 74399 478838 3094 74 3 0x1100092 bpf pflogd 3094 200191 1 0 3 0x80 sbwait pflogd 33779 308147 81532 73 3 0x1100090 kqread syslogd 81532 489390 1 0 3 0x100082 sbwait syslogd 17758 412183 1 0 3 0x100080 kqread resolvd 64984 47980 22295 77 3 0x100092 kqread dhcpleased 18110 243415 22295 77 3 0x100092 kqread dhcpleased 22295 55039 1 0 3 0x80 kqread dhcpleased 10830 429209 0 0 3 0x14200 bored smr 79523 459304 0 0 2 0x14200 zerothread 80950 200260 0 0 3 0x14200 aiodoned aiodoned 9314 186953 0 0 3 0x14200 syncer update 30258 456304 0 0 3 0x14200 cleaner cleaner 55583 200204 0 0 2 0x14200 reaper 18838 4729 0 0 3 0x14200 pgdaemon pagedaemon 96753 220857 0 0 3 0x14200 bored viomb 55891 133941 0 0 3 0x40014200 acpi0 acpi0 41576 431069 0 0 7 0x40014200 idle1 39594 228899 0 0 3 0x14200 bored softnet1 47731 457394 0 0 3 0x14200 bored softnet0 83941 403612 0 0 3 0x14200 bored systqmp 22604 331100 0 0 3 0x14200 bored systq 33217 264426 0 0 3 0x14200 tmoslp softclockmp 46321 385603 0 0 3 0x40014200 tmoslp softclock 90847 50547 0 0 3 0x40014200 idle0 1 516074 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks Process 3359 (syz-executor) thread 0xffff80002a26f770 (236853) exclusive rrwlock inode r = 0 (0xfffffd806f7ddb48) #0 witness_lock+1521 #1 rw_do_enter_write+1049 #2 rrw_enter+198 #3 VOP_LOCK+189 #4 vn_lock+164 #5 vget+674 #6 cache_lookup+849 #7 ufs_lookup+483 #8 VOP_LOOKUP+110 #9 vfs_lookup+2362 #10 namei+1994 #11 vn_open+346 #12 doopenat+859 #13 syscall+3028 #14 Xsyscall+296 Process 3359 (syz-executor) thread 0xffff80002a322fc0 (45119) exclusive rwlock vmmaplk r = 0 (0xfffffd806c98a4e8) #0 witness_lock+1521 #1 rw_do_enter_read+1000 #2 uvmfault_lookup+290 #3 uvm_fault_check+79 #4 uvm_fault+262 #5 upageflttrap+169 #6 usertrap+1071 #7 recall_trap+8 Process 50788 (syz-executor) thread 0xffff80002a26f240 (75953) exclusive rwlock fdlock r = 0 (0xffff8000fffee280) #0 witness_lock+1521 #1 rw_do_enter_write+1049 #2 ptmioctl+316 #3 VOP_IOCTL+172 #4 vn_ioctl+248 #5 sys_ioctl+1652 #6 syscall+3028 #7 Xsyscall+296 Process 71533 (syz-executor) thread 0xffff80002a26ea78 (252763) exclusive rwlock lockflk r = 0 (0xffffffff83879748) #0 witness_lock+1521 #1 rw_do_enter_write+1049 #2 lf_advlock+551 #3 VOP_ADVLOCK+135 #4 sys_flock+661 #5 syscall+3028 #6 Xsyscall+296 Process 39710 (syz-executor) thread 0xffff80002a322560 (25842) exclusive rrwlock inode r = 0 (0xfffffd806ea0bc90) #0 witness_lock+1521 #1 rw_do_enter_write+1049 #2 rrw_enter+198 #3 VOP_LOCK+189 #4 vn_lock+164 #5 vn_write+399 #6 dofilewritev+578 #7 sys_write+162 #8 syscall+3028 #9 Xsyscall+296 Process 83021 (syz-executor) thread 0xffff80002a2ac800 (367819) exclusive rrwlock inode r = 0 (0xfffffd806f10c128) #0 witness_lock+1521 #1 rw_do_enter_write+1049 #2 rrw_enter+198 #3 VOP_LOCK+189 #4 vn_lock+164 #5 vget+674 #6 cache_lookup+849 #7 ufs_lookup+483 #8 VOP_LOOKUP+110 #9 vfs_lookup+2362 #10 namei+1994 #11 vn_open+346 #12 doopenat+859 #13 syscall+3028 #14 Xsyscall+296 Process 73784 (syz-executor) thread 0xffff80002a3227f8 (356919) exclusive rwlock vmmaplk r = 0 (0xfffffd800d7f7aa8) #0 witness_lock+1521 #1 rw_do_enter_read+1000 #2 uvmfault_lookup+290 #3 uvm_fault_check+79 #4 uvm_fault+262 #5 kpageflttrap+756 #6 kerntrap+412 #7 alltraps_kern_meltdown+123 #8 _copyin+91 #9 ffs_write+1897 #10 VOP_WRITE+257 #11 vn_write+467 #12 dofilewritev+578 #13 sys_write+162 #14 syscall+3028 #15 Xsyscall+296 exclusive rrwlock inode r = 0 (0xfffffd805f120a30) #0 witness_lock+1521 #1 rw_do_enter_write+1049 #2 rrw_enter+198 #3 VOP_LOCK+189 #4 vn_lock+164 #5 vn_write+399 #6 dofilewritev+578 #7 sys_write+162 #8 syscall+3028 #9 Xsyscall+296 Process 73784 (syz-executor) thread 0xffff80002a2ac568 (504457) exclusive rrwlock inode r = 0 (0xfffffd806c6efb48) #0 witness_lock+1521 #1 rw_do_enter_write+1049 #2 rrw_enter+198 #3 VOP_LOCK+189 #4 vn_lock+164 #5 vfs_lookup+284 #6 namei+1994 #7 dofchmodat+354 #8 syscall+2839 #9 Xsyscall+296 Process 55583 (reaper) thread 0xffff8000ffffdc90 (200204) exclusive rwlock kmmaplk r = 0 (0xffffffff8390ff48) #0 witness_lock+1521 #1 rw_do_enter_write+1049 #2 vm_map_lock_ln+302 #3 uvm_unmap+125 #4 km_free+135 #5 uvm_uarea_free+79 #6 reaper+458 #7 proc_trampoline+16 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11101 12102K 14110K 166960K 16083 0 pcb 17 15K 17K 166960K 879 0 rtable 195 15K 16K 166960K 1123 0 pf 36 18K 81K 166960K 281 0 ifaddr 31 5K 8K 166960K 227 0 ifgroup 51 2K 3K 166960K 379 0 sysctl 4 1K 9K 166960K 21 0 counters 68 36K 38K 166960K 590 0 ioctlops 0 0K 4K 166960K 2083 0 iov 0 0K 28K 166960K 197 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1595 100K 101K 166960K 4212 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 5K 166960K 16 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 156 0 dirhash 12 2K 2K 166960K 51 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 248K 166960K 2846 0 sigio 0 0K 0K 166960K 51 0 proc 72 115K 164K 166960K 1183 0 subproc 79 4K 5K 166960K 198 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 375 0 in_multi 52 3K 7K 166960K 330 0 ether_multi 1 0K 0K 166960K 18 0 mrt 2 0K 0K 166960K 11 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 259 1155K 1155K 166960K 259 0 exec 0 0K 1K 166960K 1019 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 6 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 256 162K 180K 166960K 27463 0 UVM aobj 67 14K 16K 166960K 71 0 pinsyscall 43 86K 104K 166960K 4251 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 261 0 NDP 11 0K 1K 166960K 159 0 temp 78 8680K 8762K 166960K 156701 0 kqueue 13 20K 28K 166960K 512 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 384 0 380 4 3 1 3 0 8 0 rtentry 176 346 0 282 6 2 4 6 0 8 0 unpcb 144 2417 0 2400 35 33 2 6 0 8 1 syncache 336 8 0 8 3 3 0 1 0 8 0 tcpqe 32 8 0 8 2 2 0 1 0 8 0 tcpcb 736 919 0 915 29 28 1 7 0 8 0 arp 136 52 0 39 1 0 1 1 0 8 0 inpcb 328 3604 0 3595 57 48 9 12 0 8 7 nd6 152 64 0 50 1 0 1 1 0 8 0 pkpcb 40 22 0 22 9 8 1 1 0 8 1 kcovpl 48 21 0 13 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 1 0 1 0 8 0 ppxss 1192 216 0 216 8 7 1 1 0 8 1 pppxif 1504 20 0 20 10 9 1 1 0 8 1 pffrag 232 62 0 57 1 0 1 1 0 482 0 pffrnode 88 54 0 50 1 0 1 1 0 8 0 pffrent 40 174 0 167 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 2 0 2 1 1 0 1 0 8 0 pfstitem 24 4 0 0 1 0 1 1 0 8 0 pfstkey 128 4 0 2 1 0 1 1 0 8 0 pfstate 448 2 0 0 1 0 1 1 0 8 0 art_heap8 4096 5 0 0 5 0 5 5 0 8 0 art_heap4 256 1271 0 1001 40 17 23 29 0 8 0 art_table 40 1276 0 1001 5 1 4 5 0 8 0 art_node 32 345 0 289 1 0 1 1 0 8 0 sysvmsgpl 40 53 0 51 5 4 1 1 0 8 0 semupl 112 5 0 5 3 2 1 1 0 8 1 semapl 112 151 0 141 1 0 1 1 0 8 0 shmpl 112 58 0 0 2 0 2 2 0 8 0 dirhash 1024 44 0 27 3 0 3 3 0 8 0 dino2pl 256 6675 0 5142 98 1 97 97 0 8 0 ffsino 296 6675 0 5142 119 0 119 119 0 8 0 nchpl 144 10593 0 8858 66 1 65 65 0 8 0 rtmask 32 16 0 16 6 6 0 1 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 37373 0 37370 10 9 1 3 0 8 0 percpumem 16 310 0 261 1 0 1 1 0 8 0 vcpupl 3968 6 0 0 1 0 1 1 0 8 0 vmpool 848 10 0 4 1 0 1 1 0 8 0 kstatmem 264 242 0 216 3 0 3 3 0 8 0 scsiplug 72 13 0 13 7 7 0 1 0 8 0 scxspl 216 77199 0 77199 17 16 1 8 1 8 1 plimitpl 152 745 0 723 1 0 1 1 0 8 0 sigapl 424 3108 0 3055 7 0 7 7 0 8 0 knotepl 120 650 0 0 18 1 17 17 0 8 0 kqueuepl 224 1007 0 998 11 10 1 5 0 8 0 pipepl 344 481 0 451 10 6 4 9 0 8 0 fdescpl 528 3079 0 3048 3 0 3 3 0 8 0 filepl 160 22223 0 21981 57 43 14 21 0 8 1 lockfpl 104 1456 0 1454 5 3 2 2 0 8 1 lockfspl 48 463 0 461 1 0 1 1 0 8 0 sessionpl 144 41 0 32 1 0 1 1 0 8 0 pgrppl 48 95 0 77 1 0 1 1 0 8 0 ucredpl 104 3638 0 3625 1 0 1 1 0 8 0 zombiepl 144 4410 0 4408 2 1 1 1 0 8 0 processpl 1232 3108 0 3055 5 0 5 5 0 8 0 procpl 664 7654 0 7590 8 1 7 7 0 8 0 sosppl 176 23 0 23 10 10 0 1 0 8 0 sockpl 752 6546 0 6516 115 104 11 23 0 8 7 mcl64k 65536 4 0 0 1 0 1 1 0 8 0 mcl16k 16384 4 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 115 0 0 15 0 15 15 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 79 0 0 9 2 7 9 0 8 0 mtagpl 96 48 0 0 2 0 2 2 0 8 0 mbufpl 256 883 0 0 51 0 51 51 0 8 0 bufpl 280 31595 0 25458 439 0 439 439 0 8 0 anonpl 32 16863 0 0 137 1 136 136 0 246 0 amapchunkpl 152 95278 0 94687 66 31 35 35 0 158 8 amappl16 200 12168 0 11993 142 119 23 38 0 8 8 amappl15 192 7 0 6 1 0 1 1 0 8 0 amappl14 184 4 0 4 1 1 0 1 0 8 0 amappl13 176 598 0 596 1 0 1 1 0 8 0 amappl12 168 3524 0 3481 3 0 3 3 0 8 0 amappl11 160 9 0 9 2 2 0 1 0 8 0 amappl10 152 69 0 54 1 0 1 1 0 8 0 amappl9 144 246 0 245 1 0 1 1 0 8 0 amappl8 136 32 0 29 1 0 1 1 0 8 0 amappl7 128 128 0 126 1 0 1 1 0 8 0 amappl6 120 420 0 404 1 0 1 1 0 8 0 amappl5 112 80 0 69 1 0 1 1 0 8 0 amappl4 104 510 0 479 1 0 1 1 0 8 0 amappl3 96 16880 0 16786 5 1 4 4 0 8 0 amappl2 88 3189 0 3110 2 0 2 2 0 8 0 amappl1 80 21856 0 21242 16 1 15 15 0 8 0 amappl 88 26063 0 25890 5 0 5 5 0 92 0 uvmvnodes 80 202 0 0 5 0 5 5 0 8 0 dma16384 16384 2 0 2 2 2 0 1 0 8 0 dma4096 4096 3 0 3 3 3 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 258 0 258 5 5 0 1 0 8 0 dma64 64 10 0 10 4 4 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 70 0 4 2 0 2 2 0 8 0 uaddrrnd 24 3079 0 3048 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 3079 0 3048 1 0 1 1 0 8 0 vmmpekpl 168 23593 0 23534 4 0 4 4 0 8 0 vmmpepl 168 201561 0 199492 177 67 110 117 0 357 10 vmsppl 488 3078 0 3047 5 0 5 5 0 8 0 rwobjpl 80 54825 0 53423 51 14 37 38 0 8 0 pdppl 4096 6185 0 6108 136 57 79 83 0 8 2 pvpl 32 25386 0 0 205 0 205 205 0 265 0 pmappl 256 3088 0 3051 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 415 0 125 9 0 9 9 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace lf_advlock(ffff80000155a1a0,0,fffffd805afbba88,8,ffff80002a3c0178,30) at lf_advlock+762 VOP_ADVLOCK(fffffd8076decc08,fffffd805afbba88,8,ffff80002a3c0178,30) at VOP_ADVLOCK+135 sys_flock(ffff80002a26ea78,ffff80002a3c02c0,ffff80002a3c0210) at sys_flock+661 syscall(ffff80002a3c02c0) at syscall+3028 Xsyscall() at Xsyscall+296 end of kernel end trace frame: 0x35087077ef0, count: -5 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+39: addq $8,%rsp ddb{1}> trace x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+39 x86_ipi_handler() at x86_ipi_handler+217 Xresume_lapic_ipi() at Xresume_lapic_ipi+39 acpicpu_idle() at acpicpu_idle+1111 sched_idle(ffff8000299ddff0) at sched_idle+913 end trace frame: 0x0, count: -5