kernel: integer divide fault trap, code=0 Stopped at rc4_keysetup+0xaf: divl 0xffffffffffffffac(%rbp),%eax ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace rc4_keysetup(ffff80002961c80a,ffff80002961c91c,0) at rc4_keysetup+0xaf sys/crypto/arc4.c:41 pipex_mppe_init(ffff80002961c7d0,ffffdc60,6c59,ffff8000006d1a6c,ffffdc60) at pipex_mppe_init+0x212 sys/net/pipex.c:2319 pipex_init_session(ffff80002619a648,ffff8000006d1800) at pipex_init_session+0x5e1 pipex_session_init_mppe_recv sys/net/pipex.c:2327 [inline] pipex_init_session(ffff80002619a648,ffff8000006d1800) at pipex_init_session+0x5e1 sys/net/pipex.c:385 pppacioctl(4486337,82907003,ffff8000006d1800,1,ffff80002985d7a8) at pppacioctl+0x156 pppac_add_session sys/net/if_pppx.c:1315 [inline] pppacioctl(4486337,82907003,ffff8000006d1800,1,ffff80002985d7a8) at pppacioctl+0x156 sys/net/if_pppx.c:1165 VOP_IOCTL(fffffd807ea83b28,82907003,ffff8000006d1800,1,fffffd807f7d76e8,ffff80002985d7a8) at VOP_IOCTL+0x96 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806c689310,82907003,ffff8000006d1800,ffff80002985d7a8) at vn_ioctl+0xbc sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002985d7a8,ffff80002619a998,ffff80002619a9e0) at sys_ioctl+0x4a2 syscall(ffff80002619aa60) at syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff80002619aa60) at syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd2de1a25340, count: -9 ddb{0}> show registers rdi 0xffff800026209000 rsi 0 rbp 0xffff80002619a4d0 rbx 0 rdx 0 rcx 0 rax 0x1 r8 0x60 r9 0x2f2d33bf r10 0xf29404e17ceff75a r11 0x61de441c27de3467 r12 0xffff80002961c91c r13 0 r14 0xffff80002961c80a r15 0 rip 0xffffffff81d5f83f rc4_keysetup+0xaf cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002619a470 ss 0x10 rc4_keysetup+0xaf: divl 0xffffffffffffffac(%rbp),%eax ddb{0}> show proc PROC (syz-executor.3) pid=225066 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=80, nice=20 forw=0xffffffffffffffff, list=0xffff80002985cd28,0xffff80002985d518 process=0xffff80002e503a50 user=0xffff800026195000, vmspace=0xfffffd8063e395d0 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 73388 192376 6168 0 2 0 syz-executor.1 73388 249404 6168 0 2 0x4000000 syz-executor.1 30701 437739 96922 0 2 0 syz-executor.0 13619 251565 16292 0 2 0 syz-executor.6 13619 181510 16292 0 2 0x4000000 syz-executor.6 36237 500385 86733 0 2 0 syz-executor.3 *36237 225066 86733 0 7 0x4000000 syz-executor.3 20496 362745 88802 0 2 0 syz-executor.5 20496 16841 88802 0 3 0x4000080 fsleep syz-executor.5 76561 244311 28952 0 2 0 syz-executor.2 76561 344502 28952 0 3 0x4000080 fsleep syz-executor.2 98301 276819 8670 0 2 0 syz-executor.4 98301 149197 8670 0 2 0x4000000 syz-executor.4 16292 3877 24689 0 3 0x82 nanoslp syz-executor.6 88802 49127 24689 0 2 0x2 syz-executor.5 36247 431294 24689 0 7 0x2 syz-executor.7 32972 279263 0 0 3 0x14280 nfsidl nfsio 80123 411143 0 0 3 0x14280 nfsidl nfsio 96619 176454 0 0 3 0x14280 nfsidl nfsio 44791 381161 0 0 3 0x14280 nfsidl nfsio 42581 456441 0 0 3 0x14280 nfsidl nfsio 38106 427342 0 0 3 0x14280 nfsidl nfsio 54243 175664 0 0 3 0x14280 nfsidl nfsio 93459 395080 0 0 3 0x14280 nfsidl nfsio 96150 472996 0 0 3 0x14280 nfsidl nfsio 49429 99045 0 0 3 0x14280 nfsidl nfsio 15755 358711 0 0 3 0x14280 nfsidl nfsio 13710 208591 0 0 3 0x14280 nfsidl nfsio 19224 329295 0 0 3 0x14280 nfsidl nfsio 8454 227191 0 0 3 0x14280 nfsidl nfsio 52461 304632 0 0 3 0x14280 nfsidl nfsio 68904 179911 0 0 3 0x14280 nfsidl nfsio 24662 311823 0 0 3 0x14280 nfsidl nfsio 23306 84099 0 0 3 0x14280 nfsidl nfsio 4076 226932 0 0 3 0x14280 nfsidl nfsio 85579 410089 0 0 3 0x14280 nfsidl nfsio 8670 473050 24689 0 3 0x82 nanoslp syz-executor.4 28952 17512 24689 0 3 0x82 nanoslp syz-executor.2 90191 391995 0 0 3 0x14200 bored sosplice 86733 298499 24689 0 2 0x2 syz-executor.3 6168 496186 24689 0 3 0x82 nanoslp syz-executor.1 96922 276749 24689 0 3 0x82 nanoslp syz-executor.0 24689 5068 23791 0 3 0x82 wait syz-fuzzer 24689 336530 23791 0 3 0x4000082 nanoslp syz-fuzzer 24689 80306 23791 0 3 0x4000082 thrsleep syz-fuzzer 24689 514434 23791 0 3 0x4000082 wait syz-fuzzer 24689 230178 23791 0 3 0x4000082 thrsleep syz-fuzzer 24689 347224 23791 0 3 0x4000082 wait syz-fuzzer 24689 190184 23791 0 3 0x4000082 wait syz-fuzzer 24689 111022 23791 0 3 0x4000082 wait syz-fuzzer 24689 341584 23791 0 3 0x4000082 thrsleep syz-fuzzer 24689 174902 23791 0 3 0x4000082 wait syz-fuzzer 24689 215309 23791 0 2 0x4000082 syz-fuzzer 24689 149996 23791 0 3 0x4000082 thrsleep syz-fuzzer 24689 437609 23791 0 3 0x4000082 thrsleep syz-fuzzer 24689 400748 23791 0 2 0x4000082 syz-fuzzer 24689 471340 23791 0 3 0x4000082 wait syz-fuzzer 24689 213977 23791 0 3 0x4000082 wait syz-fuzzer 23791 376427 20159 0 3 0x10008a sigsusp ksh 20159 13248 3231 0 2 0x9a sshd 50047 24277 1 0 3 0x100083 ttyopn getty 3231 5413 1 0 3 0x88 kqread sshd 37607 489936 78401 74 3 0x1100092 bpf pflogd 78401 432905 1 0 3 0x80 netio pflogd 77211 409399 81033 73 2 0x1100010 syslogd 81033 350863 1 0 3 0x100082 netio syslogd 97269 87715 1 0 3 0x100080 kqread resolvd 20872 292121 70333 77 3 0x100092 kqread dhcpleased 27796 197638 70333 77 3 0x100092 kqread dhcpleased 70333 135306 1 0 3 0x80 kqread dhcpleased 348 503343 0 0 3 0x14200 bored smr 51197 75828 0 0 2 0x14200 zerothread 5250 209607 0 0 3 0x14200 aiodoned aiodoned 43807 265620 0 0 3 0x14200 syncer update 29307 441938 0 0 3 0x14200 cleaner cleaner 4405 509385 0 0 3 0x14200 reaper reaper 59968 467399 0 0 3 0x14200 pgdaemon pagedaemon 35929 508375 0 0 3 0x14200 bored viomb 6513 94386 0 0 3 0x40014200 acpi0 acpi0 72534 275461 0 0 3 0x40014200 idle1 48004 470155 0 0 3 0x14200 bored softnet 97275 23943 0 0 3 0x14200 bored softnet 33535 67777 0 0 3 0x14200 bored softnet 8535 389337 0 0 3 0x14200 bored softnet 94913 13162 0 0 3 0x14200 bored systqmp 43850 243815 0 0 3 0x14200 bored systq 17712 70131 0 0 3 0x40014200 bored softclock 84739 173698 0 0 3 0x40014200 idle0 1 24176 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 36237 (syz-executor.3) thread 0xffff80002985d7a8 (225066) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82b80150) #0 witness_lock+0x44d #1 vn_ioctl+0x41 sys/kern/vfs_vnops.c:508 #2 sys_ioctl+0x4a2 #3 syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] #3 syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 #4 Xsyscall+0x128 Process 77211 (syslogd) thread 0xffff8000ffff7510 (409399) exclusive rrwlock inode r = 0 (0xfffffd806e7d2810) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:465 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:518 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:564 #5 sys_fsync+0xf5 sys/kern/vfs_syscalls.c:2935 #6 syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline] #6 syscall+0x435 sys/arch/amd64/amd64/trap.c:585 #7 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10213 6492K 7259K 78643K 19603 0 pcb 13 20K 22K 78643K 854 0 rtable 218 21K 22K 78643K 1082 0 ifaddr 102 20K 21K 78643K 708 0 sysctl 2 0K 0K 78643K 2 0 counters 60 36K 36K 78643K 162 0 ioctlops 1 1K 12K 78643K 10941 0 iov 0 0K 24K 78643K 513 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1336 83K 84K 78643K 4178 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 54 0 VM map 2 1K 1K 78643K 2 0 sem 11 1K 1K 78643K 14 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 17 61K 89K 78643K 8887 0 sigio 0 0K 0K 78643K 102 0 proc 70 91K 128K 78643K 893 0 subproc 104 6K 6K 78643K 201 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 56 0 in_multi 81 5K 7K 78643K 218 0 ether_multi 1 0K 0K 78643K 14 0 mrt 1 0K 0K 78643K 32 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 157 705K 705K 78643K 157 0 exec 0 0K 2K 78643K 1449 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 62K 78643K 8 0 UVM amap 393 408K 984K 78643K 54070 0 UVM aobj 131 4K 4K 78643K 131 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 1974 0 NDP 15 0K 1K 78643K 90 0 temp 140 4726K 5750K 78643K 381352 0 kqueue 12 18K 24K 78643K 328 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 272 0 269 5 4 1 3 0 8 0 rtentry 112 240 0 159 4 0 4 4 0 8 0 unpcb 144 3370 0 3355 46 45 1 6 0 8 0 syncache 296 33 0 33 7 7 0 1 0 8 0 tcpqe 32 44 0 44 5 5 0 1 0 8 0 tcpcb 768 1575 0 1570 60 59 1 11 0 8 0 arp 120 36 0 22 1 0 1 1 0 8 0 inpcb 368 20715 0 20707 176 175 1 20 0 8 0 nd6 48 47 0 28 1 0 1 1 0 8 0 pkpcb 40 11 0 11 3 3 0 1 0 8 0 kcovpl 48 15 0 7 1 0 1 1 0 8 0 mppekey 1024 1 0 0 1 0 1 1 0 8 0 ppxss 1256 37 0 35 7 6 1 1 0 8 0 pfstscr 40 56 0 56 3 3 0 1 0 8 0 pffrag 232 1 0 1 1 1 0 1 0 482 0 pffrnode 88 1 0 1 1 1 0 1 0 8 0 pffrent 40 3 162 3 1 1 0 1 0 8 0 pfosfp 40 1428 0 1428 5 5 0 5 0 8 0 pfosfpen 112 1428 0 1428 21 21 0 21 0 8 0 pfrktable 1344 87 0 75 5 4 1 2 0 8 0 pfanchor 1280 324 0 132 17 0 17 17 0 8 0 pftag 88 5 0 4 3 2 1 1 0 8 0 pfqueue 264 5 0 5 2 2 0 1 0 8 0 pfstitem 24 76 0 74 1 0 1 1 0 8 0 pfstkey 120 176 0 174 3 2 1 3 0 8 0 pfstate 336 124 0 122 7 6 1 7 0 8 0 pfrule 1360 4843 0 4060 67 1 66 66 0 8 0 rttmr 136 10 0 10 2 2 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1081 0 697 32 7 25 29 0 8 0 art_table 32 1082 0 697 4 0 4 4 0 8 0 art_node 16 239 0 167 1 0 1 1 0 8 0 sysvmsgpl 40 40 0 34 1 0 1 1 0 8 0 semupl 112 4 0 4 1 1 0 1 0 8 0 semapl 112 9 0 0 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 11923 0 10283 103 0 103 103 0 8 0 ffsino 272 11923 0 10283 110 0 110 110 0 8 0 nchpl 144 23393 0 21745 63 0 63 63 0 8 0 rtmask 32 3 0 3 1 1 0 1 0 8 0 uvmvnodes 80 5963 0 0 122 0 122 122 0 8 0 vnodes 216 5963 0 0 332 0 332 332 0 8 0 namei 1024 76364 0 76364 2 1 1 2 0 8 1 percpumem 16 93 0 51 1 0 1 1 0 8 0 vcpupl 2048 66 0 0 9 0 9 9 0 8 0 vmpool 568 70 0 4 5 0 5 5 0 8 0 pfiaddrpl 120 168 0 156 4 3 1 1 0 8 0 kstatmem 264 120 0 90 4 1 3 3 0 8 0 scsiplug 72 4 0 4 2 2 0 1 0 8 0 scxspl 216 67221 0 67221 15 14 1 8 0 8 1 plimitpl 152 420 0 404 1 0 1 1 0 8 0 sigapl 424 9200 0 9132 10 2 8 8 0 8 0 futexpl 64 80719 0 80717 1 0 1 1 0 8 0 knotepl 120 576 0 0 13 2 11 13 0 8 0 kqueuepl 216 968 0 960 21 20 1 5 0 8 0 pipepl 320 1311 0 1283 50 47 3 11 0 8 0 fdescpl 496 9161 0 9131 5 1 4 5 0 8 0 filepl 152 62812 0 62571 106 96 10 25 0 8 0 lockfpl 104 1621 0 1619 3 2 1 2 0 8 0 lockfspl 48 598 0 596 1 0 1 1 0 8 0 sessionpl 144 31 0 14 1 0 1 1 0 8 0 pgrppl 48 47 0 30 1 0 1 1 0 8 0 ucredpl 104 3259 0 3246 1 0 1 1 0 8 0 zombiepl 144 9132 0 9132 1 0 1 1 0 8 1 processpl 1064 9200 0 9132 5 0 5 5 0 8 0 procpl 672 25966 0 25877 17 9 8 10 0 8 0 srpgc 96 8 0 8 3 3 0 1 0 8 0 sosppl 168 28 0 28 7 7 0 1 0 8 0 sockpl 488 24422 0 24396 363 357 6 37 0 8 2 mcl64k 65536 25 0 0 3 0 3 3 0 8 0 mcl16k 16384 14 0 0 2 0 2 2 0 8 0 mcl12k 12288 17 0 0 2 0 2 2 0 8 0 mcl9k 9216 25 0 0 2 0 2 2 0 8 0 mcl8k 8192 34 0 0 4 1 3 3 0 8 0 mcl4k 4096 17 0 0 3 0 3 3 0 8 0 mcl2k2 2112 9 0 0 1 0 1 1 0 8 0 mcl2k 2048 323 0 0 37 4 33 37 0 8 3 mtagpl 96 420 0 0 10 0 10 10 0 8 0 mbufpl 256 720 0 0 40 0 40 40 0 8 0 bufpl 288 17377 0 11048 453 0 453 453 0 8 0 anonpl 24 1723355 0 1706558 237 104 133 153 0 186 13 amapchunkpl 152 220621 0 219838 1007 846 161 661 0 158 125 amappl16 200 22617 0 22044 77 44 33 53 0 8 0 amappl15 192 2514 0 2507 1 0 1 1 0 8 0 amappl14 184 2678 0 2670 1 0 1 1 0 8 0 amappl13 176 845 0 841 1 0 1 1 0 8 0 amappl12 168 1079 0 1073 2 1 1 1 0 8 0 amappl11 160 256 0 236 1 0 1 1 0 8 0 amappl10 152 1718 0 1713 1 0 1 1 0 8 0 amappl9 144 1718 0 1714 1 0 1 1 0 8 0 amappl8 136 1104 0 984 5 0 5 5 0 8 0 amappl7 128 323 0 303 1 0 1 1 0 8 0 amappl6 120 1524 0 1504 2 1 1 2 0 8 0 amappl5 112 8118 0 8101 1 0 1 1 0 8 0 amappl4 104 2741 0 2706 2 0 2 2 0 8 0 amappl3 96 28485 0 28426 2 0 2 2 0 8 0 amappl2 88 2551 0 2510 2 1 1 2 0 8 0 amappl1 80 230450 0 229756 22 6 16 20 0 8 0 amappl 88 53294 0 53074 8 2 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 9232 0 9136 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 9232 0 9136 1 0 1 1 0 8 0 vmmpekpl 168 73496 0 73420 4 0 4 4 0 8 0 vmmpepl 168 882263 0 879369 219 86 133 149 0 357 2 vmsppl 368 9231 0 9136 10 1 9 9 0 8 0 rwobjpl 56 222936 0 215143 125 14 111 116 0 8 0 pdppl 4096 18471 0 18338 502 367 135 135 0 8 2 pvpl 32 3510057 0 3488770 423 183 240 244 0 265 37 pmappl 248 9231 0 9136 8 1 7 7 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1575 0 571 29 0 29 29 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace rc4_keysetup(ffff80002961c80a,ffff80002961c91c,0) at rc4_keysetup+0xaf sys/crypto/arc4.c:41 pipex_mppe_init(ffff80002961c7d0,ffffdc60,6c59,ffff8000006d1a6c,ffffdc60) at pipex_mppe_init+0x212 sys/net/pipex.c:2319 pipex_init_session(ffff80002619a648,ffff8000006d1800) at pipex_init_session+0x5e1 pipex_session_init_mppe_recv sys/net/pipex.c:2327 [inline] pipex_init_session(ffff80002619a648,ffff8000006d1800) at pipex_init_session+0x5e1 sys/net/pipex.c:385 pppacioctl(4486337,82907003,ffff8000006d1800,1,ffff80002985d7a8) at pppacioctl+0x156 pppac_add_session sys/net/if_pppx.c:1315 [inline] pppacioctl(4486337,82907003,ffff8000006d1800,1,ffff80002985d7a8) at pppacioctl+0x156 sys/net/if_pppx.c:1165 VOP_IOCTL(fffffd807ea83b28,82907003,ffff8000006d1800,1,fffffd807f7d76e8,ffff80002985d7a8) at VOP_IOCTL+0x96 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806c689310,82907003,ffff8000006d1800,ffff80002985d7a8) at vn_ioctl+0xbc sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002985d7a8,ffff80002619a998,ffff80002619a9e0) at sys_ioctl+0x4a2 syscall(ffff80002619aa60) at syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff80002619aa60) at syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd2de1a25340, count: -9 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800020dd8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __mp_lock(ffffffff82b7ff48) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82b7ff48) at __mp_lock+0x122 sys/kern/kern_lock.c:147 syscall(ffff800029826150) at syscall+0x41d mi_syscall sys/sys/syscall_mi.h:100 [inline] syscall(ffff800029826150) at syscall+0x41d sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffcdbd0, count: -6