kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic the kernel did not panic ddb{1}> trace done_flush() at done_flush+0x38 vm_run(ffff800024600fd0) at vm_run+0x1cf sys/arch/amd64/amd64/vmm.c:4529 vmmioctl(a00,c0205602,ffff800024600fd0,1,ffff80002478cfd0) at vmmioctl+0x192 sys/arch/amd64/amd64/vmm.c:680 VOP_IOCTL(fffffd806e56ea28,c0205602,ffff800024600fd0,1,fffffd807f7d74e0,ffff80002478cfd0) at VOP_IOCTL+0x96 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd80731c5a20,c0205602,ffff800024600fd0,ffff80002478cfd0) at vn_ioctl+0xbc sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002478cfd0,ffff8000246010e8,ffff800024601130) at sys_ioctl+0x4a2 syscall(ffff8000246011b0) at syscall+0x4c2 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff8000246011b0) at syscall+0x4c2 sys/arch/amd64/amd64/trap.c:599 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x26545319b20, count: -8 ddb{1}> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff80002964ce48 rbp 0xffff800024600d20 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffffffffffc r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0xd9b7df23ee17e3c1 r11 0x577037ca9f58d901 r12 0xffff80002964cba0 r13 0xffff800020dd8ff0 r14 0xffff80002964c800 r15 0xffff800024600fd0 rip 0xffffffff8163fc50 done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff800024600b76 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb{1}> show proc PROC (syz-executor.1) pid=321599 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=83, nice=20 forw=0xffffffffffffffff, list=0xffff80002478c2b0,0xffffffff82ba3500 process=0xffff8000ffff7620 user=0xffff8000245fc000, vmspace=0xfffffd807b74ad10 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 17568 402098 56829 0 7 0 syz-executor.1 *17568 321599 56829 0 7 0x4000000 syz-executor.1 90151 504305 16940 0 3 0x80 nanoslp syz-executor.5 90151 156242 16940 0 3 0x4000080 fsleep syz-executor.5 90151 126898 16940 0 3 0x4000080 fsleep syz-executor.5 90151 287150 16940 0 2 0x4000000 syz-executor.5 59008 94534 39506 0 2 0 syz-executor.7 59008 375301 39506 0 2 0x4000000 syz-executor.7 59356 293621 72616 0 3 0x80 nanoslp syz-executor.6 59356 213249 72616 0 3 0x4000080 fsleep syz-executor.6 70846 203732 84108 0 2 0 syz-executor.2 70846 194317 84108 0 3 0x4000080 fsleep syz-executor.2 84535 500479 57214 0 2 0 syz-executor.4 84535 317465 57214 0 3 0x4000080 fsleep syz-executor.4 84535 45289 57214 0 2 0x4000000 syz-executor.4 20511 272785 94428 0 3 0x80 nanoslp syz-executor.0 20511 79840 94428 0 3 0x4000080 kqread syz-executor.0 20511 413797 94428 0 3 0x4000080 fsleep syz-executor.0 84108 311388 84690 0 3 0x82 nanoslp syz-executor.2 16940 292369 84690 0 3 0x82 nanoslp syz-executor.5 39506 107576 84690 0 3 0x82 nanoslp syz-executor.7 57214 518974 84690 0 3 0x82 nanoslp syz-executor.4 72616 137227 84690 0 3 0x82 nanoslp syz-executor.6 65265 61478 1 0 3 0x100083 ttyin getty 82045 197232 84690 0 3 0x82 nanoslp syz-executor.3 94428 350222 84690 0 3 0x82 nanoslp syz-executor.0 56829 91067 84690 0 3 0x82 nanoslp syz-executor.1 59511 239763 0 0 3 0x14280 nfsidl nfsio 12512 5235 0 0 3 0x14280 nfsidl nfsio 54421 107173 0 0 3 0x14280 nfsidl nfsio 62149 342745 0 0 3 0x14280 nfsidl nfsio 11501 189063 0 0 3 0x14280 nfsidl nfsio 80259 138458 0 0 3 0x14280 nfsidl nfsio 65910 66197 0 0 3 0x14280 nfsidl nfsio 23114 123753 0 0 3 0x14280 nfsidl nfsio 97981 275997 0 0 3 0x14280 nfsidl nfsio 68138 266224 0 0 3 0x14280 nfsidl nfsio 21373 442393 0 0 3 0x14280 nfsidl nfsio 31193 100378 0 0 3 0x14280 nfsidl nfsio 85371 146315 0 0 3 0x14280 nfsidl nfsio 89750 182063 0 0 3 0x14280 nfsidl nfsio 9036 243121 0 0 3 0x14280 nfsidl nfsio 42158 391350 0 0 3 0x14280 nfsidl nfsio 55341 505982 0 0 3 0x14280 nfsidl nfsio 31491 498403 0 0 3 0x14280 nfsidl nfsio 75537 149623 0 0 3 0x14280 nfsidl nfsio 96950 89553 0 0 3 0x14280 nfsidl nfsio 28081 51871 0 0 3 0x14200 bored sosplice 79170 11882 1 0 3 0 vmmapbsy syz-executor.4 79170 365325 1 0 3 0x4000000 vmmaplk syz-executor.4 79170 51919 1 0 3 0x4000000 vmmaplk syz-executor.4 79170 349029 1 0 3 0x4000000 vmmaplk syz-executor.4 84690 334890 71954 0 3 0x82 thrsleep syz-fuzzer 84690 260750 71954 0 3 0x4000082 nanoslp syz-fuzzer 84690 267876 71954 0 3 0x4000082 wait syz-fuzzer 84690 498282 71954 0 3 0x4000082 wait syz-fuzzer 84690 307023 71954 0 3 0x4000082 thrsleep syz-fuzzer 84690 440607 71954 0 3 0x4000082 thrsleep syz-fuzzer 84690 453028 71954 0 3 0x4000082 thrsleep syz-fuzzer 84690 127806 71954 0 3 0x4000082 wait syz-fuzzer 84690 440501 71954 0 3 0x4000082 thrsleep syz-fuzzer 84690 192073 71954 0 3 0x4000082 wait syz-fuzzer 84690 433322 71954 0 3 0x4000082 wait syz-fuzzer 84690 462988 71954 0 3 0x4000082 thrsleep syz-fuzzer 84690 171150 71954 0 3 0x4000082 wait syz-fuzzer 84690 155320 71954 0 3 0x4000082 kqread syz-fuzzer 84690 388020 71954 0 3 0x4000082 wait syz-fuzzer 84690 206636 71954 0 3 0x4000082 wait syz-fuzzer 71954 277975 78108 0 3 0x10008a sigsusp ksh 78108 384177 68526 0 3 0x9a kqread sshd 68526 18800 1 0 3 0x88 kqread sshd 31625 407259 83373 74 3 0x1100092 bpf pflogd 83373 38934 1 0 3 0x80 netio pflogd 8590 331168 46972 73 3 0x1100090 kqread syslogd 46972 330172 1 0 3 0x100082 netio syslogd 57762 67635 1 0 3 0x100080 kqread resolvd 7897 174881 55255 77 3 0x100092 kqread dhcpleased 2832 152932 55255 77 3 0x100092 kqread dhcpleased 55255 295465 1 0 3 0x80 kqread dhcpleased 11484 53902 0 0 3 0x14200 bored smr 59232 250963 0 0 2 0x14200 zerothread 77465 85991 0 0 3 0x14200 aiodoned aiodoned 56874 273644 0 0 3 0x14200 syncer update 13930 45140 0 0 3 0x14200 cleaner cleaner 33419 300815 0 0 3 0x14200 reaper reaper 17872 363071 0 0 3 0x14200 pgdaemon pagedaemon 96078 72035 0 0 3 0x14200 bored viomb 24699 295326 0 0 3 0x40014200 acpi0 acpi0 22808 414737 0 0 3 0x40014200 idle1 1912 335554 0 0 3 0x14200 bored softnet 39748 398912 0 0 3 0x14200 bored softnet 86295 354625 0 0 3 0x14200 bored softnet 91055 28770 0 0 3 0x14200 bored softnet 97515 144487 0 0 3 0x14200 bored systqmp 70703 304537 0 0 3 0x14200 bored systq 18691 64597 0 0 3 0x40014200 bored softclock 37423 404780 0 0 3 0x40014200 idle0 1 262757 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 79170 (syz-executor.4) thread 0xffff80002132b500 (365325) ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10245 6588K 7633K 78643K 57988 0 pcb 13 18K 23K 78643K 1798 0 rtable 202 16K 17K 78643K 1998 0 ifaddr 145 31K 32K 78643K 1106 0 sysctl 2 0K 0K 78643K 2 0 counters 60 35K 36K 78643K 844 0 ioctlops 0 0K 4K 78643K 2855 0 iov 0 0K 24K 78643K 1523 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1725 108K 108K 78643K 14182 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 142 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 2390 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 18 65K 85K 78643K 10094 0 sigio 0 0K 0K 78643K 514 0 proc 70 91K 115K 78643K 1794 0 subproc 117 7K 8K 78643K 456 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 856 0 in_multi 74 5K 6K 78643K 642 0 ether_multi 1 0K 0K 78643K 48 0 mrt 2 0K 0K 78643K 71 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 175 784K 784K 78643K 175 0 exec 0 0K 1K 78643K 2068 0 pfkey data 0 0K 0K 78643K 4 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 515 739K 743K 78643K 72827 0 UVM aobj 131 4K 4K 78643K 134 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 275 0 NDP 15 0K 2K 78643K 294 0 temp 146 4703K 70239K 78643K 137621 0 kqueue 13 20K 24K 78643K 943 0 SYN cache 2 8K 16K 78643K 3 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 940 0 937 12 11 1 4 0 8 0 rtentry 112 592 0 508 4 0 4 4 0 8 0 unpcb 144 6830 0 6806 89 83 6 10 0 8 5 syncache 296 51 0 51 11 11 0 1 0 8 0 tcpqe 32 78 0 78 7 7 0 1 0 8 0 tcpcb 776 2818 0 2814 105 98 7 11 0 8 6 arp 120 85 0 71 1 0 1 1 0 8 0 inpcb 368 8971 0 8963 140 133 7 13 0 8 6 nd6 48 116 0 98 1 0 1 1 0 8 0 pkpcb 40 10 0 10 3 3 0 1 0 8 0 kcovpl 48 35 0 26 1 0 1 1 0 8 0 mppekey 1024 8 0 8 3 3 0 1 0 8 0 ppxss 1256 293 0 292 15 14 1 1 0 8 0 pppxif 1720 126 0 126 17 16 1 1 0 8 1 pfstscr 40 68 0 64 1 0 1 1 0 8 0 pffrag 232 32 0 31 6 5 1 1 0 482 0 pffrnode 88 32 0 31 6 5 1 1 0 8 0 pffrent 40 82 0 81 6 5 1 1 0 8 0 pfosfp 40 1439 0 1012 5 0 5 5 0 8 0 pfosfpen 112 1439 0 721 21 0 21 21 0 8 0 pfanchor 1280 767 33 255 51 8 43 43 0 8 0 pfqueue 264 2 0 2 1 1 0 1 0 8 0 pfstitem 24 50 0 42 1 0 1 1 0 8 0 pfstkey 120 112 0 108 1 0 1 1 0 8 0 pfstate 384 56 0 52 1 0 1 1 0 8 0 rttmr 136 17 0 17 6 6 0 1 0 8 0 art_heap8 4096 5 0 4 5 4 1 2 0 8 0 art_heap4 256 2937 0 2590 45 22 23 30 0 8 0 art_table 32 2942 0 2594 4 0 4 4 0 8 0 art_node 16 590 0 519 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 0 1 0 1 1 0 8 0 semapl 112 2388 0 2378 1 0 1 1 0 8 0 shmpl 112 131 0 3 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 14536 0 13045 94 0 94 94 0 8 0 ffsino 272 14536 0 13045 100 0 100 100 0 8 0 nchpl 144 30170 0 29674 63 39 24 63 0 8 0 rtmask 32 5 0 5 1 1 0 1 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 115336 0 115336 5 4 1 2 0 8 1 percpumem 16 434 0 392 1 0 1 1 0 8 0 vcpupl 2048 234 0 0 30 0 30 30 0 8 0 vmpool 568 287 0 53 18 1 17 17 0 8 0 kstatmem 264 396 0 366 7 4 3 3 0 8 0 scsiplug 72 8 0 8 3 3 0 1 0 8 0 scxspl 216 86116 0 86116 35 31 4 8 0 8 4 plimitpl 152 1435 0 1418 1 0 1 1 0 8 0 sigapl 424 10374 0 10304 10 2 8 8 0 8 0 futexpl 64 94194 0 94188 4 3 1 1 0 8 0 knotepl 120 727 0 0 11 0 11 11 0 8 0 kqueuepl 216 2603 0 2593 42 39 3 6 0 8 2 pipepl 320 3201 0 3171 78 70 8 9 0 8 5 fdescpl 496 10334 0 10303 6 1 5 5 0 8 0 filepl 152 80660 0 80384 118 102 16 21 0 8 5 lockfpl 104 2584 0 2581 4 2 2 2 0 8 1 lockfspl 48 941 0 938 1 0 1 1 0 8 0 sessionpl 144 55 0 37 1 0 1 1 0 8 0 pgrppl 48 57 0 39 1 0 1 1 0 8 0 ucredpl 104 8248 0 8236 1 0 1 1 0 8 0 zombiepl 144 10305 0 10304 2 1 1 1 0 8 0 processpl 1064 10374 0 10304 5 0 5 5 0 8 0 procpl 672 30447 0 30348 27 17 10 10 0 8 1 srpgc 96 32 0 32 13 12 1 1 0 8 1 sosppl 168 63 0 63 14 14 0 1 0 8 0 sockpl 488 16801 0 16766 336 324 12 34 0 8 7 mcl64k 65536 25 0 0 3 0 3 3 0 8 0 mcl16k 16384 33 0 0 5 2 3 3 0 8 0 mcl12k 12288 25 0 0 2 0 2 2 0 8 0 mcl9k 9216 25 0 0 2 0 2 2 0 8 0 mcl8k 8192 21 0 0 3 0 3 3 0 8 0 mcl4k 4096 34 0 0 3 0 3 3 0 8 0 mcl2k2 2112 10 0 0 1 0 1 1 0 8 0 mcl2k 2048 547 0 0 58 19 39 58 0 8 0 mtagpl 96 560 0 0 9 0 9 9 0 8 0 mbufpl 256 5027 0 0 287 0 287 287 0 8 0 bufpl 288 20584 0 14253 453 0 453 453 0 8 0 anonpl 24 2126732 0 2107189 209 79 130 143 0 186 0 amapchunkpl 152 219608 0 218654 101 63 38 50 0 158 0 amappl16 200 20011 0 19414 121 87 34 44 0 8 0 amappl15 192 3 0 3 1 1 0 1 0 8 0 amappl14 184 239 0 223 2 1 1 2 0 8 0 amappl13 176 7 0 7 1 1 0 1 0 8 0 amappl12 168 749 0 743 1 0 1 1 0 8 0 amappl11 160 69 0 53 1 0 1 1 0 8 0 amappl10 152 65 0 49 1 0 1 1 0 8 0 amappl9 144 975 0 975 18 17 1 1 0 8 1 amappl8 136 716 0 572 6 0 6 6 0 8 0 amappl7 128 88 0 67 1 0 1 1 0 8 0 amappl6 120 667 0 635 7 5 2 2 0 8 0 amappl5 112 221 0 210 1 0 1 1 0 8 0 amappl4 104 928 0 890 3 1 2 2 0 8 0 amappl3 96 31367 0 31301 2 0 2 2 0 8 0 amappl2 88 11197 0 11118 3 1 2 3 0 8 0 amappl1 80 238337 0 237514 24 6 18 22 0 8 0 amappl 88 71889 0 71612 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 133 0 3 3 0 3 3 0 8 0 uaddrrnd 24 10621 0 10356 2 0 2 2 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 10621 0 10356 2 0 2 2 0 8 0 vmmpekpl 168 87506 0 87395 6 0 6 6 0 8 0 vmmpepl 168 955065 0 951501 389 218 171 179 0 357 11 vmsppl 368 10620 0 10356 26 1 25 25 0 8 0 rwobjpl 56 260064 0 251986 121 4 117 117 0 8 0 pdppl 4096 21249 0 20946 801 496 305 305 0 8 2 pvpl 32 4071475 0 4046188 460 242 218 275 0 265 0 pmappl 248 10620 0 10356 17 0 17 17 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 2082 0 700 40 0 40 40 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp ddb{0}> trace x86_ipi_db(ffffffff829d1ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 end of kernel end trace frame: 0x7f7fffff2bf0, count: -3 ddb{0}> machine ddbcpu 1 Stopped at done_flush+0x38: movl %eax,%dr6 ddb{1}> trace done_flush() at done_flush+0x38 vm_run(ffff800024600fd0) at vm_run+0x1cf sys/arch/amd64/amd64/vmm.c:4529 vmmioctl(a00,c0205602,ffff800024600fd0,1,ffff80002478cfd0) at vmmioctl+0x192 sys/arch/amd64/amd64/vmm.c:680 VOP_IOCTL(fffffd806e56ea28,c0205602,ffff800024600fd0,1,fffffd807f7d74e0,ffff80002478cfd0) at VOP_IOCTL+0x96 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd80731c5a20,c0205602,ffff800024600fd0,ffff80002478cfd0) at vn_ioctl+0xbc sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002478cfd0,ffff8000246010e8,ffff800024601130) at sys_ioctl+0x4a2 syscall(ffff8000246011b0) at syscall+0x4c2 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff8000246011b0) at syscall+0x4c2 sys/arch/amd64/amd64/trap.c:599 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x26545319b20, count: -8