kernel: double fault trap, code=0 Stopped at restore_saved+0x35: xorq 0x30(%rsp),%r11 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace end trace frame: 0x0, count: -1 ddb{0}> show registers rdi 0xffffffff83164000 end+0x364000 rsi 0xffff80002bcf0d50 rbp 0 rbx 0 rdx 0 rcx 0xfffffd806e3994e0 rax 0x23 r8 0x2c r9 0 r10 0xcb237d8436dd5d40 r11 0xe0fa05699b60bd61 r12 0xffff80002bcf0d50 r13 0xffff80002a25f000 r14 0x8f2196e __kernel_phys_end+0x612196e r15 0xffff80002a20a008 rip 0xffffffff810501e5 restore_saved+0x35 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0 ss 0x10 restore_saved+0x35: xorq 0x30(%rsp),%r11 ddb{0}> show proc PROC (syz-executor.5) tid=31860 pid=43247 tcnt=2 stat=onproc flags process=0 proc=0 runpri=86, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002bcef018,0xffff80002bcf0ab8 process=0xffff8000ffff8008 user=0xffff80002a25f000, vmspace=0xfffffd8065dff240 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 64770 57977 13200 0 2 0 syz-executor.4 64770 301673 13200 0 3 0x4000080 netio syz-executor.4 26435 456606 45901 0 2 0 syz-executor.3 26435 442533 45901 0 2 0x4000000 syz-executor.3 23572 472044 9796 0 2 0 syz-executor.2 23572 521338 9796 0 3 0x4000080 fsleep syz-executor.2 4874 445964 48271 0 2 0 syz-executor.0 4874 298921 48271 0 2 0x4000000 syz-executor.0 4874 287000 48271 0 2 0x4000000 syz-executor.0 *43247 31860 22496 0 7 0 syz-executor.5 43247 107806 22496 0 2 0x4000000 syz-executor.5 48271 214548 84480 0 3 0x82 nanoslp syz-executor.0 13200 64003 84480 0 2 0x2 syz-executor.4 97968 272771 0 0 3 0x14200 acct acct 78443 336203 1 0 3 0x100083 ttyin getty 14994 427564 84480 0 2 0x482 syz-executor.1 61293 504288 84480 0 7 0x2 syz-executor.6 9796 147457 84480 0 3 0x82 nanoslp syz-executor.2 28120 165344 0 0 3 0x14200 bored sosplice 22496 220343 84480 0 3 0x82 nanoslp syz-executor.5 43703 166699 0 0 3 0x14280 nfsidl nfsio 85740 193081 0 0 3 0x14280 nfsidl nfsio 7459 188415 0 0 3 0x14280 nfsidl nfsio 51330 455951 0 0 3 0x14280 nfsidl nfsio 70513 118118 0 0 3 0x14280 nfsidl nfsio 94285 149947 0 0 3 0x14280 nfsidl nfsio 4831 270750 0 0 3 0x14280 nfsidl nfsio 1612 353388 0 0 3 0x14280 nfsidl nfsio 33251 288588 0 0 3 0x14280 nfsidl nfsio 90933 256150 0 0 3 0x14280 nfsidl nfsio 37536 88930 0 0 3 0x14280 nfsidl nfsio 97823 34239 0 0 3 0x14280 nfsidl nfsio 61183 492348 0 0 3 0x14280 nfsidl nfsio 96081 348049 0 0 3 0x14280 nfsidl nfsio 70645 319529 0 0 3 0x14280 nfsidl nfsio 43353 247275 0 0 3 0x14280 nfsidl nfsio 59463 12087 0 0 3 0x14280 nfsidl nfsio 3392 409839 0 0 3 0x14280 nfsidl nfsio 93674 331132 0 0 3 0x14280 nfsidl nfsio 93794 113384 0 0 3 0x14280 nfsidl nfsio 40014 142055 84480 0 2 0x2 syz-executor.7 45901 113529 84480 0 2 0x2 syz-executor.3 84480 366822 96181 0 3 0x2000082 thrsleep syz-fuzzer 84480 361944 96181 0 3 0x6000082 thrsleep syz-fuzzer 84480 16202 96181 0 3 0x6000082 wait syz-fuzzer 84480 449198 96181 0 3 0x6000082 wait syz-fuzzer 84480 164513 96181 0 3 0x6000082 wait syz-fuzzer 84480 139395 96181 0 3 0x6000082 wait syz-fuzzer 84480 110793 96181 0 3 0x6000082 thrsleep syz-fuzzer 84480 322935 96181 0 3 0x6000082 wait syz-fuzzer 84480 62636 96181 0 3 0x6000082 kqread syz-fuzzer 84480 137544 96181 0 3 0x6000082 wait syz-fuzzer 84480 28867 96181 0 3 0x6000082 thrsleep syz-fuzzer 84480 278812 96181 0 3 0x6000082 thrsleep syz-fuzzer 84480 416128 96181 0 3 0x6000082 thrsleep syz-fuzzer 84480 267802 96181 0 3 0x6000082 wait syz-fuzzer 84480 51120 96181 0 3 0x6000082 wait syz-fuzzer 96181 365777 77538 0 3 0x10008a sigsusp ksh 77538 504945 21169 0 3 0x9a kqread sshd 21169 200616 1 0 3 0x88 kqread sshd 28768 358085 18109 74 3 0x1100092 bpf pflogd 18109 28812 1 0 3 0x80 netio pflogd 33441 368721 35205 73 3 0x1100090 kqread syslogd 35205 187863 1 0 3 0x100082 netio syslogd 41157 483681 1 0 3 0x100080 kqread resolvd 52136 482551 80539 77 3 0x100092 kqread dhcpleased 51466 286454 80539 77 3 0x100092 kqread dhcpleased 80539 47273 1 0 3 0x80 kqread dhcpleased 88779 174727 0 0 3 0x14200 bored smr 28132 419906 0 0 2 0x14200 zerothread 77131 467159 0 0 3 0x14200 aiodoned aiodoned 84424 268406 0 0 3 0x14200 syncer update 70110 64532 0 0 3 0x14200 cleaner cleaner 16209 220998 0 0 3 0x14200 reaper reaper 7323 295177 0 0 3 0x14200 pgdaemon pagedaemon 66105 387459 0 0 3 0x14200 bored viomb 93844 306039 0 0 3 0x40014200 acpi0 acpi0 68584 498069 0 0 3 0x40014200 idle1 84999 359415 0 0 3 0x14200 bored softnet3 31743 482239 0 0 3 0x14200 bored softnet2 3745 214309 0 0 3 0x14200 bored softnet1 43814 335211 0 0 3 0x14200 bored softnet0 66696 362311 0 0 3 0x14200 bored systqmp 18040 148389 0 0 3 0x14200 bored systq 1667 23312 0 0 3 0x14200 tmoslp softclockmp 96995 144514 0 0 3 0x40014200 tmoslp softclock 49652 456076 0 0 3 0x40014200 idle0 1 7606 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks CPU 0: exclusive sched_lock &sched_lock r = 0 (0xffffffff82cc1eb8) #0 witness_lock+0x447 #1 sleep_finish+0x142 sys/kern/kern_synch.c:398 #2 rwsleep+0xab sys/kern/kern_synch.c:300 #3 thrsleep+0x4de sys/kern/kern_synch.c:677 #4 sys___thrsleep+0xb5 sys/kern/kern_synch.c:718 #5 syscall+0x673 mi_syscall sys/sys/syscall_mi.h:182 [inline] #5 syscall+0x673 sys/arch/amd64/amd64/trap.c:591 #6 Xsyscall+0x128 CPU 1: exclusive mutex &kq->kq_lock r = 0 (0xfffffd806f054010) #0 witness_lock+0x447 #1 mtx_enter_try+0x104 #2 mtx_enter+0x4f sys/kern/kern_lock.c:266 #3 knote_locked+0x108 knote_activate sys/kern/kern_event.c:1816 [inline] #3 knote_locked+0x108 sys/kern/kern_event.c:1848 #4 pipe_write+0x81c pipe_wakeup sys/kern/sys_pipe.c:375 [inline] #4 pipe_write+0x81c sys/kern/sys_pipe.c:662 #5 dofilewritev+0x1a0 sys/kern/sys_generic.c:375 #6 sys_write+0x87 sys/kern/sys_generic.c:295 #7 syscall+0x673 mi_syscall sys/sys/syscall_mi.h:182 [inline] #7 syscall+0x673 sys/arch/amd64/amd64/trap.c:591 #8 Xsyscall+0x128 Process 61293 (syz-executor.6) thread 0xffff80002a1b12b0 (504288) exclusive rwlock pipelk r = 0 (0xfffffd8068573c70) #0 witness_lock+0x447 #1 pipe_write+0x37d sys/kern/sys_pipe.c:565 #2 dofilewritev+0x1a0 sys/kern/sys_generic.c:375 #3 sys_write+0x87 sys/kern/sys_generic.c:295 #4 syscall+0x673 mi_syscall sys/sys/syscall_mi.h:182 [inline] #4 syscall+0x673 sys/arch/amd64/amd64/trap.c:591 #5 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10224 6754K 7460K 166960K 18773 0 pcb 15 17K 19K 166960K 179 0 rtable 240 8K 8K 166960K 616 0 pf 34 9K 10K 166960K 133 0 ifaddr 46 16K 16K 166960K 107 0 ifgroup 59 2K 2K 166960K 187 0 sysctl 3 0K 0K 166960K 3 0 counters 66 36K 36K 166960K 140 0 ioctlops 0 0K 4K 166960K 1869 0 iov 1 0K 28K 166960K 399 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1381 86K 87K 166960K 3272 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 32 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 443 0 dirhash 12 2K 2K 166960K 27 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 89K 166960K 3304 0 sigio 0 0K 0K 166960K 48 0 proc 70 91K 115K 166960K 814 0 subproc 104 6K 6K 166960K 182 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 314 0 in_multi 99 7K 7K 166960K 250 0 ether_multi 1 0K 0K 166960K 12 0 mrt 1 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 941 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 381 158K 174K 166960K 35086 0 UVM aobj 131 5K 5K 166960K 137 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 99 0 NDP 13 0K 1K 166960K 78 0 temp 74 5932K 6060K 166960K 20006 0 kqueue 12 18K 26K 166960K 273 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 230 0 227 4 3 1 2 0 8 0 rtentry 112 193 0 83 4 0 4 4 0 8 0 unpcb 144 2112 0 2095 24 20 4 7 0 8 3 syncache 312 36 0 36 8 7 1 1 0 8 1 sackhl 24 2 0 2 1 1 0 1 0 8 0 tcpqe 32 292 0 292 7 7 0 1 0 8 0 tcpcb 808 1341 0 1325 25 22 3 10 0 8 0 arp 120 30 0 12 1 0 1 1 0 8 0 inpcb 368 3083 0 3063 43 35 8 15 0 8 5 nd6 136 47 0 23 1 0 1 1 0 8 0 pkpcb 40 44 0 44 3 3 0 1 0 8 0 kcovpl 48 14 0 6 1 0 1 1 0 8 0 ppxss 1256 17 0 17 5 5 0 1 0 8 0 pffrag 232 9 0 7 2 1 1 1 0 482 0 pffrnode 88 9 0 7 2 1 1 1 0 8 0 pffrent 40 28 0 26 2 1 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 128 0 101 1 0 1 1 0 8 0 pfstkey 128 128 0 101 2 0 2 2 0 8 0 pfstate 376 128 0 101 4 0 4 4 0 8 0 pfrule 1344 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 754 0 296 38 9 29 29 0 8 0 art_table 32 755 0 296 4 0 4 4 0 8 0 art_node 16 181 0 81 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 3 1 1 0 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 435 0 425 1 0 1 1 0 8 0 shmpl 112 134 0 6 4 0 4 4 0 8 0 dirhash 1024 27 0 10 3 0 3 3 0 8 0 dino2pl 256 5588 0 4132 92 0 92 92 0 8 0 ffsino 272 5588 0 4132 98 0 98 98 0 8 0 nchpl 144 10059 0 8401 64 0 64 64 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 34090 0 34090 2 1 1 2 0 8 1 percpumem 16 84 0 37 1 0 1 1 0 8 0 vcpupl 2048 78 0 1 10 0 10 10 0 8 0 vmpool 696 87 0 10 11 3 8 8 0 8 0 kstatmem 264 100 0 74 2 0 2 2 0 8 0 scxspl 216 29502 0 29502 12 11 1 8 1 8 1 plimitpl 152 181 0 165 1 0 1 1 0 8 0 sigapl 424 3647 0 3577 9 1 8 9 0 8 0 futexpl 64 27633 0 27632 1 0 1 1 0 8 0 knotepl 120 204 0 0 6 0 6 6 0 8 0 kqueuepl 216 864 0 856 15 12 3 5 0 8 2 pipepl 320 1059 0 1030 30 27 3 14 0 8 0 fdescpl 496 3607 0 3579 9 5 4 5 0 8 0 filepl 152 21755 0 21507 58 42 16 22 0 8 6 lockfpl 104 1389 0 1387 5 3 2 3 0 8 1 lockfspl 48 382 0 380 1 0 1 1 0 8 0 sessionpl 144 32 0 15 1 0 1 1 0 8 0 pgrppl 48 131 0 114 1 0 1 1 0 8 0 ucredpl 104 2231 0 2219 1 0 1 1 0 8 0 zombiepl 144 3579 0 3577 1 0 1 1 0 8 0 processpl 1144 3647 0 3577 6 0 6 6 0 8 0 procpl 680 9496 0 9406 14 5 9 10 0 8 0 srpgc 96 10 0 10 4 4 0 1 0 8 0 sosppl 168 22 0 19 4 3 1 1 0 8 0 sockpl 488 5543 0 5503 89 76 13 26 0 8 6 mcl64k 65536 17 0 0 3 0 3 3 0 8 0 mcl16k 16384 8 0 0 1 0 1 1 0 8 0 mcl12k 12288 10 0 0 1 0 1 1 0 8 0 mcl9k 9216 12 0 0 1 0 1 1 0 8 0 mcl8k 8192 17 0 0 3 0 3 3 0 8 0 mcl4k 4096 18 0 0 3 0 3 3 0 8 0 mcl2k2 2112 4 0 0 1 0 1 1 0 8 0 mcl2k 2048 278 0 0 35 4 31 35 0 8 2 mtagpl 96 282 0 0 6 0 6 6 0 8 0 mbufpl 256 517 0 0 27 0 27 27 0 8 0 bufpl 288 8606 0 2284 452 0 452 452 0 8 0 anonpl 24 458906 0 444075 113 18 95 105 0 186 0 amapchunkpl 152 110761 0 109846 56 16 40 44 0 158 0 amappl16 200 10231 0 9808 35 11 24 31 0 8 0 amappl15 192 23 0 21 1 0 1 1 0 8 0 amappl14 184 181 0 166 2 1 1 2 0 8 0 amappl13 176 36 0 35 1 0 1 1 0 8 0 amappl12 168 4397 0 4366 4 2 2 3 0 8 0 amappl11 160 53 0 39 1 0 1 1 0 8 0 amappl10 152 59 0 47 1 0 1 1 0 8 0 amappl9 144 287 0 287 4 4 0 1 0 8 0 amappl8 136 296 0 215 3 0 3 3 0 8 0 amappl7 128 200 0 175 2 0 2 2 0 8 0 amappl6 120 392 0 382 1 0 1 1 0 8 0 amappl5 112 215 0 204 1 0 1 1 0 8 0 amappl4 104 554 0 527 2 1 1 2 0 8 0 amappl3 96 22107 0 22020 4 1 3 3 0 8 0 amappl2 88 4216 0 4141 3 1 2 3 0 8 0 amappl1 80 21514 0 20955 23 10 13 23 0 8 0 amappl 88 34429 0 34176 8 1 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 136 0 6 3 0 3 3 0 8 0 uaddrrnd 24 3694 0 3589 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 3694 0 3589 1 0 1 1 0 8 0 vmmpekpl 168 34252 0 34193 4 0 4 4 0 8 0 vmmpepl 168 233604 0 231194 220 89 131 136 0 357 14 vmsppl 464 3693 0 3589 15 1 14 14 0 8 0 rwobjpl 56 68416 0 60806 115 6 109 109 0 8 0 pdppl 4096 7396 0 7255 334 187 147 149 0 8 6 pvpl 32 43050 0 0 349 1 348 349 0 265 0 pmappl 248 3693 0 3589 8 1 7 7 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1200 0 277 27 0 27 27 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace end trace frame: 0x0, count: -1 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800029d2bff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff82cc1cb0) at __mp_lock+0x133 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82cc1cb0) at __mp_lock+0x133 sys/kern/kern_lock.c:147 wakeup_n(fffffd806f054000,ffffffff) at wakeup_n+0x37 sys/kern/kern_synch.c:541 knote_enqueue(fffffd80661f55b0) at knote_enqueue+0x19d klist_empty sys/sys/event.h:362 [inline] knote_enqueue(fffffd80661f55b0) at knote_enqueue+0x19d kqueue_wakeup sys/kern/kern_event.c:1689 [inline] knote_enqueue(fffffd80661f55b0) at knote_enqueue+0x19d sys/kern/kern_event.c:2032 knote_locked(fffffd8068573bf8,0) at knote_locked+0x18d pipe_write(fffffd806b478688,ffff80002bcde008,0) at pipe_write+0x81c pipe_wakeup sys/kern/sys_pipe.c:375 [inline] pipe_write(fffffd806b478688,ffff80002bcde008,0) at pipe_write+0x81c sys/kern/sys_pipe.c:662 dofilewritev(ffff80002a1b12b0,f8,ffff80002bcde008,0,ffff80002bcde0f0) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375 sys_write(ffff80002a1b12b0,ffff80002bcde0a0,ffff80002bcde0f0) at sys_write+0x87 sys/kern/sys_generic.c:295 syscall(ffff80002bcde1a0) at syscall+0x673 mi_syscall sys/sys/syscall_mi.h:182 [inline] syscall(ffff80002bcde1a0) at syscall+0x673 sys/arch/amd64/amd64/trap.c:591 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x758b63988b70, count: -12