kernel: protection fault trap, code=0 Stopped at sysctl_doproc+0x270: movq 0x380(%rbx),%r14 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace sysctl_doproc(ffff80003c463588,4,200000000100,ffff80003c4635b8) at sysctl_doproc+0x270 sys/kern/kern_sysctl.c:1926 kern_sysctl_dirs(42,ffff80003c463588,4,200000000100,ffff80003c4635b8,0,3942784df3031790,ffff80003c463588) at kern_sysctl_dirs+0x375 sys/kern/kern_sysctl.c:442 kern_sysctl(ffff80003c463584,5,200000000100,ffff80003c4635b8,0,37,53d35c24d4f183df) at kern_sysctl+0x178 sys/kern/kern_sysctl.c:719 sys_sysctl(ffff80002a345a28,ffff80003c4636f0,ffff80003c463640) at sys_sysctl+0x3e5 sys/kern/kern_sysctl.c:-1 syscall(ffff80003c4636f0) at syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4636f0) at syscall+0xbd4 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x71491f03f80, count: -6 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80003c4632b0 rbx 0xdeaf4152deaf4152 rdx 0 rcx 0xffff80002a345a28 rax 0xffffffff8376fff0 cpu_info_full_primary+0x1ff0 r8 0x7f7fffffc000 r9 0 r10 0x46a104c537bfb115 r11 0x9e5c332673bef9f3 r12 0x1898 __ALIGN_SIZE+0x898 r13 0x80 r14 0x80 r15 0 rip 0xffffffff81bb41e0 sysctl_doproc+0x270 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c463200 ss 0x10 sysctl_doproc+0x270: movq 0x380(%rbx),%r14 ddb{0}> show proc PROC (syz-executor) tid=124018 pid=17397 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=86, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a3442d0,0xffff80002a344578 process=0xffff800039825880 user=0xffff80003c45e000, vmspace=0xfffffd8067af1b98 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 73302 448925 11132 0 2 0 syz-executor 73302 270626 11132 0 3 0x4000080 sysctllk syz-executor 73302 328241 11132 0 3 0x4000080 fsleep syz-executor 70062 492778 99041 0 2 0 syz-executor 70062 213206 99041 0 3 0x4000080 bell syz-executor 70062 63826 99041 0 3 0x4000080 bell syz-executor 70062 369129 99041 0 2 0x4000000 syz-executor 627 83755 2376 0 3 0x80 nanoslp syz-executor 627 433587 2376 0 2 0x4000c80 syz-executor 627 140592 2376 0 3 0x4000080 fsleep syz-executor 17397 435456 48325 0 2 0 syz-executor 17397 40512 48325 0 3 0x4000080 fsleep syz-executor *17397 124018 48325 0 7 0x4000000 syz-executor 17397 275314 48325 0 2 0x4000000 syz-executor 17071 453320 4173 0 2 0xc80 syz-executor 17071 402752 4173 0 3 0x4000080 lockf syz-executor 17071 33332 4173 0 3 0x4000080 fsleep syz-executor 17071 122393 4173 0 3 0x4000080 fsleep syz-executor 17071 15855 4173 0 3 0x4000080 fsleep syz-executor 57441 339443 76141 0 2 0 syz-executor 57441 153865 76141 0 2 0x4000000 syz-executor 57441 196611 76141 0 2 0x4000c00 syz-executor 57441 139746 76141 0 3 0x4000080 fsleep syz-executor 11132 1263 11096 0 2 0xc82 syz-executor 22774 58151 1 0 3 0x100083 ttyin getty 81599 325412 0 0 3 0x14280 nfsidl nfsio 48424 312567 0 0 3 0x14280 nfsidl nfsio 74881 79118 0 0 3 0x14280 nfsidl nfsio 66473 149888 0 0 3 0x14280 nfsidl nfsio 93719 188665 0 0 3 0x14280 nfsidl nfsio 43892 187324 0 0 3 0x14280 nfsidl nfsio 20608 509697 0 0 3 0x14280 nfsidl nfsio 16916 295258 0 0 3 0x14280 nfsidl nfsio 823 2561 0 0 3 0x14280 nfsidl nfsio 83057 523002 0 0 3 0x14280 nfsidl nfsio 64027 109070 0 0 3 0x14280 nfsidl nfsio 89498 201094 0 0 3 0x14280 nfsidl nfsio 22855 405398 0 0 3 0x14280 nfsidl nfsio 62078 116804 0 0 3 0x14280 nfsidl nfsio 82242 217088 0 0 3 0x14280 nfsidl nfsio 98346 464568 0 0 3 0x14280 nfsidl nfsio 86849 388187 0 0 3 0x14280 nfsidl nfsio 44581 429368 0 0 3 0x14280 nfsidl nfsio 60320 476184 0 0 3 0x14280 nfsidl nfsio 53390 118490 0 0 3 0x14280 nfsidl nfsio 76141 374498 11096 0 2 0xc82 syz-executor 55535 121807 0 0 3 0x14200 bored sosplice 55863 345320 11096 0 2 0x2 syz-executor 4173 122926 11096 0 2 0xc82 syz-executor 48325 101075 11096 0 2 0xc82 syz-executor 10576 287214 11096 0 7 0x2 syz-executor 2376 37554 11096 0 2 0xc82 syz-executor 99041 268591 11096 0 2 0xc82 syz-executor 11096 456784 81402 0 3 0x82 kqread syz-executor 81402 19096 77994 0 3 0x10008a sigsusp ksh 77994 103027 46246 0 3 0x98 kqread sshd-session 46246 415996 69862 0 3 0x92 kqread sshd-session 69862 194805 1 0 3 0x88 kqread sshd 1536 30819 83426 74 3 0x1100092 bpf pflogd 83426 433271 1 0 3 0x80 sbwait pflogd 34219 331495 67753 73 3 0x1100090 kqread syslogd 67753 155610 1 0 3 0x100082 sbwait syslogd 46033 11294 1 0 3 0x100080 kqread resolvd 93211 74524 69536 77 3 0x100092 kqread dhcpleased 2284 37645 69536 77 3 0x100092 kqread dhcpleased 69536 269426 1 0 3 0x80 kqread dhcpleased 95694 96828 0 0 3 0x14200 bored smr 85975 510509 0 0 2 0x14200 zerothread 38223 399582 0 0 3 0x14200 aiodoned aiodoned 71817 41460 0 0 3 0x14200 syncer update 16285 395558 0 0 3 0x14200 cleaner cleaner 46735 187251 0 0 3 0x14200 reaper reaper 81317 22920 0 0 3 0x14200 pgdaemon pagedaemon 59950 340609 0 0 3 0x14200 bored viomb 65417 380359 0 0 3 0x40014200 acpi0 acpi0 82082 171959 0 0 3 0x40014200 idle1 97281 171903 0 0 3 0x14200 bored softnet7 93644 6904 0 0 3 0x14200 bored softnet6 42657 489147 0 0 3 0x14200 bored softnet5 99547 327543 0 0 3 0x14200 bored softnet4 88495 392379 0 0 3 0x14200 bored softnet3 32999 388456 0 0 3 0x14200 bored softnet2 27593 230704 0 0 3 0x14200 bored softnet1 1098 198502 0 0 3 0x14200 bored softnet0 14739 392137 0 0 3 0x14200 bored systqmp 10691 365173 0 0 3 0x14200 bored systq 60461 491381 0 0 3 0x14200 tmoslp softclockmp 95680 330216 0 0 2 0x40014200 softclock 3517 468710 0 0 3 0x40014200 idle0 1 109016 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks Process 17397 (syz-executor) thread 0xffff80002a345a28 (124018) Process 57441 (syz-executor) thread 0xffff80002a2bcfb0 (153865) Process 55863 (syz-executor) thread 0xffff8000ffff2540 (345320) Process 10576 (syz-executor) thread 0xffff8000ffff3a00 (287214) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10240 11134K 11501K 166960K 11981 0 pcb 19 14K 16K 166960K 221 0 rtable 219 8K 8K 166960K 375 0 pf 36 18K 67486K 166960K 110 0 ifaddr 44 7K 7K 166960K 72 0 ifgroup 58 2K 2K 166960K 100 0 sysctl 3 1K 9K 166960K 13 0 counters 68 36K 37K 166960K 122 0 ioctlops 0 0K 4K 166960K 1631 0 iov 0 0K 16K 166960K 28 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1373 86K 87K 166960K 1994 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 8 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 91 0 dirhash 12 2K 2K 166960K 33 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 97K 166960K 806 0 sigio 0 0K 0K 166960K 9 0 proc 72 115K 164K 166960K 674 0 subproc 72 4K 4K 166960K 90 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 109 0 in_multi 98 7K 7K 166960K 150 0 ether_multi 1 0K 0K 166960K 8 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 259 1155K 1155K 166960K 259 0 exec 0 0K 1K 166960K 597 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 246 160K 174K 166960K 9088 0 UVM aobj 17 4K 4K 166960K 18 0 pinsyscall 43 86K 104K 166960K 1988 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 35 0 NDP 12 0K 2K 166960K 47 0 temp 56 8643K 8713K 166960K 26343 0 kqueue 15 24K 28K 166960K 127 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 95 0 92 1 0 1 1 0 8 0 rtentry 176 131 0 38 5 0 5 5 0 8 0 unpcb 144 413 0 396 3 1 2 2 0 8 1 syncache 336 6 0 6 2 1 1 1 0 8 1 tcpcb 736 284 0 277 10 5 5 10 0 8 4 arp 128 16 0 4 1 0 1 1 0 8 0 inpcb 328 880 0 863 16 11 5 10 0 8 3 nd6 144 27 0 5 1 0 1 1 0 8 0 pkpcb 40 10 0 10 2 1 1 1 0 8 1 kcovpl 48 10 0 2 1 0 1 1 0 8 0 ppxss 1192 22 0 22 2 1 1 1 0 8 1 pppxif 1504 1 0 1 1 1 0 1 0 8 0 pfstscr 40 2 0 2 1 1 0 1 0 8 0 pffrag 232 3 0 0 1 0 1 1 0 482 0 pffrnode 88 3 0 0 1 0 1 1 0 8 0 pffrent 40 5 0 2 1 0 1 1 0 8 0 pfosfp 40 1429 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1429 0 714 21 0 21 21 0 8 0 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 pftag 88 3 0 1 1 0 1 1 0 8 0 pfstitem 24 64 0 17 1 0 1 1 0 8 0 pfstkey 128 66 0 19 2 0 2 2 0 8 0 pfstate 384 65 0 18 5 0 5 5 0 8 0 pfrule 1344 39 0 28 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 583 0 143 30 2 28 28 0 8 0 art_table 40 584 0 143 5 0 5 5 0 8 0 art_node 32 131 0 53 1 0 1 1 0 8 0 sysvmsgpl 40 9 0 5 2 1 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 89 0 79 1 0 1 1 0 8 0 shmpl 112 15 0 1 1 0 1 1 0 8 0 dirhash 1024 31 0 14 3 0 3 3 0 8 0 dino2pl 256 2907 0 1397 95 0 95 95 0 8 0 ffsino 296 2907 0 1397 117 0 117 117 0 8 0 nchpl 144 3990 0 2297 65 1 64 64 0 8 0 rtmask 32 8 0 8 1 1 0 1 0 8 0 uvmvnodes 80 3296 0 0 68 0 68 68 0 8 0 vnodes 216 3296 0 0 184 0 184 184 0 8 0 namei 1024 13877 0 13877 3 2 1 1 0 8 1 percpumem 16 76 0 27 1 0 1 1 0 8 0 kstatmem 264 56 0 30 2 0 2 2 0 8 0 scsiplug 72 2 0 2 2 2 0 1 0 8 0 scxspl 216 27265 0 27265 10 9 1 8 1 8 1 plimitpl 152 242 0 222 1 0 1 1 0 8 0 sigapl 424 1140 0 1065 9 0 9 9 0 8 0 knotepl 120 372 0 0 12 0 12 12 0 8 0 kqueuepl 224 233 0 221 3 2 1 3 0 8 0 pipepl 344 164 0 136 4 1 3 3 0 8 0 fdescpl 528 1096 0 1064 3 0 3 3 0 8 0 filepl 160 6563 0 6327 25 10 15 21 0 8 3 lockfpl 104 661 0 657 4 3 1 3 0 8 0 lockfspl 48 114 0 111 1 0 1 1 0 8 0 sessionpl 144 28 0 19 1 0 1 1 0 8 0 pgrppl 48 50 0 33 1 0 1 1 0 8 0 ucredpl 104 1148 0 1135 1 0 1 1 0 8 0 zombiepl 144 1209 0 1209 3 2 1 1 0 8 1 processpl 1248 1140 0 1065 6 0 6 6 0 8 0 procpl 664 2280 0 2188 11 3 8 9 0 8 0 sosppl 168 1 0 1 1 1 0 1 0 8 0 sockpl 752 1412 0 1375 22 14 8 13 0 8 3 mcl64k 65536 5 0 0 1 0 1 1 0 8 0 mcl16k 16384 4 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 127 0 0 16 0 16 16 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 23 0 0 3 0 3 3 0 8 0 mtagpl 96 13 0 0 1 0 1 1 0 8 0 mbufpl 256 489 0 0 30 0 30 30 0 8 0 bufpl 280 11440 0 5296 440 0 440 440 0 8 0 anonpl 32 12698 0 0 103 0 103 103 0 246 0 amapchunkpl 152 30104 0 29597 40 13 27 28 0 158 4 amappl16 200 4006 0 3951 45 27 18 31 0 8 8 amappl15 192 7 0 6 1 0 1 1 0 8 0 amappl14 184 126 0 114 1 0 1 1 0 8 0 amappl13 176 10 0 9 1 0 1 1 0 8 0 amappl12 168 1788 0 1758 4 2 2 3 0 8 0 amappl11 160 51 0 37 1 0 1 1 0 8 0 amappl10 152 28 0 28 2 2 0 1 0 8 0 amappl9 144 254 0 254 2 2 0 1 0 8 0 amappl8 136 45 0 43 1 0 1 1 0 8 0 amappl7 128 115 0 103 1 0 1 1 0 8 0 amappl6 120 224 0 220 1 0 1 1 0 8 0 amappl5 112 128 0 117 1 0 1 1 0 8 0 amappl4 104 324 0 304 1 0 1 1 0 8 0 amappl3 96 5700 0 5583 5 1 4 4 0 8 0 amappl2 88 709 0 646 2 0 2 2 0 8 0 amappl1 80 11948 0 11343 16 1 15 15 0 8 1 amappl 88 8219 0 8046 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 8 0 8 2 2 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 7 0 7 2 2 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 17 0 1 1 0 1 1 0 8 0 uaddrrnd 24 1096 0 1064 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1096 0 1064 1 0 1 1 0 8 0 vmmpekpl 168 10562 0 10516 3 0 3 3 0 8 0 vmmpepl 168 75647 0 73628 127 21 106 118 0 357 9 vmsppl 488 1095 0 1064 6 1 5 5 0 8 0 rwobjpl 80 25771 0 21477 91 0 91 91 0 8 0 pdppl 4096 2200 0 2128 128 54 74 88 0 8 2 pvpl 32 19767 0 0 160 0 160 160 0 265 0 pmappl 256 1095 0 1064 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 331 0 67 8 0 8 8 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace sysctl_doproc(ffff80003c463588,4,200000000100,ffff80003c4635b8) at sysctl_doproc+0x270 sys/kern/kern_sysctl.c:1926 kern_sysctl_dirs(42,ffff80003c463588,4,200000000100,ffff80003c4635b8,0,3942784df3031790,ffff80003c463588) at kern_sysctl_dirs+0x375 sys/kern/kern_sysctl.c:442 kern_sysctl(ffff80003c463584,5,200000000100,ffff80003c4635b8,0,37,53d35c24d4f183df) at kern_sysctl+0x178 sys/kern/kern_sysctl.c:719 sys_sysctl(ffff80002a345a28,ffff80003c4636f0,ffff80003c463640) at sys_sysctl+0x3e5 sys/kern/kern_sysctl.c:-1 syscall(ffff80003c4636f0) at syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4636f0) at syscall+0xbd4 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x71491f03f80, count: -6 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff8000299edff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff83942d80) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff83942d80) at __mp_lock+0x192 sys/kern/kern_lock.c:165 __mp_acquire_count(ffffffff83942d80,1) at __mp_acquire_count+0x58 sys/kern/kern_lock.c:-1 pool_get(ffffffff8398ce00,1) at pool_get+0x266 sys/kern/subr_pool.c:588 uvm_mapent_alloc(fffffd8067af15e0,0) at uvm_mapent_alloc+0x354 sys/uvm/uvm_map.c:-1 uvm_map_mkentry(fffffd8067af15e0,fffffd806b85fc48,fffffd806b85fc48,a0a8cf77000,10000,0,7bedd04daf4c997e,10000) at uvm_map_mkentry+0x87 sys/uvm/uvm_map.c:-1 uvm_mapent_clone(fffffd8067af15e0,a0a8cf77000,10000,0,3,7,d70a8252eecfdf4e,fffffd806b46a630,ffff80002a3818a8,fffffd8067af15e0) at uvm_mapent_clone+0xba sys/uvm/uvm_map.c:3467 uvm_mapent_forkcopy(1,fffffd8067af15e0,fffffd806efd6d60,fffffd806b46a630,ffff80002a3818a8) at uvm_mapent_forkcopy+0x6f sys/uvm/uvm_map.c:3559 uvmspace_fork(ffff80002a302718) at uvmspace_fork+0x299 sys/uvm/uvm_map.c:3762 process_new(ffff80002a2a2a78,ffff80002a302718,1) at process_new+0x577 sys/kern/kern_fork.c:284 fork1(ffff8000ffff3a00,1,ffffffff82b623c0,0,ffff80002a381a80,0) at fork1+0x3f6 sys/kern/kern_fork.c:-1 syscall(ffff80002a381b30) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a381b30) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7cae6476abc0, count: -15