kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace done_flush() at done_flush+0x38 vm_run(ffff8000298239d0) at vm_run+0x1cf sys/arch/amd64/amd64/vmm.c:4529 vmmioctl(a00,c0205602,ffff8000298239d0,1,ffff800021277a40) at vmmioctl+0x192 sys/arch/amd64/amd64/vmm.c:680 VOP_IOCTL(fffffd806ed0f950,c0205602,ffff8000298239d0,1,fffffd807f7d74e0,ffff800021277a40) at VOP_IOCTL+0x96 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd807c922988,c0205602,ffff8000298239d0,ffff800021277a40) at vn_ioctl+0xbc sys/kern/vfs_vnops.c:525 sys_ioctl(ffff800021277a40,ffff800029823ae8,ffff800029823b30) at sys_ioctl+0x4a2 syscall(ffff800029823bb0) at syscall+0x4c2 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff800029823bb0) at syscall+0x4c2 sys/arch/amd64/amd64/trap.c:599 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb39590dc2b0, count: -8 ddb{0}> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff80002e4ade48 rbp 0xffff800029823720 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0x8000000000000000 r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0x278da09bcd5913a0 r11 0x36241f27f9f77d2 r12 0xffff80002e4adba0 r13 0xffffffff82967ff0 cpu_info_full_primary+0x1ff0 r14 0xffff80002e4ad800 r15 0xffff8000298239d0 rip 0xffffffff81bb63f0 done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff800029823576 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb{0}> show proc PROC (syz-executor.3) pid=379761 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff800021281ce8,0xffff800029842018 process=0xffff80002e522588 user=0xffff80002981e000, vmspace=0xfffffd8069c62748 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 94129 170196 63640 0 2 0 syz-executor.3 *94129 379761 63640 0 7 0x4000000 syz-executor.3 60561 112612 49418 0 2 0x4081000 syz-executor.0 60561 421784 49418 0 2 0x4081000 syz-executor.0 60561 94271 49418 0 3 0x4003000 suspend syz-executor.0 60561 366518 49418 0 2 0x4081000 syz-executor.0 60561 181154 49418 0 2 0x4081000 syz-executor.0 61617 363368 86193 0 3 0x80 nanoslp syz-executor.6 61617 156702 86193 0 3 0x4000080 netcon2 syz-executor.6 61617 302443 86193 0 3 0x4000080 fsleep syz-executor.6 26482 238508 7076 60928 7 0x10 syz-executor.7 26482 469801 7076 60928 3 0x4000090 netio syz-executor.7 26482 7429 7076 60928 3 0x4000090 kqread syz-executor.7 26482 458462 7076 60928 3 0x4000090 netcon2 syz-executor.7 48292 81991 0 0 3 0x14200 acct acct 49418 331177 74647 0 3 0x82 nanoslp syz-executor.0 83818 311844 74647 0 3 0x82 piperd syz-executor.4 12663 129486 1 0 3 0x100083 ttyin getty 7076 297521 74647 0 3 0x82 nanoslp syz-executor.7 63640 460933 74647 0 3 0x82 nanoslp syz-executor.3 86193 221069 74647 0 3 0x82 nanoslp syz-executor.6 78292 68741 74647 0 3 0x82 piperd syz-executor.2 98144 135693 74647 0 3 0x82 nanoslp syz-executor.5 40226 484910 0 0 3 0x14280 nfsidl nfsio 14108 337503 0 0 3 0x14280 nfsidl nfsio 79915 93667 0 0 3 0x14280 nfsidl nfsio 61710 321687 0 0 3 0x14280 nfsidl nfsio 46013 138269 0 0 3 0x14280 nfsidl nfsio 94277 435626 0 0 3 0x14280 nfsidl nfsio 4906 381991 0 0 3 0x14280 nfsidl nfsio 2984 384352 0 0 3 0x14280 nfsidl nfsio 55076 405750 0 0 3 0x14280 nfsidl nfsio 74045 83798 0 0 3 0x14280 nfsidl nfsio 84741 116258 0 0 3 0x14280 nfsidl nfsio 39316 218231 0 0 3 0x14280 nfsidl nfsio 60680 277889 0 0 3 0x14280 nfsidl nfsio 46733 198704 0 0 3 0x14280 nfsidl nfsio 99788 235418 0 0 3 0x14280 nfsidl nfsio 76352 331760 0 0 3 0x14280 nfsidl nfsio 97503 126754 0 0 3 0x14280 nfsidl nfsio 68703 287056 0 0 3 0x14280 nfsidl nfsio 60667 487056 0 0 3 0x14280 nfsidl nfsio 73460 136569 0 0 3 0x14280 nfsidl nfsio 67207 429234 0 0 3 0x14200 bored sosplice 74647 285770 33261 0 3 0x82 wait syz-fuzzer 74647 60805 33261 0 3 0x4000082 thrsleep syz-fuzzer 74647 493100 33261 0 3 0x4000082 wait syz-fuzzer 74647 422798 33261 0 3 0x4000082 thrsleep syz-fuzzer 74647 18604 33261 0 3 0x4000082 wait syz-fuzzer 74647 416695 33261 0 3 0x4000082 thrsleep syz-fuzzer 74647 434167 33261 0 3 0x4000082 wait syz-fuzzer 74647 256464 33261 0 3 0x4000082 thrsleep syz-fuzzer 74647 199308 33261 0 3 0x4000082 thrsleep syz-fuzzer 74647 281037 33261 0 3 0x4000082 thrsleep syz-fuzzer 74647 93605 33261 0 3 0x4000082 wait syz-fuzzer 74647 209257 33261 0 3 0x4000082 wait syz-fuzzer 74647 4080 33261 0 3 0x4000082 thrsleep syz-fuzzer 74647 186475 33261 0 3 0x4000082 kqread syz-fuzzer 74647 189832 33261 0 3 0x4000082 wait syz-fuzzer 74647 521483 33261 0 3 0x4000082 thrsleep syz-fuzzer 33261 474249 71988 0 3 0x10008a sigsusp ksh 71988 234007 60313 0 3 0x9a kqread sshd 60313 324627 1 0 3 0x88 kqread sshd 32298 268213 55986 74 3 0x1100092 bpf pflogd 55986 139908 1 0 3 0x80 netio pflogd 10532 269999 97861 73 3 0x1100090 kqread syslogd 97861 498772 1 0 3 0x100082 netio syslogd 98699 428998 1 0 3 0x100080 kqread resolvd 17829 471193 7154 77 3 0x100092 kqread dhcpleased 84420 239263 7154 77 3 0x100092 kqread dhcpleased 7154 271606 1 0 3 0x80 kqread dhcpleased 29809 376068 0 0 3 0x14200 bored smr 92812 374779 0 0 2 0x14200 zerothread 7387 479914 0 0 3 0x14200 aiodoned aiodoned 96956 128912 0 0 3 0x14200 syncer update 11069 309716 0 0 3 0x14200 cleaner cleaner 20234 45374 0 0 3 0x14200 reaper reaper 88235 159717 0 0 3 0x14200 pgdaemon pagedaemon 65123 438203 0 0 3 0x14200 bored viomb 26663 290538 0 0 3 0x40014200 acpi0 acpi0 46087 361260 0 0 3 0x40014200 idle1 52026 306641 0 0 3 0x14200 bored softnet 52725 430229 0 0 3 0x14200 bored softnet 75468 153430 0 0 3 0x14200 bored softnet 36335 220953 0 0 3 0x14200 bored softnet 77682 290504 0 0 3 0x14200 bored systqmp 57883 115903 0 0 3 0x14200 bored systq 30543 379804 0 0 3 0x40014200 bored softclock 13019 254505 0 0 3 0x40014200 idle0 1 203162 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 94129 (syz-executor.3) thread 0xffff800021277a40 (379761) exclusive rwlock vcpu r = 0 (0xffff80002e4adbb0) #0 witness_lock+0x44d #1 vm_run+0xc6 sys/arch/amd64/amd64/vmm.c:4503 #2 vmmioctl+0x192 sys/arch/amd64/amd64/vmm.c:680 #3 VOP_IOCTL+0x96 sys/kern/vfs_vops.c:264 #4 vn_ioctl+0xbc sys/kern/vfs_vnops.c:525 #5 sys_ioctl+0x4a2 #6 syscall+0x4c2 mi_syscall sys/sys/syscall_mi.h:101 [inline] #6 syscall+0x4c2 sys/arch/amd64/amd64/trap.c:599 #7 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10225 6501K 6818K 78643K 17530 0 pcb 13 18K 23K 78643K 1042 0 rtable 218 9K 9K 78643K 1806 0 ifaddr 116 24K 25K 78643K 586 0 sysctl 2 0K 0K 78643K 2 0 counters 58 35K 36K 78643K 264 0 ioctlops 0 0K 4K 78643K 2297 0 iov 0 0K 16K 78643K 740 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1501 94K 94K 78643K 4724 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 70 0 VM map 2 1K 1K 78643K 2 0 sem 16 3K 5K 78643K 144 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 13 45K 85K 78643K 6481 0 sigio 0 0K 0K 78643K 37 0 proc 72 91K 128K 78643K 1331 0 subproc 91 5K 6K 78643K 377 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 1286 0 in_multi 85 5K 6K 78643K 418 0 ether_multi 1 0K 0K 78643K 31 0 mrt 1 0K 0K 78643K 27 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 163 731K 731K 78643K 163 0 exec 0 0K 1K 78643K 1566 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 430 651K 660K 78643K 47209 0 UVM aobj 131 4K 4K 78643K 134 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 2 0K 0K 78643K 376 0 NDP 14 0K 2K 78643K 162 0 temp 133 4698K 5722K 78643K 86886 0 kqueue 12 18K 26K 78643K 590 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 951 0 948 13 10 3 3 0 8 2 rtentry 112 414 0 320 4 1 3 4 0 8 0 unpcb 144 11958 0 11940 63 58 5 8 0 8 4 syncache 296 34 0 34 11 10 1 1 0 8 1 tcpqe 32 148 0 148 5 5 0 1 0 8 0 tcpcb 776 1777 0 1766 52 50 2 11 0 8 0 arp 120 65 0 47 1 0 1 1 0 8 0 inpcb 368 6006 0 5992 113 106 7 16 0 8 5 nd6 48 94 0 72 1 0 1 1 0 8 0 pkpcb 40 17 0 17 5 5 0 1 0 8 0 kcovpl 48 29 0 22 1 0 1 1 0 8 0 ppxss 1256 38 0 38 11 10 1 1 0 8 1 pppxif 1704 16 0 16 5 5 0 1 0 8 0 pfstscr 40 5 0 2 2 1 1 1 0 8 0 pffrag 232 11 0 10 4 3 1 1 0 482 0 pffrnode 88 11 0 10 4 3 1 1 0 8 0 pffrent 40 21 0 20 4 3 1 1 0 8 0 pfosfp 40 1437 0 1012 5 0 5 5 0 8 0 pfosfpen 112 1437 0 717 21 0 21 21 0 8 0 pfanchor 1280 28 0 28 1 1 0 1 0 8 0 pfqueue 264 3 0 3 1 1 0 1 0 8 0 pfstitem 24 9 0 3 2 1 1 1 0 8 0 pfstkey 120 13 0 11 2 1 1 1 0 8 0 pfstate 384 8 0 5 2 1 1 1 0 8 0 rttmr 136 3 0 3 1 1 0 1 0 8 0 art_heap8 4096 4 0 3 4 3 1 3 0 8 0 art_heap4 256 1774 0 1376 42 14 28 29 0 8 0 art_table 32 1778 0 1379 4 0 4 4 0 8 0 art_node 16 402 0 320 1 0 1 1 0 8 0 semupl 112 5 0 5 2 2 0 1 0 8 0 semapl 112 51 0 37 1 0 1 1 0 8 0 shmpl 112 131 0 3 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 10645 0 9171 93 0 93 93 0 8 0 ffsino 272 10645 0 9171 99 0 99 99 0 8 0 nchpl 144 20207 0 19721 63 39 24 63 0 8 0 rtmask 32 2 0 2 1 1 0 1 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 68977 0 68977 3 2 1 2 0 8 1 percpumem 16 144 0 103 1 0 1 1 0 8 0 vcpupl 2048 200 0 1 25 0 25 25 0 8 0 vmpool 568 206 0 7 15 0 15 15 0 8 0 kstatmem 264 198 0 170 4 1 3 3 0 8 0 scsiplug 72 17 0 17 5 5 0 1 0 8 0 scxspl 216 58261 0 58261 24 22 2 8 0 8 2 plimitpl 152 712 0 697 1 0 1 1 0 8 0 sigapl 424 6779 0 6713 9 1 8 8 0 8 0 futexpl 64 56685 0 56684 1 0 1 1 0 8 0 knotepl 120 647 0 0 18 1 17 17 0 8 0 kqueuepl 216 1892 0 1883 37 34 3 6 0 8 2 pipepl 320 1179 0 1153 30 22 8 8 0 8 5 fdescpl 496 6740 0 6714 9 5 4 5 0 8 0 filepl 152 50254 0 50019 82 63 19 21 0 8 7 lockfpl 104 4085 0 4081 10 9 1 2 0 8 0 lockfspl 48 1041 0 1037 1 0 1 1 0 8 0 sessionpl 144 46 0 30 1 0 1 1 0 8 0 pgrppl 48 58 0 42 1 0 1 1 0 8 0 ucredpl 104 5011 0 4996 1 0 1 1 0 8 0 zombiepl 144 6715 0 6713 1 0 1 1 0 8 0 processpl 1064 6779 0 6713 5 0 5 5 0 8 0 procpl 672 19014 0 18922 17 8 9 10 0 8 0 srpgc 96 18 0 18 7 6 1 1 0 8 1 sosppl 168 31 0 30 6 5 1 1 0 8 0 sockpl 488 19001 0 18966 359 346 13 29 0 8 7 mcl64k 65536 17 0 0 3 0 3 3 0 8 0 mcl16k 16384 25 0 0 4 1 3 3 0 8 0 mcl12k 12288 17 0 0 2 0 2 2 0 8 0 mcl9k 9216 17 0 0 2 0 2 2 0 8 0 mcl8k 8192 25 0 0 3 0 3 3 0 8 0 mcl4k 4096 25 0 0 3 0 3 3 0 8 0 mcl2k2 2112 5 0 0 1 0 1 1 0 8 0 mcl2k 2048 390 0 0 48 7 41 48 0 8 0 mtagpl 96 254 0 0 5 1 4 5 0 8 0 mbufpl 256 1396 0 0 70 0 70 70 0 8 0 bufpl 288 14337 0 8000 453 0 453 453 0 8 0 anonpl 24 1381992 0 1367163 181 58 123 138 0 186 0 amapchunkpl 152 130709 0 129926 59 20 39 45 0 158 0 amappl16 200 12841 0 12302 86 55 31 39 0 8 0 amappl15 192 9 0 9 1 1 0 1 0 8 0 amappl14 184 243 0 225 4 2 2 2 0 8 0 amappl13 176 15 0 15 4 4 0 1 0 8 0 amappl12 168 686 0 682 1 0 1 1 0 8 0 amappl11 160 50 0 36 1 0 1 1 0 8 0 amappl10 152 61 0 50 1 0 1 1 0 8 0 amappl9 144 994 0 992 1 0 1 1 0 8 0 amappl8 136 410 0 317 4 0 4 4 0 8 0 amappl7 128 92 0 72 1 0 1 1 0 8 0 amappl6 120 542 0 524 2 1 1 2 0 8 0 amappl5 112 154 0 143 1 0 1 1 0 8 0 amappl4 104 939 0 894 3 1 2 2 0 8 0 amappl3 96 20006 0 19952 3 1 2 2 0 8 0 amappl2 88 7368 0 7294 3 1 2 3 0 8 0 amappl1 80 156892 0 156159 28 10 18 22 0 8 1 amappl 88 46032 0 45788 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 133 0 3 3 0 3 3 0 8 0 uaddrrnd 24 6946 0 6721 2 0 2 2 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6946 0 6721 2 0 2 2 0 8 0 vmmpekpl 168 55675 0 55587 5 0 5 5 0 8 0 vmmpepl 168 625072 0 621968 313 160 153 174 0 357 6 vmsppl 368 6945 0 6721 24 3 21 21 0 8 0 rwobjpl 56 173020 0 165149 121 8 113 114 0 8 0 pdppl 4096 13899 0 13641 561 293 268 268 0 8 10 pvpl 32 2718716 0 2697982 396 186 210 275 0 265 5 pmappl 248 6945 0 6721 16 1 15 15 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1565 0 441 33 0 33 33 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace done_flush() at done_flush+0x38 vm_run(ffff8000298239d0) at vm_run+0x1cf sys/arch/amd64/amd64/vmm.c:4529 vmmioctl(a00,c0205602,ffff8000298239d0,1,ffff800021277a40) at vmmioctl+0x192 sys/arch/amd64/amd64/vmm.c:680 VOP_IOCTL(fffffd806ed0f950,c0205602,ffff8000298239d0,1,fffffd807f7d74e0,ffff800021277a40) at VOP_IOCTL+0x96 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd807c922988,c0205602,ffff8000298239d0,ffff800021277a40) at vn_ioctl+0xbc sys/kern/vfs_vnops.c:525 sys_ioctl(ffff800021277a40,ffff800029823ae8,ffff800029823b30) at sys_ioctl+0x4a2 syscall(ffff800029823bb0) at syscall+0x4c2 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff800029823bb0) at syscall+0x4c2 sys/arch/amd64/amd64/trap.c:599 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb39590dc2b0, count: -8 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800020dd8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 end of kernel end trace frame: 0x7f7ffffeb310, count: -3