kernel: protection fault trap, code=0 Stopped at sys_msgrcv+0x3f2: movq 0x10(%r13),%rdi ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_msgrcv(ffff80002a7f3248,ffff80003c9fbf30,ffff80003c9fbe80) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a7f3248,ffff80003c9fbf30,ffff80003c9fbe80) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80003c9fbf30) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9fbf30) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xcef382c49b0, count: -3 ddb> show registers rdi 0 rsi 0x200000001208 rbp 0xffff80003c9fbe60 rbx 0 rdx 0xffff800001466a00 rcx 0 rax 0xa r8 0x7f7fffffc000 r9 0 r10 0xee63da9c351b11be r11 0x4dbd40b9d0716d5 r12 0xfffffd806b3f1c80 r13 0xdeafbeaddeafbead r14 0xffff8000016dc400 r15 0xa rip 0xffffffff82b79872 sys_msgrcv+0x3f2 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff80003c9fbdc0 ss 0 sys_msgrcv+0x3f2: movq 0x10(%r13),%rdi ddb> show proc PROC (syz-executor) tid=143975 pid=50854 tcnt=4 stat=onproc flags process=10 proc=4000000 runpri=36, usrpri=83, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7f2d18,0xffff80002a7f2a90 process=0xffff80003ca5a928 user=0xffff80003c9f6000, vmspace=0xfffffd806bb9d5d0 estcpu=33, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 93230 187675 17401 0 2 0 syz-executor 93230 8950 17401 0 3 0x4000080 fsleep syz-executor 94484 208699 42610 0 2 0 syz-executor 94484 323775 42610 0 3 0x4000080 fsleep syz-executor 94484 270031 42610 0 3 0x4000080 fsleep syz-executor 94138 298994 78871 0 3 0x80 nanoslp syz-executor 94138 269916 78871 0 3 0x4000080 bell syz-executor 94138 303743 78871 0 2 0x4000000 syz-executor 36824 521935 41925 0 2 0 syz-executor 36824 438163 41925 0 3 0x4000080 sbwait syz-executor 36824 67278 41925 0 2 0x4000000 syz-executor 32750 275357 83137 0 2 0 syz-executor 32750 308746 83137 0 3 0x4000080 fsleep syz-executor 32750 249815 83137 0 2 0x4000000 syz-executor 40308 378844 15134 0 3 0x80 nanoslp syz-executor 40308 358593 15134 0 3 0x4000080 netcon syz-executor 40308 284494 15134 0 3 0x4000080 fsleep syz-executor 50854 461926 41532 0 2 0x10 syz-executor *50854 143975 41532 0 7 0x4000010 syz-executor 50854 499263 41532 0 3 0x4000090 fsleep syz-executor 50854 123764 41532 0 2 0x4000010 syz-executor 30959 311866 0 0 3 0x14200 acct acct 78610 494530 0 0 3 0x14280 nfsidl nfsio 63419 443240 0 0 3 0x14280 nfsidl nfsio 22537 213671 0 0 3 0x14280 nfsidl nfsio 81955 316013 0 0 3 0x14280 nfsidl nfsio 20565 263144 0 0 3 0x14280 nfsidl nfsio 83476 249152 0 0 3 0x14280 nfsidl nfsio 50669 94771 0 0 3 0x14280 nfsidl nfsio 67406 354123 0 0 3 0x14280 nfsidl nfsio 87991 513930 0 0 3 0x14280 nfsidl nfsio 85768 453560 0 0 3 0x14280 nfsidl nfsio 79424 395456 0 0 3 0x14280 nfsidl nfsio 83083 274342 0 0 3 0x14280 nfsidl nfsio 32711 317858 0 0 3 0x14280 nfsidl nfsio 77990 28177 0 0 3 0x14280 nfsidl nfsio 93692 179775 0 0 3 0x14280 nfsidl nfsio 23331 333983 0 0 3 0x14280 nfsidl nfsio 72692 443490 0 0 3 0x14280 nfsidl nfsio 27463 125134 0 0 3 0x14280 nfsidl nfsio 61591 231050 0 0 3 0x14280 nfsidl nfsio 23715 479354 0 0 3 0x14280 nfsidl nfsio 80661 330150 1 0 3 0x100083 ttyin getty 96649 135754 0 0 3 0x14200 bored sosplice 15134 334508 2467 0 3 0x82 nanoslp syz-executor 78871 119532 2467 0 3 0x82 nanoslp syz-executor 42610 512495 2467 0 3 0x82 nanoslp syz-executor 41532 261978 2467 0 3 0x82 nanoslp syz-executor 41925 80845 2467 0 3 0x82 nanoslp syz-executor 17401 462616 2467 0 3 0x82 nanoslp syz-executor 83137 95536 2467 0 3 0x82 nanoslp syz-executor 36649 491762 2467 0 3 0x82 wait syz-executor 2467 477476 11881 0 3 0x82 kqread syz-executor 11881 28721 88274 0 3 0x10008a sigsusp ksh 88274 441471 68449 0 3 0x98 kqread sshd-session 68449 324926 75586 0 3 0x92 kqread sshd-session 75586 266882 1 0 3 0x88 kqread sshd 74456 388930 42170 73 3 0x1100090 kqread syslogd 42170 114426 1 0 3 0x100082 sbwait syslogd 92599 354990 1 0 3 0x100080 kqread resolvd 83746 147676 47230 77 3 0x100092 kqread dhcpleased 33400 191318 47230 77 3 0x100092 kqread dhcpleased 47230 179478 1 0 3 0x80 kqread dhcpleased 35257 74831 0 0 3 0x14200 bored smr 77213 399116 0 0 2 0x14200 zerothread 67802 167007 0 0 3 0x14200 aiodoned aiodoned 13678 520999 0 0 3 0x14200 syncer update 2571 127444 0 0 3 0x14200 cleaner cleaner 959 487322 0 0 3 0x14200 reaper reaper 78211 393763 0 0 3 0x14200 pgdaemon pagedaemon 41703 102959 0 0 3 0x14200 bored viomb 5268 351032 0 0 3 0x40014200 acpi0 acpi0 51840 254236 0 0 3 0x14200 bored softnet7 27269 124046 0 0 3 0x14200 bored softnet6 46798 98283 0 0 3 0x14200 bored softnet5 95043 47514 0 0 3 0x14200 bored softnet4 62543 474458 0 0 3 0x14200 bored softnet3 14422 63036 0 0 3 0x14200 bored softnet2 23013 485615 0 0 3 0x14200 bored softnet1 71365 324391 0 0 3 0x14200 bored softnet0 8938 198047 0 0 3 0x14200 bored systqmp 64053 78390 0 0 3 0x14200 bored systq 51314 501432 0 0 3 0x40014200 tmoslp softclock 59031 135294 0 0 3 0x40014200 idle0 1 275249 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10239 11266K 13227K 166960K 13650 0 pcb 17 13K 14K 166960K 273 0 rtable 201 9K 10K 166960K 488 0 pf 30 13K 19K 166960K 129 0 ifaddr 38 7K 8K 166960K 95 0 ifgroup 46 2K 2K 166960K 157 0 sysctl 3 1K 9K 166960K 15 0 counters 31 17K 18K 166960K 91 0 ioctlops 0 0K 4K 166960K 210 0 iov 0 0K 24K 166960K 56 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1497 94K 95K 166960K 2518 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 19 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 46 0 dirhash 12 2K 2K 166960K 27 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 93K 166960K 1131 0 sigio 0 0K 0K 166960K 95 0 proc 60 59K 91K 166960K 609 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 119 0 in_multi 86 6K 7K 166960K 140 0 ether_multi 1 0K 0K 166960K 8 0 mrt 1 0K 0K 166960K 6 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 289 1288K 1288K 166960K 289 0 exec 0 0K 1K 166960K 556 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 247 160K 176K 166960K 11933 0 UVM aobj 29 6K 6K 166960K 33 0 pinsyscall 39 78K 94K 166960K 2182 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 52 0 NDP 10 0K 2K 166960K 63 0 temp 79 8643K 8898K 166960K 57250 0 kqueue 14 22K 30K 166960K 219 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 264 0 261 3 2 1 3 0 8 0 rtentry 136 129 0 52 4 0 4 4 0 8 0 unpcb 144 1093 0 1077 9 3 6 6 0 8 5 syncache 336 8 0 8 2 1 1 1 0 8 1 tcpqe 32 3 0 3 2 1 1 1 0 8 1 tcpcb 736 635 0 622 16 9 7 10 0 8 5 arp 88 17 0 6 1 0 1 1 0 8 0 ipq 40 3 0 2 1 0 1 1 0 8 0 ipqe 40 5 0 4 1 0 1 1 0 8 0 inpcb 328 1412 0 1394 23 13 10 15 0 8 8 ip6q 72 8 0 4 1 0 1 1 0 8 0 ip6af 40 13 0 8 1 0 1 1 0 8 0 nd6 104 21 0 5 1 0 1 1 0 8 0 pkpcb 40 17 0 17 2 1 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 0 1 1 0 8 1 ppxss 1072 46 0 46 2 1 1 1 0 8 1 pppxif 1384 10 0 10 2 1 1 1 0 8 1 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 pfanchor 1288 2 0 0 1 0 1 1 0 8 0 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 4 0 2 1 0 1 1 0 8 0 pfstate 384 2 0 1 1 0 1 1 0 8 0 pfrule 1344 6 0 6 1 1 0 1 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 539 0 161 30 1 29 29 0 8 5 art_table 40 542 0 161 5 0 5 5 0 8 0 art_node 32 127 0 61 1 0 1 1 0 8 0 sysvmsgpl 40 26 0 16 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 40 0 30 1 0 1 1 0 8 0 shmpl 112 30 0 4 1 0 1 1 0 8 0 dirhash 1024 27 0 10 3 0 3 3 0 8 0 dino2pl 256 3671 0 2177 95 0 95 95 0 8 0 ffsino 256 3671 0 2177 95 0 95 95 0 8 0 nchpl 144 5349 0 3668 63 0 63 63 0 8 0 rtmask 32 7 0 7 2 1 1 1 0 8 1 uvmvnodes 80 4358 0 0 89 0 89 89 0 8 0 vnodes 216 4358 0 0 243 0 243 243 0 8 0 namei 1024 18247 0 18247 3 2 1 2 0 8 1 kstatmem 264 94 0 74 3 1 2 3 0 8 0 scsiplug 72 5 0 5 2 1 1 1 0 8 1 scxspl 216 23317 0 23317 9 7 2 8 1 8 2 plimitpl 152 438 0 422 1 0 1 1 0 8 0 sigapl 424 1442 0 1370 10 1 9 9 0 8 0 knotepl 120 54180 0 54125 23 13 10 15 0 8 7 kqueuepl 184 520 0 510 7 3 4 4 0 8 3 pipepl 304 221 0 194 3 0 3 3 0 8 0 fdescpl 448 1399 0 1369 5 1 4 5 0 8 0 filepl 120 10300 0 10075 18 5 13 14 0 8 5 lockfpl 104 467 0 464 2 0 2 2 0 8 1 lockfspl 48 181 0 178 1 0 1 1 0 8 0 sessionpl 144 25 0 17 1 0 1 1 0 8 0 pgrppl 48 53 0 37 1 0 1 1 0 8 0 ucredpl 104 2218 0 2205 1 0 1 1 0 8 0 zombiepl 144 1671 0 1670 1 0 1 1 0 8 0 processpl 1168 1442 0 1370 7 1 6 6 0 8 0 procpl 664 3048 0 2962 9 1 8 8 0 8 0 sosppl 168 7 0 7 1 0 1 1 0 8 1 sockpl 552 2817 0 2780 24 13 11 15 0 8 7 mcl64k 65536 192 0 191 2 0 2 2 0 8 1 mcl9k 9216 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 18 0 18 2 1 1 1 0 8 1 mcl4k 4096 3782 0 3732 14 6 8 13 0 8 1 mcl2k 2048 1825 0 1816 7 3 4 5 0 8 2 mtagpl 96 62 0 14 2 0 2 2 0 8 0 mbufpl 256 15632 0 15455 29 12 17 24 0 8 3 bufpl 280 8384 0 2156 446 0 446 446 0 8 0 anonpl 24 216052 0 212699 85 17 68 68 0 187 33 amapchunkpl 152 40437 0 39897 38 4 34 34 0 158 13 amappl16 200 3960 0 3925 36 23 13 18 0 8 8 amappl15 192 43 0 43 1 1 0 1 0 8 0 amappl14 184 177 0 167 1 0 1 1 0 8 0 amappl13 176 51 0 51 1 1 0 1 0 8 0 amappl12 168 2017 0 1987 3 1 2 3 0 8 0 amappl11 160 47 0 37 1 0 1 1 0 8 0 amappl10 152 1 0 1 1 1 0 1 0 8 0 amappl9 144 288 0 288 1 1 0 1 0 8 0 amappl8 136 20 0 19 1 0 1 1 0 8 0 amappl7 128 106 0 95 1 0 1 1 0 8 0 amappl6 120 177 0 173 1 0 1 1 0 8 0 amappl5 112 134 0 126 1 0 1 1 0 8 0 amappl4 104 293 0 277 1 0 1 1 0 8 0 amappl3 96 7972 0 7849 4 0 4 4 0 8 0 amappl2 88 640 0 583 2 0 2 2 0 8 0 amappl1 80 12634 0 12077 14 0 14 14 0 8 0 amappl 88 11084 0 10902 6 1 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 2 1 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 8 0 8 2 1 1 1 0 8 1 dma16 16 21 0 20 1 0 1 1 0 8 0 aobjpl 72 32 0 4 1 0 1 1 0 8 0 uaddrrnd 24 1399 0 1369 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1399 0 1369 1 0 1 1 0 8 0 vmmpekpl 168 12306 0 12280 2 0 2 2 0 8 0 vmmpepl 168 92331 0 90374 107 11 96 103 0 357 6 vmsppl 368 1398 0 1369 4 1 3 4 0 8 0 rwobjpl 40 29404 0 24130 54 0 54 54 0 8 0 pdppl 4096 2805 0 2738 101 34 67 81 0 8 0 pvpl 32 619120 0 610124 175 38 137 140 0 265 37 pmappl 216 1398 0 1369 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 423 0 75 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_msgrcv(ffff80002a7f3248,ffff80003c9fbf30,ffff80003c9fbe80) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a7f3248,ffff80003c9fbf30,ffff80003c9fbe80) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80003c9fbf30) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9fbf30) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xcef382c49b0, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_msgrcv(ffff80002a7f3248,ffff80003c9fbf30,ffff80003c9fbe80) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a7f3248,ffff80003c9fbf30,ffff80003c9fbe80) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff80003c9fbf30) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9fbf30) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xcef382c49b0, count: -3