kernel: integer divide fault trap, code=0 Stopped at tcp_update_sndspace+0x1e1: divl %ecx,%eax ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace tcp_update_sndspace(ffff800000cde308) at tcp_update_sndspace+0x1e1 sys/netinet/tcp_usrreq.c:1514 tcp_output(ffff800000cde308) at tcp_output+0x23c8 sys/netinet/tcp_output.c:993 tcp_connect(fffffd806f4c9008,fffffd80755fb500) at tcp_connect+0x348 sys/netinet/tcp_usrreq.c:679 sys_connect(ffff800022d28b28,ffff80002e43fa28,ffff80002e43fa70) at sys_connect+0x203 sys/kern/uipc_syscalls.c:422 syscall(ffff80002e43faf0) at syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline] syscall(ffff80002e43faf0) at syscall+0x606 sys/arch/amd64/amd64/trap.c:625 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9e7f2df4c60, count: -6 ddb{0}> show registers rdi 0xffff800027b6e000 rsi 0x4e2 rbp 0xffff80002e43f770 rbx 0x4000 __ALIGN_SIZE+0x3000 rdx 0 rcx 0 rax 0x4000 __ALIGN_SIZE+0x3000 r8 0xd0 r9 0x34ddd43f6b16a38e r10 0x11c11affa8f7e480 r11 0xdecdf86f6b8dcf5 r12 0x800 r13 0x800 r14 0x4000 __ALIGN_SIZE+0x3000 r15 0xfffffd806f4c9008 rip 0xffffffff82165851 tcp_update_sndspace+0x1e1 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002e43f710 ss 0x10 tcp_update_sndspace+0x1e1: divl %ecx,%eax ddb{0}> show proc PROC (syz-executor.2) pid=416455 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=83, nice=20 forw=0xffffffffffffffff, list=0xffff8000211f4590,0xffff800022d28df0 process=0xffff8000ffff6e30 user=0xffff80002e43a000, vmspace=0xfffffd80670f9dc8 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 57759 161696 57218 0 7 0 syz-executor.3 57759 116190 57218 0 2 0x4000000 syz-executor.3 68871 364124 70411 0 2 0 syz-executor.2 *68871 416455 70411 0 7 0x4000000 syz-executor.2 16203 344058 82846 0 3 0x80 nanoslp syz-executor.7 16203 117506 82846 0 3 0x4000080 lockf syz-executor.7 16203 146867 82846 0 3 0x4000080 fsleep syz-executor.7 27976 280899 57439 0 2 0 syz-executor.6 27976 135623 57439 0 3 0x4000080 fsleep syz-executor.6 27976 264137 57439 0 3 0x4000080 fsleep syz-executor.6 70411 9630 84599 0 3 0x82 nanoslp syz-executor.2 57218 387486 84599 0 3 0x82 nanoslp syz-executor.3 34221 260964 84599 0 3 0x82 nanoslp syz-executor.4 9561 292828 84599 0 2 0x2 syz-executor.5 57439 253383 84599 0 3 0x82 nanoslp syz-executor.6 51218 131300 84599 0 2 0x2 syz-executor.0 83013 203392 84599 0 2 0x2 syz-executor.1 82846 406571 84599 0 3 0x82 nanoslp syz-executor.7 82889 99131 1 0 3 0x100083 ttyin getty 4930 109205 1 0 3 0 vmmapbsy syz-executor.6 4930 274781 1 0 3 0x4000000 vmmaplk syz-executor.6 15740 40596 0 0 3 0x14200 bored sosplice 84599 495551 88701 0 3 0x82 wait syz-fuzzer 84599 209885 88701 0 3 0x4000082 nanoslp syz-fuzzer 84599 29093 88701 0 3 0x4000082 thrsleep syz-fuzzer 84599 164662 88701 0 2 0x4000002 syz-fuzzer 84599 189448 88701 0 3 0x4000082 thrsleep syz-fuzzer 84599 487784 88701 0 3 0x4000082 wait syz-fuzzer 84599 52620 88701 0 3 0x4000082 thrsleep syz-fuzzer 84599 440167 88701 0 3 0x4000082 wait syz-fuzzer 84599 278794 88701 0 3 0x4000082 wait syz-fuzzer 84599 77942 88701 0 3 0x4000082 wait syz-fuzzer 84599 320644 88701 0 3 0x4000082 thrsleep syz-fuzzer 84599 15122 88701 0 3 0x4000082 thrsleep syz-fuzzer 84599 494698 88701 0 3 0x4000082 kqread syz-fuzzer 84599 157053 88701 0 3 0x4000082 wait syz-fuzzer 84599 65702 88701 0 3 0x4000082 wait syz-fuzzer 84599 432665 88701 0 3 0x4000082 wait syz-fuzzer 88701 194645 18016 0 3 0x10008a sigsusp ksh 18016 20213 23748 0 2 0x9a sshd 23748 498776 1 0 3 0x88 kqread sshd 51642 404352 15779 74 3 0x1100092 bpf pflogd 15779 85236 1 0 3 0x80 netio pflogd 19460 493738 95171 73 3 0x1100090 kqread syslogd 95171 380808 1 0 3 0x100082 netio syslogd 96748 458075 1 0 3 0x100080 kqread resolvd 50330 327397 81196 77 3 0x100092 kqread dhcpleased 31989 373057 81196 77 3 0x100092 kqread dhcpleased 81196 193665 1 0 3 0x80 kqread dhcpleased 56777 276646 0 0 3 0x14200 bored smr 33988 357107 0 0 2 0x14200 zerothread 71101 281878 0 0 3 0x14200 aiodoned aiodoned 4277 386774 0 0 3 0x14200 syncer update 46582 382310 0 0 3 0x14200 cleaner cleaner 36554 294928 0 0 3 0x14200 reaper reaper 91849 221783 0 0 3 0x14200 pgdaemon pagedaemon 38428 455343 0 0 3 0x14200 bored viomb 8342 475998 0 0 3 0x40014200 acpi0 acpi0 30715 159497 0 0 3 0x40014200 idle1 61585 260510 0 0 3 0x14200 bored softnet 8982 125183 0 0 3 0x14200 bored softnet 2501 26923 0 0 3 0x14200 bored softnet 35912 520872 0 0 3 0x14200 bored softnet 76924 378540 0 0 3 0x14200 bored systqmp 17165 101263 0 0 3 0x14200 bored systq 6379 361649 0 0 3 0x40014200 bored softclock 77507 166178 0 0 3 0x40014200 idle0 1 155633 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 68871 (syz-executor.2) thread 0xffff800022d28b28 (416455) exclusive rwlock netlock r = 0 (0xffffffff82b49670) #0 witness_lock+0x44d #1 sys_connect+0x1ba isdnssocket sys/kern/uipc_syscalls.c:127 [inline] #1 sys_connect+0x1ba sys/kern/uipc_syscalls.c:413 #2 syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline] #2 syscall+0x606 sys/arch/amd64/amd64/trap.c:625 #3 Xsyscall+0x128 Process 4930 (syz-executor.6) thread 0xffff800022d29b78 (274781) shared rwlock vmmaplk r = 0 (0xfffffd806c28dec8) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5376 #3 uvm_map_pageable_all+0x53 sys/uvm/uvm_map.c:2406 #4 sys_mlockall+0x5d sys/uvm/uvm_mmap.c:890 #5 syscall+0x5e2 mi_syscall sys/sys/syscall_mi.h:110 [inline] #5 syscall+0x5e2 sys/arch/amd64/amd64/trap.c:625 #6 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10315 6674K 7451K 78643K 20698 0 pcb 13 18K 20K 78643K 1687 0 rtable 208 15K 16K 78643K 1805 0 ifaddr 84 27K 29K 78643K 675 0 sysctl 2 0K 0K 78643K 2 0 counters 58 35K 36K 78643K 514 0 ioctlops 0 0K 4K 78643K 1987 0 iov 0 0K 36K 78643K 6687 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1481 93K 93K 78643K 6211 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 46 0 VM map 2 1K 1K 78643K 2 0 sem 12 1K 1K 78643K 18 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 15 53K 86K 78643K 6522 0 sigio 0 0K 0K 78643K 91 0 proc 71 91K 128K 78643K 1563 0 subproc 117 7K 7K 78643K 435 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 381 0 in_multi 79 5K 7K 78643K 556 0 ether_multi 1 0K 0K 78643K 30 0 mrt 1 0K 0K 78643K 36 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 229 1023K 1023K 78643K 229 0 exec 0 0K 1K 78643K 1828 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 359 103K 117K 78643K 36319 0 UVM aobj 131 7K 7K 78643K 142 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 145 0 NDP 15 0K 1K 78643K 215 0 temp 146 5779K 6803K 78643K 105089 0 kqueue 12 18K 26K 78643K 604 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 550 0 547 6 5 1 3 0 8 0 rtentry 112 503 0 414 4 1 3 4 0 8 0 unpcb 144 5377 0 5362 57 53 4 6 0 8 3 syncache 296 34 0 34 11 11 0 1 0 8 0 sackhl 24 1 0 1 1 1 0 1 0 8 0 tcpqe 32 930 0 930 5 5 0 2 0 8 0 tcpcb 776 2226 0 2221 74 67 7 11 0 8 6 arp 120 76 0 59 1 0 1 1 0 8 0 inpcb 368 7445 0 7434 108 98 10 17 0 8 8 nd6 48 112 0 91 1 0 1 1 0 8 0 pkpcb 40 4 0 4 1 1 0 1 0 8 0 kcovpl 48 33 0 24 1 0 1 1 0 8 0 mppekey 1024 16 0 16 6 6 0 1 0 8 0 ppxss 1256 138 0 138 12 12 0 1 0 8 0 pppxif 1456 94 0 94 7 7 0 1 0 8 0 pfstscr 40 77 0 77 8 7 1 1 0 8 1 pffrag 232 65 0 61 1 0 1 1 0 482 0 pffrnode 88 63 0 59 1 0 1 1 0 8 0 pffrent 40 153 0 149 2 1 1 1 0 8 0 pfosfp 40 1434 0 1009 5 0 5 5 0 8 0 pfosfpen 112 1434 0 718 21 0 21 21 0 8 0 pfanchor 1280 840 3 328 47 4 43 43 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfqueue 264 9 0 9 2 2 0 1 0 8 0 pfstitem 24 107 0 105 1 0 1 1 0 8 0 pfstkey 128 223 0 219 2 1 1 2 0 8 0 pfstate 384 158 0 156 5 4 1 4 0 8 0 pfrule 1344 21 0 20 2 1 1 2 0 8 0 rttmr 136 7 0 7 3 3 0 1 0 8 0 art_heap8 4096 2 0 1 2 1 1 2 0 8 0 art_heap4 256 2261 0 1904 47 20 27 29 0 8 0 art_table 32 2263 0 1905 4 0 4 4 0 8 0 art_node 16 498 0 421 1 0 1 1 0 8 0 sysvmsgpl 40 10 0 6 1 0 1 1 0 8 0 semupl 112 5 0 5 2 2 0 1 0 8 0 semapl 112 10 0 0 1 0 1 1 0 8 0 shmpl 112 139 0 11 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 11384 0 9893 95 1 94 94 0 8 0 ffsino 272 11384 0 9893 100 0 100 100 0 8 0 nchpl 144 21190 0 19533 63 0 63 63 0 8 0 uvmvnodes 80 5929 0 0 121 0 121 121 0 8 0 vnodes 216 5929 0 0 330 0 330 330 0 8 0 namei 1024 77402 0 77402 5 4 1 2 0 8 1 percpumem 16 270 0 228 1 0 1 1 0 8 0 vmpool 696 16 0 16 5 4 1 1 0 8 1 kstatmem 264 282 0 252 3 0 3 3 0 8 0 scsiplug 72 12 0 12 3 3 0 1 0 8 0 scxspl 216 74404 0 74404 16 15 1 8 0 8 1 plimitpl 152 1094 0 1076 1 0 1 1 0 8 0 sigapl 424 6791 0 6744 9 3 6 7 0 8 0 futexpl 64 64136 0 64133 3 2 1 1 0 8 0 knotepl 120 593 0 0 14 0 14 14 0 8 0 kqueuepl 216 1221 0 1213 19 18 1 5 0 8 0 pipepl 320 1905 0 1875 43 35 8 10 0 8 5 fdescpl 496 6773 0 6745 7 2 5 5 0 8 0 filepl 152 53828 0 53560 85 67 18 21 0 8 6 lockfpl 104 11086 0 11078 16 14 2 3 0 8 1 lockfspl 48 2031 0 2027 1 0 1 1 0 8 0 sessionpl 144 52 0 34 1 0 1 1 0 8 0 pgrppl 48 92 0 74 1 0 1 1 0 8 0 ucredpl 104 5935 0 5919 1 0 1 1 0 8 0 zombiepl 144 6745 0 6744 2 1 1 1 0 8 0 processpl 1072 6791 0 6744 5 1 4 4 0 8 0 procpl 696 18839 0 18770 11 3 8 9 0 8 0 srpgc 96 44 0 44 12 12 0 1 0 8 0 sosppl 168 90 0 90 13 13 0 1 0 8 0 sockpl 488 13389 0 13363 286 274 12 29 0 8 8 mcl64k 65536 17 0 0 3 0 3 3 0 8 0 mcl16k 16384 17 0 0 3 0 3 3 0 8 0 mcl12k 12288 25 0 0 2 0 2 2 0 8 0 mcl9k 9216 13 0 0 1 0 1 1 0 8 0 mcl8k 8192 34 0 0 5 2 3 3 0 8 0 mcl4k 4096 25 0 0 3 0 3 3 0 8 0 mcl2k2 2112 6 0 0 1 0 1 1 0 8 0 mcl2k 2048 457 0 0 55 4 51 55 0 8 0 mtagpl 96 335 0 0 5 0 5 5 0 8 0 mbufpl 256 1456 0 0 72 0 72 72 0 8 0 bufpl 288 15656 0 9331 452 0 452 452 0 8 0 anonpl 24 1020162 0 1001260 296 170 126 191 0 186 0 amapchunkpl 152 88405 0 87378 116 69 47 72 0 158 3 amappl16 200 17394 0 16833 105 72 33 42 0 8 2 amappl15 192 18 0 17 1 0 1 1 0 8 0 amappl14 184 251 0 236 2 1 1 2 0 8 0 amappl13 176 7 0 7 1 1 0 1 0 8 0 amappl12 168 732 0 730 1 0 1 1 0 8 0 amappl11 160 51 0 37 1 0 1 1 0 8 0 amappl10 152 81 0 70 1 0 1 1 0 8 0 amappl9 144 987 0 985 1 0 1 1 0 8 0 amappl8 136 447 0 351 6 2 4 4 0 8 0 amappl7 128 234 0 206 2 1 1 2 0 8 0 amappl6 120 348 0 327 2 1 1 2 0 8 0 amappl5 112 335 0 326 1 0 1 1 0 8 0 amappl4 104 883 0 851 3 2 1 2 0 8 0 amappl3 96 8114 0 8074 2 0 2 2 0 8 0 amappl2 88 7763 0 7678 6 4 2 4 0 8 0 amappl1 80 238536 0 237615 38 15 23 28 0 8 0 amappl 88 34007 0 33815 7 1 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 141 0 11 3 0 3 3 0 8 0 uaddrrnd 24 6789 0 6761 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6789 0 6761 1 0 1 1 0 8 0 vmmpekpl 168 59182 0 59109 4 0 4 4 0 8 0 vmmpepl 168 700180 0 697215 233 86 147 153 0 357 0 vmsppl 440 6788 0 6761 7 3 4 5 0 8 0 rwobjpl 56 226120 0 218123 125 9 116 117 0 8 0 pdppl 4096 13585 0 13522 392 321 71 81 0 8 8 pvpl 32 2446847 0 2422206 565 349 216 366 0 265 0 pmappl 248 6788 0 6761 3 1 2 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1366 0 471 26 0 26 26 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace tcp_update_sndspace(ffff800000cde308) at tcp_update_sndspace+0x1e1 sys/netinet/tcp_usrreq.c:1514 tcp_output(ffff800000cde308) at tcp_output+0x23c8 sys/netinet/tcp_output.c:993 tcp_connect(fffffd806f4c9008,fffffd80755fb500) at tcp_connect+0x348 sys/netinet/tcp_usrreq.c:679 sys_connect(ffff800022d28b28,ffff80002e43fa28,ffff80002e43fa70) at sys_connect+0x203 sys/kern/uipc_syscalls.c:422 syscall(ffff80002e43faf0) at syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline] syscall(ffff80002e43faf0) at syscall+0x606 sys/arch/amd64/amd64/trap.c:625 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9e7f2df4c60, count: -6 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800020d68ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 end of kernel end trace frame: 0x7f7ffffbf2d0, count: -3