kernel: protection fault trap, code=0 Stopped at bpfdetach+0x40: movq 0(%r15),%r12 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace bpfdetach(ffff800001466000) at bpfdetach+0x40 sys/net/bpf.c:1778 if_detach(ffff800001466000) at if_detach+0x153 sys/net/if.c:1200 tun_clone_destroy(ffff800001466000) at tun_clone_destroy+0x2aa sys/net/if_tun.c:346 if_clone_destroy(ffff80003c9e3380) at if_clone_destroy+0x1d7 sys/net/if.c:1389 sys_ioctl(ffff80003c996cf8,ffff80003c9e3560,ffff80003c9e34b0) at sys_ioctl+0x5bf syscall(ffff80003c9e3560) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbd06cededd0, count: -7 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003c9e3270 rbx 0xffff80003c9e3560 rdx 0 rcx 0xffffffff837afff0 cpu_info_full_primary+0x1ff0 rax 0xffff80003c996cf8 r8 0 r9 0 r10 0xd9e1eac3bc0bcbb9 r11 0x9b47ba27924fa06b r12 0xdeaf0002deafbead r13 0x800 r14 0xffff800001466000 r15 0xdeaf0002deafbead rip 0xffffffff82737a10 bpfdetach+0x40 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c9e3240 ss 0 bpfdetach+0x40: movq 0(%r15),%r12 ddb> show proc PROC (syz-executor) tid=77462 pid=93870 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c9979c8,0xffff80002a8002b8 process=0xffff800035d26730 user=0xffff80003c9de000, vmspace=0xfffffd806c096b50 estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 55596 211943 69001 0 2 0 syz-executor 55596 66835 69001 0 3 0x4000080 fsleep syz-executor 90963 23282 76658 0 2 0 syz-executor 90963 125710 76658 0 3 0x4000080 fsleep syz-executor 66789 188618 76907 0 2 0 syz-executor 66789 454143 76907 0 3 0x4000080 sbwait syz-executor 93870 50606 8677 0 2 0 syz-executor *93870 77462 8677 0 7 0x4000000 syz-executor 93870 20269 8677 0 2 0x4000000 syz-executor 93870 317601 8677 0 2 0x4000000 syz-executor 57949 94175 97960 0 2 0 syz-executor 57949 494637 97960 0 3 0x4000080 fsleep syz-executor 76978 211934 84584 0 2 0 syz-executor 76978 121644 84584 0 2 0x4000000 syz-executor 76978 71157 84584 0 2 0x4000000 syz-executor 77096 268830 0 0 3 0x14200 bored sosplice 69001 303888 67586 0 3 0x82 nanoslp syz-executor 8677 423543 67586 0 3 0x82 nanoslp syz-executor 76658 176922 67586 0 3 0x82 nanoslp syz-executor 55188 441744 67586 0 2 0x2 syz-executor 97960 395334 67586 0 3 0x82 nanoslp syz-executor 26135 130714 67586 0 3 0x82 nanoslp syz-executor 84584 412476 67586 0 3 0x82 nanoslp syz-executor 76907 188829 67586 0 3 0x82 nanoslp syz-executor 67586 244747 94872 0 3 0x82 kqread syz-executor 94872 339045 44987 0 3 0x10008a sigsusp ksh 44987 208340 20793 0 3 0x98 kqread sshd-session 20793 295007 5338 0 3 0x92 kqread sshd-session 96100 280734 1 0 3 0x100083 ttyin getty 5338 424266 1 0 3 0x88 kqread sshd 53948 363554 4026 73 3 0x1100090 kqread syslogd 4026 392772 1 0 3 0x100082 sbwait syslogd 97348 28565 1 0 3 0x100080 kqread resolvd 26404 415353 97433 77 3 0x100092 kqread dhcpleased 19844 220290 97433 77 3 0x100092 kqread dhcpleased 97433 488214 1 0 3 0x80 kqread dhcpleased 71235 458354 0 0 3 0x14200 bored smr 18121 111741 0 0 2 0x14200 zerothread 11140 163048 0 0 3 0x14200 aiodoned aiodoned 16747 121846 0 0 3 0x14200 syncer update 74301 402055 0 0 3 0x14200 cleaner cleaner 89564 491796 0 0 2 0x14200 reaper 15774 205621 0 0 3 0x14200 pgdaemon pagedaemon 87838 442297 0 0 3 0x14200 bored viomb 34983 447941 0 0 3 0x40014200 acpi0 acpi0 9843 332033 0 0 3 0x14200 bored softnet3 41275 275836 0 0 3 0x14200 bored softnet2 93254 382345 0 0 3 0x14200 bored softnet1 40617 107786 0 0 3 0x14200 bored softnet0 53207 316299 0 0 3 0x14200 bored systqmp 56058 205043 0 0 3 0x14200 bored systq 30584 176903 0 0 3 0x40014200 tmoslp softclock 16645 154442 0 0 3 0x40014200 idle0 1 248059 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10178 11107K 11493K 166960K 12205 0 pcb 19 16K 18K 166960K 164 0 rtable 224 9K 9K 166960K 449 0 pf 31 13K 20K 166960K 77 0 ifaddr 41 7K 8K 166960K 73 0 ifgroup 50 2K 2K 166960K 107 0 sysctl 4 1K 1K 166960K 4 0 counters 30 17K 17K 166960K 62 0 ioctlops 0 0K 4K 166960K 116 0 iov 1 0K 14K 166960K 73 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1395 88K 88K 166960K 1951 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 18 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 19 0 dirhash 12 2K 2K 166960K 30 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 236K 166960K 681 0 sigio 0 0K 0K 166960K 15 0 proc 60 59K 124K 166960K 519 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 280 0 in_multi 89 6K 7K 166960K 128 0 ether_multi 1 0K 0K 166960K 6 0 mrt 2 0K 0K 166960K 2 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 79 360K 360K 166960K 79 0 exec 0 0K 1K 166960K 530 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 219 72K 89K 166960K 7664 0 UVM aobj 28 2K 2K 166960K 32 0 pinsyscall 37 74K 96K 166960K 1705 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 29 0 NDP 11 0K 2K 166960K 46 0 temp 53 8678K 8756K 166960K 36414 0 kqueue 16 26K 32K 166960K 127 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 148 0 144 3 2 1 3 0 8 0 rtentry 128 135 0 36 4 0 4 4 0 8 0 unpcb 144 788 0 769 6 5 1 6 0 8 0 syncache 336 5 0 5 1 1 0 1 0 8 0 tcpqe 32 3 0 3 1 1 0 1 0 8 0 tcpcb 808 328 0 321 11 9 2 11 0 8 0 arp 88 24 0 2 1 0 1 1 0 8 0 ipq 40 2 0 1 2 1 1 1 0 8 0 ipqe 40 3 0 2 2 1 1 1 0 8 0 inpcb 344 807 0 793 10 8 2 10 0 8 0 nd6 104 27 0 5 1 0 1 1 0 8 0 pkpcb 40 6 0 6 1 1 0 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 25 0 25 2 1 1 1 0 8 1 pppxif 1384 5 0 5 2 1 1 1 0 8 1 pfstitem 24 3 0 0 1 0 1 1 0 8 0 pfstkey 128 4 0 1 1 0 1 1 0 8 0 pfstate 344 3 0 1 1 0 1 1 0 8 0 pfrule 1344 1 0 0 1 0 1 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 560 0 125 30 2 28 30 0 8 0 art_table 32 562 0 125 4 0 4 4 0 8 0 art_node 16 132 0 45 1 0 1 1 0 8 0 sysvmsgpl 40 9 0 3 1 0 1 1 0 8 0 semapl 112 17 0 7 1 0 1 1 0 8 0 shmpl 112 29 0 4 1 0 1 1 0 8 0 dirhash 1024 29 0 12 3 0 3 3 0 8 0 dino2pl 256 2664 0 1174 95 0 95 95 0 8 0 ffsino 248 2664 0 1174 95 0 95 95 0 8 0 nchpl 144 3619 0 1940 63 0 63 63 0 8 0 rtmask 32 4 0 4 2 1 1 1 0 8 1 uvmvnodes 80 3109 0 0 64 0 64 64 0 8 0 vnodes 216 3109 0 0 173 0 173 173 0 8 0 namei 1024 13631 0 13631 3 2 1 2 0 8 1 kstatmem 264 60 0 38 2 0 2 2 0 8 0 scxspl 216 13487 0 13487 8 7 1 8 1 8 1 plimitpl 152 163 0 146 1 0 1 1 0 8 0 sigapl 424 952 0 906 7 1 6 7 0 8 0 futexpl 64 8944 0 8940 1 0 1 1 0 8 0 knotepl 120 236458 0 236157 22 12 10 15 0 8 0 kqueuepl 184 307 0 295 4 3 1 4 0 8 0 pipepl 296 149 0 122 3 0 3 3 0 8 0 fdescpl 440 933 0 905 5 1 4 5 0 8 0 filepl 120 6488 0 6267 11 3 8 11 0 8 0 lockfpl 104 352 0 350 2 1 1 2 0 8 0 lockfspl 48 101 0 99 1 0 1 1 0 8 0 sessionpl 144 22 0 14 1 0 1 1 0 8 0 pgrppl 48 37 0 21 1 0 1 1 0 8 0 ucredpl 104 1000 0 989 1 0 1 1 0 8 0 zombiepl 144 946 0 945 1 0 1 1 0 8 0 processpl 1112 952 0 906 4 0 4 4 0 8 0 procpl 656 1809 0 1754 6 0 6 6 0 8 0 sosppl 168 3 0 3 1 1 0 1 0 8 0 sockpl 528 1825 0 1788 12 9 3 12 0 8 0 mcl64k 65536 13 0 13 2 1 1 1 0 8 1 mcl9k 9216 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 19 0 19 1 1 0 1 0 8 0 mcl4k 4096 3099 0 3048 14 7 7 14 0 8 0 mcl2k 2048 612 0 606 4 2 2 3 0 8 1 mtagpl 96 56 0 5 2 0 2 2 0 8 0 mbufpl 256 9648 0 9421 18 2 16 17 0 8 0 bufpl 280 4736 0 134 329 0 329 329 0 8 0 anonpl 24 160203 0 152915 70 6 64 70 0 187 0 amapchunkpl 152 25587 0 25037 44 5 39 39 0 158 16 amappl16 200 3317 0 3097 32 11 21 24 0 8 0 amappl15 192 11 0 11 1 1 0 1 0 8 0 amappl14 184 104 0 94 1 0 1 1 0 8 0 amappl13 176 4 0 4 1 1 0 1 0 8 0 amappl12 168 1553 0 1524 3 1 2 3 0 8 0 amappl11 160 46 0 35 1 0 1 1 0 8 0 amappl10 152 3 0 3 1 1 0 1 0 8 0 amappl9 144 252 0 252 1 1 0 1 0 8 0 amappl8 136 24 0 22 1 0 1 1 0 8 0 amappl7 128 95 0 85 1 0 1 1 0 8 0 amappl6 120 175 0 172 1 0 1 1 0 8 0 amappl5 112 112 0 106 1 0 1 1 0 8 0 amappl4 104 327 0 312 1 0 1 1 0 8 0 amappl3 96 4801 0 4691 4 0 4 4 0 8 0 amappl2 88 627 0 573 2 0 2 2 0 8 0 amappl1 80 9146 0 8618 13 1 12 13 0 8 0 amappl 88 7255 0 7084 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 31 0 4 1 0 1 1 0 8 0 uaddrrnd 24 933 0 904 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 933 0 904 1 0 1 1 0 8 0 vmmpekpl 168 8769 0 8731 3 0 3 3 0 8 0 vmmpepl 168 62310 0 60372 97 5 92 97 0 357 0 vmsppl 360 932 0 904 4 1 3 4 0 8 0 rwobjpl 32 22164 0 17980 34 0 34 34 0 8 0 pdppl 4096 1872 0 1808 104 38 66 82 0 8 2 pvpl 32 420215 0 406714 157 28 129 154 0 265 4 pmappl 216 932 0 904 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 291 0 67 8 0 8 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace bpfdetach(ffff800001466000) at bpfdetach+0x40 sys/net/bpf.c:1778 if_detach(ffff800001466000) at if_detach+0x153 sys/net/if.c:1200 tun_clone_destroy(ffff800001466000) at tun_clone_destroy+0x2aa sys/net/if_tun.c:346 if_clone_destroy(ffff80003c9e3380) at if_clone_destroy+0x1d7 sys/net/if.c:1389 sys_ioctl(ffff80003c996cf8,ffff80003c9e3560,ffff80003c9e34b0) at sys_ioctl+0x5bf syscall(ffff80003c9e3560) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbd06cededd0, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace bpfdetach(ffff800001466000) at bpfdetach+0x40 sys/net/bpf.c:1778 if_detach(ffff800001466000) at if_detach+0x153 sys/net/if.c:1200 tun_clone_destroy(ffff800001466000) at tun_clone_destroy+0x2aa sys/net/if_tun.c:346 if_clone_destroy(ffff80003c9e3380) at if_clone_destroy+0x1d7 sys/net/if.c:1389 sys_ioctl(ffff80003c996cf8,ffff80003c9e3560,ffff80003c9e34b0) at sys_ioctl+0x5bf syscall(ffff80003c9e3560) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbd06cededd0, count: -7