kernel: double fault trap, code=0 Stopped at restore_saved+0x32: xorq 0x30(%rsp),%r11 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace end trace frame: 0x0, count: -1 ddb{0}> show registers rdi 0xffffffff832cb000 end+0x2cb000 rsi 0xffff80002bcd54a8 rbp 0 rbx 0 rdx 0 rcx 0xfffffd806ae07e98 rax 0x1b r8 0x22 r9 0 r10 0xa7551c9478a79e70 r11 0x89ece97530760406 r12 0xffff80002bcd54a8 r13 0xffff800038cd4000 r14 0 r15 0xffff80002bceb238 rip 0xffffffff820301dc restore_saved+0x32 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0 ss 0 restore_saved+0x32: xorq 0x30(%rsp),%r11 ddb{0}> show proc PROC (syz-executor.6) tid=270152 pid=23522 tcnt=4 stat=onproc flags process=8001010 proc=4080080 runpri=32, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80002bcd4028 scnt=3 ecnt=1 forw=0xffffffffffffffff, list=0xffff80002bcec558,0xffff8000ffff62b8 process=0xffff80002a292cc8 user=0xffff800038cd4000, vmspace=0xfffffd806eed9a58 estcpu=34, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 54851 323630 32684 0 2 0x8000002 syz-executor.3 77223 248412 29639 0 2 0x8000000 syz-executor.0 77223 359285 29639 0 3 0xc000080 pipewr syz-executor.0 77223 98184 29639 0 3 0xc000080 sbwait syz-executor.0 77223 35444 29639 0 3 0xc000080 fsleep syz-executor.0 35283 412449 90075 0 3 0x8000080 nanoslp syz-executor.1 35283 143749 90075 0 3 0xc000080 sbwait syz-executor.1 35283 215868 90075 0 3 0xc000000 inode syz-executor.1 35283 400440 90075 0 3 0xc000080 fsleep syz-executor.1 23522 259390 50674 0 3 0x8003010 suspend syz-executor.6 23522 426149 50674 0 2 0xc081090 syz-executor.6 23522 118802 50674 0 2 0xc081090 syz-executor.6 *23522 270152 50674 0 7 0xc081090 syz-executor.6 9992 384052 96971 0 3 0x8000080 nanoslp syz-executor.5 9992 427976 96971 0 3 0xc000080 sbwait syz-executor.5 9992 512816 96971 0 3 0xc000080 fsleep syz-executor.5 29639 231356 32684 0 3 0x8000082 nanoslp syz-executor.0 58434 287032 32684 0 2 0x8000002 syz-executor.4 50933 460160 1 0 3 0x18100083 ttyin getty 96971 339183 32684 0 3 0x8000082 nanoslp syz-executor.5 58318 67435 32684 0 3 0x8000082 nanoslp syz-executor.2 90075 414749 32684 0 3 0x8000082 nanoslp syz-executor.1 50674 489068 32684 0 3 0x8000082 nanoslp syz-executor.6 90810 175162 32684 0 3 0x8000082 piperd syz-executor.7 83991 70437 0 0 3 0x14280 nfsidl nfsio 32606 72183 0 0 3 0x14280 nfsidl nfsio 55878 445253 0 0 3 0x14280 nfsidl nfsio 63875 93623 0 0 3 0x14280 nfsidl nfsio 36820 49017 0 0 3 0x14280 nfsidl nfsio 43216 32418 0 0 3 0x14280 nfsidl nfsio 39142 66146 0 0 3 0x14280 nfsidl nfsio 19309 273258 0 0 3 0x14280 nfsidl nfsio 83841 351602 0 0 3 0x14280 nfsidl nfsio 86059 425178 0 0 3 0x14280 nfsidl nfsio 75186 126858 0 0 3 0x14280 nfsidl nfsio 78915 336290 0 0 3 0x14280 nfsidl nfsio 95648 270285 0 0 3 0x14280 nfsidl nfsio 48135 228721 0 0 3 0x14280 nfsidl nfsio 49603 436757 0 0 3 0x14280 nfsidl nfsio 80546 401987 0 0 3 0x14280 nfsidl nfsio 54054 229775 0 0 3 0x14280 nfsidl nfsio 35591 268945 0 0 3 0x14280 nfsidl nfsio 9996 319265 0 0 3 0x14280 nfsidl nfsio 22904 225557 0 0 3 0x14280 nfsidl nfsio 31693 21057 0 0 3 0x14200 bored sosplice 85814 450502 1 0 3 0x8000080 fsleep syz-executor.6 85814 130750 1 0 3 0xc000080 sbwait syz-executor.6 71342 520664 17813 0 3 0x18100082 netio ndp 17813 389280 1 0 3 0x810008a sigsusp sh 32684 49712 47749 0 3 0x1a000082 wait syz-fuzzer 32684 139242 47749 0 3 0x1e000082 nanoslp syz-fuzzer 32684 269293 47749 0 3 0x1e000082 wait syz-fuzzer 32684 422865 47749 0 3 0x1e000082 thrsleep syz-fuzzer 32684 68388 47749 0 2 0x1e000002 syz-fuzzer 32684 192606 47749 0 3 0x1e000082 thrsleep syz-fuzzer 32684 58764 47749 0 3 0x1e000082 thrsleep syz-fuzzer 32684 317555 47749 0 3 0x1e000082 wait syz-fuzzer 32684 153997 47749 0 3 0x1e000082 thrsleep syz-fuzzer 32684 166558 47749 0 2 0x1e000002 syz-fuzzer 32684 136014 47749 0 3 0x1e000082 thrsleep syz-fuzzer 32684 30501 47749 0 3 0x1e000082 wait syz-fuzzer 32684 249611 47749 0 3 0x1e000082 wait syz-fuzzer 32684 123508 47749 0 3 0x1e000082 wait syz-fuzzer 32684 458512 47749 0 3 0x1e000082 wait syz-fuzzer 32684 517342 47749 0 3 0x1e000082 wait syz-fuzzer 47749 82770 18454 0 3 0x810008a sigsusp ksh 18454 359799 97222 0 3 0x1800009a kqread sshd 97222 60027 1 0 3 0x18000088 kqread sshd 52116 371701 516 73 3 0x19100090 kqread syslogd 516 320819 1 0 3 0x18100082 sbwait syslogd 47623 493598 1 0 3 0x18100080 kqread resolvd 27228 52480 84424 77 3 0x18100092 kqread dhcpleased 70856 293656 84424 77 3 0x18100092 kqread dhcpleased 84424 322138 1 0 3 0x18000080 kqread dhcpleased 53621 389150 0 0 3 0x14200 bored smr 64760 16893 0 0 2 0x14200 zerothread 5155 456607 0 0 3 0x14200 aiodoned aiodoned 29319 396526 0 0 3 0x14200 syncer update 39035 190237 0 0 3 0x14200 cleaner cleaner 69907 223748 0 0 3 0x14200 reaper reaper 16519 289999 0 0 3 0x14200 pgdaemon pagedaemon 90243 158894 0 0 3 0x14200 bored viomb 63988 490899 0 0 3 0x40014200 acpi0 acpi0 83132 431983 0 0 3 0x40014200 idle1 84 194953 0 0 3 0x14200 bored softnet3 55087 492263 0 0 3 0x14200 bored softnet2 91624 490422 0 0 3 0x14200 bored softnet1 29406 335174 0 0 3 0x14200 bored softnet0 71585 204389 0 0 3 0x14200 bored systqmp 27078 246592 0 0 3 0x14200 bored systq 77602 152401 0 0 3 0x14200 tmoslp softclockmp 8717 499142 0 0 3 0x40014200 tmoslp softclock 68586 147819 0 0 3 0x40014200 idle0 1 480846 0 0 3 0x8080082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks CPU 0: exclusive sched_lock &sched_lock r = 0 (0xffffffff82e9a030) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 preempt+0x3a sys/kern/sched_bsd.c:340 #2 ast+0x10b mi_ast sys/sys/syscall_mi.h:262 [inline] #2 ast+0x10b sys/arch/amd64/amd64/trap.c:541 #3 intr_user_exit+0x3c Process 35283 (syz-executor.1) thread 0xffff80002bcea7f8 (143749) exclusive rrwlock inode r = 0 (0xfffffd8073a98d68) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 rw_enter+0x32d sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524 #4 ufs_ihashins+0x46 #5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1230 #6 ufs_lookup+0x1113 sys/ufs/ufs/ufs_lookup.c:573 #7 VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 #8 vfs_lookup+0x6f8 sys/kern/vfs_lookup.c:566 #9 namei+0x56a sys/kern/vfs_lookup.c:250 #10 vn_open+0x101 sys/kern/vfs_vnops.c:140 #11 vndioctl+0x988 sys/dev/vnd.c:457 #12 VOP_IOCTL+0x9a sys/kern/vfs_vops.c:264 #13 vn_ioctl+0xc0 sys/kern/vfs_vnops.c:525 #14 sys_ioctl+0x4a9 #15 syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline] #15 syscall+0x8cf sys/arch/amd64/amd64/trap.c:577 #16 Xsyscall+0x128 Process 35283 (syz-executor.1) thread 0xffff80002bcd4cf8 (215868) exclusive rrwlock inode r = 0 (0xfffffd80689892c8) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 rw_enter+0x32d sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524 #4 vn_lock+0x85 sys/kern/vfs_vnops.c:564 #5 vfs_lookup+0xd3 sys/kern/vfs_lookup.c:418 #6 namei+0x56a sys/kern/vfs_lookup.c:250 #7 uipc_bind+0x221 sys/kern/uipc_usrreq.c:363 #8 sys_bind+0x1c9 sys/kern/uipc_syscalls.c:189 #9 syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline] #9 syscall+0x8cf sys/arch/amd64/amd64/trap.c:577 #10 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10218 6936K 7074K 166960K 14705 0 pcb 18 12K 12K 166960K 306 0 rtable 213 6K 7K 166960K 1164 0 pf 30 9K 10K 166960K 141 0 ifaddr 40 14K 15K 166960K 159 0 ifgroup 53 2K 2K 166960K 219 0 sysctl 4 1K 1K 166960K 8 0 counters 64 36K 37K 166960K 154 0 ioctlops 0 0K 4K 166960K 1581 0 iov 0 0K 20K 166960K 105 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1402 88K 88K 166960K 3172 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 14K 166960K 54 0 VM map 2 1K 1K 166960K 2 0 sem 13 3K 3K 166960K 19 0 dirhash 12 2K 3K 166960K 69 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 17 61K 85K 166960K 2109 0 sigio 0 0K 0K 166960K 39 0 proc 58 79K 103K 166960K 1192 0 subproc 129 8K 8K 166960K 376 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 285 0 in_multi 80 6K 7K 166960K 372 0 ether_multi 1 0K 0K 166960K 12 0 mrt 0 0K 0K 166960K 8 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 127 572K 572K 166960K 127 0 exec 0 0K 1K 166960K 897 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 302 104K 160K 166960K 20069 0 UVM aobj 100 5K 6K 166960K 106 0 pinsyscall 38 76K 100K 166960K 3831 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 140 0 NDP 11 0K 1K 166960K 112 0 temp 80 6820K 7316K 166960K 53051 0 kqueue 12 18K 27K 166960K 376 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 268 0 264 1 0 1 1 0 8 0 rtentry 112 387 0 291 4 1 3 4 0 8 0 unpcb 144 1427 0 1399 7 5 2 2 0 8 0 syncache 336 17 0 17 5 4 1 1 0 8 1 sackhl 24 1 0 1 1 1 0 1 0 8 0 tcpqe 32 52 1 52 1 1 0 1 0 8 0 tcpcb 808 576 0 571 9 7 2 2 0 8 1 arp 120 69 0 52 1 0 1 1 0 8 0 inpcb 384 1980 0 1968 8 5 3 3 0 8 1 nd6 136 98 0 78 1 0 1 1 0 8 0 pkpcb 40 14 0 14 7 6 1 1 0 8 1 kcovpl 48 28 0 19 1 0 1 1 0 8 0 ppxss 1168 12 0 12 10 9 1 1 0 8 1 pffrag 232 14 0 11 1 0 1 1 0 482 0 pffrnode 88 13 0 10 1 0 1 1 0 8 0 pffrent 40 275 0 272 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 150 0 130 1 0 1 1 0 8 0 pfstkey 128 150 0 130 2 0 2 2 0 8 0 pfstate 376 150 0 130 7 3 4 5 0 8 0 pfrule 1344 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1412 0 1019 38 10 28 29 0 8 0 art_table 32 1413 0 1019 4 0 4 4 0 8 0 art_node 16 379 0 292 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 4 2 1 1 1 0 8 0 semapl 112 15 0 4 1 0 1 1 0 8 0 shmpl 112 103 0 6 3 0 3 3 0 8 0 dirhash 1024 55 0 38 3 0 3 3 0 8 0 dino2pl 256 4774 0 3255 96 0 96 96 0 8 0 ffsino 272 4774 0 3255 102 0 102 102 0 8 0 nchpl 144 8013 0 7393 67 40 27 67 0 8 0 uvmvnodes 80 6171 0 0 126 0 126 126 0 8 0 vnodes 216 6171 0 0 343 0 343 343 0 8 0 namei 1024 28527 0 28526 3 2 1 2 0 8 0 percpumem 16 91 0 45 1 0 1 1 0 8 0 vcpupl 3904 7 0 2 2 1 1 1 0 8 0 vmpool 696 14 0 9 2 1 1 1 0 8 0 kstatmem 264 112 0 90 2 0 2 2 0 8 0 scsiplug 72 6 0 6 5 5 0 1 0 8 0 scxspl 216 47620 0 47620 16 15 1 8 1 8 1 plimitpl 152 355 0 337 1 0 1 1 0 8 0 sigapl 424 2411 0 2343 9 0 9 9 0 8 0 futexpl 64 41605 0 41598 2 1 1 1 0 8 0 knotepl 120 684 0 0 17 0 17 17 0 8 0 kqueuepl 216 691 0 683 1 0 1 1 0 8 0 pipepl 320 461 0 428 3 0 3 3 0 8 0 fdescpl 496 2371 0 2343 6 1 5 5 0 8 0 filepl 152 15088 0 14790 16 3 13 13 0 8 0 lockfpl 104 720 0 716 1 0 1 1 0 8 0 lockfspl 48 324 0 320 1 0 1 1 0 8 0 sessionpl 144 44 0 27 1 0 1 1 0 8 0 pgrppl 48 72 0 55 1 0 1 1 0 8 0 ucredpl 104 2657 0 2643 1 0 1 1 0 8 0 zombiepl 144 2345 0 2343 1 0 1 1 0 8 0 processpl 1144 2411 0 2343 6 0 6 6 0 8 0 procpl 656 4413 0 4317 10 1 9 9 0 8 0 srpgc 96 25 0 25 6 5 1 1 0 8 1 sosppl 168 5 0 5 3 3 0 1 0 8 0 sockpl 664 3702 0 3658 10 5 5 5 0 8 1 mcl64k 65536 8 0 0 1 0 1 1 0 8 0 mcl16k 16384 4 0 0 1 0 1 1 0 8 0 mcl12k 12288 4 0 0 1 0 1 1 0 8 0 mcl9k 9216 4 0 0 1 0 1 1 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 6 0 0 1 0 1 1 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 329 0 0 41 0 41 41 0 8 0 mtagpl 96 22 0 0 1 0 1 1 0 8 0 mbufpl 256 924 0 0 57 1 56 57 0 8 0 bufpl 280 11956 0 4231 552 0 552 552 0 8 0 anonpl 24 449772 0 443495 144 79 65 93 0 186 1 amapchunkpl 152 65625 0 64922 86 44 42 47 0 158 8 amappl16 200 11202 0 11075 90 70 20 21 0 8 8 amappl15 192 27 0 27 2 2 0 1 0 8 0 amappl14 184 234 0 219 2 1 1 2 0 8 0 amappl13 176 24 0 24 2 2 0 1 0 8 0 amappl12 168 3414 0 3383 3 1 2 2 0 8 0 amappl11 160 51 0 41 1 0 1 1 0 8 0 amappl10 152 62 0 52 1 0 1 1 0 8 0 amappl9 144 126 0 126 2 2 0 1 0 8 0 amappl8 136 329 0 290 2 0 2 2 0 8 0 amappl7 128 78 0 63 1 0 1 1 0 8 0 amappl6 120 665 0 646 2 0 2 2 0 8 0 amappl5 112 252 0 240 1 0 1 1 0 8 0 amappl4 104 754 0 716 3 1 2 3 0 8 0 amappl3 96 12927 0 12841 4 1 3 4 0 8 0 amappl2 88 2824 0 2752 4 2 2 4 0 8 0 amappl1 80 17054 0 16537 22 10 12 22 0 8 0 amappl 88 19208 0 19002 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 105 0 6 2 0 2 2 0 8 0 uaddrrnd 24 2385 0 2352 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2385 0 2352 1 0 1 1 0 8 0 vmmpekpl 168 19667 0 19584 4 0 4 4 0 8 0 vmmpepl 168 166378 0 164475 161 58 103 115 0 357 1 vmsppl 440 2384 0 2352 6 1 5 5 0 8 0 rwobjpl 56 51912 0 44487 117 9 108 108 0 8 1 pdppl 4096 4777 0 4709 214 137 77 80 0 8 9 pvpl 32 49169 0 0 398 1 397 397 0 265 0 pmappl 248 2384 0 2352 4 1 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 586 0 172 12 0 12 12 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace end trace frame: 0x0, count: -1 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800029cebff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff82e99e28) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82e99e28) at __mp_lock+0x122 sys/kern/kern_lock.c:147 exit1(ffff80002bceb4c8,0,0,3) at exit1+0x9ab sys/kern/kern_exit.c:332 single_thread_check_locked(ffff80002bceb4c8,0) at single_thread_check_locked+0x21c sys/kern/kern_sig.c:2068 userret(ffff80002bceb4c8) at userret+0x6f single_thread_check sys/kern/kern_sig.c:2112 [inline] userret(ffff80002bceb4c8) at userret+0x6f sys/kern/kern_sig.c:2022 syscall(ffff800038caf0e0) at syscall+0x765 mi_syscall_return sys/sys/syscall_mi.h:207 [inline] syscall(ffff800038caf0e0) at syscall+0x765 sys/arch/amd64/amd64/trap.c:598 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x623f3501980, count: -9