kernel: protection fault trap, code=0 Stopped at lf_advlock+0x2fa: incl 0x28(%r12) ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace lf_advlock(ffff80000160e4a0,0,ffff800039fee850,2,ffff80002efc9700,40) at lf_advlock+0x2fa ls_ref sys/kern/vfs_lockf.c:138 [inline] lf_advlock(ffff80000160e4a0,0,ffff800039fee850,2,ffff80002efc9700,40) at lf_advlock+0x2fa sys/kern/vfs_lockf.c:278 VOP_ADVLOCK(fffffd8067b257d8,ffff800039fee850,2,ffff80002efc9700,40) at VOP_ADVLOCK+0x87 sys/kern/vfs_vops.c:623 closef(fffffd805d17edc8,ffff8000fffee018) at closef+0x140 sys/kern/kern_descrip.c:-1 fdfree(ffff8000fffee018) at fdfree+0x116 sys/kern/kern_descrip.c:1195 exit1(ffff8000fffee018,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff8000fffee018,ffff80002efc9940,ffff80002efc9890) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80002efc9940) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002efc9940) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7b85e129b560, count: -8 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80002efc9650 rbx 0 rdx 0 rcx 0xffff8000fffee018 rax 0xffffffff83839ff0 cpu_info_full_primary+0x1ff0 r8 0xa0 r9 0 r10 0xcbf6f62d73063efe r11 0x60fca58ba3a07c40 r12 0xdead4110dead4110 r13 0x2 r14 0xffff80002efc9700 r15 0x1 rip 0xffffffff827783ba lf_advlock+0x2fa cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002efc95c0 ss 0x10 lf_advlock+0x2fa: incl 0x28(%r12) ddb{0}> show proc PROC (syz-executor) tid=179878 pid=71960 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=32, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff8000fffee018 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff8000fffeea78,0xffff8000fffefcb0 process=0xffff80003c41c9c8 user=0xffff80002efc4000, vmspace=0xfffffd8071230200 estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 69174 89400 32551 0 2 0 syz-executor 69174 485225 32551 0 2 0x4000000 syz-executor 54297 463795 21045 0 2 0 syz-executor 54297 39148 21045 0 2 0x4000000 syz-executor 54297 134891 21045 0 2 0x4000000 syz-executor 86314 485937 31302 0 2 0x2 ndp 18207 519478 20332 0 3 0x80 nanoslp syz-executor 18207 51900 20332 0 3 0x4000080 ttyretype syz-executor 18207 64034 20332 0 3 0x4000080 fsleep syz-executor 31302 84630 70879 0 3 0x10008a sigsusp sh 4407 114646 0 0 3 0x14280 nfsidl nfsio 45817 339335 0 0 3 0x14280 nfsidl nfsio 87069 343429 0 0 3 0x14280 nfsidl nfsio 11897 271918 0 0 3 0x14280 nfsidl nfsio 52257 200378 0 0 3 0x14200 acct acct 70879 78392 85043 0 3 0x82 wait syz-executor 31717 345716 30727 0 4 0x82000 syz-executor 31717 252807 30727 0 2 0x4082000 syz-executor 31717 111593 30727 0 4 0x4082000 syz-executor 31717 84263 30727 0 3 0x4082000 fltagain2 syz-executor 31717 115938 30727 0 3 0x4002000 suspend syz-executor 84224 69266 85043 0 2 0x2 syz-executor 29253 141893 85043 0 3 0x82 nanoslp syz-executor 32551 106482 85043 0 3 0x82 nanoslp syz-executor 21045 277420 85043 0 3 0x82 nanoslp syz-executor 30727 314422 85043 0 3 0x82 wait syz-executor 20332 7811 85043 0 3 0x82 nanoslp syz-executor 95417 42580 85043 0 2 0x2 syz-executor 85043 149031 23411 0 2 0x2 syz-executor 23411 445328 71415 0 3 0x10008a sigsusp ksh 71415 6136 30840 0 3 0x98 kqread sshd-session 30840 103147 92665 0 3 0x92 kqread sshd-session 307 231601 1 0 3 0x100083 ttyopn getty 92665 246289 1 0 3 0x88 kqread sshd 64323 254999 44094 74 3 0x1100092 bpf pflogd 44094 408312 1 0 3 0x80 sbwait pflogd 83907 71252 12711 73 3 0x1100090 kqread syslogd 12711 374001 1 0 3 0x100082 sbwait syslogd 62483 434270 1 0 3 0x100080 kqread resolvd 57694 155928 89226 77 3 0x100092 kqread dhcpleased 82810 500864 89226 77 3 0x100092 kqread dhcpleased 89226 165955 1 0 3 0x80 kqread dhcpleased 1622 135919 0 0 3 0x14200 bored smr 74053 471007 0 0 2 0x14200 zerothread 63766 126650 0 0 3 0x14200 aiodoned aiodoned 66070 266057 0 0 3 0x14200 syncer update 665 462833 0 0 3 0x14200 cleaner cleaner 37292 69357 0 0 3 0x14200 reaper reaper 67529 51166 0 0 3 0x14200 pgdaemon pagedaemon 20132 372646 0 0 3 0x14200 bored viomb 88009 226530 0 0 3 0x40014200 acpi0 acpi0 29244 363064 0 0 7 0x40014200 idle1 75016 2347 0 0 3 0x14200 bored softnet1 62131 464239 0 0 3 0x14200 bored softnet0 9332 42659 0 0 3 0x14200 bored systqmp 20508 498916 0 0 3 0x14200 bored systq 93596 141052 0 0 3 0x14200 tmoslp softclockmp 81414 286731 0 0 3 0x40014200 tmoslp softclock 75543 3971 0 0 3 0x40014200 idle0 1 505091 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks Process 86314 (ndp) thread 0xffff8000367e0d20 (485937) exclusive rwlock vmmaplk r = 0 (0xfffffd80712308b8) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 vm_map_lock_ln+0x12e sys/uvm/uvm_map.c:5165 #3 uvm_map+0x404 sys/uvm/uvm_map.c:1021 #4 uvm_mmapfile+0x40b sys/uvm/uvm_mmap.c:1139 #5 sys_mmap+0xe96 sys/uvm/uvm_mmap.c:396 #6 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #6 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:775 #7 Xsyscall+0x128 Process 31717 (syz-executor) thread 0xffff800039ffc020 (252807) exclusive rrwlock inode r = 0 (0xfffffd806c5c4580) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vn_write+0x18f sys/kern/vfs_vnops.c:405 #6 dofilewritev+0x242 sys/kern/sys_generic.c:380 #7 sys_write+0xa2 sys/kern/sys_generic.c:300 #8 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #8 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:775 #9 Xsyscall+0x128 Process 84224 (syz-executor) thread 0xffff8000fffee2b0 (69266) exclusive rrwlock inode r = 0 (0xfffffd806e853ca0) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 ufs_ihashins+0x4f ufs_ihash sys/ufs/ufs/ufs_ihash.c:-1 [inline] #4 ufs_ihashins+0x4f sys/ufs/ufs/ufs_ihash.c:159 #5 ffs_vget+0x187 sys/ufs/ffs/ffs_vfsops.c:1232 #6 ffs_inode_alloc+0x279 sys/ufs/ffs/ffs_alloc.c:393 #7 ufs_mkdir+0xfc sys/ufs/ufs/ufs_vnops.c:1112 #8 VOP_MKDIR+0x101 sys/kern/vfs_vops.c:394 #9 domkdirat+0x179 sys/kern/vfs_syscalls.c:3113 #10 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] #10 syscall+0xb17 sys/arch/amd64/amd64/trap.c:775 #11 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd806d303328) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vfs_lookup+0x11c sys/kern/vfs_lookup.c:-1 #6 namei+0x7ca sys/kern/vfs_lookup.c:250 #7 domkdirat+0x8b sys/kern/vfs_syscalls.c:3098 #8 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] #8 syscall+0xb17 sys/arch/amd64/amd64/trap.c:775 #9 Xsyscall+0x128 Process 95417 (syz-executor) thread 0xffff8000ffffc2a0 (42580) exclusive rwlock fdlock r = 0 (0xffff80002a26b508) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 doopenat+0x18e sys/kern/vfs_syscalls.c:1105 #3 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #3 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:775 #4 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11075 12158K 13965K 166960K 13958 0 pcb 17 14K 15K 166960K 199 0 rtable 236 8K 8K 166960K 462 0 pf 40 18K 82K 166960K 129 0 ifaddr 46 8K 8K 166960K 105 0 ifgroup 61 2K 3K 166960K 165 0 sysctl 4 1K 9K 166960K 14 0 counters 74 37K 38K 166960K 248 0 ioctlops 0 0K 4K 166960K 1598 0 iov 1 12K 30K 166960K 40 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1495 94K 95K 166960K 2185 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 17 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 71 0 dirhash 12 2K 2K 166960K 15 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 89K 166960K 775 0 sigio 0 0K 0K 166960K 6 0 proc 72 115K 164K 166960K 598 0 subproc 72 4K 4K 166960K 81 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 79 0 in_multi 102 7K 7K 166960K 156 0 ether_multi 1 0K 0K 166960K 6 0 mrt 1 0K 0K 166960K 8 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 470 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 239 160K 172K 166960K 9232 0 UVM aobj 33 4K 4K 166960K 36 0 pinsyscall 42 84K 106K 166960K 1967 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 2 0K 1K 166960K 78 0 NDP 15 0K 1K 166960K 69 0 temp 62 8684K 8939K 166960K 34864 0 kqueue 13 20K 30K 166960K 167 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 84 0 81 1 0 1 1 0 8 0 rtentry 176 142 0 39 6 0 6 6 0 8 0 unpcb 144 508 0 491 7 6 1 4 0 8 0 syncache 336 5 0 5 2 1 1 1 0 8 1 tcpcb 736 311 0 307 13 6 7 7 0 8 6 arp 136 21 0 2 1 0 1 1 0 8 0 inpcb 328 873 0 865 14 7 7 7 0 8 6 nd6 152 28 0 3 2 0 2 2 0 8 0 pkpcb 40 4 0 4 3 2 1 1 0 8 1 kcovpl 48 9 0 1 1 0 1 1 0 8 0 mppekey 1024 33 0 33 1 1 0 1 0 8 0 ppxss 1192 74 0 73 1 0 1 1 0 8 0 pppxif 1504 9 0 9 2 1 1 1 0 8 1 pffrag 232 5 0 0 1 0 1 1 0 482 0 pffrnode 88 5 0 0 1 0 1 1 0 8 0 pffrent 40 8 0 3 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 pfstitem 24 4 0 0 1 0 1 1 0 8 0 pfstkey 128 7 0 4 1 0 1 1 0 8 0 pfstate 448 4 0 2 1 0 1 1 0 8 0 pfrule 1360 1 0 1 1 0 1 1 0 8 1 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 678 0 220 32 3 29 31 0 8 0 art_table 40 679 0 220 5 0 5 5 0 8 0 art_node 32 142 0 51 1 0 1 1 0 8 0 sysvmsgpl 40 12 0 8 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 69 0 59 1 0 1 1 0 8 0 shmpl 112 32 0 3 1 0 1 1 0 8 0 dirhash 1024 19 0 2 3 0 3 3 0 8 0 dino2pl 256 2794 0 1288 96 1 95 96 0 8 0 ffsino 296 2794 0 1288 118 1 117 118 0 8 0 nchpl 144 3848 0 2141 64 0 64 64 0 8 0 rtmask 32 4 0 4 2 2 0 1 0 8 0 vnodes 216 3435 0 0 191 0 191 191 0 8 0 namei 1024 13007 0 13005 2 1 1 1 0 8 0 percpumem 16 139 0 87 1 0 1 1 0 8 0 vcpupl 3968 1 0 0 1 0 1 1 0 8 0 vmpool 848 1 0 0 1 0 1 1 0 8 0 kstatmem 264 100 0 70 3 0 3 3 0 8 1 scsiplug 72 2 0 2 2 1 1 1 0 8 1 scxspl 216 25444 0 25444 10 8 2 8 1 8 2 plimitpl 152 248 0 229 1 0 1 1 0 8 0 sigapl 424 1102 0 1050 8 1 7 7 0 8 0 knotepl 120 333 0 0 10 0 10 10 0 8 0 kqueuepl 224 433 0 423 9 4 5 5 0 8 4 pipepl 344 167 0 140 3 0 3 3 0 8 0 fdescpl 528 1077 0 1046 3 0 3 3 0 8 0 filepl 160 6768 0 6542 21 5 16 18 0 8 4 lockfpl 104 353 0 350 2 0 2 2 0 8 1 lockfspl 48 91 0 88 1 0 1 1 0 8 0 sessionpl 144 25 0 16 1 0 1 1 0 8 0 pgrppl 48 44 0 27 1 0 1 1 0 8 0 ucredpl 104 806 0 793 1 0 1 1 0 8 0 zombiepl 144 1385 0 1384 1 0 1 1 0 8 0 processpl 1232 1102 0 1050 6 1 5 5 0 8 0 procpl 664 2259 0 2198 6 0 6 6 0 8 0 sosppl 176 2 0 2 2 2 0 1 0 8 0 sockpl 752 1491 0 1463 21 11 10 11 0 8 7 mcl64k 65536 5 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 125 0 0 16 0 16 16 0 8 0 mcl2k 2048 23 0 0 3 0 3 3 0 8 0 mtagpl 96 8 0 0 1 0 1 1 0 8 0 mbufpl 256 192 0 0 12 0 12 12 0 8 0 bufpl 280 10554 0 4417 439 0 439 439 0 8 0 anonpl 32 17101 0 0 138 0 138 138 0 246 0 amapchunkpl 152 29899 0 29441 41 13 28 33 0 158 7 amappl16 200 4465 0 4208 42 26 16 32 0 8 1 amappl15 192 11 0 11 2 1 1 1 0 8 1 amappl14 184 19 0 19 1 1 0 1 0 8 0 amappl13 176 444 0 442 1 0 1 1 0 8 0 amappl12 168 1454 0 1413 3 0 3 3 0 8 0 amappl11 160 8 0 7 1 0 1 1 0 8 0 amappl10 152 47 0 33 1 0 1 1 0 8 0 amappl9 144 253 0 253 1 1 0 1 0 8 0 amappl8 136 44 0 42 1 0 1 1 0 8 0 amappl7 128 92 0 91 1 0 1 1 0 8 0 amappl6 120 305 0 291 1 0 1 1 0 8 0 amappl5 112 74 0 64 1 0 1 1 0 8 0 amappl4 104 435 0 405 1 0 1 1 0 8 0 amappl3 96 5133 0 5042 4 1 3 3 0 8 0 amappl2 88 1213 0 1133 2 0 2 2 0 8 0 amappl1 80 12526 0 11916 17 2 15 15 0 8 1 amappl 88 8367 0 8208 5 0 5 5 0 92 0 uvmvnodes 80 125 0 0 3 0 3 3 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 2 2 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 35 0 3 1 0 1 1 0 8 0 uaddrrnd 24 1077 0 1046 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1077 0 1046 1 0 1 1 0 8 0 vmmpekpl 168 10504 0 10462 4 1 3 3 0 8 0 vmmpepl 168 76038 0 73921 114 12 102 113 0 357 2 vmsppl 488 1076 0 1046 6 1 5 5 0 8 0 rwobjpl 80 23786 0 22446 36 7 29 35 0 8 0 pdppl 4096 2163 0 2093 114 38 76 83 0 8 6 pvpl 32 28404 0 0 230 1 229 229 0 265 0 pmappl 256 1077 0 1046 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 306 0 53 8 0 8 8 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace lf_advlock(ffff80000160e4a0,0,ffff800039fee850,2,ffff80002efc9700,40) at lf_advlock+0x2fa ls_ref sys/kern/vfs_lockf.c:138 [inline] lf_advlock(ffff80000160e4a0,0,ffff800039fee850,2,ffff80002efc9700,40) at lf_advlock+0x2fa sys/kern/vfs_lockf.c:278 VOP_ADVLOCK(fffffd8067b257d8,ffff800039fee850,2,ffff80002efc9700,40) at VOP_ADVLOCK+0x87 sys/kern/vfs_vops.c:623 closef(fffffd805d17edc8,ffff8000fffee018) at closef+0x140 sys/kern/kern_descrip.c:-1 fdfree(ffff8000fffee018) at fdfree+0x116 sys/kern/kern_descrip.c:1195 exit1(ffff8000fffee018,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff8000fffee018,ffff80002efc9940,ffff80002efc9890) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80002efc9940) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002efc9940) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7b85e129b560, count: -8 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224 sched_idle(ffff8000299ddff0) at sched_idle+0x391 sys/kern/kern_sched.c:191 end trace frame: 0x0, count: -5