kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace done_flush() at done_flush+0x38 vm_run(ffff8000344697f0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff8000344697f0,1,ffff80002f56e008) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd807e6521b0,c0205602,ffff8000344697f0,1,fffffd807f7d74e0,ffff80002f56e008) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806600a708,c0205602,ffff8000344697f0,ffff80002f56e008) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002f56e008,ffff800034469900,ffff800034469950) at sys_ioctl+0x49e syscall(ffff8000344699c0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbaf80a63f00, count: -8 ddb> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff8000329c6630 rbp 0xffff800034469540 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffffffffffc r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0x50ef8c45acef5b68 r11 0xc0565ecf083a3bf r12 0xffff8000329c63a8 r13 0xffff800034469476 r14 0xffff8000329c6000 r15 0x246 rip 0xffffffff81abd84b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff8000344693a6 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb> show proc PROC (syz-executor.7) tid=372214 pid=55108 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=81, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a6f9d50,0xffff80002f56faa8 process=0xffff80002a6fa010 user=0xffff800034464000, vmspace=0xfffffd8067ba1d10 estcpu=31, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 73343 404543 59800 0 2 0 syz-executor.2 73343 362259 59800 0 2 0x4000000 syz-executor.2 94015 8181 96030 0 2 0 syz-executor.1 94015 231736 96030 0 3 0x4000080 fsleep syz-executor.1 94015 256723 96030 0 3 0x4000080 fsleep syz-executor.1 14185 218501 74894 0 2 0 syz-executor.0 14185 357736 74894 0 3 0x4000080 fsleep syz-executor.0 65129 413533 97979 0 2 0 syz-executor.4 65129 11089 97979 0 3 0x4000080 fsleep syz-executor.4 55108 516049 43880 0 2 0 syz-executor.7 *55108 372214 43880 0 7 0x4000000 syz-executor.7 50431 313167 29634 0 2 0 syz-executor.3 50431 344286 29634 0 3 0x4000080 fsleep syz-executor.3 43880 242300 77799 0 3 0x82 nanoslp syz-executor.7 59800 322771 77799 0 3 0x82 nanoslp syz-executor.2 23440 137847 77799 0 3 0x82 nanoslp syz-executor.6 74894 334231 77799 0 3 0x82 nanoslp syz-executor.0 20256 499089 1 0 3 0x100083 ttyin getty 5302 517819 77799 0 3 0x82 nanoslp syz-executor.5 96030 151370 77799 0 3 0x82 nanoslp syz-executor.1 10764 65403 0 0 3 0x14280 nfsidl nfsio 47276 309771 0 0 3 0x14280 nfsidl nfsio 10817 151064 0 0 3 0x14280 nfsidl nfsio 45163 133577 0 0 3 0x14280 nfsidl nfsio 26527 87018 0 0 3 0x14280 nfsidl nfsio 63641 249682 0 0 3 0x14280 nfsidl nfsio 21844 344242 0 0 3 0x14280 nfsidl nfsio 2803 254800 0 0 3 0x14280 nfsidl nfsio 74819 109927 0 0 3 0x14280 nfsidl nfsio 94414 64213 0 0 3 0x14280 nfsidl nfsio 80597 498082 0 0 3 0x14280 nfsidl nfsio 95525 59261 0 0 3 0x14280 nfsidl nfsio 17407 401124 0 0 3 0x14280 nfsidl nfsio 39013 481173 0 0 3 0x14280 nfsidl nfsio 7744 409875 0 0 3 0x14280 nfsidl nfsio 54247 317866 0 0 3 0x14280 nfsidl nfsio 99858 274239 0 0 3 0x14280 nfsidl nfsio 92709 453456 0 0 3 0x14280 nfsidl nfsio 20334 305955 0 0 3 0x14280 nfsidl nfsio 65890 243776 0 0 3 0x14280 nfsidl nfsio 29634 481867 77799 0 3 0x82 nanoslp syz-executor.3 97979 181471 77799 0 3 0x82 nanoslp syz-executor.4 69616 240342 0 0 3 0x14200 bored sosplice 77799 325345 69089 0 3 0x2000082 wait syz-fuzzer 77799 501115 69089 0 3 0x6000082 thrsleep syz-fuzzer 77799 70063 69089 0 3 0x6000082 wait syz-fuzzer 77799 41137 69089 0 3 0x6000082 kqread syz-fuzzer 77799 386080 69089 0 3 0x6000082 thrsleep syz-fuzzer 77799 185 69089 0 3 0x6000082 wait syz-fuzzer 77799 499164 69089 0 3 0x6000082 wait syz-fuzzer 77799 89407 69089 0 3 0x6000082 thrsleep syz-fuzzer 77799 69434 69089 0 3 0x6000082 thrsleep syz-fuzzer 77799 103921 69089 0 3 0x6000082 wait syz-fuzzer 77799 405782 69089 0 3 0x6000082 thrsleep syz-fuzzer 77799 183485 69089 0 3 0x6000082 wait syz-fuzzer 77799 243198 69089 0 3 0x6000082 wait syz-fuzzer 77799 332004 69089 0 3 0x6000082 wait syz-fuzzer 69089 249197 31538 0 3 0x10008a sigsusp ksh 31538 228295 35596 0 3 0x9a kqread sshd 35596 367596 1 0 3 0x88 kqread sshd 38268 107665 6753 73 3 0x1100090 kqread syslogd 6753 91511 1 0 3 0x100082 netio syslogd 30652 340287 1 0 3 0x100080 kqread resolvd 63808 250963 7888 77 3 0x100092 kqread dhcpleased 64650 146122 7888 77 3 0x100092 kqread dhcpleased 7888 36252 1 0 3 0x80 kqread dhcpleased 82654 447949 0 0 3 0x14200 bored smr 86356 313653 0 0 2 0x14200 zerothread 35254 102335 0 0 3 0x14200 aiodoned aiodoned 70530 254020 0 0 3 0x14200 syncer update 21585 338247 0 0 3 0x14200 cleaner cleaner 26278 390115 0 0 3 0x14200 reaper reaper 3682 130744 0 0 3 0x14200 pgdaemon pagedaemon 19492 176113 0 0 3 0x14200 bored viomb 64019 319410 0 0 3 0x40014200 acpi0 acpi0 64552 241110 0 0 3 0x14200 bored softnet3 25820 471255 0 0 3 0x14200 bored softnet2 96108 429116 0 0 3 0x14200 bored softnet1 61169 78184 0 0 3 0x14200 bored softnet0 9982 6191 0 0 3 0x14200 bored systqmp 91373 392324 0 0 3 0x14200 bored systq 75086 180863 0 0 3 0x40014200 tmoslp softclock 26592 237344 0 0 3 0x40014200 idle0 1 389591 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10209 6412K 6994K 166960K 18886 0 pcb 13 16K 18K 166960K 554 0 rtable 247 15K 17K 166960K 1559 0 pf 33 9K 10K 166960K 312 0 ifaddr 44 13K 14K 166960K 245 0 ifgroup 58 2K 2K 166960K 491 0 sysctl 4 1K 1K 166960K 8 0 counters 30 17K 17K 166960K 148 0 ioctlops 0 0K 2K 166960K 591 0 iov 0 0K 16K 166960K 625 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1447 90K 91K 166960K 4974 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 72 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 655 0 dirhash 12 2K 2K 166960K 39 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 69K 166960K 6112 0 sigio 0 0K 0K 166960K 607 0 proc 59 67K 83K 166960K 1419 0 subproc 104 6K 6K 166960K 405 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 525 0 in_multi 98 7K 7K 166960K 466 0 ether_multi 1 0K 0K 166960K 15 0 mrt 0 0K 0K 166960K 7 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 235 1049K 1049K 166960K 235 0 exec 0 0K 1K 166960K 2030 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 438 391K 391K 166960K 57836 0 UVM aobj 131 4K 4K 166960K 137 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 130 0 NDP 13 0K 1K 166960K 196 0 temp 74 5920K 6275K 166960K 69409 0 kqueue 12 18K 26K 166960K 461 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 613 0 610 11 8 3 5 0 8 2 rtentry 112 432 0 320 4 0 4 4 0 8 0 unpcb 144 6175 0 6162 57 51 6 8 0 8 5 syncache 312 89 0 89 13 12 1 1 0 8 1 sackhl 24 1 0 1 1 1 0 1 0 8 0 tcpqe 32 179 0 179 11 10 1 1 0 8 1 tcpcb 808 2438 0 2406 74 65 9 19 0 8 5 arp 88 80 0 63 1 0 1 1 0 8 0 ipq 40 6 0 5 4 3 1 1 0 8 0 ipqe 40 22 0 21 4 3 1 1 0 8 0 inpcb 336 5234 0 5192 71 63 8 17 0 8 4 nd6 104 111 0 82 1 0 1 1 0 8 0 pkpcb 40 67 0 67 6 5 1 1 0 8 1 kcovpl 48 31 0 23 1 0 1 1 0 8 0 ppxss 1160 41 0 41 7 7 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1722 0 1239 42 11 31 31 0 8 0 art_table 32 1723 0 1239 4 0 4 4 0 8 0 art_node 16 431 0 329 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 0 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 653 0 643 1 0 1 1 0 8 0 shmpl 112 134 0 6 4 0 4 4 0 8 0 dirhash 1024 35 0 18 3 0 3 3 0 8 0 dino2pl 256 9912 0 8414 94 0 94 94 0 8 0 ffsino 240 9912 0 8414 89 0 89 89 0 8 0 nchpl 144 18521 0 17967 63 41 22 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 71520 0 71519 8 7 1 3 0 8 0 vcpupl 2048 99 0 0 13 0 13 13 0 8 0 vmpool 664 115 0 16 9 0 9 9 0 8 0 kstatmem 264 262 0 236 2 0 2 2 0 8 0 scxspl 216 61963 0 61963 29 25 4 8 1 8 4 plimitpl 152 1242 0 1227 1 0 1 1 0 8 0 sigapl 424 6393 0 6327 8 0 8 8 0 8 0 futexpl 64 63860 0 63855 4 3 1 1 0 8 0 knotepl 120 55077 0 54997 18 15 3 10 0 8 0 kqueuepl 184 1178 0 1170 15 14 1 6 0 8 0 pipepl 288 2448 0 2420 49 42 7 11 0 8 4 fdescpl 432 6346 0 6319 4 0 4 4 0 8 0 filepl 120 50245 0 50003 73 59 14 18 0 8 4 lockfpl 104 2060 0 2058 4 3 1 2 0 8 0 lockfspl 48 638 0 636 1 0 1 1 0 8 0 sessionpl 144 47 0 31 1 0 1 1 0 8 0 pgrppl 48 206 0 190 1 0 1 1 0 8 0 ucredpl 104 6359 0 6341 1 0 1 1 0 8 0 zombiepl 144 6329 0 6327 1 0 1 1 0 8 0 processpl 1008 6393 0 6327 10 1 9 9 0 8 0 procpl 680 15268 0 15182 14 6 8 9 0 8 0 sosppl 168 81 0 80 7 6 1 1 0 8 0 sockpl 456 12111 0 12056 280 265 15 36 0 8 7 mcl64k 65536 269 0 266 2 1 1 2 0 8 0 mcl16k 16384 141 0 141 13 12 1 1 0 8 1 mcl12k 12288 255 0 255 8 7 1 1 0 8 1 mcl9k 9216 86 0 86 13 12 1 1 0 8 1 mcl8k 8192 480 0 480 8 7 1 1 0 8 1 mcl4k 4096 748 0 748 8 7 1 2 0 8 1 mcl2k2 2112 44 0 44 12 11 1 1 0 8 1 mcl2k 2048 80617 0 80462 66 44 22 34 0 8 1 mtagpl 96 968 0 655 17 9 8 9 0 8 0 mbufpl 256 185943 0 185459 246 213 33 73 0 8 0 bufpl 288 16081 0 9675 458 0 458 458 0 8 0 anonpl 24 781337 0 767505 180 82 98 138 0 188 0 amapchunkpl 152 185117 0 184258 62 25 37 44 0 158 0 amappl16 200 17176 0 16723 88 63 25 49 0 8 0 amappl15 192 9 0 9 1 1 0 1 0 8 0 amappl14 184 226 0 214 2 1 1 2 0 8 0 amappl13 176 15 0 15 1 1 0 1 0 8 0 amappl12 168 7325 0 7295 2 0 2 2 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 52 0 43 1 0 1 1 0 8 0 amappl9 144 209 0 208 2 1 1 1 0 8 0 amappl8 136 447 0 352 4 0 4 4 0 8 0 amappl7 128 226 0 202 2 0 2 2 0 8 0 amappl6 120 660 0 649 1 0 1 1 0 8 0 amappl5 112 219 0 211 1 0 1 1 0 8 0 amappl4 104 633 0 609 2 1 1 2 0 8 0 amappl3 96 36116 0 36027 3 0 3 3 0 8 0 amappl2 88 7124 0 7051 3 1 2 3 0 8 0 amappl1 80 32329 0 31820 22 10 12 22 0 8 0 amappl 88 56936 0 56684 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 136 0 6 3 0 3 3 0 8 0 uaddrrnd 24 6461 0 6335 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6461 0 6335 1 0 1 1 0 8 0 vmmpekpl 168 51420 0 51340 4 0 4 4 0 8 0 vmmpepl 168 393820 0 391446 224 98 126 126 0 357 10 vmsppl 368 6460 0 6335 12 0 12 12 0 8 0 rwobjpl 24 102957 0 95381 52 4 48 49 0 8 0 pdppl 4096 12928 0 12769 414 252 162 162 0 8 3 pvpl 32 2009225 0 1989695 526 342 184 360 0 265 11 pmappl 216 6460 0 6335 8 0 8 8 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1701 0 744 28 0 28 28 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff8000344697f0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff8000344697f0,1,ffff80002f56e008) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd807e6521b0,c0205602,ffff8000344697f0,1,fffffd807f7d74e0,ffff80002f56e008) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806600a708,c0205602,ffff8000344697f0,ffff80002f56e008) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002f56e008,ffff800034469900,ffff800034469950) at sys_ioctl+0x49e syscall(ffff8000344699c0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbaf80a63f00, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff8000344697f0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff8000344697f0,1,ffff80002f56e008) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd807e6521b0,c0205602,ffff8000344697f0,1,fffffd807f7d74e0,ffff80002f56e008) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806600a708,c0205602,ffff8000344697f0,ffff80002f56e008) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002f56e008,ffff800034469900,ffff800034469950) at sys_ioctl+0x49e syscall(ffff8000344699c0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbaf80a63f00, count: -8