¹j¼õ¬|ÿ ž¨E1\…:Š@ kernel: protection fault trap, code=0 Stopped at bpfdetach+0x70: movq 0(%r15),%r12 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace bpfdetach(ffff80000147a800) at bpfdetach+0x70 sys/net/bpf.c:1770 if_detach(ffff80000147a800) at if_detach+0x1bb sys/net/if.c:1201 tun_clone_destroy(ffff80000147a800) at tun_clone_destroy+0x2d6 sys/net/if_tun.c:340 if_clone_destroy(ffff800036fe8890) at if_clone_destroy+0x1d7 sys/net/if.c:1390 ifioctl(ffff800001643418,80206979,ffff800036fe8890,ffff80003a81dc70) at ifioctl+0x5c5 sys/net/if.c:-1 sys_ioctl(ffff80003a81dc70,ffff800036fe8a70,ffff800036fe89c0) at sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1 syscall(ffff800036fe8a70) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff800036fe8a70) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x398d357efb0, count: -8 ddb{0}> show registers rdi 0xffff800037ff5000 rsi 0x1f8b2 acpi_pdirpa+0xb723 rbp 0xffff800036fe86b0 rbx 0x80206979 __kernel_virt_to_phys+0x206979 rdx 0xffff800037ff5000 rcx 0x1f8b1 acpi_pdirpa+0xb722 rax 0xffffffff81fdd2c9 bpfdetach+0xb9 r8 0 r9 0xffffffffffffffff r10 0xb619303b1e9824de r11 0xd104df05ce299eb0 r12 0xdead0002deadbeef r13 0x800 r14 0xffff80000147a800 r15 0xdead0002deadbeef rip 0xffffffff81fdd280 bpfdetach+0x70 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800036fe8680 ss 0x10 bpfdetach+0x70: movq 0(%r15),%r12 ddb{0}> show proc PROC (syz-executor) tid=503596 pid=13905 tcnt=2 stat=onproc flags process=1000 proc=4080000 runpri=32, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80003a81cd10 scnt=1 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003a81cd10,0xffff80003a81d9f0 process=0xffff80003c4ab570 user=0xffff800036fe3000, vmspace=0xfffffd80672913e8 estcpu=33, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 37419 402340 22773 0 2 0 syz-executor 37419 345539 22773 0 3 0x4000080 fsleep syz-executor 80587 421673 27514 0 2 0 syz-executor 80587 152400 27514 0 3 0x4000080 sbwait syz-executor 68314 331050 77917 0 2 0 syz-executor 68314 184209 77917 0 3 0x4000080 rest syz-executor 13905 490947 16729 0 3 0x3000 suspend syz-executor *13905 503596 16729 0 7 0x4081000 syz-executor 2442 63169 0 0 3 0x14280 nfsidl nfsio 4919 304292 0 0 3 0x14280 nfsidl nfsio 28129 66861 0 0 3 0x14280 nfsidl nfsio 68179 456034 0 0 3 0x14280 nfsidl nfsio 53542 62918 0 0 3 0x14280 nfsidl nfsio 93076 269909 0 0 3 0x14280 nfsidl nfsio 69486 308152 0 0 3 0x14280 nfsidl nfsio 2685 365501 0 0 3 0x14280 nfsidl nfsio 31869 191117 0 0 3 0x14280 nfsidl nfsio 30575 84044 0 0 3 0x14280 nfsidl nfsio 16243 301649 0 0 3 0x14280 nfsidl nfsio 75213 104560 0 0 3 0x14280 nfsidl nfsio 20079 197179 0 0 3 0x14280 nfsidl nfsio 98510 330499 0 0 3 0x14280 nfsidl nfsio 28434 456697 0 0 3 0x14280 nfsidl nfsio 97502 476382 0 0 3 0x14280 nfsidl nfsio 71942 124495 0 0 3 0x14280 nfsidl nfsio 93983 364473 0 0 3 0x14280 nfsidl nfsio 35149 408250 0 0 3 0x14280 nfsidl nfsio 59580 29908 0 0 3 0x14280 nfsidl nfsio 16729 474187 12149 0 3 0x82 nanoslp syz-executor 77917 29255 12149 0 3 0x82 nanoslp syz-executor 35489 467872 12149 0 3 0x82 nanoslp syz-executor 3209 255035 12149 0 3 0x82 nanoslp syz-executor 20827 41789 12149 0 3 0x82 wait syz-executor 76012 321246 1 0 3 0x100083 ttyin getty 90208 154559 12149 0 2 0x2 syz-executor 27514 432116 12149 0 3 0x82 nanoslp syz-executor 22773 296260 12149 0 3 0x82 nanoslp syz-executor 4467 83638 0 0 3 0x14200 bored sosplice 12149 14613 74494 0 3 0x82 kqread syz-executor 74494 295084 10720 0 3 0x10008a sigsusp ksh 10720 246755 70202 0 3 0x98 kqread sshd-session 70202 413195 39423 0 3 0x92 kqread sshd-session 39423 238885 1 0 3 0x88 kqread sshd 86129 380490 59093 74 3 0x1100092 bpf pflogd 59093 288576 1 0 3 0x80 sbwait pflogd 61953 69645 7059 73 3 0x1100090 kqread syslogd 7059 147141 1 0 3 0x100082 sbwait syslogd 85766 238818 1 0 3 0x100080 kqread resolvd 86907 96142 83608 77 3 0x100092 kqread dhcpleased 86423 357356 83608 77 3 0x100092 kqread dhcpleased 83608 330953 1 0 3 0x80 kqread dhcpleased 75262 107481 0 0 3 0x14200 bored smr 71287 453942 0 0 2 0x14200 zerothread 7006 452848 0 0 3 0x14200 aiodoned aiodoned 12265 491227 0 0 3 0x14200 syncer update 43394 485503 0 0 3 0x14200 cleaner cleaner 9319 448243 0 0 2 0x14200 reaper 81394 86307 0 0 3 0x14200 pgdaemon pagedaemon 44596 9162 0 0 3 0x14200 bored viomb 91210 169144 0 0 3 0x40014200 acpi0 acpi0 43973 524035 0 0 7 0x40014200 idle1 27405 174412 0 0 3 0x14200 bored softnet3 37073 349918 0 0 3 0x14200 bored softnet2 11828 437729 0 0 3 0x14200 bored softnet1 68015 318237 0 0 2 0x14200 softnet0 32915 171811 0 0 3 0x14200 bored systqmp 95694 340362 0 0 3 0x14200 bored systq 79490 412129 0 0 3 0x14200 tmoslp softclockmp 42324 186281 0 0 3 0x40014200 tmoslp softclock 42265 517236 0 0 3 0x40014200 idle0 1 424693 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks Process 13905 (syz-executor) thread 0xffff80003a81dc70 (503596) Process 9319 (reaper) thread 0xffff8000ffffd488 (448243) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10248 11180K 12628K 166960K 23266 0 pcb 17 20K 26K 166960K 2040 0 rtable 198 21K 22K 166960K 1320 0 pf 35 17K 67486K 166960K 500 0 ifaddr 34 7K 10K 166960K 356 0 ifgroup 51 2K 2K 166960K 633 0 sysctl 4 1K 9K 166960K 66 0 counters 66 36K 38K 166960K 834 0 ioctlops 0 0K 4K 166960K 3075 0 iov 0 0K 40K 166960K 532 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1647 103K 104K 166960K 8857 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 36K 64K 166960K 85 0 VM map 2 1K 1K 166960K 2 0 sem 25 32K 32K 166960K 178 0 dirhash 15 2K 2K 166960K 177 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 240K 166960K 6289 0 sigio 0 0K 0K 166960K 170 0 proc 73 91K 128K 166960K 1769 0 subproc 72 4K 4K 166960K 273 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1477 0 in_multi 62 4K 7K 166960K 528 0 ether_multi 1 0K 0K 166960K 73 0 mrt 1 0K 0K 166960K 52 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 271 1208K 1208K 166960K 271 0 exec 0 0K 1K 166960K 1951 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 10 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 239 160K 178K 166960K 57242 0 UVM aobj 133 8K 8K 166960K 136 0 pinsyscall 41 82K 103K 166960K 7921 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 419 0 NDP 11 0K 2K 166960K 270 0 temp 81 8684K 8940K 166960K 269374 0 kqueue 14 22K 33K 166960K 1144 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 757 0 754 9 8 1 3 0 8 0 rtentry 176 458 0 397 5 0 5 5 0 8 0 unpcb 144 4808 0 4787 31 30 1 6 0 8 0 syncache 336 9 0 9 4 4 0 1 0 8 0 tcpqe 32 7 0 7 2 2 0 1 0 8 0 tcpcb 736 1928 0 1923 29 28 1 7 0 8 0 arp 128 57 0 47 1 0 1 1 0 8 0 inpcb 328 8425 0 8415 59 51 8 15 0 8 6 nd6 144 98 0 89 1 0 1 1 0 8 0 pkpcb 40 76 0 76 5 4 1 1 0 8 1 kcovpl 48 30 0 22 1 0 1 1 0 8 0 mppekey 1024 6 0 6 2 2 0 1 0 8 0 ppxss 1192 308 0 308 2 1 1 1 0 8 1 pppxif 1504 18 0 18 7 7 0 1 0 8 0 pfstscr 40 1 0 0 1 0 1 1 0 8 0 pffrag 232 49 0 38 2 0 2 2 0 482 0 pffrnode 88 36 0 27 1 0 1 1 0 8 0 pffrent 40 158 0 146 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 375 0 225 1 0 1 1 0 8 0 pfstkey 128 375 0 225 6 0 6 6 0 8 0 pfstate 384 374 0 225 17 0 17 17 0 8 0 pfrule 1344 23 0 17 2 1 1 2 0 8 0 rttmr 136 17 0 17 10 9 1 1 0 8 1 art_heap8 4096 5 0 1 5 1 4 5 0 8 0 art_heap4 256 2153 0 1856 46 22 24 28 0 8 1 art_table 40 2158 0 1857 5 0 5 5 0 8 0 art_node 32 450 0 400 1 0 1 1 0 8 0 sysvmsgpl 40 23 0 17 1 0 1 1 0 8 0 semupl 112 2 0 2 2 2 0 1 0 8 0 semapl 112 169 0 146 1 0 1 1 0 8 0 shmpl 112 133 0 3 4 0 4 4 0 8 0 dirhash 1024 131 0 112 3 0 3 3 0 8 0 dino2pl 256 13243 0 11683 98 0 98 98 0 8 0 ffsino 288 13243 0 11683 114 2 112 112 0 8 0 nchpl 144 21873 0 21275 65 40 25 65 0 8 0 rtmask 32 40 0 40 5 5 0 1 0 8 0 uvmvnodes 80 5966 0 0 122 0 122 122 0 8 0 vnodes 216 5966 0 0 332 0 332 332 0 8 0 namei 1024 79657 0 79656 10 9 1 2 0 8 0 percpumem 16 432 0 384 1 0 1 1 0 8 0 kstatmem 264 418 0 392 3 0 3 3 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 29 0 29 8 8 0 1 0 8 0 scxspl 216 175362 0 175362 15 14 1 8 1 8 1 plimitpl 152 1567 0 1550 1 0 1 1 0 8 0 sigapl 424 6593 0 6523 13 5 8 9 0 8 0 knotepl 120 844 0 0 25 1 24 24 0 8 0 kqueuepl 224 2661 0 2650 24 23 1 5 0 8 0 pipepl 336 1008 0 981 25 20 5 8 0 8 2 fdescpl 520 6500 0 6470 3 0 3 3 0 8 0 filepl 160 49477 0 49253 51 37 14 20 0 8 0 lockfpl 104 5644 0 5642 10 9 1 3 0 8 0 lockfspl 48 2430 0 2428 3 2 1 2 0 8 0 sessionpl 144 46 0 37 1 0 1 1 0 8 0 pgrppl 48 268 0 251 1 0 1 1 0 8 0 ucredpl 104 7238 0 7225 1 0 1 1 0 8 0 zombiepl 144 7488 0 7484 1 0 1 1 0 8 0 processpl 1240 6593 0 6523 6 0 6 6 0 8 0 procpl 656 16345 0 16271 10 2 8 8 0 8 0 sosppl 168 46 0 46 8 7 1 1 0 8 1 sockpl 728 14298 0 14264 124 114 10 22 0 8 6 mcl64k 65536 17 0 0 3 0 3 3 0 8 0 mcl16k 16384 11 0 0 2 0 2 2 0 8 0 mcl12k 12288 4 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 115 0 0 14 0 14 14 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 92 0 0 11 0 11 11 0 8 0 mtagpl 96 100 0 0 3 0 3 3 0 8 0 mbufpl 256 1318 0 0 75 0 75 75 0 8 0 bufpl 280 75123 0 68981 441 1 440 440 0 8 0 anonpl 32 15545 0 0 125 0 125 125 0 246 0 amapchunkpl 152 199835 0 199302 78 49 29 36 0 158 1 amappl16 200 23878 0 23844 192 175 17 39 0 8 7 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 160 0 147 1 0 1 1 0 8 0 amappl13 176 10 0 9 5 4 1 1 0 8 0 amappl12 168 7501 0 7471 3 1 2 2 0 8 0 amappl11 160 53 0 39 1 0 1 1 0 8 0 amappl10 152 10 0 10 1 1 0 1 0 8 0 amappl9 144 248 0 247 3 2 1 1 0 8 0 amappl8 136 23 0 20 1 0 1 1 0 8 0 amappl7 128 168 0 155 1 0 1 1 0 8 0 amappl6 120 407 0 402 1 0 1 1 0 8 0 amappl5 112 211 0 200 1 0 1 1 0 8 0 amappl4 104 327 0 306 1 0 1 1 0 8 0 amappl3 96 41625 0 41517 5 1 4 4 0 8 0 amappl2 88 1053 0 988 2 0 2 2 0 8 0 amappl1 80 35134 0 34531 16 1 15 15 0 8 0 amappl 88 55126 0 54959 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma16384 16384 2 0 2 2 2 0 1 0 8 0 dma8192 8192 1 0 1 1 1 0 1 0 8 0 dma4096 4096 2 0 2 2 2 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 10 0 10 5 5 0 1 0 8 0 dma128 128 266 0 266 5 5 0 1 0 8 0 dma64 64 8 0 8 3 3 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 135 0 3 3 0 3 3 0 8 0 uaddrrnd 24 6500 0 6470 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6500 0 6470 1 0 1 1 0 8 0 vmmpekpl 168 46563 0 46489 4 0 4 4 0 8 0 vmmpepl 168 403760 0 401770 180 71 109 123 0 357 2 vmsppl 480 6499 0 6469 6 1 5 5 0 8 0 rwobjpl 72 105429 0 98375 158 20 138 141 0 8 0 pdppl 4096 13008 0 12938 134 62 72 84 0 8 2 pvpl 32 24892 0 0 201 1 200 200 0 265 0 pmappl 256 6499 0 6469 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 591 0 161 13 0 13 13 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace bpfdetach(ffff80000147a800) at bpfdetach+0x70 sys/net/bpf.c:1770 if_detach(ffff80000147a800) at if_detach+0x1bb sys/net/if.c:1201 tun_clone_destroy(ffff80000147a800) at tun_clone_destroy+0x2d6 sys/net/if_tun.c:340 if_clone_destroy(ffff800036fe8890) at if_clone_destroy+0x1d7 sys/net/if.c:1390 ifioctl(ffff800001643418,80206979,ffff800036fe8890,ffff80003a81dc70) at ifioctl+0x5c5 sys/net/if.c:-1 sys_ioctl(ffff80003a81dc70,ffff800036fe8a70,ffff800036fe89c0) at sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1 syscall(ffff800036fe8a70) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff800036fe8a70) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x398d357efb0, count: -8 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu_x86.c:1218 sched_idle(ffff8000299ddff0) at sched_idle+0x4d8 sys/kern/kern_sched.c:191 end trace frame: 0x0, count: -5