kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace done_flush() at done_flush+0x38 vm_run(ffff80002db7fa90) at vm_run+0x163 vmmioctl(a00,c0205602,ffff80002db7fa90,1,ffff800034428560) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd807579e5e8,c0205602,ffff80002db7fa90,1,fffffd807f7d7618,ffff800034428560) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8061e39440,c0205602,ffff80002db7fa90,ffff800034428560) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff800034428560,ffff80002db7fba0,ffff80002db7fbf0) at sys_ioctl+0x49e syscall(ffff80002db7fc60) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xee156f6b740, count: -8 ddb> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff80003442ee30 rbp 0xffff80002db7f7e0 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffffffffffc r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0x749904a8ef72dce3 r11 0x28e2101531a46c6d r12 0xffff80003442eba8 r13 0xffff80002db7f716 r14 0xffff80003442e800 r15 0x246 rip 0xffffffff8121cd3b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff80002db7f646 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb> show proc PROC (syz-executor.0) tid=131313 pid=48166 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=75, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff800034428d58,0xffff80002a6fa010 process=0xffff80002a739b90 user=0xffff80002db7a000, vmspace=0xfffffd8067a3c750 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 36273 316857 49181 0 2 0 syz-executor.6 36273 183896 49181 0 2 0x4000000 syz-executor.6 23798 142363 29587 0 2 0 syz-executor.4 23798 379462 29587 0 2 0x4000000 syz-executor.4 48166 503012 48668 0 2 0 syz-executor.0 *48166 131313 48668 0 7 0x4000000 syz-executor.0 55142 364748 46310 0 2 0 syz-executor.3 55142 102440 46310 0 3 0x4000080 fsleep syz-executor.3 80380 84931 13138 0 2 0 syz-executor.5 80380 266726 13138 0 3 0x4000080 bell syz-executor.5 40457 324096 54125 0 2 0x2 syz-executor.2 29587 208194 54125 0 3 0x82 nanoslp syz-executor.4 13138 498739 54125 0 3 0x82 nanoslp syz-executor.5 46310 346949 54125 0 3 0x82 nanoslp syz-executor.3 10466 103677 54125 0 2 0x2 syz-executor.7 56921 404252 54125 0 2 0x2 syz-executor.1 53213 152784 0 0 3 0x14200 bored sosplice 79246 199394 0 0 3 0x14280 nfsidl nfsio 72084 402921 0 0 3 0x14280 nfsidl nfsio 6711 154950 0 0 3 0x14280 nfsidl nfsio 58058 522628 0 0 3 0x14280 nfsidl nfsio 17804 393536 0 0 3 0x14280 nfsidl nfsio 54987 476312 0 0 3 0x14280 nfsidl nfsio 68626 158929 0 0 3 0x14280 nfsidl nfsio 99337 69310 0 0 3 0x14280 nfsidl nfsio 22183 349510 0 0 3 0x14280 nfsidl nfsio 4809 471913 0 0 3 0x14280 nfsidl nfsio 17692 480252 0 0 3 0x14280 nfsidl nfsio 18355 495190 0 0 3 0x14280 nfsidl nfsio 56295 362883 0 0 3 0x14280 nfsidl nfsio 39881 203977 0 0 3 0x14280 nfsidl nfsio 58657 255151 0 0 3 0x14280 nfsidl nfsio 93803 59080 0 0 3 0x14280 nfsidl nfsio 1337 491082 0 0 3 0x14280 nfsidl nfsio 74571 196045 0 0 3 0x14280 nfsidl nfsio 27353 87318 0 0 3 0x14280 nfsidl nfsio 46054 326171 0 0 3 0x14280 nfsidl nfsio 49181 457482 54125 0 3 0x82 nanoslp syz-executor.6 48668 25201 54125 0 3 0x82 nanoslp syz-executor.0 54125 518499 20003 0 3 0x2000082 wait syz-fuzzer 54125 469601 20003 0 3 0x6000082 nanoslp syz-fuzzer 54125 173958 20003 0 3 0x6000082 wait syz-fuzzer 54125 520976 20003 0 3 0x6000082 wait syz-fuzzer 54125 72890 20003 0 3 0x6000082 wait syz-fuzzer 54125 124971 20003 0 3 0x6000082 wait syz-fuzzer 54125 319632 20003 0 3 0x6000082 thrsleep syz-fuzzer 54125 159965 20003 0 3 0x6000082 thrsleep syz-fuzzer 54125 368368 20003 0 3 0x6000082 wait syz-fuzzer 54125 345096 20003 0 3 0x6000082 thrsleep syz-fuzzer 54125 88965 20003 0 3 0x6000082 thrsleep syz-fuzzer 54125 309819 20003 0 3 0x6000082 wait syz-fuzzer 54125 201024 20003 0 3 0x6000082 kqread syz-fuzzer 54125 286496 20003 0 3 0x6000082 wait syz-fuzzer 20003 216270 79377 0 3 0x10008a sigsusp ksh 79377 307304 20825 0 3 0x9a kqread sshd 88538 17088 1 0 3 0x100083 ttyin getty 20825 28283 1 0 3 0x88 kqread sshd 7294 390557 81020 73 3 0x1100090 kqread syslogd 81020 132470 1 0 3 0x100082 netio syslogd 54369 255579 1 0 3 0x100080 kqread resolvd 64263 366550 91185 77 3 0x100092 kqread dhcpleased 5949 407809 91185 77 3 0x100092 kqread dhcpleased 91185 14830 1 0 3 0x80 kqread dhcpleased 51763 387662 0 0 3 0x14200 bored smr 1016 11080 0 0 2 0x14200 zerothread 27757 119795 0 0 3 0x14200 aiodoned aiodoned 98966 302773 0 0 3 0x14200 syncer update 82753 458664 0 0 3 0x14200 cleaner cleaner 99859 242266 0 0 3 0x14200 reaper reaper 31558 367324 0 0 3 0x14200 pgdaemon pagedaemon 22542 221738 0 0 3 0x14200 bored viomb 14470 396070 0 0 3 0x40014200 acpi0 acpi0 29877 399850 0 0 3 0x14200 bored softnet3 59169 308492 0 0 3 0x14200 bored softnet2 97751 504829 0 0 3 0x14200 bored softnet1 65012 37557 0 0 3 0x14200 bored softnet0 33355 107618 0 0 3 0x14200 bored systqmp 97529 252259 0 0 3 0x14200 bored systq 90071 189645 0 0 3 0x40014200 tmoslp softclock 51610 503441 0 0 3 0x40014200 idle0 1 268099 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10227 6617K 8183K 166960K 38946 0 pcb 13 16K 21K 166960K 525 0 rtable 174 13K 15K 166960K 787 0 pf 27 8K 9K 166960K 216 0 ifaddr 32 9K 12K 166960K 152 0 ifgroup 46 2K 2K 166960K 351 0 sysctl 3 0K 0K 166960K 5 0 counters 27 17K 17K 166960K 103 0 ioctlops 0 0K 2K 166960K 207 0 iov 0 0K 48K 166960K 861 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1572 98K 99K 166960K 8358 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 106 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 412 0 dirhash 12 2K 3K 166960K 39 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 77K 166960K 4979 0 sigio 0 0K 0K 166960K 266 0 proc 58 59K 75K 166960K 898 0 subproc 104 6K 6K 166960K 211 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 132 0 in_multi 67 5K 7K 166960K 215 0 ether_multi 1 0K 0K 166960K 1 0 mrt 0 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 241 1076K 1076K 166960K 241 0 exec 0 0K 1K 166960K 1134 0 pfkey data 0 0K 0K 166960K 8 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 370 334K 340K 166960K 48269 0 UVM aobj 131 4K 4K 166960K 131 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 169 0 NDP 10 0K 1K 166960K 120 0 temp 74 5920K 6112K 166960K 44834 0 kqueue 12 18K 28K 166960K 379 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 177 0 174 1 0 1 1 0 8 0 rtentry 112 227 0 150 4 1 3 4 0 8 0 unpcb 144 5396 0 5383 58 56 2 10 0 8 1 syncache 312 48 0 48 8 8 0 1 0 8 0 sackhl 24 1 0 1 1 0 1 1 0 8 1 tcpqe 32 171 0 171 7 7 0 1 0 8 0 tcpcb 808 1569 0 1553 37 33 4 10 0 8 0 arp 88 37 0 27 1 0 1 1 0 8 0 ipq 40 4 0 4 2 2 0 1 0 8 0 ipqe 40 79 0 79 2 2 0 1 0 8 0 inpcb 336 4028 0 4009 56 46 10 14 0 8 6 nd6 104 58 0 41 1 0 1 1 0 8 0 pkpcb 40 154 0 154 5 5 0 1 0 8 0 kcovpl 48 16 0 8 1 0 1 1 0 8 0 ppxss 1160 18 0 18 5 5 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 943 0 560 38 7 31 31 0 8 0 art_table 32 944 0 560 4 0 4 4 0 8 0 art_node 16 223 0 152 1 0 1 1 0 8 0 sysvmsgpl 40 19 0 11 1 0 1 1 0 8 0 semapl 112 410 0 400 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 35 0 18 3 0 3 3 0 8 0 dino2pl 256 8440 0 6970 93 0 93 93 0 8 0 ffsino 240 8440 0 6970 87 0 87 87 0 8 0 nchpl 144 15290 0 14731 63 41 22 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 56807 0 56805 2 1 1 2 0 8 0 vcpupl 2048 25 0 0 4 0 4 4 0 8 0 vmpool 664 76 0 51 4 1 3 3 0 8 0 kstatmem 264 172 0 152 2 0 2 2 0 8 0 scxspl 216 44324 0 44324 15 14 1 8 1 8 1 plimitpl 152 1017 0 1002 1 0 1 1 0 8 0 sigapl 424 5284 0 5221 8 0 8 8 0 8 0 futexpl 64 52721 0 52720 1 0 1 1 0 8 0 knotepl 120 45229 0 45147 11 6 5 10 0 8 0 kqueuepl 184 1051 0 1043 19 18 1 9 0 8 0 pipepl 288 1289 0 1261 41 34 7 11 0 8 4 fdescpl 432 5246 0 5220 4 0 4 4 0 8 0 filepl 120 39458 0 39219 68 56 12 17 0 8 3 lockfpl 104 1919 0 1917 6 5 1 2 0 8 0 lockfspl 48 707 0 705 1 0 1 1 0 8 0 sessionpl 144 31 0 15 1 0 1 1 0 8 0 pgrppl 48 186 0 170 1 0 1 1 0 8 0 ucredpl 104 5146 0 5133 1 0 1 1 0 8 0 zombiepl 144 5221 0 5221 1 0 1 1 0 8 1 processpl 1008 5284 0 5221 10 1 9 9 0 8 0 procpl 680 12808 0 12727 12 4 8 9 0 8 0 sosppl 168 69 0 67 4 3 1 1 0 8 0 sockpl 456 9755 0 9720 218 202 16 35 0 8 8 mcl64k 65536 214 0 214 5 4 1 1 0 8 1 mcl16k 16384 96 0 96 10 9 1 1 0 8 1 mcl12k 12288 268 0 268 8 7 1 1 0 8 1 mcl9k 9216 110 0 110 12 12 0 1 0 8 0 mcl8k 8192 369 0 369 9 8 1 3 0 8 1 mcl4k 4096 695 0 695 4 3 1 2 0 8 1 mcl2k2 2112 30 0 30 9 9 0 1 0 8 0 mcl2k 2048 77769 0 77712 51 42 9 32 0 8 0 mtagpl 96 1282 0 1117 19 9 10 17 0 8 1 mbufpl 256 172136 0 171872 272 229 43 88 0 8 3 bufpl 288 12652 0 6258 458 0 458 458 0 8 0 anonpl 24 650956 0 636958 144 43 101 109 0 188 0 amapchunkpl 152 155551 0 154761 68 32 36 45 0 158 1 amappl16 200 13356 0 12907 55 30 25 37 0 8 0 amappl15 192 15 0 15 1 1 0 1 0 8 0 amappl14 184 209 0 197 2 1 1 2 0 8 0 amappl13 176 21 0 20 1 0 1 1 0 8 0 amappl12 168 5991 0 5963 2 0 2 2 0 8 0 amappl11 160 80 0 70 1 0 1 1 0 8 0 amappl10 152 47 0 37 1 0 1 1 0 8 0 amappl9 144 196 0 195 2 1 1 1 0 8 0 amappl8 136 296 0 224 3 0 3 3 0 8 0 amappl7 128 196 0 174 2 0 2 2 0 8 0 amappl6 120 433 0 424 1 0 1 1 0 8 0 amappl5 112 214 0 206 1 0 1 1 0 8 0 amappl4 104 524 0 500 2 1 1 2 0 8 0 amappl3 96 30389 0 30311 3 0 3 3 0 8 0 amappl2 88 5911 0 5838 3 1 2 3 0 8 0 amappl1 80 27460 0 26962 22 10 12 22 0 8 0 amappl 88 47571 0 47351 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 5322 0 5271 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5322 0 5271 1 0 1 1 0 8 0 vmmpekpl 168 42568 0 42512 4 0 4 4 0 8 0 vmmpepl 168 324260 0 322062 201 94 107 139 0 357 0 vmsppl 368 5321 0 5271 5 0 5 5 0 8 0 rwobjpl 24 86471 0 78954 49 2 47 48 0 8 0 pdppl 4096 10650 0 10567 283 195 88 88 0 8 5 pvpl 32 1578287 0 1558898 400 219 181 360 0 265 6 pmappl 216 5321 0 5271 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1482 0 625 26 0 26 26 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff80002db7fa90) at vm_run+0x163 vmmioctl(a00,c0205602,ffff80002db7fa90,1,ffff800034428560) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd807579e5e8,c0205602,ffff80002db7fa90,1,fffffd807f7d7618,ffff800034428560) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8061e39440,c0205602,ffff80002db7fa90,ffff800034428560) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff800034428560,ffff80002db7fba0,ffff80002db7fbf0) at sys_ioctl+0x49e syscall(ffff80002db7fc60) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xee156f6b740, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff80002db7fa90) at vm_run+0x163 vmmioctl(a00,c0205602,ffff80002db7fa90,1,ffff800034428560) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd807579e5e8,c0205602,ffff80002db7fa90,1,fffffd807f7d7618,ffff800034428560) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8061e39440,c0205602,ffff80002db7fa90,ffff800034428560) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff800034428560,ffff80002db7fba0,ffff80002db7fbf0) at sys_ioctl+0x49e syscall(ffff80002db7fc60) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xee156f6b740, count: -8