kernel: protection fault trap, code=0 Stopped at bpfdetach+0x70: movq 0(%r15),%r12 ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace bpfdetach(ffff80000149a800) at bpfdetach+0x70 sys/net/bpf.c:1778 if_detach(ffff80000149a800) at if_detach+0x153 sys/net/if.c:1212 tun_clone_destroy(ffff80000149a800) at tun_clone_destroy+0x2d6 sys/net/if_tun.c:346 if_clone_destroy(ffff8000357eedd0) at if_clone_destroy+0x1d7 sys/net/if.c:1401 ifioctl(ffff800010fe16d8,80206979,ffff8000357eedd0,ffff80002a296f80) at ifioctl+0x5c5 sys/net/if.c:-1 sys_ioctl(ffff80002a296f80,ffff8000357eefb0,ffff8000357eef00) at sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1 syscall(ffff8000357eefb0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff8000357eefb0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x6a1801c5b90, count: -8 ddb{0}> show registers rdi 0xffff80003b426000 rsi 0x4e8f2 acpi_pdirpa+0x3a763 rbp 0xffff8000357eebf0 rbx 0x80206979 __kernel_virt_to_phys+0x206979 rdx 0xffff80003b426000 rcx 0x4e8f1 acpi_pdirpa+0x3a762 rax 0xffffffff81c1ca29 bpfdetach+0xb9 r8 0 r9 0xffffffffffffffff r10 0x21e3d3907c20d62 r11 0xd0d77649ede51083 r12 0xdead007fdeadbeef r13 0x800 r14 0xffff80000149a800 r15 0xdead007fdeadbeef rip 0xffffffff81c1c9e0 bpfdetach+0x70 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000357eebc0 ss 0x10 bpfdetach+0x70: movq 0(%r15),%r12 ddb{0}> show proc PROC (syz-executor) tid=442747 pid=28355 tcnt=2 stat=onproc flags process=1000 proc=4080000 runpri=32, usrpri=72, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff800039bfc548 scnt=1 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a2979c0,0xffff8000ffff34a0 process=0xffff80003ac1fa40 user=0xffff8000357ea000, vmspace=0xfffffd806c206978 estcpu=22, cpticks=0, pctcpu=0.1, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 90213 317916 1803 0 3 0x3000 suspend syz-executor 90213 130321 1803 0 2 0x4081000 syz-executor 76290 387994 52605 0 4 0x82000 syz-executor 76290 231459 52605 0 2 0x4082000 syz-executor 76290 302036 52605 0 2 0x4082000 syz-executor 76290 499536 52605 0 4 0x4082000 syz-executor 76290 331852 52605 0 4 0x4082000 syz-executor 76290 91788 52605 0 4 0x4082000 syz-executor 76290 309093 52605 0 2 0x4082000 syz-executor 76290 453102 52605 0 2 0x4082000 syz-executor 76290 98946 52605 0 3 0x4002000 suspend syz-executor 49888 230524 76941 0 2 0 syz-executor 49888 369466 76941 0 3 0x4000080 fsleep syz-executor 49888 517512 76941 0 2 0x4000000 syz-executor 49888 221219 76941 0 2 0x4000000 syz-executor 49888 419150 76941 0 3 0x4000080 fsleep syz-executor 1869 420728 0 0 3 0x14200 bored sosplice 28355 266797 11895 0 3 0x3000 suspend syz-executor *28355 442747 11895 0 7 0x4081000 syz-executor 1803 417812 2670 0 2 0xc82 syz-executor 20278 167794 2670 0 3 0x82 piperd syz-executor 53829 88701 2670 0 3 0x82 piperd syz-executor 93420 207636 2670 0 3 0x82 piperd syz-executor 11895 156539 2670 0 2 0xc82 syz-executor 66859 154862 2670 0 2 0xc82 syz-executor 76941 132112 2670 0 2 0x2 syz-executor 52605 201099 2670 0 2 0xc82 syz-executor 2670 320470 96595 0 2 0x2 syz-executor 96595 404078 93924 0 3 0x10008a sigsusp ksh 93924 485552 5370 0 3 0x98 kqread sshd-session 5370 8047 81345 0 3 0x92 kqread sshd-session 26780 425578 1 0 3 0x100083 ttyin getty 81345 408348 1 0 3 0x88 kqread sshd 77421 109719 2827 74 3 0x1100092 bpf pflogd 2827 65710 1 0 3 0x80 sbwait pflogd 77319 351042 82846 73 3 0x1100090 kqread syslogd 82846 244213 1 0 3 0x100082 sbwait syslogd 92451 501678 1 0 7 0x100001 resolvd 27553 33034 78331 77 2 0x100092 dhcpleased 47277 259909 78331 77 3 0x100092 kqread dhcpleased 78331 271691 1 0 3 0x80 kqread dhcpleased 68605 233396 0 0 3 0x14200 bored smr 67430 185324 0 0 3 0x14200 pgzero zerothread 67032 303623 0 0 3 0x14200 aiodoned aiodoned 65462 182955 0 0 3 0x14200 syncer update 62 175616 0 0 3 0x14200 cleaner cleaner 54703 278019 0 0 3 0x14200 reaper reaper 57817 290730 0 0 3 0x14200 pgdaemon pagedaemon 90222 521518 0 0 3 0x14200 bored viomb 16913 4785 0 0 3 0x40014200 acpi0 acpi0 22084 382950 0 0 3 0x40014200 idle1 35645 213883 0 0 3 0x14200 bored softnet3 42739 366884 0 0 3 0x14200 bored softnet2 5530 192048 0 0 3 0x14200 bored softnet1 41848 164950 0 0 2 0x14200 softnet0 30536 466631 0 0 3 0x14200 bored systqmp 76584 433846 0 0 3 0x14200 bored systq 19379 235625 0 0 2 0x14200 softclockmp 7386 379676 0 0 3 0x40014200 tmoslp softclock 31454 343295 0 0 3 0x40014200 idle0 1 242236 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 28355 (syz-executor) thread 0xffff80002a296f80 (442747) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff838f4090) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1160 #1 __mp_acquire_count+0x58 sys/kern/kern_lock.c:-1 #2 sleep_finish+0x2da sys/kern/kern_synch.c:366 #3 rw_do_enter_write+0x1d3 sys/kern/kern_rwlock.c:291 #4 bpf_detachd+0x1b5 sys/net/bpf.c:353 #5 bpfclose+0x101 sys/net/bpf.c:425 #6 spec_close+0x45f sys/kern/spec_vnops.c:-1 #7 VOP_CLOSE+0x133 sys/kern/vfs_vops.c:156 #8 vclean+0x20f sys/kern/vfs_subr.c:1090 #9 vgonel+0xb0 sys/kern/vfs_subr.c:1192 #10 vop_generic_revoke+0x3e6 sys/kern/vfs_default.c:124 #11 VOP_REVOKE+0x65 sys/kern/vfs_vops.c:291 #12 vdevgone+0x17b sys/kern/vfs_subr.c:-1 #13 bpfsdetach+0x140 sys/net/bpf.c:1802 #14 bpfdetach+0xa6 sys/net/bpf.c:-1 #15 if_detach+0x153 sys/net/if.c:1212 #16 tun_clone_destroy+0x2d6 sys/net/if_tun.c:346 #17 if_clone_destroy+0x1d7 sys/net/if.c:1401 #18 ifioctl+0x5c5 sys/net/if.c:-1 exclusive rwlock clonelk r = 0 (0xffffffff83867028) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x377 sys/kern/kern_rwlock.c:310 #2 if_clone_destroy+0x67 sys/net/if.c:-1 #3 ifioctl+0x5c5 sys/net/if.c:-1 #4 sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1 #5 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] #5 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579 #6 Xsyscall+0x128 Process 2670 (syz-executor) thread 0xffff80002a2ba538 (320470) exclusive rwlock sbufsnd r = 0 (0xffff8000014638a8) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x377 sys/kern/kern_rwlock.c:310 #2 sblock+0xb7 sys/kern/uipc_socket2.c:536 #3 sosend+0x2e2 sys/kern/uipc_socket.c:630 #4 dofilewritev+0x23c sys/kern/sys_generic.c:380 #5 sys_write+0xa2 sys/kern/sys_generic.c:300 #6 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] #6 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579 #7 Xsyscall+0x128 Process 41848 (softnet0) thread 0xffff8000ffffea40 (164950) shared rwlock softnet0 r = 0 (0xffff80000002c078) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1160 #1 taskq_thread+0x12a sys/kern/kern_task.c:442 #2 proc_trampoline+0x10 Process 19379 (softclockmp) thread 0xffff8000ffffe290 (235625) shared rwlock timeout r = 0 (0xffffffff837f8d98) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1160 #1 timeout_run+0x115 sys/kern/kern_timeout.c:690 #2 softclock_thread_run+0xec sys/kern/kern_timeout.c:838 #3 softclock_thread_mp+0x8f sys/kern/kern_timeout.c:873 #4 proc_trampoline+0x10 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10209 11283K 11550K 166960K 11713 0 pcb 17 12K 12K 166960K 54 0 rtable 224 7K 8K 166960K 389 0 pf 32 17K 19K 166960K 56 0 ifaddr 40 7K 7K 166960K 49 0 ifgroup 51 2K 2K 166960K 64 0 sysctl 4 1K 9K 166960K 8 0 counters 66 36K 37K 166960K 80 0 ioctlops 0 0K 4K 166960K 1541 0 iov 0 0K 8K 166960K 6 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1458 92K 93K 166960K 1784 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 6 0 VM map 2 1K 1K 166960K 2 0 sem 9 0K 0K 166960K 13 0 dirhash 12 2K 2K 166960K 18 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 53K 93K 166960K 315 0 sigio 0 0K 0K 166960K 3 0 proc 72 91K 140K 166960K 553 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 88 0 in_multi 88 6K 7K 166960K 111 0 ether_multi 1 0K 0K 166960K 2 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 67 307K 307K 166960K 67 0 exec 0 0K 1K 166960K 395 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 257 168K 177K 166960K 4657 0 UVM aobj 9 2K 2K 166960K 10 0 pinsyscall 40 80K 106K 166960K 1438 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 5 0 NDP 11 0K 1K 166960K 31 0 temp 55 8680K 8744K 166960K 8335 0 kqueue 13 20K 29K 166960K 58 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 48 0 45 1 0 1 1 0 8 0 rtentry 176 116 0 14 6 0 6 6 0 8 0 unpcb 144 117 0 96 1 0 1 1 0 8 0 syncache 336 4 0 4 1 0 1 1 0 8 1 tcpqe 32 1 0 1 1 0 1 1 0 8 1 tcpcb 808 48 0 43 2 0 2 2 0 8 1 arp 128 18 0 2 1 0 1 1 0 8 0 inpcb 328 334 0 326 7 0 7 7 0 8 6 nd6 144 25 0 4 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 0 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1192 5 0 4 1 0 1 1 0 8 0 pppxif 1504 1 0 1 1 0 1 1 0 8 1 pffrag 232 1 0 0 1 0 1 1 0 482 0 pffrnode 88 1 0 0 1 0 1 1 0 8 0 pffrent 40 1 0 0 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 26 0 0 1 0 1 1 0 8 0 pfstkey 128 26 0 0 1 0 1 1 0 8 0 pfstate 384 26 0 0 3 0 3 3 0 8 0 pfrule 1344 22 0 16 2 0 2 2 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 461 0 52 29 0 29 29 0 8 1 art_table 32 463 0 52 4 0 4 4 0 8 0 art_node 16 115 0 22 1 0 1 1 0 8 0 sysvmsgpl 40 2 0 1 1 0 1 1 0 8 0 semapl 112 10 0 3 1 0 1 1 0 8 0 shmpl 112 7 0 1 1 0 1 1 0 8 0 dirhash 1024 22 0 5 3 0 3 3 0 8 0 dino2pl 256 2032 0 530 96 0 96 96 0 8 1 ffsino 288 2032 0 530 109 0 109 109 0 8 0 nchpl 144 2473 0 785 63 0 63 63 0 8 0 uvmvnodes 80 2355 0 0 49 0 49 49 0 8 0 vnodes 216 2355 0 0 131 0 131 131 0 8 0 namei 1024 8068 0 8068 2 1 1 2 0 8 1 percpumem 16 55 0 7 1 0 1 1 0 8 0 kstatmem 264 32 0 7 2 0 2 2 0 8 0 scsiplug 72 2 0 2 1 0 1 1 0 8 1 scxspl 216 9821 0 9821 10 2 8 8 1 8 8 plimitpl 152 112 0 94 1 0 1 1 0 8 0 sigapl 424 627 0 579 7 0 7 7 0 8 1 knotepl 120 302 0 0 10 0 10 10 0 8 0 kqueuepl 224 74 0 63 2 0 2 2 0 8 1 pipepl 336 120 0 93 3 0 3 3 0 8 0 fdescpl 520 608 0 579 3 0 3 3 0 8 0 filepl 160 3309 0 3081 15 0 15 15 0 8 5 lockfpl 104 90 0 88 1 0 1 1 0 8 0 lockfspl 48 37 0 35 1 0 1 1 0 8 0 sessionpl 144 23 0 14 1 0 1 1 0 8 0 pgrppl 48 32 0 15 1 0 1 1 0 8 0 ucredpl 104 637 0 624 1 0 1 1 0 8 0 zombiepl 144 582 0 579 1 0 1 1 0 8 0 processpl 1240 627 0 579 5 0 5 5 0 8 0 procpl 656 972 0 910 6 0 6 6 0 8 0 srpgc 96 4 0 4 1 0 1 1 0 8 1 sosppl 168 1 0 1 1 0 1 1 0 8 1 sockpl 728 511 0 471 10 0 10 10 0 8 6 mcl64k 65536 2 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 2 0 0 1 0 1 1 0 8 0 mcl4k 4096 120 0 0 15 0 15 15 0 8 0 mcl2k 2048 25 0 0 4 0 4 4 0 8 0 mtagpl 96 69 0 0 2 0 2 2 0 8 0 mbufpl 256 228 0 0 15 0 15 15 0 8 0 bufpl 280 3633 0 124 251 0 251 251 0 8 0 anonpl 32 7494 0 0 61 0 61 61 0 246 0 amapchunkpl 152 13624 0 13063 24 0 24 24 0 158 0 amappl16 200 2236 0 1985 15 1 14 14 0 8 0 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 150 0 138 1 0 1 1 0 8 0 amappl13 176 20 0 20 1 1 0 1 0 8 0 amappl12 168 1266 0 1237 3 1 2 2 0 8 0 amappl11 160 60 0 46 1 0 1 1 0 8 0 amappl10 152 3 0 3 1 1 0 1 0 8 0 amappl9 144 248 0 248 1 1 0 1 0 8 0 amappl8 136 43 0 41 1 0 1 1 0 8 0 amappl7 128 108 0 95 1 0 1 1 0 8 0 amappl6 120 205 0 202 1 0 1 1 0 8 0 amappl5 112 136 0 127 1 0 1 1 0 8 0 amappl4 104 324 0 304 1 0 1 1 0 8 0 amappl3 96 2531 0 2414 4 0 4 4 0 8 0 amappl2 88 655 0 594 2 0 2 2 0 8 0 amappl1 80 9304 0 8703 15 0 15 15 0 8 1 amappl 88 3920 0 3736 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 2 1 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 9 0 1 1 0 1 1 0 8 0 uaddrrnd 24 608 0 579 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 608 0 579 1 0 1 1 0 8 0 vmmpekpl 168 6763 0 6720 3 0 3 3 0 8 0 vmmpepl 168 45425 0 43268 96 0 96 96 0 357 0 vmsppl 480 607 0 579 5 0 5 5 0 8 1 rwobjpl 72 17373 0 13816 65 0 65 65 0 8 0 pdppl 4096 1224 0 1158 102 30 72 86 0 8 6 pvpl 32 13979 0 0 113 0 113 113 0 265 0 pmappl 256 607 0 579 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 392 0 33 11 0 11 11 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace bpfdetach(ffff80000149a800) at bpfdetach+0x70 sys/net/bpf.c:1778 if_detach(ffff80000149a800) at if_detach+0x153 sys/net/if.c:1212 tun_clone_destroy(ffff80000149a800) at tun_clone_destroy+0x2d6 sys/net/if_tun.c:346 if_clone_destroy(ffff8000357eedd0) at if_clone_destroy+0x1d7 sys/net/if.c:1401 ifioctl(ffff800010fe16d8,80206979,ffff8000357eedd0,ffff80002a296f80) at ifioctl+0x5c5 sys/net/if.c:-1 sys_ioctl(ffff80002a296f80,ffff8000357eefb0,ffff8000357eef00) at sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1 syscall(ffff8000357eefb0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff8000357eefb0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x6a1801c5b90, count: -8 ddb{0}> machine ddbcpu 1