kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800037923a30) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800037923a30,1,ffff80002a720560) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e7c4000,c0205602,ffff800037923a30,1,fffffd807f7d75b0,ffff80002a720560) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806b80a3d8,c0205602,ffff800037923a30,ffff80002a720560) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a720560,ffff800037923b40,ffff800037923b90) at sys_ioctl+0x49e syscall(ffff800037923c00) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3b0de88b220, count: -8 ddb> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff800037a51630 rbp 0xffff800037923780 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffffffffffc r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0xa7b9755a31b72f5f r11 0x225cc9880486c34 r12 0xffff800037a513a8 r13 0xffff8000379236b6 r14 0xffff800037a51000 r15 0x246 rip 0xffffffff8121cd3b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff8000379235e6 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb> show proc PROC (syz-executor.7) tid=188652 pid=40746 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a721550,0xffff80002a720ac0 process=0xffff80002a7287e0 user=0xffff80003791e000, vmspace=0xfffffd8073275a20 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 76312 441268 64387 0 2 0 syz-executor.0 76312 429081 64387 0 3 0x4000080 fsleep syz-executor.0 86608 103353 6173 0 2 0 syz-executor.2 86608 191115 6173 0 3 0x4000080 bell syz-executor.2 86608 122072 6173 0 3 0x4000080 fsleep syz-executor.2 86608 182191 6173 0 3 0x4000080 fsleep syz-executor.2 40746 432282 89293 0 2 0 syz-executor.7 *40746 188652 89293 0 7 0x4000000 syz-executor.7 31388 71074 99578 0 2 0 syz-executor.5 31388 210903 99578 0 3 0x4000080 fsleep syz-executor.5 31388 6239 99578 0 3 0x4000080 fsleep syz-executor.5 31388 69932 99578 0 3 0x4000080 fsleep syz-executor.5 18397 432942 29334 0 3 0x80 nanoslp syz-executor.1 18397 60339 29334 0 3 0x4000080 fsleep syz-executor.1 19650 516510 0 0 3 0x14200 acct acct 29334 475465 89959 0 3 0x82 nanoslp syz-executor.1 99578 482109 89959 0 3 0x82 nanoslp syz-executor.5 89293 311804 89959 0 3 0x82 nanoslp syz-executor.7 8607 327488 89959 0 2 0x2 syz-executor.3 67294 51109 89959 0 3 0x82 nanoslp syz-executor.4 6173 132533 89959 0 3 0x82 nanoslp syz-executor.2 90265 492293 0 0 3 0x14200 bored sosplice 20687 429842 1 0 3 0x100083 ttyopn getty 46926 135257 0 0 3 0x14280 nfsidl nfsio 64060 221364 0 0 3 0x14280 nfsidl nfsio 67870 473105 0 0 3 0x14280 nfsidl nfsio 91905 288465 0 0 3 0x14280 nfsidl nfsio 86129 285646 0 0 3 0x14280 nfsidl nfsio 8639 264176 0 0 3 0x14280 nfsidl nfsio 45479 200185 0 0 3 0x14280 nfsidl nfsio 6905 462585 0 0 3 0x14280 nfsidl nfsio 95819 313918 0 0 3 0x14280 nfsidl nfsio 58546 178827 0 0 3 0x14280 nfsidl nfsio 24828 11587 0 0 3 0x14280 nfsidl nfsio 56391 490398 0 0 3 0x14280 nfsidl nfsio 3706 26403 0 0 3 0x14280 nfsidl nfsio 98631 301751 0 0 3 0x14280 nfsidl nfsio 5758 517598 0 0 3 0x14280 nfsidl nfsio 57158 400177 0 0 3 0x14280 nfsidl nfsio 21128 446207 0 0 3 0x14280 nfsidl nfsio 39072 85559 0 0 3 0x14280 nfsidl nfsio 34316 75226 0 0 3 0x14280 nfsidl nfsio 94612 74288 0 0 3 0x14280 nfsidl nfsio 59585 190074 89959 0 2 0x2 syz-executor.6 64387 26134 89959 0 3 0x82 nanoslp syz-executor.0 89959 67196 62284 0 3 0x2000082 thrsleep syz-fuzzer 89959 247799 62284 0 3 0x6000082 nanoslp syz-fuzzer 89959 174516 62284 0 3 0x6000082 kqread syz-fuzzer 89959 42384 62284 0 3 0x6000082 wait syz-fuzzer 89959 457390 62284 0 3 0x6000082 thrsleep syz-fuzzer 89959 530 62284 0 3 0x6000082 wait syz-fuzzer 89959 95589 62284 0 3 0x6000082 wait syz-fuzzer 89959 310956 62284 0 3 0x6000082 thrsleep syz-fuzzer 89959 153285 62284 0 3 0x6000082 wait syz-fuzzer 89959 471706 62284 0 3 0x6000082 wait syz-fuzzer 89959 149055 62284 0 3 0x6000082 thrsleep syz-fuzzer 89959 84133 62284 0 3 0x6000082 wait syz-fuzzer 89959 404881 62284 0 3 0x6000082 wait syz-fuzzer 89959 398110 62284 0 3 0x6000082 wait syz-fuzzer 62284 174016 95998 0 3 0x10008a sigsusp ksh 95998 452760 2035 0 3 0x9a kqread sshd 2035 177679 1 0 3 0x88 kqread sshd 94277 108574 39101 73 3 0x1100090 kqread syslogd 39101 517291 1 0 3 0x100082 netio syslogd 96810 332503 1 0 3 0x100080 kqread resolvd 97648 145935 42085 77 3 0x100092 kqread dhcpleased 92835 154702 42085 77 3 0x100092 kqread dhcpleased 42085 469076 1 0 3 0x80 kqread dhcpleased 77105 399486 0 0 3 0x14200 bored smr 99043 2849 0 0 2 0x14200 zerothread 93221 39148 0 0 3 0x14200 aiodoned aiodoned 60703 153077 0 0 3 0x14200 syncer update 70691 92207 0 0 3 0x14200 cleaner cleaner 93618 138078 0 0 3 0x14200 reaper reaper 77675 302013 0 0 3 0x14200 pgdaemon pagedaemon 62948 382618 0 0 3 0x14200 bored viomb 87088 422672 0 0 3 0x40014200 acpi0 acpi0 9043 351148 0 0 3 0x14200 bored softnet3 5882 137667 0 0 3 0x14200 bored softnet2 68326 80036 0 0 3 0x14200 bored softnet1 62225 142598 0 0 3 0x14200 bored softnet0 72318 198158 0 0 3 0x14200 bored systqmp 82637 266667 0 0 3 0x14200 bored systq 58149 14391 0 0 3 0x40014200 tmoslp softclock 60579 66044 0 0 3 0x40014200 idle0 1 79483 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10202 6490K 7069K 166960K 20732 0 pcb 13 18K 20K 166960K 567 0 rtable 192 14K 15K 166960K 995 0 pf 32 9K 10K 166960K 121 0 ifaddr 37 10K 12K 166960K 132 0 ifgroup 55 2K 2K 166960K 206 0 sysctl 2 0K 0K 166960K 2 0 counters 29 17K 17K 166960K 73 0 ioctlops 0 0K 2K 166960K 258 0 iov 0 0K 16K 166960K 625 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1582 99K 99K 166960K 3933 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 51 0 VM map 2 1K 1K 166960K 2 0 sem 11 1K 1K 166960K 17 0 dirhash 12 2K 2K 166960K 18 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 70K 166960K 5543 0 sigio 0 0K 0K 166960K 178 0 proc 58 59K 83K 166960K 999 0 subproc 104 6K 7K 166960K 250 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 249 0 in_multi 78 5K 7K 166960K 289 0 ether_multi 1 0K 0K 166960K 8 0 mrt 1 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 67 307K 307K 166960K 67 0 exec 0 0K 1K 166960K 1453 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 424 333K 337K 166960K 52603 0 UVM aobj 131 4K 5K 166960K 137 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 123 0 NDP 12 0K 2K 166960K 99 0 temp 74 5920K 6000K 166960K 36489 0 kqueue 13 20K 24K 166960K 272 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 292 0 289 5 4 1 3 0 8 0 rtentry 112 295 0 209 4 0 4 4 0 8 0 unpcb 144 2732 0 2719 46 41 5 6 0 8 4 syncache 312 44 0 44 10 10 0 1 0 8 0 sackhl 24 1 0 1 1 1 0 1 0 8 0 tcpqe 32 388 0 388 10 10 0 2 0 8 0 tcpcb 808 3214 0 3210 82 80 2 15 0 8 1 arp 88 53 0 40 1 0 1 1 0 8 0 ipq 40 1 0 1 1 1 0 1 0 8 0 ipqe 40 4 0 4 1 1 0 1 0 8 0 inpcb 336 6103 0 6090 100 91 9 19 0 8 7 nd6 104 68 0 51 1 0 1 1 0 8 0 pkpcb 40 76 0 76 10 10 0 1 0 8 0 kcovpl 48 19 0 11 1 0 1 1 0 8 0 ppxss 1160 13 0 13 4 4 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1166 0 770 34 5 29 30 0 8 0 art_table 32 1167 0 770 4 0 4 4 0 8 0 art_node 16 294 0 215 1 0 1 1 0 8 0 sysvmsgpl 40 90 0 86 1 0 1 1 0 8 0 semupl 112 4 0 4 2 2 0 1 0 8 0 semapl 112 9 0 0 1 0 1 1 0 8 0 shmpl 112 134 0 6 4 0 4 4 0 8 0 dirhash 1024 21 0 4 3 0 3 3 0 8 0 dino2pl 256 8388 0 6917 93 0 93 93 0 8 0 ffsino 240 8388 0 6917 87 0 87 87 0 8 0 nchpl 144 15425 0 13775 63 0 63 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 55006 0 55005 10 9 1 3 0 8 0 vcpupl 2048 69 0 0 9 0 9 9 0 8 0 vmpool 664 69 0 0 6 0 6 6 0 8 0 kstatmem 264 112 0 88 3 1 2 3 0 8 0 scxspl 216 53018 0 53018 15 14 1 8 1 8 1 plimitpl 152 498 0 483 1 0 1 1 0 8 0 sigapl 424 5847 0 5782 8 0 8 8 0 8 0 futexpl 64 53340 0 53333 3 2 1 1 0 8 0 knotepl 120 49675 0 49592 13 10 3 10 0 8 0 kqueuepl 184 508 0 499 2 1 1 2 0 8 0 pipepl 288 1155 0 1127 31 28 3 7 0 8 0 fdescpl 432 5806 0 5780 4 0 4 4 0 8 0 filepl 120 37022 0 36774 67 54 13 15 0 8 5 lockfpl 104 1316 0 1314 2 1 1 2 0 8 0 lockfspl 48 579 0 577 1 0 1 1 0 8 0 sessionpl 144 35 0 19 1 0 1 1 0 8 0 pgrppl 48 122 0 106 1 0 1 1 0 8 0 ucredpl 104 4194 0 4183 1 0 1 1 0 8 0 zombiepl 144 5783 0 5782 2 1 1 1 0 8 0 processpl 1008 5847 0 5782 10 1 9 9 0 8 0 procpl 680 13836 0 13749 10 2 8 9 0 8 0 sosppl 168 62 0 61 10 9 1 1 0 8 0 sockpl 456 9284 0 9256 255 243 12 30 0 8 8 mcl64k 65536 194 0 194 13 12 1 1 0 8 1 mcl16k 16384 106 0 106 12 11 1 1 0 8 1 mcl12k 12288 970 0 970 8 7 1 1 0 8 1 mcl9k 9216 98 0 98 13 12 1 1 0 8 1 mcl8k 8192 290 0 290 16 15 1 1 0 8 1 mcl4k 4096 602 0 602 9 8 1 1 0 8 1 mcl2k2 2112 136 0 136 11 11 0 1 0 8 0 mcl2k 2048 79618 0 79561 64 55 9 29 0 8 0 mtagpl 96 542 0 269 8 1 7 7 0 8 0 mbufpl 256 190477 0 190114 274 248 26 67 0 8 0 bufpl 288 14899 0 8496 458 0 458 458 0 8 0 anonpl 24 699042 0 685042 208 119 89 158 0 188 0 amapchunkpl 152 170247 0 169421 104 68 36 72 0 158 1 amappl16 200 14138 0 13689 59 33 26 37 0 8 0 amappl15 192 5 0 5 1 1 0 1 0 8 0 amappl14 184 195 0 182 2 1 1 2 0 8 0 amappl13 176 82 0 82 2 2 0 1 0 8 0 amappl12 168 6631 0 6601 3 1 2 2 0 8 0 amappl11 160 52 0 42 1 0 1 1 0 8 0 amappl10 152 80 0 69 1 0 1 1 0 8 0 amappl9 144 182 0 179 1 0 1 1 0 8 0 amappl8 136 358 0 269 5 1 4 4 0 8 0 amappl7 128 219 0 197 2 0 2 2 0 8 0 amappl6 120 484 0 472 1 0 1 1 0 8 0 amappl5 112 226 0 218 1 0 1 1 0 8 0 amappl4 104 573 0 550 2 1 1 2 0 8 0 amappl3 96 34614 0 34534 3 0 3 3 0 8 0 amappl2 88 6467 0 6394 3 0 3 3 0 8 0 amappl1 80 29185 0 28680 22 10 12 22 0 8 0 amappl 88 51861 0 51622 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 136 0 6 3 0 3 3 0 8 0 uaddrrnd 24 5875 0 5780 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5875 0 5780 1 0 1 1 0 8 0 vmmpekpl 168 43580 0 43508 4 0 4 4 0 8 0 vmmpepl 168 354340 0 352042 214 107 107 123 0 357 0 vmsppl 368 5874 0 5780 10 1 9 9 0 8 0 rwobjpl 24 93308 0 85752 49 2 47 48 0 8 0 pdppl 4096 11756 0 11629 410 278 132 132 0 8 5 pvpl 32 1767529 0 1747950 564 389 175 360 0 265 10 pmappl 216 5874 0 5780 6 0 6 6 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1739 0 855 28 1 27 27 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800037923a30) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800037923a30,1,ffff80002a720560) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e7c4000,c0205602,ffff800037923a30,1,fffffd807f7d75b0,ffff80002a720560) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806b80a3d8,c0205602,ffff800037923a30,ffff80002a720560) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a720560,ffff800037923b40,ffff800037923b90) at sys_ioctl+0x49e syscall(ffff800037923c00) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3b0de88b220, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800037923a30) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800037923a30,1,ffff80002a720560) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e7c4000,c0205602,ffff800037923a30,1,fffffd807f7d75b0,ffff80002a720560) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806b80a3d8,c0205602,ffff800037923a30,ffff80002a720560) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a720560,ffff800037923b40,ffff800037923b90) at sys_ioctl+0x49e syscall(ffff800037923c00) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3b0de88b220, count: -8