kernel: protection fault trap, code=0 Stopped at sys_msgrcv+0x3f2: movq 0x10(%r13),%rdi ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace sys_msgrcv(ffff80002a4b11c8,ffff800037663a80,ffff8000376639d0) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a4b11c8,ffff800037663a80,ffff8000376639d0) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff800037663a80) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa88a0685310, count: -3 ddb> show registers rdi 0 rsi 0x20001208 rbp 0xffff8000376639a0 rbx 0 rdx 0xffff80000128a0c0 rcx 0 rax 0xa r8 0x7f7fffffc000 r9 0 r10 0x2562c0162e5d225f r11 0x154aca820b3572a r12 0xfffffd8071e08e38 r13 0xdeadbeefdeadbeef r14 0xffff8000012e8f00 r15 0xa rip 0xffffffff82a5e462 sys_msgrcv+0x3f2 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff800037663900 ss 0x10 sys_msgrcv+0x3f2: movq 0x10(%r13),%rdi ddb> show proc PROC (syz-executor) tid=207320 pid=50661 tcnt=5 stat=onproc flags process=0 proc=4000000 runpri=36, usrpri=50, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a4b1450,0xffff80002a4d1470 process=0xffff8000327f5e10 user=0xffff80003765e000, vmspace=0xfffffd806c215c70 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 50661 459860 19269 0 2 0 syz-executor *50661 207320 19269 0 7 0x4000000 syz-executor 50661 186388 19269 0 2 0x4000000 syz-executor 50661 471250 19269 0 2 0x4000000 syz-executor 50661 335148 19269 0 2 0x4000000 syz-executor 50269 326581 41700 0 3 0x80 nanoslp syz-executor 50269 25649 41700 0 3 0x4000080 piperd syz-executor 50269 39297 41700 0 3 0x4000080 fsleep syz-executor 29017 245468 75424 0 3 0x80 nanoslp syz-executor 29017 469277 75424 0 3 0x4000080 lockf syz-executor 29017 326914 75424 0 3 0x4000080 fsleep syz-executor 93151 494309 54313 0 3 0x82 wait syz-executor 31522 314887 0 0 3 0x14200 bored sosplice 19269 233000 54313 0 3 0x82 nanoslp syz-executor 30769 389113 54313 0 3 0x82 wait syz-executor 41700 55627 54313 0 3 0x82 nanoslp syz-executor 21905 448140 54313 0 2 0x2 syz-executor 75424 57114 54313 0 3 0x82 nanoslp syz-executor 64347 482860 54313 0 2 0x2 syz-executor 70568 262870 54313 0 3 0x82 nanoslp syz-executor 54313 491734 61006 0 3 0x82 kqread syz-executor 61006 264724 46099 0 3 0x10008a sigsusp ksh 46099 255453 46605 0 3 0x98 kqread sshd-session 46605 377265 5427 0 3 0x92 kqread sshd-session 48336 338926 1 0 3 0x100083 ttyin getty 5427 42021 1 0 3 0x88 kqread sshd 25505 516334 58151 73 3 0x1100090 kqread syslogd 58151 141817 1 0 3 0x100082 sbwait syslogd 2723 428988 1 0 3 0x100080 kqread resolvd 23022 462530 0 0 3 0x14200 bored smr 76596 331819 0 0 2 0x14200 zerothread 35317 81968 0 0 3 0x14200 aiodoned aiodoned 92968 416881 0 0 3 0x14200 syncer update 24888 305788 0 0 3 0x14200 cleaner cleaner 37471 178363 0 0 3 0x14200 reaper reaper 51041 270562 0 0 3 0x14200 pgdaemon pagedaemon 77381 272396 0 0 3 0x14200 bored viomb 48825 495250 0 0 3 0x40014200 acpi0 acpi0 58524 497979 0 0 3 0x14200 bored softnet3 78803 467997 0 0 3 0x14200 bored softnet2 85197 502065 0 0 3 0x14200 bored softnet1 12567 102831 0 0 2 0x14200 softnet0 39934 131606 0 0 3 0x14200 bored systqmp 7829 206243 0 0 3 0x14200 bored systq 20342 151894 0 0 3 0x40014200 tmoslp softclock 74826 371383 0 0 3 0x40014200 idle0 1 179498 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10167 11044K 11373K 166960K 11484 0 pcb 17 12K 12K 166960K 78 0 rtable 199 7K 8K 166960K 436 0 pf 32 13K 15K 166960K 50 0 ifaddr 36 6K 7K 166960K 54 0 ifgroup 46 2K 2K 166960K 65 0 sysctl 3 0K 0K 166960K 3 0 counters 29 17K 17K 166960K 35 0 ioctlops 0 0K 4K 166960K 119 0 iov 0 0K 24K 166960K 40 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1427 90K 90K 166960K 1665 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 9 0 VM map 2 1K 1K 166960K 2 0 sem 11 0K 0K 166960K 18 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1690 195K 286K 166960K 12468 0 file desc 16 57K 97K 166960K 511 0 sigio 0 0K 0K 166960K 15 0 proc 54 43K 124K 166960K 535 0 subproc 104 6K 6K 166960K 117 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 58 0 in_multi 84 6K 7K 166960K 123 0 ether_multi 1 0K 0K 166960K 3 0 mrt 0 0K 0K 166960K 2 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 91 413K 413K 166960K 91 0 exec 0 0K 1K 166960K 511 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 198 71K 90K 166960K 5985 0 UVM aobj 14 4K 6K 166960K 16 0 pinsyscall 31 62K 100K 166960K 1550 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 10 0 NDP 10 0K 2K 166960K 34 0 temp 57 6815K 6884K 166960K 12194 0 kqueue 9 16K 28K 166960K 88 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 64 0 63 1 0 1 1 0 8 0 rtentry 112 132 0 43 4 0 4 4 0 8 0 unpcb 144 419 0 410 7 6 1 6 0 8 0 syncache 336 4 0 4 1 1 0 1 0 8 0 tcpcb 808 112 0 107 4 3 1 4 0 8 0 arp 88 24 0 8 1 0 1 1 0 8 0 ipq 40 1 0 0 1 0 1 1 0 8 0 ipqe 40 1 0 0 1 0 1 1 0 8 0 inpcb 336 448 0 442 10 8 2 10 0 8 0 nd6 104 28 0 6 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 1 0 1 0 8 0 kcovpl 48 9 0 1 1 0 1 1 0 8 0 ppxss 1072 3 0 3 1 1 0 1 0 8 0 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstitem 24 1 0 0 1 0 1 1 0 8 0 pfstkey 128 5 0 4 1 0 1 1 0 8 0 pfstate 344 3 0 2 1 0 1 1 0 8 0 pfrule 1344 2 0 1 1 0 1 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 507 0 136 29 2 27 29 0 8 0 art_table 32 509 0 136 4 0 4 4 0 8 0 art_node 16 130 0 51 1 0 1 1 0 8 0 sysvmsgpl 40 10 0 6 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 13 0 4 1 0 1 1 0 8 0 shmpl 112 13 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 2236 0 738 95 0 95 95 0 8 0 ffsino 240 2236 0 738 89 0 89 89 0 8 0 nchpl 144 2969 0 1289 63 0 63 63 0 8 0 uvmvnodes 80 2516 0 0 52 0 52 52 0 8 0 vnodes 216 2516 0 0 140 0 140 140 0 8 0 namei 1024 9226 0 9226 5 4 1 2 0 8 1 kstatmem 264 32 0 12 2 0 2 2 0 8 0 scxspl 216 8091 0 8091 3 2 1 3 1 8 1 plimitpl 152 139 0 122 1 0 1 1 0 8 0 sigapl 424 788 0 746 7 1 6 7 0 8 0 futexpl 64 5782 0 5779 1 0 1 1 0 8 0 knotepl 120 16433 0 16400 17 15 2 10 0 8 0 kqueuepl 184 116 0 108 1 0 1 1 0 8 0 pipepl 288 179 0 150 5 2 3 5 0 8 0 fdescpl 432 770 0 745 5 1 4 5 0 8 0 filepl 120 3839 0 3604 15 5 10 12 0 8 1 lockfpl 104 98 0 95 1 0 1 1 0 8 0 lockfspl 48 44 0 42 1 0 1 1 0 8 0 sessionpl 144 22 0 15 1 0 1 1 0 8 0 pgrppl 48 40 0 25 1 0 1 1 0 8 0 ucredpl 104 411 0 400 1 0 1 1 0 8 0 zombiepl 144 752 0 749 1 0 1 1 0 8 0 processpl 1096 788 0 746 4 0 4 4 0 8 0 procpl 648 1343 0 1293 6 0 6 6 0 8 0 sosppl 168 2 0 2 1 1 0 1 0 8 0 sockpl 504 936 0 919 33 29 4 20 0 8 0 mcl64k 65536 5 0 5 1 1 0 1 0 8 0 mcl16k 16384 1 0 1 1 1 0 1 0 8 0 mcl12k 12288 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 10 0 10 2 2 0 1 0 8 0 mcl4k 4096 3022 0 2970 15 8 7 14 0 8 0 mcl2k 2048 553 0 548 4 3 1 3 0 8 0 mtagpl 96 11 0 8 1 0 1 1 0 8 0 mbufpl 256 8360 0 8214 17 3 14 16 0 8 0 bufpl 280 2689 0 97 186 0 186 186 0 8 0 anonpl 24 172055 0 169336 66 42 24 46 0 187 0 amapchunkpl 152 20822 0 20361 42 21 21 34 0 158 0 amappl16 200 4206 0 4179 34 31 3 15 0 8 0 amappl15 192 8 0 8 1 1 0 1 0 8 0 amappl14 184 104 0 97 1 0 1 1 0 8 0 amappl13 176 7 0 7 1 1 0 1 0 8 0 amappl12 168 1393 0 1368 3 1 2 3 0 8 0 amappl11 160 47 0 43 1 0 1 1 0 8 0 amappl10 152 9 0 9 1 1 0 1 0 8 0 amappl9 144 142 0 142 1 1 0 1 0 8 0 amappl8 136 23 0 20 1 0 1 1 0 8 0 amappl7 128 95 0 88 1 0 1 1 0 8 0 amappl6 120 173 0 172 1 0 1 1 0 8 0 amappl5 112 133 0 128 1 0 1 1 0 8 0 amappl4 104 281 0 267 1 0 1 1 0 8 0 amappl3 96 3666 0 3581 3 0 3 3 0 8 0 amappl2 88 1029 0 973 2 0 2 2 0 8 0 amappl1 80 8415 0 7988 14 2 12 14 0 8 0 amappl 88 5601 0 5442 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 15 0 2 1 0 1 1 0 8 0 uaddrrnd 24 770 0 745 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 770 0 745 1 0 1 1 0 8 0 vmmpekpl 168 7396 0 7362 2 0 2 2 0 8 0 vmmpepl 168 53592 0 52116 94 20 74 89 0 357 0 vmsppl 352 769 0 745 4 1 3 4 0 8 0 rwobjpl 24 20594 0 17353 21 0 21 21 0 8 0 pdppl 4096 1546 0 1490 98 38 60 82 0 8 4 pvpl 32 376943 0 369232 143 66 77 111 0 265 2 pmappl 216 769 0 745 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 417 0 107 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace sys_msgrcv(ffff80002a4b11c8,ffff800037663a80,ffff8000376639d0) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a4b11c8,ffff800037663a80,ffff8000376639d0) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff800037663a80) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa88a0685310, count: -3 ddb> machine ddbcpu 1 No such command ddb> trace sys_msgrcv(ffff80002a4b11c8,ffff800037663a80,ffff8000376639d0) at sys_msgrcv+0x3f2 msg_copyout sys/kern/sysv_msg.c:639 [inline] sys_msgrcv(ffff80002a4b11c8,ffff800037663a80,ffff8000376639d0) at sys_msgrcv+0x3f2 sys/kern/sysv_msg.c:349 syscall(ffff800037663a80) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa88a0685310, count: -3