kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace done_flush() at done_flush+0x38 vm_run(ffff8000378f0de0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff8000378f0de0,1,ffff80003791f558) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e3bd360,c0205602,ffff8000378f0de0,1,fffffd807f7d7618,ffff80003791f558) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8067c7b878,c0205602,ffff8000378f0de0,ffff80003791f558) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80003791f558,ffff8000378f0ef0,ffff8000378f0f40) at sys_ioctl+0x49e syscall(ffff8000378f0fb0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x36b7f0f84e0, count: -8 ddb> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff8000313e3630 rbp 0xffff8000378f0b30 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffffffffffc r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0x809b1208af397378 r11 0xfe080420e6734713 r12 0xffff8000313e33a8 r13 0xffff8000378f0a66 r14 0xffff8000313e3000 r15 0x246 rip 0xffffffff824a994b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff8000378f0996 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb> show proc PROC (syz-executor.2) tid=467104 pid=87235 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=78, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a6d7d50,0xffff80003783d560 process=0xffff8000311de008 user=0xffff8000378ec000, vmspace=0xfffffd805b3e9d20 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 16016 442053 24172 0 2 0 syz-executor.1 29542 476461 71214 0 2 0 syz-executor.3 29542 144840 71214 0 3 0x4000080 fifor syz-executor.3 29542 411089 71214 0 3 0x4000080 fsleep syz-executor.3 87562 154020 96570 0 2 0 syz-executor.5 87562 392173 96570 0 3 0x4000080 fsleep syz-executor.5 87235 182729 61671 0 2 0 syz-executor.2 *87235 467104 61671 0 7 0x4000000 syz-executor.2 21263 476601 29492 0 2 0 syz-executor.0 21263 19260 29492 0 3 0x4000080 fsleep syz-executor.0 40931 392956 79490 0 2 0 syz-executor.7 40931 6803 79490 0 3 0x4000080 fsleep syz-executor.7 38899 225679 45560 0 2 0 syz-executor.6 38899 231474 45560 0 3 0x4000080 tunread syz-executor.6 73680 441234 19311 0 2 0x2 syz-executor.4 61671 124527 19311 0 3 0x82 nanoslp syz-executor.2 24172 201651 19311 0 3 0x82 nanoslp syz-executor.1 96570 55510 19311 0 3 0x82 nanoslp syz-executor.5 45560 280702 19311 0 3 0x82 nanoslp syz-executor.6 71214 131024 19311 0 3 0x82 nanoslp syz-executor.3 29492 111006 19311 0 3 0x82 nanoslp syz-executor.0 53304 108243 1 0 3 0x100083 ttyopn getty 56059 263160 0 0 3 0x14280 nfsidl nfsio 65002 466825 0 0 3 0x14280 nfsidl nfsio 18161 26554 0 0 3 0x14280 nfsidl nfsio 48785 140017 0 0 3 0x14280 nfsidl nfsio 84479 450989 0 0 3 0x14280 nfsidl nfsio 75573 411626 0 0 3 0x14280 nfsidl nfsio 84474 317160 0 0 3 0x14280 nfsidl nfsio 38680 150694 0 0 3 0x14280 nfsidl nfsio 87825 482285 0 0 3 0x14280 nfsidl nfsio 70185 288669 0 0 3 0x14280 nfsidl nfsio 974 346048 0 0 3 0x14280 nfsidl nfsio 12196 160733 0 0 3 0x14280 nfsidl nfsio 69168 475481 0 0 3 0x14280 nfsidl nfsio 26616 283664 0 0 3 0x14280 nfsidl nfsio 69155 330626 0 0 3 0x14280 nfsidl nfsio 37409 254208 0 0 3 0x14280 nfsidl nfsio 37045 111079 0 0 3 0x14280 nfsidl nfsio 41997 66312 0 0 3 0x14280 nfsidl nfsio 81854 29928 0 0 3 0x14280 nfsidl nfsio 44278 271200 0 0 3 0x14280 nfsidl nfsio 79490 448808 19311 0 3 0x82 nanoslp syz-executor.7 78069 81084 0 0 3 0x14200 acct acct 15560 36027 0 0 3 0x14200 bored sosplice 19311 62889 6091 0 3 0x2000082 wait syz-fuzzer 19311 36244 6091 0 3 0x6000082 nanoslp syz-fuzzer 19311 77231 6091 0 3 0x6000082 wait syz-fuzzer 19311 468036 6091 0 3 0x6000082 thrsleep syz-fuzzer 19311 496635 6091 0 3 0x6000082 thrsleep syz-fuzzer 19311 319294 6091 0 3 0x6000082 wait syz-fuzzer 19311 447764 6091 0 3 0x6000082 wait syz-fuzzer 19311 497619 6091 0 3 0x6000082 thrsleep syz-fuzzer 19311 69548 6091 0 3 0x6000082 wait syz-fuzzer 19311 512875 6091 0 3 0x6000082 wait syz-fuzzer 19311 461311 6091 0 3 0x6000082 thrsleep syz-fuzzer 19311 510376 6091 0 3 0x6000082 kqread syz-fuzzer 19311 486410 6091 0 3 0x6000082 wait syz-fuzzer 19311 132190 6091 0 3 0x6000082 wait syz-fuzzer 19311 95988 6091 0 3 0x6000082 thrsleep syz-fuzzer 6091 109258 30935 0 3 0x10008a sigsusp ksh 30935 384215 59678 0 3 0x9a kqread sshd 59678 302817 1 0 3 0x88 kqread sshd 44295 413431 30639 73 3 0x1100090 kqread syslogd 30639 247505 1 0 3 0x100082 netio syslogd 16011 235072 1 0 3 0x100080 kqread resolvd 20603 227071 83389 77 3 0x100092 kqread dhcpleased 33935 375920 83389 77 3 0x100092 kqread dhcpleased 83389 193343 1 0 3 0x80 kqread dhcpleased 73089 325659 0 0 3 0x14200 bored smr 70965 370866 0 0 2 0x14200 zerothread 52875 405414 0 0 3 0x14200 aiodoned aiodoned 37736 218840 0 0 3 0x14200 syncer update 61986 42139 0 0 3 0x14200 cleaner cleaner 28599 496304 0 0 3 0x14200 reaper reaper 53540 141162 0 0 3 0x14200 pgdaemon pagedaemon 81517 371972 0 0 3 0x14200 bored viomb 20502 24472 0 0 3 0x40014200 acpi0 acpi0 81276 114196 0 0 3 0x14200 bored softnet3 79441 348757 0 0 3 0x14200 bored softnet2 77750 387354 0 0 3 0x14200 bored softnet1 81549 62637 0 0 3 0x14200 bored softnet0 86836 69850 0 0 3 0x14200 bored systqmp 16909 243955 0 0 3 0x14200 bored systq 37766 378493 0 0 3 0x40014200 tmoslp softclock 50421 146302 0 0 3 0x40014200 idle0 1 17507 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10240 6571K 14756K 166960K 80076 0 pcb 13 20K 24K 166960K 933 0 rtable 217 15K 16K 166960K 2397 0 pf 36 10K 10K 166960K 549 0 ifaddr 42 12K 13K 166960K 428 0 ifgroup 63 2K 2K 166960K 854 0 sysctl 3 0K 0K 166960K 9 0 counters 33 17K 18K 166960K 253 0 ioctlops 0 0K 2K 166960K 1143 0 iov 0 0K 28K 166960K 1933 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1617 101K 101K 166960K 18519 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 240 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 2423 0 dirhash 12 2K 2K 166960K 528 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 17 61K 65K 166960K 18584 0 sigio 0 0K 0K 166960K 478 0 proc 58 59K 75K 166960K 2561 0 subproc 104 6K 7K 166960K 735 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 826 0 in_multi 84 6K 7K 166960K 788 0 ether_multi 1 0K 0K 166960K 19 0 mrt 1 0K 0K 166960K 7 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 247 1102K 1102K 166960K 247 0 exec 0 0K 1K 166960K 3345 0 pfkey data 0 0K 0K 166960K 10 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 572 624K 624K 166960K 172923 0 UVM aobj 131 4K 4K 166960K 139 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 353 0 NDP 14 0K 2K 166960K 352 0 temp 74 5920K 6228K 166960K 201509 0 kqueue 12 18K 26K 166960K 1150 0 SYN cache 2 1236K 1244K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 703 0 698 9 8 1 3 0 8 0 rtentry 112 803 0 708 5 1 4 4 0 8 0 unpcb 144 11451 0 11436 130 124 6 10 0 8 5 syncache 312 191 0 191 27 27 0 1 0 8 0 tcpqe 32 238 0 238 20 20 0 1 0 8 0 tcpcb 808 4051 0 4017 130 125 5 13 0 8 1 arp 88 144 0 130 1 0 1 1 0 8 0 ipq 40 57 0 56 9 8 1 1 0 8 0 ipqe 40 144 0 143 9 8 1 1 0 8 0 inpcb 336 20137 0 20100 226 214 12 18 0 8 8 nd6 104 209 0 187 1 0 1 1 0 8 0 pkpcb 40 468 0 468 13 13 0 1 0 8 0 kcovpl 48 55 0 47 1 0 1 1 0 8 0 ppxss 1160 82 0 82 16 16 0 1 0 8 0 art_heap8 4096 18 0 16 9 7 2 3 0 8 0 art_heap4 256 3168 0 2744 71 42 29 32 0 8 0 art_table 32 3186 0 2760 7 3 4 5 0 8 0 art_node 16 791 0 705 1 0 1 1 0 8 0 sysvmsgpl 40 6 0 0 1 0 1 1 0 8 0 semapl 112 2421 0 2411 1 0 1 1 0 8 0 shmpl 112 136 0 8 4 0 4 4 0 8 0 dirhash 1024 361 0 344 3 0 3 3 0 8 0 dino2pl 256 26509 0 24935 99 0 99 99 0 8 0 ffsino 240 26509 0 24935 93 0 93 93 0 8 0 nchpl 144 50574 0 50084 64 42 22 64 0 8 0 uvmvnodes 80 6740 0 0 138 0 138 138 0 8 0 vnodes 216 6740 0 0 375 0 375 375 0 8 0 namei 1024 201848 0 201847 9 8 1 3 0 8 0 vcpupl 2048 337 0 0 43 0 43 43 0 8 0 vmpool 664 347 0 10 30 1 29 29 0 8 0 kstatmem 264 468 0 440 3 1 2 3 0 8 0 scxspl 216 162594 0 162594 59 55 4 8 1 8 4 plimitpl 152 2269 0 2254 1 0 1 1 0 8 0 sigapl 424 18847 0 18781 10 2 8 8 0 8 0 futexpl 64 184654 0 184650 1 0 1 1 0 8 0 knotepl 120 159479 0 159397 25 22 3 10 0 8 0 kqueuepl 184 2689 0 2681 25 23 2 4 0 8 1 pipepl 288 3822 0 3794 75 72 3 7 0 8 0 fdescpl 432 18769 0 18741 4 0 4 4 0 8 0 filepl 120 135275 0 135034 140 128 12 19 0 8 3 lockfpl 104 6554 0 6552 12 11 1 2 0 8 0 lockfspl 48 2488 0 2486 1 0 1 1 0 8 0 sessionpl 144 71 0 55 1 0 1 1 0 8 0 pgrppl 48 2017 0 2001 1 0 1 1 0 8 0 ucredpl 104 21511 0 21497 1 0 1 1 0 8 0 zombiepl 144 18781 0 18781 2 1 1 1 0 8 1 processpl 1008 18847 0 18781 14 5 9 9 0 8 0 procpl 680 46928 0 46841 31 22 9 9 0 8 1 sosppl 168 215 0 215 19 19 0 1 0 8 0 sockpl 456 33007 0 32950 672 656 16 37 0 8 8 mcl64k 65536 769 0 769 14 13 1 1 0 8 1 mcl16k 16384 353 0 353 24 23 1 1 0 8 1 mcl12k 12288 646 0 646 23 22 1 1 0 8 1 mcl9k 9216 264 0 264 30 29 1 1 0 8 1 mcl8k 8192 1371 0 1370 11 10 1 2 0 8 0 mcl4k 4096 2216 0 2216 7 6 1 2 0 8 1 mcl2k2 2112 200 0 200 35 34 1 1 0 8 1 mcl2k 2048 107494 0 107448 73 65 8 29 0 8 1 mtagpl 96 2545 0 2375 25 20 5 12 0 8 0 mbufpl 256 345258 0 344943 952 920 32 337 0 8 0 bufpl 288 39676 0 32936 482 0 482 482 0 8 0 anonpl 24 1744356 0 1729711 156 54 102 113 0 188 0 amapchunkpl 152 552529 0 551595 141 103 38 49 0 158 0 amappl16 200 32792 0 32279 152 124 28 39 0 8 0 amappl15 192 11 0 11 2 2 0 1 0 8 0 amappl14 184 309 0 293 2 1 1 2 0 8 0 amappl13 176 19 0 18 1 0 1 1 0 8 0 amappl12 168 20109 0 20077 2 0 2 2 0 8 0 amappl11 160 56 0 46 1 0 1 1 0 8 0 amappl10 152 97 0 87 2 1 1 1 0 8 0 amappl9 144 258 0 257 1 0 1 1 0 8 0 amappl8 136 733 0 603 5 0 5 5 0 8 0 amappl7 128 330 0 306 2 0 2 2 0 8 0 amappl6 120 1131 0 1111 1 0 1 1 0 8 0 amappl5 112 451 0 443 1 0 1 1 0 8 0 amappl4 104 916 0 887 2 1 1 2 0 8 0 amappl3 96 107897 0 107785 8 5 3 4 0 8 0 amappl2 88 20112 0 20032 3 1 2 3 0 8 0 amappl1 80 78550 0 78040 22 11 11 22 0 8 0 amappl 88 171503 0 171209 11 3 8 8 0 92 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 138 0 8 3 0 3 3 0 8 0 uaddrrnd 24 19116 0 18751 3 0 3 3 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 19116 0 18751 3 0 3 3 0 8 0 vmmpekpl 168 125820 0 125709 6 0 6 6 0 8 0 vmmpepl 168 1102432 0 1099301 430 276 154 159 0 357 8 vmsppl 368 19115 0 18751 35 1 34 34 0 8 0 rwobjpl 24 255975 0 247430 55 3 52 52 0 8 0 pdppl 4096 38238 0 37839 947 547 400 402 0 8 1 pvpl 32 4699421 0 4679237 440 267 173 321 0 265 0 pmappl 216 19115 0 18751 21 0 21 21 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 3364 0 2104 47 9 38 38 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff8000378f0de0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff8000378f0de0,1,ffff80003791f558) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e3bd360,c0205602,ffff8000378f0de0,1,fffffd807f7d7618,ffff80003791f558) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8067c7b878,c0205602,ffff8000378f0de0,ffff80003791f558) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80003791f558,ffff8000378f0ef0,ffff8000378f0f40) at sys_ioctl+0x49e syscall(ffff8000378f0fb0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x36b7f0f84e0, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff8000378f0de0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff8000378f0de0,1,ffff80003791f558) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806e3bd360,c0205602,ffff8000378f0de0,1,fffffd807f7d7618,ffff80003791f558) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8067c7b878,c0205602,ffff8000378f0de0,ffff80003791f558) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80003791f558,ffff8000378f0ef0,ffff8000378f0f40) at sys_ioctl+0x49e syscall(ffff8000378f0fb0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x36b7f0f84e0, count: -8