kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800037924df0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800037924df0,1,ffff80002db71d48) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806fdc60d8,c0205602,ffff800037924df0,1,fffffd807f7d7478,ffff80002db71d48) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8070a9f720,c0205602,ffff800037924df0,ffff80002db71d48) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002db71d48,ffff800037924f00,ffff800037924f50) at sys_ioctl+0x49e syscall(ffff800037924fc0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x415501f0ec0, count: -8 ddb> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff800037847630 rbp 0xffff800037924b40 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffffffffffc r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0xf35829f2ae552827 r11 0xa3da5c492565cbc3 r12 0xffff8000378473a8 r13 0xffff800037924a76 r14 0xffff800037847000 r15 0x246 rip 0xffffffff8186c12b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff8000379249a6 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb> show proc PROC (syz-executor.2) tid=32035 pid=80483 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002db717f8,0xffffffff82d287e0 process=0xffff800030fd8000 user=0xffff800037920000, vmspace=0xfffffd805c1cba18 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 80483 231036 95236 0 2 0 syz-executor.2 *80483 32035 95236 0 7 0x4000000 syz-executor.2 83807 494678 67168 0 2 0 syz-executor.1 83807 250808 67168 0 2 0x4000000 syz-executor.1 83807 135271 67168 0 3 0x4000080 fsleep syz-executor.1 91645 422694 48263 0 3 0x80 nanoslp syz-executor.6 91645 292819 48263 0 3 0x4000080 rest syz-executor.6 91645 284604 48263 0 3 0x4000080 bell syz-executor.6 91645 1890 48263 0 3 0x4000080 fsleep syz-executor.6 69309 99581 835 0 3 0x80 nanoslp syz-executor.4 69309 131575 835 0 3 0x4000080 fifor syz-executor.4 69309 171518 835 0 3 0x4000080 fsleep syz-executor.4 23566 222602 0 0 3 0x14200 acct acct 32860 145953 90790 0 2 0x2 syz-executor.5 67168 170935 90790 0 3 0x82 nanoslp syz-executor.1 835 143337 90790 0 3 0x82 nanoslp syz-executor.4 3239 216894 90790 0 3 0x82 piperd syz-executor.3 48263 433037 90790 0 3 0x82 nanoslp syz-executor.6 11463 479209 90790 0 3 0x82 piperd syz-executor.7 95236 351163 90790 0 3 0x82 nanoslp syz-executor.2 91531 266155 0 0 3 0x14200 bored sosplice 31282 502168 0 0 3 0x14280 nfsidl nfsio 59658 410611 0 0 3 0x14280 nfsidl nfsio 49525 280610 0 0 3 0x14280 nfsidl nfsio 47882 516869 0 0 3 0x14280 nfsidl nfsio 75813 291820 0 0 3 0x14280 nfsidl nfsio 33327 295082 0 0 3 0x14280 nfsidl nfsio 63741 520049 0 0 3 0x14280 nfsidl nfsio 95223 92249 0 0 3 0x14280 nfsidl nfsio 69656 436208 0 0 3 0x14280 nfsidl nfsio 58982 349084 0 0 3 0x14280 nfsidl nfsio 61385 435636 0 0 3 0x14280 nfsidl nfsio 81030 91701 0 0 3 0x14280 nfsidl nfsio 90104 483666 0 0 3 0x14280 nfsidl nfsio 49336 486001 0 0 3 0x14280 nfsidl nfsio 29975 483618 0 0 3 0x14280 nfsidl nfsio 59717 476602 0 0 3 0x14280 nfsidl nfsio 64141 30922 0 0 3 0x14280 nfsidl nfsio 2722 267389 0 0 3 0x14280 nfsidl nfsio 42610 505233 0 0 3 0x14280 nfsidl nfsio 39537 116243 0 0 3 0x14280 nfsidl nfsio 21612 63717 90790 0 3 0x82 piperd syz-executor.0 90790 400676 82678 0 3 0x2000082 kqread syz-fuzzer 90790 217976 82678 0 3 0x6000082 nanoslp syz-fuzzer 90790 374894 82678 0 3 0x6000082 wait syz-fuzzer 90790 361151 82678 0 3 0x6000082 wait syz-fuzzer 90790 440625 82678 0 3 0x6000082 thrsleep syz-fuzzer 90790 219255 82678 0 3 0x6000082 wait syz-fuzzer 90790 486317 82678 0 3 0x6000082 wait syz-fuzzer 90790 231911 82678 0 3 0x6000082 thrsleep syz-fuzzer 90790 374701 82678 0 3 0x6000082 wait syz-fuzzer 90790 210633 82678 0 3 0x6000082 thrsleep syz-fuzzer 90790 150999 82678 0 3 0x6000082 wait syz-fuzzer 90790 248520 82678 0 3 0x6000082 thrsleep syz-fuzzer 90790 466386 82678 0 3 0x6000082 wait syz-fuzzer 90790 293782 82678 0 3 0x6000082 wait syz-fuzzer 82678 129526 7205 0 3 0x10008a sigsusp ksh 7205 228210 60735 0 3 0x9a kqread sshd 97319 186664 1 0 3 0x100083 ttyopn getty 60735 234436 1 0 3 0x88 kqread sshd 8113 257521 22823 73 3 0x1100090 kqread syslogd 22823 174588 1 0 3 0x100082 netio syslogd 32437 14532 1 0 3 0x100080 kqread resolvd 57374 186129 93530 77 3 0x100092 kqread dhcpleased 31586 144367 93530 77 3 0x100092 kqread dhcpleased 93530 35496 1 0 3 0x80 kqread dhcpleased 57638 199289 0 0 3 0x14200 bored smr 99218 452922 0 0 2 0x14200 zerothread 32268 131288 0 0 3 0x14200 aiodoned aiodoned 36287 260100 0 0 3 0x14200 syncer update 31770 440851 0 0 3 0x14200 cleaner cleaner 87391 276042 0 0 3 0x14200 reaper reaper 86139 360087 0 0 3 0x14200 pgdaemon pagedaemon 72445 362250 0 0 3 0x14200 bored viomb 36576 291757 0 0 3 0x40014200 acpi0 acpi0 83185 505414 0 0 3 0x14200 bored softnet3 36240 236746 0 0 3 0x14200 bored softnet2 57219 464169 0 0 3 0x14200 bored softnet1 98702 134037 0 0 3 0x14200 bored softnet0 26237 129506 0 0 3 0x14200 bored systqmp 7411 224030 0 0 3 0x14200 bored systq 63125 86815 0 0 3 0x40014200 tmoslp softclock 69091 273726 0 0 3 0x40014200 idle0 1 183530 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10219 6422K 6944K 166960K 20132 0 pcb 13 18K 20K 166960K 286 0 rtable 233 15K 16K 166960K 1109 0 pf 33 9K 10K 166960K 221 0 ifaddr 43 12K 12K 166960K 173 0 ifgroup 58 2K 2K 166960K 346 0 sysctl 3 0K 0K 166960K 3 0 counters 32 17K 17K 166960K 108 0 ioctlops 0 0K 2K 166960K 1835 0 iov 0 0K 18K 166960K 1559 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1532 96K 96K 166960K 5293 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 135 0 VM map 2 1K 1K 166960K 2 0 sem 11 1K 1K 166960K 14 0 dirhash 12 2K 2K 166960K 36 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 14 49K 73K 166960K 7576 0 sigio 0 0K 0K 166960K 1321 0 proc 58 59K 75K 166960K 1076 0 subproc 104 6K 6K 166960K 273 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 199 0 in_multi 94 6K 7K 166960K 326 0 ether_multi 1 0K 0K 166960K 11 0 mrt 1 0K 0K 166960K 2 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 241 1076K 1076K 166960K 241 0 exec 0 0K 1K 166960K 1948 0 tdb 3 0K 0K 166960K 3 0 pagedep 1 8K 8K 166960K 1 0 inodedep 1 32K 32K 166960K 1 0 newblk 1 0K 0K 166960K 1 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 426 310K 314K 166960K 71364 0 UVM aobj 131 4K 4K 166960K 132 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 73 0 NDP 13 0K 1K 166960K 135 0 temp 74 5920K 6039K 166960K 135117 0 kqueue 12 18K 26K 166960K 447 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 346 0 343 6 5 1 3 0 8 0 rtentry 112 320 0 215 4 0 4 4 0 8 0 unpcb 144 10751 0 10736 65 64 1 6 0 8 0 syncache 312 76 0 76 16 15 1 1 0 8 1 tcpqe 32 219 0 219 12 11 1 1 0 8 1 tcpcb 808 3163 0 3147 82 79 3 16 0 8 1 arp 88 54 0 38 1 0 1 1 0 8 0 ipq 40 5 0 5 3 3 0 1 0 8 0 ipqe 40 20 0 20 3 3 0 1 0 8 0 inpcb 336 10751 0 10731 103 95 8 16 0 8 5 nd6 104 77 0 53 1 0 1 1 0 8 0 pkpcb 40 88 0 88 4 4 0 1 0 8 0 kcovpl 48 21 0 13 1 0 1 1 0 8 0 ppxss 1160 26 0 26 8 8 0 1 0 8 0 art_heap8 4096 4 0 3 3 2 1 3 0 8 0 art_heap4 256 1284 0 816 50 19 31 31 0 8 0 art_table 32 1288 0 819 4 0 4 4 0 8 0 art_node 16 313 0 217 1 0 1 1 0 8 0 sysvmsgpl 40 7 0 6 1 0 1 1 0 8 0 semapl 112 9 0 0 1 0 1 1 0 8 0 shmpl 112 129 0 1 4 0 4 4 0 8 0 dirhash 1024 33 0 16 3 0 3 3 0 8 0 dino2pl 256 11475 0 9663 114 0 114 114 0 8 0 ffsino 240 11475 0 9663 107 0 107 107 0 8 0 nchpl 144 21799 0 21241 63 41 22 63 0 8 0 uvmvnodes 80 7308 0 0 150 0 150 150 0 8 0 vnodes 216 7308 0 0 406 0 406 406 0 8 0 namei 1024 75075 0 75074 7 6 1 3 0 8 0 vcpupl 2048 138 0 0 18 0 18 18 0 8 0 vmpool 664 182 0 44 12 0 12 12 0 8 0 kstatmem 264 178 0 152 2 0 2 2 0 8 0 scxspl 216 73707 0 73707 22 21 1 8 1 8 1 plimitpl 152 420 0 405 1 0 1 1 0 8 0 sigapl 424 7869 0 7806 8 0 8 8 0 8 0 futexpl 64 100375 0 100372 1 0 1 1 0 8 0 knotepl 120 81721 0 81640 10 7 3 10 0 8 0 kqueuepl 184 1360 0 1352 21 20 1 4 0 8 0 pipepl 288 3328 0 3300 67 64 3 11 0 8 0 fdescpl 432 7830 0 7805 4 0 4 4 0 8 0 filepl 120 59937 0 59697 91 81 10 17 0 8 1 lockfpl 104 2205 0 2203 5 4 1 2 0 8 0 lockfspl 48 865 0 863 1 0 1 1 0 8 0 sessionpl 144 36 0 20 1 0 1 1 0 8 0 pgrppl 48 368 0 352 1 0 1 1 0 8 0 ucredpl 104 5673 0 5657 1 0 1 1 0 8 0 zombiepl 144 7806 0 7806 2 1 1 1 0 8 1 processpl 1008 7869 0 7806 10 1 9 9 0 8 0 procpl 680 18944 0 18860 18 10 8 10 0 8 0 sosppl 168 81 0 78 4 3 1 1 0 8 0 sockpl 456 21996 0 21958 387 373 14 30 0 8 7 mcl64k 65536 248 0 248 14 13 1 1 0 8 1 mcl16k 16384 117 0 117 14 13 1 1 0 8 1 mcl12k 12288 236 0 236 17 16 1 1 0 8 1 mcl9k 9216 83 0 83 14 13 1 1 0 8 1 mcl8k 8192 487 0 487 12 11 1 1 0 8 1 mcl4k 4096 1197 0 1197 7 6 1 2 0 8 1 mcl2k2 2112 521 0 521 8 7 1 1 0 8 1 mcl2k 2048 81989 0 81928 54 44 10 31 0 8 0 mtagpl 96 883 0 540 17 8 9 9 0 8 0 mbufpl 256 247972 0 247503 1025 989 36 424 0 8 0 bufpl 288 19532 0 12125 530 0 530 530 0 8 0 anonpl 24 837161 0 823354 187 84 103 115 0 188 0 amapchunkpl 152 227755 0 226921 96 53 43 47 0 158 6 amappl16 200 16639 0 16162 78 52 26 39 0 8 0 amappl15 192 12 0 12 2 2 0 1 0 8 0 amappl14 184 187 0 173 2 1 1 2 0 8 0 amappl13 176 10 0 10 1 1 0 1 0 8 0 amappl12 168 8646 0 8618 2 0 2 2 0 8 0 amappl11 160 85 0 75 1 0 1 1 0 8 0 amappl10 152 35 0 26 2 1 1 1 0 8 0 amappl9 144 166 0 165 1 0 1 1 0 8 0 amappl8 136 385 0 292 4 0 4 4 0 8 0 amappl7 128 218 0 194 2 0 2 2 0 8 0 amappl6 120 497 0 489 1 0 1 1 0 8 0 amappl5 112 221 0 212 1 0 1 1 0 8 0 amappl4 104 566 0 543 2 1 1 2 0 8 0 amappl3 96 44939 0 44852 3 0 3 3 0 8 0 amappl2 88 8604 0 8532 3 1 2 3 0 8 0 amappl1 80 37658 0 37157 22 11 11 22 0 8 0 amappl 88 70554 0 70309 8 1 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 131 0 1 3 0 3 3 0 8 0 uaddrrnd 24 8012 0 7849 2 0 2 2 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 8012 0 7849 2 0 2 2 0 8 0 vmmpekpl 168 61786 0 61710 5 1 4 4 0 8 0 vmmpepl 168 468636 0 466295 231 116 115 126 0 357 0 vmsppl 368 8011 0 7849 16 0 16 16 0 8 0 rwobjpl 24 118699 0 109723 56 1 55 55 0 8 0 pdppl 4096 16030 0 15836 498 296 202 202 0 8 8 pvpl 32 2276283 0 2256922 501 295 206 351 0 265 27 pmappl 216 8011 0 7849 10 0 10 10 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 2761 0 1664 40 8 32 40 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800037924df0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800037924df0,1,ffff80002db71d48) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806fdc60d8,c0205602,ffff800037924df0,1,fffffd807f7d7478,ffff80002db71d48) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8070a9f720,c0205602,ffff800037924df0,ffff80002db71d48) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002db71d48,ffff800037924f00,ffff800037924f50) at sys_ioctl+0x49e syscall(ffff800037924fc0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x415501f0ec0, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800037924df0) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800037924df0,1,ffff80002db71d48) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd806fdc60d8,c0205602,ffff800037924df0,1,fffffd807f7d7478,ffff80002db71d48) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8070a9f720,c0205602,ffff800037924df0,ffff80002db71d48) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002db71d48,ffff800037924f00,ffff800037924f50) at sys_ioctl+0x49e syscall(ffff800037924fc0) at syscall+0x543 sys/arch/amd64/amd64/trap.c:606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x415501f0ec0, count: -8