kernel: protection fault trap, code=0 Stopped at ktrops+0x4f: movq 0x8(%r14),%r14 ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic the kernel did not panic ddb{1}> trace ktrops(ffff80002a20c020,deaf4152deaf4152,0,80000012,fffffd8057424970,fffffd807f7d7820) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a20c020,deaf4152deaf4152,0,80000012,fffffd8057424970,fffffd807f7d7820) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd8057424970,4,12,0,ffff80002a20c020) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd8057424970,4,12,0,ffff80002a20c020) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a20c020,ffff800033f49390,ffff800033f492e0) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff800033f49390) at syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff800033f49390) at syscall+0x854 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc9c9eb68240, count: -5 ddb{1}> show registers rdi 0xffff80002e986000 rsi 0x10e3 __ALIGN_SIZE+0xe3 rbp 0xffff800033f490b0 rbx 0xfffffd807f7d7820 rdx 0xffff80002e986000 rcx 0x10e2 __ALIGN_SIZE+0xe2 rax 0xffffffff818c7733 ktrops+0x43 r8 0xfffffd8057424970 r9 0xfffffd807f7d7820 r10 0x403a3a79d7a46c85 r11 0xfa7e333bde2b684c r12 0xffff80002a20c020 r13 0xdeaf4152deaf4152 r14 0xdeaf4152deaf4152 r15 0x80000012 __kernel_virt_to_phys+0x12 rip 0xffffffff818c773f ktrops+0x4f cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800033f49030 ss 0x10 ktrops+0x4f: movq 0x8(%r14),%r14 ddb{1}> show proc PROC (syz-executor.3) tid=187014 pid=74141 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=17, usrpri=83, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002bcaad10,0xffff80002a20cf90 process=0xffff80002a15ac68 user=0xffff800033f44000, vmspace=0xfffffd8008b8e6e0 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 54307 227043 26820 0 2 0x8000000 syz-executor.1 74141 336501 56672 0 2 0x8000000 syz-executor.3 *74141 187014 56672 0 7 0xc000000 syz-executor.3 21765 81259 90973 0 2 0x8000000 syz-executor.0 21765 421507 90973 0 2 0xc000000 syz-executor.0 76148 214110 37529 0 2 0x8000000 syz-executor.6 76148 455166 37529 0 3 0xc000080 rest syz-executor.6 38460 470981 37673 0 2 0x8000000 syz-executor.2 16754 339455 62003 0 3 0x8000080 nanoslp syz-executor.5 16754 304167 62003 0 3 0xc000080 sbwait syz-executor.5 16754 514780 62003 0 3 0xc000080 fsleep syz-executor.5 56672 434199 32292 0 3 0x8000082 nanoslp syz-executor.3 47016 227093 32292 0 2 0x8000482 syz-executor.4 62003 249414 32292 0 2 0x8000002 syz-executor.5 37529 32412 32292 0 3 0x8000082 nanoslp syz-executor.6 90973 114794 32292 0 3 0x8000082 nanoslp syz-executor.0 26820 519070 32292 0 2 0x8000002 syz-executor.1 56805 430225 1 0 3 0x18100083 ttyin getty 37673 50254 32292 0 3 0x8000082 nanoslp syz-executor.2 24475 418947 32292 0 7 0x8000002 syz-executor.7 62317 81709 0 0 3 0x14200 acct acct 79065 475183 0 0 3 0x14200 bored sosplice 32292 52138 27387 0 3 0x1a000082 thrsleep syz-fuzzer 32292 420226 27387 0 3 0x1e000082 nanoslp syz-fuzzer 32292 195904 27387 0 3 0x1e000082 thrsleep syz-fuzzer 32292 405524 27387 0 3 0x1e000082 wait syz-fuzzer 32292 162812 27387 0 3 0x1e000082 wait syz-fuzzer 32292 410535 27387 0 3 0x1e000082 thrsleep syz-fuzzer 32292 201521 27387 0 2 0x1e000082 syz-fuzzer 32292 356693 27387 0 3 0x1e000082 wait syz-fuzzer 32292 19678 27387 0 3 0x1e000082 thrsleep syz-fuzzer 32292 68125 27387 0 3 0x1e000082 wait syz-fuzzer 32292 69515 27387 0 3 0x1e000082 thrsleep syz-fuzzer 32292 175436 27387 0 3 0x1e000082 wait syz-fuzzer 32292 237322 27387 0 3 0x1e000082 wait syz-fuzzer 32292 218360 27387 0 3 0x1e000082 wait syz-fuzzer 32292 455167 27387 0 3 0x1e000082 wait syz-fuzzer 32292 479209 27387 0 3 0x1e000082 thrsleep syz-fuzzer 27387 249534 10776 0 3 0x810008a sigsusp ksh 10776 224111 57049 0 3 0x1800009a kqread sshd 57049 228076 1 0 3 0x18000088 kqread sshd 29296 478286 13150 73 3 0x19100090 kqread syslogd 13150 4327 1 0 3 0x18100082 sbwait syslogd 62054 469030 1 0 3 0x18100080 kqread resolvd 27398 33274 0 0 3 0x14200 bored smr 44757 402423 0 0 2 0x14200 zerothread 49064 253598 0 0 3 0x14200 aiodoned aiodoned 1114 21996 0 0 3 0x14200 syncer update 23425 372490 0 0 3 0x14200 cleaner cleaner 38930 259297 0 0 3 0x14200 reaper reaper 55552 105450 0 0 3 0x14200 pgdaemon pagedaemon 71073 105405 0 0 3 0x14200 bored viomb 68936 477823 0 0 3 0x40014200 acpi0 acpi0 82159 467022 0 0 3 0x40014200 idle1 70444 330767 0 0 3 0x14200 bored softnet3 13565 188868 0 0 3 0x14200 bored softnet2 74249 432463 0 0 3 0x14200 bored softnet1 9583 238067 0 0 3 0x14200 bored softnet0 70928 259726 0 0 3 0x14200 bored systqmp 98232 66882 0 0 3 0x14200 bored systq 89170 206824 0 0 3 0x14200 tmoslp softclockmp 68048 307642 0 0 3 0x40014200 tmoslp softclock 2848 128567 0 0 3 0x40014200 idle0 1 440714 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 74141 (syz-executor.3) thread 0xffff80002a20c020 (187014) Process 24475 (syz-executor.7) thread 0xffff80002bcab230 (418947) ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10186 6502K 7015K 166960K 13533 0 pcb 19 12K 12K 166960K 518 0 rtable 182 13K 15K 166960K 1943 0 pf 29 8K 10K 166960K 280 0 ifaddr 41 15K 17K 166960K 292 0 ifgroup 50 2K 2K 166960K 472 0 sysctl 4 1K 2K 166960K 22 0 counters 64 36K 37K 166960K 264 0 ioctlops 0 0K 4K 166960K 1687 0 iov 0 0K 18K 166960K 261 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1493 94K 94K 166960K 3610 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 80 0 VM map 2 1K 1K 166960K 2 0 sem 20 1K 1K 166960K 221 0 dirhash 12 2K 3K 166960K 54 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 85K 166960K 3858 0 sigio 1 0K 0K 166960K 95 0 proc 52 54K 128K 166960K 1944 0 subproc 104 6K 7K 166960K 665 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 490 0 in_multi 63 4K 7K 166960K 681 0 ether_multi 1 0K 0K 166960K 20 0 mrt 1 0K 0K 166960K 12 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 127 572K 572K 166960K 127 0 exec 0 0K 1K 166960K 1349 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 250 156K 174K 166960K 34571 0 UVM aobj 52 4K 6K 166960K 57 0 pinsyscall 30 60K 100K 166960K 6150 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 397 0 NDP 11 0K 2K 166960K 212 0 temp 79 6816K 6948K 166960K 121273 0 kqueue 6 10K 28K 166960K 554 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 458 0 456 3 2 1 3 0 8 0 rtentry 112 671 0 590 5 1 4 4 0 8 0 unpcb 144 2630 0 2624 1 0 1 1 0 8 0 syncache 336 10 0 10 7 6 1 1 0 8 1 tcpqe 32 38 0 38 1 1 0 1 0 8 0 tcpcb 808 944 0 938 11 10 1 2 0 8 0 arp 120 119 0 103 1 0 1 1 0 8 0 inpcb 384 3686 0 3677 24 22 2 8 0 8 0 nd6 136 175 0 161 1 0 1 1 0 8 0 pkpcb 40 15 0 15 10 9 1 1 0 8 1 kcovpl 48 51 0 43 1 0 1 1 0 8 0 ppxss 1168 14 0 14 11 11 0 1 0 8 0 pffrag 232 37 0 36 2 1 1 1 0 482 0 pffrnode 88 35 0 34 2 1 1 1 0 8 0 pffrent 40 230 0 229 2 1 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 302 0 268 1 0 1 1 0 8 0 pfstkey 128 302 0 268 3 1 2 2 0 8 0 pfstate 376 302 0 268 9 4 5 6 0 8 0 pfrule 1344 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2494 0 2173 51 24 27 30 0 8 3 art_table 32 2495 0 2173 4 0 4 4 0 8 0 art_node 16 657 0 587 1 0 1 1 0 8 0 sysvmsgpl 40 16 0 8 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 215 0 197 1 0 1 1 0 8 0 shmpl 112 54 0 5 2 0 2 2 0 8 0 dirhash 1024 45 0 28 3 0 3 3 0 8 0 dino2pl 256 7367 0 5828 97 0 97 97 0 8 0 ffsino 272 7367 0 5828 103 0 103 103 0 8 0 nchpl 144 13124 0 12534 67 41 26 67 0 8 0 uvmvnodes 80 8763 0 0 179 0 179 179 0 8 0 vnodes 216 8763 0 0 487 0 487 487 0 8 0 namei 1024 45904 0 45903 11 10 1 2 0 8 0 percpumem 16 146 0 100 1 0 1 1 0 8 0 vcpupl 3904 18 0 2 2 0 2 2 0 8 0 vmpool 696 25 0 9 2 0 2 2 0 8 0 kstatmem 264 222 0 200 2 0 2 2 0 8 0 scsiplug 72 9 0 9 6 5 1 1 0 8 1 scxspl 216 81596 0 81596 27 25 2 8 1 8 2 plimitpl 152 558 0 542 1 0 1 1 0 8 0 sigapl 424 4105 0 4060 8 1 7 8 0 8 0 futexpl 64 55493 0 55492 13 12 1 1 0 8 0 knotepl 120 865 0 0 19 0 19 19 0 8 0 kqueuepl 216 1097 0 1092 1 0 1 1 0 8 0 pipepl 320 688 0 660 3 0 3 3 0 8 0 fdescpl 496 4065 0 4041 7 2 5 5 0 8 0 filepl 152 25547 0 25319 22 12 10 16 0 8 0 lockfpl 104 973 0 968 1 0 1 1 0 8 0 lockfspl 48 422 0 417 1 0 1 1 0 8 0 sessionpl 144 69 0 54 1 0 1 1 0 8 0 pgrppl 48 141 0 126 1 0 1 1 0 8 0 ucredpl 104 4975 0 4963 1 0 1 1 0 8 0 zombiepl 144 4061 0 4060 2 1 1 1 0 8 0 processpl 1136 4105 0 4060 6 2 4 6 0 8 0 procpl 656 8015 0 7950 9 2 7 9 0 8 0 srpgc 96 40 0 40 12 11 1 1 0 8 1 sosppl 168 47 0 47 14 13 1 1 0 8 1 sockpl 664 6845 0 6828 40 36 4 9 0 8 1 mcl64k 65536 4 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 7 0 0 1 0 1 1 0 8 0 mcl4k 4096 5 0 0 1 0 1 1 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 493 0 0 41 7 34 41 0 8 0 mtagpl 96 13 0 0 1 0 1 1 0 8 0 mbufpl 256 1361 0 0 65 1 64 64 0 8 0 bufpl 280 16022 0 6505 681 0 681 681 0 8 0 anonpl 24 672837 0 667161 170 99 71 100 0 186 1 amapchunkpl 152 115718 0 115125 102 65 37 50 0 158 5 amappl16 200 14849 0 14718 98 78 20 24 0 8 8 amappl15 192 12 0 12 4 4 0 1 0 8 0 amappl14 184 394 0 381 3 1 2 2 0 8 0 amappl13 176 13 0 13 1 1 0 1 0 8 0 amappl12 168 5417 0 5390 2 0 2 2 0 8 0 amappl11 160 54 0 50 1 0 1 1 0 8 0 amappl10 152 86 0 76 1 0 1 1 0 8 0 amappl9 144 167 0 166 1 0 1 1 0 8 0 amappl8 136 318 0 281 2 0 2 2 0 8 0 amappl7 128 61 0 45 1 0 1 1 0 8 0 amappl6 120 974 0 963 2 1 1 2 0 8 0 amappl5 112 343 0 334 1 0 1 1 0 8 0 amappl4 104 944 0 913 3 1 2 3 0 8 0 amappl3 96 21266 0 21205 3 0 3 3 0 8 0 amappl2 88 4578 0 4529 4 2 2 4 0 8 0 amappl1 80 23734 0 23342 23 11 12 22 0 8 0 amappl 88 33422 0 33253 7 1 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 56 0 5 1 0 1 1 0 8 0 uaddrrnd 24 4090 0 4050 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 4090 0 4050 1 0 1 1 0 8 0 vmmpekpl 168 32255 0 32195 4 0 4 4 0 8 0 vmmpepl 168 266438 0 264838 163 77 86 114 0 357 0 vmsppl 440 4089 0 4050 7 1 6 6 0 8 0 rwobjpl 56 75384 0 65651 145 7 138 138 0 8 0 pdppl 4096 8187 0 8116 272 197 75 87 0 8 4 pvpl 32 48680 0 0 393 0 393 393 0 265 0 pmappl 248 4089 0 4050 4 1 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 680 0 268 13 0 13 13 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp ddb{0}> trace x86_ipi_db(ffffffff82c8eff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff82e384d8) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82e384d8) at __mp_lock+0x122 sys/kern/kern_lock.c:147 __mp_acquire_count(ffffffff82e384d8,1) at __mp_acquire_count+0x48 sys/kern/kern_lock.c:227 mi_switch() at mi_switch+0x491 sys/kern/sched_bsd.c:470 sleep_finish(0,1) at sleep_finish+0x19a sys/kern/kern_synch.c:417 rw_enter(fffffd806f768e68,1) at rw_enter+0x29d sys/kern/kern_rwlock.c:285 rrw_enter(fffffd806f768e68,1) at rrw_enter+0x91 sys/kern/kern_rwlock.c:464 VOP_LOCK(fffffd8057424100,1) at VOP_LOCK+0x8b sys/kern/vfs_vops.c:518 vn_lock(fffffd8057424100,1) at vn_lock+0x85 sys/kern/vfs_vnops.c:564 vget(fffffd8057424100,1) at vget+0x1fd sys/kern/vfs_subr.c:676 cache_lookup(fffffd8057424898,ffff80002d6dd528,ffff80002d6dd558) at cache_lookup+0x2b3 sys/kern/vfs_cache.c:222 ufs_lookup() at ufs_lookup+0x1b2 sys/ufs/ufs/ufs_lookup.c:160 VOP_LOOKUP(fffffd8057424898,ffff80002d6dd528,ffff80002d6dd558) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff80002d6dd4f8) at vfs_lookup+0x6f8 sys/kern/vfs_lookup.c:566 namei(ffff80002d6dd4f8) at namei+0x56a sys/kern/vfs_lookup.c:250 dofstatat(ffff80002bcab230,ffffff9c,79fc68d2f390,79fc68d2f790,2) at dofstatat+0xae sys/kern/vfs_syscalls.c:2073 syscall(ffff80002d6dd770) at syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff80002d6dd770) at syscall+0x854 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x79fc68d2f840, count: -20 ddb{0}> machine ddbcpu 1 Stopped at ktrops+0x4f: movq 0x8(%r14),%r14 ddb{1}> trace ktrops(ffff80002a20c020,deaf4152deaf4152,0,80000012,fffffd8057424970,fffffd807f7d7820) at ktrops+0x4f ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a20c020,deaf4152deaf4152,0,80000012,fffffd8057424970,fffffd807f7d7820) at ktrops+0x4f sys/kern/kern_ktrace.c:561 doktrace(fffffd8057424970,4,12,0,ffff80002a20c020) at doktrace+0x514 ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd8057424970,4,12,0,ffff80002a20c020) at doktrace+0x514 sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a20c020,ffff800033f49390,ffff800033f492e0) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:549 syscall(ffff800033f49390) at syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff800033f49390) at syscall+0x854 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc9c9eb68240, count: -5