kernel: protection fault trap, code=0 Stopped at bpfdetach+0x40: movq 0(%r15),%r12 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace bpfdetach(ffff8000015eb800) at bpfdetach+0x40 sys/net/bpf.c:1770 if_detach(ffff8000015eb800) at if_detach+0x12b sys/net/if.c:1289 tun_clone_destroy(ffff8000015eb800) at tun_clone_destroy+0x2a2 sys/net/if_tun.c:347 if_clone_destroy(ffff80002f0bf780) at if_clone_destroy+0x1d5 sys/net/if.c:1479 sys_ioctl(ffff80003c92f4e8,ffff80002f0bf950,ffff80002f0bf8a0) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002f0bf950) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002f0bf950) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3e94a5a65f0, count: -7 ddb> show registers rdi 0xffff8000364ec000 rsi 0x12397 __ALIGN_SIZE+0x11397 rbp 0xffff80002f0bf670 rbx 0 rdx 0xffff8000364ec000 rcx 0x12396 __ALIGN_SIZE+0x11396 rax 0xffffffff816e2559 bpfdetach+0x89 r8 0 r9 0 r10 0xf6d771d8b0b2c436 r11 0x6ceee62d6b753c40 r12 0xdeaf0002deafbead r13 0xffff8000015ebd80 r14 0xffff8000015eb800 r15 0xdeaf0002deafbead rip 0xffffffff816e2510 bpfdetach+0x40 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002f0bf640 ss 0x10 bpfdetach+0x40: movq 0(%r15),%r12 ddb> show proc PROC (syz-executor) tid=100624 pid=63804 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=53, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c92e7f0,0xffff80003c92e038 process=0xffff8000314c6418 user=0xffff80002f0ba000, vmspace=0xfffffd806cb1e010 estcpu=3, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 76645 379236 8504 0 2 0 syz-executor 76645 106721 8504 0 3 0x4000080 fsleep syz-executor 76645 121771 8504 0 3 0x4000080 fsleep syz-executor 41524 475274 11351 0 3 0x80 nanoslp syz-executor 41524 436339 11351 0 3 0x4000080 kqpoll syz-executor 41524 307566 11351 0 3 0x4000080 fsleep syz-executor 28635 482759 1161 0 2 0 syz-executor 28635 499441 1161 0 3 0x4000080 fsleep syz-executor 42680 349334 68902 0 2 0 syz-executor 42680 501909 68902 0 3 0x4000080 fsleep syz-executor 42680 235863 68902 0 2 0x4000000 syz-executor 63804 378882 22991 0 3 0x80 nanoslp syz-executor *63804 100624 22991 0 7 0x4000000 syz-executor 52399 298620 33773 0 2 0 syz-executor 52399 459924 33773 0 2 0x4000000 syz-executor 52399 152832 33773 0 3 0x4000080 fsleep syz-executor 85161 357723 25085 0 4 0x82015 syz-executor 85161 486717 25085 0 4 0x4082015 syz-executor 85161 201746 25085 0 2 0x4002015 syz-executor 46437 319860 0 0 3 0x14280 nfsidl nfsio 89620 340237 0 0 3 0x14280 nfsidl nfsio 85233 3807 0 0 3 0x14280 nfsidl nfsio 58784 441290 0 0 3 0x14280 nfsidl nfsio 39587 460583 0 0 3 0x14280 nfsidl nfsio 42887 101101 0 0 3 0x14280 nfsidl nfsio 92668 427227 0 0 3 0x14280 nfsidl nfsio 44989 376512 0 0 3 0x14280 nfsidl nfsio 47101 511700 0 0 3 0x14280 nfsidl nfsio 46643 121252 0 0 3 0x14280 nfsidl nfsio 85715 278692 0 0 3 0x14280 nfsidl nfsio 44603 163110 0 0 3 0x14280 nfsidl nfsio 46082 165022 0 0 3 0x14280 nfsidl nfsio 21418 427804 0 0 3 0x14280 nfsidl nfsio 5121 330937 0 0 3 0x14280 nfsidl nfsio 40711 177986 0 0 3 0x14280 nfsidl nfsio 44773 481941 0 0 3 0x14280 nfsidl nfsio 93647 17307 0 0 3 0x14280 nfsidl nfsio 94048 248296 0 0 3 0x14280 nfsidl nfsio 34748 454139 0 0 3 0x14280 nfsidl nfsio 22991 99825 34347 0 3 0x82 nanoslp syz-executor 1161 516330 34347 0 3 0x82 nanoslp syz-executor 85289 50327 34347 0 3 0x82 nanoslp syz-executor 8504 236880 34347 0 3 0x82 nanoslp syz-executor 25085 331958 34347 0 3 0x82 nanoslp syz-executor 33773 23375 34347 0 3 0x82 nanoslp syz-executor 68902 140695 34347 0 3 0x82 nanoslp syz-executor 11351 309079 34347 0 3 0x82 nanoslp syz-executor 34347 123548 42078 0 3 0x82 kqread syz-executor 42078 261384 10136 0 3 0x10008a sigsusp ksh 10136 517924 6710 0 3 0x98 kqread sshd-session 6710 207886 43276 0 3 0x92 kqread sshd-session 57404 454301 1 0 3 0x100083 ttyin getty 43276 286243 1 0 3 0x88 kqread sshd 20902 237089 44058 73 3 0x1100090 kqread syslogd 44058 469651 1 0 3 0x100082 sbwait syslogd 95793 345179 1 0 3 0x100080 kqread resolvd 11335 149538 5998 77 3 0x100092 kqread dhcpleased 10560 34064 5998 77 3 0x100092 kqread dhcpleased 5998 366842 1 0 3 0x80 kqread dhcpleased 92685 282547 0 0 3 0x14200 bored smr 54270 109006 0 0 2 0x14200 zerothread 91164 228187 0 0 3 0x14200 aiodoned aiodoned 32430 342292 0 0 3 0x14200 syncer update 87721 203731 0 0 3 0x14200 cleaner cleaner 70192 131279 0 0 2 0x14200 reaper 20040 171246 0 0 3 0x14200 pgdaemon pagedaemon 43512 81897 0 0 3 0x14200 bored viomb 65843 433064 0 0 3 0x40014200 acpi0 acpi0 1774 312184 0 0 3 0x14200 bored softnet0 77347 337931 0 0 3 0x14200 bored systqmp 63235 116575 0 0 3 0x14200 bored systq 43372 503619 0 0 3 0x40014200 tmoslp softclock 93732 195485 0 0 3 0x40014200 idle0 1 66986 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11039 12192K 12194K 166960K 12146 0 pcb 17 12K 12K 166960K 23 0 rtable 249 8K 8K 166960K 377 0 pf 30 12K 18K 166960K 36 0 ifaddr 42 7K 7K 166960K 45 0 ifgroup 50 2K 2K 166960K 52 0 sysctl 1 1K 9K 166960K 5 0 counters 33 17K 18K 166960K 36 0 ioctlops 0 0K 4K 166960K 41 0 iov 0 0K 12K 166960K 1 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1294 81K 82K 166960K 1380 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 1K 166960K 2 0 VM map 2 1K 1K 166960K 2 0 sem 3 0K 0K 166960K 3 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 77K 166960K 172 0 sigio 0 0K 0K 166960K 1 0 proc 59 59K 83K 166960K 497 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 2 0 in_multi 99 7K 7K 166960K 101 0 ether_multi 1 0K 0K 166960K 2 0 mrt 0 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 43 201K 201K 166960K 43 0 exec 1 0K 1K 166960K 368 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 227 163K 164K 166960K 3438 0 UVM aobj 4 2K 2K 166960K 4 0 pinsyscall 38 76K 88K 166960K 1263 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 NDP 11 0K 2K 166960K 28 0 temp 35 9062K 9130K 166960K 6733 0 kqueue 16 26K 30K 166960K 35 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 38 0 35 1 0 1 1 0 8 0 rtentry 136 112 0 1 4 0 4 4 0 8 0 unpcb 144 40 0 25 1 0 1 1 0 8 0 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 11 0 7 1 0 1 1 0 8 0 arp 96 18 0 0 1 0 1 1 0 8 0 inpcb 328 72 0 64 2 0 2 2 0 8 1 ip6q 72 33 0 33 1 0 1 1 0 8 1 ip6af 40 66 0 66 1 0 1 1 0 8 1 nd6 112 24 0 0 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 3 0 3 1 0 1 1 0 8 1 pfosfp 40 1 0 0 1 0 1 1 0 8 0 pfosfpen 112 1 0 0 1 0 1 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 458 0 0 29 0 29 29 0 8 0 art_table 40 460 0 0 5 0 5 5 0 8 0 art_node 32 112 0 11 1 0 1 1 0 8 0 sysvmsgpl 40 1 0 1 1 0 1 1 0 8 1 semapl 112 1 0 0 1 0 1 1 0 8 0 shmpl 112 1 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1620 0 154 92 0 92 92 0 8 0 ffsino 256 1620 0 154 92 0 92 92 0 8 0 nchpl 144 1868 0 167 64 0 64 64 0 8 0 vnodes 216 1718 0 0 96 0 96 96 0 8 0 namei 1024 5399 0 5398 4 2 2 2 0 8 1 kstatmem 264 25 0 2 2 0 2 2 0 8 0 scxspl 216 7246 0 7246 8 7 1 8 1 8 1 plimitpl 152 34 0 15 1 0 1 1 0 8 0 sigapl 424 485 0 422 9 1 8 8 0 8 0 knotepl 120 4426 0 4372 17 7 10 17 0 8 8 kqueuepl 184 37 0 24 1 0 1 1 0 8 0 pipepl 304 121 0 94 3 0 3 3 0 8 0 fdescpl 448 452 0 423 4 0 4 4 0 8 0 filepl 120 1552 0 1333 8 0 8 8 0 8 0 lockfpl 104 27 0 23 1 0 1 1 0 8 0 lockfspl 48 14 0 10 1 0 1 1 0 8 0 sessionpl 144 24 0 15 1 0 1 1 0 8 0 pgrppl 48 33 0 16 1 0 1 1 0 8 0 ucredpl 104 94 0 82 1 0 1 1 0 8 0 zombiepl 144 455 0 454 2 1 1 1 0 8 0 processpl 1152 485 0 422 5 0 5 5 0 8 0 procpl 664 567 0 492 7 0 7 7 0 8 0 sockpl 552 152 0 126 3 0 3 3 0 8 0 mcl64k 65536 34 0 34 1 0 1 1 0 8 1 mcl16k 16384 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 4 0 4 1 1 0 1 0 8 0 mcl4k 4096 2537 0 2486 14 6 8 14 0 8 1 mcl2k 2048 179 0 178 2 1 1 1 0 8 0 mtagpl 96 4 0 4 1 1 0 1 0 8 0 mbufpl 256 4448 0 4305 11 0 11 11 0 8 0 bufpl 280 3384 0 102 235 0 235 235 0 8 0 anonpl 24 99690 0 96548 45 0 45 45 0 187 19 amapchunkpl 152 9480 0 8999 24 0 24 24 0 158 4 amappl16 200 1910 0 1891 14 2 12 14 0 8 8 amappl15 192 5 0 5 1 1 0 1 0 8 0 amappl14 184 422 0 421 1 0 1 1 0 8 0 amappl13 176 117 0 106 1 0 1 1 0 8 0 amappl12 168 695 0 667 2 0 2 2 0 8 0 amappl11 160 2 0 2 1 1 0 1 0 8 0 amappl10 152 83 0 73 1 0 1 1 0 8 0 amappl9 144 255 0 255 1 1 0 1 0 8 0 amappl8 136 101 0 100 1 0 1 1 0 8 0 amappl7 128 147 0 135 1 0 1 1 0 8 0 amappl6 120 185 0 183 1 0 1 1 0 8 0 amappl5 112 115 0 107 1 0 1 1 0 8 0 amappl4 104 273 0 258 1 0 1 1 0 8 0 amappl3 96 1647 0 1538 4 0 4 4 0 8 1 amappl2 88 503 0 450 2 0 2 2 0 8 0 amappl1 80 9098 0 8549 13 1 12 13 0 8 0 amappl 88 2750 0 2587 5 0 5 5 0 92 1 uvmvnodes 80 97 0 0 2 0 2 2 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 3 0 0 1 0 1 1 0 8 0 uaddrrnd 24 452 0 423 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 452 0 423 1 0 1 1 0 8 0 vmmpekpl 168 5397 0 5361 2 0 2 2 0 8 0 vmmpepl 168 37214 0 35445 91 0 91 91 0 357 10 vmsppl 368 451 0 422 3 0 3 3 0 8 0 rwobjpl 40 13730 0 12791 13 0 13 13 0 8 0 pdppl 4096 910 0 844 86 20 66 72 0 8 0 pvpl 32 228074 0 219333 116 0 116 116 0 265 34 pmappl 216 451 0 422 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 350 0 33 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace bpfdetach(ffff8000015eb800) at bpfdetach+0x40 sys/net/bpf.c:1770 if_detach(ffff8000015eb800) at if_detach+0x12b sys/net/if.c:1289 tun_clone_destroy(ffff8000015eb800) at tun_clone_destroy+0x2a2 sys/net/if_tun.c:347 if_clone_destroy(ffff80002f0bf780) at if_clone_destroy+0x1d5 sys/net/if.c:1479 sys_ioctl(ffff80003c92f4e8,ffff80002f0bf950,ffff80002f0bf8a0) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002f0bf950) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002f0bf950) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3e94a5a65f0, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace bpfdetach(ffff8000015eb800) at bpfdetach+0x40 sys/net/bpf.c:1770 if_detach(ffff8000015eb800) at if_detach+0x12b sys/net/if.c:1289 tun_clone_destroy(ffff8000015eb800) at tun_clone_destroy+0x2a2 sys/net/if_tun.c:347 if_clone_destroy(ffff80002f0bf780) at if_clone_destroy+0x1d5 sys/net/if.c:1479 sys_ioctl(ffff80003c92f4e8,ffff80002f0bf950,ffff80002f0bf8a0) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002f0bf950) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002f0bf950) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3e94a5a65f0, count: -7