kernel: protection fault trap, code=0 Stopped at lf_advlock+0x2f7: incl 0x28(%r12) ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic the kernel did not panic ddb{1}> trace lf_advlock(ffff80000146d460,0,ffff80002a306a38,2,ffff80002a48b060,40) at lf_advlock+0x2f7 ls_ref sys/kern/vfs_lockf.c:138 [inline] lf_advlock(ffff80000146d460,0,ffff80002a306a38,2,ffff80002a48b060,40) at lf_advlock+0x2f7 sys/kern/vfs_lockf.c:278 VOP_ADVLOCK(fffffd80790f3a40,ffff80002a306a38,2,ffff80002a48b060,40) at VOP_ADVLOCK+0x87 sys/kern/vfs_vops.c:623 closef(fffffd80792f3678,ffff80002a2fb9d0) at closef+0x140 sys/kern/kern_descrip.c:-1 fdfree(ffff80002a2fb9d0) at fdfree+0x116 sys/kern/kern_descrip.c:1182 exit1(ffff80002a2fb9d0,0,0,1) at exit1+0x59c sys/kern/kern_exit.c:215 sys_exit(ffff80002a2fb9d0,ffff80002a48b2a0,ffff80002a48b1f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80002a48b2a0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a48b2a0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:742 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7aac88f788d0, count: -8 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff80002a48afb0 rbx 0 rdx 0xa rcx 0x9 rax 0 r8 0x44b82fa09b5a53 r9 0x1 r10 0x86431c2b563d06f6 r11 0x15e2353db6b8374e r12 0xdeafbeaddeafbead r13 0x2 r14 0xffff80000146d460 r15 0xffffffffffffffff rip 0xffffffff82e89e27 lf_advlock+0x2f7 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a48af20 ss 0x10 lf_advlock+0x2f7: incl 0x28(%r12) ddb{1}> show proc PROC (syz-executor.2) tid=450656 pid=40620 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=32, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80002a2fb9d0 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff80002a2fb220,0xffff80002a3d8fa8 process=0xffff80002a381d30 user=0xffff80002a486000, vmspace=0xfffffd80759b3b68 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 27427 480171 6238 0 2 0 syz-executor.1 27427 409110 6238 0 3 0x4000080 fsleep syz-executor.1 956 115060 72664 0 2 0 syz-executor.7 956 93464 72664 0 2 0x4000000 syz-executor.7 53834 504395 12143 0 2 0 syz-executor.3 53834 402319 12143 0 3 0x4000080 fsleep syz-executor.3 42961 235867 75696 0 2 0 syz-executor.0 42961 113721 75696 0 3 0x4000080 fsleep syz-executor.0 15551 382348 57832 0 2 0x10000c82 syz-executor.4 99061 470237 57832 0 2 0xc82 syz-executor.2 12143 43329 57832 0 3 0x82 nanoslp syz-executor.3 64208 174999 57832 0 2 0x10000c82 syz-executor.6 56508 329747 57832 0 2 0xc82 syz-executor.5 72664 499519 57832 0 3 0x82 nanoslp syz-executor.7 75696 267597 57832 0 3 0x82 nanoslp syz-executor.0 6238 79014 57832 0 3 0x82 nanoslp syz-executor.1 57832 283561 2534 0 3 0x82 wait syz-execprog 57832 42087 2534 0 3 0x4000082 thrsleep syz-execprog 57832 131394 2534 0 3 0x4000082 wait syz-execprog 57832 482275 2534 0 3 0x4000082 wait syz-execprog 57832 332408 2534 0 3 0x4000082 wait syz-execprog 57832 465254 2534 0 3 0x4000082 thrsleep syz-execprog 57832 310725 2534 0 3 0x4000082 thrsleep syz-execprog 57832 444687 2534 0 3 0x4000082 wait syz-execprog 57832 74971 2534 0 3 0x4000082 wait syz-execprog 57832 145838 2534 0 3 0x4000082 wait syz-execprog 57832 167469 2534 0 3 0x4000082 thrsleep syz-execprog 57832 419350 2534 0 3 0x4000082 wait syz-execprog 57832 454110 2534 0 3 0x4000082 thrsleep syz-execprog 57832 422158 2534 0 3 0x4000082 thrsleep syz-execprog 57832 208125 2534 0 3 0x4000082 kqread syz-execprog 57832 18022 2534 0 3 0x4000082 thrsleep syz-execprog 2534 440833 26057 0 3 0x10008a sigsusp ksh 26057 232633 90678 0 3 0x98 kqread sshd-session 90678 85477 40274 0 3 0x92 kqread sshd-session 93690 85388 1 0 3 0x100083 ttyin getty 40274 248779 1 0 3 0x88 kqread sshd 37783 486656 79371 73 3 0x1100090 kqread syslogd 79371 495133 1 0 3 0x100082 sbwait syslogd 89094 201710 1 0 3 0x100080 kqread resolvd 72303 449217 8088 77 3 0x100092 kqread dhcpleased 28617 64217 8088 77 3 0x100092 kqread dhcpleased 8088 467500 1 0 3 0x80 kqread dhcpleased 14780 313618 0 0 3 0x14200 bored smr 9030 300717 0 0 2 0x14200 zerothread 32723 279053 0 0 3 0x14200 aiodoned aiodoned 38612 5858 0 0 3 0x14200 syncer update 60996 438742 0 0 3 0x14200 cleaner cleaner 95545 63894 0 0 7 0x14200 reaper 30769 497502 0 0 3 0x14200 pgdaemon pagedaemon 86125 410719 0 0 3 0x14200 bored viomb 9837 342628 0 0 3 0x40014200 acpi0 acpi0 23147 388885 0 0 3 0x40014200 idle1 29336 414073 0 0 3 0x14200 bored softnet3 9264 514917 0 0 3 0x14200 bored softnet2 89149 199928 0 0 3 0x14200 bored softnet1 9978 208283 0 0 3 0x14200 bored softnet0 88691 444636 0 0 3 0x14200 bored systqmp 89440 300860 0 0 3 0x14200 bored systq 57665 126942 0 0 3 0x14200 tmoslp softclockmp 6092 168363 0 0 3 0x40014200 tmoslp softclock 24706 21333 0 0 3 0x40014200 idle0 1 435216 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10193 10956K 10967K 166960K 11274 0 pcb 17 12K 12K 166960K 17 0 rtable 237 6K 7K 166960K 379 0 pf 31 16K 16K 166960K 34 0 ifaddr 42 7K 7K 166960K 48 0 ifgroup 50 2K 2K 166960K 55 0 sysctl 1 1K 9K 166960K 5 0 counters 68 36K 36K 166960K 70 0 ioctlops 0 0K 2K 166960K 30 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1262 79K 80K 166960K 42243 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 1K 166960K 2 0 VM map 2 1K 1K 166960K 2 0 sem 2 0K 0K 166960K 2 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 53K 89K 166960K 36813 0 proc 57 78K 115K 166960K 500 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 in_multi 99 7K 7K 166960K 110 0 ether_multi 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 91 413K 413K 166960K 91 0 exec 0 0K 1K 166960K 410 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 268 148K 200K 166960K 291237 0 UVM aobj 3 2K 2K 166960K 3 0 pinsyscall 37 74K 104K 166960K 38137 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 NDP 11 0K 2K 166960K 30 0 temp 1 8676K 8741K 166960K 78194 0 kqueue 13 20K 20K 166960K 46 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 36 0 33 1 0 1 1 0 8 0 rtentry 176 122 0 12 6 1 5 5 0 8 0 unpcb 144 67 0 52 1 0 1 1 0 8 0 syncache 336 9 0 9 2 2 0 1 0 8 0 tcpcb 736 12 0 9 1 0 1 1 0 8 0 arp 128 20 0 2 1 0 1 1 0 8 0 inpcb 328 66 0 60 1 0 1 1 0 8 0 nd6 144 27 0 3 2 1 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 501 0 48 32 3 29 29 0 8 0 art_table 32 502 0 48 5 1 4 4 0 8 0 art_node 16 121 0 21 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 79228 0 77706 97 1 96 96 0 8 0 ffsino 288 79228 0 77706 109 0 109 109 0 8 0 nchpl 144 116168 0 114392 66 0 66 66 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 740761 0 740761 6 5 1 2 0 8 1 percpumem 16 50 0 1 1 0 1 1 0 8 0 kstatmem 264 26 0 2 2 0 2 2 0 8 0 scxspl 216 229388 0 229388 10 9 1 8 1 8 1 plimitpl 152 58 0 42 1 0 1 1 0 8 0 sigapl 424 37144 0 37096 9 3 6 7 0 8 0 knotepl 120 111 0 0 4 0 4 4 0 8 0 kqueuepl 224 42 0 33 1 0 1 1 0 8 0 pipepl 336 172 0 144 5 2 3 3 0 8 0 fdescpl 520 37126 0 37099 3 0 3 3 0 8 0 filepl 160 478661 0 478514 8 1 7 7 0 8 0 lockfpl 104 145557 0 145552 1 0 1 1 0 8 0 lockfspl 48 36516 0 36512 1 0 1 1 0 8 0 sessionpl 144 34 0 18 1 0 1 1 0 8 0 pgrppl 48 34 0 18 1 0 1 1 0 8 0 ucredpl 104 440067 0 440056 1 0 1 1 0 8 0 zombiepl 144 37100 0 37096 2 1 1 1 0 8 0 processpl 1240 37144 0 37096 6 2 4 5 0 8 0 procpl 656 74230 0 74163 20 13 7 7 0 8 1 sockpl 728 169 0 145 4 1 3 3 0 8 0 mcl8k 8192 2 0 0 1 0 1 1 0 8 0 mcl4k 4096 147 0 0 19 0 19 19 0 8 0 mcl2k 2048 20 0 0 3 0 3 3 0 8 0 mtagpl 96 2 0 0 1 0 1 1 0 8 0 mbufpl 256 249 0 0 14 0 14 14 0 8 0 bufpl 280 41180 0 34966 444 0 444 444 0 8 0 anonpl 32 8259 0 0 68 1 67 67 0 246 0 amapchunkpl 152 945071 0 944440 47 19 28 28 0 158 1 amappl16 200 41010 0 40901 9 3 6 6 0 8 0 amappl15 192 17 0 17 3 3 0 1 0 8 0 amappl14 184 222 0 209 3 2 1 2 0 8 0 amappl13 176 9 0 9 2 2 0 1 0 8 0 amappl12 168 37794 0 37765 3 1 2 2 0 8 0 amappl11 160 50 0 40 1 0 1 1 0 8 0 amappl10 152 65 0 54 2 1 1 1 0 8 0 amappl9 144 1080 0 1080 3 3 0 1 0 8 0 amappl8 136 238 0 199 2 0 2 2 0 8 0 amappl7 128 248 0 224 3 1 2 2 0 8 0 amappl6 120 334 0 329 2 1 1 1 0 8 0 amappl5 112 186 0 180 1 0 1 1 0 8 0 amappl4 104 539 0 520 2 1 1 2 0 8 0 amappl3 96 191773 0 191691 4 1 3 3 0 8 0 amappl2 88 37771 0 37700 6 4 2 4 0 8 0 amappl1 80 166735 0 166169 35 21 14 23 0 8 0 amappl 88 290131 0 289958 7 2 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 37126 0 37099 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 37126 0 37099 1 0 1 1 0 8 0 vmmpekpl 168 152348 0 152299 3 0 3 3 0 8 0 vmmpepl 168 1639672 0 1637801 132 44 88 120 0 357 1 vmsppl 480 37125 0 37099 8 4 4 5 0 8 0 rwobjpl 72 373719 0 366804 142 15 127 127 0 8 0 pdppl 4096 74259 0 74198 179 112 67 79 0 8 6 pvpl 32 45610 0 0 369 1 368 368 0 265 0 pmappl 256 37125 0 37099 5 3 2 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 480 0 130 11 0 11 11 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{0}> trace x86_ipi_db(ffffffff838a8ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff83939698) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff83939698) at __mp_lock+0x192 sys/kern/kern_lock.c:165 reaper(ffff8000ffffcf68) at reaper+0x218 sys/kern/kern_exit.c:505 end trace frame: 0x0, count: -5 ddb{0}> machine ddbcpu 1 Stopped at lf_advlock+0x2f7: incl 0x28(%r12) ddb{1}> trace lf_advlock(ffff80000146d460,0,ffff80002a306a38,2,ffff80002a48b060,40) at lf_advlock+0x2f7 ls_ref sys/kern/vfs_lockf.c:138 [inline] lf_advlock(ffff80000146d460,0,ffff80002a306a38,2,ffff80002a48b060,40) at lf_advlock+0x2f7 sys/kern/vfs_lockf.c:278 VOP_ADVLOCK(fffffd80790f3a40,ffff80002a306a38,2,ffff80002a48b060,40) at VOP_ADVLOCK+0x87 sys/kern/vfs_vops.c:623 closef(fffffd80792f3678,ffff80002a2fb9d0) at closef+0x140 sys/kern/kern_descrip.c:-1 fdfree(ffff80002a2fb9d0) at fdfree+0x116 sys/kern/kern_descrip.c:1182 exit1(ffff80002a2fb9d0,0,0,1) at exit1+0x59c sys/kern/kern_exit.c:215 sys_exit(ffff80002a2fb9d0,ffff80002a48b2a0,ffff80002a48b1f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80002a48b2a0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a48b2a0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:742 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7aac88f788d0, count: -8