kernel: protection fault trap, code=0 Stopped at ktrops+0x4e: movq 0x8(%rbx),%r14 ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic the kernel did not panic ddb{1}> trace ktrops(ffff800021206aa0,dead4110dead4110,0,80001024,fffffd8067f14948,fffffd807f7d6680) at ktrops+0x4e ktrcanset sys/kern/kern_ktrace.c:700 [inline] ktrops(ffff800021206aa0,dead4110dead4110,0,80001024,fffffd8067f14948,fffffd807f7d6680) at ktrops+0x4e sys/kern/kern_ktrace.c:543 doktrace(fffffd8067f14948,4,1024,0,ffff800021206aa0) at doktrace+0x524 ktrsetchildren sys/kern/kern_ktrace.c:568 [inline] doktrace(fffffd8067f14948,4,1024,0,ffff800021206aa0) at doktrace+0x524 sys/kern/kern_ktrace.c:490 sys_ktrace(ffff800021206aa0,ffff8000213c7290,ffff8000213c72e0) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:531 syscall(ffff8000213c7360) at syscall+0x5e2 mi_syscall sys/sys/syscall_mi.h:110 [inline] syscall(ffff8000213c7360) at syscall+0x5e2 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x470f5e05090, count: -5 ddb{1}> show registers rdi 0xffff800021206aa0 rsi 0xdead4110dead4110 rbp 0xffff8000213c7080 rbx 0xdead4110dead4110 rdx 0 rcx 0xffff800021206aa0 rax 0xffff800020d58ff0 r8 0xfffffd8067f14948 r9 0xfffffd807f7d6680 r10 0x5aceb60093e80753 r11 0x43608e1348237313 r12 0xdead4110dead4110 r13 0xfffffd807f7d6680 r14 0xffff800021206aa0 r15 0x80001024 __kernel_virt_to_phys+0x1024 rip 0xffffffff8147974e ktrops+0x4e cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000213c7000 ss 0 ktrops+0x4e: movq 0x8(%rbx),%r14 ddb{1}> show proc PROC (syz-executor.6) tid=167987 pid=72644 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=70, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff800021207298,0xffffffff82d28228 process=0xffff800021273ac0 user=0xffff8000213c2000, vmspace=0xfffffd806b91c3c0 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 72644 81979 74474 0 2 0 syz-executor.6 *72644 167987 74474 0 7 0x4000000 syz-executor.6 12685 297267 8858 0 2 0 syz-executor.4 12685 77709 8858 0 3 0x4000080 fsleep syz-executor.4 74474 209064 2176 0 2 0x482 syz-executor.6 35512 339856 2176 0 3 0x2 biowait syz-executor.5 64564 176007 2176 0 3 0x82 nanoslp syz-executor.3 18734 188102 2176 0 2 0x2 syz-executor.7 8858 129839 2176 0 3 0x82 nanoslp syz-executor.4 51950 252752 2176 0 2 0x482 syz-executor.0 41332 289840 2176 0 2 0x2 syz-executor.2 84735 224269 2176 0 2 0x2 syz-executor.1 2176 239697 30201 0 3 0x2000082 thrsleep syz-execprog 2176 406720 30201 0 2 0x6000482 syz-execprog 2176 106446 30201 0 3 0x6000082 thrsleep syz-execprog 2176 164805 30201 0 3 0x6000082 thrsleep syz-execprog 2176 253800 30201 0 3 0x6000082 wait syz-execprog 2176 384655 30201 0 3 0x6000082 wait syz-execprog 2176 449399 30201 0 3 0x6000082 wait syz-execprog 2176 80391 30201 0 2 0x6000002 syz-execprog 2176 44959 30201 0 3 0x6000082 wait syz-execprog 2176 325992 30201 0 3 0x6000082 wait syz-execprog 2176 11691 30201 0 3 0x6000082 wait syz-execprog 2176 193472 30201 0 3 0x6000082 thrsleep syz-execprog 2176 123743 30201 0 3 0x6000082 wait syz-execprog 2176 268700 30201 0 3 0x6000082 wait syz-execprog 2176 162473 30201 0 2 0x6000002 syz-execprog 30201 345312 90702 0 3 0x10008a sigsusp ksh 90702 318904 86962 0 3 0x9a kqread sshd 79442 164132 1 0 3 0x100083 ttyin getty 86962 456606 1 0 3 0x88 kqread sshd 1411 89265 15057 74 3 0x1100092 bpf pflogd 15057 365215 1 0 3 0x80 netio pflogd 22825 212017 72041 73 3 0x1100090 kqread syslogd 72041 384833 1 0 3 0x100082 netio syslogd 8306 227044 1 0 3 0x100080 kqread resolvd 72156 160059 67852 77 3 0x100092 kqread dhcpleased 78214 120428 67852 77 3 0x100092 kqread dhcpleased 67852 385169 1 0 3 0x80 kqread dhcpleased 47186 129545 0 0 3 0x14200 bored smr 82321 404333 0 0 2 0x14200 zerothread 81820 308225 0 0 3 0x14200 aiodoned aiodoned 27345 491960 0 0 3 0x14200 syncer update 59664 391390 0 0 3 0x14200 cleaner cleaner 33176 180286 0 0 7 0x14200 reaper 83004 276537 0 0 3 0x14200 pgdaemon pagedaemon 12358 435060 0 0 3 0x14200 bored viomb 72076 75601 0 0 3 0x40014200 acpi0 acpi0 48786 378294 0 0 3 0x40014200 idle1 57405 378581 0 0 3 0x14200 bored softnet3 34682 395625 0 0 3 0x14200 bored softnet2 74018 193417 0 0 3 0x14200 bored softnet1 29174 503210 0 0 3 0x14200 bored softnet0 42550 27396 0 0 3 0x14200 bored systqmp 82793 295422 0 0 3 0x14200 bored systq 98122 311352 0 0 3 0x14200 tmoslp softclockmp 75539 154164 0 0 3 0x40014200 tmoslp softclock 72230 386808 0 0 3 0x40014200 idle0 1 282256 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 72644 (syz-executor.6) thread 0xffff800021206aa0 (167987) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82cda4b0) #0 witness_lock+0x447 #1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227 #2 mi_switch+0x46d sys/kern/sched_bsd.c:470 #3 sleep_finish+0x19b sys/kern/kern_synch.c:414 #4 getblk+0x14c sys/kern/vfs_bio.c:1038 #5 bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline] #5 bread+0x3e sys/kern/vfs_bio.c:478 #6 ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91 #7 ufs_inactive+0x263 sys/ufs/ufs/ufs_inode.c:110 #8 VOP_INACTIVE+0xc5 sys/kern/vfs_vops.c:489 #9 vrele+0xd3 sys/kern/vfs_subr.c:827 #10 ktrsettrace+0xb7 sys/kern/kern_ktrace.c:122 #11 ktrops+0x1a8 sys/kern/kern_ktrace.c:546 #12 doktrace+0x524 ktrsetchildren sys/kern/kern_ktrace.c:568 [inline] #12 doktrace+0x524 sys/kern/kern_ktrace.c:490 #13 sys_ktrace+0xd6 sys/kern/kern_ktrace.c:531 #14 syscall+0x5e2 mi_syscall sys/sys/syscall_mi.h:110 [inline] #14 syscall+0x5e2 sys/arch/amd64/amd64/trap.c:623 #15 Xsyscall+0x128 Process 35512 (syz-executor.5) thread 0xffff8000211f5008 (339856) exclusive rrwlock inode r = 0 (0xfffffd8071adb4e8) #0 witness_lock+0x447 #1 rw_enter+0x3c8 sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x8c sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:518 #4 ufs_ihashins+0x46 sys/ufs/ufs/ufs_ihash.c:140 #5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1343 #6 ffs_inode_alloc+0x1c2 sys/ufs/ffs/ffs_alloc.c:394 #7 ufs_mkdir+0xf8 sys/ufs/ufs/ufs_vnops.c:1149 #8 VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388 #9 domkdirat+0x125 sys/kern/vfs_syscalls.c:3073 #10 syscall+0x5e2 mi_syscall sys/sys/syscall_mi.h:110 [inline] #10 syscall+0x5e2 sys/arch/amd64/amd64/trap.c:623 #11 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd8070d70a28) #0 witness_lock+0x447 #1 rw_enter+0x3c8 sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x8c sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:518 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:564 #5 vfs_lookup+0xd5 sys/kern/vfs_lookup.c:418 #6 namei+0x55a sys/kern/vfs_lookup.c:250 #7 domkdirat+0x79 sys/kern/vfs_syscalls.c:3058 #8 syscall+0x5e2 mi_syscall sys/sys/syscall_mi.h:110 [inline] #8 syscall+0x5e2 sys/arch/amd64/amd64/trap.c:623 #9 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10186 6474K 6474K 78643K 11267 0 pcb 13 8K 8K 78643K 13 0 rtable 234 6K 6K 78643K 384 0 pf 32 9K 10K 78643K 46 0 ifaddr 45 15K 15K 78643K 51 0 ifgroup 55 2K 2K 78643K 60 0 counters 60 35K 35K 78643K 62 0 ioctlops 0 0K 4K 78643K 1484 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1189 74K 74K 78643K 1205 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 12 41K 77K 78643K 203 0 proc 67 91K 115K 78643K 554 0 subproc 0 0K 0K 78643K 13 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 99 7K 7K 78643K 110 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 1K 78643K 430 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 243 74K 75K 78643K 4842 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 28 2K 2K 78643K 31 0 temp 1 5904K 5968K 78643K 5073 0 kqueue 12 18K 18K 78643K 34 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 38 0 35 1 0 1 1 0 8 0 rtentry 112 122 0 12 4 0 4 4 0 8 0 unpcb 144 149 0 134 1 0 1 1 0 8 0 syncache 304 8 0 8 2 1 1 1 0 8 1 tcpqe 32 263 0 263 2 2 0 1 0 8 0 tcpcb 808 12 0 9 1 0 1 1 0 8 0 arp 120 20 0 2 1 0 1 1 0 8 0 inpcb 368 73 0 67 1 0 1 1 0 8 0 nd6 136 27 0 3 2 1 1 1 0 8 0 kcovpl 48 1 0 1 1 1 0 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 24 0 4 1 0 1 1 0 8 0 pfstkey 128 24 0 4 1 0 1 1 0 8 0 pfstate 376 24 0 4 2 0 2 2 0 8 0 pfrule 1344 21 0 15 2 0 2 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 500 0 48 32 3 29 29 0 8 0 art_table 32 501 0 48 5 1 4 4 0 8 0 art_node 16 121 0 21 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1618 0 143 93 0 93 93 0 8 0 ffsino 272 1618 0 143 99 0 99 99 0 8 0 nchpl 144 1995 0 291 64 0 64 64 0 8 0 uvmvnodes 80 1645 0 0 34 0 34 34 0 8 0 vnodes 216 1645 0 0 92 0 92 92 0 8 0 namei 1024 8033 0 8032 3 2 1 2 0 8 0 percpumem 16 44 0 1 1 0 1 1 0 8 0 kstatmem 264 26 0 2 2 0 2 2 0 8 0 scxspl 216 8138 0 8137 10 9 1 8 1 8 0 plimitpl 152 50 0 34 1 0 1 1 0 8 0 sigapl 424 555 0 510 7 1 6 6 0 8 0 futexpl 64 277 0 276 2 1 1 1 0 8 0 knotepl 120 118 0 0 4 0 4 4 0 8 0 kqueuepl 216 30 0 22 1 0 1 1 0 8 0 pipepl 320 189 0 161 5 2 3 3 0 8 0 fdescpl 496 537 0 512 6 1 5 5 0 8 1 filepl 152 2455 0 2318 7 1 6 6 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 33 0 16 1 0 1 1 0 8 0 pgrppl 48 33 0 16 1 0 1 1 0 8 0 ucredpl 104 98 0 86 1 0 1 1 0 8 0 zombiepl 144 512 0 510 2 1 1 1 0 8 0 processpl 1072 555 0 510 5 1 4 4 0 8 0 procpl 680 632 0 571 7 1 6 6 0 8 0 sockpl 488 260 0 236 5 1 4 4 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 4 0 0 1 0 1 1 0 8 0 mcl2k 2048 336 0 0 42 0 42 42 0 8 0 mtagpl 96 3 0 0 1 0 1 1 0 8 0 mbufpl 256 351 0 0 22 0 22 22 0 8 0 bufpl 288 5106 0 145 355 0 355 355 0 8 0 anonpl 24 324000 0 319611 64 17 47 56 0 186 17 amapchunkpl 152 17666 0 17090 42 16 26 28 0 158 1 amappl16 200 9284 0 9215 10 5 5 5 0 8 0 amappl15 192 31 0 30 3 2 1 1 0 8 0 amappl14 184 232 0 217 3 1 2 2 0 8 1 amappl13 176 45 0 44 3 2 1 1 0 8 0 amappl12 168 1254 0 1226 2 0 2 2 0 8 0 amappl11 160 64 0 50 1 0 1 1 0 8 0 amappl10 152 56 0 45 2 1 1 1 0 8 0 amappl9 144 477 0 476 1 0 1 1 0 8 0 amappl8 136 269 0 240 3 1 2 2 0 8 0 amappl7 128 110 0 101 2 1 1 2 0 8 0 amappl6 120 294 0 277 2 1 1 2 0 8 0 amappl5 112 220 0 209 1 0 1 1 0 8 0 amappl4 104 811 0 767 5 3 2 3 0 8 0 amappl3 96 4001 0 3931 3 0 3 3 0 8 0 amappl2 88 957 0 890 4 1 3 3 0 8 1 amappl1 80 15331 0 14782 33 13 20 23 0 8 8 amappl 88 4155 0 3993 8 3 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 537 0 511 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 537 0 511 1 0 1 1 0 8 0 vmmpekpl 168 14612 0 14589 2 0 2 2 0 8 0 vmmpepl 168 69514 0 67849 128 18 110 119 0 357 32 vmsppl 464 536 0 511 6 1 5 5 0 8 1 rwobjpl 56 32308 0 29624 52 7 45 47 0 8 2 pdppl 4096 1082 0 1022 128 52 76 76 0 8 16 pvpl 32 650715 0 641203 368 75 293 365 0 265 210 pmappl 248 536 0 511 3 0 3 3 0 8 1 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 792 0 60 21 0 21 21 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp ddb{0}> trace x86_ipi_db(ffffffff82be3ff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc reaper(ffff8000211b3548) at reaper+0x160 sys/kern/kern_exit.c:446 end trace frame: 0x0, count: -5 ddb{0}> machine ddbcpu 1 Stopped at ktrops+0x4e: movq 0x8(%rbx),%r14 ddb{1}> trace ktrops(ffff800021206aa0,dead4110dead4110,0,80001024,fffffd8067f14948,fffffd807f7d6680) at ktrops+0x4e ktrcanset sys/kern/kern_ktrace.c:700 [inline] ktrops(ffff800021206aa0,dead4110dead4110,0,80001024,fffffd8067f14948,fffffd807f7d6680) at ktrops+0x4e sys/kern/kern_ktrace.c:543 doktrace(fffffd8067f14948,4,1024,0,ffff800021206aa0) at doktrace+0x524 ktrsetchildren sys/kern/kern_ktrace.c:568 [inline] doktrace(fffffd8067f14948,4,1024,0,ffff800021206aa0) at doktrace+0x524 sys/kern/kern_ktrace.c:490 sys_ktrace(ffff800021206aa0,ffff8000213c7290,ffff8000213c72e0) at sys_ktrace+0xd6 sys/kern/kern_ktrace.c:531 syscall(ffff8000213c7360) at syscall+0x5e2 mi_syscall sys/sys/syscall_mi.h:110 [inline] syscall(ffff8000213c7360) at syscall+0x5e2 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x470f5e05090, count: -5