uvm_fault(0xfffffd8070dc39a0, 0x0, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at _copyinstr+0x58: lodsb (%rsi)
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*300861 5118 0 0x2000 0x4000000 0K syz-executor
486500 73100 0 0x2 0 1 syz-executor
_copyinstr() at _copyinstr+0x58
sys_unveil(ffff80003c436f98,ffff80002a325fa0,ffff80002a325ef0) at sys_unveil+0x152 sys/kern/vfs_syscalls.c:982
syscall(ffff80002a325fa0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a325fa0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:742
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x60df9ffcba0, count: 11
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu0: uvm_fault(0xfffffd8070dc39a0, 0x0, 0, 1) -> e
ddb{0}> trace
_copyinstr() at _copyinstr+0x58
sys_unveil(ffff80003c436f98,ffff80002a325fa0,ffff80002a325ef0) at sys_unveil+0x152 sys/kern/vfs_syscalls.c:982
syscall(ffff80002a325fa0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a325fa0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:742
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x60df9ffcba0, count: -4
ddb{0}> show registers
rdi 0xffff80002a25f000
rsi 0
rbp 0xffff80002a325da0
rbx 0xffff80002a325fa0
rdx 0x400
rcx 0xffff80002a321000
rax 0x7f7fffffc000
r8 0x400
r9 0xffff80002a325d40
r10 0xe6a17df037b14b70
r11 0xffffffff8244c390 copystr_fault
r12 0xffff80002a25f000
r13 0xffff80002a325e68
r14 0x400
r15 0
rip 0xffffffff8244c368 _copyinstr+0x58
cs 0x8
rflags 0x50206 acpi_pdirpa+0x3c077
rsp 0xffff80002a325d28
ss 0
_copyinstr+0x58: lodsb (%rsi)
ddb{0}> show proc
PROC (syz-executor) tid=300861 pid=5118 tcnt=2 stat=onproc
flags process=2000<SINGLEUNWIND> proc=4000000<THREAD>
runpri=32, usrpri=50, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0xffff80003c436f98 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80003c437c68,0xffffffff838da338
process=0xffff8000fffeb570 user=0xffff80002a321000, vmspace=0xfffffd8070dc39a0
estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
5118 191032 42119 0 4 0x82000 syz-executor
* 5118 300861 42119 0 7 0x4002000 syz-executor
97912 464746 46054 0 2 0 syz-executor
97912 312368 46054 0 3 0x4000080 sbwait syz-executor
97860 401335 40943 0 2 0xc80 syz-executor
97860 131646 40943 0 3 0x4000080 kqread syz-executor
97860 181001 40943 0 3 0x4000080 fsleep syz-executor
71483 191493 30 0 3 0x3000 suspend syz-executor
71483 269855 30 0 2 0x4081000 syz-executor
71483 40772 30 0 3 0x4081000 inode syz-executor
71483 374976 30 0 3 0x4081000 inode syz-executor
44962 130765 73100 0 3 0x3000 suspend syz-executor
44962 328718 73100 0 2 0x4081000 syz-executor
73100 486500 10623 0 7 0x2 syz-executor
67204 222001 1 0 3 0x100083 ttyin getty
42119 24924 10623 0 3 0x82 nanoslp syz-executor
30 237172 10623 0 3 0x82 nanoslp syz-executor
20794 352070 10623 0 3 0x82 nanoslp syz-executor
973 151911 0 0 3 0x14200 bored sosplice
46054 299212 10623 0 2 0xc82 syz-executor
23289 141866 10623 0 2 0xc82 syz-executor
40943 51107 10623 0 3 0x82 nanoslp syz-executor
97981 479897 10623 0 3 0x82 nanoslp syz-executor
10623 289271 27363 0 3 0x82 kqread syz-executor
27363 239303 77803 0 3 0x10008a sigsusp ksh
77803 518692 69319 0 3 0x98 kqread sshd-session
69319 517406 25648 0 3 0x92 kqread sshd-session
25648 468757 1 0 3 0x88 kqread sshd
48962 403223 1448 74 3 0x1100092 bpf pflogd
1448 68370 1 0 3 0x80 sbwait pflogd
3599 157690 80504 73 3 0x1100090 kqread syslogd
80504 166892 1 0 3 0x100082 sbwait syslogd
63915 513274 1 0 3 0x100080 kqread resolvd
18902 254849 0 0 3 0x14200 bored smr
8533 201389 0 0 3 0x14200 pgzero zerothread
42791 439644 0 0 3 0x14200 aiodoned aiodoned
31227 395029 0 0 3 0x14200 syncer update
5209 10772 0 0 3 0x14200 cleaner cleaner
40300 243116 0 0 3 0x14200 reaper reaper
50081 330055 0 0 3 0x14200 pgdaemon pagedaemon
15111 437874 0 0 3 0x14200 bored viomb
32893 97530 0 0 3 0x40014200 acpi0 acpi0
13799 448950 0 0 3 0x40014200 idle1
51054 120215 0 0 3 0x14200 bored softnet3
96408 164492 0 0 3 0x14200 bored softnet2
79433 456875 0 0 3 0x14200 bored softnet1
47917 7569 0 0 3 0x14200 bored softnet0
46159 287591 0 0 3 0x14200 bored systqmp
14027 103734 0 0 3 0x14200 bored systq
49546 187211 0 0 3 0x14200 tmoslp softclockmp
66636 427817 0 0 2 0x40014200 softclock
16439 416255 0 0 3 0x40014200 idle0
1 274177 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{0}> show all locks
Process 5118 (syz-executor) thread 0xffff80003c436f98 (300861)
Process 71483 (syz-executor) thread 0xffff80003c4534c0 (269855)
Process 71483 (syz-executor) thread 0xffff8000ffff1218 (40772)
Process 44962 (syz-executor) thread 0xffff80003c452560 (328718)
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10260 11104K 15427K 166960K 15461 0
pcb 17 18K 20K 166960K 1244 0
rtable 170 11K 11K 166960K 957 0
pf 47 20K 22K 166960K 272 0
ifaddr 39 6K 7K 166960K 189 0
ifgroup 73 3K 3K 166960K 336 0
sysctl 4 1K 9K 166960K 26 0
counters 74 37K 38K 166960K 348 0
ioctlops 0 0K 4K 166960K 2248 0
iov 0 0K 24K 166960K 231 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1490 94K 94K 166960K 4228 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 53 0
VM map 2 1K 1K 166960K 2 0
sem 28 28K 28K 166960K 221 0
dirhash 12 2K 2K 166960K 108 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 18 65K 240K 166960K 3646 0
sigio 0 0K 0K 166960K 128 0
proc 66 67K 128K 166960K 1221 0
subproc 72 4K 4K 166960K 136 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 563 0
in_multi 52 3K 7K 166960K 289 0
ether_multi 1 0K 0K 166960K 22 0
mrt 1 0K 0K 166960K 23 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 265 1182K 1182K 166960K 265 0
exec 0 0K 1K 166960K 1228 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 15 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 229 135K 170K 166960K 34528 0
UVM aobj 123 7K 7K 166960K 127 0
pinsyscall 37 74K 103K 166960K 4962 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 1K 166960K 180 0
NDP 15 0K 2K 166960K 132 0
temp 81 8696K 8944K 166960K 154289 0
kqueue 8 14K 33K 166960K 723 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 272 0 270 2 1 1 2 0 8 0
rtentry 176 273 0 212 6 1 5 6 0 8 0
unpcb 144 2438 0 2419 19 15 4 4 0 8 3
syncache 336 14 0 14 6 5 1 1 0 8 1
tcpqe 32 7 0 7 4 4 0 1 0 8 0
tcpcb 736 1364 0 1357 27 20 7 12 0 8 5
arp 128 42 0 32 1 0 1 1 0 8 0
ipq 40 1 0 1 1 1 0 1 0 8 0
ipqe 40 3 0 3 1 1 0 1 0 8 0
inpcb 328 4966 0 4958 49 39 10 15 0 8 8
nd6 144 65 0 54 1 0 1 1 0 8 0
pkpcb 40 47 0 47 6 5 1 1 0 8 1
kcovpl 48 15 0 7 1 0 1 1 0 8 0
mppekey 1024 1 0 1 1 1 0 1 0 8 0
ppxss 1192 101 0 101 4 3 1 1 0 8 1
pppxif 1504 15 0 15 5 4 1 1 0 8 1
pfstscr 40 1 0 1 1 1 0 1 0 8 0
pffrag 232 22 0 10 1 0 1 1 0 482 0
pffrnode 88 20 0 9 1 0 1 1 0 8 0
pffrent 40 47 0 34 1 0 1 1 0 8 0
pfosfp 40 1429 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1429 0 714 21 0 21 21 0 8 0
pfrktable 1344 6 0 4 2 1 1 1 0 8 0
pfanchor 1288 2 0 1 2 1 1 1 0 8 0
pftag 88 1 0 1 1 1 0 1 0 8 0
pfqueue 320 1 0 1 1 1 0 1 0 8 0
pfstitem 24 187 0 78 1 0 1 1 0 8 0
pfstkey 128 188 0 79 4 0 4 4 0 8 0
pfstate 384 187 0 79 11 0 11 11 0 8 0
pfrule 1344 29 0 21 2 1 1 2 0 8 0
rttmr 136 5 0 5 4 4 0 1 0 8 0
art_heap8 4096 6 0 1 6 0 6 6 0 8 1
art_heap4 256 1133 0 863 32 13 19 29 0 8 0
art_table 32 1139 0 864 4 0 4 4 0 8 0
art_node 16 265 0 216 1 0 1 1 0 8 0
sysvmsgpl 40 12 0 7 2 1 1 1 0 8 0
semupl 112 3 0 3 3 3 0 1 0 8 0
semapl 112 213 0 187 1 0 1 1 0 8 0
shmpl 112 124 0 4 4 0 4 4 0 8 0
dirhash 1024 82 0 65 3 0 3 3 0 8 0
dino2pl 256 8237 0 6717 96 0 96 96 0 8 0
ffsino 288 8237 0 6717 110 0 110 110 0 8 0
nchpl 144 13349 0 11627 65 0 65 65 0 8 0
rtmask 32 12 0 12 6 6 0 1 0 8 0
uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0
vnodes 216 5926 0 0 330 0 330 330 0 8 0
namei 1024 48744 0 48741 6 5 1 2 0 8 0
percpumem 16 189 0 137 1 0 1 1 0 8 0
pfiaddrpl 120 2 0 1 2 1 1 1 0 8 0
kstatmem 264 208 0 172 3 0 3 3 0 8 0
acpiwqpl 32 1 0 1 1 0 1 1 1 8 1
scsiplug 72 151 0 151 4 3 1 1 0 8 1
scxspl 216 98072 0 98072 16 14 2 8 1 8 2
plimitpl 152 921 0 903 1 0 1 1 0 8 0
sigapl 424 3940 0 3892 10 3 7 9 0 8 0
knotepl 120 689 0 0 20 0 20 20 0 8 0
kqueuepl 224 1838 0 1829 23 18 5 7 0 8 4
pipepl 336 665 0 637 10 2 8 8 0 8 5
fdescpl 520 3895 0 3866 3 0 3 3 0 8 0
filepl 160 28908 0 28680 45 22 23 23 0 8 7
lockfpl 104 2076 0 2074 4 3 1 2 0 8 0
lockfspl 48 695 0 693 1 0 1 1 0 8 0
sessionpl 144 43 0 35 1 0 1 1 0 8 0
pgrppl 48 101 0 85 1 0 1 1 0 8 0
ucredpl 104 4969 0 4959 1 0 1 1 0 8 0
zombiepl 144 3896 0 3892 1 0 1 1 0 8 0
processpl 1240 3940 0 3892 6 0 6 6 0 8 0
procpl 656 9804 0 9748 11 3 8 9 0 8 0
srpgc 96 28 0 28 7 7 0 1 0 8 0
sosppl 168 18 0 18 7 6 1 1 0 8 1
sockpl 728 7850 0 7821 64 52 12 19 0 8 8
mcl64k 65536 7 0 0 1 0 1 1 0 8 0
mcl16k 16384 5 0 0 1 0 1 1 0 8 0
mcl12k 12288 1 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 4 0 0 1 0 1 1 0 8 0
mcl4k 4096 181 0 0 18 0 18 18 0 8 0
mcl2k2 2112 1 0 0 1 0 1 1 0 8 0
mcl2k 2048 78 0 0 8 1 7 7 0 8 0
mtagpl 96 52 0 0 2 0 2 2 0 8 0
mbufpl 256 1228 0 0 74 0 74 74 0 8 0
bufpl 280 41390 0 35248 439 0 439 439 0 8 0
anonpl 32 15159 0 0 123 0 123 123 0 246 0
amapchunkpl 152 128249 0 127629 64 30 34 36 0 158 8
amappl16 200 17874 0 17506 148 128 20 38 0 8 0
amappl15 192 8 0 8 2 2 0 1 0 8 0
amappl14 184 156 0 146 1 0 1 1 0 8 0
amappl13 176 20 0 20 1 1 0 1 0 8 0
amappl12 168 4678 0 4649 3 1 2 2 0 8 0
amappl11 160 57 0 48 1 0 1 1 0 8 0
amappl10 152 12 0 11 2 1 1 1 0 8 0
amappl9 144 250 0 249 2 1 1 1 0 8 0
amappl8 136 44 0 41 1 0 1 1 0 8 0
amappl7 128 144 0 134 1 0 1 1 0 8 0
amappl6 120 256 0 252 1 0 1 1 0 8 0
amappl5 112 155 0 148 1 0 1 1 0 8 0
amappl4 104 400 0 380 1 0 1 1 0 8 0
amappl3 96 24772 0 24663 4 0 4 4 0 8 0
amappl2 88 845 0 798 2 0 2 2 0 8 0
amappl1 80 25195 0 24684 15 1 14 15 0 8 0
amappl 88 32966 0 32793 5 0 5 5 0 92 0
dma65536 65536 1 0 1 1 1 0 1 0 8 0
dma16384 16384 1 0 1 1 1 0 1 0 8 0
dma8192 8192 1 0 1 1 1 0 1 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma2048 2048 1 0 1 1 1 0 1 0 8 0
dma1024 1024 2 0 1 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 258 0 258 6 5 1 1 0 8 1
dma64 64 7 0 7 2 2 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 126 0 4 3 0 3 3 0 8 0
uaddrrnd 24 3895 0 3866 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 3895 0 3866 1 0 1 1 0 8 0
vmmpekpl 168 31948 0 31897 3 0 3 3 0 8 0
vmmpepl 168 253185 0 251072 135 43 92 121 0 357 0
vmsppl 480 3894 0 3866 9 4 5 5 0 8 0
rwobjpl 72 73664 0 66464 138 4 134 135 0 8 0
pdppl 4096 7798 0 7732 126 58 68 86 0 8 2
pvpl 32 23660 0 0 191 0 191 191 0 265 0
pmappl 256 3894 0 3866 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 536 0 111 13 0 13 13 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
_copyinstr() at _copyinstr+0x58
sys_unveil(ffff80003c436f98,ffff80002a325fa0,ffff80002a325ef0) at sys_unveil+0x152 sys/kern/vfs_syscalls.c:982
syscall(ffff80002a325fa0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a325fa0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:742
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x60df9ffcba0, count: -4
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff838d9040) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline]
__mp_lock(ffffffff838d9040) at __mp_lock+0x192 sys/kern/kern_lock.c:165
syscall(ffff80003c43f440) at syscall+0xae6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003c43f440) at syscall+0xae6 sys/arch/amd64/amd64/trap.c:742
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x738104f73d10, count: 9
ddb{1}> trace
x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff838d9040) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline]
__mp_lock(ffffffff838d9040) at __mp_lock+0x192 sys/kern/kern_lock.c:165
syscall(ffff80003c43f440) at syscall+0xae6 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003c43f440) at syscall+0xae6 sys/arch/amd64/amd64/trap.c:742
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x738104f73d10, count: -6