uvm_fault(0xfffffd807e893c18, 0x3f, 0, 2) -> e
kernel: page fault trap, code=2
Stopped at uao_detach+0xb9: movq %rax,0x40(%r15)
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*363587 73158 0 0 0x4000000 0 syz-executor
uao_detach(fffffd80787eb8b8) at uao_detach+0xb9 sys/uvm/uvm_aobj.c:824
shm_deallocate_segment(fffffd80678172a0) at shm_deallocate_segment+0x43 sys/kern/sysv_shm.c:152
sys_shmat(ffff80002a4b0298,ffff8000374374f0,ffff800037437440) at sys_shmat+0x573 sys/kern/sysv_shm.c:278
syscall(ffff8000374374f0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6d30b717b20, count: 10
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xfffffd807e893c18, 0x3f, 0, 2) -> e
ddb> trace
uao_detach(fffffd80787eb8b8) at uao_detach+0xb9 sys/uvm/uvm_aobj.c:824
shm_deallocate_segment(fffffd80678172a0) at shm_deallocate_segment+0x43 sys/kern/sysv_shm.c:152
sys_shmat(ffff80002a4b0298,ffff8000374374f0,ffff800037437440) at sys_shmat+0x573 sys/kern/sysv_shm.c:278
syscall(ffff8000374374f0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6d30b717b20, count: -5
ddb> show registers
rdi 0xffffffff
rsi 0x9
rbp 0xffff800037437330
rbx 0xfffffd8067817308
rdx 0
rcx 0xffffffff834adff0 cpu_info_full_primary+0x1ff0
rax 0xffffffffffffffff
r8 0x20ffb000
r9 0x2000 __ALIGN_SIZE+0x1000
r10 0x670fc99e9aaff60d
r11 0x88d6deb56556b735
r12 0x200
r13 0xfffffd80678172a0
r14 0xfffffd80787eb8b8
r15 0xffffffffffffffff
rip 0xffffffff82027019 uao_detach+0xb9
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff8000374372f0
ss 0x10
uao_detach+0xb9: movq %rax,0x40(%r15)
ddb> show proc
PROC (syz-executor) tid=363587 pid=73158 tcnt=4 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=82, usrpri=82, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80002a4d1460,0xffff800037644548
process=0xffff8000ffff4cf0 user=0xffff800037432000, vmspace=0xfffffd807e893c18
estcpu=32, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
31216 189692 39110 0 2 0 syz-executor
96577 192141 27628 0 2 0 syz-executor
38387 356281 45118 0 2 0 syz-executor
88097 6852 41153 0 2 0 syz-executor
88097 148776 41153 0 2 0x4000000 syz-executor
88097 229651 41153 0 3 0x4000080 fsleep syz-executor
35062 84724 50855 0 2 0 syz-executor
35062 335333 50855 0 2 0x4000000 syz-executor
12154 166321 9012 0 2 0 syz-executor
12154 137593 9012 0 2 0x4000000 syz-executor
73158 108399 61456 0 2 0 syz-executor
73158 123647 61456 0 2 0x4000000 syz-executor
*73158 363587 61456 0 7 0x4000000 syz-executor
73158 58876 61456 0 3 0x4000000 futex syz-executor
82019 265202 23415 0 2 0 syz-executor
82019 20414 23415 0 3 0x4000080 fsleep syz-executor
82019 53556 23415 0 3 0x4000080 fsleep syz-executor
61456 318075 22133 0 3 0x82 nanoslp syz-executor
27628 278899 22133 0 2 0x3 syz-executor
41153 439566 22133 0 3 0x82 nanoslp syz-executor
45118 61687 22133 0 3 0x82 nanoslp syz-executor
23415 481828 22133 0 3 0x82 nanoslp syz-executor
50855 301672 22133 0 3 0x82 nanoslp syz-executor
39110 345098 22133 0 3 0x82 nanoslp syz-executor
9012 83354 22133 0 3 0x82 nanoslp syz-executor
46224 79322 0 0 3 0x14280 nfsidl nfsio
56460 361524 0 0 3 0x14280 nfsidl nfsio
77293 315303 0 0 3 0x14280 nfsidl nfsio
17456 486684 0 0 3 0x14280 nfsidl nfsio
30403 397428 0 0 3 0x14280 nfsidl nfsio
85938 298223 0 0 3 0x14280 nfsidl nfsio
95204 75310 0 0 3 0x14280 nfsidl nfsio
24008 48600 0 0 3 0x14280 nfsidl nfsio
56395 72459 0 0 3 0x14280 nfsidl nfsio
69937 100294 0 0 3 0x14280 nfsidl nfsio
45689 334728 0 0 3 0x14280 nfsidl nfsio
70032 277048 0 0 3 0x14280 nfsidl nfsio
75252 384464 0 0 3 0x14280 nfsidl nfsio
74800 479932 0 0 3 0x14280 nfsidl nfsio
45514 509903 0 0 3 0x14280 nfsidl nfsio
2402 256788 0 0 3 0x14280 nfsidl nfsio
65648 364729 0 0 3 0x14280 nfsidl nfsio
5513 500612 0 0 3 0x14280 nfsidl nfsio
7370 141199 0 0 3 0x14280 nfsidl nfsio
62076 205149 0 0 3 0x14280 nfsidl nfsio
81034 122692 0 0 3 0x14200 bored sosplice
83031 110667 1 0 3 0x100083 ttyin getty
22133 283326 69446 0 3 0x82 kqread syz-executor
69446 464271 45153 0 3 0x10008a sigsusp ksh
45153 244987 29201 0 3 0x98 kqread sshd-session
29201 117410 99762 0 3 0x92 kqread sshd-session
99762 139965 1 0 3 0x88 kqread sshd
93790 217079 81331 73 3 0x1100090 kqread syslogd
81331 104641 1 0 3 0x100082 sbwait syslogd
54010 81587 1 0 3 0x100080 kqread resolvd
84660 50155 33813 77 3 0x100092 kqread dhcpleased
56680 379264 33813 77 3 0x100092 kqread dhcpleased
33813 154653 1 0 3 0x80 kqread dhcpleased
82193 230399 0 0 3 0x14200 bored smr
45315 18840 0 0 2 0x14200 zerothread
98652 450742 0 0 3 0x14200 aiodoned aiodoned
69186 315489 0 0 3 0x14200 syncer update
7816 213475 0 0 3 0x14200 cleaner cleaner
62363 408415 0 0 3 0x14200 reaper reaper
47077 353495 0 0 3 0x14200 pgdaemon pagedaemon
97912 283858 0 0 3 0x14200 bored viomb
10301 25745 0 0 3 0x40014200 acpi0 acpi0
77894 305526 0 0 3 0x14200 bored softnet3
27611 90077 0 0 3 0x14200 bored softnet2
38339 193388 0 0 3 0x14200 bored softnet1
41227 523901 0 0 3 0x14200 netlock softnet0
71313 318506 0 0 3 0x14200 bored systqmp
33419 332184 0 0 3 0x14200 bored systq
1586 289092 0 0 3 0x40014200 tmoslp softclock
84647 152369 0 0 3 0x40014200 idle0
1 405580 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10194 14132K 14574K 166960K 13227 0
pcb 17 15K 17K 166960K 310 0
rtable 237 9K 10K 166960K 1476 0
pf 38 14K 15K 166960K 141 0
ifaddr 45 8K 8K 166960K 201 0
ifgroup 62 2K 2K 166960K 224 0
sysctl 3 0K 0K 166960K 4 0
counters 33 17K 18K 166960K 78 0
ioctlops 0 0K 4K 166960K 232 0
iov 0 0K 32K 166960K 78 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1633 103K 103K 166960K 2784 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 3 5K 5K 166960K 13 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 28 0
dirhash 12 2K 2K 166960K 15 0
ACPI 1690 195K 286K 166960K 12418 0
file desc 18 65K 97K 166960K 1690 0
sigio 0 0K 0K 166960K 24 0
proc 60 59K 124K 166960K 1504 0
subproc 104 6K 7K 166960K 533 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 159 0
in_multi 95 7K 7K 166960K 489 0
ether_multi 1 0K 0K 166960K 8 0
mrt 1 0K 0K 166960K 3 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 73 334K 334K 166960K 73 0
exec 0 0K 2K 166960K 885 0
pfkey data 0 0K 0K 166960K 2 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 218 72K 88K 166960K 15731 0
UVM aobj 19 2K 2K 166960K 22 0
pinsyscall 39 78K 108K 166960K 3580 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 47 0
NDP 14 0K 2K 166960K 142 0
temp 59 6811K 6939K 166960K 65556 0
kqueue 13 20K 30K 166960K 158 0
SYN cache 2 2352K 2360K 166960K 3 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 185 0 182 1 0 1 1 0 8 0
rtentry 112 517 0 411 4 0 4 4 0 8 0
unpcb 144 975 0 960 6 0 6 6 0 8 5
syncache 336 8 0 8 2 1 1 1 0 8 1
tcpqe 32 3 0 3 1 0 1 1 0 8 1
tcpcb 808 437 0 433 8 0 8 8 0 8 7
arp 88 93 0 75 1 0 1 1 0 8 0
ipq 40 7 0 7 1 0 1 1 0 8 1
ipqe 40 53 0 53 1 0 1 1 0 8 1
inpcb 336 1628 0 1614 9 2 7 7 0 8 5
nd6 104 132 0 110 1 0 1 1 0 8 0
pkpcb 40 7 0 7 2 1 1 1 0 8 1
kcovpl 48 41 0 33 1 0 1 1 0 8 0
ppxss 1072 11 0 11 2 1 1 1 0 8 1
pfstscr 40 1 0 0 1 0 1 1 0 8 0
pfstitem 24 4 0 0 1 0 1 1 0 8 0
pfstkey 128 6 0 2 1 0 1 1 0 8 0
pfstate 344 3 0 1 1 0 1 1 0 8 0
pfrule 1344 3 0 3 1 1 0 1 0 8 0
art_heap8 4096 4 0 1 4 0 4 4 0 8 1
art_heap4 256 1968 0 1529 29 0 29 29 0 8 0
art_table 32 1972 0 1530 4 0 4 4 0 8 0
art_node 16 512 0 416 1 0 1 1 0 8 0
sysvmsgpl 40 10 0 9 2 1 1 1 0 8 0
semupl 112 1 0 1 1 0 1 1 0 8 1
semapl 112 26 0 16 1 0 1 1 0 8 0
shmpl 112 20 0 3 1 0 1 1 0 8 0
dirhash 1024 19 0 2 3 0 3 3 0 8 0
dino2pl 256 3433 0 1880 99 1 98 98 0 8 0
ffsino 240 3433 0 1880 92 0 92 92 0 8 0
nchpl 144 5199 0 3485 65 0 65 65 0 8 0
uvmvnodes 80 4703 0 0 96 0 96 96 0 8 0
vnodes 216 4703 0 0 262 0 262 262 0 8 0
namei 1024 20413 0 20413 3 1 2 2 0 8 2
kstatmem 264 118 0 90 3 0 3 3 0 8 1
scsiplug 72 2 0 2 2 1 1 1 0 8 1
scxspl 216 32388 0 32388 9 7 2 8 1 8 2
plimitpl 152 389 0 372 1 0 1 1 0 8 0
sigapl 424 1927 0 1860 8 0 8 8 0 8 0
futexpl 64 16642 0 16638 1 0 1 1 0 8 0
knotepl 120 45662 0 45615 22 12 10 14 0 8 8
kqueuepl 184 268 0 259 1 0 1 1 0 8 0
pipepl 288 364 0 335 7 4 3 7 0 8 0
fdescpl 432 1889 0 1859 5 1 4 5 0 8 0
filepl 120 10205 0 9957 18 4 14 14 0 8 6
lockfpl 104 520 0 518 2 0 2 2 0 8 1
lockfspl 48 230 0 228 1 0 1 1 0 8 0
sessionpl 144 58 0 50 1 0 1 1 0 8 0
pgrppl 48 120 0 104 1 0 1 1 0 8 0
ucredpl 104 1320 0 1308 1 0 1 1 0 8 0
zombiepl 144 2469 0 2469 2 1 1 1 0 8 1
processpl 1096 1927 0 1860 5 0 5 5 0 8 0
procpl 648 3789 0 3713 8 0 8 8 0 8 1
sosppl 168 5 0 5 1 0 1 1 0 8 1
sockpl 504 2811 0 2779 29 17 12 22 0 8 8
mcl64k 65536 16 0 16 2 1 1 1 0 8 1
mcl16k 16384 4 0 4 2 1 1 1 0 8 1
mcl9k 9216 1 0 1 1 1 0 1 0 8 0
mcl8k 8192 26 0 26 2 1 1 1 0 8 1
mcl4k 4096 13 0 13 2 1 1 1 0 8 1
mcl2k2 2112 6 0 6 2 1 1 1 0 8 1
mcl2k 2048 8610 0 8519 32 13 19 26 0 8 7
mtagpl 96 23 0 22 1 0 1 1 0 8 0
mbufpl 256 21225 0 20995 30 10 20 29 0 8 5
bufpl 280 8290 0 2043 447 0 447 447 0 8 0
anonpl 24 307262 0 304036 97 27 70 70 0 187 42
amapchunkpl 152 51847 0 51381 53 12 41 41 0 158 20
amappl16 200 6594 0 6566 34 24 10 15 0 8 8
amappl15 192 11 0 11 1 1 0 1 0 8 0
amappl14 184 185 0 175 1 0 1 1 0 8 0
amappl13 176 11 0 10 1 0 1 1 0 8 0
amappl12 168 3030 0 3000 3 1 2 3 0 8 0
amappl11 160 51 0 41 1 0 1 1 0 8 0
amappl10 152 14 0 14 1 1 0 1 0 8 0
amappl9 144 126 0 125 1 0 1 1 0 8 0
amappl8 136 19 0 18 1 0 1 1 0 8 0
amappl7 128 169 0 158 1 0 1 1 0 8 0
amappl6 120 491 0 489 1 0 1 1 0 8 0
amappl5 112 259 0 251 1 0 1 1 0 8 0
amappl4 104 389 0 375 1 0 1 1 0 8 0
amappl3 96 10219 0 10112 4 0 4 4 0 8 0
amappl2 88 1153 0 1091 2 0 2 2 0 8 0
amappl1 80 14659 0 14155 16 3 13 15 0 8 1
amappl 88 14985 0 14821 5 0 5 5 0 92 0
dma8192 8192 2 0 2 1 0 1 1 0 8 1
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 3 0 2 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 22 0 3 1 0 1 1 0 8 0
uaddrrnd 24 1889 0 1859 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1889 0 1859 1 0 1 1 0 8 0
vmmpekpl 168 16101 0 16039 4 0 4 4 0 8 0
vmmpepl 168 121815 0 120081 97 9 88 88 0 357 8
vmsppl 344 1888 0 1859 4 1 3 4 0 8 0
rwobjpl 24 40674 0 35130 35 0 35 35 0 8 0
pdppl 4096 3784 0 3718 152 86 66 82 0 8 0
pvpl 32 904242 0 894531 344 121 223 223 0 265 130
pmappl 216 1888 0 1859 3 1 2 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 511 0 141 11 0 11 11 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
uao_detach(fffffd80787eb8b8) at uao_detach+0xb9 sys/uvm/uvm_aobj.c:824
shm_deallocate_segment(fffffd80678172a0) at shm_deallocate_segment+0x43 sys/kern/sysv_shm.c:152
sys_shmat(ffff80002a4b0298,ffff8000374374f0,ffff800037437440) at sys_shmat+0x573 sys/kern/sysv_shm.c:278
syscall(ffff8000374374f0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6d30b717b20, count: -5
ddb> machine ddbcpu 1
No such command
ddb> trace
uao_detach(fffffd80787eb8b8) at uao_detach+0xb9 sys/uvm/uvm_aobj.c:824
shm_deallocate_segment(fffffd80678172a0) at shm_deallocate_segment+0x43 sys/kern/sysv_shm.c:152
sys_shmat(ffff80002a4b0298,ffff8000374374f0,ffff800037437440) at sys_shmat+0x573 sys/kern/sysv_shm.c:278
syscall(ffff8000374374f0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6d30b717b20, count: -5