uvm_fault(0xfffffd8060eac9b0, 0x0, 0, 1) -> e
fatal page fault in supervisor mode
trap type 6 code 0 rip ffffffff831def38 cs 8 rflags 10246 cr2 0 cpl 0 rsp ffff80003c485500
gsbase 0xffff8000299edff0 kgsbase 0x0
panic: trap type 6, code=0, pc=ffffffff831def38
Starting stack trace...
panic(ffffffff833a4594) at panic+0x1d0 sys/kern/subr_prf.c:229
kerntrap(ffff80003c485450) at kerntrap+0x30b
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
dt_ioctl_record_stop(ffff800001491000) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586
dtclose(11e5f,81,2000,ffff8000fffe87e8) at dtclose+0x109 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline]
dtclose(11e5f,81,2000,ffff8000fffe87e8) at dtclose+0x109 sys/dev/dt/dt_dev.c:232
spec_close(ffff80003c485600) at spec_close+0x466 sys/kern/spec_vnops.c:-1
VOP_CLOSE(fffffd805cf85520,81,fffffd80097fb548,ffff8000fffe87e8) at VOP_CLOSE+0x132 sys/kern/vfs_vops.c:156
vn_closefile(fffffd805e0e69d8,ffff8000fffe87e8) at vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline]
vn_closefile(fffffd805e0e69d8,ffff8000fffe87e8) at vn_closefile+0x12b sys/kern/vfs_vnops.c:615
fdrop(fffffd805e0e69d8,ffff8000fffe87e8) at fdrop+0x121 sys/kern/kern_descrip.c:1280
closef(fffffd805e0e69d8,ffff8000fffe87e8) at closef+0x192 sys/kern/kern_descrip.c:1264
fdfree(ffff8000fffe87e8) at fdfree+0x116 sys/kern/kern_descrip.c:1195
exit1(ffff8000fffe87e8,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215
sys_exit(ffff8000fffe87e8,ffff80003c485970,ffff80003c4858c0) at sys_exit+0x1a sys/kern/kern_exit.c:-1
syscall(ffff80003c485970) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003c485970) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:748
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x79d050e07e50, count: 242
End of stack trace.
WARNING: SPL NOT LOWERED ON SYSCALL 91 1356889656 EXIT 0 4
Stopped at savectx+0xae: movl $0,%gs:0x688
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*280925 90335 0 0x2 0 1 syz-executor
savectx() at savectx+0xae
end of kernel
end trace frame: 0x79d050e07e20, count: 14
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
*cpu1: uvm_fault(0xfffffd8060eac9b0, 0x0, 0, 1) -> e
ddb{1}> trace
savectx() at savectx+0xae
end of kernel
end trace frame: 0x79d050e07e20, count: -1
ddb{1}> show registers
rdi 0
rsi 0
rbp 0xffff80003c467a70
rbx 0
rdx 0
rcx 0xffff8000fffe82b8
rax 0x3b
r8 0xffff80003c4679a0
r9 0x1
r10 0x4d4197c3ac55ed80
r11 0x6bdbf71160cc23b7
r12 0
r13 0
r14 0xffff8000fffe82b8
r15 0
rip 0xffffffff82ec33ee savectx+0xae
cs 0x8
rflags 0x46
rsp 0xffff80003c4679f0
ss 0x10
savectx+0xae: movl $0,%gs:0x688
ddb{1}> show proc
PROC (syz-executor) tid=280925 pid=90335 tcnt=1 stat=onproc
flags process=2<EXEC> proc=0
runpri=32, usrpri=50, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80002a270548,0xffff8000ffffcd10
process=0xffff8000fffe6b70 user=0xffff80003c462000, vmspace=0xfffffd8076dbf7b8
estcpu=36, cpticks=15, pctcpu=0.4, user=0, sys=15, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
46892 256131 47760 0 2 0xc80 syz-executor
46892 4150 47760 0 3 0x4000080 kqsel syz-executor
46892 60021 47760 0 3 0x4000080 fsleep syz-executor
20387 71431 48357 0 2 0xc80 syz-executor
20387 185911 48357 0 3 0x4000080 kqsel syz-executor
20387 238884 48357 0 3 0x4000080 fsleep syz-executor
32855 53164 0 0 3 0x14280 nfsidl nfsio
21503 408029 0 0 3 0x14280 nfsidl nfsio
5399 290546 0 0 3 0x14280 nfsidl nfsio
8757 324999 0 0 3 0x14280 nfsidl nfsio
28285 386774 0 0 3 0x14280 nfsidl nfsio
45991 516407 0 0 3 0x14280 nfsidl nfsio
89265 483335 0 0 3 0x14280 nfsidl nfsio
52003 481310 0 0 3 0x14280 nfsidl nfsio
42404 63975 0 0 3 0x14280 nfsidl nfsio
86881 399751 0 0 3 0x14280 nfsidl nfsio
59644 170732 0 0 3 0x14280 nfsidl nfsio
95397 434154 0 0 3 0x14280 nfsidl nfsio
36211 292493 0 0 3 0x14280 nfsidl nfsio
29473 106959 0 0 3 0x14280 nfsidl nfsio
99236 277861 0 0 3 0x14280 nfsidl nfsio
65658 210726 0 0 3 0x14280 nfsidl nfsio
17472 456258 0 0 3 0x14280 nfsidl nfsio
47486 4187 0 0 3 0x14280 nfsidl nfsio
75779 327097 0 0 3 0x14280 nfsidl nfsio
57400 491524 0 0 3 0x14280 nfsidl nfsio
54802 24085 46296 0 2 0xc82 syz-executor
*90335 280925 46296 0 7 0x2 syz-executor
34836 392255 0 0 3 0x14200 bored sosplice
47760 124657 46296 0 2 0xc82 syz-executor
44145 167304 46296 0 2 0x2 syz-executor
48357 343463 46296 0 2 0xc82 syz-executor
58099 195488 46296 0 3 0x82 wait syz-executor
88987 55995 46296 0 3 0x82 wait syz-executor
84112 1815 46296 0 3 0x82 wait syz-executor
46296 285177 24722 0 3 0x82 kqread syz-executor
24722 135224 90361 0 3 0x10008a sigsusp ksh
90361 434440 78004 0 3 0x98 kqread sshd-session
78004 308242 1803 0 3 0x92 kqread sshd-session
73887 433724 1 0 3 0x100083 ttyopn getty
1803 451224 1 0 3 0x88 kqread sshd
20993 297874 58423 74 3 0x1100092 bpf pflogd
58423 434001 1 0 3 0x80 sbwait pflogd
28098 460960 9620 73 3 0x1100090 kqread syslogd
9620 72596 1 0 3 0x100082 sbwait syslogd
74706 119899 1 0 3 0x100080 kqread resolvd
10055 345614 16659 77 3 0x100092 kqread dhcpleased
3949 278322 16659 77 3 0x100092 kqread dhcpleased
16659 356059 1 0 3 0x80 kqread dhcpleased
55043 394466 0 0 2 0x40014200 smr
10884 312682 0 0 3 0x14200 pgzero zerothread
25194 121128 0 0 3 0x14200 aiodoned aiodoned
68081 475501 0 0 3 0x14200 syncer update
44409 153851 0 0 3 0x14200 cleaner cleaner
22666 495530 0 0 3 0x14200 reaper reaper
59818 273088 0 0 3 0x14200 pgdaemon pagedaemon
37587 359313 0 0 3 0x14200 bored viomb
47639 220600 0 0 3 0x40014200 acpi0 acpi0
95450 38177 0 0 3 0x40014200 idle1
68732 331666 0 0 3 0x14200 bored softnet1
12586 153974 0 0 3 0x14200 netlock softnet0
34784 252416 0 0 2 0x40014200 systqmp
39130 157669 0 0 3 0x14200 bored systq
91574 296687 0 0 2 0x14200 softclockmp
82669 116182 0 0 3 0x40014200 tmoslp softclock
74600 462185 0 0 7 0x40014200 idle0
1 23395 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{1}> show all locks
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10217 11146K 11411K 166960K 12023 0
pcb 17 12K 20K 166960K 127 0
rtable 221 10K 10K 166960K 373 0
pf 34 17K 81K 166960K 99 0
ifaddr 46 8K 8K 166960K 80 0
ifgroup 55 2K 2K 166960K 111 0
sysctl 3 1K 9K 166960K 11 0
counters 68 36K 37K 166960K 130 0
ioctlops 0 0K 4K 166960K 1688 0
iov 0 0K 32K 166960K 66 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1429 90K 90K 166960K 1878 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 616K 620K 166960K 10 0
VM map 2 1K 1K 166960K 2 0
sem 10 0K 0K 166960K 82 0
dirhash 12 2K 2K 166960K 15 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 18 65K 93K 166960K 622 0
sigio 0 0K 0K 166960K 4 0
proc 73 131K 164K 166960K 659 0
subproc 72 4K 4K 166960K 90 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 55 0
in_multi 106 7K 7K 166960K 149 0
ether_multi 1 0K 0K 166960K 6 0
mrt 1 0K 0K 166960K 7 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 79 360K 360K 166960K 79 0
exec 0 0K 1K 166960K 446 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 256 164K 172K 166960K 7322 0
UVM aobj 86 3K 3K 166960K 87 0
pinsyscall 43 86K 102K 166960K 1757 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 32 0
NDP 12 0K 2K 166960K 51 0
temp 76 8656K 8768K 166960K 37929 0
kqueue 13 20K 30K 166960K 116 0
SYN cache 2 16K 16K 166960K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 65 0 62 1 0 1 1 0 8 0
rtentry 176 129 0 38 5 0 5 5 0 8 0
unpcb 144 544 0 525 10 8 2 6 0 8 1
syncache 336 4 0 4 1 1 0 1 0 8 0
tcpcb 736 209 0 200 7 3 4 4 0 8 3
arp 136 15 0 2 1 0 1 1 0 8 0
inpcb 328 570 0 555 8 4 4 5 0 8 2
nd6 152 22 0 4 1 0 1 1 0 8 0
pkpcb 40 6 0 6 3 2 1 1 0 8 1
kcovpl 48 10 0 2 1 0 1 1 0 8 0
ppxss 1192 24 0 24 3 2 1 1 0 8 1
pppxif 1504 2 0 2 2 1 1 1 0 8 1
pffrag 232 6 0 1 1 0 1 1 0 482 0
pffrnode 88 3 0 0 1 0 1 1 0 8 0
pffrent 40 11 0 4 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfanchor 1288 2 0 0 1 0 1 1 0 8 0
pfstitem 24 51 0 12 1 0 1 1 0 8 0
pfstkey 128 51 0 12 2 0 2 2 0 8 0
pfstate 384 51 0 12 5 0 5 5 0 8 0
pfrule 1344 21 0 16 2 1 1 2 0 8 0
rttmr 136 1 0 1 1 1 0 1 0 8 0
art_heap8 4096 2 0 0 2 0 2 2 0 8 0
art_heap4 256 613 0 149 32 2 30 30 0 8 0
art_table 40 615 0 149 5 0 5 5 0 8 0
art_node 32 128 0 48 1 0 1 1 0 8 0
semapl 112 78 0 70 1 0 1 1 0 8 0
shmpl 112 84 0 1 3 0 3 3 0 8 0
dirhash 1024 19 0 2 3 0 3 3 0 8 0
dino2pl 256 2422 0 911 96 0 96 96 0 8 0
ffsino 296 2422 0 911 118 0 118 118 0 8 0
nchpl 144 3288 0 1586 64 0 64 64 0 8 0
rtmask 32 8 0 8 3 2 1 1 0 8 1
uvmvnodes 80 2853 0 0 59 0 59 59 0 8 0
vnodes 216 2853 0 0 159 0 159 159 0 8 0
namei 1024 10976 0 10976 6 4 2 2 0 8 2
percpumem 16 80 0 31 1 0 1 1 0 8 0
kstatmem 264 64 0 38 4 1 3 3 0 8 1
scsiplug 72 1 0 1 1 1 0 1 0 8 0
scxspl 216 19201 0 19201 10 9 1 8 1 8 1
plimitpl 152 93 0 76 1 0 1 1 0 8 0
sigapl 424 937 0 868 9 1 8 8 0 8 0
knotepl 120 493 0 0 15 0 15 15 0 8 0
kqueuepl 224 300 0 288 7 2 5 5 0 8 4
pipepl 344 143 0 116 3 0 3 3 0 8 0
fdescpl 528 899 0 867 3 0 3 3 0 8 0
filepl 160 5009 0 4776 23 10 13 15 0 8 2
lockfpl 104 231 0 229 1 0 1 1 0 8 0
lockfspl 48 106 0 104 1 0 1 1 0 8 0
sessionpl 144 25 0 16 1 0 1 1 0 8 0
pgrppl 48 39 0 22 1 0 1 1 0 8 0
ucredpl 104 566 0 551 1 0 1 1 0 8 0
zombiepl 144 952 0 946 2 1 1 1 0 8 0
processpl 1232 937 0 868 6 0 6 6 0 8 0
procpl 664 1779 0 1706 8 0 8 8 0 8 0
sosppl 168 4 0 4 1 1 0 1 0 8 0
sockpl 752 1224 0 1187 33 23 10 17 0 8 6
mcl64k 65536 3 0 0 1 0 1 1 0 8 0
mcl16k 16384 4 0 0 1 0 1 1 0 8 0
mcl12k 12288 1 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 2 0 0 1 0 1 1 0 8 0
mcl4k 4096 128 0 0 16 0 16 16 0 8 0
mcl2k 2048 24 0 0 3 0 3 3 0 8 0
mtagpl 96 6 0 0 1 0 1 1 0 8 0
mbufpl 256 170 0 0 11 0 11 11 0 8 0
bufpl 280 9057 0 2914 440 0 440 440 0 8 0
anonpl 32 19211 0 0 156 1 155 155 0 246 0
amapchunkpl 152 23338 0 22796 37 14 23 27 0 158 2
amappl16 200 4465 0 4435 64 49 15 51 0 8 5
amappl15 192 5 0 5 1 1 0 1 0 8 0
amappl14 184 116 0 104 1 0 1 1 0 8 0
amappl13 176 3 0 3 1 1 0 1 0 8 0
amappl12 168 1572 0 1539 3 1 2 2 0 8 0
amappl11 160 51 0 37 1 0 1 1 0 8 0
amappl10 152 20 0 20 1 1 0 1 0 8 0
amappl9 144 243 0 243 1 1 0 1 0 8 0
amappl8 136 47 0 45 1 0 1 1 0 8 0
amappl7 128 127 0 115 1 0 1 1 0 8 0
amappl6 120 198 0 194 1 0 1 1 0 8 0
amappl5 112 134 0 125 1 0 1 1 0 8 0
amappl4 104 305 0 285 1 0 1 1 0 8 0
amappl3 96 4047 0 3939 3 0 3 3 0 8 0
amappl2 88 1143 0 1063 2 0 2 2 0 8 0
amappl1 80 10497 0 9889 15 1 14 15 0 8 0
amappl 88 6537 0 6356 6 1 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 19 0 18 1 0 1 1 0 8 0
aobjpl 72 86 0 1 2 0 2 2 0 8 0
uaddrrnd 24 899 0 867 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 899 0 867 1 0 1 1 0 8 0
vmmpekpl 168 8773 0 8732 3 0 3 3 0 8 0
vmmpepl 168 64054 0 62001 136 35 101 131 0 357 3
vmsppl 488 898 0 867 6 1 5 5 0 8 0
rwobjpl 80 23380 0 19487 86 3 83 83 0 8 0
pdppl 4096 1806 0 1734 112 40 72 86 0 8 0
pvpl 32 27020 0 0 218 0 218 218 0 265 0
pmappl 256 898 0 867 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 298 0 52 8 0 8 8 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
x86_ipi_db(ffffffff837d7ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff83988bd0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline]
__mp_lock(ffffffff83988bd0) at __mp_lock+0x192 sys/kern/kern_lock.c:165
softintr_dispatch(0) at softintr_dispatch+0x125 sys/kern/kern_softintr.c:83
dosoftint(0) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:847
Xsoftclock() at Xsoftclock+0x27
acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224
sched_idle(ffffffff837d7ff0) at sched_idle+0x391 sys/kern/kern_sched.c:191
end trace frame: 0x0, count: 6
ddb{0}> trace
x86_ipi_db(ffffffff837d7ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff83988bd0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline]
__mp_lock(ffffffff83988bd0) at __mp_lock+0x192 sys/kern/kern_lock.c:165
softintr_dispatch(0) at softintr_dispatch+0x125 sys/kern/kern_softintr.c:83
dosoftint(0) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:847
Xsoftclock() at Xsoftclock+0x27
acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224
sched_idle(ffffffff837d7ff0) at sched_idle+0x391 sys/kern/kern_sched.c:191
end trace frame: 0x0, count: -9
ddb{0}> machine ddbcpu 1
Stopped at savectx+0xae: movl $0,%gs:0x688
savectx() at savectx+0xae
end of kernel
end trace frame: 0x79d050e07e20, count: 14
ddb{1}> trace
savectx() at savectx+0xae
end of kernel
end trace frame: 0x79d050e07e20, count: -1