uvm_fault(0xffffffff82e56f90, 0x0, 0, 2) -> e
kernel: page fault trap, code=2
Stopped at km_free+0x128: movq $0,0(%rax)
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*310411 87089 0 0x14000 0x200 0 reaper
km_free(0,1000,ffffffff82ae6c60,ffffffff82ae6c78) at km_free+0x128 sys/uvm/uvm_km.c:870
pool_p_free(ffffffff82d6ac88,fffffd8068120f90) at pool_p_free+0x14d sys/kern/subr_pool.c:1012
pool_put(ffffffff82d6ac88,fffffd805d980858) at pool_put+0x1e2 pool_wakeup sys/kern/subr_pool.c:821 [inline]
pool_put(ffffffff82d6ac88,fffffd805d980858) at pool_put+0x1e2 sys/kern/subr_pool.c:815
amap_wipeout(fffffd805d980858) at amap_wipeout+0x243 sys/uvm/uvm_amap.c:532
uvm_unmap_detach(ffff80002a5d5410,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
uvm_map_teardown(fffffd8069626d80) at uvm_map_teardown+0x27f sys/uvm/uvm_map.c:2556
uvmspace_free(fffffd8069626d80) at uvmspace_free+0x96 sys/uvm/uvm_map.c:3461
reaper(ffff80002a5d7c38) at reaper+0x15a sys/kern/kern_exit.c:463
end trace frame: 0x0, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xffffffff82e56f90, 0x0, 0, 2) -> e
ddb> trace
km_free(0,1000,ffffffff82ae6c60,ffffffff82ae6c78) at km_free+0x128 sys/uvm/uvm_km.c:870
pool_p_free(ffffffff82d6ac88,fffffd8068120f90) at pool_p_free+0x14d sys/kern/subr_pool.c:1012
pool_put(ffffffff82d6ac88,fffffd805d980858) at pool_put+0x1e2 pool_wakeup sys/kern/subr_pool.c:821 [inline]
pool_put(ffffffff82d6ac88,fffffd805d980858) at pool_put+0x1e2 sys/kern/subr_pool.c:815
amap_wipeout(fffffd805d980858) at amap_wipeout+0x243 sys/uvm/uvm_amap.c:532
uvm_unmap_detach(ffff80002a5d5410,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
uvm_map_teardown(fffffd8069626d80) at uvm_map_teardown+0x27f sys/uvm/uvm_map.c:2556
uvmspace_free(fffffd8069626d80) at uvmspace_free+0x96 sys/uvm/uvm_map.c:3461
reaper(ffff80002a5d7c38) at reaper+0x15a sys/kern/kern_exit.c:463
end trace frame: 0x0, count: -8
ddb> show registers
rdi 0x1000 __ALIGN_SIZE
rsi 0x28000000
rbp 0xffff80002a5d5270
rbx 0xffffffff82ae6c60 kv_page
rdx 0
rcx 0xffffffff82ae6c78 kp_dirty
rax 0
r8 0
r9 0
r10 0xd16d239880e0599
r11 0xd26520e439204bf6
r12 0x1000 __ALIGN_SIZE
r13 0
r14 0x1000 __ALIGN_SIZE
r15 0x28000000000
rip 0xffffffff81ec8a48 km_free+0x128
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002a5d5200
ss 0x10
km_free+0x128: movq $0,0(%rax)
ddb> show proc
PROC (reaper) tid=310411 pid=87089 tcnt=1 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=200<SYSTEM>
runpri=4, usrpri=60, slppri=4, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff80002a58d710,0xffff80002a5d79b8
process=0xffff8000fffff240 user=0xffff80002a5d0000, vmspace=0xffffffff82e56f90
estcpu=10, cpticks=3, pctcpu=1.46, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
97405 115324 17299 0 2 0x8000000 syz-executor.1
97405 92333 17299 0 3 0xc000080 fsleep syz-executor.1
10294 205386 14492 -1 3 0x8000090 nanoslp syz-executor.2
10294 246155 14492 -1 3 0xc000090 kqsel syz-executor.2
10294 297224 14492 -1 3 0xc000090 fsleep syz-executor.2
83664 311490 99257 0 2 0x8000000 syz-executor.6
83664 165654 99257 0 3 0xc000080 ttyin syz-executor.6
83664 79121 99257 0 2 0xc000000 syz-executor.6
45211 459577 30537 0 2 0x8000480 syz-executor.5
45211 377823 30537 0 3 0xc000080 kqread syz-executor.5
45211 99937 30537 0 3 0xc000080 fsleep syz-executor.5
99257 501236 34381 0 3 0x8000082 nanoslp syz-executor.6
40895 253590 34381 0 3 0x8000082 nanoslp syz-executor.7
14492 381719 34381 0 3 0x8000082 nanoslp syz-executor.2
20635 305729 34381 0 2 0x8000002 syz-executor.3
19008 36908 34381 0 2 0x8000482 syz-executor.0
17299 513233 34381 0 3 0x8000082 nanoslp syz-executor.1
5669 90738 34381 0 3 0x8000082 nanoslp syz-executor.4
30537 54177 34381 0 3 0x8000082 nanoslp syz-executor.5
78676 426397 0 0 3 0x14200 acct acct
45973 173443 0 0 3 0x14280 nfsidl nfsio
24981 418559 0 0 3 0x14280 nfsidl nfsio
7405 124326 0 0 3 0x14280 nfsidl nfsio
29483 495361 0 0 3 0x14280 nfsidl nfsio
18478 277357 0 0 3 0x14280 nfsidl nfsio
16330 163842 0 0 3 0x14280 nfsidl nfsio
91798 427433 0 0 3 0x14280 nfsidl nfsio
40004 198896 0 0 3 0x14280 nfsidl nfsio
99851 363714 0 0 3 0x14280 nfsidl nfsio
21630 70564 0 0 3 0x14280 nfsidl nfsio
99291 214313 0 0 3 0x14280 nfsidl nfsio
50063 481269 0 0 3 0x14280 nfsidl nfsio
79989 92090 0 0 3 0x14280 nfsidl nfsio
80588 345552 0 0 3 0x14280 nfsidl nfsio
58099 35494 0 0 3 0x14280 nfsidl nfsio
16423 30185 0 0 3 0x14280 nfsidl nfsio
49995 142803 0 0 3 0x14280 nfsidl nfsio
70984 503509 0 0 3 0x14280 nfsidl nfsio
50283 21330 0 0 3 0x14280 nfsidl nfsio
47504 310041 0 0 3 0x14280 nfsidl nfsio
96551 500195 1 0 3 0x18100083 ttyin getty
75053 300805 0 0 3 0x14200 bored sosplice
34381 99845 15933 0 3 0x1a000082 thrsleep syz-fuzzer
34381 422058 15933 0 3 0x1e000082 nanoslp syz-fuzzer
34381 299747 15933 0 3 0x1e000082 wait syz-fuzzer
34381 420493 15933 0 3 0x1e000082 wait syz-fuzzer
34381 442283 15933 0 3 0x1e000082 thrsleep syz-fuzzer
34381 347816 15933 0 3 0x1e000082 thrsleep syz-fuzzer
34381 126600 15933 0 3 0x1e000082 wait syz-fuzzer
34381 450370 15933 0 3 0x1e000082 kqread syz-fuzzer
34381 390724 15933 0 3 0x1e000082 wait syz-fuzzer
34381 516222 15933 0 3 0x1e000082 wait syz-fuzzer
34381 491196 15933 0 3 0x1e000082 thrsleep syz-fuzzer
34381 159476 15933 0 3 0x1e000082 wait syz-fuzzer
34381 463738 15933 0 3 0x1e000082 wait syz-fuzzer
34381 195312 15933 0 3 0x1e000082 wait syz-fuzzer
15933 425349 64036 0 3 0x810008a sigsusp ksh
64036 26877 5872 0 3 0x1800009a kqread sshd
5872 366568 1 0 3 0x18000088 kqread sshd
81678 422161 11417 73 3 0x19100090 kqread syslogd
11417 416461 1 0 3 0x18100082 sbwait syslogd
99458 61505 1 0 3 0x18100080 kqread resolvd
18149 376180 99616 77 3 0x18100092 kqread dhcpleased
91105 294905 99616 77 3 0x18100092 kqread dhcpleased
99616 253659 1 0 3 0x18000080 kqread dhcpleased
56683 306760 0 0 3 0x14200 bored smr
40908 54319 0 0 2 0x14200 zerothread
60777 392530 0 0 3 0x14200 aiodoned aiodoned
86031 520613 0 0 3 0x14200 syncer update
5504 476260 0 0 3 0x14200 cleaner cleaner
*87089 310411 0 0 7 0x14200 reaper
27429 15458 0 0 3 0x14200 pgdaemon pagedaemon
53129 516910 0 0 3 0x14200 bored viomb
50729 24396 0 0 3 0x40014200 acpi0 acpi0
77618 461899 0 0 3 0x14200 bored softnet3
13683 249180 0 0 3 0x14200 bored softnet2
33470 109481 0 0 3 0x14200 bored softnet1
12165 215759 0 0 2 0x14200 softnet0
48595 166325 0 0 3 0x14200 bored systqmp
86847 94977 0 0 3 0x14200 bored systq
61850 229491 0 0 3 0x40014200 tmoslp softclock
48316 378067 0 0 3 0x40014200 idle0
1 209896 0 0 3 0x8000082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10182 6538K 6862K 166960K 13335 0
pcb 15 12K 13K 166960K 194 0
rtable 226 6K 7K 166960K 1575 0
pf 29 8K 9K 166960K 160 0
ifaddr 43 12K 12K 166960K 217 0
ifgroup 50 2K 2K 166960K 279 0
sysctl 4 1K 2K 166960K 6 0
counters 30 17K 17K 166960K 89 0
ioctlops 0 0K 2K 166960K 164 0
iov 0 0K 18K 166960K 123 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1425 90K 90K 166960K 2897 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 13K 166960K 80 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 130 0
dirhash 12 2K 3K 166960K 69 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 15 53K 81K 166960K 2265 0
sigio 0 0K 0K 166960K 55 0
proc 58 59K 83K 166960K 1577 0
subproc 104 6K 6K 166960K 552 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 320 0
in_multi 94 6K 7K 166960K 535 0
ether_multi 1 0K 0K 166960K 9 0
mrt 0 0K 0K 166960K 8 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 97 440K 440K 166960K 97 0
exec 0 0K 1K 166960K 1024 0
pfkey data 0 0K 0K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 335 120K 122K 166960K 20351 0
UVM aobj 131 8K 8K 166960K 140 0
pinsyscall 35 70K 100K 166960K 4287 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 125 0
NDP 11 0K 1K 166960K 154 0
temp 77 6808K 6884K 166960K 62274 0
kqueue 13 20K 26K 166960K 300 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 339 0 336 3 0 3 3 0 8 2
rtentry 112 549 0 445 4 0 4 4 0 8 0
unpcb 144 1280 0 1266 4 0 4 4 0 8 3
syncache 336 33 0 33 1 0 1 1 0 8 1
tcpqe 32 29 0 25 1 0 1 1 0 8 0
tcpcb 808 791 0 780 3 0 3 3 0 8 1
arp 88 112 0 94 1 0 1 1 0 8 0
ipq 40 4 0 3 1 0 1 1 0 8 0
ipqe 40 6 0 5 1 0 1 1 0 8 0
inpcb 360 2476 0 2461 8 0 8 8 0 8 5
nd6 104 136 0 114 1 0 1 1 0 8 0
pkpcb 40 14 0 14 1 0 1 1 0 8 1
kcovpl 48 42 0 34 1 0 1 1 0 8 0
ppxss 1072 10 0 10 1 0 1 1 0 8 1
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 2115 0 1669 47 16 31 31 0 8 3
art_table 32 2116 0 1669 4 0 4 4 0 8 0
art_node 16 544 0 455 1 0 1 1 0 8 0
sysvmsgpl 40 32 0 13 1 0 1 1 0 8 0
semupl 112 3 0 3 1 0 1 1 0 8 1
semapl 112 125 0 115 1 0 1 1 0 8 0
shmpl 112 137 0 9 4 0 4 4 0 8 0
dirhash 1024 55 0 38 3 0 3 3 0 8 0
dino2pl 256 4508 0 2998 96 0 96 96 0 8 0
ffsino 240 4508 0 2998 90 0 90 90 0 8 0
nchpl 144 7437 0 5706 66 0 66 66 0 8 0
uvmvnodes 80 5701 0 0 117 0 117 117 0 8 0
vnodes 216 5701 0 0 317 0 317 317 0 8 0
namei 1024 27333 0 27333 3 0 3 3 0 8 3
vcpupl 2048 10 0 1 2 0 2 2 0 8 0
vmpool 664 14 0 5 1 0 1 1 0 8 0
kstatmem 264 140 0 118 2 0 2 2 0 8 0
scsiplug 72 1 0 1 1 0 1 1 0 8 1
scxspl 216 42324 0 42324 8 0 8 8 1 8 8
plimitpl 152 350 0 333 1 0 1 1 0 8 0
sigapl 424 2500 0 2434 8 0 8 8 0 8 0
futexpl 64 30710 0 30707 1 0 1 1 0 8 0
knotepl 120 23238 0 23155 11 0 11 11 0 8 8
kqueuepl 184 504 0 494 1 0 1 1 0 8 0
pipepl 288 435 0 407 3 0 3 3 0 8 0
fdescpl 432 2462 0 2436 4 0 4 4 0 8 0
filepl 120 14055 0 13808 12 0 12 12 0 8 3
lockfpl 104 567 0 565 1 0 1 1 0 8 0
lockfspl 48 230 0 228 1 0 1 1 0 8 0
sessionpl 144 58 0 42 1 0 1 1 0 8 0
pgrppl 48 83 0 67 1 0 1 1 0 8 0
ucredpl 104 2137 0 2124 1 0 1 1 0 8 0
zombiepl 144 2437 0 2434 1 0 1 1 0 8 0
processpl 1072 2500 0 2434 5 0 5 5 0 8 0
procpl 656 4627 0 4541 9 0 9 9 0 8 1
sosppl 168 26 0 26 1 0 1 1 0 8 1
sockpl 504 4136 0 4104 20 9 11 14 0 8 5
mcl64k 65536 46 0 46 1 0 1 1 0 8 1
mcl16k 16384 28 0 28 1 0 1 1 0 8 1
mcl12k 12288 56 0 56 1 0 1 1 0 8 1
mcl9k 9216 14 0 14 1 0 1 1 0 8 1
mcl8k 8192 104 0 104 1 0 1 1 0 8 1
mcl4k 4096 336 0 336 1 0 1 1 0 8 1
mcl2k2 2112 23 0 23 1 0 1 1 0 8 1
mcl2k 2048 28016 0 27917 64 44 20 54 0 8 7
mtagpl 96 134 0 75 2 0 2 2 0 8 0
mbufpl 256 67172 0 66848 128 97 31 68 0 8 8
bufpl 280 10389 0 3539 490 0 490 490 0 8 0
anonpl 24 428349 0 412530 112 0 112 112 0 188 12
amapchunkpl 152 65664 0 64951 45 0 45 45 0 158 16
amappl16 200 10488 0 9799 72 26 46 52 0 8 8
amappl15 192 18 0 18 1 0 1 1 0 8 1
amappl14 184 259 0 245 2 0 2 2 0 8 1
amappl13 176 9 0 8 1 0 1 1 0 8 0
amappl12 168 3634 0 3605 2 0 2 2 0 8 0
amappl11 160 73 0 62 1 0 1 1 0 8 0
amappl10 152 103 0 91 1 0 1 1 0 8 0
amappl9 144 134 0 133 1 0 1 1 0 8 0
amappl8 136 323 0 250 3 0 3 3 0 8 0
amappl7 128 55 0 40 1 0 1 1 0 8 0
amappl6 120 786 0 770 2 0 2 2 0 8 1
amappl5 112 330 0 318 1 0 1 1 0 8 0
amappl4 104 773 0 742 2 0 2 2 0 8 1
amappl3 96 13039 0 12954 3 0 3 3 0 8 0
amappl2 88 3056 0 2982 3 0 3 3 0 8 1
amappl1 80 19249 0 18757 22 3 19 22 0 8 8
amappl 88 19439 0 19231 6 0 6 6 0 92 0
dma4096 4096 1 0 1 1 0 1 1 0 8 1
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 0 1 1 0 8 1
dma128 128 253 0 253 1 0 1 1 0 8 1
dma64 64 6 0 6 1 0 1 1 0 8 1
dma32 32 7 0 7 1 0 1 1 0 8 1
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 139 0 9 3 0 3 3 0 8 0
uaddrrnd 24 2476 0 2441 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 2476 0 2441 1 0 1 1 0 8 0
vmmpekpl 168 20935 0 20879 3 0 3 3 0 8 0
vmmpepl 168 176703 0 174226 120 0 120 120 0 357 5
vmsppl 344 2475 0 2440 4 0 4 4 0 8 0
rwobjpl 24 54489 0 46974 47 0 47 47 0 8 0
pdppl 4096 4958 0 4889 226 153 73 78 0 8 4
pvpl 32 1100356 0 1078839 348 9 339 348 0 265 157
pmappl 216 2475 0 2440 3 0 3 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 694 0 319 12 0 12 12 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
km_free(0,1000,ffffffff82ae6c60,ffffffff82ae6c78) at km_free+0x128 sys/uvm/uvm_km.c:870
pool_p_free(ffffffff82d6ac88,fffffd8068120f90) at pool_p_free+0x14d sys/kern/subr_pool.c:1012
pool_put(ffffffff82d6ac88,fffffd805d980858) at pool_put+0x1e2 pool_wakeup sys/kern/subr_pool.c:821 [inline]
pool_put(ffffffff82d6ac88,fffffd805d980858) at pool_put+0x1e2 sys/kern/subr_pool.c:815
amap_wipeout(fffffd805d980858) at amap_wipeout+0x243 sys/uvm/uvm_amap.c:532
uvm_unmap_detach(ffff80002a5d5410,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
uvm_map_teardown(fffffd8069626d80) at uvm_map_teardown+0x27f sys/uvm/uvm_map.c:2556
uvmspace_free(fffffd8069626d80) at uvmspace_free+0x96 sys/uvm/uvm_map.c:3461
reaper(ffff80002a5d7c38) at reaper+0x15a sys/kern/kern_exit.c:463
end trace frame: 0x0, count: -8
ddb> machine ddbcpu 1
No such command
ddb> trace
km_free(0,1000,ffffffff82ae6c60,ffffffff82ae6c78) at km_free+0x128 sys/uvm/uvm_km.c:870
pool_p_free(ffffffff82d6ac88,fffffd8068120f90) at pool_p_free+0x14d sys/kern/subr_pool.c:1012
pool_put(ffffffff82d6ac88,fffffd805d980858) at pool_put+0x1e2 pool_wakeup sys/kern/subr_pool.c:821 [inline]
pool_put(ffffffff82d6ac88,fffffd805d980858) at pool_put+0x1e2 sys/kern/subr_pool.c:815
amap_wipeout(fffffd805d980858) at amap_wipeout+0x243 sys/uvm/uvm_amap.c:532
uvm_unmap_detach(ffff80002a5d5410,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
uvm_map_teardown(fffffd8069626d80) at uvm_map_teardown+0x27f sys/uvm/uvm_map.c:2556
uvmspace_free(fffffd8069626d80) at uvmspace_free+0x96 sys/uvm/uvm_map.c:3461
reaper(ffff80002a5d7c38) at reaper+0x15a sys/kern/kern_exit.c:463
end trace frame: 0x0, count: -8