uvm_fault(0xfffffd807cac25d8, 0x30, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at spec_getattr+159: movq 48(%rax),%rdi
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*485976 45422 0 0 0x4000000 0K syz-executor
spec_getattr(ffff80003c500998) at spec_getattr+159
VOP_GETATTR(fffffd8064778a40,ffff80003c500a10,fffffd80097fd750,ffff800037be1778) at VOP_GETATTR+136
fill_file(ffff8000015f5000,fffffd8074017280,ffff8000fffee220,3,0,ffff8000ffff09b8,2ef4f9d8cb11e11c,3,7ffffda) at fill_file+1500
sysctl_file(ffff80003c500e68,4,200000000100,ffff80003c500e98,ffff800037be1778) at sysctl_file+2007
kern_sysctl(ffff80003c500e64,5,200000000100,ffff80003c500e98,0,37,10f74b783e8bb36a) at kern_sysctl+313
sys_sysctl(ffff800037be1778,ffff80003c500fd0,ffff80003c500f20) at sys_sysctl+997
syscall(ffff80003c500fd0) at syscall+3028
Xsyscall() at Xsyscall+296
end of kernel
end trace frame: 0x4d09d940310, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu0: uvm_fault(0xfffffd807cac25d8, 0x30, 0, 1) -> e
ddb{0}> trace
spec_getattr(ffff80003c500998) at spec_getattr+159
VOP_GETATTR(fffffd8064778a40,ffff80003c500a10,fffffd80097fd750,ffff800037be1778) at VOP_GETATTR+136
fill_file(ffff8000015f5000,fffffd8074017280,ffff8000fffee220,3,0,ffff8000ffff09b8,2ef4f9d8cb11e11c,3,7ffffda) at fill_file+1500
sysctl_file(ffff80003c500e68,4,200000000100,ffff80003c500e98,ffff800037be1778) at sysctl_file+2007
kern_sysctl(ffff80003c500e64,5,200000000100,ffff80003c500e98,0,37,10f74b783e8bb36a) at kern_sysctl+313
sys_sysctl(ffff800037be1778,ffff80003c500fd0,ffff80003c500f20) at sys_sysctl+997
syscall(ffff80003c500fd0) at syscall+3028
Xsyscall() at Xsyscall+296
end of kernel
end trace frame: 0x4d09d940310, count: -8
ddb{0}> show registers
rdi 0
rsi 0
rbp 18446603337233074560
rbx 18446741326616037952
rdx 0
rcx 18446603337156401016
rax 0
r8 18446744073709551615
r9 0
r10 10310438192054009172
r11 8499024461920704523
r12 32768 __ALIGN_SIZE+28672
r13 18446603337233074704
r14 18446603337233074584
r15 18446741326616037952
rip 18446744071593061599 spec_getattr+159
cs 8
rflags 66118 __ALIGN_SIZE+62022
rsp 18446603337233074512
ss 16
spec_getattr+159: movq 48(%rax),%rdi
ddb{0}> show proc
PROC (syz-executor) tid=485976 pid=45422 tcnt=4 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=8, usrpri=86, slppri=8, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff800037be02b8,0xffff80003c476580
process=0xffff8000ffff3038 user=0xffff80003c4fc000, vmspace=0xfffffd807cac25d8
estcpu=36, cpticks=13, pctcpu=0.0, user=0, sys=13, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
76913 143668 28005 0 2 0 syz-executor
76913 477976 28005 0 3 0x4000080 ttyout syz-executor
76913 253526 28005 0 3 0x4000080 fsleep syz-executor
45422 282992 91064 0 2 0xc80 syz-executor
*45422 485976 91064 0 7 0x4000000 syz-executor
45422 218085 91064 0 3 0x4000080 fsleep syz-executor
45422 519176 91064 0 3 0x4000080 fsleep syz-executor
94737 264394 71261 0 3 0x80 nanoslp syz-executor
94737 154833 71261 0 3 0x4000000 tqbar syz-executor
94737 472792 71261 0 3 0x4000080 fsleep syz-executor
45821 33539 19253 0 3 0x80 nanoslp syz-executor
45821 381126 19253 0 3 0x4000080 nanoslp syz-executor
45821 240618 19253 0 3 0x4000080 fsleep syz-executor
45821 417749 19253 0 3 0x4000080 fsleep syz-executor
11548 127569 11128 0 3 0x400080 nanoslp syz-executor
11548 67058 11128 0 3 0x4400080 fsleep syz-executor
11548 290593 11128 0 3 0x4400080 sbwait syz-executor
11548 336561 11128 0 3 0x4400080 fsleep syz-executor
49302 13047 29465 0 3 0x3000 suspend syz-executor
49302 315918 29465 0 2 0x4081000 syz-executor
49302 213380 29465 0 3 0x4081000 fltagain2 syz-executor
88493 452650 0 0 3 0x14200 acct acct
46017 467985 1 0 3 0x100083 ttyopn getty
13347 114582 26276 0 2 0x2 syz-executor
28005 440242 26276 0 3 0x82 nanoslp syz-executor
11128 159925 26276 0 2 0xc82 syz-executor
71261 489349 26276 0 2 0xc82 syz-executor
29465 358780 26276 0 3 0x82 nanoslp syz-executor
91064 112969 26276 0 2 0xc82 syz-executor
19253 248170 26276 0 3 0x82 nanoslp syz-executor
14221 387579 26276 0 3 0x82 wait syz-executor
26276 285564 77964 0 3 0x82 kqread syz-executor
77964 237184 85119 0 3 0x10008a sigsusp ksh
85119 212998 13392 0 3 0x98 kqread sshd-session
13392 149306 21468 0 3 0x92 kqread sshd-session
21468 241546 1 0 3 0x88 kqread sshd
37046 249569 39304 74 3 0x1100092 bpf pflogd
39304 41363 1 0 3 0x80 sbwait pflogd
98183 68807 47377 73 3 0x1100090 kqread syslogd
47377 495316 1 0 3 0x100082 sbwait syslogd
19169 282655 1 0 2 0x100080 resolvd
79982 22492 83186 77 2 0x100092 dhcpleased
87914 465705 83186 77 3 0x100092 kqread dhcpleased
83186 208397 1 0 3 0x80 kqread dhcpleased
4338 232996 0 0 3 0x14200 bored smr
76136 110718 0 0 2 0x14200 zerothread
9176 289750 0 0 3 0x14200 aiodoned aiodoned
37303 250972 0 0 3 0x14200 syncer update
12741 343908 0 0 3 0x14200 cleaner cleaner
20690 442555 0 0 3 0x14200 reaper reaper
69342 133474 0 0 3 0x14200 pgdaemon pagedaemon
16816 288615 0 0 3 0x14200 bored viomb
32555 214405 0 0 3 0x40014200 acpi0 acpi0
77768 232409 0 0 7 0x40014200 idle1
85368 255277 0 0 3 0x14200 bored softnet1
90763 88798 0 0 2 0x14200 softnet0
94159 465203 0 0 3 0x14200 bored systqmp
74986 469981 0 0 3 0x14200 bored systq
80635 459672 0 0 3 0x14200 tmoslp softclockmp
94452 316022 0 0 3 0x40014200 tmoslp softclock
68863 357758 0 0 3 0x40014200 idle0
1 511103 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{0}> show all locks
Process 45422 (syz-executor) thread 0xffff800037be1778 (485976)
Process 94737 (syz-executor) thread 0xffff80002a262010 (154833)
Process 49302 (syz-executor) thread 0xffff80003c476fd0 (315918)
Process 13347 (syz-executor) thread 0xffff80002a262540 (114582)
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11116 12187K 13744K 166960K 17871 0
pcb 17 18K 20K 166960K 886 0
rtable 223 17K 17K 166960K 961 0
pf 39 18K 82K 166960K 405 0
ifaddr 35 7K 8K 166960K 249 0
ifgroup 59 2K 3K 166960K 435 0
sysctl 4 1K 9K 166960K 52 0
counters 72 37K 39K 166960K 630 0
ioctlops 0 0K 5K 166960K 2391 0
iov 0 0K 28K 166960K 200 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1512 95K 96K 166960K 4747 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 29 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 219 0
dirhash 12 2K 2K 166960K 69 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 17 61K 240K 166960K 3478 0
sigio 0 0K 0K 166960K 64 0
proc 72 115K 164K 166960K 1108 0
subproc 72 4K 4K 166960K 140 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 773 0
in_multi 56 4K 7K 166960K 321 0
ether_multi 1 0K 0K 166960K 34 0
mrt 1 0K 0K 166960K 43 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 253 1129K 1129K 166960K 253 0
exec 0 0K 1K 166960K 1037 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 5 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 276 171K 183K 166960K 32820 0
UVM aobj 128 26K 26K 166960K 144 0
pinsyscall 42 84K 104K 166960K 4773 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 1K 166960K 364 0
NDP 13 0K 2K 166960K 180 0
temp 87 8681K 8792K 166960K 179023 0
kqueue 15 24K 30K 166960K 608 0
SYN cache 2 8K 16K 166960K 3 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 398 0 395 5 4 1 3 0 8 0
rtentry 176 272 0 200 6 0 6 6 0 8 0
unpcb 144 2388 0 2365 16 12 4 6 0 8 3
syncache 336 11 0 11 4 3 1 1 0 8 1
tcpqe 32 3 0 3 2 2 0 1 0 8 0
tcpcb 736 1470 0 1466 39 30 9 10 0 8 8
arp 136 38 0 24 1 0 1 1 0 8 0
inpcb 328 4594 0 4582 34 25 9 12 0 8 7
nd6 152 55 0 39 1 0 1 1 0 8 0
pkpcb 40 35 0 35 5 4 1 1 0 8 1
kcovpl 48 15 0 7 1 0 1 1 0 8 0
mppekey 1024 1 0 1 1 1 0 1 0 8 0
ppxss 1192 239 0 239 3 2 1 1 0 8 1
pppxif 1504 14 0 14 5 4 1 1 0 8 1
pffrag 232 52 0 48 1 0 1 1 0 482 0
pffrnode 88 52 0 48 1 0 1 1 0 8 0
pffrent 40 122 0 118 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 2 0 2 2 2 0 1 0 8 0
pfstitem 24 1 0 0 1 0 1 1 0 8 0
pfstkey 128 4 0 3 2 1 1 1 0 8 0
pfstate 448 3 0 2 2 1 1 1 0 8 0
rttmr 136 8 0 8 6 6 0 1 0 8 0
art_heap8 4096 5 0 0 5 0 5 5 0 8 0
art_heap4 256 1307 0 1010 34 13 21 29 0 8 0
art_table 40 1312 0 1010 5 0 5 5 0 8 0
art_node 32 269 0 205 1 0 1 1 0 8 0
sysvmsgpl 40 16 0 9 1 0 1 1 0 8 0
semupl 112 5 0 5 4 4 0 1 0 8 0
semapl 112 217 0 207 1 0 1 1 0 8 0
shmpl 112 121 0 6 4 0 4 4 0 8 0
dirhash 1024 56 0 39 3 0 3 3 0 8 0
dino2pl 256 7871 0 6351 96 0 96 96 0 8 0
ffsino 296 7871 0 6351 119 1 118 118 0 8 0
nchpl 144 12524 0 10803 65 0 65 65 0 8 0
rtmask 32 38 0 38 6 5 1 1 0 8 1
vnodes 216 5007 0 0 279 0 279 279 0 8 0
namei 1024 46148 0 46147 5 4 1 2 0 8 0
percpumem 16 330 0 279 1 0 1 1 0 8 0
vcpupl 3968 11 0 1 2 0 2 2 0 8 0
vmpool 848 20 0 10 2 0 2 2 0 8 0
kstatmem 264 304 0 271 3 0 3 3 0 8 0
acpiwqpl 32 1 0 1 1 0 1 1 1 8 1
scsiplug 72 14 0 14 7 7 0 1 0 8 0
scxspl 216 102334 0 102334 12 11 1 8 1 8 1
plimitpl 152 1205 0 1186 1 0 1 1 0 8 0
sigapl 424 3804 0 3756 12 4 8 8 0 8 0
knotepl 120 878 0 0 24 1 23 23 0 8 0
kqueuepl 224 1613 0 1602 27 22 5 13 0 8 4
pipepl 344 481 0 453 6 3 3 6 0 8 0
fdescpl 528 3718 0 3687 3 0 3 3 0 8 0
filepl 160 27786 0 27547 39 23 16 18 0 8 4
lockfpl 104 1515 0 1513 3 2 1 2 0 8 0
lockfspl 48 456 0 454 1 0 1 1 0 8 0
sessionpl 144 37 0 28 1 0 1 1 0 8 0
pgrppl 48 169 0 152 1 0 1 1 0 8 0
ucredpl 104 5178 0 5164 1 0 1 1 0 8 0
zombiepl 144 3758 0 3756 1 0 1 1 0 8 0
processpl 1232 3804 0 3756 6 0 6 6 0 8 0
procpl 664 9202 0 9139 9 1 8 8 0 8 0
sosppl 176 19 0 19 5 4 1 1 0 8 1
sockpl 752 7633 0 7595 52 40 12 17 0 8 8
mcl64k 65536 21 0 0 3 1 2 3 0 8 0
mcl16k 16384 4 0 0 1 0 1 1 0 8 0
mcl12k 12288 2 0 0 1 0 1 1 0 8 0
mcl9k 9216 4 0 0 1 0 1 1 0 8 0
mcl8k 8192 8 0 0 1 0 1 1 0 8 0
mcl4k 4096 129 0 0 16 0 16 16 0 8 0
mcl2k2 2112 2 0 0 1 0 1 1 0 8 0
mcl2k 2048 81 0 0 8 0 8 8 0 8 0
mtagpl 96 22 0 0 1 0 1 1 0 8 0
mbufpl 256 4017 0 0 252 0 252 252 0 8 0
bufpl 280 43878 0 37742 439 0 439 439 0 8 0
anonpl 32 24049 0 0 195 1 194 194 0 246 0
amapchunkpl 152 114676 0 113958 71 31 40 42 0 158 9
amappl16 200 16159 0 15551 122 71 51 57 0 8 8
amappl15 192 6 0 6 1 1 0 1 0 8 0
amappl14 184 4 0 4 2 2 0 1 0 8 0
amappl13 176 511 0 510 1 0 1 1 0 8 0
amappl12 168 4149 0 4107 3 0 3 3 0 8 0
amappl11 160 6 0 5 2 1 1 1 0 8 0
amappl10 152 66 0 51 1 0 1 1 0 8 0
amappl9 144 253 0 252 2 1 1 1 0 8 0
amappl8 136 30 0 27 1 0 1 1 0 8 0
amappl7 128 115 0 113 1 0 1 1 0 8 0
amappl6 120 370 0 356 1 0 1 1 0 8 0
amappl5 112 80 0 68 1 0 1 1 0 8 0
amappl4 104 488 0 457 1 0 1 1 0 8 0
amappl3 96 20111 0 20009 4 1 3 3 0 8 0
amappl2 88 3846 0 3769 2 0 2 2 0 8 0
amappl1 80 23893 0 23301 14 0 14 14 0 8 0
amappl 88 31407 0 31212 5 0 5 5 0 92 0
uvmvnodes 80 223 0 0 5 0 5 5 0 8 0
dma65536 65536 1 0 1 1 1 0 1 0 8 0
dma32768 32768 1 0 1 1 1 0 1 0 8 0
dma16384 16384 1 0 1 1 1 0 1 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma2048 2048 1 0 1 1 1 0 1 0 8 0
dma1024 1024 2 0 1 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 254 0 254 2 2 0 1 0 8 0
dma64 64 8 0 8 2 2 0 1 0 8 0
dma32 32 8 0 8 2 2 0 1 0 8 0
dma16 16 19 0 18 1 0 1 1 0 8 0
aobjpl 72 143 0 16 3 0 3 3 0 8 0
uaddrrnd 24 3718 0 3687 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 3718 0 3687 1 0 1 1 0 8 0
vmmpekpl 168 27378 0 27322 3 0 3 3 0 8 0
vmmpepl 168 240496 0 237937 176 41 135 141 0 357 11
vmsppl 488 3717 0 3687 6 1 5 5 0 8 0
rwobjpl 80 63350 0 61454 63 14 49 49 0 8 2
pdppl 4096 7483 0 7404 132 51 81 85 0 8 2
pvpl 32 34283 0 0 275 0 275 275 0 265 0
pmappl 256 3737 0 3697 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 612 0 110 15 0 15 15 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
spec_getattr(ffff80003c500998) at spec_getattr+159
VOP_GETATTR(fffffd8064778a40,ffff80003c500a10,fffffd80097fd750,ffff800037be1778) at VOP_GETATTR+136
fill_file(ffff8000015f5000,fffffd8074017280,ffff8000fffee220,3,0,ffff8000ffff09b8,2ef4f9d8cb11e11c,3,7ffffda) at fill_file+1500
sysctl_file(ffff80003c500e68,4,200000000100,ffff80003c500e98,ffff800037be1778) at sysctl_file+2007
kern_sysctl(ffff80003c500e64,5,200000000100,ffff80003c500e98,0,37,10f74b783e8bb36a) at kern_sysctl+313
sys_sysctl(ffff800037be1778,ffff80003c500fd0,ffff80003c500f20) at sys_sysctl+997
syscall(ffff80003c500fd0) at syscall+3028
Xsyscall() at Xsyscall+296
end of kernel
end trace frame: 0x4d09d940310, count: -8
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+39: addq $8,%rsp
x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+39
x86_ipi_handler() at x86_ipi_handler+217
Xresume_lapic_ipi() at Xresume_lapic_ipi+39
acpicpu_idle() at acpicpu_idle+1111
sched_idle(ffff8000299ddff0) at sched_idle+913
end trace frame: 0x0, count: 10
ddb{1}> trace
x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+39
x86_ipi_handler() at x86_ipi_handler+217
Xresume_lapic_ipi() at Xresume_lapic_ipi+39
acpicpu_idle() at acpicpu_idle+1111
sched_idle(ffff8000299ddff0) at sched_idle+913
end trace frame: 0x0, count: -5