uvm_fault(0xffffffff82a68708, 0x7f81d25a9a80, 0, 2) -> e
kernel: page fault trap, code=0
Stopped at pmap_page_remove+0x30d: xchgq %rax,0(%r15,%rcx,1)
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*381101 14894 0 0x14000 0x200 0 reaper
pmap_page_remove(fffffd8005f96080) at pmap_page_remove+0x30d _atomic_swap_64 machine/atomic.h:117 [inline]
pmap_page_remove(fffffd8005f96080) at pmap_page_remove+0x30d sys/arch/amd64/amd64/pmap.c:1959
uvm_anfree_list(fffffd80682b3690,ffff8000215ae1b8) at uvm_anfree_list+0x98
amap_wipeout(fffffd806f93ecc0) at amap_wipeout+0x1b1 sys/uvm/uvm_amap.c:504
uvm_unmap_detach(ffff8000215ae280,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1599
uvm_map_teardown(fffffd8072b0faa8) at uvm_map_teardown+0x232 sys/uvm/uvm_map.c:2791
uvmspace_free(fffffd8072b0faa8) at uvmspace_free+0x86 sys/uvm/uvm_map.c:3685
reaper(ffff8000ffffefc0) at reaper+0x15d sys/kern/kern_exit.c:454
end trace frame: 0x0, count: 8
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xffffffff82a68708, 0x7f81d25a9a80, 0, 2) -> e
ddb> trace
pmap_page_remove(fffffd8005f96080) at pmap_page_remove+0x30d _atomic_swap_64 machine/atomic.h:117 [inline]
pmap_page_remove(fffffd8005f96080) at pmap_page_remove+0x30d sys/arch/amd64/amd64/pmap.c:1959
uvm_anfree_list(fffffd80682b3690,ffff8000215ae1b8) at uvm_anfree_list+0x98
amap_wipeout(fffffd806f93ecc0) at amap_wipeout+0x1b1 sys/uvm/uvm_amap.c:504
uvm_unmap_detach(ffff8000215ae280,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1599
uvm_map_teardown(fffffd8072b0faa8) at uvm_map_teardown+0x232 sys/uvm/uvm_map.c:2791
uvmspace_free(fffffd8072b0faa8) at uvmspace_free+0x86 sys/uvm/uvm_map.c:3685
reaper(ffff8000ffffefc0) at reaper+0x15d sys/kern/kern_exit.c:454
end trace frame: 0x0, count: -7
ddb> show registers
rdi 0
rsi 0
rbp 0xffff8000215ae160
rbx 0
rdx 0
rcx 0x7f8000000000
rax 0
r8 0
r9 0xffff8000215ae158
r10 0x61bb8164f7d9b155
r11 0xb5cd7e6bba5f75b3
r12 0x7fbfc0000000
r13 0xfffffd806b2d7828
r14 0x800000007f7ce000
r15 0x1d25a9a80
rip 0xffffffff814184ed pmap_page_remove+0x30d
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff8000215ae0d0
ss 0x10
pmap_page_remove+0x30d: xchgq %rax,0(%r15,%rcx,1)
ddb> show proc
PROC (reaper) pid=381101 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=200<SYSTEM>
pri=4, usrpri=73, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffffe540,0xffff8000fffff270
process=0xffff8000ffffabc0 user=0xffff8000215a9000, vmspace=0xffffffff82a68708
estcpu=23, cpticks=5, pctcpu=10.50
user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
90274 94121 4665 0 2 0 syz-executor.3
48070 104028 15242 0 2 0 syz-executor.6
32773 431688 92688 0 2 0 syz-executor.0
32773 42354 92688 0 2 0x4000000 syz-executor.0
26069 3357 80830 0 2 0 syz-executor.7
26069 511245 80830 0 3 0x4000080 fsleep syz-executor.7
30767 73501 94859 0 2 0x2 syz-executor.5
53532 443215 94859 0 2 0x2 syz-executor.4
92688 327858 94859 0 3 0x82 nanoslp syz-executor.0
26266 49300 0 0 3 0x14280 nfsidl nfsio
4449 235382 0 0 3 0x14280 nfsidl nfsio
55512 305188 0 0 3 0x14280 nfsidl nfsio
78960 172443 0 0 3 0x14280 nfsidl nfsio
17473 456052 0 0 3 0x14280 nfsidl nfsio
21825 72459 0 0 3 0x14280 nfsidl nfsio
48155 306557 0 0 3 0x14280 nfsidl nfsio
84067 115487 0 0 3 0x14280 nfsidl nfsio
96323 278048 0 0 3 0x14280 nfsidl nfsio
92041 209941 0 0 3 0x14280 nfsidl nfsio
74460 283019 0 0 3 0x14280 nfsidl nfsio
89785 450244 0 0 3 0x14280 nfsidl nfsio
24062 352338 0 0 3 0x14280 nfsidl nfsio
4358 477162 0 0 3 0x14280 nfsidl nfsio
27664 154977 0 0 3 0x14280 nfsidl nfsio
18801 499970 0 0 3 0x14280 nfsidl nfsio
57962 432964 0 0 3 0x14280 nfsidl nfsio
782 267809 0 0 3 0x14280 nfsidl nfsio
20491 121967 0 0 3 0x14280 nfsidl nfsio
44537 363503 0 0 3 0x14280 nfsidl nfsio
11395 202639 0 0 3 0x14200 bored sosplice
80830 90372 94859 0 3 0x82 nanoslp syz-executor.7
15242 445004 94859 0 3 0x82 nanoslp syz-executor.6
4665 129997 94859 0 3 0x82 nanoslp syz-executor.3
30122 437915 94859 0 2 0x2 syz-executor.2
94859 505853 14132 0 3 0x82 thrsleep syz-fuzzer
94859 200515 14132 0 3 0x4000082 nanoslp syz-fuzzer
94859 352898 14132 0 3 0x4000082 thrsleep syz-fuzzer
94859 331438 14132 0 3 0x4000082 thrsleep syz-fuzzer
94859 401845 14132 0 3 0x4000082 thrsleep syz-fuzzer
94859 509325 14132 0 3 0x4000082 thrsleep syz-fuzzer
94859 318386 14132 0 3 0x4000082 thrsleep syz-fuzzer
94859 309213 14132 0 2 0x4000082 syz-fuzzer
94859 29148 14132 0 3 0x4000082 thrsleep syz-fuzzer
14132 336962 45606 0 3 0x10008a sigsusp ksh
45606 309812 22128 0 3 0x9a kqread sshd
7637 223558 1 0 3 0x100083 ttyin getty
22128 133643 1 0 3 0x88 kqread sshd
11937 374944 44647 73 2 0x1100010 syslogd
44647 258052 1 0 3 0x100082 netio syslogd
88734 363378 1 0 3 0x100080 kqread resolvd
81737 323577 75384 77 3 0x100092 kqread dhcpleased
19798 109737 75384 77 3 0x100092 kqread dhcpleased
75384 413417 1 0 3 0x80 kqread dhcpleased
71778 259639 0 0 3 0x14200 bored smr
28433 182782 0 0 2 0x14200 zerothread
96212 430841 0 0 3 0x14200 aiodoned aiodoned
33689 499822 0 0 3 0x14200 syncer update
6652 522973 0 0 3 0x14200 cleaner cleaner
*14894 381101 0 0 7 0x14200 reaper
42148 315051 0 0 3 0x14200 pgdaemon pagedaemon
2069 462939 0 0 3 0x14200 bored viomb
55546 477107 0 0 3 0x40014200 acpi0 acpi0
62769 86363 0 0 3 0x14200 bored softnet
47985 241901 0 0 3 0x14200 bored systqmp
86145 248345 0 0 3 0x14200 bored systq
31195 5329 0 0 3 0x40014200 bored softclock
79862 493717 0 0 3 0x40014200 idle0
1 57729 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10179 6407K 7122K 78643K 13985 0
pcb 13 10K 11K 78643K 104 0
rtable 217 6K 10K 78643K 591 0
ifaddr 78 16K 20K 78643K 227 0
counters 27 17K 17K 78643K 47 0
ioctlops 0 0K 4K 78643K 298 0
iov 0 0K 24K 78643K 163 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 5 0
vnodes 1335 83K 84K 78643K 2070 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 20 0
VM map 2 0K 0K 78643K 2 0
sem 12 0K 0K 78643K 507 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 13 45K 77K 78643K 1663 0
sigio 0 0K 0K 78643K 82 0
proc 62 59K 75K 78643K 638 0
subproc 91 5K 6K 78643K 156 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 51 0
in_multi 88 5K 7K 78643K 192 0
ether_multi 1 0K 0K 78643K 18 0
mrt 1 0K 0K 78643K 7 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 157 705K 705K 78643K 157 0
exec 0 0K 2K 78643K 930 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 230 219K 242K 78643K 10316 0
UVM aobj 77 3K 3K 78643K 83 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 62 0
NDP 11 0K 2K 78643K 55 0
temp 139 4752K 4816K 78643K 25432 0
kqueue 12 18K 28K 78643K 134 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 62 0 59 1 0 1 1 0 8 0
rtentry 112 167 0 66 4 0 4 4 0 8 0
unpcb 136 1166 0 1153 15 14 1 6 0 8 0
syncache 296 15 0 15 3 3 0 1 0 8 0
tcpqe 32 77 0 77 3 3 0 1 0 8 0
tcpcb 736 811 0 739 21 14 7 9 0 8 0
arp 88 27 0 11 1 0 1 1 0 8 0
inpcb 312 1427 0 1420 18 12 6 7 0 8 5
nd6 48 39 0 16 1 0 1 1 0 8 0
kcovpl 48 12 0 5 1 0 1 1 0 8 0
ppxss 1152 6 0 6 1 1 0 1 0 8 0
pfosfp 40 4 0 3 1 0 1 1 0 8 0
pfosfpen 112 4 0 3 1 0 1 1 0 8 0
pfrktable 1344 45 0 45 5 5 0 1 0 8 0
pftag 88 3 0 2 1 0 1 1 0 8 0
pfrule 1360 41 0 41 6 6 0 2 0 8 0
rttmrq 48 12 0 8 1 0 1 1 0 8 0
rttmr 72 2 0 2 1 0 1 1 0 8 1
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 646 0 226 29 0 29 29 0 8 0
art_table 32 647 0 226 4 0 4 4 0 8 0
art_node 16 166 0 74 1 0 1 1 0 8 0
sysvmsgpl 40 4 0 1 1 0 1 1 0 8 0
semupl 112 3 0 3 1 1 0 1 0 8 0
semapl 112 505 0 495 1 0 1 1 0 8 0
shmpl 112 80 0 6 3 0 3 3 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 3338 0 1903 90 0 90 90 0 8 0
ffsino 240 3338 0 1903 85 0 85 85 0 8 0
nchpl 144 5560 0 3925 63 0 63 63 0 8 0
uvmvnodes 80 4145 0 0 85 0 85 85 0 8 0
vnodes 224 4145 0 0 244 0 244 244 0 8 0
namei 1024 20200 0 20200 4 3 1 2 0 8 1
vcpupl 1984 11 0 1 2 0 2 2 0 8 0
vmpool 528 11 0 1 1 0 1 1 0 8 0
pfiaddrpl 120 19 0 19 5 5 0 1 0 8 0
kstatmem 264 62 0 40 3 1 2 3 0 8 0
scxspl 216 20521 0 20521 12 11 1 8 0 8 1
plimitpl 152 270 0 256 1 0 1 1 0 8 0
sigapl 424 1951 0 1892 10 2 8 8 0 8 0
futexpl 64 15772 0 15771 4 3 1 1 0 8 0
knotepl 120 30036 0 29956 21 16 5 17 0 8 0
kqueuepl 184 397 0 389 6 5 1 4 0 8 0
pipepl 304 544 0 516 13 10 3 8 0 8 0
fdescpl 432 1917 0 1893 4 0 4 4 0 8 0
filepl 120 12236 0 12019 19 9 10 14 0 8 2
lockfpl 104 417 0 415 3 2 1 2 0 8 0
lockfspl 48 71 0 69 1 0 1 1 0 8 0
sessionpl 144 27 0 11 1 0 1 1 0 8 0
pgrppl 48 29 0 13 1 0 1 1 0 8 0
ucredpl 96 717 0 707 1 0 1 1 0 8 0
zombiepl 144 1893 0 1892 1 0 1 1 0 8 0
processpl 1000 1951 0 1892 8 0 8 8 0 8 0
procpl 672 4349 0 4280 10 3 7 8 0 8 0
sosppl 168 3 0 3 1 1 0 1 0 8 0
sockpl 448 2658 0 2635 50 39 11 18 0 8 8
mcl64k 65536 31 0 31 4 4 0 1 0 8 0
mcl16k 16384 6 0 6 4 4 0 1 0 8 0
mcl12k 12288 16 0 16 5 5 0 1 0 8 0
mcl9k 9216 55 0 55 4 4 0 1 0 8 0
mcl8k 8192 61 0 61 3 3 0 1 0 8 0
mcl4k 4096 202 0 202 6 6 0 1 0 8 0
mcl2k2 2112 8 0 8 3 3 0 1 0 8 0
mcl2k 2048 73935 0 73885 15 7 8 11 0 8 0
mtagpl 96 362 0 143 7 1 6 6 0 8 0
mbufpl 256 126969 0 126559 31 4 27 27 0 8 0
bufpl 288 7181 0 777 458 0 458 458 0 8 0
anonpl 24 356882 0 341718 136 21 115 134 0 188 1
amapchunkpl 152 41880 0 41321 43 17 26 38 0 158 0
amappl16 200 4955 0 4306 49 13 36 47 0 8 1
amappl15 192 424 0 423 1 0 1 1 0 8 0
amappl14 184 370 0 364 1 0 1 1 0 8 0
amappl13 176 148 0 146 1 0 1 1 0 8 0
amappl12 168 407 0 401 2 1 1 1 0 8 0
amappl11 160 448 0 430 1 0 1 1 0 8 0
amappl10 152 18 0 16 1 0 1 1 0 8 0
amappl9 144 612 0 605 1 0 1 1 0 8 0
amappl8 136 617 0 566 2 0 2 2 0 8 0
amappl7 128 120 0 109 1 0 1 1 0 8 0
amappl6 120 344 0 326 2 1 1 2 0 8 0
amappl5 112 840 0 830 1 0 1 1 0 8 0
amappl4 104 1743 0 1709 2 1 1 2 0 8 0
amappl3 96 5185 0 5150 3 1 2 2 0 8 1
amappl2 88 2499 0 2439 3 1 2 3 0 8 0
amappl1 80 46912 0 46371 19 5 14 19 0 8 0
amappl 88 9748 0 9616 4 0 4 4 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 82 0 6 2 0 2 2 0 8 0
uaddrrnd 24 1928 0 1894 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1928 0 1894 1 0 1 1 0 8 0
vmmpekpl 168 17616 0 17560 3 0 3 3 0 8 0
vmmpepl 168 187503 0 185183 161 31 130 135 0 357 11
vmsppl 272 1927 0 1893 5 2 3 3 0 8 0
rwobjpl 24 49657 0 43904 37 1 36 36 0 8 0
pdppl 4096 3862 0 3796 190 118 72 75 0 8 6
pvpl 32 802216 0 783819 271 63 208 230 0 265 20
pmappl 216 1927 0 1893 3 0 3 3 0 8 0
extentpl 40 58 0 38 1 0 1 1 0 8 0
phpool 112 1026 0 224 24 0 24 24 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
pmap_page_remove(fffffd8005f96080) at pmap_page_remove+0x30d _atomic_swap_64 machine/atomic.h:117 [inline]
pmap_page_remove(fffffd8005f96080) at pmap_page_remove+0x30d sys/arch/amd64/amd64/pmap.c:1959
uvm_anfree_list(fffffd80682b3690,ffff8000215ae1b8) at uvm_anfree_list+0x98
amap_wipeout(fffffd806f93ecc0) at amap_wipeout+0x1b1 sys/uvm/uvm_amap.c:504
uvm_unmap_detach(ffff8000215ae280,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1599
uvm_map_teardown(fffffd8072b0faa8) at uvm_map_teardown+0x232 sys/uvm/uvm_map.c:2791
uvmspace_free(fffffd8072b0faa8) at uvmspace_free+0x86 sys/uvm/uvm_map.c:3685
reaper(ffff8000ffffefc0) at reaper+0x15d sys/kern/kern_exit.c:454
end trace frame: 0x0, count: -7
ddb> machine ddbcpu 1
No such command
ddb> trace
pmap_page_remove(fffffd8005f96080) at pmap_page_remove+0x30d _atomic_swap_64 machine/atomic.h:117 [inline]
pmap_page_remove(fffffd8005f96080) at pmap_page_remove+0x30d sys/arch/amd64/amd64/pmap.c:1959
uvm_anfree_list(fffffd80682b3690,ffff8000215ae1b8) at uvm_anfree_list+0x98
amap_wipeout(fffffd806f93ecc0) at amap_wipeout+0x1b1 sys/uvm/uvm_amap.c:504
uvm_unmap_detach(ffff8000215ae280,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1599
uvm_map_teardown(fffffd8072b0faa8) at uvm_map_teardown+0x232 sys/uvm/uvm_map.c:2791
uvmspace_free(fffffd8072b0faa8) at uvmspace_free+0x86 sys/uvm/uvm_map.c:3685
reaper(ffff8000ffffefc0) at reaper+0x15d sys/kern/kern_exit.c:454
end trace frame: 0x0, count: -7