login: uvm_fault(0xfffffd806b7ea578, 0xf, 0, 1) -> e kernel: page fault trap, code=0 Stopped at ktrops+0x58: movq 0x10(%r14),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND * 15357 29447 0 0 0x4000000 0K syz-executor ktrops(ffff80002a4154b8,ffffffffffffffff,0,80000106,fffffd805f6a66d0,fffffd807f7d2680) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff80002a4154b8,ffffffffffffffff,0,80000106,fffffd805f6a66d0,fffffd807f7d2680) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd805f6a66d0,4,106,0,ffff80002a4154b8) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd805f6a66d0,4,106,0,ffff80002a4154b8) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff80002a4154b8,ffff80003c556650,ffff80003c5565a0) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80003c556650) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c556650) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x28fbdc1fb0, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xfffffd806b7ea578, 0xf, 0, 1) -> e ddb{0}> trace ktrops(ffff80002a4154b8,ffffffffffffffff,0,80000106,fffffd805f6a66d0,fffffd807f7d2680) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff80002a4154b8,ffffffffffffffff,0,80000106,fffffd805f6a66d0,fffffd807f7d2680) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd805f6a66d0,4,106,0,ffff80002a4154b8) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd805f6a66d0,4,106,0,ffff80002a4154b8) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff80002a4154b8,ffff80003c556650,ffff80003c5565a0) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80003c556650) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c556650) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x28fbdc1fb0, count: -5 ddb{0}> show registers rdi 0xffff80002a4154b8 rsi 0xffffffffffffffff rbp 0xffff80003c556370 rbx 0xfffffd807f7d2680 rdx 0 rcx 0xffff80002a4154b8 rax 0xffffffff837b0ff0 cpu_info_full_primary+0x1ff0 r8 0xfffffd805f6a66d0 r9 0xfffffd807f7d2680 r10 0xe9ca5e1001e1f6aa r11 0x2d73023631cef80c r12 0xffff80002a4154b8 r13 0xffffffffffffffff r14 0xffffffffffffffff r15 0x80000106 __kernel_virt_to_phys+0x106 rip 0xffffffff817fce98 ktrops+0x58 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c5562f0 ss 0 ktrops+0x58: movq 0x10(%r14),%r14 ddb{0}> show proc PROC (syz-executor) tid=15357 pid=29447 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a414558,0xffff80002a414048 process=0xffff8000ffff0028 user=0xffff80003c551000, vmspace=0xfffffd806b7ea578 estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 59379 496514 22380 0 2 0 syz-executor 59379 40417 22380 0 2 0x4000000 syz-executor 29447 375777 40003 0 2 0 syz-executor *29447 15357 40003 0 7 0x4000000 syz-executor 29447 280656 40003 0 2 0x4000000 syz-executor 53069 469342 66593 60928 2 0x10 syz-executor 53069 336166 66593 60928 3 0x4000090 fsleep syz-executor 93851 418897 71495 0 2 0 syz-executor 93851 51012 71495 0 3 0x4000080 fsleep syz-executor 86605 411674 5910 0 3 0x80 nanoslp syz-executor 86605 371993 5910 0 3 0x4000080 kqpoll syz-executor 86605 455104 5910 0 3 0x4000080 fsleep syz-executor 66173 518544 77124 0 2 0 syz-executor 66173 192864 77124 0 3 0x4000080 fifow syz-executor 66173 282790 77124 0 3 0x4000080 fsleep syz-executor 66173 276661 77124 0 3 0x4000080 fsleep syz-executor 94971 60516 27068 0 3 0x80 nanoslp syz-executor 94971 34175 27068 0 3 0x4000080 kqread syz-executor 94971 217429 27068 0 3 0x4000080 fsleep syz-executor 60800 404664 1 0 3 0x100083 ttyin getty 51517 416293 0 0 3 0x14280 nfsidl nfsio 59198 494513 0 0 3 0x14280 nfsidl nfsio 35278 230939 0 0 3 0x14280 nfsidl nfsio 59953 1464 0 0 3 0x14280 nfsidl nfsio 1381 228379 0 0 3 0x14280 nfsidl nfsio 38564 484782 0 0 3 0x14280 nfsidl nfsio 53671 399275 0 0 3 0x14280 nfsidl nfsio 54111 28403 0 0 3 0x14280 nfsidl nfsio 70919 319787 0 0 3 0x14280 nfsidl nfsio 916 214128 0 0 3 0x14280 nfsidl nfsio 81918 125261 0 0 3 0x14280 nfsidl nfsio 52008 438782 0 0 3 0x14280 nfsidl nfsio 77446 201636 0 0 3 0x14280 nfsidl nfsio 58578 505694 0 0 3 0x14280 nfsidl nfsio 26025 165990 0 0 3 0x14280 nfsidl nfsio 51621 174575 0 0 3 0x14280 nfsidl nfsio 92351 504078 0 0 3 0x14280 nfsidl nfsio 87176 273140 0 0 3 0x14280 nfsidl nfsio 21929 314422 0 0 3 0x14280 nfsidl nfsio 74733 416559 0 0 3 0x14280 nfsidl nfsio 3702 448167 0 0 3 0x14200 bored sosplice 71495 427082 11199 0 2 0x482 syz-executor 27068 141410 11199 0 2 0x482 syz-executor 22380 16316 11199 0 3 0x82 nanoslp syz-executor 40003 446573 11199 0 2 0x482 syz-executor 5910 385636 11199 0 3 0x82 nanoslp syz-executor 41476 59058 11199 0 3 0x82 wait syz-executor 77124 48834 11199 0 2 0x482 syz-executor 66593 463811 11199 0 3 0x82 nanoslp syz-executor 11199 222593 98829 0 3 0x82 kqread syz-executor 98829 481229 40250 0 3 0x10008a sigsusp ksh 40250 68006 94257 0 3 0x98 kqread sshd-session 94257 47649 73860 0 3 0x92 kqread sshd-session 73860 424732 1 0 3 0x88 kqread sshd 76205 118154 13287 74 3 0x1100092 bpf pflogd 13287 150256 1 0 3 0x80 sbwait pflogd 27499 453539 63726 73 3 0x1100090 kqread syslogd 63726 234819 1 0 3 0x100082 sbwait syslogd 63352 285373 1 0 3 0x100080 kqread resolvd 91554 40457 94433 77 3 0x100092 kqread dhcpleased 94269 297889 94433 77 3 0x100092 kqread dhcpleased 94433 162551 1 0 3 0x80 kqread dhcpleased 26919 421250 0 0 3 0x14200 bored smr 16731 108263 0 0 2 0x14200 zerothread 63267 330766 0 0 3 0x14200 aiodoned aiodoned 31198 286891 0 0 3 0x14200 syncer update 92868 241158 0 0 3 0x14200 cleaner cleaner 44048 154526 0 0 3 0x14200 reaper reaper 48819 115674 0 0 3 0x14200 pgdaemon pagedaemon 39367 377833 0 0 3 0x14200 bored viomb 70804 336113 0 0 3 0x40014200 acpi0 acpi0 32645 130862 0 0 7 0x40014200 idle1 25841 244845 0 0 3 0x14200 bored softnet3 75571 448105 0 0 3 0x14200 bored softnet2 45143 442170 0 0 3 0x14200 bored softnet1 39081 340888 0 0 3 0x14200 bored softnet0 59975 503565 0 0 3 0x14200 bored systqmp 39346 42368 0 0 3 0x14200 bored systq 96957 84906 0 0 3 0x14200 tmoslp softclockmp 274 416102 0 0 2 0x40014200 softclock 80401 399947 0 0 3 0x40014200 idle0 1 494406 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks Process 29447 (syz-executor) thread 0xffff80002a4154b8 (15357) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff839fc958) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 __mp_acquire_count+0x58 sys/kern/kern_lock.c:-1 #2 mi_switch+0x4b7 sys/kern/sched_bsd.c:441 #3 sleep_finish+0x24f sys/kern/kern_synch.c:412 #4 biowait+0xc1 sys/kern/vfs_bio.c:1246 #5 bwrite+0x2e5 sys/kern/vfs_bio.c:758 #6 ffs_update+0x34f sys/ufs/ffs/ffs_inode.c:111 #7 ffs_truncate+0xcb6 sys/ufs/ffs/ffs_inode.c:-1 #8 ufs_inactive+0x206 sys/ufs/ufs/ufs_inode.c:84 #9 VOP_INACTIVE+0x107 sys/kern/vfs_vops.c:495 #10 vrele+0x129 sys/kern/vfs_subr.c:845 #11 ktrsettrace+0xe7 sys/kern/kern_ktrace.c:122 #12 ktrops+0x271 sys/kern/kern_ktrace.c:573 #13 doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] #13 doktrace+0x6dd sys/kern/kern_ktrace.c:517 #14 sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 #15 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] #15 syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 #16 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10196 11039K 11475K 166960K 11935 0 pcb 18 12K 12K 166960K 150 0 rtable 208 9K 9K 166960K 420 0 pf 36 18K 22K 166960K 113 0 ifaddr 38 6K 7K 166960K 66 0 ifgroup 51 2K 2K 166960K 101 0 sysctl 4 1K 2K 166960K 7 0 counters 62 36K 36K 166960K 118 0 ioctlops 0 0K 4K 166960K 1675 0 iov 0 0K 16K 166960K 52 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1385 87K 88K 166960K 1872 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 13 0 VM map 2 1K 1K 166960K 2 0 sem 24 5K 5K 166960K 69 0 dirhash 15 2K 2K 166960K 21 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 85K 166960K 895 0 sigio 0 0K 0K 166960K 20 0 proc 72 91K 116K 166960K 647 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 117 0 in_multi 87 6K 7K 166960K 123 0 ether_multi 1 0K 0K 166960K 8 0 mrt 0 0K 0K 166960K 5 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 73 334K 334K 166960K 73 0 exec 0 0K 1K 166960K 504 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 264 160K 175K 166960K 9907 0 UVM aobj 22 2K 2K 166960K 23 0 pinsyscall 43 86K 102K 166960K 1987 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 37 0 NDP 11 0K 2K 166960K 46 0 temp 62 8690K 8754K 166960K 33420 0 kqueue 15 22K 32K 166960K 163 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 73 0 70 1 0 1 1 0 8 0 rtentry 168 122 0 33 5 0 5 5 0 8 0 unpcb 144 674 0 647 6 0 6 6 0 8 5 syncache 336 5 0 5 2 1 1 1 0 8 1 tcpqe 32 1 0 1 1 0 1 1 0 8 1 tcpcb 808 203 0 197 3 1 2 2 0 8 1 arp 120 21 0 6 1 0 1 1 0 8 0 inpcb 376 800 0 790 8 2 6 8 0 8 4 nd6 136 25 0 3 1 0 1 1 0 8 0 pkpcb 40 3 0 3 1 0 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1168 23 0 23 2 1 1 1 0 8 1 pfstscr 40 9 0 7 2 1 1 1 0 8 0 pffrag 232 5 0 0 1 0 1 1 0 482 0 pffrnode 88 4 0 0 1 0 1 1 0 8 0 pffrent 40 7 0 2 1 0 1 1 0 8 0 pfosfp 40 1429 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1429 0 714 21 0 21 21 0 8 0 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 pfanchor 1288 3 0 1 1 0 1 1 0 8 0 pfstitem 24 60 0 18 1 0 1 1 0 8 0 pfstkey 128 63 0 22 2 0 2 2 0 8 0 pfstate 376 60 0 20 5 0 5 5 0 8 0 pfrule 1344 31 0 21 2 1 1 2 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 494 0 92 29 0 29 29 0 8 1 art_table 32 497 0 92 4 0 4 4 0 8 0 art_node 16 121 0 42 1 0 1 1 0 8 0 sysvmsgpl 40 15 0 9 1 0 1 1 0 8 0 semapl 112 63 0 41 1 0 1 1 0 8 0 shmpl 112 20 0 1 1 0 1 1 0 8 0 dirhash 1024 24 0 4 3 0 3 3 0 8 0 dino2pl 256 2944 0 1440 95 0 95 95 0 8 0 ffsino 280 2944 0 1440 109 0 109 109 0 8 0 nchpl 144 4269 0 2577 64 0 64 64 0 8 0 rtmask 32 7 0 7 2 1 1 1 0 8 1 uvmvnodes 80 3316 0 0 68 0 68 68 0 8 0 vnodes 216 3316 0 0 185 0 185 185 0 8 0 namei 1024 15435 0 15435 2 1 1 2 0 8 1 percpumem 16 73 0 28 1 0 1 1 0 8 0 kstatmem 264 60 0 38 2 0 2 2 0 8 0 scsiplug 72 1 0 1 1 0 1 1 0 8 1 scxspl 216 13257 0 13257 9 4 5 8 1 8 5 plimitpl 152 312 0 295 1 0 1 1 0 8 0 sigapl 424 1225 0 1154 10 1 9 9 0 8 0 futexpl 64 12623 0 12617 1 0 1 1 0 8 0 knotepl 120 540 0 0 17 0 17 17 0 8 0 kqueuepl 216 257 0 244 2 0 2 2 0 8 0 pipepl 328 168 0 140 3 0 3 3 0 8 0 fdescpl 504 1178 0 1146 5 0 5 5 0 8 0 filepl 152 6982 0 6749 18 1 17 17 0 8 7 lockfpl 104 193 0 191 1 0 1 1 0 8 0 lockfspl 48 86 0 84 1 0 1 1 0 8 0 sessionpl 144 25 0 16 1 0 1 1 0 8 0 pgrppl 48 38 0 21 1 0 1 1 0 8 0 ucredpl 104 1213 0 1199 1 0 1 1 0 8 0 zombiepl 144 1155 0 1154 1 0 1 1 0 8 0 processpl 1176 1225 0 1154 6 0 6 6 0 8 0 procpl 656 2483 0 2400 8 0 8 8 0 8 0 srpgc 96 2 0 2 1 0 1 1 0 8 1 sosppl 168 5 0 5 1 0 1 1 0 8 1 sockpl 688 1562 0 1522 16 4 12 15 0 8 7 mcl64k 65536 5 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 2 0 0 1 0 1 1 0 8 0 mcl4k 4096 120 0 0 15 0 15 15 0 8 0 mcl2k 2048 33 0 0 4 0 4 4 0 8 0 mtagpl 96 17 0 0 1 0 1 1 0 8 0 mbufpl 256 1164 0 0 73 0 73 73 0 8 0 bufpl 280 3895 0 137 269 0 269 269 0 8 0 anonpl 24 175741 0 171153 72 7 65 65 0 184 27 amapchunkpl 152 31819 0 31209 32 0 32 32 0 158 7 amappl16 200 3293 0 3254 29 16 13 16 0 8 8 amappl15 192 7 0 6 1 0 1 1 0 8 0 amappl14 184 127 0 115 1 0 1 1 0 8 0 amappl13 176 24 0 24 1 1 0 1 0 8 0 amappl12 168 1817 0 1785 3 1 2 2 0 8 0 amappl11 160 53 0 39 1 0 1 1 0 8 0 amappl10 152 15 0 15 1 1 0 1 0 8 0 amappl9 144 253 0 253 1 1 0 1 0 8 0 amappl8 136 38 0 35 1 0 1 1 0 8 0 amappl7 128 108 0 95 1 0 1 1 0 8 0 amappl6 120 177 0 173 1 0 1 1 0 8 0 amappl5 112 121 0 112 1 0 1 1 0 8 0 amappl4 104 318 0 298 1 0 1 1 0 8 0 amappl3 96 6386 0 6261 4 0 4 4 0 8 0 amappl2 88 650 0 587 2 0 2 2 0 8 0 amappl1 80 11621 0 11016 17 2 15 15 0 8 0 amappl 88 9050 0 8859 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma32768 32768 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma512 512 1 0 1 1 0 1 1 0 8 1 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 2 1 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 22 0 1 1 0 1 1 0 8 0 uaddrrnd 24 1178 0 1146 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1178 0 1146 1 0 1 1 0 8 0 vmmpekpl 168 10869 0 10832 3 0 3 3 0 8 0 vmmpepl 168 78541 0 76481 107 6 101 102 0 357 7 vmsppl 456 1177 0 1146 6 1 5 5 0 8 1 rwobjpl 64 25186 0 20879 72 0 72 72 0 8 1 pdppl 4096 2364 0 2292 112 40 72 84 0 8 0 pvpl 32 18207 0 0 148 1 147 147 0 265 0 pmappl 248 1177 0 1146 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 356 0 47 9 0 9 9 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace ktrops(ffff80002a4154b8,ffffffffffffffff,0,80000106,fffffd805f6a66d0,fffffd807f7d2680) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff80002a4154b8,ffffffffffffffff,0,80000106,fffffd805f6a66d0,fffffd807f7d2680) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd805f6a66d0,4,106,0,ffff80002a4154b8) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd805f6a66d0,4,106,0,ffff80002a4154b8) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff80002a4154b8,ffff80003c556650,ffff80003c5565a0) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80003c556650) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c556650) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x28fbdc1fb0, count: -5 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffff800029a9bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu.c:1218 sched_idle(ffff800029a9bff0) at sched_idle+0x558 sys/kern/kern_sched.c:182 end trace frame: 0x0, count: 10 ddb{1}> trace x86_ipi_db(ffff800029a9bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu.c:1218 sched_idle(ffff800029a9bff0) at sched_idle+0x558 sys/kern/kern_sched.c:182 end trace frame: 0x0, count: -5