panic: rw_enter: vmmaplk locking against myself Stopped at db_enter+0xa: popq %rbp TID PID UID PRFLAGS PFLAGS CPU COMMAND *307710 23359 0 0x2 0 0 syz-executor1 db_enter() at db_enter+0xa panic() at panic+0x147 _rw_enter(0,ffff800014aa1d68) at _rw_enter+0x2fa uvmfault_lookup(1,ffffff00356cb220) at uvmfault_lookup+0x99 uvm_fault(ffff800014ad1790,ffff800014a9d000,0,6000118) at uvm_fault+0x6e pageflttrap() at pageflttrap+0x197 kerntrap(0) at kerntrap+0x7c alltraps_kern(6,42,6000100,0,0,1) at alltraps_kern+0x7b _bpf_mtap(ffff800000074340,1,ffff800000074340,ffffff003499bc00) at _bpf_mtap+0x68 bpf_mtap_ether(ffff800014aa21d0,42,ffff800000074340) at bpf_mtap_ether+0xeb ifiq_input(ffff800000171050,ffff800000171290,ffffff003499bc00) at ifiq_input+0x105 vio_rxeof(ffff800000171050) at vio_rxeof+0x220 vio_rx_intr(ffffffff) at vio_rx_intr+0x23 virtio_check_vqs(ffff80000001c300) at virtio_check_vqs+0x166 end trace frame: 0xffff800014aa22c8, count: 0 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> show panic rw_enter: vmmaplk locking against myself ddb> trace db_enter() at db_enter+0xa panic() at panic+0x147 _rw_enter(0,ffff800014aa1d68) at _rw_enter+0x2fa uvmfault_lookup(1,ffffff00356cb220) at uvmfault_lookup+0x99 uvm_fault(ffff800014ad1790,ffff800014a9d000,0,6000118) at uvm_fault+0x6e pageflttrap() at pageflttrap+0x197 kerntrap(0) at kerntrap+0x7c alltraps_kern(6,42,6000100,0,0,1) at alltraps_kern+0x7b _bpf_mtap(ffff800000074340,1,ffff800000074340,ffffff003499bc00) at _bpf_mtap+0x68 bpf_mtap_ether(ffff800014aa21d0,42,ffff800000074340) at bpf_mtap_ether+0xeb ifiq_input(ffff800000171050,ffff800000171290,ffffff003499bc00) at ifiq_input+0x105 vio_rxeof(ffff800000171050) at vio_rxeof+0x220 vio_rx_intr(ffffffff) at vio_rx_intr+0x23 virtio_check_vqs(ffff80000001c300) at virtio_check_vqs+0x166 intr_handler(0,ffff80000024b980) at intr_handler+0x3f Xintr_ioapic_edge19_untramp(0,ffffffff81b50a90,0,18041969,0,a) at Xintr_ioapic_edge19_untramp+0x19f Xspllower(ae487ec000,1,ffffff003f12a240,0,ffffffff81348301,ae487dc000) at Xspllower+0xc pmap_write_protect(ffffff002caa91a8,ffffff0031397d48,ae487dc000,1) at pmap_write_protect+0x328 uvm_mapent_forkcopy(ae487dc000,ffffff0031397370,ffffff00356cb430,10000,ffffff002caa91a8) at uvm_mapent_forkcopy+0x19d uvmspace_fork(ffff8000149fa960) at uvmspace_fork+0x1c9 process_new(ffffffff81a1f750,1,ffff800014ad1790) at process_new+0x1d9 fork1() at fork1+0x26d syscall(0) at syscall+0x3e4 Xsyscall(6,2,0,2,0,7f7ffffcf920) at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffcf8d0, count: -24 ddb> show registers rdi 0xffffffff81e22360 kprintf_mutex rsi 0x5 rbp 0xffff800014aa1b80 rbx 0xffff800014aa1c20 rdx 0x3fd rcx 0 rax 0x1 r8 0xffff800014aa1b50 r9 0x8080808080808080 r10 0xffff800014aa2388 r11 0xffffffff81550c30 x86_bus_space_io_read_1 r12 0x3000000008 r13 0xffff800014aa1b90 r14 0x100 r15 0xffffffff81c0ba78 apollo_udma33_tim+0x278a rip 0xffffffff81425d5a db_enter+0xa cs 0x8 rflags 0x202 rsp 0xffff800014aa1b80 ss 0x10 db_enter+0xa: popq %rbp ddb> show proc PROC (syz-executor1) pid=307710 stat=onproc flags process=2 proc=0 pri=81, usrpri=81, nice=20 forw=0xffffffffffffffff, list=0xffff800014ad04d0,0xffff800014ad0738 process=0xffff8000149fa960 user=0xffff800014a9d000, vmspace=0xffffff00356cb220 estcpu=31, cpticks=0, pctcpu=0.1 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 59961 344347 76114 0 3 0x82 netio sshd 48883 277392 63196 0 2 0x2 syz-executor0 *23359 307710 63196 0 7 0x2 syz-executor1 26393 262929 1 0 3 0x100083 ttyin getty 49012 80930 0 0 3 0x14200 bored sosplice 63196 515702 76471 0 3 0x82 thrsleep syz-fuzzer 63196 213031 76471 0 3 0x4000082 nanosleep syz-fuzzer 63196 296969 76471 0 3 0x4000082 thrsleep syz-fuzzer 63196 424934 76471 0 2 0x4000002 syz-fuzzer 63196 252116 76471 0 3 0x4000082 thrsleep syz-fuzzer 63196 183552 76471 0 3 0x4000082 thrsleep syz-fuzzer 63196 438253 76471 0 3 0x4000082 thrsleep syz-fuzzer 76471 109035 51628 0 3 0x10008a pause ksh 51628 477330 76114 0 3 0x92 select sshd 76114 199970 1 0 3 0x80 select sshd 89824 405661 41802 73 3 0x100090 kqread syslogd 41802 415429 1 0 3 0x100082 netio syslogd 39618 194209 1 77 3 0x100090 poll dhclient 99392 135723 1 0 3 0x80 poll dhclient 91654 53756 0 0 3 0x14200 pgzero zerothread 58662 27038 0 0 3 0x14200 aiodoned aiodoned 63053 476172 0 0 3 0x14200 syncer update 63125 130268 0 0 3 0x14200 cleaner cleaner 87618 411992 0 0 3 0x14200 reaper reaper 91680 292050 0 0 3 0x14200 pgdaemon pagedaemon 39401 323472 0 0 3 0x14200 bored crynlk 92278 3203 0 0 3 0x14200 bored crypto 79060 174491 0 0 3 0x40014200 acpi0 acpi0 91395 379484 0 0 3 0x14200 bored softnet 68546 455496 0 0 3 0x14200 bored systqmp 89133 190330 0 0 3 0x14200 bored systq 82814 199638 0 0 3 0x40014200 bored softclock 39740 188873 0 0 3 0x40014200 idle0 1 21314 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper