panic: vmxon failed Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 412791 80704 0 0x8000000 0x4000000 1 syz-executor.5 *241361 80704 0 0x8000000 0x4000000 0 syz-executor.5 db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82881e58) at panic+0x17b sys/kern/subr_prf.c:198 start_vmm_on_cpu(ffffffff82c74ff0) at start_vmm_on_cpu+0x1d3 sys/arch/amd64/amd64/vmm_machdep.c:1106 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 invept() at invept+0x14 vmm_start() at vmm_start+0x58 sys/arch/amd64/amd64/vmm_machdep.c:959 vmmioctl(a00,c2585601,ffff800000e41800,1,ffff80002a1cd9d0) at vmmioctl+0x1d3 sys/dev/vmm/vmm.c:235 VOP_IOCTL(fffffd806e466518,c2585601,ffff800000e41800,1,fffffd807f7d74e0,ffff80002a1cd9d0) at VOP_IOCTL+0x97 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806972bd10,c2585601,ffff800000e41800,ffff80002a1cd9d0) at vn_ioctl+0xc0 sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a1cd9d0,ffff80003738cc10,ffff80003738cb60) at sys_ioctl+0x4a9 syscall(ffff80003738cc10) at syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff80003738cc10) at syscall+0x8cf sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xef6acac0980, count: 2 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: vmxon failed ddb{0}> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82881e58) at panic+0x17b sys/kern/subr_prf.c:198 start_vmm_on_cpu(ffffffff82c74ff0) at start_vmm_on_cpu+0x1d3 sys/arch/amd64/amd64/vmm_machdep.c:1106 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 invept() at invept+0x14 vmm_start() at vmm_start+0x58 sys/arch/amd64/amd64/vmm_machdep.c:959 vmmioctl(a00,c2585601,ffff800000e41800,1,ffff80002a1cd9d0) at vmmioctl+0x1d3 sys/dev/vmm/vmm.c:235 VOP_IOCTL(fffffd806e466518,c2585601,ffff800000e41800,1,fffffd807f7d74e0,ffff80002a1cd9d0) at VOP_IOCTL+0x97 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806972bd10,c2585601,ffff800000e41800,ffff80002a1cd9d0) at vn_ioctl+0xc0 sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a1cd9d0,ffff80003738cc10,ffff80003738cb60) at sys_ioctl+0x4a9 syscall(ffff80003738cc10) at syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff80003738cc10) at syscall+0x8cf sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xef6acac0980, count: -13 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff80003738c540 rbx 0xffffffff82c75cbf cpu_info_full_primary+0x2cbf rdx 0 rcx 0xffff80002a1cd9d0 rax 0xffffffff82c74ff0 cpu_info_full_primary+0x1ff0 r8 0x101010101010101 r9 0x8080808080808080 r10 0x2c833f477c2dd5e1 r11 0x6cd8c821d9698d8 r12 0xffffffff82c75ac0 cpu_info_full_primary+0x2ac0 r13 0 r14 0 r15 0x1 rip 0xffffffff8226e7ac db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff80003738c530 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor.5) tid=241361 pid=80704 tcnt=3 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=59, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a1cca70,0xffff80002a216a70 process=0xffff8000ffff5648 user=0xffff800037387000, vmspace=0xfffffd806b5d6018 estcpu=9, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 85140 5008 37767 0 2 0x8000000 syz-executor.1 34415 202964 39813 0 2 0x8000000 syz-executor.3 34415 23195 39813 0 2 0xc000000 syz-executor.3 69111 338484 88395 0 2 0x8000000 syz-executor.6 69111 418390 88395 0 3 0xc000080 pipewr syz-executor.6 69111 18290 88395 0 3 0xc000080 pipewr syz-executor.6 80704 457743 5568 0 2 0x8000000 syz-executor.5 80704 412791 5568 0 7 0xc000000 syz-executor.5 *80704 241361 5568 0 7 0xc000000 syz-executor.5 67002 331651 70340 0 3 0x8000080 nanoslp syz-executor.4 67002 172665 70340 0 3 0xc000080 kqsel syz-executor.4 67002 188358 70340 0 3 0xc000080 fsleep syz-executor.4 81202 414398 81500 0 3 0x8000080 nanoslp syz-executor.7 81202 445842 81500 0 3 0xc000080 ttyopn syz-executor.7 81202 263037 81500 0 3 0xc000080 fsleep syz-executor.7 81202 89833 81500 0 3 0xc000080 fsleep syz-executor.7 88395 46184 21478 0 3 0x8000082 nanoslp syz-executor.6 81500 212172 21478 0 3 0x8000082 nanoslp syz-executor.7 5568 454259 21478 0 2 0x8000002 syz-executor.5 19539 284171 31404 0 3 0x18100082 netio arp 31404 465406 75636 0 3 0x810008a sigsusp sh 70340 269622 21478 0 3 0x8000082 nanoslp syz-executor.4 39813 142398 21478 0 3 0x8000082 nanoslp syz-executor.3 86501 67298 21478 0 3 0x8000082 nanoslp syz-executor.2 37767 348893 21478 0 3 0x8000082 nanoslp syz-executor.1 75636 103528 21478 0 3 0x8000082 wait syz-executor.0 21478 471582 34621 0 3 0x1a000082 wait syz-fuzzer 21478 325657 34621 0 3 0x1e000082 thrsleep syz-fuzzer 21478 288291 34621 0 3 0x1e000082 thrsleep syz-fuzzer 21478 495436 34621 0 3 0x1e000082 wait syz-fuzzer 21478 376388 34621 0 3 0x1e000082 wait syz-fuzzer 21478 237844 34621 0 3 0x1e000082 wait syz-fuzzer 21478 181742 34621 0 3 0x1e000082 wait syz-fuzzer 21478 343200 34621 0 3 0x1e000082 wait syz-fuzzer 21478 29200 34621 0 3 0x1e000082 wait syz-fuzzer 21478 473224 34621 0 3 0x1e000082 wait syz-fuzzer 21478 125233 34621 0 3 0x1e000082 thrsleep syz-fuzzer 21478 309172 34621 0 3 0x1e000082 thrsleep syz-fuzzer 21478 439249 34621 0 3 0x1e000082 kqread syz-fuzzer 21478 190217 34621 0 3 0x1e000082 thrsleep syz-fuzzer 21478 296068 34621 0 3 0x1e000082 thrsleep syz-fuzzer 34621 203292 54605 0 3 0x810008a sigsusp ksh 54605 334972 45422 0 3 0x1800009a kqread sshd 45115 503930 1 0 3 0x18100083 ttyin getty 45422 145153 1 0 3 0x18000088 kqread sshd 45160 129350 47089 74 3 0x19100092 bpf pflogd 47089 386167 1 0 3 0x18000080 sbwait pflogd 1674 55812 81541 73 3 0x19100090 kqread syslogd 81541 287261 1 0 3 0x18100082 sbwait syslogd 81783 338815 1 0 3 0x18100080 kqread resolvd 14969 55927 480 77 3 0x18100092 kqread dhcpleased 49783 108256 480 77 3 0x18100092 kqread dhcpleased 480 523506 1 0 3 0x18000080 kqread dhcpleased 74405 480966 0 0 3 0x14200 bored smr 21782 11983 0 0 2 0x14200 zerothread 4094 108170 0 0 3 0x14200 aiodoned aiodoned 56659 6225 0 0 3 0x14200 syncer update 11983 386760 0 0 3 0x14200 cleaner cleaner 57116 16594 0 0 3 0x14200 reaper reaper 77358 175666 0 0 3 0x14200 pgdaemon pagedaemon 65277 227458 0 0 3 0x14200 bored viomb 91234 14820 0 0 3 0x40014200 acpi0 acpi0 12200 209560 0 0 3 0x40014200 idle1 49829 365687 0 0 3 0x14200 bored softnet3 29010 67954 0 0 3 0x14200 bored softnet2 45921 505381 0 0 3 0x14200 bored softnet1 87355 188804 0 0 3 0x14200 bored softnet0 63409 386123 0 0 3 0x14200 bored systqmp 18537 434982 0 0 3 0x14200 bored systq 37853 112634 0 0 3 0x14200 tmoslp softclockmp 52799 118058 0 0 3 0x40014200 tmoslp softclock 40024 466526 0 0 3 0x40014200 idle0 1 96776 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10184 6603K 6603K 166960K 11273 0 pcb 18 12K 12K 166960K 20 0 rtable 220 6K 6K 166960K 328 0 pf 32 9K 10K 166960K 43 0 ifaddr 43 15K 15K 166960K 45 0 ifgroup 55 2K 2K 166960K 55 0 counters 64 36K 36K 166960K 64 0 ioctlops 2 2K 4K 166960K 1485 0 iov 0 0K 2K 166960K 2 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1368 86K 86K 166960K 1397 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 1K 166960K 2 0 VM map 2 1K 1K 166960K 2 0 sem 4 0K 0K 166960K 4 0 dirhash 12 2K 2K 166960K 15 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 18 65K 85K 166960K 159 0 proc 68 91K 115K 166960K 520 0 subproc 104 6K 6K 166960K 104 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 6 0 in_multi 89 6K 6K 166960K 89 0 ether_multi 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 55 254K 254K 166960K 55 0 exec 0 0K 1K 166960K 376 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 294 77K 78K 166960K 3831 0 UVM aobj 4 2K 2K 166960K 4 0 pinsyscall 43 86K 108K 166960K 1320 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 2 0K 0K 166960K 4 0 NDP 24 1K 1K 166960K 26 0 temp 33 6802K 6934K 166960K 4329 0 kqueue 13 20K 20K 166960K 25 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 32 0 28 1 0 1 1 0 8 0 rtentry 112 104 0 1 3 0 3 3 0 8 0 unpcb 144 63 0 42 1 0 1 1 0 8 0 syncache 336 4 0 4 1 0 1 1 0 8 1 tcpqe 32 10 0 10 1 1 0 1 0 8 0 tcpcb 808 18 0 13 1 0 1 1 0 8 0 arp 120 17 0 0 1 0 1 1 0 8 0 inpcb 392 96 0 86 2 0 2 2 0 8 0 nd6 136 21 0 0 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 18 0 0 1 0 1 1 0 8 0 pfstkey 128 18 0 0 1 0 1 1 0 8 0 pfstate 376 18 0 0 2 0 2 2 0 8 0 pfrule 1344 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 417 0 6 27 0 27 27 0 8 0 art_table 32 418 0 6 4 0 4 4 0 8 0 art_node 16 103 0 10 1 0 1 1 0 8 0 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 112 2 0 0 1 0 1 1 0 8 0 shmpl 112 1 0 0 1 0 1 1 0 8 0 dirhash 1024 19 0 2 3 0 3 3 0 8 0 dino2pl 256 1626 0 100 96 0 96 96 0 8 0 ffsino 272 1626 0 100 102 0 102 102 0 8 0 nchpl 144 1929 0 148 67 0 67 67 0 8 0 uvmvnodes 80 1750 0 0 36 0 36 36 0 8 0 vnodes 216 1750 0 0 98 0 98 98 0 8 0 namei 1024 6713 0 6713 2 0 2 2 0 8 2 percpumem 16 46 0 0 1 0 1 1 0 8 0 kstatmem 264 24 0 0 2 0 2 2 0 8 0 scxspl 216 7350 0 7350 3 2 1 2 1 8 1 plimitpl 152 41 0 24 1 0 1 1 0 8 0 sigapl 424 474 0 424 7 0 7 7 0 8 0 futexpl 64 415 0 412 1 0 1 1 0 8 0 knotepl 120 116 0 0 4 0 4 4 0 8 0 kqueuepl 216 26 0 14 1 0 1 1 0 8 0 pipepl 320 142 0 113 3 0 3 3 0 8 0 fdescpl 496 456 0 425 5 0 5 5 0 8 0 filepl 152 1960 0 1697 11 0 11 11 0 8 0 lockfpl 104 10 0 6 1 0 1 1 0 8 0 lockfspl 48 7 0 3 1 0 1 1 0 8 0 sessionpl 144 24 0 7 1 0 1 1 0 8 0 pgrppl 48 26 0 9 1 0 1 1 0 8 0 ucredpl 104 112 0 100 1 0 1 1 0 8 0 zombiepl 144 425 0 424 1 0 1 1 0 8 0 processpl 1136 474 0 424 4 0 4 4 0 8 0 procpl 656 532 0 458 7 0 7 7 0 8 0 srpgc 96 1 0 1 1 1 0 1 0 8 0 sockpl 664 192 0 157 4 0 4 4 0 8 0 mcl64k 65536 1 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 4 0 0 1 0 1 1 0 8 0 mcl2k 2048 315 0 0 40 0 40 40 0 8 0 mtagpl 96 3 0 0 1 0 1 1 0 8 0 mbufpl 256 336 0 0 21 0 21 21 0 8 0 bufpl 280 4455 0 190 305 0 305 305 0 8 0 anonpl 24 209413 0 203763 53 1 52 52 0 186 16 amapchunkpl 152 12718 0 12028 31 0 31 31 0 158 1 amappl16 200 5719 0 5630 5 0 5 5 0 8 0 amappl15 192 14 0 14 1 1 0 1 0 8 0 amappl14 184 189 0 174 2 0 2 2 0 8 1 amappl13 176 13 0 13 1 1 0 1 0 8 0 amappl12 168 1117 0 1084 4 1 3 3 0 8 1 amappl11 160 60 0 46 1 0 1 1 0 8 0 amappl10 152 47 0 36 1 0 1 1 0 8 0 amappl9 144 280 0 279 1 0 1 1 0 8 0 amappl8 136 192 0 155 2 0 2 2 0 8 0 amappl7 128 63 0 52 1 0 1 1 0 8 0 amappl6 120 325 0 309 2 0 2 2 0 8 1 amappl5 112 170 0 154 1 0 1 1 0 8 0 amappl4 104 568 0 525 2 0 2 2 0 8 0 amappl3 96 2799 0 2714 3 0 3 3 0 8 0 amappl2 88 860 0 782 4 0 4 4 0 8 2 amappl1 80 9889 0 9316 23 2 21 23 0 8 7 amappl 88 3288 0 3087 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 3 0 0 1 0 1 1 0 8 0 uaddrrnd 24 456 0 425 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 456 0 425 1 0 1 1 0 8 0 vmmpekpl 168 8714 0 8662 3 0 3 3 0 8 0 vmmpepl 168 50318 0 48310 118 0 118 118 0 357 29 vmsppl 440 455 0 425 5 1 4 4 0 8 0 rwobjpl 56 22212 0 19293 48 1 47 47 0 8 5 pdppl 4096 919 0 850 101 22 79 79 0 8 10 pvpl 32 45339 0 0 367 1 366 366 0 265 0 pmappl 248 455 0 425 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 401 0 24 11 0 11 11 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82881e58) at panic+0x17b sys/kern/subr_prf.c:198 start_vmm_on_cpu(ffffffff82c74ff0) at start_vmm_on_cpu+0x1d3 sys/arch/amd64/amd64/vmm_machdep.c:1106 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 invept() at invept+0x14 vmm_start() at vmm_start+0x58 sys/arch/amd64/amd64/vmm_machdep.c:959 vmmioctl(a00,c2585601,ffff800000e41800,1,ffff80002a1cd9d0) at vmmioctl+0x1d3 sys/dev/vmm/vmm.c:235 VOP_IOCTL(fffffd806e466518,c2585601,ffff800000e41800,1,fffffd807f7d74e0,ffff80002a1cd9d0) at VOP_IOCTL+0x97 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806972bd10,c2585601,ffff800000e41800,ffff80002a1cd9d0) at vn_ioctl+0xc0 sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a1cd9d0,ffff80003738cc10,ffff80003738cb60) at sys_ioctl+0x4a9 syscall(ffff80003738cc10) at syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff80003738cc10) at syscall+0x8cf sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xef6acac0980, count: -13 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp x86_ipi_db(ffff800029cebff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x41 sys/dev/kcov.c:164 vmmioctl(a00,c2585601,ffff800000e41c00,1,ffff80002a1cca70) at vmmioctl+0x1d3 sys/dev/vmm/vmm.c:235 VOP_IOCTL(fffffd806e466518,c2585601,ffff800000e41c00,1,fffffd807f7d74e0,ffff80002a1cca70) at VOP_IOCTL+0x97 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806972bd10,c2585601,ffff800000e41c00,ffff80002a1cca70) at vn_ioctl+0xc0 sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a1cca70,ffff800033f6e2d0,ffff800033f6e220) at sys_ioctl+0x4a9 syscall(ffff800033f6e2d0) at syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff800033f6e2d0) at syscall+0x8cf sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xef5c0af1200, count: 5 ddb{1}> trace x86_ipi_db(ffff800029cebff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x41 sys/dev/kcov.c:164 vmmioctl(a00,c2585601,ffff800000e41c00,1,ffff80002a1cca70) at vmmioctl+0x1d3 sys/dev/vmm/vmm.c:235 VOP_IOCTL(fffffd806e466518,c2585601,ffff800000e41c00,1,fffffd807f7d74e0,ffff80002a1cca70) at VOP_IOCTL+0x97 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806972bd10,c2585601,ffff800000e41c00,ffff80002a1cca70) at vn_ioctl+0xc0 sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002a1cca70,ffff800033f6e2d0,ffff800033f6e220) at sys_ioctl+0x4a9 syscall(ffff800033f6e2d0) at syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff800033f6e2d0) at syscall+0x8cf sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xef5c0af1200, count: -10