uvm_fault(0xfffffd806b8aa748, 0x18, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip ffffffff8129691e cs 8 rflags 10297 cr2 18 cpl 0 rsp ffff80003c9a2f00 gsbase 0xffffffff83752ff0 kgsbase 0x0 panic: trap type 6, code=0, pc=ffffffff8129691e Starting stack trace... panic(ffffffff8336a327) at panic+0x1ba sys/kern/subr_prf.c:229 kerntrap(ffff80003c9a2e50) at kerntrap+0x2fb alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b mtx_enter(18) at mtx_enter+0x6e sys/kern/kern_lock.c:335 clockintr_unbind(ffff800001492830,1) at clockintr_unbind+0x56 sys/kern/kern_clockintr.c:375 dt_ioctl_record_stop(ffff800001490000) at dt_ioctl_record_stop+0xbc sys/dev/dt/dt_dev.c:582 dtclose(11e5f,81,2000,ffff80003b95f4e8) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80003b95f4e8) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c9a3080) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd8067f24530,81,fffffd8007bfb7b8,ffff80003b95f4e8) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806b884ad8,ffff80003b95f4e8) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806b884ad8,ffff80003b95f4e8) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806b884ad8,ffff80003b95f4e8) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806b884ad8,ffff80003b95f4e8) at closef+0x190 sys/kern/kern_descrip.c:1264 syscall(ffff80003c9a32d0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9a32d0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb0e5aa14830, count: 243 End of stack trace. OpenBSD/amd64 (Amnesiac) (tty00) login: WARNING: SPL NOT LOWERED ON SYSCALL 11 -1 EXIT 0 3 Stopped at savectx+0xae: movl $0,%gs:0x688 TID PID UID PRFLAGS PFLAGS CPU COMMAND *294505 61183 0 0x2 0 0 syz-executor savectx() at savectx+0xae end of kernel end trace frame: 0x797c6d3c92c0, count: 14 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd806b8aa748, 0x18, 0, 1) -> e ddb> trace savectx() at savectx+0xae end of kernel end trace frame: 0x797c6d3c92c0, count: -1 ddb> show registers rdi 0 rsi 0 rbp 0xffff80002a8c93c0 rbx 0 rdx 0 rcx 0 rax 0x33 r8 0xffff80002a8c92f0 r9 0xffff80002a8c8fc8 r10 0xca4fd53987fc764f r11 0x9802d50f84679ee0 r12 0 r13 0 r14 0xffff80002a81f240 r15 0 rip 0xffffffff82b713ee savectx+0xae cs 0x8 rflags 0x46 rsp 0xffff80002a8c9340 ss 0x10 savectx+0xae: movl $0,%gs:0x688 ddb> show proc PROC (syz-executor) tid=294505 pid=61183 tcnt=1 stat=onproc flags process=2 proc=0 runpri=51, usrpri=51, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a81f4d8,0xffff80002a81ed20 process=0xffff80002a797608 user=0xffff80002a8c4000, vmspace=0xfffffd8009427000 estcpu=1, cpticks=2, pctcpu=0.1, user=0, sys=2, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 77087 385892 81892 0 2 0 syz-executor 77087 159030 81892 0 3 0x4000080 fsleep syz-executor 77087 489730 81892 0 3 0x4000080 fsleep syz-executor 77087 221433 81892 0 3 0x4000000 netlock syz-executor 85804 427965 61183 60929 2 0x10 syz-executor 85804 201359 61183 60929 3 0x4000090 pipewr syz-executor 85804 422448 61183 60929 3 0x4000090 fsleep syz-executor 85804 238350 61183 60929 3 0x4000090 fsleep syz-executor 3936 280205 45602 0 2 0 syz-executor 3936 263689 45602 0 2 0x4000000 syz-executor 3936 453855 45602 0 2 0x4000000 syz-executor 60912 417724 35487 0 2 0 syz-executor 60912 274906 35487 0 3 0x4000000 netlock syz-executor 60912 364673 35487 0 3 0x4000080 fsleep syz-executor 60772 14285 21498 0 2 0 syz-executor 60772 265203 21498 0 2 0x4000000 syz-executor 60772 293357 21498 0 3 0x4000080 fsleep syz-executor 78512 460104 35040 0 2 0 syz-executor 78512 446407 35040 0 3 0x4000080 lockf syz-executor 78512 164350 35040 0 3 0x4000080 lockf syz-executor 78512 140839 35040 0 2 0x4000000 syz-executor 78512 478039 35040 0 2 0x4000000 syz-executor 57596 96402 0 0 3 0x14200 bored sosplice 35487 466812 34265 0 2 0x3 syz-executor 35040 367353 34265 0 2 0x3 syz-executor 45602 208850 34265 0 2 0x3 syz-executor *61183 294505 34265 0 7 0x2 syz-executor 21498 12565 34265 0 2 0x3 syz-executor 81892 182787 34265 0 2 0x3 syz-executor 82084 183644 34265 0 3 0x82 wait syz-executor 54580 306606 34265 0 3 0x82 wait syz-executor 34265 130227 13222 0 2 0x3 syz-executor 13222 239849 90257 0 3 0x10008a sigsusp ksh 90257 251333 41760 0 3 0x98 kqread sshd-session 41760 430746 71685 0 3 0x92 kqread sshd-session 23654 353317 1 0 2 0x100003 getty 71685 201522 1 0 3 0x88 kqread sshd 46461 169578 32054 73 3 0x1100090 kqread syslogd 32054 112090 1 0 3 0x100082 sbwait syslogd 81418 226678 1 0 3 0x100080 kqread resolvd 97451 351595 87700 77 3 0x100092 kqread dhcpleased 87415 324266 87700 77 3 0x100092 kqread dhcpleased 87700 340438 1 0 3 0x80 kqread dhcpleased 66724 152123 0 0 3 0x14200 bored smr 76843 240379 0 0 2 0x14200 zerothread 96445 322545 0 0 3 0x14200 aiodoned aiodoned 1982 280182 0 0 2 0x14200 update 69762 46155 0 0 3 0x14200 cleaner cleaner 14286 247896 0 0 2 0x14200 reaper 76209 209721 0 0 3 0x14200 pgdaemon pagedaemon 34644 349408 0 0 3 0x14200 bored viomb 15989 374513 0 0 3 0x40014200 acpi0 acpi0 51969 240955 0 0 3 0x14200 bored softnet7 12704 65270 0 0 3 0x14200 bored softnet6 8711 297089 0 0 3 0x14200 bored softnet5 49606 140139 0 0 3 0x14200 bored softnet4 80922 307257 0 0 3 0x14200 bored softnet3 63579 211221 0 0 3 0x14200 bored softnet2 72678 279131 0 0 3 0x14200 bored softnet1 69199 300783 0 0 3 0x14200 netlock softnet0 34938 137935 0 0 3 0x14200 bored systqmp 35169 231440 0 0 3 0x14200 bored systq 90448 37113 0 0 3 0x40014200 netlock softclock 89929 437905 0 0 3 0x40014200 idle0 1 345799 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10186 11122K 11381K 166960K 11714 0 pcb 17 12K 12K 166960K 41 0 rtable 216 6K 7K 166960K 322 0 pf 31 13K 14K 166960K 46 0 ifaddr 42 7K 7K 166960K 49 0 ifgroup 50 2K 2K 166960K 63 0 sysctl 3 1K 9K 166960K 10 0 counters 32 17K 18K 166960K 39 0 ioctlops 0 0K 4K 166960K 45 0 iov 0 0K 20K 166960K 9 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1348 85K 85K 166960K 1467 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 3 0 VM map 2 1K 1K 166960K 2 0 sem 8 0K 1K 166960K 10 0 dirhash 12 2K 2K 166960K 15 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 89K 166960K 273 0 sigio 0 0K 0K 166960K 5 0 proc 63 67K 108K 166960K 488 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 275 0 in_multi 99 7K 7K 166960K 100 0 ether_multi 1 0K 0K 166960K 2 0 mrt 0 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 361 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 232 159K 166K 166960K 4029 0 UVM aobj 6 2K 2K 166960K 6 0 pinsyscall 37 74K 92K 166960K 1305 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 10 0 NDP 11 0K 2K 166960K 31 0 temp 43 8635K 8703K 166960K 12095 0 kqueue 13 20K 28K 166960K 49 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 115 0 112 3 2 1 3 0 8 0 rtentry 136 99 0 4 4 0 4 4 0 8 0 unpcb 144 228 0 212 1 0 1 1 0 8 0 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 42 0 35 1 0 1 1 0 8 0 arp 88 10 0 0 1 0 1 1 0 8 0 ipq 40 1 0 1 1 1 0 1 0 8 0 ipqe 40 3 0 3 1 1 0 1 0 8 0 inpcb 328 159 0 148 2 1 1 2 0 8 0 ip6q 72 1 0 0 1 0 1 1 0 8 0 ip6af 40 1 0 0 1 0 1 1 0 8 0 nd6 104 17 0 1 1 0 1 1 0 8 0 pkpcb 40 1 0 1 1 1 0 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 5 0 5 1 1 0 1 0 8 0 pppxif 1384 1 0 1 1 1 0 1 0 8 0 pfrule 1344 1 0 1 1 1 0 1 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 491 0 48 30 2 28 30 0 8 0 art_table 40 493 0 48 5 0 5 5 0 8 0 art_node 32 99 0 14 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 7 0 1 1 0 1 1 0 8 0 shmpl 112 3 0 0 1 0 1 1 0 8 0 dirhash 1024 19 0 2 3 0 3 3 0 8 0 dino2pl 256 1811 0 312 95 0 95 95 0 8 0 ffsino 256 1811 0 312 95 0 95 95 0 8 0 nchpl 144 2191 0 509 63 0 63 63 0 8 0 rtmask 32 1 0 1 1 1 0 1 0 8 0 uvmvnodes 80 1954 0 0 40 0 40 40 0 8 0 vnodes 216 1954 0 0 109 0 109 109 0 8 0 namei 1024 6891 0 6888 3 2 1 2 0 8 0 kstatmem 264 30 0 8 2 0 2 2 0 8 0 scsiplug 72 1 0 1 1 1 0 1 0 8 0 scxspl 216 7983 0 7981 15 7 8 8 1 8 7 plimitpl 152 213 0 195 1 0 1 1 0 8 0 sigapl 424 558 0 507 7 1 6 7 0 8 0 knotepl 120 8946 0 8899 17 15 2 17 0 8 0 kqueuepl 184 94 0 85 3 2 1 3 0 8 0 pipepl 304 107 0 79 3 0 3 3 0 8 0 fdescpl 448 537 0 509 5 1 4 5 0 8 0 filepl 120 2575 0 2357 13 5 8 13 0 8 1 lockfpl 104 151 0 145 1 0 1 1 0 8 0 lockfspl 48 40 0 37 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 29 0 13 1 0 1 1 0 8 0 ucredpl 104 319 0 307 1 0 1 1 0 8 0 zombiepl 144 518 0 516 1 0 1 1 0 8 0 processpl 1152 558 0 507 5 1 4 5 0 8 0 procpl 664 786 0 719 6 0 6 6 0 8 0 sosppl 168 1 0 1 1 1 0 1 0 8 0 sockpl 552 506 0 474 7 4 3 7 0 8 0 mcl64k 65536 5 0 5 1 1 0 1 0 8 0 mcl8k 8192 4 0 4 1 1 0 1 0 8 0 mcl4k 4096 2650 0 2598 15 8 7 15 0 8 0 mcl2k 2048 372 0 369 5 4 1 5 0 8 0 mtagpl 96 6 0 4 1 0 1 1 0 8 0 mbufpl 256 7824 0 7670 26 14 12 26 0 8 0 bufpl 280 3214 0 117 222 0 222 222 0 8 0 anonpl 24 91045 0 87894 32 10 22 32 0 187 0 amapchunkpl 152 11878 0 11386 26 4 22 25 0 158 1 amappl16 200 1139 0 1117 4 1 3 4 0 8 1 amappl15 192 2 0 2 1 1 0 1 0 8 0 amappl14 184 108 0 97 1 0 1 1 0 8 0 amappl13 176 6 0 6 1 1 0 1 0 8 0 amappl12 168 1153 0 1125 3 1 2 3 0 8 0 amappl11 160 44 0 34 1 0 1 1 0 8 0 amappl10 152 2 0 2 1 1 0 1 0 8 0 amappl9 144 256 0 256 1 1 0 1 0 8 0 amappl8 136 22 0 20 1 0 1 1 0 8 0 amappl7 128 97 0 87 1 0 1 1 0 8 0 amappl6 120 169 0 165 1 0 1 1 0 8 0 amappl5 112 109 0 103 1 0 1 1 0 8 0 amappl4 104 262 0 245 1 0 1 1 0 8 0 amappl3 96 2136 0 2025 4 0 4 4 0 8 0 amappl2 88 610 0 553 2 0 2 2 0 8 0 amappl1 80 8426 0 7871 14 2 12 14 0 8 0 amappl 88 3369 0 3202 6 1 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 5 0 0 1 0 1 1 0 8 0 uaddrrnd 24 537 0 509 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 537 0 509 1 0 1 1 0 8 0 vmmpekpl 168 5693 0 5663 2 0 2 2 0 8 0 vmmpepl 168 38905 0 37093 84 0 84 84 0 357 0 vmsppl 368 536 0 507 4 1 3 4 0 8 0 rwobjpl 40 14549 0 11728 29 0 29 29 0 8 0 pdppl 4096 1080 0 1014 90 24 66 78 0 8 0 pvpl 32 238272 0 230059 97 18 79 96 0 265 2 pmappl 216 536 0 507 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 381 0 62 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace savectx() at savectx+0xae end of kernel end trace frame: 0x797c6d3c92c0, count: -1 ddb> machine ddbcpu 1 No such command ddb> trace savectx() at savectx+0xae end of kernel end trace frame: 0x797c6d3c92c0, count: -1