uvm_fault(0xfffffd806c291e20, 0xf, 0, 1) -> e kernel: page fault trap, code=0 Stopped at ktrops+0x58: movq 0x10(%r14),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND *490352 84372 0 0 0x4000000 0 syz-executor ktrops(ffff800035912548,ffffffffffffffff,0,80000b1c,fffffd8063b7d028,fffffd8007bfb680) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff800035912548,ffffffffffffffff,0,80000b1c,fffffd8063b7d028,fffffd8007bfb680) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd8063b7d028,4,b1c,0,ffff800035912548) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd8063b7d028,4,b1c,0,ffff800035912548) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff800035912548,ffff80003c9699d0,ffff80003c969920) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80003c9699d0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9699d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1e2b9a93980, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd806c291e20, 0xf, 0, 1) -> e ddb> trace ktrops(ffff800035912548,ffffffffffffffff,0,80000b1c,fffffd8063b7d028,fffffd8007bfb680) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff800035912548,ffffffffffffffff,0,80000b1c,fffffd8063b7d028,fffffd8007bfb680) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd8063b7d028,4,b1c,0,ffff800035912548) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd8063b7d028,4,b1c,0,ffff800035912548) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff800035912548,ffff80003c9699d0,ffff80003c969920) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80003c9699d0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9699d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1e2b9a93980, count: -5 ddb> show registers rdi 0xffff800035912548 rsi 0xffffffffffffffff rbp 0xffff80003c9696f0 rbx 0xfffffd8007bfb680 rdx 0 rcx 0x80000b1c __kernel_virt_to_phys+0xb1c rax 0xffff800035912548 r8 0xfffffd8063b7d028 r9 0xfffffd8007bfb680 r10 0x6abc9979f14fd1b5 r11 0xe16c8b656c30e253 r12 0xffff800035912548 r13 0xffffffffffffffff r14 0xffffffffffffffff r15 0x80000b1c __kernel_virt_to_phys+0xb1c rip 0xffffffff8288d488 ktrops+0x58 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c969670 ss 0 ktrops+0x58: movq 0x10(%r14),%r14 ddb> show proc PROC (syz-executor) tid=490352 pid=84372 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000359134a8,0xffff80002a7bc2b8 process=0xffff8000ffff16c8 user=0xffff80003c964000, vmspace=0xfffffd806c291e20 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 89026 417804 12106 0 2 0x10 syz-executor 89026 339871 12106 0 3 0x4000090 fsleep syz-executor 84372 376065 43257 0 2 0 syz-executor 84372 339485 43257 0 3 0x4000080 fsleep syz-executor *84372 490352 43257 0 7 0x4000000 syz-executor 48343 277761 69802 0 2 0 syz-executor 48343 475873 69802 0 3 0x4000080 fsleep syz-executor 48343 305032 69802 0 3 0x4000080 fsleep syz-executor 24891 147521 3544 -1 2 0x10 syz-executor 24891 281906 3544 -1 3 0x4000090 fsleep syz-executor 90334 59390 93484 0 2 0 syz-executor 90334 234981 93484 0 3 0x4000080 fsleep syz-executor 52820 382739 32612 0 2 0 syz-executor 52820 302647 32612 0 3 0x4000080 fsleep syz-executor 22673 291356 0 0 3 0x14200 acct acct 43257 245259 14748 0 3 0x82 nanoslp syz-executor 69802 485807 14748 0 3 0x82 nanoslp syz-executor 93484 500149 14748 0 3 0x82 nanoslp syz-executor 93820 248705 14748 0 2 0x2 syz-executor 44015 446601 14748 0 2 0x2 syz-executor 32612 500547 14748 0 3 0x82 nanoslp syz-executor 12106 177042 14748 0 3 0x82 nanoslp syz-executor 3544 366003 14748 0 3 0x82 nanoslp syz-executor 11083 422158 0 0 3 0x14200 bored sosplice 14748 466244 3947 0 3 0x82 kqread syz-executor 3947 89356 3136 0 3 0x10008a sigsusp ksh 3136 85312 31348 0 3 0x98 kqread sshd-session 31348 500189 91851 0 3 0x92 kqread sshd-session 76515 319897 1 0 3 0x100083 ttyin getty 91851 405413 1 0 3 0x88 kqread sshd 28369 40184 12643 73 3 0x1100090 kqread syslogd 12643 327136 1 0 3 0x100082 sbwait syslogd 86763 239880 1 0 3 0x100080 kqread resolvd 31632 258372 36734 77 3 0x100092 kqread dhcpleased 5759 275738 36734 77 3 0x100092 kqread dhcpleased 36734 43899 1 0 3 0x80 kqread dhcpleased 40069 456483 0 0 3 0x14200 bored smr 25597 336745 0 0 2 0x14200 zerothread 86230 455335 0 0 3 0x14200 aiodoned aiodoned 94839 137623 0 0 3 0x14200 syncer update 56677 244510 0 0 3 0x14200 cleaner cleaner 35441 349515 0 0 3 0x14200 reaper reaper 20702 476128 0 0 3 0x14200 pgdaemon pagedaemon 20786 411157 0 0 3 0x14200 bored viomb 87203 496361 0 0 3 0x40014200 acpi0 acpi0 1714 34560 0 0 3 0x14200 bored softnet3 59641 46454 0 0 3 0x14200 bored softnet2 28048 24850 0 0 3 0x14200 bored softnet1 46207 345015 0 0 3 0x14200 bored softnet0 47127 499325 0 0 3 0x14200 bored systqmp 31572 119162 0 0 3 0x14200 bored systq 39393 13375 0 0 3 0x40014200 tmoslp softclock 51038 54534 0 0 3 0x40014200 idle0 1 416132 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10221 11333K 12177K 166960K 19720 0 pcb 50 16K 17K 166960K 941 0 rtable 181 10K 11K 166960K 1188 0 pf 37 14K 22K 166960K 381 0 ifaddr 33 6K 8K 166960K 249 0 ifgroup 57 2K 2K 166960K 461 0 sysctl 4 1K 9K 166960K 32 0 counters 33 17K 18K 166960K 375 0 ioctlops 0 0K 4K 166960K 1177 0 iov 0 0K 20K 166960K 408 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1637 103K 104K 166960K 6953 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 13K 166960K 91 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 223 0 dirhash 12 2K 2K 166960K 69 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 240K 166960K 4293 0 sigio 0 0K 0K 166960K 49 0 proc 61 59K 108K 166960K 1246 0 subproc 72 4K 4K 166960K 199 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 2 0K 0K 166960K 636 0 in_multi 64 4K 7K 166960K 379 0 ether_multi 1 0K 0K 166960K 24 0 mrt 1 0K 0K 166960K 16 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 157 705K 705K 166960K 157 0 exec 0 0K 1K 166960K 1332 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 10 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 216 159K 182K 166960K 36995 0 UVM aobj 119 13K 13K 166960K 141 0 pinsyscall 37 74K 94K 166960K 5653 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 259 0 NDP 12 0K 2K 166960K 187 0 temp 75 8688K 8944K 166960K 145726 0 kqueue 14 22K 36K 166960K 749 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 430 0 426 3 2 1 3 0 8 0 rtentry 136 355 0 284 4 0 4 4 0 8 0 unpcb 144 2658 0 2606 5 3 2 4 0 8 0 syncache 336 8 0 8 2 1 1 1 0 8 1 tcpqe 32 5 0 5 2 1 1 1 0 8 1 tcpcb 808 1434 0 1430 16 8 8 8 0 8 7 arp 88 60 0 46 1 0 1 1 0 8 0 ipq 40 9 0 8 1 0 1 1 0 8 0 ipqe 40 21 0 18 1 0 1 1 0 8 0 inpcb 328 4377 0 4336 12 5 7 7 0 8 3 ip6q 72 5 0 2 2 1 1 1 0 8 0 ip6af 40 7 0 4 2 1 1 1 0 8 0 nd6 104 87 0 69 1 0 1 1 0 8 0 pkpcb 40 25 0 25 3 2 1 1 0 8 1 kcovpl 48 22 0 14 1 0 1 1 0 8 0 ppxss 1072 284 0 284 2 1 1 1 0 8 1 pppxif 1384 85 0 85 2 1 1 1 0 8 1 pfstscr 40 8 0 8 2 1 1 1 0 8 1 pfrktable 1344 2 0 2 2 1 1 1 0 8 1 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstkey 128 11 0 11 2 1 1 1 0 8 1 pfstate 384 7 0 7 2 1 1 1 0 8 1 pfrule 1344 28 0 24 1 0 1 1 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 1475 0 1155 34 11 23 31 0 8 3 art_table 32 1477 0 1155 4 1 3 4 0 8 0 art_node 16 347 0 283 1 0 1 1 0 8 0 sysvmsgpl 40 12 0 6 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 211 0 201 1 0 1 1 0 8 0 shmpl 112 138 0 22 4 0 4 4 0 8 0 dirhash 1024 55 0 38 3 0 3 3 0 8 0 dino2pl 256 9409 0 7898 96 0 96 96 0 8 0 ffsino 248 9409 0 7898 96 0 96 96 0 8 0 nchpl 144 15256 0 14697 64 40 24 64 0 8 0 rtmask 32 16 0 16 2 1 1 1 0 8 1 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 57462 0 57461 4 3 1 2 0 8 0 kstatmem 264 280 0 256 4 1 3 3 0 8 1 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 14 0 14 2 1 1 1 0 8 1 scxspl 216 44373 0 44373 9 7 2 8 1 8 2 plimitpl 152 1109 0 1091 1 0 1 1 0 8 0 sigapl 424 4531 0 4485 8 1 7 8 0 8 0 knotepl 120 365463 0 365415 73 58 15 23 0 8 8 kqueuepl 184 1824 0 1812 7 3 4 4 0 8 3 pipepl 296 591 0 564 10 5 5 8 0 8 2 fdescpl 440 4484 0 4456 5 1 4 5 0 8 0 filepl 120 33412 0 33123 19 5 14 14 0 8 5 lockfpl 104 1316 0 1314 2 1 1 2 0 8 0 lockfspl 48 550 0 548 1 0 1 1 0 8 0 sessionpl 144 39 0 31 1 0 1 1 0 8 0 pgrppl 48 145 0 129 1 0 1 1 0 8 0 ucredpl 104 5740 0 5727 1 0 1 1 0 8 0 zombiepl 144 4485 0 4485 1 0 1 1 0 8 1 processpl 1160 4531 0 4485 5 0 5 5 0 8 0 procpl 656 10360 0 10306 8 2 6 8 0 8 0 sosppl 168 24 0 24 2 1 1 1 0 8 1 sockpl 528 7676 0 7572 14 6 8 10 0 8 1 mcl64k 65536 160 0 160 2 1 1 1 0 8 1 mcl16k 16384 4 0 4 2 1 1 1 0 8 1 mcl12k 12288 1 0 1 1 1 0 1 0 8 0 mcl9k 9216 39 0 39 2 1 1 1 0 8 1 mcl8k 8192 34 0 34 2 1 1 1 0 8 1 mcl4k 4096 7933 0 7877 17 7 10 15 0 8 2 mcl2k2 2112 30 0 30 3 2 1 1 0 8 1 mcl2k 2048 4375 0 4362 9 5 4 5 0 8 2 mtagpl 96 359 0 286 4 1 3 4 0 8 0 mbufpl 256 50423 0 50174 141 115 26 79 0 8 8 bufpl 280 11562 0 5335 445 0 445 445 0 8 0 anonpl 24 537799 0 531593 85 20 65 65 0 187 10 amapchunkpl 152 130831 0 130336 54 18 36 38 0 158 12 amappl16 200 10258 0 10105 43 21 22 22 0 8 7 amappl15 192 42 0 42 1 1 0 1 0 8 0 amappl14 184 180 0 170 1 0 1 1 0 8 0 amappl13 176 7 0 7 2 1 1 1 0 8 1 amappl12 168 5313 0 5285 3 1 2 3 0 8 0 amappl11 160 45 0 35 1 0 1 1 0 8 0 amappl10 152 8 0 7 1 0 1 1 0 8 0 amappl9 144 248 0 248 2 1 1 1 0 8 1 amappl8 136 22 0 20 1 0 1 1 0 8 0 amappl7 128 140 0 129 1 0 1 1 0 8 0 amappl6 120 329 0 325 1 0 1 1 0 8 0 amappl5 112 166 0 159 1 0 1 1 0 8 0 amappl4 104 349 0 332 1 0 1 1 0 8 0 amappl3 96 27405 0 27308 4 0 4 4 0 8 0 amappl2 88 849 0 789 2 0 2 2 0 8 0 amappl1 80 26199 0 25665 13 0 13 13 0 8 0 amappl 88 35231 0 35079 5 0 5 5 0 92 0 dma32768 32768 2 0 2 2 1 1 1 0 8 1 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 9 0 9 2 1 1 1 0 8 1 dma128 128 261 0 261 2 1 1 1 0 8 1 dma64 64 10 0 10 2 1 1 1 0 8 1 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 140 0 22 3 0 3 3 0 8 0 uaddrrnd 24 4484 0 4456 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 4484 0 4456 1 0 1 1 0 8 0 vmmpekpl 168 28469 0 28406 4 0 4 4 0 8 0 vmmpepl 168 274652 0 272697 112 7 105 105 0 357 6 vmsppl 360 4483 0 4456 4 1 3 4 0 8 0 rwobjpl 32 67744 0 60739 59 0 59 59 0 8 0 pdppl 4096 8975 0 8912 167 100 67 83 0 8 4 pvpl 32 1782367 0 1770726 205 48 157 157 0 265 28 pmappl 216 4483 0 4456 3 1 2 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 505 0 258 9 0 9 9 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ktrops(ffff800035912548,ffffffffffffffff,0,80000b1c,fffffd8063b7d028,fffffd8007bfb680) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff800035912548,ffffffffffffffff,0,80000b1c,fffffd8063b7d028,fffffd8007bfb680) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd8063b7d028,4,b1c,0,ffff800035912548) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd8063b7d028,4,b1c,0,ffff800035912548) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff800035912548,ffff80003c9699d0,ffff80003c969920) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80003c9699d0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9699d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1e2b9a93980, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ktrops(ffff800035912548,ffffffffffffffff,0,80000b1c,fffffd8063b7d028,fffffd8007bfb680) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff800035912548,ffffffffffffffff,0,80000b1c,fffffd8063b7d028,fffffd8007bfb680) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd8063b7d028,4,b1c,0,ffff800035912548) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd8063b7d028,4,b1c,0,ffff800035912548) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff800035912548,ffff80003c9699d0,ffff80003c969920) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80003c9699d0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9699d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1e2b9a93980, count: -5