uvm_fault(0xffffffff82eab428, 0x8, 0, 2) -> e kernel: page fault trap, code=2 Stopped at softclock+0xd7: movq %rcx,0x8(%rax) TID PID UID PRFLAGS PFLAGS CPU COMMAND softclock(0) at softclock+0xd7 sys/kern/kern_timeout.c:751 softintr_dispatch(0) at softintr_dispatch+0xfb sys/arch/amd64/amd64/softintr.c:90 Xsoftclock() at Xsoftclock+0x27 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffffffff82d27ff0) at sched_idle+0x41e sys/kern/kern_sched.c:183 end trace frame: 0x0, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xffffffff82eab428, 0x8, 0, 2) -> e ddb{0}> trace softclock(0) at softclock+0xd7 sys/kern/kern_timeout.c:751 softintr_dispatch(0) at softintr_dispatch+0xfb sys/arch/amd64/amd64/softintr.c:90 Xsoftclock() at Xsoftclock+0x27 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffffffff82d27ff0) at sched_idle+0x41e sys/kern/kern_sched.c:183 end trace frame: 0x0, count: -5 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff80002a102330 rbx 0xffffffff82e75320 timeout_todo rdx 0 rcx 0xffffffff82e75320 timeout_todo rax 0 r8 0 r9 0 r10 0x8e0b41e257c3c63e r11 0xc348d02ab7b43984 r12 0xffff80000002a080 r13 0xffffffff82d8b810 logsoftc+0x30 r14 0 r15 0xfffffd806ff80e78 rip 0xffffffff822e52d7 softclock+0xd7 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a1022f0 ss 0x10 softclock+0xd7: movq %rcx,0x8(%rax) ddb{0}> show proc PROC (idle0) tid=247749 pid=31278 tcnt=1 stat=onproc flags process=14000 proc=40000200 runpri=0, usrpri=50, slppri=0, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0x28702fe44c53403a, list=0xffff80002a0fcd38,0xffff80002a0fc000 process=0xffff8000ffffec60 user=0xffff80002a0fd000, vmspace=0xffffffff82eab428 estcpu=0, cpticks=42903, pctcpu=0.0, user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 9716 350270 85731 0 3 0x82 piperd syz-executor.2 19334 466933 85731 0 3 0x82 piperd syz-executor.6 43086 417407 85731 0 3 0x82 piperd syz-executor.4 18377 353610 85731 0 3 0x82 wait syz-executor.3 80766 375901 85731 0 3 0x82 piperd syz-executor.5 72985 441556 85731 0 3 0x82 piperd syz-executor.1 72910 118196 85731 0 3 0x82 piperd syz-executor.0 6621 361039 85731 0 3 0x82 piperd syz-executor.7 39201 284811 1 0 3 0x100083 ttyin getty 91559 291576 0 0 3 0x14280 nfsidl nfsio 48070 154893 0 0 3 0x14280 nfsidl nfsio 82433 230774 0 0 3 0x14280 nfsidl nfsio 91430 440462 0 0 3 0x14280 nfsidl nfsio 88124 479072 0 0 3 0x14280 nfsidl nfsio 81404 315505 0 0 3 0x14200 bored sosplice 85731 172547 50770 0 3 0x2000082 thrsleep syz-fuzzer 85731 403361 50770 0 3 0x6000082 thrsleep syz-fuzzer 85731 445856 50770 0 3 0x6000082 wait syz-fuzzer 85731 462105 50770 0 3 0x6000082 kqread syz-fuzzer 85731 234455 50770 0 3 0x6000082 thrsleep syz-fuzzer 85731 448609 50770 0 3 0x6000082 wait syz-fuzzer 85731 471235 50770 0 3 0x6000082 thrsleep syz-fuzzer 85731 499397 50770 0 3 0x6000082 thrsleep syz-fuzzer 85731 343700 50770 0 3 0x6000082 thrsleep syz-fuzzer 85731 113845 50770 0 3 0x6000082 wait syz-fuzzer 85731 399404 50770 0 3 0x6000082 thrsleep syz-fuzzer 85731 504544 50770 0 3 0x6000082 wait syz-fuzzer 85731 368591 50770 0 3 0x6000082 wait syz-fuzzer 85731 493397 50770 0 3 0x6000082 wait syz-fuzzer 85731 440108 50770 0 3 0x6000082 wait syz-fuzzer 85731 198734 50770 0 3 0x6000082 wait syz-fuzzer 50770 100071 34131 0 3 0x10008a sigsusp ksh 34131 476593 62803 0 3 0x9a kqread sshd 62803 415731 1 0 3 0x88 kqread sshd 768 208428 16188 74 3 0x1100092 bpf pflogd 16188 445739 1 0 3 0x80 netio pflogd 96081 463682 39531 73 3 0x1100090 kqread syslogd 39531 387915 1 0 3 0x100082 netio syslogd 87364 45552 1 0 3 0x100080 kqread resolvd 21717 414760 70212 77 3 0x100092 kqread dhcpleased 8455 168548 70212 77 3 0x100092 kqread dhcpleased 70212 415831 1 0 3 0x80 kqread dhcpleased 87251 193344 0 0 3 0x14200 bored smr 43121 421307 0 0 3 0x14200 pgzero zerothread 78128 19529 0 0 3 0x14200 aiodoned aiodoned 70574 366519 0 0 3 0x14200 syncer update 23115 439833 0 0 3 0x14200 cleaner cleaner 29850 78669 0 0 3 0x14200 reaper reaper 23378 153530 0 0 3 0x14200 pgdaemon pagedaemon 41050 135627 0 0 3 0x14200 bored viomb 67530 205474 0 0 3 0x40014200 acpi0 acpi0 52762 427296 0 0 7 0x40014200 idle1 86741 188282 0 0 3 0x14200 bored softnet3 86854 330100 0 0 3 0x14200 bored softnet2 49635 124486 0 0 3 0x14200 bored softnet1 41893 331890 0 0 3 0x14200 bored softnet0 721 225647 0 0 3 0x14200 bored systqmp 26138 351805 0 0 3 0x14200 bored systq 31421 124906 0 0 3 0x14200 tmoslp softclockmp 60219 113125 0 0 3 0x40014200 tmoslp softclock *31278 247749 0 0 7 0x40014200 idle0 1 481377 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks CPU 0: exclusive mutex /syzkaller/managers/multicore/kernel/sys/kern/kern_timeout.c:57 r = 0 (0xffffffff82d44540) #0 witness_lock+0x447 #1 mtx_enter_try+0x104 #2 mtx_enter+0x4f sys/kern/kern_lock.c:266 #3 softclock+0x31 sys/kern/kern_timeout.c:746 #4 softintr_dispatch+0xfb sys/arch/amd64/amd64/softintr.c:90 #5 Xsoftclock+0x27 #6 acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 #7 sched_idle+0x41e sys/kern/kern_sched.c:183 #8 proc_trampoline+0x10 Process 31278 (idle0) thread 0xffff80002a0fc7e8 (247749) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82e2a1d0) #0 witness_lock+0x447 #1 softintr_dispatch+0x52 sys/arch/amd64/amd64/softintr.c:88 #2 Xsoftclock+0x27 #3 acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 #4 sched_idle+0x41e sys/kern/kern_sched.c:183 #5 proc_trampoline+0x10 exclusive mutex /syzkaller/managers/multicore/kernel/sys/kern/kern_timeout.c:57 r = 0 (0xffffffff82d44540) #0 witness_lock+0x447 #1 mtx_enter_try+0x104 #2 mtx_enter+0x4f sys/kern/kern_lock.c:266 #3 softclock+0x31 sys/kern/kern_timeout.c:746 #4 softintr_dispatch+0xfb sys/arch/amd64/amd64/softintr.c:90 #5 Xsoftclock+0x27 #6 acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 #7 sched_idle+0x41e sys/kern/kern_sched.c:183 #8 proc_trampoline+0x10 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10228 6518K 14751K 166960K 40733 0 pcb 15 24K 28K 166960K 1238 0 rtable 228 15K 15K 166960K 3270 0 pf 36 10K 10K 166960K 379 0 ifaddr 46 17K 18K 166960K 350 0 ifgroup 63 2K 2K 166960K 595 0 sysctl 4 1K 1K 166960K 16 0 counters 68 36K 37K 166960K 360 0 ioctlops 0 0K 4K 166960K 2244 0 iov 0 0K 32K 166960K 1967 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1500 94K 94K 166960K 10311 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 225 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 1854 0 dirhash 12 2K 2K 166960K 108 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 11 37K 93K 166960K 16581 0 sigio 0 0K 0K 166960K 736 0 proc 73 91K 152K 166960K 2242 0 subproc 104 6K 6K 166960K 634 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1312 0 in_multi 92 7K 7K 166960K 834 0 ether_multi 1 0K 0K 166960K 26 0 mrt 1 0K 0K 166960K 10 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 229 1023K 1023K 166960K 229 0 exec 0 0K 1K 166960K 2590 0 pfkey data 0 0K 4K 166960K 51 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 532 670K 680K 166960K 160927 0 UVM aobj 131 4K 4K 166960K 135 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 448 0 NDP 14 0K 2K 166960K 274 0 temp 74 6772K 7412K 166960K 115549 0 kqueue 12 18K 28K 166960K 1299 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 1271 0 1268 18 17 1 3 0 8 0 rtentry 112 1000 0 896 6 2 4 4 0 8 1 unpcb 144 12798 0 12783 135 132 3 10 0 8 2 syncache 336 163 0 163 29 28 1 1 0 8 1 tcpqe 32 527 0 527 24 24 0 1 0 8 0 tcpcb 808 6078 0 6067 124 121 3 17 0 8 0 arp 120 225 0 206 1 0 1 1 0 8 0 inpcb 392 13653 0 13638 200 191 9 22 0 8 6 nd6 136 169 0 148 1 0 1 1 0 8 0 pkpcb 40 46 0 46 12 12 0 1 0 8 0 kcovpl 48 46 0 38 1 0 1 1 0 8 0 ppxss 1168 47 0 47 13 13 0 1 0 8 0 pffrag 232 138 0 135 2 1 1 1 0 482 0 pffrnode 88 136 0 133 2 1 1 1 0 8 0 pffrent 40 299 0 296 2 1 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 558 0 527 1 0 1 1 0 8 0 pfstkey 128 563 0 532 4 2 2 2 0 8 0 pfstate 376 563 0 532 17 13 4 6 0 8 0 pfrule 1344 21 0 16 2 1 1 2 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 3443 0 2995 51 22 29 31 0 8 0 art_table 32 3444 0 2995 4 0 4 4 0 8 0 art_node 16 972 0 879 1 0 1 1 0 8 0 sysvmsgpl 40 7 0 3 2 1 1 1 0 8 0 semapl 112 1842 0 1832 1 0 1 1 0 8 0 shmpl 112 132 0 4 4 0 4 4 0 8 0 dirhash 1024 81 0 64 3 0 3 3 0 8 0 dino2pl 256 22743 0 21246 94 0 94 94 0 8 0 ffsino 272 22743 0 21246 101 0 101 101 0 8 0 nchpl 144 44854 0 43203 64 0 64 64 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 147174 0 147174 10 9 1 2 0 8 1 percpumem 16 194 0 146 1 0 1 1 0 8 0 vcpupl 2048 232 0 0 29 0 29 29 0 8 0 vmpool 696 322 0 90 22 0 22 22 0 8 0 kstatmem 264 320 0 292 7 5 2 3 0 8 0 scxspl 216 135224 0 135224 41 40 1 8 1 8 1 plimitpl 152 1500 0 1484 1 0 1 1 0 8 0 sigapl 424 16874 0 16826 14 5 9 9 0 8 0 futexpl 64 140456 0 140456 2 1 1 1 0 8 1 knotepl 120 926 0 0 12 1 11 11 0 8 0 kqueuepl 216 3237 0 3229 54 49 5 5 0 8 4 pipepl 320 2919 0 2891 94 91 3 12 0 8 0 fdescpl 496 16814 0 16790 13 9 4 5 0 8 0 filepl 152 96103 0 95862 194 179 15 22 0 8 3 lockfpl 104 4671 0 4669 13 11 2 4 0 8 1 lockfspl 48 1465 0 1463 1 0 1 1 0 8 0 sessionpl 144 63 0 46 1 0 1 1 0 8 0 pgrppl 48 306 0 289 1 0 1 1 0 8 0 ucredpl 104 13706 0 13692 1 0 1 1 0 8 0 zombiepl 144 16827 0 16826 3 2 1 1 0 8 0 processpl 1136 16874 0 16826 6 1 5 6 0 8 0 procpl 680 44731 0 44668 15 7 8 10 0 8 0 srpgc 96 51 0 51 20 19 1 1 0 8 1 sosppl 168 190 0 190 22 21 1 1 0 8 1 sockpl 584 27864 0 27832 311 302 9 22 0 8 5 mcl64k 65536 32 0 0 3 0 3 3 0 8 0 mcl16k 16384 27 0 0 3 1 2 3 0 8 0 mcl12k 12288 17 0 0 2 0 2 2 0 8 0 mcl9k 9216 25 0 0 2 0 2 2 0 8 0 mcl8k 8192 18 0 0 3 0 3 3 0 8 0 mcl4k 4096 41 0 0 4 1 3 3 0 8 0 mcl2k2 2112 8 0 0 1 0 1 1 0 8 0 mcl2k 2048 609 0 0 52 17 35 37 0 8 0 mtagpl 96 862 0 0 13 2 11 13 0 8 0 mbufpl 256 9293 0 0 562 0 562 562 0 8 0 bufpl 280 28791 0 22471 452 0 452 452 0 8 0 anonpl 24 1796919 0 1783363 333 204 129 171 0 186 0 amapchunkpl 152 513464 0 512657 137 92 45 68 0 158 4 amappl16 200 33911 0 33195 155 114 41 44 0 8 1 amappl15 192 82 0 80 1 0 1 1 0 8 0 amappl14 184 317 0 297 3 1 2 2 0 8 0 amappl13 176 39 0 38 1 0 1 1 0 8 0 amappl12 168 18108 0 18075 4 2 2 3 0 8 0 amappl11 160 78 0 63 1 0 1 1 0 8 0 amappl10 152 94 0 75 1 0 1 1 0 8 0 amappl9 144 373 0 372 2 1 1 1 0 8 0 amappl8 136 920 0 759 7 1 6 6 0 8 0 amappl7 128 334 0 307 3 1 2 3 0 8 0 amappl6 120 932 0 917 1 0 1 1 0 8 0 amappl5 112 459 0 447 1 0 1 1 0 8 0 amappl4 104 991 0 957 2 1 1 2 0 8 0 amappl3 96 99400 0 99325 5 2 3 4 0 8 0 amappl2 88 18091 0 18010 6 4 2 3 0 8 0 amappl1 80 69984 0 69438 23 10 13 23 0 8 0 amappl 88 159563 0 159302 12 4 8 8 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 134 0 4 3 0 3 3 0 8 0 uaddrrnd 24 17136 0 16880 2 0 2 2 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 17136 0 16880 2 0 2 2 0 8 0 vmmpekpl 168 123754 0 123658 5 0 5 5 0 8 0 vmmpepl 168 1006388 0 1003618 715 546 169 172 0 357 30 vmsppl 448 17135 0 16880 34 4 30 30 0 8 1 rwobjpl 56 241335 0 233316 129 14 115 116 0 8 0 pdppl 4096 34279 0 33992 1033 740 293 299 0 8 6 pvpl 32 45653 0 0 369 0 369 369 0 265 0 pmappl 248 17135 0 16880 17 0 17 17 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 2478 0 1267 37 2 35 35 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace softclock(0) at softclock+0xd7 sys/kern/kern_timeout.c:751 softintr_dispatch(0) at softintr_dispatch+0xfb sys/arch/amd64/amd64/softintr.c:90 Xsoftclock() at Xsoftclock+0x27 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffffffff82d27ff0) at sched_idle+0x41e sys/kern/kern_sched.c:183 end trace frame: 0x0, count: -5 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp x86_ipi_db(ffff800029cebff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffff800029cebff0) at sched_idle+0x41e sys/kern/kern_sched.c:183 end trace frame: 0x0, count: 10 ddb{1}> trace x86_ipi_db(ffff800029cebff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffff800029cebff0) at sched_idle+0x41e sys/kern/kern_sched.c:183 end trace frame: 0x0, count: -5