uvm_fault(0xfffffd806ee0d458, 0x0, 0, 1) -> e kernel: page fault trap, code=0 Stopped at socreate+0x84: cmpq $0,0(%rax) TID PID UID PRFLAGS PFLAGS CPU COMMAND * 54093 9836 0 0 0x4000000 0 syz-executor.7 241305 59953 0 0x2 0x480 1 syz-executor.0 socreate(18,ffff800022658468,0,29) at socreate+0x84 sys/kern/uipc_socket.c:172 sys_socket(ffff8000ffff62b0,ffff8000226584f8,ffff800022658550) at sys_socket+0xd8 sys/kern/uipc_syscalls.c:96 syscall(ffff8000226585c0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff8000226585c0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdc432faaa50, count: 11 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xfffffd806ee0d458, 0x0, 0, 1) -> e ddb{0}> trace socreate(18,ffff800022658468,0,29) at socreate+0x84 sys/kern/uipc_socket.c:172 sys_socket(ffff8000ffff62b0,ffff8000226584f8,ffff800022658550) at sys_socket+0xd8 sys/kern/uipc_syscalls.c:96 syscall(ffff8000226585c0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff8000226585c0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdc432faaa50, count: -4 ddb{0}> show registers rdi 0xffff80002c94d000 rsi 0x17 rbp 0xffff800022658450 rbx 0x18 rdx 0xffff80002c94d000 rcx 0x16 rax 0 r8 0xffffffff811cfb80 uvm_map_inentry_pc r9 0x14 r10 0 r11 0x7902be3d632ddd6c r12 0xffff800022658468 r13 0xffffffff82675e40 inet6sw r14 0 r15 0x29 rip 0xffffffff81b8f4e4 socreate+0x84 cs 0x8 rflags 0x10282 __ALIGN_SIZE+0xf282 rsp 0xffff8000226583f0 ss 0x10 socreate+0x84: cmpq $0,0(%rax) ddb{0}> show proc PROC (syz-executor.7) pid=54093 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff80002c93afc0,0xffff8000ffff3cf8 process=0xffff8000fffee580 user=0xffff800022653000, vmspace=0xfffffd806ee0d458 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 48499 340008 27944 0 2 0 syz-executor.4 48499 383874 27944 0 3 0x4000080 fsleep syz-executor.4 48499 309720 27944 0 3 0x4000080 fsleep syz-executor.4 48499 254888 27944 0 3 0x4000080 fsleep syz-executor.4 75697 139644 31350 0 2 0 syz-executor.1 75697 164160 31350 0 2 0x4000000 syz-executor.1 75697 190995 31350 0 3 0x4000080 fsleep syz-executor.1 75697 331416 31350 0 2 0x4000000 syz-executor.1 9836 206621 77168 0 2 0 syz-executor.7 * 9836 54093 77168 0 7 0x4000000 syz-executor.7 68529 153618 59953 0 2 0 syz-executor.0 68529 140869 59953 0 2 0x4000000 syz-executor.0 77710 14780 17648 0 3 0x80 nanoslp syz-executor.6 77710 17980 17648 0 3 0x4000080 fsleep syz-executor.6 77710 137388 17648 0 2 0x4000000 syz-executor.6 21653 291745 583 0 2 0x2 syz-executor.2 47773 288369 583 0 2 0x2 syz-executor.3 59953 241305 583 0 7 0x482 syz-executor.0 27944 272327 583 0 2 0x2 syz-executor.4 54369 107829 0 0 3 0x14200 acct acct 78035 127940 583 0 2 0x2 syz-executor.5 92039 364953 1 0 3 0x100083 ttyin getty 77168 241503 583 0 3 0x82 nanoslp syz-executor.7 31350 123675 583 0 3 0x82 nanoslp syz-executor.1 12468 159048 0 0 3 0x14280 nfsidl nfsio 35566 327635 0 0 3 0x14280 nfsidl nfsio 94818 235260 0 0 3 0x14280 nfsidl nfsio 91937 248184 0 0 3 0x14280 nfsidl nfsio 8572 501523 0 0 3 0x14280 nfsidl nfsio 42574 307952 0 0 3 0x14280 nfsidl nfsio 75538 381775 0 0 3 0x14280 nfsidl nfsio 16789 499248 0 0 3 0x14280 nfsidl nfsio 9741 235373 0 0 3 0x14280 nfsidl nfsio 82259 195438 0 0 3 0x14280 nfsidl nfsio 23435 414571 0 0 3 0x14280 nfsidl nfsio 52622 81257 0 0 3 0x14280 nfsidl nfsio 40857 173092 0 0 3 0x14280 nfsidl nfsio 37494 433174 0 0 3 0x14280 nfsidl nfsio 47560 131488 0 0 3 0x14280 nfsidl nfsio 3826 228845 0 0 3 0x14280 nfsidl nfsio 29549 466850 0 0 3 0x14280 nfsidl nfsio 45608 149163 0 0 3 0x14280 nfsidl nfsio 13398 63326 0 0 3 0x14280 nfsidl nfsio 31648 461514 0 0 3 0x14280 nfsidl nfsio 84875 48589 0 0 3 0x14200 bored sosplice 17648 498096 583 0 3 0x82 nanoslp syz-executor.6 583 427948 64925 0 3 0x82 thrsleep syz-fuzzer 583 210569 64925 0 3 0x4000082 nanoslp syz-fuzzer 583 148959 64925 0 3 0x4000082 thrsleep syz-fuzzer 583 515343 64925 0 3 0x4000082 thrsleep syz-fuzzer 583 391268 64925 0 3 0x4000082 nanoslp syz-fuzzer 583 81644 64925 0 3 0x4000082 thrsleep syz-fuzzer 583 420229 64925 0 3 0x4000082 kqread syz-fuzzer 583 405660 64925 0 3 0x4000082 thrsleep syz-fuzzer 583 511727 64925 0 3 0x4000082 thrsleep syz-fuzzer 64925 137673 63321 0 3 0x10008a sigsusp ksh 63321 173873 90483 0 3 0x9a kqread sshd 90483 15743 1 0 3 0x88 kqread sshd 22318 431331 91177 74 3 0x1100092 bpf pflogd 91177 420597 1 0 3 0x80 netio pflogd 32600 411849 80602 73 3 0x1100090 kqread syslogd 80602 429863 1 0 3 0x100082 netio syslogd 7413 257058 1 0 3 0x100080 kqread resolvd 64713 101012 94648 77 3 0x100092 kqread dhcpleased 50521 7734 94648 77 3 0x100092 kqread dhcpleased 94648 436236 1 0 3 0x80 kqread dhcpleased 24529 230922 0 0 3 0x14200 bored smr 16734 28579 0 0 2 0x14200 zerothread 99832 434339 0 0 3 0x14200 aiodoned aiodoned 3313 166691 0 0 3 0x14200 syncer update 73547 374819 0 0 3 0x14200 cleaner cleaner 72279 489334 0 0 3 0x14200 reaper reaper 54077 190645 0 0 3 0x14200 pgdaemon pagedaemon 21854 464536 0 0 3 0x14200 bored viomb 77870 302434 0 0 3 0x40014200 acpi0 acpi0 55915 377344 0 0 3 0x40014200 idle1 32147 341356 0 0 3 0x14200 bored softnet 19819 493220 0 0 3 0x14200 bored systqmp 5277 167546 0 0 3 0x14200 bored systq 82301 199901 0 0 3 0x40014200 bored softclock 89381 448202 0 0 3 0x40014200 idle0 1 32351 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 9836 (syz-executor.7) thread 0xffff8000ffff62b0 (54093) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82b6e770) #0 witness_lock+0x44d #1 kpageflttrap+0x23d sys/arch/amd64/amd64/trap.c:274 #2 kerntrap+0xef sys/arch/amd64/amd64/trap.c:318 #3 alltraps_kern_meltdown+0x7b #4 socreate+0x84 sys/kern/uipc_socket.c:172 #5 sys_socket+0xd8 sys/kern/uipc_syscalls.c:96 #6 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #6 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #7 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10221 6641K 7350K 78643K 24418 0 pcb 14 14K 16K 78643K 1610 0 rtable 228 22K 23K 78643K 1377 0 ifaddr 95 20K 22K 78643K 722 0 sysctl 2 0K 0K 78643K 2 0 counters 58 35K 36K 78643K 202 0 ioctlops 0 0K 4K 78643K 3221 0 iov 0 0K 20K 78643K 456 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 5 0 vnodes 1377 86K 86K 78643K 8218 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 38 0 VM map 2 1K 1K 78643K 2 0 sem 12 1K 1K 78643K 25 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 15 53K 89K 78643K 7243 0 sigio 0 0K 0K 78643K 18 0 proc 70 87K 124K 78643K 1250 0 subproc 104 6K 6K 78643K 364 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 128 0 in_multi 79 5K 6K 78643K 417 0 ether_multi 1 0K 0K 78643K 40 0 mrt 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 217 970K 970K 78643K 217 0 exec 0 0K 2K 78643K 1813 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 428 255K 256K 78643K 92350 0 UVM aobj 107 3K 3K 78643K 118 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 225 0 NDP 13 0K 2K 78643K 142 0 temp 159 4751K 4823K 78643K 56998 0 kqueue 12 18K 24K 78643K 328 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 234 0 231 3 2 1 3 0 8 0 rtentry 112 431 0 346 4 1 3 4 0 8 0 unpcb 136 3326 0 3311 47 44 3 6 0 8 2 syncache 296 13 0 13 4 4 0 1 0 8 0 tcpqe 32 4 0 4 1 1 0 1 0 8 0 tcpcb 736 1321 0 1309 43 41 2 7 0 8 0 arp 120 68 0 50 1 0 1 1 0 8 0 inpcb 304 9661 0 9649 78 74 4 10 0 8 3 nd6 48 88 0 70 1 0 1 1 0 8 0 pkpcb 40 14 0 14 4 4 0 1 0 8 0 kcovpl 48 28 0 20 1 0 1 1 0 8 0 ppxss 1248 21 0 21 3 3 0 1 0 8 0 pfstscr 40 2 0 2 1 1 0 1 0 8 0 pffrag 232 15 0 14 2 1 1 1 0 482 0 pffrnode 88 15 0 14 2 1 1 1 0 8 0 pffrent 40 48 0 47 4 3 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 66 0 50 3 1 2 2 0 8 0 pftag 88 13 0 10 2 1 1 1 0 8 0 pfstitem 24 41 0 39 1 0 1 1 0 8 0 pfstkey 112 45 0 43 1 0 1 1 0 8 0 pfstate 320 43 0 41 2 1 1 2 0 8 0 pfrule 1360 403 0 364 5 1 4 4 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1493 0 1131 42 16 26 29 0 8 0 art_table 32 1494 0 1131 4 0 4 4 0 8 0 art_node 16 430 0 355 1 0 1 1 0 8 0 sysvmsgpl 40 28 0 15 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 23 0 13 1 0 1 1 0 8 0 shmpl 112 115 0 11 3 0 3 3 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 10928 0 9475 92 0 92 92 0 8 0 ffsino 272 10928 0 9475 98 0 98 98 0 8 0 nchpl 144 19978 0 18351 63 1 62 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 224 5926 0 0 349 0 349 349 0 8 0 namei 1024 69566 0 69566 7 6 1 2 0 8 1 percpumem 16 113 0 72 1 0 1 1 0 8 0 vcpupl 2048 13 0 0 2 0 2 2 0 8 0 vmpool 560 21 0 8 3 2 1 1 0 8 0 pfiaddrpl 120 32 0 9 1 0 1 1 0 8 0 scxspl 216 56168 0 56168 14 11 3 8 0 8 3 plimitpl 152 619 0 604 1 0 1 1 0 8 0 sigapl 424 7531 0 7466 8 0 8 8 0 8 0 futexpl 64 58074 0 58069 2 1 1 1 0 8 0 knotepl 120 226 0 0 5 0 5 5 0 8 0 kqueuepl 216 862 0 854 17 16 1 5 0 8 0 pipepl 336 1114 0 1086 32 29 3 8 0 8 0 fdescpl 496 7494 0 7466 6 2 4 5 0 8 0 filepl 152 48729 0 48484 99 85 14 20 0 8 4 lockfpl 104 1618 0 1615 5 4 1 2 0 8 0 lockfspl 48 373 0 370 1 0 1 1 0 8 0 sessionpl 144 47 0 30 1 0 1 1 0 8 0 pgrppl 48 54 0 37 1 0 1 1 0 8 0 ucredpl 96 9113 0 9099 1 0 1 1 0 8 0 zombiepl 144 7467 0 7466 1 0 1 1 0 8 0 processpl 1064 7531 0 7466 5 0 5 5 0 8 0 procpl 672 20242 0 20159 13 5 8 9 0 8 0 srpgc 96 30 0 30 8 8 0 1 0 8 0 sosppl 168 23 0 23 7 7 0 1 0 8 0 sockpl 480 13236 0 13206 268 251 17 34 0 8 13 mcl64k 65536 25 0 0 3 0 3 3 0 8 0 mcl16k 16384 25 0 0 4 1 3 3 0 8 0 mcl12k 12288 18 0 0 2 0 2 2 0 8 0 mcl9k 9216 17 0 0 2 0 2 2 0 8 0 mcl8k 8192 37 0 0 3 0 3 3 0 8 0 mcl4k 4096 25 0 0 3 0 3 3 0 8 0 mcl2k2 2112 7 0 0 1 0 1 1 0 8 0 mcl2k 2048 260 0 0 21 0 21 21 0 8 0 mtagpl 96 207 0 0 5 0 5 5 0 8 0 mbufpl 256 970 0 0 54 1 53 53 0 8 0 bufpl 288 12689 0 6353 453 0 453 453 0 8 0 anonpl 24 2057943 0 2037633 237 99 138 158 0 186 4 amapchunkpl 152 223613 0 222724 85 42 43 48 0 158 5 amappl16 200 17733 0 17099 88 53 35 51 0 8 0 amappl15 192 912 0 907 1 0 1 1 0 8 0 amappl14 184 1135 0 1130 1 0 1 1 0 8 0 amappl13 176 309 0 305 1 0 1 1 0 8 0 amappl12 168 351 0 342 1 0 1 1 0 8 0 amappl11 160 744 0 726 1 0 1 1 0 8 0 amappl10 152 1554 0 1544 1 0 1 1 0 8 0 amappl9 144 2996 0 2991 1 0 1 1 0 8 0 amappl8 136 1525 0 1413 5 1 4 4 0 8 0 amappl7 128 586 0 570 1 0 1 1 0 8 0 amappl6 120 2789 0 2759 3 1 2 2 0 8 0 amappl5 112 7730 0 7709 1 0 1 1 0 8 0 amappl4 104 2816 0 2784 2 1 1 2 0 8 0 amappl3 96 1015 0 1001 1 0 1 1 0 8 0 amappl2 88 1542 0 1482 3 1 2 3 0 8 0 amappl1 80 136255 0 135666 19 5 14 19 0 8 0 amappl 88 91429 0 91152 9 2 7 8 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 117 0 11 2 0 2 2 0 8 0 uaddrrnd 24 7515 0 7474 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 7515 0 7474 1 0 1 1 0 8 0 vmmpekpl 168 57248 0 57175 5 1 4 4 0 8 0 vmmpepl 168 676956 0 674291 235 107 128 152 0 357 0 vmsppl 368 7514 0 7474 5 1 4 4 0 8 0 rwobjpl 56 166085 0 158326 113 2 111 112 0 8 0 pdppl 4096 15037 0 14961 405 323 82 82 0 8 6 pvpl 32 3514100 0 3490255 478 263 215 265 0 265 13 pmappl 248 7514 0 7474 3 0 3 3 0 8 0 extentpl 40 58 0 38 1 0 1 1 0 8 0 phpool 112 1279 0 421 25 0 25 25 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace socreate(18,ffff800022658468,0,29) at socreate+0x84 sys/kern/uipc_socket.c:172 sys_socket(ffff8000ffff62b0,ffff8000226584f8,ffff800022658550) at sys_socket+0xd8 sys/kern/uipc_syscalls.c:96 syscall(ffff8000226585c0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff8000226585c0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdc432faaa50, count: -4 ddb{0}> machine ddbcpu 1