uvm_fault(0xffffffff8354a888, 0xffff800012fd4800, 0, 2) -> d kernel: page fault trap, code=2 Stopped at memcpy+0x19: repe movsq (%rsi),%es:(%rdi) TID PID UID PRFLAGS PFLAGS CPU COMMAND 328756 80416 0 0 0 0 syz-executor *200436 71337 0 0x100002 0 1K sh memcpy() at memcpy+0x19 ufs_inactive(ffff80002a357f58) at ufs_inactive+0x2e2 sys/ufs/ufs/ufs_inode.c:95 VOP_INACTIVE(fffffd806ab7fa28,ffff800031798a48) at VOP_INACTIVE+0x107 sys/kern/vfs_vops.c:495 vrele(fffffd806ab7fa28) at vrele+0x129 sys/kern/vfs_subr.c:827 process_zap(ffff80002d572d68) at process_zap+0x179 sys/kern/kern_exit.c:846 dowait6(ffff800031798a48,0,0,ffff80002a3581bc,27,0,2d324ed04d1c33ac,ffff80002a3582f0) at dowait6+0x998 sys/kern/kern_exit.c:549 sys_wait4(ffff800031798a48,ffff80002a3582f0,ffff80002a358240) at sys_wait4+0x13a sys/kern/kern_exit.c:688 syscall(ffff80002a3582f0) at syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a3582f0) at syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x78daa7c51350, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xffffffff8354a888, 0xffff800012fd4800, 0, 2) -> d ddb{1}> trace memcpy() at memcpy+0x19 ufs_inactive(ffff80002a357f58) at ufs_inactive+0x2e2 sys/ufs/ufs/ufs_inode.c:95 VOP_INACTIVE(fffffd806ab7fa28,ffff800031798a48) at VOP_INACTIVE+0x107 sys/kern/vfs_vops.c:495 vrele(fffffd806ab7fa28) at vrele+0x129 sys/kern/vfs_subr.c:827 process_zap(ffff80002d572d68) at process_zap+0x179 sys/kern/kern_exit.c:846 dowait6(ffff800031798a48,0,0,ffff80002a3581bc,27,0,2d324ed04d1c33ac,ffff80002a3582f0) at dowait6+0x998 sys/kern/kern_exit.c:549 sys_wait4(ffff800031798a48,ffff80002a3582f0,ffff80002a358240) at sys_wait4+0x13a sys/kern/kern_exit.c:688 syscall(ffff80002a3582f0) at syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a3582f0) at syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x78daa7c51350, count: -9 ddb{1}> show registers rdi 0xffff800012fd4800 rsi 0xfffffd806cecd800 rbp 0xffff80002a357ee0 rbx 0x1 rdx 0x100 rcx 0x20 rax 0x11 r8 0xffffffffffffffff r9 0 r10 0x55f335744f749b7a r11 0xffff800012fd4800 r12 0xfffffd806cf16dd0 r13 0xfffffd806f08a140 r14 0 r15 0xffff800000a5f000 rip 0xffffffff81b8ca89 memcpy+0x19 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff80002a357e78 ss 0x10 memcpy+0x19: repe movsq (%rsi),%es:(%rdi) ddb{1}> show proc PROC (sh) tid=200436 pid=71337 tcnt=1 stat=onproc flags process=100002 proc=0 runpri=40, usrpri=50, slppri=40, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff800031798f58,0xffff8000317987d0 process=0xffff80002d5728e0 user=0xffff80002a353000, vmspace=0xfffffd806c53a540 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 80416 328756 51117 0 7 0 syz-executor 80416 249159 51117 0 2 0x4000000 syz-executor 60007 187612 66458 0 2 0 syz-executor 60007 336950 66458 0 2 0x4000000 syz-executor 60007 522819 66458 0 2 0x4000000 syz-executor 57259 102607 79818 0 2 0 syz-executor 57259 262194 79818 0 2 0x4000000 syz-executor 29108 476193 73369 0 2 0 syz-executor 29108 130633 73369 0 3 0x4000080 fsleep syz-executor *71337 200436 69261 0 7 0x100002 sh 5566 418742 7077 0 2 0 syz-executor 5566 282576 7077 0 3 0x4000080 netcon syz-executor 55896 501891 7072 0 2 0 syz-executor 55896 333943 7072 0 3 0x4000080 fsleep syz-executor 55896 3186 7072 0 3 0x4000080 fsleep syz-executor 1091 176264 19665 0 3 0x2 biowait syz-executor 69261 363820 19665 0 3 0x82 wait syz-executor 79818 250898 19665 0 3 0x82 nanoslp syz-executor 73369 38491 19665 0 3 0x82 nanoslp syz-executor 66458 101089 19665 0 2 0x2 syz-executor 51117 344309 19665 0 3 0x82 nanoslp syz-executor 7077 57204 19665 0 3 0x82 nanoslp syz-executor 7072 359875 19665 0 3 0x82 nanoslp syz-executor 42810 36070 0 0 3 0x14200 bored sosplice 19665 461477 40150 0 2 0x2 syz-executor 40150 493792 37084 0 3 0x10008a sigsusp ksh 37084 233802 66813 0 3 0x98 kqread sshd-session 66813 390883 26558 0 3 0x92 kqread sshd-session 69130 427989 1 0 3 0x100083 ttyin getty 26558 177970 1 0 3 0x88 kqread sshd 61957 8517 58423 74 3 0x1100092 bpf pflogd 58423 349695 1 0 3 0x80 sbwait pflogd 5986 10911 68003 73 2 0x1100010 syslogd 68003 190069 1 0 3 0x100082 sbwait syslogd 34648 368551 1 0 3 0x100080 kqread resolvd 58431 517844 73838 77 3 0x100092 kqread dhcpleased 25044 323914 73838 77 3 0x100092 kqread dhcpleased 73838 115055 1 0 3 0x80 kqread dhcpleased 96715 508040 0 0 3 0x14200 bored smr 62914 157042 0 0 2 0x14200 zerothread 88346 208853 0 0 3 0x14200 aiodoned aiodoned 62053 357837 0 0 3 0x14200 syncer update 83531 334007 0 0 3 0x14200 cleaner cleaner 95383 396328 0 0 3 0x14200 reaper reaper 87150 384750 0 0 3 0x14200 pgdaemon pagedaemon 51629 360586 0 0 3 0x14200 bored viomb 81574 478888 0 0 3 0x40014200 acpi0 acpi0 94716 489499 0 0 3 0x40014200 idle1 75554 520375 0 0 3 0x14200 bored softnet3 72556 195945 0 0 3 0x14200 bored softnet2 47343 375943 0 0 3 0x14200 bored softnet1 51570 179392 0 0 3 0x14200 bored softnet0 42690 88116 0 0 3 0x14200 bored systqmp 38018 166612 0 0 3 0x14200 bored systq 5724 294594 0 0 3 0x14200 tmoslp softclockmp 21269 29525 0 0 3 0x40014200 tmoslp softclock 24398 392575 0 0 3 0x40014200 idle0 1 419769 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 71337 (sh) thread 0xffff800031798a48 (200436) Process 1091 (syz-executor) thread 0xffff8000ffff6530 (176264) ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10203 10120K 10378K 166960K 11701 0 pcb 17 12K 12K 166960K 55 0 rtable 195 5K 6K 166960K 1641 0 pf 35 17K 22K 166960K 143 0 ifaddr 40 7K 7K 166960K 221 0 ifgroup 55 2K 2K 166960K 229 0 sysctl 3 0K 0K 166960K 5 0 counters 64 36K 36K 166960K 152 0 ioctlops 0 0K 4K 166960K 1551 0 iov 0 0K 16K 166960K 11 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1408 89K 89K 166960K 2142 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 8 0 VM map 2 1K 1K 166960K 2 0 sem 7 0K 0K 166960K 10 0 dirhash 12 2K 2K 166960K 15 0 ACPI 1690 195K 286K 166960K 12418 0 file desc 17 61K 97K 166960K 1030 0 sigio 0 0K 0K 166960K 10 0 proc 72 91K 140K 166960K 1764 0 subproc 104 6K 7K 166960K 676 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 133 0 in_multi 86 6K 7K 166960K 565 0 ether_multi 1 0K 0K 166960K 1 0 mrt 0 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 67 307K 307K 166960K 67 0 exec 0 0K 1K 166960K 984 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 223 72K 100K 166960K 8500 0 UVM aobj 14 2K 2K 166960K 14 0 pinsyscall 42 84K 106K 166960K 3208 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 8 0 NDP 22 1K 2K 166960K 158 0 temp 43 6812K 7071K 166960K 21664 0 kqueue 13 20K 24K 166960K 54 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 133 0 130 1 0 1 1 0 8 0 rtentry 112 585 0 495 4 1 3 4 0 8 0 unpcb 144 348 0 327 7 6 1 4 0 8 0 syncache 336 3 0 3 2 2 0 1 0 8 0 tcpcb 808 82 0 75 2 1 1 2 0 8 0 arp 120 106 0 88 1 0 1 1 0 8 0 inpcb 336 443 0 432 6 5 1 2 0 8 0 nd6 136 152 0 131 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 1 0 1 0 8 0 kcovpl 48 52 0 44 1 0 1 1 0 8 0 ppxss 1168 1 0 1 1 1 0 1 0 8 0 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pffrag 232 4 0 1 1 0 1 1 0 482 0 pffrnode 88 4 0 1 1 0 1 1 0 8 0 pffrent 40 5 0 2 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfanchor 1288 1 0 1 1 1 0 1 0 8 0 pfstitem 24 74 0 53 1 0 1 1 0 8 0 pfstkey 128 75 0 54 1 0 1 1 0 8 0 pfstate 376 75 0 54 4 1 3 3 0 8 0 pfrule 1344 23 0 18 2 0 2 2 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2351 0 1972 32 8 24 29 0 8 0 art_table 32 2352 0 1972 4 0 4 4 0 8 0 art_node 16 583 0 502 1 0 1 1 0 8 0 sysvmsgpl 40 6 0 4 1 0 1 1 0 8 0 semapl 112 6 0 1 1 0 1 1 0 8 0 shmpl 112 11 0 0 1 0 1 1 0 8 0 dirhash 1024 19 0 2 3 0 3 3 0 8 0 dino2pl 256 2072 0 483 100 0 100 100 0 8 0 ffsino 272 2072 0 483 107 0 107 107 0 8 0 nchpl 144 2616 0 864 65 0 65 65 0 8 0 uvmvnodes 80 2880 0 0 59 0 59 59 0 8 0 vnodes 216 2880 0 0 160 0 160 160 0 8 0 namei 1024 12293 0 12292 5 4 1 2 0 8 0 percpumem 16 90 0 44 1 0 1 1 0 8 0 kstatmem 264 112 0 88 2 0 2 2 0 8 0 scxspl 216 22285 0 22284 11 10 1 8 1 8 0 plimitpl 152 105 0 87 1 0 1 1 0 8 0 sigapl 424 1242 0 1191 10 3 7 7 0 8 1 futexpl 64 3801 0 3798 4 3 1 1 0 8 0 knotepl 120 597 0 0 17 0 17 17 0 8 0 kqueuepl 216 111 0 102 3 2 1 3 0 8 0 pipepl 320 331 0 303 3 0 3 3 0 8 0 fdescpl 496 1222 0 1191 9 4 5 6 0 8 0 filepl 152 4699 0 4440 18 8 10 16 0 8 0 lockfpl 104 116 0 114 1 0 1 1 0 8 0 lockfspl 48 50 0 48 1 0 1 1 0 8 0 sessionpl 144 65 0 56 1 0 1 1 0 8 0 pgrppl 48 121 0 104 1 0 1 1 0 8 0 ucredpl 104 323 0 308 1 0 1 1 0 8 0 zombiepl 144 1192 0 1191 1 0 1 1 0 8 0 processpl 1160 1242 0 1191 5 1 4 5 0 8 0 procpl 648 1686 0 1627 7 1 6 6 0 8 1 srpgc 96 4 0 4 1 1 0 1 0 8 0 sosppl 168 2 0 2 2 2 0 1 0 8 0 sockpl 664 929 0 894 13 10 3 9 0 8 0 mcl64k 65536 1 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 3 0 0 1 0 1 1 0 8 0 mcl2k 2048 242 0 0 31 0 31 31 0 8 0 mtagpl 96 7 0 0 1 0 1 1 0 8 0 mbufpl 256 401 0 0 22 0 22 22 0 8 0 bufpl 280 8120 0 1341 485 0 485 485 0 8 0 anonpl 24 236919 0 233520 77 22 55 64 0 185 24 amapchunkpl 152 27125 0 26668 40 11 29 38 0 158 11 amappl16 200 4316 0 4305 16 14 2 13 0 8 0 amappl15 192 13 0 13 1 1 0 1 0 8 0 amappl14 184 205 0 193 1 0 1 1 0 8 0 amappl13 176 10 0 10 1 1 0 1 0 8 0 amappl12 168 2569 0 2537 4 2 2 3 0 8 0 amappl11 160 63 0 49 1 0 1 1 0 8 0 amappl10 152 10 0 9 1 0 1 1 0 8 0 amappl9 144 182 0 182 1 1 0 1 0 8 0 amappl8 136 24 0 22 1 0 1 1 0 8 0 amappl7 128 199 0 186 1 0 1 1 0 8 0 amappl6 120 590 0 587 1 0 1 1 0 8 0 amappl5 112 304 0 293 1 0 1 1 0 8 0 amappl4 104 432 0 413 1 0 1 1 0 8 0 amappl3 96 4681 0 4576 6 3 3 4 0 8 0 amappl2 88 1261 0 1192 2 0 2 2 0 8 0 amappl1 80 12693 0 12125 14 1 13 14 0 8 0 amappl 88 7807 0 7646 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 13 0 0 1 0 1 1 0 8 0 uaddrrnd 24 1222 0 1191 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1222 0 1191 1 0 1 1 0 8 0 vmmpekpl 168 11604 0 11556 3 0 3 3 0 8 0 vmmpepl 168 81741 0 79945 93 10 83 89 0 357 2 vmsppl 440 1221 0 1191 6 2 4 5 0 8 0 rwobjpl 56 29289 0 25490 56 1 55 55 0 8 1 pdppl 4096 2451 0 2382 151 74 77 87 0 8 8 pvpl 32 30615 0 0 248 1 247 247 0 265 0 pmappl 248 1221 0 1191 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 471 0 98 11 0 11 11 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffffffff83454ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff83561b08) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff83561b08) at __mp_lock+0x192 sys/kern/kern_lock.c:144 intr_handler(ffff80002a35e3d0,ffff800000079f80) at intr_handler+0xe1 sys/arch/amd64/amd64/intr.c:553 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f end of kernel end trace frame: 0x7f3e9c057df0, count: 9 ddb{0}> trace x86_ipi_db(ffffffff83454ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff83561b08) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff83561b08) at __mp_lock+0x192 sys/kern/kern_lock.c:144 intr_handler(ffff80002a35e3d0,ffff800000079f80) at intr_handler+0xe1 sys/arch/amd64/amd64/intr.c:553 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f end of kernel end trace frame: 0x7f3e9c057df0, count: -6 ddb{0}> machine ddbcpu 1 Stopped at memcpy+0x19: repe movsq (%rsi),%es:(%rdi) memcpy() at memcpy+0x19 ufs_inactive(ffff80002a357f58) at ufs_inactive+0x2e2 sys/ufs/ufs/ufs_inode.c:95 VOP_INACTIVE(fffffd806ab7fa28,ffff800031798a48) at VOP_INACTIVE+0x107 sys/kern/vfs_vops.c:495 vrele(fffffd806ab7fa28) at vrele+0x129 sys/kern/vfs_subr.c:827 process_zap(ffff80002d572d68) at process_zap+0x179 sys/kern/kern_exit.c:846 dowait6(ffff800031798a48,0,0,ffff80002a3581bc,27,0,2d324ed04d1c33ac,ffff80002a3582f0) at dowait6+0x998 sys/kern/kern_exit.c:549 sys_wait4(ffff800031798a48,ffff80002a3582f0,ffff80002a358240) at sys_wait4+0x13a sys/kern/kern_exit.c:688 syscall(ffff80002a3582f0) at syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a3582f0) at syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x78daa7c51350, count: 6 ddb{1}> trace memcpy() at memcpy+0x19 ufs_inactive(ffff80002a357f58) at ufs_inactive+0x2e2 sys/ufs/ufs/ufs_inode.c:95 VOP_INACTIVE(fffffd806ab7fa28,ffff800031798a48) at VOP_INACTIVE+0x107 sys/kern/vfs_vops.c:495 vrele(fffffd806ab7fa28) at vrele+0x129 sys/kern/vfs_subr.c:827 process_zap(ffff80002d572d68) at process_zap+0x179 sys/kern/kern_exit.c:846 dowait6(ffff800031798a48,0,0,ffff80002a3581bc,27,0,2d324ed04d1c33ac,ffff80002a3582f0) at dowait6+0x998 sys/kern/kern_exit.c:549 sys_wait4(ffff800031798a48,ffff80002a3582f0,ffff80002a358240) at sys_wait4+0x13a sys/kern/kern_exit.c:688 syscall(ffff80002a3582f0) at syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a3582f0) at syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x78daa7c51350, count: -9