uvm_fault(0xffffef006c6779a0, 0x98, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip ffffffff81235a18 cs 8 rflags 10246 cr2 98 cpl 0 rsp ffff80003c3f7720 gsbase 0xffff80002999dff0 kgsbase 0x0 panic: trap type 6, code=0, pc=ffffffff81235a18 Starting stack trace... panic(ffffffff834eb72c) at panic+0x1d0 sys/kern/subr_prf.c:229 kerntrap(ffff80003c3f7670) at kerntrap+0x30b alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b dovutimens(ffff80003c3f14e8,ffffef00601ab130,ffff80003c3f7830) at dovutimens+0x368 sys/kern/vfs_syscalls.c:2690 sys_futimens(ffff80003c3f14e8,ffff80003c3f7980,ffff80003c3f78d0) at sys_futimens+0xb3 sys/kern/vfs_syscalls.c:2766 syscall(ffff80003c3f7980) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c3f7980) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xce9fa4d7310, count: 250 End of stack trace. WARNING: SPL NOT LOWERED ON SYSCALL 137 -780236096 EXIT 0 4 Stopped at savectx+0xae: movl $0,%gs:0x688 TID PID UID PRFLAGS PFLAGS CPU COMMAND 93350 16725 60928 0x10 0 0 syz-executor *123065 3587 0 0x2 0 1 syz-executor savectx() at savectx+0xae end of kernel end trace frame: 0x7d6ed17e8ab0, count: 14 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xffffef006c6779a0, 0x98, 0, 1) -> e ddb{1}> trace savectx() at savectx+0xae end of kernel end trace frame: 0x7d6ed17e8ab0, count: -1 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff80002a2e4000 rbx 0 rdx 0 rcx 0xffff80002a2227d8 rax 0x3c r8 0xffff80002a2e3f30 r9 0x1 r10 0xb0d885b17be86296 r11 0x4412b28e5f140fe5 r12 0 r13 0 r14 0xffff80002a2227d8 r15 0 rip 0xffffffff820d43ee savectx+0xae cs 0x8 rflags 0x46 rsp 0xffff80002a2e3f80 ss 0x10 savectx+0xae: movl $0,%gs:0x688 ddb{1}> show proc PROC (syz-executor) tid=123065 pid=3587 tcnt=1 stat=onproc flags process=2 proc=0 runpri=50, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a222fa0,0xffff80002a222a80 process=0xffff8000ffff44d8 user=0xffff80002a2df000, vmspace=0xffffef000b0637a0 estcpu=36, cpticks=15, pctcpu=0.2, user=1, sys=14, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 8954 39213 85835 0 2 0 syz-executor 37677 237596 35800 0 2 0 syz-executor 37677 290465 35800 0 2 0x4000000 syz-executor 16725 93350 10999 60928 7 0x10 syz-executor 16725 429098 10999 60928 3 0x4000010 sbar syz-executor 36616 23851 16800 0 2 0 syz-executor 8154 194165 90692 0 2 0 syz-executor 55693 357128 65310 0 3 0x80 nanoslp syz-executor 55693 486767 65310 0 3 0x4000080 sbwait syz-executor 55693 121033 65310 0 3 0x4000080 fsleep syz-executor 92779 213417 78290 0 3 0x3000 suspend syz-executor 92779 516600 78290 0 3 0x4081000 biowait syz-executor 92779 364955 78290 0 3 0x4081000 inode syz-executor 81266 340242 0 0 3 0x14280 nfsidl nfsio 58952 456506 0 0 3 0x14280 nfsidl nfsio 103 354119 0 0 3 0x14280 nfsidl nfsio 16284 340795 0 0 3 0x14280 nfsidl nfsio 77802 490103 0 0 3 0x14280 nfsidl nfsio 92594 204260 0 0 3 0x14280 nfsidl nfsio 35998 126918 0 0 3 0x14280 nfsidl nfsio 37847 122579 0 0 3 0x14280 nfsidl nfsio 43707 152055 0 0 3 0x14280 nfsidl nfsio 68351 217689 0 0 3 0x14280 nfsidl nfsio 49956 398705 0 0 3 0x14280 nfsidl nfsio 19451 385591 0 0 3 0x14280 nfsidl nfsio 70685 24402 0 0 3 0x14280 nfsidl nfsio 4393 50688 0 0 3 0x14280 nfsidl nfsio 62007 504570 0 0 3 0x14280 nfsidl nfsio 23587 472806 0 0 3 0x14280 nfsidl nfsio 45503 420867 0 0 3 0x14280 nfsidl nfsio 99764 157210 0 0 3 0x14280 nfsidl nfsio 80638 431867 0 0 3 0x14280 nfsidl nfsio 3821 481576 0 0 3 0x14280 nfsidl nfsio 82371 40408 0 0 3 0x14200 acct acct 21351 467516 1 0 3 0x100083 ttyin getty 78290 161510 40226 0 3 0x82 nanoslp syz-executor 85835 383637 40226 0 3 0x82 nanoslp syz-executor 35800 92542 40226 0 3 0x82 nanoslp syz-executor 16800 374855 40226 0 3 0x82 nanoslp syz-executor 90692 128631 40226 0 2 0x2 syz-executor * 3587 123065 40226 0 7 0x2 syz-executor 10999 475332 40226 0 3 0x82 nanoslp syz-executor 65310 316698 40226 0 3 0x82 nanoslp syz-executor 40226 212955 1 0 2 0x2 syz-executor 33779 33108 1 74 3 0x1100092 bpf pflogd 41690 27781 1 73 3 0x1100090 kqread syslogd 96405 28206 0 0 3 0x14200 bored smr 62509 454823 0 0 2 0x14200 zerothread 56003 410946 0 0 3 0x14200 aiodoned aiodoned 2423 466046 0 0 3 0x14200 syncer update 25091 105104 0 0 3 0x14200 cleaner cleaner 15633 171784 0 0 3 0x14200 reaper reaper 52235 321112 0 0 3 0x14200 pgdaemon pagedaemon 39256 518852 0 0 3 0x14200 bored viomb 50635 455717 0 0 3 0x40014200 acpi0 acpi0 80050 101942 0 0 3 0x40014200 idle1 65217 272509 0 0 3 0x14200 bored softnet1 69911 115871 0 0 3 0x14200 netlock softnet0 27468 115095 0 0 2 0x40014200 systqmp 33879 274667 0 0 3 0x14200 bored systq 15007 412519 0 0 3 0x14200 tmoslp softclockmp 67465 23192 0 0 3 0x40014200 tmoslp softclock 68557 376996 0 0 3 0x40014200 idle0 1 197406 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 16725 (syz-executor) thread 0xffff80003c3f14e8 (429098) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff83b2df00) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 syscall+0xaf4 mi_syscall sys/sys/syscall_mi.h:175 [inline] #1 syscall+0xaf4 sys/arch/amd64/amd64/trap.c:783 #2 Xsyscall+0x128 Process 92779 (syz-executor) thread 0xffff80002a222010 (516600) exclusive rrwlock inode r = 0 (0xffffef006ee14930) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:576 #5 vn_write+0x18f sys/kern/vfs_vnops.c:411 #6 dofilewritev+0x2bd sys/kern/sys_generic.c:384 #7 sys_write+0xa2 sys/kern/sys_generic.c:300 #8 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #8 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783 #9 Xsyscall+0x128 ddb{1}>