uvm_fault(0xfffffd806bc0a550, 0xa, 0, 1) -> e kernel: page fault trap, code=0 Stopped at vio_rxeof+0x191: movzwl 0xa(%r15),%eax ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd806bc0a550, 0xa, 0, 1) -> e vio_rxeof(ffff80000017a000) at vio_rxeof+0x191 sys/dev/pv/if_vio.c:1018 end trace frame: 0xffff80001d73f480, count: 0 ddb> trace vio_rxeof(ffff80000017a000) at vio_rxeof+0x191 sys/dev/pv/if_vio.c:1018 vio_rx_intr(ffff80000017a050) at vio_rx_intr+0x4d sys/dev/pv/if_vio.c:1056 virtio_check_vqs(ffff80000002ea00) at virtio_check_vqs+0x150 sys/dev/pv/virtio.c:228 intr_handler(ffff80001d73f530,ffff800000655380) at intr_handler+0x4d sys/arch/amd64/amd64/intr.c:537 Xintr_ioapic_edge19_untramp() at Xintr_ioapic_edge19_untramp+0x19f end of kernel end trace frame: 0xc0004dccd0, count: -5 ddb> show registers rdi 0xc rsi 0xc rbp 0xffff80001d73f420 rbx 0xffff80000017a000 rdx 0 rcx 0xffff8000001ab000 rax 0 r8 0x2 r9 0 r10 0 r11 0x87324a7a8f8b7454 r12 0xffff80000002ea00 r13 0xc r14 0xfffffd8069194c00 r15 0 rip 0xffffffff818c1ac1 vio_rxeof+0x191 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80001d73f390 ss 0 vio_rxeof+0x191: movzwl 0xa(%r15),%eax ddb> show proc PROC (syz-fuzzer) pid=165005 stat=onproc flags process=2 proc=4000000 pri=86, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff80001d71c4f0,0xffff80001d71cec0 process=0xffff80001d7075d8 user=0xffff80001d73a000, vmspace=0xfffffd806bc0a550 estcpu=36, cpticks=34, pctcpu=6.1 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 48236 7408 31065 0 2 0 syz-executor.0 48236 289904 31065 0 3 0x4000080 fsleep syz-executor.0 31065 522942 88727 0 3 0x82 nanosleep syz-executor.0 87647 83357 0 0 3 0x14280 nfsidl nfsio 52890 183292 0 0 3 0x14280 nfsidl nfsio 70295 430124 0 0 3 0x14280 nfsidl nfsio 31735 284809 0 0 3 0x14280 nfsidl nfsio 26775 181796 0 0 3 0x14280 nfsidl nfsio 99248 366063 0 0 3 0x14280 nfsidl nfsio 20284 64704 0 0 3 0x14280 nfsidl nfsio 93491 427360 0 0 3 0x14280 nfsidl nfsio 11457 356703 0 0 3 0x14280 nfsidl nfsio 71209 485963 0 0 3 0x14280 nfsidl nfsio 22772 11752 0 0 3 0x14280 nfsidl nfsio 93666 256970 0 0 3 0x14280 nfsidl nfsio 14687 68309 0 0 3 0x14280 nfsidl nfsio 46846 399610 0 0 3 0x14280 nfsidl nfsio 17433 234334 0 0 3 0x14280 nfsidl nfsio 60146 418576 0 0 3 0x14280 nfsidl nfsio 90925 327373 0 0 3 0x14280 nfsidl nfsio 94760 266700 0 0 3 0x14280 nfsidl nfsio 23156 102957 0 0 3 0x14280 nfsidl nfsio 70620 187060 0 0 3 0x14280 nfsidl nfsio 10174 325243 0 0 3 0x14200 bored sosplice 62754 101288 88727 0 3 0x82 piperd syz-executor.1 88727 12391 33129 0 3 0x82 thrsleep syz-fuzzer 88727 278076 33129 0 3 0x4000082 nanosleep syz-fuzzer *88727 165005 33129 0 7 0x4000002 syz-fuzzer 88727 500261 33129 0 3 0x4000082 thrsleep syz-fuzzer 88727 142066 33129 0 3 0x4000082 thrsleep syz-fuzzer 88727 431155 33129 0 3 0x4000082 thrsleep syz-fuzzer 88727 314402 33129 0 3 0x4000082 thrsleep syz-fuzzer 88727 413025 33129 0 3 0x4000082 thrsleep syz-fuzzer 33129 179626 56017 0 3 0x10008a pause ksh 56017 393592 48691 0 3 0x92 select sshd 41267 471322 1 0 3 0x100083 ttyin getty 48691 184145 1 0 3 0x80 select sshd 4222 333798 40790 73 3 0x100090 kqread syslogd 40790 77216 1 0 3 0x100082 netio syslogd 86684 323354 1 77 3 0x100090 poll dhclient 54469 336038 1 0 3 0x80 poll dhclient 35526 397150 0 0 3 0x14200 bored smr 45095 252274 0 0 2 0x14200 zerothread 47856 100277 0 0 3 0x14200 aiodoned aiodoned 56098 423642 0 0 3 0x14200 syncer update 89545 86093 0 0 3 0x14200 cleaner cleaner 90668 454879 0 0 3 0x14200 reaper reaper 53576 163710 0 0 3 0x14200 pgdaemon pagedaemon 27137 505051 0 0 3 0x14200 bored crynlk 71632 67534 0 0 3 0x14200 bored crypto 33297 356873 0 0 3 0x40014200 acpi0 acpi0 70983 478907 0 0 3 0x14200 bored softnet 93300 181956 0 0 3 0x14200 bored systqmp 78669 374720 0 0 3 0x14200 bored systq 5776 353093 0 0 3 0x40014200 bored softclock 56977 291891 0 0 3 0x40014200 idle0 1 410999 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9508 6420K 7051K 78643K 14590 0 pcb 13 8K 8K 78643K 131 0 rtable 112 16K 19K 78643K 754 0 ifaddr 77 15K 16K 78643K 249 0 sysctl 2 0K 0K 78643K 2 0 counters 21 16K 16K 78643K 36 0 ioctlops 0 0K 4K 78643K 127 0 iov 0 0K 12K 78643K 373 0 mount 1 1K 1K 78643K 1 0 vnodes 1220 77K 77K 78643K 2277 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 12 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 184 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 5 13K 25K 78643K 995 0 sigio 0 0K 0K 78643K 4 0 proc 51 38K 55K 78643K 488 0 subproc 32 2K 2K 78643K 68 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 166 0 in_multi 49 3K 3K 78643K 215 0 ether_multi 1 0K 0K 78643K 24 0 mrt 0 0K 0K 78643K 4 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 67 307K 307K 78643K 67 0 exec 0 0K 1K 78643K 263 0 pfkey data 0 0K 0K 78643K 2 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 135 104K 104K 78643K 3439 0 UVM aobj 44 2K 3K 78643K 46 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 104 0 NDP 12 0K 0K 78643K 47 0 temp 128 3867K 3931K 78643K 43306 0 kqueue 3 4K 16K 78643K 53 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 12 0 6 1 0 1 1 0 8 0 rtpcb 80 92 0 90 1 0 1 1 0 8 0 rtentry 112 112 0 80 2 0 2 2 0 8 0 unpcb 120 541 0 533 1 0 1 1 0 8 0 syncache 264 6 0 6 3 3 0 1 0 8 0 tcpqe 32 559 0 559 2 2 0 1 0 8 0 tcpcb 544 426 0 422 1 0 1 1 0 8 0 ipq 40 8 0 8 4 4 0 1 0 8 0 ipqe 40 149 0 149 4 4 0 1 0 8 0 inpcb 296 1013 0 1006 17 15 2 2 0 8 1 rttmr 72 1 0 1 1 1 0 1 0 8 0 nd6 48 30 0 26 1 0 1 1 0 8 0 pkpcb 40 12 0 12 5 5 0 1 0 8 0 ppxss 1136 2 0 2 2 2 0 1 0 8 0 pfrktable 1344 113 0 103 7 6 1 2 0 8 0 pftag 88 16 0 14 4 3 1 1 0 8 0 pfrule 1360 28 0 22 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 467 0 333 17 6 11 14 0 8 0 art_table 32 468 0 333 2 0 2 2 0 8 0 art_node 16 111 0 84 1 0 1 1 0 8 0 sysvmsgpl 40 10 0 6 2 1 1 1 0 8 0 semupl 112 4 0 4 2 2 0 1 0 8 0 semapl 112 176 0 166 1 0 1 1 0 8 0 shmpl 112 43 0 2 3 1 2 2 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 2701 0 1305 88 0 88 88 0 8 0 ffsino 240 2701 0 1305 83 0 83 83 0 8 0 nchpl 144 4410 0 2828 60 0 60 60 0 8 0 uvmvnodes 72 3667 0 0 67 0 67 67 0 8 0 vnodes 208 3667 0 0 193 0 193 193 0 8 0 namei 1024 13284 0 13284 6 5 1 1 0 8 1 vcpupl 1984 9 0 2 1 0 1 1 0 8 0 vmpool 528 22 0 15 1 0 1 1 0 8 0 pfiaddrpl 120 36 0 30 4 3 1 1 0 8 0 scxspl 192 13179 0 13179 6 5 1 1 0 8 1 plimitpl 152 92 0 85 1 0 1 1 0 8 0 sigapl 424 1196 0 1147 6 0 6 6 0 8 0 futexpl 56 20769 0 20768 5 4 1 1 0 8 0 knotepl 112 156 0 137 2 1 1 2 0 8 0 kqueuepl 144 127 0 125 1 0 1 1 0 8 0 pipepl 272 170 0 160 1 0 1 1 0 8 0 fdescpl 432 1161 0 1147 2 0 2 2 0 8 0 filepl 120 7642 0 7544 6 2 4 4 0 8 1 lockfpl 104 718 0 717 1 0 1 1 0 8 0 lockfspl 48 226 0 225 1 0 1 1 0 8 0 sessionpl 112 19 0 9 1 0 1 1 0 8 0 pgrppl 48 27 0 17 1 0 1 1 0 8 0 ucredpl 96 1024 0 1017 1 0 1 1 0 8 0 zombiepl 144 1147 0 1147 4 3 1 1 0 8 1 processpl 928 1196 0 1147 7 0 7 7 0 8 0 procpl 624 2631 0 2574 5 0 5 5 0 8 0 sosppl 128 12 0 12 6 6 0 1 0 8 0 sockpl 400 1662 0 1645 10 7 3 4 0 8 1 mcl64k 65536 50 0 47 4 3 1 1 0 8 0 mcl16k 16384 9 0 9 4 4 0 1 0 8 0 mcl12k 12288 24 0 24 12 12 0 1 0 8 0 mcl9k 9216 15 0 15 7 7 0 1 0 8 0 mcl8k 8192 42 0 42 12 12 0 1 0 8 0 mcl4k 4096 100 0 100 14 13 1 1 0 8 1 mcl2k2 2112 12 0 12 8 8 0 1 0 8 0 mcl2k 2048 91139 0 91083 28 19 9 20 0 8 1 mtagpl 96 646 0 522 10 4 6 9 0 8 0 mbufpl 256 152446 0 151847 106 45 61 79 0 8 4 bufpl 280 5718 0 366 383 0 383 383 0 8 0 anonpl 16 148525 0 131811 164 82 82 84 0 107 13 amapchunkpl 152 6713 0 6547 39 31 8 20 0 158 1 amappl16 192 6263 0 5278 130 73 57 62 0 8 7 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 591 0 586 1 0 1 1 0 8 0 amappl13 168 40 0 37 1 0 1 1 0 8 0 amappl12 160 12 0 11 2 1 1 1 0 8 0 amappl11 152 774 0 762 1 0 1 1 0 8 0 amappl10 144 13 0 9 1 0 1 1 0 8 0 amappl9 136 586 0 584 1 0 1 1 0 8 0 amappl8 128 583 0 538 2 0 2 2 0 8 0 amappl7 120 120 0 107 1 0 1 1 0 8 0 amappl6 112 335 0 323 1 0 1 1 0 8 0 amappl5 104 534 0 522 1 0 1 1 0 8 0 amappl4 96 1019 0 992 1 0 1 1 0 8 0 amappl3 88 557 0 551 1 0 1 1 0 8 0 amappl2 80 8354 0 8283 2 0 2 2 0 8 0 amappl1 72 37415 0 36996 22 12 10 17 0 8 0 amappl 80 2885 0 2836 4 2 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 45 0 2 1 0 1 1 0 8 0 uaddrrnd 24 1183 0 1162 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1183 0 1162 1 0 1 1 0 8 0 vmmpekpl 168 10321 0 10287 2 0 2 2 0 8 0 vmmpepl 168 151507 0 149397 263 161 102 149 0 357 9 vmsppl 272 1182 0 1162 4 2 2 2 0 8 0 pdppl 4096 2372 0 2331 7 1 6 6 0 8 0 pvpl 32 384581 0 364835 331 132 199 201 0 265 36 pmappl 200 1182 0 1162 2 0 2 2 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 397 0 119 9 0 9 9 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace vio_rxeof(ffff80000017a000) at vio_rxeof+0x191 sys/dev/pv/if_vio.c:1018 vio_rx_intr(ffff80000017a050) at vio_rx_intr+0x4d sys/dev/pv/if_vio.c:1056 virtio_check_vqs(ffff80000002ea00) at virtio_check_vqs+0x150 sys/dev/pv/virtio.c:228 intr_handler(ffff80001d73f530,ffff800000655380) at intr_handler+0x4d sys/arch/amd64/amd64/intr.c:537 Xintr_ioapic_edge19_untramp() at Xintr_ioapic_edge19_untramp+0x19f end of kernel end trace frame: 0xc0004dccd0, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace vio_rxeof(ffff80000017a000) at vio_rxeof+0x191 sys/dev/pv/if_vio.c:1018 vio_rx_intr(ffff80000017a050) at vio_rx_intr+0x4d sys/dev/pv/if_vio.c:1056 virtio_check_vqs(ffff80000002ea00) at virtio_check_vqs+0x150 sys/dev/pv/virtio.c:228 intr_handler(ffff80001d73f530,ffff800000655380) at intr_handler+0x4d sys/arch/amd64/amd64/intr.c:537 Xintr_ioapic_edge19_untramp() at Xintr_ioapic_edge19_untramp+0x19f end of kernel end trace frame: 0xc0004dccd0, count: -5