uvm_fault(0xfffffd8063a19210, 0x0, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip ffffffff82001b48 cs 8 rflags 10207 cr2 0 cpl 0 rsp ffff80003c4670f0 gsbase 0xffff8000299edff0 kgsbase 0x0 panic: trap type 6, code=0, pc=ffffffff82001b48 Starting stack trace... panic(ffffffff833c635b) at panic+464 kerntrap(ffff80003c467040) at kerntrap+779 alltraps_kern_meltdown() at alltraps_kern_meltdown+123 dt_ioctl_record_stop(ffff8000016bf000) at dt_ioctl_record_stop+264 dtclose(21e5f,81,2000,ffff8000fffee548) at dtclose+265 spec_close(ffff80003c4671f0) at spec_close+1126 VOP_CLOSE(fffffd806b780470,81,fffffd80097fb618,ffff8000fffee548) at VOP_CLOSE+306 vn_closefile(fffffd806c261ad0,ffff8000fffee548) at vn_closefile+299 fdrop(fffffd806c261ad0,ffff8000fffee548) at fdrop+289 closef(fffffd806c261ad0,ffff8000fffee548) at closef+402 fdfree(ffff8000fffee548) at fdfree+278 exit1(ffff8000fffee548,0,0,1) at exit1+1398 sys_exit(ffff8000fffee548,ffff80003c467560,ffff80003c4674b0) at sys_exit+26 syscall(ffff80003c467560) at syscall+2839 Xsyscall() at Xsyscall+296 end of kernel end trace frame: 0x7b5347d45d10, count: 242 End of stack trace. WARNING: SPL NOT LOWERED ON TRAP EXIT 4 0 Stopped at proc_trampoline+199: movl $0,%gs:1672 TID PID UID PRFLAGS PFLAGS CPU COMMAND 393337 67658 0 0 0 0 syz-executor *449910 67658 0 0 0x4000000 1 syz-executor proc_trampoline() at proc_trampoline+199 end of kernel end trace frame: 0xca2f9404220, count: 14 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xfffffd8063a19210, 0x0, 0, 1) -> e ddb{1}> trace proc_trampoline() at proc_trampoline+199 end of kernel end trace frame: 0xca2f9404220, count: -1 ddb{1}> show registers rdi 0 rsi 0 rbp 18446603337232881936 rbx 0 rdx 0 rcx 18446603337152255232 rax 42 r8 18446603337232881728 r9 1 r10 3769975948036586667 r11 9952666294387442398 r12 0 r13 0 r14 0 r15 0 rip 18446744071603819719 proc_trampoline+199 cs 8 rflags 582 rsp 18446603337232881808 ss 16 proc_trampoline+199: movl $0,%gs:1672 ddb{1}> show proc PROC (syz-executor) tid=449910 pid=67658 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000377ed798,0xffffffff8398f248 process=0xffff80002efd49d8 user=0xffff80003c4cc000, vmspace=0xfffffd8063a195e0 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 67658 393337 21817 0 7 0 syz-executor *67658 449910 21817 0 7 0x4000000 syz-executor 36851 66197 29576 0 3 0x80 nanoslp syz-executor 36851 83196 29576 0 3 0x4000080 kqread syz-executor 36851 499045 29576 0 3 0x4000080 fsleep syz-executor 51216 435977 89971 0 3 0x80 nanoslp syz-executor 51216 160984 89971 0 3 0x4000080 ttyopn syz-executor 51216 179835 89971 0 3 0x4000080 fsleep syz-executor 51216 516997 89971 0 3 0x4000080 fsleep syz-executor 37033 34646 86855 0 3 0x90 nanoslp syz-executor 37033 479541 86855 0 3 0x4000090 kqread syz-executor 37033 497100 86855 0 3 0x4000090 fsleep syz-executor 93125 382494 9717 60929 2 0x10 syz-executor 93125 123842 9717 60929 3 0x4000090 kqsel syz-executor 93125 437080 9717 60929 3 0x4000090 fsleep syz-executor 17352 211387 51207 0 3 0x80 nanoslp syz-executor 17352 225208 51207 0 3 0x4000080 nanoslp syz-executor 17352 95063 51207 0 3 0x4000080 fsleep syz-executor 89971 517008 42734 0 3 0x82 nanoslp syz-executor 8053 104758 1 0 3 0x100083 ttyin getty 51207 147750 42734 0 2 0x2 syz-executor 42334 218783 42734 0 3 0x82 nanoslp syz-executor 9717 523125 42734 0 3 0x82 nanoslp syz-executor 21817 119877 42734 0 3 0x82 nanoslp syz-executor 86855 368335 42734 0 3 0x82 nanoslp syz-executor 22044 323508 42734 0 3 0x82 wait syz-executor 29576 91084 42734 0 3 0x82 nanoslp syz-executor 42734 270490 57550 0 3 0x82 kqread syz-executor 57550 69316 84134 0 3 0x10008a sigsusp ksh 84134 103571 23568 0 3 0x98 kqread sshd-session 23568 486750 55788 0 3 0x92 kqread sshd-session 55788 347127 1 0 3 0x88 kqread sshd 16421 174504 52066 74 3 0x1100092 bpf pflogd 52066 225938 1 0 3 0x80 sbwait pflogd 17422 227207 94082 73 3 0x1100090 kqread syslogd 94082 182632 1 0 3 0x100082 sbwait syslogd 73068 280811 1 0 3 0x100080 kqread resolvd 81911 290981 42984 77 3 0x100092 kqread dhcpleased 77264 284293 42984 77 3 0x100092 kqread dhcpleased 42984 463587 1 0 3 0x80 kqread dhcpleased 21060 396257 0 0 3 0x14200 bored smr 34956 247387 0 0 3 0x14200 pgzero zerothread 87353 22621 0 0 3 0x14200 aiodoned aiodoned 58872 328583 0 0 3 0x14200 syncer update 79656 227239 0 0 3 0x14200 cleaner cleaner 43099 129663 0 0 3 0x14200 reaper reaper 32358 406583 0 0 3 0x14200 pgdaemon pagedaemon 98670 135159 0 0 3 0x14200 bored viomb 81053 42348 0 0 3 0x40014200 acpi0 acpi0 5047 147183 0 0 3 0x40014200 idle1 91756 120029 0 0 3 0x14200 bored softnet1 83652 14293 0 0 3 0x14200 netlock softnet0 64718 435311 0 0 2 0x40014200 systqmp 23965 368383 0 0 3 0x14200 bored systq 41410 276430 0 0 3 0x14200 tmoslp softclockmp 73595 293419 0 0 3 0x40014200 tmoslp softclock 60353 82835 0 0 3 0x40014200 idle0 1 88747 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10276 11132K 12645K 166960K 26514 0 pcb 19 22K 25K 166960K 2686 0 rtable 247 19K 20K 166960K 2510 0 pf 50 20K 67488K 166960K 968 0 ifaddr 39 9K 11K 166960K 576 0 ifgroup 71 3K 3K 166960K 1052 0 sysctl 4 1K 9K 166960K 232 0 counters 74 37K 39K 166960K 1356 0 ioctlops 0 0K 4K 166960K 4337 0 iov 0 0K 28K 166960K 1108 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1538 97K 97K 166960K 12687 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 3 6K 14K 166960K 84 0 VM map 2 1K 1K 166960K 2 0 sem 35 134K 134K 166960K 559 0 dirhash 12 2K 3K 166960K 204 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 240K 166960K 10916 0 sigio 0 0K 0K 166960K 398 0 proc 74 115K 163K 166960K 2557 0 subproc 72 4K 4K 166960K 354 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 3 0K 0K 166960K 1702 0 in_multi 59 4K 7K 166960K 838 0 ether_multi 2 0K 0K 166960K 158 0 mrt 5 0K 0K 166960K 115 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 277 1235K 1235K 166960K 277 0 exec 0 0K 1K 166960K 2399 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 26 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 273 154K 182K 166960K 99804 0 UVM aobj 188 64K 64K 166960K 196 0 pinsyscall 43 86K 102K 166960K 12774 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 1 0K 1K 166960K 961 0 NDP 15 0K 2K 166960K 444 0 temp 100 8660K 10456K 166960K 495607 0 kqueue 18 25K 34K 166960K 2205 0 SYN cache 2 8K 16K 166960K 3 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 1595 0 1592 16 15 1 5 0 8 0 rtentry 176 745 0 666 6 1 5 6 0 8 0 unpcb 144 7001 0 6981 35 32 3 6 0 8 2 syncache 336 10 0 10 4 4 0 1 0 8 0 tcpqe 32 2 0 2 1 1 0 1 0 8 0 tcpcb 736 4548 0 4541 68 64 4 10 0 8 3 arp 136 119 0 101 1 0 1 1 0 8 0 inpcb 328 13853 0 13835 101 94 7 18 0 8 5 nd6 152 150 0 131 3 1 2 2 0 8 1 pkpcb 40 187 0 187 11 10 1 1 0 8 1 kcovpl 48 39 0 31 1 0 1 1 0 8 0 mppekey 1024 8 0 8 8 8 0 2 0 8 0 ppxss 1192 526 0 526 5 4 1 1 0 8 1 pppxif 1504 44 0 44 11 11 0 1 0 8 0 pfstscr 40 3 0 2 1 0 1 1 0 8 0 pffrag 232 96 0 84 2 1 1 2 0 482 0 pffrnode 88 54 0 43 1 0 1 1 0 8 0 pffrent 40 213 0 201 2 1 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 14 0 12 1 0 1 1 0 8 0 pfanchor 1288 3 0 0 1 0 1 1 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstitem 24 626 0 495 2 0 2 2 0 8 0 pfstkey 128 630 0 499 6 1 5 6 0 8 0 pfstate 384 627 0 497 18 3 15 18 0 8 1 pfrule 1344 29 0 22 2 1 1 2 0 8 0 rttmr 136 16 0 16 10 10 0 1 0 8 0 art_heap8 4096 7 0 2 7 2 5 5 0 8 0 art_heap4 256 3412 0 3122 53 30 23 32 0 8 1 art_table 40 3419 0 3124 6 1 5 6 0 8 0 art_node 32 718 0 651 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 3 2 1 1 1 0 8 0 semupl 112 17 0 17 13 13 0 1 0 8 0 semapl 112 532 0 499 1 0 1 1 0 8 0 shmpl 112 158 0 2 5 0 5 5 0 8 0 dirhash 1024 148 0 131 3 0 3 3 0 8 0 dino2pl 256 22110 0 20505 101 0 101 101 0 8 0 ffsino 296 22110 0 20505 124 0 124 124 0 8 0 nchpl 144 36975 0 36299 67 39 28 67 0 8 0 rtmask 32 94 0 94 12 11 1 1 0 8 1 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 135112 0 135112 5 4 1 2 0 8 1 percpumem 16 693 0 641 1 0 1 1 0 8 0 vcpupl 3968 31 0 2 4 0 4 4 0 8 0 vmpool 840 35 0 6 5 1 4 4 0 8 0 pfiaddrpl 120 1 0 0 1 0 1 1 0 8 0 kstatmem 264 730 0 694 4 1 3 3 0 8 0 acpiwqpl 32 7 0 7 1 0 1 1 1 8 1 scsiplug 72 59 0 59 16 15 1 1 0 8 1 scxspl 216 207229 0 207229 17 16 1 4 1 8 1 plimitpl 152 3252 0 3233 1 0 1 1 0 8 0 sigapl 424 11129 0 11081 9 3 6 8 0 8 0 knotepl 120 921 0 0 24 0 24 24 0 8 0 kqueuepl 224 5181 0 5102 38 33 5 5 0 8 0 pipepl 344 1218 0 1190 12 9 3 9 0 8 0 fdescpl 528 11058 0 11026 3 0 3 3 0 8 0 filepl 160 81792 0 81477 68 52 16 22 0 8 2 lockfpl 104 5408 0 5354 15 11 4 4 0 8 2 lockfspl 48 1942 0 1896 3 2 1 2 0 8 0 sessionpl 144 57 0 48 1 0 1 1 0 8 0 pgrppl 48 369 0 352 1 0 1 1 0 8 0 ucredpl 104 14290 0 14275 1 0 1 1 0 8 0 zombiepl 144 12975 0 12973 2 1 1 1 0 8 0 processpl 1232 11129 0 11081 8 3 5 6 0 8 1 procpl 664 29600 0 29540 9 2 7 8 0 8 0 sosppl 176 85 0 85 9 8 1 1 0 8 1 sockpl 752 23053 0 23012 191 181 10 31 0 8 5 mcl64k 65536 30 0 0 3 0 3 3 0 8 0 mcl16k 16384 8 0 0 1 0 1 1 0 8 0 mcl12k 12288 4 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 121 0 0 15 0 15 15 0 8 0 mcl2k2 2112 4 0 0 1 0 1 1 0 8 0 mcl2k 2048 113 0 0 9 2 7 9 0 8 0 mtagpl 96 8 0 0 1 0 1 1 0 8 0 mbufpl 256 2631 0 0 154 0 154 154 0 8 0 bufpl 280 77205 0 71068 439 0 439 439 0 8 0 anonpl 32 14702 0 0 118 0 118 118 0 246 0 amapchunkpl 152 385499 0 384857 127 96 31 41 0 158 4 amappl16 200 31620 0 31522 176 157 19 32 0 8 7 amappl15 192 7 0 6 1 0 1 1 0 8 0 amappl14 184 12 0 12 4 4 0 1 0 8 0 amappl13 176 799 0 798 1 0 1 1 0 8 0 amappl12 168 11614 0 11571 3 0 3 3 0 8 0 amappl11 160 111 0 111 3 2 1 1 0 8 1 amappl10 152 53 0 38 1 0 1 1 0 8 0 amappl9 144 249 0 248 3 2 1 1 0 8 0 amappl8 136 30 0 25 1 0 1 1 0 8 0 amappl7 128 202 0 200 1 0 1 1 0 8 0 amappl6 120 659 0 645 1 0 1 1 0 8 0 amappl5 112 90 0 79 1 0 1 1 0 8 0 amappl4 104 622 0 590 1 0 1 1 0 8 0 amappl3 96 63333 0 63222 4 1 3 3 0 8 0 amappl2 88 11082 0 11001 2 0 2 2 0 8 0 amappl1 80 55283 0 54689 15 1 14 14 0 8 0 amappl 88 96675 0 96480 5 0 5 5 0 92 0 uvmvnodes 80 368 0 0 8 0 8 8 0 8 0 dma65536 65536 6 0 6 5 5 0 1 0 8 0 dma32768 32768 3 0 3 3 3 0 1 0 8 0 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 3 0 2 1 0 1 1 0 8 0 dma512 512 3 0 3 3 3 0 1 0 8 0 dma256 256 10 0 10 4 4 0 1 0 8 0 dma128 128 270 0 270 11 11 0 1 0 8 0 dma64 64 12 0 12 7 7 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 195 0 8 4 0 4 4 0 8 0 uaddrrnd 24 11058 0 11026 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 11058 0 11026 1 0 1 1 0 8 0 vmmpekpl 168 72422 0 72358 4 0 4 4 0 8 0 vmmpepl 168 681505 0 679348 205 96 109 115 0 357 7 vmsppl 488 11057 0 11026 7 2 5 5 0 8 0 rwobjpl 80 160097 0 158496 50 10 40 41 0 8 0 pdppl 4096 22193 0 22093 193 91 102 102 0 8 2 pvpl 32 24499 0 0 195 0 195 195 0 265 0 pmappl 256 11092 0 11032 4 0 4 4 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 648 0 223 14 1 13 13 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+39: addq $8,%rsp x86_ipi_db(ffffffff8387bff0) at x86_ipi_db+39 x86_ipi_handler() at x86_ipi_handler+217 Xresume_lapic_ipi() at Xresume_lapic_ipi+39 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+44 __mp_lock(ffffffff839be580) at __mp_lock+419 softintr_dispatch(2) at softintr_dispatch+293 dosoftint(2) at dosoftint+84 Xsofttty() at Xsofttty+39 __mp_lock(ffffffff839be580) at __mp_lock+402 softintr_dispatch(0) at softintr_dispatch+293 dosoftint(0) at dosoftint+84 Xsoftclock() at Xsoftclock+39 end of kernel end trace frame: 0x710ef1f7bab0, count: 3 ddb{0}> trace x86_ipi_db(ffffffff8387bff0) at x86_ipi_db+39 x86_ipi_handler() at x86_ipi_handler+217 Xresume_lapic_ipi() at Xresume_lapic_ipi+39 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+44 __mp_lock(ffffffff839be580) at __mp_lock+419 softintr_dispatch(2) at softintr_dispatch+293 dosoftint(2) at dosoftint+84 Xsofttty() at Xsofttty+39 __mp_lock(ffffffff839be580) at __mp_lock+402 softintr_dispatch(0) at softintr_dispatch+293 dosoftint(0) at dosoftint+84 Xsoftclock() at Xsoftclock+39 end of kernel end trace frame: 0x710ef1f7bab0, count: -12 ddb{0}> machine ddbcpu 1 Stopped at proc_trampoline+199: movl $0,%gs:1672 proc_trampoline() at proc_trampoline+199 end of kernel end trace frame: 0xca2f9404220, count: 14 ddb{1}> trace proc_trampoline() at proc_trampoline+199 end of kernel end trace frame: 0xca2f9404220, count: -1