uvm_fault(0xfffffd80627d4668, 0xa, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at vio_rxeof+0x191: movzwl 0xa(%r15),%eax
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
kernel page fault
uvm_fault(0xfffffd80627d4668, 0xa, 0, 1) -> e
vio_rxeof(ffff80000017a000) at vio_rxeof+0x191 sys/dev/pv/if_vio.c:1018
end trace frame: 0xffff80001e7aac20, count: 0
ddb> trace
vio_rxeof(ffff80000017a000) at vio_rxeof+0x191 sys/dev/pv/if_vio.c:1018
vio_rx_intr(ffff80000017a050) at vio_rx_intr+0x4d sys/dev/pv/if_vio.c:1056
virtio_check_vqs(ffff80000002ea00) at virtio_check_vqs+0x150 sys/dev/pv/virtio.c:228
intr_handler(ffff80001e7aacd0,ffff800000655380) at intr_handler+0x4d sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge19_untramp() at Xintr_ioapic_edge19_untramp+0x19f
__sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x6d sys/dev/kcov.c:84
uvm_addr_invoke(fffffd80627d4668,fffffd806c3bcde0,ffff80001e7aafe0,ffff80001e7aafe8,ffff80001e7ab138,1000) at uvm_addr_invoke+0x13e sys/uvm/uvm_addr.c:412
uvm_map_findspace(fffffd80627d4668,ffff80001e7aafe0,ffff80001e7aafe8,ffff80001e7ab138,1000,1000) at uvm_map_findspace+0x8e sys/uvm/uvm_map.c:880
uvm_mapanon(fffffd80627d4668,ffff80001e7ab138,1000,1000,80713) at uvm_mapanon+0x4fb sys/uvm/uvm_map.c:1043
sys_mmap(ffff80001d6a9278,ffff80001e7ab1e8,ffff80001e7ab230) at sys_mmap+0x993 uvm_mmapanon sys/uvm/uvm_mmap.c:949 [inline]
sys_mmap(ffff80001d6a9278,ffff80001e7ab1e8,ffff80001e7ab230) at sys_mmap+0x993 sys/uvm/uvm_mmap.c:423
syscall(ffff80001e7ab2b0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd424e11d7e0, count: -12
ddb> show registers
rdi 0xc
rsi 0xc
rbp 0xffff80001e7aabc0
rbx 0xffff80000017a000
rdx 0
rcx 0xffff8000001ab000
rax 0
r8 0x2
r9 0
r10 0
r11 0x83ada5cf9e39ef17
r12 0xffff80000002ea00
r13 0xc
r14 0xfffffd8058cb1b00
r15 0
rip 0xffffffff8144b091 vio_rxeof+0x191
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80001e7aab30
ss 0x10
vio_rxeof+0x191: movzwl 0xa(%r15),%eax
ddb> show proc
PROC (syz-executor.1) pid=266552 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=50, usrpri=56, nice=20
forw=0xffffffffffffffff, list=0xffff80001d6aa118,0xffffffff82829c20
process=0xffff80001d766030 user=0xffff80001e7a6000, vmspace=0xfffffd80627d4668
estcpu=6, cpticks=1, pctcpu=0.0
user=0, sys=0, intr=1
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
60759 73717 67797 0 2 0 syz-executor.1
*60759 266552 67797 0 7 0x4000000 syz-executor.1
67797 344749 76180 0 3 0x82 nanosleep syz-executor.1
57965 83841 0 0 3 0x14200 acct acct
55852 98334 1 0 3 0x100083 ttyin getty
59179 50723 0 0 3 0x14200 bored sosplice
74110 486180 0 0 3 0x14280 nfsidl nfsio
76443 224351 0 0 3 0x14280 nfsidl nfsio
84375 265294 0 0 3 0x14280 nfsidl nfsio
81935 424155 0 0 3 0x14280 nfsidl nfsio
46304 254043 0 0 3 0x14280 nfsidl nfsio
38826 461526 0 0 3 0x14280 nfsidl nfsio
51495 402104 0 0 3 0x14280 nfsidl nfsio
34553 412399 0 0 3 0x14280 nfsidl nfsio
86516 198806 0 0 3 0x14280 nfsidl nfsio
3334 249017 0 0 3 0x14280 nfsidl nfsio
38071 169892 0 0 3 0x14280 nfsidl nfsio
10043 483343 0 0 3 0x14280 nfsidl nfsio
39633 192544 0 0 3 0x14280 nfsidl nfsio
34963 516798 0 0 3 0x14280 nfsidl nfsio
72507 494178 0 0 3 0x14280 nfsidl nfsio
78535 498112 0 0 3 0x14280 nfsidl nfsio
48051 520577 0 0 3 0x14280 nfsidl nfsio
37766 226436 0 0 3 0x14280 nfsidl nfsio
50124 521737 0 0 3 0x14280 nfsidl nfsio
40532 11671 0 0 3 0x14280 nfsidl nfsio
63151 304087 76180 0 2 0x2 syz-executor.0
76180 510514 78168 0 3 0x82 thrsleep syz-fuzzer
76180 367332 78168 0 3 0x4000082 nanosleep syz-fuzzer
76180 280077 78168 0 3 0x4000082 thrsleep syz-fuzzer
76180 363436 78168 0 3 0x4000082 thrsleep syz-fuzzer
76180 179997 78168 0 3 0x4000082 thrsleep syz-fuzzer
76180 217724 78168 0 2 0x4000002 syz-fuzzer
76180 417347 78168 0 3 0x4000082 thrsleep syz-fuzzer
76180 398618 78168 0 3 0x4000082 thrsleep syz-fuzzer
78168 191982 15371 0 3 0x10008a pause ksh
15371 355136 74571 0 2 0x12 sshd
74571 411070 1 0 3 0x80 select sshd
81989 262592 81569 73 3 0x100090 kqread syslogd
81569 279325 1 0 3 0x100082 netio syslogd
23712 390256 1 77 3 0x100090 poll dhclient
1750 435004 1 0 3 0x80 poll dhclient
41110 6077 0 0 3 0x14200 bored smr
61230 393372 0 0 2 0x14200 zerothread
50521 217539 0 0 3 0x14200 aiodoned aiodoned
72415 193633 0 0 3 0x14200 syncer update
3823 211229 0 0 3 0x14200 cleaner cleaner
24059 13181 0 0 3 0x14200 reaper reaper
99551 85710 0 0 3 0x14200 pgdaemon pagedaemon
32761 134172 0 0 3 0x14200 bored crynlk
93054 105496 0 0 3 0x14200 bored crypto
54932 329899 0 0 3 0x40014200 acpi0 acpi0
48763 517182 0 0 3 0x14200 bored softnet
79997 353123 0 0 3 0x14200 bored systqmp
80730 154817 0 0 3 0x14200 bored systq
84898 58864 0 0 3 0x40014200 bored softclock
11315 52687 0 0 3 0x40014200 idle0
1 441026 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9497 6463K 7102K 78643K 11272 0
pcb 13 8K 8K 78643K 57 0
rtable 120 5K 9K 78643K 502 0
ifaddr 65 13K 14K 78643K 132 0
sysctl 2 0K 0K 78643K 2 0
counters 21 16K 16K 78643K 24 0
ioctlops 0 0K 4K 78643K 43 0
iov 0 0K 16K 78643K 137 0
mount 1 1K 1K 78643K 1 0
vnodes 1223 77K 77K 78643K 1427 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 6 0
VM map 2 0K 0K 78643K 2 0
sem 12 0K 0K 78643K 50 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1809 195K 288K 78643K 12938 0
file desc 5 13K 25K 78643K 284 0
sigio 0 0K 0K 78643K 4 0
proc 49 38K 55K 78643K 475 0
subproc 32 2K 2K 78643K 68 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 17 0
in_multi 44 2K 2K 78643K 91 0
ether_multi 1 0K 0K 78643K 9 0
mrt 0 0K 0K 78643K 4 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 49 228K 228K 78643K 49 0
exec 0 0K 1K 78643K 230 0
pfkey data 0 0K 0K 78643K 4 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 133 55K 64K 78643K 1544 0
UVM aobj 29 4K 4K 78643K 31 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 38 0
NDP 10 0K 0K 78643K 23 0
temp 98 3857K 3921K 78643K 5263 0
kqueue 3 4K 10K 78643K 8 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 10 0 4 1 0 1 1 0 8 0
rtpcb 80 39 0 37 1 0 1 1 0 8 0
rtentry 112 81 0 33 2 0 2 2 0 8 0
unpcb 120 115 0 107 1 0 1 1 0 8 0
syncache 264 6 0 6 2 2 0 1 0 8 0
tcpqe 32 123 0 123 1 1 0 1 0 8 0
tcpcb 544 88 0 84 1 0 1 1 0 8 0
inpcb 296 257 0 250 2 0 2 2 0 8 1
rttmr 72 2 0 2 1 1 0 1 0 8 0
nd6 48 17 0 9 1 0 1 1 0 8 0
pkpcb 40 89 0 89 1 0 1 1 0 8 1
ppxss 1136 1 0 1 1 1 0 1 0 8 0
pfrktable 1344 83 0 81 1 0 1 1 0 8 0
pftag 88 18 0 18 2 1 1 1 0 8 1
pfrule 1360 16 0 14 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 386 0 171 15 1 14 14 0 8 0
art_table 32 387 0 171 2 0 2 2 0 8 0
art_node 16 80 0 37 1 0 1 1 0 8 0
sysvmsgpl 40 4 0 1 1 0 1 1 0 8 0
semupl 112 4 0 4 1 1 0 1 0 8 0
semapl 112 44 0 34 1 0 1 1 0 8 0
shmpl 112 28 0 2 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 1725 0 326 88 0 88 88 0 8 0
ffsino 240 1725 0 326 83 0 83 83 0 8 0
nchpl 144 2315 0 722 60 0 60 60 0 8 0
uvmvnodes 72 1945 0 0 36 0 36 36 0 8 0
vnodes 208 1945 0 0 103 0 103 103 0 8 0
namei 1024 6392 0 6392 1 0 1 1 0 8 1
vcpupl 1984 4 0 0 1 0 1 1 0 8 0
vmpool 528 4 0 0 1 0 1 1 0 8 0
pfiaddrpl 120 26 0 24 1 0 1 1 0 8 0
scxspl 192 6547 0 6547 1 0 1 1 0 8 1
plimitpl 152 37 0 30 1 0 1 1 0 8 0
sigapl 424 487 0 437 6 0 6 6 0 8 0
futexpl 56 5035 0 5035 1 0 1 1 0 8 1
knotepl 112 91 0 72 1 0 1 1 0 8 0
kqueuepl 144 20 0 18 1 0 1 1 0 8 0
pipepl 272 108 0 98 1 0 1 1 0 8 0
fdescpl 432 451 0 437 2 0 2 2 0 8 0
filepl 120 2610 0 2515 4 0 4 4 0 8 1
lockfpl 104 54 0 53 1 0 1 1 0 8 0
lockfspl 48 21 0 20 1 0 1 1 0 8 0
sessionpl 112 20 0 10 1 0 1 1 0 8 0
pgrppl 48 22 0 12 1 0 1 1 0 8 0
ucredpl 96 208 0 201 1 0 1 1 0 8 0
zombiepl 144 437 0 437 1 0 1 1 0 8 1
processpl 928 487 0 437 7 0 7 7 0 8 0
procpl 624 764 0 706 5 0 5 5 0 8 0
sosppl 128 2 0 2 1 0 1 1 0 8 1
sockpl 400 503 0 486 3 0 3 3 0 8 1
mcl64k 65536 20 0 20 1 0 1 1 0 8 1
mcl16k 16384 4 0 4 1 0 1 1 0 8 1
mcl12k 12288 5 0 5 2 1 1 1 0 8 1
mcl9k 9216 2 0 2 1 1 0 1 0 8 0
mcl8k 8192 7 0 7 1 0 1 1 0 8 1
mcl4k 4096 31 0 31 2 1 1 1 0 8 1
mcl2k2 2112 4 0 3 2 1 1 1 0 8 0
mcl2k 2048 92802 0 92756 21 14 7 18 0 8 0
mtagpl 96 17 0 9 2 1 1 1 0 8 0
mbufpl 256 148211 0 148057 14 3 11 11 0 8 0
bufpl 280 3708 0 129 256 0 256 256 0 8 0
anonpl 16 67481 0 52195 87 11 76 85 0 107 7
amapchunkpl 152 2423 0 2277 13 2 11 11 0 158 5
amappl16 192 2061 0 1149 54 8 46 54 0 8 0
amappl15 184 1 0 0 1 0 1 1 0 8 0
amappl14 176 34 0 26 1 0 1 1 0 8 0
amappl13 168 96 0 93 1 0 1 1 0 8 0
amappl12 160 177 0 174 2 1 1 1 0 8 0
amappl11 152 101 0 91 1 0 1 1 0 8 0
amappl10 144 12 0 7 1 0 1 1 0 8 0
amappl9 136 388 0 384 1 0 1 1 0 8 0
amappl8 128 374 0 330 2 0 2 2 0 8 0
amappl7 120 123 0 110 1 0 1 1 0 8 0
amappl6 112 64 0 61 1 0 1 1 0 8 0
amappl5 104 495 0 482 1 0 1 1 0 8 0
amappl4 96 460 0 434 1 0 1 1 0 8 0
amappl3 88 107 0 102 1 0 1 1 0 8 0
amappl2 80 2704 0 2637 2 0 2 2 0 8 0
amappl1 72 19402 0 18985 23 13 10 17 0 8 0
amappl 80 998 0 954 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 30 0 2 1 0 1 1 0 8 0
uaddrrnd 24 455 0 437 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 455 0 437 1 0 1 1 0 8 0
vmmpekpl 168 6813 0 6776 2 0 2 2 0 8 0
vmmpepl 168 63488 0 61467 134 9 125 125 0 357 32
vmsppl 272 454 0 437 2 0 2 2 0 8 0
pdppl 4096 916 0 878 7 1 6 6 0 8 0
pvpl 32 197685 0 179279 199 9 190 199 0 265 28
pmappl 200 454 0 437 1 0 1 1 0 8 0
extentpl 40 53 0 36 1 0 1 1 0 8 0
phpool 112 253 0 22 7 0 7 7 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
vio_rxeof(ffff80000017a000) at vio_rxeof+0x191 sys/dev/pv/if_vio.c:1018
vio_rx_intr(ffff80000017a050) at vio_rx_intr+0x4d sys/dev/pv/if_vio.c:1056
virtio_check_vqs(ffff80000002ea00) at virtio_check_vqs+0x150 sys/dev/pv/virtio.c:228
intr_handler(ffff80001e7aacd0,ffff800000655380) at intr_handler+0x4d sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge19_untramp() at Xintr_ioapic_edge19_untramp+0x19f
__sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x6d sys/dev/kcov.c:84
uvm_addr_invoke(fffffd80627d4668,fffffd806c3bcde0,ffff80001e7aafe0,ffff80001e7aafe8,ffff80001e7ab138,1000) at uvm_addr_invoke+0x13e sys/uvm/uvm_addr.c:412
uvm_map_findspace(fffffd80627d4668,ffff80001e7aafe0,ffff80001e7aafe8,ffff80001e7ab138,1000,1000) at uvm_map_findspace+0x8e sys/uvm/uvm_map.c:880
uvm_mapanon(fffffd80627d4668,ffff80001e7ab138,1000,1000,80713) at uvm_mapanon+0x4fb sys/uvm/uvm_map.c:1043
sys_mmap(ffff80001d6a9278,ffff80001e7ab1e8,ffff80001e7ab230) at sys_mmap+0x993 uvm_mmapanon sys/uvm/uvm_mmap.c:949 [inline]
sys_mmap(ffff80001d6a9278,ffff80001e7ab1e8,ffff80001e7ab230) at sys_mmap+0x993 sys/uvm/uvm_mmap.c:423
syscall(ffff80001e7ab2b0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd424e11d7e0, count: -12
ddb> machine ddbcpu 1
No such command
ddb> trace
vio_rxeof(ffff80000017a000) at vio_rxeof+0x191 sys/dev/pv/if_vio.c:1018
vio_rx_intr(ffff80000017a050) at vio_rx_intr+0x4d sys/dev/pv/if_vio.c:1056
virtio_check_vqs(ffff80000002ea00) at virtio_check_vqs+0x150 sys/dev/pv/virtio.c:228
intr_handler(ffff80001e7aacd0,ffff800000655380) at intr_handler+0x4d sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge19_untramp() at Xintr_ioapic_edge19_untramp+0x19f
__sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x6d sys/dev/kcov.c:84
uvm_addr_invoke(fffffd80627d4668,fffffd806c3bcde0,ffff80001e7aafe0,ffff80001e7aafe8,ffff80001e7ab138,1000) at uvm_addr_invoke+0x13e sys/uvm/uvm_addr.c:412
uvm_map_findspace(fffffd80627d4668,ffff80001e7aafe0,ffff80001e7aafe8,ffff80001e7ab138,1000,1000) at uvm_map_findspace+0x8e sys/uvm/uvm_map.c:880
uvm_mapanon(fffffd80627d4668,ffff80001e7ab138,1000,1000,80713) at uvm_mapanon+0x4fb sys/uvm/uvm_map.c:1043
sys_mmap(ffff80001d6a9278,ffff80001e7ab1e8,ffff80001e7ab230) at sys_mmap+0x993 uvm_mmapanon sys/uvm/uvm_mmap.c:949 [inline]
sys_mmap(ffff80001d6a9278,ffff80001e7ab1e8,ffff80001e7ab230) at sys_mmap+0x993 sys/uvm/uvm_mmap.c:423
syscall(ffff80001e7ab2b0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd424e11d7e0, count: -12