uvm_fault(0xfffffd806c00ecc0, 0xf, 0, 1) -> e kernel: page fault trap, code=0 Stopped at ktrops+0x58: movq 0x10(%r14),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND *272761 49861 0 0 0x4000000 0 syz-executor ktrops(ffff80002a7e0010,ffffffffffffffff,0,80000538,fffffd8066966a20,fffffd807f7d7888) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff80002a7e0010,ffffffffffffffff,0,80000538,fffffd8066966a20,fffffd807f7d7888) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd8066966a20,4,538,0,ffff80002a7e0010) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd8066966a20,4,538,0,ffff80002a7e0010) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff80002a7e0010,ffff80002a839760,ffff80002a8396b0) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80002a839760) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1d34727f100, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd806c00ecc0, 0xf, 0, 1) -> e ddb> trace ktrops(ffff80002a7e0010,ffffffffffffffff,0,80000538,fffffd8066966a20,fffffd807f7d7888) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff80002a7e0010,ffffffffffffffff,0,80000538,fffffd8066966a20,fffffd807f7d7888) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd8066966a20,4,538,0,ffff80002a7e0010) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd8066966a20,4,538,0,ffff80002a7e0010) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff80002a7e0010,ffff80002a839760,ffff80002a8396b0) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80002a839760) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1d34727f100, count: -5 ddb> show registers rdi 0xffff800031516000 rsi 0x2f65 __ALIGN_SIZE+0x1f65 rbp 0xffff80002a839480 rbx 0xfffffd807f7d7888 rdx 0xffff800031516000 rcx 0x2f64 __ALIGN_SIZE+0x1f64 rax 0xffffffff81304133 ktrops+0x43 r8 0xfffffd8066966a20 r9 0xfffffd807f7d7888 r10 0x345402aedc3e26a1 r11 0x6fa968802016273d r12 0xffff80002a7e0010 r13 0xffffffffffffffff r14 0xffffffffffffffff r15 0x80000538 __kernel_virt_to_phys+0x538 rip 0xffffffff81304148 ktrops+0x58 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a839400 ss 0 ktrops+0x58: movq 0x10(%r14),%r14 ddb> show proc PROC (syz-executor) tid=272761 pid=49861 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=84, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a8a7c70,0xffff80002a8a7240 process=0xffff8000ffff48c8 user=0xffff80002a834000, vmspace=0xfffffd806c00ecc0 estcpu=34, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 77662 387569 63976 0 2 0 syz-executor 77662 336155 63976 0 3 0x4000080 kqsel syz-executor 77662 57874 63976 0 2 0x4000000 syz-executor 89442 96641 3583 0 2 0 syz-executor 89442 175360 3583 0 3 0x4000080 fsleep syz-executor 89442 2704 3583 0 2 0x4000000 syz-executor 83130 201258 40148 0 2 0 syz-executor 83130 446334 40148 0 3 0x4000080 fsleep syz-executor 49861 280036 23718 0 2 0 syz-executor *49861 272761 23718 0 7 0x4000000 syz-executor 49861 492012 23718 0 3 0x4000080 fsleep syz-executor 1588 440976 51510 0 2 0 syz-executor 1588 137108 51510 0 2 0x4000000 syz-executor 1588 72705 51510 0 3 0x4000080 fsleep syz-executor 51510 419562 27373 0 2 0x482 syz-executor 23718 351146 27373 0 2 0x482 syz-executor 40148 124931 27373 0 2 0x482 syz-executor 77092 152537 27373 0 2 0x2 syz-executor 3583 107992 27373 0 2 0x482 syz-executor 32514 488472 27373 0 2 0x2 syz-executor 58927 466489 0 0 3 0x14200 bored sosplice 71703 64266 27373 0 2 0x2 syz-executor 63976 128669 27373 0 2 0x482 syz-executor 27373 410651 12681 0 3 0x82 kqread syz-executor 12681 343068 17745 0 3 0x10008a sigsusp ksh 17745 248923 95548 0 3 0x98 kqread sshd-session 95548 337141 54996 0 3 0x92 kqread sshd-session 83993 60979 1 0 3 0x100083 ttyin getty 54996 455960 1 0 3 0x88 kqread sshd 16344 480571 82134 73 3 0x1100090 kqread syslogd 82134 417064 1 0 3 0x100082 sbwait syslogd 98850 396858 1 0 3 0x100080 kqread resolvd 12814 185453 4114 77 3 0x100092 kqread dhcpleased 65339 502295 4114 77 3 0x100092 kqread dhcpleased 4114 9741 1 0 3 0x80 kqread dhcpleased 27284 25339 0 0 3 0x14200 bored smr 22345 483139 0 0 2 0x14200 zerothread 42368 466471 0 0 3 0x14200 aiodoned aiodoned 91679 218281 0 0 3 0x14200 syncer update 75635 238072 0 0 3 0x14200 cleaner cleaner 33109 295986 0 0 3 0x14200 reaper reaper 3108 72128 0 0 3 0x14200 pgdaemon pagedaemon 70497 224176 0 0 3 0x14200 bored viomb 48300 173456 0 0 3 0x40014200 acpi0 acpi0 4483 222543 0 0 3 0x14200 bored softnet3 21024 62028 0 0 3 0x14200 bored softnet2 5494 43327 0 0 3 0x14200 bored softnet1 45766 68343 0 0 3 0x14200 bored softnet0 61803 468379 0 0 3 0x14200 bored systqmp 94077 420974 0 0 3 0x14200 bored systq 32910 57107 0 0 2 0x40014200 softclock 36184 219424 0 0 3 0x40014200 idle0 1 196701 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10200 11257K 11591K 166960K 15387 0 pcb 17 18K 20K 166960K 750 0 rtable 203 16K 16K 166960K 1007 0 pf 37 14K 22K 166960K 294 0 ifaddr 36 6K 8K 166960K 181 0 ifgroup 54 2K 2K 166960K 345 0 sysctl 4 1K 1K 166960K 8 0 counters 31 17K 18K 166960K 154 0 ioctlops 0 0K 4K 166960K 518 0 iov 0 0K 20K 166960K 225 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1394 88K 88K 166960K 3469 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 55 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 134 0 dirhash 12 2K 2K 166960K 54 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 53K 110K 166960K 2757 0 sigio 0 0K 0K 166960K 180 0 proc 60 59K 99K 166960K 962 0 subproc 72 4K 4K 166960K 154 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 693 0 in_multi 71 5K 7K 166960K 282 0 ether_multi 1 0K 0K 166960K 21 0 mrt 5 0K 0K 166960K 16 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 97 440K 440K 166960K 97 0 exec 0 0K 1K 166960K 1025 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 207 72K 89K 166960K 26119 0 UVM aobj 131 4K 4K 166960K 145 0 pinsyscall 36 72K 95K 166960K 4013 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 195 0 NDP 12 0K 1K 166960K 128 0 temp 78 8684K 8872K 166960K 113913 0 kqueue 14 22K 32K 166960K 506 0 SYN cache 2 8K 16K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 353 0 350 5 4 1 3 0 8 0 rtentry 112 287 0 211 4 0 4 4 0 8 0 unpcb 144 2337 0 2322 13 7 6 6 0 8 5 syncache 336 4 0 4 2 1 1 1 0 8 1 tcpqe 32 2 0 2 1 0 1 1 0 8 1 tcpcb 808 1018 0 1012 31 23 8 14 0 8 7 arp 88 48 0 35 1 0 1 1 0 8 0 ipq 40 8 0 7 1 0 1 1 0 8 0 ipqe 40 164 0 163 1 0 1 1 0 8 0 inpcb 344 3946 0 3936 59 50 9 16 0 8 8 nd6 104 67 0 48 1 0 1 1 0 8 0 pkpcb 40 17 0 17 4 3 1 1 0 8 1 kcovpl 48 17 0 9 1 0 1 1 0 8 0 ppxss 1072 78 0 78 3 2 1 1 0 8 1 pppxif 1384 17 0 17 3 2 1 1 0 8 1 pfrktable 1344 4 0 1 1 0 1 1 0 8 0 pfanchor 1288 2 0 0 1 0 1 1 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 2 0 0 1 0 1 1 0 8 0 pfstate 344 1 0 0 1 0 1 1 0 8 0 pfrule 1344 2 0 1 1 0 1 1 0 8 0 art_heap8 4096 6 0 1 5 0 5 5 0 8 0 art_heap4 256 1062 0 717 30 6 24 29 0 8 1 art_table 32 1068 0 718 4 0 4 4 0 8 0 art_node 16 281 0 214 1 0 1 1 0 8 0 sysvmsgpl 40 81 0 75 1 0 1 1 0 8 0 semapl 112 127 0 117 1 0 1 1 0 8 0 shmpl 112 142 0 14 4 0 4 4 0 8 0 dirhash 1024 46 0 29 3 0 3 3 0 8 0 dino2pl 256 6182 0 4680 95 0 95 95 0 8 0 ffsino 248 6182 0 4680 95 0 95 95 0 8 0 nchpl 144 10045 0 9493 64 32 32 64 0 8 8 rtmask 32 17 0 17 3 2 1 1 0 8 1 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 37054 0 37052 4 3 1 2 0 8 0 pfiaddrpl 120 1 0 0 1 0 1 1 0 8 0 kstatmem 264 188 0 164 3 0 3 3 0 8 1 acpiwqpl 32 2 0 2 1 0 1 1 1 8 1 scsiplug 72 7 0 7 4 3 1 1 0 8 1 scxspl 216 29731 0 29731 13 10 3 8 1 8 3 plimitpl 152 914 0 898 1 0 1 1 0 8 0 sigapl 424 3058 0 3014 9 1 8 8 0 8 1 futexpl 64 40694 0 40690 1 0 1 1 0 8 0 knotepl 120 624130 0 624083 60 49 11 16 0 8 8 kqueuepl 184 1154 0 1143 8 4 4 4 0 8 3 pipepl 296 421 0 394 8 5 3 8 0 8 0 fdescpl 440 2995 0 2968 5 1 4 5 0 8 0 filepl 120 21632 0 21424 28 14 14 16 0 8 5 lockfpl 104 1028 0 1026 2 0 2 2 0 8 1 lockfspl 48 325 0 323 1 0 1 1 0 8 0 sessionpl 144 30 0 22 1 0 1 1 0 8 0 pgrppl 48 96 0 80 1 0 1 1 0 8 0 ucredpl 104 3910 0 3897 1 0 1 1 0 8 0 zombiepl 144 3217 0 3217 3 2 1 1 0 8 1 processpl 1112 3058 0 3014 6 1 5 5 0 8 1 procpl 656 6912 0 6859 11 3 8 8 0 8 2 sosppl 168 6 0 6 3 2 1 1 0 8 1 sockpl 528 6703 0 6676 42 32 10 14 0 8 7 mcl64k 65536 54 0 52 2 1 1 1 0 8 0 mcl16k 16384 4 0 4 2 1 1 1 0 8 1 mcl12k 12288 1 0 1 1 1 0 1 0 8 0 mcl9k 9216 2 0 2 1 1 0 1 0 8 0 mcl8k 8192 26 0 26 4 3 1 1 0 8 1 mcl4k 4096 5873 0 5821 14 5 9 12 0 8 2 mcl2k2 2112 1 0 1 1 1 0 1 0 8 0 mcl2k 2048 2789 0 2781 13 4 9 9 0 8 7 mtagpl 96 329 0 261 4 0 4 4 0 8 0 mbufpl 256 33931 0 33385 49 7 42 42 0 8 0 bufpl 280 7440 0 1212 446 0 446 446 0 8 0 anonpl 24 378874 0 367607 139 45 94 94 0 187 4 amapchunkpl 152 90015 0 89458 61 23 38 38 0 158 12 amappl16 200 6351 0 5924 57 24 33 33 0 8 0 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 124 0 114 1 0 1 1 0 8 0 amappl13 176 6 0 6 1 1 0 1 0 8 0 amappl12 168 3746 0 3719 2 0 2 2 0 8 0 amappl11 160 43 0 33 1 0 1 1 0 8 0 amappl10 152 6 0 6 1 1 0 1 0 8 0 amappl9 144 246 0 246 1 1 0 1 0 8 0 amappl8 136 27 0 23 1 0 1 1 0 8 0 amappl7 128 119 0 108 1 0 1 1 0 8 0 amappl6 120 264 0 260 1 0 1 1 0 8 0 amappl5 112 149 0 142 1 0 1 1 0 8 0 amappl4 104 320 0 304 1 0 1 1 0 8 0 amappl3 96 18089 0 17989 5 1 4 4 0 8 0 amappl2 88 759 0 701 2 0 2 2 0 8 0 amappl1 80 15891 0 15377 14 2 12 13 0 8 0 amappl 88 25518 0 25358 6 1 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma8192 8192 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 259 0 259 3 2 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 144 0 14 3 0 3 3 0 8 0 uaddrrnd 24 2995 0 2968 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2995 0 2968 1 0 1 1 0 8 0 vmmpekpl 168 21442 0 21387 3 0 3 3 0 8 0 vmmpepl 168 180413 0 178363 136 24 112 112 0 357 6 vmsppl 360 2994 0 2968 4 1 3 4 0 8 0 rwobjpl 32 49015 0 41711 61 0 61 61 0 8 1 pdppl 4096 5997 0 5936 137 70 67 83 0 8 6 pvpl 32 1198375 0 1181995 258 74 184 184 0 265 32 pmappl 216 2994 0 2968 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 397 0 128 8 0 8 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ktrops(ffff80002a7e0010,ffffffffffffffff,0,80000538,fffffd8066966a20,fffffd807f7d7888) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff80002a7e0010,ffffffffffffffff,0,80000538,fffffd8066966a20,fffffd807f7d7888) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd8066966a20,4,538,0,ffff80002a7e0010) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd8066966a20,4,538,0,ffff80002a7e0010) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff80002a7e0010,ffff80002a839760,ffff80002a8396b0) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80002a839760) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1d34727f100, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ktrops(ffff80002a7e0010,ffffffffffffffff,0,80000538,fffffd8066966a20,fffffd807f7d7888) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:727 [inline] ktrops(ffff80002a7e0010,ffffffffffffffff,0,80000538,fffffd8066966a20,fffffd807f7d7888) at ktrops+0x58 sys/kern/kern_ktrace.c:570 doktrace(fffffd8066966a20,4,538,0,ffff80002a7e0010) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline] doktrace(fffffd8066966a20,4,538,0,ffff80002a7e0010) at doktrace+0x6dd sys/kern/kern_ktrace.c:517 sys_ktrace(ffff80002a7e0010,ffff80002a839760,ffff80002a8396b0) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558 syscall(ffff80002a839760) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x1d34727f100, count: -5