uvm_fault(0xfffffd806bda1b58, 0x0, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip ffffffff82eb2a40 cs 8 rflags 10207 cr2 0 cpl 0 rsp ffff80003c41c940 gsbase 0xffff8000299ddff0 kgsbase 0x0 panic: trap type 6, code=0, pc=ffffffff82eb2a40 Starting stack trace... panic(ffffffff8333763d) at panic+0x1d0 sys/kern/subr_prf.c:229 kerntrap(ffff80003c41c890) at kerntrap+0x29b sys/arch/amd64/amd64/trap.c:327 alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b dt_ioctl_record_stop(ffff80000169c000) at dt_ioctl_record_stop+0xf0 sys/dev/dt/dt_dev.c:579 dtioctl(11e5f,80044403,ffff80003c41cbd0,81,ffff80003c4307e8) at dtioctl+0x536 sys/dev/dt/dt_dev.c:318 VOP_IOCTL(fffffd800a74ea80,80044403,ffff80003c41cbd0,81,fffffd807f7d3618,ffff80003c4307e8) at VOP_IOCTL+0xac sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806bdf9e90,80044403,ffff80003c41cbd0,ffff80003c4307e8) at vn_ioctl+0xf8 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80003c4307e8,ffff80003c41cdb0,ffff80003c41cd00) at sys_ioctl+0x5c3 sys/kern/sys_generic.c:-1 syscall(ffff80003c41cdb0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c41cdb0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x65ed3fdd2d0, count: 247 End of stack trace. WARNING: SPL NOT LOWERED ON TRAP EXIT 4 0 Stopped at proc_trampoline+0xc7: movl $0,%gs:0x680 TID PID UID PRFLAGS PFLAGS CPU COMMAND *130594 68985 0 0 0 1 syz-executor 406770 82916 0 0 0 0 syz-executor proc_trampoline() at proc_trampoline+0xc7 end of kernel end trace frame: 0x7af3b3434ad0, count: 14 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xfffffd806bda1b58, 0x0, 0, 1) -> e ddb{1}> trace proc_trampoline() at proc_trampoline+0xc7 end of kernel end trace frame: 0x7af3b3434ad0, count: -1 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff80002a358a90 rbx 0 rdx 0 rcx 0xffff8000ffff0f80 rax 0x2a r8 0xffff80002a3589c0 r9 0x1 r10 0xdbe33581ea57e9a1 r11 0xaf43ac648a926a82 r12 0 r13 0xffffffff81187ed8 Xdoreti+0x18 r14 0 r15 0 rip 0xffffffff813e24c7 proc_trampoline+0xc7 cs 0x8 rflags 0x246 rsp 0xffff80002a358a10 ss 0x10 proc_trampoline+0xc7: movl $0,%gs:0x680 ddb{1}> show proc PROC (syz-executor) tid=130594 pid=68985 tcnt=2 stat=onproc flags process=0 proc=0 runpri=50, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c4307e8,0xffff8000ffff0550 process=0xffff8000fffef400 user=0xffff80002a353000, vmspace=0xfffffd806bb7cd40 estcpu=36, cpticks=2, pctcpu=0.0, user=1, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 62286 262425 37051 0 2 0 syz-executor *68985 130594 68282 0 7 0 syz-executor 68985 232354 68282 0 3 0x4000000 biowait syz-executor 82916 406770 63069 0 7 0 syz-executor 82916 413599 63069 0 3 0x4000000 sbar syz-executor 55567 462417 77058 0 3 0x80 nanoslp syz-executor 55567 515543 77058 0 3 0x4000080 kqpoll syz-executor 31720 397018 6729 0 3 0x80 nanoslp syz-executor 31720 163229 6729 0 3 0x4000080 kqread syz-executor 31720 72649 6729 0 3 0x4000080 fsleep syz-executor 53766 504625 89848 0 3 0x80 nanoslp syz-executor 53766 59782 89848 0 3 0x4000080 netcon syz-executor 53766 272186 89848 0 3 0x4000080 fsleep syz-executor 53766 137945 89848 0 3 0x4000080 fsleep syz-executor 94990 498539 50692 0 3 0x80 nanoslp syz-executor 94990 219103 50692 0 3 0x4000080 kqpoll syz-executor 94990 180059 50692 0 3 0x4000080 fsleep syz-executor 94990 338513 50692 0 3 0x4000080 fsleep syz-executor 6729 7176 63255 0 3 0x82 nanoslp syz-executor 89848 246479 63255 0 3 0x82 nanoslp syz-executor 37051 485469 63255 0 3 0x82 nanoslp syz-executor 50692 53457 63255 0 3 0x82 nanoslp syz-executor 68282 397233 63255 0 3 0x82 nanoslp syz-executor 63069 75151 63255 0 3 0x82 nanoslp syz-executor 77058 446394 63255 0 3 0x82 nanoslp syz-executor 18500 445443 1 0 3 0x100083 ttyin getty 31624 17068 63255 0 3 0x82 nanoslp syz-executor 87302 37662 0 0 3 0x14200 bored sosplice 63255 18671 36029 0 3 0x82 kqread syz-executor 36029 292447 12975 0 3 0x10008a sigsusp ksh 12975 229134 83781 0 3 0x98 kqread sshd-session 83781 129154 35901 0 3 0x92 kqread sshd-session 35901 35181 1 0 3 0x88 kqread sshd 55380 119026 96803 74 3 0x1100092 bpf pflogd 96803 244814 1 0 3 0x80 sbwait pflogd 44084 152760 12831 73 3 0x1100090 kqread syslogd 12831 419537 1 0 3 0x100082 sbwait syslogd 92594 211151 1 0 3 0x100080 kqread resolvd 51719 325865 33522 77 3 0x100092 kqread dhcpleased 96328 49510 33522 77 3 0x100092 kqread dhcpleased 33522 15078 1 0 3 0x80 kqread dhcpleased 29325 340219 0 0 3 0x14200 bored smr 35829 14257 0 0 3 0x14200 pgzero zerothread 23948 1159 0 0 3 0x14200 aiodoned aiodoned 58147 392220 0 0 3 0x14200 syncer update 99840 40682 0 0 3 0x14200 cleaner cleaner 44024 373999 0 0 3 0x14200 reaper reaper 95665 244366 0 0 3 0x14200 pgdaemon pagedaemon 51692 221429 0 0 3 0x14200 bored viomb 62590 234332 0 0 3 0x40014200 acpi0 acpi0 29341 369753 0 0 3 0x40014200 idle1 18888 235380 0 0 3 0x14200 bored softnet3 43484 191627 0 0 3 0x14200 bored softnet2 86712 394586 0 0 3 0x14200 bored softnet1 32610 180298 0 0 3 0x14200 netlock softnet0 71682 102812 0 0 2 0x14200 systqmp 38619 68752 0 0 3 0x14200 syncxs systq 60497 503823 0 0 3 0x14200 tmoslp softclockmp 12671 382400 0 0 3 0x40014200 tmoslp softclock 90868 244142 0 0 3 0x40014200 idle0 1 472767 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks Process 68985 (syz-executor) thread 0xffff8000ffff0540 (232354) Process 82916 (syz-executor) thread 0xffff80003c4307e8 (413599) Process 38619 (systq) thread 0xffff8000ffffe000 (68752) ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10223 11082K 12704K 166960K 17895 0 pcb 17 16K 24K 166960K 1236 0 rtable 265 14K 14K 166960K 1703 0 pf 37 18K 82K 166960K 863 0 ifaddr 41 8K 10K 166960K 346 0 ifgroup 55 2K 3K 166960K 613 0 sysctl 4 1K 9K 166960K 40 0 counters 66 36K 38K 166960K 708 0 ioctlops 0 0K 8K 166960K 2803 0 iov 0 0K 24K 166960K 409 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1535 96K 97K 166960K 5892 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 40K 44K 166960K 132 0 VM map 2 1K 1K 166960K 2 0 sem 21 41K 73K 166960K 68 0 dirhash 12 2K 2K 166960K 120 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 240K 166960K 6169 0 sigio 0 0K 0K 166960K 87 0 proc 72 91K 140K 166960K 1838 0 subproc 72 4K 4K 166960K 300 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 822 0 in_multi 86 6K 7K 166960K 560 0 ether_multi 1 0K 0K 166960K 48 0 mrt 2 0K 0K 166960K 43 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 97 440K 440K 166960K 97 0 exec 0 0K 1K 166960K 1904 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 14 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 271 175K 187K 166960K 54164 0 UVM aobj 139 10K 10K 166960K 145 0 pinsyscall 43 86K 107K 166960K 7997 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 348 0 NDP 14 0K 2K 166960K 246 0 temp 84 8676K 8932K 166960K 232756 0 kqueue 17 28K 32K 166960K 1035 0 SYN cache 2 10K 18K 166960K 3 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle vscsiccb 40 1 0 0 1 0 1 1 0 8 0 plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 693 0 689 8 5 3 3 0 8 2 rtentry 176 532 0 424 9 3 6 6 0 8 0 unpcb 144 5094 0 5074 28 22 6 6 0 8 5 syncache 336 21 0 21 10 9 1 1 0 8 1 tcpcb 808 1918 0 1912 41 32 9 14 0 8 8 arp 128 100 0 70 2 0 2 2 0 8 0 inpcb 384 6639 0 6629 60 50 10 15 0 8 8 nd6 144 117 0 93 3 1 2 2 0 8 0 pkpcb 40 168 0 168 9 8 1 1 0 8 1 kcovpl 48 33 0 25 1 0 1 1 0 8 0 mppekey 1024 2 0 2 2 2 0 1 0 8 0 ppxss 1192 234 0 234 5 4 1 1 0 8 1 pppxif 1504 73 0 73 7 6 1 1 0 8 1 pffrag 232 29 0 20 1 0 1 1 0 482 0 pffrnode 88 24 0 15 1 0 1 1 0 8 0 pffrent 40 58 0 49 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 4 0 3 2 1 1 1 0 8 0 pfanchor 1288 3 0 0 1 0 1 1 0 8 0 pftag 88 4 0 2 1 0 1 1 0 8 0 pfstitem 24 322 0 135 2 0 2 2 0 8 0 pfstkey 128 322 0 135 7 0 7 7 0 8 0 pfstate 384 322 0 134 19 0 19 19 0 8 0 pfrule 1344 98 0 90 2 1 1 2 0 8 0 rttmr 136 5 0 5 4 4 0 1 0 8 0 art_heap8 4096 5 0 1 5 1 4 5 0 8 0 art_heap4 256 2010 0 1581 44 16 28 31 0 8 1 art_table 32 2015 0 1582 4 0 4 4 0 8 0 art_node 16 502 0 407 1 0 1 1 0 8 0 sysvmsgpl 40 20 0 10 1 0 1 1 0 8 0 semupl 112 4 0 4 4 4 0 1 0 8 0 semapl 112 55 0 36 1 0 1 1 0 8 0 shmpl 112 142 0 6 4 0 4 4 0 8 0 dirhash 1024 89 0 72 3 0 3 3 0 8 0 dino2pl 256 12102 0 10547 98 0 98 98 0 8 0 ffsino 288 12102 0 10547 112 0 112 112 0 8 0 nchpl 144 20500 0 18749 65 0 65 65 0 8 0 rtmask 32 29 0 29 7 6 1 1 0 8 1 uvmvnodes 80 5752 0 0 118 0 118 118 0 8 0 vnodes 216 5752 0 0 320 0 320 320 0 8 0 namei 1024 76996 0 76995 4 3 1 2 0 8 0 percpumem 16 369 0 321 1 0 1 1 0 8 0 kstatmem 264 364 0 336 8 5 3 3 0 8 0 acpiwqpl 32 4 0 4 1 0 1 1 1 8 1 scsiplug 72 22 0 22 8 7 1 1 0 8 1 scxspl 216 67916 0 67914 19 17 2 8 1 8 1 plimitpl 152 1334 0 1317 1 0 1 1 0 8 0 sigapl 424 6442 0 6391 10 3 7 9 0 8 0 knotepl 120 830 0 0 23 0 23 23 0 8 0 kqueuepl 224 2545 0 2531 25 20 5 5 0 8 3 pipepl 336 694 0 667 9 6 3 6 0 8 0 fdescpl 520 6391 0 6359 3 0 3 3 0 8 0 filepl 160 46180 0 45959 53 37 16 19 0 8 3 lockfpl 104 2317 0 2314 5 3 2 2 0 8 1 lockfspl 48 700 0 697 1 0 1 1 0 8 0 sessionpl 144 68 0 59 1 0 1 1 0 8 0 pgrppl 48 186 0 169 1 0 1 1 0 8 0 ucredpl 104 8324 0 8310 1 0 1 1 0 8 0 zombiepl 144 6392 0 6391 2 1 1 1 0 8 0 processpl 1208 6442 0 6391 6 1 5 6 0 8 0 procpl 656 16066 0 16004 9 2 7 8 0 8 0 srpgc 96 51 0 51 10 9 1 1 0 8 1 sosppl 168 44 0 44 8 7 1 1 0 8 1 sockpl 728 12781 0 12748 70 59 11 16 0 8 7 mcl64k 65536 21 0 0 3 0 3 3 0 8 0 mcl16k 16384 4 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 119 0 0 14 1 13 14 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 55 0 0 5 0 5 5 0 8 0 mtagpl 96 120 0 0 3 0 3 3 0 8 0 mbufpl 256 1283 0 0 77 0 77 77 0 8 0 bufpl 280 19705 0 13563 440 0 440 440 0 8 0 anonpl 32 16289 0 0 131 0 131 131 0 246 0 amapchunkpl 152 194829 0 194046 80 42 38 42 0 158 4 amappl16 200 13607 0 13364 82 59 23 26 0 8 8 amappl15 192 6 0 6 3 3 0 1 0 8 0 amappl14 184 207 0 195 1 0 1 1 0 8 0 amappl13 176 8 0 7 1 0 1 1 0 8 0 amappl12 168 7469 0 7438 4 2 2 3 0 8 0 amappl11 160 54 0 40 1 0 1 1 0 8 0 amappl10 152 4 0 4 1 1 0 1 0 8 0 amappl9 144 246 0 245 2 1 1 1 0 8 0 amappl8 136 28 0 24 1 0 1 1 0 8 0 amappl7 128 185 0 172 1 0 1 1 0 8 0 amappl6 120 479 0 475 1 0 1 1 0 8 0 amappl5 112 227 0 217 1 0 1 1 0 8 0 amappl4 104 488 0 466 1 0 1 1 0 8 0 amappl3 96 40279 0 40161 5 1 4 4 0 8 0 amappl2 88 1165 0 1101 2 0 2 2 0 8 0 amappl1 80 38434 0 37827 17 2 15 15 0 8 0 amappl 88 51724 0 51529 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma32768 32768 2 0 2 2 2 0 1 0 8 0 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma8192 8192 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 8 0 8 3 3 0 1 0 8 0 dma128 128 263 0 262 5 4 1 1 0 8 0 dma64 64 8 0 8 3 3 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 144 0 6 3 0 3 3 0 8 0 uaddrrnd 24 6391 0 6359 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6391 0 6359 1 0 1 1 0 8 0 vmmpekpl 168 45014 0 44944 4 0 4 4 0 8 0 vmmpepl 168 397520 0 395207 146 34 112 112 0 357 1 vmsppl 480 6390 0 6359 5 0 5 5 0 8 0 rwobjpl 72 96866 0 89786 137 3 134 134 0 8 2 pdppl 4096 12790 0 12718 186 112 74 86 0 8 2 pvpl 32 23791 0 0 189 0 189 189 0 265 0 pmappl 256 6390 0 6359 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 629 0 192 13 0 13 13 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffffffff83870ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff83a18160) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff83a18160) at __mp_lock+0x192 sys/kern/kern_lock.c:144 softintr_dispatch(2) at softintr_dispatch+0x12a sys/kern/kern_softintr.c:83 dosoftint(2) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:840 Xsofttty() at Xsofttty+0x27 __mp_lock(ffffffff83a18160) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff83a18160) at __mp_lock+0x192 sys/kern/kern_lock.c:144 intr_handler(ffff80002a3687a0,ffff800000079f00) at intr_handler+0xe1 sys/arch/amd64/amd64/intr.c:559 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f end of kernel end trace frame: 0x7e062c77cd10, count: 5 ddb{0}> trace x86_ipi_db(ffffffff83870ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff83a18160) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff83a18160) at __mp_lock+0x192 sys/kern/kern_lock.c:144 softintr_dispatch(2) at softintr_dispatch+0x12a sys/kern/kern_softintr.c:83 dosoftint(2) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:840 Xsofttty() at Xsofttty+0x27 __mp_lock(ffffffff83a18160) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff83a18160) at __mp_lock+0x192 sys/kern/kern_lock.c:144 intr_handler(ffff80002a3687a0,ffff800000079f00) at intr_handler+0xe1 sys/arch/amd64/amd64/intr.c:559 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f end of kernel end trace frame: 0x7e062c77cd10, count: -10 ddb{0}> machine ddbcpu 1 Stopped at proc_trampoline+0xc7: movl $0,%gs:0x680 proc_trampoline() at proc_trampoline+0xc7 end of kernel end trace frame: 0x7af3b3434ad0, count: 14 ddb{1}> trace proc_trampoline() at proc_trampoline+0xc7 end of kernel end trace frame: 0x7af3b3434ad0, count: -1