uvm_fault(0xfffffd8065456028, 0x0, 0, 1) -> e kernel: page fault trap, code=0 Stopped at socreate+0x84: cmpq $0,0(%rax) TID PID UID PRFLAGS PFLAGS CPU COMMAND *487617 44277 0 0 0x4000000 0K syz-executor.2 socreate(18,ffff80002a2d48a8,3,3c) at socreate+0x84 sys/kern/uipc_socket.c:172 sys_socket(ffff800021156d20,ffff80002a2d4938,ffff80002a2d4990) at sys_socket+0xd8 sys/kern/uipc_syscalls.c:96 syscall(ffff80002a2d4a00) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff80002a2d4a00) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe56743adb70, count: 11 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xfffffd8065456028, 0x0, 0, 1) -> e ddb{0}> trace socreate(18,ffff80002a2d48a8,3,3c) at socreate+0x84 sys/kern/uipc_socket.c:172 sys_socket(ffff800021156d20,ffff80002a2d4938,ffff80002a2d4990) at sys_socket+0xd8 sys/kern/uipc_syscalls.c:96 syscall(ffff80002a2d4a00) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff80002a2d4a00) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe56743adb70, count: -4 ddb{0}> show registers rdi 0xffff80002d352000 rsi 0xf77 rbp 0xffff80002a2d4890 rbx 0x18 rdx 0xffff80002d352000 rcx 0xf76 rax 0 r8 0xffffffff811cfb80 uvm_map_inentry_pc r9 0x16 r10 0 r11 0x6a0c1020e70e399 r12 0xffff80002a2d48a8 r13 0xffffffff82676048 inet6sw+0x208 r14 0x3 r15 0x3c rip 0xffffffff81b8f4e4 socreate+0x84 cs 0x8 rflags 0x10286 __ALIGN_SIZE+0xf286 rsp 0xffff80002a2d4830 ss 0x10 socreate+0x84: cmpq $0,0(%rax) ddb{0}> show proc PROC (syz-executor.2) pid=487617 stat=onproc flags process=0 proc=4000000 pri=83, usrpri=83, nice=20 forw=0xffffffffffffffff, list=0xffff800021157500,0xffff8000211567f0 process=0xffff80002bb44868 user=0xffff80002a2cf000, vmspace=0xfffffd8065456028 estcpu=33, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 41658 393082 69083 0 2 0 syz-executor.3 60620 89500 70805 0 2 0 syz-executor.1 60620 197250 70805 0 3 0x4000080 fifor syz-executor.1 60620 519772 70805 0 2 0x4000000 syz-executor.1 21815 272612 52314 0 2 0 syz-executor.5 21815 435768 52314 0 2 0x4000000 syz-executor.5 75408 248983 56365 0 2 0 syz-executor.4 75408 173314 56365 0 2 0x4000000 syz-executor.4 75408 360140 56365 0 2 0x4000000 syz-executor.4 72273 337136 2520 0 2 0 syz-executor.6 72273 429127 2520 0 2 0x4000000 syz-executor.6 82246 435609 32126 0 2 0 syz-executor.0 82246 425838 32126 0 2 0x4000000 syz-executor.0 44277 309876 26332 0 2 0 syz-executor.2 *44277 487617 26332 0 7 0x4000000 syz-executor.2 13498 43703 98474 0 2 0 syz-executor.7 13498 457200 98474 0 3 0x4000080 fsleep syz-executor.7 98474 360012 7695 0 3 0x82 nanoslp syz-executor.7 2520 421921 7695 0 3 0x82 nanoslp syz-executor.6 26332 307238 7695 0 3 0x82 nanoslp syz-executor.2 70805 162711 7695 0 3 0x82 nanoslp syz-executor.1 32126 149599 7695 0 3 0x82 nanoslp syz-executor.0 56365 493612 7695 0 3 0x82 nanoslp syz-executor.4 52314 463205 7695 0 3 0x82 nanoslp syz-executor.5 49116 342119 0 0 3 0x14280 nfsidl nfsio 42957 439488 0 0 3 0x14280 nfsidl nfsio 67199 485284 0 0 3 0x14280 nfsidl nfsio 55089 417370 0 0 3 0x14280 nfsidl nfsio 82688 308235 0 0 3 0x14280 nfsidl nfsio 30888 430727 0 0 3 0x14280 nfsidl nfsio 25467 8393 0 0 3 0x14280 nfsidl nfsio 90833 47851 0 0 3 0x14280 nfsidl nfsio 3271 339120 0 0 3 0x14280 nfsidl nfsio 36726 38269 0 0 3 0x14280 nfsidl nfsio 35253 298561 0 0 3 0x14280 nfsidl nfsio 41574 278965 0 0 3 0x14280 nfsidl nfsio 90033 218386 0 0 3 0x14280 nfsidl nfsio 48100 325403 0 0 3 0x14280 nfsidl nfsio 55954 10868 0 0 3 0x14280 nfsidl nfsio 11199 409684 0 0 3 0x14280 nfsidl nfsio 51025 406141 0 0 3 0x14280 nfsidl nfsio 15408 440879 0 0 3 0x14280 nfsidl nfsio 33951 373627 0 0 3 0x14280 nfsidl nfsio 91397 292756 0 0 3 0x14280 nfsidl nfsio 69083 19415 7695 0 3 0x82 nanoslp syz-executor.3 62573 51851 0 0 3 0x14200 acct acct 59123 222503 1 0 3 0x100083 ttyin getty 64791 217942 0 0 3 0x14200 bored sosplice 7695 273200 9399 0 3 0x82 thrsleep syz-fuzzer 7695 354 9399 0 3 0x4000082 thrsleep syz-fuzzer 7695 24545 9399 0 3 0x4000082 thrsleep syz-fuzzer 7695 285849 9399 0 3 0x4000082 thrsleep syz-fuzzer 7695 154152 9399 0 3 0x4000082 thrsleep syz-fuzzer 7695 250533 9399 0 3 0x4000082 thrsleep syz-fuzzer 7695 166078 9399 0 3 0x4000082 kqread syz-fuzzer 7695 482922 9399 0 3 0x4000082 thrsleep syz-fuzzer 7695 421643 9399 0 3 0x4000082 thrsleep syz-fuzzer 9399 45962 77152 0 3 0x10008a sigsusp ksh 77152 108657 41663 0 3 0x9a kqread sshd 41663 97574 1 0 3 0x88 kqread sshd 80034 110639 96334 74 3 0x1100092 bpf pflogd 96334 128580 1 0 3 0x80 netio pflogd 73708 475600 19323 73 3 0x1100090 kqread syslogd 19323 429535 1 0 3 0x100082 netio syslogd 90460 13360 1 0 3 0x100080 kqread resolvd 95534 352726 98235 77 3 0x100092 kqread dhcpleased 16073 422165 98235 77 3 0x100092 kqread dhcpleased 98235 264763 1 0 3 0x80 kqread dhcpleased 789 170850 0 0 3 0x14200 bored smr 75860 403067 0 0 2 0x14200 zerothread 25274 431403 0 0 3 0x14200 aiodoned aiodoned 28276 364815 0 0 3 0x14200 syncer update 37206 495082 0 0 3 0x14200 cleaner cleaner 69602 220011 0 0 3 0x14200 reaper reaper 69426 446070 0 0 3 0x14200 pgdaemon pagedaemon 76263 51879 0 0 3 0x14200 bored viomb 89054 287117 0 0 3 0x40014200 acpi0 acpi0 775 407844 0 0 7 0x40014200 idle1 75915 114372 0 0 3 0x14200 bored softnet 65323 448761 0 0 3 0x14200 bored systqmp 39270 184725 0 0 3 0x14200 bored systq 15130 434708 0 0 3 0x40014200 bored softclock 36157 55887 0 0 3 0x40014200 idle0 1 431436 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 44277 (syz-executor.2) thread 0xffff800021156d20 (487617) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82b6e770) #0 witness_lock+0x44d #1 kpageflttrap+0x23d sys/arch/amd64/amd64/trap.c:274 #2 kerntrap+0xef sys/arch/amd64/amd64/trap.c:318 #3 alltraps_kern_meltdown+0x7b #4 socreate+0x84 sys/kern/uipc_socket.c:172 #5 sys_socket+0xd8 sys/kern/uipc_syscalls.c:96 #6 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #6 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #7 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10216 6485K 7598K 78643K 39580 0 pcb 13 18K 23K 78643K 1846 0 rtable 237 9K 10K 78643K 2459 0 ifaddr 96 23K 26K 78643K 932 0 sysctl 3 1K 3K 78643K 6 0 counters 56 35K 36K 78643K 364 0 ioctlops 0 0K 4K 78643K 3482 0 iov 0 0K 24K 78643K 1148 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1531 96K 96K 78643K 11676 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 73 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 1782 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 18 65K 89K 78643K 11185 0 sigio 0 0K 0K 78643K 183 0 proc 72 87K 124K 78643K 2160 0 subproc 104 6K 10K 78643K 886 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 441 0 in_multi 99 6K 7K 78643K 877 0 ether_multi 1 0K 0K 78643K 110 0 mrt 1 0K 0K 78643K 40 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 247 1102K 1102K 78643K 247 0 exec 0 0K 2K 78643K 2481 0 pfkey data 0 0K 0K 78643K 6 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 460 457K 465K 78643K 141809 0 UVM aobj 131 8K 8K 78643K 133 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 646 0 NDP 13 0K 2K 78643K 281 0 temp 143 4721K 4849K 78643K 100308 0 kqueue 12 18K 25K 78643K 512 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 973 0 970 18 17 1 5 0 8 0 rtentry 112 742 0 640 4 1 3 4 0 8 0 unpcb 136 7361 0 7344 92 89 3 8 0 8 2 syncache 296 19 0 19 5 5 0 1 0 8 0 tcpqe 32 3 0 3 1 1 0 1 0 8 0 tcpcb 736 2953 0 2949 117 116 1 15 0 8 0 arp 120 116 0 98 1 0 1 1 0 8 0 inpcb 304 8346 0 8339 154 150 4 11 0 8 3 rttmr 72 9 0 9 3 3 0 1 0 8 0 nd6 48 170 0 146 1 0 1 1 0 8 0 pkpcb 40 23 0 23 5 5 0 1 0 8 0 kcovpl 48 54 0 46 1 0 1 1 0 8 0 ppxss 1248 42 0 42 8 8 0 1 0 8 0 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pffrag 232 19 0 18 8 7 1 1 0 482 0 pffrnode 88 19 0 18 8 7 1 1 0 8 0 pffrent 40 56 0 55 9 8 1 1 0 8 0 pfosfp 40 1431 0 1007 5 0 5 5 0 8 0 pfosfpen 112 1431 0 716 21 0 21 21 0 8 0 pfrktable 1344 15 0 10 1 0 1 1 0 8 0 pftag 88 2 0 0 1 0 1 1 0 8 0 pfstitem 24 21 0 19 1 0 1 1 0 8 0 pfstkey 112 23 0 21 1 0 1 1 0 8 0 pfstate 320 22 0 20 2 1 1 2 0 8 0 pfrule 1360 91 0 69 3 1 2 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2882 0 2439 45 17 28 32 0 8 0 art_table 32 2883 0 2439 5 1 4 5 0 8 0 art_node 16 741 0 652 1 0 1 1 0 8 0 sysvmsgpl 40 19 0 3 1 0 1 1 0 8 0 semupl 112 6 0 6 1 1 0 1 0 8 0 semapl 112 1780 0 1770 1 0 1 1 0 8 0 shmpl 112 130 0 2 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 16055 0 14591 92 0 92 92 0 8 0 ffsino 272 16055 0 14591 98 0 98 98 0 8 0 nchpl 144 30861 0 29219 63 0 63 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 224 5926 0 0 349 0 349 349 0 8 0 namei 1024 130812 0 130812 4 3 1 2 0 8 1 percpumem 16 194 0 154 1 0 1 1 0 8 0 vcpupl 2048 91 0 0 12 0 12 12 0 8 0 vmpool 560 108 0 17 8 1 7 7 0 8 0 pfiaddrpl 120 22 0 12 1 0 1 1 0 8 0 scsiplug 72 8 0 8 2 2 0 1 0 8 0 scxspl 216 92044 0 92044 20 18 2 8 0 8 2 plimitpl 152 1264 0 1249 1 0 1 1 0 8 0 sigapl 424 11452 0 11385 9 1 8 8 0 8 0 futexpl 64 119328 0 119327 3 2 1 1 0 8 0 knotepl 120 375 0 0 8 2 6 6 0 8 0 kqueuepl 216 1875 0 1867 44 43 1 5 0 8 0 pipepl 336 2114 0 2086 82 79 3 11 0 8 0 fdescpl 496 11396 0 11365 6 1 5 5 0 8 1 filepl 152 87664 0 87425 205 193 12 21 0 8 2 lockfpl 104 6118 0 6116 13 11 2 2 0 8 1 lockfspl 48 1492 0 1490 1 0 1 1 0 8 0 sessionpl 144 71 0 54 1 0 1 1 0 8 0 pgrppl 48 97 0 80 1 0 1 1 0 8 0 ucredpl 96 23410 0 23393 1 0 1 1 0 8 0 zombiepl 144 11385 0 11385 1 0 1 1 0 8 1 processpl 1064 11452 0 11385 5 0 5 5 0 8 0 procpl 672 32866 0 32782 36 28 8 10 0 8 1 srpgc 96 69 0 69 13 13 0 1 0 8 0 sosppl 168 42 0 42 13 13 0 1 0 8 0 sockpl 480 16711 0 16684 517 505 12 34 0 8 8 mcl64k 65536 21 0 0 3 1 2 3 0 8 0 mcl16k 16384 25 0 0 4 1 3 3 0 8 0 mcl12k 12288 16 0 0 2 0 2 2 0 8 0 mcl9k 9216 7 0 0 1 0 1 1 0 8 0 mcl8k 8192 33 0 0 5 2 3 3 0 8 0 mcl4k 4096 17 0 0 3 0 3 3 0 8 0 mcl2k2 2112 5 0 0 1 0 1 1 0 8 0 mcl2k 2048 417 0 0 26 1 25 26 0 8 0 mtagpl 96 1389 0 0 27 0 27 27 0 8 0 mbufpl 256 1812 0 0 82 0 82 82 0 8 0 bufpl 288 22237 0 15904 453 0 453 453 0 8 0 anonpl 24 3146318 0 3128070 297 172 125 175 0 186 0 amapchunkpl 152 348659 0 347812 107 70 37 63 0 158 2 amappl16 200 26892 0 26253 114 78 36 47 0 8 0 amappl15 192 2306 0 2299 1 0 1 1 0 8 0 amappl14 184 693 0 686 1 0 1 1 0 8 0 amappl13 176 2220 0 2219 1 0 1 1 0 8 0 amappl12 168 700 0 695 3 2 1 1 0 8 0 amappl11 160 464 0 446 1 0 1 1 0 8 0 amappl10 152 1500 0 1492 1 0 1 1 0 8 0 amappl9 144 1407 0 1401 1 0 1 1 0 8 0 amappl8 136 4221 0 4095 6 1 5 5 0 8 0 amappl7 128 2863 0 2850 1 0 1 1 0 8 0 amappl6 120 1310 0 1279 3 1 2 2 0 8 0 amappl5 112 12621 0 12598 1 0 1 1 0 8 0 amappl4 104 3278 0 3233 2 0 2 2 0 8 0 amappl3 96 1661 0 1647 1 0 1 1 0 8 0 amappl2 88 3339 0 3281 3 1 2 3 0 8 0 amappl1 80 206736 0 206145 22 8 14 19 0 8 1 amappl 88 140374 0 140083 8 0 8 8 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 132 0 2 3 0 3 3 0 8 0 uaddrrnd 24 11504 0 11382 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 11504 0 11382 1 0 1 1 0 8 0 vmmpekpl 168 86866 0 86796 4 0 4 4 0 8 0 vmmpepl 168 1048969 0 1046058 466 293 173 173 0 357 38 vmsppl 368 11503 0 11382 13 1 12 12 0 8 1 rwobjpl 56 252905 0 245118 130 18 112 114 0 8 0 pdppl 4096 23015 0 22855 1240 1080 160 164 0 8 0 pvpl 32 5375504 0 5352282 600 393 207 306 0 265 3 pmappl 248 11503 0 11382 9 1 8 8 0 8 0 extentpl 40 58 0 38 1 0 1 1 0 8 0 phpool 112 2289 0 1304 29 0 29 29 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace socreate(18,ffff80002a2d48a8,3,3c) at socreate+0x84 sys/kern/uipc_socket.c:172 sys_socket(ffff800021156d20,ffff80002a2d4938,ffff80002a2d4990) at sys_socket+0xd8 sys/kern/uipc_syscalls.c:96 syscall(ffff80002a2d4a00) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff80002a2d4a00) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe56743adb70, count: -4 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp x86_ipi_db(ffff800020ce8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffff800020ce8ff0) at sched_idle+0x417 sys/kern/kern_sched.c:178 end trace frame: 0x0, count: 10 ddb{1}> trace x86_ipi_db(ffff800020ce8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffff800020ce8ff0) at sched_idle+0x417 sys/kern/kern_sched.c:178 end trace frame: 0x0, count: -5