uvm_fault(0xfffffd8068467598, 0xf, 0, 1) -> e kernel: page fault trap, code=0 Stopped at ktrops+0x58: movq 0x10(%r14),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND *107164 27429 0 0 0x4000000 0 syz-executor ktrops(ffff80002a48c7b0,ffffffffffffffff,0,80000538,fffffd8072878448,fffffd807f7d7958) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a48c7b0,ffffffffffffffff,0,80000538,fffffd8072878448,fffffd807f7d7958) at ktrops+0x58 sys/kern/kern_ktrace.c:561 doktrace(fffffd8072878448,4,538,0,ffff80002a48c7b0) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd8072878448,4,538,0,ffff80002a48c7b0) at doktrace+0x6dd sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a48c7b0,ffff80003763d0d0,ffff80003763d020) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:549 syscall(ffff80003763d0d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x687cbe012c0, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd8068467598, 0xf, 0, 1) -> e ddb> trace ktrops(ffff80002a48c7b0,ffffffffffffffff,0,80000538,fffffd8072878448,fffffd807f7d7958) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a48c7b0,ffffffffffffffff,0,80000538,fffffd8072878448,fffffd807f7d7958) at ktrops+0x58 sys/kern/kern_ktrace.c:561 doktrace(fffffd8072878448,4,538,0,ffff80002a48c7b0) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd8072878448,4,538,0,ffff80002a48c7b0) at doktrace+0x6dd sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a48c7b0,ffff80003763d0d0,ffff80003763d020) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:549 syscall(ffff80003763d0d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x687cbe012c0, count: -5 ddb> show registers rdi 0xffff80002f3ea000 rsi 0x88f rbp 0xffff80003763cdf0 rbx 0xfffffd807f7d7958 rdx 0xffff80002f3ea000 rcx 0x88e rax 0xffffffff815f8a03 ktrops+0x43 r8 0xfffffd8072878448 r9 0xfffffd807f7d7958 r10 0x7c09b90a7ea308d r11 0x505fe3983aa1053f r12 0xffff80002a48c7b0 r13 0xffffffffffffffff r14 0xffffffffffffffff r15 0x80000538 __kernel_virt_to_phys+0x538 rip 0xffffffff815f8a18 ktrops+0x58 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003763cd70 ss 0x10 ktrops+0x58: movq 0x10(%r14),%r14 ddb> show proc PROC (syz-executor) tid=107164 pid=27429 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=69, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a48d458,0xffff80002a48ccd0 process=0xffff8000ffff5580 user=0xffff800037638000, vmspace=0xfffffd8068467598 estcpu=19, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 24636 59376 82599 0 2 0 syz-executor 8133 201706 32865 0 3 0x80 nanoslp syz-executor 8133 40894 32865 0 2 0x4000000 syz-executor 8133 500629 32865 0 3 0x4000080 fsleep syz-executor 8133 110250 32865 0 3 0x4000080 fsleep syz-executor 27429 53254 71500 0 2 0 syz-executor *27429 107164 71500 0 7 0x4000000 syz-executor 44405 253143 3514 0 2 0 syz-executor 44405 132395 3514 0 3 0x4000080 netacc syz-executor 44405 202679 3514 0 3 0x4000080 fsleep syz-executor 2558 305502 625 0 2 0x480 syz-executor 2558 341418 625 0 3 0x4000080 kqread syz-executor 82588 445776 27883 0 2 0 syz-executor 82588 495441 27883 0 3 0x4000080 fsleep syz-executor 26720 438836 35190 0 2 0x2 syz-executor 16217 204202 35190 0 2 0x2 syz-executor 32865 317755 35190 0 2 0x482 syz-executor 3514 252781 35190 0 3 0x82 nanoslp syz-executor 71500 236569 35190 0 3 0x82 nanoslp syz-executor 625 367990 35190 0 2 0x482 syz-executor 27883 161955 35190 0 3 0x82 nanoslp syz-executor 82599 128727 35190 0 3 0x82 nanoslp syz-executor 35190 256319 4102 0 2 0x2 syz-executor 4102 22951 10946 0 3 0x10008a sigsusp ksh 10946 492350 94321 0 3 0x98 kqread sshd-session 94321 382090 78112 0 3 0x92 kqread sshd-session 53711 70760 1 0 3 0x100083 ttyin getty 78112 12910 1 0 3 0x88 kqread sshd 49745 232692 29163 73 3 0x1100090 kqread syslogd 29163 156171 1 0 3 0x100082 sbwait syslogd 7672 39637 1 0 3 0x100080 kqread resolvd 98668 331535 8469 77 3 0x100092 kqread dhcpleased 80395 290250 8469 77 3 0x100092 kqread dhcpleased 8469 196636 1 0 3 0x80 kqread dhcpleased 24601 157267 0 0 3 0x14200 bored smr 73950 163700 0 0 2 0x14200 zerothread 22579 487698 0 0 3 0x14200 aiodoned aiodoned 4771 52657 0 0 3 0x14200 syncer update 87060 490020 0 0 3 0x14200 cleaner cleaner 14428 275378 0 0 3 0x14200 reaper reaper 20527 504354 0 0 3 0x14200 pgdaemon pagedaemon 51382 229387 0 0 3 0x14200 bored viomb 45451 316851 0 0 3 0x40014200 acpi0 acpi0 10609 401416 0 0 3 0x14200 bored softnet3 45492 385911 0 0 3 0x14200 bored softnet2 33248 464435 0 0 3 0x14200 bored softnet1 77074 158241 0 0 2 0x14200 softnet0 83278 262640 0 0 3 0x14200 bored systqmp 45151 466387 0 0 3 0x14200 bored systq 98657 501261 0 0 3 0x40014200 tmoslp softclock 81215 121493 0 0 3 0x40014200 idle0 1 393479 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10169 11056K 11104K 166960K 11258 0 pcb 18 12K 12K 166960K 21 0 rtable 234 6K 6K 166960K 354 0 pf 30 12K 12K 166960K 30 0 ifaddr 42 7K 7K 166960K 44 0 ifgroup 50 2K 2K 166960K 50 0 counters 30 17K 17K 166960K 30 0 ioctlops 0 0K 2K 166960K 29 0 iov 0 0K 8K 166960K 2 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1432 90K 90K 166960K 1456 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 1K 166960K 2 0 VM map 2 1K 1K 166960K 2 0 sem 3 0K 0K 166960K 3 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1690 195K 286K 166960K 12468 0 file desc 16 57K 97K 166960K 161 0 sigio 0 0K 0K 166960K 1 0 proc 59 59K 116K 166960K 479 0 subproc 104 6K 6K 166960K 104 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 1 0K 0K 166960K 6 0 in_multi 99 7K 7K 166960K 100 0 ether_multi 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 49 228K 228K 166960K 49 0 exec 0 0K 1K 166960K 346 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 205 72K 76K 166960K 3036 0 UVM aobj 3 2K 2K 166960K 3 0 pinsyscall 37 74K 104K 166960K 1184 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 2 0 NDP 11 0K 2K 166960K 27 0 temp 36 6810K 6874K 166960K 4059 0 kqueue 15 24K 26K 166960K 25 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 39 0 35 1 0 1 1 0 8 0 rtentry 112 111 0 1 4 0 4 4 0 8 0 unpcb 144 48 0 32 1 0 1 1 0 8 0 syncache 336 3 0 3 1 0 1 1 0 8 1 tcpcb 808 13 0 8 1 0 1 1 0 8 0 arp 88 18 0 0 1 0 1 1 0 8 0 ipq 40 1 0 0 1 0 1 1 0 8 0 ipqe 40 1 0 0 1 0 1 1 0 8 0 inpcb 336 80 0 69 2 0 2 2 0 8 0 nd6 104 24 0 0 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 453 0 0 29 0 29 29 0 8 0 art_table 32 454 0 0 4 0 4 4 0 8 0 art_node 16 110 0 10 1 0 1 1 0 8 0 sysvmsgpl 40 2 0 2 1 0 1 1 0 8 1 semapl 112 1 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1588 0 83 95 0 95 95 0 8 0 ffsino 240 1588 0 83 89 0 89 89 0 8 0 nchpl 144 1809 0 133 63 0 63 63 0 8 0 uvmvnodes 80 1769 0 0 37 0 37 37 0 8 0 vnodes 216 1769 0 0 99 0 99 99 0 8 0 namei 1024 5417 0 5415 2 0 2 2 0 8 1 kstatmem 264 22 0 0 2 0 2 2 0 8 0 scxspl 216 5155 0 5155 3 0 3 3 1 8 3 plimitpl 152 32 0 15 1 0 1 1 0 8 0 sigapl 424 441 0 397 7 0 7 7 0 8 1 futexpl 64 467 0 463 1 0 1 1 0 8 0 knotepl 120 3601 0 3546 2 0 2 2 0 8 0 kqueuepl 184 22 0 10 1 0 1 1 0 8 0 pipepl 288 106 0 78 3 0 3 3 0 8 1 fdescpl 432 425 0 397 5 0 5 5 0 8 1 filepl 120 1567 0 1241 10 0 10 10 0 8 0 lockfpl 104 20 0 17 1 0 1 1 0 8 0 lockfspl 48 10 0 7 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 31 0 15 1 0 1 1 0 8 0 ucredpl 104 88 0 76 1 0 1 1 0 8 0 zombiepl 144 397 0 397 1 0 1 1 0 8 1 processpl 1096 441 0 397 4 0 4 4 0 8 0 procpl 648 485 0 433 5 0 5 5 0 8 0 sockpl 504 168 0 137 5 0 5 5 0 8 0 mcl8k 8192 7 0 7 1 0 1 1 0 8 1 mcl4k 4096 2799 0 2749 15 0 15 15 0 8 8 mcl2k 2048 144 0 143 1 0 1 1 0 8 0 mtagpl 96 5 0 4 1 0 1 1 0 8 0 mbufpl 256 4679 0 4529 10 0 10 10 0 8 0 bufpl 280 2196 0 95 151 0 151 151 0 8 0 anonpl 24 163777 0 160802 44 0 44 44 0 187 23 amapchunkpl 152 9980 0 9556 20 0 20 20 0 158 0 amappl16 200 4854 0 4837 14 0 14 14 0 8 13 amappl15 192 8 0 8 1 0 1 1 0 8 1 amappl14 184 110 0 100 1 0 1 1 0 8 0 amappl13 176 9 0 9 1 0 1 1 0 8 1 amappl12 168 1044 0 1017 3 0 3 3 0 8 1 amappl11 160 56 0 46 1 0 1 1 0 8 0 amappl10 152 10 0 10 1 0 1 1 0 8 1 amappl9 144 107 0 107 1 0 1 1 0 8 1 amappl8 136 19 0 18 1 0 1 1 0 8 0 amappl7 128 96 0 86 1 0 1 1 0 8 0 amappl6 120 161 0 160 1 0 1 1 0 8 0 amappl5 112 124 0 115 1 0 1 1 0 8 0 amappl4 104 290 0 276 1 0 1 1 0 8 0 amappl3 96 1902 0 1823 3 0 3 3 0 8 0 amappl2 88 691 0 619 2 0 2 2 0 8 0 amappl1 80 7270 0 6761 14 0 14 14 0 8 2 amappl 88 2692 0 2541 4 0 4 4 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 425 0 397 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 425 0 397 1 0 1 1 0 8 0 vmmpekpl 168 4790 0 4757 2 0 2 2 0 8 0 vmmpepl 168 36130 0 34500 87 0 87 87 0 357 13 vmsppl 352 424 0 397 4 0 4 4 0 8 1 rwobjpl 24 17194 0 14619 17 0 17 17 0 8 0 pdppl 4096 856 0 794 96 28 68 82 0 8 6 pvpl 32 279296 0 271416 105 0 105 105 0 265 34 pmappl 216 424 0 397 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 357 0 28 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ktrops(ffff80002a48c7b0,ffffffffffffffff,0,80000538,fffffd8072878448,fffffd807f7d7958) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a48c7b0,ffffffffffffffff,0,80000538,fffffd8072878448,fffffd807f7d7958) at ktrops+0x58 sys/kern/kern_ktrace.c:561 doktrace(fffffd8072878448,4,538,0,ffff80002a48c7b0) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd8072878448,4,538,0,ffff80002a48c7b0) at doktrace+0x6dd sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a48c7b0,ffff80003763d0d0,ffff80003763d020) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:549 syscall(ffff80003763d0d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x687cbe012c0, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ktrops(ffff80002a48c7b0,ffffffffffffffff,0,80000538,fffffd8072878448,fffffd807f7d7958) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:718 [inline] ktrops(ffff80002a48c7b0,ffffffffffffffff,0,80000538,fffffd8072878448,fffffd807f7d7958) at ktrops+0x58 sys/kern/kern_ktrace.c:561 doktrace(fffffd8072878448,4,538,0,ffff80002a48c7b0) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:586 [inline] doktrace(fffffd8072878448,4,538,0,ffff80002a48c7b0) at doktrace+0x6dd sys/kern/kern_ktrace.c:508 sys_ktrace(ffff80002a48c7b0,ffff80003763d0d0,ffff80003763d020) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:549 syscall(ffff80003763d0d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x687cbe012c0, count: -5