SYZFAIL: SIGBUS pc-offset:0x8be843e3b61 pc:0xdeadbeef addr:0x8c17b2fdffc code=3 (errno 35: Resource temporarily unavailable) uvm_fault(0xffffffff8355a950, 0xffff800019c52000, 0, 2) -> d kernel: page fault trap, code=2 Stopped at memset+0x52: repe stosq %es:(%rdi) TID PID UID PRFLAGS PFLAGS CPU COMMAND 518404 41089 0 0x2 0 1 syz-executor * 65340 61593 0 0x14000 0x200 0K reaper memset() at memset+0x52 VOP_WRITE(fffffd8076991980,ffff800029fe5ad8,0,fffffd807f7d3d00) at VOP_WRITE+0x102 sys/kern/vfs_vops.c:245 uvn_io(fffffd806f6fc750,ffff800029fe5c70,5,39,1) at uvn_io+0x49c sys/uvm/uvm_vnode.c:1271 uvm_pager_put(fffffd806f6fc750,fffffd8007aa3b00,ffff800029fe5d08,ffff800029fe5d40,39,0,ef75894e80f65deb) at uvm_pager_put+0x18e sys/uvm/uvm_pager.c:525 uvn_flush(fffffd806f6fc750,0,0,19) at uvn_flush+0x72a sys/uvm/uvm_vnode.c:727 uvn_detach(fffffd806f6fc750) at uvn_detach+0xcb sys/uvm/uvm_vnode.c:362 uvm_unmap_detach(ffff800029fe5e50,0) at uvm_unmap_detach+0x15e sys/uvm/uvm_map.c:1364 uvm_map_teardown(fffffd8009302898) at uvm_map_teardown+0x35e sys/uvm/uvm_map.c:2518 uvmspace_free(fffffd8009302898) at uvmspace_free+0xcd sys/uvm/uvm_map.c:3422 reaper(ffff800029fd8518) at reaper+0x246 sys/kern/kern_exit.c:480 end trace frame: 0x0, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xffffffff8355a950, 0xffff800019c52000, 0, 2) -> d ddb{0}> trace memset() at memset+0x52 VOP_WRITE(fffffd8076991980,ffff800029fe5ad8,0,fffffd807f7d3d00) at VOP_WRITE+0x102 sys/kern/vfs_vops.c:245 uvn_io(fffffd806f6fc750,ffff800029fe5c70,5,39,1) at uvn_io+0x49c sys/uvm/uvm_vnode.c:1271 uvm_pager_put(fffffd806f6fc750,fffffd8007aa3b00,ffff800029fe5d08,ffff800029fe5d40,39,0,ef75894e80f65deb) at uvm_pager_put+0x18e sys/uvm/uvm_pager.c:525 uvn_flush(fffffd806f6fc750,0,0,19) at uvn_flush+0x72a sys/uvm/uvm_vnode.c:727 uvn_detach(fffffd806f6fc750) at uvn_detach+0xcb sys/uvm/uvm_vnode.c:362 uvm_unmap_detach(ffff800029fe5e50,0) at uvm_unmap_detach+0x15e sys/uvm/uvm_map.c:1364 uvm_map_teardown(fffffd8009302898) at uvm_map_teardown+0x35e sys/uvm/uvm_map.c:2518 uvmspace_free(fffffd8009302898) at uvmspace_free+0xcd sys/uvm/uvm_map.c:3422 reaper(ffff800029fd8518) at reaper+0x246 sys/kern/kern_exit.c:480 end trace frame: 0x0, count: -10 ddb{0}> show registers rdi 0xffff800019c52000 rsi 0 rbp 0xffff800029fe5a30 rbx 0xe rdx 0 rcx 0x800 rax 0 r8 0x4000 __ALIGN_SIZE+0x3000 r9 0xffff800029fe58a8 r10 0xb9966e18aefae3b5 r11 0xffff800019c52000 r12 0x4000 __ALIGN_SIZE+0x3000 r13 0x4000 __ALIGN_SIZE+0x3000 r14 0xffff800019c52000 r15 0x4000 __ALIGN_SIZE+0x3000 rip 0xffffffff818ff4b2 memset+0x52 cs 0x8 rflags 0x10206 __ALIGN_SIZE+0xf206 rsp 0xffff800029fe5968 ss 0x10 memset+0x52: repe stosq %es:(%rdi) ddb{0}> show proc PROC (reaper) tid=65340 pid=61593 tcnt=1 stat=onproc flags process=14000 proc=200 runpri=4, usrpri=86, slppri=4, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff800029fd8f38,0xffff800029fd8018 process=0xffff800029febaf0 user=0xffff800029fe0000, vmspace=0xffffffff835b1458 estcpu=36, cpticks=8, pctcpu=22.69, user=0, sys=14002, intr=237 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 52815 147987 42234 60928 2 0x490 syz-executor 52815 138126 42234 60928 3 0x4000090 kqsel syz-executor 52815 50838 42234 60928 3 0x4000090 fsleep syz-executor 48432 43798 99438 0 2 0x480 syz-executor 48432 485219 99438 0 3 0x4000080 fsleep syz-executor 48432 315192 99438 0 3 0x4000080 fsleep syz-executor 48432 257862 99438 0 3 0x4000080 kqsel syz-executor 87459 446458 71816 0 2 0x480 syz-executor 87459 463233 71816 0 3 0x4000080 ttyout syz-executor 87459 226076 71816 0 3 0x4000080 fsleep syz-executor 87459 78995 71816 0 3 0x4000080 fsleep syz-executor 1572 515005 1 0 3 0x82 wait syz-executor 42234 268456 1 0 3 0x82 nanoslp syz-executor 99438 497064 1 0 2 0x482 syz-executor 71816 297585 1 0 3 0x82 nanoslp syz-executor 41089 518404 1 0 7 0x2 syz-executor 18716 339442 1 0 2 0x100083 getty 9716 213625 0 0 3 0x14280 nfsidl nfsio 43306 481749 0 0 3 0x14280 nfsidl nfsio 49862 231716 0 0 3 0x14280 nfsidl nfsio 44304 490663 0 0 3 0x14280 nfsidl nfsio 76196 322514 0 0 3 0x14280 nfsidl nfsio 6470 262570 0 0 3 0x14280 nfsidl nfsio 57877 82652 0 0 3 0x14280 nfsidl nfsio 28746 357015 0 0 3 0x14280 nfsidl nfsio 4823 457645 0 0 3 0x14280 nfsidl nfsio 84653 128741 0 0 3 0x14280 nfsidl nfsio 28863 127707 0 0 3 0x14280 nfsidl nfsio 24570 194682 0 0 3 0x14280 nfsidl nfsio 48543 182102 0 0 3 0x14280 nfsidl nfsio 4917 175105 0 0 3 0x14280 nfsidl nfsio 16209 64975 0 0 3 0x14280 nfsidl nfsio 23779 241848 0 0 3 0x14280 nfsidl nfsio 40152 97637 0 0 3 0x14280 nfsidl nfsio 27717 392397 0 0 3 0x14280 nfsidl nfsio 24799 91857 0 0 3 0x14280 nfsidl nfsio 33251 14167 0 0 3 0x14280 nfsidl nfsio 97450 347808 0 0 3 0x14200 bored sosplice 48902 396266 88220 0 3 0x10008a sigsusp ksh 88220 122300 16679 0 3 0x98 kqread sshd-session 16679 248672 92891 0 3 0x92 kqread sshd-session 92891 386696 1 0 3 0x88 kqread sshd 65513 223765 65540 74 3 0x1100092 bpf pflogd 65540 124956 1 0 3 0x80 sbwait pflogd 93765 496086 15289 73 3 0x1100090 kqread syslogd 15289 147716 1 0 3 0x100082 sbwait syslogd 476 512897 1 0 3 0x100080 kqread resolvd 36329 318758 55923 77 3 0x100092 kqread dhcpleased 9846 324974 55923 77 3 0x100092 kqread dhcpleased 55923 375495 1 0 3 0x80 kqread dhcpleased 62111 216217 0 0 3 0x14200 bored smr 69277 415922 0 0 3 0x14200 pgzero zerothread 19969 516960 0 0 3 0x14200 aiodoned aiodoned 4358 485506 0 0 3 0x14200 syncer update 35027 309336 0 0 3 0x14200 cleaner cleaner *61593 65340 0 0 7 0x14200 reaper 23192 463120 0 0 3 0x14200 pgdaemon pagedaemon 30444 45720 0 0 3 0x14200 bored viomb 80018 100273 0 0 3 0x40014200 acpi0 acpi0 3876 383532 0 0 3 0x40014200 idle1 70282 470934 0 0 3 0x14200 bored softnet3 4210 488483 0 0 3 0x14200 bored softnet2 33157 421959 0 0 3 0x14200 bored softnet1 93500 45282 0 0 3 0x14200 bored softnet0 13349 86089 0 0 3 0x14200 bored systqmp 81161 21426 0 0 3 0x14200 bored systq 49687 34772 0 0 3 0x14200 tmoslp softclockmp 22834 453353 0 0 3 0x40014200 tmoslp softclock 89999 351808 0 0 3 0x40014200 idle0 1 41990 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 61593 (reaper) thread 0xffff800029fd8518 (65340) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10227 10182K 10684K 166960K 12765 0 pcb 17 13K 14K 166960K 206 0 rtable 229 9K 10K 166960K 2407 0 pf 39 18K 22K 166960K 243 0 ifaddr 41 7K 8K 166960K 326 0 ifgroup 60 2K 2K 166960K 345 0 sysctl 3 0K 0K 166960K 3 0 counters 66 36K 37K 166960K 214 0 ioctlops 0 0K 4K 166960K 1619 0 iov 0 0K 24K 166960K 62 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1552 98K 98K 166960K 3029 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 12 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 90 0 dirhash 15 2K 3K 166960K 27 0 ACPI 1690 195K 286K 166960K 12418 0 file desc 13 48K 93K 166960K 1932 0 sigio 0 0K 0K 166960K 47 0 proc 72 91K 152K 166960K 2421 0 subproc 91 5K 7K 166960K 936 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 124 0 in_multi 88 6K 7K 166960K 853 0 ether_multi 1 0K 0K 166960K 6 0 mrt 1 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 229 1023K 1023K 166960K 229 0 exec 0 0K 1K 166960K 1401 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 228 65K 93K 166960K 15728 0 UVM aobj 6 2K 2K 166960K 7 0 pinsyscall 38 76K 106K 166960K 4684 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 41 0 NDP 13 0K 2K 166960K 237 0 temp 54 6819K 6888K 166960K 54170 0 kqueue 13 20K 28K 166960K 158 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 227 0 224 1 0 1 1 0 8 0 rtentry 112 853 0 750 4 0 4 4 0 8 0 unpcb 144 703 0 684 10 8 2 6 0 8 1 syncache 336 8 0 8 5 5 0 1 0 8 0 tcpcb 808 424 0 418 13 11 2 7 0 8 1 arp 120 151 0 134 1 0 1 1 0 8 0 inpcb 336 1367 0 1357 21 19 2 9 0 8 0 nd6 136 226 0 205 1 0 1 1 0 8 0 pkpcb 40 5 0 5 5 4 1 1 0 8 1 kcovpl 48 72 0 65 1 0 1 1 0 8 0 ppxss 1168 7 0 7 5 4 1 1 0 8 1 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pffrag 232 15 0 10 2 1 1 1 0 482 0 pffrnode 88 15 0 10 2 1 1 1 0 8 0 pffrent 40 20 0 15 2 1 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfanchor 1288 1 0 1 1 1 0 1 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstitem 24 163 0 126 1 0 1 1 0 8 0 pfstkey 128 169 0 132 2 0 2 2 0 8 0 pfstate 376 166 0 129 5 1 4 4 0 8 0 pfrule 1344 27 0 21 2 1 1 2 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 3368 0 2954 34 5 29 29 0 8 0 art_table 32 3370 0 2954 4 0 4 4 0 8 0 art_node 16 849 0 757 1 0 1 1 0 8 0 sysvmsgpl 40 5 0 3 4 3 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 87 0 77 1 0 1 1 0 8 0 shmpl 112 4 0 1 1 0 1 1 0 8 0 dirhash 1024 27 0 8 3 0 3 3 0 8 0 dino2pl 256 3149 0 1513 103 0 103 103 0 8 0 ffsino 272 3149 0 1513 110 0 110 110 0 8 0 nchpl 144 4599 0 2818 67 0 67 67 0 8 0 uvmvnodes 80 4694 0 0 96 0 96 96 0 8 0 vnodes 216 4694 0 0 261 0 261 261 0 8 0 namei 1024 21976 0 21976 6 5 1 2 0 8 1 percpumem 16 121 0 74 1 0 1 1 0 8 0 kstatmem 264 174 0 148 3 0 3 3 0 8 1 scsiplug 72 1 0 1 1 1 0 1 0 8 0 scxspl 216 35063 0 35063 11 10 1 8 1 8 1 plimitpl 152 420 0 401 1 0 1 1 0 8 0 sigapl 424 2127 0 2060 11 2 9 9 0 8 0 futexpl 64 12873 0 12868 6 5 1 1 0 8 0 knotepl 120 613 0 0 18 0 18 18 0 8 0 kqueuepl 216 351 0 340 7 4 3 5 0 8 2 pipepl 320 573 0 551 10 7 3 8 0 8 0 fdescpl 496 2088 0 2061 8 3 5 5 0 8 0 filepl 152 10423 0 10221 43 24 19 19 0 8 7 lockfpl 104 329 0 327 1 0 1 1 0 8 0 lockfspl 48 119 0 117 1 0 1 1 0 8 0 sessionpl 144 90 0 81 1 0 1 1 0 8 0 pgrppl 48 175 0 159 1 0 1 1 0 8 0 ucredpl 104 1263 0 1249 1 0 1 1 0 8 0 zombiepl 144 2065 0 2060 1 0 1 1 0 8 0 processpl 1160 2127 0 2060 7 1 6 6 0 8 0 procpl 648 3592 0 3517 11 3 8 8 0 8 0 srpgc 96 7 0 7 4 4 0 1 0 8 0 sosppl 168 10 0 10 5 4 1 1 0 8 1 sockpl 664 2313 0 2281 32 27 5 14 0 8 1 mcl64k 65536 7 0 0 1 0 1 1 0 8 0 mcl16k 16384 3 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 8 0 0 1 0 1 1 0 8 0 mcl2k 2048 252 0 0 31 0 31 31 0 8 0 mtagpl 96 72 0 0 2 0 2 2 0 8 0 mbufpl 256 1101 0 0 67 0 67 67 0 8 0 bufpl 280 9308 0 1588 552 0 552 552 0 8 0 anonpl 24 375896 0 369332 92 21 71 77 0 185 21 amapchunkpl 152 50786 0 50294 52 21 31 41 0 158 8 amappl16 200 7785 0 7588 58 36 22 27 0 8 8 amappl15 192 8 0 8 1 1 0 1 0 8 0 amappl14 184 275 0 263 1 0 1 1 0 8 0 amappl13 176 17 0 17 3 2 1 1 0 8 1 amappl12 168 3831 0 3803 4 2 2 3 0 8 0 amappl11 160 122 0 108 1 0 1 1 0 8 0 amappl10 152 20 0 20 1 1 0 1 0 8 0 amappl9 144 170 0 170 1 1 0 1 0 8 0 amappl8 136 27 0 24 1 0 1 1 0 8 0 amappl7 128 262 0 250 1 0 1 1 0 8 0 amappl6 120 810 0 809 1 0 1 1 0 8 0 amappl5 112 472 0 460 1 0 1 1 0 8 0 amappl4 104 533 0 514 1 0 1 1 0 8 0 amappl3 96 9552 0 9445 5 1 4 4 0 8 0 amappl2 88 1608 0 1536 2 0 2 2 0 8 0 amappl1 80 17475 0 16912 18 4 14 15 0 8 0 amappl 88 14789 0 14623 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 2 0 1 1 0 1 1 0 8 0 dma512 512 1 0 1 1 0 1 1 0 8 1 dma256 256 8 0 8 2 2 0 1 0 8 0 dma128 128 255 0 255 3 2 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 6 0 1 1 0 1 1 0 8 0 uaddrrnd 24 2088 0 2061 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2088 0 2061 1 0 1 1 0 8 0 vmmpekpl 168 19345 0 19285 4 0 4 4 0 8 0 vmmpepl 168 136673 0 134763 129 28 101 101 0 357 6 vmsppl 440 2087 0 2060 6 2 4 5 0 8 0 rwobjpl 56 45994 0 40197 85 0 85 85 0 8 1 pdppl 4096 4183 0 4120 183 112 71 85 0 8 8 pvpl 32 43741 0 0 352 0 352 352 0 265 0 pmappl 248 2087 0 2060 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 592 0 164 13 0 13 13 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace memset() at memset+0x52 VOP_WRITE(fffffd8076991980,ffff800029fe5ad8,0,fffffd807f7d3d00) at VOP_WRITE+0x102 sys/kern/vfs_vops.c:245 uvn_io(fffffd806f6fc750,ffff800029fe5c70,5,39,1) at uvn_io+0x49c sys/uvm/uvm_vnode.c:1271 uvm_pager_put(fffffd806f6fc750,fffffd8007aa3b00,ffff800029fe5d08,ffff800029fe5d40,39,0,ef75894e80f65deb) at uvm_pager_put+0x18e sys/uvm/uvm_pager.c:525 uvn_flush(fffffd806f6fc750,0,0,19) at uvn_flush+0x72a sys/uvm/uvm_vnode.c:727 uvn_detach(fffffd806f6fc750) at uvn_detach+0xcb sys/uvm/uvm_vnode.c:362 uvm_unmap_detach(ffff800029fe5e50,0) at uvm_unmap_detach+0x15e sys/uvm/uvm_map.c:1364 uvm_map_teardown(fffffd8009302898) at uvm_map_teardown+0x35e sys/uvm/uvm_map.c:2518 uvmspace_free(fffffd8009302898) at uvmspace_free+0xcd sys/uvm/uvm_map.c:3422 reaper(ffff800029fd8518) at reaper+0x246 sys/kern/kern_exit.c:480 end trace frame: 0x0, count: -10 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffff800029b7bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff835138c0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff835138c0) at __mp_lock+0x192 sys/kern/kern_lock.c:144 syscall(ffff80002a0fa350) at syscall+0x2cc mi_syscall sys/sys/syscall_mi.h:156 [inline] syscall(ffff80002a0fa350) at syscall+0x2cc sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x789d78d1fe90, count: 9 ddb{1}> trace x86_ipi_db(ffff800029b7bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff835138c0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff835138c0) at __mp_lock+0x192 sys/kern/kern_lock.c:144 syscall(ffff80002a0fa350) at syscall+0x2cc mi_syscall sys/sys/syscall_mi.h:156 [inline] syscall(ffff80002a0fa350) at syscall+0x2cc sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x789d78d1fe90, count: -6