login: panic: rw_enter: vmmaplk locking against myself Stopped at db_enter+0xa: popq %rbp TID PID UID PRFLAGS PFLAGS CPU COMMAND *290306 73809 0 0x2 0 0 syz-executor1 db_enter() at db_enter+0xa panic() at panic+0x147 _rw_enter(0,ffff800021141a28) at _rw_enter+0x2fa uvmfault_lookup(1,ffffff007f12bb58) at uvmfault_lookup+0x99 uvm_fault(ffff8000210c3078,ffff80002113d000,0,6000118) at uvm_fault+0x6e pageflttrap() at pageflttrap+0x197 kerntrap(0) at kerntrap+0x7c alltraps_kern(6,42,6000100,0,0,1) at alltraps_kern+0x7b _bpf_mtap(ffff800000074340,1,ffff800000074340,ffffff0071489300) at _bpf_mtap+0x68 bpf_mtap_ether(ffff800021141e88,42,ffff800000074340) at bpf_mtap_ether+0xeb ifiq_input(ffff800000171050,ffff800000171290,ffffff0071489300) at ifiq_input+0x105 vio_rxeof(ffff800000171050) at vio_rxeof+0x220 vio_rx_intr(ffffffff) at vio_rx_intr+0x23 virtio_check_vqs(ffff80000001c300) at virtio_check_vqs+0x166 end trace frame: 0xffff800021141f80, count: 0 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> show panic rw_enter: vmmaplk locking against myself ddb> trace db_enter() at db_enter+0xa panic() at panic+0x147 _rw_enter(0,ffff800021141a28) at _rw_enter+0x2fa uvmfault_lookup(1,ffffff007f12bb58) at uvmfault_lookup+0x99 uvm_fault(ffff8000210c3078,ffff80002113d000,0,6000118) at uvm_fault+0x6e pageflttrap() at pageflttrap+0x197 kerntrap(0) at kerntrap+0x7c alltraps_kern(6,42,6000100,0,0,1) at alltraps_kern+0x7b _bpf_mtap(ffff800000074340,1,ffff800000074340,ffffff0071489300) at _bpf_mtap+0x68 bpf_mtap_ether(ffff800021141e88,42,ffff800000074340) at bpf_mtap_ether+0xeb ifiq_input(ffff800000171050,ffff800000171290,ffffff0071489300) at ifiq_input+0x105 vio_rxeof(ffff800000171050) at vio_rxeof+0x220 vio_rx_intr(ffffffff) at vio_rx_intr+0x23 virtio_check_vqs(ffff80000001c300) at virtio_check_vqs+0x166 intr_handler(0,ffff80000024b980) at intr_handler+0x3f Xintr_ioapic_edge19_untramp(0,0,ffffff006bbd3170,0,ffffff006bbd3170,ffffff007f12bd68) at Xintr_ioapic_edge19_untramp+0x19f __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x14 uvm_map_mkentry(2000,ffffff007f12bd68,3,7,83f14f8000,0) at uvm_map_mkentry+0x1f3 uvm_mapent_clone(ffffff00697ef220,ffffff006bbd3950,ffffff007f12bb58,ffffff007f12bd68,ffff8000211421c0,42577f8a4aded77d) at uvm_mapent_clone+0x87 uvm_mapent_forkcopy(83f14f8000,ffffff006bbd3950,ffffff007f12bd68,2000,ffffff00697ef220) at uvm_mapent_forkcopy+0x4c uvmspace_fork(ffff8000210a5988) at uvmspace_fork+0x1c9 process_new(ffffffff81b18880,1,ffff8000210c3078) at process_new+0x1d9 fork1() at fork1+0x26d syscall(0) at syscall+0x3e4 Xsyscall(6,2,0,2,0,7f7ffffde670) at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffde620, count: -25 ddb> show registers rdi 0xffffffff81e176b8 kprintf_mutex rsi 0x5 rbp 0xffff800021141840 rbx 0xffff8000211418e0 rdx 0x3fd rcx 0 rax 0x1 r8 0xffff800021141810 r9 0x8080808080808080 r10 0 r11 0xffffffff8114ff50 x86_bus_space_io_read_1 r12 0x3000000008 r13 0xffff800021141850 r14 0x100 r15 0xffffffff81c077c6 cmd680_setup_channel.udma_tbl+0x2090 rip 0xffffffff8144da2a db_enter+0xa cs 0x8 rflags 0x202 rsp 0xffff800021141840 ss 0x10 db_enter+0xa: popq %rbp ddb> show proc PROC (syz-executor1) pid=290306 stat=onproc flags process=2 proc=0 pri=75, usrpri=75, nice=20 forw=0xffffffffffffffff, list=0xffff8000210c2bc8,0xffff8000210c3538 process=0xffff8000210a5988 user=0xffff80002113d000, vmspace=0xffffff007f12bb58 estcpu=25, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 75999 102178 1 0 3 0x100083 ttyin getty 42766 386196 0 0 3 0x14200 bored sosplice 61080 274039 82971 0 2 0x2 syz-executor0 *73809 290306 82971 0 7 0x2 syz-executor1 82971 515354 23653 0 3 0x82 thrsleep syz-fuzzer 82971 15771 23653 0 3 0x4000082 nanosleep syz-fuzzer 82971 294282 23653 0 3 0x4000082 thrsleep syz-fuzzer 82971 473407 23653 0 3 0x4000082 thrsleep syz-fuzzer 82971 62708 23653 0 2 0x4000002 syz-fuzzer 82971 269690 23653 0 3 0x4000082 thrsleep syz-fuzzer 82971 19259 23653 0 3 0x4000082 thrsleep syz-fuzzer 23653 419309 55501 0 3 0x10008a pause ksh 55501 162327 7620 0 3 0x92 select sshd 7620 151529 1 0 3 0x80 select sshd 83770 319141 62958 73 3 0x100090 kqread syslogd 62958 424219 1 0 3 0x100082 netio syslogd 48072 376465 1 77 3 0x100090 poll dhclient 33152 495549 1 0 3 0x80 poll dhclient 69924 221596 0 0 2 0x14200 zerothread 84661 183176 0 0 3 0x14200 aiodoned aiodoned 95120 468179 0 0 3 0x14200 syncer update 37573 413239 0 0 3 0x14200 cleaner cleaner 88986 221849 0 0 3 0x14200 reaper reaper 43764 428824 0 0 3 0x14200 pgdaemon pagedaemon 1748 105463 0 0 3 0x14200 bored crynlk 8577 398218 0 0 3 0x14200 bored crypto 47234 84269 0 0 3 0x40014200 acpi0 acpi0 57102 348560 0 0 3 0x14200 bored softnet 72154 4526 0 0 3 0x14200 bored systqmp 31294 108497 0 0 3 0x14200 bored systq 90946 26938 0 0 3 0x40014200 bored softclock 93916 76344 0 0 3 0x40014200 idle0 1 367577 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper