uvm_fault(0xfffffd805eb507c8, 0x0, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip ffffffff827b0788 cs 8 rflags 10207 cr2 0 cpl 0 rsp ffff80003c41cb20 gsbase 0xffff8000299edff0 kgsbase 0x0 panic: trap type 6, code=0, pc=ffffffff827b0788 Starting stack trace... panic(ffffffff833ba739) at panic+0x1d0 sys/kern/subr_prf.c:229 kerntrap(ffff80003c41ca70) at kerntrap+0x30b alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b dt_ioctl_record_stop(ffff800001483000) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:593 dtclose(21e5f,81,2000,ffff8000fffe9a10) at dtclose+0x109 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(21e5f,81,2000,ffff8000fffe9a10) at dtclose+0x109 sys/dev/dt/dt_dev.c:239 spec_close(ffff80003c41cc20) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806ba702c8,81,fffffd80097fb548,ffff8000fffe9a10) at VOP_CLOSE+0x132 sys/kern/vfs_vops.c:156 vn_closefile(fffffd805d7bb1c0,ffff8000fffe9a10) at vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd805d7bb1c0,ffff8000fffe9a10) at vn_closefile+0x12b sys/kern/vfs_vnops.c:615 fdrop(fffffd805d7bb1c0,ffff8000fffe9a10) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd805d7bb1c0,ffff8000fffe9a10) at closef+0x192 sys/kern/kern_descrip.c:1264 fdfree(ffff8000fffe9a10) at fdfree+0x116 sys/kern/kern_descrip.c:1195 exit1(ffff8000fffe9a10,b,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff8000fffe9a10,ffff80003c41cf90,ffff80003c41cee0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c41cf90) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c41cf90) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x74921ec78700, count: 242 End of stack trace. WARNING: SPL NOT LOWERED ON TRAP EXIT 4 0 Stopped at proc_trampoline+0xc7: movl $0,%gs:0x688 TID PID UID PRFLAGS PFLAGS CPU COMMAND * 71201 26069 0 0 0x4000000 1 syz-executor 493070 26406 0 0x2 0x1 0 syz-executor proc_trampoline() at proc_trampoline+0xc7 end trace frame: 0x0, count: 14 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xfffffd805eb507c8, 0x0, 0, 1) -> e ddb{1}> trace proc_trampoline() at proc_trampoline+0xc7 end trace frame: 0x0, count: -1 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff80003c417360 rbx 0 rdx 0 rcx 0xffff80003c4a7cc0 rax 0x2a r8 0xffff80003c417290 r9 0x1 r10 0x7c945409c06ee534 r11 0xbeb5b5f895c3e878 r12 0 r13 0 r14 0 r15 0 rip 0xffffffff81f794c7 proc_trampoline+0xc7 cs 0x8 rflags 0x246 rsp 0xffff80003c4172e0 ss 0 proc_trampoline+0xc7: movl $0,%gs:0x688 ddb{1}> show proc PROC (syz-executor) tid=71201 pid=26069 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c4a6a98,0xffff80003c4a6048 process=0xffff8000fffe79e0 user=0xffff80003c412000, vmspace=0xfffffd805eb505e0 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 26069 256450 19538 0 2 0 syz-executor *26069 71201 19538 0 7 0x4000000 syz-executor 26069 354978 19538 0 2 0x4000000 syz-executor 10543 415983 71773 0 2 0xc90 syz-executor 10543 298737 71773 0 3 0x4000090 msgwait syz-executor 10543 284492 71773 0 3 0x4000090 fsleep syz-executor 66366 34513 61686 0 2 0xc80 syz-executor 66366 374682 61686 0 3 0x4000080 ttyout syz-executor 66366 416868 61686 0 3 0x4000080 ttyout syz-executor 82747 7185 26406 0 2 0xc80 syz-executor 82747 94631 26406 0 3 0x4000080 lockf syz-executor 82747 341093 26406 0 3 0x4000080 fsleep syz-executor 22659 305765 0 0 3 0x14200 bored sosplice 96447 455043 0 0 3 0x14280 nfsidl nfsio 15926 332175 0 0 3 0x14280 nfsidl nfsio 62388 112620 0 0 3 0x14280 nfsidl nfsio 50476 427377 0 0 3 0x14280 nfsidl nfsio 90945 352978 0 0 3 0x14280 nfsidl nfsio 50493 403478 0 0 3 0x14280 nfsidl nfsio 9858 139302 0 0 3 0x14280 nfsidl nfsio 80051 257544 0 0 3 0x14280 nfsidl nfsio 72837 228212 0 0 3 0x14280 nfsidl nfsio 50544 88180 0 0 3 0x14280 nfsidl nfsio 25617 384419 0 0 3 0x14280 nfsidl nfsio 57891 519121 0 0 3 0x14280 nfsidl nfsio 82804 76167 0 0 3 0x14280 nfsidl nfsio 31535 5228 0 0 3 0x14280 nfsidl nfsio 9994 1367 0 0 3 0x14280 nfsidl nfsio 49220 279839 0 0 3 0x14280 nfsidl nfsio 13666 139811 0 0 3 0x14280 nfsidl nfsio 3463 334520 0 0 3 0x14280 nfsidl nfsio 55617 520673 0 0 3 0x14280 nfsidl nfsio 47724 58644 0 0 3 0x14280 nfsidl nfsio 8718 98146 42756 0 2 0xc82 syz-executor 24233 243891 42756 0 2 0x2 syz-executor 44036 309865 42756 0 2 0xc82 syz-executor 71773 355232 42756 0 2 0xc82 syz-executor 26406 493070 42756 0 7 0x3 syz-executor 19538 64251 42756 0 2 0xc82 syz-executor 84406 416957 42756 0 3 0x82 wait syz-executor 61686 244197 42756 0 2 0xc82 syz-executor 42756 239083 28950 0 3 0x82 kqread syz-executor 28950 333992 13750 0 3 0x10008a sigsusp ksh 13750 126144 999 0 3 0x98 kqread sshd-session 999 452091 94376 0 3 0x92 kqread sshd-session 33740 474826 1 0 2 0x100083 getty 94376 505345 1 0 3 0x88 kqread sshd 81538 323659 51393 74 3 0x1100092 bpf pflogd 51393 340848 1 0 3 0x80 sbwait pflogd 17196 450014 60933 73 3 0x1100090 kqread syslogd 60933 65103 1 0 3 0x100082 sbwait syslogd 68249 226658 1 0 3 0x100080 kqread resolvd 50318 234758 92730 77 3 0x100092 kqread dhcpleased 75381 111221 92730 77 3 0x100092 kqread dhcpleased 92730 98830 1 0 3 0x80 kqread dhcpleased 44973 224696 0 0 2 0x14200 smr 37625 258953 0 0 2 0x14200 zerothread 40485 283338 0 0 3 0x14200 aiodoned aiodoned 6055 227220 0 0 3 0x14200 syncer update 55390 320110 0 0 3 0x14200 cleaner cleaner 38273 520715 0 0 3 0x14200 reaper reaper 93615 273952 0 0 3 0x14200 pgdaemon pagedaemon 9932 120528 0 0 3 0x14200 bored viomb 71852 395742 0 0 3 0x40014200 acpi0 acpi0 16996 259450 0 0 3 0x40014200 idle1 14516 11654 0 0 3 0x14200 bored softnet1 85210 282130 0 0 3 0x14200 netlock softnet0 32328 475604 0 0 2 0x40014200 systqmp 57688 111815 0 0 3 0x14200 bored systq 78496 134363 0 0 2 0x14200 softclockmp 57063 430535 0 0 3 0x40014200 tmoslp softclock 53243 333394 0 0 3 0x40014200 idle0 1 178656 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks Process 26069 (syz-executor) thread 0xffff80003c4a6a98 (256450) Process 24233 (syz-executor) thread 0xffff80002a2714d8 (243891) ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10226 11130K 11927K 166960K 12338 0 pcb 17 13K 14K 166960K 224 0 rtable 183 8K 9K 166960K 508 0 pf 37 18K 67485K 166960K 107 0 ifaddr 34 5K 8K 166960K 86 0 ifgroup 59 2K 3K 166960K 135 0 sysctl 3 1K 9K 166960K 11 0 counters 70 37K 38K 166960K 150 0 ioctlops 0 0K 4K 166960K 1710 0 iov 0 0K 16K 166960K 45 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1369 86K 87K 166960K 2029 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 10 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 23 0 dirhash 12 2K 2K 166960K 21 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 93K 166960K 834 0 sigio 0 0K 0K 166960K 21 0 proc 72 115K 180K 166960K 597 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 122 0 in_multi 62 4K 7K 166960K 138 0 ether_multi 1 0K 0K 166960K 5 0 mrt 0 0K 0K 166960K 2 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 79 360K 360K 166960K 79 0 exec 0 0K 1K 166960K 475 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 252 168K 186K 166960K 9502 0 UVM aobj 18 2K 2K 166960K 20 0 pinsyscall 42 84K 106K 166960K 1978 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 86 0 NDP 13 0K 2K 166960K 53 0 temp 67 8657K 8726K 166960K 35221 0 kqueue 13 20K 32K 166960K 157 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 125 0 122 2 1 1 2 0 8 0 rtentry 176 149 0 78 6 0 6 6 0 8 0 unpcb 144 395 0 378 4 2 2 2 0 8 1 syncache 336 8 0 8 2 2 0 1 0 8 0 tcpcb 736 318 0 312 10 9 1 7 0 8 0 arp 136 27 0 13 1 0 1 1 0 8 0 inpcb 328 1030 0 1018 9 7 2 7 0 8 0 nd6 152 29 0 11 2 0 2 2 0 8 0 pkpcb 40 5 0 5 1 1 0 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1192 30 0 30 3 2 1 1 0 8 1 pppxif 1504 8 0 8 3 2 1 1 0 8 1 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pffrag 232 7 0 2 1 0 1 1 0 482 0 pffrnode 88 6 0 2 1 0 1 1 0 8 0 pffrent 40 13 0 8 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 70 0 16 1 0 1 1 0 8 0 pfstkey 128 72 0 18 2 0 2 2 0 8 0 pfstate 384 71 0 17 6 0 6 6 0 8 0 pfrule 1344 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 574 0 287 31 8 23 31 0 8 1 art_table 40 577 0 287 5 0 5 5 0 8 0 art_node 32 146 0 87 1 0 1 1 0 8 0 sysvmsgpl 40 76 0 74 1 0 1 1 0 8 0 semapl 112 21 0 11 1 0 1 1 0 8 0 shmpl 112 17 0 2 1 0 1 1 0 8 0 dirhash 1024 23 0 6 3 0 3 3 0 8 0 dino2pl 256 3042 0 1535 96 0 96 96 0 8 0 ffsino 296 3042 0 1535 117 0 117 117 0 8 0 nchpl 144 4216 0 3672 64 40 24 64 0 8 0 rtmask 32 6 0 6 2 2 0 1 0 8 0 vnodes 216 3430 0 0 191 0 191 191 0 8 0 namei 1024 13732 0 13732 2 1 1 1 0 8 1 percpumem 16 90 0 40 1 0 1 1 0 8 0 kstatmem 264 80 0 48 3 0 3 3 0 8 0 scsiplug 72 2 0 2 1 1 0 1 0 8 0 scxspl 216 22831 0 22831 10 9 1 8 1 8 1 plimitpl 152 212 0 194 1 0 1 1 0 8 0 sigapl 424 1168 0 1100 8 0 8 8 0 8 0 knotepl 120 541 0 0 16 0 16 16 0 8 0 kqueuepl 224 333 0 324 5 4 1 3 0 8 0 pipepl 344 176 0 148 3 0 3 3 0 8 0 fdescpl 528 1130 0 1099 3 0 3 3 0 8 0 filepl 160 6855 0 6623 18 6 12 15 0 8 1 lockfpl 104 349 0 345 2 1 1 2 0 8 0 lockfspl 48 100 0 97 1 0 1 1 0 8 0 sessionpl 144 26 0 17 1 0 1 1 0 8 0 pgrppl 48 38 0 21 1 0 1 1 0 8 0 ucredpl 104 1078 0 1063 1 0 1 1 0 8 0 zombiepl 144 1103 0 1100 1 0 1 1 0 8 0 processpl 1232 1168 0 1100 6 0 6 6 0 8 0 procpl 664 2423 0 2347 8 0 8 8 0 8 0 sosppl 168 8 0 8 2 1 1 1 0 8 1 sockpl 752 1581 0 1549 15 10 5 11 0 8 0 mcl64k 65536 5 0 0 1 0 1 1 0 8 0 mcl16k 16384 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 114 0 0 15 0 15 15 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 36 0 0 5 0 5 5 0 8 0 mtagpl 96 2 0 0 1 0 1 1 0 8 0 mbufpl 256 263 0 0 17 0 17 17 0 8 0 bufpl 280 9162 0 3025 439 0 439 439 0 8 0 anonpl 32 10975 0 0 89 0 89 89 0 246 0 amapchunkpl 152 38032 0 37525 43 14 29 36 0 158 8 amappl16 200 4335 0 4300 38 26 12 24 0 8 6 amappl15 192 81 0 81 1 1 0 1 0 8 0 amappl14 184 2 0 2 1 1 0 1 0 8 0 amappl13 176 431 0 430 1 0 1 1 0 8 0 amappl12 168 1521 0 1479 3 0 3 3 0 8 0 amappl11 160 2 0 2 1 1 0 1 0 8 0 amappl10 152 52 0 36 1 0 1 1 0 8 0 amappl9 144 246 0 246 1 1 0 1 0 8 0 amappl8 136 65 0 63 1 0 1 1 0 8 0 amappl7 128 84 0 83 1 0 1 1 0 8 0 amappl6 120 300 0 287 1 0 1 1 0 8 0 amappl5 112 82 0 70 1 0 1 1 0 8 0 amappl4 104 450 0 421 1 0 1 1 0 8 0 amappl3 96 5439 0 5342 4 1 3 3 0 8 0 amappl2 88 1274 0 1198 2 0 2 2 0 8 0 amappl1 80 13079 0 12479 16 1 15 15 0 8 0 amappl 88 8606 0 8432 5 0 5 5 0 92 0 uvmvnodes 80 3430 0 0 70 0 70 70 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 8 0 8 3 3 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 19 0 2 1 0 1 1 0 8 0 uaddrrnd 24 1130 0 1099 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1130 0 1099 1 0 1 1 0 8 0 vmmpekpl 168 11039 0 11002 3 0 3 3 0 8 0 vmmpepl 168 79785 0 77831 111 7 104 107 0 357 8 vmsppl 488 1129 0 1099 6 1 5 5 0 8 1 rwobjpl 80 27700 0 23304 94 0 94 94 0 8 0 pdppl 4096 2268 0 2198 104 32 72 86 0 8 2 pvpl 32 18464 0 0 150 1 149 149 0 265 0 pmappl 256 1129 0 1099 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 299 0 56 8 0 8 8 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffffffff8378fff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff839c9568) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff839c9568) at __mp_lock+0x192 sys/kern/kern_lock.c:165 ktrsysret(ffff8000ffffc7d0,5b,0,ffff80002a354cd0) at ktrsysret+0xde ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline] ktrsysret(ffff8000ffffc7d0,5b,0,ffff80002a354cd0) at ktrsysret+0xde sys/kern/kern_ktrace.c:209 syscall(ffff80002a354d80) at syscall+0xa50 mi_syscall_return sys/sys/syscall_mi.h:204 [inline] syscall(ffff80002a354d80) at syscall+0xa50 sys/arch/amd64/amd64/trap.c:769 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77212729eb60, count: 8 ddb{0}> trace x86_ipi_db(ffffffff8378fff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff839c9568) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff839c9568) at __mp_lock+0x192 sys/kern/kern_lock.c:165 ktrsysret(ffff8000ffffc7d0,5b,0,ffff80002a354cd0) at ktrsysret+0xde ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline] ktrsysret(ffff8000ffffc7d0,5b,0,ffff80002a354cd0) at ktrsysret+0xde sys/kern/kern_ktrace.c:209 syscall(ffff80002a354d80) at syscall+0xa50 mi_syscall_return sys/sys/syscall_mi.h:204 [inline] syscall(ffff80002a354d80) at syscall+0xa50 sys/arch/amd64/amd64/trap.c:769 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77212729eb60, count: -7 ddb{0}> machine ddbcpu 1 Stopped at proc_trampoline+0xc7: movl $0,%gs:0x688 proc_trampoline() at proc_trampoline+0xc7 end trace frame: 0x0, count: 14 ddb{1}> trace proc_trampoline() at proc_trampoline+0xc7 end trace frame: 0x0, count: -1