panic: kernel diagnostic aWAsRsNIeNG:r tSPLi NoOn "T LdOWuEpeRE =D= NONU LLSY"S fCAaLilL e1d10 :5 3f ilEeX I"T 0/ sayzk alStopped at savectx+0xae: movl $0,%gs:0x680 TID PID UID PRFLAGS PFLAGS CPU COMMAND 370026 49256 0 0x8000002 0 1 syz-executor *420802 56271 0 0x8000002 0 0 syz-executor savectx() at savectx+0xae end of kernel end trace frame: 0x7e7e4b33f2e0, count: 14 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu1: kernel diagnostic assertion "dupe == NULL" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_page.c", line 144 ddb{0}> trace savectx() at savectx+0xae end of kernel end trace frame: 0x7e7e4b33f2e0, count: -1 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80002a082ee0 rbx 0 rdx 0 rcx 0xffff8000ffffca30 rax 0x34 r8 0xffff80002a082e10 r9 0 r10 0x209230607f47878e r11 0x769a5299a558f399 r12 0 r13 0 r14 0xffff8000ffffca30 r15 0 rip 0xffffffff82ce53ee savectx+0xae cs 0x8 rflags 0x46 rsp 0xffff80002a082e60 ss 0x10 savectx+0xae: movl $0,%gs:0x680 ddb{0}> show proc PROC (syz-executor) tid=420802 pid=56271 tcnt=1 stat=onproc flags process=8000002 proc=0 runpri=24, usrpri=78, slppri=24, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff800029fd9958,0xffff80002db73480 process=0xffff800029fe8908 user=0xffff80002a07d000, vmspace=0xfffffd80092f2528 estcpu=28, cpticks=1, pctcpu=0.43, user=195, sys=2056, intr=37 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 61001 163983 31632 0 3 0x8000080 nanoslp syz-executor 61001 294319 31632 0 3 0xc000080 fsleep syz-executor 61001 516261 31632 0 3 0xc000080 fsleep syz-executor 61001 380522 31632 0 3 0xc000080 fsleep syz-executor 77972 151702 40972 0 3 0x8000080 nanoslp syz-executor 77972 468752 40972 0 3 0xc000080 fsleep syz-executor 77972 500352 40972 0 3 0xc000080 fsleep syz-executor 77972 23902 40972 0 3 0xc000080 fsleep syz-executor 48621 90644 57221 60928 3 0x8000090 nanoslp syz-executor 48621 267739 57221 60928 3 0xc000090 kqread syz-executor 48621 181883 57221 60928 3 0xc000090 fsleep syz-executor 16994 417913 1610 0 2 0x8000000 syz-executor 16994 223680 1610 0 3 0xc000080 lockf syz-executor 16994 140471 1610 0 3 0xc000080 lockf syz-executor 16994 284638 1610 0 3 0xc000000 vmmaplk syz-executor 16994 330802 1610 0 2 0xc000000 syz-executor 2713 144931 56271 0 3 0x8000002 biowait syz-executor 40972 168133 56271 0 3 0x8000082 nanoslp syz-executor 99639 151945 56271 0 3 0x8000002 biowait syz-executor 57221 65951 56271 0 3 0x8000082 nanoslp syz-executor 46554 187400 56271 0 3 0x8000002 biowait syz-executor 31632 179483 56271 0 3 0x8000082 nanoslp syz-executor 49256 370026 56271 0 7 0x8000002 syz-executor 1610 167660 56271 0 2 0x8000482 syz-executor 37514 505361 1 0 3 0x18100083 ttyin getty 86920 268350 0 0 3 0x14200 bored sosplice *56271 420802 34976 0 7 0x8000002 syz-executor 34976 40680 75327 0 3 0x810008a sigsusp ksh 75327 64578 37374 0 3 0x18000098 kqread sshd-session 37374 170050 53825 0 3 0x18000092 kqread sshd-session 53825 428088 1 0 3 0x18000088 kqread sshd 3626 86130 39051 74 3 0x19100092 bpf pflogd 39051 391116 1 0 3 0x18000080 sbwait pflogd 79460 327727 74473 73 3 0x19100090 kqread syslogd 74473 23776 1 0 3 0x18100082 sbwait syslogd 41244 449048 1 0 3 0x18100080 kqread resolvd 1712 523948 4305 77 3 0x18100092 kqread dhcpleased 37408 373697 4305 77 3 0x18100092 kqread dhcpleased 4305 408888 1 0 3 0x18000080 kqread dhcpleased 61563 39829 0 0 3 0x14200 bored smr 95591 308231 0 0 2 0x14200 zerothread 46169 164660 0 0 3 0x14200 aiodoned aiodoned 57108 19074 0 0 3 0x14200 syncer update 47259 124236 0 0 3 0x14200 cleaner cleaner 20117 193833 0 0 3 0x14200 reaper reaper 57544 272785 0 0 3 0x14200 pgdaemon pagedaemon 75813 334627 0 0 3 0x14200 bored viomb 19438 236203 0 0 3 0x40014200 acpi0 acpi0 91332 208589 0 0 3 0x40014200 idle1 77321 272693 0 0 3 0x14200 bored softnet3 8276 366771 0 0 3 0x14200 bored softnet2 31578 27678 0 0 3 0x14200 bored softnet1 18554 392645 0 0 3 0x14200 bored softnet0 86679 410224 0 0 3 0x14200 bored systqmp 28323 108140 0 0 3 0x14200 bored systq 50358 84806 0 0 3 0x14200 tmoslp softclockmp 5083 137996 0 0 3 0x40014200 tmoslp softclock 19340 491855 0 0 3 0x40014200 idle0 1 492073 0 0 3 0x8080082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks CPU 0: exclusive mutex &pmap->pm_mtx r = 0 (0xfffffd806d1398d0) #0 witness_lock+0x5b8 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5b8 sys/kern/subr_witness.c:1151 #1 mtx_enter_try+0x178 #2 mtx_enter+0x60 sys/kern/kern_lock.c:239 #3 pmap_do_remove+0xa9 rcr3 machine/cpufunc.h:139 [inline] #3 pmap_do_remove+0xa9 pmap_map_ptes sys/arch/amd64/amd64/pmap.c:430 [inline] #3 pmap_do_remove+0xa9 sys/arch/amd64/amd64/pmap.c:1815 #4 uvm_unmap_kill_entry_withlock+0x274 sys/uvm/uvm_map.c:1865 #5 uvm_unmap_remove+0x6a2 sys/uvm/uvm_map.c:2004 #6 uvm_mapanon+0x5f9 sys/uvm/uvm_map.c:805 #7 uvm_mmapanon+0x1d0 sys/uvm/uvm_mmap.c:1020 #8 sys_mmap+0xa96 sys/uvm/uvm_mmap.c:421 #9 syscall+0xbb6 mi_syscall sys/sys/syscall_mi.h:179 [inline] #9 syscall+0xbb6 sys/arch/amd64/amd64/trap.c:577 #10 Xsyscall+0x128 CPU 1: exclusive mutex &pmap->pm_mtx r = 0 (0xfffffd806d1396e0) #0 witness_lock+0x5b8 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5b8 sys/kern/subr_witness.c:1151 #1 mtx_enter_try+0x178 #2 mtx_enter+0x60 sys/kern/kern_lock.c:239 #3 pmap_enter+0x246 rcr3 machine/cpufunc.h:139 [inline] #3 pmap_enter+0x246 pmap_map_ptes sys/arch/amd64/amd64/pmap.c:430 [inline] #3 pmap_enter+0x246 sys/arch/amd64/amd64/pmap.c:2755 #4 uvm_fault_upper+0x376 sys/uvm/uvm_fault.c:1056 #5 uvm_fault+0x1b2 sys/uvm/uvm_fault.c:608 #6 upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:188 #7 usertrap+0x2d8 sys/arch/amd64/amd64/trap.c:436 #8 recall_trap+0x8 Process 16994 (syz-executor) thread 0xffff80002f5742c0 (330802) uvm_fault(0xfffffd80092f2528, 0x200000012, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip ffffffff825e91ed cs 8 rflags 10202 cr2 200000012 cpl d rsp ffff80002a082a50 gsbase 0xffffffff83413ff0 kgsbase 0x0 panic: trap type 6, code=0, pc=ffffffff825e91ed Starting stack trace... panic(ffffffff82fd066b) at panic+0x1d0 sys/kern/subr_prf.c:229 kerntrap(ffff80002a0829a0) at kerntrap+0x29b sys/arch/amd64/amd64/trap.c:327 alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b witness_ddb_list(ffff80002f5742c0) at witness_ddb_list+0x12d witness_list_lock sys/kern/subr_witness.c:1836 [inline] witness_ddb_list(ffff80002f5742c0) at witness_ddb_list+0x12d witness_list_locks sys/kern/subr_witness.c:1961 [inline] witness_ddb_list(ffff80002f5742c0) at witness_ddb_list+0x12d sys/kern/subr_witness.c:2107 db_witness_list_all(ffffffff82ce53ee,0,ffffffffffffffff,ffff80002a082b20) at db_witness_list_all+0x42c sys/kern/subr_witness.c:2168 db_command(ffffffff835c5130,ffffffff83275160) at db_command+0x647 sys/ddb/db_command.c:293 db_command_loop() at db_command_loop+0x132 sys/ddb/db_command.c:724 db_trap(1,0) at db_trap+0x2af sys/ddb/db_trap.c:56 db_ktrap(1,0,ffff80002a082db0) at db_ktrap+0x303 sys/arch/amd64/amd64/db_interface.c:151 kerntrap(ffff80002a082db0) at kerntrap+0x1dc sys/arch/amd64/amd64/trap.c:323 alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b savectx() at savectx+0xae end of kernel end trace frame: 0x7e7e4b33f2e0, count: 245 End of stack trace. dump to dev 4,1 not possible