uvm_fault(0xfffffd8060e4cd88, 0x0, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip ffffffff81374ca8 cs 8 rflags 10207 cr2 0 cpl 0 rsp ffff80002a31a130 gsbase 0xffff8000299edff0 kgsbase 0x0 panic: trap type 6, code=0, pc=ffffffff81374ca8 Starting stack trace... panic(ffffffff833c0ea4) at panic+0x1d0 sys/kern/subr_prf.c:229 kerntrap(ffff80002a31a080) at kerntrap+0x30b alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b dt_ioctl_record_stop(ffff80000149f000) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:593 dtclose(11e5f,81,2000,ffff80003b008d18) at dtclose+0x109 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80003b008d18) at dtclose+0x109 sys/dev/dt/dt_dev.c:239 spec_close(ffff80002a31a230) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd800eecea80,81,fffffd80097fb478,ffff80003b008d18) at VOP_CLOSE+0x132 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c214d50,ffff80003b008d18) at vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806c214d50,ffff80003b008d18) at vn_closefile+0x12b sys/kern/vfs_vnops.c:615 fdrop(fffffd806c214d50,ffff80003b008d18) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806c214d50,ffff80003b008d18) at closef+0x192 sys/kern/kern_descrip.c:1264 fdfree(ffff80003b008d18) at fdfree+0x116 sys/kern/kern_descrip.c:1195 exit1(ffff80003b008d18,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80003b008d18,ffff80002a31a5a0,ffff80002a31a4f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80002a31a5a0) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a31a5a0) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f359083b7c0, count: 242 End of stack trace. WARNING: SPL NOT LOWERED ON SYSCALL 318 -1 EXIT 0 4 Stopped at savectx+0xae: movl $0,%gs:0x688 TID PID UID PRFLAGS PFLAGS CPU COMMAND 340433 56248 0 0 0 0 syz-executor * 76603 56248 0 0 0x4000000 1 syz-executor savectx() at savectx+0xae end of kernel end trace frame: 0x41d499af8f0, count: 14 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xfffffd8060e4cd88, 0x0, 0, 1) -> e ddb{1}> trace savectx() at savectx+0xae end of kernel end trace frame: 0x41d499af8f0, count: -1 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff80002a334d30 rbx 0 rdx 0xffff80000147f9c0 rcx 0xffff80003c44b260 rax 0x34 r8 0xffff80002a334c60 r9 0xffff80002a334900 r10 0x3e500bfd2e0d6754 r11 0xfd448e18b98b9a3a r12 0 r13 0 r14 0xffff80003c44b260 r15 0 rip 0xffffffff8264e3ee savectx+0xae cs 0x8 rflags 0x46 rsp 0xffff80002a334cb0 ss 0x10 savectx+0xae: movl $0,%gs:0x688 ddb{1}> show proc PROC (syz-executor) tid=76603 pid=56248 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003b009ca8,0xffff80003c44ba38 process=0xffff80003c4fb048 user=0xffff80002a32f000, vmspace=0xfffffd8060e4c400 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 78390 164657 59959 0 2 0 syz-executor 56248 340433 94159 0 7 0 syz-executor *56248 76603 94159 0 7 0x4000000 syz-executor 36186 488517 68441 0 3 0x80 nanoslp syz-executor 36186 392452 68441 0 3 0x4000080 lockf syz-executor 36186 207997 68441 0 3 0x4000080 fsleep syz-executor 6349 202896 25198 0 3 0x82 nanoslp syz-executor 68407 209200 25198 0 3 0x82 nanoslp syz-executor 59959 226772 25198 0 3 0x82 nanoslp syz-executor 49395 518148 1 0 3 0x100083 ttyopn getty 79155 187359 25198 0 3 0x82 wait syz-executor 68441 513472 25198 0 3 0x82 nanoslp syz-executor 54268 46706 25198 0 3 0x2 biowait syz-executor 64822 453552 25198 0 3 0x82 nanoslp syz-executor 94159 366372 25198 0 3 0x82 nanoslp syz-executor 25198 258831 24441 0 3 0x82 kqread syz-executor 24441 242531 83496 0 3 0x10008a sigsusp ksh 83496 439434 95050 0 3 0x98 kqread sshd-session 95050 184453 23938 0 3 0x92 kqread sshd-session 23938 447378 1 0 3 0x88 kqread sshd 71334 488494 53165 74 3 0x1100092 bpf pflogd 53165 357796 1 0 3 0x80 sbwait pflogd 3006 57236 39650 73 3 0x1100090 kqread syslogd 39650 201650 1 0 3 0x100082 sbwait syslogd 3800 480747 1 0 3 0x100080 kqread resolvd 97353 135267 0 0 3 0x14200 bored smr 1143 267859 0 0 3 0x14200 pgzero zerothread 72790 462293 0 0 3 0x14200 aiodoned aiodoned 81360 196209 0 0 3 0x14200 syncer update 12201 132396 0 0 3 0x14200 cleaner cleaner 43701 150682 0 0 3 0x14200 reaper reaper 43368 355995 0 0 3 0x14200 pgdaemon pagedaemon 60259 293912 0 0 3 0x14200 bored viomb 50114 338482 0 0 3 0x40014200 acpi0 acpi0 76866 137394 0 0 3 0x40014200 idle1 20141 460532 0 0 3 0x14200 bored softnet1 73949 436177 0 0 3 0x14200 netlock softnet0 46617 337547 0 0 3 0x14200 smrbar systqmp 29633 330520 0 0 3 0x14200 bored systq 54425 485661 0 0 3 0x14200 tmoslp softclockmp 98050 81938 0 0 3 0x40014200 tmoslp softclock 37508 18872 0 0 3 0x40014200 idle0 1 99298 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks Process 54268 (syz-executor) thread 0xffff80003b0087e8 (46706) Process 46617 (systqmp) thread 0xffff8000ffffe298 (337547) ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10239 11094K 12423K 166960K 16900 0 pcb 17 20K 35K 166960K 2081 0 rtable 207 16K 19K 166960K 2018 0 pf 35 17K 67486K 166960K 1245 0 ifaddr 32 8K 12K 166960K 535 0 ifgroup 51 2K 3K 166960K 1105 0 sysctl 4 1K 9K 166960K 82 0 counters 66 36K 38K 166960K 1352 0 ioctlops 0 0K 8K 166960K 3427 0 iov 0 0K 24K 166960K 830 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1508 95K 95K 166960K 8137 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 10K 166960K 118 0 VM map 2 1K 1K 166960K 2 0 sem 20 77K 77K 166960K 383 0 dirhash 12 2K 3K 166960K 123 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 240K 166960K 7891 0 sigio 0 0K 0K 166960K 239 0 proc 74 115K 164K 166960K 2102 0 subproc 72 4K 4K 166960K 263 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1760 0 in_multi 49 3K 7K 166960K 672 0 ether_multi 1 0K 0K 166960K 114 0 mrt 1 0K 0K 166960K 87 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 253 1129K 1129K 166960K 253 0 exec 0 0K 1K 166960K 2197 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 15 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 226 138K 184K 166960K 72272 0 UVM aobj 145 12K 12K 166960K 151 0 pinsyscall 36 72K 103K 166960K 9478 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 616 0 NDP 11 0K 1K 166960K 412 0 temp 94 8660K 8788K 166960K 398950 0 kqueue 9 15K 38K 166960K 1609 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 1225 0 1224 11 9 2 3 0 8 1 rtentry 176 655 0 591 6 0 6 6 0 8 0 unpcb 144 6586 0 6576 33 29 4 6 0 8 3 syncache 336 17 0 17 7 7 0 1 0 8 0 tcpcb 736 3278 0 3274 41 36 5 10 0 8 4 arp 136 117 0 104 1 0 1 1 0 8 0 inpcb 328 10219 0 10212 78 71 7 13 0 8 6 nd6 152 116 0 104 4 2 2 2 0 8 0 pkpcb 40 61 0 61 8 8 0 1 0 8 0 kcovpl 48 29 0 21 1 0 1 1 0 8 0 mppekey 1024 6 0 6 5 5 0 1 0 8 0 ppxss 1192 493 0 493 3 2 1 1 0 8 1 pppxif 1504 48 0 48 10 9 1 1 0 8 1 pffrag 232 55 0 50 2 0 2 2 0 482 1 pffrnode 88 44 0 39 1 0 1 1 0 8 0 pffrent 40 170 0 165 2 1 1 1 0 8 0 pfosfp 40 1429 0 1429 5 5 0 5 0 8 0 pfosfpen 112 1429 0 1429 21 21 0 21 0 8 0 pfrktable 1344 10 0 10 6 6 0 1 0 8 0 pfanchor 1288 7 0 2 2 1 1 1 0 8 0 pftag 88 3 0 1 1 0 1 1 0 8 0 pfstitem 24 454 0 350 1 0 1 1 0 8 0 pfstkey 128 456 0 352 5 0 5 5 0 8 0 pfstate 384 454 0 351 15 1 14 15 0 8 2 pfrule 1344 104 0 99 2 1 1 2 0 8 0 rttmr 136 19 0 19 10 10 0 1 0 8 0 art_heap8 4096 5 0 1 5 1 4 5 0 8 0 art_heap4 256 2849 0 2624 59 30 29 32 0 8 3 art_table 40 2854 0 2625 8 3 5 6 0 8 0 art_node 32 649 0 584 2 0 2 2 0 8 0 sysvmsgpl 40 17 0 7 1 0 1 1 0 8 0 semupl 112 7 0 7 5 5 0 1 0 8 0 semapl 112 370 0 352 1 0 1 1 0 8 0 shmpl 112 148 0 6 5 0 5 5 0 8 0 dirhash 1024 92 0 75 3 0 3 3 0 8 0 dino2pl 256 17111 0 15554 98 0 98 98 0 8 0 ffsino 296 17111 0 15554 122 1 121 121 0 8 0 nchpl 144 28278 0 27611 66 40 26 64 0 8 0 rtmask 32 77 0 77 11 11 0 1 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 108003 0 108002 4 3 1 2 0 8 0 percpumem 16 691 0 643 1 0 1 1 0 8 0 pfiaddrpl 120 1 0 1 1 1 0 1 0 8 0 kstatmem 264 708 0 682 5 2 3 3 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 35 0 35 12 11 1 1 0 8 1 scxspl 216 136331 0 136330 25 23 2 8 1 8 1 plimitpl 152 2346 0 2329 1 0 1 1 0 8 0 sigapl 424 8095 0 8051 8 2 6 8 0 8 0 knotepl 120 967 0 0 27 1 26 27 0 8 0 kqueuepl 224 3590 0 3583 30 29 1 7 0 8 0 pipepl 344 1961 0 1933 33 30 3 9 0 8 0 fdescpl 528 8021 0 7993 3 0 3 3 0 8 0 filepl 160 68098 0 67891 81 64 17 24 0 8 5 lockfpl 104 3245 0 3241 4 3 1 2 0 8 0 lockfspl 48 1013 0 1011 1 0 1 1 0 8 0 sessionpl 144 54 0 46 1 0 1 1 0 8 0 pgrppl 48 411 0 395 1 0 1 1 0 8 0 ucredpl 104 13147 0 13136 1 0 1 1 0 8 0 zombiepl 144 10054 0 10050 1 0 1 1 0 8 0 processpl 1232 8095 0 8051 6 2 4 6 0 8 0 procpl 664 20757 0 20710 9 3 6 8 0 8 0 sosppl 176 86 0 86 12 11 1 1 0 8 1 sockpl 752 18497 0 18479 148 138 10 24 0 8 7 mcl64k 65536 26 0 0 4 0 4 4 0 8 0 mcl16k 16384 6 0 0 1 0 1 1 0 8 0 mcl12k 12288 4 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 4 0 0 1 0 1 1 0 8 0 mcl4k 4096 127 0 0 14 0 14 14 0 8 0 mcl2k2 2112 3 0 0 1 0 1 1 0 8 0 mcl2k 2048 155 0 0 11 0 11 11 0 8 0 mtagpl 96 4 0 0 1 0 1 1 0 8 0 mbufpl 256 2019 0 0 114 0 114 114 0 8 0 bufpl 280 48380 0 42243 439 0 439 439 0 8 0 anonpl 32 16267 0 0 131 0 131 131 0 246 0 amapchunkpl 152 252655 0 252090 93 57 36 37 0 158 8 amappl16 200 20089 0 19867 111 86 25 37 0 8 3 amappl15 192 6 0 6 2 2 0 1 0 8 0 amappl14 184 10 0 10 4 4 0 1 0 8 0 amappl13 176 713 0 712 1 0 1 1 0 8 0 amappl12 168 8532 0 8497 3 0 3 3 0 8 0 amappl11 160 10 0 9 3 2 1 1 0 8 0 amappl10 152 49 0 40 1 0 1 1 0 8 0 amappl9 144 265 0 265 1 1 0 1 0 8 0 amappl8 136 27 0 24 1 0 1 1 0 8 0 amappl7 128 161 0 160 1 0 1 1 0 8 0 amappl6 120 551 0 540 1 0 1 1 0 8 0 amappl5 112 84 0 75 1 0 1 1 0 8 0 amappl4 104 578 0 551 1 0 1 1 0 8 0 amappl3 96 45127 0 45042 4 1 3 3 0 8 0 amappl2 88 8117 0 8057 2 0 2 2 0 8 0 amappl1 80 42997 0 42500 14 0 14 14 0 8 0 amappl 88 69797 0 69631 5 0 5 5 0 92 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 dma65536 65536 2 0 2 2 2 0 1 0 8 0 dma32768 32768 2 0 2 1 1 0 1 0 8 0 dma16384 16384 2 0 2 2 1 1 1 0 8 1 dma8192 8192 2 0 2 2 2 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 2 0 2 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma512 512 3 0 3 3 3 0 1 0 8 0 dma256 256 9 0 9 4 3 1 1 0 8 1 dma128 128 261 0 261 7 6 1 1 0 8 1 dma64 64 18 0 18 10 10 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 21 0 20 1 0 1 1 0 8 0 aobjpl 72 150 0 6 3 0 3 3 0 8 0 uaddrrnd 24 8021 0 7993 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 8021 0 7993 1 0 1 1 0 8 0 vmmpekpl 168 57004 0 56947 4 0 4 4 0 8 0 vmmpepl 168 495144 0 493264 167 67 100 117 0 357 0 vmsppl 488 8020 0 7993 7 2 5 5 0 8 0 rwobjpl 80 120287 0 113226 164 11 153 155 0 8 0 pdppl 4096 16049 0 15986 147 80 67 85 0 8 4 pvpl 32 25029 0 0 202 1 201 201 0 265 0 pmappl 256 8020 0 7993 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 534 0 176 11 0 11 11 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffffffff83823ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff838b2cf0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff838b2cf0) at __mp_lock+0x192 sys/kern/kern_lock.c:165 softintr_dispatch(2) at softintr_dispatch+0x125 sys/kern/kern_softintr.c:83 dosoftint(2) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:847 Xsofttty() at Xsofttty+0x27 __mp_lock(ffffffff838b2cf0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff838b2cf0) at __mp_lock+0x192 sys/kern/kern_lock.c:165 intr_handler(ffff80002a3c08d0,ffff80000007aa80) at intr_handler+0xe9 sys/arch/amd64/amd64/intr.c:559 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f end of kernel end trace frame: 0x7b86a6a7a7a0, count: 5 ddb{0}> trace x86_ipi_db(ffffffff83823ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff838b2cf0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff838b2cf0) at __mp_lock+0x192 sys/kern/kern_lock.c:165 softintr_dispatch(2) at softintr_dispatch+0x125 sys/kern/kern_softintr.c:83 dosoftint(2) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:847 Xsofttty() at Xsofttty+0x27 __mp_lock(ffffffff838b2cf0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff838b2cf0) at __mp_lock+0x192 sys/kern/kern_lock.c:165 intr_handler(ffff80002a3c08d0,ffff80000007aa80) at intr_handler+0xe9 sys/arch/amd64/amd64/intr.c:559 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f end of kernel end trace frame: 0x7b86a6a7a7a0, count: -10 ddb{0}> machine ddbcpu 1 Stopped at savectx+0xae: movl $0,%gs:0x688 savectx() at savectx+0xae end of kernel end trace frame: 0x41d499af8f0, count: 14 ddb{1}> trace savectx() at savectx+0xae end of kernel end trace frame: 0x41d499af8f0, count: -1