uvm_fault(0xfffffd806c9ae180, 0x70, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at sys_lchown+0xe0: movl 0x70(%rax),%ebx
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*195802 54971 0 0 0x4000000 0 syz-executor
sys_lchown(ffff80003c943cb8,ffff80003cafd910,ffff80003cafd860) at sys_lchown+0xe0 sys/kern/vfs_syscalls.c:2537
syscall(ffff80003cafd910) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003cafd910) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xc9a8db21ff0, count: 12
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xfffffd806c9ae180, 0x70, 0, 1) -> e
ddb> trace
sys_lchown(ffff80003c943cb8,ffff80003cafd910,ffff80003cafd860) at sys_lchown+0xe0 sys/kern/vfs_syscalls.c:2537
syscall(ffff80003cafd910) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003cafd910) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xc9a8db21ff0, count: -3
ddb> show registers
rdi 0xffff80003850a000
rsi 0x6cf
rbp 0xffff80003cafd840
rbx 0
rdx 0xffff80003850a000
rcx 0x6ce
rax 0
r8 0xa0
r9 0
r10 0x74755b6b0e2fb45a
r11 0x4cb26657b9a15b8c
r12 0
r13 0
r14 0xffff80003c943cb8
r15 0xfffffd8068a08e78
rip 0xffffffff8103bd60 sys_lchown+0xe0
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80003cafd690
ss 0x10
sys_lchown+0xe0: movl 0x70(%rax),%ebx
ddb> show proc
PROC (syz-executor) tid=195802 pid=54971 tcnt=5 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=8, usrpri=86, slppri=8, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000334f9778,0xffff80003c943268
process=0xffff8000ffff0da0 user=0xffff80003caf8000, vmspace=0xfffffd806c9ae180
estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
52540 287933 92804 0 2 0 syz-executor
52540 405982 92804 0 3 0x4000080 fsleep syz-executor
82254 444430 19135 0 2 0 syz-executor
82254 491843 19135 0 3 0x4000080 fsleep syz-executor
82254 77325 19135 0 3 0x4000080 fsleep syz-executor
87161 324768 99671 0 2 0 syz-executor
87161 500613 99671 0 3 0x4000080 fsleep syz-executor
65936 24405 14711 0 2 0 syz-executor
65936 40179 14711 0 3 0x4000080 fsleep syz-executor
71252 460108 56135 0 2 0 syz-executor
71252 116609 56135 0 3 0x4000080 piperd syz-executor
16177 448427 2143 60929 2 0x10 syz-executor
16177 54607 2143 60929 2 0x4000010 syz-executor
16177 422901 2143 60929 2 0x4000010 syz-executor
54971 380723 50313 0 3 0x80 nanoslp syz-executor
54971 146820 50313 0 3 0x4000080 fsleep syz-executor
*54971 195802 50313 0 7 0x4000000 syz-executor
54971 369968 50313 0 3 0x4000080 fsleep syz-executor
54971 218387 50313 0 3 0x4000080 fsleep syz-executor
51109 145264 0 0 3 0x14280 nfsidl nfsio
78283 285255 0 0 3 0x14280 nfsidl nfsio
20902 520247 0 0 3 0x14280 nfsidl nfsio
80260 185911 0 0 3 0x14280 nfsidl nfsio
77280 311970 0 0 3 0x14280 nfsidl nfsio
68592 196494 0 0 3 0x14280 nfsidl nfsio
38906 126341 0 0 3 0x14280 nfsidl nfsio
45750 468589 0 0 3 0x14280 nfsidl nfsio
52212 325913 0 0 3 0x14280 nfsidl nfsio
90825 228022 0 0 3 0x14280 nfsidl nfsio
71706 436979 0 0 3 0x14280 nfsidl nfsio
22408 472873 0 0 3 0x14280 nfsidl nfsio
95548 176172 0 0 3 0x14280 nfsidl nfsio
27955 157061 0 0 3 0x14280 nfsidl nfsio
1063 499072 0 0 3 0x14280 nfsidl nfsio
51084 106368 0 0 3 0x14280 nfsidl nfsio
80245 134255 0 0 3 0x14280 nfsidl nfsio
21061 53640 0 0 3 0x14280 nfsidl nfsio
98646 274260 0 0 3 0x14280 nfsidl nfsio
94355 20540 0 0 3 0x14280 nfsidl nfsio
14711 319959 94751 0 3 0x82 nanoslp syz-executor
50313 242628 94751 0 3 0x82 nanoslp syz-executor
92804 164513 94751 0 3 0x82 nanoslp syz-executor
82695 365617 94751 0 3 0x82 wait syz-executor
56135 279439 94751 0 3 0x82 nanoslp syz-executor
99671 258829 94751 0 3 0x82 nanoslp syz-executor
19135 428677 94751 0 3 0x82 nanoslp syz-executor
2143 253465 94751 0 3 0x82 nanoslp syz-executor
94751 107154 40966 0 3 0x82 kqread syz-executor
40966 467771 71593 0 3 0x10008a sigsusp ksh
71593 423124 34102 0 3 0x98 kqread sshd-session
34102 78585 98759 0 3 0x92 kqread sshd-session
77773 366233 1 0 3 0x100083 ttyin getty
98759 337618 1 0 3 0x88 kqread sshd
84444 465019 35103 73 3 0x1100090 kqread syslogd
35103 370590 1 0 3 0x100082 sbwait syslogd
88796 242442 1 0 3 0x100080 kqread resolvd
40703 232713 99768 77 3 0x100092 kqread dhcpleased
13344 343225 99768 77 3 0x100092 kqread dhcpleased
99768 197029 1 0 3 0x80 kqread dhcpleased
69285 522607 0 0 3 0x14200 bored smr
89903 117657 0 0 2 0x14200 zerothread
47756 150732 0 0 3 0x14200 aiodoned aiodoned
49552 78289 0 0 3 0x14200 syncer update
26404 107601 0 0 3 0x14200 cleaner cleaner
58265 22620 0 0 3 0x14200 reaper reaper
42429 26963 0 0 3 0x14200 pgdaemon pagedaemon
33025 477403 0 0 3 0x14200 bored viomb
29808 226096 0 0 3 0x40014200 acpi0 acpi0
13992 325095 0 0 3 0x14200 bored softnet0
17944 422334 0 0 3 0x14200 bored systqmp
48722 43182 0 0 3 0x14200 bored systq
68045 472820 0 0 3 0x40014200 tmoslp softclock
56036 390131 0 0 3 0x40014200 idle0
1 483113 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11030 12099K 12372K 166960K 12387 0
pcb 18 12K 12K 166960K 46 0
rtable 246 7K 8K 166960K 372 0
pf 29 12K 13K 166960K 42 0
ifaddr 42 7K 7K 166960K 52 0
ifgroup 47 1K 2K 166960K 62 0
sysctl 1 1K 9K 166960K 6 0
counters 33 17K 18K 166960K 43 0
ioctlops 0 0K 4K 166960K 49 0
iov 1 1K 4K 166960K 5 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1341 84K 85K 166960K 1476 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 5 0
VM map 2 1K 1K 166960K 2 0
sem 4 0K 0K 166960K 6 0
dirhash 12 2K 2K 166960K 15 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 18 65K 97K 166960K 269 0
proc 60 59K 116K 166960K 487 0
subproc 72 4K 4K 166960K 72 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 17 0
in_multi 99 7K 7K 166960K 104 0
ether_multi 1 0K 0K 166960K 3 0
mrt 0 0K 0K 166960K 1 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 61 281K 281K 166960K 61 0
exec 0 0K 1K 166960K 731 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 243 151K 164K 166960K 4232 0
UVM aobj 7 4K 6K 166960K 8 0
pinsyscall 39 78K 95K 166960K 1342 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 5 0
NDP 11 0K 2K 166960K 33 0
temp 37 8658K 8724K 166960K 4408 0
kqueue 13 20K 28K 166960K 44 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 47 0 44 1 0 1 1 0 8 0
rtentry 136 113 0 1 4 0 4 4 0 8 0
unpcb 144 167 0 111 3 0 3 3 0 8 0
syncache 336 4 0 4 1 1 0 1 0 8 0
tcpcb 736 114 0 110 8 1 7 7 0 8 6
arp 96 19 0 0 1 0 1 1 0 8 0
ipq 40 1 0 0 1 0 1 1 0 8 0
ipqe 40 2 0 1 1 0 1 1 0 8 0
inpcb 328 221 0 212 7 0 7 7 0 8 6
ip6q 72 3 0 2 1 0 1 1 0 8 0
ip6af 40 5 0 4 1 0 1 1 0 8 0
nd6 112 25 0 0 1 0 1 1 0 8 0
pkpcb 40 1 0 1 1 1 0 1 0 8 0
kcovpl 48 8 0 0 1 0 1 1 0 8 0
ppxss 1072 10 0 10 1 0 1 1 0 8 1
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 455 0 0 29 0 29 29 0 8 0
art_table 40 456 0 0 5 0 5 5 0 8 0
art_node 32 113 0 11 1 0 1 1 0 8 0
semapl 112 3 0 1 1 0 1 1 0 8 0
shmpl 112 4 0 1 1 0 1 1 0 8 0
dirhash 1024 19 0 2 3 0 3 3 0 8 0
dino2pl 256 1805 0 302 95 0 95 95 0 8 0
ffsino 256 1805 0 302 95 0 95 95 0 8 0
nchpl 144 2188 0 494 63 0 63 63 0 8 0
rtmask 32 4 0 4 1 0 1 1 0 8 1
vnodes 216 1950 0 0 109 0 109 109 0 8 0
namei 1024 7266 0 7265 1 0 1 1 0 8 0
vcpupl 3904 1 0 0 1 0 1 1 0 8 0
vmpool 808 1 0 0 1 0 1 1 0 8 0
kstatmem 264 34 0 12 2 0 2 2 0 8 0
scxspl 216 7220 0 7220 2 1 1 2 1 8 1
plimitpl 152 51 0 35 1 0 1 1 0 8 0
sigapl 424 576 0 513 9 1 8 8 0 8 0
knotepl 120 8097 0 8050 16 7 9 9 0 8 7
kqueuepl 184 129 0 120 4 0 4 4 0 8 3
pipepl 304 155 0 94 5 0 5 5 0 8 0
fdescpl 448 543 0 513 5 1 4 5 0 8 0
filepl 120 2704 0 2381 15 0 15 15 0 8 4
lockfpl 104 28 0 25 1 0 1 1 0 8 0
lockfspl 48 15 0 12 1 0 1 1 0 8 0
sessionpl 144 22 0 14 1 0 1 1 0 8 0
pgrppl 48 33 0 17 1 0 1 1 0 8 0
ucredpl 104 234 0 222 1 0 1 1 0 8 0
zombiepl 144 561 0 560 1 0 1 1 0 8 0
processpl 1152 576 0 513 5 0 5 5 0 8 0
procpl 664 810 0 735 7 0 7 7 0 8 0
sockpl 552 443 0 375 10 0 10 10 0 8 4
mcl64k 65536 8 0 8 2 1 1 1 0 8 1
mcl8k 8192 7 0 7 2 1 1 1 0 8 1
mcl4k 4096 2626 0 2575 15 7 8 14 0 8 0
mcl2k2 2112 1 0 1 1 0 1 1 0 8 1
mcl2k 2048 374 0 373 5 4 1 4 0 8 0
mtagpl 96 6 0 5 1 0 1 1 0 8 0
mbufpl 256 5646 0 5475 14 1 13 14 0 8 0
bufpl 280 2739 0 126 187 0 187 187 0 8 0
anonpl 24 97400 0 94240 32 0 32 32 0 187 5
amapchunkpl 152 12383 0 11866 26 0 26 26 0 158 4
amappl16 200 1296 0 1272 4 1 3 4 0 8 0
amappl15 192 32 0 32 1 1 0 1 0 8 0
amappl14 184 7 0 7 1 1 0 1 0 8 0
amappl13 176 402 0 401 1 0 1 1 0 8 0
amappl12 168 884 0 845 2 0 2 2 0 8 0
amappl11 160 3 0 3 1 1 0 1 0 8 0
amappl10 152 38 0 28 1 0 1 1 0 8 0
amappl9 144 268 0 268 1 1 0 1 0 8 0
amappl8 136 19 0 18 1 0 1 1 0 8 0
amappl7 128 93 0 92 1 0 1 1 0 8 0
amappl6 120 279 0 268 1 0 1 1 0 8 0
amappl5 112 66 0 59 1 0 1 1 0 8 0
amappl4 104 375 0 352 1 0 1 1 0 8 0
amappl3 96 2015 0 1919 3 0 3 3 0 8 0
amappl2 88 659 0 588 2 0 2 2 0 8 0
amappl1 80 9498 0 8956 14 1 13 14 0 8 0
amappl 88 3514 0 3339 6 1 5 5 0 92 0
uvmvnodes 80 99 0 0 3 0 3 3 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 7 0 1 1 0 1 1 0 8 0
uaddrrnd 24 543 0 513 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 543 0 513 1 0 1 1 0 8 0
vmmpekpl 168 6208 0 6173 2 0 2 2 0 8 0
vmmpepl 168 41498 0 39675 85 4 81 85 0 357 1
vmsppl 368 542 0 513 4 1 3 4 0 8 0
rwobjpl 40 14052 0 13096 11 0 11 11 0 8 0
pdppl 4096 1095 0 1027 99 31 68 83 0 8 0
pvpl 32 246295 0 237794 103 9 94 94 0 265 17
pmappl 216 543 0 513 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 383 0 51 11 0 11 11 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
sys_lchown(ffff80003c943cb8,ffff80003cafd910,ffff80003cafd860) at sys_lchown+0xe0 sys/kern/vfs_syscalls.c:2537
syscall(ffff80003cafd910) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003cafd910) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xc9a8db21ff0, count: -3
ddb> machine ddbcpu 1
No such command
ddb> trace
sys_lchown(ffff80003c943cb8,ffff80003cafd910,ffff80003cafd860) at sys_lchown+0xe0 sys/kern/vfs_syscalls.c:2537
syscall(ffff80003cafd910) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003cafd910) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xc9a8db21ff0, count: -3