panic: bad dir Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *240505 94718 60928 0x8000010 0x4000000 0 syz-executor.0 db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82872577) at panic+0x165 sys/kern/subr_prf.c:198 ufs_lookup() at ufs_lookup+0x169a sys/ufs/ufs/ufs_lookup.c:600 VOP_LOOKUP(fffffd807d527440,ffff80002a6250a8,ffff80002a625048) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 unveil_find_cover(fffffd805dc73c08,ffff80002a6e5c68) at unveil_find_cover+0x132 sys/kern/kern_unveil.c:277 unveil_add_vnode(ffff80002a6e5c68,fffffd805dc73c08) at unveil_add_vnode+0xac sys/kern/kern_unveil.c:391 unveil_add(ffff80002a6e5c68,ffff80002a625248,ffff80002a625303) at unveil_add+0x30b sys/kern/kern_unveil.c:494 sys_unveil(ffff80002a6e5c68,ffff80002a625430,ffff80002a625380) at sys_unveil+0x41b sys/kern/vfs_syscalls.c:1024 syscall(ffff80002a625430) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7fed2c64110, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: bad dir ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82872577) at panic+0x165 sys/kern/subr_prf.c:198 ufs_lookup() at ufs_lookup+0x169a sys/ufs/ufs/ufs_lookup.c:600 VOP_LOOKUP(fffffd807d527440,ffff80002a6250a8,ffff80002a625048) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 unveil_find_cover(fffffd805dc73c08,ffff80002a6e5c68) at unveil_find_cover+0x132 sys/kern/kern_unveil.c:277 unveil_add_vnode(ffff80002a6e5c68,fffffd805dc73c08) at unveil_add_vnode+0xac sys/kern/kern_unveil.c:391 unveil_add(ffff80002a6e5c68,ffff80002a625248,ffff80002a625303) at unveil_add+0x30b sys/kern/kern_unveil.c:494 sys_unveil(ffff80002a6e5c68,ffff80002a625430,ffff80002a625380) at sys_unveil+0x41b sys/kern/vfs_syscalls.c:1024 syscall(ffff80002a625430) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7fed2c64110, count: -10 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80002a624e10 rbx 0 rdx 0xffff800000e912c0 rcx 0 rax 0xffff80002a6e5c68 r8 0x101010101010101 r9 0x8080808080808080 r10 0xf81f4d4017b37b2b r11 0xc91a6998b32633a9 r12 0 r13 0xfffffd806f5b7010 r14 0 r15 0x1 rip 0xffffffff82220eec db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff80002a624e00 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb> show proc PROC (syz-executor.0) tid=240505 pid=94718 tcnt=2 stat=onproc flags process=8000010 proc=4000000 runpri=32, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a6e4f98,0xffff80002a6e4048 process=0xffff8000ffff2e80 user=0xffff80002a620000, vmspace=0xfffffd8065162ae0 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 46402 333678 19087 0 2 0x8000000 syz-executor.3 46402 236167 19087 0 3 0xc000080 fsleep syz-executor.3 73616 186332 23585 0 2 0x8000000 syz-executor.7 73616 414355 23585 0 3 0xc000080 fsleep syz-executor.7 78068 508386 77478 0 2 0x8000000 syz-executor.5 78068 445418 77478 0 3 0xc000080 fsleep syz-executor.5 94718 347866 4227 60928 2 0x8000010 syz-executor.0 *94718 240505 4227 60928 7 0xc000010 syz-executor.0 81127 462895 91486 0 2 0x8000000 syz-executor.6 81127 78430 91486 0 3 0xc000080 netacc syz-executor.6 81127 136250 91486 0 3 0xc000080 fsleep syz-executor.6 67722 323499 40275 0 2 0x8000482 syz-executor.4 23585 72392 40275 0 2 0x8000482 syz-executor.7 84864 241558 40275 0 2 0x8000482 syz-executor.1 77478 268207 40275 0 2 0x8000482 syz-executor.5 53899 422441 40275 0 2 0x8000482 syz-executor.2 91486 509763 40275 0 2 0x8000482 syz-executor.6 4227 14312 40275 0 2 0x8000482 syz-executor.0 19087 39272 40275 0 3 0x8000082 nanoslp syz-executor.3 99552 253000 1 0 3 0x18100083 ttyopn getty 8553 33456 0 0 3 0x14280 nfsidl nfsio 66263 187349 0 0 3 0x14280 nfsidl nfsio 59690 215377 0 0 3 0x14280 nfsidl nfsio 45462 40704 0 0 3 0x14280 nfsidl nfsio 50248 342770 0 0 3 0x14280 nfsidl nfsio 65304 194416 0 0 3 0x14280 nfsidl nfsio 50856 182636 0 0 3 0x14280 nfsidl nfsio 53959 53245 0 0 3 0x14280 nfsidl nfsio 90157 131111 0 0 3 0x14280 nfsidl nfsio 34022 93938 0 0 3 0x14280 nfsidl nfsio 31649 51899 0 0 3 0x14280 nfsidl nfsio 98271 463500 0 0 3 0x14280 nfsidl nfsio 59289 145860 0 0 3 0x14280 nfsidl nfsio 62124 111057 0 0 3 0x14280 nfsidl nfsio 12733 117198 0 0 3 0x14280 nfsidl nfsio 94690 513217 0 0 3 0x14280 nfsidl nfsio 11173 379759 0 0 3 0x14280 nfsidl nfsio 53570 395781 0 0 3 0x14280 nfsidl nfsio 15523 354374 0 0 3 0x14280 nfsidl nfsio 23456 460968 0 0 3 0x14280 nfsidl nfsio 91867 440279 0 0 3 0x14200 bored sosplice 40275 487339 23469 0 3 0x1a000082 wait syz-fuzzer 40275 394543 23469 0 3 0x1e000082 thrsleep syz-fuzzer 40275 301173 23469 0 3 0x1e000082 wait syz-fuzzer 40275 143199 23469 0 3 0x1e000082 wait syz-fuzzer 40275 255038 23469 0 3 0x1e000082 thrsleep syz-fuzzer 40275 475920 23469 0 3 0x1e000082 wait syz-fuzzer 40275 14060 23469 0 3 0x1e000082 thrsleep syz-fuzzer 40275 338671 23469 0 3 0x1e000082 wait syz-fuzzer 40275 390593 23469 0 3 0x1e000082 wait syz-fuzzer 40275 279522 23469 0 3 0x1e000082 wait syz-fuzzer 40275 82650 23469 0 3 0x1e000082 thrsleep syz-fuzzer 40275 331298 23469 0 3 0x1e000082 thrsleep syz-fuzzer 40275 111200 23469 0 3 0x1e000082 wait syz-fuzzer 40275 46790 23469 0 3 0x1e000082 thrsleep syz-fuzzer 40275 449200 23469 0 3 0x1e000082 kqread syz-fuzzer 23469 495548 38393 0 3 0x810008a sigsusp ksh 38393 361030 22952 0 3 0x1800009a kqread sshd 22952 368588 1 0 3 0x18000088 kqread sshd 52708 453344 19593 73 2 0x19100010 syslogd 19593 320528 1 0 3 0x18100082 sbwait syslogd 37165 96113 1 0 3 0x18100080 kqread resolvd 39420 239713 0 0 3 0x14200 bored smr 96018 186506 0 0 2 0x14200 zerothread 68469 398363 0 0 3 0x14200 aiodoned aiodoned 10265 506380 0 0 3 0x14200 syncer update 20307 178119 0 0 3 0x14200 cleaner cleaner 82415 437326 0 0 3 0x14200 reaper reaper 64759 220013 0 0 3 0x14200 pgdaemon pagedaemon 9065 243986 0 0 3 0x14200 bored viomb 88906 235208 0 0 3 0x40014200 acpi0 acpi0 49579 248819 0 0 3 0x14200 bored softnet3 50087 64656 0 0 3 0x14200 bored softnet2 1537 317467 0 0 3 0x14200 bored softnet1 53136 139764 0 0 3 0x14200 bored softnet0 58711 418213 0 0 3 0x14200 bored systqmp 30154 421459 0 0 3 0x14200 bored systq 18523 415589 0 0 2 0x40014200 softclock 74968 338924 0 0 3 0x40014200 idle0 1 132581 0 0 3 0x8080082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10184 6439K 7179K 166960K 12817 0 pcb 17 14K 16K 166960K 774 0 rtable 221 9K 10K 166960K 4625 0 pf 40 10K 11K 166960K 397 0 ifaddr 46 13K 13K 166960K 615 0 ifgroup 71 2K 3K 166960K 734 0 sysctl 4 1K 1K 166960K 10 0 counters 35 18K 18K 166960K 205 0 ioctlops 0 0K 2K 166960K 386 0 iov 0 0K 28K 166960K 299 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1399 88K 88K 166960K 4632 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 68K 76K 166960K 121 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 493 0 dirhash 12 2K 3K 166960K 126 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 105K 166960K 5765 0 sigio 0 0K 0K 166960K 106 0 proc 54 50K 108K 166960K 4269 0 subproc 104 6K 8K 166960K 1925 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 660 0 in_multi 90 6K 7K 166960K 1607 0 ether_multi 1 0K 0K 166960K 41 0 mrt 1 0K 0K 166960K 10 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 91 413K 413K 166960K 91 0 exec 0 0K 1K 166960K 2522 0 pfkey data 0 0K 0K 166960K 14 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 266 141K 184K 166960K 46091 0 UVM aobj 200 9K 9K 166960K 219 0 pinsyscall 29 58K 100K 166960K 10304 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 248 0 NDP 16 0K 2K 166960K 453 0 temp 76 6812K 14748K 166960K 228646 0 kqueue 6 10K 27K 166960K 568 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 719 0 716 1 0 1 1 0 8 0 rtentry 112 1652 0 1557 4 0 4 4 0 8 1 unpcb 144 3286 0 3277 2 0 2 2 0 8 1 syncache 336 28 0 28 1 0 1 1 0 8 1 sackhl 24 2 0 2 1 0 1 1 0 8 1 tcpqe 32 8 0 8 1 0 1 1 0 8 1 tcpcb 808 1345 0 1337 4 0 4 4 0 8 3 arp 88 322 0 303 1 0 1 1 0 8 0 ipq 40 24 0 21 1 0 1 1 0 8 0 ipqe 40 250 0 245 1 0 1 1 0 8 0 inpcb 352 5369 0 5362 13 4 9 13 0 8 8 nd6 104 422 0 398 1 0 1 1 0 8 0 pkpcb 40 41 0 41 1 0 1 1 0 8 1 kcovpl 48 148 0 140 1 0 1 1 0 8 0 ppxss 1072 21 0 21 1 0 1 1 0 8 1 art_heap8 4096 3 0 2 3 0 3 3 0 8 2 art_heap4 256 6371 0 5979 76 51 25 29 0 8 0 art_table 32 6374 0 5981 4 0 4 4 0 8 0 art_node 16 1639 0 1554 1 0 1 1 0 8 0 sysvmsgpl 40 17 0 13 1 0 1 1 0 8 0 semupl 112 2 0 2 1 0 1 1 0 8 1 semapl 112 488 0 478 1 0 1 1 0 8 0 shmpl 112 216 0 19 6 0 6 6 0 8 0 dirhash 1024 93 0 76 3 0 3 3 0 8 0 dino2pl 256 8936 0 7394 97 0 97 97 0 8 0 ffsino 240 8936 0 7394 91 0 91 91 0 8 0 nchpl 144 16142 0 15542 66 33 33 66 0 8 8 uvmvnodes 80 9509 0 0 195 0 195 195 0 8 0 vnodes 216 9509 0 0 529 0 529 529 0 8 0 namei 1024 66412 0 66410 2 0 2 2 0 8 1 vcpupl 3904 24 0 2 3 0 3 3 0 8 0 vmpool 664 39 0 17 2 0 2 2 0 8 0 kstatmem 264 372 0 340 3 0 3 3 0 8 0 scsiplug 72 15 0 15 1 0 1 1 0 8 1 scxspl 216 104798 0 104798 8 0 8 8 1 8 8 plimitpl 152 762 0 747 1 0 1 1 0 8 0 sigapl 424 5808 0 5745 9 0 9 9 0 8 0 futexpl 64 85324 0 85320 1 0 1 1 0 8 0 knotepl 120 18720 0 18654 18 7 11 18 0 8 8 kqueuepl 184 1435 0 1430 4 0 4 4 0 8 3 pipepl 288 1280 0 1252 3 0 3 3 0 8 0 fdescpl 432 5767 0 5744 5 0 5 5 0 8 1 filepl 120 36110 0 35880 14 0 14 14 0 8 6 lockfpl 104 1514 0 1512 1 0 1 1 0 8 0 lockfspl 48 628 0 626 1 0 1 1 0 8 0 sessionpl 144 151 0 136 1 0 1 1 0 8 0 pgrppl 48 223 0 208 1 0 1 1 0 8 0 ucredpl 104 5158 0 5147 1 0 1 1 0 8 0 zombiepl 144 5748 0 5745 1 0 1 1 0 8 0 processpl 1080 5808 0 5745 5 0 5 5 0 8 0 procpl 656 10540 0 10457 9 0 9 9 0 8 1 sosppl 168 16 0 16 1 0 1 1 0 8 1 sockpl 504 9472 0 9454 21 11 10 19 0 8 7 mcl64k 65536 234 0 234 1 0 1 1 0 8 1 mcl16k 16384 52 0 52 1 0 1 1 0 8 1 mcl12k 12288 43 0 43 1 0 1 1 0 8 1 mcl9k 9216 14 0 14 1 0 1 1 0 8 1 mcl8k 8192 153 0 153 1 0 1 1 0 8 1 mcl4k 4096 43 0 43 1 0 1 1 0 8 1 mcl2k2 2112 1 0 1 1 0 1 1 0 8 1 mcl2k 2048 33277 0 33183 37 17 20 37 0 8 7 mtagpl 96 46 0 46 1 0 1 1 0 8 1 mbufpl 256 88765 0 88545 73 54 19 62 0 8 2 bufpl 280 18365 0 8856 680 0 680 680 0 8 0 anonpl 24 752299 0 746721 66 0 66 66 0 188 14 amapchunkpl 152 148922 0 148334 47 0 47 47 0 158 18 amappl16 200 16254 0 16100 43 24 19 21 0 8 8 amappl15 192 27 0 27 1 0 1 1 0 8 1 amappl14 184 642 0 635 2 0 2 2 0 8 1 amappl13 176 17 0 16 1 0 1 1 0 8 0 amappl12 168 8354 0 8329 2 0 2 2 0 8 0 amappl11 160 51 0 47 1 0 1 1 0 8 0 amappl10 152 182 0 172 1 0 1 1 0 8 0 amappl9 144 136 0 136 1 0 1 1 0 8 1 amappl8 136 525 0 489 2 0 2 2 0 8 0 amappl7 128 80 0 65 1 0 1 1 0 8 0 amappl6 120 1957 0 1945 2 0 2 2 0 8 1 amappl5 112 670 0 661 1 0 1 1 0 8 0 amappl4 104 1414 0 1388 2 0 2 2 0 8 1 amappl3 96 27566 0 27499 3 0 3 3 0 8 0 amappl2 88 6685 0 6630 3 0 3 3 0 8 1 amappl1 80 34769 0 34369 22 4 18 22 0 8 7 amappl 88 44330 0 44156 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 218 0 19 4 0 4 4 0 8 0 uaddrrnd 24 5806 0 5761 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5806 0 5761 1 0 1 1 0 8 0 vmmpekpl 168 45358 0 45292 4 0 4 4 0 8 0 vmmpepl 168 395266 0 393665 112 0 112 112 0 357 32 vmsppl 344 5805 0 5761 6 0 6 6 0 8 1 rwobjpl 24 101324 0 90674 66 0 66 66 0 8 0 pdppl 4096 11618 0 11544 479 399 80 100 0 8 6 pvpl 32 2199284 0 2188166 367 20 347 367 0 265 222 pmappl 216 5805 0 5761 4 0 4 4 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 897 0 532 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82872577) at panic+0x165 sys/kern/subr_prf.c:198 ufs_lookup() at ufs_lookup+0x169a sys/ufs/ufs/ufs_lookup.c:600 VOP_LOOKUP(fffffd807d527440,ffff80002a6250a8,ffff80002a625048) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 unveil_find_cover(fffffd805dc73c08,ffff80002a6e5c68) at unveil_find_cover+0x132 sys/kern/kern_unveil.c:277 unveil_add_vnode(ffff80002a6e5c68,fffffd805dc73c08) at unveil_add_vnode+0xac sys/kern/kern_unveil.c:391 unveil_add(ffff80002a6e5c68,ffff80002a625248,ffff80002a625303) at unveil_add+0x30b sys/kern/kern_unveil.c:494 sys_unveil(ffff80002a6e5c68,ffff80002a625430,ffff80002a625380) at sys_unveil+0x41b sys/kern/vfs_syscalls.c:1024 syscall(ffff80002a625430) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7fed2c64110, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82872577) at panic+0x165 sys/kern/subr_prf.c:198 ufs_lookup() at ufs_lookup+0x169a sys/ufs/ufs/ufs_lookup.c:600 VOP_LOOKUP(fffffd807d527440,ffff80002a6250a8,ffff80002a625048) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 unveil_find_cover(fffffd805dc73c08,ffff80002a6e5c68) at unveil_find_cover+0x132 sys/kern/kern_unveil.c:277 unveil_add_vnode(ffff80002a6e5c68,fffffd805dc73c08) at unveil_add_vnode+0xac sys/kern/kern_unveil.c:391 unveil_add(ffff80002a6e5c68,ffff80002a625248,ffff80002a625303) at unveil_add+0x30b sys/kern/kern_unveil.c:494 sys_unveil(ffff80002a6e5c68,ffff80002a625430,ffff80002a625380) at sys_unveil+0x41b sys/kern/vfs_syscalls.c:1024 syscall(ffff80002a625430) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7fed2c64110, count: -10