uvm_fault(0xffffffff82da2be0, 0xffff800029fa2004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_lookup+0x4d0: movzwl 0x4(%r15,%r12,1),%ebx TID PID UID PRFLAGS PFLAGS CPU COMMAND *176169 53616 0 0x2 0 0 syz-executor.4 ufs_lookup() at ufs_lookup+0x4d0 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807092b610,ffff800035d997f8,ffff800035d99828) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff800035d997c8) at vfs_lookup+0x6dc sys/kern/vfs_lookup.c:566 namei(ffff800035d997c8) at namei+0x55a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002c0e4d50,ffffff9c,7348b926c7d0,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff800035d999a0) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7348b926c7c0, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff82da2be0, 0xffff800029fa2004, 0, 1) -> d ddb> trace ufs_lookup() at ufs_lookup+0x4d0 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807092b610,ffff800035d997f8,ffff800035d99828) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff800035d997c8) at vfs_lookup+0x6dc sys/kern/vfs_lookup.c:566 namei(ffff800035d997c8) at namei+0x55a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002c0e4d50,ffffff9c,7348b926c7d0,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff800035d999a0) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7348b926c7c0, count: -7 ddb> show registers rdi 0 rsi 0 rbp 0xffff800035d99600 rbx 0 rdx 0 rcx 0 rax 0xfffffd80671986b8 r8 0xffffffffffffffff r9 0xfffffd807f7d78f0 r10 0x78843bb44aec9ec r11 0x1c2f875f87c10da0 r12 0 r13 0xffffffff r14 0 r15 0xffff800029fa2000 rip 0xffffffff81864060 ufs_lookup+0x4d0 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff800035d99500 ss 0x10 ufs_lookup+0x4d0: movzwl 0x4(%r15,%r12,1),%ebx ddb> show proc PROC (syz-executor.4) tid=176169 pid=53616 tcnt=1 stat=onproc flags process=2 proc=0 runpri=17, usrpri=84, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a6ce818,0xffff80002a6cf020 process=0xffff80003787f690 user=0xffff800035d94000, vmspace=0xfffffd806b9e1c78 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 17459 332 2508 0 2 0 syz-executor.5 54415 106084 30558 0 2 0 syz-executor.6 2969 464923 49203 0 2 0 syz-executor.3 2969 85165 49203 0 2 0x4000000 syz-executor.3 2853 191792 72027 0 2 0 syz-executor.7 2853 435998 72027 0 3 0x4000080 fsleep syz-executor.7 21904 448068 12280 0 2 0 syz-executor.0 21904 115277 12280 0 2 0x4000000 syz-executor.0 30558 223351 79940 0 3 0x82 nanoslp syz-executor.6 72027 253579 79940 0 3 0x82 nanoslp syz-executor.7 2508 17938 79940 0 3 0x82 nanoslp syz-executor.5 1090 481710 1 0 3 0x100083 ttyin getty *53616 176169 79940 0 7 0x2 syz-executor.4 52496 167426 0 0 3 0x14280 nfsidl nfsio 94305 413382 0 0 3 0x14280 nfsidl nfsio 99316 187987 0 0 3 0x14280 nfsidl nfsio 36873 458307 0 0 3 0x14280 nfsidl nfsio 10454 238965 0 0 3 0x14280 nfsidl nfsio 76640 128518 0 0 3 0x14280 nfsidl nfsio 14866 417511 0 0 3 0x14280 nfsidl nfsio 91125 214637 0 0 3 0x14280 nfsidl nfsio 28331 509546 0 0 3 0x14280 nfsidl nfsio 99728 471020 0 0 3 0x14280 nfsidl nfsio 49278 145974 0 0 3 0x14280 nfsidl nfsio 16683 248587 0 0 3 0x14280 nfsidl nfsio 85280 491948 0 0 3 0x14280 nfsidl nfsio 76037 52404 0 0 3 0x14280 nfsidl nfsio 1152 226597 0 0 3 0x14280 nfsidl nfsio 92525 115644 0 0 3 0x14280 nfsidl nfsio 26768 214114 0 0 3 0x14280 nfsidl nfsio 41604 78082 0 0 3 0x14280 nfsidl nfsio 84541 368900 0 0 3 0x14280 nfsidl nfsio 29822 107960 0 0 3 0x14280 nfsidl nfsio 49203 368654 79940 0 2 0x482 syz-executor.3 55174 101194 0 0 3 0x14200 bored sosplice 29011 314068 79940 0 2 0x2 syz-executor.2 12280 271765 79940 0 3 0x82 nanoslp syz-executor.0 79940 102279 16596 0 3 0x2000082 thrsleep syz-fuzzer 79940 431483 16596 0 3 0x6000082 nanoslp syz-fuzzer 79940 505848 16596 0 3 0x6000082 thrsleep syz-fuzzer 79940 404203 16596 0 3 0x6000082 wait syz-fuzzer 79940 303747 16596 0 3 0x6000082 wait syz-fuzzer 79940 437385 16596 0 2 0x6000002 syz-fuzzer 79940 55021 16596 0 3 0x6000082 wait syz-fuzzer 79940 60376 16596 0 3 0x6000082 thrsleep syz-fuzzer 79940 302798 16596 0 3 0x6000082 wait syz-fuzzer 79940 408489 16596 0 3 0x6000082 wait syz-fuzzer 79940 261290 16596 0 3 0x6000082 thrsleep syz-fuzzer 79940 425327 16596 0 3 0x6000082 wait syz-fuzzer 79940 137393 16596 0 3 0x6000082 thrsleep syz-fuzzer 79940 409337 16596 0 3 0x6000082 wait syz-fuzzer 16596 280709 68220 0 3 0x10008a sigsusp ksh 68220 41836 16437 0 3 0x9a kqread sshd 16437 55300 1 0 3 0x88 kqread sshd 57309 409132 71552 73 3 0x1100090 kqread syslogd 71552 212891 1 0 3 0x100082 netio syslogd 64813 75098 1 0 3 0x100080 kqread resolvd 43738 246158 76943 77 3 0x100092 kqread dhcpleased 11827 329201 76943 77 3 0x100092 kqread dhcpleased 76943 318774 1 0 3 0x80 kqread dhcpleased 36485 4371 0 0 3 0x14200 bored smr 83513 384858 0 0 2 0x14200 zerothread 18480 181348 0 0 3 0x14200 aiodoned aiodoned 33215 516642 0 0 3 0x14200 syncer update 7045 238788 0 0 3 0x14200 cleaner cleaner 95795 514905 0 0 3 0x14200 reaper reaper 46279 348373 0 0 3 0x14200 pgdaemon pagedaemon 94875 287028 0 0 3 0x14200 bored viomb 81756 98706 0 0 3 0x40014200 acpi0 acpi0 47411 140016 0 0 3 0x14200 bored softnet3 35925 58924 0 0 3 0x14200 bored softnet2 88880 106433 0 0 3 0x14200 bored softnet1 37560 350039 0 0 3 0x14200 bored softnet0 55019 197351 0 0 3 0x14200 bored systqmp 69631 112423 0 0 3 0x14200 bored systq 10289 421948 0 0 2 0x40014200 softclock 70610 470127 0 0 3 0x40014200 idle0 1 264493 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10171 6408K 6964K 166960K 15215 0 pcb 15 16K 18K 166960K 123 0 rtable 220 14K 15K 166960K 905 0 pf 29 8K 9K 166960K 78 0 ifaddr 40 11K 11K 166960K 102 0 ifgroup 50 2K 2K 166960K 127 0 sysctl 3 0K 0K 166960K 3 0 counters 30 17K 17K 166960K 53 0 ioctlops 0 0K 2K 166960K 172 0 iov 0 0K 34K 166960K 479 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1346 84K 85K 166960K 2679 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 19 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 168 0 dirhash 12 2K 2K 166960K 21 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 69K 166960K 3143 0 sigio 0 0K 0K 166960K 87 0 proc 58 59K 83K 166960K 850 0 subproc 104 6K 6K 166960K 234 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 83 0 in_multi 88 6K 7K 166960K 221 0 ether_multi 1 0K 0K 166960K 1 0 mrt 0 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 61 281K 281K 166960K 61 0 exec 0 0K 1K 166960K 653 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 350 236K 237K 166960K 30154 0 UVM aobj 131 6K 6K 166960K 140 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 144 0 NDP 11 0K 0K 166960K 70 0 temp 74 6764K 6860K 166960K 29660 0 kqueue 12 18K 24K 166960K 252 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 124 0 121 1 0 1 1 0 8 0 rtentry 112 291 0 191 4 0 4 4 0 8 1 unpcb 144 2713 0 2699 10 1 9 10 0 8 8 syncache 336 32 0 32 1 0 1 1 0 8 1 tcpqe 32 292 0 292 1 0 1 1 0 8 1 tcpcb 808 810 0 779 13 1 12 13 0 8 7 arp 88 49 0 33 1 0 1 1 0 8 0 ipq 40 14 0 12 1 0 1 1 0 8 0 ipqe 40 33 0 31 1 0 1 1 0 8 0 inpcb 360 2168 0 2134 15 2 13 15 0 8 7 ip6q 72 1 0 0 1 0 1 1 0 8 0 ip6af 40 1 0 0 1 0 1 1 0 8 0 nd6 104 56 0 34 1 0 1 1 0 8 0 pkpcb 40 4 0 4 1 0 1 1 0 8 1 kcovpl 48 18 0 10 1 0 1 1 0 8 0 ppxss 1072 9 0 9 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 952 0 529 29 0 29 29 0 8 2 art_table 32 953 0 529 4 0 4 4 0 8 0 art_node 16 252 0 161 1 0 1 1 0 8 0 sysvmsgpl 40 45 0 17 1 0 1 1 0 8 0 semupl 112 3 0 3 1 0 1 1 0 8 1 semapl 112 166 0 156 1 0 1 1 0 8 0 shmpl 112 137 0 9 4 0 4 4 0 8 0 dirhash 1024 23 0 6 3 0 3 3 0 8 0 dino2pl 256 5288 0 3850 91 0 91 91 0 8 0 ffsino 240 5288 0 3850 85 0 85 85 0 8 0 nchpl 144 9435 0 7801 63 0 63 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 29684 0 29682 3 0 3 3 0 8 2 vcpupl 2048 25 0 0 4 0 4 4 0 8 0 vmpool 664 28 0 3 3 0 3 3 0 8 0 kstatmem 264 68 0 46 2 0 2 2 0 8 0 scxspl 216 29351 0 29351 8 0 8 8 1 8 8 plimitpl 152 222 0 207 1 0 1 1 0 8 0 sigapl 424 3642 0 3579 8 0 8 8 0 8 0 futexpl 64 24170 0 24169 1 0 1 1 0 8 0 knotepl 120 31618 0 31538 10 0 10 10 0 8 7 kqueuepl 184 353 0 345 1 0 1 1 0 8 0 pipepl 288 557 0 530 7 0 7 7 0 8 4 fdescpl 432 3405 0 3379 4 0 4 4 0 8 0 filepl 120 17283 0 17051 15 0 15 15 0 8 6 lockfpl 104 629 0 627 2 0 2 2 0 8 1 lockfspl 48 285 0 283 1 0 1 1 0 8 0 sessionpl 144 34 0 18 1 0 1 1 0 8 0 pgrppl 48 44 0 28 1 0 1 1 0 8 0 ucredpl 104 1986 0 1975 1 0 1 1 0 8 0 zombiepl 144 3580 0 3579 1 0 1 1 0 8 0 processpl 1072 3642 0 3579 5 0 5 5 0 8 0 procpl 680 7808 0 7729 9 0 9 9 0 8 1 sosppl 168 36 0 33 1 0 1 1 0 8 0 sockpl 488 5009 0 4958 93 76 17 37 0 8 8 mcl64k 65536 125 0 125 1 0 1 1 0 8 1 mcl16k 16384 53 0 53 1 0 1 1 0 8 1 mcl12k 12288 101 0 101 1 0 1 1 0 8 1 mcl9k 9216 72 0 72 1 0 1 1 0 8 1 mcl8k 8192 170 0 170 1 0 1 1 0 8 1 mcl4k 4096 246 0 246 1 0 1 1 0 8 1 mcl2k2 2112 11 0 11 1 0 1 1 0 8 1 mcl2k 2048 76125 0 76074 41 26 15 39 0 8 7 mtagpl 96 343 0 333 5 0 5 5 0 8 4 mbufpl 256 143689 0 143468 42 10 32 33 0 8 8 bufpl 280 9057 0 2668 457 0 457 457 0 8 0 anonpl 24 451065 0 437649 108 0 108 108 0 188 13 amapchunkpl 152 96182 0 95401 41 0 41 41 0 158 7 amappl16 200 10180 0 9725 37 3 34 37 0 8 8 amappl15 192 22 0 20 1 0 1 1 0 8 0 amappl14 184 174 0 161 2 0 2 2 0 8 1 amappl13 176 17 0 17 1 0 1 1 0 8 1 amappl12 168 4186 0 4159 2 0 2 2 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 34 0 26 1 0 1 1 0 8 0 amappl9 144 206 0 205 1 0 1 1 0 8 0 amappl8 136 245 0 189 3 0 3 3 0 8 0 amappl7 128 210 0 185 2 0 2 2 0 8 0 amappl6 120 439 0 429 1 0 1 1 0 8 0 amappl5 112 168 0 160 1 0 1 1 0 8 0 amappl4 104 475 0 450 2 0 2 2 0 8 1 amappl3 96 19372 0 19299 3 0 3 3 0 8 0 amappl2 88 3951 0 3883 3 0 3 3 0 8 1 amappl1 80 20650 0 20150 21 2 19 21 0 8 8 amappl 88 29488 0 29270 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 139 0 9 3 0 3 3 0 8 0 uaddrrnd 24 3433 0 3382 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 3433 0 3382 1 0 1 1 0 8 0 vmmpekpl 168 27482 0 27412 4 0 4 4 0 8 0 vmmpepl 168 218922 0 216718 127 0 127 127 0 357 21 vmsppl 352 3432 0 3382 5 0 5 5 0 8 0 rwobjpl 24 61986 0 54482 46 0 46 46 0 8 0 pdppl 4096 6872 0 6789 256 169 87 89 0 8 4 pvpl 32 1124308 0 1105439 300 0 300 300 0 265 130 pmappl 216 3432 0 3382 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 592 0 206 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ufs_lookup() at ufs_lookup+0x4d0 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807092b610,ffff800035d997f8,ffff800035d99828) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff800035d997c8) at vfs_lookup+0x6dc sys/kern/vfs_lookup.c:566 namei(ffff800035d997c8) at namei+0x55a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002c0e4d50,ffffff9c,7348b926c7d0,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff800035d999a0) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7348b926c7c0, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace ufs_lookup() at ufs_lookup+0x4d0 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807092b610,ffff800035d997f8,ffff800035d99828) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff800035d997c8) at vfs_lookup+0x6dc sys/kern/vfs_lookup.c:566 namei(ffff800035d997c8) at namei+0x55a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002c0e4d50,ffffff9c,7348b926c7d0,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff800035d999a0) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7348b926c7c0, count: -7